Problème d'infection (virus) Fermé

Question

Bonjour,
Il se trouve que je suis infecté par un (ou des) virus depuis hier soir, et que je ne m'y connait pas du tout dans le domaine. J'ai essayé de passer l'antivirus, cleanup, spybot.. mais le problème perciste et je vient donc ici demander de l'aide ^^'

J'ai vu sur des posts précédants qu'il fallais en premier lieu donner un hijackthis pour que vous aillez une idée du problème, donc le voicis:

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 15:52:48, on 21/12/2009
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v8.00 (8.00.6001.18865)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32	askeng.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\HP\QuickPlay\QPService.exe
C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe
C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
C:\Program Files\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe
C:\Program Files\HP\HP Software Update\hpwuSchd2.exe
C:\Program Files\Logitech\Video\LogiTray.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Windows\System32undll32.exe
C:\Program Files\Common Files\Real\Update_OBealsched.exe
C:\Windows\System32undll32.exe
C:\Program Files\Alwil Software\Avast4\ashDisp.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Users\Bertrand\AppData\Roaming\Octoshape\Octoshape Streaming Services\OctoshapeClient.exe
C:\Windows\System32undll32.exe
C:\Program Files\OpenOffice.org 3\program\soffice.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files\OpenOffice.org 3\program\soffice.bin
C:\Users\Bertrand\Program Files\DNA\btdna.exe
C:\Program Files\Logitech\Video\FxSvr2.exe
C:\Program Files\Hewlett-Packard\Shared\HpqToaster.exe
F:\Nouveaux fichiers\Spybot - Search & Destroy\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Common Files\Real\Update_OB\RealOneMessageCenter.exe
C:\Program Files\Internet Explorer\iexplore.exe
F:\HiJackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://fr.yahoo.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.yahoo.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = 
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = 
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = 
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O1 - Hosts: 91.121.136.188 l2testauthd.lineage2.com
O1 - Hosts: 91.121.136.188 l2authd.lineage2.com
O1 - Hosts: 88.191.37.32 nProtect.lineage2.com
O1 - Hosts: 88.191.37.32 update.nProtect.com
O1 - Hosts: 88.191.37.32 update.nProtect.net
O1 - Hosts: ;Tag&rename
O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - F:\Nouveaux fichiers\Spybot - Search & Destroy\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: C:\Windows\system32\vwhkvzj3gz.dll - {A5BF49A2-94F1-42BD-F434-3604812C807D} - C:\Windows\system32\vwhkvzj3gz.dll (file missing)
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [QPService] "C:\Program Files\HP\QuickPlay\QPService.exe"
O4 - HKLM\..\Run: [QlbCtrl] %ProgramFiles%\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start
O4 - HKLM\..\Run: [HP Health Check Scheduler] C:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe
O4 - HKLM\..\Run: [hpWirelessAssistant] %ProgramFiles%\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
O4 - HKLM\..\Run: [WAWifiMessage] %ProgramFiles%\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [Install5G] E:\Install.exe /SI=30
O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe 
O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OBealsched.exe"  -osboot
O4 - HKLM\..\Run: [notepad] rundll32.exe C:\Windows\system32
otepad.dll,_IWMPEvents@0
O4 - HKLM\..\Run: [Regedit32] C:\Windows\system32egedit.exe
O4 - HKLM\..\Run: [Calc32] c:\ivas.exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\RunOnce: [Launcher] %WINDIR%\SMINST\launcher.exe
O4 - HKCU\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [Steam] "f:
ouveaux fichiers\valve\steam\steam.exe" -silent
O4 - HKCU\..\Run: [LogitechSoftwareUpdate] "C:\Program Files\Logitech\Video\ManifestEngine.exe" boot
O4 - HKCU\..\Run: [BitTorrent DNA] "C:\Users\Bertrand\Program Files\DNA\btdna.exe"
O4 - HKCU\..\Run: [SpybotSD TeaTimer] F:\Nouveaux fichiers\Spybot - Search & Destroy\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKCU\..\Run: [Octoshape Streaming Services] "C:\Users\Bertrand\AppData\Roaming\Octoshape\Octoshape Streaming Services\OctoshapeClient.exe" -inv:bootrun
O4 - HKCU\..\Run: [ygua8e7yhuiesfha876yfauy8fe] C:\Users\Bertrand\AppData\Local\Temp\z7yviui83.exe
O4 - HKCU\..\Run: [LosAlamos] rundll32.exe C:\Windows\system32\sshnas.dll,AddAtomAW
O4 - HKCU\..\Run: [J8RPLTROBQ] C:\Users\Bertrand\AppData\Local\Temp\l.exe
O4 - HKUS\S-1-5-18\..\Run: [cbssreg] C:\Windows\TEMP\yxrn.tmp\svchost.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [cbssreg] C:\Windows\TEMP\yxrn.tmp\svchost.exe (User 'Default user')
O4 - Startup: OpenOffice.org 3.0.lnk = C:\Program Files\OpenOffice.org 3\program\quickstart.exe
O4 - Global Startup: Adobe Reader Synchronizer.lnk = C:\Program Files\Adobe\Reader 8.0\Reader\AdobeCollabSync.exe
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Reader 8.0\Readereader_sl.exe
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\Windows\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\Windows\bdoscandel.exe
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - F:\Nouveaux fichiers\Spybot - Search & Destroy\Spybot - Search & Destroy\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - F:\Nouveaux fichiers\Spybot - Search & Destroy\Spybot - Search & Destroy\SDHelper.dll
O13 - Gopher Prefix: 
O16 - DPF: {215B8138-A3CF-44C5-803F-8226143CFC0A} (Trend Micro ActiveX Scan Agent 6.6) - http://ushousecall02.trendmicro.com/...
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.zebulon.fr/scan8/oscan8.cab
O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} (DivXBrowserPlugin Object) - http://download.divx.com/player/DivXBrowserPlugin.cab
O16 - DPF: {6F15128C-E66A-490C-B848-5000B5ABEEAC} (HP Download Manager) - https://h20436.www2.hp.com/ediags/dex/secure/HPDEXAXO.cab
O16 - DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} (Facebook Photo Uploader 5 Control) - http://upload.facebook.com/controls/2009.07.28_v5.5.8.1/FacebookPhotoUploader55.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O18 - Filter: x-sdch - {B1759355-3EEC-4C1E-B0F1-B719FE26E377} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll
O22 - SharedTaskScheduler: ujhsf879fiosdfhgs98fudifmnddfdfd - {A5BF49A2-94F1-42BD-F434-3604812C807D} - C:\Windows\system32\vwhkvzj3gz.dll (file missing)
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: CyberLink Background Capture Service (CBCS) (CLCapSvc) - Unknown owner - C:\Program Files\HP\QuickPlay\Kernel\TV\CLCapSvc.exe
O23 - Service: CyberLink Task Scheduler (CTS) (CLSched) - Unknown owner - C:\Program Files\HP\QuickPlay\Kernel\TV\CLSched.exe
O23 - Service: Com4Qlb - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4Qlb.exe
O23 - Service: Service Google Update (gupdate1c9f66b4b2e33d) (gupdate1c9f66b4b2e33d) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: HP Health Check Service - Hewlett-Packard - C:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe
O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: nProtect GameGuard Service (npggsvc) - Unknown owner - C:\Windows\system32\GameMon.des.exe (file missing)
O23 - Service: RoxMediaDB9 - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe
O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - F:\Nouveaux fichiers\Spybot - Search & Destroy\Spybot - Search & Destroy\SDWinSec.exe
O23 - Service: Steam Client Service - Unknown owner - C:\Program Files\Common Files\Steam\SteamService.exe (file missing)
O23 - Service: stllssvr - MicroVision Development, Inc. - C:\Program Files\Common Files\SureThing Shared\stllssvr.exe
O23 - Service: @%SystemRoot%\System32\TuneUpDefragService.exe,-1 (TuneUp.Defrag) - TuneUp Software - C:\Windows\System32\TuneUpDefragService.exe
O23 - Service: @%SystemRoot%\System32\TUProgSt.exe,-1 (TuneUp.ProgramStatisticsSvc) - TuneUp Software - C:\Windows\System32\TUProgSt.exe
O23 - Service: wampapache - Unknown owner - F:\Nouveaux fichiers\projet server rose\wamp\bin\apache\apache2.2.8\bin\httpd.exe (file missing)
O23 - Service: wampmysqld - Unknown owner - F:\Nouveaux fichiers\projet server rose\wamp\bin\mysql\mysql5.0.51b\bin\mysqld-nt.exe (file missing)
O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe

hi-wave · Answer

telecharge le avast 4.8 sur http://commetçamarche.net/telecharger et apres installation lance une mise a jour et refais un scan de ton pc. puis observe le resultat

sherred · Answer

tu es infecte
commence par ca
télécharge Malwarebyte's ici http://www.malwarebytes.org/mbam/program/mbam-setup.exe
le programme va se mettre automatiquement a jour. 
S'il manque le fichier COMCTL32.OCX, vous pourrez le télécharger ici 
https://www.malekal.com/tutorial-aboutbuster/ 
Une fois a jour, le programme va se lancer; click sur l´onglet paramètre, et coche la case : "Arrêter internet explorer pendant la suppression". 

Click maintenant sur l´onglet recherche et coche la case : "executer un examen rapide". 

Puis click sur "rechercher". 

Laisse le scanner le pc... 

Si des éléments on été trouvés > click sur supprimer la sélection. 

si il t´es demandé de redémarrer > click sur "yes". 

A la fin un rapport va s´ouvrir; sauvegarde le de manière a le retrouver en vu de le poster sur le forum. 

Copie et colle le rapport stp.

diurnambule59 · Answer

telecharge le avst??? au bin oui c'est ca telecharge le avst, dans un an tu auras une centaine de virus dans ton PC. avst est depassé maintenant, le meilleur antivirus gratuit est avira antivir

pour ceux qui veulent me repondre pas du tout j'ai avast est pas de virus, desinstaler le, instaler avira et faites un scan aprés on en reparl, (car mon bof ma dit sa aprés cette manip je lui ai trouver 126 virus)

diurnambule59 · Answer

je te parle d'un temps.. (non je ne chanterais pas) 

les mise a jours avast sont penibles et incompletes , celle de avira automatique et complete! 

ps: je ne pense pas etre ton pote

diurnambule59 · Answer

et puis si tu sais lire, et visiblement ce n'est pas le cas, je precise bien pour ceux qui en doutes faite le test, on en reparle aprés

sherred · Answer

de koi on parle là ?
il a deja avast,  non ?
alors ,  pour le moment , on desinfecte .  et ensuite on conseil , un meilleur antivirus s'il le faut ...
merci de ne pas pollué ce post 
bon noël

bbe# · Answer

Merci à hi-wave et à sherred pour votre réponse.

hi-wave : ce que tu m'a proposé là est la première chose que j'ai essayé... mais sans succès, merci quand même.

sherred : Voicis le rapport :

Malwarebytes' Anti-Malware 1.42
Version de la base de données: 3424
Windows 6.0.6002 Service Pack 2
Internet Explorer 8.0.6001.18865

21/12/2009 16:21:22
mbam-log-2009-12-21 (16-21-22).txt

Type de recherche: Examen rapide
Eléments examinés: 99359
Temps écoulé: 5 minute(s), 48 second(s)

Processus mémoire infecté(s): 1
Module(s) mémoire infecté(s): 2
Clé(s) du Registre infectée(s): 6
Valeur(s) du Registre infectée(s): 6
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 0
Fichier(s) infecté(s): 14

Processus mémoire infecté(s):
C:\Windows\msb.exe (Trojan.Agent) -> Unloaded process successfully.

Module(s) mémoire infecté(s):
C:\Windows\System32
otepad.dll (Trojan.Agent) -> Delete on reboot.
C:\Windows\System32\sshnas.dll (Trojan.FakeAlert) -> Delete on reboot.

Clé(s) du Registre infectée(s):
HKEY_CLASSES_ROOT\CLSID\{a5bf49a2-94f1-42bd-f434-3604812c807d} (Trojan.Downloader) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{a5bf49a2-94f1-42bd-f434-3604812c807d} (Trojan.Downloader) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{a5bf49a2-94f1-42bd-f434-3604812c807d} (Trojan.Downloader) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\XML (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall
et (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Handle (Malware.Trace) -> Quarantined and deleted successfully.

Valeur(s) du Registre infectée(s):
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
otepad (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler\{a5bf49a2-94f1-42bd-f434-3604812c807d} (Trojan.Downloader) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\winid (Malware.Trace) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\losalamos (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Runegedit32 (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\ygua8e7yhuiesfha876yfauy8fe (Trojan.Downloader) -> Quarantined and deleted successfully.

Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)

Dossier(s) infecté(s):
(Aucun élément nuisible détecté)

Fichier(s) infecté(s):
C:\Windows\System32
otepad.dll (Trojan.Agent) -> Delete on reboot.
C:\RECYCLER\S-1-5-21-1474966976-0321283598-068655169-0669\wnzip32.exe (Worm.Autorun.B) -> Quarantined and deleted successfully.
C:\RECYCLER\S-1-5-21-5511743315-7190338561-895476551-6142\wnzip32.exe (Worm.Autorun.B) -> Quarantined and deleted successfully.
C:\Users\Bertrand\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\scandisk.dll (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Windows\System32\config\SystemProfile
tload.dll (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Users\Bertrand\AppData\Local\Temp\739.exe (Trojan.Dropper) -> Quarantined and deleted successfully.
C:\Users\Bertrand
tload.dll (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Windows\Tasks\{66BA574B-1E11-49b8-909C-8CC9E0E8E015}.job (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\Users\Bertrand\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\scandisk.lnk (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\Users\Bertrand\AppData\Local\Temp
srbgxod.bak (Trojan.Agent) -> Delete on reboot.
C:\Windows\msa.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Windows\msb.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Windows\Tasks\{35DC3473-A719-4d14-B7C1-FD326CA84A0C}.job (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\Windows\System32\sshnas.dll (Trojan.FakeAlert) -> Delete on reboot.

(J'ai pu constater que le problème persistait au redémarage de mon pc)

sherred · Answer

voila qui est beaucoup mieu non ?

comment ce comporte ton pc ?
refait un HijackThis, pour controle

bbe# · Answer

Mon pc a mit beaucoup de temps à se metre en place après que j'ai rentré le mot de pass de ma session (assez pour que j'aille voir dans le gestionnaire des taches si explorer.exe était actif ou non) mais a finit par se lancer correctement par lui même.
Avast m'a détecté un virus,
Bien que moins, j'ai toujours des applications qui ont été stopées toutes seules sans expliquations(seulement au démarage), je peut tout de même aller sur internet et naviger plus facilement que tout à l'heure(mon explorer.exe ne redémare plus toutes les 5 secondes)..

hitjackthis:

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 16:43:22, on 21/12/2009
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v8.00 (8.00.6001.18865)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32	askeng.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\HP\QuickPlay\QPService.exe
C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe
C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
C:\Program Files\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe
C:\Program Files\HP\HP Software Update\hpwuSchd2.exe
C:\Program Files\Logitech\Video\LogiTray.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Windows\System32undll32.exe
C:\Program Files\Common Files\Real\Update_OBealsched.exe
C:\Program Files\Alwil Software\Avast4\ashDisp.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Users\Bertrand\Program Files\DNA\btdna.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Users\Bertrand\AppData\Roaming\Octoshape\Octoshape Streaming Services\OctoshapeClient.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files\OpenOffice.org 3\program\soffice.exe
C:\Program Files\Hewlett-Packard\Shared\HpqToaster.exe
C:\Program Files\OpenOffice.org 3\program\soffice.bin
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Logitech\Video\FxSvr2.exe
F:\HiJackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://fr.yahoo.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://fr.yahoo.com/
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = 
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = 
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = 
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O1 - Hosts: 91.121.136.188 l2testauthd.lineage2.com
O1 - Hosts: 91.121.136.188 l2authd.lineage2.com
O1 - Hosts: 88.191.37.32 nProtect.lineage2.com
O1 - Hosts: 88.191.37.32 update.nProtect.com
O1 - Hosts: 88.191.37.32 update.nProtect.net
O1 - Hosts: ;Tag&rename
O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - F:\Nouveaux fichiers\Spybot - Search & Destroy\Spybot - Search & Destroy\SDHelper.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [QPService] "C:\Program Files\HP\QuickPlay\QPService.exe"
O4 - HKLM\..\Run: [QlbCtrl] %ProgramFiles%\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start
O4 - HKLM\..\Run: [HP Health Check Scheduler] C:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe
O4 - HKLM\..\Run: [hpWirelessAssistant] %ProgramFiles%\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
O4 - HKLM\..\Run: [WAWifiMessage] %ProgramFiles%\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [Install5G] E:\Install.exe /SI=30
O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe 
O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OBealsched.exe"  -osboot
O4 - HKLM\..\Run: [Calc32] c:\ivas.exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [Malwarebytes Anti-Malware (reboot)] "C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscript
O4 - HKLM\..\RunOnce: [Launcher] %WINDIR%\SMINST\launcher.exe
O4 - HKCU\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [Steam] "f:
ouveaux fichiers\valve\steam\steam.exe" -silent
O4 - HKCU\..\Run: [LogitechSoftwareUpdate] "C:\Program Files\Logitech\Video\ManifestEngine.exe" boot
O4 - HKCU\..\Run: [BitTorrent DNA] "C:\Users\Bertrand\Program Files\DNA\btdna.exe"
O4 - HKCU\..\Run: [SpybotSD TeaTimer] F:\Nouveaux fichiers\Spybot - Search & Destroy\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKCU\..\Run: [Octoshape Streaming Services] "C:\Users\Bertrand\AppData\Roaming\Octoshape\Octoshape Streaming Services\OctoshapeClient.exe" -inv:bootrun
O4 - HKCU\..\Run: [J8RPLTROBQ] C:\Users\Bertrand\AppData\Local\Temp\l.exe
O4 - HKCU\..\Run: [notepad] rundll32.exe C:\Users\Bertrand
tload.dll,_IWMPEvents@0
O4 - HKUS\S-1-5-18\..\Run: [cbssreg] C:\Windows\TEMP\yxrn.tmp\svchost.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [cbssreg] C:\Windows\TEMP\yxrn.tmp\svchost.exe (User 'Default user')
O4 - Startup: OpenOffice.org 3.0.lnk = C:\Program Files\OpenOffice.org 3\program\quickstart.exe
O4 - Global Startup: Adobe Reader Synchronizer.lnk = C:\Program Files\Adobe\Reader 8.0\Reader\AdobeCollabSync.exe
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Reader 8.0\Readereader_sl.exe
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\Windows\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\Windows\bdoscandel.exe
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - F:\Nouveaux fichiers\Spybot - Search & Destroy\Spybot - Search & Destroy\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - F:\Nouveaux fichiers\Spybot - Search & Destroy\Spybot - Search & Destroy\SDHelper.dll
O13 - Gopher Prefix: 
O16 - DPF: {215B8138-A3CF-44C5-803F-8226143CFC0A} (Trend Micro ActiveX Scan Agent 6.6) - http://ushousecall02.trendmicro.com/housecall/applet/html/native/x86/win32/activex/hcImpl.cab
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.zebulon.fr/scan8/oscan8.cab
O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} (DivXBrowserPlugin Object) - http://download.divx.com/player/DivXBrowserPlugin.cab
O16 - DPF: {6F15128C-E66A-490C-B848-5000B5ABEEAC} (HP Download Manager) - https://h20436.www2.hp.com/ediags/dex/secure/HPDEXAXO.cab
O16 - DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} (Facebook Photo Uploader 5 Control) - http://upload.facebook.com/controls/2009.07.28_v5.5.8.1/FacebookPhotoUploader55.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O18 - Filter: x-sdch - {B1759355-3EEC-4C1E-B0F1-B719FE26E377} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: CyberLink Background Capture Service (CBCS) (CLCapSvc) - Unknown owner - C:\Program Files\HP\QuickPlay\Kernel\TV\CLCapSvc.exe
O23 - Service: CyberLink Task Scheduler (CTS) (CLSched) - Unknown owner - C:\Program Files\HP\QuickPlay\Kernel\TV\CLSched.exe
O23 - Service: Com4Qlb - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4Qlb.exe
O23 - Service: Service Google Update (gupdate1c9f66b4b2e33d) (gupdate1c9f66b4b2e33d) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: HP Health Check Service - Hewlett-Packard - C:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe
O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: nProtect GameGuard Service (npggsvc) - Unknown owner - C:\Windows\system32\GameMon.des.exe (file missing)
O23 - Service: RoxMediaDB9 - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe
O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - F:\Nouveaux fichiers\Spybot - Search & Destroy\Spybot - Search & Destroy\SDWinSec.exe
O23 - Service: Steam Client Service - Unknown owner - C:\Program Files\Common Files\Steam\SteamService.exe (file missing)
O23 - Service: stllssvr - MicroVision Development, Inc. - C:\Program Files\Common Files\SureThing Shared\stllssvr.exe
O23 - Service: @%SystemRoot%\System32\TuneUpDefragService.exe,-1 (TuneUp.Defrag) - TuneUp Software - C:\Windows\System32\TuneUpDefragService.exe
O23 - Service: @%SystemRoot%\System32\TUProgSt.exe,-1 (TuneUp.ProgramStatisticsSvc) - TuneUp Software - C:\Windows\System32\TUProgSt.exe
O23 - Service: wampapache - Unknown owner - F:\Nouveaux fichiers\projet server rose\wamp\bin\apache\apache2.2.8\bin\httpd.exe (file missing)
O23 - Service: wampmysqld - Unknown owner - F:\Nouveaux fichiers\projet server rose\wamp\bin\mysql\mysql5.0.51b\bin\mysqld-nt.exe (file missing)
O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe

sherred · Answer

Télécharge HostsXpert sur ton Bureau : 
http://www.funkytoad.com/download/HostsXpert.zip 

Décompresse-le (Clic droit >> Extraire ici) 

Double-clique sur HostsXpert pour le lancer 

clique sur le bouton "Restore MS Hosts File" puis ferme le programme 

/!\ Avant de cliquer sur le bouton "Restore MS Hosts File", vérifie que le cadenas en haut à gauche est ouvert sinon tu vas avoir un message d'erreur /!\.
.......................

télécharge GenProc http://www.genproc.com/GenProc.exe 

double-clique sur GenProc.exe et poste le contenu du rapport 

---------

je reviens demain

bbe# · Answer

à demain,

bbe# · Answer

Bon noël !

bbe# · Answer

Voici le rapport, merci pour ton aide :

Rapport GenProc 2.660 [3] - 21/12/2009 à 17:14:04
@ Windows VISTA Service Pack 2 - Hewlett-Packard - Mode normal
@ Mozilla Firefox 3.0.15 (fr) [Navigateur par défaut]

GenProc n'a détecté aucune infection caractéristique et suggère de suivre la procédure suivante : 


Poste un rapport Nod32 https://www.eset.com/ (il faut utiliser Internet Explorer)
- coche toutes les cases à chaque fois, et lorsque c'est terminé, colle le rapport :  
C:\Program Files\EsetOnlineScanner\log.txt



~~~~ INFORMATION COMPLEMENTAIRE ~~~~

 
Rapport de ZHPDiag v1.24.39 par Nicolas Coolman
Run by Bertrand at 21/12/2009 17:15:40
Web site :  http://www.premiumorange.com/zeb-help-process/zhpdiag.html
Platform : Windows Vista (TM) Home Premium (6.0.6002) Service Pack 2
MSIE: Internet Explorer v8.0.6001.18865
MFIE: Mozilla Firefox (3.0.15)

Boot mode: Normal (Normal boot)
Total RAM: 2046 MB (48% free)
System drive C: has 43 GB (30%) free of 141 GB

---\ 
[MD5.0D392EDE3B97E0B3131B2F63EF1DB94E] - C:\Program Files\Windows Defender\MSASCui.exe
[MD5.450497C656D16B45EE9D121D64D3289F] - C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
[MD5.041AF1711BF3D6BFF12FD9D28F0AC303] - C:\Program Files\HP\QuickPlay\QPService.exe
[MD5.A04BE1DBBA0E554B2F33555CCBA5F969] - C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe
[MD5.06B28C3CFD5C995B82F5EF1E5A0A576C] - C:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe
[MD5.AF849798ECA383184C88ED436CF3EFB2] - C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
[MD5.F533507FE318B46629E84DF630A316F8] - C:\Program Files\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe
[MD5.821F73B833C4DAEBC33C1A9A4B16BB5A] - C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe
[MD5.B5652E4B805E404A0D5D8177B401802A] - C:\Program Files\Logitech\Video\ISStart.exe
[MD5.FE6E15CC578C3278755CDDFF70C2787D] - C:\Program Files\Logitech\Video\LogiTray.exe
[MD5.A2D390F1F2408B94EF34BFE3A00C29D3] - C:\Program Files\Java\jre6\bin\jusched.exe
[MD5.29BE51557A3E686B297BE273EB17CA67] - C:\Program Files\Common Files\Real\Update_OBealsched.exe
[MD5.0A7E9FDF3BF1980CA09FEEAC7F52EFBC] - C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
[MD5.E75105DF25DA39DCAC3EBB6D1C2AB79C] - C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe
[MD5.50ECAA360582260ACC5E1495CC34A22E] - C:\Windows\SMINST\launcher.exe
[MD5.423C24B558D69AC9B6C53C41F65B0B91] - C:\Program Files\Logitech\Video\ManifestEngine.exe
[MD5.AFA1F8CC076AB0462512A78473D86D53] - C:\Users\Bertrand\Program Files\DNA\btdna.exe
[MD5.896A1DB9A972AD2339C2E8569EC926D1] - F:\Nouveaux fichiers\Spybot - Search & Destroy\Spybot - Search & Destroy\TeaTimer.exe
[MD5.5D61BE7DB55B026A5D61A3EED09D0EAD] - C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
[MD5.35937EAD711207544E219C2A19A78A7D] - C:\Program Files\Windows Media Player\WMPNSCFG.exe
[MD5.C4EFFE930649C758E208BDED65B408CB] - C:\Users\Bertrand\AppData\Roaming\Octoshape\Octoshape Streaming Services\OctoshapeClient.exe
[MD5.0BAF8F1D34A77E34726113671AAAD076] - C:\Windows\TEMP\yxrn.tmp\svchost.exe
[MD5.9E35FF7F943AE0FB89192BFE058B7FD4] - C:\Program Files\Windows Sidebar\Sidebar.exe
[MD5.3794B461C45882E06856F282EEF025AF] - C:\Windows\system32\svchost.exe
[MD5.5DEBC3519D489411073FA7E56FFB4A93] - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
[MD5.0AAF6B848185899CF76AE04E62EAB3D2] - C:\Program Files\Alwil Software\Avast4\ashServ.exe
[MD5.DBAFC6734C054FEEF9087754BD80F847] - C:\Program Files\HP\QuickPlay\Kernel\TV\CLCapSvc.exe
[MD5.E67F8F036FD882E4AB62501C0D45B536] - C:\Program Files\HP\QuickPlay\Kernel\TV\CLSched.exe
[MD5.626A24ED1228580B9518C01930936DF9] - C:\Program Files\Google\Update\GoogleUpdate.exe
[MD5.2CEEB349216FEBD91A907013D4ABCFF7] - C:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe
[MD5.04C1DCBB226C6AE647B794833CE3CEB6] - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
[MD5.559C9B7800FAC92FC515CD0003D7C631] - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
[MD5.3978F3540329E16C0AC3BCF677E5669F] - C:\Windows\system32\lsass.exe
[MD5.794D4B48DFB6E999537C7C3947863463] - F:\Nouveaux fichiers\Spybot - Search & Destroy\Spybot - Search & Destroy\SDWinSec.exe
[MD5.271077B91D7AD1B616F8AFDFE8E3F981] - C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
[MD5.862BB4CBC05D80C5B45BE430E5EF872F] - C:\Windows\system32\SLsvc.exe
[MD5.524BFBEA40E6E404737CCBC754647A2E] - C:\Windows\System32\spoolsv.exe
[MD5.35B8C5D1958700A4E70C9B94AAE8CFAF] - C:\Windows\System32\TUProgSt.exe
[MD5.3978704576A121A9204F8CC49A301A9B] - C:\Program Files\Windows Media Player\wmpnetwk.exe
[MD5.AED0DFF80C6B3914769407E78D7AB21A] - C:\Windows\system32\SearchIndexer.exe
[MD5.15A317674A08DF26BE65164D959E9203] - C:\Windows\system32\DRIVERS\xaudio.exe

---\ 
M1 - SPR:Search Page Redirection - C:\Program Files\Mozilla FireFox\extensions	alkback@mozilla.org

---\ 
F2 - REG:system.ini: UserInit=C:\Windows\system32\userinit.exe,
F2 - REG:system.ini: Shell=explorer.exe

---\ 
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://fr.yahoo.com/

---\ 
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF

---\ 
R3 - URLSearchHook: Microsoft Url Search Hook - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\Windows\system32\ieframe.dll
R3 - URLSearchHook: Microsoft Url Search Hook - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll

---\ 
O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - F:\Nouveaux fichiers\Spybot - Search & Destroy\Spybot - Search & Destroy\SDHelper.dll

---\ 
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll

---\ 
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [QPService] C:\Program Files\HP\QuickPlay\QPService.exe
O4 - HKLM\..\Run: [QlbCtrl] %ProgramFiles%\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start
O4 - HKLM\..\Run: [HP Health Check Scheduler] C:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe
O4 - HKLM\..\Run: [hpWirelessAssistant] %ProgramFiles%\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
O4 - HKLM\..\Run: [WAWifiMessage] %ProgramFiles%\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [Install5G] E:\Install.exe /SI=30
O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe 
O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre6\bin\jusched.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [TkBellExe] C:\Program Files\Common Files\Real\Update_OBealsched.exe"  -osboot
O4 - HKLM\..\Run: [Calc32] c:\ivas.exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [Malwarebytes Anti-Malware (reboot)] C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscript
O4 - HKLM\..\RunOnce: [Launcher] %WINDIR%\SMINST\launcher.exe
O4 - HKCU\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter
O4 - HKCU\..\Run: [msnmsgr] C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [Steam] f:
ouveaux fichiers\valve\steam\steam.exe" -silent
O4 - HKCU\..\Run: [LogitechSoftwareUpdate] C:\Program Files\Logitech\Video\ManifestEngine.exe" boot
O4 - HKCU\..\Run: [BitTorrent DNA] C:\Users\Bertrand\Program Files\DNA\btdna.exe
O4 - HKCU\..\Run: [SpybotSD TeaTimer] F:\Nouveaux fichiers\Spybot - Search & Destroy\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKCU\..\Run: [Octoshape Streaming Services] C:\Users\Bertrand\AppData\Roaming\Octoshape\Octoshape Streaming Services\OctoshapeClient.exe" -inv:bootrun
O4 - HKCU\..\Run: [J8RPLTROBQ] C:\Users\Bertrand\AppData\Local\Temp\l.exe
O4 - HKCU\..\Run: [notepad] rundll32.exe C:\Users\Bertrand
tload.dll,_IWMPEvents@0
O4 - HKLM\..\policies\Explorer: [BindDirectlyToPropertySetStorage] Data=0
O4 - HKUS\S-1-5-18\..\Run: [cbssreg] C:\Windows\TEMP\yxrn.tmp\svchost.exe
O4 - HKUS\S-1-5-18\..\Run: [cbssreg] C:\Windows\TEMP\yxrn.tmp\svchost.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem
O4 - HKUS\S-1-5-20\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter
O4 - Global Startup: Adobe Reader Synchronizer.lnk - C:\Program Files\Adobe\Reader 8.0\Reader\AdobeCollabSync.exe
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk - C:\Program Files\Adobe\Reader 8.0\Readereader_sl.exe
O4 - Global Startup: OpenOffice.org 3.0.lnk - C:\Program Files\OpenOffice.org 3\program\quickstart.exe

---\ 
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000

---\ 
O9 - Extra button: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll,201
O9 - Extra button: &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll,103
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFBARH.ICO

---\ 
O10 - WLSP:\000000000001\Winsock LSP File - C:\Windows\system32\NLAapi.dll
O10 - WLSP:\000000000002\Winsock LSP File - C:\Windows\system32
apinsp.dll
O10 - WLSP:\000000000003\Winsock LSP File - C:\Windows\system32\pnrpnsp.dll
O10 - WLSP:\000000000004\Winsock LSP File - C:\Windows\system32\pnrpnsp.dll
O10 - WLSP:\000000000005\Winsock LSP File - C:\Windows\system32\mswsock.dll
O10 - WLSP:\000000000006\Winsock LSP File - C:\Windows\system32\winrnr.dll

---\ 
O16 - DPF: {215B8138-A3CF-44C5-803F-8226143CFC0A} (Trend Micro ActiveX Scan Agent 6.6) - http://ushousecall02.trendmicro.com/housecall/applet/html/native/x86/win32/activex/hcImpl.cab
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.zebulon.fr/scan8/oscan8.cab
O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} (DivXBrowserPlugin Object) - http://download.divx.com/player/DivXBrowserPlugin.cab
O16 - DPF: {6F15128C-E66A-490C-B848-5000B5ABEEAC} (HP Download Manager) - https://h20436.www2.hp.com/ediags/dex/secure/HPDEXAXO.cab
O16 - DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} (Facebook Photo Uploader 5 Control) - http://upload.facebook.com/controls/2009.07.28_v5.5.8.1/FacebookPhotoUploader55.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab

---\ 
O18 - Handler: cdl - {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\Windows\system32\urlmon.dll
O18 - Handler: dvd - {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\Windows\System32\msvidctl.dll
O18 - Handler: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL
O18 - Handler: mhtml - {05300401-BCBC-11d0-85E3-00C04FD85AB4} - C:\Windows\system32\inetcomm.dll
O18 - Handler: ms-help - {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll
O18 - Handler: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Common Files\Microsoft Shared\Information Retrieval\msitss.dll
O18 - Handler: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL
O18 - Handler: tv - {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\Windows\System32\msvidctl.dll
O18 - Handler: wlmailhtml - {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Program Files\Windows Live\Mail\mailcomm.dll
O18 - Filter: text/xml - {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL
O18 - Filter: x-sdch - {B1759355-3EEC-4C1E-B0F1-B719FE26E377} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll

---\ 
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - C:\Windows\System32\webcheck.dll

---\ 
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - %SystemRoot%\system32\browseui.dll

---\ 
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus (avast! Antivirus) - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: CyberLink Background Capture Service (CBCS) (CLCapSvc) - C:\Program Files\HP\QuickPlay\Kernel\TV\CLCapSvc.exe
O23 - Service: CyberLink Task Scheduler (CTS) (CLSched) - C:\Program Files\HP\QuickPlay\Kernel\TV\CLSched.exe
O23 - Service: Service Google Update (gupdate1c9f66b4b2e33d) (gupdate1c9f66b4b2e33d) - C:\Program Files\Google\Update\GoogleUpdate.exe" /svc
O23 - Service: HP Health Check Service (HP Health Check Service) - C:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe
O23 - Service: hpqwmiex (hpqwmiex) - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: SBSD Security Center Service (SBSDWSCService) - F:\Nouveaux fichiers\Spybot - Search & Destroy\Spybot - Search & Destroy\SDWinSec.exe
O23 - Service: SeaPort (SeaPort) - C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
O23 - Service: @%SystemRoot%\system32\SLsvc.exe,-101 (slsvc) - C:\Windows\system32\SLsvc.exe
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - C:\Windows\System32\spoolsv.exe
O23 - Service: @%SystemRoot%\System32\TUProgSt.exe,-1 (TuneUp.ProgramStatisticsSvc) - C:\Windows\System32\TUProgSt.exe
O23 - Service: @%ProgramFiles%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - C:\Program Files\Windows Media Player\wmpnetwk.exe
O23 - Service: @%systemroot%\system32\SearchIndexer.exe,-103 (WSearch) - C:\Windows\system32\SearchIndexer.exe /Embedding
O23 - Service: XAudioService (XAudioService) - C:\Windows\system32\DRIVERS\xaudio.exe

---\ 
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\Maintenance en 1 clic.job
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\User_Feed_Synchronization-{9AE8AC42-3BAC-415C-B4E7-55613CE68B10}.job

---\ 
O41 - Driver: Ancilliary Function Driver for Winsock (AFD) - C:\Windows\system32\drivers\afd.sys
O41 - Driver: Pilote de CD-ROM (cdrom) - C:\WINDOWS\system32\DRIVERS\cdrom.sys
O41 - Driver: @%systemroot%\system32\drivers\dfsc.sys,-101 (DfsC) - C:\WINDOWS\System32\Drivers\dfsc.sys
O41 - Driver: (no object) (eabfiltr) - C:\WINDOWS\system32\DRIVERS\eabfiltr.sys
O41 - Driver: Pilote pour clavier i8042 et souris sur port PS/2 (i8042prt) - C:\WINDOWS\system32\DRIVERS\i8042prt.sys
O41 - Driver: Pilote de la classe Clavier (kbdclass) - C:\WINDOWS\system32\DRIVERS\kbdclass.sys
O41 - Driver: Pilote HID de clavier (kbdhid) - C:\WINDOWS\system32\DRIVERS\kbdhid.sys
O41 - Driver: Pilote de la classe Souris (mouclass) - C:\WINDOWS\system32\DRIVERS\mouclass.sys
O41 - Driver: NetBIOS Interface (NetBIOS) - C:\WINDOWS\system32\DRIVERS
etbios.sys
O41 - Driver: NETBT (netbt) - C:\WINDOWS\System32\DRIVERS
etbt.sys
O41 - Driver: NSI proxy service (nsiproxy) - C:\WINDOWS\system32\drivers
siproxy.sys
O41 - Driver: Remote Access Auto Connection Driver (RasAcd) - C:\WINDOWS\System32\DRIVERSasacd.sys
O41 - Driver: Redirected Buffering Sub Sysytem (rdbss) - C:\WINDOWS\system32\DRIVERSdbss.sys
O41 - Driver: RDPCDD (RDPCDD) - C:\WINDOWS\System32\DRIVERS\RDPCDD.sys
O41 - Driver: RDP Encoder Mirror Driver (RDPENCDD) - C:\WINDOWS\system32\driversdpencdd.sys
O41 - Driver: @%SystemRoot%\system32	cpipcfg.dll,-50005 (Smb) - C:\WINDOWS\system32\DRIVERS\smb.sys
O41 - Driver: SSHDRV85 (SSHDRV85) - C:\Windows\system32\drivers\SSHDRV85.sys
O41 - Driver: @%SystemRoot%\system32	cpipcfg.dll,-50004 (tdx) - C:\WINDOWS\system32\DRIVERS	dx.sys
O41 - Driver: Pilote de périphérique terminal (TermDD) - C:\WINDOWS\system32\DRIVERS	ermdd.sys
O41 - Driver: (no object) (VgaSave) - C:\Windows\System32\drivers\vga.sys
O41 - Driver: Remote Access IPv6 ARP Driver (Wanarpv6) - C:\WINDOWS\system32\DRIVERS\wanarp.sys

---\ 
O42 - Logiciel: 1.0
O42 - Logiciel: Activation Assistant for the 2007 Microsoft Office suites
O42 - Logiciel: Adobe Flash Player 10 ActiveX
O42 - Logiciel: Adobe Flash Player Plugin
O42 - Logiciel: Adobe Reader 8 - Français
O42 - Logiciel: Archiveur WinRAR
O42 - Logiciel: Assistant de connexion Windows Live
O42 - Logiciel: BoontyBox 2.3
O42 - Logiciel: CleanUp!
O42 - Logiciel: Conexant HD Audio
O42 - Logiciel: Diablo II
O42 - Logiciel: DivX Codec
O42 - Logiciel: DivX Converter
O42 - Logiciel: DivX Player
O42 - Logiciel: DivX Plus DirectShow Filters
O42 - Logiciel: DivX Web Player
O42 - Logiciel: Désinst. LG PC Suite III
O42 - Logiciel: ESU for Microsoft Vista
O42 - Logiciel: Galerie de photos Windows Live
O42 - Logiciel: Google Chrome
O42 - Logiciel: Google Toolbar for Internet Explorer
O42 - Logiciel: Google Update Helper
O42 - Logiciel: HDAUDIO Soft Data Fax Modem with SmartCP
O42 - Logiciel: HP Active Support Library
O42 - Logiciel: HP Active Support Library 32 bit components
O42 - Logiciel: HP Customer Experience Enhancements
O42 - Logiciel: HP Doc Viewer
O42 - Logiciel: HP Easy Setup - Frontend
O42 - Logiciel: HP Help and Support
O42 - Logiciel: HP Photosmart Essential 2.0
O42 - Logiciel: HP Quick Launch Buttons 6.20 B1
O42 - Logiciel: HP QuickPlay 3.2
O42 - Logiciel: HP Update
O42 - Logiciel: HP User Guides 0057
O42 - Logiciel: HP Wireless Assistant
O42 - Logiciel: Half-Life(R) 2
O42 - Logiciel: Hero Editor V0.96
O42 - Logiciel: Hewlett-Packard Active Check
O42 - Logiciel: Hewlett-Packard Asset Agent
O42 - Logiciel: Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
O42 - Logiciel: Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
O42 - Logiciel: HouseCall 6.6
O42 - Logiciel: Installation Windows Live
O42 - Logiciel: Java(TM) 6 Update 13
O42 - Logiciel: Java(TM) 6 Update 5
O42 - Logiciel: Java(TM) 6 Update 7
O42 - Logiciel: Java(TM) SE Runtime Environment 6
O42 - Logiciel: Junk Mail filter update
O42 - Logiciel: LG Bluetooth Drivers
O42 - Logiciel: LG MC USB U330 driver
O42 - Logiciel: LG USB Modem Drivers
O42 - Logiciel: Logitech QuickCam Software
O42 - Logiciel: MSCU for Microsoft Vista
O42 - Logiciel: MSVCRT
O42 - Logiciel: MSXML 4.0 SP2 (KB936181)
O42 - Logiciel: MSXML 4.0 SP2 (KB941833)
O42 - Logiciel: MSXML 4.0 SP2 (KB954430)
O42 - Logiciel: MSXML 4.0 SP2 (KB973688)
O42 - Logiciel: MSXML 4.0 SP2 Parser and SDK
O42 - Logiciel: Malwarebytes' Anti-Malware
O42 - Logiciel: Microsoft .NET Framework 3.5 Language Pack SP1 - fra
O42 - Logiciel: Microsoft .NET Framework 3.5 SP1
O42 - Logiciel: Microsoft Choice Guard
O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2)
O42 - Logiciel: Microsoft Office Excel MUI (French) 2007
O42 - Logiciel: Microsoft Office Home and Student 2007
O42 - Logiciel: Microsoft Office Live Add-in 1.3
O42 - Logiciel: Microsoft Office OneNote MUI (French) 2007
O42 - Logiciel: Microsoft Office PowerPoint MUI (French) 2007
O42 - Logiciel: Microsoft Office Proof (Arabic) 2007
O42 - Logiciel: Microsoft Office Proof (Dutch) 2007
O42 - Logiciel: Microsoft Office Proof (English) 2007
O42 - Logiciel: Microsoft Office Proof (French) 2007
O42 - Logiciel: Microsoft Office Proof (German) 2007
O42 - Logiciel: Microsoft Office Proof (Spanish) 2007
O42 - Logiciel: Microsoft Office Proofing (French) 2007
O42 - Logiciel: Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
O42 - Logiciel: Microsoft Office Shared MUI (French) 2007
O42 - Logiciel: Microsoft Office Word MUI (French) 2007
O42 - Logiciel: Microsoft Office Word Viewer 2003
O42 - Logiciel: Microsoft SQL Server 2005 Compact Edition [ENU]
O42 - Logiciel: Microsoft Search Enhancement Pack
O42 - Logiciel: Microsoft Silverlight
O42 - Logiciel: Microsoft Sync Framework Runtime Native v1.0 (x86)
O42 - Logiciel: Microsoft Sync Framework Services Native v1.0 (x86)
O42 - Logiciel: Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
O42 - Logiciel: Microsoft Visual C++ 2005 Redistributable
O42 - Logiciel: Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
O42 - Logiciel: Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
O42 - Logiciel: Microsoft Works
O42 - Logiciel: Module linguistique Microsoft .NET Framework 3.5 SP1- fra
O42 - Logiciel: Mozilla Firefox (3.0.15)
O42 - Logiciel: Mumble and Murmur
O42 - Logiciel: NVIDIA Drivers
O42 - Logiciel: No-IP.com DUC (remove only)
O42 - Logiciel: OCTGN (remove only)
O42 - Logiciel: OpenOffice.org 3.0
O42 - Logiciel: Outil de téléchargement Windows Live
O42 - Logiciel: Perfect World France
O42 - Logiciel: Photoshop CS2 
O42 - Logiciel: Project64 1.6
O42 - Logiciel: RGSS-RTP Standard
O42 - Logiciel: RTPatch Update
O42 - Logiciel: RealPlayer
O42 - Logiciel: Rose Online Evolution
O42 - Logiciel: Roxio Activation Module
O42 - Logiciel: Roxio Creator Audio
O42 - Logiciel: Roxio Creator Basic v9
O42 - Logiciel: Roxio Creator Copy
O42 - Logiciel: Roxio Creator Data
O42 - Logiciel: Roxio Creator EasyArchive
O42 - Logiciel: Roxio Creator Tools
O42 - Logiciel: Roxio Express Labeler 3
O42 - Logiciel: Roxio MyDVD Basic v9
O42 - Logiciel: SQLyog Community 6.07
O42 - Logiciel: SaTstrat (remove only)
O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB969559)
O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB973704)
O42 - Logiciel: Security Update for CAPICOM (KB931906)
O42 - Logiciel: Security Update for Microsoft Office Excel 2007 (KB973593)
O42 - Logiciel: Security Update for Microsoft Office PowerPoint 2007 (KB957789)
O42 - Logiciel: Security Update for Microsoft Office Visio Viewer 2007 (KB973709)
O42 - Logiciel: Security Update for Microsoft Office system 2007 (972581)
O42 - Logiciel: Security Update for Microsoft Office system 2007 (KB969613)
O42 - Logiciel: Security Update for Microsoft Office system 2007 (KB974234)
O42 - Logiciel: Shop for HP Supplies
O42 - Logiciel: SmartAudio
O42 - Logiciel: SpellForce 2 - Shadow Wars
O42 - Logiciel: Spybot - Search & Destroy
O42 - Logiciel: Steam(TM)
O42 - Logiciel: Synaptics Pointing Device Driver
O42 - Logiciel: TuneUp Utilities 2009
O42 - Logiciel: Update for 2007 Microsoft Office System (KB967642)
O42 - Logiciel: Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
O42 - Logiciel: Update for Microsoft Office InfoPath 2007 (KB976416)
O42 - Logiciel: Update for Microsoft Office Word 2007 (KB974561)
O42 - Logiciel: VC80CRTRedist - 8.0.50727.762
O42 - Logiciel: VideoLAN VLC media player 0.8.6d
O42 - Logiciel: Wakfu
O42 - Logiciel: Windows Live Call
O42 - Logiciel: Windows Live Communications Platform
O42 - Logiciel: Windows Live Contrôle parental
O42 - Logiciel: Windows Live FolderShare
O42 - Logiciel: Windows Live Mail
O42 - Logiciel: Windows Live Messenger
O42 - Logiciel: Windows Live Movie Maker
O42 - Logiciel: Windows Live Toolbar
O42 - Logiciel: Windows Live Writer
O42 - Logiciel: World of Warcraft
O42 - Logiciel: Xfire (remove only)
O42 - Logiciel: Yahoo! Toolbar
O42 - Logiciel: avast! Antivirus
O42 - Logiciel: muvee autoProducer 6.0

---\ 
O44 - LFC:Last File Created 21/12/2009 - 16:53:12 ---A- C:\Windows\System32\PerfStringBackup.INI
O44 - LFC:Last File Created 21/12/2009 - 16:53:12 ---A- C:\Windows\System32\perfc009.dat
O44 - LFC:Last File Created 21/12/2009 - 16:53:12 ---A- C:\Windows\System32\perfc00C.dat
O44 - LFC:Last File Created 21/12/2009 - 16:53:12 ---A- C:\Windows\System32\perfh009.dat
O44 - LFC:Last File Created 21/12/2009 - 16:53:12 ---A- C:\Windows\System32\perfh00C.dat
O44 - LFC:Last File Created 21/12/2009 - 16:29:53 ---A- C:\Windows\WindowsUpdate.log
O44 - LFC:Last File Created 21/12/2009 - 16:24:04 -S-A- C:\Windows\bootstat.dat
O44 - LFC:Last File Created 21/12/2009 - 16:23:53 ---A- C:\Windows\PFRO.log
O44 - LFC:Last File Created 21/12/2009 - 15:14:01 ---A- C:\Windows\setupact.log
O44 - LFC:Last File Created 21/12/2009 - 15:10:31 ---A- C:\Windows
tbtlog.txt
O44 - LFC:Last File Created 21/12/2009 - 03:08:35 ---A- C:\Windows\System32\config.nt
O44 - LFC:Last File Created 21/12/2009 - 00:14:15 ---A- C:\Windows\wininit.ini
O44 - LFC:Last File Created 20/12/2009 - 23:40:11 ---A- C:\Windows\srun.log
O44 - LFC:Last File Created 15/12/2009 - 20:01:06 ---A- C:\Windows\DirectX.log
O44 - LFC:Last File Created 10/12/2009 - 08:40:33 ---A- C:\Windows\System32moc3260.dll
O44 - LFC:Last File Created 10/12/2009 - 08:40:20 ---A- C:\Windows\System32\pndx5016.dll
O44 - LFC:Last File Created 10/12/2009 - 08:40:20 ---A- C:\Windows\System32\pndx5032.dll
O44 - LFC:Last File Created 10/12/2009 - 08:40:01 ---A- C:\Windows\System32\pncrt.dll
O44 - LFC:Last File Created 03/12/2009 - 16:14:06 ---A- C:\Windows\System32\drivers\mbamswissarmy.sys
O44 - LFC:Last File Created 03/12/2009 - 16:13:56 ---A- C:\Windows\System32\drivers\mbam.sys
O44 - LFC:Last File Created 01/12/2009 - 21:06:19 ---A- C:\Windows\System32\mrt.exe
O44 - LFC:Last File Created 25/11/2009 - 00:54:29 ---A- C:\Windows\System32\aswBoot.exe
O44 - LFC:Last File Created 25/11/2009 - 00:50:12 ---A- C:\Windows\System32\drivers\aswSP.sys
O44 - LFC:Last File Created 25/11/2009 - 00:50:00 ---A- C:\Windows\System32\drivers\aswFsBlk.sys
O44 - LFC:Last File Created 25/11/2009 - 00:49:48 ---A- C:\Windows\System32\drivers\aswMonFlt.sys
O44 - LFC:Last File Created 25/11/2009 - 00:49:07 ---A- C:\Windows\System32\drivers\aswTdi.sys
O44 - LFC:Last File Created 25/11/2009 - 00:48:57 ---A- C:\Windows\System32\drivers\aswRdr.sys
O44 - LFC:Last File Created 25/11/2009 - 00:47:28 ---A- C:\Windows\System32\AvastSS.scr
O44 - LFC:Last File Created 23/11/2009 - 17:02:12 ---A- C:\Windows\msxml4-KB973688-enu.LOG
O44 - LFC:Last File Created 21/11/2009 - 07:40:20 ---A- C:\Windows\System32\wininet.dll
O44 - LFC:Last File Created 21/11/2009 - 07:40:03 ---A- C:\Windows\System32\urlmon.dll
O44 - LFC:Last File Created 21/11/2009 - 07:38:17 ---A- C:\Windows\System32\occache.dll
O44 - LFC:Last File Created 21/11/2009 - 07:35:43 ---A- C:\Windows\System32\mshtml.dll
O44 - LFC:Last File Created 21/11/2009 - 07:35:38 ---A- C:\Windows\System32\msfeeds.dll
O44 - LFC:Last File Created 21/11/2009 - 07:35:38 ---A- C:\Windows\System32\msfeedsbs.dll
O44 - LFC:Last File Created 21/11/2009 - 07:34:58 ---A- C:\Windows\System32\jsproxy.dll
O44 - LFC:Last File Created 21/11/2009 - 07:34:52 ---A- C:\Windows\System32\inetcpl.cpl
O44 - LFC:Last File Created 21/11/2009 - 07:34:39 ---A- C:\Windows\System32\iertutil.dll
O44 - LFC:Last File Created 21/11/2009 - 07:34:39 ---A- C:\Windows\System32\iesetup.dll
O44 - LFC:Last File Created 21/11/2009 - 07:34:39 ---A- C:\Windows\System32\iesysprep.dll
O44 - LFC:Last File Created 21/11/2009 - 07:34:39 ---A- C:\Windows\System32\ieui.dll
O44 - LFC:Last File Created 21/11/2009 - 07:34:38 ---A- C:\Windows\System32\ieframe.dll
O44 - LFC:Last File Created 21/11/2009 - 07:34:38 ---A- C:\Windows\System32\iepeers.dll
O44 - LFC:Last File Created 21/11/2009 - 07:34:38 ---A- C:\Windows\System32\iernonce.dll
O44 - LFC:Last File Created 21/11/2009 - 07:34:33 ---A- C:\Windows\System32\iedkcs32.dll
O44 - LFC:Last File Created 21/11/2009 - 05:59:58 ---A- C:\Windows\System32\ieUnatt.exe
O44 - LFC:Last File Created 21/11/2009 - 05:59:52 ---A- C:\Windows\System32\ie4uinit.exe
O44 - LFC:Last File Created 21/11/2009 - 05:59:14 ---A- C:\Windows\System32\msfeedssync.exe
O44 - LFC:Last File Created 21/11/2009 - 05:58:54 ---A- C:\Windows\System32\mshtml.tlb

---\ 
O51 - MPSK:{062918e0-3c8f-11de-a7fa-806e6f6e6963}\Shell\AutoRun\command - F:\WD_Windows_Tools\Setup.exe
O51 - MPSK:{3ee17aba-d99d-11dd-b37d-001b2476712e}\Shell\AutoRun\command - H:\AppliCME.exe
O51 - MPSK:{8cf14f11-ce90-11dc-92a2-001b2476712e}\Shell\AutoRun\command - setup.exe
O51 - MPSK:{9110bf02-e749-11de-87ca-001b2476712e}\Shell\AutoRun\command - G:\USBAutoRun.exe

---\ 
O63 - Logiciel: HijackThis 2.0.2
O63 - Logiciel: GenProc


End of the scan: 432 lines


----------------------------------------------------------------------
Sites officiels GenProc : www.alt-shift-return.org et www.genproc.com
----------------------------------------------------------------------

~~ Fin à 17:15:45 ~~

bbe# · Answer

Je revient mardi, merci pour ton aide.

xatong · Answer

j'ai un virus sous le nom de JS:Redirector-AN [Trj] !! que faire merci.

sherred · Answer

bbe#
Ccleaner https://www.commentcamarche.net/telecharger/utilitaires/5647-ccleaner/
*Décocher dans le menu Options - sous-menu Avancé : 
Effacer uniquement les fichiers, du dossier temp de Windows, plus vieux que 48 heures .
tu fait le nettoyage
Fichiers temporaires de Windows 
Cookies, cache, historique d'Internet Explorer, Opera et Firefox 
Documents récents de Windows
et ensuite réparation de la base de registre.

Problème d'infection (virus)

16 réponses

Discussions similaires

Newsletters