Virus nokia 19 jpg
jenn68
-
jiwom43 Messages postés 70 Statut Membre -
jiwom43 Messages postés 70 Statut Membre -
bonsoir,
j'ai attrapé le virus nokia 19 jpg, depuis impossible de m'en débarrassern ça bloque toutes mes fenêtre msn et je ne peux plus discuter avec mes contacts. J'ai windows vista et avast comme antivirus.
Voici les rapport de AVG et de hijackthis:
---------------------------------------------------------
AVG Anti-Spyware - Rapport d'analyse
---------------------------------------------------------
+ Créé à: 12:59:57 14/10/2007
+ Résultat de l'analyse:
C:\Users\Jennifer\AppData\Roaming\Microsoft\Windows\Cookies\Low\jennifer@247realmedia[1].txt -> TrackingCookie.247realmedia : Nettoyé.
C:\Users\Jennifer\AppData\Roaming\Microsoft\Windows\Cookies\Low\jennifer@112.2o7[2].txt -> TrackingCookie.2o7 : Nettoyé.
C:\Users\Jennifer\AppData\Roaming\Microsoft\Windows\Cookies\Low\jennifer@2o7[2].txt -> TrackingCookie.2o7 : Nettoyé.
C:\Users\Jennifer\AppData\Roaming\Microsoft\Windows\Cookies\Low\jennifer@aolfr.122.2o7[1].txt -> TrackingCookie.2o7 : Nettoyé.
C:\Users\Jennifer\AppData\Roaming\Microsoft\Windows\Cookies\Low\jennifer@fnac.112.2o7[1].txt -> TrackingCookie.2o7 : Nettoyé.
C:\Users\Jennifer\AppData\Roaming\Microsoft\Windows\Cookies\Low\jennifer@hotelopia.112.2o7[1].txt -> TrackingCookie.2o7 : Nettoyé.
C:\Users\Jennifer\AppData\Roaming\Microsoft\Windows\Cookies\Low\jennifer@hotelscom.122.2o7[1].txt -> TrackingCookie.2o7 : Nettoyé.
C:\Users\Jennifer\AppData\Roaming\Microsoft\Windows\Cookies\Low\jennifer@karavel.112.2o7[1].txt -> TrackingCookie.2o7 : Nettoyé.
C:\Users\Jennifer\AppData\Roaming\Microsoft\Windows\Cookies\Low\jennifer@ltur.112.2o7[1].txt -> TrackingCookie.2o7 : Nettoyé.
C:\Users\Jennifer\AppData\Roaming\Microsoft\Windows\Cookies\Low\jennifer@montblanc.122.2o7[1].txt -> TrackingCookie.2o7 : Nettoyé.
C:\Users\Jennifer\AppData\Roaming\Microsoft\Windows\Cookies\Low\jennifer@msnaccountservices.112.2o7[1].txt -> TrackingCookie.2o7 : Nettoyé.
C:\Users\Jennifer\AppData\Roaming\Microsoft\Windows\Cookies\Low\jennifer@msnportal.112.2o7[1].txt -> TrackingCookie.2o7 : Nettoyé.
C:\Users\Jennifer\AppData\Roaming\Microsoft\Windows\Cookies\Low\jennifer@paypal.112.2o7[1].txt -> TrackingCookie.2o7 : Nettoyé.
C:\Users\Jennifer\AppData\Roaming\Microsoft\Windows\Cookies\jennifer@2o7[1].txt -> TrackingCookie.2o7 : Nettoyé.
C:\Users\Jennifer\AppData\Roaming\Microsoft\Windows\Cookies\jennifer@boonty.122.2o7[1].txt -> TrackingCookie.2o7 : Nettoyé.
C:\Users\Jennifer\AppData\Roaming\Microsoft\Windows\Cookies\Low\jennifer@adbrite[1].txt -> TrackingCookie.Adbrite : Nettoyé.
C:\Users\Jennifer\AppData\Roaming\Microsoft\Windows\Cookies\Low\jennifer@ads.adbrite[1].txt -> TrackingCookie.Adbrite : Nettoyé.
C:\Users\Jennifer\AppData\Roaming\Microsoft\Windows\Cookies\Low\jennifer@adrevolver[2].txt -> TrackingCookie.Adrevolver : Nettoyé.
C:\Users\Jennifer\AppData\Roaming\Microsoft\Windows\Cookies\Low\jennifer@media.adrevolver[2].txt -> TrackingCookie.Adrevolver : Nettoyé.
C:\Users\Jennifer\AppData\Roaming\Microsoft\Windows\Cookies\Low\jennifer@adtech[2].txt -> TrackingCookie.Adtech : Nettoyé.
C:\Users\Jennifer\AppData\Roaming\Microsoft\Windows\Cookies\Low\jennifer@advertising[1].txt -> TrackingCookie.Advertising : Nettoyé.
C:\Users\Jennifer\AppData\Roaming\Microsoft\Windows\Cookies\Low\jennifer@adviva[2].txt -> TrackingCookie.Adviva : Nettoyé.
C:\Users\Jennifer\AppData\Roaming\Microsoft\Windows\Cookies\Low\jennifer@atdmt[2].txt -> TrackingCookie.Atdmt : Nettoyé.
C:\Users\Jennifer\AppData\Roaming\Microsoft\Windows\Cookies\jennifer@atdmt[2].txt -> TrackingCookie.Atdmt : Nettoyé.
C:\Users\Jennifer\AppData\Roaming\Microsoft\Windows\Cookies\Low\jennifer@bluestreak[2].txt -> TrackingCookie.Bluestreak : Nettoyé.
C:\Users\Jennifer\AppData\Roaming\Microsoft\Windows\Cookies\Low\jennifer@iv2.bluestreak[1].txt -> TrackingCookie.Bluestreak : Nettoyé.
C:\Users\Jennifer\AppData\Roaming\Microsoft\Windows\Cookies\jennifer@bluestreak[1].txt -> TrackingCookie.Bluestreak : Nettoyé.
C:\Users\Jennifer\AppData\Roaming\Microsoft\Windows\Cookies\Low\jennifer@fl01.ct2.comclick[1].txt -> TrackingCookie.Comclick : Nettoyé.
C:\Users\Jennifer\AppData\Roaming\Microsoft\Windows\Cookies\Low\jennifer@dealtime[1].txt -> TrackingCookie.Dealtime : Nettoyé.
C:\Users\Jennifer\AppData\Roaming\Microsoft\Windows\Cookies\Low\jennifer@stat.dealtime[1].txt -> TrackingCookie.Dealtime : Nettoyé.
C:\Users\Jennifer\AppData\Roaming\Microsoft\Windows\Cookies\Low\jennifer@doubleclick[2].txt -> TrackingCookie.Doubleclick : Nettoyé.
C:\Users\Jennifer\AppData\Roaming\Microsoft\Windows\Cookies\jennifer@doubleclick[1].txt -> TrackingCookie.Doubleclick : Nettoyé.
C:\Users\Jennifer\AppData\Roaming\Microsoft\Windows\Cookies\Low\jennifer@estat[1].txt -> TrackingCookie.Estat : Nettoyé.
C:\Users\Jennifer\AppData\Roaming\Microsoft\Windows\Cookies\jennifer@estat[1].txt -> TrackingCookie.Estat : Nettoyé.
C:\Users\Jennifer\AppData\Roaming\Microsoft\Windows\Cookies\Low\jennifer@www.etracker[2].txt -> TrackingCookie.Etracker : Nettoyé.
C:\Users\Jennifer\AppData\Roaming\Microsoft\Windows\Cookies\Low\jennifer@adopt.euroclick[2].txt -> TrackingCookie.Euroclick : Nettoyé.
C:\Users\Jennifer\AppData\Roaming\Microsoft\Windows\Cookies\Low\jennifer@fastclick[2].txt -> TrackingCookie.Fastclick : Nettoyé.
C:\Users\Jennifer\AppData\Roaming\Microsoft\Windows\Cookies\Low\jennifer@ehg-libelle.hitbox[2].txt -> TrackingCookie.Hitbox : Nettoyé.
C:\Users\Jennifer\AppData\Roaming\Microsoft\Windows\Cookies\Low\jennifer@ehg-neuftelecom.hitbox[1].txt -> TrackingCookie.Hitbox : Nettoyé.
C:\Users\Jennifer\AppData\Roaming\Microsoft\Windows\Cookies\Low\jennifer@ehg-telecomitalia.hitbox[1].txt -> TrackingCookie.Hitbox : Nettoyé.
C:\Users\Jennifer\AppData\Roaming\Microsoft\Windows\Cookies\Low\jennifer@hitbox[1].txt -> TrackingCookie.Hitbox : Nettoyé.
C:\Users\Jennifer\AppData\Roaming\Microsoft\Windows\Cookies\Low\jennifer@ivwbox[2].txt -> TrackingCookie.Ivwbox : Nettoyé.
C:\Users\Jennifer\AppData\Roaming\Microsoft\Windows\Cookies\Low\jennifer@search.live[1].txt -> TrackingCookie.Live : Nettoyé.
C:\Users\Jennifer\AppData\Roaming\Microsoft\Windows\Cookies\Low\jennifer@sales.liveperson[1].txt -> TrackingCookie.Liveperson : Nettoyé.
C:\Users\Jennifer\AppData\Roaming\Microsoft\Windows\Cookies\Low\jennifer@mediaplex[1].txt -> TrackingCookie.Mediaplex : Nettoyé.
C:\Users\Jennifer\AppData\Roaming\Microsoft\Windows\Cookies\jennifer@mediaplex[2].txt -> TrackingCookie.Mediaplex : Nettoyé.
C:\Users\Jennifer\AppData\Roaming\Microsoft\Windows\Cookies\Low\jennifer@ssl-hints.netflame[1].txt -> TrackingCookie.Netflame : Nettoyé.
C:\Users\Jennifer\AppData\Roaming\Microsoft\Windows\Cookies\Low\jennifer@overture[1].txt -> TrackingCookie.Overture : Nettoyé.
C:\Users\Jennifer\AppData\Roaming\Microsoft\Windows\Cookies\Low\jennifer@www.paypal[1].txt -> TrackingCookie.Paypal : Nettoyé.
C:\Users\Jennifer\AppData\Roaming\Microsoft\Windows\Cookies\jennifer@ads.pointroll[2].txt -> TrackingCookie.Pointroll : Nettoyé.
C:\Users\Jennifer\AppData\Roaming\Microsoft\Windows\Cookies\Low\jennifer@qksrv[2].txt -> TrackingCookie.Qksrv : Nettoyé.
C:\Users\Jennifer\AppData\Roaming\Microsoft\Windows\Cookies\Low\jennifer@questionmarket[2].txt -> TrackingCookie.Questionmarket : Nettoyé.
C:\Users\Jennifer\AppData\Roaming\Microsoft\Windows\Cookies\Low\jennifer@revsci[2].txt -> TrackingCookie.Revsci : Nettoyé.
C:\Users\Jennifer\AppData\Roaming\Microsoft\Windows\Cookies\Low\jennifer@bs.serving-sys[1].txt -> TrackingCookie.Serving-sys : Nettoyé.
C:\Users\Jennifer\AppData\Roaming\Microsoft\Windows\Cookies\Low\jennifer@serving-sys[1].txt -> TrackingCookie.Serving-sys : Nettoyé.
C:\Users\Jennifer\AppData\Roaming\Microsoft\Windows\Cookies\jennifer@bs.serving-sys[2].txt -> TrackingCookie.Serving-sys : Nettoyé.
C:\Users\Jennifer\AppData\Roaming\Microsoft\Windows\Cookies\jennifer@serving-sys[2].txt -> TrackingCookie.Serving-sys : Nettoyé.
C:\Users\Jennifer\AppData\Roaming\Microsoft\Windows\Cookies\Low\jennifer@smartadserver[2].txt -> TrackingCookie.Smartadserver : Nettoyé.
C:\Users\Jennifer\AppData\Roaming\Microsoft\Windows\Cookies\jennifer@smartadserver[2].txt -> TrackingCookie.Smartadserver : Nettoyé.
C:\Users\Jennifer\AppData\Roaming\Microsoft\Windows\Cookies\Low\jennifer@statcounter[1].txt -> TrackingCookie.Statcounter : Nettoyé.
C:\Users\Jennifer\AppData\Roaming\Microsoft\Windows\Cookies\Low\jennifer@tradedoubler[2].txt -> TrackingCookie.Tradedoubler : Nettoyé.
C:\Users\Jennifer\AppData\Roaming\Microsoft\Windows\Cookies\jennifer@tradedoubler[2].txt -> TrackingCookie.Tradedoubler : Nettoyé.
C:\Users\Jennifer\AppData\Roaming\Microsoft\Windows\Cookies\Low\jennifer@trafficmp[1].txt -> TrackingCookie.Trafficmp : Nettoyé.
C:\Users\Jennifer\AppData\Roaming\Microsoft\Windows\Cookies\Low\jennifer@weborama[1].txt -> TrackingCookie.Weborama : Nettoyé.
C:\Users\Jennifer\AppData\Roaming\Microsoft\Windows\Cookies\jennifer@weborama[1].txt -> TrackingCookie.Weborama : Nettoyé.
C:\Users\Jennifer\AppData\Roaming\Microsoft\Windows\Cookies\Low\jennifer@m.webtrends[2].txt -> TrackingCookie.Webtrends : Nettoyé.
C:\Users\Jennifer\AppData\Roaming\Microsoft\Windows\Cookies\jennifer@m.webtrends[2].txt -> TrackingCookie.Webtrends : Nettoyé.
C:\Users\Jennifer\AppData\Roaming\Microsoft\Windows\Cookies\Low\jennifer@statse.webtrendslive[1].txt -> TrackingCookie.Webtrendslive : Nettoyé.
C:\Users\Jennifer\AppData\Roaming\Microsoft\Windows\Cookies\Low\jennifer@yadro[1].txt -> TrackingCookie.Yadro : Nettoyé.
C:\Users\Jennifer\AppData\Roaming\Microsoft\Windows\Cookies\Low\jennifer@ad.yieldmanager[1].txt -> TrackingCookie.Yieldmanager : Nettoyé.
Fin du rapport
Logfile of HijackThis v1.99.1
Scan saved at 18:54:30, on 14/10/2007
Platform: Unknown Windows (WinNT 6.00.1904)
MSIE: Internet Explorer v7.00 (7.00.6000.16546)
Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskeng.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Hp\HP Software Update\hpwuSchd2.exe
C:\Program Files\Hp\QuickPlay\QPService.exe
C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe
C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
C:\Program Files\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe
C:\Program Files\Java\jre1.6.0\bin\jusched.exe
C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
C:\Program Files\Alwil Software\Avast4\ashDisp.exe
C:\Program Files\Winamp\winampa.exe
C:\Windows\LBTWiz.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Windows\System32\rundll32.exe
C:\Windows\System32\mobsync.exe
C:\Program Files\Hewlett-Packard\Shared\HpqToaster.exe
C:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Windows\system32\conime.exe
C:\Program Files\Internet Explorer\IEUser.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Users\Jennifer\Documents\hijackthis[1]\test.exe.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.hp.com/
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [NvSvc] RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [QPService] "C:\Program Files\HP\QuickPlay\QPService.exe"
O4 - HKLM\..\Run: [QlbCtrl] %ProgramFiles%\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start
O4 - HKLM\..\Run: [HP Health Check Scheduler] C:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe
O4 - HKLM\..\Run: [hpWirelessAssistant] %ProgramFiles%\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
O4 - HKLM\..\Run: [WAWifiMessage] %ProgramFiles%\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0\bin\jusched.exe"
O4 - HKLM\..\Run: [Symantec PIF AlertEng] "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" /a /m "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\AlertEng.dll"
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe
O4 - HKLM\..\Run: [LBTWiz.exe] C:\Windows\LBTWiz.exe
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKLM\..\RunOnce: [Launcher] %WINDIR%\SMINST\launcher.exe
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0\bin\ssv.dll
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL
O10 - Unknown file in Winsock LSP: c:\windows\system32\nlaapi.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\napinsp.dll
O11 - Options group: [INTERNATIONAL] International*
O13 - Gopher Prefix:
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - https://www.kaspersky.fr/?domain=webscanner.kaspersky.fr
O16 - DPF: {80AEEC0E-A2BE-4B8D-985F-350FE869DC40} (HPDDClientExec Class) - http://h30155.www3.hp.com/ediags/dd/install/HPDriverDiagnosticsVista.cab
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: Com4Qlb - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4Qlb.exe
O23 - Service: HP Health Check Service - Hewlett-Packard - C:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe
O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Roxio\Roxio MyDVD Basic v9\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: LiveUpdate Notice Service Ex (LiveUpdate Notice Ex) - Unknown owner - c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe" /h ccCommon (file missing)
O23 - Service: LiveUpdate Notice Service - Unknown owner - C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" /m "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PifEng.dll (file missing)
O23 - Service: Planificateur LiveUpdate automatique - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
O23 - Service: @%SystemRoot%\system32\qwave.dll,-1 (QWAVE) - Unknown owner - %windir%\system32\svchost.exe (file missing)
O23 - Service: RoxMediaDB9 - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe
O23 - Service: @%SystemRoot%\system32\seclogon.dll,-7001 (seclogon) - Unknown owner - %windir%\system32\svchost.exe (file missing)
O23 - Service: stllssvr - MicroVision Development, Inc. - C:\Program Files\Common Files\SureThing Shared\stllssvr.exe
O23 - Service: Windows Live Setup Service (WLSetupSvc) - Unknown owner - C:\Program Files\Windows Live\installer\WLSetupSvc.exe
O23 - Service: @%ProgramFiles%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - %ProgramFiles%\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe
que dois-je faire ensuite pour me débarrasser du virus? (scan kaspersky impossible car windows vista)
un grand merci
j'ai attrapé le virus nokia 19 jpg, depuis impossible de m'en débarrassern ça bloque toutes mes fenêtre msn et je ne peux plus discuter avec mes contacts. J'ai windows vista et avast comme antivirus.
Voici les rapport de AVG et de hijackthis:
---------------------------------------------------------
AVG Anti-Spyware - Rapport d'analyse
---------------------------------------------------------
+ Créé à: 12:59:57 14/10/2007
+ Résultat de l'analyse:
C:\Users\Jennifer\AppData\Roaming\Microsoft\Windows\Cookies\Low\jennifer@247realmedia[1].txt -> TrackingCookie.247realmedia : Nettoyé.
C:\Users\Jennifer\AppData\Roaming\Microsoft\Windows\Cookies\Low\jennifer@112.2o7[2].txt -> TrackingCookie.2o7 : Nettoyé.
C:\Users\Jennifer\AppData\Roaming\Microsoft\Windows\Cookies\Low\jennifer@2o7[2].txt -> TrackingCookie.2o7 : Nettoyé.
C:\Users\Jennifer\AppData\Roaming\Microsoft\Windows\Cookies\Low\jennifer@aolfr.122.2o7[1].txt -> TrackingCookie.2o7 : Nettoyé.
C:\Users\Jennifer\AppData\Roaming\Microsoft\Windows\Cookies\Low\jennifer@fnac.112.2o7[1].txt -> TrackingCookie.2o7 : Nettoyé.
C:\Users\Jennifer\AppData\Roaming\Microsoft\Windows\Cookies\Low\jennifer@hotelopia.112.2o7[1].txt -> TrackingCookie.2o7 : Nettoyé.
C:\Users\Jennifer\AppData\Roaming\Microsoft\Windows\Cookies\Low\jennifer@hotelscom.122.2o7[1].txt -> TrackingCookie.2o7 : Nettoyé.
C:\Users\Jennifer\AppData\Roaming\Microsoft\Windows\Cookies\Low\jennifer@karavel.112.2o7[1].txt -> TrackingCookie.2o7 : Nettoyé.
C:\Users\Jennifer\AppData\Roaming\Microsoft\Windows\Cookies\Low\jennifer@ltur.112.2o7[1].txt -> TrackingCookie.2o7 : Nettoyé.
C:\Users\Jennifer\AppData\Roaming\Microsoft\Windows\Cookies\Low\jennifer@montblanc.122.2o7[1].txt -> TrackingCookie.2o7 : Nettoyé.
C:\Users\Jennifer\AppData\Roaming\Microsoft\Windows\Cookies\Low\jennifer@msnaccountservices.112.2o7[1].txt -> TrackingCookie.2o7 : Nettoyé.
C:\Users\Jennifer\AppData\Roaming\Microsoft\Windows\Cookies\Low\jennifer@msnportal.112.2o7[1].txt -> TrackingCookie.2o7 : Nettoyé.
C:\Users\Jennifer\AppData\Roaming\Microsoft\Windows\Cookies\Low\jennifer@paypal.112.2o7[1].txt -> TrackingCookie.2o7 : Nettoyé.
C:\Users\Jennifer\AppData\Roaming\Microsoft\Windows\Cookies\jennifer@2o7[1].txt -> TrackingCookie.2o7 : Nettoyé.
C:\Users\Jennifer\AppData\Roaming\Microsoft\Windows\Cookies\jennifer@boonty.122.2o7[1].txt -> TrackingCookie.2o7 : Nettoyé.
C:\Users\Jennifer\AppData\Roaming\Microsoft\Windows\Cookies\Low\jennifer@adbrite[1].txt -> TrackingCookie.Adbrite : Nettoyé.
C:\Users\Jennifer\AppData\Roaming\Microsoft\Windows\Cookies\Low\jennifer@ads.adbrite[1].txt -> TrackingCookie.Adbrite : Nettoyé.
C:\Users\Jennifer\AppData\Roaming\Microsoft\Windows\Cookies\Low\jennifer@adrevolver[2].txt -> TrackingCookie.Adrevolver : Nettoyé.
C:\Users\Jennifer\AppData\Roaming\Microsoft\Windows\Cookies\Low\jennifer@media.adrevolver[2].txt -> TrackingCookie.Adrevolver : Nettoyé.
C:\Users\Jennifer\AppData\Roaming\Microsoft\Windows\Cookies\Low\jennifer@adtech[2].txt -> TrackingCookie.Adtech : Nettoyé.
C:\Users\Jennifer\AppData\Roaming\Microsoft\Windows\Cookies\Low\jennifer@advertising[1].txt -> TrackingCookie.Advertising : Nettoyé.
C:\Users\Jennifer\AppData\Roaming\Microsoft\Windows\Cookies\Low\jennifer@adviva[2].txt -> TrackingCookie.Adviva : Nettoyé.
C:\Users\Jennifer\AppData\Roaming\Microsoft\Windows\Cookies\Low\jennifer@atdmt[2].txt -> TrackingCookie.Atdmt : Nettoyé.
C:\Users\Jennifer\AppData\Roaming\Microsoft\Windows\Cookies\jennifer@atdmt[2].txt -> TrackingCookie.Atdmt : Nettoyé.
C:\Users\Jennifer\AppData\Roaming\Microsoft\Windows\Cookies\Low\jennifer@bluestreak[2].txt -> TrackingCookie.Bluestreak : Nettoyé.
C:\Users\Jennifer\AppData\Roaming\Microsoft\Windows\Cookies\Low\jennifer@iv2.bluestreak[1].txt -> TrackingCookie.Bluestreak : Nettoyé.
C:\Users\Jennifer\AppData\Roaming\Microsoft\Windows\Cookies\jennifer@bluestreak[1].txt -> TrackingCookie.Bluestreak : Nettoyé.
C:\Users\Jennifer\AppData\Roaming\Microsoft\Windows\Cookies\Low\jennifer@fl01.ct2.comclick[1].txt -> TrackingCookie.Comclick : Nettoyé.
C:\Users\Jennifer\AppData\Roaming\Microsoft\Windows\Cookies\Low\jennifer@dealtime[1].txt -> TrackingCookie.Dealtime : Nettoyé.
C:\Users\Jennifer\AppData\Roaming\Microsoft\Windows\Cookies\Low\jennifer@stat.dealtime[1].txt -> TrackingCookie.Dealtime : Nettoyé.
C:\Users\Jennifer\AppData\Roaming\Microsoft\Windows\Cookies\Low\jennifer@doubleclick[2].txt -> TrackingCookie.Doubleclick : Nettoyé.
C:\Users\Jennifer\AppData\Roaming\Microsoft\Windows\Cookies\jennifer@doubleclick[1].txt -> TrackingCookie.Doubleclick : Nettoyé.
C:\Users\Jennifer\AppData\Roaming\Microsoft\Windows\Cookies\Low\jennifer@estat[1].txt -> TrackingCookie.Estat : Nettoyé.
C:\Users\Jennifer\AppData\Roaming\Microsoft\Windows\Cookies\jennifer@estat[1].txt -> TrackingCookie.Estat : Nettoyé.
C:\Users\Jennifer\AppData\Roaming\Microsoft\Windows\Cookies\Low\jennifer@www.etracker[2].txt -> TrackingCookie.Etracker : Nettoyé.
C:\Users\Jennifer\AppData\Roaming\Microsoft\Windows\Cookies\Low\jennifer@adopt.euroclick[2].txt -> TrackingCookie.Euroclick : Nettoyé.
C:\Users\Jennifer\AppData\Roaming\Microsoft\Windows\Cookies\Low\jennifer@fastclick[2].txt -> TrackingCookie.Fastclick : Nettoyé.
C:\Users\Jennifer\AppData\Roaming\Microsoft\Windows\Cookies\Low\jennifer@ehg-libelle.hitbox[2].txt -> TrackingCookie.Hitbox : Nettoyé.
C:\Users\Jennifer\AppData\Roaming\Microsoft\Windows\Cookies\Low\jennifer@ehg-neuftelecom.hitbox[1].txt -> TrackingCookie.Hitbox : Nettoyé.
C:\Users\Jennifer\AppData\Roaming\Microsoft\Windows\Cookies\Low\jennifer@ehg-telecomitalia.hitbox[1].txt -> TrackingCookie.Hitbox : Nettoyé.
C:\Users\Jennifer\AppData\Roaming\Microsoft\Windows\Cookies\Low\jennifer@hitbox[1].txt -> TrackingCookie.Hitbox : Nettoyé.
C:\Users\Jennifer\AppData\Roaming\Microsoft\Windows\Cookies\Low\jennifer@ivwbox[2].txt -> TrackingCookie.Ivwbox : Nettoyé.
C:\Users\Jennifer\AppData\Roaming\Microsoft\Windows\Cookies\Low\jennifer@search.live[1].txt -> TrackingCookie.Live : Nettoyé.
C:\Users\Jennifer\AppData\Roaming\Microsoft\Windows\Cookies\Low\jennifer@sales.liveperson[1].txt -> TrackingCookie.Liveperson : Nettoyé.
C:\Users\Jennifer\AppData\Roaming\Microsoft\Windows\Cookies\Low\jennifer@mediaplex[1].txt -> TrackingCookie.Mediaplex : Nettoyé.
C:\Users\Jennifer\AppData\Roaming\Microsoft\Windows\Cookies\jennifer@mediaplex[2].txt -> TrackingCookie.Mediaplex : Nettoyé.
C:\Users\Jennifer\AppData\Roaming\Microsoft\Windows\Cookies\Low\jennifer@ssl-hints.netflame[1].txt -> TrackingCookie.Netflame : Nettoyé.
C:\Users\Jennifer\AppData\Roaming\Microsoft\Windows\Cookies\Low\jennifer@overture[1].txt -> TrackingCookie.Overture : Nettoyé.
C:\Users\Jennifer\AppData\Roaming\Microsoft\Windows\Cookies\Low\jennifer@www.paypal[1].txt -> TrackingCookie.Paypal : Nettoyé.
C:\Users\Jennifer\AppData\Roaming\Microsoft\Windows\Cookies\jennifer@ads.pointroll[2].txt -> TrackingCookie.Pointroll : Nettoyé.
C:\Users\Jennifer\AppData\Roaming\Microsoft\Windows\Cookies\Low\jennifer@qksrv[2].txt -> TrackingCookie.Qksrv : Nettoyé.
C:\Users\Jennifer\AppData\Roaming\Microsoft\Windows\Cookies\Low\jennifer@questionmarket[2].txt -> TrackingCookie.Questionmarket : Nettoyé.
C:\Users\Jennifer\AppData\Roaming\Microsoft\Windows\Cookies\Low\jennifer@revsci[2].txt -> TrackingCookie.Revsci : Nettoyé.
C:\Users\Jennifer\AppData\Roaming\Microsoft\Windows\Cookies\Low\jennifer@bs.serving-sys[1].txt -> TrackingCookie.Serving-sys : Nettoyé.
C:\Users\Jennifer\AppData\Roaming\Microsoft\Windows\Cookies\Low\jennifer@serving-sys[1].txt -> TrackingCookie.Serving-sys : Nettoyé.
C:\Users\Jennifer\AppData\Roaming\Microsoft\Windows\Cookies\jennifer@bs.serving-sys[2].txt -> TrackingCookie.Serving-sys : Nettoyé.
C:\Users\Jennifer\AppData\Roaming\Microsoft\Windows\Cookies\jennifer@serving-sys[2].txt -> TrackingCookie.Serving-sys : Nettoyé.
C:\Users\Jennifer\AppData\Roaming\Microsoft\Windows\Cookies\Low\jennifer@smartadserver[2].txt -> TrackingCookie.Smartadserver : Nettoyé.
C:\Users\Jennifer\AppData\Roaming\Microsoft\Windows\Cookies\jennifer@smartadserver[2].txt -> TrackingCookie.Smartadserver : Nettoyé.
C:\Users\Jennifer\AppData\Roaming\Microsoft\Windows\Cookies\Low\jennifer@statcounter[1].txt -> TrackingCookie.Statcounter : Nettoyé.
C:\Users\Jennifer\AppData\Roaming\Microsoft\Windows\Cookies\Low\jennifer@tradedoubler[2].txt -> TrackingCookie.Tradedoubler : Nettoyé.
C:\Users\Jennifer\AppData\Roaming\Microsoft\Windows\Cookies\jennifer@tradedoubler[2].txt -> TrackingCookie.Tradedoubler : Nettoyé.
C:\Users\Jennifer\AppData\Roaming\Microsoft\Windows\Cookies\Low\jennifer@trafficmp[1].txt -> TrackingCookie.Trafficmp : Nettoyé.
C:\Users\Jennifer\AppData\Roaming\Microsoft\Windows\Cookies\Low\jennifer@weborama[1].txt -> TrackingCookie.Weborama : Nettoyé.
C:\Users\Jennifer\AppData\Roaming\Microsoft\Windows\Cookies\jennifer@weborama[1].txt -> TrackingCookie.Weborama : Nettoyé.
C:\Users\Jennifer\AppData\Roaming\Microsoft\Windows\Cookies\Low\jennifer@m.webtrends[2].txt -> TrackingCookie.Webtrends : Nettoyé.
C:\Users\Jennifer\AppData\Roaming\Microsoft\Windows\Cookies\jennifer@m.webtrends[2].txt -> TrackingCookie.Webtrends : Nettoyé.
C:\Users\Jennifer\AppData\Roaming\Microsoft\Windows\Cookies\Low\jennifer@statse.webtrendslive[1].txt -> TrackingCookie.Webtrendslive : Nettoyé.
C:\Users\Jennifer\AppData\Roaming\Microsoft\Windows\Cookies\Low\jennifer@yadro[1].txt -> TrackingCookie.Yadro : Nettoyé.
C:\Users\Jennifer\AppData\Roaming\Microsoft\Windows\Cookies\Low\jennifer@ad.yieldmanager[1].txt -> TrackingCookie.Yieldmanager : Nettoyé.
Fin du rapport
Logfile of HijackThis v1.99.1
Scan saved at 18:54:30, on 14/10/2007
Platform: Unknown Windows (WinNT 6.00.1904)
MSIE: Internet Explorer v7.00 (7.00.6000.16546)
Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskeng.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Hp\HP Software Update\hpwuSchd2.exe
C:\Program Files\Hp\QuickPlay\QPService.exe
C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe
C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
C:\Program Files\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe
C:\Program Files\Java\jre1.6.0\bin\jusched.exe
C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
C:\Program Files\Alwil Software\Avast4\ashDisp.exe
C:\Program Files\Winamp\winampa.exe
C:\Windows\LBTWiz.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Windows\System32\rundll32.exe
C:\Windows\System32\mobsync.exe
C:\Program Files\Hewlett-Packard\Shared\HpqToaster.exe
C:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Windows\system32\conime.exe
C:\Program Files\Internet Explorer\IEUser.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Users\Jennifer\Documents\hijackthis[1]\test.exe.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.hp.com/
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [NvSvc] RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [QPService] "C:\Program Files\HP\QuickPlay\QPService.exe"
O4 - HKLM\..\Run: [QlbCtrl] %ProgramFiles%\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start
O4 - HKLM\..\Run: [HP Health Check Scheduler] C:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe
O4 - HKLM\..\Run: [hpWirelessAssistant] %ProgramFiles%\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
O4 - HKLM\..\Run: [WAWifiMessage] %ProgramFiles%\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0\bin\jusched.exe"
O4 - HKLM\..\Run: [Symantec PIF AlertEng] "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" /a /m "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\AlertEng.dll"
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe
O4 - HKLM\..\Run: [LBTWiz.exe] C:\Windows\LBTWiz.exe
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKLM\..\RunOnce: [Launcher] %WINDIR%\SMINST\launcher.exe
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0\bin\ssv.dll
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL
O10 - Unknown file in Winsock LSP: c:\windows\system32\nlaapi.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\napinsp.dll
O11 - Options group: [INTERNATIONAL] International*
O13 - Gopher Prefix:
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - https://www.kaspersky.fr/?domain=webscanner.kaspersky.fr
O16 - DPF: {80AEEC0E-A2BE-4B8D-985F-350FE869DC40} (HPDDClientExec Class) - http://h30155.www3.hp.com/ediags/dd/install/HPDriverDiagnosticsVista.cab
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: Com4Qlb - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4Qlb.exe
O23 - Service: HP Health Check Service - Hewlett-Packard - C:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe
O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Roxio\Roxio MyDVD Basic v9\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: LiveUpdate Notice Service Ex (LiveUpdate Notice Ex) - Unknown owner - c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe" /h ccCommon (file missing)
O23 - Service: LiveUpdate Notice Service - Unknown owner - C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" /m "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PifEng.dll (file missing)
O23 - Service: Planificateur LiveUpdate automatique - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
O23 - Service: @%SystemRoot%\system32\qwave.dll,-1 (QWAVE) - Unknown owner - %windir%\system32\svchost.exe (file missing)
O23 - Service: RoxMediaDB9 - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe
O23 - Service: @%SystemRoot%\system32\seclogon.dll,-7001 (seclogon) - Unknown owner - %windir%\system32\svchost.exe (file missing)
O23 - Service: stllssvr - MicroVision Development, Inc. - C:\Program Files\Common Files\SureThing Shared\stllssvr.exe
O23 - Service: Windows Live Setup Service (WLSetupSvc) - Unknown owner - C:\Program Files\Windows Live\installer\WLSetupSvc.exe
O23 - Service: @%ProgramFiles%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - %ProgramFiles%\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe
que dois-je faire ensuite pour me débarrasser du virus? (scan kaspersky impossible car windows vista)
un grand merci
A voir également:
- Virus nokia 19 jpg
- Nokia pc suite - Télécharger - Pilotes & Matériel
- Virus mcafee - Accueil - Piratage
- Convertir hevc en jpg - Guide
- Réduire taille jpg - Guide
- Telecharger jpg - Télécharger - Photo & Graphisme
6 réponses
Bonjour,
t'as pas de virus sur ton msn! faut juste aller panneau de configuration puis ajout,suppresion de programmes ,tu clic sur modifier msn live messenger et plus de probleme!
t'as pas de virus sur ton msn! faut juste aller panneau de configuration puis ajout,suppresion de programmes ,tu clic sur modifier msn live messenger et plus de probleme!
Bonjour,
j'ai essayé mais ça n'a pas marché. Les fenêtres sont toujours bloquées (je double-clique dessus et rien ne se passe) et mes contacts continuent avoir "ma soeur veut que tu vois ça" "ce sont les tofs de mes dernières vacances"
j'ai essayé mais ça n'a pas marché. Les fenêtres sont toujours bloquées (je double-clique dessus et rien ne se passe) et mes contacts continuent avoir "ma soeur veut que tu vois ça" "ce sont les tofs de mes dernières vacances"
Vous n’avez pas trouvé la réponse que vous recherchez ?
Posez votre question
Bonjour,
salut j'ai aussi des problemes avec un fichier nokia 19 jpeg...
qui peut m aider et qui a la patience je suis nul en informatique lol ;-)
merci d avance..
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 15:23:29, on 22/10/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
c:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe
C:\WINDOWS\Explorer.EXE
c:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\Java\j2re1.4.2_03\bin\jusched.exe
C:\windows\system\hpsysdrv.exe
C:\WINDOWS\AGRSMMSG.exe
C:\HP\KBD\KBD.EXE
C:\WINDOWS\System32\svchost.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe
C:\WINDOWS\ALCXMNTR.EXE
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\LBTWiz.exe
C:\WINDOWS\system32\owjapuo.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\DialMessenger\dialmessenger.exe
C:\Program Files\Winsos\WINSOS.EXE
C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
C:\Program Files\RamBoost XP\rambxpfr.exe
C:\Program Files\MSN Pictures Displayer\MSN Pictures Displayer.exe
C:\Program Files\MSN Messenger\usnsvc.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\Documents and Settings\Compaq_Propriétaire\Bureau\test.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr?cobrand=compaq-desktop.msn.com&ocid=HPDHP&pc=CPDTDF
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=FR_FR&c=Q105&bd=presario&pf=desktop
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr?cobrand=compaq-desktop.msn.com&ocid=HPDHP&pc=CPDTDF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=FR_FR&c=Q105&bd=presario&pf=desktop
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=FR_FR&c=Q105&bd=presario&pf=desktop
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr?cobrand=compaq-desktop.msn.com&ocid=HPDHP&pc=CPDTDF
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn1\yt.dll
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn1\yt.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - C:\Program Files\MSN Apps\ST\01.03.0000.1005\en-xu\stmain.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: MSNToolBandBHO - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\01.02.5000.1021\fr\msntb.dll
O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\01.02.5000.1021\fr\msntb.dll
O3 - Toolbar: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn1\yt.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\j2re1.4.2_03\bin\jusched.exe
O4 - HKLM\..\Run: [hpsysdrv] c:\windows\system\hpsysdrv.exe
O4 - HKLM\..\Run: [SiSPower] Rundll32.exe SiSPower.dll,ModeAgent
O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KBD.EXE
O4 - HKLM\..\Run: [iTunesHelper] C:\Program Files\iTunes\iTunesHelper.exe
O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE
O4 - HKLM\..\Run: [ccApp] "c:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [AlcxMonitor] ALCXMNTR.EXE
O4 - HKLM\..\Run: [PS2] C:\WINDOWS\system32\ps2.exe
O4 - HKLM\..\Run: [LSBWatcher] c:\hp\drivers\hplsbwatcher\lsburnwatcher.exe
O4 - HKLM\..\Run: [Windows Security Center] wscsvc.exe
O4 - HKLM\..\Run: [LBTWiz.exe] C:\WINDOWS\LBTWiz.exe
O4 - HKLM\..\Run: [allbmambcah] C:\WINDOWS\system32\allbmambcah.exe
O4 - HKLM\..\Run: [owjapuo] C:\WINDOWS\system32\owjapuo.exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [DialMessenger] "C:\Program Files\DialMessenger\dialmessenger.exe" -background
O4 - HKCU\..\Run: [Shareaza] "C:\Program Files\Shareaza\Shareaza.exe" -tray
O4 - HKCU\..\Run: [WINSOS VERIFY] "C:\Program Files\Winsos\WINSOS.EXE" MINI
O4 - HKCU\..\Run: [ccleaner] "C:\Program Files\CCleaner\ccleaner.exe" /AUTO
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [RamBoostXp] C:\Program Files\RamBoost XP\rambxpfr.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - Startup: MSN Pictures Displayer.lnk = C:\Program Files\MSN Pictures Displayer\MSN Pictures Displayer.exe
O4 - Startup: {A93C9E60-29B6-49da-BA21-F70AC6AADE20}.lnk = C:\Program Files\Fichiers communs\Symantec Shared\SymSetup\{A93C9E60-29B6-49da-BA21-F70AC6AADE20}.exe
O8 - Extra context menu item: Choisir comme avatar pour Messenger - C:\Program Files\MSN Pictures Displayer\AddIEPicture.htm
O8 - Extra context menu item: Download with &Shareaza - res://C:\Program Files\Shareaza\Plugins\RazaWebHook.dll/3000
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2_03\bin\npjpi142_03.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2_03\bin\npjpi142_03.dll
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} (DivXBrowserPlugin Object) - http://download.divx.com/player/DivXBrowserPlugin.cab
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - c:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - c:\Program Files\Fichiers communs\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - c:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe
O23 - Service: Print Spooler Service (goaio5yyc2e) - Unknown owner - C:\WINDOWS\system32\owjapuo.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: iPod Service (iPodService) - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: ISSvc (ISSVC) - Symantec Corporation - c:\Program Files\Norton Internet Security\ISSVC.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - c:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe
salut j'ai aussi des problemes avec un fichier nokia 19 jpeg...
qui peut m aider et qui a la patience je suis nul en informatique lol ;-)
merci d avance..
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 15:23:29, on 22/10/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
c:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe
C:\WINDOWS\Explorer.EXE
c:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\Java\j2re1.4.2_03\bin\jusched.exe
C:\windows\system\hpsysdrv.exe
C:\WINDOWS\AGRSMMSG.exe
C:\HP\KBD\KBD.EXE
C:\WINDOWS\System32\svchost.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe
C:\WINDOWS\ALCXMNTR.EXE
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\LBTWiz.exe
C:\WINDOWS\system32\owjapuo.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\DialMessenger\dialmessenger.exe
C:\Program Files\Winsos\WINSOS.EXE
C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
C:\Program Files\RamBoost XP\rambxpfr.exe
C:\Program Files\MSN Pictures Displayer\MSN Pictures Displayer.exe
C:\Program Files\MSN Messenger\usnsvc.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\Documents and Settings\Compaq_Propriétaire\Bureau\test.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr?cobrand=compaq-desktop.msn.com&ocid=HPDHP&pc=CPDTDF
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=FR_FR&c=Q105&bd=presario&pf=desktop
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr?cobrand=compaq-desktop.msn.com&ocid=HPDHP&pc=CPDTDF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=FR_FR&c=Q105&bd=presario&pf=desktop
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=FR_FR&c=Q105&bd=presario&pf=desktop
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr?cobrand=compaq-desktop.msn.com&ocid=HPDHP&pc=CPDTDF
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn1\yt.dll
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn1\yt.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - C:\Program Files\MSN Apps\ST\01.03.0000.1005\en-xu\stmain.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: MSNToolBandBHO - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\01.02.5000.1021\fr\msntb.dll
O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\01.02.5000.1021\fr\msntb.dll
O3 - Toolbar: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn1\yt.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\j2re1.4.2_03\bin\jusched.exe
O4 - HKLM\..\Run: [hpsysdrv] c:\windows\system\hpsysdrv.exe
O4 - HKLM\..\Run: [SiSPower] Rundll32.exe SiSPower.dll,ModeAgent
O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KBD.EXE
O4 - HKLM\..\Run: [iTunesHelper] C:\Program Files\iTunes\iTunesHelper.exe
O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE
O4 - HKLM\..\Run: [ccApp] "c:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [AlcxMonitor] ALCXMNTR.EXE
O4 - HKLM\..\Run: [PS2] C:\WINDOWS\system32\ps2.exe
O4 - HKLM\..\Run: [LSBWatcher] c:\hp\drivers\hplsbwatcher\lsburnwatcher.exe
O4 - HKLM\..\Run: [Windows Security Center] wscsvc.exe
O4 - HKLM\..\Run: [LBTWiz.exe] C:\WINDOWS\LBTWiz.exe
O4 - HKLM\..\Run: [allbmambcah] C:\WINDOWS\system32\allbmambcah.exe
O4 - HKLM\..\Run: [owjapuo] C:\WINDOWS\system32\owjapuo.exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [DialMessenger] "C:\Program Files\DialMessenger\dialmessenger.exe" -background
O4 - HKCU\..\Run: [Shareaza] "C:\Program Files\Shareaza\Shareaza.exe" -tray
O4 - HKCU\..\Run: [WINSOS VERIFY] "C:\Program Files\Winsos\WINSOS.EXE" MINI
O4 - HKCU\..\Run: [ccleaner] "C:\Program Files\CCleaner\ccleaner.exe" /AUTO
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [RamBoostXp] C:\Program Files\RamBoost XP\rambxpfr.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - Startup: MSN Pictures Displayer.lnk = C:\Program Files\MSN Pictures Displayer\MSN Pictures Displayer.exe
O4 - Startup: {A93C9E60-29B6-49da-BA21-F70AC6AADE20}.lnk = C:\Program Files\Fichiers communs\Symantec Shared\SymSetup\{A93C9E60-29B6-49da-BA21-F70AC6AADE20}.exe
O8 - Extra context menu item: Choisir comme avatar pour Messenger - C:\Program Files\MSN Pictures Displayer\AddIEPicture.htm
O8 - Extra context menu item: Download with &Shareaza - res://C:\Program Files\Shareaza\Plugins\RazaWebHook.dll/3000
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2_03\bin\npjpi142_03.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2_03\bin\npjpi142_03.dll
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} (DivXBrowserPlugin Object) - http://download.divx.com/player/DivXBrowserPlugin.cab
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - c:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - c:\Program Files\Fichiers communs\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - c:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe
O23 - Service: Print Spooler Service (goaio5yyc2e) - Unknown owner - C:\WINDOWS\system32\owjapuo.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: iPod Service (iPodService) - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: ISSvc (ISSVC) - Symantec Corporation - c:\Program Files\Norton Internet Security\ISSVC.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - c:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe
j'ais ces deux dossiers txt et log
Logfile of HijackThis v1.99.1
Scan saved at 21:14:07, on 22/10/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16544)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\PROGRA~1\Grisoft\AVG7\avgrssvc.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\Explorer.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Fichiers communs\LogiShrd\LVMVFM\LVPrcSrv.exe
C:\PROGRA~1\Grisoft\AVG7\avgrssvc.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\ehome\ehtray.exe
C:\WINDOWS\eHome\ehSched.exe
C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
C:\Program Files\Fichiers communs\LogiShrd\LVCOMSER\LVComSer.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\VTTray.exe
C:\WINDOWS\RTHDCPL.EXE
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe
C:\Program Files\HP DigitalMedia Archive\DMAScheduler.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\HP\HP Software Update\HPwuSchd2.exe
C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe
C:\Program Files\Fichiers communs\LogiShrd\LComMgr\Communications_Helper.exe
C:\Program Files\Logitech\QuickCam\Quickcam.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Unlocker\UnlockerAssistant.exe
C:\Program Files\Intel\IntelDH\Intel(R) Quick Resume Technology Drivers\Elservice.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Google\Google Updater\GoogleUpdater.exe
C:\Program Files\Fichiers communs\Logishrd\LQCVFX\COCIManager.exe
C:\HP\KBD\KBD.EXE
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\Fichiers communs\LogiShrd\LVCOMSER\LVComSer.exe
C:\WINDOWS\system32\dllhost.exe
C:\WINDOWS\eHome\ehmsas.exe
c:\windows\system\hpsysdrv.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Hijackthis Version Française\hijackthis vf.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://fr.search.yahoo.com/?fr=cb-hp06
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = https://fr.search.yahoo.com/?fr=cb-hp06
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr?cobrand=hp-desktop.msn.com&ocid=HPDHP&pc=HPDTDF
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = https://www.msn.com/fr-fr?cobrand=hp-desktop.msn.com&ocid=HPDHP&pc=HPDTDF
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Share Accelerator MM Toolbar - {4596013b-6c31-408b-a266-deae5c086dc2} - C:\Program Files\Share_Accelerator_MM\tbShar.dll
R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
F2 - REG:system.ini: Shell=Explorer.exe %WINDIR%\VTTray.exe
F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\Userinit.exe
O1 - Hosts: 212.150.54.250 dv-networks.com
O2 - BHO: Share Accelerator MM Toolbar - {4596013b-6c31-408b-a266-deae5c086dc2} - C:\Program Files\Share_Accelerator_MM\tbShar.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar3.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.1.615.5858\swg.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar3.dll
O3 - Toolbar: Share Accelerator MM Toolbar - {4596013b-6c31-408b-a266-deae5c086dc2} - C:\Program Files\Share_Accelerator_MM\tbShar.dll
O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe
O4 - HKLM\..\Run: [ftutil2] rundll32.exe ftutil2.dll,SetWriteCacheMode
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /installquiet /keeploaded /nodetect
O4 - HKLM\..\Run: [DMAScheduler] "c:\Program Files\HP DigitalMedia Archive\DMAScheduler.exe"
O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE
O4 - HKLM\..\Run: [HPBootOp] "C:\Program Files\Hewlett-Packard\HP Boot Optimizer\HPBootOp.exe" /run
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPwuSchd2.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe"
O4 - HKLM\..\Run: [LogitechCommunicationsManager] "C:\Program Files\Fichiers communs\LogiShrd\LComMgr\Communications_Helper.exe"
O4 - HKLM\..\Run: [LogitechQuickCamRibbon] "C:\Program Files\Logitech\QuickCam\Quickcam.exe" /hide
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [UnlockerAssistant] "C:\Program Files\Unlocker\UnlockerAssistant.exe" -H
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - Global Startup: Adobe Gamma Loader.exe.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Outil de mise à jour Google.lnk = C:\Program Files\Google\Google Updater\GoogleUpdater.exe
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O9 - Extra button: Aide à la connexion - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm
O9 - Extra 'Tools' menuitem: Aide à la connexion - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: c:\windows\system32\avgfwafu.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\avgfwafu.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\avgfwafu.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\avgfwafu.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\avgfwafu.dll
O11 - Options group: [INTERNATIONAL] International*
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://by120w.bay120.mail.live.com/mail/resources/MsnPUpld.cab
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: NameServer = 85.255.116.146 85.255.112.225
O17 - HKLM\System\CS2\Services\Tcpip\Parameters: NameServer = 85.255.116.146 85.255.112.225
O17 - HKLM\System\CS3\Services\Tcpip\Parameters: NameServer = 85.255.116.146 85.255.112.225
O17 - HKLM\System\CS4\Services\Tcpip\Parameters: NameServer = 85.255.116.146 85.255.112.225
O17 - HKLM\System\CS5\Services\Tcpip\Parameters: NameServer = 85.255.116.146 85.255.112.225
O17 - HKLM\System\CS6\Services\Tcpip\Parameters: NameServer = 85.255.116.146 85.255.112.225
O17 - HKLM\System\CS7\Services\Tcpip\Parameters: NameServer = 85.255.116.146 85.255.112.225
O17 - HKLM\System\CS8\Services\Tcpip\Parameters: NameServer = 85.255.116.146 85.255.112.225
O17 - HKLM\System\CS9\Services\Tcpip\Parameters: NameServer = 85.255.116.146 85.255.112.225
O17 - HKLM\System\CS10\Services\Tcpip\Parameters: NameServer = 85.255.116.146 85.255.112.225
O17 - HKLM\System\CS11\Services\Tcpip\Parameters: NameServer = 85.255.116.146 85.255.112.225
O17 - HKLM\System\CS12\Services\Tcpip\Parameters: NameServer = 85.255.116.146 85.255.112.225
O17 - HKLM\System\CS13\Services\Tcpip\Parameters: NameServer = 85.255.116.146 85.255.112.225
O17 - HKLM\System\CS14\Services\Tcpip\Parameters: NameServer = 85.255.116.146 85.255.112.225
O17 - HKLM\System\CS15\Services\Tcpip\Parameters: NameServer = 85.255.116.146 85.255.112.225
O17 - HKLM\System\CS16\Services\Tcpip\Parameters: NameServer = 85.255.116.146 85.255.112.225
O17 - HKLM\System\CS17\Services\Tcpip\Parameters: NameServer = 85.255.116.146 85.255.112.225
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: NameServer = 85.255.116.146 85.255.112.225
O18 - Protocol: ms-help - {314111C7-A502-11D2-BBCA-00C04F8EC294} - C:\Program Files\Fichiers communs\Microsoft Shared\Help\hxds.dll
O18 - Filter hijack: text/xml - {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~1\FICHIE~1\MICROS~1\OFFICE12\MSOXMLMF.DLL
O20 - Winlogon Notify: avgwlntf - C:\WINDOWS\SYSTEM32\avgwlntf.dll
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - Unknown owner - C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe (file missing)
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - Unknown owner - C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe (file missing)
O23 - Service: AVG7 Resident Shield Service (AvgCoreSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgrssvc.exe
O23 - Service: AVG E-mail Scanner (AVGEMS) - Unknown owner - C:\PROGRA~1\Grisoft\AVG7\avgemc.exe (file missing)
O23 - Service: AVG Firewall (AVGFwSrv) - Unknown owner - C:\PROGRA~1\Grisoft\AVG7\avgfwsrv.exe (file missing)
O23 - Service: Intel(R) Quick Resume technology (ELService) - Intel Corporation - C:\Program Files\Intel\IntelDH\Intel(R) Quick Resume Technology Drivers\Elservice.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
O23 - Service: LVCOMSer - Logitech Inc. - C:\Program Files\Fichiers communs\LogiShrd\LVCOMSER\LVComSer.exe
O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - C:\Program Files\Fichiers communs\LogiShrd\LVMVFM\LVPrcSrv.exe
O23 - Service: LVSrvLauncher - Logitech Inc. - C:\Program Files\Fichiers communs\LogiShrd\SrvLnch\SrvLnch.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: s3contrl (32-bit) - Unknown owner - C:\WINDOWS\VTTray.exe
et un autre truc
MSNFix 1.552
C:\Documents and Settings\HP_Administrateur\Bureau\MSNFix
Fix exécuté le 22/10/2007 - 20:49:08,78 By HP_Administrateur
mode sans échec
************************ Recherche les fichiers présents
... C:\WINDOWS\LBTWiz.exe
************************ MSNCHK ***** /!\ beta test /!\
************************ Recherche les dossiers présents
Aucun dossier trouvé
************************ Suppression des fichiers
.. OK ... C:\WINDOWS\LBTWiz.exe
************************ Nettoyage du registre
************************ Fichiers suspects
Aucun Fichier trouvé
Les fichiers et clés de registre supprimés ont été sauvegardés dans le fichier 22102007_20501876.zip
------------------------------------------------------------------------
Auteur : !aur3n7 Contact: https://www.ionos.fr/
------------------------------------------------------------------------
--------------------------------------------- END ---------------------------------------------
et encor merci de me repondre !!! c super sympa de ta part de me filler un coup de souris !!
Logfile of HijackThis v1.99.1
Scan saved at 21:14:07, on 22/10/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16544)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\PROGRA~1\Grisoft\AVG7\avgrssvc.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\Explorer.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Fichiers communs\LogiShrd\LVMVFM\LVPrcSrv.exe
C:\PROGRA~1\Grisoft\AVG7\avgrssvc.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\ehome\ehtray.exe
C:\WINDOWS\eHome\ehSched.exe
C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
C:\Program Files\Fichiers communs\LogiShrd\LVCOMSER\LVComSer.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\VTTray.exe
C:\WINDOWS\RTHDCPL.EXE
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe
C:\Program Files\HP DigitalMedia Archive\DMAScheduler.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\HP\HP Software Update\HPwuSchd2.exe
C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe
C:\Program Files\Fichiers communs\LogiShrd\LComMgr\Communications_Helper.exe
C:\Program Files\Logitech\QuickCam\Quickcam.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Unlocker\UnlockerAssistant.exe
C:\Program Files\Intel\IntelDH\Intel(R) Quick Resume Technology Drivers\Elservice.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Google\Google Updater\GoogleUpdater.exe
C:\Program Files\Fichiers communs\Logishrd\LQCVFX\COCIManager.exe
C:\HP\KBD\KBD.EXE
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\Fichiers communs\LogiShrd\LVCOMSER\LVComSer.exe
C:\WINDOWS\system32\dllhost.exe
C:\WINDOWS\eHome\ehmsas.exe
c:\windows\system\hpsysdrv.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Hijackthis Version Française\hijackthis vf.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://fr.search.yahoo.com/?fr=cb-hp06
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = https://fr.search.yahoo.com/?fr=cb-hp06
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr?cobrand=hp-desktop.msn.com&ocid=HPDHP&pc=HPDTDF
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = https://www.msn.com/fr-fr?cobrand=hp-desktop.msn.com&ocid=HPDHP&pc=HPDTDF
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Share Accelerator MM Toolbar - {4596013b-6c31-408b-a266-deae5c086dc2} - C:\Program Files\Share_Accelerator_MM\tbShar.dll
R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
F2 - REG:system.ini: Shell=Explorer.exe %WINDIR%\VTTray.exe
F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\Userinit.exe
O1 - Hosts: 212.150.54.250 dv-networks.com
O2 - BHO: Share Accelerator MM Toolbar - {4596013b-6c31-408b-a266-deae5c086dc2} - C:\Program Files\Share_Accelerator_MM\tbShar.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar3.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.1.615.5858\swg.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar3.dll
O3 - Toolbar: Share Accelerator MM Toolbar - {4596013b-6c31-408b-a266-deae5c086dc2} - C:\Program Files\Share_Accelerator_MM\tbShar.dll
O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe
O4 - HKLM\..\Run: [ftutil2] rundll32.exe ftutil2.dll,SetWriteCacheMode
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /installquiet /keeploaded /nodetect
O4 - HKLM\..\Run: [DMAScheduler] "c:\Program Files\HP DigitalMedia Archive\DMAScheduler.exe"
O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE
O4 - HKLM\..\Run: [HPBootOp] "C:\Program Files\Hewlett-Packard\HP Boot Optimizer\HPBootOp.exe" /run
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPwuSchd2.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe"
O4 - HKLM\..\Run: [LogitechCommunicationsManager] "C:\Program Files\Fichiers communs\LogiShrd\LComMgr\Communications_Helper.exe"
O4 - HKLM\..\Run: [LogitechQuickCamRibbon] "C:\Program Files\Logitech\QuickCam\Quickcam.exe" /hide
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [UnlockerAssistant] "C:\Program Files\Unlocker\UnlockerAssistant.exe" -H
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - Global Startup: Adobe Gamma Loader.exe.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Outil de mise à jour Google.lnk = C:\Program Files\Google\Google Updater\GoogleUpdater.exe
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O9 - Extra button: Aide à la connexion - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm
O9 - Extra 'Tools' menuitem: Aide à la connexion - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: c:\windows\system32\avgfwafu.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\avgfwafu.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\avgfwafu.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\avgfwafu.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\avgfwafu.dll
O11 - Options group: [INTERNATIONAL] International*
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://by120w.bay120.mail.live.com/mail/resources/MsnPUpld.cab
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: NameServer = 85.255.116.146 85.255.112.225
O17 - HKLM\System\CS2\Services\Tcpip\Parameters: NameServer = 85.255.116.146 85.255.112.225
O17 - HKLM\System\CS3\Services\Tcpip\Parameters: NameServer = 85.255.116.146 85.255.112.225
O17 - HKLM\System\CS4\Services\Tcpip\Parameters: NameServer = 85.255.116.146 85.255.112.225
O17 - HKLM\System\CS5\Services\Tcpip\Parameters: NameServer = 85.255.116.146 85.255.112.225
O17 - HKLM\System\CS6\Services\Tcpip\Parameters: NameServer = 85.255.116.146 85.255.112.225
O17 - HKLM\System\CS7\Services\Tcpip\Parameters: NameServer = 85.255.116.146 85.255.112.225
O17 - HKLM\System\CS8\Services\Tcpip\Parameters: NameServer = 85.255.116.146 85.255.112.225
O17 - HKLM\System\CS9\Services\Tcpip\Parameters: NameServer = 85.255.116.146 85.255.112.225
O17 - HKLM\System\CS10\Services\Tcpip\Parameters: NameServer = 85.255.116.146 85.255.112.225
O17 - HKLM\System\CS11\Services\Tcpip\Parameters: NameServer = 85.255.116.146 85.255.112.225
O17 - HKLM\System\CS12\Services\Tcpip\Parameters: NameServer = 85.255.116.146 85.255.112.225
O17 - HKLM\System\CS13\Services\Tcpip\Parameters: NameServer = 85.255.116.146 85.255.112.225
O17 - HKLM\System\CS14\Services\Tcpip\Parameters: NameServer = 85.255.116.146 85.255.112.225
O17 - HKLM\System\CS15\Services\Tcpip\Parameters: NameServer = 85.255.116.146 85.255.112.225
O17 - HKLM\System\CS16\Services\Tcpip\Parameters: NameServer = 85.255.116.146 85.255.112.225
O17 - HKLM\System\CS17\Services\Tcpip\Parameters: NameServer = 85.255.116.146 85.255.112.225
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: NameServer = 85.255.116.146 85.255.112.225
O18 - Protocol: ms-help - {314111C7-A502-11D2-BBCA-00C04F8EC294} - C:\Program Files\Fichiers communs\Microsoft Shared\Help\hxds.dll
O18 - Filter hijack: text/xml - {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~1\FICHIE~1\MICROS~1\OFFICE12\MSOXMLMF.DLL
O20 - Winlogon Notify: avgwlntf - C:\WINDOWS\SYSTEM32\avgwlntf.dll
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - Unknown owner - C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe (file missing)
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - Unknown owner - C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe (file missing)
O23 - Service: AVG7 Resident Shield Service (AvgCoreSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgrssvc.exe
O23 - Service: AVG E-mail Scanner (AVGEMS) - Unknown owner - C:\PROGRA~1\Grisoft\AVG7\avgemc.exe (file missing)
O23 - Service: AVG Firewall (AVGFwSrv) - Unknown owner - C:\PROGRA~1\Grisoft\AVG7\avgfwsrv.exe (file missing)
O23 - Service: Intel(R) Quick Resume technology (ELService) - Intel Corporation - C:\Program Files\Intel\IntelDH\Intel(R) Quick Resume Technology Drivers\Elservice.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
O23 - Service: LVCOMSer - Logitech Inc. - C:\Program Files\Fichiers communs\LogiShrd\LVCOMSER\LVComSer.exe
O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - C:\Program Files\Fichiers communs\LogiShrd\LVMVFM\LVPrcSrv.exe
O23 - Service: LVSrvLauncher - Logitech Inc. - C:\Program Files\Fichiers communs\LogiShrd\SrvLnch\SrvLnch.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: s3contrl (32-bit) - Unknown owner - C:\WINDOWS\VTTray.exe
et un autre truc
MSNFix 1.552
C:\Documents and Settings\HP_Administrateur\Bureau\MSNFix
Fix exécuté le 22/10/2007 - 20:49:08,78 By HP_Administrateur
mode sans échec
************************ Recherche les fichiers présents
... C:\WINDOWS\LBTWiz.exe
************************ MSNCHK ***** /!\ beta test /!\
************************ Recherche les dossiers présents
Aucun dossier trouvé
************************ Suppression des fichiers
.. OK ... C:\WINDOWS\LBTWiz.exe
************************ Nettoyage du registre
************************ Fichiers suspects
Aucun Fichier trouvé
Les fichiers et clés de registre supprimés ont été sauvegardés dans le fichier 22102007_20501876.zip
------------------------------------------------------------------------
Auteur : !aur3n7 Contact: https://www.ionos.fr/
------------------------------------------------------------------------
--------------------------------------------- END ---------------------------------------------
et encor merci de me repondre !!! c super sympa de ta part de me filler un coup de souris !!
