Win32:TratBHO [Trj] probleme virus

sophie -  
ep44 Messages postés 7415 Date d'inscription   Statut Contributeur Dernière intervention   -
Bonjour,

je suis novice sur le net et j'ai un probleme avec le virus Win32:TratBHO [Trj] si quelqu'un pour me guider ce serais sympa
merci d'avance
Configuration: Windows XP
Firefox 2.0.0.11

15 réponses

  1. elnico68
     
    slt
    ben quand tes infercté il ni ya qu'une seul solution le formatage
    pens bien a sauvegarder tte tes donées car le formatage comme son nom l'indique remet on pc a 0

    ++
    0
  2. ep44 Messages postés 7415 Date d'inscription   Statut Contributeur Dernière intervention   3
     
    FAUX

    Bonsoir Sophie
    Télécharge sur le bureau
    ftp://ftp.commentcamarche.com/download/HJTInstall.exe

    => Double-clic dessus
    => installe
    => Clic Do a system scan and save the log
    => coller le rapport
    si problème voir l'aide
    http://perso.orange.fr/rginformatique/section%20virus/demohijack.htm
    @+
    0
  3. sophie
     
    merci bien j'etait deja desesperer de reformater mon pc
    merci de ton aide voila le rapport!:

    Logfile of HijackThis v1.99.1
    Scan saved at 18:41:16, on 15/01/2008
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\csrss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\svchost.exe
    C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
    C:\Program Files\Alwil Software\Avast4\ashServ.exe
    C:\WINDOWS\system32\spoolsv.exe
    c:\program files\fichiers communs\logitech\lvmvfm\LVPrcSrv.exe
    C:\WINDOWS\system32\acs.exe
    C:\WINDOWS\Explorer.EXE
    C:\WINDOWS\system32\RUNDLL32.EXE
    C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
    C:\PROGRA~1\LAUNCH~1\LManager.exe
    C:\Program Files\Atheros\ACU.exe
    C:\Program Files\Acer\OrbiCam\CameraAssistant.exe
    C:\Program Files\Atheros\ACU .exe
    C:\Program Files\Synaptics\SynTP\SynTPEnh .exe
    C:\PROGRA~1\LAUNCH~1\LManager .exe
    C:\WINDOWS\system32\ElkCtrl.exe
    C:\Program Files\Acer\OrbiCam\CameraAssistant .exe
    C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
    C:\WINDOWS\system32\ElkCtrl .exe
    C:\Program Files\Java\jre1.6.0_03\bin\jusched .exe
    C:\WINDOWS\RTHDCPL.EXE
    C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe
    C:\WINDOWS\system32\LVCOMSX.EXE
    C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch .exe
    C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
    C:\Program Files\Spyware Doctor\SDTrayApp.exe
    C:\WINDOWS\system32\LVCOMSX .EXE
    C:\Program Files\Windows Live\Messenger\msnmsgr .exe
    C:\Program Files\Macrogaming\SweetIM\SweetIM.exe
    C:\Program Files\Macrogaming\SweetIM\SweetIM .exe
    C:\Program Files\DAEMON Tools\daemon.exe
    C:\Program Files\Spyware Doctor\SDTrayApp .exe
    C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
    C:\Program Files\DAEMON Tools\daemon .exe
    C:\Program Files\BinarySense\HDDlife\HDDlife.exe
    C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
    C:\WINDOWS\system32\nvsvc32.exe
    C:\Program Files\Spyware Doctor\svcntaux.exe
    C:\Program Files\Spyware Doctor\swdsvc.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\wdfmgr.exe
    C:\DOCUME~1\Sophie\LOCALS~1\Temp\RtkBtMnt.exe
    C:\Program Files\Mozilla Firefox\firefox.exe
    C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
    C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
    C:\WINDOWS\System32\alg.exe
    C:\Program Files\Windows Live\Messenger\usnsvc.exe
    C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
    C:\WINDOWS\system32\wuauclt.exe
    C:\hijackthis\HijackThis.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.files-ftp.com/~unicorni/phpBB2/index.php
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://home.sweetim.com/
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
    R3 - URLSearchHook: SweetIM For Internet Explorer - {BC4FFE41-DE9F-46fa-B455-AAD49B9F9938} - C:\Program Files\Macrogaming\SweetIMBarForIE\toolbar.dll
    R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
    F3 - REG:win.ini: load=C:\WINDOWS\system32\pmkhh.exe
    O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
    O2 - BHO: SWEETIE - {1A0AADCD-3A72-4b5f-900F-E3BB5A838E2A} - C:\PROGRA~1\MACROG~1\SWEETI~1\toolbar.dll
    O2 - BHO: (no name) - {3401DB32-7F00-4EC7-A890-A75F64973843} - C:\WINDOWS\system32\pmnnmmj.dll
    O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
    O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
    O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
    O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
    O3 - Toolbar: (no name) - {381FFDE8-2394-4f90-B10D-FC6124A40F8C} - (no file)
    O3 - Toolbar: SweetIM For Internet Explorer - {BC4FFE41-DE9F-46fa-B455-AAD49B9F9938} - C:\Program Files\Macrogaming\SweetIMBarForIE\toolbar.dll
    O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
    O4 - HKLM\..\Run: [SkyTel] SkyTel.EXE
    O4 - HKLM\..\Run: [AzMixerSel] C:\Program Files\Realtek\InstallShield\AzMixerSel.exe
    O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
    O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
    O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
    O4 - HKLM\..\Run: [LManager] C:\PROGRA~1\LAUNCH~1\LManager.exe
    O4 - HKLM\..\Run: [ACU] "C:\Program Files\Atheros\ACU.exe" -nogui
    O4 - HKLM\..\Run: [BroadcomWireless] C:\Program Files\Broadcom\Wireless\Utility\WlanUtil.exe
    O4 - HKLM\..\Run: [LogitechCameraAssistant] C:\Program Files\Acer\OrbiCam\CameraAssistant.exe
    O4 - HKLM\..\Run: [LogitechVideo[inspector]] C:\Program Files\Acer\OrbiCam\InstallHelper.exe /inspect
    O4 - HKLM\..\Run: [LogitechCameraService(E)] C:\WINDOWS\system32\ElkCtrl.exe /automation
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
    O4 - HKLM\..\Run: [IdiomaX Office] C:\Program Files\IdiomaX\Office Translator 4.0\IdxOffice.exe
    O4 - HKLM\..\Run: [IdiomaX Product Update] C:\Program Files\Fichiers communs\IdiomaX Shared\Cat 6.0\IdxLUpdate.exe /AUTOSTART
    O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
    O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
    O4 - HKLM\..\Run: [EPSON Stylus DX6000 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIBIE.EXE /FU "C:\WINDOWS\TEMP\E_S8D.tmp" /EF "HKLM"
    O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\FICHIE~1\INSTAL~1\UPDATE~1\isuspm.exe -startup
    O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe" -start
    O4 - HKLM\..\Run: [BitDefender Antiphishing Helper] "C:\Program Files\BitDefender\BitDefender 2008\IEShow.exe"
    O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
    O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
    O4 - HKLM\..\Run: [WinampAgent] C:\Program Files\Winamp\wianmpa.exe
    O4 - HKLM\..\Run: [SDTray] "C:\Program Files\Spyware Doctor\SDTrayApp.exe"
    O4 - HKLM\..\RunOnce: [wextract_cleanup1] rundll32.exe C:\WINDOWS\system32\advpack.dll,DelNodeRunDLL32 "C:\DOCUME~1\Sophie\LOCALS~1\Temp\IXP001.TMP\"
    O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr .exe" /background
    O4 - HKCU\..\Run: [SweetIM] C:\Program Files\Macrogaming\SweetIM\SweetIM.exe
    O4 - HKCU\..\Run: [DAEMON Tools] "C:\Program Files\DAEMON Tools\daemon.exe" -lang 1033
    O4 - HKCU\..\Run: [xitdhrdeoz] c:\documents and settings\sophie\local settings\application data\xitdhrdeoz.exe xitdhrdeoz
    O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
    O4 - Startup: HDDlife.lnk = C:\Program Files\BinarySense\HDDlife\HDDlife.exe
    O4 - Global Startup: BTTray.lnk = ?
    O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
    O8 - Extra context menu item: Envoyer au périphérique &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
    O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
    O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
    O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
    O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O14 - IERESET.INF: START_PAGE_URL=http://www.files-ftp.com/~unicorni/phpBB2/index.php
    O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL
    O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL
    O20 - Winlogon Notify: pmnnmmj - C:\WINDOWS\SYSTEM32\pmnnmmj.dll
    O20 - Winlogon Notify: WgaLogon - WgaLogon.dll (file missing)
    O23 - Service: Atheros Configuration Service (ACS) - Unknown owner - C:\WINDOWS\system32\acs.exe
    O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
    O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
    O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
    O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
    O23 - Service: Boonty Games - BOONTY - C:\Program Files\Fichiers communs\BOONTY Shared\Service\Boonty.exe
    O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
    O23 - Service: GameConsoleService - WildTangent, Inc. - C:\Program Files\WildGames\Game Console - WildGames\GameConsoleService.exe
    O23 - Service: Logitech Process Monitor (LVPrcSrv) - Logitech - c:\program files\fichiers communs\logitech\lvmvfm\LVPrcSrv.exe
    O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
    O23 - Service: PC Tools Auxiliary Service (sdAuxService) - PC Tools - C:\Program Files\Spyware Doctor\svcntaux.exe
    O23 - Service: PC Tools Security Service (sdCoreService) - PC Tools - C:\Program Files\Spyware Doctor\swdsvc.exe
    0
  4. Vous n’avez pas trouvé la réponse que vous recherchez ?

    Posez votre question
  5. ep44 Messages postés 7415 Date d'inscription   Statut Contributeur Dernière intervention   3
     
    tu n'as pas utilisé la version que je t'ai donnée
    0
  6. sophie
     
    désoler pour la version précedente j'aivais deja celle là, voila le rapport avec la version que tu ma donné
    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 18:54:53, on 15/01/2008
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\csrss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\svchost.exe
    C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
    C:\Program Files\Alwil Software\Avast4\ashServ.exe
    C:\WINDOWS\system32\spoolsv.exe
    c:\program files\fichiers communs\logitech\lvmvfm\LVPrcSrv.exe
    C:\WINDOWS\system32\acs.exe
    C:\WINDOWS\Explorer.EXE
    C:\WINDOWS\system32\RUNDLL32.EXE
    C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
    C:\PROGRA~1\LAUNCH~1\LManager.exe
    C:\Program Files\Atheros\ACU.exe
    C:\Program Files\Acer\OrbiCam\CameraAssistant.exe
    C:\Program Files\Atheros\ACU .exe
    C:\Program Files\Synaptics\SynTP\SynTPEnh .exe
    C:\PROGRA~1\LAUNCH~1\LManager .exe
    C:\WINDOWS\system32\ElkCtrl.exe
    C:\Program Files\Acer\OrbiCam\CameraAssistant .exe
    C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
    C:\WINDOWS\system32\ElkCtrl .exe
    C:\Program Files\Java\jre1.6.0_03\bin\jusched .exe
    C:\WINDOWS\RTHDCPL.EXE
    C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe
    C:\WINDOWS\system32\LVCOMSX.EXE
    C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch .exe
    C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
    C:\Program Files\Spyware Doctor\SDTrayApp.exe
    C:\WINDOWS\system32\LVCOMSX .EXE
    C:\Program Files\Windows Live\Messenger\msnmsgr .exe
    C:\Program Files\Macrogaming\SweetIM\SweetIM.exe
    C:\Program Files\Macrogaming\SweetIM\SweetIM .exe
    C:\Program Files\DAEMON Tools\daemon.exe
    C:\Program Files\Spyware Doctor\SDTrayApp .exe
    C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
    C:\Program Files\DAEMON Tools\daemon .exe
    C:\Program Files\BinarySense\HDDlife\HDDlife.exe
    C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
    C:\WINDOWS\system32\nvsvc32.exe
    C:\Program Files\Spyware Doctor\svcntaux.exe
    C:\Program Files\Spyware Doctor\swdsvc.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\wdfmgr.exe
    C:\DOCUME~1\Sophie\LOCALS~1\Temp\RtkBtMnt.exe
    C:\Program Files\Mozilla Firefox\firefox.exe
    C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
    C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
    C:\WINDOWS\System32\alg.exe
    C:\Program Files\Windows Live\Messenger\usnsvc.exe
    C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
    C:\Documents and Settings\Sophie\Bureau\HJTInstall.exe
    C:\Documents and Settings\Sophie\Bureau\HJTInstall.exe
    C:\Documents and Settings\Sophie\Bureau\HJTInstall.exe
    D:\Nouveau dossier\HijackThis.exe
    C:\WINDOWS\system32\wbem\wmiprvse.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.files-ftp.com/~unicorni/phpBB2/index.php
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://home.sweetim.com/
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
    R3 - URLSearchHook: SweetIM For Internet Explorer - {BC4FFE41-DE9F-46fa-B455-AAD49B9F9938} - C:\Program Files\Macrogaming\SweetIMBarForIE\toolbar.dll
    R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
    F3 - REG:win.ini: load=C:\WINDOWS\system32\pmkhh.exe
    O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
    O2 - BHO: SWEETIE - {1A0AADCD-3A72-4b5f-900F-E3BB5A838E2A} - C:\PROGRA~1\MACROG~1\SWEETI~1\toolbar.dll
    O2 - BHO: (no name) - {3401DB32-7F00-4EC7-A890-A75F64973843} - C:\WINDOWS\system32\pmnnmmj.dll
    O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
    O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
    O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
    O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
    O3 - Toolbar: (no name) - {381FFDE8-2394-4f90-B10D-FC6124A40F8C} - (no file)
    O3 - Toolbar: SweetIM For Internet Explorer - {BC4FFE41-DE9F-46fa-B455-AAD49B9F9938} - C:\Program Files\Macrogaming\SweetIMBarForIE\toolbar.dll
    O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
    O4 - HKLM\..\Run: [SkyTel] SkyTel.EXE
    O4 - HKLM\..\Run: [AzMixerSel] C:\Program Files\Realtek\InstallShield\AzMixerSel.exe
    O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
    O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
    O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
    O4 - HKLM\..\Run: [LManager] C:\PROGRA~1\LAUNCH~1\LManager.exe
    O4 - HKLM\..\Run: [ACU] "C:\Program Files\Atheros\ACU.exe" -nogui
    O4 - HKLM\..\Run: [BroadcomWireless] C:\Program Files\Broadcom\Wireless\Utility\WlanUtil.exe
    O4 - HKLM\..\Run: [LogitechCameraAssistant] C:\Program Files\Acer\OrbiCam\CameraAssistant.exe
    O4 - HKLM\..\Run: [LogitechVideo[inspector]] C:\Program Files\Acer\OrbiCam\InstallHelper.exe /inspect
    O4 - HKLM\..\Run: [LogitechCameraService(E)] C:\WINDOWS\system32\ElkCtrl.exe /automation
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
    O4 - HKLM\..\Run: [IdiomaX Office] C:\Program Files\IdiomaX\Office Translator 4.0\IdxOffice.exe
    O4 - HKLM\..\Run: [IdiomaX Product Update] C:\Program Files\Fichiers communs\IdiomaX Shared\Cat 6.0\IdxLUpdate.exe /AUTOSTART
    O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
    O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
    O4 - HKLM\..\Run: [EPSON Stylus DX6000 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIBIE.EXE /FU "C:\WINDOWS\TEMP\E_S8D.tmp" /EF "HKLM"
    O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\FICHIE~1\INSTAL~1\UPDATE~1\isuspm.exe -startup
    O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe" -start
    O4 - HKLM\..\Run: [BitDefender Antiphishing Helper] "C:\Program Files\BitDefender\BitDefender 2008\IEShow.exe"
    O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
    O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
    O4 - HKLM\..\Run: [WinampAgent] C:\Program Files\Winamp\wianmpa.exe
    O4 - HKLM\..\Run: [SDTray] "C:\Program Files\Spyware Doctor\SDTrayApp.exe"
    O4 - HKLM\..\RunOnce: [wextract_cleanup1] rundll32.exe C:\WINDOWS\system32\advpack.dll,DelNodeRunDLL32 "C:\DOCUME~1\Sophie\LOCALS~1\Temp\IXP001.TMP\"
    O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr .exe" /background
    O4 - HKCU\..\Run: [SweetIM] C:\Program Files\Macrogaming\SweetIM\SweetIM.exe
    O4 - HKCU\..\Run: [DAEMON Tools] "C:\Program Files\DAEMON Tools\daemon.exe" -lang 1033
    O4 - HKCU\..\Run: [xitdhrdeoz] c:\documents and settings\sophie\local settings\application data\xitdhrdeoz.exe xitdhrdeoz
    O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
    O4 - Startup: HDDlife.lnk = C:\Program Files\BinarySense\HDDlife\HDDlife.exe
    O4 - Global Startup: BTTray.lnk = ?
    O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
    O8 - Extra context menu item: Envoyer au périphérique &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
    O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
    O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
    O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll
    O14 - IERESET.INF: START_PAGE_URL=http://www.files-ftp.com/~unicorni/phpBB2/index.php
    O20 - Winlogon Notify: pmnnmmj - C:\WINDOWS\SYSTEM32\pmnnmmj.dll
    O23 - Service: Atheros Configuration Service (ACS) - Unknown owner - C:\WINDOWS\system32\acs.exe
    O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
    O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
    O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
    O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
    O23 - Service: Boonty Games - BOONTY - C:\Program Files\Fichiers communs\BOONTY Shared\Service\Boonty.exe
    O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
    O23 - Service: GameConsoleService - WildTangent, Inc. - C:\Program Files\WildGames\Game Console - WildGames\GameConsoleService.exe
    O23 - Service: Logitech Process Monitor (LVPrcSrv) - Logitech - c:\program files\fichiers communs\logitech\lvmvfm\LVPrcSrv.exe
    O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
    O23 - Service: PC Tools Auxiliary Service (sdAuxService) - PC Tools - C:\Program Files\Spyware Doctor\svcntaux.exe
    O23 - Service: PC Tools Security Service (sdCoreService) - PC Tools - C:\Program Files\Spyware Doctor\swdsvc.exe
    0
  7. ep44 Messages postés 7415 Date d'inscription   Statut Contributeur Dernière intervention   3
     
    Télécharge sur le Bureau.
    http://www.atribune.org/ccount/click.php?id=4

    => Double-clic VundoFix.exe.
    => Clic OK
    => Attendre le redemarrage de Vundofix
    => Clic Scan for Vundo
    => Le scan est assez long , à la fin
    => Clic Remove Vundo
    => Puis yes
    => Le Bureau disparaît un moment lors de la suppression des fichiers.
    => Message shutdown
    => clic OK
    => Redémarrage auto
    => copier le rapport qui est dans C:vundofix.txt

    -------------
    ensuite
    Télécharge sur le bureau
    http://secured2k.home.comcast.net/tools/VirtumundoBeGone.exe

    => Double clic sur VirtumundoBeGone.exe
    => Clic Continue ==> clic Start
    => Clic Oui
    => A la fin si Vundo est présent , le PC s’éteint et redémarre
    => Si Ecran bleu et message : Erreur fatale .. pas de problème
    => Poster le rapport VBG.TXT qui est sur le bureau

    ensuite une fois ceci fait refais un rapport hijack
    @+
    0
  8. sophie
     
    j'ai fait tout ce que vous m'aviez dit mais au premier redemarrage il restait encore 2 fichiers, donc j'ai encore cliquer sur remove vundo et il a redemarrer, mais 30 minutes plus tard le virus est revenu sous le nom de c:windows/systeme32/pmkhh.exe. Je vous laisse le VBG et mon nouveau rapport hijack .

    VBG:
    [01/15/2008, 20:27:07] - VirtumundoBeGone v1.5 ( "C:\Documents and Settings\Sophie\Bureau\VirtumundoBeGone.exe" )
    [01/15/2008, 20:27:14] - Detected System Information:
    [01/15/2008, 20:27:14] - Windows Version: 5.1.2600, Service Pack 2
    [01/15/2008, 20:27:14] - Current Username: Sophie (Admin)
    [01/15/2008, 20:27:14] - Windows is in NORMAL mode.
    [01/15/2008, 20:27:14] - Searching for Browser Helper Objects:
    [01/15/2008, 20:27:14] - BHO 1: {02478D38-C3F9-4efb-9B51-7695ECA05670} (&Yahoo! Toolbar Helper)
    [01/15/2008, 20:27:14] - BHO 2: {1A0AADCD-3A72-4b5f-900F-E3BB5A838E2A} (SWEETIE Class)
    [01/15/2008, 20:27:14] - BHO 3: {3401DB32-7F00-4EC7-A890-A75F64973843} ()
    [01/15/2008, 20:27:14] - WARNING: BHO has no default name. Checking for Winlogon reference.
    [01/15/2008, 20:27:15] - Checking for HKLM\...\Winlogon\Notify\pmnnmmj
    [01/15/2008, 20:27:15] - Key not found: HKLM\...\Winlogon\Notify\pmnnmmj, continuing.
    [01/15/2008, 20:27:15] - BHO 4: {53707962-6F74-2D53-2644-206D7942484F} (Spybot-S&D IE Protection)
    [01/15/2008, 20:27:15] - BHO 5: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} (SSVHelper Class)
    [01/15/2008, 20:27:15] - BHO 6: {7E853D72-626A-48EC-A868-BA8D5E23E045} ()
    [01/15/2008, 20:27:15] - WARNING: BHO has no default name. Checking for Winlogon reference.
    [01/15/2008, 20:27:15] - No filename found. Continuing.
    [01/15/2008, 20:27:15] - BHO 7: {9030D464-4C02-4ABF-8ECC-5164760863C6} (Programme d'aide de l'Assistant de connexion Windows Live)
    [01/15/2008, 20:27:15] - BHO 8: {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} (EpsonToolBandKicker Class)
    [01/15/2008, 20:27:15] - Finished Searching Browser Helper Objects
    [01/15/2008, 20:27:15] - Finishing up...
    [01/15/2008, 20:27:15] - Nothing found! Exiting...

    HIJACK:
    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 20:47:57, on 15/01/2008
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\csrss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\svchost.exe
    C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
    C:\Program Files\Alwil Software\Avast4\ashServ.exe
    C:\WINDOWS\system32\spoolsv.exe
    c:\program files\fichiers communs\logitech\lvmvfm\LVPrcSrv.exe
    C:\WINDOWS\system32\acs.exe
    C:\WINDOWS\Explorer.EXE
    C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
    C:\WINDOWS\system32\nvsvc32.exe
    C:\Program Files\Spyware Doctor\svcntaux.exe
    C:\Program Files\Spyware Doctor\swdsvc.exe
    C:\WINDOWS\system32\svchost.exe
    C:\Program Files\Spyware Doctor\SDTrayApp.exe
    C:\WINDOWS\system32\wdfmgr.exe
    C:\Program Files\Spyware Doctor\SDTrayApp .exe
    C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
    C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
    C:\WINDOWS\system32\RUNDLL32.EXE
    C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
    C:\PROGRA~1\LAUNCH~1\LManager.exe
    C:\Program Files\Atheros\ACU.exe
    C:\Program Files\Acer\OrbiCam\CameraAssistant.exe
    C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
    C:\Program Files\Atheros\ACU .exe
    C:\Program Files\Java\jre1.6.0_03\bin\jusched .exe
    C:\Program Files\Acer\OrbiCam\CameraAssistant .exe
    C:\PROGRA~1\LAUNCH~1\LManager .exe
    C:\WINDOWS\RTHDCPL.EXE
    C:\Program Files\Synaptics\SynTP\SynTPEnh .exe
    C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe
    C:\WINDOWS\system32\LVCOMSX.EXE
    C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
    C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch .exe
    C:\WINDOWS\system32\LVCOMSX .EXE
    C:\Program Files\Windows Live\Messenger\msnmsgr .exe
    C:\Program Files\Macrogaming\SweetIM\SweetIM.exe
    C:\WINDOWS\System32\alg.exe
    C:\Program Files\DAEMON Tools\daemon.exe
    C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
    C:\Program Files\Macrogaming\SweetIM\SweetIM .exe
    C:\Program Files\DAEMON Tools\daemon .exe
    C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
    C:\Program Files\BinarySense\HDDlife\HDDlife.exe
    C:\Program Files\Spybot - Search & Destroy\TeaTimer .exe
    C:\WINDOWS\System32\svchost.exe
    C:\DOCUME~1\Sophie\LOCALS~1\Temp\RtkBtMnt.exe
    C:\Program Files\Windows Live\Messenger\usnsvc.exe
    C:\WINDOWS\system32\wbem\wmiprvse.exe
    C:\Program Files\Mozilla Firefox\firefox.exe
    D:\Nouveau dossier\HijackThis.exe
    C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
    C:\WINDOWS\system32\wbem\wmiprvse.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.files-ftp.com/~unicorni/phpBB2/index.php
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://home.sweetim.com/
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
    R3 - URLSearchHook: SweetIM For Internet Explorer - {BC4FFE41-DE9F-46fa-B455-AAD49B9F9938} - C:\Program Files\Macrogaming\SweetIMBarForIE\toolbar.dll
    R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
    F3 - REG:win.ini: load=C:\WINDOWS\system32\pmkhh.exe
    O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
    O2 - BHO: SWEETIE - {1A0AADCD-3A72-4b5f-900F-E3BB5A838E2A} - C:\PROGRA~1\MACROG~1\SWEETI~1\toolbar.dll
    O2 - BHO: (no name) - {3401DB32-7F00-4EC7-A890-A75F64973843} - C:\WINDOWS\system32\pmnnmmj.dll
    O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
    O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
    O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
    O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
    O3 - Toolbar: (no name) - {381FFDE8-2394-4f90-B10D-FC6124A40F8C} - (no file)
    O3 - Toolbar: SweetIM For Internet Explorer - {BC4FFE41-DE9F-46fa-B455-AAD49B9F9938} - C:\Program Files\Macrogaming\SweetIMBarForIE\toolbar.dll
    O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
    O4 - HKLM\..\Run: [SkyTel] SkyTel.EXE
    O4 - HKLM\..\Run: [AzMixerSel] C:\Program Files\Realtek\InstallShield\AzMixerSel.exe
    O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
    O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
    O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
    O4 - HKLM\..\Run: [LManager] C:\PROGRA~1\LAUNCH~1\LManager.exe
    O4 - HKLM\..\Run: [ACU] "C:\Program Files\Atheros\ACU.exe" -nogui
    O4 - HKLM\..\Run: [BroadcomWireless] C:\Program Files\Broadcom\Wireless\Utility\WlanUtil.exe
    O4 - HKLM\..\Run: [LogitechCameraAssistant] C:\Program Files\Acer\OrbiCam\CameraAssistant.exe
    O4 - HKLM\..\Run: [LogitechVideo[inspector]] C:\Program Files\Acer\OrbiCam\InstallHelper.exe /inspect
    O4 - HKLM\..\Run: [LogitechCameraService(E)] C:\WINDOWS\system32\ElkCtrl.exe /automation
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
    O4 - HKLM\..\Run: [IdiomaX Office] C:\Program Files\IdiomaX\Office Translator 4.0\IdxOffice.exe
    O4 - HKLM\..\Run: [IdiomaX Product Update] C:\Program Files\Fichiers communs\IdiomaX Shared\Cat 6.0\IdxLUpdate.exe /AUTOSTART
    O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
    O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
    O4 - HKLM\..\Run: [EPSON Stylus DX6000 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIBIE.EXE /FU "C:\WINDOWS\TEMP\E_S8D.tmp" /EF "HKLM"
    O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\FICHIE~1\INSTAL~1\UPDATE~1\isuspm.exe -startup
    O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe" -start
    O4 - HKLM\..\Run: [BitDefender Antiphishing Helper] "C:\Program Files\BitDefender\BitDefender 2008\IEShow.exe"
    O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
    O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
    O4 - HKLM\..\Run: [WinampAgent] C:\Program Files\Winamp\wianmpa.exe
    O4 - HKLM\..\Run: [SDTray] "C:\Program Files\Spyware Doctor\SDTrayApp.exe"
    O4 - HKLM\..\RunOnce: [wextract_cleanup1] rundll32.exe C:\WINDOWS\system32\advpack.dll,DelNodeRunDLL32 "C:\DOCUME~1\Sophie\LOCALS~1\Temp\IXP001.TMP\"
    O4 - HKLM\..\RunOnce: [wextract_cleanup2] rundll32.exe C:\WINDOWS\system32\advpack.dll,DelNodeRunDLL32 "C:\DOCUME~1\Sophie\LOCALS~1\Temp\IXP001.TMP\"
    O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr .exe" /background
    O4 - HKCU\..\Run: [SweetIM] C:\Program Files\Macrogaming\SweetIM\SweetIM.exe
    O4 - HKCU\..\Run: [DAEMON Tools] "C:\Program Files\DAEMON Tools\daemon.exe" -lang 1033
    O4 - HKCU\..\Run: [xitdhrdeoz] c:\documents and settings\sophie\local settings\application data\xitdhrdeoz.exe xitdhrdeoz
    O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
    O4 - Startup: HDDlife.lnk = C:\Program Files\BinarySense\HDDlife\HDDlife.exe
    O4 - Global Startup: BTTray.lnk = ?
    O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
    O8 - Extra context menu item: Envoyer au périphérique &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
    O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
    O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
    O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll
    O14 - IERESET.INF: START_PAGE_URL=http://www.files-ftp.com/~unicorni/phpBB2/index.php
    O23 - Service: Atheros Configuration Service (ACS) - Unknown owner - C:\WINDOWS\system32\acs.exe
    O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
    O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
    O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
    O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
    O23 - Service: Boonty Games - BOONTY - C:\Program Files\Fichiers communs\BOONTY Shared\Service\Boonty.exe
    O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
    O23 - Service: GameConsoleService - WildTangent, Inc. - C:\Program Files\WildGames\Game Console - WildGames\GameConsoleService.exe
    O23 - Service: Logitech Process Monitor (LVPrcSrv) - Logitech - c:\program files\fichiers communs\logitech\lvmvfm\LVPrcSrv.exe
    O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
    O23 - Service: PC Tools Auxiliary Service (sdAuxService) - PC Tools - C:\Program Files\Spyware Doctor\svcntaux.exe
    O23 - Service: PC Tools Security Service (sdCoreService) - PC Tools - C:\Program Files\Spyware Doctor\swdsvc.exe
    0
  9. ep44 Messages postés 7415 Date d'inscription   Statut Contributeur Dernière intervention   3
     
    ok on procède autrement
    Télécharge Combofix sUBs : http://download.bleepingcomputer.com/sUBs/ComboFix.exe
    et sauvegarde le sur ton bureau et pas ailleurs!

    Double-clic sur combofix,
    Attends que combofix ait terminé, un rapport sera créé. Poste le rapport.
    @+
    0
  10. sophie
     
    g lancer 2 fois l'analyse mai a la fin (apre avoir redemarrer) il me di de ne rien lancer, ce que j'ai fait mai ca c'est couper les 2 fois ou je l'ai fait je n'ai pa eu de rapport!!
    0
  11. ep44 Messages postés 7415 Date d'inscription   Statut Contributeur Dernière intervention   3
     
    regarde dans c: tu doit avoir le rapport
    0
  12. sophie
     
    ok désoler!

    ComboFix 08-01-15.4 - Sophie 2008-01-15 21:30:34.1 - NTFSx86
    Microsoft Windows XP Professionnel 5.1.2600.2.1252.1.1036.18.473 [GMT 1:00]
    Running from: C:\Documents and Settings\Sophie\Bureau\ComboFix.exe

    [color=red][b]WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !![/b][/color]
    .

    (((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
    .

    C:\WINDOWS\system32\pmkhh.dll
    .
    ---- Previous Run -------
    .
    C:\Documents and Settings\Sophie\err.log
    C:\Documents and Settings\Sophie\Local Settings\Application Data\xitdhrdeoz.dat
    C:\Documents and Settings\Sophie\Local Settings\Application Data\xitdhrdeoz_nav.dat
    C:\Documents and Settings\Sophie\Local Settings\Application Data\xitdhrdeoz_navfx.dat
    c:\Documents and Settings\Sophie\Local Settings\Application Data\xitdhrdeoz_navps.dat
    C:\PROGRA~1\FICHIE~1\INSTAL~1\UPDATE~1\isuspm.exe
    C:\PROGRA~1\LAUNCH~1\LManager.exe
    C:\Program Files\Acer\OrbiCam\CameraAssistant.exe
    C:\Program Files\Acer\OrbiCam\InstallHelper.exe
    C:\Program Files\Alwil Software\Avast4\ashDisp .exe
    C:\Program Files\Atheros\ACU.exe
    C:\Program Files\DAEMON Tools\daemon.exe
    C:\Program Files\Fichiers communs\IdiomaX Shared\Cat 6.0\IdxLUpdate.exe
    C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe
    C:\Program Files\Fichiers communs\InstallShield\UpdateService\isuspm .exe
    C:\Program Files\IdiomaX\Office Translator 4.0\IdxOffice.exe
    C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
    C:\Program Files\Launch Manager\LManager .exe
    C:\Program Files\Macrogaming\SweetIM\SweetIM.exe
    C:\Program Files\Realtek\InstallShield\AzMixerSel.exe
    C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
    C:\Program Files\Spyware Doctor\SDTrayApp.exe
    C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
    C:\Program Files\Windows Live\Messenger\msnmsgr .exe
    C:\WINDOWS\system32\hhkmp.ini
    C:\WINDOWS\system32\hhkmp.ini2
    C:\WINDOWS\system32\LVCOMSX.EXE
    C:\WINDOWS\system32\pmnnmmj.dll
    C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIBIE.EXE

    [code] <pre>
    C:\Program Files\Acer\OrbiCam\CameraAssistant .exe ---> CameraAssistant.exe
    C:\Program Files\Acer\OrbiCam\InstallHelper .exe ---> InstallHelper.exe
    C:\Program Files\Alwil Software\Avast4\ashDisp .exe ---> QooBox
    C:\Program Files\Atheros\ACU .exe ---> ACU.exe
    C:\Program Files\DAEMON Tools\daemon .exe ---> daemon.exe
    C:\Program Files\Fichiers communs\IdiomaX Shared\Cat 6.0\IdxLUpdate .exe ---> IdxLUpdate.exe
    C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch .exe ---> issch.exe
    C:\Program Files\Fichiers communs\InstallShield\UpdateService\isuspm .exe ---> QooBox
    C:\Program Files\IdiomaX\Office Translator 4.0\IdxOffice .exe ---> IdxOffice.exe
    C:\Program Files\Java\jre1.6.0_03\bin\jusched .exe ---> jusched.exe
    C:\Program Files\Launch Manager\LManager .exe ---> QooBox
    C:\Program Files\Macrogaming\SweetIM\SweetIM .exe ---> SweetIM.exe
    C:\Program Files\Realtek\InstallShield\AzMixerSel .exe ---> AzMixerSel.exe
    C:\Program Files\Spybot - Search & Destroy\TeaTimer .exe ---> TeaTimer.exe
    C:\Program Files\Spyware Doctor\SDTrayApp .exe ---> SDTrayApp.exe
    C:\Program Files\Synaptics\SynTP\SynTPEnh .exe ---> SynTPEnh.exe
    C:\Program Files\Windows Live\Messenger\msnmsgr .exe ---> QooBox
    C:\WINDOWS\system32\lvcomsx .exe ---> lvcomsx.exe
    C:\WINDOWS\system32\spool\drivers\w32x86\3\E_FATIBIE .EXE ---> E_FATIBIE.EXE
    </pre> [/code]
    .
    .
    ((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))

    .
    -------\nm

    ((((((((((((((((((((((((((((( Fichiers cr‚‚s 2007-12-15 to 2008-01-15 ))))))))))))))))))))))))))))))))))))
    .

    2008-01-15 21:20 . 2000-08-31 08:00 51,200 --a------ C:\WINDOWS\NirCmd.exe
    2008-01-15 19:13 . 2008-01-15 19:37 <REP> d-------- C:\VundoFix Backups
    2008-01-15 18:37 . 2008-01-15 18:37 <REP> d-------- C:\Program Files\Trend Micro
    2008-01-14 18:45 . 2008-01-14 18:45 244 --ah----- C:\sqmnoopt12.sqm
    2008-01-14 18:45 . 2008-01-14 18:45 232 --ah----- C:\sqmdata12.sqm
    2008-01-12 22:42 . 2008-01-12 22:42 <REP> d-------- C:\Documents and Settings\All Users\Application Data\RTL Winter Sports 2008
    2008-01-12 22:33 . 2008-01-12 22:36 <REP> d-------- C:\Program Files\RTL Winter Sports 2008
    2008-01-11 02:50 . 2008-01-15 16:52 262,144 --a------ C:\WINDOWS\system32\ElkCtrl .exe
    2008-01-11 02:50 . 2008-01-15 20:36 225,280 --a------ C:\WINDOWS\system32\lvcomsx.exe
    2008-01-11 00:43 . 2008-01-11 00:46 257 --a------ C:\WINDOWS\wininit.ini
    2008-01-10 23:17 . 2008-01-10 23:17 <REP> d-------- C:\Program Files\Fichiers communs\Wise Installation Wizard
    2008-01-10 21:48 . 2008-01-15 18:41 <REP> d-------- C:\hijackthis
    2008-01-09 23:37 . 2008-01-09 23:37 <REP> d-------- C:\Documents and Settings\Sophie\Application Data\DivX
    2008-01-09 23:16 . 2008-01-09 23:16 <REP> d-------- C:\Documents and Settings\Sophie\Application Data\Yahoo!
    2008-01-09 23:16 . 2008-01-09 23:16 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Yahoo! Companion
    2008-01-09 23:16 . 2007-11-29 23:30 120,056 --------- C:\WINDOWS\system32\pxcpyi64.exe
    2008-01-09 23:16 . 2007-11-29 23:30 118,520 --------- C:\WINDOWS\system32\pxinsi64.exe
    2008-01-09 23:15 . 2008-01-09 23:15 <REP> d-------- C:\Program Files\Yahoo!
    2008-01-09 23:15 . 2008-01-09 23:16 <REP> d-------- C:\Program Files\DivX
    2008-01-07 20:57 . 2008-01-08 18:21 <REP> d-------- C:\Program Files\Playboy - The Mansion
    2008-01-04 16:36 . 2008-01-04 16:36 271,360 --a------ C:\WINDOWS\system32\drivers\atksgt.sys
    2008-01-04 16:36 . 2008-01-04 16:36 18,048 --a------ C:\WINDOWS\system32\drivers\lirsgt.sys
    2008-01-04 16:25 . 2008-01-04 16:25 <REP> d-------- C:\Program Files\Nobilis
    2008-01-04 16:07 . 2008-01-04 16:07 <REP> d-------- C:\Documents and Settings\All Users\Application Data\MinigolfAdventures
    2008-01-04 16:03 . 2008-01-04 16:03 <REP> d-------- C:\Program Files\WildGames
    2008-01-04 16:03 . 2008-01-04 16:03 <REP> d-------- C:\Documents and Settings\Sophie\Application Data\WildTangent
    2008-01-04 16:03 . 2008-01-04 16:05 <REP> d-------- C:\Documents and Settings\All Users\Application Data\WildTangent
    2007-12-30 23:19 . 2007-12-30 23:19 244 --ah----- C:\sqmnoopt11.sqm
    2007-12-30 23:19 . 2007-12-30 23:19 232 --ah----- C:\sqmdata11.sqm
    2007-12-30 17:13 . 2008-01-15 21:29 <REP> d-a------ C:\Documents and Settings\All Users\Application Data\TEMP
    2007-12-29 18:12 . 2008-01-15 21:27 <REP> d-------- C:\Program Files\Spyware Doctor
    2007-12-29 18:12 . 2007-12-29 18:12 <REP> d-------- C:\Documents and Settings\Sophie\Application Data\PC Tools
    2007-12-29 18:12 . 2005-09-23 08:29 626,688 --a------ C:\WINDOWS\system32\msvcr80.dll
    2007-12-29 18:12 . 2007-12-29 18:13 74,240 --a------ C:\WINDOWS\system32\drivers\iksyssec.sys
    2007-12-29 18:12 . 2007-12-29 18:13 56,832 --a------ C:\WINDOWS\system32\drivers\iksysflt.sys
    2007-12-29 18:12 . 2007-10-18 00:14 41,288 --a------ C:\WINDOWS\system32\drivers\ikfilesec.sys
    2007-12-29 18:12 . 2007-10-18 00:16 29,000 --a------ C:\WINDOWS\system32\drivers\kcom.sys
    2007-12-27 17:29 . 2005-05-26 15:34 2,297,552 --a------ C:\WINDOWS\system32\d3dx9_26.dll
    2007-12-27 17:22 . 2008-01-02 17:38 <REP> d-------- C:\Program Files\Atari
    2007-12-24 15:57 . 2007-12-24 15:58 <REP> d-------- C:\Program Files\Fichiers communs\3DO Shared
    2007-12-24 15:57 . 2007-12-24 15:57 <REP> d-------- C:\Program Files\directx
    2007-12-24 15:57 . 2007-12-24 15:57 <REP> d-------- C:\Program Files\3DO
    2007-12-23 22:07 . 2007-12-23 22:07 <REP> d-------- C:\Documents and Settings\All Users\Application Data\nView_Profiles
    2007-12-22 22:59 . 2008-01-11 02:50 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
    2007-12-22 22:55 . 2000-05-22 06:00 647,872 --a------ C:\WINDOWS\system32\MSCOMCT2.OCX
    2007-12-22 22:55 . 2003-11-19 14:59 512,688 --a------ C:\WINDOWS\system32\XceedCry.dll
    2007-12-22 22:55 . 2004-05-11 10:56 423,784 --a------ C:\WINDOWS\system32\XceedBkp.dll
    2007-12-22 22:55 . 2004-01-09 11:54 188,416 --a------ C:\WINDOWS\system32\actsplash.ocx
    2007-12-22 22:55 . 2004-03-09 00:00 131,856 --a------ C:\WINDOWS\system32\MSADODC.ocx
    2007-12-22 22:55 . 2000-07-15 00:00 118,784 --a------ C:\WINDOWS\system32\msstdfmt.dll
    2007-12-22 22:55 . 2000-07-15 06:00 101,888 --a------ C:\WINDOWS\system32\VB6STKIT.DLL
    2007-12-22 22:55 . 1999-01-26 20:36 11,012 --a------ C:\WINDOWS\system32\threadapi.tlb
    2007-12-22 20:32 . 2007-12-22 20:40 <REP> d-------- C:\Need.For.Speed.Pro.Street-RELOADED
    2007-12-22 17:05 . 2007-11-29 23:30 129,784 --------- C:\WINDOWS\system32\pxafs.dll
    2007-12-22 17:05 . 2007-03-08 00:51 9,464 --------- C:\WINDOWS\system32\drivers\cdralw2k.sys
    2007-12-22 17:05 . 2007-03-08 00:51 9,336 --------- C:\WINDOWS\system32\drivers\cdr4_xp.sys
    2007-12-21 21:22 . 2007-12-21 21:22 <REP> d-------- C:\Program Files\uTorrent
    2007-12-21 21:22 . 2008-01-02 17:27 <REP> d-------- C:\Documents and Settings\Sophie\Application Data\uTorrent
    2007-12-19 13:52 . 2007-12-19 13:52 754 --a------ C:\WINDOWS\WORDPAD.INI
    2007-12-18 18:49 . 2007-12-18 18:50 <REP> d-------- C:\Program Files\DaemonTools_WhenUSave_Installer
    2007-12-18 18:49 . 2008-01-15 21:27 <REP> d-------- C:\Program Files\DAEMON Tools
    2007-12-18 18:47 . 2007-12-18 18:47 682,232 --a------ C:\WINDOWS\system32\drivers\sptd.sys
    2007-12-17 21:00 . 2007-12-17 21:00 <REP> d-------- C:\Program Files\Fichiers communs\BOONTY Shared
    2007-12-17 21:00 . 2007-12-17 21:00 <REP> d-------- C:\Documents and Settings\All Users\Application Data\BOONTY
    2007-12-17 20:57 . 2007-12-17 20:57 <REP> d-------- C:\Program Files\BoontyGames
    2007-12-17 20:57 . 2007-12-17 20:57 <REP> d-------- C:\Program Files\Boonty
    2007-12-17 19:37 . 2007-12-17 19:37 <REP> d-------- C:\Documents and Settings\Sophie\Application Data\Talkback
    2007-12-16 16:39 . 2007-12-16 16:39 268 --ah----- C:\sqmdata10.sqm
    2007-12-16 16:39 . 2007-12-16 16:39 244 --ah----- C:\sqmnoopt10.sqm

    .
    (((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
    .
    2008-01-15 20:27 --------- d-----w C:\Program Files\Atheros
    2008-01-15 20:25 --------- d-----w C:\Program Files\Launch Manager
    2008-01-12 21:39 --------- d-----w C:\Program Files\Services en ligne
    2008-01-10 22:06 --------- d-----w C:\Program Files\eMule
    2008-01-07 19:57 --------- d--h--w C:\Program Files\InstallShield Installation Information
    2008-01-07 19:02 --------- d-----w C:\Program Files\Mindscape
    2008-01-03 15:07 --------- d-----w C:\Program Files\Google
    2007-12-22 16:35 --------- d-----w C:\Program Files\Winamp
    2007-12-21 17:49 --------- d-----w C:\Program Files\Messenger Plus! Live
    2007-12-07 09:44 --------- d-----w C:\Documents and Settings\All Users\Application Data\WLInstaller
    2007-12-04 15:59 --------- d-----w C:\Documents and Settings\All Users\Application Data\Messenger Plus!
    2007-12-04 14:56 93,264 ----a-w C:\WINDOWS\system32\drivers\aswmon.sys
    2007-12-04 14:55 94,544 ----a-w C:\WINDOWS\system32\drivers\aswmon2.sys
    2007-12-04 14:53 23,152 ----a-w C:\WINDOWS\system32\drivers\aswRdr.sys
    2007-12-04 14:51 42,912 ----a-w C:\WINDOWS\system32\drivers\aswTdi.sys
    2007-12-04 14:49 26,624 ----a-w C:\WINDOWS\system32\drivers\aavmker4.sys
    2007-12-04 13:04 837,496 ----a-w C:\WINDOWS\system32\aswBoot.exe
    2007-12-04 12:54 95,608 ----a-w C:\WINDOWS\system32\AvastSS.scr
    2007-12-04 01:33 823,296 ----a-w C:\WINDOWS\system32\divx_xx0c.dll
    2007-12-04 01:33 823,296 ----a-w C:\WINDOWS\system32\divx_xx07.dll
    2007-12-04 01:33 802,816 ----a-w C:\WINDOWS\system32\divx_xx11.dll
    2007-12-04 01:33 682,496 ----a-w C:\WINDOWS\system32\DivX.dll
    2007-12-03 19:11 --------- d-----w C:\Program Files\Adverts
    2007-12-03 18:54 --------- d-----w C:\Program Files\SM
    2007-12-03 18:53 0 ----a-w C:\dotnetfx.exe
    2007-12-01 15:47 --------- d-----w C:\Program Files\Windows Live
    2007-12-01 15:46 --------- d-----w C:\Program Files\Microsoft SQL Server Compact Edition
    2007-12-01 15:04 --------- d-----w C:\Program Files\Microsoft CAPICOM 2.1.0.2
    2007-11-30 00:22 --------- dcsh--w C:\Program Files\Fichiers communs\WindowsLiveInstaller
    2007-11-29 23:22 --------- d-----w C:\Program Files\Alwil Software
    2007-11-29 22:30 524,288 ----a-w C:\WINDOWS\system32\DivXsm.exe
    2007-11-29 22:30 3,596,288 ----a-w C:\WINDOWS\system32\qt-dx331.dll
    2007-11-29 22:30 200,704 ----a-w C:\WINDOWS\system32\ssldivx.dll
    2007-11-29 22:30 1,044,480 ----a-w C:\WINDOWS\system32\libdivx.dll
    2007-11-29 22:28 81,920 ----a-w C:\WINDOWS\system32\dpl100.dll
    2007-11-29 22:28 196,608 ----a-w C:\WINDOWS\system32\dtu100.dll
    2007-11-29 22:26 --------- d-----w C:\Program Files\Macrogaming
    2007-11-28 21:55 156,992 ----a-w C:\WINDOWS\system32\DivXCodecVersionChecker.exe
    2007-11-28 21:53 593,920 ----a-w C:\WINDOWS\system32\dpuGUI11.dll
    2007-11-28 21:53 57,344 ----a-w C:\WINDOWS\system32\dpv11.dll
    2007-11-28 21:53 53,248 ----a-w C:\WINDOWS\system32\dpuGUI10.dll
    2007-11-28 21:53 344,064 ----a-w C:\WINDOWS\system32\dpus11.dll
    2007-11-28 21:53 294,912 ----a-w C:\WINDOWS\system32\dpu11.dll
    2007-11-28 21:53 294,912 ----a-w C:\WINDOWS\system32\dpu10.dll
    2007-11-28 21:52 12,288 ----a-w C:\WINDOWS\system32\DivXWMPExtType.dll
    2007-11-20 13:34 --------- d-----w C:\Program Files\Fichiers communs\Logitech
    2007-11-07 09:28 728,576 ----a-w C:\WINDOWS\system32\lsasrv.dll
    2007-10-29 22:43 1,293,824 ----a-w C:\WINDOWS\system32\quartz.dll
    2007-10-23 16:49 586,752 ----a-w C:\WINDOWS\WLXPGSS.SCR
    2007-10-20 05:01 227,328 ----a-w C:\WINDOWS\system32\wmasf.dll
    2007-10-18 10:31 51,224 ----a-w C:\WINDOWS\system32\sirenacm.dll
    2007-10-16 12:26 81,984 ----a-w C:\WINDOWS\system32\bdod.bin
    .
    [code]<pre>
    ----a-w 262,144 2008-01-15 15:52:41 C:\WINDOWS\system32\ElkCtrl .exe
    </pre>[/code]

    ((((((((((((((((((((((((((((( snapshot@2008-01-15_21.29.34.18 )))))))))))))))))))))))))))))))))))))))))
    .
    - 2008-01-15 19:40:18 58,794 ----a-w C:\WINDOWS\system32\perfc009.dat
    + 2008-01-15 20:32:02 58,794 ----a-w C:\WINDOWS\system32\perfc009.dat
    - 2008-01-15 19:40:18 71,446 ----a-w C:\WINDOWS\system32\perfc00C.dat
    + 2008-01-15 20:32:02 71,446 ----a-w C:\WINDOWS\system32\perfc00C.dat
    - 2008-01-15 19:40:18 392,494 ----a-w C:\WINDOWS\system32\perfh009.dat
    + 2008-01-15 20:32:02 392,494 ----a-w C:\WINDOWS\system32\perfh009.dat
    - 2008-01-15 19:40:18 458,468 ----a-w C:\WINDOWS\system32\perfh00C.dat
    + 2008-01-15 20:32:02 458,468 ----a-w C:\WINDOWS\system32\perfh00C.dat
    + 2008-01-15 20:33:15 16,384 ----atw C:\WINDOWS\Temp\Perflib_Perfdata_6ac.dat
    .
    ((((((((((((((((((((((((((((((((( Point de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))))
    .
    .
    REGEDIT4
    *Note* les ‚l‚ments vides & les ‚l‚ments initiaux l‚gitimes ne sont pas list‚s

    [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{3401DB32-7F00-4EC7-A890-A75F64973843}]

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "msnmsgr"="~C:\Program Files\Windows Live\Messenger\msnmsgr .exe" [ ]
    "SweetIM"="C:\Program Files\Macrogaming\SweetIM\SweetIM.exe" [2008-01-15 20:36 103712]
    "DAEMON Tools"="C:\Program Files\DAEMON Tools\daemon.exe" [2008-01-15 20:36 165784]
    "SpybotSD TeaTimer"="C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe" [2008-01-15 20:36 1460560]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "SkyTel"="SkyTel.EXE" [2006-05-16 18:04 2879488 C:\WINDOWS\SkyTel.exe]
    "AzMixerSel"="C:\Program Files\Realtek\InstallShield\AzMixerSel.exe" [2008-01-15 20:36 53248]
    "NvCplDaemon"="C:\WINDOWS\system32\NvCpl.dll" [2006-07-20 19:58 7581696]
    "NvMediaCenter"="C:\WINDOWS\system32\NvMcTray.dll" [2006-07-20 19:58 86016]
    "SynTPEnh"="C:\Program Files\Synaptics\SynTP\SynTPEnh.exe" [2008-01-15 20:36 786521]
    "LManager"="C:\PROGRA~1\LAUNCH~1\LManager.exe" [ ]
    "ACU"="C:\Program Files\Atheros\ACU.exe" [2008-01-15 20:36 253952]
    "BroadcomWireless"="C:\Program Files\Broadcom\Wireless\Utility\WlanUtil.exe" [ ]
    "LogitechCameraAssistant"="C:\Program Files\Acer\OrbiCam\CameraAssistant.exe" [2008-01-15 20:36 331776]
    "LogitechVideo[inspector]"="C:\Program Files\Acer\OrbiCam\InstallHelper.exe" [2008-01-15 20:36 73728]
    "LogitechCameraService(E)"="C:\WINDOWS\system32\ElkCtrl.exe" [ ]
    "SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe" [2008-01-15 20:36 132496]
    "IdiomaX Office"="C:\Program Files\IdiomaX\Office Translator 4.0\IdxOffice.exe" [2008-01-15 20:36 282624]
    "IdiomaX Product Update"="C:\Program Files\Fichiers communs\IdiomaX Shared\Cat 6.0\IdxLUpdate.exe" [2008-01-15 20:36 380928]
    "RTHDCPL"="RTHDCPL.EXE" [2006-07-21 16:56 16261632 C:\WINDOWS\RTHDCPL.exe]
    "ISUSPM Startup"="C:\PROGRA~1\FICHIE~1\INSTAL~1\UPDATE~1\isuspm.exe" [ ]
    "ISUSScheduler"="C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe" [2008-01-15 20:36 69632]
    "BitDefender Antiphishing Helper"="C:\Program Files\BitDefender\BitDefender 2008\IEShow.exe" [ ]
    "LVCOMSX"="C:\WINDOWS\system32\LVCOMSX.EXE" [2008-01-15 20:36 225280]
    "avast!"="C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe" [2007-12-04 14:00 79224]
    "WinampAgent"="C:\Program Files\Winamp\wianmpa.exe" [ ]
    "SDTray"="C:\Program Files\Spyware Doctor\SDTrayApp.exe" [2008-01-15 20:36 1065800]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]
    "wextract_cleanup1"="C:\WINDOWS\system32\advpack.dll" [2004-08-03 23:54 101888]
    "wextract_cleanup2"="C:\WINDOWS\system32\advpack.dll" [2004-08-03 23:54 101888]

    [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
    Authentication Packages REG_MULTI_SZ msv1_0 nwprovau

    R3 LVPrcMon;Logitech LVPrcMon Driver;C:\WINDOWS\system32\drivers\LVPrcMon.sys [2006-06-23 09:40]
    R3 nvsmu;nvsmu;C:\WINDOWS\system32\DRIVERS\nvsmu.sys [2006-03-07 04:49]
    S3 BDSelfPr;BDSelfPr;C:\Program Files\BitDefender\BitDefender 2008\bdselfpr.sys []
    S3 Boonty Games;Boonty Games;"C:\Program Files\Fichiers communs\BOONTY Shared\Service\Boonty.exe" [2007-12-17 21:00]
    S3 GameConsoleService;GameConsoleService;"C:\Program Files\WildGames\Game Console []
    S3 PCASp50;PCASp50 NDIS Protocol Driver;C:\WINDOWS\system32\Drivers\PCASp50.sys [2005-11-19 02:13]

    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
    bdx REG_MULTI_SZ scan

    .
    Contenu du dossier 'Scheduled Tasks/Tƒches planifi‚es'
    "2007-09-14 12:23:49 C:\WINDOWS\Tasks\Mise à jour des produits IdiomaX.job"
    0
  13. ep44 Messages postés 7415 Date d'inscription   Statut Contributeur Dernière intervention   3
     
    refais un hijack stp
    0
  14. sophie
     
    le voici:

    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 12:49, on 2008-01-16
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
    C:\Program Files\Alwil Software\Avast4\ashServ.exe
    C:\WINDOWS\system32\spoolsv.exe
    c:\program files\fichiers communs\logitech\lvmvfm\LVPrcSrv.exe
    C:\WINDOWS\system32\acs.exe
    C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
    C:\WINDOWS\system32\nvsvc32.exe
    C:\Program Files\Spyware Doctor\svcntaux.exe
    C:\WINDOWS\system32\svchost.exe
    C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
    C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
    C:\WINDOWS\Explorer.EXE
    C:\WINDOWS\system32\RUNDLL32.EXE
    C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
    C:\Program Files\Atheros\ACU.exe
    C:\Program Files\Acer\OrbiCam\CameraAssistant.exe
    C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
    C:\WINDOWS\system32\lvcomsx.exe
    C:\WINDOWS\RTHDCPL.EXE
    C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe
    C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
    C:\Program Files\Spyware Doctor\SDTrayApp.exe
    C:\Program Files\Macrogaming\SweetIM\SweetIM.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\DAEMON Tools\daemon.exe
    C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
    C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
    C:\Program Files\BinarySense\HDDlife\HDDlife.exe
    C:\WINDOWS\system32\wuauclt.exe
    C:\DOCUME~1\Sophie\LOCALS~1\Temp\RtkBtMnt.exe
    C:\Program Files\Mozilla Firefox\firefox.exe
    C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.files-ftp.com/~unicorni/phpBB2/index.php
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://home.sweetim.com/
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
    R3 - URLSearchHook: SweetIM For Internet Explorer - {BC4FFE41-DE9F-46fa-B455-AAD49B9F9938} - C:\Program Files\Macrogaming\SweetIMBarForIE\toolbar.dll
    R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
    O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
    O2 - BHO: SWEETIE - {1A0AADCD-3A72-4b5f-900F-E3BB5A838E2A} - C:\PROGRA~1\MACROG~1\SWEETI~1\toolbar.dll
    O2 - BHO: (no name) - {3401DB32-7F00-4EC7-A890-A75F64973843} - (no file)
    O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
    O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
    O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
    O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
    O3 - Toolbar: (no name) - {381FFDE8-2394-4f90-B10D-FC6124A40F8C} - (no file)
    O3 - Toolbar: SweetIM For Internet Explorer - {BC4FFE41-DE9F-46fa-B455-AAD49B9F9938} - C:\Program Files\Macrogaming\SweetIMBarForIE\toolbar.dll
    O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
    O4 - HKLM\..\Run: [SkyTel] SkyTel.EXE
    O4 - HKLM\..\Run: [AzMixerSel] C:\Program Files\Realtek\InstallShield\AzMixerSel.exe
    O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
    O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
    O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
    O4 - HKLM\..\Run: [LManager] C:\PROGRA~1\LAUNCH~1\LManager.exe
    O4 - HKLM\..\Run: [ACU] "C:\Program Files\Atheros\ACU.exe" -nogui
    O4 - HKLM\..\Run: [BroadcomWireless] C:\Program Files\Broadcom\Wireless\Utility\WlanUtil.exe
    O4 - HKLM\..\Run: [LogitechCameraAssistant] C:\Program Files\Acer\OrbiCam\CameraAssistant.exe
    O4 - HKLM\..\Run: [LogitechVideo[inspector]] C:\Program Files\Acer\OrbiCam\InstallHelper.exe /inspect
    O4 - HKLM\..\Run: [LogitechCameraService(E)] C:\WINDOWS\system32\ElkCtrl.exe /automation
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
    O4 - HKLM\..\Run: [IdiomaX Office] C:\Program Files\IdiomaX\Office Translator 4.0\IdxOffice.exe
    O4 - HKLM\..\Run: [IdiomaX Product Update] C:\Program Files\Fichiers communs\IdiomaX Shared\Cat 6.0\IdxLUpdate.exe /AUTOSTART
    O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
    O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\FICHIE~1\INSTAL~1\UPDATE~1\isuspm.exe -startup
    O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe" -start
    O4 - HKLM\..\Run: [BitDefender Antiphishing Helper] "C:\Program Files\BitDefender\BitDefender 2008\IEShow.exe"
    O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
    O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
    O4 - HKLM\..\Run: [WinampAgent] C:\Program Files\Winamp\wianmpa.exe
    O4 - HKLM\..\Run: [SDTray] "C:\Program Files\Spyware Doctor\SDTrayApp.exe"
    O4 - HKLM\..\RunOnce: [wextract_cleanup1] rundll32.exe C:\WINDOWS\system32\advpack.dll,DelNodeRunDLL32 "C:\DOCUME~1\Sophie\LOCALS~1\Temp\IXP001.TMP\"
    O4 - HKLM\..\RunOnce: [wextract_cleanup2] rundll32.exe C:\WINDOWS\system32\advpack.dll,DelNodeRunDLL32 "C:\DOCUME~1\Sophie\LOCALS~1\Temp\IXP001.TMP\"
    O4 - HKCU\..\Run: [msnmsgr] ~"C:\Program Files\Windows Live\Messenger\msnmsgr .exe" /background
    O4 - HKCU\..\Run: [SweetIM] C:\Program Files\Macrogaming\SweetIM\SweetIM.exe
    O4 - HKCU\..\Run: [DAEMON Tools] "C:\Program Files\DAEMON Tools\daemon.exe" -lang 1033
    O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
    O4 - Startup: HDDlife.lnk = C:\Program Files\BinarySense\HDDlife\HDDlife.exe
    O4 - Global Startup: BTTray.lnk = ?
    O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
    O8 - Extra context menu item: Envoyer au périphérique &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
    O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
    O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
    O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O14 - IERESET.INF: START_PAGE_URL=http://www.files-ftp.com/~unicorni/phpBB2/index.php
    O23 - Service: Atheros Configuration Service (ACS) - Unknown owner - C:\WINDOWS\system32\acs.exe
    O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
    O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
    O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
    O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
    O23 - Service: Boonty Games - BOONTY - C:\Program Files\Fichiers communs\BOONTY Shared\Service\Boonty.exe
    O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
    O23 - Service: GameConsoleService - WildTangent, Inc. - C:\Program Files\WildGames\Game Console - WildGames\GameConsoleService.exe
    O23 - Service: Logitech Process Monitor (LVPrcSrv) - Logitech - c:\program files\fichiers communs\logitech\lvmvfm\LVPrcSrv.exe
    O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
    O23 - Service: PC Tools Auxiliary Service (sdAuxService) - PC Tools - C:\Program Files\Spyware Doctor\svcntaux.exe
    O23 - Service: PC Tools Security Service (sdCoreService) - PC Tools - C:\Program Files\Spyware Doctor\swdsvc.exe
    0
  15. ep44 Messages postés 7415 Date d'inscription   Statut Contributeur Dernière intervention   3
     
    Bonsoir
    relance hijack et coche ceci
    R3 - URLSearchHook: SweetIM For Internet Explorer - {BC4FFE41-DE9F-46fa-B455-AAD49B9F9938} - C:\Program Files\Macrogaming\SweetIMBarForIE\toolbar.dll
    O2 - BHO: (no name) - {3401DB32-7F00-4EC7-A890-A75F64973843} - (no file)
    O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
    O3 - Toolbar: (no name) - {381FFDE8-2394-4f90-B10D-FC6124A40F8C} - (no file)
    ensuiute clic sur fix checked

    ------------------------------------------------------

    Télécharge:
    http://www.grisoft.cz/filedir/inst/avgas-setup-7.5.1.43.exe AVG-AntiSpyware

    => Installer
    => Le lancer
    => Clic : Mise à jour
    ------
    = Redémarre en mode Sans Échec (le démarrage peut prendre plusieurs minutes)
    Attention, pas d’accès à internet dans ce mode. Enregistre ou imprime les consignes.

    Relance le Pc et tapote la touche F8 ( ou F5 pour certains) , jusqu’à l’apparition des inscriptions avec choix de démarrage
    Avec les touches « flèches », sélectionne Mode sans échec ==> entrée ==>nom utilisateur habituel
    -------
    => Dans ANALYSE ( en forme de loupe )
    => Paramètres ==> sous COMMENT REAGIR==>clic sur Actions recommandées ==>Quarantaine
    => Clic : Analyse complète du système
    -------
    => à la fin du scan ( qui est assez long)
    => Clic Appliquer toutes les actions <== ceci Très important
    => Clic Sauvegarder rapport puis Enregistrer sous et choisir bureau
    -------
    En mode normal
    colle le rapport

    -------------------------------------------------------

    ensuite installe ces quatres logiciels et utilise les les uns après les autres
    =>CCleaner
    https://www.01net.com/telecharger/windows/Utilitaire/nettoyeurs_et_installeurs/fiches/32599.html
    tuto
    https://forums.cnetfrance.fr

    => Ad-aware SE (scan passif )
    https://www.google.com ou http://www.lavasoft.de/support/download/#free
    Tutos :
    http://home.tiscali.be/schouppeguy/adawarese/adawase.htm

    => SpyBot-Search & Destroy 1.5 (scan passif + protection préventive avec ces 2 résidents, ses vaccinations et sa list Hosts )

    https://www.safer-networking.org/download/

    démo d utilisation
    http://perso.orange.fr/rginformatique/section%20virus/demo%20spybot.htm
    https://www.malekal.com/spybot-search-destroy-proteger-desinfecter-pc-virus/
    Tuto :
    http://perso.orange.fr/jesses/Docs/Logiciels/Spybot.htm

    => a² free (anti-trojans) (scan passif )

    - Téléchargement : https://www.emsisoft.com/fr/home/antimalware/
    - Tuto : http://perso.orange.fr/jesses/Docs/Logiciels/a-squared.htm
    @+
    0