[Résolu] sujet de Guildevils

Guildevils · le 28 juin 2008

Bonjour, j'ai moi-même un probleme avec ce kdja.exe ! En fait, au démmarage de mon ordinateur, aucune icone de s'affiche sur mon bureau, ni même la barre "démarré"... Je dois passé par le gestionnaine (ctrl + all + suppr) pour accéder à Internet explorer.

Il y a en fait qu'une boite qui s'ouvre et ça dis: Définition des paramètres personnalisés pour:C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Outils d'administration\Recycle Bin\kdja.exe

Voici le résultat de l'analyse que je recois avec le logiciel Hijackthis:

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 00:33:24, on 2008-06-28
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16674)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\system32\svchost.exe
C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Outils d'administration\Recycle Bin\kdja.exe
C:\PROGRA~1\AVG\AVG8\avgam.exe
C:\PROGRA~1\AVG\AVG8\avgrsx.exe
C:\PROGRA~1\AVG\AVG8\avgnsx.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\system32\WgaTray.exe
C:\Documents and Settings\Guillaume\Bureau\iexplore.exe
C:\WINDOWS\system32\ctfmon.exe
C:\PROGRA~1\AVG\AVG8\aAvgApi.exe
C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\Program Files\ACD Systems\ACDSee\7.0\ACDSee7.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://sympatico.msn.ca/defaultf.aspx
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.ca
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://www.google.fr/keyword/%s
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Ultimate Edition 2.0
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O3 - Toolbar: Google Web Accelerator - {DB87BFA2-A2E3-451E-8E5A-C89982D87CBF} - C:\Program Files\Google\Web Accelerator\GoogleWebAccToolbar.dll
O3 - Toolbar: AVGTOOLBAR - {A057A204-BACC-4D26-9990-79A187E2698E} - C:\PROGRA~1\AVG\AVG8\AVGTOO~1.DLL
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe"
O4 - HKLM\..\Run: [Sony Ericsson PC Suite] "C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe" /startoptions
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe"  -osboot
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [Hope Draw Obj Funk] C:\Documents and Settings\All Users\Application Data\LICENSE FORD HOPE DRAW\Manager type.exe
O4 - HKLM\..\Run: [2430eab9] rundll32.exe "C:\WINDOWS\system32\ankcrfmc.dll",b
O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [regs cash] C:\DOCUME~1\GUILLA~1\APPLIC~1\FILEBI~1\Jugs Proc.exe
O4 - HKCU\..\Run: [SpySweeper] "C:\Program Files\SpySweeper\SpySweeper.exe" /0
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Auto Detect.lnk = C:\Program Files\iConcepts Music Express\MEAutoDetect.exe
O4 - Global Startup: hp psc 1000 series.lnk = ?
O4 - Global Startup: hpoddt01.exe.lnk = ?
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Run Google Web Accelerator.lnk = C:\Program Files\Google\Web Accelerator\GoogleWebAccWarden.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~1\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O16 - DPF: {03B39B10-9AB9-4DBB-8189-7F76E0CE5F3F} (FavImport Class) - https://favorites.live.com/cab/ImportAx.cab?v=13,0,1609,00
O16 - DPF: {0F7A9297-7268-11D1-B81A-00A076C01B0A} (CPC View ax Control) - http://www.registrefoncier.gouv.qc.ca/Sirf/Script/14_05_04/CPCViewAX/CpcViewAX.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {17D667BA-5675-4AAB-9221-08B9379384D4} (Image Uploader Control) - http://cdnimg.piczo.com/images/uploader/piczo_fast_uploader.cab
O16 - DPF: {2250C29C-C5E9-4F55-BE4E-01E45A40FCF1} (CMediaMix Object) - http://musicmix.messenger.msn.com/Medialogic.CAB
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx1.hotmail.com/mail/w2/pr02/resources/MSNPUpld.cab
O16 - DPF: {5C6698D9-7BE4-4122-8EC5-291D84DBD4A0} (Facebook Photo Uploader 4 Control) - http://upload.facebook.com/controls/FacebookPhotoUploader3.cab
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-CA/a-UNO1/GAME_UNO1.cab
O16 - DPF: {AF2E62B6-F9E1-4D4F-A10A-9DC8E6DCBCC0} (VideoEgg ActiveX Loader) - http://update.videoegg.com/Install/Windows/Initial/VideoEggPublisher.exe
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://messenger.zone.msn.com/binary/ZIntro.cab56649.cab
O16 - DPF: {BD8667B7-38D8-4C77-B580-18C3E146372C} (Creative Toolbox Plug-in) - http://bmm.imgag.com/imgag/cp/install/crusher-caf.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {D6E7CFB5-C074-4D1C-B647-663D1A8D96BF} (Facebook Photo Uploader 4) - http://upload.facebook.com/controls/FacebookPhotoUploader4_5.cab
O16 - DPF: {E008023B-F788-4BEB-8040-3E3E33035994} (Cax3DPlugin Object) - http://www.graalonline.com/downloads/plugin/graalplugin.cab
O16 - DPF: {E6187999-9FEC-46A1-A20F-F4CA977D5643} (ZoneChess Object) - http://messenger.zone.msn.com/binary/Chess.cab57176.cab
O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab56986.cab
O16 - DPF: {F5D98C43-DB16-11CF-8ECA-0000C0FD59C7} (ActiveCGM Control) - http://www.registrefoncier.gouv.qc.ca/Sirf/Script/14_05_04/ActiveCGM/Acgm.cab
O16 - DPF: {F8C5C0F1-D884-43EB-A5A0-9E1C4A102FA8} (GoPetsWeb Control) - https://secure.gopetslive.com/dev/GoPetsWeb.cab
O16 - DPF: {FFBB3F3B-0A5A-4106-BE53-DFE1E2340CB1} (Contrôleur de DownloadManager) - http://dlm.tools.akamai.com/dlmanager/versions/activex/dlm-activex-2.2.1.6.cab
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll
O20 - AppInit_DLLs: avgrsstx.dll
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: AVG8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Fichiers communs\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe

--
End of file - 9261 bytes

Ça veut dire quoi selon vous? Je vais m'en sortir? :s

MERCI !!

Modifié le 29 juin 2008 par Guildevils

angelique · le 28 juin 2008

Tu aurais du créer ton propre sujet!!!! ton probleme à toi c'est infections LOP + Vundo

• desinstalle avast via ajout\suppression de programmes car tu as l'excellent avg8

• relance HijackThis " do a system scan only" , coche les lignes ci dessous et clic fixchecked::

O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime

O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"

O4 - HKLM\..\Run: [Hope Draw Obj Funk] C:\Documents and Settings\All Users\Application Data\LICENSE FORD HOPE DRAW\Manager type.exe

O4 - HKLM\..\Run: [2430eab9] rundll32.exe "C:\WINDOWS\system32\ankcrfmc.dll",b

O4 - HKCU\..\Run: [regs cash] C:\DOCUME~1\GUILLA~1\APPLIC~1\FILEBI~1\Jugs Proc.exe

O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe

O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe

O16 - DPF: {AF2E62B6-F9E1-4D4F-A10A-9DC8E6DCBCC0} (VideoEgg ActiveX Loader) - http://update.videoegg.com/Install/Windows...ggPublisher.exe

O16 - DPF: {F8C5C0F1-D884-43EB-A5A0-9E1C4A102FA8} (GoPetsWeb Control) - https://secure.gopetslive.com/dev/GoPetsWeb.cab

O16 - DPF: {FFBB3F3B-0A5A-4106-BE53-DFE1E2340CB1} (Contrôleur de DownloadManager) - http://dlm.tools.akamai.com/dlmanager/vers...vex-2.2.1.6.cab

==> clic Fixchecked

• tu traites d'abord LOP avec http://eric.71.mespages.googlepages.com/LopSD.exe

Option1 puis option 2 , tu postes le rapport de l'option2 stp!!

tuto:

http://eric.71.mespages.googlepages.com/lop.sd.exe

http://www.assistepc.com/forum/lop-s-d-net...-lop-vt686.html

• puis desactive temporairement AVG8 et :

Télécharge combofix.exe (par sUBs) et sauvegarde le sur ton bureau

http://download.bleepingcomputer.com/sUBs/ComboFix.exe

* Double-clique combofix.exe afin de l'exécuter et suis les instructions.

* Lorsque l'analyse sera complétée, un rapport apparaîtra que tu me posteras.

* Si le fichier n'apparait pas, il se trouve ici > C:\ComboFix.txt

== je lirais tes rapports cette apres midi, je pars au taf==

Guildevils · le 28 juin 2008

Bonjour,

MERCI de l'aide aussi rapide ! Et désoler de n'avoir créer un autre sujet, j'étais certain que mon problème était le même. Alors voila:

LOP option 2, voici le rapport:

   -----------------------[  Lop S&D 4.2.1-8  XP/Vista  ]---------------------

  [ Windows XP (NT 5.1) Build 2600, Service Pack 2 ]
  [ USER : Guillaume ] [ "C:\Lop SD" ] [ Selection : 2 ]
  [ 2008-06-28 |  3:04:31,51 ] [ PC : ORDI-F840855E70 ]
  [ MAJ : 24-06-2008 | 11:00 ]


  \\\\\\\\\\\\\\\\\\\\\\\\\\\\\\ SUPPRESSION /////////////////////////////

  Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\espionServerData\globData.mk4
  Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\LICENSE FORD HOPE DRAW\Army Cash.exe
  Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\LICENSE FORD HOPE DRAW\Four Load.exe
  Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\LICENSE FORD HOPE DRAW\Manager type.exe
  Supprime! - C:\WINDOWS\Prefetch\MANAGER TYPE.EXE-2514B27E.pf 
  Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\espionServerData
  Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\LICENSE FORD HOPE DRAW
  RestaurÚ! - Fichier Hosts

  //////////////////////////////////////-\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\ 

  Supprime! - C:\Program Files\vmntoolbar

  //////////////////////////////////////-\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\


  -------------[ Listing des dossiers dans Application Data ]------------  

  [2007-04-27|19:02] C:\DOCUME~1\ADMINI~1\APPLIC~1\ACD Systems
  [2007-07-18|06:49] C:\DOCUME~1\ADMINI~1\APPLIC~1\Adobe
  [2007-05-19|12:07] C:\DOCUME~1\ADMINI~1\APPLIC~1\AdobeUM
  [2007-05-18|19:46] C:\DOCUME~1\ADMINI~1\APPLIC~1\Apple Computer
  [2007-07-23|17:31] C:\DOCUME~1\ADMINI~1\APPLIC~1\bang
  [2007-06-12|13:01] C:\DOCUME~1\ADMINI~1\APPLIC~1\Connexion FTP.ftp
  [2007-04-27|20:39] C:\DOCUME~1\ADMINI~1\APPLIC~1\desktop.ini
  [2007-06-12|12:53] C:\DOCUME~1\ADMINI~1\APPLIC~1\Dynamique
  [2007-07-26|23:47] C:\DOCUME~1\ADMINI~1\APPLIC~1\Filebikemeal
  [2005-07-27|16:15] C:\DOCUME~1\ADMINI~1\APPLIC~1\FTP Expert Stockage.ftp
  [2007-05-16|15:04] C:\DOCUME~1\ADMINI~1\APPLIC~1\Google
  [2007-05-16|09:31] C:\DOCUME~1\ADMINI~1\APPLIC~1\Hewlett-Packard
  [2007-08-05|11:40] C:\DOCUME~1\ADMINI~1\APPLIC~1\Identities
  [2007-05-20|10:05] C:\DOCUME~1\ADMINI~1\APPLIC~1\Lavasoft
  [2007-08-07|11:32] C:\DOCUME~1\ADMINI~1\APPLIC~1\LimeWire
  [2007-06-02|16:14] C:\DOCUME~1\ADMINI~1\APPLIC~1\Macromedia
  [2007-08-05|14:30] C:\DOCUME~1\ADMINI~1\APPLIC~1\Microsoft
  [2007-05-01|20:39] C:\DOCUME~1\ADMINI~1\APPLIC~1\Microsoft Web Folders
  [2007-06-12|12:54] C:\DOCUME~1\ADMINI~1\APPLIC~1\Par d‚faut.cls
  [2007-06-12|13:01] C:\DOCUME~1\ADMINI~1\APPLIC~1\Settings.cfg
  [2007-06-12|12:53] C:\DOCUME~1\ADMINI~1\APPLIC~1\Sites pr‚d‚finis
  [2007-06-11|14:42] C:\DOCUME~1\ADMINI~1\APPLIC~1\Sun
  [2007-04-27|18:51] C:\DOCUME~1\ADMINI~1\APPLIC~1\Symantec
  [2007-06-15|02:16] C:\DOCUME~1\ADMINI~1\APPLIC~1\vmntoolbar

  [2007-11-14|17:20] C:\DOCUME~1\ALEXAN~1\APPLIC~1\.BitTornado
  [2008-06-27|19:46] C:\DOCUME~1\ALEXAN~1\APPLIC~1\.googlewebacchosts
  [2007-08-07|17:03] C:\DOCUME~1\ALEXAN~1\APPLIC~1\ACD Systems
  [2008-03-14|16:12] C:\DOCUME~1\ALEXAN~1\APPLIC~1\Adobe
  [2008-06-23|15:42] C:\DOCUME~1\ALEXAN~1\APPLIC~1\AdobeUM
  [2007-12-02|16:17] C:\DOCUME~1\ALEXAN~1\APPLIC~1\Apple Computer
  [2008-06-28|02:17] C:\DOCUME~1\ALEXAN~1\APPLIC~1\AVGTOOLBAR
  [2007-04-27|20:39] C:\DOCUME~1\ALEXAN~1\APPLIC~1\desktop.ini
  [2007-11-30|19:38] C:\DOCUME~1\ALEXAN~1\APPLIC~1\Dynamique
  [2008-06-10|12:53] C:\DOCUME~1\ALEXAN~1\APPLIC~1\Filebikemeal
  [2005-07-27|17:15] C:\DOCUME~1\ALEXAN~1\APPLIC~1\FTP Expert Stockage.ftp
  [2007-11-09|21:08] C:\DOCUME~1\ALEXAN~1\APPLIC~1\Google
  [2007-10-11|14:37] C:\DOCUME~1\ALEXAN~1\APPLIC~1\Help
  [2007-09-15|11:29] C:\DOCUME~1\ALEXAN~1\APPLIC~1\Hewlett-Packard
  [2007-08-07|12:51] C:\DOCUME~1\ALEXAN~1\APPLIC~1\Identities
  [2007-09-15|07:07] C:\DOCUME~1\ALEXAN~1\APPLIC~1\InstallShield
  [2008-03-10|11:44] C:\DOCUME~1\ALEXAN~1\APPLIC~1\Lavasoft
  [2007-09-04|14:00] C:\DOCUME~1\ALEXAN~1\APPLIC~1\Leadertech
  [2007-11-14|16:56] C:\DOCUME~1\ALEXAN~1\APPLIC~1\LimeWire
  [2007-08-07|11:47] C:\DOCUME~1\ALEXAN~1\APPLIC~1\Macromedia
  [2008-02-16|21:18] C:\DOCUME~1\ALEXAN~1\APPLIC~1\Microsoft
  [2007-09-26|10:37] C:\DOCUME~1\ALEXAN~1\APPLIC~1\Opera
  [2008-02-23|20:05] C:\DOCUME~1\ALEXAN~1\APPLIC~1\Par d‚faut.cls
  [2007-10-11|14:41] C:\DOCUME~1\ALEXAN~1\APPLIC~1\Real
  [2008-02-23|20:05] C:\DOCUME~1\ALEXAN~1\APPLIC~1\Settings.cfg
  [2007-11-30|19:38] C:\DOCUME~1\ALEXAN~1\APPLIC~1\Sites pr‚d‚finis
  [2008-05-12|10:59] C:\DOCUME~1\ALEXAN~1\APPLIC~1\Spybot - Search & Destroy
  [2007-08-23|12:18] C:\DOCUME~1\ALEXAN~1\APPLIC~1\Sun
  [2007-04-27|18:51] C:\DOCUME~1\ALEXAN~1\APPLIC~1\Symantec
  [2007-09-15|06:30] C:\DOCUME~1\ALEXAN~1\APPLIC~1\Teleca
  [2008-05-04|13:33] C:\DOCUME~1\ALEXAN~1\APPLIC~1\U3
  [2008-05-12|11:34] C:\DOCUME~1\ALEXAN~1\APPLIC~1\Webroot
  [2007-09-03|16:22] C:\DOCUME~1\ALEXAN~1\APPLIC~1\WinAmp Control
  [2007-08-17|20:04] C:\DOCUME~1\ALEXAN~1\APPLIC~1\WinRAR

  [2008-01-06|00:19] C:\DOCUME~1\ALEXAN~2\APPLIC~1\.#
  [2008-06-27|20:22] C:\DOCUME~1\ALEXAN~2\APPLIC~1\.googlewebacchosts
  [2007-08-08|20:50] C:\DOCUME~1\ALEXAN~2\APPLIC~1\ACD Systems
  [2008-05-18|12:55] C:\DOCUME~1\ALEXAN~2\APPLIC~1\Adobe
  [2007-11-04|15:40] C:\DOCUME~1\ALEXAN~2\APPLIC~1\AdobeUM
  [2007-11-04|14:56] C:\DOCUME~1\ALEXAN~2\APPLIC~1\Apple Computer
  [2008-06-28|02:11] C:\DOCUME~1\ALEXAN~2\APPLIC~1\AVGTOOLBAR
  [2007-04-27|20:39] C:\DOCUME~1\ALEXAN~2\APPLIC~1\desktop.ini
  [2008-06-10|12:58] C:\DOCUME~1\ALEXAN~2\APPLIC~1\Filebikemeal
  [2007-08-16|00:05] C:\DOCUME~1\ALEXAN~2\APPLIC~1\Google
  [2008-05-19|09:52] C:\DOCUME~1\ALEXAN~2\APPLIC~1\Help
  [2007-08-16|14:30] C:\DOCUME~1\ALEXAN~2\APPLIC~1\Hewlett-Packard
  [2007-08-08|21:15] C:\DOCUME~1\ALEXAN~2\APPLIC~1\Identities
  [2008-06-25|16:23] C:\DOCUME~1\ALEXAN~2\APPLIC~1\LimeWire
  [2007-08-09|15:25] C:\DOCUME~1\ALEXAN~2\APPLIC~1\Macromedia
  [2008-06-26|17:08] C:\DOCUME~1\ALEXAN~2\APPLIC~1\Microsoft
  [2007-08-10|17:31] C:\DOCUME~1\ALEXAN~2\APPLIC~1\Real
  [2007-08-10|17:41] C:\DOCUME~1\ALEXAN~2\APPLIC~1\Sun
  [2007-04-27|18:51] C:\DOCUME~1\ALEXAN~2\APPLIC~1\Symantec
  [2007-09-15|12:47] C:\DOCUME~1\ALEXAN~2\APPLIC~1\Teleca
  [2007-12-17|11:19] C:\DOCUME~1\ALEXAN~2\APPLIC~1\U3
  [2007-12-23|20:57] C:\DOCUME~1\ALEXAN~2\APPLIC~1\VideoEgg
  [2007-08-10|17:41] C:\DOCUME~1\ALEXAN~2\APPLIC~1\WinAmp Control
  [2007-09-29|10:44] C:\DOCUME~1\ALEXAN~2\APPLIC~1\WinRAR

  [2007-05-16|11:04] C:\DOCUME~1\ALLUSE~1\APPLIC~1\1.0.0.0
  [2007-09-03|16:31] C:\DOCUME~1\ALLUSE~1\APPLIC~1\ACD Systems
  [2008-06-27|23:21] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe
  [2007-05-18|16:42] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe Systems
  [2007-11-07|14:54] C:\DOCUME~1\ALLUSE~1\APPLIC~1\ALM
  [2007-11-04|14:51] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple
  [2007-11-04|14:55] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple Computer
  [2008-06-27|21:20] C:\DOCUME~1\ALLUSE~1\APPLIC~1\avg8
  [2008-05-12|13:52] C:\DOCUME~1\ALLUSE~1\APPLIC~1\AVS4YOU
  [2007-04-27|20:39] C:\DOCUME~1\ALLUSE~1\APPLIC~1\desktop.ini
  [2007-07-26|23:53] C:\DOCUME~1\ALLUSE~1\APPLIC~1\EQ INTER SHOW PROC
  [2007-11-07|14:57] C:\DOCUME~1\ALLUSE~1\APPLIC~1\FLEXnet
  [2008-03-28|18:17] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Google
  [2007-05-16|09:27] C:\DOCUME~1\ALLUSE~1\APPLIC~1\hpzinstall.log
  [2007-10-30|22:15] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Macrovision
  [2008-03-02|14:03] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Messenger Plus!
  [2008-06-10|19:41] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft
  [2007-04-27|18:52] C:\DOCUME~1\ALLUSE~1\APPLIC~1\MSN Messenger 6.2.0137
  [2008-06-01|15:32] C:\DOCUME~1\ALLUSE~1\APPLIC~1\QTSBandwidthCache
  [2007-09-15|06:29] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Sony Ericsson
  [2008-06-27|11:35] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Symantec
  [2007-09-15|06:29] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Teleca
  [2007-05-18|07:36] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Genuine Advantage
  [2007-08-09|20:04] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Live Toolbar
  [2007-08-10|12:29] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WindowsLiveInstaller
  [2008-01-20|16:42] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WLInstaller

  [2007-04-27|20:39] C:\DOCUME~1\DEFAUL~1\APPLIC~1\desktop.ini
  [2007-04-27|18:54] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft
  [2007-04-27|18:51] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Symantec

  [2008-06-27|13:54] C:\DOCUME~1\GUILLA~1\APPLIC~1\.BitTornado
  [2008-06-28|01:02] C:\DOCUME~1\GUILLA~1\APPLIC~1\.googlewebacchosts
  [2007-11-01|16:20] C:\DOCUME~1\GUILLA~1\APPLIC~1\ACD Systems
  [2008-06-27|23:21] C:\DOCUME~1\GUILLA~1\APPLIC~1\Adobe
  [2007-11-07|15:07] C:\DOCUME~1\GUILLA~1\APPLIC~1\AdobeUM
  [2008-06-09|11:04] C:\DOCUME~1\GUILLA~1\APPLIC~1\Apple Computer
  [2008-03-25|11:08] C:\DOCUME~1\GUILLA~1\APPLIC~1\Autodesk
  [2008-06-27|21:01] C:\DOCUME~1\GUILLA~1\APPLIC~1\AVGTOOLBAR
  [2008-05-12|13:53] C:\DOCUME~1\GUILLA~1\APPLIC~1\AVS4YOU
  [2007-04-27|20:39] C:\DOCUME~1\GUILLA~1\APPLIC~1\desktop.ini
  [2007-12-26|01:10] C:\DOCUME~1\GUILLA~1\APPLIC~1\Download Manager
  [2008-04-18|17:28] C:\DOCUME~1\GUILLA~1\APPLIC~1\Google
  [2007-12-10|23:53] C:\DOCUME~1\GUILLA~1\APPLIC~1\Hewlett-Packard
  [2008-02-29|02:13] C:\DOCUME~1\GUILLA~1\APPLIC~1\Identities
  [2008-06-09|11:35] C:\DOCUME~1\GUILLA~1\APPLIC~1\LimeWire
  [2007-11-01|16:24] C:\DOCUME~1\GUILLA~1\APPLIC~1\Macromedia
  [2008-06-27|20:49] C:\DOCUME~1\GUILLA~1\APPLIC~1\Microsoft
  [2008-03-26|23:38] C:\DOCUME~1\GUILLA~1\APPLIC~1\MonkeyJam
  [2008-03-28|02:19] C:\DOCUME~1\GUILLA~1\APPLIC~1\Real
  [2008-03-05|01:22] C:\DOCUME~1\GUILLA~1\APPLIC~1\Sun
  [2008-06-10|11:49] C:\DOCUME~1\GUILLA~1\APPLIC~1\Symantec
  [2007-11-01|16:13] C:\DOCUME~1\GUILLA~1\APPLIC~1\Teleca
  [2008-02-03|17:11] C:\DOCUME~1\GUILLA~1\APPLIC~1\Thinstall
  [2008-02-24|00:11] C:\DOCUME~1\GUILLA~1\APPLIC~1\U3
  [2008-06-28|01:20] C:\DOCUME~1\GUILLA~1\APPLIC~1\Uniblue
  [2008-06-27|23:22] C:\DOCUME~1\GUILLA~1\APPLIC~1\Webroot
  [2007-11-15|16:47] C:\DOCUME~1\GUILLA~1\APPLIC~1\WinRAR

  [2008-06-27|21:19] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft

  [2008-06-27|21:19] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft

  ----------------[ Tâches planifiées dans C:\WINDOWS\tasks ]---------------

  [2008-06-10 12:05][--a------] C:\WINDOWS\tasks\AppleSoftwareUpdate.job
  [2007-05-16 09:31][--a------] C:\WINDOWS\tasks\FRU Task #Hewlett-Packard#hp psc 1200 series#1179300671.job
  [2008-06-28 02:22][--ah-----] C:\WINDOWS\tasks\SA.DAT
  [2001-08-28 15:00][-r-h-----] C:\WINDOWS\tasks\desktop.ini

  ---------------[ Listing des dossiers dans C:\Program Files ]--------------

  [2007-09-03|16:31] C:\Program Files\ACD Systems
  [2008-04-01|20:27] C:\Program Files\Adobe
  [2008-06-27|22:36] C:\Program Files\AdVantage
  [2004-10-27|01:34] C:\Program Files\Ahead
  [2007-05-15|21:41] C:\Program Files\Alwil Software
  [2007-10-11|14:38] C:\Program Files\AmazingMIDI
  [2008-04-27|17:54] C:\Program Files\Apple Software Update
  [2008-02-05|10:49] C:\Program Files\ARWizard3
  [2008-03-25|11:06] C:\Program Files\Autodesk
  [2008-06-27|11:43] C:\Program Files\AVG
  [2008-05-12|13:51] C:\Program Files\AVS4YOU
  [2007-11-14|17:19] C:\Program Files\BitTornado
  [2007-11-07|14:53] C:\Program Files\Bonjour
  [2008-06-27|18:11] C:\Program Files\CBS Software
  [2007-05-20|10:20] C:\Program Files\CCleaner
  [2007-04-27|18:44] C:\Program Files\ComPlus Applications
  [2007-09-15|06:26] C:\Program Files\Disc2Phone
  [2008-03-25|11:06] C:\Program Files\DivX
  [2007-09-06|20:17] C:\Program Files\EA SPORTS
  [2004-11-04|23:37] C:\Program Files\everest
  [2008-06-27|11:33] C:\Program Files\Fichiers communs
  [2008-05-30|08:35] C:\Program Files\Filebikemeal
  [2008-06-27|11:22] C:\Program Files\Google
  [2008-01-05|15:05] C:\Program Files\Graal
  [2008-03-28|18:17] C:\Program Files\Hewlett-Packard
  [2008-06-01|11:55] C:\Program Files\iConcepts Music Express
  [2005-01-04|14:49] C:\Program Files\IEPrivacyKeeper
  [2008-06-27|13:40] C:\Program Files\inKline Global
  [2008-06-27|13:40] C:\Program Files\InstallShield Installation Information
  [2008-01-20|18:43] C:\Program Files\Internet Cleaner
  [2008-06-11|10:21] C:\Program Files\Internet Explorer
  [2007-11-04|14:55] C:\Program Files\iPod
  [2007-11-04|14:55] C:\Program Files\iTunes
  [2008-04-18|10:03] C:\Program Files\Java
  [2008-06-01|11:56] C:\Program Files\JL2005D
  [2004-09-13|21:09] C:\Program Files\K-Lite Codec Pack
  [2007-05-20|10:05] C:\Program Files\Lavasoft
  [2008-06-09|11:32] C:\Program Files\LimeWire
  [2007-09-20|00:15] C:\Program Files\Magicbit
  [2008-04-11|20:30] C:\Program Files\Maxis
  [2007-04-27|18:49] C:\Program Files\Media Player Classic
  [2008-04-14|21:25] C:\Program Files\Messenger Plus! Live
  [2008-02-12|01:44] C:\Program Files\Microsoft Office
  [2008-02-12|01:44] C:\Program Files\Microsoft.NET
  [2008-05-12|14:55] C:\Program Files\MP3 Converter Simple
  [2007-09-16|14:11] C:\Program Files\MSXML 4.0
  [2007-05-15|20:34] C:\Program Files\MYIE2
  [2007-05-18|16:56] C:\Program Files\NetMeeting
  [2007-08-10|21:06] C:\Program Files\otron.net
  [2007-06-13|08:54] C:\Program Files\Outlook Express
  [2008-06-27|21:48] C:\Program Files\PC Accelerator XG Trial
  [2008-06-27|13:52] C:\Program Files\PCHealthCenter
  [2008-06-01|11:55] C:\Program Files\PhoTags Express
  [2008-02-16|16:57] C:\Program Files\Picasa2
  [2007-11-04|14:54] C:\Program Files\QuickTime
  [2007-08-10|17:28] C:\Program Files\Real
  [2007-04-27|18:49] C:\Program Files\Real Alternative
  [2007-09-03|16:33] C:\Program Files\Recovery for Outlook Express
  [2004-11-27|23:33] C:\Program Files\RegSeeker
  [2004-11-05|21:35] C:\Program Files\Soft4Ever
  [2007-10-10|17:40] C:\Program Files\Sony Ericsson
  [2004-11-27|23:07] C:\Program Files\Spybot
  [2008-05-12|12:18] C:\Program Files\SpySweeper
  [2007-08-10|17:43] C:\Program Files\Sun
  [2007-09-05|10:53] C:\Program Files\Toon Boom Studio Trial
  [2008-06-28|00:32] C:\Program Files\Trend Micro
  [2008-06-28|01:19] C:\Program Files\Uniblue
  [2007-04-27|18:55] C:\Program Files\Uninstall Information
  [2007-06-12|12:52] C:\Program Files\Visicom Media
  [2008-01-20|16:48] C:\Program Files\Windows Live
  [2007-08-10|17:00] C:\Program Files\Windows Live Toolbar
  [2007-05-17|16:50] C:\Program Files\Windows Media Player
  [2007-04-27|18:44] C:\Program Files\Windows NT
  [2007-04-27|18:45] C:\Program Files\WindowsUpdate
  [2007-08-17|20:04] C:\Program Files\WinRAR
  [2007-09-03|16:23] C:\Program Files\Yahoo!

  ------[ Listing des dossiers dans C:\Program Files\Fichiers communs ]------

  [2007-05-19|14:48] C:\Program Files\Fichiers communs\ACD Systems
  [2008-06-23|15:44] C:\Program Files\Fichiers communs\Adobe
  [2007-05-18|16:42] C:\Program Files\Fichiers communs\Adobe Systems Shared
  [2007-04-27|18:52] C:\Program Files\Fichiers communs\Ahead
  [2007-11-04|14:51] C:\Program Files\Fichiers communs\Apple
  [2008-05-12|13:52] C:\Program Files\Fichiers communs\AVSMedia
  [2007-05-01|20:40] C:\Program Files\Fichiers communs\Designer
  [2007-05-16|09:25] C:\Program Files\Fichiers communs\Hewlett-Packard
  [2007-10-30|22:41] C:\Program Files\Fichiers communs\InstallShield
  [2007-05-18|20:38] C:\Program Files\Fichiers communs\Java
  [2007-11-07|14:43] C:\Program Files\Fichiers communs\Macrovision Shared
  [2008-06-10|19:41] C:\Program Files\Fichiers communs\Microsoft Shared
  [2007-04-27|18:45] C:\Program Files\Fichiers communs\MSSoap
  [2007-04-27|20:39] C:\Program Files\Fichiers communs\ODBC
  [2007-08-10|17:29] C:\Program Files\Fichiers communs\Real
  [2007-04-27|18:45] C:\Program Files\Fichiers communs\Services
  [2008-06-27|11:37] C:\Program Files\Fichiers communs\Symantec Shared
  [2007-06-13|08:54] C:\Program Files\Fichiers communs\System
  [2007-09-15|06:29] C:\Program Files\Fichiers communs\Teleca Shared
  [2007-10-30|22:43] C:\Program Files\Fichiers communs\Vbox
  [2008-01-20|16:45] C:\Program Files\Fichiers communs\WindowsLiveInstaller
  [2007-05-20|10:04] C:\Program Files\Fichiers communs\Wise Installation Wizard
  [2007-08-10|17:30] C:\Program Files\Fichiers communs\xing shared

  ---------------------------[ Process ]--------------------------

  ... 53

  ... OK !

  ----------------------[ Recherche avec S_Lop ]---------------------

  Aucun fichier / dossier Lop trouvé ! 

  -----------------[ Recherche de Fichiers / Dossiers Lop ]-----------------

  Aucun fichier / dossier Lop trouvé ! 

  ----------------------[ Verification du Registre ]----------------------

  ..... OK !

  --------------------[ Verification du fichier Hosts ]---------------------

  Fichier Hosts PROPRE


  ----------------[ Recherche de fichiers avec Catchme ]-----------------

  catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
  Rootkit scan 2008-06-28 03:07:59
  Windows 5.1.2600 Service Pack 2 NTFS
  scanning hidden processes ...
  scanning hidden files ...
  scan completed successfully
  hidden processes: 0
  hidden files: 0

  --------------------[ Recherche d'autres infections ]---------------------

  C:\WINDOWS\system32\cmfrckna.ini2 
  C:\WINDOWS\system32\ihNTEfhk.ini2 
  C:\WINDOWS\system32\PVCIOqss.ini2 
  C:\WINDOWS\system32\sAGiPqru.ini2 
  [b]! VUNDO Possible ![/b]

  => C:\Documents and Settings\Guillaume\Mes documents\Installation\Norton_Antivirus_2008_Crack_exe-Fenopy.com
  => C:\Documents and Settings\Guillaume\Mes documents\Installation\Norton_Antivirus_2008_Crack_exe-Fenopy.com.zip
  => C:\Documents and Settings\Guillaume\Mes documents\Installation\NortonAntivirus2008\NortonCrack
  => C:\Documents and Settings\Guillaume\Mes documents\Installation\NortonAntivirus2008\NortonCrack\setup.exe
  => C:\Documents and Settings\Guillaume\Mes documents\Installation\NortonAntivirus2008\NortonCrack\SETUP.LST
  => C:\Documents and Settings\Guillaume\Mes documents\Installation\NortonAntivirus2008\NortonCrack\ShareCracker
  => C:\Documents and Settings\Guillaume\Mes documents\Installation\NortonAntivirus2008\NortonCrack\ShareCracker\ASYCFILT.DLL
  => C:\Documents and Settings\Guillaume\Mes documents\Installation\NortonAntivirus2008\NortonCrack\ShareCracker\COMCAT.DLL
  => C:\Documents and Settings\Guillaume\Mes documents\Installation\NortonAntivirus2008\NortonCrack\ShareCracker\COMDLG32.OCX
  => C:\Documents and Settings\Guillaume\Mes documents\Installation\NortonAntivirus2008\NortonCrack\ShareCracker\FTSE100.001
  => C:\Documents and Settings\Guillaume\Mes documents\Installation\NortonAntivirus2008\NortonCrack\ShareCracker\FTSE250.001
  => C:\Documents and Settings\Guillaume\Mes documents\Installation\NortonAntivirus2008\NortonCrack\ShareCracker\FTSEdata.txt
  => C:\Documents and Settings\Guillaume\Mes documents\Installation\NortonAntivirus2008\NortonCrack\ShareCracker\Help.html
  => C:\Documents and Settings\Guillaume\Mes documents\Installation\NortonAntivirus2008\NortonCrack\ShareCracker\help1.gif
  => C:\Documents and Settings\Guillaume\Mes documents\Installation\NortonAntivirus2008\NortonCrack\ShareCracker\MSCHRT20.OCX
  => C:\Documents and Settings\Guillaume\Mes documents\Installation\NortonAntivirus2008\NortonCrack\ShareCracker\MSCOMCT2.OCX
  => C:\Documents and Settings\Guillaume\Mes documents\Installation\NortonAntivirus2008\NortonCrack\ShareCracker\MSFLXGRD.OCX
  => C:\Documents and Settings\Guillaume\Mes documents\Installation\NortonAntivirus2008\NortonCrack\ShareCracker\Msinet.ocx
  => C:\Documents and Settings\Guillaume\Mes documents\Installation\NortonAntivirus2008\NortonCrack\ShareCracker\msvbvm60.dll
  => C:\Documents and Settings\Guillaume\Mes documents\Installation\NortonAntivirus2008\NortonCrack\ShareCracker\OLEAUT32.DLL
  => C:\Documents and Settings\Guillaume\Mes documents\Installation\NortonAntivirus2008\NortonCrack\ShareCracker\OLEPRO32.DLL
  => C:\Documents and Settings\Guillaume\Mes documents\Installation\NortonAntivirus2008\NortonCrack\ShareCracker\scracker.ini
  => C:\Documents and Settings\Guillaume\Mes documents\Installation\NortonAntivirus2008\NortonCrack\ShareCracker\SETUP1.EXE
  => C:\Documents and Settings\Guillaume\Mes documents\Installation\NortonAntivirus2008\NortonCrack\ShareCracker\ShareCracker.exe
  => C:\Documents and Settings\Guillaume\Mes documents\Installation\NortonAntivirus2008\NortonCrack\ShareCracker\ST6UNST.EXE
  => C:\Documents and Settings\Guillaume\Mes documents\Installation\NortonAntivirus2008\NortonCrack\ShareCracker\STDOLE2.TLB
  => C:\Documents and Settings\Guillaume\Mes documents\Installation\NortonAntivirus2008\NortonCrack\ShareCracker\temp.txt
  => C:\Documents and Settings\Guillaume\Mes documents\Installation\NortonAntivirus2008\NortonCrack\ShareCracker\VB6STKIT.DLL
  => C:\Documents and Settings\Guillaume\Mes documents\Installation\NortonAntivirus2008\NortonCrack\ShareCracker\WeekData100.171
  => C:\Documents and Settings\Guillaume\Mes documents\Installation\NortonAntivirus2008\NortonCrack\ShareCracker\WeekData250.171
  => C:\Documents and Settings\Guillaume\Mes documents\Installation\RP confidentials CS3\Keygen-Crack
  => C:\Documents and Settings\Guillaume\Mes documents\Installation\RP confidentials CS3\Keygen-Crack\keygen-crackReadMe.nfo
  => C:\Documents and Settings\Guillaume\Mes documents\Installation\RP confidentials CS3\Keygen-Crack\Premiere Pro CS3 Keygen +Activation.exe
  => C:\Documents and Settings\Guillaume\Mes documents\Installation\RP confidentials CS3\Keygen-Crack\Premiere.dll
  => C:\Documents and Settings\Guillaume\Mes documents\Installation\SpeedConnect 7.0\SpeedConnect Internet Accelerator v7.0\Crack + KeyGen
  => C:\Documents and Settings\Guillaume\Mes documents\Installation\SpeedConnect 7.0\SpeedConnect Internet Accelerator v7.0\Crack + KeyGen\cim.nfo.viewer.exe
  => C:\Documents and Settings\Guillaume\Mes documents\Installation\SpeedConnect 7.0\SpeedConnect Internet Accelerator v7.0\Crack + KeyGen\keygen.exe
  => C:\Documents and Settings\Guillaume\Mes documents\Installation\SpeedConnect 7.0\SpeedConnect Internet Accelerator v7.0\Crack + KeyGen\READ.nfo
  => C:\Documents and Settings\Guillaume\Mes documents\Installation\SpeedConnect 7.0\SpeedConnect Internet Accelerator v7.0\Crack + KeyGen\SpeedConnect Internet Accelerator.exe
  => C:\Documents and Settings\Guillaume\Mes documents\Installation\PC_Booster_2008_v1.0.0.2+Keygen.rar_[mininova].torrent
  => C:\Documents and Settings\Guillaume\Mes documents\Installation\RP confidentials CS3\Keygen-Crack
  => C:\Documents and Settings\Guillaume\Mes documents\Installation\RP confidentials CS3\Keygen-Crack\keygen-crackReadMe.nfo
  => C:\Documents and Settings\Guillaume\Mes documents\Installation\RP confidentials CS3\Keygen-Crack\Premiere Pro CS3 Keygen +Activation.exe
  => C:\Documents and Settings\Guillaume\Mes documents\Installation\RP confidentials CS3\Keygen-Crack\Premiere.dll
  => C:\Documents and Settings\Guillaume\Mes documents\Installation\SpeedConnect 7.0\SpeedConnect Internet Accelerator v7.0\Crack + KeyGen
  => C:\Documents and Settings\Guillaume\Mes documents\Installation\SpeedConnect 7.0\SpeedConnect Internet Accelerator v7.0\Crack + KeyGen\cim.nfo.viewer.exe
  => C:\Documents and Settings\Guillaume\Mes documents\Installation\SpeedConnect 7.0\SpeedConnect Internet Accelerator v7.0\Crack + KeyGen\keygen.exe
  => C:\Documents and Settings\Guillaume\Mes documents\Installation\SpeedConnect 7.0\SpeedConnect Internet Accelerator v7.0\Crack + KeyGen\READ.nfo
  => C:\Documents and Settings\Guillaume\Mes documents\Installation\SpeedConnect 7.0\SpeedConnect Internet Accelerator v7.0\Crack + KeyGen\SpeedConnect Internet Accelerator.exe


  [F:1][D:1]-> C:\DOCUME~1\GUILLA~1\LOCALS~1\Temp
  [F:38][D:0]-> C:\DOCUME~1\GUILLA~1\Cookies
  [F:207][D:6]-> C:\DOCUME~1\GUILLA~1\LOCALS~1\TEMPOR~1\content.IE5

  --------------------[ Fin du rapport a  3:08:27,57  ]----------------------

Ensuite, voici le rapport pour Combofix:

ComboFix 08-06-20.4 - Guillaume 2008-06-28  3:16:58.1 - NTFSx86
Microsoft Windows XP Professionnel  5.1.2600.2.1252.33.1036.18.170 [GMT 2:00]
Endroit: C:\Documents and Settings\Guillaume\Bureau\ComboFix.exe
* Création d'un nouveau point de restauration

[color=red][b]AVERTISSEMENT - LA CONSOLE DE RÉCUPÉRATION N'EST PAS INSTALLÉE SUR CETTE MACHINE !![/b][/color]
.

((((((((((((((((((((((((((((((((((((   Autres suppressions   ))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\Documents and Settings\Alexandra_2\Application Data\.#
C:\Documents and Settings\Alexandra_2\Application Data\.#\MBX@15C4@B048E0.###
C:\Documents and Settings\Alexandra_2\Application Data\.#\MBX@15C4@B048F0.###
C:\WINDOWS\cookies.ini
C:\WINDOWS\system32\cmfrckna.ini
C:\WINDOWS\system32\cmfrckna.ini2
C:\WINDOWS\system32\cmfrckna.tmp
C:\WINDOWS\system32\ihNTEfhk.ini
C:\WINDOWS\system32\ihNTEfhk.ini2
C:\WINDOWS\system32\khfETNhi.dll
C:\WINDOWS\system32\mcrh.tmp
C:\WINDOWS\system32\PVCIOqss.ini
C:\WINDOWS\system32\PVCIOqss.ini2
C:\WINDOWS\system32\sAGiPqru.ini
C:\WINDOWS\system32\sAGiPqru.ini2
C:\WINDOWS\system32\ssqOICVP.dll
C:\WINDOWS\system32\sysogg.dll
C:\WINDOWS\system32\urqPiGAs.dll

.
(((((((((((((((((((((((((((((   Fichiers cr‚‚s 2008-05-28 to 2008-06-28  ))))))))))))))))))))))))))))))))))))
.

2008-06-28 03:32 . 2008-06-28 03:32	318,720	--a------	C:\WINDOWS\system32\jkkKEwVm.dll
2008-06-28 03:32 . 2008-06-28 03:32	347	--ahs----	C:\WINDOWS\system32\mVwEKkkj.ini2
2008-06-28 03:32 . 2008-06-28 03:36	347	--ahs----	C:\WINDOWS\system32\mVwEKkkj.ini
2008-06-28 03:25 . 2008-06-28 03:25	<REP>	d--------	C:\WINDOWS\system32\xircom
2008-06-28 03:25 . 2008-06-28 03:25	<REP>	d--------	C:\Program Files\microsoft frontpage
2008-06-28 02:50 . 2008-06-28 03:08	<REP>	d--------	C:\Lop SD
2008-06-28 01:20 . 2008-06-28 01:20	<REP>	d--------	C:\Documents and Settings\Guillaume\Application Data\Uniblue
2008-06-28 01:19 . 2008-06-28 01:19	<REP>	d--------	C:\Program Files\Uniblue
2008-06-28 00:32 . 2008-06-28 00:32	<REP>	d--------	C:\Program Files\Trend Micro
2008-06-27 23:22 . 2008-06-27 23:22	<REP>	d--------	C:\Documents and Settings\Guillaume\Application Data\Webroot
2008-06-27 21:48 . 2008-06-27 21:48	<REP>	d--------	C:\Program Files\PC Accelerator XG Trial
2008-06-27 21:48 . 1999-04-23 22:22	49,152	---------	C:\WINDOWS\system32\WALIGN.EXE
2008-06-27 21:48 . 2001-08-29 12:25	32,817	--a------	C:\WINDOWS\system32\Speed.dll
2008-06-27 21:48 . 1999-04-17 10:06	10,752	---------	C:\WINDOWS\system32\aamd532.dll
2008-06-27 21:48 . 2001-09-03 21:02	5,933	---------	C:\WINDOWS\system32\ntelcool.vxd
2008-06-27 21:48 . 1999-04-23 22:22	2,295	---------	C:\WINDOWS\system32\WINALI.INI
2008-06-27 21:20 . 2008-06-27 21:23	<REP>	d--------	C:\WINDOWS\system32\drivers\Avg
2008-06-27 21:20 . 2008-06-27 21:20	96,520	--a------	C:\WINDOWS\system32\drivers\avgldx86.sys
2008-06-27 21:20 . 2008-06-27 21:20	74,376	--a------	C:\WINDOWS\system32\drivers\avgtdix.sys
2008-06-27 21:20 . 2008-06-27 21:20	12,424	--a------	C:\WINDOWS\system32\drivers\avgrkx86.sys
2008-06-27 21:20 . 2008-06-27 21:20	10,520	--a------	C:\WINDOWS\system32\avgrsstx.dll
2008-06-27 20:55 . 2008-06-28 02:11	<REP>	d--------	C:\Documents and Settings\Alexandra_2\Application Data\AVGTOOLBAR
2008-06-27 18:11 . 2008-06-27 18:11	<REP>	d--------	C:\Program Files\CBS Software
2008-06-27 15:10 . 2008-06-27 15:10	318,656	--a------	C:\WINDOWS\system32\vtUnmLbX.dll
2008-06-27 14:53 . 2008-06-28 02:17	<REP>	d--------	C:\Documents and Settings\Alexandra\Application Data\AVGTOOLBAR
2008-06-27 14:02 . 2008-06-27 14:02	91,520	--a------	C:\WINDOWS\system32\ankcrfmc.dll
2008-06-27 13:55 . 2008-06-27 13:55	28,800	--a------	C:\WINDOWS\system32\mlJCVLbb.dll
2008-06-27 13:54 . 2008-06-27 13:54	<REP>	d--------	C:\Documents and Settings\Guillaume\Application Data\.BitTornado
2008-06-27 13:52 . 2008-06-27 13:52	<REP>	d--------	C:\Program Files\PCHealthCenter
2008-06-27 13:40 . 2008-06-27 13:40	<REP>	d--------	C:\Program Files\inKline Global
2008-06-27 11:43 . 2008-06-27 11:43	<REP>	d--------	C:\Program Files\AVG
2008-06-27 11:43 . 2008-06-27 21:01	<REP>	d--------	C:\Documents and Settings\Guillaume\Application Data\AVGTOOLBAR
2008-06-27 11:43 . 2008-06-27 21:20	<REP>	d--------	C:\Documents and Settings\All Users\Application Data\avg8
2008-06-26 15:35 . 2008-06-26 15:35	<REP>	d--------	C:\Documents and Settings\Alexandra_2\WINDOWS
2008-06-26 15:35 . 1997-07-14 17:42	314,880	--a------	C:\WINDOWS\IsUninst.exe
2008-06-11 08:29 . 2008-06-14 19:59	272,768	---------	C:\WINDOWS\system32\drivers\bthport.sys
2008-06-11 08:29 . 2008-06-14 19:59	272,768	---------	C:\WINDOWS\system32\DllCache\bthport.sys
2008-06-10 14:01 . 2008-06-10 14:01	303	--a------	C:\WINDOWS\ST6UNST.003
2008-06-10 12:19 . 2008-06-10 12:19	303	--a------	C:\WINDOWS\ST6UNST.002
2008-06-10 12:03 . 2008-06-10 12:03	303	--a------	C:\WINDOWS\ST6UNST.001
2008-06-10 12:02 . 2008-06-10 14:01	4,236	--a------	C:\WINDOWS\SETUP.LST
2008-06-10 12:02 . 2008-06-10 12:02	303	--a------	C:\WINDOWS\ST6UNST.000
2008-06-10 11:51 . 2008-06-27 11:37	<REP>	d--------	C:\Program Files\Fichiers communs\Symantec Shared
2008-05-30 08:35 . 2008-05-30 08:35	<REP>	d--------	C:\Program Files\Filebikemeal

.
((((((((((((((((((((((((((((((((((   Compte-rendu de Find3M   ))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-06-27 20:36	---------	d-----w	C:\Program Files\AdVantage
2008-06-27 11:40	---------	d--h--w	C:\Program Files\InstallShield Installation Information
2008-06-27 09:35	---------	d-----w	C:\Documents and Settings\All Users\Application Data\Symantec
2008-06-27 09:22	---------	d-----w	C:\Program Files\Google
2008-06-25 14:23	---------	d-----w	C:\Documents and Settings\Alexandra_2\Application Data\LimeWire
2008-06-23 13:44	---------	d-----w	C:\Program Files\Fichiers communs\Adobe
2008-06-23 13:42	---------	d-----w	C:\Documents and Settings\Alexandra\Application Data\AdobeUM
2008-06-10 10:58	---------	d-----w	C:\Documents and Settings\Alexandra_2\Application Data\Filebikemeal
2008-06-10 10:53	---------	d-----w	C:\Documents and Settings\Alexandra\Application Data\Filebikemeal
2008-06-10 09:49	---------	d-----w	C:\Documents and Settings\Guillaume\Application Data\Symantec
2008-06-09 09:35	---------	d-----w	C:\Documents and Settings\Guillaume\Application Data\LimeWire
2008-06-09 09:32	---------	d-----w	C:\Program Files\LimeWire
2008-06-09 09:04	---------	d-----w	C:\Documents and Settings\Guillaume\Application Data\Apple Computer
2008-06-01 09:56	---------	d-----w	C:\Program Files\JL2005D
2008-06-01 09:55	---------	d-----w	C:\Program Files\PhoTags Express
2008-06-01 09:55	---------	d-----w	C:\Program Files\iConcepts Music Express
2008-05-12 12:55	---------	d-----w	C:\Program Files\MP3 Converter Simple
2008-05-12 11:53	---------	d-----w	C:\Documents and Settings\Guillaume\Application Data\AVS4YOU
2008-05-12 11:52	---------	d-----w	C:\Program Files\Fichiers communs\AVSMedia
2008-05-12 11:52	---------	d-----w	C:\Documents and Settings\All Users\Application Data\AVS4YOU
2008-05-12 11:51	---------	d-----w	C:\Program Files\AVS4YOU
2008-05-12 10:18	---------	d-----w	C:\Program Files\SpySweeper
2008-05-12 09:34	---------	d-----w	C:\Documents and Settings\Alexandra\Application Data\Webroot
2008-05-12 08:59	---------	d-----w	C:\Documents and Settings\Alexandra\Application Data\Spybot - Search & Destroy
2008-05-08 12:28	202,752	----a-w	C:\WINDOWS\system32\drivers\rmcast.sys
2008-05-08 12:28	202,752	------w	C:\WINDOWS\system32\DllCache\rmcast.sys
2008-05-07 05:15	1,293,824	----a-w	C:\WINDOWS\system32\quartz.dll
2008-05-07 05:15	1,293,824	------w	C:\WINDOWS\system32\DllCache\quartz.dll
2008-05-04 11:33	---------	d-----w	C:\Documents and Settings\Alexandra\Application Data\U3
2008-04-23 20:16	3,591,680	------w	C:\WINDOWS\system32\DllCache\mshtml.dll
2008-04-22 07:41	70,656	------w	C:\WINDOWS\system32\DllCache\ie4uinit.exe
2008-04-22 07:41	625,664	------w	C:\WINDOWS\system32\DllCache\iexplore.exe
2008-04-22 07:39	13,824	------w	C:\WINDOWS\system32\DllCache\ieudinit.exe
2008-04-20 05:07	161,792	------w	C:\WINDOWS\system32\DllCache\ieakui.dll
2007-05-20 16:47	0	---ha-w	C:\Documents and Settings\Administrateur\hpothb07.dat
2008-03-25 09:06	8	--sh--r	C:\WINDOWS\system32\EAD402730D.sys
2008-03-25 09:06	4,184	--sha-w	C:\WINDOWS\system32\KGyGaAvL.sys
.

(((((((((((((((((((((((((((((((((   Point de chargement Reg   )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
REGEDIT4
*Note* les ‚l‚ments vides & les ‚l‚ments initiaux l‚gitimes ne sont pas list‚s

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{56F1BF3D-4A29-4ACF-BA07-631D90F25FF2}]
2008-06-28 03:32	318720	--a------	C:\WINDOWS\system32\jkkKEwVm.dll

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{7FC6B132-EA18-4D69-86E0-423E7B940BDC}]
2008-06-27 13:55	28800	--a------	C:\WINDOWS\system32\mlJCVLbb.dll

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-04 02:54 15360]
"SpySweeper"="C:\Program Files\SpySweeper\SpySweeper.exe" [2004-09-13 09:21 3054592]
"Uniblue RegistryBooster 2"="C:\Program Files\Uniblue\RegistryBooster 2\RegistryBooster.exe" [2008-05-05 12:22 1923352]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"="C:\WINDOWS\system32\igfxtray.exe" [2005-04-05 14:22 94208]
"HotKeysCmds"="C:\WINDOWS\system32\hkcmd.exe" [2005-04-05 14:19 77824]
"Persistence"="C:\WINDOWS\system32\igfxpers.exe" [2005-04-05 14:23 114688]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe" [2008-02-22 04:25 144784]
"Sony Ericsson PC Suite"="C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe" [2005-10-26 16:17 159744]
"TkBellExe"="C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" [2007-08-10 17:28 180269]
"AVG8_TRAY"="C:\PROGRA~1\AVG\AVG8\avgtray.exe" [2008-06-27 21:20 1171712]

[hkey_local_machine\software\microsoft\windows\currentversion\explorer\shellexecutehooks]
"{7FC6B132-EA18-4D69-86E0-423E7B940BDC}"= C:\WINDOWS\system32\mlJCVLbb.dll [2008-06-27 13:55 28800]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\mlJCVLbb]
mlJCVLbb.dll 2008-06-27 13:55 28800 C:\WINDOWS\system32\mlJCVLbb.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=avgrsstx.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"vidc.3ivx"= 3ivxVfWCodec.dll
"vidc.3iv2"= 3ivxVfWCodec.dll
"msacm.divxa32"= divxa32.acm
"VIDC.HFYU"= huffyuv.dll
"VIDC.VP31"= vp31vfw.dll
"VIDC.ACDV"= ACDV.dll
"VIDC.JDCT"= jl_jdct.drv
"msvideo9"= SDVC03.drv

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Authentication Packages	REG_MULTI_SZ   	msv1_0 C:\WINDOWS\system32\jkkKEwVm

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Lancement rapide d'Adobe Reader.lnk]
path=C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\Lancement rapide d'Adobe Reader.lnk
backup=C:\WINDOWS\pss\Lancement rapide d'Adobe Reader.lnkCommon Startup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TkBellExe]
--a------ 2007-08-10 17:28 180269 C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\updateMgr]
-ra------ 2006-03-30 16:45 313472 C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe

[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusDisableNotify"=dword:00000001
"UpdatesDisableNotify"=dword:00000001
"AntiVirusOverride"=dword:00000001
"FirewallOverride"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"C:\\Program Files\\BitTornado\\btdownloadgui.exe"=
"C:\\Program Files\\AVG\\AVG8\\avgupd.exe"=
"C:\\Program Files\\AVG\\AVG8\\avgnsx.exe"=

R0 AvgRkx86;avgrkx86.sys;C:\WINDOWS\system32\Drivers\avgrkx86.sys [2008-06-27 21:20]
R1 AvgLdx86;AVG AVI Loader Driver x86;C:\WINDOWS\system32\Drivers\avgldx86.sys [2008-06-27 21:20]
R1 lnsfw1;lnsfw1;C:\WINDOWS\system32\drivers\lnsfw1.sys [2007-04-27 18:52]
R2 avg8wd;AVG8 WatchDog;C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe [2008-06-27 21:20]
R2 AvgTdiX;AVG8 Network Redirector;C:\WINDOWS\system32\Drivers\avgtdix.sys [2008-06-27 21:20]
S3 JL2005C;Dual Mode Camera;C:\WINDOWS\system32\Drivers\jl2005c.sys [2007-02-14 20:03]
S3 SDVC05;USB SDVC05;C:\WINDOWS\system32\Drivers\SDVC05.sys [2003-07-22 19:50]


[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{F8B9E5C0-4DCC-CFCF-ABA5-00401D608516}]
C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Outils d'administration\Recycle Bin\kdja.exe
.
Contenu du dossier 'Scheduled Tasks/Tƒches planifi‚es'
"2008-06-10 10:05:21 C:\WINDOWS\Tasks\AppleSoftwareUpdate.job"
- C:\Program Files\Apple Software Update\SoftwareUpdate.exe
"2007-05-16 07:31:46 C:\WINDOWS\Tasks\FRU Task #Hewlett-Packard#hp psc 1200 series#1179300671.job"
- C:\Program Files\Hewlett-Packard\Digital Imaging\Bin\hpqfrucl.exe4-I 
.
**************************************************************************

catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-06-28 03:32:44
Windows 5.1.2600 Service Pack 2 NTFS

Balayage processus cach‚s ...

Balayage cach‚ autostart entries ...

Balayage des fichiers cach‚s ...

Scan termin‚ avec succŠs
Les fichiers cach‚s: 0

**************************************************************************
.
--------------------- DLLs a charg‚ sous des processus courants ---------------------

PROCESS: C:\WINDOWS\system32\winlogon.exe
-> C:\WINDOWS\system32\mlJCVLbb.dll
.
------------------------ Other Running Processes ------------------------
.
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\system32\wdfmgr.exe
C:\PROGRA~1\AVG\AVG8\avgam.exe
C:\Program Files\AVG\AVG8\avgrsx.exe
C:\PROGRA~1\AVG\AVG8\avgnsx.exe
C:\WINDOWS\system32\WgaTray.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Fichiers communs\Teleca Shared\CapabilityManager.exe
C:\Program Files\iConcepts Music Express\MEAutoDetect.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpohmr08.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpoevm08.exe
C:\WINDOWS\system32\HPZipm12.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hposts08.exe
C:\Program Files\Fichiers communs\Teleca Shared\Generic.exe
C:\Program Files\Sony Ericsson\Mobile2\Mobile Phone Monitor\epmworker.exe
.
**************************************************************************
.
Temps d'accomplissement: 2008-06-28  3:42:17 - machine was rebooted
ComboFix-quarantined-files.txt  2008-06-28 01:42:08

Pre-Run: 19,240,423,424 octets libres
Post-Run: 20,061,360,128 octets libres

227	--- E O F ---	2008-06-20 09:44:38

MERCI énormément !

angelique · le 28 juin 2008

dans l'ordre stp::!!!!!!

1• desinstalle dans ajout\suppression de programmes , les logiciels ci dessous si present:

BitTornado

LimeWire

adaware

Lop S&D

• redesactive AVG comme precedemment pour executer le CFScript ci dessous

» ouvre ton bloc note[executer--notepad] et copies/colles le contenu du cadre ci dessous:

http://forum.zebulon.fr/qu-est-ce-que-c-est-kdjaexe-t145669.html
Collect::
C:\WINDOWS\system32\jkkKEwVm.dll
C:\WINDOWS\system32\mVwEKkkj.ini2
C:\WINDOWS\system32\mVwEKkkj.ini
C:\WINDOWS\system32\vtUnmLbX.dll
C:\WINDOWS\system32\ankcrfmc.dll
C:\WINDOWS\system32\mlJCVLbb.dll

File::
C:\Documents and Settings\Guillaume\Mes documents\Installation\Norton_Antivirus_2008_Crack_exe-Fenopy.com
C:\Documents and Settings\Guillaume\Mes documents\Installation\Norton_Antivirus_2008_Crack_exe-Fenopy.com.zip
C:\DOCUME~1\ALEXAN~1\APPLIC~1\.BitTornado
C:\DOCUME~1\GUILLA~1\APPLIC~1\.BitTornado

Folder::
C:\Program Files\Alwil Software
C:\DOCUME~1\ADMINI~1\APPLIC~1\Filebikemeal
C:\DOCUME~1\ADMINI~1\APPLIC~1\Symantec
C:\Documents and Settings\Alexandra\Application Data\Filebikemeal
C:\DOCUME~1\ALEXAN~1\APPLIC~1\Symantec
C:\Documents and Settings\Alexandra_2\Application Data\Filebikemeal
C:\DOCUME~1\ALEXAN~2\APPLIC~1\Symantec
C:\Documents and Settings\All Users\Application Data\Symantec
C:\DOCUME~1\DEFAUL~1\APPLIC~1\Symantec
C:\Documents and Settings\Guillaume\Application Data\Symantec
C:\Program Files\Filebikemeal
C:\Program Files\Fichiers communs\Symantec Shared
C:\Documents and Settings\Guillaume\Mes documents\Installation\NortonAntivirus2008
C:\Documents and Settings\Guillaume\Mes documents\Installation\RP confidentials CS3
C:\Documents and Settings\Guillaume\Mes documents\Installation\SpeedConnect 7.0
C:\Lop SD
C:\Program Files\Trend Micro
C:\Documents and Settings\Guillaume\Application Data\LimeWire
C:\Program Files\LimeWire
C:\Documents and Settings\Alexandra_2\Application Data\LimeWire
C:\DOCUME~1\ADMINI~1\APPLIC~1\LimeWire
C:\DOCUME~1\ADMINI~1\APPLIC~1\Lavasoft
C:\DOCUME~1\ALEXAN~1\APPLIC~1\LimeWire
C:\DOCUME~1\ALEXAN~2\APPLIC~1\LimeWire
C:\DOCUME~1\GUILLA~1\APPLIC~1\LimeWire
C:\Program Files\BitTornado
C:\Program Files\Lavasoft

Registry::
[-HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{56F1BF3D-4A29-4ACF-BA07-631D90F25FF2}]
[-HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{7FC6B132-EA18-4D69-86E0-423E7B940BDC}]
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\shellexecutehooks]
"{7FC6B132-EA18-4D69-86E0-423E7B940BDC}"=-
[-HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\mlJCVLbb]

[*]Va en haut de la page et clique sur le menu"Fichier" , une liste apparait=>

[*]Choisis "Enregistrer sous" et choisis "Bureau"

[*]Dans le champs "Nom du fichier" en bas de page donne le nom suivant:CFScript en fichier .txt

[*]Clique sur le bouton "Enregistrer" à droite du champs "nom du fichier"

[*]Quitte le Bloc Notes.

[*]Fait un glisser/déposer de ce fichier CFScript.txt sur le fichier ComboFix.exe comme sur la capture

* suis les instructions

* Patiente le temps du scan.Le bureau va disparaitre à plusieurs reprises: c'est normal!

Ne touche à rien tant que le scan n'est pas terminé.

* Une fois le scan achevé, un rapport va s'afficher: poste son contenu.

* Si le fichier n'apparait pas, il se trouve ici > C:\ComboFix.txt

» - Un fichier zippé sera créé sur ton bureau > [4]-Submit_Date_Time.zip

- Un autre fichier est ajouté à présent sur le bureau > CF-Submit.htm

Lorsque CF termine son travail, il affiche le rapport CF > si le fichier CF-Submit.htm est détecté, le message suivant va s'afficher >

*clique sur [OK], le navigateur va charger CF-Submit.htm comme ceci >

*copier/coller le chemin du fichier dans la boite et à cliquer sur [OK][send..] et rien d'autre!

angelique · le 29 juin 2008

Tu rencontres des soucis ?? ou le fait que je fasse supprimer BitTornado & LimeWire, 2 logs de merdes vecteurs de tes infections te pose un probleme?? tu ne pourras plus dl tes mp3 verolés certes, les cracks verolés de tes logiciels.

Guildevils · le 29 juin 2008

Tu es G É N I A L E !! Tout semble fonctionner à merveille !!

Et non sa ne me cause pas de probleme de supprimer ces "2 logs de merde vecteurs de mes infections" Nous sommes plusieurs à utiliser notre ordinateur, c'est donc une bonne raison de les supprimers !

Merci énormément pour ton aide et la clarté des démarche à suivre que tu m'a offert ! Ce fut très apprécié !!

angelique · le 30 juin 2008

c'est pas fini , il manque le dernier rapport ComboFix\CFScript que tu n'as pas posté.

Connexion

Pas encore inscrit ?

[Résolu] sujet de Guildevils

Messages recommandés

Guildevils

angelique

Guildevils

angelique

angelique

Guildevils

angelique

Rejoindre la conversation

En ligne récemment 0 membre est en ligne

Zebulon

Outils en ligne

Naviguer