mr_tomi

Heuu le problème c'est que je suis sous vista, et à chaque fois que je lance combofix, il fait la vérification de la récupéraion système puis redémarre l'ordinateur, après m'avoir parlé de Rookit ou quelque chose comme sa, et quoique je fasse il se ferme instantanément après, impossible de l'utiliser, donc de m'en servir pour faire un scan ou une suppression, je pense que vista y est pour quelque chose ^^

Voila le rapport qui m'est donné suite à la recherche effectué avec Lop S&D : --------------------\\ Lop S&D 4.2.4-4 XP/Vista Microsoft® Windows Vista™ Édition Familiale Premium ( v6.0.6001 ) Service Pack 1 X86-based PC ( Multiprocessor Free : Intel® Core2 Duo CPU T7500 @ 2.20GHz ) BIOS : ZD1 v1.3708 3G08 USER : Mr_Tomi ( Not Administrator ! ) BOOT : Normal boot Antivirus : avast! antivirus 4.8.1229 [VPS 080930-0] 4.8.1229 (Activated) C:\ (Local Disk) - NTFS - Total : 111 Go Free : 7 Go D:\ (Local Disk) - NTFS - Total : 108 Go Free : 63 Go E:\ (CD or DVD) F:\ (CD or DVD) G:\ (CD or DVD) H:\ (CD or DVD) I:\ (CD or DVD) "C:\Lop SD" ( MAJ : 19-09-2008|22:20 ) Option : [1] ( 01/10/2008| 8:48 ) [ UAC => 0 ] --------------------\\ Listing des dossiers dans Local [17/04/2008|12:01] C:\Users\Mr_Tomi\AppData\Local\Acer Arcade Deluxe [17/04/2008|10:19] C:\Users\Mr_Tomi\AppData\Local\acer eNM [06/09/2008|10:19] C:\Users\Mr_Tomi\AppData\Local\Adobe [17/04/2008|21:57] C:\Users\Mr_Tomi\AppData\Local\Apple [15/07/2008|18:48] C:\Users\Mr_Tomi\AppData\Local\Apple Computer [17/04/2008|10:15] C:\Users\Mr_Tomi\AppData\Local\Application Data [08/09/2008|20:09] C:\Users\Mr_Tomi\AppData\Local\ApplicationHistory [07/09/2008|20:16] C:\Users\Mr_Tomi\AppData\Local\Autodesk [12/09/2008|07:22] C:\Users\Mr_Tomi\AppData\Local\CAPCOM [17/04/2008|23:27] C:\Users\Mr_Tomi\AppData\Local\CyberLink [17/04/2008|19:25] C:\Users\Mr_Tomi\AppData\Local\d3d9caps.dat [30/09/2008|19:39] C:\Users\Mr_Tomi\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [01/05/2008|10:47] C:\Users\Mr_Tomi\AppData\Local\fusioncache.dat [01/05/2008|10:48] C:\Users\Mr_Tomi\AppData\Local\GameSpy [21/09/2008|21:23] C:\Users\Mr_Tomi\AppData\Local\GDIPFONTCACHEV1.DAT [17/04/2008|13:15] C:\Users\Mr_Tomi\AppData\Local\Google [17/04/2008|10:15] C:\Users\Mr_Tomi\AppData\Local\Historique [17/04/2008|23:27] C:\Users\Mr_Tomi\AppData\Local\HomeMedia [01/10/2008|07:25] C:\Users\Mr_Tomi\AppData\Local\IconCache.db [12/09/2008|08:15] C:\Users\Mr_Tomi\AppData\Local\Installer2468 [20/06/2008|21:12] C:\Users\Mr_Tomi\AppData\Local\Microsoft [18/04/2008|12:06] C:\Users\Mr_Tomi\AppData\Local\Microsoft Help [17/04/2008|10:48] C:\Users\Mr_Tomi\AppData\Local\Mozilla [17/04/2008|10:19] C:\Users\Mr_Tomi\AppData\Local\PlayMovie [17/04/2008|12:01] C:\Users\Mr_Tomi\AppData\Local\PowerCinema [17/04/2008|23:26] C:\Users\Mr_Tomi\AppData\Local\SportsCap [08/05/2008|00:44] C:\Users\Mr_Tomi\AppData\Local\Steam [01/10/2008|08:47] C:\Users\Mr_Tomi\AppData\Local\Temp [16/09/2008|08:19] C:\Users\Mr_Tomi\AppData\Local\TempDIR [17/04/2008|10:15] C:\Users\Mr_Tomi\AppData\Local\Temporary Internet Files [17/04/2008|13:17] C:\Users\Mr_Tomi\AppData\Local\TV Joy [17/04/2008|10:25] C:\Users\Mr_Tomi\AppData\Local\TVEnhance [18/04/2008|00:27] C:\Users\Mr_Tomi\AppData\Local\VirtualStore --------------------\\ Tâches planifiées dans C:\Windows\tasks [01/10/2008 08:44][--a------] C:\Windows\tasks\Maintenance en 1 clic.job [01/10/2008 08:43][--ah-----] C:\Windows\tasks\SA.DAT [01/10/2008 07:26][--a------] C:\Windows\tasks\SCHEDLGU.TXT --------------------\\ Listing des dossiers dans C:\ProgramData [14/08/2007|11:14] C:\ProgramData\{174892B1-CBE7-44F5-86FF-AB555EFD73A3} [25/09/2008|19:55] C:\ProgramData\{3276BE95_AF08_429F_A64F_CA64CB79BCF6} [06/09/2008|10:04] C:\ProgramData\Adobe [06/09/2008|03:04] C:\ProgramData\ALM [17/04/2008|21:56] C:\ProgramData\Apple [17/04/2008|21:59] C:\ProgramData\Apple Computer [02/11/2006|15:02] C:\ProgramData\Application Data [19/04/2008|23:01] C:\ProgramData\Arcade Lab [07/09/2008|20:22] C:\ProgramData\Autodesk [17/04/2008|15:03] C:\ProgramData\Azureus [21/04/2008|22:56] C:\ProgramData\BM0fb4a0cd.txt [26/04/2008|07:22] C:\ProgramData\BM0fb4a0cd.xml [17/04/2008|10:12] C:\ProgramData\Bureau [17/04/2008|13:06] C:\ProgramData\CyberLink [20/04/2008|12:36] C:\ProgramData\DAEMON Tools Pro [02/11/2006|15:02] C:\ProgramData\Desktop [02/11/2006|15:02] C:\ProgramData\Documents [19/04/2008|20:20] C:\ProgramData\ezsid.dat [17/04/2008|10:12] C:\ProgramData\Favoris [02/11/2006|15:02] C:\ProgramData\Favorites [30/09/2008|07:35] C:\ProgramData\FLEXnet [20/04/2008|13:50] C:\ProgramData\Forge of Games [22/08/2008|19:49] C:\ProgramData\Google [21/04/2008|18:47] C:\ProgramData\Lavasoft [21/04/2008|18:55] C:\ProgramData\Malwarebytes [17/04/2008|10:12] C:\ProgramData\Menu D‚marrer [17/04/2008|18:37] C:\ProgramData\Messenger Plus! [25/04/2008|22:40] C:\ProgramData\Microsoft [18/04/2008|11:55] C:\ProgramData\Microsoft Help [17/04/2008|10:12] C:\ProgramData\ModŠles [18/04/2008|19:57] C:\ProgramData\MumboJumbo [20/05/2008|07:08] C:\ProgramData\ntuser.pol [25/04/2008|22:36] C:\ProgramData\Prevx [24/04/2008|23:46] C:\ProgramData\pskt.ini [19/04/2008|20:17] C:\ProgramData\Skype [30/09/2008|14:24] C:\ProgramData\Spybot - Search & Destroy [02/11/2006|15:02] C:\ProgramData\Start Menu [17/04/2008|11:10] C:\ProgramData\Symantec [04/05/2008|13:49] C:\ProgramData\TEMP [02/11/2006|15:02] C:\ProgramData\Templates [17/04/2008|18:26] C:\ProgramData\TuneUp Software [20/04/2008|11:14] C:\ProgramData\Ubisoft [17/04/2008|13:41] C:\ProgramData\WLInstaller --------------------\\ Listing des dossiers dans C:\Program Files [21/09/2007|20:48] C:\Program Files\Acer [21/09/2007|20:35] C:\Program Files\Acer Arcade Deluxe [21/09/2007|20:29] C:\Program Files\ACER Crystal Eye webcam [02/05/2008|16:24] C:\Program Files\Acer GameZone [21/09/2007|20:49] C:\Program Files\Acer Inc [14/08/2007|11:14] C:\Program Files\Activation Assistant for the 2007 Microsoft Office suites [27/04/2008|08:47] C:\Program Files\Activision [06/09/2008|03:06] C:\Program Files\Adobe [17/04/2008|11:16] C:\Program Files\Alwil Software [17/08/2008|21:18] C:\Program Files\Apple Software Update [21/04/2008|17:32] C:\Program Files\Apple Software Update(2) [23/04/2008|06:30] C:\Program Files\Apple Software Update(3) [07/09/2008|20:16] C:\Program Files\Autodesk [12/07/2008|11:18] C:\Program Files\Azureus [25/09/2008|18:45] C:\Program Files\Bonjour [12/09/2008|07:05] C:\Program Files\CAPCOM [18/06/2008|19:25] C:\Program Files\CASIO [07/09/2008|12:21] C:\Program Files\Common Files [14/08/2007|09:44] C:\Program Files\CONEXANT [14/08/2007|10:55] C:\Program Files\CyberLink [23/04/2008|07:19] C:\Program Files\DAEMON Tools Pro [17/04/2008|20:58] C:\Program Files\DivX [29/09/2008|18:18] C:\Program Files\Enigma Software Group [16/09/2008|08:57] C:\Program Files\EoRezo [17/04/2008|10:12] C:\Program Files\Fichiers communs [C:\Program Files\Common Files] [23/06/2008|10:32] C:\Program Files\Games-Masters.com [01/05/2008|10:35] C:\Program Files\GameSpy [22/08/2008|19:50] C:\Program Files\Google [04/05/2008|12:02] C:\Program Files\Hamachi [30/09/2008|14:25] C:\Program Files\Hitman Pro [18/04/2008|23:01] C:\Program Files\i.Hex [04/05/2008|10:47] C:\Program Files\InstallShield Installation Information [17/04/2008|10:15] C:\Program Files\Intel [08/06/2008|12:49] C:\Program Files\Internet Explorer [25/09/2008|19:55] C:\Program Files\iPod [25/09/2008|19:55] C:\Program Files\iTunes [19/09/2008|11:36] C:\Program Files\Java [21/09/2007|20:33] C:\Program Files\Launch Manager [25/04/2008|22:40] C:\Program Files\Lavasoft [07/07/2008|11:18] C:\Program Files\LimeWire [30/09/2008|07:35] C:\Program Files\Lineage II [07/09/2008|12:16] C:\Program Files\MagicDisc [23/04/2008|07:19] C:\Program Files\Malwarebytes' Anti-Malware [11/09/2008|15:40] C:\Program Files\Messenger Plus! Live [02/11/2006|14:37] C:\Program Files\Microsoft Games [18/04/2008|11:51] C:\Program Files\Microsoft SDKs [20/08/2008|11:34] C:\Program Files\Microsoft Silverlight [18/04/2008|11:53] C:\Program Files\Microsoft Visual Studio 9.0 [18/04/2008|11:52] C:\Program Files\Microsoft.NET [08/06/2008|12:49] C:\Program Files\Movie Maker [01/10/2008|08:46] C:\Program Files\Mozilla Firefox [02/11/2006|14:37] C:\Program Files\MSBuild [17/04/2008|12:07] C:\Program Files\MSXML 4.0 [14/08/2007|10:45] C:\Program Files\NewTech Infosystems [30/09/2008|07:35] C:\Program Files\OpenOffice.org 2.4 [18/04/2008|10:50] C:\Program Files\PremiumSoft [25/09/2008|19:54] C:\Program Files\QuickTime [21/09/2007|20:28] C:\Program Files\Realtek [02/11/2006|14:37] C:\Program Files\Reference Assemblies [11/06/2008|20:01] C:\Program Files\RivaTuner v2.09 [14/07/2008|10:37] C:\Program Files\Safari [19/04/2008|20:17] C:\Program Files\Skype [25/04/2008|22:42] C:\Program Files\Spybot - Search & Destroy [25/04/2008|22:43] C:\Program Files\Spyware Doctor [25/04/2008|22:45] C:\Program Files\SpywareBlaster [24/05/2008|09:42] C:\Program Files\Steam [21/09/2007|20:29] C:\Program Files\SUYIN [14/08/2007|10:02] C:\Program Files\Synaptics [17/04/2008|19:32] C:\Program Files\Teamspeak2_RC2 [30/09/2008|14:42] C:\Program Files\Trend Micro [20/06/2008|18:13] C:\Program Files\TSO [21/08/2008|11:35] C:\Program Files\TuneUp Utilities 2008 [02/11/2006|15:01] C:\Program Files\Uninstall Information [26/09/2008|20:29] C:\Program Files\Webteh [21/09/2007|20:46] C:\Program Files\WIDCOMM [14/08/2007|10:05] C:\Program Files\Winbond Electronics [08/06/2008|12:49] C:\Program Files\Windows Calendar [08/06/2008|12:49] C:\Program Files\Windows Collaboration [08/06/2008|12:49] C:\Program Files\Windows Defender [08/06/2008|12:49] C:\Program Files\Windows Journal [17/04/2008|13:44] C:\Program Files\Windows Live [16/08/2008|13:30] C:\Program Files\Windows Mail [08/06/2008|12:49] C:\Program Files\Windows Media Player [17/04/2008|10:12] C:\Program Files\Windows NT [08/06/2008|12:49] C:\Program Files\Windows Photo Gallery [08/06/2008|12:49] C:\Program Files\Windows Sidebar [17/04/2008|17:39] C:\Program Files\WinRAR [28/09/2008|21:36] C:\Program Files\XMoto [17/04/2008|11:04] C:\Program Files\Yahoo! --------------------\\ Listing des dossiers dans C:\Program Files\Common Files [06/09/2008|03:07] C:\Program Files\Common Files\Adobe [25/09/2008|19:53] C:\Program Files\Common Files\Apple [07/09/2008|20:22] C:\Program Files\Common Files\Autodesk Shared [06/09/2008|03:06] C:\Program Files\Common Files\Control Panels [18/04/2008|00:40] C:\Program Files\Common Files\Futuremark Shared [17/04/2008|18:08] C:\Program Files\Common Files\INCA Shared [14/08/2007|10:52] C:\Program Files\Common Files\InstallShield [18/04/2008|00:34] C:\Program Files\Common Files\Java [14/08/2007|10:45] C:\Program Files\Common Files\LightScribe [06/09/2008|02:36] C:\Program Files\Common Files\Macrovision Shared [18/04/2008|11:53] C:\Program Files\Common Files\Merge Modules [01/05/2008|10:23] C:\Program Files\Common Files\microsoft shared [14/08/2007|10:44] C:\Program Files\Common Files\muvee Technologies [14/08/2007|10:45] C:\Program Files\Common Files\NewTech Infosystems [14/08/2007|10:38] C:\Program Files\Common Files\Oberon Media [17/04/2008|20:58] C:\Program Files\Common Files\PX Storage Engine [02/11/2006|13:18] C:\Program Files\Common Files\Services [19/04/2008|20:17] C:\Program Files\Common Files\Skype [21/09/2007|20:28] C:\Program Files\Common Files\snp2uvc [02/11/2006|13:18] C:\Program Files\Common Files\SpeechEngines [08/05/2008|01:12] C:\Program Files\Common Files\Steam [17/04/2008|11:12] C:\Program Files\Common Files\Symantec Shared [08/06/2008|12:49] C:\Program Files\Common Files\System [17/04/2008|13:30] C:\Program Files\Common Files\WindowsLiveInstaller [23/06/2008|09:52] C:\Program Files\Common Files\Wise Installation Wizard --------------------\\ Process ( 72 Processes ) ... OK ! --------------------\\ Recherche avec S_Lop Aucun fichier / dossier Lop trouvé ! --------------------\\ Recherche de Fichiers / Dossiers Lop C:\Users\Mr_Tomi\AppData\Roaming\MICROS~1\Windows\Cookies\mr_tomi@adin.bigpoint[2].txt C:\Users\Mr_Tomi\AppData\Roaming\MICROS~1\Windows\Cookies\mr_tomi@fr1.seafight[2].txt C:\Users\Mr_Tomi\AppData\Roaming\MICROS~1\Windows\Cookies\mr_tomi@seafight[2].txt --------------------\\ Verification du Registre ..... OK ! --------------------\\ Verification du fichier Hosts Fichier Hosts PROPRE --------------------\\ Recherche de fichiers avec Catchme catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2008-10-01 08:48:21 Windows 6.0.6001 Service Pack 1 NTFS scanning hidden processes ... scanning hidden files ... disk error: C:\Windows\System32\ please note that you need administrator rights to perform deep scan --------------------\\ Recherche d'autres infections C:\Windows\system32\poYbHRqr.ini C:\Windows\system32\poYbHRqr.ini2 ==> VUNDO <== --------------------\\ ROOTKIT !! Rootkit Tibs ! .. [HKLM\..\CurrentControlSet\Enum\Root\LEGACY_TDSSSERV] Rootkit Tibs ! .. [HKLM\..\CurrentControlSet\Enum\Root\tdssserv] Rootkit Tibs ! .. [HKLM\..\ControlSet001\Enum\Root\LEGACY_TDSSSERV] Rootkit Tibs ! .. [HKLM\..\ControlSet001\Enum\Root\tdssserv] Rootkit Tibs ! .. [HKLM\..\ControlSet003\Enum\Root\LEGACY_TDSSSERV] Rootkit Tibs ! .. [HKLM\..\ControlSet003\Enum\Root\tdssserv] Trojan ! .. C:\Windows\system32\drivers\tdssserv.sys Trojan ! .. C:\Windows\system32\tdssl.dll --------------------\\ Cracks & Keygens .. C:\Users\Mr_Tomi\AppData\Roaming\Azureus\torrents\3D Studio Max 9 + Tutorials and Keygen [mininova].torrent C:\Users\Mr_Tomi\AppData\Roaming\Azureus\torrents\Adobe InDesign CS3 v5.0 with Crack [mininova].torrent C:\Users\Mr_Tomi\AppData\Roaming\Azureus\torrents\Adobe.After.Effects.CS3.FRENCH.with.crack.Good.torrent C:\Users\Mr_Tomi\Downloads\GoogleEarthPro4.0.2737_(www.TryFile.com)\Google Earth Pro 4.0.2737 1\Crack C:\Users\Mr_Tomi\Downloads\GoogleEarthPro4.0.2737_(www.TryFile.com)\Google Earth Pro 4.0.2737 1\Crack\default_lt.kvw C:\Users\Mr_Tomi\Downloads\GoogleEarthPro4.0.2737_(www.TryFile.com)\Google Earth Pro 4.0.2737 1\Crack\evll.dll C:\Users\Mr_Tomi\Downloads\GoogleEarthPro4.0.2737_(www.TryFile.com)\Google Earth Pro 4.0.2737 1\Crack\How To Crack.txt [F:159][D:75]-> C:\Users\Mr_Tomi\AppData\Local\Temp [F:177][D:1]-> C:\Users\Mr_Tomi\AppData\Roaming\MICROS~1\Windows\Cookies [F:3337][D:8]-> C:\Users\Mr_Tomi\AppData\Local\MICROS~1\Windows\TEMPOR~1\content.IE5 [F:12][D:3]-> C:\$Recycle.Bin 1 - "C:\Lop SD\LopR_1.txt" - 01/10/2008| 8:49 - Option : [1] --------------------\\ Fin du rapport a 8:49:07 [ UAC => 1 ] Et le rapport suite à l'option 2, de suppression donc : --------------------\\ Lop S&D 4.2.4-4 XP/Vista Microsoft® Windows Vista™ Édition Familiale Premium ( v6.0.6001 ) Service Pack 1 X86-based PC ( Multiprocessor Free : Intel® Core2 Duo CPU T7500 @ 2.20GHz ) BIOS : ZD1 v1.3708 3G08 USER : Mr_Tomi ( Not Administrator ! ) BOOT : Normal boot Antivirus : avast! antivirus 4.8.1229 [VPS 080930-0] 4.8.1229 (Activated) C:\ (Local Disk) - NTFS - Total : 111 Go Free : 7 Go D:\ (Local Disk) - NTFS - Total : 108 Go Free : 63 Go E:\ (CD or DVD) F:\ (CD or DVD) G:\ (CD or DVD) H:\ (CD or DVD) I:\ (CD or DVD) "C:\Lop SD" ( MAJ : 19-09-2008|22:20 ) Option : [1] ( 01/10/2008| 8:48 ) [ UAC => 0 ] --------------------\\ Listing des dossiers dans Local [17/04/2008|12:01] C:\Users\Mr_Tomi\AppData\Local\Acer Arcade Deluxe [17/04/2008|10:19] C:\Users\Mr_Tomi\AppData\Local\acer eNM [06/09/2008|10:19] C:\Users\Mr_Tomi\AppData\Local\Adobe [17/04/2008|21:57] C:\Users\Mr_Tomi\AppData\Local\Apple [15/07/2008|18:48] C:\Users\Mr_Tomi\AppData\Local\Apple Computer [17/04/2008|10:15] C:\Users\Mr_Tomi\AppData\Local\Application Data [08/09/2008|20:09] C:\Users\Mr_Tomi\AppData\Local\ApplicationHistory [07/09/2008|20:16] C:\Users\Mr_Tomi\AppData\Local\Autodesk [12/09/2008|07:22] C:\Users\Mr_Tomi\AppData\Local\CAPCOM [17/04/2008|23:27] C:\Users\Mr_Tomi\AppData\Local\CyberLink [17/04/2008|19:25] C:\Users\Mr_Tomi\AppData\Local\d3d9caps.dat [30/09/2008|19:39] C:\Users\Mr_Tomi\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [01/05/2008|10:47] C:\Users\Mr_Tomi\AppData\Local\fusioncache.dat [01/05/2008|10:48] C:\Users\Mr_Tomi\AppData\Local\GameSpy [21/09/2008|21:23] C:\Users\Mr_Tomi\AppData\Local\GDIPFONTCACHEV1.DAT [17/04/2008|13:15] C:\Users\Mr_Tomi\AppData\Local\Google [17/04/2008|10:15] C:\Users\Mr_Tomi\AppData\Local\Historique [17/04/2008|23:27] C:\Users\Mr_Tomi\AppData\Local\HomeMedia [01/10/2008|07:25] C:\Users\Mr_Tomi\AppData\Local\IconCache.db [12/09/2008|08:15] C:\Users\Mr_Tomi\AppData\Local\Installer2468 [20/06/2008|21:12] C:\Users\Mr_Tomi\AppData\Local\Microsoft [18/04/2008|12:06] C:\Users\Mr_Tomi\AppData\Local\Microsoft Help [17/04/2008|10:48] C:\Users\Mr_Tomi\AppData\Local\Mozilla [17/04/2008|10:19] C:\Users\Mr_Tomi\AppData\Local\PlayMovie [17/04/2008|12:01] C:\Users\Mr_Tomi\AppData\Local\PowerCinema [17/04/2008|23:26] C:\Users\Mr_Tomi\AppData\Local\SportsCap [08/05/2008|00:44] C:\Users\Mr_Tomi\AppData\Local\Steam [01/10/2008|08:47] C:\Users\Mr_Tomi\AppData\Local\Temp [16/09/2008|08:19] C:\Users\Mr_Tomi\AppData\Local\TempDIR [17/04/2008|10:15] C:\Users\Mr_Tomi\AppData\Local\Temporary Internet Files [17/04/2008|13:17] C:\Users\Mr_Tomi\AppData\Local\TV Joy [17/04/2008|10:25] C:\Users\Mr_Tomi\AppData\Local\TVEnhance [18/04/2008|00:27] C:\Users\Mr_Tomi\AppData\Local\VirtualStore --------------------\\ Tâches planifiées dans C:\Windows\tasks [01/10/2008 08:44][--a------] C:\Windows\tasks\Maintenance en 1 clic.job [01/10/2008 08:43][--ah-----] C:\Windows\tasks\SA.DAT [01/10/2008 07:26][--a------] C:\Windows\tasks\SCHEDLGU.TXT --------------------\\ Listing des dossiers dans C:\ProgramData [14/08/2007|11:14] C:\ProgramData\{174892B1-CBE7-44F5-86FF-AB555EFD73A3} [25/09/2008|19:55] C:\ProgramData\{3276BE95_AF08_429F_A64F_CA64CB79BCF6} [06/09/2008|10:04] C:\ProgramData\Adobe [06/09/2008|03:04] C:\ProgramData\ALM [17/04/2008|21:56] C:\ProgramData\Apple [17/04/2008|21:59] C:\ProgramData\Apple Computer [02/11/2006|15:02] C:\ProgramData\Application Data [19/04/2008|23:01] C:\ProgramData\Arcade Lab [07/09/2008|20:22] C:\ProgramData\Autodesk [17/04/2008|15:03] C:\ProgramData\Azureus [21/04/2008|22:56] C:\ProgramData\BM0fb4a0cd.txt [26/04/2008|07:22] C:\ProgramData\BM0fb4a0cd.xml [17/04/2008|10:12] C:\ProgramData\Bureau [17/04/2008|13:06] C:\ProgramData\CyberLink [20/04/2008|12:36] C:\ProgramData\DAEMON Tools Pro [02/11/2006|15:02] C:\ProgramData\Desktop [02/11/2006|15:02] C:\ProgramData\Documents [19/04/2008|20:20] C:\ProgramData\ezsid.dat [17/04/2008|10:12] C:\ProgramData\Favoris [02/11/2006|15:02] C:\ProgramData\Favorites [30/09/2008|07:35] C:\ProgramData\FLEXnet [20/04/2008|13:50] C:\ProgramData\Forge of Games [22/08/2008|19:49] C:\ProgramData\Google [21/04/2008|18:47] C:\ProgramData\Lavasoft [21/04/2008|18:55] C:\ProgramData\Malwarebytes [17/04/2008|10:12] C:\ProgramData\Menu D‚marrer [17/04/2008|18:37] C:\ProgramData\Messenger Plus! [25/04/2008|22:40] C:\ProgramData\Microsoft [18/04/2008|11:55] C:\ProgramData\Microsoft Help [17/04/2008|10:12] C:\ProgramData\ModŠles [18/04/2008|19:57] C:\ProgramData\MumboJumbo [20/05/2008|07:08] C:\ProgramData\ntuser.pol [25/04/2008|22:36] C:\ProgramData\Prevx [24/04/2008|23:46] C:\ProgramData\pskt.ini [19/04/2008|20:17] C:\ProgramData\Skype [30/09/2008|14:24] C:\ProgramData\Spybot - Search & Destroy [02/11/2006|15:02] C:\ProgramData\Start Menu [17/04/2008|11:10] C:\ProgramData\Symantec [04/05/2008|13:49] C:\ProgramData\TEMP [02/11/2006|15:02] C:\ProgramData\Templates [17/04/2008|18:26] C:\ProgramData\TuneUp Software [20/04/2008|11:14] C:\ProgramData\Ubisoft [17/04/2008|13:41] C:\ProgramData\WLInstaller --------------------\\ Listing des dossiers dans C:\Program Files [21/09/2007|20:48] C:\Program Files\Acer [21/09/2007|20:35] C:\Program Files\Acer Arcade Deluxe [21/09/2007|20:29] C:\Program Files\ACER Crystal Eye webcam [02/05/2008|16:24] C:\Program Files\Acer GameZone [21/09/2007|20:49] C:\Program Files\Acer Inc [14/08/2007|11:14] C:\Program Files\Activation Assistant for the 2007 Microsoft Office suites [27/04/2008|08:47] C:\Program Files\Activision [06/09/2008|03:06] C:\Program Files\Adobe [17/04/2008|11:16] C:\Program Files\Alwil Software [17/08/2008|21:18] C:\Program Files\Apple Software Update [21/04/2008|17:32] C:\Program Files\Apple Software Update(2) [23/04/2008|06:30] C:\Program Files\Apple Software Update(3) [07/09/2008|20:16] C:\Program Files\Autodesk [12/07/2008|11:18] C:\Program Files\Azureus [25/09/2008|18:45] C:\Program Files\Bonjour [12/09/2008|07:05] C:\Program Files\CAPCOM [18/06/2008|19:25] C:\Program Files\CASIO [07/09/2008|12:21] C:\Program Files\Common Files [14/08/2007|09:44] C:\Program Files\CONEXANT [14/08/2007|10:55] C:\Program Files\CyberLink [23/04/2008|07:19] C:\Program Files\DAEMON Tools Pro [17/04/2008|20:58] C:\Program Files\DivX [29/09/2008|18:18] C:\Program Files\Enigma Software Group [16/09/2008|08:57] C:\Program Files\EoRezo [17/04/2008|10:12] C:\Program Files\Fichiers communs [C:\Program Files\Common Files] [23/06/2008|10:32] C:\Program Files\Games-Masters.com [01/05/2008|10:35] C:\Program Files\GameSpy [22/08/2008|19:50] C:\Program Files\Google [04/05/2008|12:02] C:\Program Files\Hamachi [30/09/2008|14:25] C:\Program Files\Hitman Pro [18/04/2008|23:01] C:\Program Files\i.Hex [04/05/2008|10:47] C:\Program Files\InstallShield Installation Information [17/04/2008|10:15] C:\Program Files\Intel [08/06/2008|12:49] C:\Program Files\Internet Explorer [25/09/2008|19:55] C:\Program Files\iPod [25/09/2008|19:55] C:\Program Files\iTunes [19/09/2008|11:36] C:\Program Files\Java [21/09/2007|20:33] C:\Program Files\Launch Manager [25/04/2008|22:40] C:\Program Files\Lavasoft [07/07/2008|11:18] C:\Program Files\LimeWire [30/09/2008|07:35] C:\Program Files\Lineage II [07/09/2008|12:16] C:\Program Files\MagicDisc [23/04/2008|07:19] C:\Program Files\Malwarebytes' Anti-Malware [11/09/2008|15:40] C:\Program Files\Messenger Plus! Live [02/11/2006|14:37] C:\Program Files\Microsoft Games [18/04/2008|11:51] C:\Program Files\Microsoft SDKs [20/08/2008|11:34] C:\Program Files\Microsoft Silverlight [18/04/2008|11:53] C:\Program Files\Microsoft Visual Studio 9.0 [18/04/2008|11:52] C:\Program Files\Microsoft.NET [08/06/2008|12:49] C:\Program Files\Movie Maker [01/10/2008|08:46] C:\Program Files\Mozilla Firefox [02/11/2006|14:37] C:\Program Files\MSBuild [17/04/2008|12:07] C:\Program Files\MSXML 4.0 [14/08/2007|10:45] C:\Program Files\NewTech Infosystems [30/09/2008|07:35] C:\Program Files\OpenOffice.org 2.4 [18/04/2008|10:50] C:\Program Files\PremiumSoft [25/09/2008|19:54] C:\Program Files\QuickTime [21/09/2007|20:28] C:\Program Files\Realtek [02/11/2006|14:37] C:\Program Files\Reference Assemblies [11/06/2008|20:01] C:\Program Files\RivaTuner v2.09 [14/07/2008|10:37] C:\Program Files\Safari [19/04/2008|20:17] C:\Program Files\Skype [25/04/2008|22:42] C:\Program Files\Spybot - Search & Destroy [25/04/2008|22:43] C:\Program Files\Spyware Doctor [25/04/2008|22:45] C:\Program Files\SpywareBlaster [24/05/2008|09:42] C:\Program Files\Steam [21/09/2007|20:29] C:\Program Files\SUYIN [14/08/2007|10:02] C:\Program Files\Synaptics [17/04/2008|19:32] C:\Program Files\Teamspeak2_RC2 [30/09/2008|14:42] C:\Program Files\Trend Micro [20/06/2008|18:13] C:\Program Files\TSO [21/08/2008|11:35] C:\Program Files\TuneUp Utilities 2008 [02/11/2006|15:01] C:\Program Files\Uninstall Information [26/09/2008|20:29] C:\Program Files\Webteh [21/09/2007|20:46] C:\Program Files\WIDCOMM [14/08/2007|10:05] C:\Program Files\Winbond Electronics [08/06/2008|12:49] C:\Program Files\Windows Calendar [08/06/2008|12:49] C:\Program Files\Windows Collaboration [08/06/2008|12:49] C:\Program Files\Windows Defender [08/06/2008|12:49] C:\Program Files\Windows Journal [17/04/2008|13:44] C:\Program Files\Windows Live [16/08/2008|13:30] C:\Program Files\Windows Mail [08/06/2008|12:49] C:\Program Files\Windows Media Player [17/04/2008|10:12] C:\Program Files\Windows NT [08/06/2008|12:49] C:\Program Files\Windows Photo Gallery [08/06/2008|12:49] C:\Program Files\Windows Sidebar [17/04/2008|17:39] C:\Program Files\WinRAR [28/09/2008|21:36] C:\Program Files\XMoto [17/04/2008|11:04] C:\Program Files\Yahoo! --------------------\\ Listing des dossiers dans C:\Program Files\Common Files [06/09/2008|03:07] C:\Program Files\Common Files\Adobe [25/09/2008|19:53] C:\Program Files\Common Files\Apple [07/09/2008|20:22] C:\Program Files\Common Files\Autodesk Shared [06/09/2008|03:06] C:\Program Files\Common Files\Control Panels [18/04/2008|00:40] C:\Program Files\Common Files\Futuremark Shared [17/04/2008|18:08] C:\Program Files\Common Files\INCA Shared [14/08/2007|10:52] C:\Program Files\Common Files\InstallShield [18/04/2008|00:34] C:\Program Files\Common Files\Java [14/08/2007|10:45] C:\Program Files\Common Files\LightScribe [06/09/2008|02:36] C:\Program Files\Common Files\Macrovision Shared [18/04/2008|11:53] C:\Program Files\Common Files\Merge Modules [01/05/2008|10:23] C:\Program Files\Common Files\microsoft shared [14/08/2007|10:44] C:\Program Files\Common Files\muvee Technologies [14/08/2007|10:45] C:\Program Files\Common Files\NewTech Infosystems [14/08/2007|10:38] C:\Program Files\Common Files\Oberon Media [17/04/2008|20:58] C:\Program Files\Common Files\PX Storage Engine [02/11/2006|13:18] C:\Program Files\Common Files\Services [19/04/2008|20:17] C:\Program Files\Common Files\Skype [21/09/2007|20:28] C:\Program Files\Common Files\snp2uvc [02/11/2006|13:18] C:\Program Files\Common Files\SpeechEngines [08/05/2008|01:12] C:\Program Files\Common Files\Steam [17/04/2008|11:12] C:\Program Files\Common Files\Symantec Shared [08/06/2008|12:49] C:\Program Files\Common Files\System [17/04/2008|13:30] C:\Program Files\Common Files\WindowsLiveInstaller [23/06/2008|09:52] C:\Program Files\Common Files\Wise Installation Wizard --------------------\\ Process ( 72 Processes ) ... OK ! --------------------\\ Recherche avec S_Lop Aucun fichier / dossier Lop trouvé ! --------------------\\ Recherche de Fichiers / Dossiers Lop C:\Users\Mr_Tomi\AppData\Roaming\MICROS~1\Windows\Cookies\mr_tomi@adin.bigpoint[2].txt C:\Users\Mr_Tomi\AppData\Roaming\MICROS~1\Windows\Cookies\mr_tomi@fr1.seafight[2].txt C:\Users\Mr_Tomi\AppData\Roaming\MICROS~1\Windows\Cookies\mr_tomi@seafight[2].txt --------------------\\ Verification du Registre ..... OK ! --------------------\\ Verification du fichier Hosts Fichier Hosts PROPRE --------------------\\ Recherche de fichiers avec Catchme catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2008-10-01 08:48:21 Windows 6.0.6001 Service Pack 1 NTFS scanning hidden processes ... scanning hidden files ... disk error: C:\Windows\System32\ please note that you need administrator rights to perform deep scan --------------------\\ Recherche d'autres infections C:\Windows\system32\poYbHRqr.ini C:\Windows\system32\poYbHRqr.ini2 ==> VUNDO <== --------------------\\ ROOTKIT !! Rootkit Tibs ! .. [HKLM\..\CurrentControlSet\Enum\Root\LEGACY_TDSSSERV] Rootkit Tibs ! .. [HKLM\..\CurrentControlSet\Enum\Root\tdssserv] Rootkit Tibs ! .. [HKLM\..\ControlSet001\Enum\Root\LEGACY_TDSSSERV] Rootkit Tibs ! .. [HKLM\..\ControlSet001\Enum\Root\tdssserv] Rootkit Tibs ! .. [HKLM\..\ControlSet003\Enum\Root\LEGACY_TDSSSERV] Rootkit Tibs ! .. [HKLM\..\ControlSet003\Enum\Root\tdssserv] Trojan ! .. C:\Windows\system32\drivers\tdssserv.sys Trojan ! .. C:\Windows\system32\tdssl.dll --------------------\\ Cracks & Keygens .. C:\Users\Mr_Tomi\AppData\Roaming\Azureus\torrents\3D Studio Max 9 + Tutorials and Keygen [mininova].torrent C:\Users\Mr_Tomi\AppData\Roaming\Azureus\torrents\Adobe InDesign CS3 v5.0 with Crack [mininova].torrent C:\Users\Mr_Tomi\AppData\Roaming\Azureus\torrents\Adobe.After.Effects.CS3.FRENCH.with.crack.Good.torrent C:\Users\Mr_Tomi\Downloads\GoogleEarthPro4.0.2737_(www.TryFile.com)\Google Earth Pro 4.0.2737 1\Crack C:\Users\Mr_Tomi\Downloads\GoogleEarthPro4.0.2737_(www.TryFile.com)\Google Earth Pro 4.0.2737 1\Crack\default_lt.kvw C:\Users\Mr_Tomi\Downloads\GoogleEarthPro4.0.2737_(www.TryFile.com)\Google Earth Pro 4.0.2737 1\Crack\evll.dll C:\Users\Mr_Tomi\Downloads\GoogleEarthPro4.0.2737_(www.TryFile.com)\Google Earth Pro 4.0.2737 1\Crack\How To Crack.txt [F:159][D:75]-> C:\Users\Mr_Tomi\AppData\Local\Temp [F:177][D:1]-> C:\Users\Mr_Tomi\AppData\Roaming\MICROS~1\Windows\Cookies [F:3337][D:8]-> C:\Users\Mr_Tomi\AppData\Local\MICROS~1\Windows\TEMPOR~1\content.IE5 [F:12][D:3]-> C:\$Recycle.Bin 1 - "C:\Lop SD\LopR_1.txt" - 01/10/2008| 8:49 - Option : [1] --------------------\\ Fin du rapport a 8:49:07 [ UAC => 1 ]

Oulaaa j'aimerais bien savoir, mais sa a du duré au maximum 5 à 10 secondes, j'ai même pas eu le temps de lire une ligne ^^

Je comptais formaté car j'ai tout un tas de logiciels qui me servent plus à rien et dont la plupart ont mal été désinstallé, donc histoire d'avoir un pc propre, je vais formaté, mais s'il est conseillé de désinfecter d'abord, dans ce cas, je vais faire la manip combofix. Au fait, un problème de plus, maintenant, smart antivirus ne se démare plus, cependant, internet explorer est inutilisable, lorsque je le lance, le programme se bloque à chaque fois, et ne répond plus, j'ai même eu un écran bleu, en le laissant bloqué pendant plusieur minutes, espérant qu'il se débloque. Est-ce normal ?

Une petite question encore, avant de me lancer dans la manip combofix, est-ce que si je formate mon pc, le problème disparaitra ? Sa me ferais gagner du temps car dans tous les cas je compte le formater d'ici peu ^^

Merci beaucoup pear d'avoir répondu aussi vite, voici donc le rapport donné par SmitfraudFix lorsque je lance une recherche : SmitFraudFix v2.354 Scan done at 18:12:04,77, 30/09/2008 Run from C:\Program Files\Mozilla Firefox\SmitfraudFix OS: Microsoft Windows [version 6.0.6001] - Windows_NT The filesystem type is Fix run in normal mode »»»»»»»»»»»»»»»»»»»»»»»» Process C:\Windows\system32\csrss.exe C:\Windows\system32\wininit.exe C:\Windows\system32\csrss.exe C:\Windows\system32\services.exe C:\Windows\system32\lsass.exe C:\Windows\system32\lsm.exe C:\Windows\system32\svchost.exe C:\Windows\system32\svchost.exe C:\Windows\system32\winlogon.exe C:\Windows\System32\svchost.exe C:\Windows\System32\svchost.exe C:\Windows\System32\svchost.exe C:\Windows\system32\svchost.exe C:\Windows\system32\SLsvc.exe C:\Windows\system32\svchost.exe C:\Windows\system32\svchost.exe C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe C:\Program Files\Alwil Software\Avast4\ashServ.exe C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Windows\System32\spoolsv.exe C:\Windows\system32\svchost.exe C:\Windows\system32\taskeng.exe C:\Windows\system32\taskeng.exe C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe C:\Program Files\iTunes\iTunesHelper.exe C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe C:\Users\Mr_Tomi\AppData\Roaming\Adobe\Player.exe C:\Program Files\Smart Antivirus 2009\Smart Antivirus-2009.exe C:\Acer\ALaunch\ALaunchSvc.exe c:\xampp\apache\bin\apache.exe C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe C:\Program Files\Bonjour\mDNSResponder.exe C:\Windows\system32\svchost.exe C:\Acer\Empowering Technology\eDataSecurity\eDSService.exe C:\Acer\Empowering Technology\eLock\Service\eLockServ.exe C:\Acer\Empowering Technology\eNet\eNet Service.exe C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe C:\Program Files\Common Files\LightScribe\LSSrvc.exe C:\Acer\Mobility Center\MobilityService.exe c:\xampp\mysql\bin\mysqld-nt.exe C:\Windows\system32\PnkBstrA.exe C:\Windows\system32\svchost.exe C:\Program Files\CyberLink\Shared Files\RichVideo.exe C:\Windows\system32\svchost.exe C:\Program Files\Acer Arcade Deluxe\TV Joy\Kernel\TV\TVECapSvc.exe C:\Windows\System32\svchost.exe C:\Windows\system32\SearchIndexer.exe C:\Windows\system32\DRIVERS\xaudio.exe C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe C:\Acer\Empowering Technology\eSettings\Service\capuserv.exe C:\Windows\system32\wbem\wmiprvse.exe C:\xampp\apache\bin\apache.exe C:\Program Files\Acer Arcade Deluxe\TV Joy\Kernel\TV\TVESched.exe C:\Acer\Empowering Technology\ePower\ePowerSvc.exe C:\Windows\system32\wbem\wmiprvse.exe C:\Windows\system32\wbem\unsecapp.exe C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe C:\Program Files\Alwil Software\Avast4\ashWebSv.exe C:\Program Files\iPod\bin\iPodService.exe C:\Windows\system32\rundll32.exe C:\Windows\system32\rundll32.exe C:\Windows\system32\svchost.exe C:\Windows\system32\rundll32.exe C:\Windows\system32\conime.exe C:\Windows\system32\rundll32.exe C:\Windows\system32\rundll32.exe C:\Windows\system32\rundll32.exe C:\Windows\system32\rundll32.exe C:\Windows\system32\rundll32.exe C:\Windows\system32\rundll32.exe C:\Program Files\Windows Live\Messenger\msnmsgr.exe C:\Program Files\Windows Live\Messenger\usnsvc.exe C:\Windows\system32\rundll32.exe C:\Windows\system32\rundll32.exe C:\Windows\system32\rundll32.exe C:\Program Files\Adobe\Acrobat 8.0\Acrobat\Acrobat.exe C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Windows\system32\taskeng.exe C:\Windows\system32\cmd.exe »»»»»»»»»»»»»»»»»»»»»»»» hosts »»»»»»»»»»»»»»»»»»»»»»»» C:\ »»»»»»»»»»»»»»»»»»»»»»»» C:\Windows »»»»»»»»»»»»»»»»»»»»»»»» C:\Windows\system »»»»»»»»»»»»»»»»»»»»»»»» C:\Windows\Web »»»»»»»»»»»»»»»»»»»»»»»» C:\Windows\system32 C:\Windows\system32\tdssl.dll detected, use a Rootkit scanner C:\Windows\system32\drivers\tdssserv.sys detected, use a Rootkit scanner »»»»»»»»»»»»»»»»»»»»»»»» C:\Windows\system32\LogFiles »»»»»»»»»»»»»»»»»»»»»»»» C:\Users\Mr_Tomi »»»»»»»»»»»»»»»»»»»»»»»» C:\Users\Mr_Tomi\Application Data »»»»»»»»»»»»»»»»»»»»»»»» Start Menu C:\Users\Mr_Tomi\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Smart Antivirus 2009 FOUND ! »»»»»»»»»»»»»»»»»»»»»»»» C:\Users\Mr_Tomi\FAVORI~1 »»»»»»»»»»»»»»»»»»»»»»»» Desktop »»»»»»»»»»»»»»»»»»»»»»»» C:\Program Files C:\Program Files\Smart Antivirus 2009\ FOUND ! »»»»»»»»»»»»»»»»»»»»»»»» Corrupted keys »»»»»»»»»»»»»»»»»»»»»»»» Desktop Components »»»»»»»»»»»»»»»»»»»»»»»» o4Patch !!!Attention, following keys are not inevitably infected!!! o4Patch Credits: Malware Analysis & Diagnostic Code: S!Ri »»»»»»»»»»»»»»»»»»»»»»»» IEDFix !!!Attention, following keys are not inevitably infected!!! IEDFix Credits: Malware Analysis & Diagnostic Code: S!Ri »»»»»»»»»»»»»»»»»»»»»»»» VACFix !!!Attention, following keys are not inevitably infected!!! VACFix Credits: Malware Analysis & Diagnostic Code: S!Ri »»»»»»»»»»»»»»»»»»»»»»»» 404Fix !!!Attention, following keys are not inevitably infected!!! 404Fix Credits: Malware Analysis & Diagnostic Code: S!Ri »»»»»»»»»»»»»»»»»»»»»»»» AntiXPVSTFix !!!Attention, following keys are not inevitably infected!!! »»»»»»»»»»»»»»»»»»»»»»»» Sharedtaskscheduler !!!Attention, following keys are not inevitably infected!!! SrchSTS.exe by S!Ri Search SharedTaskScheduler's .dll »»»»»»»»»»»»»»»»»»»»»»»» AppInit_DLLs !!!Attention, following keys are not inevitably infected!!! [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] "AppInit_DLLs"="" "LoadAppInit_DLLs"=dword:00000000 »»»»»»»»»»»»»»»»»»»»»»»» Winlogon !!!Attention, following keys are not inevitably infected!!! [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] "Userinit"="C:\\Windows\\system32\\userinit.exe," »»»»»»»»»»»»»»»»»»»»»»»» RK »»»»»»»»»»»»»»»»»»»»»»»» DNS Description: Intel® Wireless WiFi Link 4965AGN DNS Server Search Order: 10.1.65.1 HKLM\SYSTEM\CCS\Services\Tcpip\..\{F1AD7A2D-D99B-4047-9488-1FAB5F5D25CD}: DhcpNameServer=10.1.65.1 HKLM\SYSTEM\CS1\Services\Tcpip\..\{F1AD7A2D-D99B-4047-9488-1FAB5F5D25CD}: DhcpNameServer=10.1.65.1 HKLM\SYSTEM\CS3\Services\Tcpip\..\{F1AD7A2D-D99B-4047-9488-1FAB5F5D25CD}: DhcpNameServer=10.1.65.1 HKLM\SYSTEM\CS3\Services\Tcpip\Parameters: DhcpNameServer=10.1.65.1 »»»»»»»»»»»»»»»»»»»»»»»» Scanning for wininet.dll infection »»»»»»»»»»»»»»»»»»»»»»»» End Je me lance dans l'option 2 maintenant, des fois que sa corrige mon problème. PS : Je viens de procéder à l'option 2, qui me semble avoir fonctionné, smart antivirus ne se lance plus au démrage en tout cas, voici donc le rapport qui m'a été affiché : SmitFraudFix v2.354 Scan done at 18:19:39,30, 30/09/2008 Run from C:\Users\Mr_Tomi\Desktop\SmitfraudFix OS: Microsoft Windows [version 6.0.6001] - Windows_NT The filesystem type is Fix run in safe mode »»»»»»»»»»»»»»»»»»»»»»»» SharedTaskScheduler Before SmitFraudFix !!!Attention, following keys are not inevitably infected!!! SrchSTS.exe by S!Ri Search SharedTaskScheduler's .dll »»»»»»»»»»»»»»»»»»»»»»»» Killing process »»»»»»»»»»»»»»»»»»»»»»»» hosts 127.0.0.1 localhost ::1 localhost »»»»»»»»»»»»»»»»»»»»»»»» VACFix VACFix Credits: Malware Analysis & Diagnostic Code: S!Ri »»»»»»»»»»»»»»»»»»»»»»»» Winsock2 Fix S!Ri's WS2Fix: LSP not Found. »»»»»»»»»»»»»»»»»»»»»»»» Generic Renos Fix GenericRenosFix by S!Ri »»»»»»»»»»»»»»»»»»»»»»»» Deleting infected files C:\Users\Mr_Tomi\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Smart Antivirus 2009 Deleted C:\Program Files\Smart Antivirus 2009\ Deleted »»»»»»»»»»»»»»»»»»»»»»»» IEDFix IEDFix Credits: Malware Analysis & Diagnostic Code: S!Ri »»»»»»»»»»»»»»»»»»»»»»»» 404Fix 404Fix Credits: Malware Analysis & Diagnostic Code: S!Ri »»»»»»»»»»»»»»»»»»»»»»»» AntiXPVSTFix »»»»»»»»»»»»»»»»»»»»»»»» RK »»»»»»»»»»»»»»»»»»»»»»»» DNS HKLM\SYSTEM\CCS\Services\Tcpip\..\{F1AD7A2D-D99B-4047-9488-1FAB5F5D25CD}: DhcpNameServer=10.1.65.1 HKLM\SYSTEM\CS1\Services\Tcpip\..\{F1AD7A2D-D99B-4047-9488-1FAB5F5D25CD}: DhcpNameServer=10.1.65.1 HKLM\SYSTEM\CS3\Services\Tcpip\..\{F1AD7A2D-D99B-4047-9488-1FAB5F5D25CD}: DhcpNameServer=10.1.65.1 HKLM\SYSTEM\CS3\Services\Tcpip\Parameters: DhcpNameServer=10.1.65.1 »»»»»»»»»»»»»»»»»»»»»»»» Deleting Temp Files »»»»»»»»»»»»»»»»»»»»»»»» Winlogon.System !!!Attention, following keys are not inevitably infected!!! [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] »»»»»»»»»»»»»»»»»»»»»»»» Registry Cleaning Registry Cleaning done. »»»»»»»»»»»»»»»»»»»»»»»» SharedTaskScheduler After SmitFraudFix !!!Attention, following keys are not inevitably infected!!! SrchSTS.exe by S!Ri Search SharedTaskScheduler's .dll »»»»»»»»»»»»»»»»»»»»»»»» End Est-ce que maintenant je dois faire la seconde manipulation utilisant combofix.exe ?

Bonjour tout le monde, je viens de tomber sur votre forum, après avoir longuement cherché sur google pour trouvé une solution à mon problème, depuis hier soir je me retrouve avec le logiciel SmartAntivirus 2009 d'installé sur mon ordinateur, qui comme chez tous les ordinateurs infectés, m'envoi en permanence des messsages m'indiquant que mon ordinateur est infectés par tout un tas de trojan très très méchant, et bien entendu si je fais l'erreur de croire cela et que je lui demande de me les suppimer, il me propose d'acheter leur logiciel, enfin bref, j'essaye de m'en débarasser par tous les moyens en utilisant tous les antispyware que je connaisse, mais impossible, donc je me suis un peu renseigné sur votre forum, ai téléchargé HijackThis, et voici donc le rapport qui m'est donné par Hijack : Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 14:43:06, on 30/09/2008 Platform: Windows Vista SP1 (WinNT 6.00.1905) MSIE: Internet Explorer v7.00 (7.00.6001.18000) Boot mode: Normal Running processes: C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Windows\system32\taskeng.exe C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe C:\Program Files\iTunes\iTunesHelper.exe C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe C:\Users\Mr_Tomi\AppData\Roaming\Adobe\Player.exe C:\Program Files\Smart Antivirus 2009\Smart Antivirus-2009.exe C:\Windows\system32\rundll32.exe C:\Windows\system32\rundll32.exe C:\Windows\system32\rundll32.exe C:\Windows\system32\conime.exe C:\Windows\system32\rundll32.exe C:\Windows\system32\rundll32.exe C:\Windows\system32\rundll32.exe C:\Windows\system32\rundll32.exe C:\Windows\system32\rundll32.exe C:\Windows\system32\rundll32.exe C:\Program Files\Windows Live\Messenger\msnmsgr.exe C:\Windows\system32\rundll32.exe C:\Windows\system32\rundll32.exe C:\Windows\system32\rundll32.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Windows\system32\SearchFilterHost.exe C:\Program Files\Trend Micro\HijackThis\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://fr.fr.acer.yahoo.com R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://lo.st R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigURL = http://www.univ-tln.fr/services/cri/cache.pac R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file) O1 - Hosts: ::1 localhost O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: ContributeBHO Class - {074C1DC5-9320-4A9A-947D-C042949C6216} - C:\Program Files\Adobe\/Adobe Contribute CS3/contributeieplugin.dll O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O2 - BHO: EoRezoBHO - {64F56FC1-1272-44CD-BA6E-39723696E350} - (no file) O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file) O2 - BHO: ShowBarObj Class - {83A2F9B1-01A2-4AA5-87D1-45B6B8505E96} - C:\Windows\system32\ActiveToolBand.dll O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\4.1.509.5470\swg.dll O2 - BHO: (no name) - {F7D7CD22-1392-4568-B14D-80A262A6AF6A} - C:\Windows\system32\rqRHbYop.dll O3 - Toolbar: Acer eDataSecurity Management - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\Windows\system32\eDStoolbar.dll O3 - Toolbar: &Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll O3 - Toolbar: Contribute Toolbar - {517BDDE4-E3A7-4570-B21E-2B52B6139FC7} - C:\Program Files\Adobe\/Adobe Contribute CS3/contributeieplugin.dll O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe" O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe" O4 - HKLM\..\Run: [MSServer] rundll32.exe C:\Windows\system32\vtUnmKBs.dll,#1 O4 - HKLM\..\Run: [0c879351] rundll32.exe "C:\Windows\system32\hjxaoudl.dll",b O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe O4 - HKCU\..\Run: [DAEMON Tools Pro Agent] "C:\Program Files\DAEMON Tools Pro\DTProAgent.exe" O4 - HKCU\..\Run: [bM0fb4a0cd] Rundll32.exe "C:\Users\Mr_Tomi\AppData\Local\Temp\tiitbxxy.dll",s O4 - HKCU\..\Run: [0c879351] rundll32.exe "C:\Users\Mr_Tomi\AppData\Local\Temp\evkcohrj.dll",b O4 - HKCU\..\Run: [] C:\Users\Mr_Tomi\AppData\Roaming\Adobe\Player.exe O4 - HKCU\..\Run: [smart Antivirus-2009.exe] C:\Program Files\Smart Antivirus 2009\Smart Antivirus-2009.exe O4 - HKCU\..\Run: [splash screen for Avast!] C:\Program Files\Alwil Software\Avast4\ashAvast.exe O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU') O8 - Extra context menu item: Ajouter au fichier PDF existant - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html O8 - Extra context menu item: Convertir en Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html O8 - Extra context menu item: Convertir la cible du lien en Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html O8 - Extra context menu item: Convertir la cible du lien en un fichier PDF existant - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html O8 - Extra context menu item: Convertir la sélection en Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html O8 - Extra context menu item: Convertir la sélection en un fichier PDF existant - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html O8 - Extra context menu item: Convertir les liens sélectionnés en fichier Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html O8 - Extra context menu item: Convertir les liens sélectionnés en un fichier PDF existant - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html O8 - Extra context menu item: Envoyer au périphérique &Bluetooth... - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm O8 - Extra context menu item: Envoyer l'&image au périphérique Bluetooth... - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\PROGRA~1\Java\JRE16~2.0_0\bin\ssv.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\PROGRA~1\Java\JRE16~2.0_0\bin\ssv.dll O9 - Extra button: (no name) - {2D663D1A-8670-49D9-A1A5-4C56B4E14E84} - (no file) O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm O13 - Gopher Prefix: O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.cab O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab56907.cab O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe O23 - Service: Adobe Version Cue CS3 {fr_FR} (Adobe Version Cue CS3) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\Adobe Version Cue CS3\Server\bin\VersionCueCS3.exe O23 - Service: ALaunch Service (ALaunchService) - Unknown owner - C:\Acer\ALaunch\ALaunchSvc.exe O23 - Service: Apache2.2 - Apache Software Foundation - c:\xampp\apache\bin\apache.exe O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Unknown owner - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (file missing) O23 - Service: eDSService.exe (eDataSecurity Service) - HiTRSUT - C:\Acer\Empowering Technology\eDataSecurity\eDSService.exe O23 - Service: eLock Service (eLockService) - Acer Inc. - C:\Acer\Empowering Technology\eLock\Service\eLockServ.exe O23 - Service: eNet Service - Acer Inc. - C:\Acer\Empowering Technology\eNet\eNet Service.exe O23 - Service: eRecovery Service (eRecoveryService) - Acer Inc. - C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe O23 - Service: eSettings Service (eSettingsService) - Unknown owner - C:\Acer\Empowering Technology\eSettings\Service\capuserv.exe O23 - Service: FileZilla Server FTP server (FileZilla Server) - FileZilla Project - c:\xampp\FileZillaFTP\FileZillaServer.exe O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: Intel® Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe O23 - Service: MobilityService - Unknown owner - C:\Acer\Mobility Center\MobilityService.exe O23 - Service: mysql - Unknown owner - c:\xampp\mysql\bin\mysqld-nt.exe O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe O23 - Service: PC Tools Auxiliary Service (sdAuxService) - PC Tools - C:\Program Files\Spyware Doctor\pctsAuxs.exe O23 - Service: PC Tools Security Service (sdCoreService) - PC Tools - C:\Program Files\Spyware Doctor\pctsSvc.exe O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files\Common Files\Steam\SteamService.exe O23 - Service: @%SystemRoot%\System32\TuneUpDefragService.exe,-1 (TuneUp.Defrag) - TuneUp Software GmbH - C:\Windows\System32\TuneUpDefragService.exe O23 - Service: TVEnhance Background Capture Service (TBCS) (TVECapSvc) - Unknown owner - C:\Program Files\Acer Arcade Deluxe\TV Joy\Kernel\TV\TVECapSvc.exe O23 - Service: TVEnhance Task Scheduler (TTS)) (TVESched) - Unknown owner - C:\Program Files\Acer Arcade Deluxe\TV Joy\Kernel\TV\TVESched.exe O23 - Service: wampapache - Apache Software Foundation - c:\wamp\bin\apache\apache2.2.8\bin\httpd.exe O23 - Service: wampmysqld - Unknown owner - c:\wamp\bin\mysql\mysql5.0.51a\bin\mysqld-nt.exe O23 - Service: ePower Service (WMIService) - acer - C:\Acer\Empowering Technology\ePower\ePowerSvc.exe O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe -- End of file - 13393 bytes Voila, merci d'avance, en espérant que vous serez capable de m'aider