Votre question

[Résolu]Virus ou cheval de troie?

Tags :
  • Trojan
  • Sécurité
Dernière réponse : dans Sécurité et virus
22 Septembre 2007 11:46:39

Salut, depuis une semaine bitdefender bloque des .exe, avec des nom bizares et des fichiers .dll, il n'arrive pas a les supprimmer, seulement les déplacer...
j'ai fait une analyse avec spybot, sa n'a rien changé.

Voici mon log de hijackthis:
Citation :
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 11:41 Clem et Flo, on 22/09/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\FICHIE~1\AOL\ACS\AOLacsd.exe
C:\WINDOWS\arservice.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\iaantmon.exe
C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
C:\WINDOWS\system32\srksrv.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe
C:\Program Files\Fichiers communs\Softwin\BitDefender Communicator\xcommsvr.exe
C:\Program Files\Intel\IntelDH\Intel(R) Quick Resume Technology\ELService.exe
C:\Program Files\Fichiers communs\Softwin\BitDefender Update Service\livesrv.exe
C:\WINDOWS\ehome\mcrdsvc.exe
C:\Program Files\Windows Media Player\WMPNetwk.exe
C:\Program Files\Fichiers communs\Softwin\BitDefender Scan Server\bdss.exe
C:\Program Files\Softwin\BitDefender9\vsserv.exe
C:\WINDOWS\system32\dllhost.exe
C:\WINDOWS\System32\alg.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe
C:\WINDOWS\system32\RunDll32.exe
C:\progra~1\softwin\bitdef~1\bdswitch.exe
C:\progra~1\softwin\bitdef~1\bdnagent.exe
C:\PROGRA~1\softwin\BITDEF~1\bdmcon.exe
C:\Program Files\TheTurtle\TheTurtle.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.EXE
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Windows Media Player\WMPNSCFG.exe
C:\Program Files\Hercules\WiFi Station\WifiStation.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe
C:\Program Files\GetRight\getright.exe
C:\Program Files\GetRight\getright.exe
C:\WINDOWS\explorer.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.neo.cx
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O3 - Toolbar: AOL Toolbar - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - C:\Program Files\AOL Toolbar\toolbar.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: Compagnon Web Encarta - {147D6308-0614-4112-89B1-31402F9B82C4} - C:\Program Files\Fichiers communs\Microsoft Shared\Encarta Web Companion\ENCWCBAR.DLL
O3 - Toolbar: (no name) - {E0E899AB-F487-11D5-8D29-0050BA6940E3} - (no file)
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O4 - HKLM\..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe
O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd
O4 - HKLM\..\Run: [BDSwitchAgent] "C:\PROGRA~1\softwin\BITDEF~1\bdswitch.exe"
O4 - HKLM\..\Run: [BDNewsAgent] "C:\PROGRA~1\softwin\BITDEF~1\bdnagent.exe"
O4 - HKLM\..\Run: [BDMCon] c:\PROGRA~1\softwin\BITDEF~1\bdmcon.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [DAEMON Tools] "C:\Program Files\DAEMON Tools\daemon.exe" -lang 1033 -noicon
O4 - HKLM\..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [SearchIndexer] rundll32.exe "C:\WINDOWS\system32\aisxivyx.dll",sitypnow
O4 - HKCU\..\Run: [TheTurtle] C:\Program Files\TheTurtle\TheTurtle.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: WiFi Station.lnk = ?
O8 - Extra context menu item: &Recherche AOL Toolbar - res://C:\Program Files\AOL Toolbar\toolbar.dll/SEARCH.HTML
O8 - Extra context menu item: &Suchen - res://C:\WINDOWS\system32\Suchspur.dll/Suchspur.HTM
O8 - Extra context menu item: Download with GetRight - C:\Program Files\GetRight\GRdownload.htm
O8 - Extra context menu item: Download with Go!Zilla - file://C:\Program Files\Go!Zilla\download-with-gozilla.html
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: Open with GetRight Browser - C:\Program Files\GetRight\GRbrowse.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra button: AOL Toolbar - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - C:\Program Files\AOL Toolbar\toolbar.dll
O9 - Extra 'Tools' menuitem: AOL Toolbar - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - C:\Program Files\AOL Toolbar\toolbar.dll
O9 - Extra button: (no name) - {B205A35E-1FC4-4CE3-818B-899DBBB3388C} - C:\Program Files\Fichiers communs\Microsoft Shared\Encarta Search Bar\ENCSBAR.DLL
O9 - Extra button: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Program Files\PartyGaming\PartyPoker\RunApp.exe (file missing)
O9 - Extra 'Tools' menuitem: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Program Files\PartyGaming\PartyPoker\RunApp.exe (file missing)
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Contro...
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Contro...
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/2005111401/housecall...
O16 - DPF: {DECEAAA2-370A-49BB-9362-68C3A58DDC62} - http://static.zangocash.com/cab/Seekmo/ie/bridge-c570.c...
O17 - HKLM\System\CCS\Services\Tcpip\..\{51D740B6-7703-4BB7-8C13-FD80FAE3256D}: NameServer = 192.168.2.1
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: AOL Connectivity Service (AOL ACS) - America Online, Inc. - C:\PROGRA~1\FICHIE~1\AOL\ACS\AOLacsd.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: BitDefender Scan Server (bdss) - Unknown owner - C:\Program Files\Fichiers communs\Softwin\BitDefender Scan Server\bdss.exe
O23 - Service: Intel® Quick Resume Technology Drivers (ELService) - Intel Corporation - C:\Program Files\Intel\IntelDH\Intel(R) Quick Resume Technology\ELService.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMon) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\iaantmon.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
O23 - Service: BitDefender Desktop Update Service (LIVESRV) - SOFTWIN S.R.L. - C:\Program Files\Fichiers communs\Softwin\BitDefender Update Service\livesrv.exe
O23 - Service: PoliceService - Unknown owner - C:\WINDOWS\system32\srksrv.exe
O23 - Service: Cycling Manager 2007 Drivers Auto Removal (pr2akt6c) (pr2akt6c) - Cyanide - C:\WINDOWS\system32\pr2akt6c.exe
O23 - Service: TuneUp WinStyler Theme Service (TUWinStylerThemeSvc) - TuneUp Software GmbH - C:\Program Files\TuneUp Utilities 2006\WinStylerThemeSvc.exe
O23 - Service: BitDefender Virus Shield (VSSERV) - SOFTWIN S.R.L. - C:\Program Files\Softwin\BitDefender9\vsserv.exe
O23 - Service: X10 Device Network Service (x10nets) - X10 - C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe
O23 - Service: BitDefender Communicator (XCOMM) - Softwin - C:\Program Files\Fichiers communs\Softwin\BitDefender Communicator\xcommsvr.exe

--
End of file - 10076 bytes


Ces virus, m'ouvrent des fenêtres sous ie tout seul (certaine fois sa me dis de télécharger "winantiviruspro.com ", un antivirus qui reglera mes probleme ou quelque chose comme "doctor..." , je ne l'ai pas fait car je sais que c'est de l'arnaque mais sa me soule... et desfois le pc rame un bon coup à cause de ces virus / trojan.
Merci de m'aider!

Autres pages sur : resolu virus cheval troie

a b 8 Sécurité
22 Septembre 2007 11:55:23

Bonjour,

Télécharge VundoFix.exe (par Atribune) sur ton Bureau.
  • Double-clique VundoFix.exe afin de le lancer
  • Clique sur le bouton Scan for Vundo
  • Lorsque le scan est complété, clique sur le bouton Remove Vundo
  • Une invite te demandera si tu veux supprimer les fichiers, clique YES
  • Après avoir cliqué "Yes", le Bureau disparaîtra un moment lors de la suppression des fichiers
  • Tu verras une invite qui t'annonce que ton PC va redémarrer; clique OK
  • Copie/colle le contenu du rapport situé dans C:\vundofix.txt ainsi qu'un nouveau rapport HijackThis dans ta prochaine réponse
    Note: Il est possible que VundoFix soit confronté à un fichier qu'il ne peut supprimer. Si tel est le cas, l'outil se lancera au prochain redémarrage; il faut simplement suivre les instructions ci-haut, à partir de "clique sur le bouton Scan for Vundo".
    22 Septembre 2007 12:45:44

    Voila c'est fait

    rapport hijackthis
    Citation :
    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 12:44 , on 22/09/2007
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\csrss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\Ati2evxx.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\PROGRA~1\FICHIE~1\AOL\ACS\AOLacsd.exe
    C:\WINDOWS\arservice.exe
    C:\WINDOWS\system32\Ati2evxx.exe
    C:\WINDOWS\eHome\ehRecvr.exe
    C:\WINDOWS\eHome\ehSched.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\Intel\Intel Matrix Storage Manager\iaantmon.exe
    C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
    C:\WINDOWS\system32\srksrv.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\Explorer.EXE
    C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe
    C:\Program Files\Fichiers communs\Softwin\BitDefender Communicator\xcommsvr.exe
    C:\Program Files\Intel\IntelDH\Intel(R) Quick Resume Technology\ELService.exe
    C:\WINDOWS\ehome\mcrdsvc.exe
    C:\Program Files\Windows Media Player\WMPNetwk.exe
    C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe
    C:\WINDOWS\system32\RunDll32.exe
    C:\PROGRA~1\softwin\BITDEF~1\bdswitch.exe
    C:\PROGRA~1\softwin\BITDEF~1\bdnagent.exe
    C:\Program Files\QuickTime\qttask.exe
    C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.EXE
    C:\Program Files\TheTurtle\TheTurtle.exe
    C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
    C:\Program Files\Windows Media Player\WMPNSCFG.exe
    C:\Program Files\Hercules\WiFi Station\WifiStation.exe
    C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe
    C:\Program Files\Mozilla Firefox\firefox.exe
    C:\WINDOWS\system32\dllhost.exe
    C:\WINDOWS\System32\alg.exe
    C:\WINDOWS\system32\rundll32.exe
    C:\Program Files\Fichiers communs\Softwin\BitDefender Update Service\livesrv.exe
    C:\Program Files\Fichiers communs\Softwin\BitDefender Scan Server\bdss.exe
    c:\progra~1\softwin\bitdef~1\bdmcon.exe
    C:\Program Files\Softwin\BitDefender9\vsserv.exe
    C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
    C:\WINDOWS\system32\wbem\wmiprvse.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.neo.cx
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
    O3 - Toolbar: AOL Toolbar - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - C:\Program Files\AOL Toolbar\toolbar.dll
    O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
    O3 - Toolbar: Compagnon Web Encarta - {147D6308-0614-4112-89B1-31402F9B82C4} - C:\Program Files\Fichiers communs\Microsoft Shared\Encarta Web Companion\ENCWCBAR.DLL
    O3 - Toolbar: (no name) - {E0E899AB-F487-11D5-8D29-0050BA6940E3} - (no file)
    O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
    O4 - HKLM\..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe
    O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd
    O4 - HKLM\..\Run: [BDSwitchAgent] "c:\progra~1\softwin\bitdef~1\bdswitch.exe"
    O4 - HKLM\..\Run: [BDNewsAgent] "c:\progra~1\softwin\bitdef~1\bdnagent.exe"
    O4 - HKLM\..\Run: [BDMCon] c:\PROGRA~1\softwin\BITDEF~1\bdmcon.exe
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
    O4 - HKLM\..\Run: [DAEMON Tools] "C:\Program Files\DAEMON Tools\daemon.exe" -lang 1033 -noicon
    O4 - HKLM\..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe
    O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
    O4 - HKLM\..\Run: [SearchIndexer] rundll32.exe "C:\WINDOWS\system32\ufygwxrs.dll",sitypnow
    O4 - HKCU\..\Run: [TheTurtle] C:\Program Files\TheTurtle\TheTurtle.exe
    O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
    O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
    O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
    O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
    O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
    O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
    O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
    O4 - Global Startup: WiFi Station.lnk = ?
    O8 - Extra context menu item: &Recherche AOL Toolbar - res://C:\Program Files\AOL Toolbar\toolbar.dll/SEARCH.HTML
    O8 - Extra context menu item: &Suchen - res://C:\WINDOWS\system32\Suchspur.dll/Suchspur.HTM
    O8 - Extra context menu item: Download with GetRight - C:\Program Files\GetRight\GRdownload.htm
    O8 - Extra context menu item: Download with Go!Zilla - file://C:\Program Files\Go!Zilla\download-with-gozilla.html
    O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office10\EXCEL.EXE/3000
    O8 - Extra context menu item: Open with GetRight Browser - C:\Program Files\GetRight\GRbrowse.htm
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
    O9 - Extra button: AOL Toolbar - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - C:\Program Files\AOL Toolbar\toolbar.dll
    O9 - Extra 'Tools' menuitem: AOL Toolbar - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - C:\Program Files\AOL Toolbar\toolbar.dll
    O9 - Extra button: (no name) - {B205A35E-1FC4-4CE3-818B-899DBBB3388C} - C:\Program Files\Fichiers communs\Microsoft Shared\Encarta Search Bar\ENCSBAR.DLL
    O9 - Extra button: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Program Files\PartyGaming\PartyPoker\RunApp.exe (file missing)
    O9 - Extra 'Tools' menuitem: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Program Files\PartyGaming\PartyPoker\RunApp.exe (file missing)
    O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll
    O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
    O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Contro...
    O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Contro...
    O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/2005111401/housecall...
    O16 - DPF: {DECEAAA2-370A-49BB-9362-68C3A58DDC62} - http://static.zangocash.com/cab/Seekmo/ie/bridge-c570.c...
    O17 - HKLM\System\CCS\Services\Tcpip\..\{51D740B6-7703-4BB7-8C13-FD80FAE3256D}: NameServer = 192.168.2.1
    O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
    O23 - Service: AOL Connectivity Service (AOL ACS) - America Online, Inc. - C:\PROGRA~1\FICHIE~1\AOL\ACS\AOLacsd.exe
    O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
    O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
    O23 - Service: BitDefender Scan Server (bdss) - Unknown owner - C:\Program Files\Fichiers communs\Softwin\BitDefender Scan Server\bdss.exe
    O23 - Service: Intel® Quick Resume Technology Drivers (ELService) - Intel Corporation - C:\Program Files\Intel\IntelDH\Intel(R) Quick Resume Technology\ELService.exe
    O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
    O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMon) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\iaantmon.exe
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
    O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
    O23 - Service: BitDefender Desktop Update Service (LIVESRV) - SOFTWIN S.R.L. - C:\Program Files\Fichiers communs\Softwin\BitDefender Update Service\livesrv.exe
    O23 - Service: PoliceService - Unknown owner - C:\WINDOWS\system32\srksrv.exe
    O23 - Service: Cycling Manager 2007 Drivers Auto Removal (pr2akt6c) (pr2akt6c) - Cyanide - C:\WINDOWS\system32\pr2akt6c.exe
    O23 - Service: TuneUp WinStyler Theme Service (TUWinStylerThemeSvc) - TuneUp Software GmbH - C:\Program Files\TuneUp Utilities 2006\WinStylerThemeSvc.exe
    O23 - Service: BitDefender Virus Shield (VSSERV) - SOFTWIN S.R.L. - C:\Program Files\Softwin\BitDefender9\vsserv.exe
    O23 - Service: X10 Device Network Service (x10nets) - X10 - C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe
    O23 - Service: BitDefender Communicator (XCOMM) - Softwin - C:\Program Files\Fichiers communs\Softwin\BitDefender Communicator\xcommsvr.exe

    --
    End of file - 10058 bytes


    Citation :

    VundoFix V6.5.8

    Checking Java version...

    Java version is 1.5.0.6
    Old versions of java are exploitable and should be removed.

    Scan started at 12:12:20 22/09/2007

    Listing files found while scanning....

    C:\WINDOWS\system32\ghhxhuxx.dll
    C:\WINDOWS\system32\nqtss.bak1
    C:\WINDOWS\system32\nqtss.bak2
    C:\WINDOWS\system32\nqtss.ini
    C:\WINDOWS\system32\nqtss.ini2
    C:\WINDOWS\system32\nqtss.tmp
    C:\WINDOWS\system32\sstqn.dll

    Beginning removal...

    Attempting to delete C:\WINDOWS\system32\ghhxhuxx.dll
    C:\WINDOWS\system32\ghhxhuxx.dll Has been deleted!

    Attempting to delete C:\WINDOWS\system32\nqtss.bak1
    C:\WINDOWS\system32\nqtss.bak1 Has been deleted!

    Attempting to delete C:\WINDOWS\system32\nqtss.bak2
    C:\WINDOWS\system32\nqtss.bak2 Has been deleted!

    Attempting to delete C:\WINDOWS\system32\nqtss.ini
    C:\WINDOWS\system32\nqtss.ini Has been deleted!

    Attempting to delete C:\WINDOWS\system32\nqtss.ini2
    C:\WINDOWS\system32\nqtss.ini2 Has been deleted!

    Attempting to delete C:\WINDOWS\system32\nqtss.tmp
    C:\WINDOWS\system32\nqtss.tmp Has been deleted!

    Attempting to delete C:\WINDOWS\system32\sstqn.dll
    C:\WINDOWS\system32\sstqn.dll Has been deleted!

    Performing Repairs to the registry.
    Done!


    Mais entre temps (apres que vundofix est redémarrager mon ordi, pendant que je mangais,bitdefender a rebloquer un .dll et une page ie s'est ouverte toute seul :( 
    merci!
    Contenus similaires
    a b 8 Sécurité
    22 Septembre 2007 12:48:12

    On continue :) 
    22 Septembre 2007 12:57:28

    c'est à dire que dois-je faire? :) 
    Merci.
    a b 8 Sécurité
    22 Septembre 2007 14:59:02

    J'ai oublié la procédure :lol: 

  • Télécharge combofix.exe (par sUBs) sur ton Bureau.
  • Double clique combofix.exe.
  • Tape sur la touche 1 (Yes) pour démarrer le scan.
  • Lorsque le scan sera complété, un rapport apparaîtra. Copie/colle ce rapport dans ta prochaine réponse.

    NOTE : Le rapport se trouve également ici : C:\Combofix.txt
    22 Septembre 2007 16:20:10

    Citation :
    ComboFix 07-09-21.2 - "LEFEBVRE" 2007-09-22 16:07:10.1 - NTFSx86
    Microsoft Windows XP Professionnel 5.1.2600.2.1252.1.1036.18.1316 [GMT 2:00]
    * Created a new restore point
    .

    (((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
    .

    C:\check_LSA7.txt
    C:\WINDOWS\cookies.ini
    C:\WINDOWS\system32\jlnmp.bak1
    C:\WINDOWS\system32\jlnmp.ini
    C:\WINDOWS\system32\lynkokdf.dll
    C:\WINDOWS\system32\pmnlj.dll
    C:\WINDOWS\system32\srxwgyfu.ini
    C:\WINDOWS\system32\Suchspur.dll
    C:\WINDOWS\system32\ufygwxrs.dll

    .
    ((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))


    -------\LEGACY_WINDOWS_LOG


    ((((((((((((((((((((((((((((( Fichiers créés 2007-08-22 to 2007-09-22 ))))))))))))))))))))))))))))))))))))
    .

    2007-09-22 16:01 51,200 --a------ C:\WINDOWS\NirCmd.exe
    2007-09-22 12:12 <REP> d-------- C:\VundoFix Backups
    2007-09-22 11:38 <REP> d-------- C:\Program Files\Trend Micro
    2007-09-22 11:26 83,008 --a------ C:\WINDOWS\system32\aisxivyx.dll
    2007-09-17 18:15 76,560 --a------ C:\WINDOWS\system32\drivers\tmcomm.sys
    2007-09-17 17:56 <REP> d-------- C:\DOCUME~1\LEFEBVRE\.housecall6.6
    2007-09-17 17:52 69,689 --a------ C:\WINDOWS\UNZIP.DLL
    2007-09-17 17:52 507,904 --a------ C:\WINDOWS\TMUPDATE.DLL
    2007-09-17 17:52 286,720 --a------ C:\WINDOWS\PATCH.EXE
    2007-09-12 19:19 109,600 --a------ C:\WINDOWS\system32\sptll.dll
    2007-09-09 20:22 44,054 --a------ C:\WINDOWS\system32\mljkihh.dll
    2007-09-09 19:54 <REP> d-------- C:\DOCUME~1\ALLUSE~1\APPLIC~1\ATI
    2007-09-09 19:48 593,920 --------- C:\WINDOWS\system32\ati2sgag.exe
    2007-09-09 19:46 <REP> d-------- C:\ATI
    2007-09-09 15:38 443,752 --a------ C:\WINDOWS\system32\d3dx10_33.dll
    2007-09-09 15:38 3,495,784 --a------ C:\WINDOWS\system32\d3dx9_33.dll
    2007-09-09 15:38 261,480 --a------ C:\WINDOWS\system32\xactengine2_7.dll
    2007-09-09 15:38 1,123,696 --a------ C:\WINDOWS\system32\D3DCompiler_33.dll
    2007-09-09 15:08 <REP> d-------- C:\Program Files\Codemasters
    2007-08-31 08:09 21,504 --a------ C:\WINDOWS\system32\drivers\motmodem.sys
    2007-08-31 08:09 1,419,232 --a------ C:\WINDOWS\system32\wdfcoinstaller01005.dll
    2007-08-31 08:08 <REP> d-------- C:\Program Files\Fichiers communs\Motorola Shared
    2007-08-31 08:02 <REP> d-------- C:\DOCUME~1\LEFEBVRE\APPLIC~1\InstallShield
    2007-08-31 08:01 <REP> d-------- C:\Program Files\Avanquest update
    2007-08-31 08:00 92,064 --a------ C:\DOCUME~1\LEFEBVRE\mqdmmdm.sys
    2007-08-31 08:00 9,232 --a------ C:\DOCUME~1\LEFEBVRE\mqdmmdfl.sys
    2007-08-31 08:00 79,328 --a------ C:\DOCUME~1\LEFEBVRE\mqdmserd.sys
    2007-08-31 08:00 66,656 --a------ C:\DOCUME~1\LEFEBVRE\mqdmbus.sys
    2007-08-31 08:00 6,208 --a------ C:\DOCUME~1\LEFEBVRE\mqdmcmnt.sys
    2007-08-31 08:00 5,936 --a------ C:\DOCUME~1\LEFEBVRE\mqdmwhnt.sys
    2007-08-31 08:00 4,048 --a------ C:\DOCUME~1\LEFEBVRE\mqdmcr.sys
    2007-08-31 08:00 25,600 --a--c--- C:\WINDOWS\system32\dllcache\usbser.sys
    2007-08-31 08:00 25,600 --a------ C:\WINDOWS\system32\drivers\usbser.sys
    2007-08-31 08:00 25,600 --a------ C:\DOCUME~1\LEFEBVRE\usbsermptxp.sys
    2007-08-31 08:00 22,768 --a------ C:\DOCUME~1\LEFEBVRE\usbsermpt.sys
    2007-08-31 08:00 <REP> d-------- C:\Program Files\Motorola Phone Tools
    2007-08-31 08:00 <REP> d-------- C:\DOCUME~1\ALLUSE~1\APPLIC~1\BVRP Software
    2007-08-22 19:56 <REP> d-------- C:\images

    .
    (((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
    .
    2007-09-22 16:14 81984 --a------ C:\WINDOWS\system32\bdod.bin
    2007-09-22 15:00 --------- d-------- C:\Program Files\GetRight
    2007-09-22 09:17 --------- d-------- C:\Program Files\1toX
    2007-09-17 20:41 --------- d-------- C:\Program Files\IDoser v4
    2007-09-17 18:15 --------- d-------- C:\Program Files\AOL 9.0
    2007-09-14 18:24 --------- d-------- C:\Program Files\MSN Messenger
    2007-09-11 21:48 --------- d-------- C:\Program Files\Mail Bomber
    2007-09-09 19:54 --------- d-------- C:\DOCUME~1\LEFEBVRE\APPLIC~1\ATI
    2007-09-09 19:51 --------- d-------- C:\Program Files\ATI Technologies
    2007-09-09 19:50 --------- d--h----- C:\Program Files\InstallShield Installation Information
    2007-09-09 19:49 --------- d-------- C:\DOCUME~1\ADMINI~1\APPLIC~1\ATI
    2007-09-09 12:02 682232 --a------ C:\WINDOWS\system32\drivers\sptd.sys
    2007-08-31 08:10 0 --ah----- C:\WINDOWS\system32\drivers\MsftWdf_Kernel_01005_Coinstaller_Critical.Wdf
    2007-08-31 08:10 0 --ah----- C:\WINDOWS\system32\drivers\Msft_Kernel_motmodem_01005.Wdf
    2007-08-31 08:08 --------- d-------- C:\Program Files\Common Files
    2007-07-30 19:19 92504 --a------ C:\WINDOWS\system32\cdm.dll
    2007-07-30 19:19 549720 --a------ C:\WINDOWS\system32\wuapi.dll
    2007-07-30 19:19 53080 --a------ C:\WINDOWS\system32\wuauclt.exe
    2007-07-30 19:19 43352 --a------ C:\WINDOWS\system32\wups2.dll
    2007-07-30 19:19 325976 --a------ C:\WINDOWS\system32\wucltui.dll
    2007-07-30 19:19 203096 --a------ C:\WINDOWS\system32\wuweb.dll
    2007-07-30 19:19 1712984 --a------ C:\WINDOWS\system32\wuaueng.dll
    2007-07-30 19:18 33624 --a------ C:\WINDOWS\system32\wups.dll
    2007-07-28 07:44 45296 --a------ C:\WINDOWS\system32\drivers\ativvpxx.vp
    2007-07-28 05:37 8237056 --a------ C:\WINDOWS\system32\atioglx2.dll
    2007-07-28 05:31 344064 --a------ C:\WINDOWS\system32\ATIDEMGX.dll
    2007-07-28 05:30 269312 --a------ C:\WINDOWS\system32\ati2dvag.dll
    2007-07-28 05:30 2371584 --a------ C:\WINDOWS\system32\drivers\ati2mtag.sys
    2007-07-28 05:24 307200 --a------ C:\WINDOWS\system32\atiiiexx.dll
    2007-07-28 05:23 143360 --a------ C:\WINDOWS\system32\atipdlxx.dll
    2007-07-28 05:23 122880 --a------ C:\WINDOWS\system32\Oemdspif.dll
    2007-07-28 05:22 43520 --a------ C:\WINDOWS\system32\ati2edxx.dll
    2007-07-28 05:22 26112 --a------ C:\WINDOWS\system32\Ati2mdxx.exe
    2007-07-28 05:22 118784 --a------ C:\WINDOWS\system32\ati2evxx.dll
    2007-07-28 05:21 483328 --a------ C:\WINDOWS\system32\ati2evxx.exe
    2007-07-28 05:20 53248 --a------ C:\WINDOWS\system32\ATIDDC.DLL
    2007-07-28 05:12 3067712 --a------ C:\WINDOWS\system32\ati3duag.dll
    2007-07-28 05:06 176128 --a------ C:\WINDOWS\system32\atiok3x2.dll
    2007-07-28 05:01 1550208 --a------ C:\WINDOWS\system32\ativvaxx.dll
    2007-07-28 04:50 5435392 --a------ C:\WINDOWS\system32\atioglxx.dll
    2007-07-28 04:47 266240 --a------ C:\WINDOWS\system32\atikvmag.dll
    2007-07-28 04:46 17408 --a------ C:\WINDOWS\system32\atitvo32.dll
    2007-07-28 04:45 49152 --a------ C:\WINDOWS\system32\drivers\ati2erec.dll
    2007-07-28 04:40 450560 --a------ C:\WINDOWS\system32\ati2cqag.dll
    2007-07-24 09:44 --------- d-------- C:\Program Files\Fichiers communs\Adobe Systems Shared
    2007-07-24 09:44 --------- d-------- C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe Systems
    2007-07-23 19:53 --------- d-------- C:\DOCUME~1\LEFEBVRE\APPLIC~1\Opera
    2007-06-26 08:09 1104896 --a------ C:\WINDOWS\system32\msxml3.dll
    2007-02-11 11:35 774144 --a------ C:\Program Files\RngInterstitial.dll
    2006-08-21 11:35 461 --a------ C:\Program Files\INSTALL.LOG
    .

    ((((((((((((((((((((((((((((((((( Point de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))))
    .

    *Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés

    [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{632AB9DB-EE1E-43B0-AA06-4DD209EE33BF}]
    2007-09-09 20:22 44054 --a------ C:\WINDOWS\system32\mljkihh.dll

    [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{CD4C3CF0-4B15-11D1-ABED-709549C10000}]

    [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{D97517A6-3F1D-4C31-AB8E-E87526BCA731}]
    C:\WINDOWS\system32\sstqn.dll

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "IAAnotif"="C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe" [2005-10-12 13:30]
    "Cmaudio"="cmicnfg.cpl" []
    "BDSwitchAgent"="C:\PROGRA~1\softwin\BITDEF~1\bdswitch.exe" [2005-04-06 14:09]
    "BDNewsAgent"="C:\PROGRA~1\softwin\BITDEF~1\bdnagent.exe" [2005-06-09 11:28]
    "BDMCon"="c:\PROGRA~1\softwin\BITDEF~1\bdmcon.exe" [2006-04-28 11:46]
    "QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [2006-07-03 15:04]
    "DAEMON Tools"="C:\Program Files\DAEMON Tools\daemon.exe" [2005-12-10 16:57]
    "StartCCC"="C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2006-11-10 12:35]

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "TheTurtle"="C:\Program Files\TheTurtle\TheTurtle.exe" [2005-09-15 19:44]
    "swg"="C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2007-07-27 14:14]
    "WMPNSCFG"="C:\Program Files\Windows Media Player\WMPNSCFG.exe" [2006-11-03 09:59]

    C:\DOCUME~1\ALLUSE~1\MENUDM~1\PROGRA~1\DMARRA~1\
    WiFi Station.lnk - C:\Program Files\Hercules\WiFi Station\WifiStation.exe [2007-01-07 19:51:01]

    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
    "InstallVisualStyle"=C:\WINDOWS\Resources\Themes\Royale\Royale.msstyles
    "InstallTheme"=C:\WINDOWS\Resources\Themes\Royale.theme

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
    "{632AB9DB-EE1E-43B0-AA06-4DD209EE33BF}"= C:\WINDOWS\system32\mljkihh.dll [2007-09-09 20:22 44054]

    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\mljkihh]
    mljkihh.dll 2007-09-09 20:22 44054 C:\WINDOWS\system32\mljkihh.dll

    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
    "appinit_dlls"=sockspy.dll

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^LEFEBVRE^Menu Démarrer^Programmes^Démarrage^TribalWeb.net.lnk]
    path=C:\Documents and Settings\LEFEBVRE\Menu Démarrer\Programmes\Démarrage\TribalWeb.net.lnk
    backup=C:\WINDOWS\pss\TribalWeb.net.lnkStartup

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe]
    C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AOLDialer]
    C:\Program Files\Fichiers communs\AOL\ACS\AOLDial.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\FreeCall]
    "C:\Program Files\FreeCall.com\FreeCall\FreeCall.exe" -nosplash -minimized

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
    C:\WINDOWS\system32\NeroCheck.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NetAppel]
    "C:\Program Files\NetAppel\NetAppel.exe" -nosplash -minimized

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Raccourci vers la page des propriétés de High Definition Audio]
    HDAudPropShortcut.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RealTray]
    C:\Program Files\Real\RealPlayer\RealPlay.exe SYSTEMBOOTHIDEPLAYER

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
    C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\VoipBuster]
    "C:\Program Files\VoipBuster.com\VoipBuster\VoipBuster.exe" -nosplash -minimized

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\VoipCheapCom]
    "C:\Program Files\VoipCheapCom\VoipCheapCom.exe" -nosplash -minimized

    [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-]
    "WMPNSCFG"=C:\Program Files\Windows Media Player\WMPNSCFG.exe
    "WengoPhoneNG"=C:\Program Files\WengoPhone\qtwengophone.exe -b

    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
    "AlwaysReady Power Message APP"=ARPWRMSG.EXE
    "BDOESRV"="C:\Program Files\Softwin\BitDefender9\bdoesrv.exe"
    "ehTray"=C:\WINDOWS\ehome\ehtray.exe
    "HP Component Manager"="C:\Program Files\HP\hpcoretech\hpcmpmgr.exe"

    R0 pe3akt6c;Cycling Manager 2007 Environment Driver (pe3akt6c);C:\WINDOWS\system32\drivers\pe3akt6c.sys
    R0 pf2akt6c;Cycling Manager 2007 File System Driver (pf2akt6c);C:\WINDOWS\system32\drivers\pf2akt6c.sys
    R0 ps6akt6c;Cycling Manager 2007 Synchronization Driver (ps6akt6c);C:\WINDOWS\system32\drivers\ps6akt6c.sys
    R0 sfsync03;StarForce Protection Synchronization Driver (version 3.x);C:\WINDOWS\system32\drivers\sfsync03.sys
    R2 PoliceService;PoliceService;C:\WINDOWS\system32\srksrv.exe
    R3 3xHybrid;3xHybrid service;C:\WINDOWS\system32\DRIVERS\3xHybrid.sys
    R3 Bonifay;Bonifay;C:\WINDOWS\system32\DRIVERS\Bonifay.sys
    R3 cmudax;C-Media High Definition Audio Interface;C:\WINDOWS\system32\drivers\cmudax.sys
    R3 WmBEnum;Logitech Virtual Bus Enumerator Driver;C:\WINDOWS\system32\drivers\WmBEnum.sys
    R3 WmXlCore;Logitech WingMan Translation Layer Driver;C:\WINDOWS\system32\drivers\WmXlCore.sys
    R3 X10Hid;X10 Hid Device;C:\WINDOWS\system32\Drivers\x10hid.sys
    S2 pr2akt6c;Cycling Manager 2007 Drivers Auto Removal (pr2akt6c);C:\WINDOWS\system32\pr2akt6c.exe svc
    S3 ASNDIS5;ASNDIS5 Protocol Driver;\??\C:\PROGRA~1\WLANCA~1\ASNDIS5.SYS
    S3 JiurlPortHide;JiurlPortHide;\??\C:\WINDOWS\JiurlPortHide.sys
    S3 motmodem;Motorola USB CDC ACM Driver;C:\WINDOWS\system32\DRIVERS\motmodem.sys
    S3 WmFilter;Logitech Gaming HID Filter Driver;C:\WINDOWS\system32\drivers\WmFilter.sys
    S3 WmHidLo;Logitech Gaming USB Filter Driver;C:\WINDOWS\system32\drivers\WmHidLo.sys
    S3 WmVirHid;Logitech Virtual Hid Device Driver;C:\WINDOWS\system32\drivers\WmVirHid.sys
    S3 XUIF;X10 USB Wireless Transceiver;C:\WINDOWS\system32\Drivers\x10ufx2.sys


    [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{f13233cc-e510-11da-9681-0011d8d02c41}]
    AutoRun\command- G:\autorun.exe

    .
    Contenu du dossier 'Scheduled Tasks/Tâches planifiées'
    "2007-09-21 15:15:01 C:\WINDOWS\Tasks\Maintenance en 1 clic.job"
    - C:\Program Files\TuneUp Utilities 2006\SystemOptimizer.exe
    .
    **************************************************************************

    catchme 0.3.1061 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
    Rootkit scan 2007-09-22 16:16:08
    Windows 5.1.2600 Service Pack 2 NTFS

    scanning hidden processes ...

    scanning hidden autostart entries ...

    scanning hidden files ...

    scan completed successfully
    hidden files: 0

    **************************************************************************
    .
    Completion time: 2007-09-22 16:18:42 - machine was rebooted
    C:\ComboFix-quarantined-files.txt ... 2007-09-22 16:18
    .
    --- E O F ---

    Voila
    a b 8 Sécurité
    22 Septembre 2007 17:03:00

    Reposte un rapport Hijackthis.
    22 Septembre 2007 17:10:25

    Citation :
    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 17:10 , on 22/09/2007
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\csrss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\Ati2evxx.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\PROGRA~1\FICHIE~1\AOL\ACS\AOLacsd.exe
    C:\WINDOWS\arservice.exe
    C:\WINDOWS\system32\Ati2evxx.exe
    C:\WINDOWS\eHome\ehRecvr.exe
    C:\WINDOWS\eHome\ehSched.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\Intel\Intel Matrix Storage Manager\iaantmon.exe
    C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
    C:\WINDOWS\system32\srksrv.exe
    C:\WINDOWS\Explorer.EXE
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\svchost.exe
    C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe
    C:\Program Files\Fichiers communs\Softwin\BitDefender Communicator\xcommsvr.exe
    C:\Program Files\Intel\IntelDH\Intel(R) Quick Resume Technology\ELService.exe
    C:\Program Files\Fichiers communs\Softwin\BitDefender Update Service\livesrv.exe
    C:\WINDOWS\ehome\mcrdsvc.exe
    C:\Program Files\Windows Media Player\WMPNetwk.exe
    C:\Program Files\Fichiers communs\Softwin\BitDefender Scan Server\bdss.exe
    C:\Program Files\Softwin\BitDefender9\vsserv.exe
    C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe
    C:\WINDOWS\system32\RunDll32.exe
    C:\progra~1\softwin\bitdef~1\bdswitch.exe
    C:\progra~1\softwin\bitdef~1\bdnagent.exe
    C:\PROGRA~1\softwin\BITDEF~1\bdmcon.exe
    C:\Program Files\QuickTime\qttask.exe
    C:\Program Files\TheTurtle\TheTurtle.exe
    C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
    C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.EXE
    C:\Program Files\Windows Media Player\WMPNSCFG.exe
    C:\Program Files\Hercules\WiFi Station\WifiStation.exe
    C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe
    C:\WINDOWS\system32\dllhost.exe
    C:\WINDOWS\System32\alg.exe
    C:\Program Files\Mozilla Firefox\firefox.exe
    C:\WINDOWS\system32\rundll32.exe
    C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
    C:\WINDOWS\system32\wbem\wmiprvse.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.neo.cx
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
    O3 - Toolbar: AOL Toolbar - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - C:\Program Files\AOL Toolbar\toolbar.dll
    O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
    O3 - Toolbar: Compagnon Web Encarta - {147D6308-0614-4112-89B1-31402F9B82C4} - C:\Program Files\Fichiers communs\Microsoft Shared\Encarta Web Companion\ENCWCBAR.DLL
    O3 - Toolbar: (no name) - {E0E899AB-F487-11D5-8D29-0050BA6940E3} - (no file)
    O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
    O4 - HKLM\..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe
    O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd
    O4 - HKLM\..\Run: [BDSwitchAgent] "C:\PROGRA~1\softwin\BITDEF~1\bdswitch.exe"
    O4 - HKLM\..\Run: [BDNewsAgent] "C:\PROGRA~1\softwin\BITDEF~1\bdnagent.exe"
    O4 - HKLM\..\Run: [BDMCon] c:\PROGRA~1\softwin\BITDEF~1\bdmcon.exe
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
    O4 - HKLM\..\Run: [DAEMON Tools] "C:\Program Files\DAEMON Tools\daemon.exe" -lang 1033 -noicon
    O4 - HKLM\..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe
    O4 - HKLM\..\Run: [SearchIndexer] rundll32.exe "C:\WINDOWS\system32\cwhiuhnm.dll",sitypnow
    O4 - HKCU\..\Run: [TheTurtle] C:\Program Files\TheTurtle\TheTurtle.exe
    O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
    O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
    O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
    O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
    O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
    O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
    O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
    O4 - Global Startup: WiFi Station.lnk = ?
    O8 - Extra context menu item: &Recherche AOL Toolbar - res://C:\Program Files\AOL Toolbar\toolbar.dll/SEARCH.HTML
    O8 - Extra context menu item: &Suchen - res://C:\WINDOWS\system32\Suchspur.dll/Suchspur.HTM
    O8 - Extra context menu item: Download with GetRight - C:\Program Files\GetRight\GRdownload.htm
    O8 - Extra context menu item: Download with Go!Zilla - file://C:\Program Files\Go!Zilla\download-with-gozilla.html
    O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office10\EXCEL.EXE/3000
    O8 - Extra context menu item: Open with GetRight Browser - C:\Program Files\GetRight\GRbrowse.htm
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
    O9 - Extra button: AOL Toolbar - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - C:\Program Files\AOL Toolbar\toolbar.dll
    O9 - Extra 'Tools' menuitem: AOL Toolbar - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - C:\Program Files\AOL Toolbar\toolbar.dll
    O9 - Extra button: (no name) - {B205A35E-1FC4-4CE3-818B-899DBBB3388C} - C:\Program Files\Fichiers communs\Microsoft Shared\Encarta Search Bar\ENCSBAR.DLL
    O9 - Extra button: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Program Files\PartyGaming\PartyPoker\RunApp.exe (file missing)
    O9 - Extra 'Tools' menuitem: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Program Files\PartyGaming\PartyPoker\RunApp.exe (file missing)
    O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll
    O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
    O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Contro...
    O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Contro...
    O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/2005111401/housecall...
    O16 - DPF: {DECEAAA2-370A-49BB-9362-68C3A58DDC62} - http://static.zangocash.com/cab/Seekmo/ie/bridge-c570.c...
    O17 - HKLM\System\CCS\Services\Tcpip\..\{51D740B6-7703-4BB7-8C13-FD80FAE3256D}: NameServer = 192.168.2.1
    O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
    O23 - Service: AOL Connectivity Service (AOL ACS) - America Online, Inc. - C:\PROGRA~1\FICHIE~1\AOL\ACS\AOLacsd.exe
    O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
    O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
    O23 - Service: BitDefender Scan Server (bdss) - Unknown owner - C:\Program Files\Fichiers communs\Softwin\BitDefender Scan Server\bdss.exe
    O23 - Service: Intel® Quick Resume Technology Drivers (ELService) - Intel Corporation - C:\Program Files\Intel\IntelDH\Intel(R) Quick Resume Technology\ELService.exe
    O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
    O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMon) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\iaantmon.exe
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
    O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
    O23 - Service: BitDefender Desktop Update Service (LIVESRV) - SOFTWIN S.R.L. - C:\Program Files\Fichiers communs\Softwin\BitDefender Update Service\livesrv.exe
    O23 - Service: PoliceService - Unknown owner - C:\WINDOWS\system32\srksrv.exe
    O23 - Service: Cycling Manager 2007 Drivers Auto Removal (pr2akt6c) (pr2akt6c) - Cyanide - C:\WINDOWS\system32\pr2akt6c.exe
    O23 - Service: TuneUp WinStyler Theme Service (TUWinStylerThemeSvc) - TuneUp Software GmbH - C:\Program Files\TuneUp Utilities 2006\WinStylerThemeSvc.exe
    O23 - Service: BitDefender Virus Shield (VSSERV) - SOFTWIN S.R.L. - C:\Program Files\Softwin\BitDefender9\vsserv.exe
    O23 - Service: X10 Device Network Service (x10nets) - X10 - C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe
    O23 - Service: BitDefender Communicator (XCOMM) - Softwin - C:\Program Files\Fichiers communs\Softwin\BitDefender Communicator\xcommsvr.exe

    --
    End of file - 9985 bytes
    a b 8 Sécurité
    22 Septembre 2007 17:45:12

    Refais un scan Combofix :) 
    22 Septembre 2007 18:31:04

    ComboFix 07-09-21.2 - "LEFEBVRE" 2007-09-22 18:08:58.3 - NTFSx86
    Microsoft Windows XP Professionnel 5.1.2600.2.1252.1.1036.18.1298 [GMT 2:00]
    .

    (((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
    .

    C:\check_LSA7.txt
    C:\WINDOWS\cookies.ini
    C:\WINDOWS\system32\awvts.dll
    C:\WINDOWS\system32\cwhiuhnm.dll
    C:\WINDOWS\system32\mnhuihwc.ini
    C:\WINDOWS\system32\ofqpmyiy.dll
    C:\WINDOWS\system32\stvwa.bak1
    C:\WINDOWS\system32\stvwa.ini

    .
    ((((((((((((((((((((((((((((( Fichiers créés 2007-08-22 to 2007-09-22 ))))))))))))))))))))))))))))))))))))
    .

    2007-09-22 16:01 51,200 --a------ C:\WINDOWS\NirCmd.exe
    2007-09-22 12:12 <REP> d-------- C:\VundoFix Backups
    2007-09-22 11:38 <REP> d-------- C:\Program Files\Trend Micro
    2007-09-22 11:26 83,008 --a------ C:\WINDOWS\system32\aisxivyx.dll
    2007-09-17 18:15 76,560 --a------ C:\WINDOWS\system32\drivers\tmcomm.sys
    2007-09-17 17:56 <REP> d-------- C:\DOCUME~1\LEFEBVRE\.housecall6.6
    2007-09-17 17:52 69,689 --a------ C:\WINDOWS\UNZIP.DLL
    2007-09-17 17:52 507,904 --a------ C:\WINDOWS\TMUPDATE.DLL
    2007-09-17 17:52 286,720 --a------ C:\WINDOWS\PATCH.EXE
    2007-09-12 19:19 109,600 --a------ C:\WINDOWS\system32\sptll.dll
    2007-09-09 20:22 44,054 --a------ C:\WINDOWS\system32\mljkihh.dll
    2007-09-09 19:54 <REP> d-------- C:\DOCUME~1\ALLUSE~1\APPLIC~1\ATI
    2007-09-09 19:48 593,920 --------- C:\WINDOWS\system32\ati2sgag.exe
    2007-09-09 19:46 <REP> d-------- C:\ATI
    2007-09-09 15:38 443,752 --a------ C:\WINDOWS\system32\d3dx10_33.dll
    2007-09-09 15:38 3,495,784 --a------ C:\WINDOWS\system32\d3dx9_33.dll
    2007-09-09 15:38 261,480 --a------ C:\WINDOWS\system32\xactengine2_7.dll
    2007-09-09 15:38 1,123,696 --a------ C:\WINDOWS\system32\D3DCompiler_33.dll
    2007-09-09 15:08 <REP> d-------- C:\Program Files\Codemasters
    2007-08-31 08:09 21,504 --a------ C:\WINDOWS\system32\drivers\motmodem.sys
    2007-08-31 08:09 1,419,232 --a------ C:\WINDOWS\system32\wdfcoinstaller01005.dll
    2007-08-31 08:08 <REP> d-------- C:\Program Files\Fichiers communs\Motorola Shared
    2007-08-31 08:02 <REP> d-------- C:\DOCUME~1\LEFEBVRE\APPLIC~1\InstallShield
    2007-08-31 08:01 <REP> d-------- C:\Program Files\Avanquest update
    2007-08-31 08:00 92,064 --a------ C:\DOCUME~1\LEFEBVRE\mqdmmdm.sys
    2007-08-31 08:00 9,232 --a------ C:\DOCUME~1\LEFEBVRE\mqdmmdfl.sys
    2007-08-31 08:00 79,328 --a------ C:\DOCUME~1\LEFEBVRE\mqdmserd.sys
    2007-08-31 08:00 66,656 --a------ C:\DOCUME~1\LEFEBVRE\mqdmbus.sys
    2007-08-31 08:00 6,208 --a------ C:\DOCUME~1\LEFEBVRE\mqdmcmnt.sys
    2007-08-31 08:00 5,936 --a------ C:\DOCUME~1\LEFEBVRE\mqdmwhnt.sys
    2007-08-31 08:00 4,048 --a------ C:\DOCUME~1\LEFEBVRE\mqdmcr.sys
    2007-08-31 08:00 25,600 --a--c--- C:\WINDOWS\system32\dllcache\usbser.sys
    2007-08-31 08:00 25,600 --a------ C:\WINDOWS\system32\drivers\usbser.sys
    2007-08-31 08:00 25,600 --a------ C:\DOCUME~1\LEFEBVRE\usbsermptxp.sys
    2007-08-31 08:00 22,768 --a------ C:\DOCUME~1\LEFEBVRE\usbsermpt.sys
    2007-08-31 08:00 <REP> d-------- C:\Program Files\Motorola Phone Tools
    2007-08-31 08:00 <REP> d-------- C:\DOCUME~1\ALLUSE~1\APPLIC~1\BVRP Software
    2007-08-22 19:56 <REP> d-------- C:\images

    .
    (((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
    .
    2007-09-22 18:13 81984 --a------ C:\WINDOWS\system32\bdod.bin
    2007-09-22 15:00 --------- d-------- C:\Program Files\GetRight
    2007-09-22 09:17 --------- d-------- C:\Program Files\1toX
    2007-09-17 20:41 --------- d-------- C:\Program Files\IDoser v4
    2007-09-17 18:15 --------- d-------- C:\Program Files\AOL 9.0
    2007-09-14 18:24 --------- d-------- C:\Program Files\MSN Messenger
    2007-09-11 21:48 --------- d-------- C:\Program Files\Mail Bomber
    2007-09-09 19:54 --------- d-------- C:\DOCUME~1\LEFEBVRE\APPLIC~1\ATI
    2007-09-09 19:51 --------- d-------- C:\Program Files\ATI Technologies
    2007-09-09 19:50 --------- d--h----- C:\Program Files\InstallShield Installation Information
    2007-09-09 19:49 --------- d-------- C:\DOCUME~1\ADMINI~1\APPLIC~1\ATI
    2007-09-09 12:02 682232 --a------ C:\WINDOWS\system32\drivers\sptd.sys
    2007-08-31 08:10 0 --ah----- C:\WINDOWS\system32\drivers\MsftWdf_Kernel_01005_Coinstaller_Critical.Wdf
    2007-08-31 08:10 0 --ah----- C:\WINDOWS\system32\drivers\Msft_Kernel_motmodem_01005.Wdf
    2007-08-31 08:08 --------- d-------- C:\Program Files\Common Files
    2007-07-30 19:19 92504 --a------ C:\WINDOWS\system32\cdm.dll
    2007-07-30 19:19 549720 --a------ C:\WINDOWS\system32\wuapi.dll
    2007-07-30 19:19 53080 --a------ C:\WINDOWS\system32\wuauclt.exe
    2007-07-30 19:19 43352 --a------ C:\WINDOWS\system32\wups2.dll
    2007-07-30 19:19 325976 --a------ C:\WINDOWS\system32\wucltui.dll
    2007-07-30 19:19 203096 --a------ C:\WINDOWS\system32\wuweb.dll
    2007-07-30 19:19 1712984 --a------ C:\WINDOWS\system32\wuaueng.dll
    2007-07-30 19:18 33624 --a------ C:\WINDOWS\system32\wups.dll
    2007-07-28 07:44 45296 --a------ C:\WINDOWS\system32\drivers\ativvpxx.vp
    2007-07-28 05:37 8237056 --a------ C:\WINDOWS\system32\atioglx2.dll
    2007-07-28 05:31 344064 --a------ C:\WINDOWS\system32\ATIDEMGX.dll
    2007-07-28 05:30 269312 --a------ C:\WINDOWS\system32\ati2dvag.dll
    2007-07-28 05:30 2371584 --a------ C:\WINDOWS\system32\drivers\ati2mtag.sys
    2007-07-28 05:24 307200 --a------ C:\WINDOWS\system32\atiiiexx.dll
    2007-07-28 05:23 143360 --a------ C:\WINDOWS\system32\atipdlxx.dll
    2007-07-28 05:23 122880 --a------ C:\WINDOWS\system32\Oemdspif.dll
    2007-07-28 05:22 43520 --a------ C:\WINDOWS\system32\ati2edxx.dll
    2007-07-28 05:22 26112 --a------ C:\WINDOWS\system32\Ati2mdxx.exe
    2007-07-28 05:22 118784 --a------ C:\WINDOWS\system32\ati2evxx.dll
    2007-07-28 05:21 483328 --a------ C:\WINDOWS\system32\ati2evxx.exe
    2007-07-28 05:20 53248 --a------ C:\WINDOWS\system32\ATIDDC.DLL
    2007-07-28 05:12 3067712 --a------ C:\WINDOWS\system32\ati3duag.dll
    2007-07-28 05:06 176128 --a------ C:\WINDOWS\system32\atiok3x2.dll
    2007-07-28 05:01 1550208 --a------ C:\WINDOWS\system32\ativvaxx.dll
    2007-07-28 04:50 5435392 --a------ C:\WINDOWS\system32\atioglxx.dll
    2007-07-28 04:47 266240 --a------ C:\WINDOWS\system32\atikvmag.dll
    2007-07-28 04:46 17408 --a------ C:\WINDOWS\system32\atitvo32.dll
    2007-07-28 04:45 49152 --a------ C:\WINDOWS\system32\drivers\ati2erec.dll
    2007-07-28 04:40 450560 --a------ C:\WINDOWS\system32\ati2cqag.dll
    2007-07-24 09:44 --------- d-------- C:\Program Files\Fichiers communs\Adobe Systems Shared
    2007-07-24 09:44 --------- d-------- C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe Systems
    2007-07-23 19:53 --------- d-------- C:\DOCUME~1\LEFEBVRE\APPLIC~1\Opera
    2007-06-26 08:09 1104896 --a------ C:\WINDOWS\system32\msxml3.dll
    2007-02-11 11:35 774144 --a------ C:\Program Files\RngInterstitial.dll
    2006-08-21 11:35 461 --a------ C:\Program Files\INSTALL.LOG
    .

    ((((((((((((((((((((((((((((((((( Point de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))))
    .

    *Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés

    [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{632AB9DB-EE1E-43B0-AA06-4DD209EE33BF}]
    2007-09-09 20:22 44054 --a------ C:\WINDOWS\system32\mljkihh.dll

    [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{CD4C3CF0-4B15-11D1-ABED-709549C10000}]

    [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{D97517A6-3F1D-4C31-AB8E-E87526BCA731}]
    C:\WINDOWS\system32\sstqn.dll

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "IAAnotif"="C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe" [2005-10-12 13:30]
    "Cmaudio"="cmicnfg.cpl" []
    "BDSwitchAgent"="C:\PROGRA~1\softwin\BITDEF~1\bdswitch.exe" [2005-04-06 14:09]
    "BDNewsAgent"="C:\PROGRA~1\softwin\BITDEF~1\bdnagent.exe" [2005-06-09 11:28]
    "BDMCon"="c:\PROGRA~1\softwin\BITDEF~1\bdmcon.exe" [2006-04-28 11:46]
    "QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [2006-07-03 15:04]
    "DAEMON Tools"="C:\Program Files\DAEMON Tools\daemon.exe" [2005-12-10 16:57]
    "StartCCC"="C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2006-11-10 12:35]

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "TheTurtle"="C:\Program Files\TheTurtle\TheTurtle.exe" [2005-09-15 19:44]
    "WMPNSCFG"="C:\Program Files\Windows Media Player\WMPNSCFG.exe" [2006-11-03 09:59]

    C:\DOCUME~1\ALLUSE~1\MENUDM~1\PROGRA~1\DMARRA~1\
    WiFi Station.lnk - C:\Program Files\Hercules\WiFi Station\WifiStation.exe [2007-01-07 19:51:01]

    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
    "InstallVisualStyle"=C:\WINDOWS\Resources\Themes\Royale\Royale.msstyles
    "InstallTheme"=C:\WINDOWS\Resources\Themes\Royale.theme

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
    "{632AB9DB-EE1E-43B0-AA06-4DD209EE33BF}"= C:\WINDOWS\system32\mljkihh.dll [2007-09-09 20:22 44054]

    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\mljkihh]
    mljkihh.dll 2007-09-09 20:22 44054 C:\WINDOWS\system32\mljkihh.dll

    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
    "appinit_dlls"=sockspy.dll

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^LEFEBVRE^Menu Démarrer^Programmes^Démarrage^TribalWeb.net.lnk]
    path=C:\Documents and Settings\LEFEBVRE\Menu Démarrer\Programmes\Démarrage\TribalWeb.net.lnk
    backup=C:\WINDOWS\pss\TribalWeb.net.lnkStartup

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe]
    C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AOLDialer]
    C:\Program Files\Fichiers communs\AOL\ACS\AOLDial.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\FreeCall]
    "C:\Program Files\FreeCall.com\FreeCall\FreeCall.exe" -nosplash -minimized

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
    C:\WINDOWS\system32\NeroCheck.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NetAppel]
    "C:\Program Files\NetAppel\NetAppel.exe" -nosplash -minimized

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Raccourci vers la page des propriétés de High Definition Audio]
    HDAudPropShortcut.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RealTray]
    C:\Program Files\Real\RealPlayer\RealPlay.exe SYSTEMBOOTHIDEPLAYER

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
    C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\VoipBuster]
    "C:\Program Files\VoipBuster.com\VoipBuster\VoipBuster.exe" -nosplash -minimized

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\VoipCheapCom]
    "C:\Program Files\VoipCheapCom\VoipCheapCom.exe" -nosplash -minimized

    [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-]
    "WMPNSCFG"=C:\Program Files\Windows Media Player\WMPNSCFG.exe
    "WengoPhoneNG"=C:\Program Files\WengoPhone\qtwengophone.exe -b

    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
    "AlwaysReady Power Message APP"=ARPWRMSG.EXE
    "BDOESRV"="C:\Program Files\Softwin\BitDefender9\bdoesrv.exe"
    "ehTray"=C:\WINDOWS\ehome\ehtray.exe
    "HP Component Manager"="C:\Program Files\HP\hpcoretech\hpcmpmgr.exe"

    R0 pe3akt6c;Cycling Manager 2007 Environment Driver (pe3akt6c);C:\WINDOWS\system32\drivers\pe3akt6c.sys
    R0 pf2akt6c;Cycling Manager 2007 File System Driver (pf2akt6c);C:\WINDOWS\system32\drivers\pf2akt6c.sys
    R0 ps6akt6c;Cycling Manager 2007 Synchronization Driver (ps6akt6c);C:\WINDOWS\system32\drivers\ps6akt6c.sys
    R0 sfsync03;StarForce Protection Synchronization Driver (version 3.x);C:\WINDOWS\system32\drivers\sfsync03.sys
    R2 PoliceService;PoliceService;C:\WINDOWS\system32\srksrv.exe
    R3 3xHybrid;3xHybrid service;C:\WINDOWS\system32\DRIVERS\3xHybrid.sys
    R3 Bonifay;Bonifay;C:\WINDOWS\system32\DRIVERS\Bonifay.sys
    R3 cmudax;C-Media High Definition Audio Interface;C:\WINDOWS\system32\drivers\cmudax.sys
    R3 WmBEnum;Logitech Virtual Bus Enumerator Driver;C:\WINDOWS\system32\drivers\WmBEnum.sys
    R3 WmXlCore;Logitech WingMan Translation Layer Driver;C:\WINDOWS\system32\drivers\WmXlCore.sys
    R3 X10Hid;X10 Hid Device;C:\WINDOWS\system32\Drivers\x10hid.sys
    S2 pr2akt6c;Cycling Manager 2007 Drivers Auto Removal (pr2akt6c);C:\WINDOWS\system32\pr2akt6c.exe svc
    S3 ASNDIS5;ASNDIS5 Protocol Driver;\??\C:\PROGRA~1\WLANCA~1\ASNDIS5.SYS
    S3 JiurlPortHide;JiurlPortHide;\??\C:\WINDOWS\JiurlPortHide.sys
    S3 motmodem;Motorola USB CDC ACM Driver;C:\WINDOWS\system32\DRIVERS\motmodem.sys
    S3 WmFilter;Logitech Gaming HID Filter Driver;C:\WINDOWS\system32\drivers\WmFilter.sys
    S3 WmHidLo;Logitech Gaming USB Filter Driver;C:\WINDOWS\system32\drivers\WmHidLo.sys
    S3 WmVirHid;Logitech Virtual Hid Device Driver;C:\WINDOWS\system32\drivers\WmVirHid.sys
    S3 XUIF;X10 USB Wireless Transceiver;C:\WINDOWS\system32\Drivers\x10ufx2.sys


    [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{f13233cc-e510-11da-9681-0011d8d02c41}]
    AutoRun\command- G:\autorun.exe

    .
    Contenu du dossier 'Scheduled Tasks/Tâches planifiées'
    "2007-09-21 15:15:01 C:\WINDOWS\Tasks\Maintenance en 1 clic.job"
    - C:\Program Files\TuneUp Utilities 2006\SystemOptimizer.exe
    .
    **************************************************************************

    catchme 0.3.1061 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
    Rootkit scan 2007-09-22 18:15:02
    Windows 5.1.2600 Service Pack 2 NTFS

    scanning hidden processes ...

    scanning hidden autostart entries ...

    scanning hidden files ...

    scan completed successfully
    hidden files: 0

    **************************************************************************
    .
    Completion time: 2007-09-22 18:18:00 - machine was rebooted
    C:\ComboFix-quarantined-files.txt ... 2007-09-22 18:17
    C:\ComboFix2.txt ... 2007-09-22 16:18
    .
    --- E O F ---
    a b 8 Sécurité
    22 Septembre 2007 18:53:24

    Re,

    Copie (Ctrl+C) le texte se situant dans le cadre ci-dessous :

    File::
    C:\WINDOWS\system32\aisxivyx.dll
    C:\WINDOWS\system32\sptll.dll
    C:\WINDOWS\system32\mljkihh.dll

    Registry::
    [-HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{632AB9DB-EE1E-43B0-AA06-4DD209EE33BF}]
    [-HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{D97517A6-3F1D-4C31-AB8E-E87526BCA731}]
    [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
    "{632AB9DB-EE1E-43B0-AA06-4DD209EE33BF}"=-
    [-HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\mljkihh]


    Ouvre le Bloc-Notes puis colle (Ctrl+V) le texte précedemment copié.
    Sauvegarde ce fichier sous le nom de CFScript.txt.

    Glisse maintenant le fichier ComboFix-Do.txt dans Combofix.exe comme ci-dessous :


    Cela va relancer Combofix, tape sur 1 puis valide. Après redémarrage, poste le contenu du rapport Combofix.txt accompagné d'un rapport Hijackthis.
    [#ff0000]NOTE : S'il n'y a pas de rédémarrage, poste quand même les rapports demandés.[/#f]
    22 Septembre 2007 19:14:19

    Citation :
    ComboFix 07-09-21.2 - "LEFEBVRE" 2007-09-22 19:02:10.4 - NTFSx86
    Microsoft Windows XP Professionnel 5.1.2600.2.1252.1.1036.18.1370 [GMT 2:00]
    Command switches used :: C:\Documents and Settings\LEFEBVRE\Bureau\CFScript.txt
    * Created a new restore point

    FILE::
    C:\WINDOWS\system32\aisxivyx.dll
    C:\WINDOWS\system32\sptll.dll
    C:\WINDOWS\system32\mljkihh.dll
    .

    (((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
    .

    C:\WINDOWS\system32\aisxivyx.dll
    C:\WINDOWS\system32\mljkihh.dll
    C:\WINDOWS\system32\sptll.dll

    .
    ((((((((((((((((((((((((((((( Fichiers créés 2007-08-22 to 2007-09-22 ))))))))))))))))))))))))))))))))))))
    .

    2007-09-22 16:01 51,200 --a------ C:\WINDOWS\NirCmd.exe
    2007-09-22 12:12 <REP> d-------- C:\VundoFix Backups
    2007-09-22 11:38 <REP> d-------- C:\Program Files\Trend Micro
    2007-09-17 18:15 76,560 --a------ C:\WINDOWS\system32\drivers\tmcomm.sys
    2007-09-17 17:56 <REP> d-------- C:\DOCUME~1\LEFEBVRE\.housecall6.6
    2007-09-17 17:52 69,689 --a------ C:\WINDOWS\UNZIP.DLL
    2007-09-17 17:52 507,904 --a------ C:\WINDOWS\TMUPDATE.DLL
    2007-09-17 17:52 286,720 --a------ C:\WINDOWS\PATCH.EXE
    2007-09-09 19:54 <REP> d-------- C:\DOCUME~1\ALLUSE~1\APPLIC~1\ATI
    2007-09-09 19:48 593,920 --------- C:\WINDOWS\system32\ati2sgag.exe
    2007-09-09 19:46 <REP> d-------- C:\ATI
    2007-09-09 15:38 443,752 --a------ C:\WINDOWS\system32\d3dx10_33.dll
    2007-09-09 15:38 3,495,784 --a------ C:\WINDOWS\system32\d3dx9_33.dll
    2007-09-09 15:38 261,480 --a------ C:\WINDOWS\system32\xactengine2_7.dll
    2007-09-09 15:38 1,123,696 --a------ C:\WINDOWS\system32\D3DCompiler_33.dll
    2007-09-09 15:08 <REP> d-------- C:\Program Files\Codemasters
    2007-08-31 08:09 21,504 --a------ C:\WINDOWS\system32\drivers\motmodem.sys
    2007-08-31 08:09 1,419,232 --a------ C:\WINDOWS\system32\wdfcoinstaller01005.dll
    2007-08-31 08:08 <REP> d-------- C:\Program Files\Fichiers communs\Motorola Shared
    2007-08-31 08:02 <REP> d-------- C:\DOCUME~1\LEFEBVRE\APPLIC~1\InstallShield
    2007-08-31 08:01 <REP> d-------- C:\Program Files\Avanquest update
    2007-08-31 08:00 92,064 --a------ C:\DOCUME~1\LEFEBVRE\mqdmmdm.sys
    2007-08-31 08:00 9,232 --a------ C:\DOCUME~1\LEFEBVRE\mqdmmdfl.sys
    2007-08-31 08:00 79,328 --a------ C:\DOCUME~1\LEFEBVRE\mqdmserd.sys
    2007-08-31 08:00 66,656 --a------ C:\DOCUME~1\LEFEBVRE\mqdmbus.sys
    2007-08-31 08:00 6,208 --a------ C:\DOCUME~1\LEFEBVRE\mqdmcmnt.sys
    2007-08-31 08:00 5,936 --a------ C:\DOCUME~1\LEFEBVRE\mqdmwhnt.sys
    2007-08-31 08:00 4,048 --a------ C:\DOCUME~1\LEFEBVRE\mqdmcr.sys
    2007-08-31 08:00 25,600 --a--c--- C:\WINDOWS\system32\dllcache\usbser.sys
    2007-08-31 08:00 25,600 --a------ C:\WINDOWS\system32\drivers\usbser.sys
    2007-08-31 08:00 25,600 --a------ C:\DOCUME~1\LEFEBVRE\usbsermptxp.sys
    2007-08-31 08:00 22,768 --a------ C:\DOCUME~1\LEFEBVRE\usbsermpt.sys
    2007-08-31 08:00 <REP> d-------- C:\Program Files\Motorola Phone Tools
    2007-08-31 08:00 <REP> d-------- C:\DOCUME~1\ALLUSE~1\APPLIC~1\BVRP Software
    2007-08-22 19:56 <REP> d-------- C:\images

    .
    (((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
    .
    2007-09-22 15:00 --------- d-------- C:\Program Files\GetRight
    2007-09-22 09:17 --------- d-------- C:\Program Files\1toX
    2007-09-17 20:41 --------- d-------- C:\Program Files\IDoser v4
    2007-09-17 18:15 --------- d-------- C:\Program Files\AOL 9.0
    2007-09-14 18:24 --------- d-------- C:\Program Files\MSN Messenger
    2007-09-11 21:48 --------- d-------- C:\Program Files\Mail Bomber
    2007-09-09 19:54 --------- d-------- C:\DOCUME~1\LEFEBVRE\APPLIC~1\ATI
    2007-09-09 19:51 --------- d-------- C:\Program Files\ATI Technologies
    2007-09-09 19:50 --------- d--h----- C:\Program Files\InstallShield Installation Information
    2007-09-09 19:49 --------- d-------- C:\DOCUME~1\ADMINI~1\APPLIC~1\ATI
    2007-09-09 12:02 682232 --a------ C:\WINDOWS\system32\drivers\sptd.sys
    2007-08-31 08:10 0 --ah----- C:\WINDOWS\system32\drivers\MsftWdf_Kernel_01005_Coinstaller_Critical.Wdf
    2007-08-31 08:10 0 --ah----- C:\WINDOWS\system32\drivers\Msft_Kernel_motmodem_01005.Wdf
    2007-08-31 08:08 --------- d-------- C:\Program Files\Common Files
    2007-07-28 07:44 45296 --a------ C:\WINDOWS\system32\drivers\ativvpxx.vp
    2007-07-28 05:30 2371584 --a------ C:\WINDOWS\system32\drivers\ati2mtag.sys
    2007-07-28 04:45 49152 --a------ C:\WINDOWS\system32\drivers\ati2erec.dll
    2007-07-24 09:44 --------- d-------- C:\Program Files\Fichiers communs\Adobe Systems Shared
    2007-07-24 09:44 --------- d-------- C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe Systems
    2007-07-23 19:53 --------- d-------- C:\DOCUME~1\LEFEBVRE\APPLIC~1\Opera
    2007-02-11 11:35 774144 --a------ C:\Program Files\RngInterstitial.dll
    2006-08-21 11:35 461 --a------ C:\Program Files\INSTALL.LOG
    .

    ((((((((((((((((((((((((((((( snapshot_2007-09-22_161811.17 )))))))))))))))))))))))))))))))))))))))))
    .
    ----a-w 81,984 2007-09-22 17:05:38 C:\WINDOWS\system32\bdod.bin
    .
    ----a-w 81,984 2007-09-22 14:14:33 C:\WINDOWS\system32\bdod.bin
    .
    ((((((((((((((((((((((((((((((((( Point de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))))
    .

    *Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés

    [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{CD4C3CF0-4B15-11D1-ABED-709549C10000}]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "IAAnotif"="C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe" [2005-10-12 13:30]
    "Cmaudio"="cmicnfg.cpl" []
    "BDSwitchAgent"="C:\PROGRA~1\softwin\BITDEF~1\bdswitch.exe" [2005-04-06 14:09]
    "BDNewsAgent"="C:\PROGRA~1\softwin\BITDEF~1\bdnagent.exe" [2005-06-09 11:28]
    "BDMCon"="c:\PROGRA~1\softwin\BITDEF~1\bdmcon.exe" [2006-04-28 11:46]
    "QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [2006-07-03 15:04]
    "DAEMON Tools"="C:\Program Files\DAEMON Tools\daemon.exe" [2005-12-10 16:57]
    "StartCCC"="C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2006-11-10 12:35]

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "TheTurtle"="C:\Program Files\TheTurtle\TheTurtle.exe" [2005-09-15 19:44]
    "WMPNSCFG"="C:\Program Files\Windows Media Player\WMPNSCFG.exe" [2006-11-03 09:59]

    C:\DOCUME~1\ALLUSE~1\MENUDM~1\PROGRA~1\DMARRA~1\
    WiFi Station.lnk - C:\Program Files\Hercules\WiFi Station\WifiStation.exe [2007-01-07 19:51:01]

    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
    "InstallVisualStyle"=C:\WINDOWS\Resources\Themes\Royale\Royale.msstyles
    "InstallTheme"=C:\WINDOWS\Resources\Themes\Royale.theme

    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
    "appinit_dlls"=sockspy.dll

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^LEFEBVRE^Menu Démarrer^Programmes^Démarrage^TribalWeb.net.lnk]
    path=C:\Documents and Settings\LEFEBVRE\Menu Démarrer\Programmes\Démarrage\TribalWeb.net.lnk
    backup=C:\WINDOWS\pss\TribalWeb.net.lnkStartup

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe]
    C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AOLDialer]
    C:\Program Files\Fichiers communs\AOL\ACS\AOLDial.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\FreeCall]
    "C:\Program Files\FreeCall.com\FreeCall\FreeCall.exe" -nosplash -minimized

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
    C:\WINDOWS\system32\NeroCheck.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NetAppel]
    "C:\Program Files\NetAppel\NetAppel.exe" -nosplash -minimized

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Raccourci vers la page des propriétés de High Definition Audio]
    HDAudPropShortcut.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RealTray]
    C:\Program Files\Real\RealPlayer\RealPlay.exe SYSTEMBOOTHIDEPLAYER

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
    C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\VoipBuster]
    "C:\Program Files\VoipBuster.com\VoipBuster\VoipBuster.exe" -nosplash -minimized

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\VoipCheapCom]
    "C:\Program Files\VoipCheapCom\VoipCheapCom.exe" -nosplash -minimized

    [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-]
    "WMPNSCFG"=C:\Program Files\Windows Media Player\WMPNSCFG.exe
    "WengoPhoneNG"=C:\Program Files\WengoPhone\qtwengophone.exe -b

    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
    "AlwaysReady Power Message APP"=ARPWRMSG.EXE
    "BDOESRV"="C:\Program Files\Softwin\BitDefender9\bdoesrv.exe"
    "ehTray"=C:\WINDOWS\ehome\ehtray.exe
    "HP Component Manager"="C:\Program Files\HP\hpcoretech\hpcmpmgr.exe"

    R0 pe3akt6c;Cycling Manager 2007 Environment Driver (pe3akt6c);C:\WINDOWS\system32\drivers\pe3akt6c.sys
    R0 pf2akt6c;Cycling Manager 2007 File System Driver (pf2akt6c);C:\WINDOWS\system32\drivers\pf2akt6c.sys
    R0 ps6akt6c;Cycling Manager 2007 Synchronization Driver (ps6akt6c);C:\WINDOWS\system32\drivers\ps6akt6c.sys
    R0 sfsync03;StarForce Protection Synchronization Driver (version 3.x);C:\WINDOWS\system32\drivers\sfsync03.sys
    R2 PoliceService;PoliceService;C:\WINDOWS\system32\srksrv.exe
    R3 3xHybrid;3xHybrid service;C:\WINDOWS\system32\DRIVERS\3xHybrid.sys
    R3 Bonifay;Bonifay;C:\WINDOWS\system32\DRIVERS\Bonifay.sys
    R3 cmudax;C-Media High Definition Audio Interface;C:\WINDOWS\system32\drivers\cmudax.sys
    R3 WmBEnum;Logitech Virtual Bus Enumerator Driver;C:\WINDOWS\system32\drivers\WmBEnum.sys
    R3 WmXlCore;Logitech WingMan Translation Layer Driver;C:\WINDOWS\system32\drivers\WmXlCore.sys
    R3 X10Hid;X10 Hid Device;C:\WINDOWS\system32\Drivers\x10hid.sys
    S2 pr2akt6c;Cycling Manager 2007 Drivers Auto Removal (pr2akt6c);C:\WINDOWS\system32\pr2akt6c.exe svc
    S3 ASNDIS5;ASNDIS5 Protocol Driver;\??\C:\PROGRA~1\WLANCA~1\ASNDIS5.SYS
    S3 JiurlPortHide;JiurlPortHide;\??\C:\WINDOWS\JiurlPortHide.sys
    S3 motmodem;Motorola USB CDC ACM Driver;C:\WINDOWS\system32\DRIVERS\motmodem.sys
    S3 WmFilter;Logitech Gaming HID Filter Driver;C:\WINDOWS\system32\drivers\WmFilter.sys
    S3 WmHidLo;Logitech Gaming USB Filter Driver;C:\WINDOWS\system32\drivers\WmHidLo.sys
    S3 WmVirHid;Logitech Virtual Hid Device Driver;C:\WINDOWS\system32\drivers\WmVirHid.sys
    S3 XUIF;X10 USB Wireless Transceiver;C:\WINDOWS\system32\Drivers\x10ufx2.sys


    [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{f13233cc-e510-11da-9681-0011d8d02c41}]
    AutoRun\command- G:\autorun.exe

    .
    Contenu du dossier 'Scheduled Tasks/Tâches planifiées'
    "2007-09-21 15:15:01 C:\WINDOWS\Tasks\Maintenance en 1 clic.job"
    - C:\Program Files\TuneUp Utilities 2006\SystemOptimizer.exe
    .
    **************************************************************************

    catchme 0.3.1061 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
    Rootkit scan 2007-09-22 19:07:13
    Windows 5.1.2600 Service Pack 2 NTFS

    scanning hidden processes ...

    scanning hidden autostart entries ...

    scanning hidden files ...

    scan completed successfully
    hidden files: 0

    **************************************************************************
    .
    Completion time: 2007-09-22 19:09:16 - machine was rebooted
    C:\ComboFix-quarantined-files.txt ... 2007-09-22 19:09
    C:\ComboFix2.txt ... 2007-09-22 18:18
    C:\ComboFix3.txt ... 2007-09-22 16:18
    .
    --- E O F ---



    et pour hijackthis
    Citation :
    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 19:13, on 2007-09-22
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\csrss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\Ati2evxx.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\PROGRA~1\FICHIE~1\AOL\ACS\AOLacsd.exe
    C:\WINDOWS\arservice.exe
    C:\WINDOWS\system32\Ati2evxx.exe
    C:\WINDOWS\eHome\ehRecvr.exe
    C:\WINDOWS\eHome\ehSched.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\Intel\Intel Matrix Storage Manager\iaantmon.exe
    C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
    C:\WINDOWS\system32\srksrv.exe
    C:\WINDOWS\Explorer.EXE
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\svchost.exe
    C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe
    C:\Program Files\Fichiers communs\Softwin\BitDefender Communicator\xcommsvr.exe
    C:\Program Files\Fichiers communs\Softwin\BitDefender Scan Server\bdss.exe
    C:\Program Files\Intel\IntelDH\Intel(R) Quick Resume Technology\ELService.exe
    C:\Program Files\Fichiers communs\Softwin\BitDefender Update Service\livesrv.exe
    C:\WINDOWS\ehome\mcrdsvc.exe
    C:\Program Files\Windows Media Player\WMPNetwk.exe
    C:\Program Files\Softwin\BitDefender9\vsserv.exe
    C:\WINDOWS\system32\dllhost.exe
    C:\WINDOWS\System32\alg.exe
    C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe
    C:\WINDOWS\system32\RunDll32.exe
    C:\progra~1\softwin\bitdef~1\bdswitch.exe
    C:\progra~1\softwin\bitdef~1\bdnagent.exe
    C:\PROGRA~1\softwin\BITDEF~1\bdmcon.exe
    C:\Program Files\TheTurtle\TheTurtle.exe
    C:\Program Files\Windows Media Player\WMPNSCFG.exe
    C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.EXE
    C:\Program Files\Hercules\WiFi Station\WifiStation.exe
    C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe
    C:\WINDOWS\system32\notepad.exe
    C:\Program Files\MSN Messenger\msnmsgr.exe
    C:\Program Files\MSN Messenger\usnsvc.exe
    C:\Program Files\Mozilla Firefox\firefox.exe
    C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
    C:\WINDOWS\system32\wbem\wmiprvse.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.neo.cx
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
    O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
    O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
    O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
    O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
    O2 - BHO: BHO pour Compagnon Web Encarta - {955BE0B8-BC85-4CAF-856E-8E0D8B610560} - C:\Program Files\Fichiers communs\Microsoft Shared\Encarta Web Companion\ENCWCBAR.DLL
    O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
    O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll
    O2 - BHO: (no name) - {CD4C3CF0-4B15-11D1-ABED-709549C10000} - (no file)
    O3 - Toolbar: AOL Toolbar - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - C:\Program Files\AOL Toolbar\toolbar.dll
    O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
    O3 - Toolbar: Compagnon Web Encarta - {147D6308-0614-4112-89B1-31402F9B82C4} - C:\Program Files\Fichiers communs\Microsoft Shared\Encarta Web Companion\ENCWCBAR.DLL
    O3 - Toolbar: (no name) - {E0E899AB-F487-11D5-8D29-0050BA6940E3} - (no file)
    O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
    O4 - HKLM\..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe
    O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd
    O4 - HKLM\..\Run: [BDSwitchAgent] "C:\PROGRA~1\softwin\BITDEF~1\bdswitch.exe"
    O4 - HKLM\..\Run: [BDNewsAgent] "C:\PROGRA~1\softwin\BITDEF~1\bdnagent.exe"
    O4 - HKLM\..\Run: [BDMCon] c:\PROGRA~1\softwin\BITDEF~1\bdmcon.exe
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
    O4 - HKLM\..\Run: [DAEMON Tools] "C:\Program Files\DAEMON Tools\daemon.exe" -lang 1033 -noicon
    O4 - HKLM\..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe
    O4 - HKCU\..\Run: [TheTurtle] C:\Program Files\TheTurtle\TheTurtle.exe
    O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
    O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
    O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
    O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
    O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
    O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
    O4 - Global Startup: WiFi Station.lnk = ?
    O8 - Extra context menu item: &Recherche AOL Toolbar - res://C:\Program Files\AOL Toolbar\toolbar.dll/SEARCH.HTML
    O8 - Extra context menu item: &Suchen - res://C:\WINDOWS\system32\Suchspur.dll/Suchspur.HTM
    O8 - Extra context menu item: Download with GetRight - C:\Program Files\GetRight\GRdownload.htm
    O8 - Extra context menu item: Download with Go!Zilla - file://C:\Program Files\Go!Zilla\download-with-gozilla.html
    O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office10\EXCEL.EXE/3000
    O8 - Extra context menu item: Open with GetRight Browser - C:\Program Files\GetRight\GRbrowse.htm
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
    O9 - Extra button: AOL Toolbar - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - C:\Program Files\AOL Toolbar\toolbar.dll
    O9 - Extra 'Tools' menuitem: AOL Toolbar - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - C:\Program Files\AOL Toolbar\toolbar.dll
    O9 - Extra button: (no name) - {B205A35E-1FC4-4CE3-818B-899DBBB3388C} - C:\Program Files\Fichiers communs\Microsoft Shared\Encarta Search Bar\ENCSBAR.DLL
    O9 - Extra button: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Program Files\PartyGaming\PartyPoker\RunApp.exe (file missing)
    O9 - Extra 'Tools' menuitem: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Program Files\PartyGaming\PartyPoker\RunApp.exe (file missing)
    O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll
    O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
    O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Contro...
    O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Contro...
    O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/2005111401/housecall...
    O16 - DPF: {DECEAAA2-370A-49BB-9362-68C3A58DDC62} - http://static.zangocash.com/cab/Seekmo/ie/bridge-c570.c...
    O17 - HKLM\System\CCS\Services\Tcpip\..\{51D740B6-7703-4BB7-8C13-FD80FAE3256D}: NameServer = 192.168.2.1
    O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
    O23 - Service: AOL Connectivity Service (AOL ACS) - America Online, Inc. - C:\PROGRA~1\FICHIE~1\AOL\ACS\AOLacsd.exe
    O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
    O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
    O23 - Service: BitDefender Scan Server (bdss) - Unknown owner - C:\Program Files\Fichiers communs\Softwin\BitDefender Scan Server\bdss.exe
    O23 - Service: Intel® Quick Resume Technology Drivers (ELService) - Intel Corporation - C:\Program Files\Intel\IntelDH\Intel(R) Quick Resume Technology\ELService.exe
    O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
    O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMon) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\iaantmon.exe
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
    O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
    O23 - Service: BitDefender Desktop Update Service (LIVESRV) - SOFTWIN S.R.L. - C:\Program Files\Fichiers communs\Softwin\BitDefender Update Service\livesrv.exe
    O23 - Service: PoliceService - Unknown owner - C:\WINDOWS\system32\srksrv.exe
    O23 - Service: Cycling Manager 2007 Drivers Auto Removal (pr2akt6c) (pr2akt6c) - Cyanide - C:\WINDOWS\system32\pr2akt6c.exe
    O23 - Service: TuneUp WinStyler Theme Service (TUWinStylerThemeSvc) - TuneUp Software GmbH - C:\Program Files\TuneUp Utilities 2006\WinStylerThemeSvc.exe
    O23 - Service: BitDefender Virus Shield (VSSERV) - SOFTWIN S.R.L. - C:\Program Files\Softwin\BitDefender9\vsserv.exe
    O23 - Service: X10 Device Network Service (x10nets) - X10 - C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe
    O23 - Service: BitDefender Communicator (XCOMM) - Softwin - C:\Program Files\Fichiers communs\Softwin\BitDefender Communicator\xcommsvr.exe

    --
    End of file - 10843 bytes



    merci!
    a b 8 Sécurité
    22 Septembre 2007 19:27:17

    Re,

    Télécharge Clean.zip (de Malekal),
    Décompresse-le sur ton bureau (Clique-Droit/Extraire tout), tu dois obtenir un dossier Clean.
    Ouvre le dossier clean, double-clique sur clean.cmd.
    Choisis l'option 1 puis patiente. Poste ensuite le contenu du rapport.
    23 Septembre 2007 09:31:56

    2007-09-23 a 9:28:51.46

    *** Recherche des fichiers dans C:

    *** Recherche des fichiers dans C:\WINDOWS\

    *** Recherche des fichiers dans C:\WINDOWS\system32
    C:\WINDOWS\system32\bdod.bin FOUND
    C:\WINDOWS\system32\mcrh.tmp FOUND

    *** Recherche des fichiers dans C:\Program Files
    "C:\Program Files\PartyGaming\" FOUND
    "C:\Program Files\Viewpoint\" FOUND
    *** Fin du rapport !

    Voila
    a b 8 Sécurité
    23 Septembre 2007 12:06:37

    Re,

    Télécharge puis installe AVG Anti-Spyware (AVG AS)
    Fais les mises à jour mais ne lance pas de scan pour le moment.
    AIDE : Tuto sur AVG Anti-Spyware (Malekal)

    Redémarre en mode sans échec

    Relance AVG AS :
    - Choisis l'onglet "Analyse"
    - Puis l'onglet "Paramètres"
    - Sous la question "Comment réagir ?", clique sur "Actions recommandées" et choisis "Quarantaine"
    - Re-clique sur l'onglet "Analyse" puis réalise une "Analyse complète du système"

    [#ff0000]Si un fichier est infecté en fin d'analyse, clique sur "Appliquer toutes les actions"[/#f]

    Clique sur "Enregistrer le rapport" puis sur "Enregistrer le rapport sous"
    Enregistre ce fichier texte sur ton bureau.

    Ouvre le dossier clean, double-clique sur clean.cmd.
    Choisis l'option 2 puis patiente.

    Redémarre normalement.
    Poste le rapport AVG AS ainsi qu'un rapport Hijackthis.

    Poste le rapport clean : C:\rapport_clean.txt
    23 Septembre 2007 14:42:27

    Citation :
    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 14:41, on 2007-09-23
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\csrss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\Ati2evxx.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\PROGRA~1\FICHIE~1\AOL\ACS\AOLacsd.exe
    C:\WINDOWS\arservice.exe
    C:\WINDOWS\system32\Ati2evxx.exe
    C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
    C:\WINDOWS\eHome\ehRecvr.exe
    C:\WINDOWS\eHome\ehSched.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\Intel\Intel Matrix Storage Manager\iaantmon.exe
    C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
    C:\WINDOWS\Explorer.EXE
    C:\WINDOWS\system32\srksrv.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\svchost.exe
    C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe
    C:\Program Files\Fichiers communs\Softwin\BitDefender Communicator\xcommsvr.exe
    C:\Program Files\Intel\IntelDH\Intel(R) Quick Resume Technology\ELService.exe
    C:\WINDOWS\ehome\mcrdsvc.exe
    C:\Program Files\Windows Media Player\WMPNetwk.exe
    C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe
    C:\WINDOWS\system32\RunDll32.exe
    C:\progra~1\softwin\bitdef~1\bdswitch.exe
    C:\progra~1\softwin\bitdef~1\bdnagent.exe
    C:\Program Files\QuickTime\qttask.exe
    C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.EXE
    C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe
    C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
    C:\Program Files\TheTurtle\TheTurtle.exe
    C:\Program Files\Windows Media Player\WMPNSCFG.exe
    C:\Program Files\Hercules\WiFi Station\WifiStation.exe
    C:\WINDOWS\system32\dllhost.exe
    C:\WINDOWS\System32\alg.exe
    C:\Program Files\Mozilla Firefox\firefox.exe
    C:\Program Files\Fichiers communs\Softwin\BitDefender Update Service\livesrv.exe
    C:\Program Files\Fichiers communs\Softwin\BitDefender Scan Server\bdss.exe
    C:\Program Files\Softwin\BitDefender9\vsserv.exe
    c:\progra~1\softwin\bitdef~1\bdmcon.exe
    C:\WINDOWS\system32\notepad.exe
    C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
    C:\WINDOWS\system32\wbem\wmiprvse.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.neo.cx
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
    O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
    O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
    O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
    O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
    O2 - BHO: BHO pour Compagnon Web Encarta - {955BE0B8-BC85-4CAF-856E-8E0D8B610560} - C:\Program Files\Fichiers communs\Microsoft Shared\Encarta Web Companion\ENCWCBAR.DLL
    O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
    O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll
    O2 - BHO: (no name) - {CD4C3CF0-4B15-11D1-ABED-709549C10000} - (no file)
    O3 - Toolbar: AOL Toolbar - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - C:\Program Files\AOL Toolbar\toolbar.dll
    O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
    O3 - Toolbar: Compagnon Web Encarta - {147D6308-0614-4112-89B1-31402F9B82C4} - C:\Program Files\Fichiers communs\Microsoft Shared\Encarta Web Companion\ENCWCBAR.DLL
    O3 - Toolbar: (no name) - {E0E899AB-F487-11D5-8D29-0050BA6940E3} - (no file)
    O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
    O4 - HKLM\..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe
    O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd
    O4 - HKLM\..\Run: [BDSwitchAgent] "c:\progra~1\softwin\bitdef~1\bdswitch.exe"
    O4 - HKLM\..\Run: [BDNewsAgent] "c:\progra~1\softwin\bitdef~1\bdnagent.exe"
    O4 - HKLM\..\Run: [BDMCon] c:\PROGRA~1\softwin\BITDEF~1\bdmcon.exe
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
    O4 - HKLM\..\Run: [DAEMON Tools] "C:\Program Files\DAEMON Tools\daemon.exe" -lang 1033 -noicon
    O4 - HKLM\..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe
    O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
    O4 - HKCU\..\Run: [TheTurtle] C:\Program Files\TheTurtle\TheTurtle.exe
    O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
    O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
    O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
    O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
    O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
    O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
    O4 - Global Startup: WiFi Station.lnk = ?
    O8 - Extra context menu item: &Recherche AOL Toolbar - res://C:\Program Files\AOL Toolbar\toolbar.dll/SEARCH.HTML
    O8 - Extra context menu item: &Suchen - res://C:\WINDOWS\system32\Suchspur.dll/Suchspur.HTM
    O8 - Extra context menu item: Download with GetRight - C:\Program Files\GetRight\GRdownload.htm
    O8 - Extra context menu item: Download with Go!Zilla - file://C:\Program Files\Go!Zilla\download-with-gozilla.html
    O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office10\EXCEL.EXE/3000
    O8 - Extra context menu item: Open with GetRight Browser - C:\Program Files\GetRight\GRbrowse.htm
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
    O9 - Extra button: AOL Toolbar - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - C:\Program Files\AOL Toolbar\toolbar.dll
    O9 - Extra 'Tools' menuitem: AOL Toolbar - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - C:\Program Files\AOL Toolbar\toolbar.dll
    O9 - Extra button: (no name) - {B205A35E-1FC4-4CE3-818B-899DBBB3388C} - C:\Program Files\Fichiers communs\Microsoft Shared\Encarta Search Bar\ENCSBAR.DLL
    O9 - Extra button: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Program Files\PartyGaming\PartyPoker\RunApp.exe (file missing)
    O9 - Extra 'Tools' menuitem: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Program Files\PartyGaming\PartyPoker\RunApp.exe (file missing)
    O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll
    O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
    O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Contro...
    O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Contro...
    O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/2005111401/housecall...
    O16 - DPF: {DECEAAA2-370A-49BB-9362-68C3A58DDC62} - http://static.zangocash.com/cab/Seekmo/ie/bridge-c570.c...
    O17 - HKLM\System\CCS\Services\Tcpip\..\{51D740B6-7703-4BB7-8C13-FD80FAE3256D}: NameServer = 192.168.2.1
    O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
    O23 - Service: AOL Connectivity Service (AOL ACS) - America Online, Inc. - C:\PROGRA~1\FICHIE~1\AOL\ACS\AOLacsd.exe
    O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
    O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
    O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
    O23 - Service: BitDefender Scan Server (bdss) - Unknown owner - C:\Program Files\Fichiers communs\Softwin\BitDefender Scan Server\bdss.exe
    O23 - Service: Intel® Quick Resume Technology Drivers (ELService) - Intel Corporation - C:\Program Files\Intel\IntelDH\Intel(R) Quick Resume Technology\ELService.exe
    O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
    O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMon) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\iaantmon.exe
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
    O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
    O23 - Service: BitDefender Desktop Update Service (LIVESRV) - SOFTWIN S.R.L. - C:\Program Files\Fichiers communs\Softwin\BitDefender Update Service\livesrv.exe
    O23 - Service: PoliceService - Unknown owner - C:\WINDOWS\system32\srksrv.exe
    O23 - Service: Cycling Manager 2007 Drivers Auto Removal (pr2akt6c) (pr2akt6c) - Cyanide - C:\WINDOWS\system32\pr2akt6c.exe
    O23 - Service: TuneUp WinStyler Theme Service (TUWinStylerThemeSvc) - TuneUp Software GmbH - C:\Program Files\TuneUp Utilities 2006\WinStylerThemeSvc.exe
    O23 - Service: BitDefender Virus Shield (VSSERV) - SOFTWIN S.R.L. - C:\Program Files\Softwin\BitDefender9\vsserv.exe
    O23 - Service: X10 Device Network Service (x10nets) - X10 - C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe
    O23 - Service: BitDefender Communicator (XCOMM) - Softwin - C:\Program Files\Fichiers communs\Softwin\BitDefender Communicator\xcommsvr.exe

    --
    End of file - 11131 bytes




    Citation :
    Rapport clean par Malekal_morte - http://www.malekal.com
    Script execute en mode sans echec 2007-09-23 a 14:38:32.81

    Microsoft Windows XP [version 5.1.2600]

    *** Suppression des fichiers dans C:

    *** Suppression des fichiers dans C:\WINDOWS\

    *** Suppression des fichiers dans C:\WINDOWS\system32
    tentative de suppression de C:\WINDOWS\system32\bdod.bin
    tentative de suppression de C:\WINDOWS\system32\mcrh.tmp

    *** Suppression des fichiers dans C:\Program Files
    tentative de suppression de "C:\Program Files\PartyGaming\"
    tentative de suppression de "C:\Program Files\Viewpoint\"

    *** Suppression des clefs du registre effectuee..
    *** Fin du rapport !


    j'ai pas vu ou j'ai enregistrer le rapport avg (je crois que j'ai mal fait la manipulation) c'est assez embetant si tu l'as pas ? car l'analyse m'a pris 2h20, donc j'ai pas trop envie de la refaire tout de suite, mais si cela est nécessaire je la ferais.
    a b 8 Sécurité
    23 Septembre 2007 15:12:17

    Tu n'as pas un onglet Rapport/Reports dans AVG ?
    23 Septembre 2007 15:25:35

    si, mais aucun rapport disponible :( 
    a b 8 Sécurité
    23 Septembre 2007 16:02:21

    Pas grave.

    Fix les lignes en italique ci-dessous avec Hijackthis : AIDE EN IMAGES

    O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
    O2 - BHO: (no name) - {CD4C3CF0-4B15-11D1-ABED-709549C10000} - (no file)
    O3 - Toolbar: (no name) - {E0E899AB-F487-11D5-8D29-0050BA6940E3} - (no file)
    23 Septembre 2007 17:21:15

    Voila c'est fait.
    a b 8 Sécurité
    23 Septembre 2007 17:24:46

    Reposte un rapport Hijackthis.
    23 Septembre 2007 17:45:36

    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 17:45, on 2007-09-23
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\csrss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\Ati2evxx.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\PROGRA~1\FICHIE~1\AOL\ACS\AOLacsd.exe
    C:\WINDOWS\arservice.exe
    C:\WINDOWS\system32\Ati2evxx.exe
    C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
    C:\WINDOWS\eHome\ehRecvr.exe
    C:\WINDOWS\eHome\ehSched.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\Intel\Intel Matrix Storage Manager\iaantmon.exe
    C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
    C:\WINDOWS\Explorer.EXE
    C:\WINDOWS\system32\srksrv.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\svchost.exe
    C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe
    C:\Program Files\Fichiers communs\Softwin\BitDefender Communicator\xcommsvr.exe
    C:\Program Files\Intel\IntelDH\Intel(R) Quick Resume Technology\ELService.exe
    C:\WINDOWS\ehome\mcrdsvc.exe
    C:\Program Files\Windows Media Player\WMPNetwk.exe
    C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe
    C:\WINDOWS\system32\RunDll32.exe
    C:\progra~1\softwin\bitdef~1\bdswitch.exe
    C:\progra~1\softwin\bitdef~1\bdnagent.exe
    C:\Program Files\QuickTime\qttask.exe
    C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.EXE
    C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe
    C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
    C:\Program Files\TheTurtle\TheTurtle.exe
    C:\Program Files\Windows Media Player\WMPNSCFG.exe
    C:\Program Files\Hercules\WiFi Station\WifiStation.exe
    C:\WINDOWS\system32\dllhost.exe
    C:\WINDOWS\System32\alg.exe
    C:\Program Files\MSN Messenger\usnsvc.exe
    C:\Program Files\GetRight\getright.exe
    C:\Program Files\GetRight\getright.exe
    C:\Program Files\Mozilla Firefox\firefox.exe
    C:\Program Files\Fichiers communs\Softwin\BitDefender Update Service\livesrv.exe
    C:\Program Files\Fichiers communs\Softwin\BitDefender Scan Server\bdss.exe
    C:\Program Files\Softwin\BitDefender9\vsserv.exe
    c:\progra~1\softwin\bitdef~1\bdmcon.exe
    C:\Program Files\WinRAR\WinRAR.exe
    C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
    C:\WINDOWS\system32\wbem\wmiprvse.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.neo.cx
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
    O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
    O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
    O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
    O2 - BHO: BHO pour Compagnon Web Encarta - {955BE0B8-BC85-4CAF-856E-8E0D8B610560} - C:\Program Files\Fichiers communs\Microsoft Shared\Encarta Web Companion\ENCWCBAR.DLL
    O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
    O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll
    O3 - Toolbar: AOL Toolbar - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - C:\Program Files\AOL Toolbar\toolbar.dll
    O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
    O3 - Toolbar: Compagnon Web Encarta - {147D6308-0614-4112-89B1-31402F9B82C4} - C:\Program Files\Fichiers communs\Microsoft Shared\Encarta Web Companion\ENCWCBAR.DLL
    O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
    O4 - HKLM\..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe
    O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd
    O4 - HKLM\..\Run: [BDSwitchAgent] "c:\progra~1\softwin\bitdef~1\bdswitch.exe"
    O4 - HKLM\..\Run: [BDNewsAgent] "c:\progra~1\softwin\bitdef~1\bdnagent.exe"
    O4 - HKLM\..\Run: [BDMCon] c:\PROGRA~1\softwin\BITDEF~1\bdmcon.exe
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
    O4 - HKLM\..\Run: [DAEMON Tools] "C:\Program Files\DAEMON Tools\daemon.exe" -lang 1033 -noicon
    O4 - HKLM\..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe
    O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
    O4 - HKCU\..\Run: [TheTurtle] C:\Program Files\TheTurtle\TheTurtle.exe
    O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
    O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
    O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
    O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
    O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
    O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
    O4 - Global Startup: WiFi Station.lnk = ?
    O8 - Extra context menu item: &Recherche AOL Toolbar - res://C:\Program Files\AOL Toolbar\toolbar.dll/SEARCH.HTML
    O8 - Extra context menu item: &Suchen - res://C:\WINDOWS\system32\Suchspur.dll/Suchspur.HTM
    O8 - Extra context menu item: Download with GetRight - C:\Program Files\GetRight\GRdownload.htm
    O8 - Extra context menu item: Download with Go!Zilla - file://C:\Program Files\Go!Zilla\download-with-gozilla.html
    O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office10\EXCEL.EXE/3000
    O8 - Extra context menu item: Open with GetRight Browser - C:\Program Files\GetRight\GRbrowse.htm
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
    O9 - Extra button: AOL Toolbar - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - C:\Program Files\AOL Toolbar\toolbar.dll
    O9 - Extra 'Tools' menuitem: AOL Toolbar - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - C:\Program Files\AOL Toolbar\toolbar.dll
    O9 - Extra button: (no name) - {B205A35E-1FC4-4CE3-818B-899DBBB3388C} - C:\Program Files\Fichiers communs\Microsoft Shared\Encarta Search Bar\ENCSBAR.DLL
    O9 - Extra button: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Program Files\PartyGaming\PartyPoker\RunApp.exe (file missing)
    O9 - Extra 'Tools' menuitem: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Program Files\PartyGaming\PartyPoker\RunApp.exe (file missing)
    O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll
    O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
    O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Contro...
    O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Contro...
    O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/2005111401/housecall...
    O16 - DPF: {DECEAAA2-370A-49BB-9362-68C3A58DDC62} - http://static.zangocash.com/cab/Seekmo/ie/bridge-c570.c...
    O17 - HKLM\System\CCS\Services\Tcpip\..\{51D740B6-7703-4BB7-8C13-FD80FAE3256D}: NameServer = 192.168.2.1
    O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
    O23 - Service: AOL Connectivity Service (AOL ACS) - America Online, Inc. - C:\PROGRA~1\FICHIE~1\AOL\ACS\AOLacsd.exe
    O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
    O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
    O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
    O23 - Service: BitDefender Scan Server (bdss) - Unknown owner - C:\Program Files\Fichiers communs\Softwin\BitDefender Scan Server\bdss.exe
    O23 - Service: Intel® Quick Resume Technology Drivers (ELService) - Intel Corporation - C:\Program Files\Intel\IntelDH\Intel(R) Quick Resume Technology\ELService.exe
    O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
    O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMon) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\iaantmon.exe
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
    O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
    O23 - Service: BitDefender Desktop Update Service (LIVESRV) - SOFTWIN S.R.L. - C:\Program Files\Fichiers communs\Softwin\BitDefender Update Service\livesrv.exe
    O23 - Service: PoliceService - Unknown owner - C:\WINDOWS\system32\srksrv.exe
    O23 - Service: Cycling Manager 2007 Drivers Auto Removal (pr2akt6c) (pr2akt6c) - Cyanide - C:\WINDOWS\system32\pr2akt6c.exe
    O23 - Service: TuneUp WinStyler Theme Service (TUWinStylerThemeSvc) - TuneUp Software GmbH - C:\Program Files\TuneUp Utilities 2006\WinStylerThemeSvc.exe
    O23 - Service: BitDefender Virus Shield (VSSERV) - SOFTWIN S.R.L. - C:\Program Files\Softwin\BitDefender9\vsserv.exe
    O23 - Service: X10 Device Network Service (x10nets) - X10 - C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe
    O23 - Service: BitDefender Communicator (XCOMM) - Softwin - C:\Program Files\Fichiers communs\Softwin\BitDefender Communicator\xcommsvr.exe

    --
    End of file - 11031 bytes
    23 Septembre 2007 17:45:51

    Citation :
    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 17:45, on 2007-09-23
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\csrss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\Ati2evxx.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\PROGRA~1\FICHIE~1\AOL\ACS\AOLacsd.exe
    C:\WINDOWS\arservice.exe
    C:\WINDOWS\system32\Ati2evxx.exe
    C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
    C:\WINDOWS\eHome\ehRecvr.exe
    C:\WINDOWS\eHome\ehSched.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\Intel\Intel Matrix Storage Manager\iaantmon.exe
    C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
    C:\WINDOWS\Explorer.EXE
    C:\WINDOWS\system32\srksrv.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\svchost.exe
    C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe
    C:\Program Files\Fichiers communs\Softwin\BitDefender Communicator\xcommsvr.exe
    C:\Program Files\Intel\IntelDH\Intel(R) Quick Resume Technology\ELService.exe
    C:\WINDOWS\ehome\mcrdsvc.exe
    C:\Program Files\Windows Media Player\WMPNetwk.exe
    C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe
    C:\WINDOWS\system32\RunDll32.exe
    C:\progra~1\softwin\bitdef~1\bdswitch.exe
    C:\progra~1\softwin\bitdef~1\bdnagent.exe
    C:\Program Files\QuickTime\qttask.exe
    C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.EXE
    C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe
    C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
    C:\Program Files\TheTurtle\TheTurtle.exe
    C:\Program Files\Windows Media Player\WMPNSCFG.exe
    C:\Program Files\Hercules\WiFi Station\WifiStation.exe
    C:\WINDOWS\system32\dllhost.exe
    C:\WINDOWS\System32\alg.exe
    C:\Program Files\MSN Messenger\usnsvc.exe
    C:\Program Files\GetRight\getright.exe
    C:\Program Files\GetRight\getright.exe
    C:\Program Files\Mozilla Firefox\firefox.exe
    C:\Program Files\Fichiers communs\Softwin\BitDefender Update Service\livesrv.exe
    C:\Program Files\Fichiers communs\Softwin\BitDefender Scan Server\bdss.exe
    C:\Program Files\Softwin\BitDefender9\vsserv.exe
    c:\progra~1\softwin\bitdef~1\bdmcon.exe
    C:\Program Files\WinRAR\WinRAR.exe
    C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
    C:\WINDOWS\system32\wbem\wmiprvse.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.neo.cx
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
    O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
    O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
    O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
    O2 - BHO: BHO pour Compagnon Web Encarta - {955BE0B8-BC85-4CAF-856E-8E0D8B610560} - C:\Program Files\Fichiers communs\Microsoft Shared\Encarta Web Companion\ENCWCBAR.DLL
    O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
    O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll
    O3 - Toolbar: AOL Toolbar - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - C:\Program Files\AOL Toolbar\toolbar.dll
    O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
    O3 - Toolbar: Compagnon Web Encarta - {147D6308-0614-4112-89B1-31402F9B82C4} - C:\Program Files\Fichiers communs\Microsoft Shared\Encarta Web Companion\ENCWCBAR.DLL
    O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
    O4 - HKLM\..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe
    O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd
    O4 - HKLM\..\Run: [BDSwitchAgent] "c:\progra~1\softwin\bitdef~1\bdswitch.exe"
    O4 - HKLM\..\Run: [BDNewsAgent] "c:\progra~1\softwin\bitdef~1\bdnagent.exe"
    O4 - HKLM\..\Run: [BDMCon] c:\PROGRA~1\softwin\BITDEF~1\bdmcon.exe
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
    O4 - HKLM\..\Run: [DAEMON Tools] "C:\Program Files\DAEMON Tools\daemon.exe" -lang 1033 -noicon
    O4 - HKLM\..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe
    O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
    O4 - HKCU\..\Run: [TheTurtle] C:\Program Files\TheTurtle\TheTurtle.exe
    O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
    O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
    O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
    O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
    O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
    O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
    O4 - Global Startup: WiFi Station.lnk = ?
    O8 - Extra context menu item: &Recherche AOL Toolbar - res://C:\Program Files\AOL Toolbar\toolbar.dll/SEARCH.HTML
    O8 - Extra context menu item: &Suchen - res://C:\WINDOWS\system32\Suchspur.dll/Suchspur.HTM
    O8 - Extra context menu item: Download with GetRight - C:\Program Files\GetRight\GRdownload.htm
    O8 - Extra context menu item: Download with Go!Zilla - file://C:\Program Files\Go!Zilla\download-with-gozilla.html
    O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office10\EXCEL.EXE/3000
    O8 - Extra context menu item: Open with GetRight Browser - C:\Program Files\GetRight\GRbrowse.htm
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
    O9 - Extra button: AOL Toolbar - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - C:\Program Files\AOL Toolbar\toolbar.dll
    O9 - Extra 'Tools' menuitem: AOL Toolbar - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - C:\Program Files\AOL Toolbar\toolbar.dll
    O9 - Extra button: (no name) - {B205A35E-1FC4-4CE3-818B-899DBBB3388C} - C:\Program Files\Fichiers communs\Microsoft Shared\Encarta Search Bar\ENCSBAR.DLL
    O9 - Extra button: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Program Files\PartyGaming\PartyPoker\RunApp.exe (file missing)
    O9 - Extra 'Tools' menuitem: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Program Files\PartyGaming\PartyPoker\RunApp.exe (file missing)
    O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll
    O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
    O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Contro...
    O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Contro...
    O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/2005111401/housecall...
    O16 - DPF: {DECEAAA2-370A-49BB-9362-68C3A58DDC62} - http://static.zangocash.com/cab/Seekmo/ie/bridge-c570.c...
    O17 - HKLM\System\CCS\Services\Tcpip\..\{51D740B6-7703-4BB7-8C13-FD80FAE3256D}: NameServer = 192.168.2.1
    O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
    O23 - Service: AOL Connectivity Service (AOL ACS) - America Online, Inc. - C:\PROGRA~1\FICHIE~1\AOL\ACS\AOLacsd.exe
    O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
    O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
    O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
    O23 - Service: BitDefender Scan Server (bdss) - Unknown owner - C:\Program Files\Fichiers communs\Softwin\BitDefender Scan Server\bdss.exe
    O23 - Service: Intel® Quick Resume Technology Drivers (ELService) - Intel Corporation - C:\Program Files\Intel\IntelDH\Intel(R) Quick Resume Technology\ELService.exe
    O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
    O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMon) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\iaantmon.exe
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
    O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
    O23 - Service: BitDefender Desktop Update Service (LIVESRV) - SOFTWIN S.R.L. - C:\Program Files\Fichiers communs\Softwin\BitDefender Update Service\livesrv.exe
    O23 - Service: PoliceService - Unknown owner - C:\WINDOWS\system32\srksrv.exe
    O23 - Service: Cycling Manager 2007 Drivers Auto Removal (pr2akt6c) (pr2akt6c) - Cyanide - C:\WINDOWS\system32\pr2akt6c.exe
    O23 - Service: TuneUp WinStyler Theme Service (TUWinStylerThemeSvc) - TuneUp Software GmbH - C:\Program Files\TuneUp Utilities 2006\WinStylerThemeSvc.exe
    O23 - Service: BitDefender Virus Shield (VSSERV) - SOFTWIN S.R.L. - C:\Program Files\Softwin\BitDefender9\vsserv.exe
    O23 - Service: X10 Device Network Service (x10nets) - X10 - C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe
    O23 - Service: BitDefender Communicator (XCOMM) - Softwin - C:\Program Files\Fichiers communs\Softwin\BitDefender Communicator\xcommsvr.exe

    --
    End of file - 11031 bytes
    23 Septembre 2007 18:23:28

    Voila :) 
    a b 8 Sécurité
    23 Septembre 2007 18:24:58

    C'est mieux ?
    23 Septembre 2007 20:12:45

    oui, plus d'alerte depuis, je te tiens au courant demain soir si j'ai reçu des nouvelles alertes, en tout cas merci beaucoup!
    a b 8 Sécurité
    23 Septembre 2007 20:24:27

    Ok ;) 
    24 Septembre 2007 17:28:29

    Donc c'est bon, toujours aucune alerte :) 
    Merci Encore!
    a b 8 Sécurité
    24 Septembre 2007 17:52:23

    Bon surf ;) 
    Tom's guide dans le monde
    • Allemagne
    • Italie
    • Irlande
    • Royaume Uni
    • Etats Unis
    Suivre Tom's Guide
    Inscrivez-vous à la Newsletter
    • ajouter à twitter
    • ajouter à facebook
    • ajouter un flux RSS