hilton

j'ai supprimé le fichier j'ai l'impression que ca va mieux ; wait and see en tous cas, un BIG merci à toi Bruce Lee Tchao

bon, c'est fait, j'ai telechargé antivir je part au taf, si tu postes, j'en prendrai connaissance ce soir Merci et @ + Bruce Lee

et voila le rapport mbam , je termine ta procédure : Malwarebytes' Anti-Malware 1.19 Version de la base de données: 913 Windows 5.1.2600 13:36:58 02/07/2008 mbam-log-7-2-2008 (13-36-58).txt Type de recherche: Examen complet (C:\|) Eléments examinés: 76497 Temps écoulé: 21 minute(s), 28 second(s) Processus mémoire infecté(s): 0 Module(s) mémoire infecté(s): 0 Clé(s) du Registre infectée(s): 0 Valeur(s) du Registre infectée(s): 0 Elément(s) de données du Registre infecté(s): 0 Dossier(s) infecté(s): 0 Fichier(s) infecté(s): 30 Processus mémoire infecté(s): (Aucun élément nuisible détecté) Module(s) mémoire infecté(s): (Aucun élément nuisible détecté) Clé(s) du Registre infectée(s): (Aucun élément nuisible détecté) Valeur(s) du Registre infectée(s): (Aucun élément nuisible détecté) Elément(s) de données du Registre infecté(s): (Aucun élément nuisible détecté) Dossier(s) infecté(s): (Aucun élément nuisible détecté) Fichier(s) infecté(s): C:\QooBox\Quarantine\C\svchost.exe.vir (Trojan.Downloader) -> Quarantined and deleted successfully. C:\QooBox\Quarantine\C\svchost2.exe.vir (Trojan.Downloader) -> Quarantined and deleted successfully. C:\QooBox\Quarantine\C\Program Files\Microsoft Security Adviser\msavsc.exe.vir (Trojan.Agent) -> Quarantined and deleted successfully. C:\QooBox\Quarantine\C\Program Files\Microsoft Security Adviser\msctrl.exe.vir (Trojan.Agent) -> Quarantined and deleted successfully. C:\QooBox\Quarantine\C\Program Files\Microsoft Security Adviser\msfw.exe.vir (Trojan.Agent) -> Quarantined and deleted successfully. C:\QooBox\Quarantine\C\Program Files\Microsoft Security Adviser\msiemon.exe.vir (Trojan.Agent) -> Quarantined and deleted successfully. C:\QooBox\Quarantine\C\Program Files\Microsoft Security Adviser\mssadv.exe.vir (Trojan.Clicker) -> Quarantined and deleted successfully. C:\QooBox\Quarantine\C\Program Files\Microsoft Security Adviser\msscan.exe.vir (Trojan.Agent) -> Quarantined and deleted successfully. C:\QooBox\Quarantine\C\WINDOWS\msavsc.dll.vir (Trojan.Agent) -> Quarantined and deleted successfully. C:\QooBox\Quarantine\C\WINDOWS\msctrl.dll.vir (Trojan.Agent) -> Quarantined and deleted successfully. C:\QooBox\Quarantine\C\WINDOWS\msfw.dll.vir (Trojan.Agent) -> Quarantined and deleted successfully. C:\QooBox\Quarantine\C\WINDOWS\msiemon.dll.vir (Trojan.Agent) -> Quarantined and deleted successfully. C:\QooBox\Quarantine\C\WINDOWS\mssadv.dll.vir (Trojan.Clicker) -> Quarantined and deleted successfully. C:\QooBox\Quarantine\C\WINDOWS\msscan.dll.vir (Trojan.Agent) -> Quarantined and deleted successfully. C:\QooBox\Quarantine\C\WINDOWS\system32\autodis.dll.vir (Trojan.Downloader) -> Quarantined and deleted successfully. C:\System Volume Information\_restore{A924857F-7B79-46BA-A180-210FFCA30B65}\RP108\A0041866.exe (Trojan.Agent) -> Quarantined and deleted successfully. C:\System Volume Information\_restore{A924857F-7B79-46BA-A180-210FFCA30B65}\RP108\A0041867.exe (Trojan.Agent) -> Quarantined and deleted successfully. C:\System Volume Information\_restore{A924857F-7B79-46BA-A180-210FFCA30B65}\RP108\A0041868.exe (Trojan.Agent) -> Quarantined and deleted successfully. C:\System Volume Information\_restore{A924857F-7B79-46BA-A180-210FFCA30B65}\RP108\A0041869.exe (Trojan.Agent) -> Quarantined and deleted successfully. C:\System Volume Information\_restore{A924857F-7B79-46BA-A180-210FFCA30B65}\RP108\A0041870.exe (Trojan.Clicker) -> Quarantined and deleted successfully. C:\System Volume Information\_restore{A924857F-7B79-46BA-A180-210FFCA30B65}\RP108\A0041871.exe (Trojan.Agent) -> Quarantined and deleted successfully. C:\System Volume Information\_restore{A924857F-7B79-46BA-A180-210FFCA30B65}\RP108\A0041872.exe (Trojan.Downloader) -> Quarantined and deleted successfully. C:\System Volume Information\_restore{A924857F-7B79-46BA-A180-210FFCA30B65}\RP108\A0041873.exe (Trojan.Downloader) -> Quarantined and deleted successfully. C:\System Volume Information\_restore{A924857F-7B79-46BA-A180-210FFCA30B65}\RP108\A0041874.dll (Trojan.Agent) -> Quarantined and deleted successfully. C:\System Volume Information\_restore{A924857F-7B79-46BA-A180-210FFCA30B65}\RP108\A0041875.dll (Trojan.Agent) -> Quarantined and deleted successfully. C:\System Volume Information\_restore{A924857F-7B79-46BA-A180-210FFCA30B65}\RP108\A0041876.dll (Trojan.Agent) -> Quarantined and deleted successfully. C:\System Volume Information\_restore{A924857F-7B79-46BA-A180-210FFCA30B65}\RP108\A0041877.dll (Trojan.Agent) -> Quarantined and deleted successfully. C:\System Volume Information\_restore{A924857F-7B79-46BA-A180-210FFCA30B65}\RP108\A0041878.dll (Trojan.Clicker) -> Quarantined and deleted successfully. C:\System Volume Information\_restore{A924857F-7B79-46BA-A180-210FFCA30B65}\RP108\A0041879.dll (Trojan.Agent) -> Quarantined and deleted successfully. C:\System Volume Information\_restore{A924857F-7B79-46BA-A180-210FFCA30B65}\RP108\A0041880.dll (Trojan.Downloader) -> Quarantined and deleted successfully.

Salut Bruce Lee, je te poste le rapport Virus Total ; cependant je sais pas si tt a bien marché jusque là, j'ai pas compris cette histoire de supprimer le fichier en gras ? Enfin bon, je continue la procédure et te tient au courant Encore merci pour ton aide Fichier loginTool.exe reçu le 2008.07.02 12:58:14 (CET)Antivirus Version Dernière mise à jour Résultat AhnLab-V3 2008.7.2.0 2008.07.01 - AntiVir 7.8.0.59 2008.07.02 - Authentium 5.1.0.4 2008.07.01 - Avast 4.8.1195.0 2008.07.01 - AVG 7.5.0.516 2008.07.01 - BitDefender 7.2 2008.07.02 - CAT-QuickHeal 9.50 2008.06.30 - ClamAV 0.93.1 2008.07.02 - DrWeb 4.44.0.09170 2008.07.02 - eSafe 7.0.17.0 2008.07.01 - eTrust-Vet 31.6.5920 2008.07.02 - Ewido 4.0 2008.07.01 - F-Prot 4.4.4.56 2008.07.01 - F-Secure 7.60.13501.0 2008.07.01 - Fortinet 3.14.0.0 2008.07.02 - GData 2.0.7306.1023 2008.07.02 - Ikarus T3.1.1.26.0 2008.07.02 - Kaspersky 7.0.0.125 2008.07.02 - McAfee 5329 2008.07.01 - Microsoft None 2008.07.02 - NOD32v2 3234 2008.07.02 - Norman 5.80.02 2008.07.01 - Panda 9.0.0.4 2008.07.01 - Prevx1 V2 2008.07.02 - Rising 20.51.21.00 2008.07.02 - Sophos 4.30.0 2008.07.02 - Sunbelt 3.1.1509.1 2008.07.01 - TheHacker 6.2.96.366 2008.07.02 - TrendMicro 8.700.0.1004 2008.07.02 - VBA32 3.12.6.8 2008.07.02 - VirusBuster 4.5.11.0 2008.07.01 - Webwasher-Gateway 6.6.2 2008.07.02 - Information additionnelle File size: 53248 bytes MD5...: b74f17315ed408b1c270369f0a9a06c0 SHA1..: a42c4394b709708443b0518349e770fa89c0d3cd SHA256: 7e84b62fd82ad2a0be43e77bb75b864506deb29e562735d4bd0af21a48c3b04a SHA512: 41cb4d9d3677b6b7e4ae7104dc6994422d4f42991072776bb5b6fdad70ffd4aa<BR>d9e26d0f2d258d3f9befa78ac045469e9a59c257e0ba4c69a294b2b9d37aa8ca PEiD..: Armadillo v1.71 PEInfo: PE Structure information<BR><BR>( base data )<BR>entrypointaddress.: 0x406f1f<BR>timedatestamp.....: 0x44f38fa9 (Tue Aug 29 00:51:53 2006)<BR>machinetype.......: 0x14c (I386)<BR><BR>( 4 sections )<BR>name viradd virsiz rawdsiz ntrpy md5<BR>.text 0x1000 0x63a3 0x7000 6.08 a08759a484f2ad8fac37494f7624af83<BR>.rdata 0x8000 0x126a 0x2000 3.34 ae44a869bc31a76a53c12e2098be84b2<BR>.data 0xa000 0x2ac1c 0x1000 1.90 b1954b0169b1cd91c0780aca65b6d78e<BR>.rsrc 0x35000 0x13d8 0x2000 2.39 572ea6b0868a3295eee6c88b2dfa3108<BR><BR>( 6 imports ) <BR>> USER32.dll: IsIconic, GetSystemMetrics, GetClientRect, DrawIcon, FindWindowA, AppendMenuA, SendMessageA, LoadIconA, EnumWindows, PostMessageA, GetSystemMenu, EnableWindow, GetWindowTextA<BR>> SETUPAPI.dll: SetupDiEnumDeviceInterfaces, SetupDiGetDeviceInterfaceDetailA, SetupDiDestroyDeviceInfoList, SetupDiGetClassDevsA<BR>> MFC42.DLL: -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -<BR>> MSVCRT.dll: exit, _acmdln, __getmainargs, _initterm, __setusermatherr, _adjust_fdiv, __p__commode, __p__fmode, __set_app_type, _except_handler3, _controlfp, _XcptFilter, _exit, _onexit, __dllonexit, calloc, free, strncmp, strstr, __CxxFrameHandler, _setmbcp<BR>> KERNEL32.dll: CreateProcessA, GetStartupInfoA, GetModuleHandleA, SetFilePointer, ReadFile, LoadLibraryA, GetSystemDirectoryA, GetProcAddress, FreeLibrary, CreateEventA, ResetEvent, WaitForSingleObject, GetLogicalDrives, DeviceIoControl, GetVersionExA, CreateFileA, WriteFile, CloseHandle, CopyFileA, GetModuleFileNameA, GetWindowsDirectoryA, GetLastError, CreateMutexA, GetUserDefaultLangID, ExitProcess, Sleep, GetCurrentDirectoryA<BR>> SHELL32.dll: ShellExecuteA<BR><BR>( 0 exports ) <BR>

j'ose une petite relance pour avoir un avis sur mes rapports hitschaki ou Combo fix Merci

Salut Bruce Lee , voila le rapport : ComboFix 08-06-30.2 - olivier 2008-07-01 20:14:38.1 - NTFSx86 Microsoft Windows XP Édition familiale 5.1.2600.0.1252.1.1036.18.278 [GMT 2:00] Endroit: C:\Documents and Settings\olivier\Bureau\ComboFix.exe * Création d'un nouveau point de restauration . (((((((((((((((((((((((((((((((((((( Autres suppressions )))))))))))))))))))))))))))))))))))))))))))))))) . C:\Program Files\Microsoft Security Adviser C:\Program Files\Microsoft Security Adviser\msavsc.exe C:\Program Files\Microsoft Security Adviser\msctrl.exe C:\Program Files\Microsoft Security Adviser\msfw.exe C:\Program Files\Microsoft Security Adviser\msiemon.exe C:\Program Files\Microsoft Security Adviser\mssadv.exe C:\Program Files\Microsoft Security Adviser\msscan.exe C:\svchost.exe C:\svchost2.exe C:\WINDOWS\msavsc.dll C:\WINDOWS\msctrl.dll C:\WINDOWS\msfw.dll C:\WINDOWS\msiemon.dll C:\WINDOWS\mssadv.dll C:\WINDOWS\msscan.dll C:\WINDOWS\system32\autodis.dll . ((((((((((((((((((((((((((((((((((((((( Drivers/Services ))))))))))))))))))))))))))))))))))))))))))))))))) . -------\Service_poof ((((((((((((((((((((((((((((( Fichiers cr‚‚s 2008-06-01 to 2008-07-01 )))))))))))))))))))))))))))))))))))) . 2008-07-01 13:22 . 2008-07-01 13:22 1,779,772 --a------ C:\upload_moi_SNSTDPN.tar.gz 2008-06-28 01:33 . 2008-06-28 01:33 <REP> d-------- C:\WINDOWS\system32\bits 2008-06-28 01:25 . 2004-07-02 00:08 360,960 --a------ C:\WINDOWS\system32\dllcache\qmgr.dll 2008-06-28 01:25 . 2004-07-02 00:08 331,776 --a------ C:\WINDOWS\system32\winhttp.dll 2008-06-28 01:25 . 2004-07-02 00:08 17,408 --a------ C:\WINDOWS\system32\qmgrprxy.dll 2008-06-28 01:25 . 2004-07-02 00:08 17,408 --a------ C:\WINDOWS\system32\dllcache\qmgrprxy.dll 2008-06-28 01:25 . 2004-07-02 00:08 7,680 --------- C:\WINDOWS\system32\dllcache\bitsprx2.dll 2008-06-28 01:25 . 2004-07-02 00:08 7,680 --------- C:\WINDOWS\system32\bitsprx2.dll 2008-06-28 01:25 . 2004-07-02 00:08 7,168 --------- C:\WINDOWS\system32\dllcache\bitsprx3.dll 2008-06-28 01:25 . 2004-07-02 00:08 7,168 --------- C:\WINDOWS\system32\bitsprx3.dll 2008-06-28 01:21 . 2007-07-30 19:19 549,720 --a------ C:\WINDOWS\system32\wuapi.dll 2008-06-28 01:21 . 2007-07-30 19:19 325,976 --a------ C:\WINDOWS\system32\wucltui.dll 2008-06-28 01:21 . 2007-07-30 19:19 216,408 --a------ C:\WINDOWS\system32\wuaucpl.cpl 2008-06-28 01:21 . 2007-07-30 19:19 203,096 --a------ C:\WINDOWS\system32\wuweb.dll 2008-06-28 01:21 . 2004-08-03 14:00 187,160 --a------ C:\WINDOWS\system32\wuaueng1.dll 2008-06-28 01:21 . 2004-08-03 13:59 170,776 --a------ C:\WINDOWS\system32\wuauclt1.exe 2008-06-28 01:21 . 2007-07-30 19:18 33,624 --a------ C:\WINDOWS\system32\wups.dll 2008-06-27 22:04 . 2008-06-28 11:50 <REP> d-------- C:\Program Files\a-squared Anti-Malware 2008-06-27 21:46 . 2007-09-06 00:22 289,144 --a------ C:\WINDOWS\system32\VCCLSID.exe 2008-06-27 21:46 . 2006-04-27 17:49 288,417 --a------ C:\WINDOWS\system32\SrchSTS.exe 2008-06-27 21:46 . 2008-05-29 09:35 86,528 --a------ C:\WINDOWS\system32\VACFix.exe 2008-06-27 21:46 . 2008-05-18 21:40 82,944 --a------ C:\WINDOWS\system32\IEDFix.exe 2008-06-27 21:46 . 2008-06-23 23:34 82,432 --a------ C:\WINDOWS\system32\IEDFix.C.exe 2008-06-27 21:46 . 2008-05-23 18:21 81,920 --a------ C:\WINDOWS\system32\404Fix.exe 2008-06-27 21:46 . 2004-07-31 18:50 51,200 --a------ C:\WINDOWS\system32\dumphive.exe 2008-06-27 21:46 . 2007-10-04 00:36 25,600 --a------ C:\WINDOWS\system32\WS2Fix.exe 2008-06-26 13:54 . 2008-06-26 21:47 2,246 --a------ C:\WINDOWS\system32\tmp.reg 2008-06-25 23:38 . 2008-06-25 23:38 507,904 --a------ C:\WINDOWS\TMUPDATE.DLL 2008-06-25 23:38 . 2008-06-25 23:38 286,720 --a------ C:\WINDOWS\PATCH.EXE 2008-06-25 23:38 . 2008-06-25 23:38 69,689 --a------ C:\WINDOWS\UNZIP.DLL 2008-06-25 23:31 . 2008-06-25 23:39 <REP> d-a------ C:\Documents and Settings\All Users\Application Data\TEMP 2008-06-21 15:05 . 2006-10-10 11:25 53,248 --a------ C:\WINDOWS\loginTool.exe 2008-06-05 22:26 . 2008-06-05 22:26 <REP> d-------- C:\Program Files\VirginMega 2008-06-02 20:31 . 2001-08-23 17:47 19,456 --a------ C:\WINDOWS\system32\hidserv.dll 2008-06-02 20:31 . 2001-08-23 17:47 19,456 --a------ C:\WINDOWS\system32\dllcache\hidserv.dll 2008-06-02 20:31 . 2001-08-23 16:58 14,080 --a------ C:\WINDOWS\system32\drivers\kbdhid.sys 2008-06-02 20:31 . 2001-08-23 16:58 14,080 --a------ C:\WINDOWS\system32\dllcache\kbdhid.sys . (((((((((((((((((((((((((((((((((( Compte-rendu de Find3M )))))))))))))))))))))))))))))))))))))))))))))))) . 2008-05-19 18:22 --------- d-----w C:\Program Files\Alice 2005-11-07 22:00 19,560 ----a-w C:\Documents and Settings\olivier\Application Data\GDIPFONTCACHEV1.DAT . ((((((((((((((((((((((((((((((((( Point de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))) . . REGEDIT4 *Note* les ‚l‚ments vides & les ‚l‚ments initiaux l‚gitimes ne sont pas list‚s [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "ESB"="C:\WINDOWS\System32\ESB.exe" [2002-04-11 08:18 822272] "FNF22k"="C:\WINDOWS\System32\FNF22k.exe" [2002-04-11 08:18 28672] "SynTPLpr"="C:\Program Files\Synaptics\SynTP\SynTPLpr.exe" [2002-04-11 08:18 110592] "SynTPEnh"="C:\Program Files\Synaptics\SynTP\SynTPEnh.exe" [2002-04-11 08:18 413696] "AdobeVersionCue"="C:\Program Files\Adobe\Adobe Version Cue\ControlPanel\VersionCueTray.exe" [2003-10-22 16:33 1732608] "NeroCheck"="C:\WINDOWS\System32\NeroCheck.exe" [2001-06-12 10:36 151552] "a-squared"="C:\Program Files\a-squared Anti-Malware\a2guard.exe" [2008-06-03 12:37 2131600] "S3hotkey"="S3hotkey.exe" [2001-09-12 22:27 40960 C:\WINDOWS\system32\S3hotkey.exe] "S3TRAY2"="S3tray2.exe" [2001-12-17 16:09 69632 C:\WINDOWS\system32\S3tray2.exe] "SoundMan"="soundman.exe" [2002-03-21 12:23 46592 C:\WINDOWS\soundman.exe] R3 MTC0001_ESB;ESB device driver;C:\WINDOWS\System32\ntESB.sys [2002-04-11 08:18] R3 NeroCd2k;NeroCd2k;C:\WINDOWS\System32\drivers\NeroCd2k.sys [2001-04-16 06:54] S3 V90drv;v90drv;C:\WINDOWS\System32\DRIVERS\v90drv.sys [2001-11-29 17:09] *Newly Created Service* - ALG *Newly Created Service* - IPNAT . Contenu du dossier 'Scheduled Tasks/Tƒches planifi‚es' "2003-12-25 10:13:20 C:\WINDOWS\Tasks\Rappel d'enregistrement 2.job" - C:\WINDOWS\System32\OOBE\oobebaln.exe "2003-12-25 10:13:20 C:\WINDOWS\Tasks\Rappel d'enregistrement 3.job" - C:\WINDOWS\System32\OOBE\oobebaln.exe . ************************************************************************** catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2008-07-01 20:18:21 Windows 5.1.2600 NTFS Balayage processus cach‚s ... Balayage cach‚ autostart entries ... Balayage des fichiers cach‚s ... Scan termin‚ avec succŠs Les fichiers cach‚s: 0 ************************************************************************** . ------------------------ Other Running Processes ------------------------ . C:\Program Files\a-squared Anti-Malware\a2service.exe C:\Program Files\Sierra Imaging\Image Expert\IXApplet.exe C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe C:\WINDOWS\system32\spool\drivers\w32x86\3\E_SICN03.EXE . ************************************************************************** . Temps d'accomplissement: 2008-07-01 20:23:18 - machine was rebooted ComboFix-quarantined-files.txt 2008-07-01 18:23:13 Pre-Run: 9,284,374,528 octets libres Post-Run: 9,236,156,416 octets libres 124 --- E O F --- 2008-06-27 23:33:30

je veux pas avoir l'air d'insister mais c'est de pire en pire, tout est en train de planter !! quelqu'un peut me dire ce qu'il pense du rapport que j'ai poster Merci

Salut bruce lee, voila le rapport (désolé, j'ai pas pu poster plus tôt, j'étais au taf) : Logfile of HijackThis v1.99.1 Scan saved at 13:37:57, on 01/07/2008 Platform: Windows XP (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 (6.00.2600.0000) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\csrss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\System32\svchost.exe C:\WINDOWS\System32\S3hotkey.exe C:\WINDOWS\System32\S3tray2.exe C:\WINDOWS\System32\ESB.exe C:\WINDOWS\System32\FNF22k.exe C:\Program Files\Synaptics\SynTP\SynTPLpr.exe C:\Program Files\Synaptics\SynTP\SynTPEnh.exe C:\WINDOWS\soundman.exe C:\Program Files\Adobe\Adobe Version Cue\ControlPanel\VersionCueTray.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Messenger\msmsgs.exe C:\Program Files\Sierra Imaging\Image Expert\IXApplet.exe C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_SICN03.EXE C:\Program Files\a-squared Anti-Malware\a2service.exe C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe C:\WINDOWS\system32\slserv.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\System32\wuauclt.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Microsoft Money\System\urlmap.exe C:\Documents and Settings\olivier\Mes documents\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/ R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\apps\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx O2 - BHO: (no name) - {63987C84-F77B-4C06-9E93-AE60CBEC71AF} - C:\WINDOWS\System32\autodis.dll O2 - BHO: (no name) - {FDD3B846-8D59-4ffb-8758-209B6AD74ACC} - C:\Program Files\Microsoft Money\System\mnyviewer.dll O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx O4 - HKLM\..\Run: [s3hotkey] S3hotkey.exe O4 - HKLM\..\Run: [s3TRAY2] S3tray2.exe O4 - HKLM\..\Run: [ESB] C:\WINDOWS\System32\ESB.exe O4 - HKLM\..\Run: [FNF22k] C:\WINDOWS\System32\FNF22k.exe O4 - HKLM\..\Run: [synTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe O4 - HKLM\..\Run: [synTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe O4 - HKLM\..\Run: [soundMan] soundman.exe O4 - HKLM\..\Run: [AdobeVersionCue] C:\Program Files\Adobe\Adobe Version Cue\ControlPanel\VersionCueTray.exe O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\System32\NeroCheck.exe O4 - HKLM\..\Run: [sBI] C:\Documents and Settings\olivier\Local Settings\Temporary Internet Files\Content.IE5\C9QNWDIX\install_sbd_fr[1].exe O4 - HKLM\..\Run: [a-squared] "C:\Program Files\a-squared Anti-Malware\a2guard.exe" /d=60 O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background O4 - Startup: Camio Viewer.lnk = C:\Program Files\Sierra Imaging\Image Expert\IXApplet.exe O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe O4 - Global Startup: EPSON Status Monitor 3 Environment Check.lnk = C:\WINDOWS\system32\spool\drivers\w32x86\3\E_SRCV03.EXE O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm O9 - Extra button: MoneySide - {E023F504-0C5A-4750-A1E7-A9046DEA8A21} - C:\Program Files\Microsoft Money\System\mnyviewer.dll O14 - IERESET.INF: START_PAGE_URL=www.packardbell.fr/center O16 - DPF: {2C7B74DE-3A9E-4CD3-A8DB-47411E9680A8} (VirginMega.DML.Interface) - http://alice.vm-wl.com/Telechargement/DownManLight.cab O23 - Service: a-squared Anti-Malware Service (a2AntiMalware) - Emsi Software GmbH - C:\Program Files\a-squared Anti-Malware\a2service.exe O23 - Service: Adobe LM Service - Unknown owner - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe O23 - Service: AdobeVersionCue - Adobe Sytems - C:\Program Files\Adobe\Adobe Version Cue\service\VersionCue.exe O23 - Service: SmartLinkService (SLService) - - C:\WINDOWS\SYSTEM32\slserv.exe

salut à tous, alors voila, j'ai visiblement un problème d'infection malware j'ai suivi une procédure pour générer des rapports Hitchakis et Diaghelp je vais peut être attendre de voir s'il a quelqu'un de dispo pour m'aider avant de les poster ? merci à tous