Virus trojan

Ludivinne77 -  
salwa5 Messages postés 7552 Statut Contributeur -
Bonjour depuis quelque jour j'ai un trojan qui s'est installer avast me le détecte je le supprime mais le lendemain il est toujours la, j'ai utiliser Aquared, spybot, adware, avast mais rien n'y fait le prob est toujours là j'ai utliser hijackthis voivi ce qu'il me donne Please aidez moi
Logfile of HijackThis v1.99.1
Scan saved at 23:07:03, on 12/12/2006
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\ZONELABS\vsmon.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\System32\drivers\CDAC11BA.EXE
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\InstallHardware.exe
C:\Program Files\Thomson\SpeedTouch USB\Dragdiag.exe
C:\Program Files\Monitor.exe
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIACE.EXE
C:\WINDOWS\System32\drivers32.exe
C:\Program Files\QuickTime\qttask.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\WINDOWS\System32\MSDHCP32.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Java\jre1.5.0_09\bin\jusched.exe
C:\WINDOWS\System32\MSEXECP32.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\WINDOWS\System32\ctfmon.exe
C:\Program Files\Fichiers communs\Ahead\lib\NMBgMonitor.exe
C:\Program Files\Multimedia Keyboard Driver\PS2USBKbdDrv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\explorer.exe
C:\WINDOWS\system32\ntvdm.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\ludivinne \Bureau\hijackthis_hijackthis_1.99.1_anglais_17891.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.be/?gws_rd=ssl
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.google.fr/?gws_rd=ssl
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = about:blank
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?redirfallthru=http%3a%2f%2fwww.fr.msn.be%2fservices%2fhotmailactif%2fDefault.asp%3f
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: (no name) - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - (no file)
O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: (no name) - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - (no file)
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O4 - HKLM\..\Run: [SiSUSBRG] C:\WINDOWS\SiSUSBrg.exe
O4 - HKLM\..\Run: [InstallHardware] C:\WINDOWS\System32\InstallHardware.exe
O4 - HKLM\..\Run: [SpeedTouch USB Diagnostics] "C:\Program Files\Thomson\SpeedTouch USB\Dragdiag.exe" /icon
O4 - HKLM\..\Run: [Ulead AutoDetector] C:\Program Files\Monitor.exe
O4 - HKLM\..\Run: [EPSON Stylus DX3800 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIACE.EXE /P26 "EPSON Stylus DX3800 Series" /O6 "USB001" /M "Stylus DX3800"
O4 - HKLM\..\Run: [system_service] drivers32.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\System32\NeroCheck.exe
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [MS Dynamic Host Configuration Protocol] MSDHCP32.exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.5.0_09\bin\jusched.exe"
O4 - HKLM\..\Run: [MS Windows Executor Process] MSEXECP32.exe
O4 - HKLM\..\Run: [Zone Labs Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKLM\..\Run: [WireLessKeyboard] C:\Program Files\Multimedia Keyboard Driver\StartAutorun.exe PS2USBKbdDrv.exe
O4 - HKLM\..\RunServices: [system_service] drivers32.exe
O4 - HKLM\..\RunServices: [MS Dynamic Host Configuration Protocol] MSDHCP32.exe
O4 - HKLM\..\RunServices: [MS Windows Executor Process] MSEXECP32.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\ctfmon.exe
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Fichiers communs\Ahead\lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [MS Dynamic Host Configuration Protocol] MSDHCP32.exe
O4 - HKCU\..\Run: [AnyDVD] C:\Program Files\SlySoft\AnyDVD\AnyDVD.exe
O4 - HKCU\..\Run: [MS Windows Executor Process] MSEXECP32.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: Ouvrir dans un nouvel onglet d'arrière-plan - res://C:\Program Files\Windows Live Toolbar\Components\fr-be\msntabres.dll.mui/229?dde4b7b736134c50bf92b6f104ed8e83
O8 - Extra context menu item: Ouvrir dans un nouvel onglet de premier plan - res://C:\Program Files\Windows Live Toolbar\Components\fr-be\msntabres.dll.mui/230?dde4b7b736134c50bf92b6f104ed8e83
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll
O9 - Extra button: Unibet Fr Poker - {1DAA624F-A7AB-4b31-97A4-67205FF6963C} - C:\Program Files\mrbookmakerfrMPP\MPPoker.exe (file missing)
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra button: (no name) - {FB5F1910-F110-11d2-BB9E-00C04F795683} - (no file)
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - (no file)
O12 - Plugin for .mp3: C:\PROGRA~1\INTERN~1\PLUGINS\npqtplugin4.dll
O14 - IERESET.INF: START_PAGE_URL=https://www.google.fr/?gws_rd=ssl
O15 - ProtocolDefaults: 'http' protocol is in My Computer Zone, should be Internet Zone
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab
O16 - DPF: {1754A1BA-A1DF-4F10-B199-AA55AA1A120F} (InstallerBehaviorFactory Class) - https://www.msn.com/fr-fr/
O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab31267.cab
O16 - DPF: {2D2BEE6E-3C9A-4D58-B9EC-458EDB28D0F6} - https://www.afternic.com/domains/drivecleaner.com
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://by12fd.bay12.hotmail.msn.com/resources/MsnPUpld.cab
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.bitdefender.fr/scan8/oscan8.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/...
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - https://www.trendmicro.com/en_us/forHome/products/housecall.html
O16 - DPF: {7B297BFD-85E4-4092-B2AF-16A91B2EA103} (WScanCtl Class) - http://www.virustraq.com/img/scan_virus/webscan.cab
O16 - DPF: {80DD2229-B8E4-4C77-B72F-F22972D723EA} (AvxScanOnline Control) - http://www.inoculer.com/antivirus/Msie/bitdefender.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab
O16 - DPF: {A0D8CBD7-1223-4A64-B603-D6680A055A08} - https://secured.payvisionservices.com/DownloadManager/FRSActiveX.ocx
O16 - DPF: {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} (Zylom Games Player) - http://game11.zylom.com/activex/zylomgamesplayer.cab
O16 - DPF: {C4925E65-7A1E-11D2-8BB4-00A0C9CC72C3} - http://a532.g.akamai.net/f/532/6712/4h/player.virtools.com/downloads/player/Install3.5/Installer.exe
O16 - DPF: {CE69F98F-2AF3-4306-BAC6-A79070EDA1B4} (Zylom Loader Object) - http://eu.download.games.yahoo.com/zylom/activex/zylomloader.cab
O16 - DPF: {E1342154-4889-42B5-BEF6-19237577048F} (OberongamesLoader Object) - http://www.gamenext.fr/online2/zuma/oberongamesloader.cab
O16 - DPF: {E23FABEE-12E3-33DA-DA12-195DAC123984} (GameDesire Mahjong) - http://67.15.101.3/g_bin/eng/mahjong_2_0_0_24.cab
O16 - DPF: {E68718BB-5451-4F6F-B8B8-41B4AB672747} (IgbInstall Class) - http://www.internetgamebox.com/content/AxInst.cab
O16 - DPF: {EF148DBB-5B6D-4130-B2A1-661571E86260} (Playtime Games Launcher) - https://www.bigfishgames.com/online/mahjongescapeancie/PTGameLauncher.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{B056C4F9-60E1-4183-8B37-27E463CA295D}: NameServer = 195.238.2.22 195.238.2.21
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: Boonty Games - BOONTY - C:\Program Files\Fichiers communs\BOONTY Shared\Service\Boonty.exe
O23 - Service: C-DillaCdaC11BA - Macrovision - C:\WINDOWS\System32\drivers\CDAC11BA.EXE
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZONELABS\vsmon.exe
Configuration: Windows XP
Firefox 2.0

5 réponses

  1. salwa5 Messages postés 7552 Statut Contributeur 1 670
     
    bonjour ouvre hijack coche ces lignes puis clic sur fix checked

    O2 - BHO: (no name) - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - (no file)
    O3 - Toolbar: (no name) - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - (no file)

    O4 - HKLM\..\Run: [system_service] drivers32.exe
    O4 - HKLM\..\Run: [MS Dynamic Host Configuration Protocol] MSDHCP32.exe
    O4 - HKLM\..\Run: [MS Windows Executor Process] MSEXECP32.exe
    O4 - HKLM\..\RunServices: [system_service] drivers32.exe
    O4 - HKLM\..\RunServices: [MS Dynamic Host Configuration Protocol] MSDHCP32.exe
    O4 - HKLM\..\RunServices: [MS Windows Executor Process] MSEXECP32.exe
    O4 - HKCU\..\Run: [MS Dynamic Host Configuration Protocol] MSDHCP32.exe
    O4 - HKCU\..\Run: [MS Windows Executor Process] MSEXECP32.exe

    O9 - Extra button: Unibet Fr Poker - {1DAA624F-A7AB-4b31-97A4-67205FF6963C} - C:\Program Files\mrbookmakerfrMPP\MPPoker.exe (file missing)
    O9 - Extra button: (no name) - {FB5F1910-F110-11d2-BB9E-00C04F795683} - (no file)
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - (no file)
    O15 - ProtocolDefaults: 'http' protocol is in My Computer Zone, should be Internet Zone Méchant
    O16 - DPF: {2D2BEE6E-3C9A-4D58-B9EC-458EDB28D0F6} - https://www.afternic.com/domains/drivecleaner.com
    O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/
    O16 - DPF: {C4925E65-7A1E-11D2-8BB4-00A0C9CC72C3} - http://a532.g.akamai.net/

    O16 - DPF: {E1342154-4889-42B5-BEF6-19237577048F} (OberongamesLoader Object) - http://www.gamenext.fr/online2/zuma/oberongamesloader.cab
    O16 - DPF: {E23FABEE-12E3-33DA-DA12-195DAC123984} (GameDesire Mahjong) - http://67.15.101.3/g_bin/eng/mahjong_2_0_0_24.cab
    O16 - DPF: {E68718BB-5451-4F6F-B8B8-41B4AB672747} (IgbInstall Class) - http://www.internetgamebox.com/content/AxInst.cab
    O16 - DPF: {EF148DBB-5B6D-4130-B2A1-661571E86260} (Playtime Games Launcher) - https://www.bigfishgames.com/online/mahjongescapeancie/PTGameLauncher.cab

    redemare en mode sans echec (redemarrage + tapotte sans arret sur F8 desque l'ordi s'allume)

    cherches et supprime les fichiers en gras :

    C:\WINDOWS\System32\drivers32.exe
    C:\WINDOWS\System32\MSDHCP32.exe

    redemare en mode normal telecharge et execute

    AVG anti spyware
    https://www.01net.com/telecharger/

    Copier/coller le rapport entier sur le forum. (n'oublie pas de le mettre a jour avant de lancer le scan)
    NB suis les instruction du tutoriel
    http://www.malekal.com/tutorial_AVG_AntiSpyware.html
    http://www.kachouri.com/tuto/tuto-161-avg-anti-spyware-75-pour-votre-securite.html

    a+++
    0
    1. Ludivinne77
       
      je n'ai pas trouver le fichier drivers32.exe
      0
  2. salwa5 Messages postés 7552 Statut Contributeur 1 670
     
    pas grave continue les manip ensuite remet un log hijack

    a+++
    0
    1. Ludivinne77
       
      Voici le rapport AVG

      --------
      AVG Anti-Spyware - Rapport d'analyse
      ---------------------------------------------------------

      + Créé à: 17:26:12 13/12/2006

      + Résultat de l'analyse:



      C:\System Volume Information\_restore{E67D62F9-54F0-4E44-9159-C4D2E2B85C29}\RP71\A0015466.exe -> Adware.Altnet : Ignoré.
      HKU\S-1-5-21-1757981266-651377827-839522115-1003\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{8B6DA27E-7F64-4694-8F8F-DC87AB8C6B22} -> Adware.LinkMaker : Ignoré.
      HKLM\SYSTEM\ControlSet003\Enum\PCI\VEN_1039&DEV_7001&SUBSYS_0C54105B&REV_0F\3&61aaa01&0&1A\\Service -> Adware.SaveNow : Ignoré.
      C:\WINDOWS\system32\ofyxxmns.exe -> Adware.Searchcolor : Ignoré.
      C:\WINDOWS\system32\MSEXECP32.exe -> Backdoor.Rbot : Ignoré.
      C:\winsc23.exe -> Backdoor.Rbot : Ignoré.
      C:\System Volume Information\_restore{5B72DCBE-4B2D-49C3-B11E-511BE5F711B5}\RP464\A0297950.exe -> Backdoor.Rbot.aeu : Ignoré.
      C:\WINDOWS\system32\__delete_on_reboot__d_r_i_v_e_r_s_3_2_._e_x_e_ -> Backdoor.Rbot.aeu : Ignoré.
      C:\Recycled\Dc600.exe -> Backdoor.Rbot.bhf : Ignoré.
      C:\Documents and Settings\ludivinne letens\Mes documents\Mes fichiers PSP\Filtre\simple_filtre.zip/simple_filtre/Acces Immediat.ex -> Dialer.Agent.a : Ignoré.
      C:\WINDOWS\Downloaded Program Files\CONFLICT.1\USDR6V_0001_D18M3107NetInstaller.exe -> Not-A-Virus.Downloader.Win32.WinFixer.l : Ignoré.
      C:\WINDOWS\Downloaded Program Files\CONFLICT.2\USDR6V_0001_D18M3107NetInstaller.exe -> Not-A-Virus.Downloader.Win32.WinFixer.l : Ignoré.
      C:\WINDOWS\Downloaded Program Files\CONFLICT.3\USDR6V_0001_D18M3107NetInstaller.exe -> Not-A-Virus.Downloader.Win32.WinFixer.l : Ignoré.
      C:\WINDOWS\Downloaded Program Files\CONFLICT.4\USDR6V_0001_D18M3107NetInstaller.exe -> Not-A-Virus.Downloader.Win32.WinFixer.l : Ignoré.
      C:\WINDOWS\Downloaded Program Files\USDR6V_0001_D18M3107NetInstaller.exe -> Not-A-Virus.Downloader.Win32.WinFixer.l : Ignoré.
      C:\WINDOWS\Downloaded Program Files\CONFLICT.10\UDC6_0001_D19M1908NetInstaller.exe -> Not-A-Virus.Downloader.Win32.WinFixer.m : Ignoré.
      C:\WINDOWS\Downloaded Program Files\CONFLICT.1\UDC6_0001_D18M1108NetInstaller.exe -> Not-A-Virus.Downloader.Win32.WinFixer.m : Ignoré.
      C:\WINDOWS\Downloaded Program Files\CONFLICT.1\UDC6_0001_D19M1908NetInstaller.exe -> Not-A-Virus.Downloader.Win32.WinFixer.m : Ignoré.
      C:\WINDOWS\Downloaded Program Files\CONFLICT.2\UDC6_0001_D18M1108NetInstaller.exe -> Not-A-Virus.Downloader.Win32.WinFixer.m : Ignoré.
      C:\WINDOWS\Downloaded Program Files\CONFLICT.2\UDC6_0001_D19M1908NetInstaller.exe -> Not-A-Virus.Downloader.Win32.WinFixer.m : Ignoré.
      C:\WINDOWS\Downloaded Program Files\CONFLICT.3\UDC6_0001_D18M1108NetInstaller.exe -> Not-A-Virus.Downloader.Win32.WinFixer.m : Ignoré.
      C:\WINDOWS\Downloaded Program Files\CONFLICT.3\UDC6_0001_D19M1908NetInstaller.exe -> Not-A-Virus.Downloader.Win32.WinFixer.m : Ignoré.
      C:\WINDOWS\Downloaded Program Files\CONFLICT.5\UDC6_0001_D19M1908NetInstaller.exe -> Not-A-Virus.Downloader.Win32.WinFixer.m : Ignoré.
      C:\WINDOWS\Downloaded Program Files\CONFLICT.6\UDC6_0001_D19M1908NetInstaller.exe -> Not-A-Virus.Downloader.Win32.WinFixer.m : Ignoré.
      C:\WINDOWS\Downloaded Program Files\CONFLICT.7\UDC6_0001_D19M1908NetInstaller.exe -> Not-A-Virus.Downloader.Win32.WinFixer.m : Ignoré.
      C:\WINDOWS\Downloaded Program Files\CONFLICT.8\UDC6_0001_D19M1908NetInstaller.exe -> Not-A-Virus.Downloader.Win32.WinFixer.m : Ignoré.
      C:\WINDOWS\Downloaded Program Files\CONFLICT.9\UDC6_0001_D19M1908NetInstaller.exe -> Not-A-Virus.Downloader.Win32.WinFixer.m : Ignoré.
      C:\WINDOWS\Downloaded Program Files\UDC6_0001_D18M1108NetInstaller.exe -> Not-A-Virus.Downloader.Win32.WinFixer.m : Ignoré.
      C:\WINDOWS\Downloaded Program Files\UDC6_0001_D19M1908NetInstaller.exe -> Not-A-Virus.Downloader.Win32.WinFixer.m : Ignoré.
      :mozilla.11:C:\Documents and Settings\ludivinne letens\Application Data\Mozilla\Firefox\Profiles\7edtmdbn.default\cookies.txt -> TrackingCookie.247realmedia : Ignoré.
      :mozilla.13:C:\Documents and Settings\ludivinne letens\Application Data\Mozilla\Firefox\Profiles\7edtmdbn.default\cookies.txt -> TrackingCookie.247realmedia : Ignoré.
      :mozilla.14:C:\Documents and Settings\ludivinne letens\Application Data\Mozilla\Firefox\Profiles\7edtmdbn.default\cookies.txt -> TrackingCookie.247realmedia : Ignoré.
      :mozilla.15:C:\Documents and Settings\ludivinne letens\Application Data\Mozilla\Firefox\Profiles\7edtmdbn.default\cookies.txt -> TrackingCookie.247realmedia : Ignoré.
      :mozilla.16:C:\Documents and Settings\ludivinne letens\Application Data\Mozilla\Firefox\Profiles\7edtmdbn.default\cookies.txt -> TrackingCookie.247realmedia : Ignoré.
      :mozilla.17:C:\Documents and Settings\ludivinne letens\Application Data\Mozilla\Firefox\Profiles\7edtmdbn.default\cookies.txt -> TrackingCookie.247realmedia : Ignoré.
      :mozilla.18:C:\Documents and Settings\ludivinne letens\Application Data\Mozilla\Firefox\Profiles\7edtmdbn.default\cookies.txt -> TrackingCookie.247realmedia : Ignoré.
      :mozilla.19:C:\Documents and Settings\ludivinne letens\Application Data\Mozilla\Firefox\Profiles\7edtmdbn.default\cookies.txt -> TrackingCookie.247realmedia : Ignoré.
      :mozilla.20:C:\Documents and Settings\ludivinne letens\Application Data\Mozilla\Firefox\Profiles\7edtmdbn.default\cookies.txt -> TrackingCookie.247realmedia : Ignoré.
      C:\Documents and Settings\ludivinne letens\Cookies\ludivinne letens@247realmedia[2].txt -> TrackingCookie.247realmedia : Ignoré.
      :mozilla.136:C:\Documents and Settings\ludivinne letens\Application Data\Mozilla\Firefox\Profiles\7edtmdbn.default\cookies.txt -> TrackingCookie.2o7 : Ignoré.
      :mozilla.204:C:\Documents and Settings\ludivinne letens\Application Data\Mozilla\Firefox\Profiles\7edtmdbn.default\cookies.txt -> TrackingCookie.2o7 : Ignoré.
      :mozilla.294:C:\Documents and Settings\ludivinne letens\Application Data\Mozilla\Firefox\Profiles\7edtmdbn.default\cookies.txt -> TrackingCookie.Adbrite : Ignoré.
      :mozilla.295:C:\Documents and Settings\ludivinne letens\Application Data\Mozilla\Firefox\Profiles\7edtmdbn.default\cookies.txt -> TrackingCookie.Adbrite : Ignoré.
      :mozilla.73:C:\Documents and Settings\ludivinne letens\Application Data\Mozilla\Firefox\Profiles\7edtmdbn.default\cookies.txt -> TrackingCookie.Adtech : Ignoré.
      :mozilla.74:C:\Documents and Settings\ludivinne letens\Application Data\Mozilla\Firefox\Profiles\7edtmdbn.default\cookies.txt -> TrackingCookie.Adtech : Ignoré.
      :mozilla.250:C:\Documents and Settings\ludivinne letens\Application Data\Mozilla\Firefox\Profiles\7edtmdbn.default\cookies.txt -> TrackingCookie.Advertising : Ignoré.
      :mozilla.37:C:\Documents and Settings\ludivinne letens\Application Data\Mozilla\Firefox\Profiles\7edtmdbn.default\cookies.txt -> TrackingCookie.Atdmt : Ignoré.
      :mozilla.12:C:\Documents and Settings\ludivinne letens\Application Data\Mozilla\Firefox\Profiles\7edtmdbn.default\cookies.txt -> TrackingCookie.Bluestreak : Ignoré.
      :mozilla.76:C:\Documents and Settings\ludivinne letens\Application Data\Mozilla\Firefox\Profiles\7edtmdbn.default\cookies.txt -> TrackingCookie.Casalemedia : Ignoré.
      :mozilla.82:C:\Documents and Settings\ludivinne letens\Application Data\Mozilla\Firefox\Profiles\7edtmdbn.default\cookies.txt -> TrackingCookie.Casalemedia : Ignoré.
      :mozilla.83:C:\Documents and Settings\ludivinne letens\Application Data\Mozilla\Firefox\Profiles\7edtmdbn.default\cookies.txt -> TrackingCookie.Casalemedia : Ignoré.
      :mozilla.86:C:\Documents and Settings\ludivinne letens\Application Data\Mozilla\Firefox\Profiles\7edtmdbn.default\cookies.txt -> TrackingCookie.Casalemedia : Ignoré.
      :mozilla.87:C:\Documents and Settings\ludivinne letens\Application Data\Mozilla\Firefox\Profiles\7edtmdbn.default\cookies.txt -> TrackingCookie.Casalemedia : Ignoré.
      :mozilla.59:C:\Documents and Settings\ludivinne letens\Application Data\Mozilla\Firefox\Profiles\7edtmdbn.default\cookies.txt -> TrackingCookie.Comclick : Ignoré.
      :mozilla.60:C:\Documents and Settings\ludivinne letens\Application Data\Mozilla\Firefox\Profiles\7edtmdbn.default\cookies.txt -> TrackingCookie.Comclick : Ignoré.
      :mozilla.61:C:\Documents and Settings\ludivinne letens\Application Data\Mozilla\Firefox\Profiles\7edtmdbn.default\cookies.txt -> TrackingCookie.Comclick : Ignoré.
      :mozilla.27:C:\Documents and Settings\ludivinne letens\Application Data\Mozilla\Firefox\Profiles\7edtmdbn.default\cookies.txt -> TrackingCookie.Doubleclick : Ignoré.
      C:\Documents and Settings\ludivinne letens\Cookies\ludivinne letens@doubleclick[1].txt -> TrackingCookie.Doubleclick : Ignoré.
      :mozilla.173:C:\Documents and Settings\ludivinne letens\Application Data\Mozilla\Firefox\Profiles\7edtmdbn.default\cookies.txt -> TrackingCookie.Esomniture : Ignoré.
      :mozilla.269:C:\Documents and Settings\ludivinne letens\Application Data\Mozilla\Firefox\Profiles\7edtmdbn.default\cookies.txt -> TrackingCookie.Esomniture : Ignoré.
      :mozilla.270:C:\Documents and Settings\ludivinne letens\Application Data\Mozilla\Firefox\Profiles\7edtmdbn.default\cookies.txt -> TrackingCookie.Esomniture : Ignoré.
      :mozilla.219:C:\Documents and Settings\ludivinne letens\Application Data\Mozilla\Firefox\Profiles\7edtmdbn.default\cookies.txt -> TrackingCookie.Estat : Ignoré.
      :mozilla.38:C:\Documents and Settings\ludivinne letens\Application Data\Mozilla\Firefox\Profiles\7edtmdbn.default\cookies.txt -> TrackingCookie.Falkag : Ignoré.
      :mozilla.92:C:\Documents and Settings\ludivinne letens\Application Data\Mozilla\Firefox\Profiles\7edtmdbn.default\cookies.txt -> TrackingCookie.Fastclick : Ignoré.
      :mozilla.93:C:\Documents and Settings\ludivinne letens\Application Data\Mozilla\Firefox\Profiles\7edtmdbn.default\cookies.txt -> TrackingCookie.Fastclick : Ignoré.
      :mozilla.94:C:\Documents and Settings\ludivinne letens\Application Data\Mozilla\Firefox\Profiles\7edtmdbn.default\cookies.txt -> TrackingCookie.Fastclick : Ignoré.
      :mozilla.95:C:\Documents and Settings\ludivinne letens\Application Data\Mozilla\Firefox\Profiles\7edtmdbn.default\cookies.txt -> TrackingCookie.Fastclick : Ignoré.
      :mozilla.107:C:\Documents and Settings\ludivinne letens\Application Data\Mozilla\Firefox\Profiles\7edtmdbn.default\cookies.txt -> TrackingCookie.Googleadservices : Ignoré.
      :mozilla.110:C:\Documents and Settings\ludivinne letens\Application Data\Mozilla\Firefox\Profiles\7edtmdbn.default\cookies.txt -> TrackingCookie.Googleadservices : Ignoré.
      :mozilla.273:C:\Documents and Settings\ludivinne letens\Application Data\Mozilla\Firefox\Profiles\7edtmdbn.default\cookies.txt -> TrackingCookie.Hitbox : Ignoré.
      :mozilla.274:C:\Documents and Settings\ludivinne letens\Application Data\Mozilla\Firefox\Profiles\7edtmdbn.default\cookies.txt -> TrackingCookie.Hitbox : Ignoré.
      :mozilla.275:C:\Documents and Settings\ludivinne letens\Application Data\Mozilla\Firefox\Profiles\7edtmdbn.default\cookies.txt -> TrackingCookie.Hitbox : Ignoré.
      :mozilla.131:C:\Documents and Settings\ludivinne letens\Application Data\Mozilla\Firefox\Profiles\7edtmdbn.default\cookies.txt -> TrackingCookie.Mediaplex : Ignoré.
      :mozilla.213:C:\Documents and Settings\ludivinne letens\Application Data\Mozilla\Firefox\Profiles\7edtmdbn.default\cookies.txt -> TrackingCookie.Pointroll : Ignoré.
      :mozilla.214:C:\Documents and Settings\ludivinne letens\Application Data\Mozilla\Firefox\Profiles\7edtmdbn.default\cookies.txt -> TrackingCookie.Pointroll : Ignoré.
      :mozilla.215:C:\Documents and Settings\ludivinne letens\Application Data\Mozilla\Firefox\Profiles\7edtmdbn.default\cookies.txt -> TrackingCookie.Pointroll : Ignoré.
      :mozilla.216:C:\Documents and Settings\ludivinne letens\Application Data\Mozilla\Firefox\Profiles\7edtmdbn.default\cookies.txt -> TrackingCookie.Pointroll : Ignoré.
      :mozilla.48:C:\Documents and Settings\ludivinne letens\Application Data\Mozilla\Firefox\Profiles\7edtmdbn.default\cookies.txt -> TrackingCookie.Questionmarket : Ignoré.
      :mozilla.49:C:\Documents and Settings\ludivinne letens\Application Data\Mozilla\Firefox\Profiles\7edtmdbn.default\cookies.txt -> TrackingCookie.Questionmarket : Ignoré.
      :mozilla.50:C:\Documents and Settings\ludivinne letens\Application Data\Mozilla\Firefox\Profiles\7edtmdbn.default\cookies.txt -> TrackingCookie.Questionmarket : Ignoré.
      :mozilla.51:C:\Documents and Settings\ludivinne letens\Application Data\Mozilla\Firefox\Profiles\7edtmdbn.default\cookies.txt -> TrackingCookie.Questionmarket : Ignoré.
      :mozilla.30:C:\Documents and Settings\ludivinne letens\Application Data\Mozilla\Firefox\Profiles\7edtmdbn.default\cookies.txt -> TrackingCookie.Serving-sys : Ignoré.
      :mozilla.31:C:\Documents and Settings\ludivinne letens\Application Data\Mozilla\Firefox\Profiles\7edtmdbn.default\cookies.txt -> TrackingCookie.Serving-sys : Ignoré.
      :mozilla.32:C:\Documents and Settings\ludivinne letens\Application Data\Mozilla\Firefox\Profiles\7edtmdbn.default\cookies.txt -> TrackingCookie.Serving-sys : Ignoré.
      :mozilla.33:C:\Documents and Settings\ludivinne letens\Application Data\Mozilla\Firefox\Profiles\7edtmdbn.default\cookies.txt -> TrackingCookie.Serving-sys : Ignoré.
      :mozilla.34:C:\Documents and Settings\ludivinne letens\Application Data\Mozilla\Firefox\Profiles\7edtmdbn.default\cookies.txt -> TrackingCookie.Serving-sys : Ignoré.
      :mozilla.35:C:\Documents and Settings\ludivinne letens\Application Data\Mozilla\Firefox\Profiles\7edtmdbn.default\cookies.txt -> TrackingCookie.Serving-sys : Ignoré.
      :mozilla.159:C:\Documents and Settings\ludivinne letens\Application Data\Mozilla\Firefox\Profiles\7edtmdbn.default\cookies.txt -> TrackingCookie.Sitestat : Ignoré.
      :mozilla.161:C:\Documents and Settings\ludivinne letens\Application Data\Mozilla\Firefox\Profiles\7edtmdbn.default\cookies.txt -> TrackingCookie.Sitestat : Ignoré.
      :mozilla.21:C:\Documents and Settings\ludivinne letens\Application Data\Mozilla\Firefox\Profiles\7edtmdbn.default\cookies.txt -> TrackingCookie.Smartadserver : Ignoré.
      :mozilla.22:C:\Documents and Settings\ludivinne letens\Application Data\Mozilla\Firefox\Profiles\7edtmdbn.default\cookies.txt -> TrackingCookie.Smartadserver : Ignoré.
      :mozilla.23:C:\Documents and Settings\ludivinne letens\Application Data\Mozilla\Firefox\Profiles\7edtmdbn.default\cookies.txt -> TrackingCookie.Smartadserver : Ignoré.
      :mozilla.69:C:\Documents and Settings\ludivinne letens\Application Data\Mozilla\Firefox\Profiles\7edtmdbn.default\cookies.txt -> TrackingCookie.Tradedoubler : Ignoré.
      :mozilla.70:C:\Documents and Settings\ludivinne letens\Application Data\Mozilla\Firefox\Profiles\7edtmdbn.default\cookies.txt -> TrackingCookie.Tradedoubler : Ignoré.
      :mozilla.71:C:\Documents and Settings\ludivinne letens\Application Data\Mozilla\Firefox\Profiles\7edtmdbn.default\cookies.txt -> TrackingCookie.Tradedoubler : Ignoré.
      :mozilla.72:C:\Documents and Settings\ludivinne letens\Application Data\Mozilla\Firefox\Profiles\7edtmdbn.default\cookies.txt -> TrackingCookie.Tradedoubler : Ignoré.
      :mozilla.24:C:\Documents and Settings\ludivinne letens\Application Data\Mozilla\Firefox\Profiles\7edtmdbn.default\cookies.txt -> TrackingCookie.Weborama : Ignoré.
      :mozilla.26:C:\Documents and Settings\ludivinne letens\Application Data\Mozilla\Firefox\Profiles\7edtmdbn.default\cookies.txt -> TrackingCookie.Weborama : Ignoré.
      :mozilla.75:C:\Documents and Settings\ludivinne letens\Application Data\Mozilla\Firefox\Profiles\7edtmdbn.default\cookies.txt -> TrackingCookie.Yieldmanager : Ignoré.
      C:\System Volume Information\_restore{5B72DCBE-4B2D-49C3-B11E-511BE5F711B5}\RP462\A0297782.exe/D3.reg -> Trojan.LowZones.h : Ignoré.
      C:\System Volume Information\_restore{5B72DCBE-4B2D-49C3-B11E-511BE5F711B5}\RP462\A0297782.exe/F2.reg -> Trojan.LowZones.h : Ignoré.
      C:\System Volume Information\_restore{5B72DCBE-4B2D-49C3-B11E-511BE5F711B5}\RP462\A0297782.exe/G1.reg -> Trojan.LowZones.h : Ignoré.
      C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\QZOP4J01\teller2[1].htm -> Trojan.Small : Ignoré.


      Fin du rapport

      et le rapport HIJACKTHIS



      Scan saved at 17:27:56, on 13/12/2006
      Platform: Windows XP SP1 (WinNT 5.01.2600)
      MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

      Running processes:
      C:\WINDOWS\System32\smss.exe
      C:\WINDOWS\system32\winlogon.exe
      C:\WINDOWS\system32\services.exe
      C:\WINDOWS\system32\lsass.exe
      C:\WINDOWS\system32\svchost.exe
      C:\WINDOWS\System32\svchost.exe
      C:\WINDOWS\system32\ZONELABS\vsmon.exe
      C:\WINDOWS\Explorer.EXE
      C:\WINDOWS\system32\spoolsv.exe
      C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
      C:\Program Files\Alwil Software\Avast4\ashServ.exe
      C:\WINDOWS\System32\InstallHardware.exe
      C:\Program Files\Thomson\SpeedTouch USB\Dragdiag.exe
      C:\WINDOWS\System32\drivers\CDAC11BA.EXE
      C:\Program Files\Monitor.exe
      C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIACE.EXE
      C:\WINDOWS\System32\svchost.exe
      C:\Program Files\QuickTime\qttask.exe
      C:\WINDOWS\SOUNDMAN.EXE
      C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
      C:\Program Files\Java\jre1.5.0_09\bin\jusched.exe
      C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
      C:\WINDOWS\System32\ctfmon.exe
      C:\Program Files\Fichiers communs\Ahead\lib\NMBgMonitor.exe
      C:\Program Files\Multimedia Keyboard Driver\PS2USBKbdDrv.exe
      C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
      C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
      C:\Program Files\Mozilla Firefox\firefox.exe
      C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
      C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
      C:\Documents and Settings\ludivinne letens\Bureau\hijackthis_hijackthis_1.99.1_anglais_17891.exe

      R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.be/?gws_rd=ssl
      R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.google.fr/?gws_rd=ssl
      R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = about:blank
      R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?redirfallthru=http%3a%2f%2fwww.fr.msn.be%2fservices%2fhotmailactif%2fDefault.asp%3f
      R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
      O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
      O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
      O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll
      O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
      O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
      O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
      O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
      O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
      O4 - HKLM\..\Run: [SiSUSBRG] C:\WINDOWS\SiSUSBrg.exe
      O4 - HKLM\..\Run: [InstallHardware] C:\WINDOWS\System32\InstallHardware.exe
      O4 - HKLM\..\Run: [SpeedTouch USB Diagnostics] "C:\Program Files\Thomson\SpeedTouch USB\Dragdiag.exe" /icon
      O4 - HKLM\..\Run: [Ulead AutoDetector] C:\Program Files\Monitor.exe
      O4 - HKLM\..\Run: [EPSON Stylus DX3800 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIACE.EXE /P26 "EPSON Stylus DX3800 Series" /O6 "USB001" /M "Stylus DX3800"
      O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
      O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\System32\NeroCheck.exe
      O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
      O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
      O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.5.0_09\bin\jusched.exe"
      O4 - HKLM\..\Run: [Zone Labs Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
      O4 - HKLM\..\Run: [WireLessKeyboard] C:\Program Files\Multimedia Keyboard Driver\StartAutorun.exe PS2USBKbdDrv.exe
      O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
      O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\ctfmon.exe
      O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Fichiers communs\Ahead\lib\NMBgMonitor.exe"
      O4 - HKCU\..\Run: [AnyDVD] C:\Program Files\SlySoft\AnyDVD\AnyDVD.exe
      O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
      O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
      O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
      O8 - Extra context menu item: Ouvrir dans un nouvel onglet d'arrière-plan - res://C:\Program Files\Windows Live Toolbar\Components\fr-be\msntabres.dll.mui/229?dde4b7b736134c50bf92b6f104ed8e83
      O8 - Extra context menu item: Ouvrir dans un nouvel onglet de premier plan - res://C:\Program Files\Windows Live Toolbar\Components\fr-be\msntabres.dll.mui/230?dde4b7b736134c50bf92b6f104ed8e83
      O9 - Extra button: Unibet Fr Poker - {1DAA624F-A7AB-4b31-97A4-67205FF6963C} - C:\Program Files\mrbookmakerfrMPP\MPPoker.exe (file missing)
      O9 - Extra button: (no name) - {FB5F1910-F110-11d2-BB9E-00C04F795683} - (no file)
      O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - (no file)
      O12 - Plugin for .mp3: C:\PROGRA~1\INTERN~1\PLUGINS\npqtplugin4.dll
      O14 - IERESET.INF: START_PAGE_URL=https://www.google.fr/?gws_rd=ssl
      O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - https://www.kaspersky.fr/?domain=webscanner.kaspersky.fr
      O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab
      O16 - DPF: {1754A1BA-A1DF-4F10-B199-AA55AA1A120F} (InstallerBehaviorFactory Class) - https://www.msn.com/fr-fr/
      O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab31267.cab
      O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://by12fd.bay12.hotmail.msn.com/resources/MsnPUpld.cab
      O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.bitdefender.fr/scan8/oscan8.cab
      O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/...
      O16 - DPF: {7B297BFD-85E4-4092-B2AF-16A91B2EA103} (WScanCtl Class) - http://www.virustraq.com/img/scan_virus/webscan.cab
      O16 - DPF: {80DD2229-B8E4-4C77-B72F-F22972D723EA} (AvxScanOnline Control) - http://www.inoculer.com/antivirus/Msie/bitdefender.cab
      O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
      O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab
      O16 - DPF: {A0D8CBD7-1223-4A64-B603-D6680A055A08} - https://secured.payvisionservices.com/DownloadManager/FRSActiveX.ocx
      O16 - DPF: {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} (Zylom Games Player) - http://game11.zylom.com/activex/zylomgamesplayer.cab
      O16 - DPF: {CE69F98F-2AF3-4306-BAC6-A79070EDA1B4} (Zylom Loader Object) - http://eu.download.games.yahoo.com/zylom/activex/zylomloader.cab
      O17 - HKLM\System\CCS\Services\Tcpip\..\{B056C4F9-60E1-4183-8B37-27E463CA295D}: NameServer = 195.238.2.22 195.238.2.21
      O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
      O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
      O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
      O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashServ.exe
      O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
      O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
      O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
      O23 - Service: Boonty Games - BOONTY - C:\Program Files\Fichiers communs\BOONTY Shared\Service\Boonty.exe
      O23 - Service: C-DillaCdaC11BA - Macrovision - C:\WINDOWS\System32\drivers\CDAC11BA.EXE
      O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
      O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZONELABS\vsmon.exe
      0
  3. salwa5 Messages postés 7552 Statut Contributeur 1 670
     
    ree pour avg fallais lire les tutorial que je t'ai donné

    pour qu'il supprime ce qu'il a trouvé il faut aller dans paremetre , dans l'option comment reagir choisi sois qurantaine ou supprimé

    ensuiite colle le resultat ici :)

    a+++
    0
    1. Ludivinne77
       
      ok j'ai supprimé voila le rapport hijackthis

      Logfile of HijackThis v1.99.1
      Scan saved at 17:55:06, on 13/12/2006
      Platform: Windows XP SP1 (WinNT 5.01.2600)
      MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

      Running processes:
      C:\WINDOWS\System32\smss.exe
      C:\WINDOWS\system32\winlogon.exe
      C:\WINDOWS\system32\services.exe
      C:\WINDOWS\system32\lsass.exe
      C:\WINDOWS\system32\svchost.exe
      C:\WINDOWS\System32\svchost.exe
      C:\WINDOWS\system32\ZONELABS\vsmon.exe
      C:\WINDOWS\Explorer.EXE
      C:\WINDOWS\system32\spoolsv.exe
      C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
      C:\Program Files\Alwil Software\Avast4\ashServ.exe
      C:\WINDOWS\System32\InstallHardware.exe
      C:\Program Files\Thomson\SpeedTouch USB\Dragdiag.exe
      C:\WINDOWS\System32\drivers\CDAC11BA.EXE
      C:\Program Files\Monitor.exe
      C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIACE.EXE
      C:\WINDOWS\System32\svchost.exe
      C:\Program Files\QuickTime\qttask.exe
      C:\WINDOWS\SOUNDMAN.EXE
      C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
      C:\Program Files\Java\jre1.5.0_09\bin\jusched.exe
      C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
      C:\WINDOWS\System32\ctfmon.exe
      C:\Program Files\Fichiers communs\Ahead\lib\NMBgMonitor.exe
      C:\Program Files\Multimedia Keyboard Driver\PS2USBKbdDrv.exe
      C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
      C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
      C:\Program Files\Mozilla Firefox\firefox.exe
      C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
      C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
      C:\Documents and Settings\ludivinne letens\Bureau\hijackthis_hijackthis_1.99.1_anglais_17891.exe

      R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.be/?gws_rd=ssl
      R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.fr/
      R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = about:blank
      R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?redirfallthru=http%3a%2f%2fwww.fr.msn.be%2fservices%2fhotmailactif%2fDefault.asp%3f
      R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
      O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
      O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
      O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll
      O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
      O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
      O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
      O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
      O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
      O4 - HKLM\..\Run: [SiSUSBRG] C:\WINDOWS\SiSUSBrg.exe
      O4 - HKLM\..\Run: [InstallHardware] C:\WINDOWS\System32\InstallHardware.exe
      O4 - HKLM\..\Run: [SpeedTouch USB Diagnostics] "C:\Program Files\Thomson\SpeedTouch USB\Dragdiag.exe" /icon
      O4 - HKLM\..\Run: [Ulead AutoDetector] C:\Program Files\Monitor.exe
      O4 - HKLM\..\Run: [EPSON Stylus DX3800 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIACE.EXE /P26 "EPSON Stylus DX3800 Series" /O6 "USB001" /M "Stylus DX3800"
      O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
      O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\System32\NeroCheck.exe
      O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
      O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
      O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.5.0_09\bin\jusched.exe"
      O4 - HKLM\..\Run: [Zone Labs Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
      O4 - HKLM\..\Run: [WireLessKeyboard] C:\Program Files\Multimedia Keyboard Driver\StartAutorun.exe PS2USBKbdDrv.exe
      O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
      O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\ctfmon.exe
      O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Fichiers communs\Ahead\lib\NMBgMonitor.exe"
      O4 - HKCU\..\Run: [AnyDVD] C:\Program Files\SlySoft\AnyDVD\AnyDVD.exe
      O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
      O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
      O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
      O8 - Extra context menu item: Ouvrir dans un nouvel onglet d'arrière-plan - res://C:\Program Files\Windows Live Toolbar\Components\fr-be\msntabres.dll.mui/229?dde4b7b736134c50bf92b6f104ed8e83
      O8 - Extra context menu item: Ouvrir dans un nouvel onglet de premier plan - res://C:\Program Files\Windows Live Toolbar\Components\fr-be\msntabres.dll.mui/230?dde4b7b736134c50bf92b6f104ed8e83
      O9 - Extra button: Unibet Fr Poker - {1DAA624F-A7AB-4b31-97A4-67205FF6963C} - C:\Program Files\mrbookmakerfrMPP\MPPoker.exe (file missing)
      O9 - Extra button: (no name) - {FB5F1910-F110-11d2-BB9E-00C04F795683} - (no file)
      O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - (no file)
      O12 - Plugin for .mp3: C:\PROGRA~1\INTERN~1\PLUGINS\npqtplugin4.dll
      O14 - IERESET.INF: START_PAGE_URL=http://www.google.fr/
      O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - https://www.kaspersky.fr/?domain=webscanner.kaspersky.fr
      O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab
      O16 - DPF: {1754A1BA-A1DF-4F10-B199-AA55AA1A120F} (InstallerBehaviorFactory Class) - https://www.msn.com/fr-fr/
      O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab31267.cab
      O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://by12fd.bay12.hotmail.msn.com/resources/MsnPUpld.cab
      O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.bitdefender.fr/scan8/oscan8.cab
      O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/...
      O16 - DPF: {7B297BFD-85E4-4092-B2AF-16A91B2EA103} (WScanCtl Class) - http://www.virustraq.com/img/scan_virus/webscan.cab
      O16 - DPF: {80DD2229-B8E4-4C77-B72F-F22972D723EA} (AvxScanOnline Control) - http://www.inoculer.com/antivirus/Msie/bitdefender.cab
      O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
      O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab
      O16 - DPF: {A0D8CBD7-1223-4A64-B603-D6680A055A08} - https://secured.payvisionservices.com/DownloadManager/FRSActiveX.ocx
      O16 - DPF: {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} (Zylom Games Player) - http://game11.zylom.com/activex/zylomgamesplayer.cab
      O16 - DPF: {CE69F98F-2AF3-4306-BAC6-A79070EDA1B4} (Zylom Loader Object) - http://eu.download.games.yahoo.com/zylom/activex/zylomloader.cab
      O17 - HKLM\System\CCS\Services\Tcpip\..\{B056C4F9-60E1-4183-8B37-27E463CA295D}: NameServer = 195.238.2.22 195.238.2.21
      O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
      O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
      O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
      O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashServ.exe
      O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
      O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
      O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
      O23 - Service: Boonty Games - BOONTY - C:\Program Files\Fichiers communs\BOONTY Shared\Service\Boonty.exe
      O23 - Service: C-DillaCdaC11BA - Macrovision - C:\WINDOWS\System32\drivers\CDAC11BA.EXE
      O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
      O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZONELABS\vsmon.exe
      0
  4. salwa5 Messages postés 7552 Statut Contributeur 1 670
     
    rebonsoir ton log a l'air propre esque avast te signal toujour la presence du virus ?? si il le faut redemare pour voir si le virus revien

    a+
    0
    1. Ludivinne77
       
      non tout va bien il ne le détecte pas , ok merci beaucoup pour ton aide A++++++++++ BiZ et en cas on ne se verait plus Je te souhaite un Joyeux noël et une très bonne année BIZZZZZZZZZZZZZZZZZ
      0
  5. Vous n’avez pas trouvé la réponse que vous recherchez ?

    Posez votre question
  6. salwa5 Messages postés 7552 Statut Contributeur 1 670
     
    de rien :) j'espere qu'il est bien parti , si il revien n'hesite pas a revenir :p

    a++
    0