demande d'aide et desinfection Fermé

Question

Bonjour,
merci de me donner votre avis sur cette analyse


Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 09:36:36, on 25/02/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16608)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\Apps\ActivBoard\MMKeybd.exe
C:\Program Files\ScanSoft\OmniPageSE\opware32.exe
C:\Program Files\Virtual CD v4 SDK\system\vcsplay.exe
C:\Program Files\Google\Gmail Notifier\gnotify.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\MessengerPlus! 3\MsgPlus.exe
C:\Program Files\TechCity Solutions\AliceSAV\AliceAgent.exe
C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Musicmatch\Musicmatch Jukebox\mm_tray.exe
C:\Program Files\Musicmatch\Musicmatch Jukebox\mmtask.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Macrogaming\SweetIM\SweetIM.exe
C:\Program Files\Fichiers communs\Real\Update_OBealsched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\PROGRA~1\INCRED~1\bin\IMAppU.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Apps\ActivBoard
hksrv.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\WINDOWS\system32\DRIVERS\CDANTSRV.EXE
C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
C:\WINDOWS\system32\slserv.exe
C:\Apps\ActivBoard\TrayMon.exe
C:\Apps\ActivBoard\OSD.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Virtual CD v4 SDK\system\vcssecs.exe
C:\Program Files\Fichiers communs\BitDefender\BitDefender Communicator\xcommsvr.exe
C:\Program Files\Fichiers communs\BitDefender\BitDefender Update Service\livesrv.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Antipub\antipub.exe
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\Program Files\Lavasoft\Ad-Aware 2007\Ad-Aware2007.exe
C:\PROGRA~1\MOZILL~1\FIREFOX.EXE
C:\Documents and Settings\henri\Bureau\HiJackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://french.icrfast.com/index.php?rvs=hompag
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = https://portail.free.fr/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,First Home Page = https://support.microsoft.com/en-US/topic/internet-explorer-downloads-d49e1f0d-571c-9a7b-d97e-be248806ca70
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Alice ADSL
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = http=ZillaPopupKiller:8100
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: SweetIM For Internet Explorer - {BC4FFE41-DE9F-46fa-B455-AAD49B9F9938} - C:\Program Files\Macrogaming\SweetIMBarForIE	oolbar.dll
R3 - URLSearchHook: Multi Media France Toolbar - {7009fcd4-05be-44f4-9583-93fe419ab7b0} - C:\Program Files\Multi_Media_France	bMul1.dll
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: SWEETIE - {1A0AADCD-3A72-4b5f-900F-E3BB5A838E2A} - C:\PROGRA~1\MACROG~1\SWEETI~1	oolbar.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: EoRezoBHO - {64F56FC1-1272-44CD-BA6E-39723696E350} - C:\Program Files\EoRezo\EoAdv\EoRezoBHO.dll (file missing)
O2 - BHO: Multi Media France Toolbar - {7009fcd4-05be-44f4-9583-93fe419ab7b0} - C:\Program Files\Multi_Media_France	bMul1.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: (no name) - {7EDA7BDD-DC5B-EF9E-7434-DB1E5CFB8C98} - C:\DOCUME~1\henri\APPLIC~1\INSIDE~1\Tons Readme.exe (file missing)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: iFinger plugin / Browser helper object - {A114D52B-870C-4F15-8021-B6D7F91A054B} - C:\PROGRA~1\iFinger\plugins\IE.ifp
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar3.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.1.615.5858\swg.dll
O2 - BHO: Barre d'outils MSN Search Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Toolbar Suite\TB\02.05.0000.1105\fr-fr\msntb.dll
O3 - Toolbar: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: Barre d'outils MSN Search - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Toolbar Suite\TB\02.05.0000.1105\fr-fr\msntb.dll
O3 - Toolbar: SweetIM For Internet Explorer - {BC4FFE41-DE9F-46fa-B455-AAD49B9F9938} - C:\Program Files\Macrogaming\SweetIMBarForIE	oolbar.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar3.dll
O3 - Toolbar: Multi Media France Toolbar - {7009fcd4-05be-44f4-9583-93fe419ab7b0} - C:\Program Files\Multi_Media_France	bMul1.dll
O3 - Toolbar: BitDefender Toolbar - {381FFDE8-2394-4f90-B10D-FC6124A40F8C} - C:\Program Files\BitDefender\BitDefender 2008\IEToolbar.dll (file missing)
O4 - HKLM\..\Run: [EM_EXEC] C:\PROGRA~1\MOUSEW~1\SYSTEM\EM_EXEC.EXE
O4 - HKLM\..\Run: [ACTIVBOARD] C:\Apps\ActivBoard\MMKeybd.exe
O4 - HKLM\..\Run: [Omnipage] C:\Program Files\ScanSoft\OmniPageSE\opware32.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [VCSPlayer] "C:\Program Files\Virtual CD v4 SDK\system\vcsplay.exe"
O4 - HKLM\..\Run: [Windows DLL Host] C:\WINDOWS\system32\dllhost32.exe
O4 - HKLM\..\Run: [{0228e555-4f9c-4e35-a3ec-b109a192b4c2}] C:\Program Files\Google\Gmail Notifier\gnotify.exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [MessengerPlus3] "C:\Program Files\MessengerPlus! 3\MsgPlus.exe"
O4 - HKLM\..\Run: [AliceSAV] C:\Program Files\TechCity Solutions\AliceSAV\AliceAgent.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - HKLM\..\Run: [MMTray] "C:\Program Files\Musicmatch\Musicmatch Jukebox\mm_tray.exe"
O4 - HKLM\..\Run: [mmtask] "C:\Program Files\Musicmatch\Musicmatch Jukebox\mmtask.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OBealsched.exe"  -osboot
O4 - HKLM\..\Run: [RaZePub] C:\RAZEPUBazepub.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [BitDefender Antiphishing Helper] "C:\Program Files\BitDefender\BitDefender 2008\IEShow.exe"
O4 - HKLM\..\Run: [BDAgent] "C:\Program Files\BitDefender\BitDefender 2008\bdagent.exe"
O4 - HKCU\..\Run: [Update Service] "C:\Program Files\Fichiers communs\Teknum Systems\update.exe" /startup
O4 - HKCU\..\Run: [Zilla Popup Killer] C:\Program Files\Zilla Popup Killer\ZillaPop.exe
O4 - HKCU\..\Run: [NBJ] "C:\Program Files\Ahead\Nero BackItUp\NBJ.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [IncrediMail] C:\Program Files\IncrediMail\bin\IncMailU.exe /c
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: &MSN Search - res://C:\Program Files\MSN Toolbar Suite\TB\02.05.0000.1105\fr-fr\msntb.dll/search.htm
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: Ouvrir dans un nouvel onglet d'arrière-plan - res://C:\Program Files\MSN Toolbar Suite\TAB\02.05.0000.1105\fr-fr\msntabres.dll/229?d404d3ddb65e47cb91483a76ec4470cc
O8 - Extra context menu item: Ouvrir dans un nouvel onglet de premier plan - res://C:\Program Files\MSN Toolbar Suite\TAB\02.05.0000.1105\fr-fr\msntabres.dll/230?d404d3ddb65e47cb91483a76ec4470cc
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: Packard Bell - {1D49B7D4-524D-4ac9-BC34-B4822CAE4BB1} - C:\Apps\IECustom\script.htm
O9 - Extra button: iFinger - {936E5D60-596C-11D3-BB96-00600816DF55} - C:\WINDOWS\system32\SHDOCVW.DLL
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\System32\Shdocvw.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: Alice ADSL - {EC002B14-E391-4815-AC83-EC680A96766D} - https://portail.free.fr/ (file missing) (HKCU)
O15 - Trusted Zone: *.msn.com
O15 - Trusted Zone: *.passport.com
O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab31267.cab
O16 - DPF: {1754A1BA-A1DF-4F10-B199-AA55AA1A120F} (InstallerBehaviorFactory Class) - https://www.msn.com/fr-fr/
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://by103fd.bay103.hotmail.msn.com/resources/MsnPUpld.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/...
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://messenger.zone.msn.com/binary/ZIntro.cab47946.cab
O16 - DPF: {BD393C14-72AD-4790-A095-76522973D6B8} (CBreakshotControl Class) - http://messenger.zone.msn.com/binary/Bankshot.cab31267.cab
O16 - DPF: {F04A8AE2-A59D-11D2-8792-00C04F8EF29D} (Hotmail Attachments Control) - http://by103fd.bay103.hotmail.msn.com/activex/HMAtchmt.ocx
O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~4\GOEC62~1.DLL
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: C-DillaSrv - C-Dilla Ltd - C:\WINDOWS\system32\DRIVERS\CDANTSRV.EXE
O23 - Service: GoogleDesktopManager - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: BitDefender Desktop Update Service (LIVESRV) - BitDefender SRL - C:\Program Files\Fichiers communs\BitDefender\BitDefender Update Service\livesrv.exe
O23 - Service: Netropa NHK Server (nhksrv) - Unknown owner - C:\Apps\ActivBoard
hksrv.exe
O23 - Service: SmartLinkService (SLService) -   - C:\WINDOWS\SYSTEM32\slserv.exe
O23 - Service: Virtual CD v4 Security service (SDK - Version) (VCSSecS) - H+H Software GmbH - C:\Program Files\Virtual CD v4 SDK\system\vcssecs.exe
O23 - Service: BitDefender Communicator (XCOMM) - BitDefender - C:\Program Files\Fichiers communs\BitDefender\BitDefender Communicator\xcommsvr.exe

booddha · Answer

Télecharge lqfix ici:
LQfix
http://www.downloads.subratam.org/LQfix.zip
dezippe le, mais ne l'utilise pas tout de suite

Imprime, ou enregistre la manip dans un fichier txt (bloc notes) pour etre sur ne rien oublier et de tout faire dans l'ordre.

Déconnecte toi d'internet et ferme tout les programmes en cours.

 Redémarre en mode sans échec
Redemarre le pc, laisse passer l'écran du bios, puis tapote sur la touche F8 avant qu'apparaisse l'écran de chargement de windows.
Choisis le mode sans échec dans les options et valide avec entrée.

 Rend visible les fichiers cachés et systeme
panneau de configuration > options des dossiers > onglet affichage
Cocher la case devant " afficher les fichiers et dossiers cachés "
Décocher la case devant " masquer les extentions des fichiers dont le type est connu"
Décocher la case devant " masquer les fichiers protégés du système"
clic sur [Appliquer] puis sur [ok] pour valider


 Lance hijackthis et clic sur [do a system scan only]
cocher la case au début des lignes suivantes:

O4 - HKLM\..\Run: [Windows DLL Host] C:\WINDOWS\system32\dllhost32.exe

valider en cliquant sur le bouton [fix checked]


Supprimer les fichiers en suivant le chemin des fichiers infectés si possible, plutot que d'utiliser la fonction "Rechercher"

S'ils sont présents, supprime:

C:\WINDOWS\system32\dllhost32.exe

-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_


:: Supprimer les fichiers temporaires ::

Manuellement:

vider tout le contenu des dossiers Temp:

* C:\Documents and Settings	on compte\Local Settings\Temp
* C:\Documents and Settings	ous les autres comptes\Local Settings\Temp
* C:\Windows\Temp

:: Le contenu du dossier prefetch ::

* C:\WINDOWS\Prefetch <= sauf le fichier layout.ini


 Vide le cache de tous tes navigateurs et supprime les cookies:

Pour Internet Explorer:
* Panneau de configuration >> Options internet >> Onglet "Général"
- Clic sur [supprimer les cookies]
- Clic sur [Supprimer les fichiers] et coche la case "Supprimer tout le contenu hors connexion"
Valide avec ok


lance lqfix.bat


redemarre le pc et reposte un hijack

booddha · Answer

2 icones sont apparues sur le bureau :desktop.ini et backups j'en fait quoi ?
===========
Poubelle

• Imprime la procédure suivante et execute la à la lettre.
• Télécharge les deux outils suivants :
VundoFix.exe ici http://www.atribune.org/ccount/click.php?id=4
VirtumundoBeGone.exe ici http://secured2k.home.comcast.net/tools/VirtumundoBeGone.exe

Utiliser VundoFix (de Atribune)
• Mettre le fichier VundoFix.exe sur le Bureau Windows.
• Fermer tous les programmes car il va y avoir arrêt du PC.
• double clic sur VundoFix.exe
(les droits administratifs sont nécéssaires sinon les accès dont à besoin VundoFix.exe lui seront refusés)
• Click sur le bouton Scan for Vundo
• Click sur le bouton Remove Vundo lorsque le balayage (scan) est terminé,
• Click sur Yes sur l'invite de demande de suppression de fichiers s'il y a infection,
Le Bureau va disparaître un moment lors de la suppression des fichiers
Une fenêtre annonce que le PC va redémarrer:
• Click sur OK

</ital>Note:
Il est possible que VundoFix soit confronté à un fichier qu'il ne peut supprimer.
Si tel est le cas, l'outil se lancera au prochain redémarrage.
Il faut simplement suivre les instructions ci-dessus, à partir de : Click sur le bouton Scan for Vundo</ital>.

Utiliser VirtumundoBegone (de secured2k)
• Mettre le fichier VirtumundoBeGone.exe sur le Bureau Windows.
• Fermer toutes les fenêtres, tous les programmes, pas de connexion ouverte: il va y avoir redémarrage du PC.
• Double clic sur VirtumundoBeGone.exe
• Suivre les instructions (Click sur Run si demandé, Click sur Start, puis Click sur Yes).
Lorsque l'outil a terminé, redémarrer.

Ne pas s'inquiéter s'il y a un message "Erreur fatale" avec Ecran bleu (BSOD), c'est normal et attendu.
Redémarrer.

Relance la machine et reposte un rapport hitjackthis celui-ci étant seul à tourner sur la machine.

nicolehenri · Answer

salut 
je ne sais pas si virtumondo a fonctionné
voici l'ecran


[03/03/2008, 9:32:20] - VirtumundoBeGone v1.5 ( "C:\Documents and Settings\henri\Bureau\VirtumundoBeGone.exe" )
[03/03/2008, 9:32:22] - Detected System Information:
[03/03/2008, 9:32:22] -  Windows Version: 5.1.2600, Service Pack 2
[03/03/2008, 9:32:22] -  Current Username: henri (Admin)
[03/03/2008, 9:32:22] -  Windows is in NORMAL mode.
[03/03/2008, 9:32:22] - Searching for Browser Helper Objects:
[03/03/2008, 9:32:22] -  BHO 1: {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} (Aide pour le lien d'Adobe PDF Reader)
[03/03/2008, 9:32:22] -  BHO 2: {1A0AADCD-3A72-4b5f-900F-E3BB5A838E2A} (SWEETIE Class)
[03/03/2008, 9:32:22] -  BHO 3: {53707962-6F74-2D53-2644-206D7942484F} ()
[03/03/2008, 9:32:22] - WARNING: BHO has no default name. Checking for Winlogon reference.
[03/03/2008, 9:32:22] -  Checking for HKLM\...\Winlogon\Notify\SDHelper
[03/03/2008, 9:32:22] -  Key not found: HKLM\...\Winlogon\Notify\SDHelper, continuing.
[03/03/2008, 9:32:22] -  BHO 4: {64F56FC1-1272-44CD-BA6E-39723696E350} (EoBho Class)
[03/03/2008, 9:32:22] -  BHO 5: {7009fcd4-05be-44f4-9583-93fe419ab7b0} (Multi Media France Toolbar)
[03/03/2008, 9:32:22] -  BHO 6: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} (SSVHelper Class)
[03/03/2008, 9:32:22] -  BHO 7: {7E853D72-626A-48EC-A868-BA8D5E23E045} ()
[03/03/2008, 9:32:22] - WARNING: BHO has no default name. Checking for Winlogon reference.
[03/03/2008, 9:32:22] -  No filename found. Continuing.
[03/03/2008, 9:32:22] -  BHO 8: {7EDA7BDD-DC5B-EF9E-7434-DB1E5CFB8C98} ()
[03/03/2008, 9:32:22] - WARNING: BHO has no default name. Checking for Winlogon reference.
[03/03/2008, 9:32:22] -  Checking for HKLM\...\Winlogon\Notify\Tons Readme
[03/03/2008, 9:32:22] -  Key not found: HKLM\...\Winlogon\Notify\Tons Readme, continuing.
[03/03/2008, 9:32:22] -  BHO 9: {9030D464-4C02-4ABF-8ECC-5164760863C6} (Windows Live Sign-in Helper)
[03/03/2008, 9:32:22] -  BHO 10: {A114D52B-870C-4F15-8021-B6D7F91A054B} (iFinger plugin / Browser helper object)
[03/03/2008, 9:32:23] -  BHO 11: {AA58ED58-01DD-4d91-8333-CF10577473F7} (Google Toolbar Helper)
[03/03/2008, 9:32:23] -  BHO 12: {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} (Google Toolbar Notifier BHO)
[03/03/2008, 9:32:23] -  BHO 13: {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} (Barre d'outils MSN Search Helper)
[03/03/2008, 9:32:23] - Finished Searching Browser Helper Objects
[03/03/2008, 9:32:23] - Finishing up...
[03/03/2008, 9:32:23] - Nothing found! Exiting...

[03/03/2008, 9:34:38] - VirtumundoBeGone v1.5 ( "C:\Documents and Settings\henri\Bureau\VirtumundoBeGone.exe" )
[03/03/2008, 9:34:56] - Detected System Information:
[03/03/2008, 9:34:56] -  Windows Version: 5.1.2600, Service Pack 2
[03/03/2008, 9:34:56] -  Current Username: henri (Admin)
[03/03/2008, 9:34:56] -  Windows is in NORMAL mode.
[03/03/2008, 9:34:56] - Searching for Browser Helper Objects:
[03/03/2008, 9:34:56] -  BHO 1: {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} (Aide pour le lien d'Adobe PDF Reader)
[03/03/2008, 9:34:56] -  BHO 2: {1A0AADCD-3A72-4b5f-900F-E3BB5A838E2A} (SWEETIE Class)
[03/03/2008, 9:34:56] -  BHO 3: {53707962-6F74-2D53-2644-206D7942484F} ()
[03/03/2008, 9:34:56] - WARNING: BHO has no default name. Checking for Winlogon reference.
[03/03/2008, 9:34:56] -  Checking for HKLM\...\Winlogon\Notify\SDHelper
[03/03/2008, 9:34:56] -  Key not found: HKLM\...\Winlogon\Notify\SDHelper, continuing.
[03/03/2008, 9:34:56] -  BHO 4: {64F56FC1-1272-44CD-BA6E-39723696E350} (EoBho Class)
[03/03/2008, 9:34:56] -  BHO 5: {7009fcd4-05be-44f4-9583-93fe419ab7b0} (Multi Media France Toolbar)
[03/03/2008, 9:34:56] -  BHO 6: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} (SSVHelper Class)
[03/03/2008, 9:34:56] -  BHO 7: {7E853D72-626A-48EC-A868-BA8D5E23E045} ()
[03/03/2008, 9:34:56] - WARNING: BHO has no default name. Checking for Winlogon reference.
[03/03/2008, 9:34:56] -  No filename found. Continuing.
[03/03/2008, 9:34:56] -  BHO 8: {7EDA7BDD-DC5B-EF9E-7434-DB1E5CFB8C98} ()
[03/03/2008, 9:34:56] - WARNING: BHO has no default name. Checking for Winlogon reference.
[03/03/2008, 9:34:56] -  Checking for HKLM\...\Winlogon\Notify\Tons Readme
[03/03/2008, 9:34:56] -  Key not found: HKLM\...\Winlogon\Notify\Tons Readme, continuing.
[03/03/2008, 9:34:56] -  BHO 9: {9030D464-4C02-4ABF-8ECC-5164760863C6} (Windows Live Sign-in Helper)
[03/03/2008, 9:34:56] -  BHO 10: {A114D52B-870C-4F15-8021-B6D7F91A054B} (iFinger plugin / Browser helper object)
[03/03/2008, 9:34:56] -  BHO 11: {AA58ED58-01DD-4d91-8333-CF10577473F7} (Google Toolbar Helper)
[03/03/2008, 9:34:56] -  BHO 12: {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} (Google Toolbar Notifier BHO)
[03/03/2008, 9:34:56] -  BHO 13: {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} (Barre d'outils MSN Search Helper)
[03/03/2008, 9:34:56] - Finished Searching Browser Helper Objects
[03/03/2008, 9:34:56] - Finishing up...
[03/03/2008, 9:34:56] - Nothing found! Exiting...

[03/03/2008, 9:35:21] - VirtumundoBeGone v1.5 ( "C:\Documents and Settings\henri\Bureau\VirtumundoBeGone.exe" )
[03/03/2008, 9:35:22] - User choose NOT to continue. Exiting...

[03/03/2008, 9:35:58] - VirtumundoBeGone v1.5 ( "C:\Documents and Settings\henri\Bureau\VirtumundoBeGone.exe" )
[03/03/2008, 9:36:08] - Detected System Information:
[03/03/2008, 9:36:08] -  Windows Version: 5.1.2600, Service Pack 2
[03/03/2008, 9:36:08] -  Current Username: henri (Admin)
[03/03/2008, 9:36:08] -  Windows is in NORMAL mode.
[03/03/2008, 9:36:08] - Searching for Browser Helper Objects:
[03/03/2008, 9:36:08] -  BHO 1: {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} (Aide pour le lien d'Adobe PDF Reader)
[03/03/2008, 9:36:08] -  BHO 2: {1A0AADCD-3A72-4b5f-900F-E3BB5A838E2A} (SWEETIE Class)
[03/03/2008, 9:36:08] -  BHO 3: {53707962-6F74-2D53-2644-206D7942484F} ()
[03/03/2008, 9:36:08] - WARNING: BHO has no default name. Checking for Winlogon reference.
[03/03/2008, 9:36:08] -  Checking for HKLM\...\Winlogon\Notify\SDHelper
[03/03/2008, 9:36:08] -  Key not found: HKLM\...\Winlogon\Notify\SDHelper, continuing.
[03/03/2008, 9:36:08] -  BHO 4: {64F56FC1-1272-44CD-BA6E-39723696E350} (EoBho Class)
[03/03/2008, 9:36:08] -  BHO 5: {7009fcd4-05be-44f4-9583-93fe419ab7b0} (Multi Media France Toolbar)
[03/03/2008, 9:36:08] -  BHO 6: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} (SSVHelper Class)
[03/03/2008, 9:36:08] -  BHO 7: {7E853D72-626A-48EC-A868-BA8D5E23E045} ()
[03/03/2008, 9:36:08] - WARNING: BHO has no default name. Checking for Winlogon reference.
[03/03/2008, 9:36:08] -  No filename found. Continuing.
[03/03/2008, 9:36:08] -  BHO 8: {7EDA7BDD-DC5B-EF9E-7434-DB1E5CFB8C98} ()
[03/03/2008, 9:36:08] - WARNING: BHO has no default name. Checking for Winlogon reference.
[03/03/2008, 9:36:08] -  Checking for HKLM\...\Winlogon\Notify\Tons Readme
[03/03/2008, 9:36:08] -  Key not found: HKLM\...\Winlogon\Notify\Tons Readme, continuing.
[03/03/2008, 9:36:08] -  BHO 9: {9030D464-4C02-4ABF-8ECC-5164760863C6} (Windows Live Sign-in Helper)
[03/03/2008, 9:36:08] -  BHO 10: {A114D52B-870C-4F15-8021-B6D7F91A054B} (iFinger plugin / Browser helper object)
[03/03/2008, 9:36:08] -  BHO 11: {AA58ED58-01DD-4d91-8333-CF10577473F7} (Google Toolbar Helper)
[03/03/2008, 9:36:08] -  BHO 12: {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} (Google Toolbar Notifier BHO)
[03/03/2008, 9:36:08] -  BHO 13: {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} (Barre d'outils MSN Search Helper)
[03/03/2008, 9:36:08] - Finished Searching Browser Helper Objects
[03/03/2008, 9:36:08] - Finishing up...
[03/03/2008, 9:36:08] - Nothing found! Exiting...

[03/03/2008, 9:37:23] - VirtumundoBeGone v1.5 ( "C:\Documents and Settings\henri\Bureau\VirtumundoBeGone.exe" )
[03/03/2008, 9:37:24] - Detected System Information:
[03/03/2008, 9:37:24] -  Windows Version: 5.1.2600, Service Pack 2
[03/03/2008, 9:37:25] -  Current Username: henri (Admin)
[03/03/2008, 9:37:25] -  Windows is in NORMAL mode.
[03/03/2008, 9:37:25] - Searching for Browser Helper Objects:
[03/03/2008, 9:37:25] -  BHO 1: {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} (Aide pour le lien d'Adobe PDF Reader)
[03/03/2008, 9:37:25] -  BHO 2: {1A0AADCD-3A72-4b5f-900F-E3BB5A838E2A} (SWEETIE Class)
[03/03/2008, 9:37:25] -  BHO 3: {53707962-6F74-2D53-2644-206D7942484F} ()
[03/03/2008, 9:37:25] - WARNING: BHO has no default name. Checking for Winlogon reference.
[03/03/2008, 9:37:25] -  Checking for HKLM\...\Winlogon\Notify\SDHelper
[03/03/2008, 9:37:25] -  Key not found: HKLM\...\Winlogon\Notify\SDHelper, continuing.
[03/03/2008, 9:37:25] -  BHO 4: {64F56FC1-1272-44CD-BA6E-39723696E350} (EoBho Class)
[03/03/2008, 9:37:25] -  BHO 5: {7009fcd4-05be-44f4-9583-93fe419ab7b0} (Multi Media France Toolbar)
[03/03/2008, 9:37:25] -  BHO 6: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} (SSVHelper Class)
[03/03/2008, 9:37:25] -  BHO 7: {7E853D72-626A-48EC-A868-BA8D5E23E045} ()
[03/03/2008, 9:37:25] - WARNING: BHO has no default name. Checking for Winlogon reference.
[03/03/2008, 9:37:25] -  No filename found. Continuing.
[03/03/2008, 9:37:25] -  BHO 8: {7EDA7BDD-DC5B-EF9E-7434-DB1E5CFB8C98} ()
[03/03/2008, 9:37:26] - WARNING: BHO has no default name. Checking for Winlogon reference.
[03/03/2008, 9:37:26] -  Checking for HKLM\...\Winlogon\Notify\Tons Readme
[03/03/2008, 9:37:26] -  Key not found: HKLM\...\Winlogon\Notify\Tons Readme, continuing.
[03/03/2008, 9:37:26] -  BHO 9: {9030D464-4C02-4ABF-8ECC-5164760863C6} (Windows Live Sign-in Helper)
[03/03/2008, 9:37:26] -  BHO 10: {A114D52B-870C-4F15-8021-B6D7F91A054B} (iFinger plugin / Browser helper object)
[03/03/2008, 9:37:26] -  BHO 11: {AA58ED58-01DD-4d91-8333-CF10577473F7} (Google Toolbar Helper)
[03/03/2008, 9:37:26] -  BHO 12: {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} (Google Toolbar Notifier BHO)
[03/03/2008, 9:37:26] -  BHO 13: {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} (Barre d'outils MSN Search Helper)
[03/03/2008, 9:37:26] - Finished Searching Browser Helper Objects
[03/03/2008, 9:37:26] - Finishing up...
[03/03/2008, 9:37:26] - Nothing found! Exiting...
apres ca j'ai arrété et redemaré il n'y a pas eu d'ecran bleu et de message d'erreur
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 09:58:52, on 03/03/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16608)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Apps\ActivBoard\MMKeybd.exe
C:\Program Files\ScanSoft\OmniPageSE\opware32.exe
C:\Program Files\Virtual CD v4 SDK\system\vcsplay.exe
C:\Program Files\Google\Gmail Notifier\gnotify.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\MessengerPlus! 3\MsgPlus.exe
C:\Program Files\TechCity Solutions\AliceSAV\AliceAgent.exe
C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Program Files\Musicmatch\Musicmatch Jukebox\mm_tray.exe
C:\Program Files\Musicmatch\Musicmatch Jukebox\mmtask.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Fichiers communs\Real\Update_OBealsched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Antipub\antipub.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\PROGRA~1\INCRED~1\bin\IMAppU.exe
C:\Apps\ActivBoard\TrayMon.exe
C:\Apps\ActivBoard\OSD.exe
C:\Apps\ActivBoard
hksrv.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\WINDOWS\system32\DRIVERS\CDANTSRV.EXE
C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
C:\WINDOWS\system32\slserv.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Virtual CD v4 SDK\system\vcssecs.exe
C:\Program Files\Fichiers communs\BitDefender\BitDefender Communicator\xcommsvr.exe
C:\Program Files\Fichiers communs\BitDefender\BitDefender Update Service\livesrv.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\PROGRA~1\MOZILL~1\FIREFOX.EXE
C:\Documents and Settings\henri\Bureau\HiJackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://french.icrfast.com/index.php?rvs=hompag
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = https://portail.free.fr/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,First Home Page = https://support.microsoft.com/en-US/topic/internet-explorer-downloads-d49e1f0d-571c-9a7b-d97e-be248806ca70
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Alice ADSL
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = http=ZillaPopupKiller:8100
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: SweetIM For Internet Explorer - {BC4FFE41-DE9F-46fa-B455-AAD49B9F9938} - C:\Program Files\Macrogaming\SweetIMBarForIE	oolbar.dll
R3 - URLSearchHook: Multi Media France Toolbar - {7009fcd4-05be-44f4-9583-93fe419ab7b0} - C:\Program Files\Multi_Media_France	bMul1.dll
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: SWEETIE - {1A0AADCD-3A72-4b5f-900F-E3BB5A838E2A} - C:\PROGRA~1\MACROG~1\SWEETI~1	oolbar.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: EoRezoBHO - {64F56FC1-1272-44CD-BA6E-39723696E350} - C:\Program Files\EoRezo\EoAdv\EoRezoBHO.dll (file missing)
O2 - BHO: Multi Media France Toolbar - {7009fcd4-05be-44f4-9583-93fe419ab7b0} - C:\Program Files\Multi_Media_France	bMul1.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: (no name) - {7EDA7BDD-DC5B-EF9E-7434-DB1E5CFB8C98} - C:\DOCUME~1\henri\APPLIC~1\INSIDE~1\Tons Readme.exe (file missing)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: iFinger plugin / Browser helper object - {A114D52B-870C-4F15-8021-B6D7F91A054B} - C:\PROGRA~1\iFinger\plugins\IE.ifp
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar3.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.1.615.5858\swg.dll
O2 - BHO: Barre d'outils MSN Search Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Toolbar Suite\TB\02.05.0000.1105\fr-fr\msntb.dll
O3 - Toolbar: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: Barre d'outils MSN Search - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Toolbar Suite\TB\02.05.0000.1105\fr-fr\msntb.dll
O3 - Toolbar: SweetIM For Internet Explorer - {BC4FFE41-DE9F-46fa-B455-AAD49B9F9938} - C:\Program Files\Macrogaming\SweetIMBarForIE	oolbar.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar3.dll
O3 - Toolbar: Multi Media France Toolbar - {7009fcd4-05be-44f4-9583-93fe419ab7b0} - C:\Program Files\Multi_Media_France	bMul1.dll
O4 - HKLM\..\Run: [EM_EXEC] C:\PROGRA~1\MOUSEW~1\SYSTEM\EM_EXEC.EXE
O4 - HKLM\..\Run: [ACTIVBOARD] C:\Apps\ActivBoard\MMKeybd.exe
O4 - HKLM\..\Run: [Omnipage] C:\Program Files\ScanSoft\OmniPageSE\opware32.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [VCSPlayer] "C:\Program Files\Virtual CD v4 SDK\system\vcsplay.exe"
O4 - HKLM\..\Run: [{0228e555-4f9c-4e35-a3ec-b109a192b4c2}] C:\Program Files\Google\Gmail Notifier\gnotify.exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [MessengerPlus3] "C:\Program Files\MessengerPlus! 3\MsgPlus.exe"
O4 - HKLM\..\Run: [AliceSAV] C:\Program Files\TechCity Solutions\AliceSAV\AliceAgent.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - HKLM\..\Run: [MMTray] "C:\Program Files\Musicmatch\Musicmatch Jukebox\mm_tray.exe"
O4 - HKLM\..\Run: [mmtask] "C:\Program Files\Musicmatch\Musicmatch Jukebox\mmtask.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OBealsched.exe"  -osboot
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [BDAgent] "C:\Program Files\BitDefender\BitDefender 2008\bdagent.exe"
O4 - HKCU\..\Run: [Update Service] "C:\Program Files\Fichiers communs\Teknum Systems\update.exe" /startup
O4 - HKCU\..\Run: [Zilla Popup Killer] C:\Program Files\Zilla Popup Killer\ZillaPop.exe
O4 - HKCU\..\Run: [NBJ] "C:\Program Files\Ahead\Nero BackItUp\NBJ.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [IncrediMail] C:\Program Files\IncrediMail\bin\IncMailU.exe /c
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O4 - Startup: Anti-Pub.lnk = C:\Program Files\Antipub\antipub.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: &MSN Search - res://C:\Program Files\MSN Toolbar Suite\TB\02.05.0000.1105\fr-fr\msntb.dll/search.htm
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: Ouvrir dans un nouvel onglet d'arrière-plan - res://C:\Program Files\MSN Toolbar Suite\TAB\02.05.0000.1105\fr-fr\msntabres.dll/229?d404d3ddb65e47cb91483a76ec4470cc
O8 - Extra context menu item: Ouvrir dans un nouvel onglet de premier plan - res://C:\Program Files\MSN Toolbar Suite\TAB\02.05.0000.1105\fr-fr\msntabres.dll/230?d404d3ddb65e47cb91483a76ec4470cc
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: Packard Bell - {1D49B7D4-524D-4ac9-BC34-B4822CAE4BB1} - C:\Apps\IECustom\script.htm
O9 - Extra button: iFinger - {936E5D60-596C-11D3-BB96-00600816DF55} - C:\WINDOWS\system32\SHDOCVW.DLL
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\System32\Shdocvw.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: Alice ADSL - {EC002B14-E391-4815-AC83-EC680A96766D} - https://portail.free.fr/ (file missing) (HKCU)
O15 - Trusted Zone: *.msn.com
O15 - Trusted Zone: *.passport.com
O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab31267.cab
O16 - DPF: {1754A1BA-A1DF-4F10-B199-AA55AA1A120F} (InstallerBehaviorFactory Class) - https://www.msn.com/fr-fr/
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://by103fd.bay103.hotmail.msn.com/resources/MsnPUpld.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/...
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://messenger.zone.msn.com/binary/ZIntro.cab47946.cab
O16 - DPF: {BD393C14-72AD-4790-A095-76522973D6B8} (CBreakshotControl Class) - http://messenger.zone.msn.com/binary/Bankshot.cab31267.cab
O16 - DPF: {F04A8AE2-A59D-11D2-8792-00C04F8EF29D} (Hotmail Attachments Control) - http://by103fd.bay103.hotmail.msn.com/activex/HMAtchmt.ocx
O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~4\GOEC62~1.DLL
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: C-DillaSrv - C-Dilla Ltd - C:\WINDOWS\system32\DRIVERS\CDANTSRV.EXE
O23 - Service: GoogleDesktopManager - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: BitDefender Desktop Update Service (LIVESRV) - BitDefender SRL - C:\Program Files\Fichiers communs\BitDefender\BitDefender Update Service\livesrv.exe
O23 - Service: Netropa NHK Server (nhksrv) - Unknown owner - C:\Apps\ActivBoard
hksrv.exe
O23 - Service: SmartLinkService (SLService) -   - C:\WINDOWS\SYSTEM32\slserv.exe
O23 - Service: Virtual CD v4 Security service (SDK - Version) (VCSSecS) - H+H Software GmbH - C:\Program Files\Virtual CD v4 SDK\system\vcssecs.exe
O23 - Service: BitDefender Communicator (XCOMM) - BitDefender - C:\Program Files\Fichiers communs\BitDefender\BitDefender Communicator\xcommsvr.exe

nicolehenri · Answer

salut
je ne sais pas si virtumondo a fonctionné
voici l'ecran


[03/03/2008, 9:32:20] - VirtumundoBeGone v1.5 ( "C:\Documents and Settings\henri\Bureau\VirtumundoBeGone.exe" )
[03/03/2008, 9:32:22] - Detected System Information:
[03/03/2008, 9:32:22] - Windows Version: 5.1.2600, Service Pack 2
[03/03/2008, 9:32:22] - Current Username: henri (Admin)
[03/03/2008, 9:32:22] - Windows is in NORMAL mode.
[03/03/2008, 9:32:22] - Searching for Browser Helper Objects:
[03/03/2008, 9:32:22] - BHO 1: {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} (Aide pour le lien d'Adobe PDF Reader)
[03/03/2008, 9:32:22] - BHO 2: {1A0AADCD-3A72-4b5f-900F-E3BB5A838E2A} (SWEETIE Class)
[03/03/2008, 9:32:22] - BHO 3: {53707962-6F74-2D53-2644-206D7942484F} ()
[03/03/2008, 9:32:22] - WARNING: BHO has no default name. Checking for Winlogon reference.
[03/03/2008, 9:32:22] - Checking for HKLM\...\Winlogon\Notify\SDHelper
[03/03/2008, 9:32:22] - Key not found: HKLM\...\Winlogon\Notify\SDHelper, continuing.
[03/03/2008, 9:32:22] - BHO 4: {64F56FC1-1272-44CD-BA6E-39723696E350} (EoBho Class)
[03/03/2008, 9:32:22] - BHO 5: {7009fcd4-05be-44f4-9583-93fe419ab7b0} (Multi Media France Toolbar)
[03/03/2008, 9:32:22] - BHO 6: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} (SSVHelper Class)
[03/03/2008, 9:32:22] - BHO 7: {7E853D72-626A-48EC-A868-BA8D5E23E045} ()
[03/03/2008, 9:32:22] - WARNING: BHO has no default name. Checking for Winlogon reference.
[03/03/2008, 9:32:22] - No filename found. Continuing.
[03/03/2008, 9:32:22] - BHO 8: {7EDA7BDD-DC5B-EF9E-7434-DB1E5CFB8C98} ()
[03/03/2008, 9:32:22] - WARNING: BHO has no default name. Checking for Winlogon reference.
[03/03/2008, 9:32:22] - Checking for HKLM\...\Winlogon\Notify\Tons Readme
[03/03/2008, 9:32:22] - Key not found: HKLM\...\Winlogon\Notify\Tons Readme, continuing.
[03/03/2008, 9:32:22] - BHO 9: {9030D464-4C02-4ABF-8ECC-5164760863C6} (Windows Live Sign-in Helper)
[03/03/2008, 9:32:22] - BHO 10: {A114D52B-870C-4F15-8021-B6D7F91A054B} (iFinger plugin / Browser helper object)
[03/03/2008, 9:32:23] - BHO 11: {AA58ED58-01DD-4d91-8333-CF10577473F7} (Google Toolbar Helper)
[03/03/2008, 9:32:23] - BHO 12: {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} (Google Toolbar Notifier BHO)
[03/03/2008, 9:32:23] - BHO 13: {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} (Barre d'outils MSN Search Helper)
[03/03/2008, 9:32:23] - Finished Searching Browser Helper Objects
[03/03/2008, 9:32:23] - Finishing up...
[03/03/2008, 9:32:23] - Nothing found! Exiting...

[03/03/2008, 9:34:38] - VirtumundoBeGone v1.5 ( "C:\Documents and Settings\henri\Bureau\VirtumundoBeGone.exe" )
[03/03/2008, 9:34:56] - Detected System Information:
[03/03/2008, 9:34:56] - Windows Version: 5.1.2600, Service Pack 2
[03/03/2008, 9:34:56] - Current Username: henri (Admin)
[03/03/2008, 9:34:56] - Windows is in NORMAL mode.
[03/03/2008, 9:34:56] - Searching for Browser Helper Objects:
[03/03/2008, 9:34:56] - BHO 1: {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} (Aide pour le lien d'Adobe PDF Reader)
[03/03/2008, 9:34:56] - BHO 2: {1A0AADCD-3A72-4b5f-900F-E3BB5A838E2A} (SWEETIE Class)
[03/03/2008, 9:34:56] - BHO 3: {53707962-6F74-2D53-2644-206D7942484F} ()
[03/03/2008, 9:34:56] - WARNING: BHO has no default name. Checking for Winlogon reference.
[03/03/2008, 9:34:56] - Checking for HKLM\...\Winlogon\Notify\SDHelper
[03/03/2008, 9:34:56] - Key not found: HKLM\...\Winlogon\Notify\SDHelper, continuing.
[03/03/2008, 9:34:56] - BHO 4: {64F56FC1-1272-44CD-BA6E-39723696E350} (EoBho Class)
[03/03/2008, 9:34:56] - BHO 5: {7009fcd4-05be-44f4-9583-93fe419ab7b0} (Multi Media France Toolbar)
[03/03/2008, 9:34:56] - BHO 6: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} (SSVHelper Class)
[03/03/2008, 9:34:56] - BHO 7: {7E853D72-626A-48EC-A868-BA8D5E23E045} ()
[03/03/2008, 9:34:56] - WARNING: BHO has no default name. Checking for Winlogon reference.
[03/03/2008, 9:34:56] - No filename found. Continuing.
[03/03/2008, 9:34:56] - BHO 8: {7EDA7BDD-DC5B-EF9E-7434-DB1E5CFB8C98} ()
[03/03/2008, 9:34:56] - WARNING: BHO has no default name. Checking for Winlogon reference.
[03/03/2008, 9:34:56] - Checking for HKLM\...\Winlogon\Notify\Tons Readme
[03/03/2008, 9:34:56] - Key not found: HKLM\...\Winlogon\Notify\Tons Readme, continuing.
[03/03/2008, 9:34:56] - BHO 9: {9030D464-4C02-4ABF-8ECC-5164760863C6} (Windows Live Sign-in Helper)
[03/03/2008, 9:34:56] - BHO 10: {A114D52B-870C-4F15-8021-B6D7F91A054B} (iFinger plugin / Browser helper object)
[03/03/2008, 9:34:56] - BHO 11: {AA58ED58-01DD-4d91-8333-CF10577473F7} (Google Toolbar Helper)
[03/03/2008, 9:34:56] - BHO 12: {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} (Google Toolbar Notifier BHO)
[03/03/2008, 9:34:56] - BHO 13: {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} (Barre d'outils MSN Search Helper)
[03/03/2008, 9:34:56] - Finished Searching Browser Helper Objects
[03/03/2008, 9:34:56] - Finishing up...
[03/03/2008, 9:34:56] - Nothing found! Exiting...

[03/03/2008, 9:35:21] - VirtumundoBeGone v1.5 ( "C:\Documents and Settings\henri\Bureau\VirtumundoBeGone.exe" )
[03/03/2008, 9:35:22] - User choose NOT to continue. Exiting...

[03/03/2008, 9:35:58] - VirtumundoBeGone v1.5 ( "C:\Documents and Settings\henri\Bureau\VirtumundoBeGone.exe" )
[03/03/2008, 9:36:08] - Detected System Information:
[03/03/2008, 9:36:08] - Windows Version: 5.1.2600, Service Pack 2
[03/03/2008, 9:36:08] - Current Username: henri (Admin)
[03/03/2008, 9:36:08] - Windows is in NORMAL mode.
[03/03/2008, 9:36:08] - Searching for Browser Helper Objects:
[03/03/2008, 9:36:08] - BHO 1: {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} (Aide pour le lien d'Adobe PDF Reader)
[03/03/2008, 9:36:08] - BHO 2: {1A0AADCD-3A72-4b5f-900F-E3BB5A838E2A} (SWEETIE Class)
[03/03/2008, 9:36:08] - BHO 3: {53707962-6F74-2D53-2644-206D7942484F} ()
[03/03/2008, 9:36:08] - WARNING: BHO has no default name. Checking for Winlogon reference.
[03/03/2008, 9:36:08] - Checking for HKLM\...\Winlogon\Notify\SDHelper
[03/03/2008, 9:36:08] - Key not found: HKLM\...\Winlogon\Notify\SDHelper, continuing.
[03/03/2008, 9:36:08] - BHO 4: {64F56FC1-1272-44CD-BA6E-39723696E350} (EoBho Class)
[03/03/2008, 9:36:08] - BHO 5: {7009fcd4-05be-44f4-9583-93fe419ab7b0} (Multi Media France Toolbar)
[03/03/2008, 9:36:08] - BHO 6: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} (SSVHelper Class)
[03/03/2008, 9:36:08] - BHO 7: {7E853D72-626A-48EC-A868-BA8D5E23E045} ()
[03/03/2008, 9:36:08] - WARNING: BHO has no default name. Checking for Winlogon reference.
[03/03/2008, 9:36:08] - No filename found. Continuing.
[03/03/2008, 9:36:08] - BHO 8: {7EDA7BDD-DC5B-EF9E-7434-DB1E5CFB8C98} ()
[03/03/2008, 9:36:08] - WARNING: BHO has no default name. Checking for Winlogon reference.
[03/03/2008, 9:36:08] - Checking for HKLM\...\Winlogon\Notify\Tons Readme
[03/03/2008, 9:36:08] - Key not found: HKLM\...\Winlogon\Notify\Tons Readme, continuing.
[03/03/2008, 9:36:08] - BHO 9: {9030D464-4C02-4ABF-8ECC-5164760863C6} (Windows Live Sign-in Helper)
[03/03/2008, 9:36:08] - BHO 10: {A114D52B-870C-4F15-8021-B6D7F91A054B} (iFinger plugin / Browser helper object)
[03/03/2008, 9:36:08] - BHO 11: {AA58ED58-01DD-4d91-8333-CF10577473F7} (Google Toolbar Helper)
[03/03/2008, 9:36:08] - BHO 12: {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} (Google Toolbar Notifier BHO)
[03/03/2008, 9:36:08] - BHO 13: {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} (Barre d'outils MSN Search Helper)
[03/03/2008, 9:36:08] - Finished Searching Browser Helper Objects
[03/03/2008, 9:36:08] - Finishing up...
[03/03/2008, 9:36:08] - Nothing found! Exiting...

[03/03/2008, 9:37:23] - VirtumundoBeGone v1.5 ( "C:\Documents and Settings\henri\Bureau\VirtumundoBeGone.exe" )
[03/03/2008, 9:37:24] - Detected System Information:
[03/03/2008, 9:37:24] - Windows Version: 5.1.2600, Service Pack 2
[03/03/2008, 9:37:25] - Current Username: henri (Admin)
[03/03/2008, 9:37:25] - Windows is in NORMAL mode.
[03/03/2008, 9:37:25] - Searching for Browser Helper Objects:
[03/03/2008, 9:37:25] - BHO 1: {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} (Aide pour le lien d'Adobe PDF Reader)
[03/03/2008, 9:37:25] - BHO 2: {1A0AADCD-3A72-4b5f-900F-E3BB5A838E2A} (SWEETIE Class)
[03/03/2008, 9:37:25] - BHO 3: {53707962-6F74-2D53-2644-206D7942484F} ()
[03/03/2008, 9:37:25] - WARNING: BHO has no default name. Checking for Winlogon reference.
[03/03/2008, 9:37:25] - Checking for HKLM\...\Winlogon\Notify\SDHelper
[03/03/2008, 9:37:25] - Key not found: HKLM\...\Winlogon\Notify\SDHelper, continuing.
[03/03/2008, 9:37:25] - BHO 4: {64F56FC1-1272-44CD-BA6E-39723696E350} (EoBho Class)
[03/03/2008, 9:37:25] - BHO 5: {7009fcd4-05be-44f4-9583-93fe419ab7b0} (Multi Media France Toolbar)
[03/03/2008, 9:37:25] - BHO 6: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} (SSVHelper Class)
[03/03/2008, 9:37:25] - BHO 7: {7E853D72-626A-48EC-A868-BA8D5E23E045} ()
[03/03/2008, 9:37:25] - WARNING: BHO has no default name. Checking for Winlogon reference.
[03/03/2008, 9:37:25] - No filename found. Continuing.
[03/03/2008, 9:37:25] - BHO 8: {7EDA7BDD-DC5B-EF9E-7434-DB1E5CFB8C98} ()
[03/03/2008, 9:37:26] - WARNING: BHO has no default name. Checking for Winlogon reference.
[03/03/2008, 9:37:26] - Checking for HKLM\...\Winlogon\Notify\Tons Readme
[03/03/2008, 9:37:26] - Key not found: HKLM\...\Winlogon\Notify\Tons Readme, continuing.
[03/03/2008, 9:37:26] - BHO 9: {9030D464-4C02-4ABF-8ECC-5164760863C6} (Windows Live Sign-in Helper)
[03/03/2008, 9:37:26] - BHO 10: {A114D52B-870C-4F15-8021-B6D7F91A054B} (iFinger plugin / Browser helper object)
[03/03/2008, 9:37:26] - BHO 11: {AA58ED58-01DD-4d91-8333-CF10577473F7} (Google Toolbar Helper)
[03/03/2008, 9:37:26] - BHO 12: {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} (Google Toolbar Notifier BHO)
[03/03/2008, 9:37:26] - BHO 13: {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} (Barre d'outils MSN Search Helper)
[03/03/2008, 9:37:26] - Finished Searching Browser Helper Objects
[03/03/2008, 9:37:26] - Finishing up...
[03/03/2008, 9:37:26] - Nothing found! Exiting...
apres ca j'ai arrété et redemaré il n'y a pas eu d'ecran bleu et de message d'erreur
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 09:58:52, on 03/03/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16608)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Apps\ActivBoard\MMKeybd.exe
C:\Program Files\ScanSoft\OmniPageSE\opware32.exe
C:\Program Files\Virtual CD v4 SDK\system\vcsplay.exe
C:\Program Files\Google\Gmail Notifier\gnotify.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\MessengerPlus! 3\MsgPlus.exe
C:\Program Files\TechCity Solutions\AliceSAV\AliceAgent.exe
C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Program Files\Musicmatch\Musicmatch Jukebox\mm_tray.exe
C:\Program Files\Musicmatch\Musicmatch Jukebox\mmtask.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Fichiers communs\Real\Update_OBealsched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Antipub\antipub.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\PROGRA~1\INCRED~1\bin\IMAppU.exe
C:\Apps\ActivBoard\TrayMon.exe
C:\Apps\ActivBoard\OSD.exe
C:\Apps\ActivBoard
hksrv.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\WINDOWS\system32\DRIVERS\CDANTSRV.EXE
C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
C:\WINDOWS\system32\slserv.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Virtual CD v4 SDK\system\vcssecs.exe
C:\Program Files\Fichiers communs\BitDefender\BitDefender Communicator\xcommsvr.exe
C:\Program Files\Fichiers communs\BitDefender\BitDefender Update Service\livesrv.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\PROGRA~1\MOZILL~1\FIREFOX.EXE
C:\Documents and Settings\henri\Bureau\HiJackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://french.icrfast.com/index.php?rvs=hompag
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = https://portail.free.fr/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,First Home Page = https://support.microsoft.com/en-US/topic/internet-explorer-downloads-d49e1f0d-571c-9a7b-d97e-be248806ca70
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Alice ADSL
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = http=ZillaPopupKiller:8100
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: SweetIM For Internet Explorer - {BC4FFE41-DE9F-46fa-B455-AAD49B9F9938} - C:\Program Files\Macrogaming\SweetIMBarForIE	oolbar.dll
R3 - URLSearchHook: Multi Media France Toolbar - {7009fcd4-05be-44f4-9583-93fe419ab7b0} - C:\Program Files\Multi_Media_France	bMul1.dll
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: SWEETIE - {1A0AADCD-3A72-4b5f-900F-E3BB5A838E2A} - C:\PROGRA~1\MACROG~1\SWEETI~1	oolbar.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: EoRezoBHO - {64F56FC1-1272-44CD-BA6E-39723696E350} - C:\Program Files\EoRezo\EoAdv\EoRezoBHO.dll (file missing)
O2 - BHO: Multi Media France Toolbar - {7009fcd4-05be-44f4-9583-93fe419ab7b0} - C:\Program Files\Multi_Media_France	bMul1.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: (no name) - {7EDA7BDD-DC5B-EF9E-7434-DB1E5CFB8C98} - C:\DOCUME~1\henri\APPLIC~1\INSIDE~1\Tons Readme.exe (file missing)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: iFinger plugin / Browser helper object - {A114D52B-870C-4F15-8021-B6D7F91A054B} - C:\PROGRA~1\iFinger\plugins\IE.ifp
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar3.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.1.615.5858\swg.dll
O2 - BHO: Barre d'outils MSN Search Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Toolbar Suite\TB\02.05.0000.1105\fr-fr\msntb.dll
O3 - Toolbar: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: Barre d'outils MSN Search - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Toolbar Suite\TB\02.05.0000.1105\fr-fr\msntb.dll
O3 - Toolbar: SweetIM For Internet Explorer - {BC4FFE41-DE9F-46fa-B455-AAD49B9F9938} - C:\Program Files\Macrogaming\SweetIMBarForIE	oolbar.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar3.dll
O3 - Toolbar: Multi Media France Toolbar - {7009fcd4-05be-44f4-9583-93fe419ab7b0} - C:\Program Files\Multi_Media_France	bMul1.dll
O4 - HKLM\..\Run: [EM_EXEC] C:\PROGRA~1\MOUSEW~1\SYSTEM\EM_EXEC.EXE
O4 - HKLM\..\Run: [ACTIVBOARD] C:\Apps\ActivBoard\MMKeybd.exe
O4 - HKLM\..\Run: [Omnipage] C:\Program Files\ScanSoft\OmniPageSE\opware32.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [VCSPlayer] "C:\Program Files\Virtual CD v4 SDK\system\vcsplay.exe"
O4 - HKLM\..\Run: [{0228e555-4f9c-4e35-a3ec-b109a192b4c2}] C:\Program Files\Google\Gmail Notifier\gnotify.exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [MessengerPlus3] "C:\Program Files\MessengerPlus! 3\MsgPlus.exe"
O4 - HKLM\..\Run: [AliceSAV] C:\Program Files\TechCity Solutions\AliceSAV\AliceAgent.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - HKLM\..\Run: [MMTray] "C:\Program Files\Musicmatch\Musicmatch Jukebox\mm_tray.exe"
O4 - HKLM\..\Run: [mmtask] "C:\Program Files\Musicmatch\Musicmatch Jukebox\mmtask.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OBealsched.exe" -osboot
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [BDAgent] "C:\Program Files\BitDefender\BitDefender 2008\bdagent.exe"
O4 - HKCU\..\Run: [Update Service] "C:\Program Files\Fichiers communs\Teknum Systems\update.exe" /startup
O4 - HKCU\..\Run: [Zilla Popup Killer] C:\Program Files\Zilla Popup Killer\ZillaPop.exe
O4 - HKCU\..\Run: [NBJ] "C:\Program Files\Ahead\Nero BackItUp\NBJ.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [IncrediMail] C:\Program Files\IncrediMail\bin\IncMailU.exe /c
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O4 - Startup: Anti-Pub.lnk = C:\Program Files\Antipub\antipub.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: &MSN Search - res://C:\Program Files\MSN Toolbar Suite\TB\02.05.0000.1105\fr-fr\msntb.dll/search.htm
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: Ouvrir dans un nouvel onglet d'arrière-plan - res://C:\Program Files\MSN Toolbar Suite\TAB\02.05.0000.1105\fr-fr\msntabres.dll/229?d404d3ddb65e47cb91483a76ec4470cc
O8 - Extra context menu item: Ouvrir dans un nouvel onglet de premier plan - res://C:\Program Files\MSN Toolbar Suite\TAB\02.05.0000.1105\fr-fr\msntabres.dll/230?d404d3ddb65e47cb91483a76ec4470cc
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: Packard Bell - {1D49B7D4-524D-4ac9-BC34-B4822CAE4BB1} - C:\Apps\IECustom\script.htm
O9 - Extra button: iFinger - {936E5D60-596C-11D3-BB96-00600816DF55} - C:\WINDOWS\system32\SHDOCVW.DLL
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\System32\Shdocvw.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: Alice ADSL - {EC002B14-E391-4815-AC83-EC680A96766D} - https://portail.free.fr/ (file missing) (HKCU)
O15 - Trusted Zone: *.msn.com
O15 - Trusted Zone: *.passport.com
O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab31267.cab
O16 - DPF: {1754A1BA-A1DF-4F10-B199-AA55AA1A120F} (InstallerBehaviorFactory Class) - https://www.msn.com/fr-fr/
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://by103fd.bay103.hotmail.msn.com/resources/MsnPUpld.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/default.aspx
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://messenger.zone.msn.com/binary/ZIntro.cab47946.cab
O16 - DPF: {BD393C14-72AD-4790-A095-76522973D6B8} (CBreakshotControl Class) - http://messenger.zone.msn.com/binary/Bankshot.cab31267.cab
O16 - DPF: {F04A8AE2-A59D-11D2-8792-00C04F8EF29D} (Hotmail Attachments Control) - http://by103fd.bay103.hotmail.msn.com/activex/HMAtchmt.ocx
O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~4\GOEC62~1.DLL
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: C-DillaSrv - C-Dilla Ltd - C:\WINDOWS\system32\DRIVERS\CDANTSRV.EXE
O23 - Service: GoogleDesktopManager - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: BitDefender Desktop Update Service (LIVESRV) - BitDefender SRL - C:\Program Files\Fichiers communs\BitDefender\BitDefender Update Service\livesrv.exe
O23 - Service: Netropa NHK Server (nhksrv) - Unknown owner - C:\Apps\ActivBoard
hksrv.exe
O23 - Service: SmartLinkService (SLService) - - C:\WINDOWS\SYSTEM32\slserv.exe
O23 - Service: Virtual CD v4 Security service (SDK - Version) (VCSSecS) - H+H Software GmbH - C:\Program Files\Virtual CD v4 SDK\system\vcssecs.exe
O23 - Service: BitDefender Communicator (XCOMM) - BitDefender - C:\Program Files\Fichiers communs\BitDefender\BitDefender Communicator\xcommsvr.exe

-- 
End of file - 13414 bytes

Demande d'aide et desinfection

4 réponses

Discussions similaires