xb24
-
Compteur de contenus
5 -
Inscription
-
Dernière visite
xb24's Achievements
Junior Member (3/12)
0
Réputation sur la communauté
-
J'ai procedé autrement pour Hijack voici le rapport : Logfile of HijackThis v1.99.1 Scan saved at 18:03:30, on 24/09/2006 Platform: Windows XP SP1 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106) Running processes: D:\WINDOWS\System32\smss.exe D:\WINDOWS\system32\winlogon.exe D:\WINDOWS\system32\services.exe D:\WINDOWS\system32\lsass.exe D:\WINDOWS\system32\svchost.exe D:\WINDOWS\System32\svchost.exe D:\WINDOWS\System32\mguard.exe D:\WINDOWS\Explorer.exe D:\WINDOWS\system32\LEXBCES.EXE D:\WINDOWS\system32\LEXPPS.EXE D:\WINDOWS\system32\spoolsv.exe D:\Program Files\Alwil Software\Avast4\aswUpdSv.exe D:\Program Files\Alwil Software\Avast4\ashServ.exe D:\WINDOWS\System32\oodag.exe D:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe D:\WINDOWS\Mixer.exe D:\Program Files\Java\jre1.5.0_06\bin\jusched.exe C:\Program Files\SlySoft\CloneCD\CloneCDTray.exe C:\Program Files\DAEMON Tools\daemon.exe D:\WINDOWS\system32\pctspk.exe C:\Program Files\RAM Idle LE\RAM_XP.exe D:\WINDOWS\System32\PAStiSvc.exe D:\Garmin\gStart.exe D:\WINDOWS\System32\svchost.exe C:\Program Files\RamBoost XP\rambxpfr.exe D:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe D:\Program Files\Alwil Software\Avast4\ashWebSv.exe D:\Program Files\Alwil Software\Avast4\ashMaiSv.exe D:\WINDOWS\System32\msnsrv.exe D:\WINDOWS\system32\cmd.exe c:\Program Files\WinRAR\WinRAR.exe c:\Program Files\WinRAR\WinRAR.exe c:\Program Files\WinRAR\WinRAR.exe c:\Program Files\WinRAR\WinRAR.exe D:\Program Files\Mozilla Firefox\firefox.exe D:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\hijackthis_199\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.club-internet.fr/ R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.club-internet.fr/ R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Internet Explorer avec Club-Internet R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens F2 - REG:system.ini: Shell=Explorer.exe mguard.exe F2 - REG:system.ini: UserInit=D:\WINDOWS\System32\userinit.exe,mguard.exe O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - D:\Program Files\Java\jre1.5.0_06\bin\ssv.dll O4 - HKLM\..\Run: [avast!] D:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe O4 - HKLM\..\Run: [C-Media Mixer] Mixer.exe /startup O4 - HKLM\..\Run: [sunJavaUpdateSched] D:\Program Files\Java\jre1.5.0_06\bin\jusched.exe O4 - HKLM\..\Run: [CloneCDTray] "C:\Program Files\SlySoft\CloneCD\CloneCDTray.exe" /s O4 - HKLM\..\Run: [DAEMON Tools] "c:\Program Files\DAEMON Tools\daemon.exe" -lang 1033 O4 - HKLM\..\Run: [RAM Idle Professional] c:\Program Files\RAM Idle LE\RAM_XP.exe O4 - HKLM\..\Run: [Ms Java for Windows NT] mguard.exe O4 - HKLM\..\Run: [Win32] msnsrv.exe O4 - HKLM\..\RunServices: [Win32] msnsrv.exe O4 - HKCU\..\Run: [gStart] D:\Garmin\gStart.exe O4 - HKCU\..\Run: [MsnMsgr] "D:\Program Files\MSN Messenger\MsnMsgr.Exe" /background O4 - HKCU\..\Run: [Ms Java for Windows NT] mguard.exe O4 - HKCU\..\Run: [RamBoostXp] C:\Program Files\RamBoost XP\rambxpfr.exe O4 - Startup: Club Internet.lnk = D:\Program Files\Club-Internet\Lanceur\lanceur.exe O4 - Global Startup: DSLMON.lnk = D:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204 O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab O17 - HKLM\System\CCS\Services\Tcpip\..\{D02D6BE4-A1FA-4129-8205-C7BE19DCAC0B}: NameServer = 194.117.200.10 194.117.200.15 O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - D:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - D:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - D:\Program Files\Alwil Software\Avast4\aswUpdSv.exe O23 - Service: avast! Antivirus - Unknown owner - D:\Program Files\Alwil Software\Avast4\ashServ.exe O23 - Service: avast! Mail Scanner - Unknown owner - D:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing) O23 - Service: avast! Web Scanner - Unknown owner - D:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing) O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - D:\WINDOWS\system32\LEXBCES.EXE O23 - Service: O&O Defrag - O&O Software GmbH - D:\WINDOWS\System32\oodag.exe O23 - Service: PCTEL Speaker Phone (Pctspk) - PCtel, Inc. - D:\WINDOWS\system32\pctspk.exe O23 - Service: Kerio Personal Firewall (PersFw) - Kerio Technologies - D:\Program Files\Kerio\Personal Firewall\persfw.exe O23 - Service: STI Simulator - Unknown owner - D:\WINDOWS\System32\PAStiSvc.exe
-
voici les rapports en question : Qoofix v1.03 by http://www.malwarebytes.org Scan started on [24/09/2006] at [17:43:52] ------------------------------------------------------------- No malicious modules found! ------------------------------------------------------------- No Qoologic infected files found! ------------------------------------------------------------- Scan COMPLETED SUCCESSFULLY on [24/09/2006] at [17:44:37] Note: Some registry keys may have been removed. et hijack : bon hijack plante, je ne peux plus faire de rapport....
-
Salut Bruce Lee, je ne peux décidemment plus accéder au précédent message. Tu peux faire un copier collier s'teup ? Merci
-
Suite au problème dont je viens de vous faire part, je m'aperçois que je ne peux même pas cliquer sur le lien du message pour lire les réponses. Je pense que c'est dû au mots interdits qui me bloquent tout. Donc merci de me répondre ici, en espérant que ça marche... Quelle galère !
-
Bonjour à tous, depuis hier soir, mon anti virus avast a detecté un cheval de troie au nom ci-dessus. Résultat : au démarrage, mon pare feu ne se lance plus toute recherche sur internet avec un nom tel que virus ou trojan me coupe internet explorer ou firefox, enfin les scans sont impossibles car ils sont fermés aussi. En mode sans échec, je ne peux pas scanner non plus, les applications sont systématiquement fermées. Pourriez vous m'aider ? Je mets le rapport hijack : Logfile of HijackThis v1.99.1 Scan saved at 11:14:54, on 24/09/2006 Platform: Windows XP SP1 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106) Running processes: D:\WINDOWS\System32\smss.exe D:\WINDOWS\system32\winlogon.exe D:\WINDOWS\system32\services.exe D:\WINDOWS\system32\lsass.exe D:\WINDOWS\system32\svchost.exe D:\WINDOWS\System32\svchost.exe D:\WINDOWS\System32\mguard.exe D:\WINDOWS\Explorer.exe D:\WINDOWS\system32\LEXBCES.EXE D:\WINDOWS\system32\spoolsv.exe D:\WINDOWS\system32\LEXPPS.EXE D:\Program Files\Alwil Software\Avast4\aswUpdSv.exe D:\Program Files\Alwil Software\Avast4\ashServ.exe D:\WINDOWS\System32\oodag.exe D:\WINDOWS\system32\pctspk.exe D:\WINDOWS\System32\PAStiSvc.exe D:\WINDOWS\System32\svchost.exe D:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe D:\WINDOWS\Mixer.exe D:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe D:\Program Files\Java\jre1.5.0_06\bin\jusched.exe D:\Program Files\Alwil Software\Avast4\ashMaiSv.exe C:\Program Files\SlySoft\CloneCD\CloneCDTray.exe D:\Program Files\Alwil Software\Avast4\ashWebSv.exe C:\Program Files\DAEMON Tools\daemon.exe C:\Program Files\RAM Idle LE\RAM_XP.exe D:\WINDOWS\System32\wulogin.exe D:\WINDOWS\System32\ctfmon.exe D:\Garmin\gStart.exe D:\WINDOWS\System32\msnsrv.exe C:\Program Files\RamBoost XP\rambxpfr.exe D:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe C:\Program Files\hijackthis_199\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.club-internet.fr/ R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.club-internet.fr/ R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Internet Explorer avec Club-Internet R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens F2 - REG:system.ini: Shell=Explorer.exe mguard.exe F2 - REG:system.ini: UserInit=D:\WINDOWS\System32\userinit.exe,mguard.exe O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - D:\Program Files\Java\jre1.5.0_06\bin\ssv.dll O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - D:\WINDOWS\System32\msdxm.ocx O4 - HKLM\..\Run: [avast!] D:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe O4 - HKLM\..\Run: [C-Media Mixer] Mixer.exe /startup O4 - HKLM\..\Run: [TkBellExe] "D:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot O4 - HKLM\..\Run: [sunJavaUpdateSched] D:\Program Files\Java\jre1.5.0_06\bin\jusched.exe O4 - HKLM\..\Run: [CloneCDTray] "C:\Program Files\SlySoft\CloneCD\CloneCDTray.exe" /s O4 - HKLM\..\Run: [NeroFilterCheck] D:\WINDOWS\system32\NeroCheck.exe O4 - HKLM\..\Run: [DAEMON Tools] "c:\Program Files\DAEMON Tools\daemon.exe" -lang 1033 O4 - HKLM\..\Run: [RAM Idle Professional] c:\Program Files\RAM Idle LE\RAM_XP.exe O4 - HKLM\..\Run: [Ms Java for Windows NT] mguard.exe O4 - HKLM\..\Run: [Windows Logon] wulogin.exe O4 - HKLM\..\Run: [Win32] msnsrv.exe O4 - HKLM\..\RunServices: [Windows Logon] wulogin.exe O4 - HKLM\..\RunServices: [Win32] msnsrv.exe O4 - HKCU\..\Run: [CTFMON.EXE] D:\WINDOWS\System32\ctfmon.exe O4 - HKCU\..\Run: [gStart] D:\Garmin\gStart.exe O4 - HKCU\..\Run: [MsnMsgr] "D:\Program Files\MSN Messenger\MsnMsgr.Exe" /background O4 - HKCU\..\Run: [Ms Java for Windows NT] mguard.exe O4 - HKCU\..\Run: [Win32] msnsrv.exe O4 - HKCU\..\Run: [RamBoostXp] C:\Program Files\RamBoost XP\rambxpfr.exe O4 - Startup: BoontyBox 01net.lnk = D:\Program Files\Boonty\BoontyBox\BoontyBox.exe O4 - Startup: Club Internet.lnk = D:\Program Files\Club-Internet\Lanceur\lanceur.exe O4 - Global Startup: DSLMON.lnk = D:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe O4 - Global Startup: Microsoft Office.lnk = D:\Program Files\Microsoft Office\Office\OSA9.EXE O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - D:\Program Files\Java\jre1.5.0_06\bin\ssv.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - D:\Program Files\Java\jre1.5.0_06\bin\ssv.dll O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - D:\WINDOWS\web\related.htm O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - D:\WINDOWS\web\related.htm O16 - DPF: {09F1ADAC-76D8-4D0F-99A5-5C907DADB988} - http://fr.systemdoctor.com/download/2006/c...eInstall_fr.cab O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204 O16 - DPF: {56336BCB-3D8A-11D6-A00B-0050DA18DE71} (RdxIE Class) - http://software-dl.real.com/122786b98e995e...RdxIE601_fr.cab O16 - DPF: {A6C822CD-FB68-47B3-8577-B312887D9019} (Stardraw LiveUpdate Class) - http://www.stardraw.com/Components/StardrawLiveUpdate.cab O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - D:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - D:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - D:\Program Files\Alwil Software\Avast4\aswUpdSv.exe O23 - Service: avast! Antivirus - Unknown owner - D:\Program Files\Alwil Software\Avast4\ashServ.exe O23 - Service: avast! Mail Scanner - Unknown owner - D:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing) O23 - Service: avast! Web Scanner - Unknown owner - D:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing) O23 - Service: Boonty Games - BOONTY - D:\Program Files\Fichiers communs\BOONTY Shared\Service\Boonty.exe O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - D:\WINDOWS\system32\LEXBCES.EXE O23 - Service: O&O Defrag - O&O Software GmbH - D:\WINDOWS\System32\oodag.exe O23 - Service: PCTEL Speaker Phone (Pctspk) - PCtel, Inc. - D:\WINDOWS\system32\pctspk.exe O23 - Service: Kerio Personal Firewall (PersFw) - Kerio Technologies - D:\Program Files\Kerio\Personal Firewall\persfw.exe O23 - Service: STI Simulator - Unknown owner - D:\WINDOWS\System32\PAStiSvc.exe et voici celui de combofix : maison - 06-09-24 15:35:43,51 Service Pack 1 ComboFix 06.09.23.2 - Running from: "C:\setups" ((((((((((((((((((((((((((((((( Files Created from 2006-08-24 to 2006-09-24 )))))))))))))))))))))))))))))))))) 2006-09-24 15:27 286,998 --a------ D:\WINDOWS\system32\68611_netapi.exe 2006-09-24 11:22 286,998 --a------ D:\WINDOWS\system32\31216_netapi.exe 2006-09-24 11:21 286,998 --a------ D:\WINDOWS\system32\25572_netapi.exe 2006-09-23 12:15 286,998 --a------ D:\WINDOWS\system32\03424_netapi.exe 2006-09-23 12:10 286,998 --a------ D:\WINDOWS\system32\16607_netapi.exe 2006-09-22 20:03 94,208 -ra------ D:\WINDOWS\system32\msnsrv.exe 2006-09-21 20:17 286,998 --a------ D:\WINDOWS\system32\85123_netapi.exe 2006-09-21 16:51 286,998 --a------ D:\WINDOWS\system32\54825_netapi.exe 2006-09-21 01:39 13,824 --a------ D:\WINDOWS\system32\wsass.exe 2006-09-20 21:33 286,998 --a------ D:\WINDOWS\system32\87873_netapi.exe 2006-09-20 21:33 1,258,496 -r-hs---- D:\WINDOWS\system32\wulogin.exe 2006-09-20 21:24 286,998 --a------ D:\WINDOWS\system32\23128_netapi.exe 2006-09-20 11:48 8,192 --a------ D:\WINDOWS\system32\tsbyuv.dll 2006-09-20 11:48 50,688 --a------ D:\WINDOWS\system32\vfwwdm32.dll 2006-09-20 11:48 45,568 --a------ D:\WINDOWS\system32\iyuv_32.dll 2006-09-20 11:24 53,248 --a------ D:\WINDOWS\system32\PAStiSvc.exe 2006-09-14 21:05 0 --a------ D:\Stardraw.exe 2006-08-30 12:49 17,408 --a------ D:\WINDOWS\Shortcut.exe 2006-08-29 13:06 5,632 --a------ D:\WINDOWS\system32\Machnm64.sys 2006-08-29 13:06 2,304 --a------ D:\WINDOWS\system32\Machnm32.sys 2006-08-29 13:06 15,840 --a------ D:\WINDOWS\system32\Machnm1.exe 2006-08-28 09:51 90,112 --a------ D:\WINDOWS\system32\AVASTSS.scr (((((((((((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))) 2006-09-24 12:29 -------- d-------- D:\Program Files\Mozilla Firefox 2006-09-24 11:52 -------- d-------- D:\Documents and Settings\maison\Application Data\Lavasoft 2006-09-24 11:50 -------- d-------- D:\Program Files\Zone Labs 2006-09-23 20:23 90240 --a------ D:\WINDOWS\system32\drivers\sptd0749.sys 2006-09-20 21:34 33952 --a------ D:\WINDOWS\system32\drivers\oreans32.sys 2006-09-20 11:42 -------- d-------- D:\Program Files\Fichiers communs\PCCamera 2006-09-20 11:42 -------- d-------- D:\Program Files\Fichiers communs 2006-09-20 11:41 -------- d--h----- D:\Program Files\InstallShield Installation Information 2006-09-19 22:43 -------- d-------- D:\Program Files\Fichiers communs\InstallShield 2006-09-18 12:06 -------- d-------- D:\Program Files\DivX 2006-09-17 16:28 -------- d-------- D:\Program Files\TryMedia 2006-09-14 21:05 -------- d-------- D:\Program Files\Fichiers communs\Stardraw 2006-09-13 23:57 -------- d---s---- D:\Documents and Settings\maison\Application Data\Microsoft 2006-09-11 13:55 -------- d-------- D:\Program Files\ReflexiveArcade 2006-09-10 19:42 -------- d-------- D:\Documents and Settings\maison\Application Data\iWin 2006-08-31 21:50 -------- d-------- D:\Program Files\BFG 2006-08-31 21:48 -------- d--h----- D:\Program Files\Zero G Registry 2006-08-31 21:48 -------- d-------- D:\Program Files\BoontyGames 2006-08-29 13:09 -------- d-------- D:\Program Files\Defenza 2006-08-11 19:35 520192 --a------ D:\WINDOWS\system32\DivXsm.exe 2006-08-11 19:35 3596288 --a------ D:\WINDOWS\system32\qt-dx331.dll 2006-08-11 19:35 200704 --a------ D:\WINDOWS\system32\ssldivx.dll 2006-08-11 19:35 1044480 --a------ D:\WINDOWS\system32\libdivx.dll 2006-08-11 19:31 778240 --a------ D:\WINDOWS\system32\divx_xx0c.dll 2006-08-11 19:31 778240 --a------ D:\WINDOWS\system32\divx_xx07.dll 2006-08-11 19:31 761856 --a------ D:\WINDOWS\system32\divx_xx11.dll 2006-08-11 19:31 73728 --a------ D:\WINDOWS\system32\dpl100.dll 2006-08-11 19:31 620180 --a------ D:\WINDOWS\system32\DivX.dll 2006-08-11 19:31 593920 --a------ D:\WINDOWS\system32\dpuGUI11.dll 2006-08-11 19:31 57344 --a------ D:\WINDOWS\system32\dpv11.dll 2006-08-11 19:31 53248 --a------ D:\WINDOWS\system32\dpuGUI10.dll 2006-08-11 19:31 344064 --a------ D:\WINDOWS\system32\dpus11.dll 2006-08-11 19:31 294912 --a------ D:\WINDOWS\system32\dpu11.dll 2006-08-11 19:31 294912 --a------ D:\WINDOWS\system32\dpu10.dll 2006-08-11 19:31 196608 --a------ D:\WINDOWS\system32\dtu100.dll 2006-08-11 19:31 12288 --a------ D:\WINDOWS\system32\DivXWMPExtType.dll 2006-08-11 19:31 118784 --a------ D:\WINDOWS\system32\DivXCodecUpdateChecker.exe 2006-08-11 11:41 -------- d-------- D:\Documents and Settings\maison\Application Data\Macromedia 2006-08-09 09:30 -------- d-------- D:\Documents and Settings\maison\Application Data\AdobeUM 2006-08-08 18:53 635520 --a------ D:\WINDOWS\system32\aswBoot.exe 2006-08-05 17:25 85952 --a------ D:\WINDOWS\system32\drivers\aswmon.sys 2006-08-05 17:24 16352 --a------ D:\WINDOWS\system32\drivers\aswRdr.sys 2006-08-05 17:22 36176 --a------ D:\WINDOWS\system32\drivers\aswTdi.sys 2006-08-05 17:20 24304 --a------ D:\WINDOWS\system32\drivers\aavmker4.sys 2006-08-05 12:02 -------- d-------- D:\Documents and Settings\maison\Application Data\Adobe 2006-08-03 22:01 -------- d-------- D:\Program Files\Real 2006-08-03 21:56 774144 --a------ D:\Program Files\RngInterstitial.dll 2006-08-03 21:55 -------- d-------- D:\Program Files\Fichiers communs\Real 2006-08-03 21:15 223128 --a------ D:\WINDOWS\system32\drivers\dtscsi.sys 2006-08-02 17:33 -------- d-------- D:\Program Files\MSN Messenger 2006-07-24 15:58 -------- d-------- D:\Documents and Settings\maison\Application Data\Ahead 2006-07-24 15:57 -------- d-------- D:\Program Files\Fichiers communs\Ahead 2006-07-24 15:56 642560 --a------ D:\WINDOWS\system32\drivers\sptd.sys 2006-07-18 22:33 711687 --a------ D:\WINDOWS\unins000.exe 2006-07-12 14:01 62 --ahs---- D:\Documents and Settings\maison\Application Data\desktop.ini (((((((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))) *Note* empty entries are not shown [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="D:\\WINDOWS\\System32\\ctfmon.exe" "gStart"="D:\\Garmin\\gStart.exe" "MsnMsgr"="\"D:\\Program Files\\MSN Messenger\\MsnMsgr.Exe\" /background" "Ms Java for Windows NT"="mguard.exe" "Win32"="msnsrv.exe" "RamBoostXp"="C:\\Program Files\\RamBoost XP\\rambxpfr.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "avast!"="D:\\PROGRA~1\\ALWILS~1\\Avast4\\ashDisp.exe" "C-Media Mixer"="Mixer.exe /startup" "TkBellExe"="\"D:\\Program Files\\Fichiers communs\\Real\\Update_OB\\realsched.exe\" -osboot" "SunJavaUpdateSched"="D:\\Program Files\\Java\\jre1.5.0_06\\bin\\jusched.exe" "CloneCDTray"="\"C:\\Program Files\\SlySoft\\CloneCD\\CloneCDTray.exe\" /s" "NeroFilterCheck"="D:\\WINDOWS\\system32\\NeroCheck.exe" "DAEMON Tools"="\"c:\\Program Files\\DAEMON Tools\\daemon.exe\" -lang 1033" "RAM Idle Professional"="c:\\Program Files\\RAM Idle LE\\RAM_XP.exe" "Ms Java for Windows NT"="mguard.exe" "Windows Logon"="wulogin.exe" "Win32"="msnsrv.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\OptionalComponents] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\OptionalComponents\IMAIL] "Installed"="1" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\OptionalComponents\MAPI] "NoChange"="1" "Installed"="1" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\OptionalComponents\MSFS] "Installed"="1" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Runservices] "Windows Logon"="wulogin.exe" "Win32"="msnsrv.exe" [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Desktop\Components] "DeskHtmlVersion"=dword:00000110 "DeskHtmlMinorVersion"=dword:00000005 "Settings"=dword:00000001 "GeneralFlags"=dword:00000001 [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Desktop\Components\0] "Source"="About:Home" "SubscribedURL"="About:Home" "FriendlyName"="Ma page d'accueil" "Flags"=dword:00000002 "Position"=hex:2c,00,00,00,cc,00,00,00,00,00,00,00,34,03,00,00,e2,02,00,00,00,\ 00,00,00,01,00,00,00,01,00,00,00,01,00,00,00,00,00,00,00,00,00,00,00 "CurrentState"=hex:04,00,00,40 "OriginalStateInfo"=hex:18,00,00,00,ff,ff,00,00,ff,ff,00,00,ff,ff,ff,ff,ff,ff,\ ff,ff,04,00,00,00 "RestoredStateInfo"=hex:18,00,00,00,6a,02,00,00,23,00,00,00,a4,00,00,00,9a,00,\ 00,00,01,00,00,00 [HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="D:\\WINDOWS\\System32\\CTFMON.EXE" "Ms Java for Windows NT"="mguard.exe" "Win32"="msnsrv.exe" [HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="D:\\WINDOWS\\System32\\CTFMON.EXE" "Ms Java for Windows NT"="mguard.exe" "Win32"="msnsrv.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\shellexecutehooks] "{AEB6717E-7E19-11d0-97EE-00C04FD91972}"="" [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\explorer] "NoDriveTypeAutoRun"=dword:00000091 [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\explorer\Run] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] "dontdisplaylastusername"=dword:00000000 "legalnoticecaption"="" "legalnoticetext"="" "shutdownwithoutlogon"=dword:00000001 "undockwithoutlogon"=dword:00000001 [HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\explorer] "NoDriveTypeAutoRun"=dword:00000091 [HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\explorer] "NoDriveTypeAutoRun"=dword:00000091 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad] "PostBootReminder"="{7849596a-48ea-486e-8937-a2a3009f31a9}" "CDBurn"="{fbeb8a05-beee-4442-804e-409d6c4515e9}" "WebCheck"="{E6FB5E20-DE35-11CF-9C87-00AA005127ED}" "SysTray"="{35CEC8A3-2BE6-11D2-8773-92E220524153}" HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders securityproviders REG_SZ msapsspc.dll, schannel.dll, digest.dll, msnsspc.dll Completion time: 24/09/2006 15:36:38.68 ComboFix.txt ComboFix2.txt ComboFix3.txt Je précise que je suis sous windows XP. J'espère que vous allez pouvoir m'aider. Merci d'avance