Sujet Précédent Sujet Suivant

Fenetre IE qui s'ouvre au demarrage du pc

Fermé
sally9 Messages postés 9 Date d'inscription lundi 31 décembre 2007 Statut Membre Dernière intervention 5 janvier 2008 - 31 déc. 2007 à 18:45
Regis59 Messages postés 21143 Date d'inscription mardi 27 juin 2006 Statut Contributeur sécurité Dernière intervention 22 juin 2016 - 5 janv. 2008 à 17:53
Bonjour, j'ai un problème au demarrage de mon pc systématiquement une fenêtre IE de pub (les secrets du net pour gagner de l'argent) s'ouvre toute seule, j'ai fait spypot, adware et ccleaner mais rien n'y fait. Pouvez vous m'aidez SVP
A voir également:

16 réponses

Réponse 1 / 16
lemafieu Messages postés 238 Date d'inscription vendredi 7 septembre 2007 Statut Membre Dernière intervention 18 mai 2008 17
31 déc. 2007 à 18:49
salut
deja je te conseille de télécharger firefox ca t'arrivera moins souvent et tu va voir c'est un super navigateur incomparable a IE 6 ;) , ensuite je pense que tu peut résoudre ca avec spybot:
passe en mode avancé et va dans l'onglet outil , et regarde dans "objets de démarage" il dois y être ;)
0
Réponse 2 / 16
Regis59 Messages postés 21143 Date d'inscription mardi 27 juin 2006 Statut Contributeur sécurité Dernière intervention 22 juin 2016 1 320
31 déc. 2007 à 23:11
Bienvenue sur le forum d’entraide de CommentCaMarche.net

Nous connaissons votre situation et nous vous conseillons de ne surtout pas vous inquiéter.
De plus, au vu du nombre croissant de désinfections effectuées sur le forum, nous vous demandons un peu de patience et surtout de ne pas créer plusieurs postes pour le même problème.
Merci de votre compréhension.

Télécharge HijackThis ici:
http://telechargement.zebulon.fr/138-hijackthis-1991.html

Dézippe le dans un dossier prévu à cet effet.
Par exemple C:\hijackthis < Enregistre-le bien dans c : !
Démo : (Merci a Balltrap34 pour cette réalisation)
http://pageperso.aol.fr/balltrap34/Hijenr.gif

Lance le puis:
Clique sur "do a system scan and save logfile" (cf démo)
Faire un copier coller du log entier sur le forum

Démo : (Merci a Balltrap34 pour cette réalisation)
http://pageperso.aol.fr/balltrap34/demohijack.htm

Bon courage

A+
0
Réponse 3 / 16
sally9 Messages postés 9 Date d'inscription lundi 31 décembre 2007 Statut Membre Dernière intervention 5 janvier 2008
1 janv. 2008 à 04:10
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 03:58:32, on 01/01/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\SYSTEM32\ZoneLabs\vsmon.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\RunDll32.exe
C:\WINDOWS\system32\qttask.exe
C:\Program Files\ScanSoft\OmniPageSE2.0\OpwareSE2.exe
C:\Program Files\HP\hpcoretech\hpcmpmgr.exe
C:\Program Files\Logitech\Video\LogiTray.exe
C:\Program Files\Pinnacle\Shared Files\Programs\USBTip\USBTip.exe
C:\Program Files\Trust\DS-3300X Wireless Optical Deskset\Keyboard\kbdap32a.EXE
C:\Program Files\Trust\DS-3300X Wireless Optical Deskset\Mouse\mouse32a.exe
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe
C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
C:\Program Files\Shareaza\Shareaza.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\VIA\RAID\raid_tool.exe
C:\WINDOWS\system32\LVComS.exe
C:\Program Files\Fichiers communs\Teleca Shared\CapabilityManager.exe
C:\Program Files\Skype\Plugin Manager\skypePM.exe
C:\Program Files\Fichiers communs\Teleca Shared\Generic.exe
C:\Program Files\Sony Ericsson\Mobile2\Mobile Phone Monitor\epmworker.exe
C:\Program Files\MSN Messenger\usnsvc.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Documents and Settings\bob\Bureau\Nouveau dossier (2)\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\SYSTEM\blank.htm
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.update.microsoft.com/windowsupdate/v6/default.aspx
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O1 - Hosts: 1
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\SPYBOT~1\SDHelper.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar5.dll
O3 - Toolbar: Easy-WebPrint - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:\Program Files\Canon\Easy-WebPrint\Toolband.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar5.dll
O4 - HKLM\..\Run: [SystemTray] SysTray.Exe
O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd
O4 - HKLM\..\Run: [QuickTime Task] "C:\WINDOWS\system32\qttask.exe" -atboottime
O4 - HKLM\..\Run: [OpwareSE2] "C:\Program Files\ScanSoft\OmniPageSE2.0\OpwareSE2.exe"
O4 - HKLM\..\Run: [HP Component Manager] "C:\Program Files\HP\hpcoretech\hpcmpmgr.exe"
O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe
O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe
O4 - HKLM\..\Run: [USB2Check] RUNDLL32.EXE "C:\WINDOWS\system32\PCLECoInst.dll",CheckUSBController
O4 - HKLM\..\Run: [USBToolTip] "C:\Program Files\Pinnacle\Shared Files\Programs\USBTip\USBTip.exe"
O4 - HKLM\..\Run: [systemtask] C:\Documents and Settings\bob\~flx.exe
O4 - HKLM\..\Run: [OFFICEKB] C:\Program Files\Trust\DS-3300X Wireless Optical Deskset\Keyboard\kbdap32a.EXE
O4 - HKLM\..\Run: [FLMOFFICE4DMOUSE] C:\Program Files\Trust\DS-3300X Wireless Optical Deskset\Mouse\mouse32a.exe
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [AVP] "C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe"
O4 - HKLM\..\Run: [Sony Ericsson PC Suite] "C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe" /startoptions
O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [Shareaza] "C:\Program Files\Shareaza\Shareaza.exe" -tray
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Adobe Gamma Loader.exe.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: VIA RAID TOOL.lnk = C:\Program Files\VIA\RAID\raid_tool.exe
O8 - Extra context menu item: Add to Windows &Live Favorites - https://onedrive.live.com/?id=favorites
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: Easy-WebPrint Ajouter à la liste d'impressions - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_AddToList.html
O8 - Extra context menu item: Easy-WebPrint Impression rapide - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_HSPrint.html
O8 - Extra context menu item: Easy-WebPrint Imprimer - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_Print.html
O8 - Extra context menu item: Easy-WebPrint Prévisualiser - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_Preview.html
O9 - Extra button: Antivirus Internet - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\scieplugin.dll
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - https://www.kaspersky.fr/?domain=webscanner.kaspersky.fr
O16 - DPF: {112857FE-03FF-11D5-9A3F-0080C8D85044} (GameDesire Solitaires) - http://67.15.101.3/g_bin/eng/solitaire_2_0_0_27.cab
O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab31267.cab
O16 - DPF: {1A781DED-C22D-4153-3213-A3211E29DF13} (GameDesire Card Games) - http://67.15.101.3/g_bin/eng/cards_2_0_0_74.cab
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab
O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab31267.cab
O16 - DPF: {41ACD49D-1974-791A-0981-AA9872721044} (Ganymede Board Games) - http://67.15.101.33/g_bin/eng/boards_2_0_0_35.cab
O16 - DPF: {4B4513E2-4E57-43DF-9496-FCD37E9DFA64} (GameDesire Sea Battle) - http://67.15.101.3/g_bin/eng/navy_2_0_0_26.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://by117w.bay117.mail.live.com/mail/resources/MsnPUpld.cab
O16 - DPF: {5C051655-FCD5-4969-9182-770EA5AA5565} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown.cab56986.cab
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/...
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
O16 - DPF: {917623D1-D8E5-11D2-BE8B-00104B06BDE3} (CamImage Class) - http://webcam.asf.fr/AxisCamControl.ocx
O16 - DPF: {A1FE3DE0-CF77-11D4-8340-0080C8D7ED4A} (GameDesire Pinball Demon) - http://67.15.101.3/g_bin/eng/demon_2_0_0_22.cab
O16 - DPF: {A1FE3DEF-CF77-11D4-8340-0080C8D7ED4A} (GameDesire Pinball Pirate) - http://67.15.101.3/g_bin/eng/pirate_2_0_0_22.cab
O16 - DPF: {A6212120-01D4-11D5-9A39-0080C8D85044} (GameDesire Slots 70th) - http://67.15.101.3/g_bin/eng/slots70_2_0_0_26.cab
O16 - DPF: {A7196C8E-35A5-4FF0-9E46-E28918B5CAF6} (GameDesire Domino) - http://67.15.101.3/g_bin/eng/domino_2_0_0_28.cab
O16 - DPF: {A854AD6D-6DB5-41FB-8044-0BD38092A007} (Ganymede Sudoku) - http://67.15.101.3/g_bin/eng/sudoku_2_0_0_12.cab
O16 - DPF: {A9ED6AA2-D9D4-4D71-9586-E293E2E3580B} (GameDesire Marbles&Diamonds&Runes) - http://67.15.101.3/g_bin/eng/marbles_2_0_0_31.cab
O16 - DPF: {AC120B1D-9411-4111-AF52-118052D85D45} (GameDesire Darts Games) - http://67.15.101.3/g_bin/eng/darts_2_0_0_39.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://messenger.zone.msn.com/binary/ZIntro.cab32846.cab
O16 - DPF: {BD8667B7-38D8-4C77-B580-18C3E146372C} (Creative Toolbox Plug-in) - http://bmm.imgag.com/imgag/cp/install/crusher-fr.cab
O16 - DPF: {BFA1F11D-3121-AFE1-4112-983219421AEF} (GameDesire 1Player Word Games) - http://67.15.101.3/g_bin/eng/wordssingle_2_0_0_40.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {C45B1500-7B63-47C2-AB25-C28CB46AFDEE} (M6music player) - http://sib1.od2.com/common/musicmanager/installation/MusicManagerPlugin.CAB
O16 - DPF: {E1342154-4889-42B5-BEF6-19237577048F} (OberongamesLoader Object) - http://msnfr.oberon-media.com/online2/MSN_INTL_FRANCE/zuma/oberongamesloader.cab
O16 - DPF: {E23FABEE-12E3-33DA-DA12-195DAC123984} (GameDesire Mahjong) - http://67.15.101.3/g_bin/eng/mahjong_2_0_0_23.cab
O16 - DPF: {F6BF0D00-0B2A-4A75-BF7B-F385591623AF} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown.cab31267.cab
O16 - DPF: {FDDBE2B8-6602-4AD8-946D-94C5A32FA6C1} (GameDesire Pool 8) - http://67.15.101.3/g_bin/eng/billard8_2_0_0_35.cab
O16 - DPF: {FDDBE2B8-6602-4AD8-946D-94C5A32FA6C5} (GameDesire Snooker) - http://67.15.101.3/g_bin/eng/snooker_2_0_0_24.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL
O20 - AppInit_DLLs: 95.dll
O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\SYSTEM32\ati2sgag.exe
O23 - Service: Kaspersky Anti-Virus 6.0 (AVP) - Kaspersky Lab - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\SYSTEM32\ZoneLabs\vsmon.exe
0
Réponse 4 / 16
Regis59 Messages postés 21143 Date d'inscription mardi 27 juin 2006 Statut Contributeur sécurité Dernière intervention 22 juin 2016 1 320
1 janv. 2008 à 12:58
Re;

Oui impecable.Deux derniers scans, un peu plus long par contre.

1- Télécharge Combofix sUBs : http://download.bleepingcomputer.com/sUBs/ComboFix.exe
et sauvegarde le sur ton bureau et pas ailleurs!

Double-clic sur combofix, Il va te poser une question, réponds par la touche 1 et entrée pour valider.
Attends que combofix ait terminé, un rapport sera créé. Poste le rapport.

2- Installe ceci en suivant le tutorial:
http://www.malekal.com/tutorial_AVG_AntiSpyware.html
Fais un scan complet, supprime ce qu'il détectera et copie colle le rapport ici

;-)

a+
0

Vous n’avez pas trouvé la réponse que vous recherchez ?

Posez votre question
Réponse 5 / 16
sally9 Messages postés 9 Date d'inscription lundi 31 décembre 2007 Statut Membre Dernière intervention 5 janvier 2008
2 janv. 2008 à 04:01
Merci encore, j'ai fait ce que tu m'a demandé voila le rapport combofix :

ComboFix 07-12-31.4 - bob 2008-01-02 3:48:30.1 - NTFSx86
Microsoft Windows XP Professionnel 5.1.2600.2.1252.1.1036.18.470 [GMT 1:00]
Running from: C:\Documents and Settings\bob\Bureau\ComboFix.exe
* Created a new restore point
.

(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\WINDOWS\boot.ini
C:\WINDOWS\start.exe

.
((((((((((((((((((((((((((((( Fichiers créés 2007-12-02 to 2008-01-02 ))))))))))))))))))))))))))))))))))))
.

2008-01-02 03:46 . 2000-08-31 08:00 51,200 --a------ C:\WINDOWS\NirCmd.exe
2007-12-27 04:17 . 2003-02-24 14:40 2,787,840 --a------ C:\WINDOWS\SYSTEM\MSHTML.DLL
2007-12-27 03:53 . 2007-12-28 05:40 414 --a------ C:\WINDOWS\Fix IE Log.BAK
2007-12-27 03:51 . 2007-12-27 03:56 <REP> d-------- C:\Program Files\Power IE
2007-12-20 22:48 . 2007-12-20 22:48 244 --ah----- C:\sqmnoopt08.sqm
2007-12-20 22:48 . 2007-12-20 22:48 232 --ah----- C:\sqmdata08.sqm
2007-12-19 02:10 . 2007-12-19 02:14 <REP> d-------- C:\Documents and Settings\bob\NeoDivX Suite
2007-12-06 19:37 . 2006-12-14 02:08 <REP> d--h----- C:\Documents and Settings\LogMeInRemoteUser\Voisinage réseau
2007-12-06 19:37 . 2006-12-14 02:08 <REP> d--h----- C:\Documents and Settings\LogMeInRemoteUser\Voisinage d'impression
2007-12-06 19:37 . 2006-12-14 02:08 <REP> d--h----- C:\Documents and Settings\LogMeInRemoteUser\Modèles
2007-12-06 19:37 . 2006-12-14 02:08 <REP> d-------- C:\Documents and Settings\LogMeInRemoteUser\Mes documents
2007-12-06 19:37 . 2006-12-14 02:08 <REP> dr------- C:\Documents and Settings\LogMeInRemoteUser\Menu Démarrer
2007-12-06 19:37 . 2006-12-14 02:08 <REP> d-------- C:\Documents and Settings\LogMeInRemoteUser\Favoris
2007-12-06 19:37 . 2006-12-14 02:08 <REP> d-------- C:\Documents and Settings\LogMeInRemoteUser\Bureau
2007-12-06 19:35 . 2007-12-06 19:35 1,024 --a------ C:\.rnd
2007-12-03 20:55 . 2008-01-02 00:05 <REP> d-------- C:\Documents and Settings\bob\Application Data\skypePM
2007-12-03 20:55 . 2007-12-03 20:55 32 --a------ C:\Documents and Settings\All Users\Application Data\ezsid.dat
2007-12-03 20:49 . 2008-01-02 03:11 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Skype
2007-12-02 20:21 . 2007-12-02 20:21 <REP> d--hsc--- C:\Program Files\Fichiers communs\WindowsLiveInstaller
2007-12-02 19:52 . 2007-12-02 21:06 <REP> d-------- C:\Documents and Settings\bob\Contacts

.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-01-02 02:52 83,933,728 --sha-w C:\WINDOWS\system32\drivers\fidbox.dat
2008-01-02 02:52 4,172,320 --sha-w C:\WINDOWS\system32\drivers\fidbox2.dat
2008-01-02 02:17 393,008 --sha-w C:\WINDOWS\system32\drivers\fidbox2.idx
2008-01-02 02:17 1,126,460 --sha-w C:\WINDOWS\system32\drivers\fidbox.idx
2007-12-27 21:59 --------- d-----w C:\Documents and Settings\bob\Application Data\Canon
2007-12-27 01:17 --------- d-----w C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
2007-12-02 20:06 --------- d-----w C:\Documents and Settings\bob\Application Data\Screenshot Sender
2007-12-02 19:20 --------- d-----w C:\Documents and Settings\All Users\Application Data\WLInstaller
2007-12-02 19:17 --------- d-----w C:\Program Files\MSN Messenger
2007-11-24 02:38 --------- d-----w C:\Program Files\Mobile Phone Manager
2007-11-15 17:46 10,040 ----a-w C:\WINDOWS\SYSTEM32\lmimirr2.dll
2007-11-14 07:28 450,560 ----a-w C:\WINDOWS\SYSTEM32\dllcache\jscript.dll
2007-11-13 10:25 20,480 ----a-w C:\WINDOWS\system32\drivers\secdrv.sys
2007-11-09 20:44 --------- d-----w C:\Program Files\Dictionnaire
2007-11-04 02:35 12,361,814 ----a-w C:\WINDOWS\Internet Logs\tvDebug.zip
2007-10-30 10:18 3,079,680 ----a-w C:\WINDOWS\SYSTEM32\dllcache\mshtml.dll
2007-10-29 22:43 1,293,824 ----a-w C:\WINDOWS\SYSTEM32\quartz.dll
2007-10-29 22:43 1,293,824 ----a-w C:\WINDOWS\SYSTEM32\dllcache\quartz.dll
2007-10-25 16:56 8,510,976 ----a-w C:\WINDOWS\SYSTEM32\dllcache\shell32.dll
2007-10-25 08:28 222,720 ----a-w C:\WINDOWS\SYSTEM32\wmasf.dll
2007-10-25 08:28 222,720 ----a-w C:\WINDOWS\SYSTEM32\dllcache\wmasf.dll
2007-10-11 06:13 96,768 ----a-w C:\WINDOWS\SYSTEM32\dllcache\inseng.dll
2007-10-11 06:13 663,552 ----a-w C:\WINDOWS\SYSTEM32\dllcache\wininet.dll
2007-10-11 06:13 617,472 ----a-w C:\WINDOWS\SYSTEM32\dllcache\urlmon.dll
2007-10-11 06:13 55,808 ----a-w C:\WINDOWS\SYSTEM32\dllcache\extmgr.dll
2007-10-11 06:13 532,480 ----a-w C:\WINDOWS\SYSTEM32\dllcache\mstime.dll
2007-10-11 06:13 474,624 ----a-w C:\WINDOWS\SYSTEM32\dllcache\shlwapi.dll
2007-10-11 06:13 449,024 ----a-w C:\WINDOWS\SYSTEM32\dllcache\mshtmled.dll
2007-10-11 06:13 39,424 ----a-w C:\WINDOWS\SYSTEM32\dllcache\pngfilt.dll
2007-10-11 06:13 357,888 ----a-w C:\WINDOWS\SYSTEM32\dllcache\dxtmsft.dll
2007-10-11 06:13 251,392 ----a-w C:\WINDOWS\SYSTEM32\dllcache\iepeers.dll
2007-10-11 06:13 205,312 ----a-w C:\WINDOWS\SYSTEM32\dllcache\dxtrans.dll
2007-10-11 06:13 16,384 ----a-w C:\WINDOWS\SYSTEM32\dllcache\jsproxy.dll
2007-10-11 06:13 152,064 ----a-w C:\WINDOWS\SYSTEM32\dllcache\cdfview.dll
2007-10-11 06:13 146,432 ----a-w C:\WINDOWS\SYSTEM32\dllcache\msrating.dll
2007-10-11 06:13 1,495,040 ----a-w C:\WINDOWS\SYSTEM32\dllcache\shdocvw.dll
2007-10-11 06:13 1,056,768 ----a-w C:\WINDOWS\SYSTEM32\dllcache\danim.dll
2007-10-11 06:13 1,024,000 ----a-w C:\WINDOWS\SYSTEM32\dllcache\browseui.dll
2007-10-10 11:16 18,432 ----a-w C:\WINDOWS\SYSTEM32\dllcache\iedw.exe
2007-08-07 23:50 16,230,659 ----a-w C:\WINDOWS\Internet Logs\vsmon_on_demand_2007_08_08_00_04_21_full.dmp.zip
2007-08-07 23:50 116,090 ----a-w C:\WINDOWS\Internet Logs\vsmon_2nd_2007_08_08_00_03_53_small.dmp.zip
2007-06-27 17:07 9,437,503 ----a-w C:\WINDOWS\Internet Logs\vsmon_on_demand_2007_06_27_19_05_54_full.dmp.zip
2007-06-15 14:34 13,466,520 ----a-w C:\WINDOWS\Internet Logs\vsmon_on_demand_2007_06_15_16_32_33_full.dmp.zip
2006-08-04 00:50 8,224 ----a-w C:\Documents and Settings\bob\Application Data\GDIPFONTCACHEV1.DAT
2006-06-12 23:16 17,920 ----a-w C:\Documents and Settings\bob\~flx.exe
2006-03-12 18:05 266 --sha-w C:\Program Files\desktop.ini
2006-03-12 18:05 11,208 ---ha-w C:\Program Files\folder.htt
2005-09-10 07:34 624 ----a-w C:\Documents and Settings\bob\install.cmd
2004-09-03 09:32 3,488 ----a-w C:\WINDOWS\inf\OTHER\CMIAINFO.SYS
2002-07-26 16:02 153,088 ----a-w C:\Program Files\UNWISE.EXE
2006-04-23 00:11 8,456 --sha-w C:\WINDOWS\SYSTEM32\KGyGaAvL.sys
.

((((((((((((((((((((((((((((((((( Point de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
REGEDIT4
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\SlowFile Icon Overlay]
@={7D688A77-C613-11D0-999B-00C04FD655E1}

[HKEY_CLASSES_ROOT\CLSID\{7D688A77-C613-11D0-999B-00C04FD655E1}]
2007-10-25 17:56 8510976 --a------ C:\WINDOWS\SYSTEM32\SHELL32.DLL

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-19 16:09 15360]
"MSMSGS"="C:\Program Files\Messenger\msmsgs.exe" [2004-10-13 17:24 1694208]
"swg"="C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe" [2007-01-27 21:18 171448]
"Shareaza"="C:\Program Files\Shareaza\Shareaza.exe" [2005-10-27 18:44 3887104]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SystemTray"="SysTray.Exe" [2001-09-28 12:00 3072 C:\WINDOWS\SYSTEM32\systray.exe]
"Cmaudio"="cmicnfg.cpl" []
"QuickTime Task"="C:\WINDOWS\system32\qttask.exe" [2006-03-13 01:38 98304]
"OpwareSE2"="C:\Program Files\ScanSoft\OmniPageSE2.0\OpwareSE2.exe" [2003-05-08 12:00 49152]
"HP Component Manager"="C:\Program Files\HP\hpcoretech\hpcmpmgr.exe" [2004-05-12 15:18 241664]
"LogitechVideoRepair"="C:\Program Files\Logitech\Video\ISStart.exe" [2004-02-12 16:57 188416]
"LogitechVideoTray"="C:\Program Files\Logitech\Video\LogiTray.exe" [2004-02-12 16:59 77824]
"USB2Check"="C:\WINDOWS\system32\PCLECoInst.dll" [2004-04-06 19:05 61440]
"USBToolTip"="C:\Program Files\Pinnacle\Shared Files\Programs\USBTip\USBTip.exe" [2004-04-23 11:00 192512]
"systemtask"="C:\Documents and Settings\bob\~flx.exe" [2006-06-13 00:16 17920]
"OFFICEKB"="C:\Program Files\Trust\DS-3300X Wireless Optical Deskset\Keyboard\kbdap32a.EXE" [2006-08-06 20:01 399872]
"FLMOFFICE4DMOUSE"="C:\Program Files\Trust\DS-3300X Wireless Optical Deskset\Mouse\mouse32a.exe" [2006-08-06 20:01 370176]
"ATIPTA"="C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe" [2004-06-10 21:10 339968]
"AVP"="C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe" [2006-11-08 18:28 155751]
"Sony Ericsson PC Suite"="C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe" [2005-10-26 15:17 159744]
"ZoneAlarm Client"="C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe" [2007-03-09 00:02 919280]
"NeroFilterCheck"="C:\WINDOWS\system32\NeroCheck.exe" [2001-07-09 09:50 155648]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\System32\CTFMON.EXE" [2004-08-19 16:09 15360]

C:\Documents and Settings\All Users\Menu D‚marrer\Programmes\D‚marrage\
Adobe Gamma Loader.exe.lnk - C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe [2007-01-28 21:55:51]
Lancement rapide d'Adobe Reader.lnk - C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe [2005-09-24 07:05:26]
Microsoft Office.lnk - C:\Program Files\Microsoft Office\Office10\OSA.EXE [2001-02-13 09:01:04]
VIA RAID TOOL.lnk - C:\Program Files\VIA\RAID\raid_tool.exe [2006-03-12 20:46:58]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=95.dll

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\updateMgr]
C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe AcRdB7_0_8

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\setup\disabledrunkeys]
"LoadPowerProfile"=Rundll32.exe powrprof.dll,LoadCurrentPwrScheme

R0 viamraid;viamraid;C:\WINDOWS\system32\DRIVERS\viamraid.sys [2004-03-29 06:45]
R1 UdfReadr;UdfReadr;C:\WINDOWS\system32\drivers\UdfReadr.sys [2003-07-19 02:22]
S3 BTNetFilter;Bluetooth Network Filter;C:\WINDOWS\system32\drivers\BTNetFilter.sys [2004-12-16 16:32]
S3 ids00026;ids00026;C:\Documents and Settings\All Users\Application Data\Kaspersky Anti-Virus Personal\5.0\bases\ids00026.sys []
S3 ids00118;ids00118;C:\Documents and Settings\All Users\Application Data\Kaspersky Anti-Virus Personal\5.0\bases\ids00118.sys []
S3 ids0014f;ids0014f;C:\Documents and Settings\All Users\Application Data\Kaspersky Anti-Virus Personal\5.0\bases\ids0014f.sys []
S3 ids0015d;ids0015d;C:\Documents and Settings\All Users\Application Data\Kaspersky Anti-Virus Personal\5.0\bases\ids0015d.sys []
S3 ids00180;ids00180;C:\Documents and Settings\All Users\Application Data\Kaspersky Anti-Virus Personal\5.0\bases\ids00180.sys []
S3 MTK;Media Technology Kernel Driver;C:\WINDOWS\system32\Drivers\mtk.sys []
S3 siusbmod;siusbmod;C:\WINDOWS\system32\DRIVERS\siusbmod.sys [2005-07-28 15:20]
S3 w200bus;Sony Ericsson W200 driver (WDM);C:\WINDOWS\system32\DRIVERS\w200bus.sys [2006-11-07 08:42]
S3 w200mdfl;Sony Ericsson W200 USB WMC Modem Filter;C:\WINDOWS\system32\DRIVERS\w200mdfl.sys [2006-11-07 08:42]
S3 w200mdm;Sony Ericsson W200 USB WMC Modem Driver;C:\WINDOWS\system32\DRIVERS\w200mdm.sys [2006-11-07 08:42]
S3 w200mgmt;Sony Ericsson W200 USB WMC Device Management Drivers (WDM);C:\WINDOWS\system32\DRIVERS\w200mgmt.sys [2006-11-07 08:42]
S3 w200obex;Sony Ericsson W200 USB WMC OBEX Interface;C:\WINDOWS\system32\DRIVERS\w200obex.sys [2006-11-07 08:42]


[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\jÿ:¢ò‘‘ÍD™D³àÌõò`ñtÆÒ´®~ü$½é.:´>|!=² ^I-×Å'5ØäMW—¿žMy\÷Ɇïùb¯]ܾbc¶¿¨^3œÕ:y\M¨Ñ…ö”tS~r”h ´M]
´M 2

[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\jÿ:¢ò‘‘ÍD™D³àÌõò`ñtÆÒ´®~ü$½é.:´>|!=² ^I-×Å'5ØäMW—¿žMy\÷Ɇïùb¯]ܾbc¶¿¨^3œÕ:y\M¨Ñ…ö”tS~r”h ´MADDINGPADDINGXXPC:\WINDOWS\¯]ܾbc¶¿¨^3œÕ:y\M¨Ñ…ö”tS~r”h ´M]
´M 2

[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{1AD6330D-6B1B-6C6B-1E4B-46A3B733E1D7}]
C:\WINDOWS\Wininit.exe 2

[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{1CDAD24E-8DA5-4AE3-8BC7-2CAD5AAE5BEB}]
C:\WINDOWS\Wininit.exe 2
.
Contenu du dossier 'Scheduled Tasks/Tâches planifiées'
"2007-12-05 22:00:00 C:\WINDOWS\Tasks\Démarrage du programme de réglages.job"
.
**************************************************************************

catchme 0.3.1333 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-01-02 03:52:15
Windows 5.1.2600 Service Pack 2 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

HKLM\Software\Microsoft\Windows\CurrentVersion\Run
systemtask = C:\Documents and Settings\bob\~flx.exe???e@??e@??>?????????????????????????????????????????????????

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
Completion time: 2008-01-02 3:53:43
C:\qoobox\ComboFix-quarantined-files.txt 2008-01-02 02:53:31
.
2008-01-02 02:01:27 --- E O F ---
0
Réponse 6 / 16
sally9 Messages postés 9 Date d'inscription lundi 31 décembre 2007 Statut Membre Dernière intervention 5 janvier 2008
2 janv. 2008 à 05:13
Re ;
Enfin ! je croyais que l'analyse en finirai plus c'était un peu long, mais maintenant voilà le rapport :

AVG Anti-Spyware - Rapport d'analyse
---------------------------------------------------------

+ Créé à: 05:03:14 02/01/2008

+ Résultat de l'analyse:



C:\Documents and Settings\NetworkService\Cookies\bob@search.msn[2].txt -> TrackingCookie.Msn : Aucune action entreprise.
C:\cluster 137087\Cookies\bob@search.msn[2].txt -> TrackingCookie.Msn : Aucune action entreprise.
C:\Documents and Settings\bob\Cookies\bob@ssl-hints.netflame[2].txt -> TrackingCookie.Netflame : Aucune action entreprise.
C:\Documents and Settings\bob\Cookies\bob@site.skype[1].txt -> TrackingCookie.Skype : Aucune action entreprise.
C:\Documents and Settings\bob\Cookies\bob@weborama[1].txt -> TrackingCookie.Weborama : Aucune action entreprise.


Fin du rapport
Merci de m'aider
0
Réponse 7 / 16
Regis59 Messages postés 21143 Date d'inscription mardi 27 juin 2006 Statut Contributeur sécurité Dernière intervention 22 juin 2016 1 320
2 janv. 2008 à 13:07
Ok.

Lance ce scan en ligne:
http://www.bitdefender.fr/scan8/ie.html
Copie/colle le rapport
Aide en image : http://pageperso.aol.fr/rginformatique/mapage/defender.htm

A+
0
Réponse 8 / 16
sally9 Messages postés 9 Date d'inscription lundi 31 décembre 2007 Statut Membre Dernière intervention 5 janvier 2008
3 janv. 2008 à 00:22
Re ;

J'ai déja anti virus kaspersky pourquoi je dois faire un scan bitdefender, je pense que cela ne sert à rien d'avoir deux anti virus .
Est ce que je peux faire le scan avec kaspersky ?
As tu trouvé quelque chose au niveau d' Hijackthis et Combofix qui ne va pas ? parce que j'ai du mal a interpreté ces rapports.

Merci Regis59 de ton aide
0
Réponse 9 / 16
Regis59 Messages postés 21143 Date d'inscription mardi 27 juin 2006 Statut Contributeur sécurité Dernière intervention 22 juin 2016 1 320
3 janv. 2008 à 12:32
Re,

C'est un scan en ligne et ce n'est pas un antivirus a installer sur ton pc.
Oui il y a quelques choses de mauvaises dans les rapports.
Tu ne souhaites pas faire ce scan online?

A+
0
Réponse 10 / 16
sally9 Messages postés 9 Date d'inscription lundi 31 décembre 2007 Statut Membre Dernière intervention 5 janvier 2008
4 janv. 2008 à 05:28
Rebonjour,

Ok Regis59, j'ai mal compris excuse moi.
J'ai fait ce que tu m'as dit un scan en ligne Bitdefender, apparemment il y a des virus qui ont été découvert. Ce qui est bizarre c'est que j'ai fait aussi le scan Kaspersky et il n'a rien trouvé comme virus.
Voici le rapport :BitDefender Online Scanner



Scan report generated at: Fri, Jan 04, 2008 - 05:16:13





Scan path: A:\;C:\;D:\;E:\;F:\;H:\;I:\;J:\;K:\;M:\;







Statistics

Time
01:29:30

Files
216236

Folders
7463

Boot Sectors
3

Archives
3231

Packed Files
11254




Results

Identified Viruses
3

Infected Files
28

Suspect Files
0

Warnings
0

Disinfected
0

Deleted Files
2




Engines Info

Virus Definitions
885320

Engine build
AVCORE v1.0 (build 2422) (i386) (Sep 25 2007 08:26:36)

Scan plugins
14

Archive plugins
38

Unpack plugins
7

E-mail plugins
6

System plugins
1




Scan Settings

First Action
Disinfect

Second Action
Delete

Heuristics
Yes

Enable Warnings
Yes

Scanned Extensions
*;

Exclude Extensions


Scan Emails
Yes

Scan Archives
Yes

Scan Packed
Yes

Scan Files
Yes

Scan Boot
Yes




Scanned File
Status

C:\Documents and Settings\All Users\Application Data\Kaspersky Lab\AVP6\Backup\0916296e7eac2525.klq
Detected with: Application.JS.ForcePopup.D

C:\Documents and Settings\All Users\Application Data\Kaspersky Lab\AVP6\Backup\0916296e7eac2525.klq
Disinfection failed

C:\Documents and Settings\All Users\Application Data\Kaspersky Lab\AVP6\Backup\0916296e7eac2525.klq
Delete failed

C:\Documents and Settings\All Users\Application Data\Kaspersky Lab\AVP6\Backup\1b3900a56ba87dfd.klq
Infected with: Trojan.VBS.Starter.G

C:\Documents and Settings\All Users\Application Data\Kaspersky Lab\AVP6\Backup\1b3900a56ba87dfd.klq
Disinfection failed

C:\Documents and Settings\All Users\Application Data\Kaspersky Lab\AVP6\Backup\1b3900a56ba87dfd.klq
Delete failed

C:\Documents and Settings\All Users\Application Data\Kaspersky Lab\AVP6\Backup\1e44d50b67acd2ab.klq
Infected with: Trojan.VBS.Starter.G

C:\Documents and Settings\All Users\Application Data\Kaspersky Lab\AVP6\Backup\1e44d50b67acd2ab.klq
Disinfection failed

C:\Documents and Settings\All Users\Application Data\Kaspersky Lab\AVP6\Backup\1e44d50b67acd2ab.klq
Delete failed

C:\Documents and Settings\All Users\Application Data\Kaspersky Lab\AVP6\Backup\3f0b211520275786.klq
Detected with: Application.JS.ForcePopup.D

C:\Documents and Settings\All Users\Application Data\Kaspersky Lab\AVP6\Backup\3f0b211520275786.klq
Disinfection failed

C:\Documents and Settings\All Users\Application Data\Kaspersky Lab\AVP6\Backup\3f0b211520275786.klq
Delete failed

C:\Documents and Settings\All Users\Application Data\Kaspersky Lab\AVP6\Backup\434dc37dd819666f.klq
Detected with: Application.JS.ForcePopup.D

C:\Documents and Settings\All Users\Application Data\Kaspersky Lab\AVP6\Backup\434dc37dd819666f.klq
Disinfection failed

C:\Documents and Settings\All Users\Application Data\Kaspersky Lab\AVP6\Backup\434dc37dd819666f.klq
Delete failed

C:\Documents and Settings\All Users\Application Data\Kaspersky Lab\AVP6\Backup\4465b111e26157b0.klq
Detected with: Application.JS.ForcePopup.D

C:\Documents and Settings\All Users\Application Data\Kaspersky Lab\AVP6\Backup\4465b111e26157b0.klq
Disinfection failed

C:\Documents and Settings\All Users\Application Data\Kaspersky Lab\AVP6\Backup\4465b111e26157b0.klq
Delete failed

C:\Documents and Settings\All Users\Application Data\Kaspersky Lab\AVP6\Backup\463271e8f274cded.klq
Detected with: Application.JS.ForcePopup.D

C:\Documents and Settings\All Users\Application Data\Kaspersky Lab\AVP6\Backup\463271e8f274cded.klq
Disinfection failed

C:\Documents and Settings\All Users\Application Data\Kaspersky Lab\AVP6\Backup\463271e8f274cded.klq
Delete failed

C:\Documents and Settings\All Users\Application Data\Kaspersky Lab\AVP6\Backup\56b16f85d0622190.klq
Detected with: Application.JS.ForcePopup.D

C:\Documents and Settings\All Users\Application Data\Kaspersky Lab\AVP6\Backup\56b16f85d0622190.klq
Disinfection failed

C:\Documents and Settings\All Users\Application Data\Kaspersky Lab\AVP6\Backup\56b16f85d0622190.klq
Delete failed

C:\Documents and Settings\All Users\Application Data\Kaspersky Lab\AVP6\Backup\667480b3c3424999.klq
Detected with: Application.JS.ForcePopup.D

C:\Documents and Settings\All Users\Application Data\Kaspersky Lab\AVP6\Backup\667480b3c3424999.klq
Disinfection failed

C:\Documents and Settings\All Users\Application Data\Kaspersky Lab\AVP6\Backup\667480b3c3424999.klq
Delete failed

C:\Documents and Settings\All Users\Application Data\Kaspersky Lab\AVP6\Backup\70786c16834828d0.klq
Detected with: Application.JS.ForcePopup.D

C:\Documents and Settings\All Users\Application Data\Kaspersky Lab\AVP6\Backup\70786c16834828d0.klq
Disinfection failed

C:\Documents and Settings\All Users\Application Data\Kaspersky Lab\AVP6\Backup\70786c16834828d0.klq
Delete failed

C:\Documents and Settings\All Users\Application Data\Kaspersky Lab\AVP6\Backup\7f69e6fcd4834df7.klq
Detected with: Application.JS.ForcePopup.D

C:\Documents and Settings\All Users\Application Data\Kaspersky Lab\AVP6\Backup\7f69e6fcd4834df7.klq
Disinfection failed

C:\Documents and Settings\All Users\Application Data\Kaspersky Lab\AVP6\Backup\7f69e6fcd4834df7.klq
Delete failed

C:\Documents and Settings\All Users\Application Data\Kaspersky Lab\AVP6\Backup\9e55b3fffc0ed4db.klq
Infected with: Trojan.VBS.Starter.G

C:\Documents and Settings\All Users\Application Data\Kaspersky Lab\AVP6\Backup\9e55b3fffc0ed4db.klq
Disinfection failed

C:\Documents and Settings\All Users\Application Data\Kaspersky Lab\AVP6\Backup\9e55b3fffc0ed4db.klq
Delete failed

C:\Documents and Settings\All Users\Application Data\Kaspersky Lab\AVP6\Backup\a540c4cd92d1b1e5.klq
Detected with: Application.JS.ForcePopup.D

C:\Documents and Settings\All Users\Application Data\Kaspersky Lab\AVP6\Backup\a540c4cd92d1b1e5.klq
Disinfection failed

C:\Documents and Settings\All Users\Application Data\Kaspersky Lab\AVP6\Backup\a540c4cd92d1b1e5.klq
Delete failed

C:\Documents and Settings\All Users\Application Data\Kaspersky Lab\AVP6\Backup\a83718281d70971e.klq
Detected with: Application.JS.ForcePopup.D

C:\Documents and Settings\All Users\Application Data\Kaspersky Lab\AVP6\Backup\a83718281d70971e.klq
Disinfection failed

C:\Documents and Settings\All Users\Application Data\Kaspersky Lab\AVP6\Backup\a83718281d70971e.klq
Delete failed

C:\Documents and Settings\All Users\Application Data\Kaspersky Lab\AVP6\Backup\aa0c4e54d7cbbef3.klq
Infected with: Trojan.VBS.Starter.G

C:\Documents and Settings\All Users\Application Data\Kaspersky Lab\AVP6\Backup\aa0c4e54d7cbbef3.klq
Disinfection failed

C:\Documents and Settings\All Users\Application Data\Kaspersky Lab\AVP6\Backup\aa0c4e54d7cbbef3.klq
Delete failed

C:\Documents and Settings\All Users\Application Data\Kaspersky Lab\AVP6\Backup\b1508516e0a2c1a1.klq
Infected with: Trojan.VBS.Starter.G

C:\Documents and Settings\All Users\Application Data\Kaspersky Lab\AVP6\Backup\b1508516e0a2c1a1.klq
Disinfection failed

C:\Documents and Settings\All Users\Application Data\Kaspersky Lab\AVP6\Backup\b1508516e0a2c1a1.klq
Delete failed

C:\Documents and Settings\All Users\Application Data\Kaspersky Lab\AVP6\Backup\b151928b92300f24.klq
Detected with: Application.JS.ForcePopup.D

C:\Documents and Settings\All Users\Application Data\Kaspersky Lab\AVP6\Backup\b151928b92300f24.klq
Disinfection failed

C:\Documents and Settings\All Users\Application Data\Kaspersky Lab\AVP6\Backup\b151928b92300f24.klq
Delete failed

C:\Documents and Settings\All Users\Application Data\Kaspersky Lab\AVP6\Backup\bcada67b5f4374a5.klq
Infected with: Trojan.VBS.Starter.G

C:\Documents and Settings\All Users\Application Data\Kaspersky Lab\AVP6\Backup\bcada67b5f4374a5.klq
Disinfection failed

C:\Documents and Settings\All Users\Application Data\Kaspersky Lab\AVP6\Backup\bcada67b5f4374a5.klq
Delete failed

C:\Documents and Settings\All Users\Application Data\Kaspersky Lab\AVP6\Backup\c5623a2c90e4b097.klq
Infected with: Trojan.VBS.Starter.G

C:\Documents and Settings\All Users\Application Data\Kaspersky Lab\AVP6\Backup\c5623a2c90e4b097.klq
Disinfection failed

C:\Documents and Settings\All Users\Application Data\Kaspersky Lab\AVP6\Backup\c5623a2c90e4b097.klq
Delete failed

C:\Documents and Settings\All Users\Application Data\Kaspersky Lab\AVP6\Backup\c98ac9725016cdbe.klq
Infected with: Trojan.VBS.Starter.G

C:\Documents and Settings\All Users\Application Data\Kaspersky Lab\AVP6\Backup\c98ac9725016cdbe.klq
Disinfection failed

C:\Documents and Settings\All Users\Application Data\Kaspersky Lab\AVP6\Backup\c98ac9725016cdbe.klq
Delete failed

C:\Documents and Settings\All Users\Application Data\Kaspersky Lab\AVP6\Backup\cff82372b352b418.klq
Infected with: Trojan.VBS.Starter.G

C:\Documents and Settings\All Users\Application Data\Kaspersky Lab\AVP6\Backup\cff82372b352b418.klq
Disinfection failed

C:\Documents and Settings\All Users\Application Data\Kaspersky Lab\AVP6\Backup\cff82372b352b418.klq
Delete failed

C:\Documents and Settings\All Users\Application Data\Kaspersky Lab\AVP6\Backup\dad9d1981245762f.klq
Detected with: Application.JS.ForcePopup.D

C:\Documents and Settings\All Users\Application Data\Kaspersky Lab\AVP6\Backup\dad9d1981245762f.klq
Disinfection failed

C:\Documents and Settings\All Users\Application Data\Kaspersky Lab\AVP6\Backup\dad9d1981245762f.klq
Delete failed

C:\Documents and Settings\All Users\Application Data\Kaspersky Lab\AVP6\Backup\e218eec0c33751f7.klq
Infected with: Trojan.VBS.Starter.G

C:\Documents and Settings\All Users\Application Data\Kaspersky Lab\AVP6\Backup\e218eec0c33751f7.klq
Disinfection failed

C:\Documents and Settings\All Users\Application Data\Kaspersky Lab\AVP6\Backup\e218eec0c33751f7.klq
Delete failed

C:\Documents and Settings\All Users\Application Data\Kaspersky Lab\AVP6\Backup\e56c770540c49443.klq
Infected with: Trojan.VBS.Starter.G

C:\Documents and Settings\All Users\Application Data\Kaspersky Lab\AVP6\Backup\e56c770540c49443.klq
Disinfection failed

C:\Documents and Settings\All Users\Application Data\Kaspersky Lab\AVP6\Backup\e56c770540c49443.klq
Delete failed

C:\Documents and Settings\All Users\Application Data\Kaspersky Lab\AVP6\Backup\ed9ece40903eb7ab.klq
Infected with: Trojan.VBS.Starter.G

C:\Documents and Settings\All Users\Application Data\Kaspersky Lab\AVP6\Backup\ed9ece40903eb7ab.klq
Disinfection failed

C:\Documents and Settings\All Users\Application Data\Kaspersky Lab\AVP6\Backup\ed9ece40903eb7ab.klq
Delete failed

C:\Documents and Settings\All Users\Application Data\Kaspersky Lab\AVP6\Backup\fb09d6a87ec493db.klq
Infected with: Trojan.VBS.Starter.G

C:\Documents and Settings\All Users\Application Data\Kaspersky Lab\AVP6\Backup\fb09d6a87ec493db.klq
Disinfection failed

C:\Documents and Settings\All Users\Application Data\Kaspersky Lab\AVP6\Backup\fb09d6a87ec493db.klq
Delete failed

C:\Program Files\Sqirlz Morph\SqMorphImage.exe
Infected with: Trojan.Dloader.BT

C:\Program Files\Sqirlz Morph\SqMorphImage.exe
Disinfection failed

C:\Program Files\Sqirlz Morph\SqMorphImage.exe
Deleted

C:\System Volume Information\_restore{AE763864-7188-426C-9B2C-A5EA03A1744D}\RP313\A0122158.exe
Infected with: Trojan.Dloader.BT

C:\System Volume Information\_restore{AE763864-7188-426C-9B2C-A5EA03A1744D}\RP313\A0122158.exe
Disinfection failed

C:\System Volume Information\_restore{AE763864-7188-426C-9B2C-A5EA03A1744D}\RP313\A0122158.exe
Deleted




Merci beaucoup Regis59 de ton aide

A+
0
Réponse 11 / 16
Regis59 Messages postés 21143 Date d'inscription mardi 27 juin 2006 Statut Contributeur sécurité Dernière intervention 22 juin 2016 1 320
4 janv. 2008 à 12:47
ok

La majeur partie des détections sont situés dans la quarantaine de KASPERSKY.
Juste un seul non détecté.

Tu me remet un nouveau combofix et hijackthis, on va supprimer ce qui reste en manuel.

A+
0
Réponse 12 / 16
sally9 Messages postés 9 Date d'inscription lundi 31 décembre 2007 Statut Membre Dernière intervention 5 janvier 2008
4 janv. 2008 à 17:30
Re,

Ok Regis59, voilà le rapport Combofix :

ComboFix 07-12-31.4 - bob 2008-01-04 17:15:23.2 - NTFSx86
Microsoft Windows XP Professionnel 5.1.2600.2.1252.1.1036.18.521 [GMT 1:00]
Running from: C:\Documents and Settings\bob\Bureau\ComboFix.exe
.

((((((((((((((((((((((((((((( Fichiers créés 2007-12-04 to 2008-01-04 ))))))))))))))))))))))))))))))))))))
.

2008-01-04 03:40 . 2008-01-04 05:16 <REP> d-------- C:\WINDOWS\BDOSCAN8
2008-01-03 01:04 . 2008-01-03 01:04 <REP> d-------- C:\WINDOWS\SYSTEM32\Kaspersky Lab
2008-01-02 18:54 . 2008-01-02 19:09 11,952 --a------ C:\WINDOWS\MICRO APPLICATION Courriers types Archive.dat
2008-01-02 18:04 . 2008-01-02 18:04 455 --a------ C:\WINDOWS\MICRO APPLICATION Destinataire.dat
2008-01-02 18:04 . 2008-01-02 18:04 386 --a------ C:\WINDOWS\MICRO APPLICATION Expéditeur.dat
2008-01-02 18:00 . 1995-12-04 14:08 26,624 --a------ C:\WINDOWS\SYSTEM32\CTL3D95.DLL
2008-01-02 17:59 . 1999-04-11 17:44 2,495 --a------ C:\WINDOWS\SYSTEM32\COMCTL32.DEP
2008-01-02 04:08 . 2008-01-02 04:08 <REP> d-------- C:\Documents and Settings\bob\Application Data\Grisoft
2008-01-02 04:08 . 2008-01-02 04:08 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Grisoft
2008-01-02 04:08 . 2007-05-30 13:10 10,872 --a------ C:\WINDOWS\SYSTEM32\DRIVERS\AvgAsCln.sys
2008-01-02 03:46 . 2000-08-31 08:00 51,200 --a------ C:\WINDOWS\NirCmd.exe
2007-12-27 04:17 . 2003-02-24 14:40 2,787,840 --a------ C:\WINDOWS\SYSTEM\MSHTML.DLL
2007-12-27 03:53 . 2007-12-30 07:06 412 --a------ C:\WINDOWS\Fix IE Log.BAK
2007-12-27 03:51 . 2008-01-02 23:06 <REP> d-------- C:\Program Files\Power IE
2007-12-20 22:48 . 2007-12-20 22:48 244 --ah----- C:\sqmnoopt08.sqm
2007-12-20 22:48 . 2007-12-20 22:48 232 --ah----- C:\sqmdata08.sqm
2007-12-19 02:10 . 2007-12-19 02:14 <REP> d-------- C:\Documents and Settings\bob\NeoDivX Suite
2007-12-06 19:37 . 2006-12-14 02:08 <REP> d--h----- C:\Documents and Settings\LogMeInRemoteUser\Voisinage réseau
2007-12-06 19:37 . 2006-12-14 02:08 <REP> d--h----- C:\Documents and Settings\LogMeInRemoteUser\Voisinage d'impression
2007-12-06 19:37 . 2006-12-14 02:08 <REP> d--h----- C:\Documents and Settings\LogMeInRemoteUser\Modèles
2007-12-06 19:37 . 2006-12-14 02:08 <REP> d-------- C:\Documents and Settings\LogMeInRemoteUser\Mes documents
2007-12-06 19:37 . 2006-12-14 02:08 <REP> dr------- C:\Documents and Settings\LogMeInRemoteUser\Menu Démarrer
2007-12-06 19:37 . 2006-12-14 02:08 <REP> d-------- C:\Documents and Settings\LogMeInRemoteUser\Favoris
2007-12-06 19:37 . 2006-12-14 02:08 <REP> d-------- C:\Documents and Settings\LogMeInRemoteUser\Bureau
2007-12-06 19:35 . 2007-12-06 19:35 1,024 --a------ C:\.rnd

.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-01-04 16:21 84,799,264 --sha-w C:\WINDOWS\system32\drivers\fidbox.dat
2008-01-04 16:21 4,243,744 --sha-w C:\WINDOWS\system32\drivers\fidbox2.dat
2008-01-04 16:00 399,800 --sha-w C:\WINDOWS\system32\drivers\fidbox2.idx
2008-01-04 16:00 1,138,220 --sha-w C:\WINDOWS\system32\drivers\fidbox.idx
2008-01-04 03:42 --------- d-----w C:\Program Files\Sqirlz Morph
2008-01-02 16:59 --------- d-----w C:\Program Files\Micro Application
2008-01-02 02:11 --------- d-----w C:\Documents and Settings\All Users\Application Data\Skype
2008-01-01 23:05 --------- d-----w C:\Documents and Settings\bob\Application Data\skypePM
2007-12-27 21:59 --------- d-----w C:\Documents and Settings\bob\Application Data\Canon
2007-12-27 01:17 --------- d-----w C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
2007-12-03 19:55 32 ----a-w C:\Documents and Settings\All Users\Application Data\ezsid.dat
2007-12-02 20:06 --------- d-----w C:\Documents and Settings\bob\Application Data\Screenshot Sender
2007-12-02 19:21 --------- dcsh--w C:\Program Files\Fichiers communs\WindowsLiveInstaller
2007-12-02 19:20 --------- d-----w C:\Documents and Settings\All Users\Application Data\WLInstaller
2007-12-02 19:17 --------- d-----w C:\Program Files\MSN Messenger
2007-11-24 02:38 --------- d-----w C:\Program Files\Mobile Phone Manager
2007-11-15 17:46 10,040 ----a-w C:\WINDOWS\SYSTEM32\lmimirr2.dll
2007-11-14 07:28 450,560 ----a-w C:\WINDOWS\SYSTEM32\dllcache\jscript.dll
2007-11-13 10:25 20,480 ----a-w C:\WINDOWS\system32\drivers\secdrv.sys
2007-11-09 20:44 --------- d-----w C:\Program Files\Dictionnaire
2007-11-04 02:35 12,361,814 ----a-w C:\WINDOWS\Internet Logs\tvDebug.zip
2007-10-30 10:18 3,079,680 ----a-w C:\WINDOWS\SYSTEM32\dllcache\mshtml.dll
2007-10-29 22:43 1,293,824 ----a-w C:\WINDOWS\SYSTEM32\quartz.dll
2007-10-29 22:43 1,293,824 ----a-w C:\WINDOWS\SYSTEM32\dllcache\quartz.dll
2007-10-25 16:56 8,510,976 ----a-w C:\WINDOWS\SYSTEM32\dllcache\shell32.dll
2007-10-25 09:26 53,248 ----a-w C:\WINDOWS\bdoscandel.exe
2007-10-25 08:28 222,720 ----a-w C:\WINDOWS\SYSTEM32\wmasf.dll
2007-10-25 08:28 222,720 ----a-w C:\WINDOWS\SYSTEM32\dllcache\wmasf.dll
2007-10-11 06:13 96,768 ----a-w C:\WINDOWS\SYSTEM32\dllcache\inseng.dll
2007-10-11 06:13 663,552 ----a-w C:\WINDOWS\SYSTEM32\dllcache\wininet.dll
2007-10-11 06:13 617,472 ----a-w C:\WINDOWS\SYSTEM32\dllcache\urlmon.dll
2007-10-11 06:13 55,808 ----a-w C:\WINDOWS\SYSTEM32\dllcache\extmgr.dll
2007-10-11 06:13 532,480 ----a-w C:\WINDOWS\SYSTEM32\dllcache\mstime.dll
2007-10-11 06:13 474,624 ----a-w C:\WINDOWS\SYSTEM32\dllcache\shlwapi.dll
2007-10-11 06:13 449,024 ----a-w C:\WINDOWS\SYSTEM32\dllcache\mshtmled.dll
2007-10-11 06:13 39,424 ----a-w C:\WINDOWS\SYSTEM32\dllcache\pngfilt.dll
2007-10-11 06:13 357,888 ----a-w C:\WINDOWS\SYSTEM32\dllcache\dxtmsft.dll
2007-10-11 06:13 251,392 ----a-w C:\WINDOWS\SYSTEM32\dllcache\iepeers.dll
2007-10-11 06:13 205,312 ----a-w C:\WINDOWS\SYSTEM32\dllcache\dxtrans.dll
2007-10-11 06:13 16,384 ----a-w C:\WINDOWS\SYSTEM32\dllcache\jsproxy.dll
2007-10-11 06:13 152,064 ----a-w C:\WINDOWS\SYSTEM32\dllcache\cdfview.dll
2007-10-11 06:13 146,432 ----a-w C:\WINDOWS\SYSTEM32\dllcache\msrating.dll
2007-10-11 06:13 1,495,040 ----a-w C:\WINDOWS\SYSTEM32\dllcache\shdocvw.dll
2007-10-11 06:13 1,056,768 ----a-w C:\WINDOWS\SYSTEM32\dllcache\danim.dll
2007-10-11 06:13 1,024,000 ----a-w C:\WINDOWS\SYSTEM32\dllcache\browseui.dll
2007-10-10 11:16 18,432 ----a-w C:\WINDOWS\SYSTEM32\dllcache\iedw.exe
2007-08-07 23:50 16,230,659 ----a-w C:\WINDOWS\Internet Logs\vsmon_on_demand_2007_08_08_00_04_21_full.dmp.zip
2007-08-07 23:50 116,090 ----a-w C:\WINDOWS\Internet Logs\vsmon_2nd_2007_08_08_00_03_53_small.dmp.zip
2007-06-27 17:07 9,437,503 ----a-w C:\WINDOWS\Internet Logs\vsmon_on_demand_2007_06_27_19_05_54_full.dmp.zip
2007-06-15 14:34 13,466,520 ----a-w C:\WINDOWS\Internet Logs\vsmon_on_demand_2007_06_15_16_32_33_full.dmp.zip
2006-08-04 00:50 8,224 ----a-w C:\Documents and Settings\bob\Application Data\GDIPFONTCACHEV1.DAT
2006-06-12 23:16 17,920 ----a-w C:\Documents and Settings\bob\~flx.exe
2006-03-12 18:05 266 --sha-w C:\Program Files\desktop.ini
2006-03-12 18:05 11,208 ---ha-w C:\Program Files\folder.htt
2005-09-10 07:34 624 ----a-w C:\Documents and Settings\bob\install.cmd
2004-09-03 09:32 3,488 ----a-w C:\WINDOWS\inf\OTHER\CMIAINFO.SYS
2002-07-26 16:02 153,088 ----a-w C:\Program Files\UNWISE.EXE
2006-04-23 00:11 8,456 --sha-w C:\WINDOWS\SYSTEM32\KGyGaAvL.sys
.

((((((((((((((((((((((((((((( snapshot@2008-01-02_ 3.52.51,17 )))))))))))))))))))))))))))))))))))))))))
.
+ 2008-01-04 02:45:18 45,056 ----a-w C:\WINDOWS\BDOSCAN8\avxdisk.dll
+ 2008-01-04 02:45:18 10,240 ----a-w C:\WINDOWS\BDOSCAN8\avxs.dll
+ 2008-01-04 02:45:18 27,136 ----a-w C:\WINDOWS\BDOSCAN8\avxt.dll
+ 2008-01-04 02:45:23 181,760 ----a-w C:\WINDOWS\BDOSCAN8\bdcore.dll
+ 2007-10-25 09:26:48 118,784 ----a-w C:\WINDOWS\BDOSCAN8\bdupd.dll
+ 2007-10-25 09:26:48 53,248 ----a-w C:\WINDOWS\BDOSCAN8\ipsupd.dll
+ 2008-01-04 02:45:24 142,848 ----a-w C:\WINDOWS\BDOSCAN8\libfn.dll
+ 2008-01-04 02:45:19 86,016 ----a-w C:\WINDOWS\BDOSCAN8\librtvr.dll
+ 2007-10-25 09:26:48 118,784 ----a-w C:\WINDOWS\Downloaded Program Files\bdupd.dll
+ 2007-10-25 09:26:48 53,248 ----a-w C:\WINDOWS\Downloaded Program Files\ipsupd.dll
+ 2004-07-15 00:49:16 258,048 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\SHADOW1288\_aspnet_isapi.dll
+ 2004-07-14 23:32:22 81,920 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\SHADOW1288\_CORPerfMonExt.dll
+ 2004-07-14 23:24:30 282,624 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\SHADOW1288\_fusion.dll
+ 2004-07-14 23:25:06 315,392 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\SHADOW1288\_mscorjit.dll
+ 2004-07-15 13:29:02 2,138,112 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\SHADOW1288\_mscorlib.dll
+ 2003-02-20 18:09:18 77,824 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\SHADOW1288\_mscorsn.dll
+ 2004-07-14 23:26:52 2,510,848 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\SHADOW1288\_mscorsvr.dll
+ 2004-07-14 23:28:34 2,502,656 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\SHADOW1288\_mscorwks.dll
+ 2003-02-21 03:42:22 348,160 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\SHADOW1288\_msvcr71.dll
+ 2004-07-14 23:34:50 94,208 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\SHADOW1288\_PerfCounter.dll
+ 2004-07-15 00:49:16 258,048 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\SHADOW3372\_aspnet_isapi.dll
+ 2004-07-14 23:32:22 81,920 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\SHADOW3372\_CORPerfMonExt.dll
+ 2004-07-14 23:24:30 282,624 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\SHADOW3372\_fusion.dll
+ 2004-07-14 23:25:06 315,392 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\SHADOW3372\_mscorjit.dll
+ 2004-07-15 13:29:02 2,138,112 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\SHADOW3372\_mscorlib.dll
+ 2003-02-20 18:09:18 77,824 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\SHADOW3372\_mscorsn.dll
+ 2004-07-14 23:26:52 2,510,848 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\SHADOW3372\_mscorsvr.dll
+ 2004-07-14 23:28:34 2,502,656 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\SHADOW3372\_mscorwks.dll
+ 2003-02-21 03:42:22 348,160 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\SHADOW3372\_msvcr71.dll
+ 2004-07-14 23:34:50 94,208 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\SHADOW3372\_PerfCounter.dll
.
-- Snapshot reset to current date --
.
((((((((((((((((((((((((((((((((( Point de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
REGEDIT4
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\SlowFile Icon Overlay]
@={7D688A77-C613-11D0-999B-00C04FD655E1}

[HKEY_CLASSES_ROOT\CLSID\{7D688A77-C613-11D0-999B-00C04FD655E1}]
2007-10-25 17:56 8510976 --a------ C:\WINDOWS\SYSTEM32\SHELL32.DLL

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-19 16:09 15360]
"MSMSGS"="C:\Program Files\Messenger\msmsgs.exe" [2004-10-13 17:24 1694208]
"swg"="C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe" [2007-01-27 21:18 171448]
"Shareaza"="C:\Program Files\Shareaza\Shareaza.exe" [2005-10-27 18:44 3887104]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SystemTray"="SysTray.Exe" [2001-09-28 12:00 3072 C:\WINDOWS\SYSTEM32\systray.exe]
"Cmaudio"="cmicnfg.cpl" []
"QuickTime Task"="C:\WINDOWS\system32\qttask.exe" [2006-03-13 01:38 98304]
"OpwareSE2"="C:\Program Files\ScanSoft\OmniPageSE2.0\OpwareSE2.exe" [2003-05-08 12:00 49152]
"HP Component Manager"="C:\Program Files\HP\hpcoretech\hpcmpmgr.exe" [2004-05-12 15:18 241664]
"LogitechVideoRepair"="C:\Program Files\Logitech\Video\ISStart.exe" [2004-02-12 16:57 188416]
"LogitechVideoTray"="C:\Program Files\Logitech\Video\LogiTray.exe" [2004-02-12 16:59 77824]
"USB2Check"="C:\WINDOWS\system32\PCLECoInst.dll" [2004-04-06 19:05 61440]
"USBToolTip"="C:\Program Files\Pinnacle\Shared Files\Programs\USBTip\USBTip.exe" [2004-04-23 11:00 192512]
"systemtask"="C:\Documents and Settings\bob\~flx.exe" [2006-06-13 00:16 17920]
"OFFICEKB"="C:\Program Files\Trust\DS-3300X Wireless Optical Deskset\Keyboard\kbdap32a.EXE" [2006-08-06 20:01 399872]
"FLMOFFICE4DMOUSE"="C:\Program Files\Trust\DS-3300X Wireless Optical Deskset\Mouse\mouse32a.exe" [2006-08-06 20:01 370176]
"ATIPTA"="C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe" [2004-06-10 21:10 339968]
"AVP"="C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe" [2006-11-08 18:28 155751]
"Sony Ericsson PC Suite"="C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe" [2005-10-26 15:17 159744]
"ZoneAlarm Client"="C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe" [2007-03-09 00:02 919280]
"NeroFilterCheck"="C:\WINDOWS\system32\NeroCheck.exe" [2001-07-09 09:50 155648]
"!AVG Anti-Spyware"="C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" [2007-06-11 10:25 6731312]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\System32\CTFMON.EXE" [2004-08-19 16:09 15360]

C:\Documents and Settings\All Users\Menu D‚marrer\Programmes\D‚marrage\
Adobe Gamma Loader.exe.lnk - C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe [2007-01-28 21:55:51]
Lancement rapide d'Adobe Reader.lnk - C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe [2005-09-24 07:05:26]
Microsoft Office.lnk - C:\Program Files\Microsoft Office\Office10\OSA.EXE [2001-02-13 09:01:04]
VIA RAID TOOL.lnk - C:\Program Files\VIA\RAID\raid_tool.exe [2006-03-12 20:46:58]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=95.dll

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\updateMgr]
C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe AcRdB7_0_8

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\setup\disabledrunkeys]
"LoadPowerProfile"=Rundll32.exe powrprof.dll,LoadCurrentPwrScheme

R0 viamraid;viamraid;C:\WINDOWS\system32\DRIVERS\viamraid.sys [2004-03-29 06:45]
R1 UdfReadr;UdfReadr;C:\WINDOWS\system32\drivers\UdfReadr.sys [2003-07-19 02:22]
S3 BTNetFilter;Bluetooth Network Filter;C:\WINDOWS\system32\drivers\BTNetFilter.sys [2004-12-16 16:32]
S3 ids00026;ids00026;C:\Documents and Settings\All Users\Application Data\Kaspersky Anti-Virus Personal\5.0\bases\ids00026.sys []
S3 ids00118;ids00118;C:\Documents and Settings\All Users\Application Data\Kaspersky Anti-Virus Personal\5.0\bases\ids00118.sys []
S3 ids0014f;ids0014f;C:\Documents and Settings\All Users\Application Data\Kaspersky Anti-Virus Personal\5.0\bases\ids0014f.sys []
S3 ids0015d;ids0015d;C:\Documents and Settings\All Users\Application Data\Kaspersky Anti-Virus Personal\5.0\bases\ids0015d.sys []
S3 ids00180;ids00180;C:\Documents and Settings\All Users\Application Data\Kaspersky Anti-Virus Personal\5.0\bases\ids00180.sys []
S3 MTK;Media Technology Kernel Driver;C:\WINDOWS\system32\Drivers\mtk.sys []
S3 siusbmod;siusbmod;C:\WINDOWS\system32\DRIVERS\siusbmod.sys [2005-07-28 15:20]
S3 w200bus;Sony Ericsson W200 driver (WDM);C:\WINDOWS\system32\DRIVERS\w200bus.sys [2006-11-07 08:42]
S3 w200mdfl;Sony Ericsson W200 USB WMC Modem Filter;C:\WINDOWS\system32\DRIVERS\w200mdfl.sys [2006-11-07 08:42]
S3 w200mdm;Sony Ericsson W200 USB WMC Modem Driver;C:\WINDOWS\system32\DRIVERS\w200mdm.sys [2006-11-07 08:42]
S3 w200mgmt;Sony Ericsson W200 USB WMC Device Management Drivers (WDM);C:\WINDOWS\system32\DRIVERS\w200mgmt.sys [2006-11-07 08:42]
S3 w200obex;Sony Ericsson W200 USB WMC OBEX Interface;C:\WINDOWS\system32\DRIVERS\w200obex.sys [2006-11-07 08:42]


[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\jÿ:¢ò‘‘ÍD™D³àÌõò`ñtÆÒ´®~ü$½é.:´>|!=² ^I-×Å'5ØäMW—¿žMy\÷Ɇïùb¯]ܾbc¶¿¨^3œÕ:y\M¨Ñ…ö”tS~r”h ´M]
´M 2

[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\jÿ:¢ò‘‘ÍD™D³àÌõò`ñtÆÒ´®~ü$½é.:´>|!=² ^I-×Å'5ØäMW—¿žMy\÷Ɇïùb¯]ܾbc¶¿¨^3œÕ:y\M¨Ñ…ö”tS~r”h ´MADDINGPADDINGXXPC:\WINDOWS\¯]ܾbc¶¿¨^3œÕ:y\M¨Ñ…ö”tS~r”h ´M]
´M 2

[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{1AD6330D-6B1B-6C6B-1E4B-46A3B733E1D7}]
C:\WINDOWS\Wininit.exe 2

[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{1CDAD24E-8DA5-4AE3-8BC7-2CAD5AAE5BEB}]
C:\WINDOWS\Wininit.exe 2
.
Contenu du dossier 'Scheduled Tasks/Tâches planifiées'
"2008-01-02 22:00:00 C:\WINDOWS\Tasks\Démarrage du programme de réglages.job"
.
**************************************************************************

catchme 0.3.1333 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-01-04 17:21:28
Windows 5.1.2600 Service Pack 2 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

HKLM\Software\Microsoft\Windows\CurrentVersion\Run
systemtask = C:\Documents and Settings\bob\~flx.exe???e@??e@??>?????????????????????????????????????????????????

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
Completion time: 2008-01-04 17:24:09
C:\qoobox\ComboFix-quarantined-files.txt 2008-01-04 16:24:00
C:\qoobox\ComboFix2.txt 2008-01-02 02:53:45
.
2008-01-04 02:01:48 --- E O F ---
0
Réponse 13 / 16
sally9 Messages postés 9 Date d'inscription lundi 31 décembre 2007 Statut Membre Dernière intervention 5 janvier 2008
4 janv. 2008 à 17:38
Et maintenant le rapport Hijackthis :

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 17:34:43, on 04/01/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\SYSTEM32\ZoneLabs\vsmon.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\RunDll32.exe
C:\WINDOWS\system32\qttask.exe
C:\Program Files\ScanSoft\OmniPageSE2.0\OpwareSE2.exe
C:\Program Files\HP\hpcoretech\hpcmpmgr.exe
C:\Program Files\Logitech\Video\LogiTray.exe
C:\Program Files\Pinnacle\Shared Files\Programs\USBTip\USBTip.exe
C:\Program Files\Trust\DS-3300X Wireless Optical Deskset\Keyboard\kbdap32a.EXE
C:\Program Files\Trust\DS-3300X Wireless Optical Deskset\Mouse\mouse32a.exe
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe
C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
C:\Program Files\VIA\RAID\raid_tool.exe
C:\WINDOWS\system32\LVComS.exe
C:\Program Files\Fichiers communs\Teleca Shared\CapabilityManager.exe
C:\Program files\internet explorer\iexplore.exe
C:\Program files\internet explorer\iexplore.exe
C:\Program files\internet explorer\iexplore.exe
C:\Program files\internet explorer\iexplore.exe
C:\Program files\internet explorer\iexplore.exe
C:\Program Files\Fichiers communs\Teleca Shared\Generic.exe
C:\Program Files\Sony Ericsson\Mobile2\Mobile Phone Monitor\epmworker.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\internet explorer\iexplore.exe
C:\WINDOWS\explorer.exe
C:\Documents and Settings\bob\Bureau\Nouveau dossier (3)\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\SYSTEM\blank.htm
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.update.microsoft.com/windowsupdate/v6/default.aspx
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O1 - Hosts: 1
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\SPYBOT~1\SDHelper.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar5.dll
O3 - Toolbar: Easy-WebPrint - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:\Program Files\Canon\Easy-WebPrint\Toolband.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar5.dll
O4 - HKLM\..\Run: [SystemTray] SysTray.Exe
O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd
O4 - HKLM\..\Run: [QuickTime Task] "C:\WINDOWS\system32\qttask.exe" -atboottime
O4 - HKLM\..\Run: [OpwareSE2] "C:\Program Files\ScanSoft\OmniPageSE2.0\OpwareSE2.exe"
O4 - HKLM\..\Run: [HP Component Manager] "C:\Program Files\HP\hpcoretech\hpcmpmgr.exe"
O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe
O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe
O4 - HKLM\..\Run: [USB2Check] RUNDLL32.EXE "C:\WINDOWS\system32\PCLECoInst.dll",CheckUSBController
O4 - HKLM\..\Run: [USBToolTip] "C:\Program Files\Pinnacle\Shared Files\Programs\USBTip\USBTip.exe"
O4 - HKLM\..\Run: [systemtask] C:\Documents and Settings\bob\~flx.exe
O4 - HKLM\..\Run: [OFFICEKB] C:\Program Files\Trust\DS-3300X Wireless Optical Deskset\Keyboard\kbdap32a.EXE
O4 - HKLM\..\Run: [FLMOFFICE4DMOUSE] C:\Program Files\Trust\DS-3300X Wireless Optical Deskset\Mouse\mouse32a.exe
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [AVP] "C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe"
O4 - HKLM\..\Run: [Sony Ericsson PC Suite] "C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe" /startoptions
O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [Shareaza] "C:\Program Files\Shareaza\Shareaza.exe" -tray
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Adobe Gamma Loader.exe.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: VIA RAID TOOL.lnk = C:\Program Files\VIA\RAID\raid_tool.exe
O8 - Extra context menu item: Add to Windows &Live Favorites - https://onedrive.live.com/?id=favorites
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: Easy-WebPrint Ajouter à la liste d'impressions - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_AddToList.html
O8 - Extra context menu item: Easy-WebPrint Impression rapide - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_HSPrint.html
O8 - Extra context menu item: Easy-WebPrint Imprimer - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_Print.html
O8 - Extra context menu item: Easy-WebPrint Prévisualiser - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_Preview.html
O9 - Extra button: Antivirus Internet - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\scieplugin.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - https://www.kaspersky.fr/?domain=webscanner.kaspersky.fr
O16 - DPF: {112857FE-03FF-11D5-9A3F-0080C8D85044} (GameDesire Solitaires) - http://67.15.101.3/g_bin/eng/solitaire_2_0_0_27.cab
O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab31267.cab
O16 - DPF: {1A781DED-C22D-4153-3213-A3211E29DF13} (GameDesire Card Games) - http://67.15.101.3/g_bin/eng/cards_2_0_0_74.cab
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab
O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab31267.cab
O16 - DPF: {41ACD49D-1974-791A-0981-AA9872721044} (Ganymede Board Games) - http://67.15.101.33/g_bin/eng/boards_2_0_0_35.cab
O16 - DPF: {4B4513E2-4E57-43DF-9496-FCD37E9DFA64} (GameDesire Sea Battle) - http://67.15.101.3/g_bin/eng/navy_2_0_0_26.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://by117w.bay117.mail.live.com/mail/resources/MsnPUpld.cab
O16 - DPF: {5C051655-FCD5-4969-9182-770EA5AA5565} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown.cab56986.cab
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.cab
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scan8/oscan8.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/...
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
O16 - DPF: {917623D1-D8E5-11D2-BE8B-00104B06BDE3} (CamImage Class) - http://webcam.asf.fr/AxisCamControl.ocx
O16 - DPF: {A1FE3DE0-CF77-11D4-8340-0080C8D7ED4A} (GameDesire Pinball Demon) - http://67.15.101.3/g_bin/eng/demon_2_0_0_22.cab
O16 - DPF: {A1FE3DEF-CF77-11D4-8340-0080C8D7ED4A} (GameDesire Pinball Pirate) - http://67.15.101.3/g_bin/eng/pirate_2_0_0_22.cab
O16 - DPF: {A6212120-01D4-11D5-9A39-0080C8D85044} (GameDesire Slots 70th) - http://67.15.101.3/g_bin/eng/slots70_2_0_0_26.cab
O16 - DPF: {A7196C8E-35A5-4FF0-9E46-E28918B5CAF6} (GameDesire Domino) - http://67.15.101.3/g_bin/eng/domino_2_0_0_28.cab
O16 - DPF: {A854AD6D-6DB5-41FB-8044-0BD38092A007} (Ganymede Sudoku) - http://67.15.101.3/g_bin/eng/sudoku_2_0_0_12.cab
O16 - DPF: {A9ED6AA2-D9D4-4D71-9586-E293E2E3580B} (GameDesire Marbles&Diamonds&Runes) - http://67.15.101.3/g_bin/eng/marbles_2_0_0_31.cab
O16 - DPF: {AC120B1D-9411-4111-AF52-118052D85D45} (GameDesire Darts Games) - http://67.15.101.3/g_bin/eng/darts_2_0_0_39.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://messenger.zone.msn.com/binary/ZIntro.cab32846.cab
O16 - DPF: {BD8667B7-38D8-4C77-B580-18C3E146372C} (Creative Toolbox Plug-in) - http://bmm.imgag.com/imgag/cp/install/crusher-fr.cab
O16 - DPF: {BFA1F11D-3121-AFE1-4112-983219421AEF} (GameDesire 1Player Word Games) - http://67.15.101.3/g_bin/eng/wordssingle_2_0_0_40.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {C45B1500-7B63-47C2-AB25-C28CB46AFDEE} (M6music player) - http://sib1.od2.com/common/musicmanager/installation/MusicManagerPlugin.CAB
O16 - DPF: {E1342154-4889-42B5-BEF6-19237577048F} (OberongamesLoader Object) - http://msnfr.oberon-media.com/online2/MSN_INTL_FRANCE/zuma/oberongamesloader.cab
O16 - DPF: {E23FABEE-12E3-33DA-DA12-195DAC123984} (GameDesire Mahjong) - http://67.15.101.3/g_bin/eng/mahjong_2_0_0_23.cab
O16 - DPF: {F6BF0D00-0B2A-4A75-BF7B-F385591623AF} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown.cab31267.cab
O16 - DPF: {FDDBE2B8-6602-4AD8-946D-94C5A32FA6C1} (GameDesire Pool 8) - http://67.15.101.3/g_bin/eng/billard8_2_0_0_35.cab
O16 - DPF: {FDDBE2B8-6602-4AD8-946D-94C5A32FA6C5} (GameDesire Snooker) - http://67.15.101.3/g_bin/eng/snooker_2_0_0_24.cab
O20 - AppInit_DLLs: 95.dll
O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\SYSTEM32\ati2sgag.exe
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: Kaspersky Anti-Virus 6.0 (AVP) - Kaspersky Lab - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\SYSTEM32\ZoneLabs\vsmon.exe
0
Réponse 14 / 16
Regis59 Messages postés 21143 Date d'inscription mardi 27 juin 2006 Statut Contributeur sécurité Dernière intervention 22 juin 2016 1 320
4 janv. 2008 à 18:51
OK.

Ouvre le bloc note et copie/colle ceci: 

REGEDIT4

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=-



Puis enregistrer sous et dans:
Nom du fichier, met bureau.reg
Type : sélectionne "tous les fichiers"
clique sur enregistrer

Execute le et accepte la fusion avec le registre

Ou en sont tes soucis?

A+
0
Réponse 15 / 16
sally9 Messages postés 9 Date d'inscription lundi 31 décembre 2007 Statut Membre Dernière intervention 5 janvier 2008
5 janv. 2008 à 06:19
Re,

J'ai fait ce que tu m'as dit, mais quand je demarre mon pc j'ai toujours la page internet de pub "les secrets du net pour gagner de l'argent" qui s'ouvre automatiquement toute seule, je ne comprends pas. Je te remercie du temps que tu as donné pour moi jusqu'a maintenant, as-tu une autre solution pour ce problème ? En plus mon ordi est un peu plus lent que d'habitude et quand je surfe sur internet la fenetre se ferme et me demande d'envoyer un rapport parce que internet explorer à rencontrer un problème et doit fermer et donc je perds la connexion vers le site ou j'étais.

Merci Regis59 de ton aide

A+
0
Réponse 16 / 16
Regis59 Messages postés 21143 Date d'inscription mardi 27 juin 2006 Statut Contributeur sécurité Dernière intervention 22 juin 2016 1 320
5 janv. 2008 à 17:53
Salut

Remet un Hijackthis, on va regarder les activeX.

A+
0

Discussions similaires

Prélèvement Google Ireland Limited
jaffa1961 -
gill34051 -

32 réponses