khorneus

un énorme merci a toi rien n'est apparu depuis les dernieres manipulation. Merci encore

bon j'ai fait ce matin avant de partir au taf ce que tu m'as dis, normalement tout a été enlevé.... j'ai relancé un scan avant de partir avec "antivir", et ma charmante petite femme m'a appélé pour me dire que "no virus found".... par contre il me semble qu'il se developais dans le dossier "C:\Documents and Settings\khorne\Local Settings\Temp" sous deux type different, une serie sta93.exe (par exemple) et un autre fichier "dll", et ce matin lle fichier dll etait toujours présent et non detecté come un virus.... j'en saurais plus ce soir en rentrant et je post la réponse en arrivant, un grand merci en tout cas pour la patience et le serieux des réponses et à l'aide apporté

Le volume dans le lecteur C n'a pas de nom. Le num‚ro de s‚rie du volume est 1930-08D3 R‚pertoire de C:\Program Files 29/05/2003 01:01 <REP> . 29/05/2003 01:01 <REP> .. 29/05/2003 01:01 <REP> NetMeeting 28/05/2003 19:35 <REP> MSI 29/05/2003 01:01 <REP> PLUS! 29/05/2003 01:01 <REP> Movie Maker 29/05/2003 16:30 <REP> 3DO 29/05/2003 01:07 <REP> SERVIC~1 31/05/2003 15:04 <REP> EUROTOOL 29/05/2003 01:01 <REP> Messenger 29/05/2003 01:01 <REP> Accessoires 29/05/2003 01:01 <REP> Fichiers communs 29/05/2003 01:01 <REP> Internet Explorer 29/05/2003 01:01 <REP> Outlook Express 29/05/2003 01:01 <REP> Windows Media Player 29/05/2003 01:08 <REP> MSN Gaming Zone 28/05/2003 19:36 <REP> directx 15/05/2006 22:28 <REP> HijackThis 19/06/2003 19:34 <REP> WinRAR 28/05/2003 19:44 <REP> Adobe 25/03/2006 13:11 <REP> error pile 22/11/2005 19:15 <REP> AOL 10/06/2003 21:15 <REP> MSXML 4.0 29/05/2003 00:20 <REP> Real 29/05/2003 00:20 <REP> Viewpoint 05/09/2005 21:23 <REP> Winamp 29/05/2003 16:26 <REP> Acdsee5.0 29/05/2003 14:30 <REP> Canon 29/05/2003 14:39 <REP> QuickTime 06/12/2005 19:16 <REP> Audible 19/06/2003 20:41 <REP> Ahead 31/05/2003 14:42 <REP> Common Files 28/05/2003 19:40 <REP> E-Color 22/01/2006 18:24 <REP> Roxio 28/01/2006 19:09 <REP> MUSICMATCH 29/01/2006 10:26 <REP> Eidos 31/05/2003 17:51 <REP> Microsoft Hardware 31/01/2006 18:29 <REP> TrackMania Nations ESWC 01/02/2006 20:51 <REP> Triggersoft 04/06/2003 18:50 <REP> Nullsoft 24/02/2006 20:04 <REP> Paint.NET 09/06/2003 17:24 <REP> Microsoft Games 27/03/2006 18:17 <REP> MSN Toolbar Suite 24/04/2006 00:45 <REP> Spybot - Search & Destroy 23/06/2003 22:53 <REP> MSN Messenger 15/05/2006 22:59 <REP> AntiVir PersonalEdition Classic 24/06/2003 19:56 <REP> Windows NT 24/06/2003 19:56 <REP> MSN 24/06/2003 19:57 <REP> Services en ligne 24/06/2003 20:08 <REP> microsoft frontpage 24/06/2003 20:08 <REP> xerox 25/06/2003 20:01 <REP> DivX 25/06/2003 23:40 <REP> Kerio 26/06/2003 21:16 <REP> Logitech 06/07/2003 11:47 <REP> Creative 20/08/2003 20:27 <REP> KB823980Scan 24/08/2003 01:54 <REP> Windows Journal Viewer 30/08/2003 23:23 <REP> MyWay 01/09/2003 21:52 <REP> Grisoft 01/10/2003 22:16 <REP> cameraware 13/10/2003 20:23 <REP> Google 20/10/2003 11:27 <REP> DesignPro 25/10/2003 18:03 <REP> Microsoft Office 25/10/2003 18:03 <REP> Microsoft.NET 25/10/2003 18:05 <REP> Microsoft Visual Studio 25/10/2003 19:41 210 INSTALL.LOG 25/10/2003 21:23 <REP> Warcraft III 28/10/2003 22:14 <REP> WinZip 19/11/2003 18:46 <REP> Webteh 19/11/2003 18:57 <REP> AVIcodec 06/01/2004 21:05 <REP> K-Lite Codec Pack 20/01/2004 21:01 <REP> ATI Technologies 21/01/2004 20:08 <REP> InterVideo 25/02/2004 12:32 <REP> HighMAT CD Writing Wizard 31/03/2004 10:51 <REP> EZFace 21/04/2004 14:39 <REP> ACD Systems 06/05/2004 21:03 <REP> DV 3100 Driver 18/05/2004 00:36 <REP> TechCity Solutions 18/05/2004 00:42 <REP> AOL Toolbar 18/05/2004 00:42 <REP> Learn2.com 20/05/2004 13:12 <REP> CyberLink 22/05/2004 12:46 <REP> Java 05/06/2004 11:58 <REP> AOL Compagnon 05/06/2004 12:42 <REP> AOL 9.0 16/07/2004 01:29 <REP> eMule 25/07/2004 16:24 <REP> Shareaza 13/08/2004 19:11 <REP> Yahoo! 06/10/2004 19:01 <REP> AnalogX 22/10/2004 11:25 <REP> BeWAN ADSL V1.9.0.7 08/11/2004 21:03 <REP> Wolfenstein - Enemy Territory 11/12/2004 23:36 <REP> Fox 31/12/2004 11:51 <REP> ETtools 05/02/2005 21:17 <REP> THQ 20/02/2005 11:22 <REP> Mozilla Firefox 25/02/2005 00:27 <REP> World of Warcraft 27/02/2005 13:25 <REP> WowCartographe 16/03/2005 22:50 <REP> Prassi PrimoCD Plus 2.0 (French) 1 fichier(s) 210 octets 96 R‚p(s) 11ÿ227ÿ332ÿ608 octets libres Le volume dans le lecteur C n'a pas de nom. Le num‚ro de s‚rie du volume est 1930-08D3 R‚pertoire de C:\Program Files\fichiers communs 29/05/2003 01:01 <REP> . 29/05/2003 01:01 <REP> .. 29/05/2003 01:06 <REP> SYSTEM 29/05/2003 01:08 <REP> SERVICES 28/05/2003 19:13 <REP> InstallShield 29/05/2003 01:01 <REP> Microsoft Shared 28/05/2003 19:44 <REP> Adobe 29/05/2003 00:20 <REP> Real 29/05/2003 00:39 <REP> Logitech 29/05/2003 16:30 <REP> 3DO Shared 29/05/2003 18:49 <REP> Adaptec Shared 04/06/2003 18:48 <REP> AOL 18/06/2003 22:40 <REP> KAV Shared Files 24/06/2003 19:51 <REP> SpeechEngines 24/06/2003 19:58 <REP> MSSoap 25/10/2003 18:05 <REP> DESIGNER 21/04/2004 14:39 <REP> ACD Systems 18/05/2004 00:41 <REP> Nullsoft 22/05/2004 12:44 <REP> Java 02/06/2004 20:04 <REP> jndfajnp 05/06/2004 11:49 <REP> aolback 05/06/2004 11:56 <REP> aolshare 25/02/2005 00:59 <REP> Blizzard Entertainment 13/09/2005 19:23 <REP> NSV 09/10/2005 19:35 <REP> ODBC 22/11/2005 19:17 <REP> Scanner 06/12/2005 19:15 <REP> xing shared 0 fichier(s) 0 octets 27 R‚p(s) 11ÿ227ÿ332ÿ608 octets libres Le volume dans le lecteur C n'a pas de nom. Le num‚ro de s‚rie du volume est 1930-08D3 R‚pertoire de C:\Program Files\common files 31/05/2003 14:42 <REP> . 31/05/2003 14:42 <REP> .. 24/02/2005 22:41 <REP> Nullsoft 0 fichier(s) 0 octets 3 R‚p(s) 11ÿ227ÿ332ÿ608 octets libres Le volume dans le lecteur C n'a pas de nom. Le num‚ro de s‚rie du volume est 1930-08D3 R‚pertoire de C:\ 08/11/2004 21:07 49ÿ891 Uninstal.exe 1 fichier(s) 49ÿ891 octets 0 R‚p(s) 11ÿ227ÿ332ÿ608 octets libres c:\Documents and Settings\All Users\Application Data\AOL\C_AOL 9.0\xpsp2FRfix\cswitch.exe c:\Documents and Settings\All Users\Application Data\AOL\C_AOL 9.0\xpsp2FRfix\ipchecking.exe c:\Documents and Settings\All Users\Application Data\AOL\C_AOL 9.0\xpsp2FRfix\WindowsXP-KB885295-x86-fra.exe c:\Documents and Settings\All Users\Application Data\AOL\C_AOL 9.0\MediaPlayer\setup.exe c:\Documents and Settings\All Users\Application Data\AOL\C_AOL 9.0\AMP\ampx.exe c:\Documents and Settings\All Users\Application Data\AOL\C_AOL 9.0\ASP_FR\aspsetup_fr.exe c:\Documents and Settings\All Users\Application Data\AOL\UserProfiles\All Users\antiSpyware\dat\PPClean.exe c:\Documents and Settings\All Users\Application Data\Barb16BendMpeg\Active Part.exe c:\Documents and Settings\All Users\Application Data\Barb16BendMpeg\DUPE GPL.exe c:\Documents and Settings\All Users\Application Data\Barb16BendMpeg\Each does.exe c:\Documents and Settings\All Users\Application Data\Barb16BendMpeg\less eggs.exe c:\Documents and Settings\All Users\Application Data\Barb16BendMpeg\scr grid.exe c:\Documents and Settings\Khorne\War3TFT_117a_English.exe c:\Documents and Settings\Khorne\Local Settings\Temporary Internet Files\Content.IE5\8XUR8P67\setpoint247fra[1].exe c:\Documents and Settings\Khorne\Mes documents\WoW-1.5.1.4449-to-1.6.0-frFR-patch.exe c:\Documents and Settings\Khorne\Mes documents\Ma musique\divers metal\Converted Music\Pack dBpowerAMP Music Converter 9a (WMA, WAV, MP3, OGG, APE, mp3PRO, RA\Pack dBpowerAMP [by Gongor]\dBpowerAMP-codec-MonkeysAudio.exe c:\Documents and Settings\Khorne\Mes documents\Ma musique\divers metal\Converted Music\Pack dBpowerAMP Music Converter 9a (WMA, WAV, MP3, OGG, APE, mp3PRO, RA\Pack dBpowerAMP [by Gongor]\dBpowerAMP-codec-mp3PRO-decoder.exe c:\Documents and Settings\Khorne\Mes documents\Ma musique\divers metal\Converted Music\Pack dBpowerAMP Music Converter 9a (WMA, WAV, MP3, OGG, APE, mp3PRO, RA\Pack dBpowerAMP [by Gongor]\dBpowerAMP-codec-ogg.exe c:\Documents and Settings\Khorne\Mes documents\Ma musique\divers metal\Converted Music\Pack dBpowerAMP Music Converter 9a (WMA, WAV, MP3, OGG, APE, mp3PRO, RA\Pack dBpowerAMP [by Gongor]\dBpowerAMP-codec-ra.exe c:\Documents and Settings\Khorne\Mes documents\Ma musique\divers metal\Converted Music\Pack dBpowerAMP Music Converter 9a (WMA, WAV, MP3, OGG, APE, mp3PRO, RA\Pack dBpowerAMP [by Gongor]\dBpowerAMP-codec-wmav8.exe c:\Documents and Settings\Khorne\Mes documents\Ma musique\divers metal\Converted Music\Pack dBpowerAMP Music Converter 9a (WMA, WAV, MP3, OGG, APE, mp3PRO, RA\Pack dBpowerAMP [by Gongor]\dbpoweramp-encoder-ra.exe c:\Documents and Settings\Khorne\Mes documents\Ma musique\divers metal\Converted Music\Pack dBpowerAMP Music Converter 9a (WMA, WAV, MP3, OGG, APE, mp3PRO, RA\Pack dBpowerAMP [by Gongor]\dMC-Mp3-MP3PRO-Encoder-CLI.exe c:\Documents and Settings\Khorne\Mes documents\Ma musique\divers metal\Converted Music\Pack dBpowerAMP Music Converter 9a (WMA, WAV, MP3, OGG, APE, mp3PRO, RA\Pack dBpowerAMP [by Gongor]\dMC-PowerPack.exe c:\Documents and Settings\Khorne\Mes documents\Ma musique\divers metal\Converted Music\Pack dBpowerAMP Music Converter 9a (WMA, WAV, MP3, OGG, APE, mp3PRO, RA\Pack dBpowerAMP [by Gongor]\dMC-r9.exe c:\Documents and Settings\Khorne\Mes documents\drivers\DirectX9\dxsetup.exe c:\Documents and Settings\Khorne\Mes documents\emulateur\WinKawaks.exe c:\Documents and Settings\Khorne\Mes documents\emulateur\PS1\ePSXe.exe c:\Documents and Settings\Khorne\Mes documents\WinLSD\$OEM$\$$\msconfig.exe c:\Documents and Settings\Khorne\Mes documents\WinLSD\$OEM$\$$\REG\Fav.exe c:\Documents and Settings\Khorne\Mes documents\WinLSD\$OEM$\$$\System32\sndvol32.exe c:\Documents and Settings\Khorne\Mes documents\WinLSD\I386\AUTOCHK.EXE c:\Documents and Settings\Khorne\Mes documents\WinLSD\I386\AUTOFMT.EXE c:\Documents and Settings\Khorne\Mes documents\WinLSD\I386\EXPAND.EXE c:\Documents and Settings\Khorne\Mes documents\WinLSD\I386\faxpatch.exe c:\Documents and Settings\Khorne\Mes documents\WinLSD\I386\NETSETUP.EXE c:\Documents and Settings\Khorne\Mes documents\WinLSD\I386\NTSD.EXE c:\Documents and Settings\Khorne\Mes documents\WinLSD\I386\REGEDIT.EXE c:\Documents and Settings\Khorne\Mes documents\WinLSD\I386\spnpinst.exe c:\Documents and Settings\Khorne\Mes documents\WinLSD\I386\SYSPARSE.EXE c:\Documents and Settings\Khorne\Mes documents\WinLSD\I386\TELNET.EXE c:\Documents and Settings\Khorne\Mes documents\WinLSD\I386\SYSTEM32\SMSS.EXE c:\Documents and Settings\Khorne\Mes documents\Mes fichiers re‡us\adpab.exe c:\Documents and Settings\Khorne\Mes documents\Mes fichiers re‡us\creative\LiveDrvPack.exe c:\Documents and Settings\Khorne\Mes documents\Mes fichiers re‡us\creative\MiniDisc1_01_15.exe c:\Documents and Settings\Khorne\Mes documents\Mes fichiers re‡us\creative\PlayCenter3_02_52.exe c:\Documents and Settings\Khorne\Mes documents\Mes fichiers re‡us\creative\Recorder2_00_31.exe c:\Documents and Settings\Khorne\Mes documents\Mes fichiers re‡us\creative\Remote1_40_26.exe c:\Documents and Settings\Khorne\Mes documents\Mes fichiers re‡us\DirectX9\dxsetup.exe c:\Documents and Settings\Khorne\Mes documents\imprimante\Disk0\_isdel.exe c:\Documents and Settings\Khorne\Mes documents\imprimante\Disk0\setup.exe c:\Documents and Settings\Khorne\Bureau\antivir_workstation_win7u_en_h.exe c:\Documents and Settings\Khorne\Bureau\PaintDotNet_2_61.exe c:\Documents and Settings\Khorne\Bureau\spybotsd14.exe c:\Documents and Settings\Khorne\Bureau\trackmania_nations_eswc.exe c:\Documents and Settings\Khorne\Bureau\translation_in_french.exe c:\Documents and Settings\Khorne\Bureau\winamp52_full_bundle_emusic-7plus.exe c:\Documents and Settings\Khorne\Application Data\error pile\azbyraoe.exe c:\Documents and Settings\Khorne\Application Data\error pile\blqosuvd.exe c:\Documents and Settings\Khorne\Application Data\error pile\ehglbsyh.exe c:\Documents and Settings\Khorne\Application Data\error pile\locksboobmodebows.exe c:\Documents and Settings\Khorne\Application Data\error pile\quwmfspt.exe c:\Documents and Settings\Khorne\Application Data\error pile\xznvgpxk.exe

cd \ dir "%PROGRAMFILES%" > c:\resultat.txt dir "%PROGRAMFILES%\fichiers communs\" >> c:\resultat.txt dir "%PROGRAMFILES%\common files\" >> c:\resultat.txt dir C:\*.exe >> c:\resultat.txt dir /a /s /o:n /b c:\*.exe |find "Documents" >> c:\resultat.txt notepad c:\resultat.txt

quand je clic sur ton lien "cmd" il m'ouvre un fichier texte j'avoue ne pas comprendre ce qu'il faut en faire (nood attitude certaines en informatique, par contre en cuisine aucun soucis^^), je t'invite a manger et tu t'occupe de ma bete qui clignote?

bonjour, je viens de nouveau demandé de l'aide suite a une premiere demande pour eliminer le trojan lop.d, ayant réaliser les premieres phases jusqu'a mettre dans mon rapport hijackthis....quelqun peut'il m'expliquer comment m'en debarrasser

bon, je suis pas doué ^^.........mais j'ai fini par réussir (je crois) Logfile of HijackThis v1.99.1 Scan saved at 22:30:16, on 15/05/2006 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\PROGRA~1\FICHIE~1\AOL\ACS\AOLACSD.EXE C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe C:\WINDOWS\System32\cisvc.exe C:\WINDOWS\System32\CTsvcCDA.exe C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE C:\WINDOWS\System32\svchost.exe C:\WINDOWS\wanmpsvc.exe C:\WINDOWS\System32\MsPMSPSv.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\Explorer.EXE C:\Program Files\ATI Technologies\ATI HydraVision\HydraDM.exe C:\WINDOWS\system32\CTHELPER.EXE C:\PROGRA~1\TECHCI~1\AOLSAV\AOLAgent.exe C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe C:\Program Files\Fichiers communs\AOL\ACS\AOLDial.exe C:\Program Files\ATI Technologies\ATI HydraVision\HydraMD.exe C:\Program Files\ATI Technologies\ATI.ACE\cli.exe C:\Program Files\QuickTime\qttask.exe C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Fichiers communs\AOL\1132683421\ee\AOLHostManager.exe C:\Program Files\Creative\TaskBar\CTLTask.exe C:\Program Files\Fichiers communs\AOL\1132683421\ee\AOLServiceHost.exe C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BackWeb-8876480.exe C:\Program Files\Messenger\msmsgs.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe C:\Program Files\AOL Compagnon\companion.exe C:\WINDOWS\system32\wscntfy.exe c:\program files\fichiers communs\aol\1132683421\ee\services\antiSpywareApp\ver2_0_12\AOLSP Scheduler.exe C:\Program Files\Fichiers communs\AOL\1132683421\ee\AOLServiceHost.exe C:\Program Files\ATI Technologies\ATI.ACE\cli.exe C:\WINDOWS\system32\cidaemon.exe C:\Program Files\HijackThis\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.benvuofgjwnqwmfohzguhrw.com/Y9q...2YHpErKSxK.html R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://g.msn.fr/0SEFRFR/SAOS01?FORM=TOOLBR R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.yahoo.com R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://g.msn.fr/0SEFRFR/SAOS01?FORM=TOOLBR R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll O2 - BHO: (no name) - {959D15FD-285C-EB86-3676-310080FC6835} - C:\DOCUME~1\Khorne\APPLIC~1\DOWNLO~1\axis team.exe (file missing) O2 - BHO: Barre d'outils MSN Search Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Toolbar Suite\TB\02.05.0000.1105\fr-fr\msntb.dll O3 - Toolbar: AOL Toolbar - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - C:\Program Files\AOL Toolbar\toolbar.dll O3 - Toolbar: Barre d'outils MSN Search - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Toolbar Suite\TB\02.05.0000.1105\fr-fr\msntb.dll O4 - HKLM\..\Run: [systemTray] SysTray.Exe O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [HydraVisionDesktopManager] C:\Program Files\ATI Technologies\ATI HydraVision\HydraDM.exe O4 - HKLM\..\Run: [WINDVDPatch] CTHELPER.EXE O4 - HKLM\..\Run: [CTHelper] CTHELPER.EXE O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe O4 - HKLM\..\Run: [AOLSAV] C:\PROGRA~1\TECHCI~1\AOLSAV\AOLAgent.exe O4 - HKLM\..\Run: [sunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe O4 - HKLM\..\Run: [AOLDialer] C:\Program Files\Fichiers communs\AOL\ACS\AOLDial.exe O4 - HKLM\..\Run: [synchronization Manager] %SystemRoot%\system32\mobsync.exe /logon O4 - HKLM\..\Run: [iMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32 O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\System32\IME\PINTLGNT\ImScInst.exe /SYNC O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE /SYNC O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE /IMEName O4 - HKLM\..\Run: [zBrowser Launcher] C:\Program Files\Logitech\iTouch\iTouch.exe O4 - HKLM\..\Run: [HydraVisionViewPort] C:\Program Files\ATI Technologies\ATI HydraVision\HydraMD.exe O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe /STARTUP O4 - HKLM\..\Run: [ATICCC] "C:\Program Files\ATI Technologies\ATI.ACE\cli.exe" runtime O4 - HKLM\..\Run: [HostManager] C:\Program Files\Fichiers communs\AOL\1132683421\ee\AOLHostManager.exe O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot O4 - HKLM\..\Run: [Logitech Hardware Abstraction Layer] KHALMNPR.EXE O4 - HKLM\..\Run: [AVG7_EMC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe O4 - HKLM\..\RunServices: [MOSearch] C:\PROGRA~1\FICHIE~1\System\MOSearch\Bin\mosearch.exe O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [TaskTray] "C:\Program Files\Creative\TaskBar\CTLTray.exe" O4 - HKCU\..\Run: [TaskBar] "C:\Program Files\Creative\TaskBar\CTLTask.exe" O4 - HKCU\..\Run: [enc file] C:\DOCUME~1\Khorne\APPLIC~1\ERRORP~1\Idoldoes.exe O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BackWeb-8876480.exe O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background O4 - HKCU\..\Run: [Yahoo! Pager] C:\Program Files\Yahoo!\Messenger\ypager.exe -quiet O4 - HKCU\..\Run: [spybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe O4 - Startup: Registration Brothers In Arms.LNK = D:\Support\Register\RegistrationReminder.exe O4 - Global Startup: AOL Compagnon.lnk = C:\Program Files\AOL Compagnon\companion.exe O4 - Global Startup: AOL 9.0 Icône AOL.lnk = C:\Program Files\AOL 9.0\aoltray.exe O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe O4 - Global Startup: ATI CATALYST System Tray.lnk = C:\Program Files\ATI Technologies\ATI.ACE\CLI.EXE O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe O4 - Global Startup: Windows Desktop Search.lnk = C:\Program Files\MSN Toolbar Suite\DS\02.05.0001.1119\fr-fr\bin\WindowsSearch.exe O8 - Extra context menu item: &MSN Search - res://C:\Program Files\MSN Toolbar Suite\TB\02.05.0000.1105\fr-fr\msntb.dll/search.htm O8 - Extra context menu item: &Recherche AOL Toolbar - res://C:\Program Files\AOL Toolbar\toolbar.dll/SEARCH.HTML O8 - Extra context menu item: &Search - http://bar.mywebsearch.com/menusearch.html...FR_ZNxdm983YYFR O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~1\OFFICE11\EXCEL.EXE/3000 O8 - Extra context menu item: Ouvrir dans un nouvel onglet d'arrière-plan - res://C:\Program Files\MSN Toolbar Suite\TAB\02.05.0000.1105\fr-fr\msntabres.dll/229?5368749f87e74ceaaff2ffea48f9a87 O8 - Extra context menu item: Ouvrir dans un nouvel onglet de premier plan - res://C:\Program Files\MSN Toolbar Suite\TAB\02.05.0000.1105\fr-fr\msntabres.dll/230?5368749f87e74ceaaff2ffea48f9a87 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll O9 - Extra button: AOL Toolbar - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - C:\Program Files\AOL Toolbar\toolbar.dll O9 - Extra 'Tools' menuitem: AOL Toolbar - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - C:\Program Files\AOL Toolbar\toolbar.dll O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~1\OFFICE11\REFIEBAR.DLL O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\SYSTEM32\SHDOCVW.DLL O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O16 - DPF: ChatSpace Full Java Client 3.1.0.229 - http://surechat.com:9000/Java/cfs31229.cab O16 - DPF: KANA IQ LiveA - http://dmzchatonly.europe.creative.com/srvs/eu/eu1.cab O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab O16 - DPF: {0A5FD7C5-A45C-49FC-ADB5-9952547D5715} (Creative Software AutoUpdate) - http://creative.com/su/ocx/15015/CTSUEng.cab O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab31267.cab O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab O16 - DPF: {4A3CF76B-EC7A-405D-A67D-8DC6B52AB35B} (QDiagAOLCCUpdateObj Class) - http://aolcc.aol.fr/computercheckup/qdiagcc.cab O16 - DPF: {64D01C7F-810D-446E-A07E-365764235644} (AtlAtomadersCtlAttrib Class) - http://kraisoft.com/files/realone/atomaders.cab O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/2005111...all/xscan53.cab O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...StatsClient.cab O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.fr/download/MsnMessen...pDownloader.cab O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://messenger.zone.msn.com/binary/ZIntro.cab32846.cab O16 - DPF: {B942A249-D1E7-4C11-98AE-FCB76B08747F} (RealArcadeRdxIE Class) - http://games-dl.real.com/gameconsole/Bundl...ArcadeRdxIE.cab O16 - DPF: {BD393C14-72AD-4790-A095-76522973D6B8} (CBreakshotControl Class) - http://messenger.zone.msn.com/binary/Bankshot.cab31267.cab O16 - DPF: {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} (Zylom Games Player) - http://game15.zylomgames.com/activex/zylomgamesplayer.cab O16 - DPF: {C3DFA998-A486-11D4-AA25-00C04F72DAEB} (MSN Photo Upload Tool) - http://sc.groups.msn.com/controls/PhotoUC/MsnPUpld.cab O16 - DPF: {CE69F98F-2AF3-4306-BAC6-A79070EDA1B4} (Zylom Loader Object) - http://game11.zylomgames.com/activex/zylomloader.cab O16 - DPF: {D719897A-B07A-4C0C-AEA9-9B663A28DFCB} (iTunesDetector Class) - http://ax.phobos.apple.com.edgesuite.net/d.../ITDetector.cab O16 - DPF: {D8089245-3211-40F6-819B-9E5E92CD61A2} (FlashXControl Object) - https://frgoldenriviera.microgaming.com/frg...era/FlashAX.cab O16 - DPF: {F58E1CEF-A068-4C15-BA5E-587CAF3EE8C6} (MSN Chat Control 4.5) - http://chat.msn.com/bin/msnchat45.cab O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} (Creative Software AutoUpdate Support Package) - http://creative.com/su/ocx/15016/CTPID.cab O16 - DPF: {F6BF0D00-0B2A-4A75-BF7B-F385591623AF} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown.cab O17 - HKLM\System\CCS\Services\Tcpip\..\{A6B72CCB-1512-4D40-B83B-507229E914C2}: NameServer = 192.168.0.1 O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing) O23 - Service: AOL Connectivity Service (AOL ACS) - America Online, Inc. - C:\PROGRA~1\FICHIE~1\AOL\ACS\AOLACSD.EXE O23 - Service: AOL Spyware Protection Service (AOLService) - Unknown owner - C:\Program Files\Fichiers communs\AOL\AOL Spyware Protection\\aolserv.exe (file missing) O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\SYSTEM32\ati2sgag.exe O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe O23 - Service: Avirt Gateway - Unknown owner - C:\WINDOWS\System32\aGate.exe (file missing) O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\System32\CTsvcCDA.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe O23 - Service: Kerio Personal Firewall (PersFw) - Kerio Technologies - C:\Program Files\Kerio\Personal Firewall\persfw.exe O23 - Service: WAN Miniport (ATW) Service (WANMiniportService) - America Online, Inc. - C:\WINDOWS\wanmpsvc.exe

Bonjour, je suis actuellement embété par u virus/trojan/je saispasquoi, qui se lance regulierement, AVG le detecte l'elimine mais il réapparait, j'avoue ne pas etre un crack de l'informatique et meme si ce virus n'as pas l'air d'etre trop désagréable il me pourrit la vie lorsque je joue, d'apres ce que j'ai pus voir en cherchant sur le net il s'agirais de swizzor.co qui crée des fichiers dans le dossier "\Local Settings\Temp", je ne sais pas comment faire pour m'en debarasser ....si quelqun peut m'aider je m'y met ce soir en rentrant, merci a vous d'avance