Rekin

Rapport toolbars&d 1 -----------\\ ToolBar S&D 1.2.8 XP/Vista Microsoft Windows XP Édition familiale ( v5.1.2600 ) Service Pack 2 X86-based PC ( Multiprocessor Free : Intel® Pentium® 4 CPU 3.00GHz ) BIOS : Default System BIOS USER : Marc ( Administrator ) BOOT : Normal boot Antivirus : Avira AntiVir PersonalEdition 8.0.1.30 (Activated) A:\ (USB) C:\ (Local Disk) - NTFS - Total:233 Go (Free:125 Go) E:\ (Local Disk) - NTFS - Total:292 Go (Free:228 Go) F:\ (Local Disk) - NTFS - Total:345 Go (Free:179 Go) G:\ (Local Disk) - NTFS - Total:292 Go (Free:139 Go) H:\ (CD or DVD) "C:\ToolBar SD" ( MAJ : 21-12-2008|20:47 ) Option : [1] ( 16/01/2009|17:56 ) -----------\\ Recherche de Fichiers / Dossiers ... C:\Program Files\DAEMON Tools Toolbar C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll C:\Program Files\DAEMON Tools Toolbar\Resources C:\Program Files\DAEMON Tools Toolbar\uninst.exe C:\Program Files\DAEMON Tools Toolbar\_DTLite.xml C:\Program Files\DAEMON Tools Toolbar\Resources\about.ico C:\Program Files\DAEMON Tools Toolbar\Resources\as.ico C:\Program Files\DAEMON Tools Toolbar\Resources\as.png C:\Program Files\DAEMON Tools Toolbar\Resources\astro.ico C:\Program Files\DAEMON Tools Toolbar\Resources\b1.bmp C:\Program Files\DAEMON Tools Toolbar\Resources\b1.png C:\Program Files\DAEMON Tools Toolbar\Resources\BurnImage.ico C:\Program Files\DAEMON Tools Toolbar\Resources\buy.ico C:\Program Files\DAEMON Tools Toolbar\Resources\cond000.gif C:\Program Files\DAEMON Tools Toolbar\Resources\cond001.gif C:\Program Files\DAEMON Tools Toolbar\Resources\cond003.gif C:\Program Files\DAEMON Tools Toolbar\Resources\cond004.gif C:\Program Files\DAEMON Tools Toolbar\Resources\cond005.gif C:\Program Files\DAEMON Tools Toolbar\Resources\cond006.gif C:\Program Files\DAEMON Tools Toolbar\Resources\cond007.gif C:\Program Files\DAEMON Tools Toolbar\Resources\cond008.gif C:\Program Files\DAEMON Tools Toolbar\Resources\cond009.gif C:\Program Files\DAEMON Tools Toolbar\Resources\cond010.gif C:\Program Files\DAEMON Tools Toolbar\Resources\cond011.gif C:\Program Files\DAEMON Tools Toolbar\Resources\cond019.gif C:\Program Files\DAEMON Tools Toolbar\Resources\cond020.gif C:\Program Files\DAEMON Tools Toolbar\Resources\cond021.gif C:\Program Files\DAEMON Tools Toolbar\Resources\cond022.gif C:\Program Files\DAEMON Tools Toolbar\Resources\cond023.gif C:\Program Files\DAEMON Tools Toolbar\Resources\cond024.gif C:\Program Files\DAEMON Tools Toolbar\Resources\cond025.gif C:\Program Files\DAEMON Tools Toolbar\Resources\cond026.gif C:\Program Files\DAEMON Tools Toolbar\Resources\cond037.gif C:\Program Files\DAEMON Tools Toolbar\Resources\cond038.gif C:\Program Files\DAEMON Tools Toolbar\Resources\cond039.gif C:\Program Files\DAEMON Tools Toolbar\Resources\cond040.gif C:\Program Files\DAEMON Tools Toolbar\Resources\cond041.gif C:\Program Files\DAEMON Tools Toolbar\Resources\cond046.gif C:\Program Files\DAEMON Tools Toolbar\Resources\cond048.gif C:\Program Files\DAEMON Tools Toolbar\Resources\cond050.gif C:\Program Files\DAEMON Tools Toolbar\Resources\cond051.gif C:\Program Files\DAEMON Tools Toolbar\Resources\cond052.gif C:\Program Files\DAEMON Tools Toolbar\Resources\cond053.gif C:\Program Files\DAEMON Tools Toolbar\Resources\cond054.gif C:\Program Files\DAEMON Tools Toolbar\Resources\cond055.gif C:\Program Files\DAEMON Tools Toolbar\Resources\cond056.gif C:\Program Files\DAEMON Tools Toolbar\Resources\cond057.gif C:\Program Files\DAEMON Tools Toolbar\Resources\cond058.gif C:\Program Files\DAEMON Tools Toolbar\Resources\cond059.gif C:\Program Files\DAEMON Tools Toolbar\Resources\cond060.gif C:\Program Files\DAEMON Tools Toolbar\Resources\cond061.gif C:\Program Files\DAEMON Tools Toolbar\Resources\cond062.gif C:\Program Files\DAEMON Tools Toolbar\Resources\cond063.gif C:\Program Files\DAEMON Tools Toolbar\Resources\cond064.gif C:\Program Files\DAEMON Tools Toolbar\Resources\cond065.gif C:\Program Files\DAEMON Tools Toolbar\Resources\cond066.gif C:\Program Files\DAEMON Tools Toolbar\Resources\cond067.gif C:\Program Files\DAEMON Tools Toolbar\Resources\cond068.gif C:\Program Files\DAEMON Tools Toolbar\Resources\cond069.gif C:\Program Files\DAEMON Tools Toolbar\Resources\cond075.gif C:\Program Files\DAEMON Tools Toolbar\Resources\cond076.gif C:\Program Files\DAEMON Tools Toolbar\Resources\cond077.gif C:\Program Files\DAEMON Tools Toolbar\Resources\cond078.gif C:\Program Files\DAEMON Tools Toolbar\Resources\cond079.gif C:\Program Files\DAEMON Tools Toolbar\Resources\cond080.gif C:\Program Files\DAEMON Tools Toolbar\Resources\cond084.gif C:\Program Files\DAEMON Tools Toolbar\Resources\cond085.gif C:\Program Files\DAEMON Tools Toolbar\Resources\cond086.gif C:\Program Files\DAEMON Tools Toolbar\Resources\cond087.gif C:\Program Files\DAEMON Tools Toolbar\Resources\cond088.gif C:\Program Files\DAEMON Tools Toolbar\Resources\cond089.gif C:\Program Files\DAEMON Tools Toolbar\Resources\cond090.gif C:\Program Files\DAEMON Tools Toolbar\Resources\cond091.gif C:\Program Files\DAEMON Tools Toolbar\Resources\cond092.gif C:\Program Files\DAEMON Tools Toolbar\Resources\cond093.gif C:\Program Files\DAEMON Tools Toolbar\Resources\cond094.gif C:\Program Files\DAEMON Tools Toolbar\Resources\cond095.gif C:\Program Files\DAEMON Tools Toolbar\Resources\cond108.gif C:\Program Files\DAEMON Tools Toolbar\Resources\cond109.gif C:\Program Files\DAEMON Tools Toolbar\Resources\cond110.gif C:\Program Files\DAEMON Tools Toolbar\Resources\cond111.gif C:\Program Files\DAEMON Tools Toolbar\Resources\cond112.gif C:\Program Files\DAEMON Tools Toolbar\Resources\cond113.gif C:\Program Files\DAEMON Tools Toolbar\Resources\cond120.gif C:\Program Files\DAEMON Tools Toolbar\Resources\cond121.gif C:\Program Files\DAEMON Tools Toolbar\Resources\cond122.gif C:\Program Files\DAEMON Tools Toolbar\Resources\cond126.gif C:\Program Files\DAEMON Tools Toolbar\Resources\cond127.gif C:\Program Files\DAEMON Tools Toolbar\Resources\cond128.gif C:\Program Files\DAEMON Tools Toolbar\Resources\cond129.gif C:\Program Files\DAEMON Tools Toolbar\Resources\cond130.gif C:\Program Files\DAEMON Tools Toolbar\Resources\cond131.gif C:\Program Files\DAEMON Tools Toolbar\Resources\cond132.gif C:\Program Files\DAEMON Tools Toolbar\Resources\cond133.gif C:\Program Files\DAEMON Tools Toolbar\Resources\cond134.gif C:\Program Files\DAEMON Tools Toolbar\Resources\cond135.gif C:\Program Files\DAEMON Tools Toolbar\Resources\cond136.gif C:\Program Files\DAEMON Tools Toolbar\Resources\cond137.gif C:\Program Files\DAEMON Tools Toolbar\Resources\cond138.gif C:\Program Files\DAEMON Tools Toolbar\Resources\cond140.gif C:\Program Files\DAEMON Tools Toolbar\Resources\cond141.gif C:\Program Files\DAEMON Tools Toolbar\Resources\cond142.gif C:\Program Files\DAEMON Tools Toolbar\Resources\cond143.gif C:\Program Files\DAEMON Tools Toolbar\Resources\cond148.gif C:\Program Files\DAEMON Tools Toolbar\Resources\cond149.gif C:\Program Files\DAEMON Tools Toolbar\Resources\cond152.gif C:\Program Files\DAEMON Tools Toolbar\Resources\cond154.gif C:\Program Files\DAEMON Tools Toolbar\Resources\cond155.gif C:\Program Files\DAEMON Tools Toolbar\Resources\cond156.gif C:\Program Files\DAEMON Tools Toolbar\Resources\cond157.gif C:\Program Files\DAEMON Tools Toolbar\Resources\d.ico C:\Program Files\DAEMON Tools Toolbar\Resources\d2.ico C:\Program Files\DAEMON Tools Toolbar\Resources\daemon.ico C:\Program Files\DAEMON Tools Toolbar\Resources\ds.ico C:\Program Files\DAEMON Tools Toolbar\Resources\dsearch.ico C:\Program Files\DAEMON Tools Toolbar\Resources\dt.ico C:\Program Files\DAEMON Tools Toolbar\Resources\DTPro.ico C:\Program Files\DAEMON Tools Toolbar\Resources\Dwnl.ico C:\Program Files\DAEMON Tools Toolbar\Resources\emulation.ico C:\Program Files\DAEMON Tools Toolbar\Resources\features.ico C:\Program Files\DAEMON Tools Toolbar\Resources\gd.ico C:\Program Files\DAEMON Tools Toolbar\Resources\globe.ico C:\Program Files\DAEMON Tools Toolbar\Resources\GrabImage.ico C:\Program Files\DAEMON Tools Toolbar\Resources\hb.bmp C:\Program Files\DAEMON Tools Toolbar\Resources\hb.ico C:\Program Files\DAEMON Tools Toolbar\Resources\help.ico C:\Program Files\DAEMON Tools Toolbar\Resources\ip.ico C:\Program Files\DAEMON Tools Toolbar\Resources\lang.xml C:\Program Files\DAEMON Tools Toolbar\Resources\lingvo.ico C:\Program Files\DAEMON Tools Toolbar\Resources\m.ico C:\Program Files\DAEMON Tools Toolbar\Resources\mail.bmp C:\Program Files\DAEMON Tools Toolbar\Resources\mailc.bmp C:\Program Files\DAEMON Tools Toolbar\Resources\mailc_disable.bmp C:\Program Files\DAEMON Tools Toolbar\Resources\mailc_down.bmp C:\Program Files\DAEMON Tools Toolbar\Resources\mailc_m.bmp C:\Program Files\DAEMON Tools Toolbar\Resources\mailc_under.bmp C:\Program Files\DAEMON Tools Toolbar\Resources\mail_disable.bmp C:\Program Files\DAEMON Tools Toolbar\Resources\mail_down.bmp C:\Program Files\DAEMON Tools Toolbar\Resources\mail_m.bmp C:\Program Files\DAEMON Tools Toolbar\Resources\mail_under.bmp C:\Program Files\DAEMON Tools Toolbar\Resources\next.bmp C:\Program Files\DAEMON Tools Toolbar\Resources\next_down.bmp C:\Program Files\DAEMON Tools Toolbar\Resources\next_m.bmp C:\Program Files\DAEMON Tools Toolbar\Resources\next_under.bmp C:\Program Files\DAEMON Tools Toolbar\Resources\none.bmp C:\Program Files\DAEMON Tools Toolbar\Resources\none_m.bmp C:\Program Files\DAEMON Tools Toolbar\Resources\noW.gif C:\Program Files\DAEMON Tools Toolbar\Resources\op.ico C:\Program Files\DAEMON Tools Toolbar\Resources\pragma.ico C:\Program Files\DAEMON Tools Toolbar\Resources\prev.bmp C:\Program Files\DAEMON Tools Toolbar\Resources\prev_down.bmp C:\Program Files\DAEMON Tools Toolbar\Resources\prev_m.bmp C:\Program Files\DAEMON Tools Toolbar\Resources\prev_under.bmp C:\Program Files\DAEMON Tools Toolbar\Resources\prod.ico C:\Program Files\DAEMON Tools Toolbar\Resources\refresh.bmp C:\Program Files\DAEMON Tools Toolbar\Resources\refresh_down.bmp C:\Program Files\DAEMON Tools Toolbar\Resources\refresh_m.bmp C:\Program Files\DAEMON Tools Toolbar\Resources\refresh_under.bmp C:\Program Files\DAEMON Tools Toolbar\Resources\Rss.ico C:\Program Files\DAEMON Tools Toolbar\Resources\Rss1.ico C:\Program Files\DAEMON Tools Toolbar\Resources\rssClose.ico C:\Program Files\DAEMON Tools Toolbar\Resources\rssL.bmp C:\Program Files\DAEMON Tools Toolbar\Resources\rssOpen.ico C:\Program Files\DAEMON Tools Toolbar\Resources\size.bmp C:\Program Files\DAEMON Tools Toolbar\Resources\size_m.bmp C:\Program Files\DAEMON Tools Toolbar\Resources\skins.ico C:\Program Files\DAEMON Tools Toolbar\Resources\spt.ico C:\Program Files\DAEMON Tools Toolbar\Resources\SupportRequest.ico C:\Program Files\DAEMON Tools Toolbar\Resources\time.ico C:\Program Files\DAEMON Tools Toolbar\Resources\TitleIcon.ico C:\Program Files\DAEMON Tools Toolbar\Resources\toolbar.xml C:\Program Files\DAEMON Tools Toolbar\Resources\trans.ico C:\Program Files\DAEMON Tools Toolbar\Resources\Trash.bmp C:\Program Files\DAEMON Tools Toolbar\Resources\Trash_disable.bmp C:\Program Files\DAEMON Tools Toolbar\Resources\Trash_down.bmp C:\Program Files\DAEMON Tools Toolbar\Resources\Trash_m.bmp C:\Program Files\DAEMON Tools Toolbar\Resources\Trash_under.bmp C:\Program Files\DAEMON Tools Toolbar\Resources\u.ico C:\Program Files\DAEMON Tools Toolbar\Resources\wb.bmp C:\Program Files\DAEMON Tools Toolbar\Resources\wBtClose.bmp C:\Program Files\DAEMON Tools Toolbar\Resources\wBtClose_down.bmp C:\Program Files\DAEMON Tools Toolbar\Resources\wBtClose_m.bmp C:\Program Files\DAEMON Tools Toolbar\Resources\wBtClose_under.bmp C:\Program Files\DAEMON Tools Toolbar\Resources\wBtText.bmp C:\Program Files\DAEMON Tools Toolbar\Resources\wBtText_down.bmp C:\Program Files\DAEMON Tools Toolbar\Resources\wBtText_m.bmp C:\Program Files\DAEMON Tools Toolbar\Resources\wBtText_under.bmp C:\Program Files\DAEMON Tools Toolbar\Resources\Weather_m42.bmp C:\Program Files\DAEMON Tools Toolbar\Resources\Weather_m43.bmp C:\Program Files\DAEMON Tools Toolbar\Resources\wi.ico C:\Program Files\DAEMON Tools Toolbar\Resources\wi0.ico C:\Program Files\DAEMON Tools Toolbar\Resources\wi1.ico C:\Program Files\DAEMON Tools Toolbar\Resources\wi10.ico C:\Program Files\DAEMON Tools Toolbar\Resources\wi11.ico C:\Program Files\DAEMON Tools Toolbar\Resources\wi12.ico C:\Program Files\DAEMON Tools Toolbar\Resources\wi13.ico C:\Program Files\DAEMON Tools Toolbar\Resources\wi2.ico C:\Program Files\DAEMON Tools Toolbar\Resources\wi3.ico C:\Program Files\DAEMON Tools Toolbar\Resources\wi4.ico C:\Program Files\DAEMON Tools Toolbar\Resources\wi5.ico C:\Program Files\DAEMON Tools Toolbar\Resources\wi6.ico C:\Program Files\DAEMON Tools Toolbar\Resources\wi7.ico C:\Program Files\DAEMON Tools Toolbar\Resources\wi8.ico C:\Program Files\DAEMON Tools Toolbar\Resources\wi9.ico -----------\\ Extensions (Propri‚taire) - {5bf73a30-8317-404b-bb12-bb1d7aacb90d} => faitnvu (Propri‚taire) - {5bf73a30-8317-404b-bb12-bb1d7aacb90d} => fr-FR (Propri‚taire) - {5bf73a30-8317-404b-bb12-bb1d7aacb90d} => frenchlocale (Propri‚taire) - {3e9bb2a7-62ca-4efa-a4e6-f6f6168a652d} => ipv6ident (Propri‚taire) - {5C2A336E-AF61-4fd5-90D7-9BDAC105D064} => anonymouser (Propri‚taire) - {73a6fe31-595d-460b-a920-fcc0f8843232} => noscript (Propri‚taire) - {b9db16a4-6edc-47ec-a1f4-b86292ed211d} => dwhelper (Propri‚taire) - {CF21B02D-E72F-4f3e-B001-261398A484FE} => helloworld (Propri‚taire) - {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d} => adblockplus (Propri‚taire) - {e1170235-2845-420c-acc3-42261a29dd46} => clipmarks -----------\\ [..\Internet Explorer\Main] [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Local Page"="C:\\WIN2\\system32\\blank.htm" "Start Page"="http://fr.msn.com/"'>http://fr.msn.com/" "Search Page"="http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch"'>http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch" [HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main] "Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157"'>http://go.microsoft.com/fwlink/?LinkId=69157" "Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896"'>http://go.microsoft.com/fwlink/?LinkId=54896"'>http://go.microsoft.com/fwlink/?LinkId=54896"'>http://go.microsoft.com/fwlink/?LinkId=54896" "Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896" "Start Page"="http://www.microsoft.com/isapi/redir.dll?prd={SUB_PRD}&clcid={SUB_CLSID}&pver={SUB_PVER}&ar=home" --------------------\\ Recherche d'autres infections C:\WIN2\system32\ppVuCJjl.ini C:\WIN2\system32\ppVuCJjl.ini2 C:\WIN2\system32\ljJCuVpp.dll ==> VUNDO <== --------------------\\ ROOTKIT !! Rootkit Tibs ! .. [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet005\Enum\Root\LEGACY_TDSSSERV.SYS] --------------------\\ Cracks & Keygens .. C:\DOCUME~1\Marc\Bureau\Mobilegame\crackandbo_dt9yahwm.jar C:\DOCUME~1\Marc\Mes documents\Dose Files\Unofficial\Crack_unofficial.drg 1 - "C:\ToolBar SD\TB_1.txt" - 16/01/2009|17:57 - Option : [1] -----------\\ Fin du rapport a 17:57:34,42 Rapport toolbar s&d 2 -----------\\ ToolBar S&D 1.2.8 XP/Vista Microsoft Windows XP Édition familiale ( v5.1.2600 ) Service Pack 2 X86-based PC ( Multiprocessor Free : Intel® Pentium® 4 CPU 3.00GHz ) BIOS : Default System BIOS USER : Marc ( Administrator ) BOOT : Normal boot Antivirus : Avira AntiVir PersonalEdition 8.0.1.30 (Activated) A:\ (USB) C:\ (Local Disk) - NTFS - Total:233 Go (Free:125 Go) E:\ (Local Disk) - NTFS - Total:292 Go (Free:228 Go) F:\ (Local Disk) - NTFS - Total:345 Go (Free:179 Go) G:\ (Local Disk) - NTFS - Total:292 Go (Free:139 Go) H:\ (CD or DVD) "C:\ToolBar SD" ( MAJ : 21-12-2008|20:47 ) Option : [2] ( 16/01/2009|18:08 ) -----------\\ SUPPRESSION Supprime! - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll Supprime! - C:\Program Files\DAEMON Tools Toolbar\Resources Supprime! - C:\Program Files\DAEMON Tools Toolbar\uninst.exe Supprime! - C:\Program Files\DAEMON Tools Toolbar\_DTLite.xml Supprime! - C:\Program Files\DAEMON Tools Toolbar -----------\\ Recherche de Fichiers / Dossiers ... -----------\\ Extensions (Propri‚taire) - {5bf73a30-8317-404b-bb12-bb1d7aacb90d} => faitnvu (Propri‚taire) - {5bf73a30-8317-404b-bb12-bb1d7aacb90d} => fr-FR (Propri‚taire) - {5bf73a30-8317-404b-bb12-bb1d7aacb90d} => frenchlocale (Propri‚taire) - {3e9bb2a7-62ca-4efa-a4e6-f6f6168a652d} => ipv6ident (Propri‚taire) - {5C2A336E-AF61-4fd5-90D7-9BDAC105D064} => anonymouser (Propri‚taire) - {73a6fe31-595d-460b-a920-fcc0f8843232} => noscript (Propri‚taire) - {b9db16a4-6edc-47ec-a1f4-b86292ed211d} => dwhelper (Propri‚taire) - {CF21B02D-E72F-4f3e-B001-261398A484FE} => helloworld (Propri‚taire) - {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d} => adblockplus (Propri‚taire) - {e1170235-2845-420c-acc3-42261a29dd46} => clipmarks -----------\\ [..\Internet Explorer\Main] [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Local Page"="C:\\WIN2\\system32\\blank.htm" "Start Page"="http://fr.msn.com/" "Search Page"="http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch" [HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main] "Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157" "Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896" "Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896" "Start Page"="http://www.msn.com/" --------------------\\ Recherche d'autres infections C:\WIN2\system32\ppVuCJjl.ini C:\WIN2\system32\ppVuCJjl.ini2 C:\WIN2\system32\ljJCuVpp.dll ==> VUNDO <== --------------------\\ ROOTKIT !! Rootkit Tibs ! .. [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet005\Enum\Root\LEGACY_TDSSSERV.SYS] --------------------\\ Cracks & Keygens .. C:\DOCUME~1\Marc\Bureau\Mobilegame\crackandbo_dt9yahwm.jar C:\DOCUME~1\Marc\Mes documents\Dose Files\Unofficial\Crack_unofficial.drg 1 - "C:\ToolBar SD\TB_1.txt" - 16/01/2009|17:57 - Option : [1] 2 - "C:\ToolBar SD\TB_2.txt" - 16/01/2009|18:09 - Option : [2] -----------\\ Fin du rapport a 18:09:17,03 je télécharge, malwarebyte et je vais le lancer après...

voila le rapport ComboFix 09-01-15.01 - Marc 2009-01-16 17:28:14.1 - NTFSx86 Microsoft Windows XP Édition familiale 5.1.2600.2.1252.1.1036.18.511.350 [GMT 4:00] Lancé depuis: c:\documents and settings\Marc\Bureau\Rekin.exe AV: Avira AntiVir PersonalEdition *On-access scanning disabled* (Outdated) . (((((((((((((((((((((((((((((((((((( Autres suppressions )))))))))))))))))))))))))))))))))))))))))))))))) . c:\documents and settings\Marc\Application Data\[mythes] PC infecté dans les 5 premières minutes d'Internet - La solution - Opera.exe c:\documents and settings\Marc\Application Data\[Tuto]jouer à pokemon sur son portable - Blabla 15-18 ans sur JeuxVideo.com - Opera.exe c:\documents and settings\Marc\Application Data\475157841c213.flv - Media Player Classic.exe c:\documents and settings\Marc\Application Data\48518c01d7152.mp4 - Media Player Classic.exe c:\documents and settings\Marc\Application Data\4864b6d4c0e02.mp4 - Media Player Classic.exe c:\documents and settings\Marc\Application Data\Alien Safari - mobile9 - Opera.exe c:\documents and settings\Marc\Application Data\astuce pour LG KS360 - Recherche Google - Opera.exe c:\documents and settings\Marc\Application Data\Download the Windows 7 Beta - Opera.exe c:\documents and settings\Marc\Application Data\Forum CaptaiNaruto • Voir le sujet - [images & scripts] Chapitre 431 - Opera.exe c:\documents and settings\Marc\Application Data\Free LG KS360 Java Software - mobile9 - Opera.exe c:\documents and settings\Marc\Application Data\Free sex videos, Sex tube, Free porn movies - Tube8.com - Opera.exe c:\documents and settings\Marc\Application Data\Instructions pour le téléchargement et l'installation manuels de l'environnement d'exécution Java (JRE) pour Windows - 6.0 - Opera.exe c:\documents and settings\Marc\Application Data\j2re1.4.2_04.exe c:\documents and settings\Marc\Application Data\jeu telecharger lg ks360 - Opera.exe c:\documents and settings\Marc\Application Data\julia bond - Blowjob sex video - Tube8.com - Opera.exe c:\documents and settings\Marc\Application Data\Lancer le fichier pidgin-2.5.4.exe.exe c:\documents and settings\Marc\Application Data\LG KS360, pour rester connecté avant tout - Opera.exe c:\documents and settings\Marc\Application Data\Mobile Downloads - mobile9 - Opera.exe c:\documents and settings\Marc\Application Data\mobilegame3.exe c:\documents and settings\Marc\Application Data\Monopoly here&now - mobile9 - Opera.exe c:\documents and settings\Marc\Application Data\My Account - mobile9 - Opera.exe c:\documents and settings\Marc\Application Data\Page 3 Achat boucles d'oreilles fantaisie, achat bijoux fantaisie - Mozilla Firefox.exe c:\documents and settings\Marc\Application Data\Page 3 Bijouterie (bracelets) fantaisie, bijoux artisanat - Mozilla Firefox.exe c:\documents and settings\Marc\Application Data\Page 3 Colliers de perles - bijoux fantaisie - Mozilla Firefox.exe c:\documents and settings\Marc\Application Data\Page 4 Achat boucles d'oreilles fantaisie, achat bijoux fantaisie - Mozilla Firefox.exe c:\documents and settings\Marc\Application Data\Page 6 Achat boucles d'oreilles fantaisie, achat bijoux fantaisie - Mozilla Firefox.exe c:\documents and settings\Marc\Application Data\paramétrage LG KS360 - Autres mobiles et équipements - Entraide mobiles - Forums Orange - Opera.exe c:\documents and settings\Marc\Application Data\Search results for bang on tube8.com - Opera.exe c:\documents and settings\Marc\Application Data\Search results for julia bond on tube8.com - Opera.exe c:\documents and settings\Marc\Application Data\Search results for young on tube8.com - Opera.exe c:\documents and settings\Marc\Application Data\smss.exe c:\documents and settings\Marc\Application Data\Soul of darkness - mobile9 - Opera.exe c:\documents and settings\Marc\Application Data\T-733132800-Fantasy All Stars #5 - CD1 (Julia Bond, Jenna Haze, Bree Olson, Ashlynn Brooke, Brandy Talore, Jasmine Byrne, Katja Kassin, Katsumi, Monica Sweetheart, Naomi, N.avi - Media Player Classic.exe c:\documents and settings\Marc\Application Data\tube8 - Recherche Google - Opera.exe c:\documents and settings\Marc\Application Data\Télécharge le fichier aliensafar_lydz6akp.jar.exe c:\documents and settings\Marc\Application Data\Welcome to Windows 7 - Opera.exe c:\documents and settings\Marc\Cookies\Cookies.exe c:\documents and settings\Marc\Favoris\Favoris.exe c:\documents and settings\Marc\lsass.exe c:\temp\1cb c:\temp\1cb\syscheck.log c:\win2\system32\drivers\TDSSpqxt.sys c:\win2\system32\TDSScbqp.dll c:\win2\system32\TDSSciou.dll c:\win2\system32\TDSSfpmp.log c:\win2\system32\TDSSnmxh.dll c:\win2\system32\TDSSnrse.dll c:\win2\system32\TDSSoiqh.dll c:\win2\system32\TDSSosvn.dll c:\win2\system32\TDSSpqxt.dat c:\win2\system32\TDSSsbhc.log c:\win2\system32\TDSSthym.log E:\Autorun.inf F:\Autorun.inf G:\Autorun.inf ----- BITS: Il y a peut-être des sites infectés ----- hxxp://childhe.com . ((((((((((((((((((((((((((((((((((((((( Pilotes/Services ))))))))))))))))))))))))))))))))))))))))))))))))) . -------\Service_TDSSserv.sys -------\Legacy_TDSSserv.sys ((((((((((((((((((((((((((((( Fichiers créés du 2008-12-16 au 2009-01-16 )))))))))))))))))))))))))))))))))))) . 2009-01-16 17:18 . 2007-11-08 13:24 378,880 -rahs---- c:\documents and settings\Marc\Application Data\..exe 2009-01-16 16:42 . 2007-11-08 13:24 378,880 -rahs---- c:\documents and settings\Marc\Application Data\commandes Options des dossiers, rechercher, executer disparu - Forums Zebulon.fr - Mozilla Firefox.exe 2009-01-16 16:40 . 2007-11-08 13:24 378,880 -rahs---- c:\documents and settings\Marc\Application Data\Bienvenue sur votre panneau de contr“le - Opera.exe 2009-01-16 16:36 . 2007-11-08 13:24 378,880 -rahs---- c:\documents and settings\Marc\Application Data\ComboFix renomm‚ au t‚l‚chargement - Mozilla Firefox.exe 2009-01-16 16:30 . 2007-11-08 13:24 378,880 -rahs---- c:\documents and settings\Marc\Application Data\Bureau.exe 2009-01-16 16:28 . 2007-11-08 13:24 378,880 -rahs---- c:\documents and settings\Marc\Application Data\Yvan.exe 2009-01-16 16:19 . 2007-11-08 13:24 378,880 --a------ c:\documents and settings\Marc\Application Data\Erreur de chargement de la page - Mozilla Firefox.exe 2009-01-16 16:19 . 2007-11-08 13:24 378,880 --a------ c:\documents and settings\Marc\Application Data\combofix t‚l‚chargeable [R‚solu] - Mozilla Firefox.exe 2009-01-16 16:18 . 2007-11-08 13:24 378,880 -rahs---- c:\documents and settings\Marc\Application Data\T‚l‚chargements.exe 2009-01-16 16:18 . 2007-11-08 13:24 378,880 --a------ c:\documents and settings\Marc\Application Data\Erreur de t‚l‚chargement.exe 2009-01-16 16:16 . 2007-11-08 13:24 378,880 -rahs---- c:\documents and settings\Marc\Application Data\combofix - Recherche Google - Mozilla Firefox.exe 2009-01-16 16:15 . 2007-11-08 13:24 378,880 --a------ c:\documents and settings\Marc\Application Data\Logiciel.exe 2009-01-16 16:07 . 2007-11-08 13:24 378,880 -rahs---- c:\documents and settings\Marc\Application Data\OnlyPlanet - Mozilla Firefox.exe 2009-01-16 16:00 . 2007-11-08 13:24 378,880 -rahs---- c:\documents and settings\Marc\Application Data\Achat boucles d'oreilles fantaisie, achat bijoux fantaisie - Mozilla Firefox.exe 2009-01-16 15:57 . 2007-11-08 13:24 378,880 -rahs---- c:\documents and settings\Marc\Application Data\Parures de bijoux fantaisie - Mozilla Firefox.exe 2009-01-16 15:54 . 2007-11-08 13:24 378,880 -rahs---- c:\documents and settings\Marc\Application Data\Fournisseur et grossiste de bijoux fantaisie, vente bijoux fantaisies - Mozilla Firefox.exe 2009-01-16 15:34 . 2007-11-08 13:24 378,880 -rahs---- c:\documents and settings\Marc\Application Data\vente en ligne de bijoux fantaisie - Mozilla Firefox.exe 2009-01-16 15:28 . 2007-11-08 13:24 378,880 -rahs---- c:\documents and settings\Marc\Application Data\Google - Mozilla Firefox.exe 2009-01-16 14:54 . 2009-01-16 14:54 124,928 --a------ c:\win2\system32\yrxcux.dll 2009-01-16 14:53 . 2009-01-16 14:54 124,928 --a------ c:\win2\system32\dbfcqvlq.dll 2009-01-16 14:51 . 2009-01-16 17:40 1,408,368 ---hs---- c:\win2\system32\tyabdmjp.ini 2009-01-16 14:51 . 2009-01-16 14:51 81,920 --a------ c:\win2\system32\pjmdbayt.dll 2009-01-16 14:33 . 2007-11-08 13:24 378,880 -rahs---- c:\documents and settings\Marc\Application Data\paris turf - Recherche Google - Mozilla Firefox.exe 2009-01-16 14:30 . 2007-11-08 13:24 378,880 -rahs---- c:\documents and settings\Marc\Application Data\partants et pronostic tierc‚ quart‚ quint‚ gratuit du jour - Mozilla Firefox.exe 2009-01-16 14:16 . 2007-11-08 13:24 378,880 -rahs---- c:\documents and settings\Marc\Application Data\TURFOMANIA - Pour gagner plus souvent aux courses pmu - Mozilla Firefox.exe 2009-01-16 14:13 . 2007-11-08 13:24 378,880 -rahs---- c:\documents and settings\Marc\Application Data\TURFOMANIA - turf, courses pmu, pronostics, tierc‚, quint‚ & r‚sultats - Mozilla Firefox.exe 2009-01-16 13:46 . 2007-11-08 13:24 378,880 -rahs---- c:\documents and settings\Marc\Application Data\VIP world news - Microsoft Internet Explorer.exe 2009-01-16 12:55 . 2007-11-08 13:24 378,880 -rahs---- c:\documents and settings\Marc\Application Data\Ex‚cution automatique.exe 2009-01-16 12:07 . 2007-11-08 13:24 378,880 -rahs---- c:\documents and settings\Marc\Application Data\[KLF]_Stranger_Mukoh_Hadan_Movie_DVD_Vostfr.avi - Media Player Classic.exe 2009-01-16 12:03 . 2007-11-08 13:24 378,880 --a------ c:\documents and settings\Marc\Application Data\Identification Zebulon.fr - Opera.exe 2009-01-16 12:01 . 2007-11-08 13:24 378,880 -rahs---- c:\documents and settings\Marc\Application Data\zebulon - Recherche Google - Opera.exe 2009-01-16 11:57 . 2007-11-08 13:24 378,880 -rahs---- c:\documents and settings\Marc\Application Data\Fin du programme - T‚l‚charger le logiciel Java de Sun Microsystems - Opera.exe 2009-01-16 11:21 . 2007-11-08 13:24 378,880 -rahs---- c:\documents and settings\Marc\Application Data\VirtualDJ.exe 2009-01-16 11:18 . 2007-11-08 13:24 378,880 -rahs---- c:\documents and settings\Marc\Application Data\T‚l‚charger le logiciel Java de Sun Microsystems - Opera.exe 2009-01-16 11:13 . 2007-11-08 13:24 378,880 -rahs---- c:\documents and settings\Marc\Application Data\bin.exe 2009-01-16 11:12 . 2007-11-08 13:24 378,880 -rahs---- c:\documents and settings\Marc\Application Data\Poste de travail.exe 2009-01-16 11:10 . 2007-11-08 13:24 378,880 --a------ c:\documents and settings\Marc\Application Data\Installation de Java.exe 2009-01-16 11:10 . 2007-11-08 13:24 378,880 -rahs---- c:\documents and settings\Marc\Application Data\Installation de Java - Progression.exe 2009-01-16 11:06 . 2007-11-08 13:24 378,880 -rahs---- c:\documents and settings\Marc\Application Data\T‚l‚chargement du programme d'installation de Java.exe 2009-01-16 10:52 . 2007-11-08 13:24 378,880 -rahs---- c:\documents and settings\Marc\Application Data\Instructions pour le t‚l‚chargement et l'installation manuels de l'environnement d'ex‚cution Java (JRE) pour Windows - 6.0 - Opera.exe 2009-01-16 10:48 . 2007-11-08 13:24 378,880 --a------ c:\documents and settings\Marc\Application Data\Others.exe 2009-01-16 10:48 . 2007-11-08 13:24 378,880 -rahs---- c:\documents and settings\Marc\Application Data\javax.exe 2009-01-16 10:48 . 2007-11-08 13:24 378,880 --a------ c:\documents and settings\Marc\Application Data\bluetooth.exe 2009-01-16 10:37 . 2007-11-08 13:24 378,880 -rahs---- c:\documents and settings\Marc\Application Data\MEGAUPLOAD - Le leader en stockage et livraison de fichiers - Opera.exe 2009-01-16 10:36 . 2007-11-08 13:24 378,880 -rahs---- c:\documents and settings\Marc\Application Data\arktos.se - MeBoy - Opera.exe 2009-01-16 10:34 . 2007-11-08 13:24 378,880 -rahs---- c:\documents and settings\Marc\Application Data\[Tuto]jouer … pokemon sur son portable - Blabla 15-18 ans sur JeuxVideo.com - Opera.exe 2009-01-16 10:33 . 2007-11-08 13:24 378,880 -rahs---- c:\documents and settings\Marc\Application Data\jeux pokemon lol - Opera.exe 2009-01-16 10:30 . 2007-11-08 13:24 378,880 -rahs---- c:\documents and settings\Marc\Application Data\jeux pokemon sur mobile - Recherche Google - Opera.exe 2009-01-16 10:28 . 2007-11-08 13:24 378,880 -rahs---- c:\documents and settings\Marc\Application Data\commandes Options des dossiers, rechercher, executer disparu - Forums Zebulon.fr - Opera.exe 2009-01-16 10:25 . 2007-11-08 13:24 378,880 --a------ c:\documents and settings\Marc\Application Data\hijackthis - Bloc-notes.exe 2009-01-16 10:18 . 2007-11-08 13:24 378,880 --a------ c:\documents and settings\Marc\Application Data\criture d'un nouveau sujet - Forums Zebulon.fr - Opera.exe 2009-01-16 10:18 . 2007-11-08 13:24 378,880 -rahs---- c:\documents and settings\Marc\Application Data\Avira AntiVir Personal - Free Antivirus.exe 2009-01-16 10:12 . 2007-11-08 13:24 378,880 -rahs---- c:\documents and settings\Marc\Application Data\svschost.exe et smss.exe infect‚s - Forums Zebulon.fr - Opera.exe 2009-01-16 10:10 . 2007-11-08 13:24 378,880 --a------ c:\documents and settings\Marc\Application Data\Merci de patienter... - Opera.exe 2009-01-16 10:10 . 2007-11-08 13:24 378,880 -rahs---- c:\documents and settings\Marc\Application Data\Forums Zebulon.fr - Opera.exe 2009-01-16 10:03 . 2007-11-08 13:24 378,880 -rahs---- c:\documents and settings\Marc\Application Data\Dr.Web CureIt - Recherche Google - Opera.exe 2009-01-16 10:01 . 2007-11-08 13:24 378,880 -rahs---- c:\documents and settings\Marc\Application Data\Mobilegame - FreeCommander.exe 2009-01-16 10:00 . 2007-11-08 13:24 378,880 -rahs---- c:\documents and settings\Marc\Application Data\Menu D‚marrer.exe 2009-01-16 09:58 . 2007-11-08 13:24 378,880 -rahs---- c:\documents and settings\Marc\Application Data\Dr.WEB CureIt! Download - Softpedia - Opera.exe 2009-01-16 09:55 . 2007-11-08 13:24 378,880 --a------ c:\documents and settings\Marc\Application Data\Erreur! - Opera.exe 2009-01-16 09:54 . 2007-11-08 13:24 378,880 -rahs---- c:\documents and settings\Marc\Application Data\Options dossiers, rechercher et executer disparu , lenteur du pc - Opera.exe 2009-01-16 09:43 . 2007-11-08 13:24 378,880 --a------ c:\documents and settings\Marc\Application Data\Inscription termin‚e - Opera.exe 2009-01-16 09:39 . 2007-11-08 13:24 378,880 -rahs---- c:\documents and settings\Marc\Application Data\Message des forums - Opera.exe 2009-01-16 09:39 . 2007-11-08 13:24 378,880 --a------ c:\documents and settings\Marc\Application Data\Formulaire d'inscription - Opera.exe 2009-01-16 09:37 . 2007-11-08 13:24 378,880 -rahs---- c:\documents and settings\Marc\Application Data\Formulaire mot de passe perdu - Opera.exe 2009-01-16 09:31 . 2007-11-08 13:24 378,880 -rahs---- c:\documents and settings\Marc\Application Data\S‚curit‚ Priv‚e FORUM - Portail - Opera.exe 2009-01-16 09:31 . 2007-11-08 13:24 378,880 --a------ c:\documents and settings\Marc\Application Data\forum s‚curit‚ - Recherche Google - Opera.exe 2009-01-16 09:28 . 2007-11-08 13:24 378,880 -rahs---- c:\documents and settings\Marc\Application Data\[mythes] PC infect‚ dans les 5 premiŠres minutes d'Internet - La solution - Opera.exe 2009-01-16 09:27 . 2007-11-08 13:24 378,880 --a------ c:\documents and settings\Marc\Application Data\T‚l‚chargement de Malwarebytes' Anti-Malware (gratuit) - Opera.exe 2009-01-16 09:25 . 2007-11-08 13:24 378,880 -rahs---- c:\documents and settings\Marc\Application Data\malwarebyte - Recherche Google - Opera.exe 2009-01-16 09:22 . 2007-11-08 13:24 378,880 -rahs---- c:\documents and settings\Marc\Application Data\Pr‚-nettoyage d'un PC infect‚ - Opera.exe 2009-01-16 09:01 . 2007-11-08 13:24 378,880 -rahs---- c:\documents and settings\Marc\Application Data\pc infect‚ - Recherche Google - Opera.exe 2009-01-15 21:31 . 2007-11-08 13:24 378,880 --a------ c:\documents and settings\Marc\Application Data\Program Manager.exe 2009-01-15 21:23 . 378,880 c:\documents and settings\Marc\Application Data\Forum CaptaiNaruto Voir le sujet - [images & scripts] Chapitre 431 - Opera.exe 2009-01-15 21:20 . 2007-11-08 13:24 378,880 --a------ c:\documents and settings\Marc\Application Data\R‚sultats de la recherche - Opera.exe 2009-01-15 21:19 . 2007-11-08 13:24 378,880 --a------ c:\documents and settings\Marc\Application Data\D_SPEED_DIAL_CONFIG_TITLE.exe 2009-01-15 21:17 . 2007-11-08 13:24 378,880 -rahs---- c:\documents and settings\Marc\Application Data\Physique quantique - Wikip‚dia - Opera.exe 2009-01-15 19:47 . 2007-11-08 13:24 378,880 --a------ c:\documents and settings\Marc\Application Data\Sans titre - Bloc-notes.exe 2009-01-15 19:31 . 2007-11-08 13:24 378,880 --a------ c:\documents and settings\Marc\Application Data\Connexion - Opera.exe 2009-01-15 19:29 . 2007-11-08 13:24 378,880 -rahs---- c:\documents and settings\Marc\Application Data\Google - Opera.exe 2009-01-15 19:14 . 2007-11-08 13:24 378,880 --a------ c:\documents and settings\Marc\Application Data\grossiste bijoux - Recherche Google - Mozilla Firefox.exe 2009-01-15 18:59 . 2007-11-08 13:24 378,880 --a------ c:\documents and settings\Marc\Application Data\easybootik grossiste bijoux - Mozilla Firefox.exe 2009-01-15 18:52 . 2007-11-08 13:24 378,880 --a------ c:\documents and settings\Marc\Application Data\easybootik grossiste bijoux fantaisie - Mozilla Firefox.exe 2009-01-15 18:50 . 2007-11-08 13:24 378,880 --a------ c:\documents and settings\Marc\Application Data\easy bootik - Recherche Google - Mozilla Firefox.exe 2009-01-15 18:46 . 2007-11-08 13:24 378,880 --a------ c:\documents and settings\Marc\Application Data\BIJOUX ET MONTRES EN GROS A PETITS PRIX.... - Mozilla Firefox.exe 2009-01-15 18:44 . 2007-11-08 13:24 378,880 --a------ c:\documents and settings\Marc\Application Data\Bijoux, collier de perles collier coeur en nacre etoiles en nacre - Mozilla Firefox.exe 2009-01-15 18:43 . 2007-11-08 13:24 378,880 --a------ c:\documents and settings\Marc\Application Data\grossiste colliers nacres et perles - Recherche Google - Mozilla Firefox.exe 2009-01-15 18:40 . 2007-11-08 13:24 378,880 --a------ c:\documents and settings\Marc\Application Data\Mozilla Firefox.exe 2009-01-15 18:38 . 2007-11-08 13:24 378,880 -rahs---- c:\documents and settings\Marc\Application Data\Colliers Fantaisie en Lot - - Mozilla Firefox.exe 2009-01-15 18:35 . 2007-11-08 13:24 378,880 --a------ c:\documents and settings\Marc\Application Data\BIJOUX FANTAISIE EN LOT - - Mozilla Firefox.exe 2009-01-15 18:34 . 2007-11-08 13:24 378,880 --a------ c:\documents and settings\Marc\Application Data\Grossiste en bijoux fantaisie, bijoux pour homme femmes enfants et accessoires de mode - - Mozilla Firefox.exe 2009-01-15 18:26 . 2007-11-08 13:24 378,880 -rahs---- c:\documents and settings\Marc\Application Data\Mobilegame.exe 2009-01-15 18:26 . 2007-11-08 13:24 378,880 --a------ c:\documents and settings\Marc\Application Data\Copie....exe 2009-01-15 18:25 . 2007-11-08 13:24 378,880 --a------ c:\documents and settings\Marc\Application Data\lsass.exe 2009-01-15 18:24 . 2007-11-08 13:24 378,880 -rahs---- c:\documents and settings\Marc\Application Data\Sounds.exe 2009-01-15 17:51 . 2007-11-08 13:24 378,880 --a------ c:\documents and settings\Marc\Application Data\Transferts - Opera.exe 2009-01-15 17:39 . 2007-11-08 13:24 378,880 --a------ c:\documents and settings\Marc\Application Data\T‚l‚charge le fichier aliensafar_lydz6akp.jar.exe 2009-01-15 17:18 . 2007-11-08 13:24 378,880 -rahs---- c:\documents and settings\Marc\Application Data\param‚trage LG KS360 - Autres mobiles et ‚quipements - Entraide mobiles - Forums Orange - Opera.exe 2009-01-15 17:14 . 2007-11-08 13:24 378,880 --a------ c:\documents and settings\Marc\Application Data\LG KS360, pour rester connect‚ avant tout - Opera.exe 2009-01-15 17:00 . 2007-11-08 13:24 378,880 --a------ c:\documents and settings\Marc\Application Data\Enregistrer sous.exe 2009-01-15 16:57 . 2007-11-08 13:24 378,880 --a------ c:\documents and settings\Marc\Application Data\Download Pidgin, the universal chat client - Opera.exe 2009-01-15 16:53 . 2007-11-08 13:24 378,880 --a------ c:\documents and settings\Marc\Application Data\MSN Web Messenger - Opera.exe 2009-01-15 16:51 . 2007-11-08 13:24 378,880 -rahs---- c:\documents and settings\Marc\Application Data\Pr‚f‚rences.exe 2009-01-15 16:48 . 2007-11-08 13:24 378,880 -rahs---- c:\documents and settings\Marc\Application Data\Alternative a MSN - Opera.exe 2009-01-15 16:42 . 2007-11-08 13:24 378,880 -rahs---- c:\documents and settings\Marc\Application Data\just - FreeCommander.exe 2009-01-15 16:32 . 2007-11-08 13:24 378,880 -rahs---- c:\documents and settings\Marc\Application Data\Lecteur Windows Media.exe 2009-01-15 16:24 . 2007-11-08 13:24 378,880 -rahs---- c:\documents and settings\Marc\Application Data\Windows Live Hotmail - Opera.exe 2009-01-15 16:20 . 2007-11-08 13:24 378,880 -rahs---- c:\documents and settings\Marc\Application Data\dailymotion - Recherche Google - Opera.exe 2009-01-15 16:06 . 2007-11-08 13:24 378,880 -rahs---- c:\documents and settings\Marc\Application Data\Microsoft Internet Explorer.exe 2009-01-15 15:48 . 2007-11-08 13:24 378,880 -rahs---- c:\documents and settings\Marc\Application Data\Speed Dial - Opera.exe 2009-01-15 15:48 . 2007-11-08 13:24 378,880 --a------ c:\documents and settings\Marc\Application Data\Page blanche - Opera.exe 2009-01-15 15:36 . 2007-11-08 13:24 378,880 -rahs---- c:\documents and settings\Marc\Application Data\.exe 2009-01-15 15:26 . 2007-11-08 13:24 378,880 -rahs---- c:\documents and settings\Marc\Application Data\T‚l‚chargement en cours....exe 2009-01-15 15:25 . 2009-01-15 15:25 249,856 --a------ c:\documents and settings\Marc\msiexec.exe 2009-01-15 15:24 . 2007-11-08 13:24 378,880 -rahs---- c:\documents and settings\Marc\Application Data\Application Data.exe 2009-01-15 14:51 . 2009-01-16 14:51 1,408,368 ---hs---- c:\win2\system32\genkcefp.ini 2009-01-15 14:51 . 2007-11-08 13:24 378,880 --a------ c:\win2\system32\Sexy Girls.scr 2009-01-15 14:51 . 2007-11-08 13:24 378,880 --a------ c:\documents and settings\Marc\Application Data\svchost.exe 2009-01-15 14:50 . 2009-01-15 14:50 124,928 --a------ c:\win2\system32\obiqpv.dll 2009-01-15 14:50 . 2009-01-15 14:50 124,928 --a------ c:\win2\system32\bahinofe.dll 2009-01-15 08:03 . 2009-01-15 08:03 125,440 --a------ c:\win2\system32\qszfpn.dll 2009-01-15 08:03 . 2009-01-15 08:03 125,440 --a------ c:\win2\system32\obxewulu.dll 2009-01-15 08:00 . 2009-01-15 08:00 1,398,612 ---hs---- c:\win2\system32\nhjflmcp.ini 2009-01-15 08:00 . 2009-01-15 08:00 81,408 --a------ c:\win2\system32\pcmlfjhn.dll 2009-01-15 07:10 . 2009-01-15 07:10 44,544 --a------ c:\win2\system32\geBuTLFW.dll . (((((((((((((((((((((((((((((((((( Compte-rendu de Find3M )))))))))))))))))))))))))))))))))))))))))))))))) . 2009-01-16 07:31 --------- d-----w c:\program files\Java 2009-01-15 07:56 --------- d-----w c:\program files\FreeCommander 2009-01-15 06:39 --------- d--h--w c:\program files\InstallShield Installation Information 2009-01-15 06:33 --------- d-----w c:\program files\CCleaner 2009-01-14 04:20 --------- d-----w c:\documents and settings\All Users.WIN2\Application Data\Avira 2009-01-02 16:52 --------- d-----w c:\program files\MSN Messenger 2009-01-02 15:28 12,464 ----a-w c:\win2\system32\drivers\secdrv.sys 2009-01-02 11:20 717,296 ----a-w c:\win2\system32\drivers\sptd.sys 2008-12-29 18:39 --------- d-----w c:\program files\Starcraft 2008-12-13 11:09 107,888 ----a-w c:\win2\system32\CmdLineExt.dll 2008-12-13 11:00 --------- d-----w c:\program files\Electronic Arts 2008-12-03 17:06 --------- d-----w c:\documents and settings\Marc\Application Data\TuneUp Software 2008-12-01 18:11 --------- d-----w c:\documents and settings\Marc\Application Data\Command & Conquer 3 Les guerres du Tiberium 2008-12-01 17:59 --------- d--h--r c:\documents and settings\Marc\Application Data\SecuROM 2008-12-01 11:34 --------- d-----w c:\documents and settings\Marc\Application Data\Moyea 2008-12-01 11:10 --------- d-----w c:\documents and settings\Marc\Application Data\Media Player Classic 2008-11-30 11:26 --------- d-----w c:\documents and settings\All Users.WIN2\Application Data\TrackMania 2008-11-30 11:18 66,872 ----a-w c:\win2\system32\PnkBstrA.exe 2008-11-30 11:16 --------- d-----w c:\documents and settings\Marc\Application Data\AdobeUM 2008-11-29 19:26 --------- d-----w c:\documents and settings\Marc\Application Data\Spore 2008-11-29 19:23 --------- d-----w c:\documents and settings\Marc\Application Data\Microsoft Games 2008-11-29 17:15 --------- d-----w c:\documents and settings\All Users.WIN2\Application Data\Trymedia 2008-11-28 17:51 --------- d-----w c:\program files\ITE 2008-11-28 17:50 --------- d-----w c:\program files\Silicon Image 2008-11-28 17:31 --------- d-----w c:\program files\Intel 2008-11-27 20:48 --------- d-----w c:\documents and settings\Marc\Application Data\vlc 2008-11-27 18:56 --------- d-----w c:\program files\VIA Technologies, INC 2008-11-25 18:23 11,534,336 ----a-w c:\documents and settings\Propriétaire\NTUSER.DAT 2008-11-25 16:45 --------- d-----w c:\program files\RomStation 2008-11-25 16:37 --------- d-----w c:\program files\BFG 2008-11-23 15:52 --------- d-----w c:\documents and settings\Propriétaire\Application Data\Microsoft Games 2008-11-23 15:51 --------- d-----w c:\program files\GameSpy Arcade 2008-11-23 04:56 --------- d-----w c:\documents and settings\Propriétaire\Application Data\Spore 2008-11-21 15:46 --------- d-----w c:\documents and settings\Propriétaire\Application Data\Atari 2008-11-21 15:33 --------- d-----w c:\program files\Fichiers communs\PocketSoft 2008-11-20 15:45 --------- d-----w c:\documents and settings\Propriétaire\Application Data\Azureus 2008-11-20 14:06 --------- d-----w c:\program files\3GP Player 2008-11-19 11:43 --------- d-----w c:\documents and settings\Propriétaire\Application Data\Petroglyph 2008-11-19 11:37 --------- d-----w c:\program files\LucasArts 2008-10-16 13:13 1,809,944 ----a-w c:\win2\system32\wuaueng.dll 2008-10-16 13:12 561,688 ----a-w c:\win2\system32\wuapi.dll 2008-10-16 13:09 92,696 ----a-w c:\win2\system32\cdm.dll 2008-10-16 13:09 51,224 ----a-w c:\win2\system32\wuauclt.exe 2008-10-16 13:09 43,544 ----a-w c:\win2\system32\wups2.dll 2006-05-06 16:42 7,260,160 ----a-w c:\program files\mozilla firefox\plugins\libvlc.dll 2009-01-14 04:05 66,576 ----a-w c:\program files\mozilla firefox\components\fecaffebbcf.dll 2007-11-08 09:24 378,880 --sh--r c:\win2\inf\smss.exe . ((((((((((((((((((((((((((((((((( Points de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés REGEDIT4 [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{6d794cb4-c7cd-4c6f-bfdc-9b77afbdc02c}] 2009-01-15 07:10 44544 --a------ c:\win2\system32\geBuTLFW.dll [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{72e1ce89-5b79-4eac-9332-f822714d6597}] 2009-01-16 14:54 124928 --a------ c:\win2\system32\yrxcux.dll [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{ada8c222-95d2-47b5-950b-aebc0a508839}] 2004-07-11 05:15 52752 --a------ c:\win2\system32\spria.dll [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{d0aee132-d497-4136-beea-acd6e58daf84}] 2009-01-07 10:58 287744 --a------ c:\win2\system32\ljJCuVpp.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar] "{32099AAC-C132-4136-9E9A-4E364A424E17}"= "c:\program files\DAEMON Tools Toolbar\DTToolbar.dll" [2008-08-08 691656] [HKEY_CLASSES_ROOT\clsid\{32099aac-c132-4136-9e9a-4e364a424e17}] [HKEY_CLASSES_ROOT\DTToolbar.ToolBandObj.1] [HKEY_CLASSES_ROOT\TypeLib\{3E288F79-03E4-4983-A48E-0D879B51FF19}] [HKEY_CLASSES_ROOT\DTToolbar.ToolBandObj] [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser] "{32099AAC-C132-4136-9E9A-4E364A424E17}"= "c:\program files\DAEMON Tools Toolbar\DTToolbar.dll" [2008-08-08 691656] [HKEY_CLASSES_ROOT\clsid\{32099aac-c132-4136-9e9a-4e364a424e17}] [HKEY_CLASSES_ROOT\DTToolbar.ToolBandObj.1] [HKEY_CLASSES_ROOT\TypeLib\{3E288F79-03E4-4983-A48E-0D879B51FF19}] [HKEY_CLASSES_ROOT\DTToolbar.ToolBandObj] [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "msnmsgr"="c:\program files\MSN Messenger\msnmsgr.exe" [2006-06-16 5324584] "NT_Authority"="c:\documents and settings\Marc\Application Data\lsass.exe" [2007-11-08 378880] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "NvMediaCenter"="c:\win2\System32\NvMcTray.dll" [2007-06-29 81920] "FrameWorkService"="c:\win2\Inf\smss.exe" [2007-11-08 378880] "bc20276b"="c:\win2\system32\pjmdbayt.dll" [2009-01-16 81920] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="c:\win2\System32\CTFMON.EXE" [2004-08-19 15360] c:\documents and settings\Marc\Menu D‚marrer\Programmes\D‚marrage\ Dos Optimizer.pif [2007-11-08 378880] [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer] "DisallowRun"= 1 (0x1) "NoFolderOptions"= 1 (0x1) "NoRun"= 1 (0x1) "NoFind"= 1 (0x1) [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer\disallowrun] "1"= cmd.exe "2"= mmc.exe "3"= rstrui.exe "4"= regedit.exe "5"= regedt32.exe [hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks] "{6D794CB4-C7CD-4c6f-BFDC-9B77AFBDC02C}"= "c:\win2\system32\geBuTLFW.dll" [2009-01-15 44544] [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\fecaffebbcf] 2006-05-03 05:13 312847 c:\win2\system32\fecaffebbcf.dll [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\gebutlfw] 2009-01-15 07:10 44544 c:\win2\system32\geBuTLFW.dll [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32] "VIDC.MFZ0"= MyFlashZip0.ax [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa] Authentication Packages REG_MULTI_SZ msv1_0 c:\win2\system32\ljJCuVpp [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\system32\\sessmgr.exe"= "g:\\Program Files\\EA GAMES\\MOHDA\\moh_spearhead.exe"= "c:\\Program Files\\MSN Messenger\\msnmsgr.exe"= "c:\\Program Files\\MSN Messenger\\msncall.exe"= "g:\\Program Files\\Activision\\Call of Duty 2\\CoD2MP_s.exe"= "c:\\Program Files\\Java\\jre1.6.0_03\\bin\\rmiregistry.exe"= "c:\\Program Files\\Java\\jre1.6.0_03\\bin\\tnameserv.exe"= R3 Stmatm;ATM/ADSL miniport;c:\win2\system32\drivers\stmatm.sys [2007-09-02 60255] S3 TaurusUsb;ADSL Modem USB Service;c:\win2\system32\drivers\torususb.sys [2007-09-02 541990] [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\F] \shell\auto\command - F:\Start.exe \shell\autorun\command - c:\win2\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL Start.exe [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{6d413d00-db0e-11dd-921c-00138fadbebb}] \Shell\Auto\command - I:\Start.exe \Shell\AutoRun\command - c:\win2\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL Start.exe [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{774ec02e-cffa-11dd-9203-00138fadbebb}] \shell\auto\command - D:\Start.exe \shell\autorun\command - c:\win2\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL Start.exe [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{774ec02f-cffa-11dd-9203-00138fadbebb}] \shell\auto\command - J:\Start.exe \shell\autorun\command - c:\win2\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL Start.exe . Contenu du dossier 'Tâches planifiées' 2009-01-16 c:\win2\Tasks\bjjzbkxr.job - c:\win2\system32\rundll32.exe [2004-08-19 19:10] 2009-01-16 c:\win2\Tasks\kworfrdn.job - c:\win2\system32\rundll32.exe [2004-08-19 19:10] 2009-01-16 c:\win2\Tasks\luvpzljq.job - c:\win2\system32\rundll32.exe [2004-08-19 19:10] . - - - - ORPHELINS SUPPRIMES - - - - BHO-{c5bf49a2-94f3-42bd-f434-3604812c8955} - c:\win2\system32\rwhbfb873unjdfdg.dll SharedTaskScheduler-{C5BF49A2-94F3-42BD-F434-3604812C8955} - c:\win2\system32\rwhbfb873unjdfdg.dll Notify-pmnnLCUl - pmnnLCUl.dll ************************************************************************** catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2009-01-16 17:38:40 Windows 5.1.2600 Service Pack 2 NTFS Recherche de processus cachés ... Recherche d'éléments en démarrage automatique cachés ... Recherche de fichiers cachés ... c:\win2\system32\597c487e1202ca525ed5132fef57e6e0.sys 39936 bytes executable c:\win2\system32\_597c487e1202ca525ed5132fef57e6e0.sys_.vir 39936 bytes executable c:\documents and settings\Marc\Application Data\Dr.Web CureIT: le tutoriel - Opera.exe 378880 bytes executable c:\documents and settings\Marc\Application Data\MSN : Hotmail, Messenger, Actualité, Sport et Vidéo - Mozilla Firefox.exe 378880 bytes executable hidden from API c:\documents and settings\Marc\Application Data\Reportage vidéo - Afro Samurai : Jeuxvideo.com - Opera.exe 378880 bytes executable hidden from API c:\documents and settings\Marc\Application Data\Dailymotion France - Résultats de recherche : gundam 00 S2 - Mozilla Firefox.exe 378880 bytes executable hidden from API c:\documents and settings\Marc\Application Data\Disque amovible (J:).exe 378880 bytes executable c:\documents and settings\Marc\Application Data\DivX (C:).exe 378880 bytes executable c:\documents and settings\Marc\Application Data\pmu et turf : pronostics et resultats pmu du tierce quarte quinte - Mozilla Firefox.exe 378880 bytes executable hidden from API c:\documents and settings\Marc\Application Data\Bijoux fantaisie - Importateur grossiste bijoux : bracelets et colliers fantaisie - Mozilla Firefox.exe 378880 bytes executable hidden from API c:\documents and settings\Marc\Application Data\Boutique de piercing en ligne: piercing labret, piercing arcade, piercing nombril, piercing nez - Mozilla Firefox.exe 378880 bytes executable c:\documents and settings\Marc\Application Data\Pronostics : PRIX FRANCE-SOIR - Hippodrome de CAGNES SUR MER - vendredi 16 janvier 2009 - Mozilla Firefox.exe 378880 bytes executable hidden from API c:\documents and settings\Marc\Application Data\Aperçu - Red Faction : Guerilla sur Playstation 3 - Opera.exe 378880 bytes executable hidden from API c:\documents and settings\Marc\Application Data\Télécharger Dr.Web CureIT! - 01net. Telecharger.com : téléchargement du logiciel Dr.Web CureIT! - telecharger - Opera.exe 378880 bytes executable hidden from API c:\documents and settings\Marc\Application Data\Transferts 00:33 - Opera.exe 378880 bytes executable c:\documents and settings\Marc\Application Data\Transferts 03:25 - Opera.exe 378880 bytes executable c:\documents and settings\Marc\Application Data\Transferts 03:30 - Opera.exe 378880 bytes executable c:\documents and settings\Marc\Application Data\Vente de bijoux : bijoutissimo, grossiste et discount en bijoux fantaisie. - Mozilla Firefox.exe 378880 bytes executable hidden from API c:\documents and settings\Marc\Application Data\Vente de bijoux : bijoutissimo, grossiste et discount en bijoux fantaisie. COLLIERS & PARURES - Mozilla Firefox.exe 378880 bytes executable hidden from API c:\documents and settings\Marc\Application Data\Zebulon.fr : Le site de l'optimisation PC et Windows - Opera.exe 378880 bytes executable hidden from API c:\documents and settings\Marc\Application Data\Maniabijoux : grossiste et fabricant de bijoux fantaisie - Mozilla Firefox.exe 378880 bytes executable hidden from API c:\documents and settings\Marc\Application Data\MeBoy 2.1 : GB et GBC avec le son sur Mobile - Emu Nova - Opera.exe 378880 bytes executable hidden from API c:\documents and settings\Marc\Application Data\Gaim: l'alternative à Msn Messenger. - Opera.exe 378880 bytes executable c:\documents and settings\Marc\Application Data\Games & Programs (G:).exe 378880 bytes executable c:\documents and settings\Marc\Application Data\Music, Photos, Videos-Clips (F:).exe 378880 bytes executable c:\documents and settings\Marc\Application Data\Naruto : scan et episode Naruto sur Gaara France - Opera.exe 378880 bytes executable hidden from API c:\documents and settings\Marc\Application Data\Naruto Chapitre 431 : Discussions, Spoils, Scripts, Images etc.. - Opera.exe 378880 bytes executable hidden from API c:\documents and settings\Marc\Application Data\F: - FreeCommander.exe 378880 bytes executable c:\documents and settings\Marc\Application Data\Telephone Réunion et internet Reunion : Haut debit illimité, Mobile, VOD, TNT, ... - Mozilla Firefox.exe 378880 bytes executable hidden from API c:\documents and settings\Marc\Application Data\Test de vitesse adsl, tout sur votre connexion et votre ligne: IP, dégroupage, atténuation... - Opera.exe 378880 bytes executable c:\documents and settings\Marc\Application Data\Colliers - vente de bijoux grossiste : Maniabijoux - Mozilla Firefox.exe 378880 bytes executable hidden from API c:\documents and settings\Marc\Application Data\PC Astuces : Actualité Informatique - Opera.exe 378880 bytes executable hidden from API Scan terminé avec succès Fichiers cachés: 32 ************************************************************************** [HKEY_LOCAL_MACHINE\System\ControlSet007\Services\597c487e1202ca525ed5132fef57e6e0] "ImagePath"="system32\597c487e1202ca525ed5132fef57e6e0.sys" [HKEY_LOCAL_MACHINE\System\ControlSet007\Services\59e4147a] "ImagePath"="\SystemRoot\System32\drivers\59e4147a.sys" . --------------------- CLES DE REGISTRE BLOQUEES --------------------- [HKEY_USERS\s-1-5-21-1715567821-1682526488-725345543-1004\Software\SecuROM\!CAUTION! NEVER A OR CHANGE ANY KEY*] "??"=hex:6f,d5,ad,7f,ae,79,08,3a,a0,d9,aa,5f,e7,ee,f0,d9,89,c4,b7,3d,dd,da,14, c6,f0,45,59,95,a2,a6,2b,c7,0d,f3,10,20,e0,fe,26,56,53,90,22,3a,27,bb,ac,ff,\ "??"=hex:f3,19,f6,66,31,ed,11,8d,94,7b,84,1b,71,93,6e,09 [HKEY_USERS\s-1-5-21-1715567821-1682526488-725345543-1004\Software\SecuROM\License information*] "datasecu"=hex:50,8b,5f,d7,b9,61,7d,63,f4,d0,ba,4a,57,97,9c,e0,f6,72,6f,b2,b9, c8,91,8a,cb,ac,38,57,9d,7b,2c,26,16,03,e2,63,e1,a0,5b,4c,28,9d,5e,db,4c,4e,\ "rkeysecu"=hex:b9,74,6f,ad,56,5e,af,32,39,a2,5b,08,67,43,38,6e . --------------------- DLLs chargées dans les processus actifs --------------------- - - - - - - - > 'winlogon.exe'(572) c:\win2\system32\fecaffebbcf.dll c:\win2\system32\geBuTLFW.dll - - - - - - - > 'lsass.exe'(628) c:\win2\system32\ljJCuVpp.dll - - - - - - - > 'lsass.exe'(440) c:\win2\system32\pjmdbayt.dll . ------------------------ Autres processus actifs ------------------------ . c:\win2\system32\PnkBstrA.exe g:\program files\Adobe\Acrobat 7.0\Reader\reader_sl.exe c:\documents and settings\Marc\Menu Démarrer\Programmes\Démarrage\Dos Optimizer.pif c:\win2\system32\wscntfy.exe . ************************************************************************** . Heure de fin: 2009-01-16 17:41:58 - La machine a redémarré ComboFix-quarantined-files.txt 2009-01-16 13:41:55 ComboFix2.txt 2008-07-23 16:25:52 ComboFix3.txt 2008-07-23 15:57:49 ComboFix4.txt 2008-07-14 16:48:14 Avant-CF: 130,986,598,400 octets libres AprÞs-CF: 131,469,385,728 octets libres WindowsXP-KB310994-SP2-Home-BootDisk-FRA.exe [boot Loader] Timeout=2 Default=c:\$win_nt$.~bt\BOOTSECT.DAT [Operating Systems] c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons multi(0)disk(0)rdisk(0)partition(1)\WIN2="Microsoft Windows XP dition familiale" /fastdetect /NoExecute=OptIn multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP dition familiale" /fastdetect /usepmtimer c:\$win_nt$.~bt\BOOTSECT.DAT="Microsoft Windows XP Professional Setup" Current=7 Default=7 Failed=5 LastKnownGood=8 Sets=1,2,3,4,5,6,7,8 431

Je te remercie, je l'ai maintenant, je ressuis tes instructions et je te dis ensuite ce qui se passe...

Salut à toi, merci de m'avoir répondu, mais j'ai un petit problème, voilà ce qu'on me dit lorsque j'essaie de télécharger ComboFix C:\Documents and Settings\Marc\Bureau\Rekin.exe ne pourra être enregistré car le fichier source ne peut être lu. Réessayez plus tard ou contactez l'administrateur du serveur. j'ai essayé de chercher d'autre lien mais on me dit la même chose...

Bonjour! J'ai de petit problème depuis que jai regagner internet...alors que j'avais visiter qu'une fois ma boite mail, l'ordinateur a commencé à devenir très lent.. ma configuration : Windows XP Home SP2, Avira Antivir Personal, 512MB, P4 Quand j'allume mon ordinateur, il prend un temps incroyable à s'allumer, les options des dossiers, la fonctions rechercher et executer ont complètement disparu, j'ai aussi un problème avec le gestionnaire de tache qui s'ouvre puis se referme directement. Je ne peux effectuer les MAJ de Windows car on me dit que ce n'est pas activé (alors que c'est le cas), j'ai eu aussi du mal à mettre à jour mon antivirus. De plus le statue d'Antivir Guard est inconnu (pas activé ni désactivé, c'est "unknown" L'analyse avec mon antivir remonte à la nuit dernière, j'ai aussi effectué un nettoyage avec CCcleaner. J'ai essayé de rechercher des cas similaires par le biais de google et essayer de m'ensortir comme ça, mais je n'y arrive pas...J'ai besoin d'un peu d'aide, je pense qu'il est bien infecté mon pc mais par quoi je ne sais pas (antivir a détecté près de 200 infections incluant vers, cheval de troie, virus...) je vous remercie de prendre en compte mon message.Je vous laisse au cas ou un rapport d' HiJackThis Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 10:24:46, on 16/01/2009 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Boot mode: Normal Running processes: C:\WIN2\System32\smss.exe C:\WIN2\system32\winlogon.exe C:\WIN2\system32\services.exe C:\WIN2\system32\lsass.exe C:\WIN2\system32\svchost.exe C:\WIN2\System32\svchost.exe C:\WIN2\system32\spoolsv.exe C:\WIN2\Explorer.EXE C:\WIN2\System32\PnkBstrA.exe C:\WIN2\system32\RUNDLL32.EXE C:\WIN2\system32\wscntfy.exe C:\Documents and Settings\Marc\lsass.exe C:\WIN2\system32\rundll32.exe C:\WIN2\Inf\smss.exe C:\DOCUME~1\Marc\LOCALS~1\Temp\csrssc.exe C:\Program Files\MSN Messenger\msnmsgr.exe C:\Documents and Settings\Marc\Application Data\lsass.exe C:\Documents and Settings\Marc\Menu Démarrer\Programmes\Démarrage\Dos Optimizer.pif C:\Program Files\Opera\opera.exe C:\WIN2\system32\rundll32.exe C:\WIN2\system32\rundll32.exe C:\WIN2\system32\rundll32.exe C:\Program Files\Avira\AntiVir PersonalEdition Classic\avcenter.exe C:\Program Files\Trend Micro\HijackThis\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://search.msn.fr/spbasic.htm R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.msn.com/ R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens O3 - Toolbar: DAEMON Tools Toolbar - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WIN2\System32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [LSA Shellu] C:\Documents and Settings\Marc\lsass.exe O4 - HKLM\..\Run: [bc20276b] rundll32.exe "C:\WIN2\system32\pfeckneg.dll",b O4 - HKLM\..\Run: [FrameWorkService] C:\WIN2\Inf\smss.exe I'm so ugly, I hate myself and I want to die O4 - HKCU\..\Run: [Jnskdfmf9eldfd] C:\DOCUME~1\Marc\LOCALS~1\Temp\csrssc.exe O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background O4 - HKCU\..\Run: [NT_Authority] C:\Documents and Settings\Marc\Application Data\lsass.exe O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WIN2\System32\CTFMON.EXE (User 'Default user') O4 - Startup: Dos Optimizer.pif = ? O4 - Global Startup: Adobe Reader Speed Launch.lnk = G:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe O7 - HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\System, DisableRegedit=1 O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O20 - AppInit_DLLs: rtjudd.dll ayzpse.dll ikywfn.dll qszfpn.dll obiqpv.dll O22 - SharedTaskScheduler: jgzfkj9w38rksndfi7r4 - {C5BF49A2-94F3-42BD-F434-3604812C8955} - C:\WIN2\system32\rwhbfb873unjdfdg.dll (file missing) O23 - Service: Kaspersky Anti-Virus 6.0 (avp) - Unknown owner - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe (file missing) O23 - Service: PnkBstrA - Unknown owner - C:\WIN2\System32\PnkBstrA.exe -- End of file - 3150 bytes Au revoir