Sujet Précédent Sujet Suivant

Adware puis virus

Résolu
samantha16 Messages postés 131 Statut Membre -  
samantha16 Messages postés 131 Statut Membre -
Bonjour,
tout a l'heure avast a détecté un adwar mais a chaque fois que j'essayais de faire ce qu'il me conseillé il ne pouvait et me mettais un message d'erreur . J'ai refait une analyse mais comme je n'y connais rien . Avg non plus n'a pas fait grand chose , enfin je crois . J'ai fait un scan hijackthis, le voici :

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 15:06:49, on 27/01/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16574)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\WINDOWS\system32\PSIService.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Fichiers communs\Ulead Systems\DVD\ULCDRSvr.exe
C:\Program Files\Sonic\DigitalMedia LE v7\MyDVD LE\USBDeviceService.exe
C:\WINDOWS\system32\DRIVERS\WtSrv.exe
C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\system32\dllhost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\ehome\ehtray.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\WINDOWS\eHome\ehmsas.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
C:\PROGRA~1\GOTOSO~1\VADERE~1\Vaderetro_oe.exe
C:\Program Files\Sonic\DigitalMedia LE v7\MyDVD LE\DetectorApp.exe
C:\apps\ABoard\ABoard.exe
C:\apps\ABoard\AOSD.exe
C:\PROGRA~1\Wanadoo\CnxMon.exe
C:\PROGRA~1\Wanadoo\TaskbarIcon.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\WINDOWS\PixArt\PAC207\Monitor.exe
C:\WINDOWS\system32\WService.EXE
C:\APPS\SMP\SmpSys.exe
C:\Program Files\RamBoost XP\rambxpfr.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe
C:\Program Files\Kodak\KODAK Software Updater\7288971\Program\Kodak Software Updater.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Wanadoo\EspaceWanadoo.exe
C:\Program Files\Wanadoo\ComComp.exe
C:\Program Files\Wanadoo\Watch.exe
C:\Hijackthis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = https://www.orange.fr/portail
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.orange.fr/portail
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Wanadoo
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\PROGRA~1\Wanadoo\SEARCH~1.DLL
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: MegaIEMn - {bf00e119-21a3-4fd1-b178-3b8537e75c92} - C:\Program Files\Megaupload\Mega Manager\MegaIEMn.dll
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe
O4 - HKLM\..\Run: [ATICCC] "c:\Program Files\ATI Technologies\ATI.ACE\cli.exe" runtime -Delay
O4 - HKLM\..\Run: [High Definition Audio Property Page Shortcut] HDAShCut.exe
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
O4 - HKLM\..\Run: [Vade Retro Outlook Express] "C:\PROGRA~1\GOTOSO~1\VADERE~1\Vaderetro_oe.exe"
O4 - HKLM\..\Run: [DetectorApp] C:\Program Files\Sonic\DigitalMedia LE v7\MyDVD LE\DetectorApp.exe
O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\FICHIE~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE /Spoil /RemAdvDef /Migration32"
O4 - HKLM\..\Run: [ACTIVBOARD] c:\apps\ABoard\ABoard.exe
O4 - HKLM\..\Run: [WooCnxMon] C:\PROGRA~1\Wanadoo\CnxMon.exe
O4 - HKLM\..\Run: [WOOWATCH] C:\PROGRA~1\Wanadoo\Watch.exe
O4 - HKLM\..\Run: [WOOTASKBARICON] C:\PROGRA~1\Wanadoo\TaskbarIcon.exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [BOOT] C:\Program Files\ISSENDIS\ISSENDIS WebUpdate v6\issendiswebupdatev6.exe /BOOT
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [Monitor] C:\WINDOWS\PixArt\PAC207\Monitor.exe
O4 - HKLM\..\Run: [Ulead AutoDetector v2] C:\Program Files\Fichiers communs\Ulead Systems\AutoDetector\monitor.exe
O4 - HKLM\..\Run: [NBKeyScan] "C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe"
O4 - HKLM\..\Run: [WService] WService.EXE
O4 - HKLM\..\Run: [OoPDFSettingsv6.exe] C:\Program Files\OFFICE One6.5\OFFICE One PDF Manager\OoPDFSettingsv6.exe
O4 - HKCU\..\Run: [SmpcSys] C:\APPS\SMP\SmpSys.exe
O4 - HKCU\..\Run: [RamBoostXp] "C:\Program Files\RamBoost XP\rambxpfr.exe"
O4 - HKCU\..\Run: [slide.exe] c:\progra~1\slide\slide.exe
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [updateMgr] C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe AcRdB7_0_9
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Fichiers communs\Nero\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: DSLMON.lnk = C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe
O4 - Global Startup: KODAK Software Updater.lnk = C:\Program Files\Kodak\KODAK Software Updater\7288971\Program\Kodak Software Updater.exe
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Logiciel Kodak EasyShare.lnk = C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: Liens de téléchargement avec Mega Manager... - C:\Program Files\Megaupload\Mega Manager\mm_file.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: Bonjour - {7F9DB11C-E358-4ca6-A83D-ACC663939424} - C:\Program Files\Bonjour\ExplorerPlugin.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messager Wanadoo - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\PROGRA~1\WANADO~1\Wanadoo Messager.exe
O9 - Extra 'Tools' menuitem: Messager Wanadoo - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\PROGRA~1\WANADO~1\Wanadoo Messager.exe
O9 - Extra button: Wanadoo - {1462651F-F4BA-4C76-A001-C4284D0FE16E} - https://www.orange.fr/portail (file missing) (HKCU)
O9 - Extra button: Groom - {66F83792-DAE1-4823-8F20-ADA94B33A4FF} - C:\Program Files\Toox\Groom\Groom.exe (HKCU)
O14 - IERESET.INF: START_PAGE_URL=file://C:\APPS\IE\offline\fr.htm
O16 - DPF: {029FDBA6-3547-11D7-AA4C-0050BF051A00} (Rawflow ICD Client) - http://s.tf1.fr/mmdia/static/rawflow/clients/5.3.1.0/Rawflow.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab
O16 - DPF: {45A0A292-ECC6-4D8F-9EA9-A4BD411D24C1} (king.com) - http://king.orange.fr/ctl/kingcomie.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://samouchka16.spaces.live.com//PhotoUpload/MsnPUpld.cab
O16 - DPF: {5308E02B-4ABA-48E4-AA9E-8A7693661473} (GameCtl Class) - http://jeuxenligne.orange.fr/GisActiveX/Ax/GameAx.cab
O16 - DPF: {5392B545-31A5-4724-BEF3-4FED1D56FDAC} (CPlayFirstDinerDash2_frControl Object) - file://C:\Documents and Settings\Sam\Local Settings\Application Data\Oberon Media\Oberon Games Host\DinerDash2_fr.1.0.0.70.cab
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.cab
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - https://bitdefender.solutions-antivirus.com/scan8/oscan8.cab
O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} (DivXBrowserPlugin Object) - http://download.divx.com/player/DivXBrowserPlugin.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/...
O16 - DPF: {7CCAD6DD-DD0B-440B-91FF-7670F5AADC21} (SpinTop Games Launcher) - http://jeuxentelechargement.orange.fr/online2/mystery_solitaire/SpinTopGamesLauncher.cab
O16 - DPF: {7E980B9B-8AE5-466A-B6D6-DA8CF814E78A} (MJLauncherCtrl Class) - http://jeuxenligne.orange.fr/gameshell/online/fr/luxor_amun_rising/mjolauncher.cab
O16 - DPF: {7FC1B346-83E6-4774-8D20-1A6B09B0E737} (Windows Live Photo Upload Control) - http://samouchka16.spaces.live.com/PhotoUpload/MsnPUpld.cab
O16 - DPF: {87AF076E-D86D-4E87-ADDD-F05804E1F150} (VirginMega DownloadManager) - https://www.virginmega.fr/DownloadManager/Release/Prod/DownMan.cab
O16 - DPF: {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} (Zylom Games Player) - http://game03.zylom.com/activex/zylomgamesplayer.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {C9E17F58-564C-41C6-989F-AB0FE0D2C9D1} - http://jeuxenligne.orange.fr/orange2.0/OnlineHSS/zuma/Popcap.cab
O16 - DPF: {CF40ACC5-E1BB-4AFF-AC72-04C2F616BCA7} (get_atlcom Class) - http://www.adobe.com/products/acrobat/nos/gp.cab
O16 - DPF: {D0C0F75C-683A-4390-A791-1ACFD5599AB8} (Oberon Flash Game Host) - http://jeuxmultijoueurs.orange.fr/Gameshell/GameHost/1.0/OberonGameHost.cab
O16 - DPF: {DF780F87-FF2B-4DF8-92D0-73DB16A1543A} (PopCapLoader Object) - file:///C:/Documents%20and%20Settings/Sam/Local%20Settings/Application%20Data/Oberon%20Media/Oberon%20Games%20Host/popcaploader_v6.cab
O16 - DPF: {EF148DBB-5B6D-4130-B2A1-661571E86260} (Playtime Games Launcher) - http://jeuxentelechargement.orange.fr/online2/mahjong_escape_ancient/PTGameLauncher.cab
O16 - DPF: {F7EDBBEA-1AD2-4EBF-AA07-D453CC29EE65} (Flash Casino Helper Object) - https://casinoclassic.microgaming.com/casinoclassic/FlashAX2.cab
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Computer, Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: ProtexisLicensing - Unknown owner - C:\WINDOWS\system32\PSIService.exe
O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Fichiers communs\Ulead Systems\DVD\ULCDRSvr.exe
O23 - Service: USBDeviceService - Unknown owner - C:\Program Files\Sonic\DigitalMedia LE v7\MyDVD LE\USBDeviceService.exe
O23 - Service: WinTab Service (WinTabService) - Tablet Driver - C:\WINDOWS\system32\DRIVERS\WtSrv.exe
O23 - Service: X10 Device Network Service (x10nets) - X10 - C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe
A voir également:

32 réponses

Précédent
  • 1
  • 2
Réponse 21 / 32
samantha16 Messages postés 131 Statut Membre 1
 
quelqu'un peut-il prendre le relais par hasard ? je ne sais pas quoi faire . merci .
0
Réponse 22 / 32
samantha16 Messages postés 131 Statut Membre 1
 
plus personne ne peut m'aider ?

Pouvez vous me dire si je cours un risque avec mes virus en quarantaine ? Dois je faire ccleaner ? voulez vous un autre scan hijackthis ?
0
Réponse 23 / 32
jfkpresident Messages postés 13877 Statut Contributeur sécurité 1 175
 
je suis la ,mais tu dois comprendre que moi aussi j'ai une vie apres CCM;

fais ceci :

Télécharge SDFix (créé par AndyManchesta) et sauvegarde le sur ton Bureau.
http://downloads.andymanchesta.com/RemovalTools/SDFix.exe
Double clique sur SDFix.exe et choisis Install pour l'extraire dans un dossier dédié sur le Bureau. Redémarre ton ordinateur en mode sans échec en suivant la procédure que voici :
• Redémarre ton ordinateur
• Après avoir entendu l'ordinateur biper lors du démarrage, mais avant que l'icône Windows apparaisse, tapote la touche F8 (une pression par seconde).
• A la place du chargement normal de Windows, un menu avec différentes options devrait apparaître.
• Choisis la première option, pour exécuter Windows en mode sans échec, puis appuie sur "Entrée".
• Choisis ton compte.
Déroule la liste des instructions ci-dessous :
• Ouvre le dossier SDFix qui vient d'être créé dans le répertoire C:\ et double clique sur RunThis.cmd pour lancer le scrïpt.
• Appuie sur Y pour commencer le processus de nettoyage.
• Il va supprimer les services et les entrées du Registre de certains trojans trouvés puis te demandera d'appuyer sur une touche pour redémarrer.
• Appuie sur une touche pour redémarrer le PC.
• Ton système sera plus long pour redémarrer qu'à l'accoutumée car l'outil va continuer à s'exécuter et supprimer des fichiers.
• Après le chargement du Bureau, l'outil terminera son travail et affichera Finished.
• Appuie sur une touche pour finir l'exécution du scrïpt et charger les icônes de ton Bureau.
• Les icônes du Bureau affichées, le rapport SDFix s'ouvrira à l'écran et s'enregistrera aussi dans le dossier SDFix sous le nom Report.txt.
• Enfin, copie/colle le contenu du fichier Report.txt dans ta prochaine réponse sur le forum, avec un nouveau log Hijackthis !
0
Réponse 24 / 32
samantha16 Messages postés 131 Statut Membre 1
 
coucou , pour commencer excuse moi , mais c'est parce que je me doutais bien que tu était occupé en dehors d'ici que j'ai cherché de l'aide auprès d'autre personnes . Donc j'ai fait ce que tu m'as dis , voilà le rapport SDFix :

SDFix: Version 1.131

Run by Sam on 27/01/2008 at 21:47

Microsoft Windows XP [version 5.1.2600]

Running From: C:\DOCUME~1\Sam\Bureau\SDFix

Safe Mode:
Checking Services:

Restoring Windows Registry Values
Restoring Windows Default Hosts File

Rebooting...

Normal Mode:
Checking Files:

No Trojan Files Found

Removing Temp Files...

ADS Check:

C:\WINDOWS
No streams found.

C:\WINDOWS\explorer.exe
No streams found.

C:\WINDOWS\system32
No streams found.

C:\WINDOWS\system32\svchost.exe
No streams found.

C:\WINDOWS\system32\ntoskrnl.exe
No streams found.

Final Check:

catchme 0.3.1344.2 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-01-27 21:59:37
Windows 5.1.2600 Service Pack 2 NTFS

scanning hidden processes ...

scanning hidden services & system hive ...

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Eventlog\Application\ESENT]
"EventMessageFile"=str(2):"c:\windows\system32\ESENT.dll"
"CategoryMessageFile"=str(2):"c:\windows\system32\ESENT.dll"

scanning hidden registry entries ...

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Reinstall\D\n\21]
"DisplayName"="\xb973\x778e"
"DeviceDesc"="\xb973\x778e"
"ProviderName"="\x27fc\21\xee18\x7c91\x286c\21\b"
"MFG"="\xc1bf\b\xe12b\x1803\x60c"
"ReinstallString"=".10.1000.5"
"DeviceInstanceIds"=str(7):"c:\pnp\mobo\smbus\smbusati.inf"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Prefetcher]
"TracesProcessed"=dword:00000000
"TracesSuccessful"=dword:00000000
"LastTraceFailure"=dword:00000000

scanning hidden files ...

scan completed successfully
hidden processes: 0
hidden services: 0
hidden files: 502

Remaining Services:
------------------

Authorized Application Key Export:

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%ProgramFiles%\\AOL 9.0\\aol.exe"="%ProgramFiles%\\AOL 9.0\\aol.exe:*:Enabled:AOL"
"%ProgramFiles%\\UBISOFT\\Splinter Cell Pandora Tomorrow\\logo_ubi.exe"="%ProgramFiles%\\UBISOFT\\Splinter Cell Pandora Tomorrow\\logo_ubi.exe:*:Enabled:SPLINTER CELL PANDORA"
"%ProgramFiles%\\UBISOFT\\Splinter Cell Pandora Tomorrow\\pandora.exe"="%ProgramFiles%\\UBISOFT\\Splinter Cell Pandora Tomorrow\\pandora.exe:*:Enabled:PANDORA"
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\\APPS\\Inventime\\my.exe"="C:\\APPS\\Inventime\\my.exe:*:Enabled:INVENTIME"
"C:\\Program Files\\Kodak\\KODAK Software Updater\\7288971\\Program\\backWeb-7288971.exe"="C:\\Program Files\\Kodak\\KODAK Software Updater\\7288971\\Program\\backWeb-7288971.exe:*:Enabled:backWeb-7288971"
"C:\\Program Files\\Bonjour\\mDNSResponder.exe"="C:\\Program Files\\Bonjour\\mDNSResponder.exe:*:Enabled:Bonjour"
"C:\\Program Files\\Kodak\\KODAK Software Updater\\7288971\\Program\\Kodak Software Updater.exe"="C:\\Program Files\\Kodak\\KODAK Software Updater\\7288971\\Program\\Kodak Software Updater.exe:*:Enabled:Kodak Software Updater"
"C:\\Program Files\\Kodak\\Kodak EasyShare software\\bin\\EasyShare.exe"="C:\\Program Files\\Kodak\\Kodak EasyShare software\\bin\\EasyShare.exe:*:Enabled:EasyShare"
"C:\\Program Files\\eMule\\eMule.exe"="C:\\Program Files\\eMule\\eMule.exe:*:Enabled:eMule Plus"
"C:\\Program Files\\NEC\\NEC Mobile Suite\\CommsService.exe"="C:\\Program Files\\NEC\\NEC Mobile Suite\\CommsService.exe:*:Enabled:Communication service"
"C:\\Program Files\\MSN Messenger\\msnmsgr.exe"="C:\\Program Files\\MSN Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.1"
"C:\\Program Files\\MSN Messenger\\livecall.exe"="C:\\Program Files\\MSN Messenger\\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)"
"C:\\WINDOWS\\Temp\\NavBrowser.exe"="C:\\WINDOWS\\Temp\\NavBrowser.exe:*:Enabled:NAVBrowser"
"C:\\Program Files\\Messenger\\msmsgs.exe"="C:\\Program Files\\Messenger\\msmsgs.exe:*:Enabled:Windows Messenger"
"C:\\Program Files\\GameSpy Arcade\\Aphex.exe"="C:\\Program Files\\GameSpy Arcade\\Aphex.exe:*:Enabled:GameSpy Arcade"
"C:\\Program Files\\Infogrames\\Monopoly\\Monopoly.exe"="C:\\Program Files\\Infogrames\\Monopoly\\Monopoly.exe:*:Enabled:Monopoly"
"C:\\Program Files\\Hasbro Interactive\\Clue\\Clue.exe"="C:\\Program Files\\Hasbro Interactive\\Clue\\Clue.exe:*:Enabled:Clue"
"C:\\Program Files\\JAlbum7.2\\JAlbumWin.exe"="C:\\Program Files\\JAlbum7.2\\JAlbumWin.exe:*:Enabled:JAlbumWin"
"C:\\WINDOWS\\system32\\java.exe"="C:\\WINDOWS\\system32\\java.exe:*:Disabled:java"
"C:\\WINDOWS\\system32\\javaw.exe"="C:\\WINDOWS\\system32\\javaw.exe:*:Disabled:javaw"
"C:\\WINDOWS\\system32\\javaws.exe"="C:\\WINDOWS\\system32\\javaws.exe:*:Disabled:javaws"
"C:\\APPS\\skype\\phone\\Skype.exe"="C:\\APPS\\skype\\phone\\Skype.exe:*:Enabled:Skype"
"%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\\Program Files\\MSN Messenger\\msnmsgr.exe"="C:\\Program Files\\MSN Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.1"
"C:\\Program Files\\MSN Messenger\\livecall.exe"="C:\\Program Files\\MSN Messenger\\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)"
"%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"

Remaining Files:
---------------

Files with Hidden Attributes:

Thu 19 Oct 2006 208 A.SHR --- "C:\BOOT.BAK"
Sun 4 Feb 2007 413,696 A..H. --- "C:\My Games\Diner Dash 2 - Restaurant Rescue\dinerdash2.exe"
Sun 2 Sep 2007 88 ..SHR --- "C:\WINDOWS\system32\936EA33974.sys"
Sun 2 Sep 2007 2,516 A.SH. --- "C:\WINDOWS\system32\KGyGaAvL.sys"
Fri 27 Apr 2007 4,348 A.SH. --- "C:\Documents and Settings\All Users\DRM\DRMv1.bak"
Tue 30 Oct 2007 84 A..H. --- "C:\System Volume Information\_restore{B3BF5352-B406-412E-936E-A9436F19C528}\RP349\A0046244.sys"
Wed 31 Oct 2007 84 A..H. --- "C:\System Volume Information\_restore{B3BF5352-B406-412E-936E-A9436F19C528}\RP350\A0046310.sys"
Thu 1 Nov 2007 84 A..H. --- "C:\System Volume Information\_restore{B3BF5352-B406-412E-936E-A9436F19C528}\RP351\A0046344.sys"
Thu 1 Nov 2007 84 A..H. --- "C:\System Volume Information\_restore{B3BF5352-B406-412E-936E-A9436F19C528}\RP351\A0046401.sys"
Fri 2 Nov 2007 84 A..H. --- "C:\System Volume Information\_restore{B3BF5352-B406-412E-936E-A9436F19C528}\RP351\A0046469.sys"
Fri 2 Nov 2007 84 A..H. --- "C:\System Volume Information\_restore{B3BF5352-B406-412E-936E-A9436F19C528}\RP352\A0046538.sys"
Sat 3 Nov 2007 84 A..H. --- "C:\System Volume Information\_restore{B3BF5352-B406-412E-936E-A9436F19C528}\RP352\A0046805.sys"
Sun 4 Nov 2007 84 A..H. --- "C:\System Volume Information\_restore{B3BF5352-B406-412E-936E-A9436F19C528}\RP353\A0046834.sys"
Mon 5 Nov 2007 84 A..H. --- "C:\System Volume Information\_restore{B3BF5352-B406-412E-936E-A9436F19C528}\RP353\A0046852.sys"
Mon 5 Nov 2007 84 A..H. --- "C:\System Volume Information\_restore{B3BF5352-B406-412E-936E-A9436F19C528}\RP353\A0046873.sys"
Mon 5 Nov 2007 84 A..H. --- "C:\System Volume Information\_restore{B3BF5352-B406-412E-936E-A9436F19C528}\RP354\A0046933.sys"
Tue 6 Nov 2007 84 A..H. --- "C:\System Volume Information\_restore{B3BF5352-B406-412E-936E-A9436F19C528}\RP354\A0046960.sys"
Tue 6 Nov 2007 84 A..H. --- "C:\System Volume Information\_restore{B3BF5352-B406-412E-936E-A9436F19C528}\RP357\A0047512.sys"
Wed 7 Nov 2007 84 A..H. --- "C:\System Volume Information\_restore{B3BF5352-B406-412E-936E-A9436F19C528}\RP357\A0047531.sys"
Wed 7 Nov 2007 84 A..H. --- "C:\System Volume Information\_restore{B3BF5352-B406-412E-936E-A9436F19C528}\RP358\A0047784.sys"
Thu 8 Nov 2007 84 A..H. --- "C:\System Volume Information\_restore{B3BF5352-B406-412E-936E-A9436F19C528}\RP358\A0047805.sys"
Thu 8 Nov 2007 84 A..H. --- "C:\System Volume Information\_restore{B3BF5352-B406-412E-936E-A9436F19C528}\RP358\A0047824.sys"
Thu 8 Nov 2007 84 A..H. --- "C:\System Volume Information\_restore{B3BF5352-B406-412E-936E-A9436F19C528}\RP358\A0047865.sys"
Fri 9 Nov 2007 84 A..H. --- "C:\System Volume Information\_restore{B3BF5352-B406-412E-936E-A9436F19C528}\RP359\A0047920.sys"
Fri 9 Nov 2007 84 A..H. --- "C:\System Volume Information\_restore{B3BF5352-B406-412E-936E-A9436F19C528}\RP360\A0048125.sys"
Sat 10 Nov 2007 84 A..H. --- "C:\System Volume Information\_restore{B3BF5352-B406-412E-936E-A9436F19C528}\RP361\A0048237.sys"
Sat 10 Nov 2007 84 A..H. --- "C:\System Volume Information\_restore{B3BF5352-B406-412E-936E-A9436F19C528}\RP361\A0048261.sys"
Sat 10 Nov 2007 84 A..H. --- "C:\System Volume Information\_restore{B3BF5352-B406-412E-936E-A9436F19C528}\RP361\A0048316.sys"
Sun 11 Nov 2007 84 A..H. --- "C:\System Volume Information\_restore{B3BF5352-B406-412E-936E-A9436F19C528}\RP362\A0048341.sys"
Mon 12 Nov 2007 84 A..H. --- "C:\System Volume Information\_restore{B3BF5352-B406-412E-936E-A9436F19C528}\RP362\A0048361.sys"
Mon 12 Nov 2007 84 A..H. --- "C:\System Volume Information\_restore{B3BF5352-B406-412E-936E-A9436F19C528}\RP362\A0048430.sys"
Mon 12 Nov 2007 84 A..H. --- "C:\System Volume Information\_restore{B3BF5352-B406-412E-936E-A9436F19C528}\RP363\A0048464.sys"
Tue 13 Nov 2007 84 A..H. --- "C:\System Volume Information\_restore{B3BF5352-B406-412E-936E-A9436F19C528}\RP363\A0048481.sys"
Tue 13 Nov 2007 84 A..H. --- "C:\System Volume Information\_restore{B3BF5352-B406-412E-936E-A9436F19C528}\RP363\A0048515.sys"
Wed 14 Nov 2007 84 A..H. --- "C:\System Volume Information\_restore{B3BF5352-B406-412E-936E-A9436F19C528}\RP363\A0048534.sys"
Wed 14 Nov 2007 84 A..H. --- "C:\System Volume Information\_restore{B3BF5352-B406-412E-936E-A9436F19C528}\RP364\A0048565.sys"
Wed 14 Nov 2007 84 A..H. --- "C:\System Volume Information\_restore{B3BF5352-B406-412E-936E-A9436F19C528}\RP364\A0048603.sys"
Thu 15 Nov 2007 84 A..H. --- "C:\System Volume Information\_restore{B3BF5352-B406-412E-936E-A9436F19C528}\RP364\A0048622.sys"
Thu 15 Nov 2007 84 A..H. --- "C:\System Volume Information\_restore{B3BF5352-B406-412E-936E-A9436F19C528}\RP365\A0048657.sys"
Fri 16 Nov 2007 84 A..H. --- "C:\System Volume Information\_restore{B3BF5352-B406-412E-936E-A9436F19C528}\RP365\A0048678.sys"
Fri 16 Nov 2007 84 A..H. --- "C:\System Volume Information\_restore{B3BF5352-B406-412E-936E-A9436F19C528}\RP366\A0048705.sys"
Sat 17 Nov 2007 84 A..H. --- "C:\System Volume Information\_restore{B3BF5352-B406-412E-936E-A9436F19C528}\RP366\A0048726.sys"
Sat 17 Nov 2007 84 A..H. --- "C:\System Volume Information\_restore{B3BF5352-B406-412E-936E-A9436F19C528}\RP367\A0048751.sys"
Sun 18 Nov 2007 84 A..H. --- "C:\System Volume Information\_restore{B3BF5352-B406-412E-936E-A9436F19C528}\RP367\A0048771.sys"
Sun 18 Nov 2007 84 A..H. --- "C:\System Volume Information\_restore{B3BF5352-B406-412E-936E-A9436F19C528}\RP367\A0048792.sys"
Mon 19 Nov 2007 84 A..H. --- "C:\System Volume Information\_restore{B3BF5352-B406-412E-936E-A9436F19C528}\RP368\A0048812.sys"
Mon 19 Nov 2007 84 A..H. --- "C:\System Volume Information\_restore{B3BF5352-B406-412E-936E-A9436F19C528}\RP368\A0048842.sys"
Tue 20 Nov 2007 84 A..H. --- "C:\System Volume Information\_restore{B3BF5352-B406-412E-936E-A9436F19C528}\RP368\A0049845.sys"
Tue 20 Nov 2007 84 A..H. --- "C:\System Volume Information\_restore{B3BF5352-B406-412E-936E-A9436F19C528}\RP368\A0049863.sys"
Tue 20 Nov 2007 84 A..H. --- "C:\System Volume Information\_restore{B3BF5352-B406-412E-936E-A9436F19C528}\RP368\A0049890.sys"
Wed 21 Nov 2007 84 A..H. --- "C:\System Volume Information\_restore{B3BF5352-B406-412E-936E-A9436F19C528}\RP368\A0050056.sys"
Wed 21 Nov 2007 84 A..H. --- "C:\System Volume Information\_restore{B3BF5352-B406-412E-936E-A9436F19C528}\RP369\A0050103.sys"
Thu 22 Nov 2007 84 A..H. --- "C:\System Volume Information\_restore{B3BF5352-B406-412E-936E-A9436F19C528}\RP369\A0050121.sys"
Thu 22 Nov 2007 84 A..H. --- "C:\System Volume Information\_restore{B3BF5352-B406-412E-936E-A9436F19C528}\RP369\A0050196.sys"
Fri 23 Nov 2007 84 A..H. --- "C:\System Volume Information\_restore{B3BF5352-B406-412E-936E-A9436F19C528}\RP369\A0050213.sys"
Fri 23 Nov 2007 84 A..H. --- "C:\System Volume Information\_restore{B3BF5352-B406-412E-936E-A9436F19C528}\RP370\A0051215.sys"
Sat 24 Nov 2007 84 A..H. --- "C:\System Volume Information\_restore{B3BF5352-B406-412E-936E-A9436F19C528}\RP370\A0051259.sys"
Sun 25 Nov 2007 84 A..H. --- "C:\System Volume Information\_restore{B3BF5352-B406-412E-936E-A9436F19C528}\RP371\A0051310.sys"
Mon 26 Nov 2007 84 A..H. --- "C:\System Volume Information\_restore{B3BF5352-B406-412E-936E-A9436F19C528}\RP372\A0051335.sys"
Mon 26 Nov 2007 84 A..H. --- "C:\System Volume Information\_restore{B3BF5352-B406-412E-936E-A9436F19C528}\RP372\A0051388.sys"
Tue 27 Nov 2007 84 A..H. --- "C:\System Volume Information\_restore{B3BF5352-B406-412E-936E-A9436F19C528}\RP372\A0051413.sys"
Tue 27 Nov 2007 84 A..H. --- "C:\System Volume Information\_restore{B3BF5352-B406-412E-936E-A9436F19C528}\RP373\A0051470.sys"
Wed 28 Nov 2007 84 A..H. --- "C:\System Volume Information\_restore{B3BF5352-B406-412E-936E-A9436F19C528}\RP373\A0051490.sys"
Wed 28 Nov 2007 84 A..H. --- "C:\System Volume Information\_restore{B3BF5352-B406-412E-936E-A9436F19C528}\RP373\A0051512.sys"
Wed 28 Nov 2007 84 A..H. --- "C:\System Volume Information\_restore{B3BF5352-B406-412E-936E-A9436F19C528}\RP374\A0051598.sys"
Thu 29 Nov 2007 84 A..H. --- "C:\System Volume Information\_restore{B3BF5352-B406-412E-936E-A9436F19C528}\RP374\A0051618.sys"
Thu 29 Nov 2007 84 A..H. --- "C:\System Volume Information\_restore{B3BF5352-B406-412E-936E-A9436F19C528}\RP375\A0051645.sys"
Fri 30 Nov 2007 84 A..H. --- "C:\System Volume Information\_restore{B3BF5352-B406-412E-936E-A9436F19C528}\RP375\A0051665.sys"
Fri 30 Nov 2007 84 A..H. --- "C:\System Volume Information\_restore{B3BF5352-B406-412E-936E-A9436F19C528}\RP376\A0051691.sys"
Sat 1 Dec 2007 84 A..H. --- "C:\System Volume Information\_restore{B3BF5352-B406-412E-936E-A9436F19C528}\RP376\A0051711.sys"
Sat 1 Dec 2007 84 A..H. --- "C:\System Volume Information\_restore{B3BF5352-B406-412E-936E-A9436F19C528}\RP377\A0051745.sys"
Sun 2 Dec 2007 84 A..H. --- "C:\System Volume Information\_restore{B3BF5352-B406-412E-936E-A9436F19C528}\RP380\A0052399.sys"
Mon 3 Dec 2007 84 A..H. --- "C:\System Volume Information\_restore{B3BF5352-B406-412E-936E-A9436F19C528}\RP380\A0052423.sys"
Mon 3 Dec 2007 84 A..H. --- "C:\System Volume Information\_restore{B3BF5352-B406-412E-936E-A9436F19C528}\RP381\A0052456.sys"
Tue 4 Dec 2007 84 A..H. --- "C:\System Volume Information\_restore{B3BF5352-B406-412E-936E-A9436F19C528}\RP381\A0052472.sys"
Tue 4 Dec 2007 84 A..H. --- "C:\System Volume Information\_restore{B3BF5352-B406-412E-936E-A9436F19C528}\RP381\A0052502.sys"
Wed 5 Dec 2007 84 A..H. --- "C:\System Volume Information\_restore{B3BF5352-B406-412E-936E-A9436F19C528}\RP381\A0052520.sys"
Wed 5 Dec 2007 84 A..H. --- "C:\System Volume Information\_restore{B3BF5352-B406-412E-936E-A9436F19C528}\RP381\A0052544.sys"
Thu 6 Dec 2007 84 A..H. --- "C:\System Volume Information\_restore{B3BF5352-B406-412E-936E-A9436F19C528}\RP381\A0052560.sys"
Thu 6 Dec 2007 84 A..H. --- "C:\System Volume Information\_restore{B3BF5352-B406-412E-936E-A9436F19C528}\RP381\A0052597.sys"
Fri 7 Dec 2007 84 A..H. --- "C:\System Volume Information\_restore{B3BF5352-B406-412E-936E-A9436F19C528}\RP381\A0052625.sys"
Fri 7 Dec 2007 84 A..H. --- "C:\System Volume Information\_restore{B3BF5352-B406-412E-936E-A9436F19C528}\RP382\A0052687.sys"
Sat 8 Dec 2007 84 A..H. --- "C:\System Volume Information\_restore{B3BF5352-B406-412E-936E-A9436F19C528}\RP382\A0052719.sys"
Sat 8 Dec 2007 84 A..H. --- "C:\System Volume Information\_restore{B3BF5352-B406-412E-936E-A9436F19C528}\RP383\A0052754.sys"
Sun 9 Dec 2007 84 A..H. --- "C:\System Volume Information\_restore{B3BF5352-B406-412E-936E-A9436F19C528}\RP384\A0052821.sys"
Mon 10 Dec 2007 84 A..H. --- "C:\System Volume Information\_restore{B3BF5352-B406-412E-936E-A9436F19C528}\RP384\A0052838.sys"
Mon 10 Dec 2007 84 A..H. --- "C:\System Volume Information\_restore{B3BF5352-B406-412E-936E-A9436F19C528}\RP385\A0052916.sys"
Tue 11 Dec 2007 84 A..H. --- "C:\System Volume Information\_restore{B3BF5352-B406-412E-936E-A9436F19C528}\RP385\A0053029.sys"
Tue 11 Dec 2007 84 A..H. --- "C:\System Volume Information\_restore{B3BF5352-B406-412E-936E-A9436F19C528}\RP385\A0053066.sys"
Wed 12 Dec 2007 84 A..H. --- "C:\System Volume Information\_restore{B3BF5352-B406-412E-936E-A9436F19C528}\RP385\A0053084.sys"
Wed 12 Dec 2007 84 A..H. --- "C:\System Volume Information\_restore{B3BF5352-B406-412E-936E-A9436F19C528}\RP386\A0053180.sys"
Wed 12 Dec 2007 84 A..H. --- "C:\System Volume Information\_restore{B3BF5352-B406-412E-936E-A9436F19C528}\RP386\A0053207.sys"
Thu 13 Dec 2007 84 A..H. --- "C:\System Volume Information\_restore{B3BF5352-B406-412E-936E-A9436F19C528}\RP386\A0053224.sys"
Thu 13 Dec 2007 84 A..H. --- "C:\System Volume Information\_restore{B3BF5352-B406-412E-936E-A9436F19C528}\RP386\A0053255.sys"
Fri 14 Dec 2007 84 A..H. --- "C:\System Volume Information\_restore{B3BF5352-B406-412E-936E-A9436F19C528}\RP386\A0053272.sys"
Fri 14 Dec 2007 84 A..H. --- "C:\System Volume Information\_restore{B3BF5352-B406-412E-936E-A9436F19C528}\RP387\A0053308.sys"
Sat 15 Dec 2007 84 A..H. --- "C:\System Volume Information\_restore{B3BF5352-B406-412E-936E-A9436F19C528}\RP387\A0053330.sys"
Sat 15 Dec 2007 84 A..H. --- "C:\System Volume Information\_restore{B3BF5352-B406-412E-936E-A9436F19C528}\RP387\A0053349.sys"
Sun 16 Dec 2007 84 A..H. --- "C:\System Volume Information\_restore{B3BF5352-B406-412E-936E-A9436F19C528}\RP388\A0053410.sys"
Mon 17 Dec 2007 84 A..H. --- "C:\System Volume Information\_restore{B3BF5352-B406-412E-936E-A9436F19C528}\RP388\A0053427.sys"
Mon 17 Dec 2007 84 A..H. --- "C:\System Volume Information\_restore{B3BF5352-B406-412E-936E-A9436F19C528}\RP389\A0053483.sys"
Tue 18 Dec 2007 84 A..H. --- "C:\System Volume Information\_restore{B3BF5352-B406-412E-936E-A9436F19C528}\RP389\A0053510.sys"
Tue 18 Dec 2007 84 A..H. --- "C:\System Volume Information\_restore{B3BF5352-B406-412E-936E-A9436F19C528}\RP390\A0053566.sys"
Wed 19 Dec 2007 84 A..H. --- "C:\System Volume Information\_restore{B3BF5352-B406-412E-936E-A9436F19C528}\RP390\A0053586.sys"
Wed 19 Dec 2007 84 A..H. --- "C:\System Volume Information\_restore{B3BF5352-B406-412E-936E-A9436F19C528}\RP391\A0053622.sys"
Thu 20 Dec 2007 84 A..H. --- "C:\System Volume Information\_restore{B3BF5352-B406-412E-936E-A9436F19C528}\RP391\A0053642.sys"
Thu 20 Dec 2007 84 A..H. --- "C:\System Volume Information\_restore{B3BF5352-B406-412E-936E-A9436F19C528}\RP391\A0053658.sys"
Thu 20 Dec 2007 84 A..H. --- "C:\System Volume Information\_restore{B3BF5352-B406-412E-936E-A9436F19C528}\RP391\A0053696.sys"
Fri 21 Dec 2007 84 A..H. --- "C:\System Volume Information\_restore{B3BF5352-B406-412E-936E-A9436F19C528}\RP392\A0053721.sys"
Fri 21 Dec 2007 84 A..H. --- "C:\System Volume Information\_restore{B3BF5352-B406-412E-936E-A9436F19C528}\RP392\A0053744.sys"
Sat 22 Dec 2007 84 A..H. --- "C:\System Volume Information\_restore{B3BF5352-B406-412E-936E-A9436F19C528}\RP392\A0053765.sys"
Sat 22 Dec 2007 84 A..H. --- "C:\System Volume Information\_restore{B3BF5352-B406-412E-936E-A9436F19C528}\RP392\A0053786.sys"
Sun 23 Dec 2007 84 A..H. --- "C:\System Volume Information\_restore{B3BF5352-B406-412E-936E-A9436F19C528}\RP393\A0053921.sys"
Mon 24 Dec 2007 84 A..H. --- "C:\System Volume Information\_restore{B3BF5352-B406-412E-936E-A9436F19C528}\RP393\A0053941.sys"
Tue 25 Dec 2007 84 A..H. --- "C:\System Volume Information\_restore{B3BF5352-B406-412E-936E-A9436F19C528}\RP395\A0053979.sys"
Wed 26 Dec 2007 84 A..H. --- "C:\System Volume Information\_restore{B3BF5352-B406-412E-936E-A9436F19C528}\RP395\A0054001.sys"
Wed 26 Dec 2007 84 A..H. --- "C:\System Volume Information\_restore{B3BF5352-B406-412E-936E-A9436F19C528}\RP407\A0054540.sys"
Wed 26 Dec 2007 84 A..H. --- "C:\System Volume Information\_restore{B3BF5352-B406-412E-936E-A9436F19C528}\RP407\A0054574.sys"
Wed 26 Dec 2007 84 A..H. --- "C:\System Volume Information\_restore{B3BF5352-B406-412E-936E-A9436F19C528}\RP408\A0055574.sys"
Wed 26 Dec 2007 84 A..H. --- "C:\System Volume Information\_restore{B3BF5352-B406-412E-936E-A9436F19C528}\RP408\A0055613.sys"
Thu 27 Dec 2007 84 A..H. --- "C:\System Volume Information\_restore{B3BF5352-B406-412E-936E-A9436F19C528}\RP408\A0055630.sys"
Thu 27 Dec 2007 84 A..H. --- "C:\System Volume Information\_restore{B3BF5352-B406-412E-936E-A9436F19C528}\RP408\A0055660.sys"
Fri 28 Dec 2007 84 A..H. --- "C:\System Volume Information\_restore{B3BF5352-B406-412E-936E-A9436F19C528}\RP409\A0055679.sys"
Fri 28 Dec 2007 84 A..H. --- "C:\System Volume Information\_restore{B3BF5352-B406-412E-936E-A9436F19C528}\RP424\A0055772.sys"
Sat 29 Dec 2007 84 A..H. --- "C:\System Volume Information\_restore{B3BF5352-B406-412E-936E-A9436F19C528}\RP424\A0055807.sys"
Sat 29 Dec 2007 84 A..H. --- "C:\System Volume Information\_restore{B3BF5352-B406-412E-936E-A9436F19C528}\RP424\A0055839.sys"
Sun 30 Dec 2007 84 A..H. --- "C:\System Volume Information\_restore{B3BF5352-B406-412E-936E-A9436F19C528}\RP427\A0056296.sys"
Sun 30 Dec 2007 84 A..H. --- "C:\System Volume Information\_restore{B3BF5352-B406-412E-936E-A9436F19C528}\RP427\A0056503.sys"
Sun 30 Dec 2007 84 A..H. --- "C:\System Volume Information\_restore{B3BF5352-B406-412E-936E-A9436F19C528}\RP429\A0057009.sys"
Sun 30 Dec 2007 84 A..H. --- "C:\System Volume Information\_restore{B3BF5352-B406-412E-936E-A9436F19C528}\RP431\A0057060.sys"
Mon 31 Dec 2007 84 A..H. --- "C:\System Volume Information\_restore{B3BF5352-B406-412E-936E-A9436F19C528}\RP431\A0057083.sys"
Mon 31 Dec 2007 84 A..H. --- "C:\System Volume Information\_restore{B3BF5352-B406-412E-936E-A9436F19C528}\RP432\A0057153.sys"
Tue 1 Jan 2008 84 A..H. --- "C:\System Volume Information\_restore{B3BF5352-B406-412E-936E-A9436F19C528}\RP432\A0057173.sys"
Tue 1 Jan 2008 84 A..H. --- "C:\System Volume Information\_restore{B3BF5352-B406-412E-936E-A9436F19C528}\RP432\A0057197.sys"
Wed 2 Jan 2008 84 A..H. --- "C:\System Volume Information\_restore{B3BF5352-B406-412E-936E-A9436F19C528}\RP432\A0057215.sys"
Wed 2 Jan 2008 84 A..H. --- "C:\System Volume Information\_restore{B3BF5352-B406-412E-936E-A9436F19C528}\RP433\A0057395.sys"
Wed 2 Jan 2008 84 A..H. --- "C:\System Volume Information\_restore{B3BF5352-B406-412E-936E-A9436F19C528}\RP433\A0057420.sys"
Thu 3 Jan 2008 84 A..H. --- "C:\System Volume Information\_restore{B3BF5352-B406-412E-936E-A9436F19C528}\RP433\A0057439.sys"
Thu 3 Jan 2008 84 A..H. --- "C:\System Volume Information\_restore{B3BF5352-B406-412E-936E-A9436F19C528}\RP434\A0057498.sys"
Fri 4 Jan 2008 84 A..H. --- "C:\System Volume Information\_restore{B3BF5352-B406-412E-936E-A9436F19C528}\RP434\A0057532.sys"
Fri 4 Jan 2008 84 A..H. --- "C:\System Volume Information\_restore{B3BF5352-B406-412E-936E-A9436F19C528}\RP435\A0057560.sys"
Sat 5 Jan 2008 84 A..H. --- "C:\System Volume Information\_restore{B3BF5352-B406-412E-936E-A9436F19C528}\RP435\A0057584.sys"
Sat 5 Jan 2008 84 A..H. --- "C:\System Volume Information\_restore{B3BF5352-B406-412E-936E-A9436F19C528}\RP436\A0057612.sys"
Sun 6 Jan 2008 84 A..H. --- "C:\System Volume Information\_restore{B3BF5352-B406-412E-936E-A9436F19C528}\RP437\A0058172.sys"
Mon 7 Jan 2008 84 A..H. --- "C:\System Volume Information\_restore{B3BF5352-B406-412E-936E-A9436F19C528}\RP437\A0058200.sys"
Mon 7 Jan 2008 84 A..H. --- "C:\System Volume Information\_restore{B3BF5352-B406-412E-936E-A9436F19C528}\RP437\A0058252.sys"
Tue 8 Jan 2008 84 A..H. --- "C:\System Volume Information\_restore{B3BF5352-B406-412E-936E-A9436F19C528}\RP437\A0058272.sys"
Tue 8 Jan 2008 84 A..H. --- "C:\System Volume Information\_restore{B3BF5352-B406-412E-936E-A9436F19C528}\RP437\A0058308.sys"
Wed 9 Jan 2008 84 A..H. --- "C:\System Volume Information\_restore{B3BF5352-B406-412E-936E-A9436F19C528}\RP438\A0058340.sys"
Wed 9 Jan 2008 84 A..H. --- "C:\System Volume Information\_restore{B3BF5352-B406-412E-936E-A9436F19C528}\RP438\A0058367.sys"
Thu 10 Jan 2008 84 A..H. --- "C:\System Volume Information\_restore{B3BF5352-B406-412E-936E-A9436F19C528}\RP438\A0058393.sys"
Thu 10 Jan 2008 84 A..H. --- "C:\System Volume Information\_restore{B3BF5352-B406-412E-936E-A9436F19C528}\RP438\A0058416.sys"
Fri 11 Jan 2008 84 A..H. --- "C:\System Volume Information\_restore{B3BF5352-B406-412E-936E-A9436F19C528}\RP438\A0058435.sys"
Fri 11 Jan 2008 84 A..H. --- "C:\System Volume Information\_restore{B3BF5352-B406-412E-936E-A9436F19C528}\RP439\A0058476.sys"
Sat 12 Jan 2008 84 A..H. --- "C:\System Volume Information\_restore{B3BF5352-B406-412E-936E-A9436F19C528}\RP439\A0058494.sys"
Sat 12 Jan 2008 84 A..H. --- "C:\System Volume Information\_restore{B3BF5352-B406-412E-936E-A9436F19C528}\RP440\A0058540.sys"
Sun 13 Jan 2008 84 A..H. --- "C:\System Volume Information\_restore{B3BF5352-B406-412E-936E-A9436F19C528}\RP440\A0058589.sys"
Mon 14 Jan 2008 84 A..H. --- "C:\System Volume Information\_restore{B3BF5352-B406-412E-936E-A9436F19C528}\RP440\A0058611.sys"
Mon 14 Jan 2008 84 A..H. --- "C:\System Volume Information\_restore{B3BF5352-B406-412E-936E-A9436F19C528}\RP440\A0058635.sys"
Tue 15 Jan 2008 84 A..H. --- "C:\System Volume Information\_restore{B3BF5352-B406-412E-936E-A9436F19C528}\RP440\A0058653.sys"
Tue 15 Jan 2008 84 A..H. --- "C:\System Volume Information\_restore{B3BF5352-B406-412E-936E-A9436F19C528}\RP441\A0058682.sys"
Wed 16 Jan 2008 84 A..H. --- "C:\System Volume Information\_restore{B3BF5352-B406-412E-936E-A9436F19C528}\RP441\A0058695.sys"
Wed 16 Jan 2008 84 A..H. --- "C:\System Volume Information\_restore{B3BF5352-B406-412E-936E-A9436F19C528}\RP441\A0058720.sys"
Thu 17 Jan 2008 84 A..H. --- "C:\System Volume Information\_restore{B3BF5352-B406-412E-936E-A9436F19C528}\RP441\A0058740.sys"
Thu 17 Jan 2008 84 A..H. --- "C:\System Volume Information\_restore{B3BF5352-B406-412E-936E-A9436F19C528}\RP442\A0058777.sys"
Fri 18 Jan 2008 84 A..H. --- "C:\System Volume Information\_restore{B3BF5352-B406-412E-936E-A9436F19C528}\RP442\A0058794.sys"
Fri 18 Jan 2008 84 A..H. --- "C:\System Volume Information\_restore{B3BF5352-B406-412E-936E-A9436F19C528}\RP443\A0058831.sys"
Sat 19 Jan 2008 84 A..H. --- "C:\System Volume Information\_restore{B3BF5352-B406-412E-936E-A9436F19C528}\RP443\A0058876.sys"
Sun 20 Jan 2008 84 A..H. --- "C:\System Volume Information\_restore{B3BF5352-B406-412E-936E-A9436F19C528}\RP444\A0058934.sys"
Mon 21 Jan 2008 84 A..H. --- "C:\System Volume Information\_restore{B3BF5352-B406-412E-936E-A9436F19C528}\RP444\A0058961.sys"
Mon 21 Jan 2008 84 A..H. --- "C:\System Volume Information\_restore{B3BF5352-B406-412E-936E-A9436F19C528}\RP445\A0059004.sys"
Tue 22 Jan 2008 84 A..H. --- "C:\System Volume Information\_restore{B3BF5352-B406-412E-936E-A9436F19C528}\RP445\A0059040.sys"
Tue 22 Jan 2008 84 A..H. --- "C:\System Volume Information\_restore{B3BF5352-B406-412E-936E-A9436F19C528}\RP446\A0059064.sys"
Wed 23 Jan 2008 84 A..H. --- "C:\System Volume Information\_restore{B3BF5352-B406-412E-936E-A9436F19C528}\RP446\A0059083.sys"
Wed 23 Jan 2008 84 A..H. --- "C:\System Volume Information\_restore{B3BF5352-B406-412E-936E-A9436F19C528}\RP446\A0059106.sys"
Thu 24 Jan 2008 84 A..H. --- "C:\System Volume Information\_restore{B3BF5352-B406-412E-936E-A9436F19C528}\RP446\A0059155.sys"
Thu 24 Jan 2008 84 A..H. --- "C:\System Volume Information\_restore{B3BF5352-B406-412E-936E-A9436F19C528}\RP446\A0059175.sys"
Fri 25 Jan 2008 84 A..H. --- "C:\System Volume Information\_restore{B3BF5352-B406-412E-936E-A9436F19C528}\RP446\A0059196.sys"
Fri 25 Jan 2008 84 A..H. --- "C:\System Volume Information\_restore{B3BF5352-B406-412E-936E-A9436F19C528}\RP447\A0059226.sys"
Sat 26 Jan 2008 84 A..H. --- "C:\System Volume Information\_restore{B3BF5352-B406-412E-936E-A9436F19C528}\RP447\A0059246.sys"
Sat 26 Jan 2008 84 A..H. --- "C:\System Volume Information\_restore{B3BF5352-B406-412E-936E-A9436F19C528}\RP448\A0059284.sys"
Sun 27 Jan 2008 84 A..H. --- "C:\System Volume Information\_restore{B3BF5352-B406-412E-936E-A9436F19C528}\RP448\A0059351.sys"
Mon 30 Apr 2007 0 A.SH. --- "C:\Documents and Settings\All Users\DRM\Cache\Indiv02.tmp"
Sun 27 Jan 2008 84 A..H. --- "C:\Program Files\Common Files\X10\Common\x10prod.sys"
Sun 21 Jan 2007 0 A.SH. --- "C:\Documents and Settings\All Users\DRM\DRM copy\Cache\Indiv01.tmp"
Tue 5 Jul 2005 4,348 A..H. --- "C:\Documents and Settings\Sam\Mes documents\Ma musique\Sauvegarde de la licence\drmv1key.bak"
Mon 26 Dec 2005 782 A..H. --- "C:\Documents and Settings\Sam\Mes documents\Ma musique\Sauvegarde de la licence\drmv1lic.bak"
Thu 13 Oct 2005 400 A.SH. --- "C:\Documents and Settings\Sam\Mes documents\Ma musique\Sauvegarde de la licence\drmv2key.bak"
Sun 27 Jan 2008 5,686 A.SH. --- "C:\Documents and Settings\All Users\Documents\TV enregistr‚e\TempRec\TempSBE\SBE1.tmp"

Finished!

Puis celui d'hijackthis :

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 22:10:38, on 27/01/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16574)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\WINDOWS\system32\PSIService.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Fichiers communs\Ulead Systems\DVD\ULCDRSvr.exe
C:\Program Files\Sonic\DigitalMedia LE v7\MyDVD LE\USBDeviceService.exe
C:\WINDOWS\system32\DRIVERS\WtSrv.exe
C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\system32\dllhost.exe
C:\WINDOWS\system32\notepad.exe
C:\WINDOWS\ehome\ehtray.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\WINDOWS\eHome\ehmsas.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
C:\PROGRA~1\GOTOSO~1\VADERE~1\Vaderetro_oe.exe
C:\Program Files\Sonic\DigitalMedia LE v7\MyDVD LE\DetectorApp.exe
C:\apps\ABoard\ABoard.exe
C:\PROGRA~1\Wanadoo\CnxMon.exe
C:\PROGRA~1\Wanadoo\TaskbarIcon.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\apps\ABoard\AOSD.exe
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\WINDOWS\PixArt\PAC207\Monitor.exe
C:\WINDOWS\system32\WService.EXE
C:\APPS\SMP\SmpSys.exe
C:\Program Files\RamBoost XP\rambxpfr.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe
C:\Program Files\Kodak\KODAK Software Updater\7288971\Program\Kodak Software Updater.exe
C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Hijackthis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = https://www.orange.fr/portail
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.orange.fr/portail
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Wanadoo
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\PROGRA~1\Wanadoo\SEARCH~1.DLL
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: MegaIEMn - {bf00e119-21a3-4fd1-b178-3b8537e75c92} - C:\Program Files\Megaupload\Mega Manager\MegaIEMn.dll
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe
O4 - HKLM\..\Run: [ATICCC] "c:\Program Files\ATI Technologies\ATI.ACE\cli.exe" runtime -Delay
O4 - HKLM\..\Run: [High Definition Audio Property Page Shortcut] HDAShCut.exe
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
O4 - HKLM\..\Run: [Vade Retro Outlook Express] "C:\PROGRA~1\GOTOSO~1\VADERE~1\Vaderetro_oe.exe"
O4 - HKLM\..\Run: [DetectorApp] C:\Program Files\Sonic\DigitalMedia LE v7\MyDVD LE\DetectorApp.exe
O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\FICHIE~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE /Spoil /RemAdvDef /Migration32"
O4 - HKLM\..\Run: [ACTIVBOARD] c:\apps\ABoard\ABoard.exe
O4 - HKLM\..\Run: [WooCnxMon] C:\PROGRA~1\Wanadoo\CnxMon.exe
O4 - HKLM\..\Run: [WOOWATCH] C:\PROGRA~1\Wanadoo\Watch.exe
O4 - HKLM\..\Run: [WOOTASKBARICON] C:\PROGRA~1\Wanadoo\TaskbarIcon.exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [BOOT] C:\Program Files\ISSENDIS\ISSENDIS WebUpdate v6\issendiswebupdatev6.exe /BOOT
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [Monitor] C:\WINDOWS\PixArt\PAC207\Monitor.exe
O4 - HKLM\..\Run: [Ulead AutoDetector v2] C:\Program Files\Fichiers communs\Ulead Systems\AutoDetector\monitor.exe
O4 - HKLM\..\Run: [NBKeyScan] "C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe"
O4 - HKLM\..\Run: [WService] WService.EXE
O4 - HKLM\..\Run: [OoPDFSettingsv6.exe] C:\Program Files\OFFICE One6.5\OFFICE One PDF Manager\OoPDFSettingsv6.exe
O4 - HKCU\..\Run: [SmpcSys] C:\APPS\SMP\SmpSys.exe
O4 - HKCU\..\Run: [RamBoostXp] "C:\Program Files\RamBoost XP\rambxpfr.exe"
O4 - HKCU\..\Run: [slide.exe] c:\progra~1\slide\slide.exe
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [updateMgr] C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe AcRdB7_0_9
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Fichiers communs\Nero\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: DSLMON.lnk = C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe
O4 - Global Startup: KODAK Software Updater.lnk = C:\Program Files\Kodak\KODAK Software Updater\7288971\Program\Kodak Software Updater.exe
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Logiciel Kodak EasyShare.lnk = C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: Liens de téléchargement avec Mega Manager... - C:\Program Files\Megaupload\Mega Manager\mm_file.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: Bonjour - {7F9DB11C-E358-4ca6-A83D-ACC663939424} - C:\Program Files\Bonjour\ExplorerPlugin.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messager Wanadoo - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\PROGRA~1\WANADO~1\Wanadoo Messager.exe
O9 - Extra 'Tools' menuitem: Messager Wanadoo - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\PROGRA~1\WANADO~1\Wanadoo Messager.exe
O9 - Extra button: Wanadoo - {1462651F-F4BA-4C76-A001-C4284D0FE16E} - https://www.orange.fr/portail (file missing) (HKCU)
O9 - Extra button: Groom - {66F83792-DAE1-4823-8F20-ADA94B33A4FF} - C:\Program Files\Toox\Groom\Groom.exe (HKCU)
O14 - IERESET.INF: START_PAGE_URL=file://C:\APPS\IE\offline\fr.htm
O16 - DPF: {029FDBA6-3547-11D7-AA4C-0050BF051A00} (Rawflow ICD Client) - http://s.tf1.fr/mmdia/static/rawflow/clients/5.3.1.0/Rawflow.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab
O16 - DPF: {45A0A292-ECC6-4D8F-9EA9-A4BD411D24C1} (king.com) - http://king.orange.fr/ctl/kingcomie.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://samouchka16.spaces.live.com//PhotoUpload/MsnPUpld.cab
O16 - DPF: {5308E02B-4ABA-48E4-AA9E-8A7693661473} (GameCtl Class) - http://jeuxenligne.orange.fr/GisActiveX/Ax/GameAx.cab
O16 - DPF: {5392B545-31A5-4724-BEF3-4FED1D56FDAC} (CPlayFirstDinerDash2_frControl Object) - file://C:\Documents and Settings\Sam\Local Settings\Application Data\Oberon Media\Oberon Games Host\DinerDash2_fr.1.0.0.70.cab
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.cab
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - https://bitdefender.solutions-antivirus.com/scan8/oscan8.cab
O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} (DivXBrowserPlugin Object) - http://download.divx.com/player/DivXBrowserPlugin.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/...
O16 - DPF: {7CCAD6DD-DD0B-440B-91FF-7670F5AADC21} (SpinTop Games Launcher) - http://jeuxentelechargement.orange.fr/online2/mystery_solitaire/SpinTopGamesLauncher.cab
O16 - DPF: {7E980B9B-8AE5-466A-B6D6-DA8CF814E78A} (MJLauncherCtrl Class) - http://jeuxenligne.orange.fr/gameshell/online/fr/luxor_amun_rising/mjolauncher.cab
O16 - DPF: {7FC1B346-83E6-4774-8D20-1A6B09B0E737} (Windows Live Photo Upload Control) - http://samouchka16.spaces.live.com/PhotoUpload/MsnPUpld.cab
O16 - DPF: {87AF076E-D86D-4E87-ADDD-F05804E1F150} (VirginMega DownloadManager) - https://www.virginmega.fr/DownloadManager/Release/Prod/DownMan.cab
O16 - DPF: {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} (Zylom Games Player) - http://game03.zylom.com/activex/zylomgamesplayer.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {C9E17F58-564C-41C6-989F-AB0FE0D2C9D1} - http://jeuxenligne.orange.fr/orange2.0/OnlineHSS/zuma/Popcap.cab
O16 - DPF: {CF40ACC5-E1BB-4AFF-AC72-04C2F616BCA7} (get_atlcom Class) - http://www.adobe.com/products/acrobat/nos/gp.cab
O16 - DPF: {D0C0F75C-683A-4390-A791-1ACFD5599AB8} (Oberon Flash Game Host) - http://jeuxmultijoueurs.orange.fr/Gameshell/GameHost/1.0/OberonGameHost.cab
O16 - DPF: {DF780F87-FF2B-4DF8-92D0-73DB16A1543A} (PopCapLoader Object) - file:///C:/Documents%20and%20Settings/Sam/Local%20Settings/Application%20Data/Oberon%20Media/Oberon%20Games%20Host/popcaploader_v6.cab
O16 - DPF: {EF148DBB-5B6D-4130-B2A1-661571E86260} (Playtime Games Launcher) - http://jeuxentelechargement.orange.fr/online2/mahjong_escape_ancient/PTGameLauncher.cab
O16 - DPF: {F7EDBBEA-1AD2-4EBF-AA07-D453CC29EE65} (Flash Casino Helper Object) - https://casinoclassic.microgaming.com/casinoclassic/FlashAX2.cab
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Computer, Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: ProtexisLicensing - Unknown owner - C:\WINDOWS\system32\PSIService.exe
O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Fichiers communs\Ulead Systems\DVD\ULCDRSvr.exe
O23 - Service: USBDeviceService - Unknown owner - C:\Program Files\Sonic\DigitalMedia LE v7\MyDVD LE\USBDeviceService.exe
O23 - Service: WinTab Service (WinTabService) - Tablet Driver - C:\WINDOWS\system32\DRIVERS\WtSrv.exe
O23 - Service: X10 Device Network Service (x10nets) - X10 - C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe
0

Vous n’avez pas trouvé la réponse que vous recherchez ?

Posez votre question
Réponse 25 / 32
jfkpresident Messages postés 13877 Statut Contributeur sécurité 1 175
 
-> Relance HijackThis cliques sur « scanner seulement » ou (« do a scan only »),
coche les cases devant ces lignes :

O16 - DPF: {DF780F87-FF2B-4DF8-92D0-73DB16A1543A} (PopCapLoader Object) - file:///C:/Documents%20and%20Settings/Sam/Local%20Settings/Application%20Data/Oberon%20Med ia/Oberon%20Games%20Host/popcaploader_v6.cab
O9 - Extra button: Wanadoo - {1462651F-F4BA-4C76-A001-C4284D0FE16E} - https://www.orange.fr/portail (file missing) (HKCU)
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)

et ensuite ferme toutes les fenêtres actives autres que HijackThis!, navigateur inclus,
puis clique "Fix checked"( ou « fixer objet »). Ferme HijackThis!

dis moi ensuite ou en sont tes problemes ??
0
Réponse 26 / 32
samantha16 Messages postés 131 Statut Membre 1
 
bonjour , avant de faire ce que tu m'as dis , j'ai préféré te refaire un scan hijackthis en ayant rien d'ouvert , pour voir si il y a une différence . Par contre je n'ai plus de soucis apparement , avast a du bien faire son boulot, j'ai des virus en quarantaine chez lui, mais je sais pas si je doit les supprimer ou les laisser en quarantaine , voici une image de la zone de quarantaine : http://img156.imageshack.us/img156/5381/40aineavastsc9.jpg , si tu peux dis moi si je dois les supprimer . merci

voilà le scan :

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 09:27:11, on 28/01/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16574)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\WINDOWS\system32\PSIService.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Fichiers communs\Ulead Systems\DVD\ULCDRSvr.exe
C:\Program Files\Sonic\DigitalMedia LE v7\MyDVD LE\USBDeviceService.exe
C:\WINDOWS\system32\DRIVERS\WtSrv.exe
C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\ehome\ehtray.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
C:\PROGRA~1\GOTOSO~1\VADERE~1\Vaderetro_oe.exe
C:\Program Files\Sonic\DigitalMedia LE v7\MyDVD LE\DetectorApp.exe
C:\apps\ABoard\ABoard.exe
C:\PROGRA~1\Wanadoo\CnxMon.exe
C:\apps\ABoard\AOSD.exe
C:\PROGRA~1\Wanadoo\TaskbarIcon.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\WINDOWS\PixArt\PAC207\Monitor.exe
C:\WINDOWS\system32\WService.EXE
C:\APPS\SMP\SmpSys.exe
C:\Program Files\RamBoost XP\rambxpfr.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe
C:\Program Files\Kodak\KODAK Software Updater\7288971\Program\Kodak Software Updater.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\system32\dllhost.exe
C:\WINDOWS\eHome\ehmsas.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Hijackthis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = https://www.orange.fr/portail
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.orange.fr/portail
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Wanadoo
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\PROGRA~1\Wanadoo\SEARCH~1.DLL
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: MegaIEMn - {bf00e119-21a3-4fd1-b178-3b8537e75c92} - C:\Program Files\Megaupload\Mega Manager\MegaIEMn.dll
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe
O4 - HKLM\..\Run: [ATICCC] "c:\Program Files\ATI Technologies\ATI.ACE\cli.exe" runtime -Delay
O4 - HKLM\..\Run: [High Definition Audio Property Page Shortcut] HDAShCut.exe
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
O4 - HKLM\..\Run: [Vade Retro Outlook Express] "C:\PROGRA~1\GOTOSO~1\VADERE~1\Vaderetro_oe.exe"
O4 - HKLM\..\Run: [DetectorApp] C:\Program Files\Sonic\DigitalMedia LE v7\MyDVD LE\DetectorApp.exe
O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\FICHIE~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE /Spoil /RemAdvDef /Migration32"
O4 - HKLM\..\Run: [ACTIVBOARD] c:\apps\ABoard\ABoard.exe
O4 - HKLM\..\Run: [WooCnxMon] C:\PROGRA~1\Wanadoo\CnxMon.exe
O4 - HKLM\..\Run: [WOOWATCH] C:\PROGRA~1\Wanadoo\Watch.exe
O4 - HKLM\..\Run: [WOOTASKBARICON] C:\PROGRA~1\Wanadoo\TaskbarIcon.exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [BOOT] C:\Program Files\ISSENDIS\ISSENDIS WebUpdate v6\issendiswebupdatev6.exe /BOOT
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [Monitor] C:\WINDOWS\PixArt\PAC207\Monitor.exe
O4 - HKLM\..\Run: [Ulead AutoDetector v2] C:\Program Files\Fichiers communs\Ulead Systems\AutoDetector\monitor.exe
O4 - HKLM\..\Run: [NBKeyScan] "C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe"
O4 - HKLM\..\Run: [WService] WService.EXE
O4 - HKLM\..\Run: [OoPDFSettingsv6.exe] C:\Program Files\OFFICE One6.5\OFFICE One PDF Manager\OoPDFSettingsv6.exe
O4 - HKCU\..\Run: [SmpcSys] C:\APPS\SMP\SmpSys.exe
O4 - HKCU\..\Run: [RamBoostXp] "C:\Program Files\RamBoost XP\rambxpfr.exe"
O4 - HKCU\..\Run: [slide.exe] c:\progra~1\slide\slide.exe
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [updateMgr] C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe AcRdB7_0_9
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Fichiers communs\Nero\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: DSLMON.lnk = C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe
O4 - Global Startup: KODAK Software Updater.lnk = C:\Program Files\Kodak\KODAK Software Updater\7288971\Program\Kodak Software Updater.exe
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Logiciel Kodak EasyShare.lnk = C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: Liens de téléchargement avec Mega Manager... - C:\Program Files\Megaupload\Mega Manager\mm_file.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: Bonjour - {7F9DB11C-E358-4ca6-A83D-ACC663939424} - C:\Program Files\Bonjour\ExplorerPlugin.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messager Wanadoo - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\PROGRA~1\WANADO~1\Wanadoo Messager.exe
O9 - Extra 'Tools' menuitem: Messager Wanadoo - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\PROGRA~1\WANADO~1\Wanadoo Messager.exe
O9 - Extra button: Wanadoo - {1462651F-F4BA-4C76-A001-C4284D0FE16E} - https://www.orange.fr/portail (file missing) (HKCU)
O9 - Extra button: Groom - {66F83792-DAE1-4823-8F20-ADA94B33A4FF} - C:\Program Files\Toox\Groom\Groom.exe (HKCU)
O14 - IERESET.INF: START_PAGE_URL=file://C:\APPS\IE\offline\fr.htm
O16 - DPF: {029FDBA6-3547-11D7-AA4C-0050BF051A00} (Rawflow ICD Client) - http://s.tf1.fr/mmdia/static/rawflow/clients/5.3.1.0/Rawflow.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab
O16 - DPF: {45A0A292-ECC6-4D8F-9EA9-A4BD411D24C1} (king.com) - http://king.orange.fr/ctl/kingcomie.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://samouchka16.spaces.live.com//PhotoUpload/MsnPUpld.cab
O16 - DPF: {5308E02B-4ABA-48E4-AA9E-8A7693661473} (GameCtl Class) - http://jeuxenligne.orange.fr/GisActiveX/Ax/GameAx.cab
O16 - DPF: {5392B545-31A5-4724-BEF3-4FED1D56FDAC} (CPlayFirstDinerDash2_frControl Object) - file://C:\Documents and Settings\Sam\Local Settings\Application Data\Oberon Media\Oberon Games Host\DinerDash2_fr.1.0.0.70.cab
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.cab
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - https://bitdefender.solutions-antivirus.com/scan8/oscan8.cab
O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} (DivXBrowserPlugin Object) - http://download.divx.com/player/DivXBrowserPlugin.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/...
O16 - DPF: {7CCAD6DD-DD0B-440B-91FF-7670F5AADC21} (SpinTop Games Launcher) - http://jeuxentelechargement.orange.fr/online2/mystery_solitaire/SpinTopGamesLauncher.cab
O16 - DPF: {7E980B9B-8AE5-466A-B6D6-DA8CF814E78A} (MJLauncherCtrl Class) - http://jeuxenligne.orange.fr/gameshell/online/fr/luxor_amun_rising/mjolauncher.cab
O16 - DPF: {7FC1B346-83E6-4774-8D20-1A6B09B0E737} (Windows Live Photo Upload Control) - http://samouchka16.spaces.live.com/PhotoUpload/MsnPUpld.cab
O16 - DPF: {87AF076E-D86D-4E87-ADDD-F05804E1F150} (VirginMega DownloadManager) - https://www.virginmega.fr/DownloadManager/Release/Prod/DownMan.cab
O16 - DPF: {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} (Zylom Games Player) - http://game03.zylom.com/activex/zylomgamesplayer.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {C9E17F58-564C-41C6-989F-AB0FE0D2C9D1} - http://jeuxenligne.orange.fr/orange2.0/OnlineHSS/zuma/Popcap.cab
O16 - DPF: {CF40ACC5-E1BB-4AFF-AC72-04C2F616BCA7} (get_atlcom Class) - http://www.adobe.com/products/acrobat/nos/gp.cab
O16 - DPF: {D0C0F75C-683A-4390-A791-1ACFD5599AB8} (Oberon Flash Game Host) - http://jeuxmultijoueurs.orange.fr/Gameshell/GameHost/1.0/OberonGameHost.cab
O16 - DPF: {DF780F87-FF2B-4DF8-92D0-73DB16A1543A} (PopCapLoader Object) - file:///C:/Documents%20and%20Settings/Sam/Local%20Settings/Application%20Data/Oberon%20Media/Oberon%20Games%20Host/popcaploader_v6.cab
O16 - DPF: {EF148DBB-5B6D-4130-B2A1-661571E86260} (Playtime Games Launcher) - http://jeuxentelechargement.orange.fr/online2/mahjong_escape_ancient/PTGameLauncher.cab
O16 - DPF: {F7EDBBEA-1AD2-4EBF-AA07-D453CC29EE65} (Flash Casino Helper Object) - https://casinoclassic.microgaming.com/casinoclassic/FlashAX2.cab
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Computer, Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: ProtexisLicensing - Unknown owner - C:\WINDOWS\system32\PSIService.exe
O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Fichiers communs\Ulead Systems\DVD\ULCDRSvr.exe
O23 - Service: USBDeviceService - Unknown owner - C:\Program Files\Sonic\DigitalMedia LE v7\MyDVD LE\USBDeviceService.exe
O23 - Service: WinTab Service (WinTabService) - Tablet Driver - C:\WINDOWS\system32\DRIVERS\WtSrv.exe
O23 - Service: X10 Device Network Service (x10nets) - X10 - C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe
0
Réponse 27 / 32
jfkpresident Messages postés 13877 Statut Contributeur sécurité 1 175
 
suis mes consignes post 25 et supprimes (si tu peux) les trojans en quarantaine .

je te conseille:--Essaye le navigateur Firefox plus sur/sécurisé qu IE

-Téléchargement: http://www.mozilla-europe.org/fr/products/firefox/
-Tutorial pour le sécuriser: https://forum.zebulon.fr/topic/69628-s%C3%A9curiser-un-peu-plus-firefox/

garde explorer pour les mise a jour et les scan en ligne.

0
Réponse 28 / 32
samantha16 Messages postés 131 Statut Membre 1
 
coucou , j'ai fait ce que tu m'as dis. Mais comme je te le disais , apparemment je n'ai plus de problèmes . Peux tu me confirmer que je peux supprimer les virus dans avast ? Pour les voir , je t'ai mis le lien de l'image de la zone de quarantaine dans le post 26 . voilà le scan hijackthis après les manip que tu m'as dis de faire :

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 22:27:26, on 28/01/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16574)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\WINDOWS\system32\PSIService.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Fichiers communs\Ulead Systems\DVD\ULCDRSvr.exe
C:\Program Files\Sonic\DigitalMedia LE v7\MyDVD LE\USBDeviceService.exe
C:\WINDOWS\system32\DRIVERS\WtSrv.exe
C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\ehome\ehtray.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
C:\PROGRA~1\GOTOSO~1\VADERE~1\Vaderetro_oe.exe
C:\Program Files\Sonic\DigitalMedia LE v7\MyDVD LE\DetectorApp.exe
C:\apps\ABoard\ABoard.exe
C:\PROGRA~1\Wanadoo\CnxMon.exe
C:\apps\ABoard\AOSD.exe
C:\PROGRA~1\Wanadoo\TaskbarIcon.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\WINDOWS\PixArt\PAC207\Monitor.exe
C:\APPS\SMP\SmpSys.exe
C:\WINDOWS\system32\WService.EXE
C:\Program Files\RamBoost XP\rambxpfr.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe
C:\Program Files\Kodak\KODAK Software Updater\7288971\Program\Kodak Software Updater.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\system32\dllhost.exe
C:\WINDOWS\eHome\ehmsas.exe
C:\Hijackthis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = https://www.orange.fr/portail
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.orange.fr/portail
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Wanadoo
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\PROGRA~1\Wanadoo\SEARCH~1.DLL
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: MegaIEMn - {bf00e119-21a3-4fd1-b178-3b8537e75c92} - C:\Program Files\Megaupload\Mega Manager\MegaIEMn.dll
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe
O4 - HKLM\..\Run: [ATICCC] "c:\Program Files\ATI Technologies\ATI.ACE\cli.exe" runtime -Delay
O4 - HKLM\..\Run: [High Definition Audio Property Page Shortcut] HDAShCut.exe
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
O4 - HKLM\..\Run: [Vade Retro Outlook Express] "C:\PROGRA~1\GOTOSO~1\VADERE~1\Vaderetro_oe.exe"
O4 - HKLM\..\Run: [DetectorApp] C:\Program Files\Sonic\DigitalMedia LE v7\MyDVD LE\DetectorApp.exe
O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\FICHIE~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE /Spoil /RemAdvDef /Migration32"
O4 - HKLM\..\Run: [ACTIVBOARD] c:\apps\ABoard\ABoard.exe
O4 - HKLM\..\Run: [WooCnxMon] C:\PROGRA~1\Wanadoo\CnxMon.exe
O4 - HKLM\..\Run: [WOOWATCH] C:\PROGRA~1\Wanadoo\Watch.exe
O4 - HKLM\..\Run: [WOOTASKBARICON] C:\PROGRA~1\Wanadoo\TaskbarIcon.exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [BOOT] C:\Program Files\ISSENDIS\ISSENDIS WebUpdate v6\issendiswebupdatev6.exe /BOOT
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [Monitor] C:\WINDOWS\PixArt\PAC207\Monitor.exe
O4 - HKLM\..\Run: [Ulead AutoDetector v2] C:\Program Files\Fichiers communs\Ulead Systems\AutoDetector\monitor.exe
O4 - HKLM\..\Run: [NBKeyScan] "C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe"
O4 - HKLM\..\Run: [WService] WService.EXE
O4 - HKLM\..\Run: [OoPDFSettingsv6.exe] C:\Program Files\OFFICE One6.5\OFFICE One PDF Manager\OoPDFSettingsv6.exe
O4 - HKCU\..\Run: [SmpcSys] C:\APPS\SMP\SmpSys.exe
O4 - HKCU\..\Run: [RamBoostXp] "C:\Program Files\RamBoost XP\rambxpfr.exe"
O4 - HKCU\..\Run: [slide.exe] c:\progra~1\slide\slide.exe
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [updateMgr] C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe AcRdB7_0_9
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Fichiers communs\Nero\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: DSLMON.lnk = C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe
O4 - Global Startup: KODAK Software Updater.lnk = C:\Program Files\Kodak\KODAK Software Updater\7288971\Program\Kodak Software Updater.exe
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Logiciel Kodak EasyShare.lnk = C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: Liens de téléchargement avec Mega Manager... - C:\Program Files\Megaupload\Mega Manager\mm_file.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: Bonjour - {7F9DB11C-E358-4ca6-A83D-ACC663939424} - C:\Program Files\Bonjour\ExplorerPlugin.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messager Wanadoo - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\PROGRA~1\WANADO~1\Wanadoo Messager.exe
O9 - Extra 'Tools' menuitem: Messager Wanadoo - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\PROGRA~1\WANADO~1\Wanadoo Messager.exe
O9 - Extra button: Groom - {66F83792-DAE1-4823-8F20-ADA94B33A4FF} - C:\Program Files\Toox\Groom\Groom.exe (HKCU)
O14 - IERESET.INF: START_PAGE_URL=file://C:\APPS\IE\offline\fr.htm
O16 - DPF: {029FDBA6-3547-11D7-AA4C-0050BF051A00} (Rawflow ICD Client) - http://s.tf1.fr/mmdia/static/rawflow/clients/5.3.1.0/Rawflow.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab
O16 - DPF: {45A0A292-ECC6-4D8F-9EA9-A4BD411D24C1} (king.com) - http://king.orange.fr/ctl/kingcomie.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://samouchka16.spaces.live.com//PhotoUpload/MsnPUpld.cab
O16 - DPF: {5308E02B-4ABA-48E4-AA9E-8A7693661473} (GameCtl Class) - http://jeuxenligne.orange.fr/GisActiveX/Ax/GameAx.cab
O16 - DPF: {5392B545-31A5-4724-BEF3-4FED1D56FDAC} (CPlayFirstDinerDash2_frControl Object) - file://C:\Documents and Settings\Sam\Local Settings\Application Data\Oberon Media\Oberon Games Host\DinerDash2_fr.1.0.0.70.cab
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.cab
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - https://bitdefender.solutions-antivirus.com/scan8/oscan8.cab
O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} (DivXBrowserPlugin Object) - http://download.divx.com/player/DivXBrowserPlugin.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/...
O16 - DPF: {7CCAD6DD-DD0B-440B-91FF-7670F5AADC21} (SpinTop Games Launcher) - http://jeuxentelechargement.orange.fr/online2/mystery_solitaire/SpinTopGamesLauncher.cab
O16 - DPF: {7E980B9B-8AE5-466A-B6D6-DA8CF814E78A} (MJLauncherCtrl Class) - http://jeuxenligne.orange.fr/gameshell/online/fr/luxor_amun_rising/mjolauncher.cab
O16 - DPF: {7FC1B346-83E6-4774-8D20-1A6B09B0E737} (Windows Live Photo Upload Control) - http://samouchka16.spaces.live.com/PhotoUpload/MsnPUpld.cab
O16 - DPF: {87AF076E-D86D-4E87-ADDD-F05804E1F150} (VirginMega DownloadManager) - https://www.virginmega.fr/DownloadManager/Release/Prod/DownMan.cab
O16 - DPF: {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} (Zylom Games Player) - http://game03.zylom.com/activex/zylomgamesplayer.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {C9E17F58-564C-41C6-989F-AB0FE0D2C9D1} - http://jeuxenligne.orange.fr/orange2.0/OnlineHSS/zuma/Popcap.cab
O16 - DPF: {CF40ACC5-E1BB-4AFF-AC72-04C2F616BCA7} (get_atlcom Class) - http://www.adobe.com/products/acrobat/nos/gp.cab
O16 - DPF: {D0C0F75C-683A-4390-A791-1ACFD5599AB8} (Oberon Flash Game Host) - http://jeuxmultijoueurs.orange.fr/Gameshell/GameHost/1.0/OberonGameHost.cab
O16 - DPF: {EF148DBB-5B6D-4130-B2A1-661571E86260} (Playtime Games Launcher) - http://jeuxentelechargement.orange.fr/online2/mahjong_escape_ancient/PTGameLauncher.cab
O16 - DPF: {F7EDBBEA-1AD2-4EBF-AA07-D453CC29EE65} (Flash Casino Helper Object) - https://casinoclassic.microgaming.com/casinoclassic/FlashAX2.cab
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Computer, Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: ProtexisLicensing - Unknown owner - C:\WINDOWS\system32\PSIService.exe
O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Fichiers communs\Ulead Systems\DVD\ULCDRSvr.exe
O23 - Service: USBDeviceService - Unknown owner - C:\Program Files\Sonic\DigitalMedia LE v7\MyDVD LE\USBDeviceService.exe
O23 - Service: WinTab Service (WinTabService) - Tablet Driver - C:\WINDOWS\system32\DRIVERS\WtSrv.exe
O23 - Service: X10 Device Network Service (x10nets) - X10 - C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe
0
Réponse 29 / 32
samantha16 Messages postés 131 Statut Membre 1
 
jfkpresident ? T'es pas passé aujourd'hui ? Oui je sais tu as une vie en dehors de ccm , lol , c'était pour faire remonté mon sujet .
0
Réponse 30 / 32
jimbob
 
salut!
si tu ne veux plus attrapper de virus, lis ceci:
https://www.figer.com/Publications/xpgroupes.htm
0
Réponse 31 / 32
jfkpresident Messages postés 13877 Statut Contributeur sécurité 1 175
 
coucou,

pour moi c'est bon .

dernier conseils(pour la route!):

je te conseille antivir a la place d'avast:https://www.malekal.com/avira-free-security-antivirus-gratuit/#mozTocId71944
pourquoi:http://forum.malekal.com/ftopic3528.php

puis:--Essaye le navigateur Firefox plus sur/sécurisé qu IE

-Téléchargement: http://www.mozilla-europe.org/fr/products/firefox/
-Tutorial pour le sécuriser: https://forum.zebulon.fr/topic/69628-s%C3%A9curiser-un-peu-plus-firefox/

garde explorer pour les mise a jour et les scan en ligne.

j'oubliais si tu désinstalle avast:https://www.avast.com/fr-fr/uninstall-utility

voila

@ jamais ++
0
Réponse 32 / 32
samantha16 Messages postés 131 Statut Membre 1
 
Merci de ton aide jfkpresident . Merci beaucoup . Et comme tu le dis j'éspère @jamais+ , lol , sinon ca voudra dire que j'ai de nouveau une infection .
0

Discussions similaires

Softonic,est-ce un virus ?
techmel1 -
techmel1 -

6 réponses
Désinstaller Softonic
Diguimette -
lilidurhone -

5 réponses
virus Artemis!
mabiche37 -
Malekal_morte- -

14 réponses
Message Apple virus !!
Souclik67 -
MPMP10 -

3 réponses