Sujet Précédent Sujet Suivant

Avast détecte virus win32 horstDZ trojan

Fermé
zelourd Messages postés 5 Date d'inscription mercredi 25 mai 2005 Statut Membre Dernière intervention 17 janvier 2007 - 17 janv. 2007 à 14:36
Lyonnais92 Messages postés 25159 Date d'inscription vendredi 23 juin 2006 Statut Contributeur sécurité Dernière intervention 16 septembre 2016 - 18 janv. 2007 à 22:18
voilà j'ai trouvé un fix sur un site pour éradique ce virus, apparemment nommé souvent Exmodul. Avast détecte tous les jours le trojan win32-HORST DZ et les fichiers infectés sont du type exmodul suivi d'un numéro suivi de .exe.

J'ai passé plusieurs fois un fix du nom de SDFIX

Voici le rapport après scan:


SDFix: Version 1.57

mer. 17/01/2007 - 14:08:32,21

Microsoft Windows XP [version 5.1.2600]

Running From: C:\SDFix

Safe Mode

Service Check:

Service Name:


File Path:




Starting Registry Repairs

Restoring Default Hosts File...

Stage One Complete

Rebooting...

Stage Two - Normal Mode

Checking Files:
--------------

C:\WINDOWS\system\smss.exe

Removing any Files Found...

Alternate Stream Check:

C:\WINDOWS\system32
No streams found.

Final Check:

Remaining Services:
------------------


Authorized Application Key Export:

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\\Program Files\\Messenger\\msmsgs.exe"="C:\\Program Files\\Messenger\\msmsgs.exe:*:Enabled:Windows Messenger"
"C:\\WINDOWS\\system32\\svchost.exe"="C:\\WINDOWS\\system32\\svchost.exe:*:Enabled:Microsoft Update"
"C:\\Program Files\\MSN Messenger\\msnmsgr.exe"="C:\\Program Files\\MSN Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.0"
"C:\\Program Files\\MSN Messenger\\msncall.exe"="C:\\Program Files\\MSN Messenger\\msncall.exe:*:Enabled:Windows Live Messenger 8.0 (Phone)"
"C:\\Program Files\\IVT Corporation\\BlueSoleil\\BlueSoleil.exe"="C:\\Program Files\\IVT Corporation\\BlueSoleil\\BlueSoleil.exe:*:Enabled:BlueSoleil"
"C:\\DOCUME~1\\SOSPIE~1\\LOCALS~1\\Temp\\71exmodul32f.b.exe"="C:\\DOCUME~1\\SOSPIE~1\\LOCALS~1\\Temp\\71exmodul32f.b.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\SOSPIE~1\\LOCALS~1\\Temp\\47exinjs.q.exe"="C:\\DOCUME~1\\SOSPIE~1\\LOCALS~1\\Temp\\47exinjs.q.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\SOSPIE~1\\LOCALS~1\\Temp\\89exmodul32f.b.exe"="C:\\DOCUME~1\\SOSPIE~1\\LOCALS~1\\Temp\\89exmodul32f.b.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\SOSPIE~1\\LOCALS~1\\Temp\\87exinjs.q.exe"="C:\\DOCUME~1\\SOSPIE~1\\LOCALS~1\\Temp\\87exinjs.q.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\SOSPIE~1\\LOCALS~1\\Temp\\97exmodul32f.b.exe"="C:\\DOCUME~1\\SOSPIE~1\\LOCALS~1\\Temp\\97exmodul32f.b.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\SOSPIE~1\\LOCALS~1\\Temp\\43exmodul32f.b.exe"="C:\\DOCUME~1\\SOSPIE~1\\LOCALS~1\\Temp\\43exmodul32f.b.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\SOSPIE~1\\LOCALS~1\\Temp\\9exinjs.q.exe"="C:\\DOCUME~1\\SOSPIE~1\\LOCALS~1\\Temp\\9exinjs.q.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\SOSPIE~1\\LOCALS~1\\Temp\\63exmodul32f.b.exe"="C:\\DOCUME~1\\SOSPIE~1\\LOCALS~1\\Temp\\63exmodul32f.b.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\SOSPIE~1\\LOCALS~1\\Temp\\65exinjs.q.exe"="C:\\DOCUME~1\\SOSPIE~1\\LOCALS~1\\Temp\\65exinjs.q.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\SOSPIE~1\\LOCALS~1\\Temp\\67exmodul32f.b.exe"="C:\\DOCUME~1\\SOSPIE~1\\LOCALS~1\\Temp\\67exmodul32f.b.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\SOSPIE~1\\LOCALS~1\\Temp\\39exinjs.q.exe"="C:\\DOCUME~1\\SOSPIE~1\\LOCALS~1\\Temp\\39exinjs.q.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\SOSPIE~1\\LOCALS~1\\Temp\\18exinjs.q.exe"="C:\\DOCUME~1\\SOSPIE~1\\LOCALS~1\\Temp\\18exinjs.q.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\SOSPIE~1\\LOCALS~1\\Temp\\47exmodul32f.b.exe"="C:\\DOCUME~1\\SOSPIE~1\\LOCALS~1\\Temp\\47exmodul32f.b.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\SOSPIE~1\\LOCALS~1\\Temp\\51exinjs.q.exe"="C:\\DOCUME~1\\SOSPIE~1\\LOCALS~1\\Temp\\51exinjs.q.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\SOSPIE~1\\LOCALS~1\\Temp\\33exmodul32f.b.exe"="C:\\DOCUME~1\\SOSPIE~1\\LOCALS~1\\Temp\\33exmodul32f.b.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\SOSPIE~1\\LOCALS~1\\Temp\\4exinjs.q.exe"="C:\\DOCUME~1\\SOSPIE~1\\LOCALS~1\\Temp\\4exinjs.q.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\SOSPIE~1\\LOCALS~1\\Temp\\24exmodul32f.b.exe"="C:\\DOCUME~1\\SOSPIE~1\\LOCALS~1\\Temp\\24exmodul32f.b.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\SOSPIE~1\\LOCALS~1\\Temp\\24exinjs.q.exe"="C:\\DOCUME~1\\SOSPIE~1\\LOCALS~1\\Temp\\24exinjs.q.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\SOSPIE~1\\LOCALS~1\\Temp\\69exmodul32f.b.exe"="C:\\DOCUME~1\\SOSPIE~1\\LOCALS~1\\Temp\\69exmodul32f.b.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\SOSPIE~1\\LOCALS~1\\Temp\\92exinjs.q.exe"="C:\\DOCUME~1\\SOSPIE~1\\LOCALS~1\\Temp\\92exinjs.q.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\SOSPIE~1\\LOCALS~1\\Temp\\75exmodul32f.b.exe"="C:\\DOCUME~1\\SOSPIE~1\\LOCALS~1\\Temp\\75exmodul32f.b.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\SOSPIE~1\\LOCALS~1\\Temp\\60exinjs.q.exe"="C:\\DOCUME~1\\SOSPIE~1\\LOCALS~1\\Temp\\60exinjs.q.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\SOSPIE~1\\LOCALS~1\\Temp\\34exmodul32f.b.exe"="C:\\DOCUME~1\\SOSPIE~1\\LOCALS~1\\Temp\\34exmodul32f.b.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\SOSPIE~1\\LOCALS~1\\Temp\\89exinjs.q.exe"="C:\\DOCUME~1\\SOSPIE~1\\LOCALS~1\\Temp\\89exinjs.q.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\SOSPIE~1\\LOCALS~1\\Temp\\65exmodul32f.b.exe"="C:\\DOCUME~1\\SOSPIE~1\\LOCALS~1\\Temp\\65exmodul32f.b.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\SOSPIE~1\\LOCALS~1\\Temp\\73exinjs.q.exe"="C:\\DOCUME~1\\SOSPIE~1\\LOCALS~1\\Temp\\73exinjs.q.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\SOSPIE~1\\LOCALS~1\\Temp\\45exmodul32f.b.exe"="C:\\DOCUME~1\\SOSPIE~1\\LOCALS~1\\Temp\\45exmodul32f.b.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\SOSPIE~1\\LOCALS~1\\Temp\\67exinjs.r.exe"="C:\\DOCUME~1\\SOSPIE~1\\LOCALS~1\\Temp\\67exinjs.r.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\SOSPIE~1\\LOCALS~1\\Temp\\85exmodul32f.b.exe"="C:\\DOCUME~1\\SOSPIE~1\\LOCALS~1\\Temp\\85exmodul32f.b.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\SOSPIE~1\\LOCALS~1\\Temp\\87exmodul32f.b.exe"="C:\\DOCUME~1\\SOSPIE~1\\LOCALS~1\\Temp\\87exmodul32f.b.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\SOSPIE~1\\LOCALS~1\\Temp\\8exinjs.r.exe"="C:\\DOCUME~1\\SOSPIE~1\\LOCALS~1\\Temp\\8exinjs.r.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\SOSPIE~1\\LOCALS~1\\Temp\\64exmodul32f.b.exe"="C:\\DOCUME~1\\SOSPIE~1\\LOCALS~1\\Temp\\64exmodul32f.b.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\SOSPIE~1\\LOCALS~1\\Temp\\9exinjs.r.exe"="C:\\DOCUME~1\\SOSPIE~1\\LOCALS~1\\Temp\\9exinjs.r.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\SOSPIE~1\\LOCALS~1\\Temp\\1exmodul32f.b.exe"="C:\\DOCUME~1\\SOSPIE~1\\LOCALS~1\\Temp\\1exmodul32f.b.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\SOSPIE~1\\LOCALS~1\\Temp\\38exinjs.r.exe"="C:\\DOCUME~1\\SOSPIE~1\\LOCALS~1\\Temp\\38exinjs.r.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\SOSPIE~1\\LOCALS~1\\Temp\\23exmodul32f.b.exe"="C:\\DOCUME~1\\SOSPIE~1\\LOCALS~1\\Temp\\23exmodul32f.b.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\SOSPIE~1\\LOCALS~1\\Temp\\98exinjs.r.exe"="C:\\DOCUME~1\\SOSPIE~1\\LOCALS~1\\Temp\\98exinjs.r.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\SOSPIE~1\\LOCALS~1\\Temp\\51exmodul32f.b.exe"="C:\\DOCUME~1\\SOSPIE~1\\LOCALS~1\\Temp\\51exmodul32f.b.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\SOSPIE~1\\LOCALS~1\\Temp\\76exmodul32f.b.exe"="C:\\DOCUME~1\\SOSPIE~1\\LOCALS~1\\Temp\\76exmodul32f.b.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\SOSPIE~1\\LOCALS~1\\Temp\\89exinjs.r.exe"="C:\\DOCUME~1\\SOSPIE~1\\LOCALS~1\\Temp\\89exinjs.r.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\SOSPIE~1\\LOCALS~1\\Temp\\35exmodul32f.b.exe"="C:\\DOCUME~1\\SOSPIE~1\\LOCALS~1\\Temp\\35exmodul32f.b.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\SOSPIE~1\\LOCALS~1\\Temp\\84exinjs.r.exe"="C:\\DOCUME~1\\SOSPIE~1\\LOCALS~1\\Temp\\84exinjs.r.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\SOSPIE~1\\LOCALS~1\\Temp\\54exinjs.r.exe"="C:\\DOCUME~1\\SOSPIE~1\\LOCALS~1\\Temp\\54exinjs.r.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\SOSPIE~1\\LOCALS~1\\Temp\\26exmodul32f.b.exe"="C:\\DOCUME~1\\SOSPIE~1\\LOCALS~1\\Temp\\26exmodul32f.b.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\SOSPIE~1\\LOCALS~1\\Temp\\19exinjs.r.exe"="C:\\DOCUME~1\\SOSPIE~1\\LOCALS~1\\Temp\\19exinjs.r.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\SOSPIE~1\\LOCALS~1\\Temp\\56exmodul32f.b.exe"="C:\\DOCUME~1\\SOSPIE~1\\LOCALS~1\\Temp\\56exmodul32f.b.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\SOSPIE~1\\LOCALS~1\\Temp\\63exinjs.r.exe"="C:\\DOCUME~1\\SOSPIE~1\\LOCALS~1\\Temp\\63exinjs.r.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\SOSPIE~1\\LOCALS~1\\Temp\\66exmodul32f.b.exe"="C:\\DOCUME~1\\SOSPIE~1\\LOCALS~1\\Temp\\66exmodul32f.b.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\SOSPIE~1\\LOCALS~1\\Temp\\93exinjs.r.exe"="C:\\DOCUME~1\\SOSPIE~1\\LOCALS~1\\Temp\\93exinjs.r.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\SOSPIE~1\\LOCALS~1\\Temp\\70exmodul32f.b.exe"="C:\\DOCUME~1\\SOSPIE~1\\LOCALS~1\\Temp\\70exmodul32f.b.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\SOSPIE~1\\LOCALS~1\\Temp\\86exinjs.r.exe"="C:\\DOCUME~1\\SOSPIE~1\\LOCALS~1\\Temp\\86exinjs.r.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\SOSPIE~1\\LOCALS~1\\Temp\\35exinjs.r.exe"="C:\\DOCUME~1\\SOSPIE~1\\LOCALS~1\\Temp\\35exinjs.r.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\SOSPIE~1\\LOCALS~1\\Temp\\9exmodul32f.b.exe"="C:\\DOCUME~1\\SOSPIE~1\\LOCALS~1\\Temp\\9exmodul32f.b.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\SOSPIE~1\\LOCALS~1\\Temp\\26exinjs.r.exe"="C:\\DOCUME~1\\SOSPIE~1\\LOCALS~1\\Temp\\26exinjs.r.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\SOSPIE~1\\LOCALS~1\\Temp\\8exmodul32f.b.exe"="C:\\DOCUME~1\\SOSPIE~1\\LOCALS~1\\Temp\\8exmodul32f.b.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\SOSPIE~1\\LOCALS~1\\Temp\\43exinjs.r.exe"="C:\\DOCUME~1\\SOSPIE~1\\LOCALS~1\\Temp\\43exinjs.r.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\SOSPIE~1\\LOCALS~1\\Temp\\53exinjs.r.exe"="C:\\DOCUME~1\\SOSPIE~1\\LOCALS~1\\Temp\\53exinjs.r.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\SOSPIE~1\\LOCALS~1\\Temp\\19exmodul32f.b.exe"="C:\\DOCUME~1\\SOSPIE~1\\LOCALS~1\\Temp\\19exmodul32f.b.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\SOSPIE~1\\LOCALS~1\\Temp\\61exinjs.r.exe"="C:\\DOCUME~1\\SOSPIE~1\\LOCALS~1\\Temp\\61exinjs.r.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\SOSPIE~1\\LOCALS~1\\Temp\\1exinjs.r.exe"="C:\\DOCUME~1\\SOSPIE~1\\LOCALS~1\\Temp\\1exinjs.r.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\SOSPIE~1\\LOCALS~1\\Temp\\92exinjs.r.exe"="C:\\DOCUME~1\\SOSPIE~1\\LOCALS~1\\Temp\\92exinjs.r.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\SOSPIE~1\\LOCALS~1\\Temp\\45exinjs.r.exe"="C:\\DOCUME~1\\SOSPIE~1\\LOCALS~1\\Temp\\45exinjs.r.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\SOSPIE~1\\LOCALS~1\\Temp\\75exinjs.r.exe"="C:\\DOCUME~1\\SOSPIE~1\\LOCALS~1\\Temp\\75exinjs.r.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\SOSPIE~1\\LOCALS~1\\Temp\\42exinjs.r.exe"="C:\\DOCUME~1\\SOSPIE~1\\LOCALS~1\\Temp\\42exinjs.r.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\SOSPIE~1\\LOCALS~1\\Temp\\70exinjs.r.exe"="C:\\DOCUME~1\\SOSPIE~1\\LOCALS~1\\Temp\\70exinjs.r.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\SOSPIE~1\\LOCALS~1\\Temp\\34exinjs.r.exe"="C:\\DOCUME~1\\SOSPIE~1\\LOCALS~1\\Temp\\34exinjs.r.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\SOSPIE~1\\LOCALS~1\\Temp\\41exinjs.r.exe"="C:\\DOCUME~1\\SOSPIE~1\\LOCALS~1\\Temp\\41exinjs.r.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\SOSPIE~1\\LOCALS~1\\Temp\\78exinjs.r.exe"="C:\\DOCUME~1\\SOSPIE~1\\LOCALS~1\\Temp\\78exinjs.r.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\SOSPIE~1\\LOCALS~1\\Temp\\76exinjs.r.exe"="C:\\DOCUME~1\\SOSPIE~1\\LOCALS~1\\Temp\\76exinjs.r.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\SOSPIE~1\\LOCALS~1\\Temp\\28exinjs.r.exe"="C:\\DOCUME~1\\SOSPIE~1\\LOCALS~1\\Temp\\28exinjs.r.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\SOSPIE~1\\LOCALS~1\\Temp\\44exinjs.r.exe"="C:\\DOCUME~1\\SOSPIE~1\\LOCALS~1\\Temp\\44exinjs.r.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\SOSPIE~1\\LOCALS~1\\Temp\\83exinjs.r.exe"="C:\\DOCUME~1\\SOSPIE~1\\LOCALS~1\\Temp\\83exinjs.r.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\SOSPIE~1\\LOCALS~1\\Temp\\94exinjs.r.exe"="C:\\DOCUME~1\\SOSPIE~1\\LOCALS~1\\Temp\\94exinjs.r.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\SOSPIE~1\\LOCALS~1\\Temp\\95exinjs.r.exe"="C:\\DOCUME~1\\SOSPIE~1\\LOCALS~1\\Temp\\95exinjs.r.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\SOSPIE~1\\LOCALS~1\\Temp\\9exmodul32f.c.exe"="C:\\DOCUME~1\\SOSPIE~1\\LOCALS~1\\Temp\\9exmodul32f.c.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\SOSPIE~1\\LOCALS~1\\Temp\\48exmodul32f.d.exe"="C:\\DOCUME~1\\SOSPIE~1\\LOCALS~1\\Temp\\48exmodul32f.d.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\SOSPIE~1\\LOCALS~1\\Temp\\74exinjs.s.exe"="C:\\DOCUME~1\\SOSPIE~1\\LOCALS~1\\Temp\\74exinjs.s.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\SOSPIE~1\\LOCALS~1\\Temp\\37exmodul32f.d.exe"="C:\\DOCUME~1\\SOSPIE~1\\LOCALS~1\\Temp\\37exmodul32f.d.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\SOSPIE~1\\LOCALS~1\\Temp\\41exinjs.s.exe"="C:\\DOCUME~1\\SOSPIE~1\\LOCALS~1\\Temp\\41exinjs.s.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\SOSPIE~1\\LOCALS~1\\Temp\\32exmodul32f.d.exe"="C:\\DOCUME~1\\SOSPIE~1\\LOCALS~1\\Temp\\32exmodul32f.d.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\SOSPIE~1\\LOCALS~1\\Temp\\18exinjs.s.exe"="C:\\DOCUME~1\\SOSPIE~1\\LOCALS~1\\Temp\\18exinjs.s.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\SOSPIE~1\\LOCALS~1\\Temp\\0exmodul32f.e.exe"="C:\\DOCUME~1\\SOSPIE~1\\LOCALS~1\\Temp\\0exmodul32f.e.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\SOSPIE~1\\LOCALS~1\\Temp\\15exinjs.s.exe"="C:\\DOCUME~1\\SOSPIE~1\\LOCALS~1\\Temp\\15exinjs.s.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\SOSPIE~1\\LOCALS~1\\Temp\\54exmodul32f.i.exe"="C:\\DOCUME~1\\SOSPIE~1\\LOCALS~1\\Temp\\54exmodul32f.i.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\SOSPIE~1\\LOCALS~1\\Temp\\24exinjs.t.exe"="C:\\DOCUME~1\\SOSPIE~1\\LOCALS~1\\Temp\\24exinjs.t.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\SOSPIE~1\\LOCALS~1\\Temp\\98exmodul32f.i.exe"="C:\\DOCUME~1\\SOSPIE~1\\LOCALS~1\\Temp\\98exmodul32f.i.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\SOSPIE~1\\LOCALS~1\\Temp\\31exinjs.t.exe"="C:\\DOCUME~1\\SOSPIE~1\\LOCALS~1\\Temp\\31exinjs.t.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\SOSPIE~1\\LOCALS~1\\Temp\\44exmodul32f.i.exe"="C:\\DOCUME~1\\SOSPIE~1\\LOCALS~1\\Temp\\44exmodul32f.i.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\SOSPIE~1\\LOCALS~1\\Temp\\21exinjs.t.exe"="C:\\DOCUME~1\\SOSPIE~1\\LOCALS~1\\Temp\\21exinjs.t.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\SOSPIE~1\\LOCALS~1\\Temp\\4exmodul32f.i.exe"="C:\\DOCUME~1\\SOSPIE~1\\LOCALS~1\\Temp\\4exmodul32f.i.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\SOSPIE~1\\LOCALS~1\\Temp\\40exinjs.t.exe"="C:\\DOCUME~1\\SOSPIE~1\\LOCALS~1\\Temp\\40exinjs.t.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\SOSPIE~1\\LOCALS~1\\Temp\\6exmodul32f.i.exe"="C:\\DOCUME~1\\SOSPIE~1\\LOCALS~1\\Temp\\6exmodul32f.i.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\SOSPIE~1\\LOCALS~1\\Temp\\55exmodul32f.i.exe"="C:\\DOCUME~1\\SOSPIE~1\\LOCALS~1\\Temp\\55exmodul32f.i.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\SOSPIE~1\\LOCALS~1\\Temp\\69exmodul32f.i.exe"="C:\\DOCUME~1\\SOSPIE~1\\LOCALS~1\\Temp\\69exmodul32f.i.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\SOSPIE~1\\LOCALS~1\\Temp\\86exinjs.t.exe"="C:\\DOCUME~1\\SOSPIE~1\\LOCALS~1\\Temp\\86exinjs.t.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\SOSPIE~1\\LOCALS~1\\Temp\\99exmodul32f.i.exe"="C:\\DOCUME~1\\SOSPIE~1\\LOCALS~1\\Temp\\99exmodul32f.i.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\SOSPIE~1\\LOCALS~1\\Temp\\58exinjs.t.exe"="C:\\DOCUME~1\\SOSPIE~1\\LOCALS~1\\Temp\\58exinjs.t.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\SOSPIE~1\\LOCALS~1\\Temp\\60exmodul32f.i.exe"="C:\\DOCUME~1\\SOSPIE~1\\LOCALS~1\\Temp\\60exmodul32f.i.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\SOSPIE~1\\LOCALS~1\\Temp\\85exinjs.t.exe"="C:\\DOCUME~1\\SOSPIE~1\\LOCALS~1\\Temp\\85exinjs.t.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\SOSPIE~1\\LOCALS~1\\Temp\\78exmodul32f.i.exe"="C:\\DOCUME~1\\SOSPIE~1\\LOCALS~1\\Temp\\78exmodul32f.i.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\SOSPIE~1\\LOCALS~1\\Temp\\82exinjs.t.exe"="C:\\DOCUME~1\\SOSPIE~1\\LOCALS~1\\Temp\\82exinjs.t.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\SOSPIE~1\\LOCALS~1\\Temp\\34exmodul32f.i.exe"="C:\\DOCUME~1\\SOSPIE~1\\LOCALS~1\\Temp\\34exmodul32f.i.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\SOSPIE~1\\LOCALS~1\\Temp\\96exinjs.t.exe"="C:\\DOCUME~1\\SOSPIE~1\\LOCALS~1\\Temp\\96exinjs.t.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\SOSPIE~1\\LOCALS~1\\Temp\\25exinjs.t.exe"="C:\\DOCUME~1\\SOSPIE~1\\LOCALS~1\\Temp\\25exinjs.t.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\SOSPIE~1\\LOCALS~1\\Temp\\37exmodul32f.i.exe"="C:\\DOCUME~1\\SOSPIE~1\\LOCALS~1\\Temp\\37exmodul32f.i.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\SOSPIE~1\\LOCALS~1\\Temp\\69exinjs.t.exe"="C:\\DOCUME~1\\SOSPIE~1\\LOCALS~1\\Temp\\69exinjs.t.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\SOSPIE~1\\LOCALS~1\\Temp\\74exinjs.t.exe"="C:\\DOCUME~1\\SOSPIE~1\\LOCALS~1\\Temp\\74exinjs.t.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\SOSPIE~1\\LOCALS~1\\Temp\\64exmodul32f.i.exe"="C:\\DOCUME~1\\SOSPIE~1\\LOCALS~1\\Temp\\64exmodul32f.i.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\SOSPIE~1\\LOCALS~1\\Temp\\7exmodul32f.i.exe"="C:\\DOCUME~1\\SOSPIE~1\\LOCALS~1\\Temp\\7exmodul32f.i.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\SOSPIE~1\\LOCALS~1\\Temp\\16exinjs.t.exe"="C:\\DOCUME~1\\SOSPIE~1\\LOCALS~1\\Temp\\16exinjs.t.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\SOSPIE~1\\LOCALS~1\\Temp\\49exinjs.t.exe"="C:\\DOCUME~1\\SOSPIE~1\\LOCALS~1\\Temp\\49exinjs.t.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\SOSPIE~1\\LOCALS~1\\Temp\\65exmodul32f.i.exe"="C:\\DOCUME~1\\SOSPIE~1\\LOCALS~1\\Temp\\65exmodul32f.i.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\SOSPIE~1\\LOCALS~1\\Temp\\95exinjs.t.exe"="C:\\DOCUME~1\\SOSPIE~1\\LOCALS~1\\Temp\\95exinjs.t.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\SOSPIE~1\\LOCALS~1\\Temp\\46exmodul32f.i.exe"="C:\\DOCUME~1\\SOSPIE~1\\LOCALS~1\\Temp\\46exmodul32f.i.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\SOSPIE~1\\LOCALS~1\\Temp\\17exmodul32f.i.exe"="C:\\DOCUME~1\\SOSPIE~1\\LOCALS~1\\Temp\\17exmodul32f.i.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\SOSPIE~1\\LOCALS~1\\Temp\\99exinjs.t.exe"="C:\\DOCUME~1\\SOSPIE~1\\LOCALS~1\\Temp\\99exinjs.t.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\SOSPIE~1\\LOCALS~1\\Temp\\58exmodul32f.i.exe"="C:\\DOCUME~1\\SOSPIE~1\\LOCALS~1\\Temp\\58exmodul32f.i.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\SOSPIE~1\\LOCALS~1\\Temp\\62exinjs.t.exe"="C:\\DOCUME~1\\SOSPIE~1\\LOCALS~1\\Temp\\62exinjs.t.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\SOSPIE~1\\LOCALS~1\\Temp\\93exmodul32f.i.exe"="C:\\DOCUME~1\\SOSPIE~1\\LOCALS~1\\Temp\\93exmodul32f.i.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\SOSPIE~1\\LOCALS~1\\Temp\\61exmodul32f.i.exe"="C:\\DOCUME~1\\SOSPIE~1\\LOCALS~1\\Temp\\61exmodul32f.i.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\SOSPIE~1\\LOCALS~1\\Temp\\3exinjs.t.exe"="C:\\DOCUME~1\\SOSPIE~1\\LOCALS~1\\Temp\\3exinjs.t.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\SOSPIE~1\\LOCALS~1\\Temp\\23exmodul32f.i.exe"="C:\\DOCUME~1\\SOSPIE~1\\LOCALS~1\\Temp\\23exmodul32f.i.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\SOSPIE~1\\LOCALS~1\\Temp\\79exmodul32f.i.exe"="C:\\DOCUME~1\\SOSPIE~1\\LOCALS~1\\Temp\\79exmodul32f.i.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\SOSPIE~1\\LOCALS~1\\Temp\\12exmodul32f.i.exe"="C:\\DOCUME~1\\SOSPIE~1\\LOCALS~1\\Temp\\12exmodul32f.i.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\SOSPIE~1\\LOCALS~1\\Temp\\73exinjs.t.exe"="C:\\DOCUME~1\\SOSPIE~1\\LOCALS~1\\Temp\\73exinjs.t.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\SOSPIE~1\\LOCALS~1\\Temp\\87exmodul32f.i.exe"="C:\\DOCUME~1\\SOSPIE~1\\LOCALS~1\\Temp\\87exmodul32f.i.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\SOSPIE~1\\LOCALS~1\\Temp\\56exmodul32f.i.exe"="C:\\DOCUME~1\\SOSPIE~1\\LOCALS~1\\Temp\\56exmodul32f.i.exe:*:Enabled:Microsoft Update"
"C:\\Program Files\\Microsoft ActiveSync\\rapimgr.exe"="C:\\Program Files\\Microsoft ActiveSync\\rapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI Manager"
"C:\\Program Files\\Microsoft ActiveSync\\wcescomm.exe"="C:\\Program Files\\Microsoft ActiveSync\\wcescomm.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Connection Manager"
"C:\\Program Files\\Microsoft ActiveSync\\WCESMgr.exe"="C:\\Program Files\\Microsoft ActiveSync\\WCESMgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Application"


[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\\Program Files\\MSN Messenger\\msnmsgr.exe"="C:\\Program Files\\MSN Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.0"
"C:\\Program Files\\MSN Messenger\\msncall.exe"="C:\\Program Files\\MSN Messenger\\msncall.exe:*:Enabled:Windows Live Messenger 8.0 (Phone)"
"C:\\Program Files\\Microsoft ActiveSync\\rapimgr.exe"="C:\\Program Files\\Microsoft ActiveSync\\rapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI Manager"
"C:\\Program Files\\Microsoft ActiveSync\\wcescomm.exe"="C:\\Program Files\\Microsoft ActiveSync\\wcescomm.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Connection Manager"
"C:\\Program Files\\Microsoft ActiveSync\\WCESMgr.exe"="C:\\Program Files\\Microsoft ActiveSync\\WCESMgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Application"


Remaining Files:
---------------

Backups Folder: - C:\SDFix\backups\backups.zip

Remaining files with hidden attributes:

C:\Documents and Settings\Sos Pierre\Local Settings\Application Data\Microsoft\Messenger\sala_max@hotmail.com\Sharing Folders\lorenzoboss1@hotmail.com\Thumbs.db
C:\Documents and Settings\Sos Pierre\Local Settings\Application Data\Microsoft\Messenger\sala_max@hotmail.com\Sharing Folders\poupou574@hotmail.fr\Thumbs.db
C:\WINDOWS\system32\cdplayer.exe.manifest
C:\WINDOWS\system32\logonui.exe.manifest
C:\IO.SYS
C:\MSDOS.SYS
C:\pagefile.sys
C:\Documents and Settings\All Users\DRM\Cache\Indiv01.tmp

Finished
Après j'ai exécuté le Fixwareout, comme expliqué sur différents posts, voici donc le rapport:


Fixwareout
Last edited 1/14/2006
Post this report in the forums please
...
Prerun check
»»»»» HKLM run and Winlogon System values
»»»»» System restarted
...
Reg Entries that were deleted
...
Random Runs removed from HKLM
...

PLEASE NOTE, There WILL be LEGITIMATE FILES LISTED. IF YOU ARE UNSURE OF WHAT IT IS LEAVE THEM ALONE.

»»»»» Searching by size/names...

»»»»»
Search five digit cs, dm kd and jb files.
This WILL/CAN also list Legit Files, Submit them at Virustotal

Other suspects.

»»»»» Misc files.

»»»»» Checking for older varients covered by the Rem3 tool.

»»»»» Postrun check
»»»»» HKLM run
»»»»» Winlogon System value
"system"=""
»»»»»

Pour être certain, j'ai exécuté HIJACKTHIS, voici également le rapport:
Logfile of HijackThis v1.99.1
Scan saved at 14:25:47, on 17/01/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\LEXPPS.EXE
c:\program files\fichiers communs\logitech\lvmvfm\LVPrcSrv.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe
C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\system32\NOTEPAD.EXE
C:\Program Files\Analog Devices\SoundMAX\Smax4.exe
C:\Program Files\Lexmark X1100 Series\lxbkbmgr.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\ASUSTeK\ASUSDVD\PDVDServ.exe
C:\Program Files\Lexmark X1100 Series\lxbkbmon.exe
C:\Program Files\DAEMON Tools\daemon.exe
C:\Program Files\Macrogaming\SweetIM\SweetIM.exe
C:\Program Files\Logitech\Video\CameraAssistant.exe
C:\WINDOWS\system32\ElkCtrl.exe
C:\WINDOWS\system32\LVCOMSX.EXE
C:\Program Files\Analog Devices\Core\smax4pnp.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.0\Apps\apdproxy.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Microsoft ActiveSync\wcescomm.exe
C:\Program Files\Poste de Travail Sans Fil Labtec\MagicKey.exe
C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
C:\PROGRA~1\MI3AA1~1\rapimgr.exe
C:\Program Files\PowerArchiver\POWERARC.EXE
C:\DOCUME~1\SOSPIE~1\LOCALS~1\Temp\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: SweetIM For Internet Explorer - {BC4FFE41-DE9F-46fa-B455-AAD49B9F9938} - C:\Program Files\Macrogaming\SweetIMBarForIE\toolbar.dll
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: Alcohol Toolbar Helper - {0ACF00E0-C1E4-4F6B-B290-10AC7505C47A} - C:\Program Files\Alcohol Toolbar\v3.0.0.0\AudioGizmo_Toolbar.dll
O2 - BHO: SWEETIE Class - {1A0AADCD-3A72-4b5f-900F-E3BB5A838E2A} - C:\PROGRA~1\MACROG~1\SWEETI~1\toolbar.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: Alcohol Toolbar - {DC59A0D4-0ED6-4A73-B356-1B977F2A7725} - C:\Program Files\Alcohol Toolbar\v3.0.0.0\AudioGizmo_Toolbar.dll
O3 - Toolbar: SweetIM For Internet Explorer - {BC4FFE41-DE9F-46fa-B455-AAD49B9F9938} - C:\Program Files\Macrogaming\SweetIMBarForIE\toolbar.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
O4 - HKLM\..\Run: [High Definition Audio Property Page Shortcut] HDAShCut.exe
O4 - HKLM\..\Run: [SoundMAX] "C:\Program Files\Analog Devices\SoundMAX\Smax4.exe" /tray
O4 - HKLM\..\Run: [Lexmark X1100 Series] "C:\Program Files\Lexmark X1100 Series\lxbkbmgr.exe"
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\ASUSTeK\ASUSDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [DAEMON Tools] "C:\Program Files\DAEMON Tools\daemon.exe" -lang 1033
O4 - HKLM\..\Run: [SweetIM] C:\Program Files\Macrogaming\SweetIM\SweetIM.exe
O4 - HKLM\..\Run: [LogitechCameraAssistant] C:\Program Files\Logitech\Video\CameraAssistant.exe
O4 - HKLM\..\Run: [LogitechVideo[inspector]] C:\Program Files\Logitech\Video\InstallHelper.exe /inspect
O4 - HKLM\..\Run: [LogitechCameraService(E)] C:\WINDOWS\system32\ElkCtrl.exe /automation
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.0\Apps\apdproxy.exe"
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKCU\..\Run: [SweetIM] C:\Program Files\Macrogaming\SweetIM\SweetIM.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [gStart] C:\Garmin\gStart.exe
O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Program Files\Microsoft ActiveSync\wcescomm.exe"
O4 - Global Startup: Activer le Poste de Travail Sans Fil Labtec.lnk = C:\Program Files\Poste de Travail Sans Fil Labtec\MagicKey.exe
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: BlueSoleil.lnk = C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleil.exe
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\system32\msjava.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\system32\msjava.dll
O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll
O9 - Extra 'Tools' menuitem: Créer un favori mobile... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O14 - IERESET.INF: START_PAGE_URL=http://www.files-ftp.com/~unicorni/phpBB2/index.php
O15 - Trusted Zone: https://docs.microsoft.com/en-us/windows/security/threat-protection/intelligence/safety-scanner-download
O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab31267.cab
O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab31267.cab
O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} (Windows Live Safety Center Base Module) - http://cdn.scan.safety.live.com/resource/download/scanner/wlscbase8460.cab
O16 - DPF: {6E5E167B-1566-4316-B27F-0DDAB3484CF7} (Image Uploader Control) - http://tools.ebay.be/easylister/components/ImageUploader4.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: BlueSoleil Hid Service - Unknown owner - C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
O23 - Service: Logitech Process Monitor (LVPrcSrv) - Logitech Inc. - c:\program files\fichiers communs\logitech\lvmvfm\LVPrcSrv.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: StarWind iSCSI Service (StarWindService) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe
O23 - Service: TuneUp WinStyler Theme Service (TUWinStylerThemeSvc) - TuneUp Software GmbH - C:\Program Files\TuneUp Utilities 2006\WinStylerThemeSvc.exe

Je suis nul en tout ce qui est sécurité et antivirus, chaque fois, c'est un calvaire pour retirer ces petites bèbètes.

Pourriez vous m'aider et confirmer si j'ai réussi à le virer ou pas.

Merci d'avance
A voir également:

7 réponses

Réponse 1 / 7
Keruit
17 janv. 2007 à 14:48
slt Zelourd,

As-tu vraiment besoin des barres de tâches « ALCOHOL » et « SWEETIM » ?

Parce qu'elles ne me plaisent pas !
0
zelourd Messages postés 5 Date d'inscription mercredi 25 mai 2005 Statut Membre Dernière intervention 17 janvier 2007
17 janv. 2007 à 17:17
je savais meme pas qu'elles étaient installées, je les vois pas dans ma barre d'outil.

Comment je peux les effacer, merci pour ton conseil, c'est vrai qu'en général ce type d'outil vient avec pleins de spyware ou autre saloperie.
0
Réponse 2 / 7
Lyonnais92 Messages postés 25159 Date d'inscription vendredi 23 juin 2006 Statut Contributeur sécurité Dernière intervention 16 septembre 2016 1 536
17 janv. 2007 à 16:33
Bonjour,

le rapport est clean.

Tu n'as pas de parefeu.

Installe Kerio (gratuit même après la période d'esssai)

Lien de téléchargement et tuto d'installation et de réglage ici :
http://kerio.probb.fr/Systemesd-exploitation-c1/Logiciels-et-tutoriels-gratuits-tries-par-categorie-f6/Tutoriel-pour-Kerio-4-version-gratuite-t201.htm

Fais, pour vérification complémentaire (on peut être infecté avec un log HijackThis clean), les points 1 et 2 de ce lien :

virus methode preliminaire de desinfection version fr

poste un nouvel HijackThis
@+
0
zelourd Messages postés 5 Date d'inscription mercredi 25 mai 2005 Statut Membre Dernière intervention 17 janvier 2007
17 janv. 2007 à 17:19
en fait, j'avais jamais jugé utile de mettre un pare-feu vu que dans mon routeur, il y en a un qui est actif, étais-ce la mauvaise solution, si oui alors je vais mettre kerio et apprendre à l'utiliser, avant j'avais zonealarm, ça doit être le même genre mais vu qu'il a l'air pas mal non plus, je crois que je vais essayer.

merci à toi
0
Réponse 3 / 7
Lyonnais92 Messages postés 25159 Date d'inscription vendredi 23 juin 2006 Statut Contributeur sécurité Dernière intervention 16 septembre 2016 1 536
17 janv. 2007 à 18:31
Re,

Tu peux remettre Zone alarm.

Ce n'est pas la peine de réinvestir dans un nouvel outil si tu en connais un.

a ma connaissance, Kerio ou Za te permettent de contrôler tes sorties et pas seulement les flux entrants.

Par contre, j'insiste pour Bitdfender on line et AVG antispy. Fais ces scans et poste les log.

@+
0
Réponse 4 / 7
zelourd
18 janv. 2007 à 10:46
Voici le rapport d'AVG
---------------------------------------------------------
AVG Anti-Spyware - Rapport d'analyse
---------------------------------------------------------

+ Créé à: 21:25:34 17/01/2007

+ Résultat de l'analyse:



C:\Program Files\Macrogaming\SweetIMBarForIE\toolbar.dll -> Adware.BHO : Ignoré.
HKU\S-1-5-21-1060284298-1592454029-839522115-1003\Software\Internet Security -> Adware.Generic : Ignoré.
C:\Program Files\DAEMON Tools\SetupDTSB.exe -> Adware.SaveNow : Ignoré.
L:\Document Nicolas\gta\HOODLUM\HLM-INTR.EXE -> Backdoor.Hupigon.kg : Ignoré.
C:\Documents and Settings\Sos Pierre\Local Settings\Temp\setup.exe -> Downloader.Agent.aii : Ignoré.
D:\Peer2p\Incoming\setup.exe -> Downloader.Agent.aii : Ignoré.
C:\Documents and Settings\Sos Pierre\Local Settings\Temp\12exssd32.a3.exe -> Downloader.Agent.beg : Ignoré.
C:\Documents and Settings\Sos Pierre\Local Settings\Temp\22exssd32.a3.exe -> Downloader.Agent.beg : Ignoré.
C:\Documents and Settings\Sos Pierre\Local Settings\Temp\29exssd32.a3.exe -> Downloader.Agent.beg : Ignoré.
C:\Documents and Settings\Sos Pierre\Local Settings\Temp\32exssd32.a3.exe -> Downloader.Agent.beg : Ignoré.
C:\Documents and Settings\Sos Pierre\Local Settings\Temp\3exssd32.a3.exe -> Downloader.Agent.beg : Ignoré.
C:\Documents and Settings\Sos Pierre\Local Settings\Temp\45exssd32.a3.exe -> Downloader.Agent.beg : Ignoré.
C:\Documents and Settings\Sos Pierre\Local Settings\Temp\46exssd32.a3.exe -> Downloader.Agent.beg : Ignoré.
C:\Documents and Settings\Sos Pierre\Local Settings\Temp\65exssd32.a3.exe -> Downloader.Agent.beg : Ignoré.
C:\Documents and Settings\Sos Pierre\Local Settings\Temp\67exssd32.a3.exe -> Downloader.Agent.beg : Ignoré.
J:\System Volume Information\_restore{BE765FE8-2C7C-41B8-B98A-CB972A722702}\RP24\A0001581.exe -> Not-A-Virus.RemoteAdmin.Win32.WinVNC.333 : Ignoré.
J:\download programs\vncviewer.exe -> Not-A-Virus.RemoteAdmin.Win32.WinVNC.333 : Ignoré.
:mozilla.37:C:\Documents and Settings\Sos Pierre\Application Data\Mozilla\Firefox\Profiles\slpah8yn.default\cookies.txt -> TrackingCookie.247realmedia : Ignoré.
:mozilla.38:C:\Documents and Settings\Sos Pierre\Application Data\Mozilla\Firefox\Profiles\slpah8yn.default\cookies.txt -> TrackingCookie.247realmedia : Ignoré.
:mozilla.39:C:\Documents and Settings\Sos Pierre\Application Data\Mozilla\Firefox\Profiles\slpah8yn.default\cookies.txt -> TrackingCookie.247realmedia : Ignoré.
:mozilla.41:C:\Documents and Settings\Sos Pierre\Application Data\Mozilla\Firefox\Profiles\slpah8yn.default\cookies.txt -> TrackingCookie.247realmedia : Ignoré.
:mozilla.42:C:\Documents and Settings\Sos Pierre\Application Data\Mozilla\Firefox\Profiles\slpah8yn.default\cookies.txt -> TrackingCookie.247realmedia : Ignoré.
:mozilla.43:C:\Documents and Settings\Sos Pierre\Application Data\Mozilla\Firefox\Profiles\slpah8yn.default\cookies.txt -> TrackingCookie.247realmedia : Ignoré.
:mozilla.44:C:\Documents and Settings\Sos Pierre\Application Data\Mozilla\Firefox\Profiles\slpah8yn.default\cookies.txt -> TrackingCookie.247realmedia : Ignoré.
:mozilla.147:C:\Documents and Settings\Sos Pierre\Application Data\Mozilla\Firefox\Profiles\slpah8yn.default\cookies.txt -> TrackingCookie.2o7 : Ignoré.
:mozilla.148:C:\Documents and Settings\Sos Pierre\Application Data\Mozilla\Firefox\Profiles\slpah8yn.default\cookies.txt -> TrackingCookie.2o7 : Ignoré.
:mozilla.149:C:\Documents and Settings\Sos Pierre\Application Data\Mozilla\Firefox\Profiles\slpah8yn.default\cookies.txt -> TrackingCookie.2o7 : Ignoré.
:mozilla.150:C:\Documents and Settings\Sos Pierre\Application Data\Mozilla\Firefox\Profiles\slpah8yn.default\cookies.txt -> TrackingCookie.2o7 : Ignoré.
:mozilla.151:C:\Documents and Settings\Sos Pierre\Application Data\Mozilla\Firefox\Profiles\slpah8yn.default\cookies.txt -> TrackingCookie.2o7 : Ignoré.
:mozilla.295:C:\Documents and Settings\Sos Pierre\Application Data\Mozilla\Firefox\Profiles\slpah8yn.default\cookies.txt -> TrackingCookie.Adocean : Ignoré.
:mozilla.296:C:\Documents and Settings\Sos Pierre\Application Data\Mozilla\Firefox\Profiles\slpah8yn.default\cookies.txt -> TrackingCookie.Adocean : Ignoré.
:mozilla.135:C:\Documents and Settings\Sos Pierre\Application Data\Mozilla\Firefox\Profiles\slpah8yn.default\cookies.txt -> TrackingCookie.Adtech : Ignoré.
:mozilla.136:C:\Documents and Settings\Sos Pierre\Application Data\Mozilla\Firefox\Profiles\slpah8yn.default\cookies.txt -> TrackingCookie.Adtech : Ignoré.
:mozilla.311:C:\Documents and Settings\Sos Pierre\Application Data\Mozilla\Firefox\Profiles\slpah8yn.default\cookies.txt -> TrackingCookie.Advertising : Ignoré.
:mozilla.91:C:\Documents and Settings\Sos Pierre\Application Data\Mozilla\Firefox\Profiles\slpah8yn.default\cookies.txt -> TrackingCookie.Atdmt : Ignoré.
:mozilla.89:C:\Documents and Settings\Sos Pierre\Application Data\Mozilla\Firefox\Profiles\slpah8yn.default\cookies.txt -> TrackingCookie.Bluestreak : Ignoré.
:mozilla.121:C:\Documents and Settings\Sos Pierre\Application Data\Mozilla\Firefox\Profiles\slpah8yn.default\cookies.txt -> TrackingCookie.Doubleclick : Ignoré.
:mozilla.124:C:\Documents and Settings\Sos Pierre\Application Data\Mozilla\Firefox\Profiles\slpah8yn.default\cookies.txt -> TrackingCookie.Esomniture : Ignoré.
:mozilla.205:C:\Documents and Settings\Sos Pierre\Application Data\Mozilla\Firefox\Profiles\slpah8yn.default\cookies.txt -> TrackingCookie.Esomniture : Ignoré.
:mozilla.206:C:\Documents and Settings\Sos Pierre\Application Data\Mozilla\Firefox\Profiles\slpah8yn.default\cookies.txt -> TrackingCookie.Esomniture : Ignoré.
:mozilla.271:C:\Documents and Settings\Sos Pierre\Application Data\Mozilla\Firefox\Profiles\slpah8yn.default\cookies.txt -> TrackingCookie.Esomniture : Ignoré.
:mozilla.272:C:\Documents and Settings\Sos Pierre\Application Data\Mozilla\Firefox\Profiles\slpah8yn.default\cookies.txt -> TrackingCookie.Esomniture : Ignoré.
:mozilla.276:C:\Documents and Settings\Sos Pierre\Application Data\Mozilla\Firefox\Profiles\slpah8yn.default\cookies.txt -> TrackingCookie.Esomniture : Ignoré.
:mozilla.277:C:\Documents and Settings\Sos Pierre\Application Data\Mozilla\Firefox\Profiles\slpah8yn.default\cookies.txt -> TrackingCookie.Esomniture : Ignoré.
:mozilla.279:C:\Documents and Settings\Sos Pierre\Application Data\Mozilla\Firefox\Profiles\slpah8yn.default\cookies.txt -> TrackingCookie.Esomniture : Ignoré.
:mozilla.280:C:\Documents and Settings\Sos Pierre\Application Data\Mozilla\Firefox\Profiles\slpah8yn.default\cookies.txt -> TrackingCookie.Esomniture : Ignoré.
:mozilla.281:C:\Documents and Settings\Sos Pierre\Application Data\Mozilla\Firefox\Profiles\slpah8yn.default\cookies.txt -> TrackingCookie.Esomniture : Ignoré.
:mozilla.319:C:\Documents and Settings\Sos Pierre\Application Data\Mozilla\Firefox\Profiles\slpah8yn.default\cookies.txt -> TrackingCookie.Esomniture : Ignoré.
:mozilla.330:C:\Documents and Settings\Sos Pierre\Application Data\Mozilla\Firefox\Profiles\slpah8yn.default\cookies.txt -> TrackingCookie.Esomniture : Ignoré.
:mozilla.331:C:\Documents and Settings\Sos Pierre\Application Data\Mozilla\Firefox\Profiles\slpah8yn.default\cookies.txt -> TrackingCookie.Esomniture : Ignoré.
:mozilla.332:C:\Documents and Settings\Sos Pierre\Application Data\Mozilla\Firefox\Profiles\slpah8yn.default\cookies.txt -> TrackingCookie.Esomniture : Ignoré.
:mozilla.53:C:\Documents and Settings\Sos Pierre\Application Data\Mozilla\Firefox\Profiles\slpah8yn.default\cookies.txt -> TrackingCookie.Estat : Ignoré.
:mozilla.138:C:\Documents and Settings\Sos Pierre\Application Data\Mozilla\Firefox\Profiles\slpah8yn.default\cookies.txt -> TrackingCookie.Fastclick : Ignoré.
:mozilla.139:C:\Documents and Settings\Sos Pierre\Application Data\Mozilla\Firefox\Profiles\slpah8yn.default\cookies.txt -> TrackingCookie.Fastclick : Ignoré.
:mozilla.54:C:\Documents and Settings\Sos Pierre\Application Data\Mozilla\Firefox\Profiles\slpah8yn.default\cookies.txt -> TrackingCookie.Googleadservices : Ignoré.
:mozilla.350:C:\Documents and Settings\Sos Pierre\Application Data\Mozilla\Firefox\Profiles\slpah8yn.default\cookies.txt -> TrackingCookie.Hitbox : Ignoré.
:mozilla.351:C:\Documents and Settings\Sos Pierre\Application Data\Mozilla\Firefox\Profiles\slpah8yn.default\cookies.txt -> TrackingCookie.Hitbox : Ignoré.
:mozilla.352:C:\Documents and Settings\Sos Pierre\Application Data\Mozilla\Firefox\Profiles\slpah8yn.default\cookies.txt -> TrackingCookie.Hitbox : Ignoré.
:mozilla.95:C:\Documents and Settings\Sos Pierre\Application Data\Mozilla\Firefox\Profiles\slpah8yn.default\cookies.txt -> TrackingCookie.Mediaplex : Ignoré.
:mozilla.96:C:\Documents and Settings\Sos Pierre\Application Data\Mozilla\Firefox\Profiles\slpah8yn.default\cookies.txt -> TrackingCookie.Mediaplex : Ignoré.
:mozilla.165:C:\Documents and Settings\Sos Pierre\Application Data\Mozilla\Firefox\Profiles\slpah8yn.default\cookies.txt -> TrackingCookie.Overture : Ignoré.
:mozilla.166:C:\Documents and Settings\Sos Pierre\Application Data\Mozilla\Firefox\Profiles\slpah8yn.default\cookies.txt -> TrackingCookie.Overture : Ignoré.
:mozilla.315:C:\Documents and Settings\Sos Pierre\Application Data\Mozilla\Firefox\Profiles\slpah8yn.default\cookies.txt -> TrackingCookie.Sitestat : Ignoré.
:mozilla.52:C:\Documents and Settings\Sos Pierre\Application Data\Mozilla\Firefox\Profiles\slpah8yn.default\cookies.txt -> TrackingCookie.Sitestat : Ignoré.
:mozilla.27:C:\Documents and Settings\Sos Pierre\Application Data\Mozilla\Firefox\Profiles\slpah8yn.default\cookies.txt -> TrackingCookie.Smartadserver : Ignoré.
:mozilla.28:C:\Documents and Settings\Sos Pierre\Application Data\Mozilla\Firefox\Profiles\slpah8yn.default\cookies.txt -> TrackingCookie.Smartadserver : Ignoré.
:mozilla.33:C:\Documents and Settings\Sos Pierre\Application Data\Mozilla\Firefox\Profiles\slpah8yn.default\cookies.txt -> TrackingCookie.Smartadserver : Ignoré.
:mozilla.302:C:\Documents and Settings\Sos Pierre\Application Data\Mozilla\Firefox\Profiles\slpah8yn.default\cookies.txt -> TrackingCookie.Spylog : Ignoré.
:mozilla.100:C:\Documents and Settings\Sos Pierre\Application Data\Mozilla\Firefox\Profiles\slpah8yn.default\cookies.txt -> TrackingCookie.Statcounter : Ignoré.
:mozilla.99:C:\Documents and Settings\Sos Pierre\Application Data\Mozilla\Firefox\Profiles\slpah8yn.default\cookies.txt -> TrackingCookie.Statcounter : Ignoré.
:mozilla.49:C:\Documents and Settings\Sos Pierre\Application Data\Mozilla\Firefox\Profiles\slpah8yn.default\cookies.txt -> TrackingCookie.Tradedoubler : Ignoré.
:mozilla.50:C:\Documents and Settings\Sos Pierre\Application Data\Mozilla\Firefox\Profiles\slpah8yn.default\cookies.txt -> TrackingCookie.Tradedoubler : Ignoré.
:mozilla.51:C:\Documents and Settings\Sos Pierre\Application Data\Mozilla\Firefox\Profiles\slpah8yn.default\cookies.txt -> TrackingCookie.Tradedoubler : Ignoré.
:mozilla.168:C:\Documents and Settings\Sos Pierre\Application Data\Mozilla\Firefox\Profiles\slpah8yn.default\cookies.txt -> TrackingCookie.Tribalfusion : Ignoré.
:mozilla.25:C:\Documents and Settings\Sos Pierre\Application Data\Mozilla\Firefox\Profiles\slpah8yn.default\cookies.txt -> TrackingCookie.Weborama : Ignoré.
:mozilla.26:C:\Documents and Settings\Sos Pierre\Application Data\Mozilla\Firefox\Profiles\slpah8yn.default\cookies.txt -> TrackingCookie.Weborama : Ignoré.
:mozilla.31:C:\Documents and Settings\Sos Pierre\Application Data\Mozilla\Firefox\Profiles\slpah8yn.default\cookies.txt -> TrackingCookie.Weborama : Ignoré.
:mozilla.32:C:\Documents and Settings\Sos Pierre\Application Data\Mozilla\Firefox\Profiles\slpah8yn.default\cookies.txt -> TrackingCookie.Weborama : Ignoré.
:mozilla.162:C:\Documents and Settings\Sos Pierre\Application Data\Mozilla\Firefox\Profiles\slpah8yn.default\cookies.txt -> TrackingCookie.Webtrendslive : Ignoré.
:mozilla.297:C:\Documents and Settings\Sos Pierre\Application Data\Mozilla\Firefox\Profiles\slpah8yn.default\cookies.txt -> TrackingCookie.Yadro : Ignoré.
:mozilla.299:C:\Documents and Settings\Sos Pierre\Application Data\Mozilla\Firefox\Profiles\slpah8yn.default\cookies.txt -> TrackingCookie.Yadro : Ignoré.
:mozilla.225:C:\Documents and Settings\Sos Pierre\Application Data\Mozilla\Firefox\Profiles\slpah8yn.default\cookies.txt -> TrackingCookie.Yieldmanager : Ignoré.
:mozilla.226:C:\Documents and Settings\Sos Pierre\Application Data\Mozilla\Firefox\Profiles\slpah8yn.default\cookies.txt -> TrackingCookie.Yieldmanager : Ignoré.
:mozilla.227:C:\Documents and Settings\Sos Pierre\Application Data\Mozilla\Firefox\Profiles\slpah8yn.default\cookies.txt -> TrackingCookie.Yieldmanager : Ignoré.
C:\Program Files\Media-Codec -> Trojan.Small : Ignoré.
0

Vous n’avez pas trouvé la réponse que vous recherchez ?

Posez votre question
Réponse 5 / 7
Lyonnais92 Messages postés 25159 Date d'inscription vendredi 23 juin 2006 Statut Contributeur sécurité Dernière intervention 16 septembre 2016 1 536
18 janv. 2007 à 12:26
Bonjour,

AVG n'a pas fonctionné. Il met "ignoré". Il faut que tu le relances en modifiant les options.

Sur la page "état", tu choisis inactif pour le bouclier résident.

Sur la page "mise à jour", tu coches les cases sur les mises à jour automatiques et tu fais une mise à jour manuelle (commencer la mise à jour). Tu redémarres l'ordinateur si nécessaire.

Sur la page "analyse", tu choisis d'abord l'onglet "paramètres". Tu coches "générer un rapport après chaque analyse" et "uniquement en cas de menaces". Tu choisis aussi l'option "quarantaine" pour "comment réagir", 'définir l'action par défaut ...'.


Aa fin de l'analyse, tu cliqueras sur "action", "appliquer toutes les actions" puis "enregistrer le rapport" puis "enregistrer le rapport sous". Tu suivras les instructions dans la fenêtre qui s'ouvre.
Ensuite, tu ouvriras le rapport avec le bloc-notes pour le copier/coller avec ta réponse.

Pour améliorer son efficacité, on va le passer en mode sans échec.

(au cas où tu ne saurais pas faire : tu tapotes la touche F8 dès le début de l’allumage du pc sans t’arrêter.
Une fenêtre va s’ouvrir tu te déplaces avec les flèches du clavier sur démarrer en mode sans échec puis tape entrée.
Une fois sur le bureau s’il n’y a pas toutes les couleurs et autres c’est normal !
(Si F8 ne marche pas utilise la touche F5).

@+
0
Réponse 6 / 7
zelourd
18 janv. 2007 à 22:01
voci le rapport d'avg
---------------------------------------------------------
AVG Anti-Spyware - Rapport d'analyse
---------------------------------------------------------

+ Créé à: 21:59:18 18/01/2007

+ Résultat de l'analyse:



C:\System Volume Information\_restore{19D10D9B-C72D-403A-A5B0-CFC41DD0D956}\RP509\A0080377.dll -> Adware.BHO : Nettoyé et sauvegardé (mise en quarantaine).
HKU\S-1-5-21-1060284298-1592454029-839522115-1003\Software\Internet Security -> Adware.Generic : Nettoyé et sauvegardé (mise en quarantaine).
C:\Program Files\DAEMON Tools\SetupDTSB.exe -> Adware.SaveNow : Nettoyé et sauvegardé (mise en quarantaine).
L:\Document Nicolas\gta\HOODLUM\HLM-INTR.EXE -> Backdoor.Hupigon.kg : Nettoyé et sauvegardé (mise en quarantaine).
C:\Documents and Settings\Sos Pierre\Local Settings\Temp\setup.exe -> Downloader.Agent.aii : Nettoyé et sauvegardé (mise en quarantaine).
J:\System Volume Information\_restore{BE765FE8-2C7C-41B8-B98A-CB972A722702}\RP24\A0001581.exe -> Not-A-Virus.RemoteAdmin.Win32.WinVNC.333 : Nettoyé et sauvegardé (mise en quarantaine).
J:\download programs\vncviewer.exe -> Not-A-Virus.RemoteAdmin.Win32.WinVNC.333 : Nettoyé et sauvegardé (mise en quarantaine).
:mozilla.30:C:\Documents and Settings\Sos Pierre\Application Data\Mozilla\Firefox\Profiles\slpah8yn.default\cookies.txt -> TrackingCookie.247realmedia : Nettoyé.
:mozilla.31:C:\Documents and Settings\Sos Pierre\Application Data\Mozilla\Firefox\Profiles\slpah8yn.default\cookies.txt -> TrackingCookie.247realmedia : Nettoyé.
:mozilla.32:C:\Documents and Settings\Sos Pierre\Application Data\Mozilla\Firefox\Profiles\slpah8yn.default\cookies.txt -> TrackingCookie.247realmedia : Nettoyé.
:mozilla.33:C:\Documents and Settings\Sos Pierre\Application Data\Mozilla\Firefox\Profiles\slpah8yn.default\cookies.txt -> TrackingCookie.247realmedia : Nettoyé.
:mozilla.34:C:\Documents and Settings\Sos Pierre\Application Data\Mozilla\Firefox\Profiles\slpah8yn.default\cookies.txt -> TrackingCookie.247realmedia : Nettoyé.
:mozilla.35:C:\Documents and Settings\Sos Pierre\Application Data\Mozilla\Firefox\Profiles\slpah8yn.default\cookies.txt -> TrackingCookie.247realmedia : Nettoyé.
:mozilla.169:C:\Documents and Settings\Sos Pierre\Application Data\Mozilla\Firefox\Profiles\slpah8yn.default\cookies.txt -> TrackingCookie.2o7 : Nettoyé.
:mozilla.171:C:\Documents and Settings\Sos Pierre\Application Data\Mozilla\Firefox\Profiles\slpah8yn.default\cookies.txt -> TrackingCookie.2o7 : Nettoyé.
:mozilla.172:C:\Documents and Settings\Sos Pierre\Application Data\Mozilla\Firefox\Profiles\slpah8yn.default\cookies.txt -> TrackingCookie.2o7 : Nettoyé.
:mozilla.173:C:\Documents and Settings\Sos Pierre\Application Data\Mozilla\Firefox\Profiles\slpah8yn.default\cookies.txt -> TrackingCookie.2o7 : Nettoyé.
:mozilla.174:C:\Documents and Settings\Sos Pierre\Application Data\Mozilla\Firefox\Profiles\slpah8yn.default\cookies.txt -> TrackingCookie.2o7 : Nettoyé.
:mozilla.175:C:\Documents and Settings\Sos Pierre\Application Data\Mozilla\Firefox\Profiles\slpah8yn.default\cookies.txt -> TrackingCookie.2o7 : Nettoyé.
C:\Documents and Settings\Sos Pierre\Cookies\sos pierre@msnportal.112.2o7[1].txt -> TrackingCookie.2o7 : Nettoyé.
:mozilla.381:C:\Documents and Settings\Sos Pierre\Application Data\Mozilla\Firefox\Profiles\slpah8yn.default\cookies.txt -> TrackingCookie.Adocean : Nettoyé.
:mozilla.382:C:\Documents and Settings\Sos Pierre\Application Data\Mozilla\Firefox\Profiles\slpah8yn.default\cookies.txt -> TrackingCookie.Adocean : Nettoyé.
:mozilla.102:C:\Documents and Settings\Sos Pierre\Application Data\Mozilla\Firefox\Profiles\slpah8yn.default\cookies.txt -> TrackingCookie.Adtech : Nettoyé.
:mozilla.103:C:\Documents and Settings\Sos Pierre\Application Data\Mozilla\Firefox\Profiles\slpah8yn.default\cookies.txt -> TrackingCookie.Adtech : Nettoyé.
:mozilla.135:C:\Documents and Settings\Sos Pierre\Application Data\Mozilla\Firefox\Profiles\slpah8yn.default\cookies.txt -> TrackingCookie.Advertising : Nettoyé.
:mozilla.136:C:\Documents and Settings\Sos Pierre\Application Data\Mozilla\Firefox\Profiles\slpah8yn.default\cookies.txt -> TrackingCookie.Advertising : Nettoyé.
:mozilla.137:C:\Documents and Settings\Sos Pierre\Application Data\Mozilla\Firefox\Profiles\slpah8yn.default\cookies.txt -> TrackingCookie.Advertising : Nettoyé.
:mozilla.16:C:\Documents and Settings\Sos Pierre\Application Data\Mozilla\Firefox\Profiles\slpah8yn.default\cookies.txt -> TrackingCookie.Atdmt : Nettoyé.
C:\Documents and Settings\Sos Pierre\Cookies\sos pierre@atdmt[1].txt -> TrackingCookie.Atdmt : Nettoyé.
:mozilla.192:C:\Documents and Settings\Sos Pierre\Application Data\Mozilla\Firefox\Profiles\slpah8yn.default\cookies.txt -> TrackingCookie.Bluestreak : Nettoyé.
:mozilla.118:C:\Documents and Settings\Sos Pierre\Application Data\Mozilla\Firefox\Profiles\slpah8yn.default\cookies.txt -> TrackingCookie.Comclick : Nettoyé.
:mozilla.119:C:\Documents and Settings\Sos Pierre\Application Data\Mozilla\Firefox\Profiles\slpah8yn.default\cookies.txt -> TrackingCookie.Comclick : Nettoyé.
:mozilla.120:C:\Documents and Settings\Sos Pierre\Application Data\Mozilla\Firefox\Profiles\slpah8yn.default\cookies.txt -> TrackingCookie.Comclick : Nettoyé.
:mozilla.82:C:\Documents and Settings\Sos Pierre\Application Data\Mozilla\Firefox\Profiles\slpah8yn.default\cookies.txt -> TrackingCookie.Doubleclick : Nettoyé.
:mozilla.166:C:\Documents and Settings\Sos Pierre\Application Data\Mozilla\Firefox\Profiles\slpah8yn.default\cookies.txt -> TrackingCookie.Esomniture : Nettoyé.
:mozilla.260:C:\Documents and Settings\Sos Pierre\Application Data\Mozilla\Firefox\Profiles\slpah8yn.default\cookies.txt -> TrackingCookie.Esomniture : Nettoyé.
:mozilla.301:C:\Documents and Settings\Sos Pierre\Application Data\Mozilla\Firefox\Profiles\slpah8yn.default\cookies.txt -> TrackingCookie.Esomniture : Nettoyé.
:mozilla.357:C:\Documents and Settings\Sos Pierre\Application Data\Mozilla\Firefox\Profiles\slpah8yn.default\cookies.txt -> TrackingCookie.Esomniture : Nettoyé.
:mozilla.358:C:\Documents and Settings\Sos Pierre\Application Data\Mozilla\Firefox\Profiles\slpah8yn.default\cookies.txt -> TrackingCookie.Esomniture : Nettoyé.
:mozilla.362:C:\Documents and Settings\Sos Pierre\Application Data\Mozilla\Firefox\Profiles\slpah8yn.default\cookies.txt -> TrackingCookie.Esomniture : Nettoyé.
:mozilla.363:C:\Documents and Settings\Sos Pierre\Application Data\Mozilla\Firefox\Profiles\slpah8yn.default\cookies.txt -> TrackingCookie.Esomniture : Nettoyé.
:mozilla.365:C:\Documents and Settings\Sos Pierre\Application Data\Mozilla\Firefox\Profiles\slpah8yn.default\cookies.txt -> TrackingCookie.Esomniture : Nettoyé.
:mozilla.366:C:\Documents and Settings\Sos Pierre\Application Data\Mozilla\Firefox\Profiles\slpah8yn.default\cookies.txt -> TrackingCookie.Esomniture : Nettoyé.
:mozilla.367:C:\Documents and Settings\Sos Pierre\Application Data\Mozilla\Firefox\Profiles\slpah8yn.default\cookies.txt -> TrackingCookie.Esomniture : Nettoyé.
:mozilla.392:C:\Documents and Settings\Sos Pierre\Application Data\Mozilla\Firefox\Profiles\slpah8yn.default\cookies.txt -> TrackingCookie.Esomniture : Nettoyé.
:mozilla.403:C:\Documents and Settings\Sos Pierre\Application Data\Mozilla\Firefox\Profiles\slpah8yn.default\cookies.txt -> TrackingCookie.Esomniture : Nettoyé.
:mozilla.404:C:\Documents and Settings\Sos Pierre\Application Data\Mozilla\Firefox\Profiles\slpah8yn.default\cookies.txt -> TrackingCookie.Esomniture : Nettoyé.
:mozilla.405:C:\Documents and Settings\Sos Pierre\Application Data\Mozilla\Firefox\Profiles\slpah8yn.default\cookies.txt -> TrackingCookie.Esomniture : Nettoyé.
:mozilla.91:C:\Documents and Settings\Sos Pierre\Application Data\Mozilla\Firefox\Profiles\slpah8yn.default\cookies.txt -> TrackingCookie.Esomniture : Nettoyé.
:mozilla.89:C:\Documents and Settings\Sos Pierre\Application Data\Mozilla\Firefox\Profiles\slpah8yn.default\cookies.txt -> TrackingCookie.Estat : Nettoyé.
:mozilla.272:C:\Documents and Settings\Sos Pierre\Application Data\Mozilla\Firefox\Profiles\slpah8yn.default\cookies.txt -> TrackingCookie.Fastclick : Nettoyé.
:mozilla.273:C:\Documents and Settings\Sos Pierre\Application Data\Mozilla\Firefox\Profiles\slpah8yn.default\cookies.txt -> TrackingCookie.Fastclick : Nettoyé.
:mozilla.236:C:\Documents and Settings\Sos Pierre\Application Data\Mozilla\Firefox\Profiles\slpah8yn.default\cookies.txt -> TrackingCookie.Googleadservices : Nettoyé.
:mozilla.203:C:\Documents and Settings\Sos Pierre\Application Data\Mozilla\Firefox\Profiles\slpah8yn.default\cookies.txt -> TrackingCookie.Hitbox : Nettoyé.
:mozilla.204:C:\Documents and Settings\Sos Pierre\Application Data\Mozilla\Firefox\Profiles\slpah8yn.default\cookies.txt -> TrackingCookie.Hitbox : Nettoyé.
:mozilla.205:C:\Documents and Settings\Sos Pierre\Application Data\Mozilla\Firefox\Profiles\slpah8yn.default\cookies.txt -> TrackingCookie.Hitbox : Nettoyé.
:mozilla.423:C:\Documents and Settings\Sos Pierre\Application Data\Mozilla\Firefox\Profiles\slpah8yn.default\cookies.txt -> TrackingCookie.Hitbox : Nettoyé.
:mozilla.125:C:\Documents and Settings\Sos Pierre\Application Data\Mozilla\Firefox\Profiles\slpah8yn.default\cookies.txt -> TrackingCookie.Mediaplex : Nettoyé.
:mozilla.126:C:\Documents and Settings\Sos Pierre\Application Data\Mozilla\Firefox\Profiles\slpah8yn.default\cookies.txt -> TrackingCookie.Mediaplex : Nettoyé.
:mozilla.277:C:\Documents and Settings\Sos Pierre\Application Data\Mozilla\Firefox\Profiles\slpah8yn.default\cookies.txt -> TrackingCookie.Overture : Nettoyé.
:mozilla.278:C:\Documents and Settings\Sos Pierre\Application Data\Mozilla\Firefox\Profiles\slpah8yn.default\cookies.txt -> TrackingCookie.Overture : Nettoyé.
C:\Documents and Settings\Sos Pierre\Cookies\sos pierre@bs.serving-sys[1].txt -> TrackingCookie.Serving-sys : Nettoyé.
C:\Documents and Settings\Sos Pierre\Cookies\sos pierre@serving-sys[2].txt -> TrackingCookie.Serving-sys : Nettoyé.
:mozilla.235:C:\Documents and Settings\Sos Pierre\Application Data\Mozilla\Firefox\Profiles\slpah8yn.default\cookies.txt -> TrackingCookie.Sitestat : Nettoyé.
:mozilla.388:C:\Documents and Settings\Sos Pierre\Application Data\Mozilla\Firefox\Profiles\slpah8yn.default\cookies.txt -> TrackingCookie.Sitestat : Nettoyé.
:mozilla.24:C:\Documents and Settings\Sos Pierre\Application Data\Mozilla\Firefox\Profiles\slpah8yn.default\cookies.txt -> TrackingCookie.Smartadserver : Nettoyé.
:mozilla.25:C:\Documents and Settings\Sos Pierre\Application Data\Mozilla\Firefox\Profiles\slpah8yn.default\cookies.txt -> TrackingCookie.Smartadserver : Nettoyé.
:mozilla.26:C:\Documents and Settings\Sos Pierre\Application Data\Mozilla\Firefox\Profiles\slpah8yn.default\cookies.txt -> TrackingCookie.Smartadserver : Nettoyé.
:mozilla.384:C:\Documents and Settings\Sos Pierre\Application Data\Mozilla\Firefox\Profiles\slpah8yn.default\cookies.txt -> TrackingCookie.Spylog : Nettoyé.
:mozilla.250:C:\Documents and Settings\Sos Pierre\Application Data\Mozilla\Firefox\Profiles\slpah8yn.default\cookies.txt -> TrackingCookie.Statcounter : Nettoyé.
:mozilla.251:C:\Documents and Settings\Sos Pierre\Application Data\Mozilla\Firefox\Profiles\slpah8yn.default\cookies.txt -> TrackingCookie.Statcounter : Nettoyé.
:mozilla.42:C:\Documents and Settings\Sos Pierre\Application Data\Mozilla\Firefox\Profiles\slpah8yn.default\cookies.txt -> TrackingCookie.Tradedoubler : Nettoyé.
:mozilla.43:C:\Documents and Settings\Sos Pierre\Application Data\Mozilla\Firefox\Profiles\slpah8yn.default\cookies.txt -> TrackingCookie.Tradedoubler : Nettoyé.
:mozilla.44:C:\Documents and Settings\Sos Pierre\Application Data\Mozilla\Firefox\Profiles\slpah8yn.default\cookies.txt -> TrackingCookie.Tradedoubler : Nettoyé.
:mozilla.45:C:\Documents and Settings\Sos Pierre\Application Data\Mozilla\Firefox\Profiles\slpah8yn.default\cookies.txt -> TrackingCookie.Tradedoubler : Nettoyé.
:mozilla.280:C:\Documents and Settings\Sos Pierre\Application Data\Mozilla\Firefox\Profiles\slpah8yn.default\cookies.txt -> TrackingCookie.Tribalfusion : Nettoyé.
:mozilla.183:C:\Documents and Settings\Sos Pierre\Application Data\Mozilla\Firefox\Profiles\slpah8yn.default\cookies.txt -> TrackingCookie.Weborama : Nettoyé.
:mozilla.184:C:\Documents and Settings\Sos Pierre\Application Data\Mozilla\Firefox\Profiles\slpah8yn.default\cookies.txt -> TrackingCookie.Weborama : Nettoyé.
:mozilla.187:C:\Documents and Settings\Sos Pierre\Application Data\Mozilla\Firefox\Profiles\slpah8yn.default\cookies.txt -> TrackingCookie.Weborama : Nettoyé.
:mozilla.101:C:\Documents and Settings\Sos Pierre\Application Data\Mozilla\Firefox\Profiles\slpah8yn.default\cookies.txt -> TrackingCookie.Webtrendslive : Nettoyé.
:mozilla.74:C:\Documents and Settings\Sos Pierre\Application Data\Mozilla\Firefox\Profiles\slpah8yn.default\cookies.txt -> TrackingCookie.Yadro : Nettoyé.
:mozilla.318:C:\Documents and Settings\Sos Pierre\Application Data\Mozilla\Firefox\Profiles\slpah8yn.default\cookies.txt -> TrackingCookie.Yieldmanager : Nettoyé.
:mozilla.319:C:\Documents and Settings\Sos Pierre\Application Data\Mozilla\Firefox\Profiles\slpah8yn.default\cookies.txt -> TrackingCookie.Yieldmanager : Nettoyé.
:mozilla.320:C:\Documents and Settings\Sos Pierre\Application Data\Mozilla\Firefox\Profiles\slpah8yn.default\cookies.txt -> TrackingCookie.Yieldmanager : Nettoyé.
C:\Program Files\Media-Codec -> Trojan.Small : Nettoyé et sauvegardé (mise en quarantaine).


Fin du rapport
0
Réponse 7 / 7
Lyonnais92 Messages postés 25159 Date d'inscription vendredi 23 juin 2006 Statut Contributeur sécurité Dernière intervention 16 septembre 2016 1 536
18 janv. 2007 à 22:18
Bonsoir,

tu as passé AVG en mode sans échec ?

Vide la quarantaine d'AVG.

Continue par Bitdefender on line (post 2)

Précise où tu en es de tes soucis.

@+
0

Discussions similaires

Est ce que le site tlauncher est dangereux ?
caribou -
bazfile -

1 réponse
C'est quoi "Win32:Trojan-gen {Other}"
Uzumaki -
Utilisateur anonyme -

5 réponses
Livebox s'allume mais marque pas de réseau orange
Bebelle -
kaumune -

9 réponses
Detection PUA: win32 Installcore
Nat -
bazfile -

13 réponses
Comment supprimer le virus Trojan
vitsou -
vitsou -

18 réponses