Sujet Précédent Sujet Suivant

Infection

vogelweide Messages postés 75 Statut Membre -  
vogelweide Messages postés 75 Statut Membre -
Bonjour,

En scannant mon pc, avast! a detecté les virus et chevaux de troie suivants :
Win32: Agent-RVE [Trj]
Win32: Agent-YFR [Trj]
Win32: Trojan-gen [Trj] {Other}
Win32: Onestep-B [Trj]
Win32: Adware-gen [Adw]
Win32: Onestep-B [Trj]

Avast! n'arrive ni à les suprimer, ni à les réparer, ni à les déplacer, ni à les mettre en zone de quarantaine.

Que faut-il faire pour les éradiquer?

Je vous remercie d'avance pour votre aide précieuse.

25 réponses

  • 1
  • 2
Réponse 1 / 25
ghuysmans99 Messages postés 2496 Date d'inscription   Statut Contributeur Dernière intervention   340
 
Peut-être qu'avec Antivir ça va marcher ...
1
Réponse 2 / 25
E..T Messages postés 6565 Statut Contributeur 428
 
Salut,

Télécharge Navilog1 depuis-ce lien :
http://perso.orange.fr/il.mafioso/Navifix/Navilog1.exe

Enregistrer la cible (du lien) sous... et enregistre-le sur ton bureau.
Ensuite double clique sur navilog1.exe pour lancer l'installation.
Une fois l'installation terminée, Fais un Clic-droit sur le raccourci Navilog présent sur ton bureau et choisis "Exécuter en tant qu'administrateur".

Au menu principal, Fais le choix 1
Laisse toi guider et patiente.
Patiente jusqu'au message :
*** Analyse Termine le ..... ***
Appuie sur une touche le bloc note va s'ouvrir.
Copie-colle l'intégralité du rapport ici.

++
1
Réponse 3 / 25
vogelweide Messages postés 75 Statut Membre 9
 
Bonsoir !

cela n' a pas marché avec antivir ....

Quelqu'un a-t-il une autre solution?

D'avance merci .
0
Réponse 4 / 25
vogelweide Messages postés 75 Statut Membre 9
 
bonjour !

J'ai toujours mes chevaux de troie et virus...

Quelqu'un peut-il m'aider ?

Merci
0

Vous n’avez pas trouvé la réponse que vous recherchez ?

Posez votre question
Réponse 5 / 25
vogelweide Messages postés 75 Statut Membre 9
 
bonsoir !!

J'ai otujours besoin d'aide !!
0
Réponse 6 / 25
vogelweide Messages postés 75 Statut Membre 9
 
bonsoir

j'en appelle à votre aide !!
0
Réponse 7 / 25
E..T Messages postés 6565 Statut Contributeur 428
 
Salut,

Pour commencer
Télécharge >> Lop S&D.exe << puis enregistres-le sur ton Bureau .
double-clic sur le fichier LopSD.exe suffira à lancer l'installation
Accepte le contat de licence
Créer le répertoire de destination, accepte en cliquant sur oui
Un raccourci sera créé sur ton Bureau.
Double clic dessus.
Choisis la langue f pour Français puis valide par Entrée.
Choisis l'option Recherche en saisissant 1 valides par Entrée.
Ton bureau va disparaitre c'est normal.
Patiente le temps du scan
A la fin du scan un rapport sera généré et s'ouvrira automatiquement dans le Bloc-Notes.
Copies-colles le contenu de ce rapport ici.
>>On le trouve aussi en %systemdrive%\LopR.txt

Une foi ce qu'il y a ci dessus fini fais ceci
Clique sur ce lien
http://www.trendsecure.com/portal/en-US/threat_analytics/HJTInstall.exe
pour télécharger le fichier d'installation d'HijackThis.

Enregistre HJTInstall.exe sur ton bureau.

-Une fois installé, le renommer en HJT.exe en fesant un clic droit dessus
On le renomme pour contrer une éventuelle infection de vundo

Double-clique sur HJT.exe pour lancer le programme

Accepte en cliquant sur le bouton "I Accept"

Ensuite clique sur "do a system scan and save a logfile" et postes le rapport obtenu ici.

@++
0
Réponse 8 / 25
vogelweide Messages postés 75 Statut Membre 9
 
Bonjour !
Tout d'abord merci pour l'aide !

--------------------\\ Lop S&D 4.2.2-5 XP/Vista

[ Windows XP (NT 5.1) Build 2600, Service Pack 3 ]
[ USER : Christophe DURAND ] [ "C:\Lop SD" ] [ Selection : 1 ]
[ 09/08/2008 | 9:47:28,68 ] [ PC : DURAND ]
[ MAJ : 01-08-2008 | 01:40 ]

--------------------\\ Listing des dossiers dans APPLIC~1

[17/08/2004|13:06] C:\DOCUME~1\ADMINI~1\APPLIC~1\desktop.ini
[20/02/2006|09:32] C:\DOCUME~1\ADMINI~1\APPLIC~1\Identities
[08/08/2006|22:55] C:\DOCUME~1\ADMINI~1\APPLIC~1\Lavasoft
[20/02/2006|01:00] C:\DOCUME~1\ADMINI~1\APPLIC~1\Microsoft

[21/06/2007|23:01] C:\DOCUME~1\ALLUSE~1\APPLIC~1\.zreglib
[06/09/2006|14:50] C:\DOCUME~1\ALLUSE~1\APPLIC~1\118300.34
[17/03/2008|21:10] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe
[03/08/2006|00:38] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Ahead
[11/07/2007|15:35] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple
[21/02/2007|11:15] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple Computer
[05/08/2008|22:47] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Avira
[14/01/2007|12:00] C:\DOCUME~1\ALLUSE~1\APPLIC~1\BOONTY
[25/11/2007|17:57] C:\DOCUME~1\ALLUSE~1\APPLIC~1\CanonBJ
[17/05/2006|20:58] C:\DOCUME~1\ALLUSE~1\APPLIC~1\CyberLink
[17/08/2004|13:06] C:\DOCUME~1\ALLUSE~1\APPLIC~1\desktop.ini
[01/11/2007|14:35] C:\DOCUME~1\ALLUSE~1\APPLIC~1\DVD Shrink
[10/06/2007|10:35] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Elaborate Bytes
[01/11/2006|01:54] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Google
[03/07/2007|09:55] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Grisoft
[29/08/2006|11:16] C:\DOCUME~1\ALLUSE~1\APPLIC~1\HP
[02/01/2008|17:33] C:\DOCUME~1\ALLUSE~1\APPLIC~1\hpzinstall.log
[10/02/2008|01:02] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Installer.log
[20/02/2006|01:08] C:\DOCUME~1\ALLUSE~1\APPLIC~1\InstallShield
[10/02/2008|01:18] C:\DOCUME~1\ALLUSE~1\APPLIC~1\LauncherAccess.dt
[15/07/2008|13:14] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Lavasoft
[06/08/2008|22:04] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Malwarebytes
[01/08/2006|11:20] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft
[13/05/2008|22:53] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft Help
[29/12/2007|10:38] C:\DOCUME~1\ALLUSE~1\APPLIC~1\QTSBandwidthCache
[05/06/2006|17:17] C:\DOCUME~1\ALLUSE~1\APPLIC~1\QuickTime
[12/08/2006|17:12] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Samsung
[20/02/2006|09:32] C:\DOCUME~1\ALLUSE~1\APPLIC~1\SBSI
[03/06/2007|10:02] C:\DOCUME~1\ALLUSE~1\APPLIC~1\SlySoft
[20/02/2006|00:54] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Sonic
[04/08/2008|09:31] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Spybot - Search & Destroy
[04/01/2008|23:09] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Spyware Terminator
[06/06/2008|21:43] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Trymedia
[13/05/2006|03:04] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Genuine Advantage
[12/03/2008|19:02] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WLInstaller
[25/08/2006|19:16] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Yahoo!

[03/06/2007|09:50] C:\DOCUME~1\CHRIST~1\APPLIC~1\.zreglib
[16/04/2008|13:33] C:\DOCUME~1\CHRIST~1\APPLIC~1\Adobe
[31/05/2006|00:16] C:\DOCUME~1\CHRIST~1\APPLIC~1\AdobeAUM
[16/01/2007|00:27] C:\DOCUME~1\CHRIST~1\APPLIC~1\AdobeUM
[05/08/2006|01:00] C:\DOCUME~1\CHRIST~1\APPLIC~1\Ahead
[15/04/2008|18:31] C:\DOCUME~1\CHRIST~1\APPLIC~1\Apple Computer
[21/04/2008|16:09] C:\DOCUME~1\CHRIST~1\APPLIC~1\blaxxun interactive
[29/10/2007|14:04] C:\DOCUME~1\CHRIST~1\APPLIC~1\CamfrogWEB
[30/06/2007|22:57] C:\DOCUME~1\CHRIST~1\APPLIC~1\ConvertTemp
[13/05/2006|23:17] C:\DOCUME~1\CHRIST~1\APPLIC~1\CyberLink
[17/08/2004|13:06] C:\DOCUME~1\CHRIST~1\APPLIC~1\desktop.ini
[13/06/2008|21:43] C:\DOCUME~1\CHRIST~1\APPLIC~1\dvdcss
[10/02/2008|01:01] C:\DOCUME~1\CHRIST~1\APPLIC~1\FotoWire
[28/05/2008|20:34] C:\DOCUME~1\CHRIST~1\APPLIC~1\GDIPFONTCACHEV1.DAT
[30/08/2006|02:46] C:\DOCUME~1\CHRIST~1\APPLIC~1\GdiplusUpgrade_MSIApproach_Wrapper.log
[01/11/2006|17:17] C:\DOCUME~1\CHRIST~1\APPLIC~1\Google
[26/05/2006|11:23] C:\DOCUME~1\CHRIST~1\APPLIC~1\Help
[30/08/2006|02:41] C:\DOCUME~1\CHRIST~1\APPLIC~1\HP
[20/02/2006|09:32] C:\DOCUME~1\CHRIST~1\APPLIC~1\Identities
[22/02/2007|18:36] C:\DOCUME~1\CHRIST~1\APPLIC~1\IE7pro
[30/03/2008|20:08] C:\DOCUME~1\CHRIST~1\APPLIC~1\Image Zone Express
[25/02/2008|08:41] C:\DOCUME~1\CHRIST~1\APPLIC~1\inst.exe
[29/01/2008|02:24] C:\DOCUME~1\CHRIST~1\APPLIC~1\Lavasoft
[13/05/2006|15:42] C:\DOCUME~1\CHRIST~1\APPLIC~1\Leadertech
[02/02/2008|10:23] C:\DOCUME~1\CHRIST~1\APPLIC~1\Macromedia
[06/08/2008|22:05] C:\DOCUME~1\CHRIST~1\APPLIC~1\Malwarebytes
[31/07/2006|03:46] C:\DOCUME~1\CHRIST~1\APPLIC~1\Media Player Classic
[26/12/2007|14:57] C:\DOCUME~1\CHRIST~1\APPLIC~1\Microsoft
[15/10/2007|21:08] C:\DOCUME~1\CHRIST~1\APPLIC~1\Mozilla
[25/02/2008|08:41] C:\DOCUME~1\CHRIST~1\APPLIC~1\pcouffin.cat
[25/02/2008|08:41] C:\DOCUME~1\CHRIST~1\APPLIC~1\pcouffin.inf
[25/02/2008|08:41] C:\DOCUME~1\CHRIST~1\APPLIC~1\pcouffin.log
[25/02/2008|08:41] C:\DOCUME~1\CHRIST~1\APPLIC~1\pcouffin.sys
[10/10/2006|22:58] C:\DOCUME~1\CHRIST~1\APPLIC~1\PDFCreator
[19/11/2006|21:56] C:\DOCUME~1\CHRIST~1\APPLIC~1\Printer Info Cache
[09/02/2008|20:05] C:\DOCUME~1\CHRIST~1\APPLIC~1\Real
[30/06/2007|22:57] C:\DOCUME~1\CHRIST~1\APPLIC~1\Samsung
[06/08/2006|03:19] C:\DOCUME~1\CHRIST~1\APPLIC~1\SlySoft
[13/05/2006|15:45] C:\DOCUME~1\CHRIST~1\APPLIC~1\Sonic
[10/05/2007|01:13] C:\DOCUME~1\CHRIST~1\APPLIC~1\SpamPal
[04/01/2008|23:00] C:\DOCUME~1\CHRIST~1\APPLIC~1\Spyware Terminator
[18/05/2006|01:40] C:\DOCUME~1\CHRIST~1\APPLIC~1\Sun
[13/05/2006|02:25] C:\DOCUME~1\CHRIST~1\APPLIC~1\Template
[30/06/2007|22:57] C:\DOCUME~1\CHRIST~1\APPLIC~1\Temporary
[30/06/2007|22:57] C:\DOCUME~1\CHRIST~1\APPLIC~1\TransRender
[30/08/2006|02:43] C:\DOCUME~1\CHRIST~1\APPLIC~1\Update_HP_RedboxHprblog_HPSU.log
[27/01/2007|10:28] C:\DOCUME~1\CHRIST~1\APPLIC~1\vlc
[25/02/2008|08:42] C:\DOCUME~1\CHRIST~1\APPLIC~1\Vso
[13/05/2006|02:25] C:\DOCUME~1\CHRIST~1\APPLIC~1\wklnhst.dat

[17/08/2004|13:06] C:\DOCUME~1\DEFAUL~1\APPLIC~1\desktop.ini
[20/02/2006|09:32] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Identities
[20/02/2006|01:00] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft

[28/05/2006|11:46] C:\DOCUME~1\LOCALS~1\APPLIC~1\Macromedia
[20/02/2006|00:38] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft

[28/11/2007|21:12] C:\DOCUME~1\MARINE~1\APPLIC~1\Adobe
[17/08/2004|13:06] C:\DOCUME~1\MARINE~1\APPLIC~1\desktop.ini
[20/02/2006|09:32] C:\DOCUME~1\MARINE~1\APPLIC~1\Identities
[21/04/2007|19:08] C:\DOCUME~1\MARINE~1\APPLIC~1\Microsoft
[12/04/2008|15:35] C:\DOCUME~1\MARINE~1\APPLIC~1\Real
[29/11/2007|01:00] C:\DOCUME~1\MARINE~1\APPLIC~1\Spyware Terminator

[20/02/2006|00:38] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft

[03/07/2008|22:01] C:\DOCUME~1\VRONIQ~1\APPLIC~1\Adobe
[17/08/2004|13:06] C:\DOCUME~1\VRONIQ~1\APPLIC~1\desktop.ini
[03/07/2008|22:02] C:\DOCUME~1\VRONIQ~1\APPLIC~1\Google
[20/02/2006|09:32] C:\DOCUME~1\VRONIQ~1\APPLIC~1\Identities
[03/07/2008|22:00] C:\DOCUME~1\VRONIQ~1\APPLIC~1\IE7pro
[25/05/2006|15:50] C:\DOCUME~1\VRONIQ~1\APPLIC~1\Macromedia
[17/11/2007|12:58] C:\DOCUME~1\VRONIQ~1\APPLIC~1\Microsoft
[03/07/2008|22:00] C:\DOCUME~1\VRONIQ~1\APPLIC~1\Real
[03/07/2008|22:03] C:\DOCUME~1\VRONIQ~1\APPLIC~1\Spyware Terminator

--------------------\\ Tâches planifiées dans C:\WINDOWS\tasks

[07/08/2008 10:59][--a------] C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[08/08/2008 15:17][--a------] C:\WINDOWS\tasks\Norton Security Scan.job
[09/08/2008 00:00][--a------] C:\WINDOWS\tasks\HPpromotions journeysoftware.job
[09/08/2008 08:31][--ah-----] C:\WINDOWS\tasks\SA.DAT
[05/08/2004 10:00][-rah-c---] C:\WINDOWS\tasks\desktop.ini

--------------------\\ Listing des dossiers dans C:\Program Files

[25/02/2008|08:41] C:\Program Files\Acala DVD Copy
[21/02/2008|09:48] C:\Program Files\Acala DVD Ripper Professional
[10/07/2007|10:40] C:\Program Files\Adobe
[06/09/2006|15:21] C:\Program Files\Alwil Software
[20/02/2006|00:53] C:\Program Files\AMD
[17/08/2006|12:05] C:\Program Files\APLI-AGIPA
[07/08/2008|10:59] C:\Program Files\Apple Software Update
[29/12/2006|01:56] C:\Program Files\AquaScape 3D
[29/12/2007|20:57] C:\Program Files\Ashampoo
[20/08/2007|13:16] C:\Program Files\a-squared Anti-Dialer
[04/08/2008|09:22] C:\Program Files\a-squared Free
[20/12/2006|00:46] C:\Program Files\a-squared HiJackFree
[20/02/2006|00:42] C:\Program Files\ATI Technologies
[08/05/2007|22:22] C:\Program Files\AvantGo Connect
[05/08/2008|22:47] C:\Program Files\Avira
[20/12/2006|00:47] C:\Program Files\AxBx
[31/07/2008|11:14] C:\Program Files\Bonjour
[16/01/2007|01:44] C:\Program Files\BoontyGames
[25/11/2007|17:57] C:\Program Files\Canon
[25/11/2007|17:56] C:\Program Files\CanonBJ
[14/04/2007|03:12] C:\Program Files\Cavomatic
[08/08/2006|15:33] C:\Program Files\CCleaner
[29/10/2007|14:04] C:\Program Files\CFWebAdvancedU
[25/08/2007|04:36] C:\Program Files\ClicClasse
[08/05/2007|22:22] C:\Program Files\Common Files
[20/02/2006|09:32] C:\Program Files\ComPlus Applications
[20/02/2006|00:36] C:\Program Files\CONEXANT
[11/01/2008|14:25] C:\Program Files\DivX
[23/08/2007|10:55] C:\Program Files\DocumentHub
[02/08/2006|17:30] C:\Program Files\DVD Shrink
[03/06/2007|09:34] C:\Program Files\DVDFab Decrypter
[21/06/2007|22:30] C:\Program Files\Elaborate Bytes
[26/05/2008|22:15] C:\Program Files\eMule
[18/05/2006|01:55] C:\Program Files\fdjeux
[15/07/2008|13:15] C:\Program Files\Fichiers communs
[18/07/2008|22:27] C:\Program Files\Free Easy Burner
[15/06/2008|00:36] C:\Program Files\GameYard.com
[26/01/2007|11:06] C:\Program Files\Google
[15/12/2006|19:04] C:\Program Files\Grisoft
[29/09/2006|18:28] C:\Program Files\Hewlett-Packard
[11/02/2007|17:37] C:\Program Files\Hijackthis Version Fran‡aise
[30/09/2006|09:36] C:\Program Files\HP
[12/05/2006|19:13] C:\Program Files\HPQ
[22/02/2007|18:36] C:\Program Files\IE7pro
[21/04/2008|16:09] C:\Program Files\InstallShield Installation Information
[11/06/2008|07:58] C:\Program Files\Internet Explorer
[31/07/2008|11:15] C:\Program Files\iPod
[31/07/2008|11:15] C:\Program Files\iTunes
[03/04/2008|23:11] C:\Program Files\Java
[31/07/2006|03:39] C:\Program Files\K-Lite Codec Pack
[15/07/2008|13:16] C:\Program Files\Lavasoft
[10/02/2008|01:01] C:\Program Files\Logitech
[06/08/2008|22:05] C:\Program Files\Malwarebytes' Anti-Malware
[08/04/2007|22:19] C:\Program Files\MaxiCompte
[14/01/2007|11:59] C:\Program Files\Mes Jeux T‚l‚charg‚s
[13/05/2008|22:34] C:\Program Files\Messenger
[08/05/2007|22:22] C:\Program Files\Microsoft ActiveSync
[09/05/2007|22:32] C:\Program Files\Microsoft CAPICOM 2.1.0.2
[20/02/2006|09:32] C:\Program Files\microsoft frontpage
[05/07/2007|22:09] C:\Program Files\Microsoft Office
[05/07/2007|22:10] C:\Program Files\Microsoft Works
[05/07/2007|22:08] C:\Program Files\Microsoft.NET
[20/08/2006|14:01] C:\Program Files\Mindscape
[13/05/2008|22:33] C:\Program Files\Movie Maker
[27/03/2008|00:57] C:\Program Files\Mozilla Firefox
[20/02/2006|09:32] C:\Program Files\MSN
[20/02/2006|09:32] C:\Program Files\MSN Gaming Zone
[14/10/2006|16:00] C:\Program Files\MSXML 4.0
[11/02/2008|17:45] C:\Program Files\Mumble
[02/08/2006|22:44] C:\Program Files\Nero
[26/12/2007|16:21] C:\Program Files\NETGEAR
[13/05/2008|22:30] C:\Program Files\NetMeeting
[08/08/2008|15:00] C:\Program Files\Norton Security Scan
[13/05/2006|15:38] C:\Program Files\OfficeUpdate11
[20/02/2006|09:32] C:\Program Files\Online Services
[13/05/2008|22:30] C:\Program Files\Outlook Express
[10/10/2006|22:58] C:\Program Files\PDFCreator
[14/06/2008|21:29] C:\Program Files\Phelios
[13/07/2007|16:05] C:\Program Files\POI-Warner GoPal Edition
[13/03/2008|17:56] C:\Program Files\POI-Warner POI-Data
[31/07/2008|11:13] C:\Program Files\QuickTime
[09/02/2008|19:54] C:\Program Files\Real
[06/06/2008|21:42] C:\Program Files\Reflexive Entertainment
[04/08/2008|09:23] C:\Program Files\RogueRemover FREE
[26/11/2007|03:33] C:\Program Files\RSS News Reader
[31/07/2008|11:06] C:\Program Files\Safari
[30/06/2007|22:37] C:\Program Files\Samsung
[20/02/2006|01:18] C:\Program Files\Services en ligne
[11/02/2007|19:18] C:\Program Files\SigmaTel
[21/06/2007|23:06] C:\Program Files\SlySoft
[20/02/2006|01:07] C:\Program Files\Sonic
[07/09/2006|23:27] C:\Program Files\SpamPal
[18/07/2008|11:22] C:\Program Files\Speeditup Free
[11/02/2008|19:05] C:\Program Files\Spybot - Search & Destroy
[03/07/2008|22:03] C:\Program Files\Spyware Terminator
[31/05/2006|01:14] C:\Program Files\Stardock
[13/09/2006|20:13] C:\Program Files\Sunbelt Software
[20/02/2006|01:09] C:\Program Files\Synaptics
[07/08/2008|22:16] C:\Program Files\The Cleaner Free
[15/05/2006|23:28] C:\Program Files\Tranquillity
[19/08/2006|01:14] C:\Program Files\Trend Micro
[20/02/2006|09:32] C:\Program Files\Uninstall Information
[08/08/2006|19:48] C:\Program Files\Unlocker
[02/12/2007|22:55] C:\Program Files\Veoh Networks
[27/01/2007|10:16] C:\Program Files\VideoLAN
[07/08/2008|17:36] C:\Program Files\virus
[26/05/2006|11:40] C:\Program Files\Wanadoo
[14/04/2007|03:17] C:\Program Files\WinCave24
[12/03/2008|19:04] C:\Program Files\Windows Live
[09/12/2006|01:48] C:\Program Files\Windows Media Connect 2
[13/05/2008|22:30] C:\Program Files\Windows Media Player
[13/05/2008|22:30] C:\Program Files\Windows NT
[20/02/2006|09:32] C:\Program Files\WindowsUpdate
[03/08/2006|14:21] C:\Program Files\WinRAR
[20/02/2006|09:32] C:\Program Files\xerox
[25/11/2007|23:03] C:\Program Files\Yahoo!
[02/07/2008|19:49] C:\Program Files\YesMessenger

--------------------\\ Listing des dossiers dans C:\Program Files\Fichiers communs

[10/07/2007|10:40] C:\Program Files\Fichiers communs\Adobe
[02/08/2006|22:47] C:\Program Files\Fichiers communs\Ahead
[11/07/2007|15:35] C:\Program Files\Fichiers communs\Apple
[14/01/2007|12:00] C:\Program Files\Fichiers communs\BOONTY Shared
[18/05/2006|22:16] C:\Program Files\Fichiers communs\Designer
[10/02/2008|01:01] C:\Program Files\Fichiers communs\FotoWire
[29/09/2006|18:27] C:\Program Files\Fichiers communs\Hewlett-Packard
[20/02/2006|00:53] C:\Program Files\Fichiers communs\HP
[20/02/2006|01:08] C:\Program Files\Fichiers communs\InstallShield
[20/02/2006|00:44] C:\Program Files\Fichiers communs\Java
[19/08/2006|01:47] C:\Program Files\Fichiers communs\LightScribe
[06/06/2006|22:54] C:\Program Files\Fichiers communs\Logitech
[12/03/2008|19:03] C:\Program Files\Fichiers communs\Microsoft Shared
[20/02/2006|09:32] C:\Program Files\Fichiers communs\MSSoap
[20/02/2006|09:32] C:\Program Files\Fichiers communs\ODBC
[09/02/2008|19:54] C:\Program Files\Fichiers communs\Real
[20/02/2006|09:32] C:\Program Files\Fichiers communs\Services
[20/02/2006|01:06] C:\Program Files\Fichiers communs\Sonic Shared
[20/02/2006|09:32] C:\Program Files\Fichiers communs\SpeechEngines
[31/05/2006|01:31] C:\Program Files\Fichiers communs\Stardock
[20/02/2006|01:07] C:\Program Files\Fichiers communs\SureThing Shared
[15/02/2008|18:58] C:\Program Files\Fichiers communs\Symantec Shared
[13/05/2008|22:30] C:\Program Files\Fichiers communs\System
[20/02/2006|01:07] C:\Program Files\Fichiers communs\TiVo Shared
[12/03/2008|19:03] C:\Program Files\Fichiers communs\WindowsLiveInstaller
[15/07/2008|13:15] C:\Program Files\Fichiers communs\Wise Installation Wizard
[09/02/2008|19:54] C:\Program Files\Fichiers communs\xing shared

--------------------\\ Process

( 75 Processus )

iexplore.exe ~ [1040]

--------------------\\ Recherche avec S_Lop

Aucun fichier / dossier Lop trouvé !

--------------------\\ Recherche de Fichiers / Dossiers Lop

C:\DOCUME~1\CHRIST~1\Cookies\christophe_durand@advertstream[2].txt

--------------------\\ Verification du Registre

..... OK !

--------------------\\ Verification du fichier Hosts

Fichier Hosts PROPRE

--------------------\\ Recherche de fichiers avec Catchme

catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-08-09 09:51:20
Windows 5.1.2600 Service Pack 3 NTFS
scanning hidden processes ...
scanning hidden files ...
scan completed successfully
hidden processes: 0
hidden files: 0

--------------------\\ Recherche d'autres infections

C:\WINDOWS\Pack.epk
[b]==> EGDACCESS <==/b

--------------------\\ Cracks & Keygens ..

=> C:\DOCUME~1\CHRIST~1\Mes documents\cl‚ usb\Winzip-8.1-crack
=> C:\DOCUME~1\CHRIST~1\Mes documents\cl‚ usb\Winzip-8.1-crack.zip
=> C:\DOCUME~1\CHRIST~1\Mes documents\cl‚ usb\Winzip-8.1-crack\Crack.exe
=> C:\DOCUME~1\CHRIST~1\Mes documents\cl‚ usb\Winzip-8.1-crack\file_id.diz
=> C:\DOCUME~1\CHRIST~1\Mes documents\cl‚ usb\Winzip-8.1-crack\SGG.url

[F:117][D:6]-> C:\DOCUME~1\CHRIST~1\LOCALS~1\Temp
[F:123][D:0]-> C:\DOCUME~1\CHRIST~1\Cookies
[F:3813][D:20]-> C:\DOCUME~1\CHRIST~1\LOCALS~1\TEMPOR~1\content.IE5

--------------------\\ Fin du rapport a 9:53:19,31

Voici maintenant le rapport HJT

Logfile of HijackThis v1.99.1
Scan saved at 09:57:22, on 09/08/2008
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16674)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\LEXPPS.EXE
C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
C:\Program Files\a-squared Anti-Dialer\a2service.exe
C:\Program Files\HP\TVPlay\TVPService.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe
c:\program files\a-squared free\a2service.exe
C:\Program Files\HP\QuickPlay\QPService.exe
C:\Program Files\Logitech\Video\LogiTray.exe
C:\Program Files\hpq\HP Wireless Assistant\HP Wireless Assistant.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\Program Files\HPQ\Quick Launch Buttons\EabServr.exe
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\WINDOWS\system32\LVCOMSX.EXE
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\QuickTime\QTTask.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Microsoft ActiveSync\WCESCOMM.EXE
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Windows Media Player\WMPNSCFG.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BackWeb-8876480.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Veoh Networks\Veoh\VeohClient.exe
C:\Program Files\HP\TVPlay\Kernel\CLML_NTService\CLMLServer.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\Logitech\Video\FxSvr2.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\SpamPal\spampal.exe
C:\Program Files\Yahoo!\Widgets\YahooWidgetEngine.exe
C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
C:\Program Files\HP\Digital Imaging\bin\hpqimzone.exe
C:\Program Files\Yahoo!\Widgets\YahooWidgetEngine.exe
C:\Program Files\Spyware Terminator\sp_rsser.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\HP\TVPlay\Kernel\TV\TVPCapSvc.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
C:\Program Files\HP\TVPlay\Kernel\TV\TVPSched.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\PROGRA~1\hpq\Shared\HPQTOA~1.EXE
C:\Program Files\Windows Live\Messenger\usnsvc.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\WINDOWS\explorer.exe
C:\WINDOWS\system32\NOTEPAD.EXE
C:\Program Files\Hijackthis Version Française\hijackthis vf.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = https://www.bing.com/?cc=fr&toHttps=1&redig=55729C844D6A45819CAD368B3E178C9F
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://home.neuf.fr/
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost;*.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
O2 - BHO: IE7pro - {00011268-E188-40DF-A514-835FCD78B1BF} - C:\Program Files\IE7pro\IE7pro.dll
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar3.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar3.dll
O3 - Toolbar: Veoh Browser Plug-in - {D0943516-5076-4020-A3B5-AEFAF26AB263} - C:\Program Files\Veoh Networks\Veoh\Plugins\reg\VeohToolbar.dll
O4 - HKLM\..\Run: [TVPService] "C:\Program Files\HP\TVPlay\TVPService.exe"
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe"
O4 - HKLM\..\Run: [SpywareTerminator] "C:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe"
O4 - HKLM\..\Run: [RecGuard] C:\Windows\SMINST\RecGuard.exe
O4 - HKLM\..\Run: [QPService] "C:\Program Files\HP\QuickPlay\QPService.exe"
O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe
O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe
O4 - HKLM\..\Run: [hpWirelessAssistant] C:\Program Files\hpq\HP Wireless Assistant\HP Wireless Assistant.exe
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [eabconfg.cpl] C:\Program Files\HPQ\Quick Launch Buttons\EabServr.exe /Start
O4 - HKLM\..\Run: [Cpqset] C:\Program Files\HPQ\Default Settings\cpqset.exe
O4 - HKLM\..\Run: [ATIPTA] "C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Program Files\Microsoft ActiveSync\WCESCOMM.EXE"
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BackWeb-8876480.exe
O4 - HKCU\..\Run: [LogitechSoftwareUpdate] "C:\Program Files\Logitech\Video\ManifestEngine.exe" boot
O4 - HKCU\..\Run: [Veoh] "C:\Program Files\Veoh Networks\Veoh\VeohClient.exe" /VeohHide
O4 - Startup: SpamPal.lnk = C:\Program Files\SpamPal\spampal.exe
O4 - Startup: Yahoo! Widget Engine.lnk = C:\Program Files\Yahoo!\Widgets\YahooWidgetEngine.exe
O4 - Global Startup: Adobe Reader Synchronizer.lnk = C:\Program Files\Adobe\Reader 8.0\Reader\AdobeCollabSync.exe
O4 - Global Startup: Démarrage rapide de HP Photosmart Premier.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Reader 8.0\Reader\reader_sl.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office10\EXCEL.EXE/3000
O9 - Extra button: IE7pro Preferences - {0026439F-A980-4f18-8C95-4F1CBBF9C1D8} - C:\Program Files\IE7pro\IE7pro.dll
O9 - Extra 'Tools' menuitem: IE7pro Preferences - {0026439F-A980-4f18-8C95-4F1CBBF9C1D8} - C:\Program Files\IE7pro\IE7pro.dll
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra button: Créer un Favori de l'appareil mobile - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\inetrepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\inetrepl.dll
O9 - Extra 'Tools' menuitem: Créer un Favori de l'appareil mobile... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\inetrepl.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: c:\program files\bonjour\mdnsnsp.dll
O11 - Options group: [INTERNATIONAL] International*
O14 - IERESET.INF: START_PAGE_URL=https://www8.hp.com/fr/fr/home.html
O16 - DPF: {1F2F4C9E-6F09-47BC-970D-3C54734667FE} (LSSupCtl Class) - https://support.norton.com/sp/en/us/home/current/info
O16 - DPF: {2357B3CF-7F8D-4451-8D81-FD6097610AEE} (CamfrogWEB Advanced Unicode Control) - http://activex.camfrogweb.com/advanced/2.0.1.14/cfweb_activex.camfrogweb.com-advanced-2.0.1.14_instmodule.exe
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (Installation Support) - C:\Program Files\Yahoo!\Common\Yinsthelper.dll
O16 - DPF: {3451DEDE-631F-421C-8127-FD793AFC6CC8} (ActiveDataInfo Class) - https://support.norton.com/sp/en/us/home/current/info
O16 - DPF: {44990200-3C9D-426D-81DF-AAB636FA4345} (Symantec SmartIssue) - https://support.norton.com/sp/en/us/home/current/info
O16 - DPF: {44990301-3C9D-426D-81DF-AAB636FA4345} (Symantec Script Runner Class) - https://support.norton.com/sp/en/us/home/current/info
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scan8/oscan8.cab
O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} (DivXBrowserPlugin Object) - http://download.divx.com/player/DivXBrowserPlugin.cab
O16 - DPF: {72C23FEC-3AF9-48FC-9597-241A8EBDFE0A} (InstallShield International Setup Player) - https://resources.flexera.com/web/installengine/engine/isetupml.cab
O16 - DPF: {AB86CE53-AC9F-449F-9399-D8ABCA09EC09} (Get_ActiveX Control) - https://h17000.www1.hp.com/ewfrf-JAVA/Secure/HPGetDownloadManager.ocx
O16 - DPF: {E1AF091A-9F23-4059-89D7-C05EE073285D} (Canal+ Active MSWAY) - https://www.canalplus.com/canalplay/
O18 - Protocol: CDS300 - {AD43AA67-6860-4531-AC8A-0E68F9CF023E} - (no file)
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL
O18 - Protocol: ms-help - {314111C7-A502-11D2-BBCA-00C04F8EC294} - C:\Program Files\Fichiers communs\Microsoft Shared\Help\hxds.dll
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL
O18 - Filter hijack: text/xml - {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~1\FICHIE~1\MICROS~1\OFFICE12\MSOXMLMF.DLL
O20 - Winlogon Notify: dimsntfy - %SystemRoot%\System32\dimsntfy.dll (file missing)
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: a-squared Anti-Dialer Service (a2AntiDialer) - Emsi Software GmbH - C:\Program Files\a-squared Anti-Dialer\a2service.exe
O23 - Service: a-squared Free Service (a2free) - Emsi Software GmbH - c:\program files\a-squared free\a2service.exe
O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
O23 - Service: Avira AntiVir Personal - Free Antivirus Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: Avira AntiVir Personal - Free Antivirus Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Boonty Games - BOONTY - C:\Program Files\Fichiers communs\BOONTY Shared\Service\Boonty.exe
O23 - Service: CyberLink Media Library Service(HP TVPlay) - Cyberlink - C:\Program Files\HP\TVPlay\Kernel\CLML_NTService\CLMLServer.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Sunbelt Kerio Personal Firewall 4 (KPF4) - Sunbelt Software - C:\Program Files\Sunbelt Software\Personal Firewall\kpf4ss.exe
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: Spyware Terminator Realtime Shield Service (sp_rssrv) - Crawler.com - C:\Program Files\Spyware Terminator\sp_rsser.exe
O23 - Service: CyberLink Background Capture Service (CBCS HP TVPlay) (TVPCapSvc) - Unknown owner - C:\Program Files\HP\TVPlay\Kernel\TV\TVPCapSvc.exe
O23 - Service: CyberLink Task Scheduler (CTS HP TVPlay) (TVPSched) - Unknown owner - C:\Program Files\HP\TVPlay\Kernel\TV\TVPSched.exe

A+ et merci
0
Réponse 9 / 25
E..T Messages postés 6565 Statut Contributeur 428
 
=> C:\DOCUME~1\CHRIST~1\Mes documents\cl‚ usb\Winzip-8.1-crack
=> C:\DOCUME~1\CHRIST~1\Mes documents\cl‚ usb\Winzip-8.1-crack.zip
=> C:\DOCUME~1\CHRIST~1\Mes documents\cl‚ usb\Winzip-8.1-crack\Crack.exe
=> C:\DOCUME~1\CHRIST~1\Mes documents\cl‚ usb\Winzip-8.1-crack\file_id.diz
=> C:\DOCUME~1\CHRIST~1\Mes documents\cl‚ usb\Winzip-8.1-crack\SGG.url
Pas bien tout ça ...

Bon,

Refais la même chose mais la tu choisis le choix 2 dans lop SD
Laisse travailler le pc
Une fois le nettoyage fini ,une recherche sera relancée et un rapport
s'ouvrira automatiquement dans le Bloc-Notes.
Copies-colles le contenu de ce rapport sur le forum.

Une foi que tu as fini avec ça fais ce qui suit :

Fais ce qui suit :

* Télécharge MalwareByte's Anti-Malware (by RubbeR DuckY) :
*http://www.commentcamarche.net/telecharger/telecharger 34055379 malwarebyte s anti malware
* Installe le programme sur le bureau :

o S'il manque le fichier COMCTL32.OCX, télécharge le ici

* Fais les mises à jour (clic sur Mises à jour puis Recherche de mises à jour)

* Démarre en mode sans échec
Comment faire >> https://www.micro-astuce.com/depannage/demarrer-mode-sans-echec.php
Redémarres l’ordinateur
Dès le chargement du BIOS, commences à appuyer sur la touche F8 de ton clavier,i jusqu'au ou le menu des options avancées de Windows apparait.
Sélectionne "Mode sans échec" dans le menu puis appuyez sur Entrée.

* Lance MalwareByte's Anti-Malware, clique sur Exécuter un examen complet puis Rechercher et sélectionnez tous tes disques durs

* Une fois le scan terminé, clique sur supprimer (si un message te demande de redémarrer le PC, accepte.)

* Un rapport sera généré, enregistre le de manière à le retrouver sur ton bureau par exemple et poste le ici.

@++
0
Réponse 10 / 25
vogelweide Messages postés 75 Statut Membre 9
 
Bonsoir !!

voici les rapports demandés !

--------------------\\ Lop S&D 4.2.2-5 XP/Vista

[ Windows XP (NT 5.1) Build 2600, Service Pack 3 ]
[ USER : Christophe DURAND ] [ "C:\Lop SD" ] [ Selection : 2 ]
[ 10/08/2008 | 19:30:56,29 ] [ PC : DURAND ]
[ MAJ : 01-08-2008 | 01:40 ]

\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\ SUPPRESSION /////////////////////////////

Supprime! - C:\DOCUME~1\CHRIST~1\Cookies\christophe_durand@advertstream[2].txt
RestaurÚ! - Fichier Hosts

//////////////////////////////////////-\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\

--------------------\\ Listing des dossiers dans APPLIC~1

[17/08/2004|13:06] C:\DOCUME~1\ADMINI~1\APPLIC~1\desktop.ini
[20/02/2006|09:32] C:\DOCUME~1\ADMINI~1\APPLIC~1\Identities
[08/08/2006|22:55] C:\DOCUME~1\ADMINI~1\APPLIC~1\Lavasoft
[20/02/2006|01:00] C:\DOCUME~1\ADMINI~1\APPLIC~1\Microsoft

[21/06/2007|23:01] C:\DOCUME~1\ALLUSE~1\APPLIC~1\.zreglib
[06/09/2006|14:50] C:\DOCUME~1\ALLUSE~1\APPLIC~1\118300.34
[17/03/2008|21:10] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe
[03/08/2006|00:38] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Ahead
[11/07/2007|15:35] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple
[21/02/2007|11:15] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple Computer
[05/08/2008|22:47] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Avira
[14/01/2007|12:00] C:\DOCUME~1\ALLUSE~1\APPLIC~1\BOONTY
[25/11/2007|17:57] C:\DOCUME~1\ALLUSE~1\APPLIC~1\CanonBJ
[17/05/2006|20:58] C:\DOCUME~1\ALLUSE~1\APPLIC~1\CyberLink
[17/08/2004|13:06] C:\DOCUME~1\ALLUSE~1\APPLIC~1\desktop.ini
[01/11/2007|14:35] C:\DOCUME~1\ALLUSE~1\APPLIC~1\DVD Shrink
[10/06/2007|10:35] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Elaborate Bytes
[01/11/2006|01:54] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Google
[03/07/2007|09:55] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Grisoft
[29/08/2006|11:16] C:\DOCUME~1\ALLUSE~1\APPLIC~1\HP
[02/01/2008|17:33] C:\DOCUME~1\ALLUSE~1\APPLIC~1\hpzinstall.log
[10/02/2008|01:02] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Installer.log
[20/02/2006|01:08] C:\DOCUME~1\ALLUSE~1\APPLIC~1\InstallShield
[10/02/2008|01:18] C:\DOCUME~1\ALLUSE~1\APPLIC~1\LauncherAccess.dt
[15/07/2008|13:14] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Lavasoft
[06/08/2008|22:04] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Malwarebytes
[01/08/2006|11:20] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft
[13/05/2008|22:53] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft Help
[29/12/2007|10:38] C:\DOCUME~1\ALLUSE~1\APPLIC~1\QTSBandwidthCache
[05/06/2006|17:17] C:\DOCUME~1\ALLUSE~1\APPLIC~1\QuickTime
[12/08/2006|17:12] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Samsung
[20/02/2006|09:32] C:\DOCUME~1\ALLUSE~1\APPLIC~1\SBSI
[03/06/2007|10:02] C:\DOCUME~1\ALLUSE~1\APPLIC~1\SlySoft
[20/02/2006|00:54] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Sonic
[04/08/2008|09:31] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Spybot - Search & Destroy
[04/01/2008|23:09] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Spyware Terminator
[06/06/2008|21:43] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Trymedia
[13/05/2006|03:04] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Genuine Advantage
[12/03/2008|19:02] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WLInstaller
[25/08/2006|19:16] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Yahoo!

[03/06/2007|09:50] C:\DOCUME~1\CHRIST~1\APPLIC~1\.zreglib
[16/04/2008|13:33] C:\DOCUME~1\CHRIST~1\APPLIC~1\Adobe
[31/05/2006|00:16] C:\DOCUME~1\CHRIST~1\APPLIC~1\AdobeAUM
[16/01/2007|00:27] C:\DOCUME~1\CHRIST~1\APPLIC~1\AdobeUM
[05/08/2006|01:00] C:\DOCUME~1\CHRIST~1\APPLIC~1\Ahead
[15/04/2008|18:31] C:\DOCUME~1\CHRIST~1\APPLIC~1\Apple Computer
[21/04/2008|16:09] C:\DOCUME~1\CHRIST~1\APPLIC~1\blaxxun interactive
[29/10/2007|14:04] C:\DOCUME~1\CHRIST~1\APPLIC~1\CamfrogWEB
[30/06/2007|22:57] C:\DOCUME~1\CHRIST~1\APPLIC~1\ConvertTemp
[13/05/2006|23:17] C:\DOCUME~1\CHRIST~1\APPLIC~1\CyberLink
[17/08/2004|13:06] C:\DOCUME~1\CHRIST~1\APPLIC~1\desktop.ini
[13/06/2008|21:43] C:\DOCUME~1\CHRIST~1\APPLIC~1\dvdcss
[10/02/2008|01:01] C:\DOCUME~1\CHRIST~1\APPLIC~1\FotoWire
[28/05/2008|20:34] C:\DOCUME~1\CHRIST~1\APPLIC~1\GDIPFONTCACHEV1.DAT
[30/08/2006|02:46] C:\DOCUME~1\CHRIST~1\APPLIC~1\GdiplusUpgrade_MSIApproach_Wrapper.log
[01/11/2006|17:17] C:\DOCUME~1\CHRIST~1\APPLIC~1\Google
[26/05/2006|11:23] C:\DOCUME~1\CHRIST~1\APPLIC~1\Help
[30/08/2006|02:41] C:\DOCUME~1\CHRIST~1\APPLIC~1\HP
[20/02/2006|09:32] C:\DOCUME~1\CHRIST~1\APPLIC~1\Identities
[22/02/2007|18:36] C:\DOCUME~1\CHRIST~1\APPLIC~1\IE7pro
[30/03/2008|20:08] C:\DOCUME~1\CHRIST~1\APPLIC~1\Image Zone Express
[25/02/2008|08:41] C:\DOCUME~1\CHRIST~1\APPLIC~1\inst.exe
[29/01/2008|02:24] C:\DOCUME~1\CHRIST~1\APPLIC~1\Lavasoft
[13/05/2006|15:42] C:\DOCUME~1\CHRIST~1\APPLIC~1\Leadertech
[02/02/2008|10:23] C:\DOCUME~1\CHRIST~1\APPLIC~1\Macromedia
[06/08/2008|22:05] C:\DOCUME~1\CHRIST~1\APPLIC~1\Malwarebytes
[31/07/2006|03:46] C:\DOCUME~1\CHRIST~1\APPLIC~1\Media Player Classic
[26/12/2007|14:57] C:\DOCUME~1\CHRIST~1\APPLIC~1\Microsoft
[15/10/2007|21:08] C:\DOCUME~1\CHRIST~1\APPLIC~1\Mozilla
[25/02/2008|08:41] C:\DOCUME~1\CHRIST~1\APPLIC~1\pcouffin.cat
[25/02/2008|08:41] C:\DOCUME~1\CHRIST~1\APPLIC~1\pcouffin.inf
[25/02/2008|08:41] C:\DOCUME~1\CHRIST~1\APPLIC~1\pcouffin.log
[25/02/2008|08:41] C:\DOCUME~1\CHRIST~1\APPLIC~1\pcouffin.sys
[10/10/2006|22:58] C:\DOCUME~1\CHRIST~1\APPLIC~1\PDFCreator
[19/11/2006|21:56] C:\DOCUME~1\CHRIST~1\APPLIC~1\Printer Info Cache
[09/02/2008|20:05] C:\DOCUME~1\CHRIST~1\APPLIC~1\Real
[30/06/2007|22:57] C:\DOCUME~1\CHRIST~1\APPLIC~1\Samsung
[06/08/2006|03:19] C:\DOCUME~1\CHRIST~1\APPLIC~1\SlySoft
[13/05/2006|15:45] C:\DOCUME~1\CHRIST~1\APPLIC~1\Sonic
[10/05/2007|01:13] C:\DOCUME~1\CHRIST~1\APPLIC~1\SpamPal
[04/01/2008|23:00] C:\DOCUME~1\CHRIST~1\APPLIC~1\Spyware Terminator
[18/05/2006|01:40] C:\DOCUME~1\CHRIST~1\APPLIC~1\Sun
[13/05/2006|02:25] C:\DOCUME~1\CHRIST~1\APPLIC~1\Template
[30/06/2007|22:57] C:\DOCUME~1\CHRIST~1\APPLIC~1\Temporary
[30/06/2007|22:57] C:\DOCUME~1\CHRIST~1\APPLIC~1\TransRender
[30/08/2006|02:43] C:\DOCUME~1\CHRIST~1\APPLIC~1\Update_HP_RedboxHprblog_HPSU.log
[27/01/2007|10:28] C:\DOCUME~1\CHRIST~1\APPLIC~1\vlc
[25/02/2008|08:42] C:\DOCUME~1\CHRIST~1\APPLIC~1\Vso
[13/05/2006|02:25] C:\DOCUME~1\CHRIST~1\APPLIC~1\wklnhst.dat

[17/08/2004|13:06] C:\DOCUME~1\DEFAUL~1\APPLIC~1\desktop.ini
[20/02/2006|09:32] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Identities
[20/02/2006|01:00] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft

[28/05/2006|11:46] C:\DOCUME~1\LOCALS~1\APPLIC~1\Macromedia
[20/02/2006|00:38] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft

[28/11/2007|21:12] C:\DOCUME~1\MARINE~1\APPLIC~1\Adobe
[17/08/2004|13:06] C:\DOCUME~1\MARINE~1\APPLIC~1\desktop.ini
[20/02/2006|09:32] C:\DOCUME~1\MARINE~1\APPLIC~1\Identities
[21/04/2007|19:08] C:\DOCUME~1\MARINE~1\APPLIC~1\Microsoft
[12/04/2008|15:35] C:\DOCUME~1\MARINE~1\APPLIC~1\Real
[29/11/2007|01:00] C:\DOCUME~1\MARINE~1\APPLIC~1\Spyware Terminator

[20/02/2006|00:38] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft

[03/07/2008|22:01] C:\DOCUME~1\VRONIQ~1\APPLIC~1\Adobe
[17/08/2004|13:06] C:\DOCUME~1\VRONIQ~1\APPLIC~1\desktop.ini
[03/07/2008|22:02] C:\DOCUME~1\VRONIQ~1\APPLIC~1\Google
[20/02/2006|09:32] C:\DOCUME~1\VRONIQ~1\APPLIC~1\Identities
[03/07/2008|22:00] C:\DOCUME~1\VRONIQ~1\APPLIC~1\IE7pro
[25/05/2006|15:50] C:\DOCUME~1\VRONIQ~1\APPLIC~1\Macromedia
[17/11/2007|12:58] C:\DOCUME~1\VRONIQ~1\APPLIC~1\Microsoft
[03/07/2008|22:00] C:\DOCUME~1\VRONIQ~1\APPLIC~1\Real
[03/07/2008|22:03] C:\DOCUME~1\VRONIQ~1\APPLIC~1\Spyware Terminator

--------------------\\ Tâches planifiées dans C:\WINDOWS\tasks

[07/08/2008 10:59][--a------] C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[08/08/2008 15:17][--a------] C:\WINDOWS\tasks\Norton Security Scan.job
[10/08/2008 16:00][--a------] C:\WINDOWS\tasks\HPpromotions journeysoftware.job
[10/08/2008 19:08][--ah-----] C:\WINDOWS\tasks\SA.DAT
[05/08/2004 10:00][-rah-c---] C:\WINDOWS\tasks\desktop.ini

--------------------\\ Listing des dossiers dans C:\Program Files

[25/02/2008|08:41] C:\Program Files\Acala DVD Copy
[21/02/2008|09:48] C:\Program Files\Acala DVD Ripper Professional
[10/07/2007|10:40] C:\Program Files\Adobe
[06/09/2006|15:21] C:\Program Files\Alwil Software
[20/02/2006|00:53] C:\Program Files\AMD
[17/08/2006|12:05] C:\Program Files\APLI-AGIPA
[07/08/2008|10:59] C:\Program Files\Apple Software Update
[29/12/2006|01:56] C:\Program Files\AquaScape 3D
[29/12/2007|20:57] C:\Program Files\Ashampoo
[20/08/2007|13:16] C:\Program Files\a-squared Anti-Dialer
[04/08/2008|09:22] C:\Program Files\a-squared Free
[20/12/2006|00:46] C:\Program Files\a-squared HiJackFree
[20/02/2006|00:42] C:\Program Files\ATI Technologies
[08/05/2007|22:22] C:\Program Files\AvantGo Connect
[05/08/2008|22:47] C:\Program Files\Avira
[20/12/2006|00:47] C:\Program Files\AxBx
[31/07/2008|11:14] C:\Program Files\Bonjour
[16/01/2007|01:44] C:\Program Files\BoontyGames
[25/11/2007|17:57] C:\Program Files\Canon
[25/11/2007|17:56] C:\Program Files\CanonBJ
[14/04/2007|03:12] C:\Program Files\Cavomatic
[08/08/2006|15:33] C:\Program Files\CCleaner
[29/10/2007|14:04] C:\Program Files\CFWebAdvancedU
[25/08/2007|04:36] C:\Program Files\ClicClasse
[08/05/2007|22:22] C:\Program Files\Common Files
[20/02/2006|09:32] C:\Program Files\ComPlus Applications
[20/02/2006|00:36] C:\Program Files\CONEXANT
[11/01/2008|14:25] C:\Program Files\DivX
[23/08/2007|10:55] C:\Program Files\DocumentHub
[02/08/2006|17:30] C:\Program Files\DVD Shrink
[03/06/2007|09:34] C:\Program Files\DVDFab Decrypter
[21/06/2007|22:30] C:\Program Files\Elaborate Bytes
[26/05/2008|22:15] C:\Program Files\eMule
[18/05/2006|01:55] C:\Program Files\fdjeux
[15/07/2008|13:15] C:\Program Files\Fichiers communs
[18/07/2008|22:27] C:\Program Files\Free Easy Burner
[15/06/2008|00:36] C:\Program Files\GameYard.com
[26/01/2007|11:06] C:\Program Files\Google
[15/12/2006|19:04] C:\Program Files\Grisoft
[29/09/2006|18:28] C:\Program Files\Hewlett-Packard
[09/08/2008|09:56] C:\Program Files\Hijackthis Version Fran‡aise
[30/09/2006|09:36] C:\Program Files\HP
[12/05/2006|19:13] C:\Program Files\HPQ
[22/02/2007|18:36] C:\Program Files\IE7pro
[21/04/2008|16:09] C:\Program Files\InstallShield Installation Information
[11/06/2008|07:58] C:\Program Files\Internet Explorer
[31/07/2008|11:15] C:\Program Files\iPod
[31/07/2008|11:15] C:\Program Files\iTunes
[03/04/2008|23:11] C:\Program Files\Java
[31/07/2006|03:39] C:\Program Files\K-Lite Codec Pack
[15/07/2008|13:16] C:\Program Files\Lavasoft
[10/02/2008|01:01] C:\Program Files\Logitech
[10/08/2008|19:29] C:\Program Files\Malwarebytes' Anti-Malware
[08/04/2007|22:19] C:\Program Files\MaxiCompte
[14/01/2007|11:59] C:\Program Files\Mes Jeux T‚l‚charg‚s
[13/05/2008|22:34] C:\Program Files\Messenger
[08/05/2007|22:22] C:\Program Files\Microsoft ActiveSync
[09/05/2007|22:32] C:\Program Files\Microsoft CAPICOM 2.1.0.2
[20/02/2006|09:32] C:\Program Files\microsoft frontpage
[05/07/2007|22:09] C:\Program Files\Microsoft Office
[05/07/2007|22:10] C:\Program Files\Microsoft Works
[05/07/2007|22:08] C:\Program Files\Microsoft.NET
[20/08/2006|14:01] C:\Program Files\Mindscape
[13/05/2008|22:33] C:\Program Files\Movie Maker
[27/03/2008|00:57] C:\Program Files\Mozilla Firefox
[20/02/2006|09:32] C:\Program Files\MSN
[20/02/2006|09:32] C:\Program Files\MSN Gaming Zone
[14/10/2006|16:00] C:\Program Files\MSXML 4.0
[11/02/2008|17:45] C:\Program Files\Mumble
[02/08/2006|22:44] C:\Program Files\Nero
[26/12/2007|16:21] C:\Program Files\NETGEAR
[13/05/2008|22:30] C:\Program Files\NetMeeting
[08/08/2008|15:00] C:\Program Files\Norton Security Scan
[13/05/2006|15:38] C:\Program Files\OfficeUpdate11
[20/02/2006|09:32] C:\Program Files\Online Services
[13/05/2008|22:30] C:\Program Files\Outlook Express
[10/10/2006|22:58] C:\Program Files\PDFCreator
[14/06/2008|21:29] C:\Program Files\Phelios
[13/07/2007|16:05] C:\Program Files\POI-Warner GoPal Edition
[13/03/2008|17:56] C:\Program Files\POI-Warner POI-Data
[31/07/2008|11:13] C:\Program Files\QuickTime
[09/02/2008|19:54] C:\Program Files\Real
[06/06/2008|21:42] C:\Program Files\Reflexive Entertainment
[04/08/2008|09:23] C:\Program Files\RogueRemover FREE
[26/11/2007|03:33] C:\Program Files\RSS News Reader
[31/07/2008|11:06] C:\Program Files\Safari
[30/06/2007|22:37] C:\Program Files\Samsung
[20/02/2006|01:18] C:\Program Files\Services en ligne
[11/02/2007|19:18] C:\Program Files\SigmaTel
[21/06/2007|23:06] C:\Program Files\SlySoft
[20/02/2006|01:07] C:\Program Files\Sonic
[07/09/2006|23:27] C:\Program Files\SpamPal
[18/07/2008|11:22] C:\Program Files\Speeditup Free
[11/02/2008|19:05] C:\Program Files\Spybot - Search & Destroy
[03/07/2008|22:03] C:\Program Files\Spyware Terminator
[31/05/2006|01:14] C:\Program Files\Stardock
[13/09/2006|20:13] C:\Program Files\Sunbelt Software
[20/02/2006|01:09] C:\Program Files\Synaptics
[07/08/2008|22:16] C:\Program Files\The Cleaner Free
[15/05/2006|23:28] C:\Program Files\Tranquillity
[19/08/2006|01:14] C:\Program Files\Trend Micro
[20/02/2006|09:32] C:\Program Files\Uninstall Information
[08/08/2006|19:48] C:\Program Files\Unlocker
[02/12/2007|22:55] C:\Program Files\Veoh Networks
[27/01/2007|10:16] C:\Program Files\VideoLAN
[07/08/2008|17:36] C:\Program Files\virus
[26/05/2006|11:40] C:\Program Files\Wanadoo
[14/04/2007|03:17] C:\Program Files\WinCave24
[12/03/2008|19:04] C:\Program Files\Windows Live
[09/12/2006|01:48] C:\Program Files\Windows Media Connect 2
[13/05/2008|22:30] C:\Program Files\Windows Media Player
[13/05/2008|22:30] C:\Program Files\Windows NT
[20/02/2006|09:32] C:\Program Files\WindowsUpdate
[03/08/2006|14:21] C:\Program Files\WinRAR
[20/02/2006|09:32] C:\Program Files\xerox
[25/11/2007|23:03] C:\Program Files\Yahoo!
[02/07/2008|19:49] C:\Program Files\YesMessenger

--------------------\\ Listing des dossiers dans C:\Program Files\Fichiers communs

[10/07/2007|10:40] C:\Program Files\Fichiers communs\Adobe
[02/08/2006|22:47] C:\Program Files\Fichiers communs\Ahead
[11/07/2007|15:35] C:\Program Files\Fichiers communs\Apple
[14/01/2007|12:00] C:\Program Files\Fichiers communs\BOONTY Shared
[18/05/2006|22:16] C:\Program Files\Fichiers communs\Designer
[10/02/2008|01:01] C:\Program Files\Fichiers communs\FotoWire
[29/09/2006|18:27] C:\Program Files\Fichiers communs\Hewlett-Packard
[20/02/2006|00:53] C:\Program Files\Fichiers communs\HP
[20/02/2006|01:08] C:\Program Files\Fichiers communs\InstallShield
[20/02/2006|00:44] C:\Program Files\Fichiers communs\Java
[19/08/2006|01:47] C:\Program Files\Fichiers communs\LightScribe
[06/06/2006|22:54] C:\Program Files\Fichiers communs\Logitech
[12/03/2008|19:03] C:\Program Files\Fichiers communs\Microsoft Shared
[20/02/2006|09:32] C:\Program Files\Fichiers communs\MSSoap
[20/02/2006|09:32] C:\Program Files\Fichiers communs\ODBC
[09/02/2008|19:54] C:\Program Files\Fichiers communs\Real
[20/02/2006|09:32] C:\Program Files\Fichiers communs\Services
[20/02/2006|01:06] C:\Program Files\Fichiers communs\Sonic Shared
[20/02/2006|09:32] C:\Program Files\Fichiers communs\SpeechEngines
[31/05/2006|01:31] C:\Program Files\Fichiers communs\Stardock
[20/02/2006|01:07] C:\Program Files\Fichiers communs\SureThing Shared
[15/02/2008|18:58] C:\Program Files\Fichiers communs\Symantec Shared
[13/05/2008|22:30] C:\Program Files\Fichiers communs\System
[20/02/2006|01:07] C:\Program Files\Fichiers communs\TiVo Shared
[12/03/2008|19:03] C:\Program Files\Fichiers communs\WindowsLiveInstaller
[15/07/2008|13:15] C:\Program Files\Fichiers communs\Wise Installation Wizard
[09/02/2008|19:54] C:\Program Files\Fichiers communs\xing shared

--------------------\\ Process

( 77 Processus )

... OK !

--------------------\\ Recherche avec S_Lop

Aucun fichier / dossier Lop trouvé !

--------------------\\ Recherche de Fichiers / Dossiers Lop

Aucun fichier / dossier Lop trouvé !

--------------------\\ Verification du Registre

..... OK !

--------------------\\ Verification du fichier Hosts

Fichier Hosts PROPRE

--------------------\\ Recherche de fichiers avec Catchme

catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-08-10 19:34:56
Windows 5.1.2600 Service Pack 3 NTFS
scanning hidden processes ...
scanning hidden files ...
scan completed successfully
hidden processes: 0
hidden files: 0

--------------------\\ Recherche d'autres infections

C:\WINDOWS\Pack.epk
[b]==> EGDACCESS <==/b

--------------------\\ Cracks & Keygens ..

=> C:\DOCUME~1\CHRIST~1\Mes documents\cl‚ usb\Winzip-8.1-crack
=> C:\DOCUME~1\CHRIST~1\Mes documents\cl‚ usb\Winzip-8.1-crack.zip
=> C:\DOCUME~1\CHRIST~1\Mes documents\cl‚ usb\Winzip-8.1-crack\Crack.exe
=> C:\DOCUME~1\CHRIST~1\Mes documents\cl‚ usb\Winzip-8.1-crack\file_id.diz
=> C:\DOCUME~1\CHRIST~1\Mes documents\cl‚ usb\Winzip-8.1-crack\SGG.url

[F:134][D:6]-> C:\DOCUME~1\CHRIST~1\LOCALS~1\Temp
[F:132][D:0]-> C:\DOCUME~1\CHRIST~1\Cookies
[F:8300][D:24]-> C:\DOCUME~1\CHRIST~1\LOCALS~1\TEMPOR~1\content.IE5

--------------------\\ Fin du rapport a 19:37:16,87
0
Réponse 11 / 25
vogelweide Messages postés 75 Statut Membre 9
 
voici le 2ème rapport

Malwarebytes' Anti-Malware 1.24
Version de la base de données: 1038
Windows 5.1.2600 Service Pack 3

07:20:10 11/08/2008
mbam-log-8-11-2008 (07-20-10).txt

Type de recherche: Examen complet (C:\|D:\|)
Eléments examinés: 150576
Temps écoulé: 6 hour(s), 11 minute(s), 48 second(s)

Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 0
Valeur(s) du Registre infectée(s): 0
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 0
Fichier(s) infecté(s): 0

Processus mémoire infecté(s):
(Aucun élément nuisible détecté)

Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)

Clé(s) du Registre infectée(s):
(Aucun élément nuisible détecté)

Valeur(s) du Registre infectée(s):
(Aucun élément nuisible détecté)

Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)

Dossier(s) infecté(s):
(Aucun élément nuisible détecté)

Fichier(s) infecté(s):
(Aucun élément nuisible détecté)

Merci
0
Réponse 12 / 25
E..T Messages postés 6565 Statut Contributeur 428
 
Excuses pour le retard ;-)
Poste un nouveau rapport hijacthis.
@++
0
Réponse 13 / 25
vogelweide Messages postés 75 Statut Membre 9
 
Bonsoir !! désolé pour le retard aussi !

Voici mon rapport HJT

Logfile of HijackThis v1.99.1
Scan saved at 02:21:53, on 17/08/2008
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16705)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\LEXPPS.EXE
C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
C:\Program Files\a-squared Anti-Dialer\a2service.exe
c:\program files\a-squared free\a2service.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\HP\TVPlay\Kernel\CLML_NTService\CLMLServer.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Sunbelt Software\Personal Firewall\kpf4ss.exe
C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
C:\Program Files\Sunbelt Software\Personal Firewall\kpf4gui.exe
C:\Program Files\Spyware Terminator\sp_rsser.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\HP\TVPlay\Kernel\TV\TVPCapSvc.exe
C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
C:\Program Files\HP\TVPlay\Kernel\TV\TVPSched.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\Program Files\Sunbelt Software\Personal Firewall\kpf4gui.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\HP\TVPlay\TVPService.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe
C:\Program Files\HP\QuickPlay\QPService.exe
C:\Program Files\Logitech\Video\LogiTray.exe
C:\Program Files\hpq\HP Wireless Assistant\HP Wireless Assistant.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\Program Files\HPQ\Quick Launch Buttons\EabServr.exe
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\WINDOWS\system32\LVCOMSX.EXE
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\QuickTime\QTTask.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\PROGRA~1\hpq\Shared\HPQTOA~1.EXE
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\Program Files\Logitech\Video\FxSvr2.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Microsoft ActiveSync\WCESCOMM.EXE
C:\Program Files\Windows Media Player\WMPNSCFG.exe
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BackWeb-8876480.exe
C:\Program Files\Veoh Networks\Veoh\VeohClient.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\SpamPal\spampal.exe
C:\Program Files\Yahoo!\Widgets\YahooWidgetEngine.exe
C:\Program Files\Yahoo!\Widgets\YahooWidgetEngine.exe
C:\Program Files\HP\Digital Imaging\bin\hpqimzone.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Windows Live\Messenger\usnsvc.exe
C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\Program Files\Hijackthis Version Française\hijackthis vf.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = https://www.bing.com/?cc=fr&toHttps=1&redig=55729C844D6A45819CAD368B3E178C9F
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://home.neuf.fr/
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost;*.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
O2 - BHO: IE7pro - {00011268-E188-40DF-A514-835FCD78B1BF} - C:\Program Files\IE7pro\IE7pro.dll
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar3.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar3.dll
O3 - Toolbar: Veoh Browser Plug-in - {D0943516-5076-4020-A3B5-AEFAF26AB263} - C:\Program Files\Veoh Networks\Veoh\Plugins\reg\VeohToolbar.dll
O4 - HKLM\..\Run: [TVPService] "C:\Program Files\HP\TVPlay\TVPService.exe"
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe"
O4 - HKLM\..\Run: [SpywareTerminator] "C:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe"
O4 - HKLM\..\Run: [RecGuard] C:\Windows\SMINST\RecGuard.exe
O4 - HKLM\..\Run: [QPService] "C:\Program Files\HP\QuickPlay\QPService.exe"
O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe
O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe
O4 - HKLM\..\Run: [hpWirelessAssistant] C:\Program Files\hpq\HP Wireless Assistant\HP Wireless Assistant.exe
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [eabconfg.cpl] C:\Program Files\HPQ\Quick Launch Buttons\EabServr.exe /Start
O4 - HKLM\..\Run: [Cpqset] C:\Program Files\HPQ\Default Settings\cpqset.exe
O4 - HKLM\..\Run: [ATIPTA] "C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Program Files\Microsoft ActiveSync\WCESCOMM.EXE"
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BackWeb-8876480.exe
O4 - HKCU\..\Run: [LogitechSoftwareUpdate] "C:\Program Files\Logitech\Video\ManifestEngine.exe" boot
O4 - HKCU\..\Run: [Veoh] "C:\Program Files\Veoh Networks\Veoh\VeohClient.exe" /VeohHide
O4 - Startup: SpamPal.lnk = C:\Program Files\SpamPal\spampal.exe
O4 - Startup: Yahoo! Widget Engine.lnk = C:\Program Files\Yahoo!\Widgets\YahooWidgetEngine.exe
O4 - Global Startup: Adobe Reader Synchronizer.lnk = C:\Program Files\Adobe\Reader 8.0\Reader\AdobeCollabSync.exe
O4 - Global Startup: Démarrage rapide de HP Photosmart Premier.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Reader 8.0\Reader\reader_sl.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office10\EXCEL.EXE/3000
O9 - Extra button: IE7pro Preferences - {0026439F-A980-4f18-8C95-4F1CBBF9C1D8} - C:\Program Files\IE7pro\IE7pro.dll
O9 - Extra 'Tools' menuitem: IE7pro Preferences - {0026439F-A980-4f18-8C95-4F1CBBF9C1D8} - C:\Program Files\IE7pro\IE7pro.dll
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra button: Créer un Favori de l'appareil mobile - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\inetrepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\inetrepl.dll
O9 - Extra 'Tools' menuitem: Créer un Favori de l'appareil mobile... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\inetrepl.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: c:\program files\bonjour\mdnsnsp.dll
O11 - Options group: [INTERNATIONAL] International*
O14 - IERESET.INF: START_PAGE_URL=https://www8.hp.com/fr/fr/home.html
O16 - DPF: {1F2F4C9E-6F09-47BC-970D-3C54734667FE} (LSSupCtl Class) - https://support.norton.com/sp/en/us/home/current/info
O16 - DPF: {2357B3CF-7F8D-4451-8D81-FD6097610AEE} (CamfrogWEB Advanced Unicode Control) - http://activex.camfrogweb.com/advanced/2.0.1.14/cfweb_activex.camfrogweb.com-advanced-2.0.1.14_instmodule.exe
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (Installation Support) - C:\Program Files\Yahoo!\Common\Yinsthelper.dll
O16 - DPF: {3451DEDE-631F-421C-8127-FD793AFC6CC8} (ActiveDataInfo Class) - https://support.norton.com/sp/en/us/home/current/info
O16 - DPF: {44990200-3C9D-426D-81DF-AAB636FA4345} (Symantec SmartIssue) - https://support.norton.com/sp/en/us/home/current/info
O16 - DPF: {44990301-3C9D-426D-81DF-AAB636FA4345} (Symantec Script Runner Class) - https://support.norton.com/sp/en/us/home/current/info
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scan8/oscan8.cab
O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} (DivXBrowserPlugin Object) - http://download.divx.com/player/DivXBrowserPlugin.cab
O16 - DPF: {72C23FEC-3AF9-48FC-9597-241A8EBDFE0A} (InstallShield International Setup Player) - https://resources.flexera.com/web/installengine/engine/isetupml.cab
O16 - DPF: {AB86CE53-AC9F-449F-9399-D8ABCA09EC09} (Get_ActiveX Control) - https://h17000.www1.hp.com/ewfrf-JAVA/Secure/HPGetDownloadManager.ocx
O16 - DPF: {E1AF091A-9F23-4059-89D7-C05EE073285D} (Canal+ Active MSWAY) - https://www.canalplus.com/canalplay/
O18 - Protocol: CDS300 - {AD43AA67-6860-4531-AC8A-0E68F9CF023E} - (no file)
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL
O18 - Protocol: ms-help - {314111C7-A502-11D2-BBCA-00C04F8EC294} - C:\Program Files\Fichiers communs\Microsoft Shared\Help\hxds.dll
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL
O18 - Filter hijack: text/xml - {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~1\FICHIE~1\MICROS~1\OFFICE12\MSOXMLMF.DLL
O20 - Winlogon Notify: dimsntfy - %SystemRoot%\System32\dimsntfy.dll (file missing)
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: a-squared Anti-Dialer Service (a2AntiDialer) - Emsi Software GmbH - C:\Program Files\a-squared Anti-Dialer\a2service.exe
O23 - Service: a-squared Free Service (a2free) - Emsi Software GmbH - c:\program files\a-squared free\a2service.exe
O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
O23 - Service: Avira AntiVir Personal - Free Antivirus Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: Avira AntiVir Personal - Free Antivirus Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Boonty Games - BOONTY - C:\Program Files\Fichiers communs\BOONTY Shared\Service\Boonty.exe
O23 - Service: CyberLink Media Library Service(HP TVPlay) - Cyberlink - C:\Program Files\HP\TVPlay\Kernel\CLML_NTService\CLMLServer.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Sunbelt Kerio Personal Firewall 4 (KPF4) - Sunbelt Software - C:\Program Files\Sunbelt Software\Personal Firewall\kpf4ss.exe
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: Spyware Terminator Realtime Shield Service (sp_rssrv) - Crawler.com - C:\Program Files\Spyware Terminator\sp_rsser.exe
O23 - Service: CyberLink Background Capture Service (CBCS HP TVPlay) (TVPCapSvc) - Unknown owner - C:\Program Files\HP\TVPlay\Kernel\TV\TVPCapSvc.exe
O23 - Service: CyberLink Task Scheduler (CTS HP TVPlay) (TVPSched) - Unknown owner - C:\Program Files\HP\TVPlay\Kernel\TV\TVPSched.exe

@+
0
Réponse 14 / 25
E..T Messages postés 6565 Statut Contributeur 428
 
La version hijackthis est obsolète vire la et installe celle que je t'ai envoyé
http://www.trendsecure.com/portal/en-US/tools/security_tools/hijackthis/download

Ensuite tu as deux antivirus c'est pas bon vire avast et garde antivir.

Vérifie JAVA >> ICI c'est une chose importante aussi.
Installe la dernière version de adobe >> Ici
Une foi que les nouvelles versions sont installées virent les anciennes.

Avec la bonne version de hijack fais ce qui suit :

Tu vas fixer ces lignes avec hijackthis, comme suit
Réouvres hijack
Tu refais un scan en choisissant >> Do a system scan and loge and file
Et après tu verras une option Fix checked coche la ligne et valides. Seulement celles la.

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = https://www.bing.com/?cc=fr&toHttps=1&redig=55729C844D6A45819CAD368B3E178C9F
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Reader 8.0\Reader\reader_sl.exe
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Boonty Games - BOONTY - C:\Program Files\Fichiers communs\BOONTY Shared\Service\Boonty.exe

Une foi que tu as fais tout ça post un nouveau rapport hijackthis

@++
0
Réponse 15 / 25
vogelweide Messages postés 75 Statut Membre 9
 
Bonsoir !

J'ai mis à jour java et adobe et j'ai viré Avast!

Voici le nouveau rapport avec la bonne version de HiJackThis

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 22:01:25, on 18/08/2008
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16705)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\LEXPPS.EXE
C:\WINDOWS\Explorer.EXE
C:\Program Files\a-squared Anti-Dialer\a2service.exe
c:\program files\a-squared free\a2service.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\HP\TVPlay\Kernel\CLML_NTService\CLMLServer.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Sunbelt Software\Personal Firewall\kpf4ss.exe
C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
C:\Program Files\Spyware Terminator\sp_rsser.exe
C:\Program Files\Sunbelt Software\Personal Firewall\kpf4gui.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\HP\TVPlay\Kernel\TV\TVPCapSvc.exe
C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
C:\Program Files\HP\TVPlay\TVPService.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
C:\Program Files\HP\QuickPlay\QPService.exe
C:\Program Files\Logitech\Video\LogiTray.exe
C:\Program Files\hpq\HP Wireless Assistant\HP Wireless Assistant.exe
C:\Program Files\HPQ\Quick Launch Buttons\EabServr.exe
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\WINDOWS\system32\LVCOMSX.EXE
C:\Program Files\HP\TVPlay\Kernel\TV\TVPSched.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Microsoft ActiveSync\WCESCOMM.EXE
C:\Program Files\Windows Media Player\WMPNSCFG.exe
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BackWeb-8876480.exe
C:\Program Files\Veoh Networks\Veoh\VeohClient.exe
C:\Program Files\Logitech\Video\FxSvr2.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\SpamPal\spampal.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Yahoo!\Widgets\YahooWidgetEngine.exe
C:\Program Files\Sunbelt Software\Personal Firewall\kpf4gui.exe
C:\PROGRA~1\hpq\Shared\HPQTOA~1.EXE
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Yahoo!\Widgets\YahooWidgetEngine.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\HP\Digital Imaging\bin\hpqimzone.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://home.neuf.fr/
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost;*.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: IE7pro - {00011268-E188-40DF-A514-835FCD78B1BF} - C:\Program Files\IE7pro\IE7pro.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar3.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar3.dll
O3 - Toolbar: Veoh Browser Plug-in - {D0943516-5076-4020-A3B5-AEFAF26AB263} - C:\Program Files\Veoh Networks\Veoh\Plugins\reg\VeohToolbar.dll
O4 - HKLM\..\Run: [TVPService] "C:\Program Files\HP\TVPlay\TVPService.exe"
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
O4 - HKLM\..\Run: [SpywareTerminator] "C:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe"
O4 - HKLM\..\Run: [RecGuard] C:\Windows\SMINST\RecGuard.exe
O4 - HKLM\..\Run: [QPService] "C:\Program Files\HP\QuickPlay\QPService.exe"
O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe
O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe
O4 - HKLM\..\Run: [hpWirelessAssistant] C:\Program Files\hpq\HP Wireless Assistant\HP Wireless Assistant.exe
O4 - HKLM\..\Run: [eabconfg.cpl] C:\Program Files\HPQ\Quick Launch Buttons\EabServr.exe /Start
O4 - HKLM\..\Run: [Cpqset] C:\Program Files\HPQ\Default Settings\cpqset.exe
O4 - HKLM\..\Run: [ATIPTA] "C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Program Files\Microsoft ActiveSync\WCESCOMM.EXE"
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BackWeb-8876480.exe
O4 - HKCU\..\Run: [LogitechSoftwareUpdate] "C:\Program Files\Logitech\Video\ManifestEngine.exe" boot
O4 - HKCU\..\Run: [Veoh] "C:\Program Files\Veoh Networks\Veoh\VeohClient.exe" /VeohHide
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: SpamPal.lnk = C:\Program Files\SpamPal\spampal.exe
O4 - Startup: Yahoo! Widget Engine.lnk = C:\Program Files\Yahoo!\Widgets\YahooWidgetEngine.exe
O4 - Global Startup: Démarrage rapide de HP Photosmart Premier.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office10\EXCEL.EXE/3000
O9 - Extra button: IE7pro Preferences - {0026439F-A980-4f18-8C95-4F1CBBF9C1D8} - C:\Program Files\IE7pro\IE7pro.dll
O9 - Extra 'Tools' menuitem: IE7pro Preferences - {0026439F-A980-4f18-8C95-4F1CBBF9C1D8} - C:\Program Files\IE7pro\IE7pro.dll
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra button: Créer un Favori de l'appareil mobile - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\inetrepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\inetrepl.dll
O9 - Extra 'Tools' menuitem: Créer un Favori de l'appareil mobile... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\inetrepl.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O14 - IERESET.INF: START_PAGE_URL=https://www8.hp.com/fr/fr/home.html
O16 - DPF: {1F2F4C9E-6F09-47BC-970D-3C54734667FE} (LSSupCtl Class) - https://support.norton.com/sp/en/us/home/current/info
O16 - DPF: {2357B3CF-7F8D-4451-8D81-FD6097610AEE} (CamfrogWEB Advanced Unicode Control) - http://activex.camfrogweb.com/advanced/2.0.1.14/cfweb_activex.camfrogweb.com-advanced-2.0.1.14_instmodule.exe
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (Installation Support) - C:\Program Files\Yahoo!\Common\Yinsthelper.dll
O16 - DPF: {3451DEDE-631F-421C-8127-FD793AFC6CC8} (ActiveDataInfo Class) - https://support.norton.com/sp/en/us/home/current/info
O16 - DPF: {44990200-3C9D-426D-81DF-AAB636FA4345} (Symantec SmartIssue) - https://support.norton.com/sp/en/us/home/current/info
O16 - DPF: {44990301-3C9D-426D-81DF-AAB636FA4345} (Symantec Script Runner Class) - https://support.norton.com/sp/en/us/home/current/info
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scan8/oscan8.cab
O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} (DivXBrowserPlugin Object) - http://download.divx.com/player/DivXBrowserPlugin.cab
O16 - DPF: {72C23FEC-3AF9-48FC-9597-241A8EBDFE0A} (InstallShield International Setup Player) - https://resources.flexera.com/web/installengine/engine/isetupml.cab
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} (Java Runtime Environment 1.6.0) - http://dl8-cdn-01.sun.com/s/ESD44/JSCDL/jdk/6u7/jinstall-6u7-windows-i586-jc.cab?e=1219067001503&h=c9574b868befa3f0c9f9cc856836d16e/&filename=jinstall-6u7-windows-i586-jc.cab
O16 - DPF: {AB86CE53-AC9F-449F-9399-D8ABCA09EC09} (Get_ActiveX Control) - https://h17000.www1.hp.com/ewfrf-JAVA/Secure/HPGetDownloadManager.ocx
O16 - DPF: {E1AF091A-9F23-4059-89D7-C05EE073285D} (Canal+ Active MSWAY) - https://www.canalplus.com/canalplay/
O18 - Protocol: CDS300 - {AD43AA67-6860-4531-AC8A-0E68F9CF023E} - (no file)
O23 - Service: a-squared Anti-Dialer Service (a2AntiDialer) - Emsi Software GmbH - C:\Program Files\a-squared Anti-Dialer\a2service.exe
O23 - Service: a-squared Free Service (a2free) - Emsi Software GmbH - c:\program files\a-squared free\a2service.exe
O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
O23 - Service: Avira AntiVir Personal - Free Antivirus Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: Avira AntiVir Personal - Free Antivirus Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: CyberLink Media Library Service(HP TVPlay) - Cyberlink - C:\Program Files\HP\TVPlay\Kernel\CLML_NTService\CLMLServer.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Sunbelt Kerio Personal Firewall 4 (KPF4) - Sunbelt Software - C:\Program Files\Sunbelt Software\Personal Firewall\kpf4ss.exe
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: Spyware Terminator Realtime Shield Service (sp_rssrv) - Crawler.com - C:\Program Files\Spyware Terminator\sp_rsser.exe
O23 - Service: CyberLink Background Capture Service (CBCS HP TVPlay) (TVPCapSvc) - Unknown owner - C:\Program Files\HP\TVPlay\Kernel\TV\TVPCapSvc.exe
O23 - Service: CyberLink Task Scheduler (CTS HP TVPlay) (TVPSched) - Unknown owner - C:\Program Files\HP\TVPlay\Kernel\TV\TVPSched.exe
0
Réponse 16 / 25
vogelweide Messages postés 75 Statut Membre 9
 
voici aussi le scan de Antivir

Avira AntiVir Personal
Report file date: lundi 18 août 2008 22:05

Scanning for 1562121 virus strains and unwanted programs.

Licensed to: Avira AntiVir PersonalEdition Classic
Serial number: 0000149996-ADJIE-0001
Platform: Windows XP
Windows version: (Service Pack 3) [5.1.2600]
Boot mode: Normally booted
Username: SYSTEM
Computer name: DURAND

Version information:
BUILD.DAT : 8.1.0.331 16934 Bytes 12/08/2008 11:46:00
AVSCAN.EXE : 8.1.4.7 315649 Bytes 26/06/2008 08:57:53
AVSCAN.DLL : 8.1.4.0 40705 Bytes 26/05/2008 07:56:40
LUKE.DLL : 8.1.4.5 164097 Bytes 12/06/2008 12:44:19
LUKERES.DLL : 8.1.4.0 12033 Bytes 26/05/2008 07:58:52
ANTIVIR0.VDF : 6.40.0.0 11030528 Bytes 18/07/2007 10:33:34
ANTIVIR1.VDF : 7.0.5.1 8182784 Bytes 24/06/2008 13:54:15
ANTIVIR2.VDF : 7.0.6.10 2587136 Bytes 14/08/2008 07:03:20
ANTIVIR3.VDF : 7.0.6.30 146944 Bytes 18/08/2008 20:03:26
Engineversion : 8.1.1.23
AEVDF.DLL : 8.1.0.5 102772 Bytes 09/07/2008 08:46:50
AESCRIPT.DLL : 8.1.0.68 315770 Bytes 18/08/2008 20:03:31
AESCN.DLL : 8.1.0.23 119156 Bytes 05/08/2008 20:49:07
AERDL.DLL : 8.1.0.20 418165 Bytes 09/07/2008 08:46:50
AEPACK.DLL : 8.1.2.1 364917 Bytes 05/08/2008 20:49:07
AEOFFICE.DLL : 8.1.0.22 192890 Bytes 18/08/2008 20:03:30
AEHEUR.DLL : 8.1.0.50 1388918 Bytes 18/08/2008 20:03:30
AEHELP.DLL : 8.1.0.15 115063 Bytes 09/07/2008 08:46:50
AEGEN.DLL : 8.1.0.36 315764 Bytes 18/08/2008 20:03:27
AEEMU.DLL : 8.1.0.7 430452 Bytes 05/08/2008 20:49:02
AECORE.DLL : 8.1.1.8 172406 Bytes 05/08/2008 20:49:01
AEBB.DLL : 8.1.0.1 53617 Bytes 24/04/2008 08:50:42
AVWINLL.DLL : 1.0.0.12 15105 Bytes 09/07/2008 08:40:05
AVPREF.DLL : 8.0.2.0 38657 Bytes 16/05/2008 09:28:01
AVREP.DLL : 8.0.0.2 98344 Bytes 05/08/2008 20:49:00
AVREG.DLL : 8.0.0.1 33537 Bytes 09/05/2008 11:26:40
AVARKT.DLL : 1.0.0.23 307457 Bytes 12/02/2008 08:29:23
AVEVTLOG.DLL : 8.0.0.16 119041 Bytes 12/06/2008 12:27:49
SQLITE3.DLL : 3.3.17.1 339968 Bytes 22/01/2008 17:28:02
SMTPLIB.DLL : 1.2.0.23 28929 Bytes 12/06/2008 12:49:40
NETNT.DLL : 8.0.0.1 7937 Bytes 25/01/2008 12:05:10
RCIMAGE.DLL : 8.0.0.51 2371841 Bytes 12/06/2008 13:48:07
RCTEXT.DLL : 8.0.52.0 86273 Bytes 27/06/2008 13:34:37

Configuration settings for the scan:
Jobname..........................: Complete system scan
Configuration file...............: c:\program files\avira\antivir personaledition classic\sysscan.avp
Logging..........................: low
Primary action...................: interactive
Secondary action.................: ignore
Scan master boot sector..........: on
Scan boot sector.................: on
Boot sectors.....................: C:, D:,
Process scan.....................: on
Scan registry....................: on
Search for rootkits..............: off
Scan all files...................: Intelligent file selection
Scan archives....................: on
Recursion depth..................: 20
Smart extensions.................: on
Macro heuristic..................: on
File heuristic...................: medium

Start of the scan: lundi 18 août 2008 22:05

The scan of running processes will be started
Scan process 'avscan.exe' - '1' Module(s) have been scanned
Scan process 'avcenter.exe' - '1' Module(s) have been scanned
Scan process 'avgnt.exe' - '1' Module(s) have been scanned
Scan process 'hpqste08.exe' - '1' Module(s) have been scanned
Scan process 'hpqste08.exe' - '1' Module(s) have been scanned
Scan process 'hpqimzone.exe' - '1' Module(s) have been scanned
Scan process 'YahooWidgetEngine.exe' - '1' Module(s) have been scanned
Scan process 'HPQTOA~1.EXE' - '1' Module(s) have been scanned
Scan process 'kpf4gui.exe' - '1' Module(s) have been scanned
Scan process 'YahooWidgetEngine.exe' - '1' Module(s) have been scanned
Scan process 'iPodService.exe' - '1' Module(s) have been scanned
Scan process 'spampal.exe' - '1' Module(s) have been scanned
Scan process 'alg.exe' - '1' Module(s) have been scanned
Scan process 'hpqtra08.exe' - '1' Module(s) have been scanned
Scan process 'FxSvr2.exe' - '1' Module(s) have been scanned
Scan process 'VeohClient.exe' - '1' Module(s) have been scanned
Scan process 'backWeb-8876480.exe' - '1' Module(s) have been scanned
Scan process 'wmpnscfg.exe' - '1' Module(s) have been scanned
Scan process 'wcescomm.exe' - '1' Module(s) have been scanned
Scan process 'GoogleToolbarNotifier.exe' - '1' Module(s) have been scanned
Scan process 'ctfmon.exe' - '1' Module(s) have been scanned
Scan process 'wmiprvse.exe' - '1' Module(s) have been scanned
Scan process 'iTunesHelper.exe' - '1' Module(s) have been scanned
Scan process 'TVPSched.exe' - '1' Module(s) have been scanned
Scan process 'LVCOMSX.EXE' - '1' Module(s) have been scanned
Scan process 'realsched.exe' - '1' Module(s) have been scanned
Scan process 'atiptaxx.exe' - '1' Module(s) have been scanned
Scan process 'eabservr.exe' - '1' Module(s) have been scanned
Scan process 'HP Wireless Assistant.exe' - '1' Module(s) have been scanned
Scan process 'LogiTray.exe' - '1' Module(s) have been scanned
Scan process 'QPService.exe' - '1' Module(s) have been scanned
Scan process 'jusched.exe' - '1' Module(s) have been scanned
Scan process 'SynTPEnh.exe' - '1' Module(s) have been scanned
Scan process 'TVPService.exe' - '1' Module(s) have been scanned
Scan process 'wmpnetwk.exe' - '1' Module(s) have been scanned
Scan process 'hpqwmiex.exe' - '1' Module(s) have been scanned
Scan process 'TVPCapSvc.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'kpf4gui.exe' - '1' Module(s) have been scanned
Scan process 'sp_rsser.exe' - '1' Module(s) have been scanned
Scan process 'LSSrvc.exe' - '1' Module(s) have been scanned
Scan process 'kpf4ss.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'CLMLServer.exe' - '1' Module(s) have been scanned
Scan process 'mDNSResponder.exe' - '1' Module(s) have been scanned
Scan process 'guard.exe' - '1' Module(s) have been scanned
Scan process 'AppleMobileDeviceService.exe' - '1' Module(s) have been scanned
Scan process 'avguard.exe' - '1' Module(s) have been scanned
Scan process 'a2service.exe' - '1' Module(s) have been scanned
Scan process 'a2service.exe' - '1' Module(s) have been scanned
Scan process 'explorer.exe' - '1' Module(s) have been scanned
Scan process 'LEXPPS.EXE' - '1' Module(s) have been scanned
Scan process 'ati2evxx.exe' - '1' Module(s) have been scanned
Scan process 'sched.exe' - '1' Module(s) have been scanned
Scan process 'spoolsv.exe' - '1' Module(s) have been scanned
Scan process 'LEXBCES.EXE' - '1' Module(s) have been scanned
Scan process 'aawservice.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'ati2evxx.exe' - '1' Module(s) have been scanned
Scan process 'lsass.exe' - '1' Module(s) have been scanned
Scan process 'services.exe' - '1' Module(s) have been scanned
Scan process 'winlogon.exe' - '1' Module(s) have been scanned
Scan process 'csrss.exe' - '1' Module(s) have been scanned
Scan process 'smss.exe' - '1' Module(s) have been scanned
68 processes with 68 modules were scanned

Starting master boot sector scan:
Master boot sector HD0
[INFO] No virus was found!

Start scanning boot sectors:
Boot sector 'C:\'
[INFO] No virus was found!
Boot sector 'D:\'
[INFO] No virus was found!

Starting to scan the registry.
The registry was scanned ( '69' files ).

Starting the file scan:

Begin scan in 'C:\'
C:\hiberfil.sys
[WARNING] The file could not be opened!
C:\pagefile.sys
[WARNING] The file could not be opened!
C:\Program Files\Norton Security Scan\NSS.exe.replace
[0] Archive type: RSRC
--> Object
[DETECTION] Is the TR/Crypt.XPACK.Gen Trojan
[NOTE] The file was moved to '48fce5c7.qua'!
Begin scan in 'D:\' <HP_RECOVERY>

End of the scan: lundi 18 août 2008 23:48
Used time: 1:43:11 Hour(s)

The scan has been done completely.

10595 Scanning directories
563527 Files were scanned
1 viruses and/or unwanted programs were found
0 Files were classified as suspicious:
0 files were deleted
0 files were repaired
1 files were moved to quarantine
0 files were renamed
2 Files cannot be scanned
563524 Files not concerned
10544 Archives were scanned
2 Warnings
1 Notes

@+
0
Réponse 17 / 25
vogelweide Messages postés 75 Statut Membre 9
 
bonjour

Désolé
J'ai bien suivi la manip mais après le clic droit j'ai exécuter en tant que...
puis je clique sur executer et là j'ai

Quel compte d'utilisateur voulez-vous utiliser pour exécuter ce programme ?
L'utilisateur actuel

ou

l'utilisateur suivant

ca me demande un login et un mot de passe que je n'ai pas

et si je clique sur le premier choix (l'utilisateur suivant) l'accès est refusé !

Je ne peux donc pas exécuter ce logiciel
@+
0
Réponse 18 / 25
E..T Messages postés 6565 Statut Contributeur 428
 
Exécute le en fesant un double clic dessus ;-)
++
0
Réponse 19 / 25
vogelweide Messages postés 75 Statut Membre 9
 
J'avais déjà essayé le double clic...

ça me lance l'assistant d'installation et ca reinstalle le programme... donc je ne peux toujours pas le lancer

Par ailleurs j'ai lancé antivir en mode sans echec et apparemment je n'ai plus rien...

voici le rapport

Avira AntiVir Personal
Report file date: mardi 19 août 2008 11:23

Scanning for 1562251 virus strains and unwanted programs.

Licensed to: Avira AntiVir PersonalEdition Classic
Serial number: 0000149996-ADJIE-0001
Platform: Windows XP
Windows version: (Service Pack 3) [5.1.2600]
Boot mode: Save mode
Username: Christophe DURAND
Computer name: DURAND

Version information:
BUILD.DAT : 8.1.0.331 16934 Bytes 12/08/2008 11:46:00
AVSCAN.EXE : 8.1.4.7 315649 Bytes 26/06/2008 08:57:53
AVSCAN.DLL : 8.1.4.0 40705 Bytes 26/05/2008 07:56:40
LUKE.DLL : 8.1.4.5 164097 Bytes 12/06/2008 12:44:19
LUKERES.DLL : 8.1.4.0 12033 Bytes 26/05/2008 07:58:52
ANTIVIR0.VDF : 6.40.0.0 11030528 Bytes 18/07/2007 10:33:34
ANTIVIR1.VDF : 7.0.5.1 8182784 Bytes 24/06/2008 13:54:15
ANTIVIR2.VDF : 7.0.6.10 2587136 Bytes 14/08/2008 07:03:20
ANTIVIR3.VDF : 7.0.6.31 149504 Bytes 19/08/2008 07:29:15
Engineversion : 8.1.1.23
AEVDF.DLL : 8.1.0.5 102772 Bytes 09/07/2008 08:46:50
AESCRIPT.DLL : 8.1.0.68 315770 Bytes 18/08/2008 20:03:31
AESCN.DLL : 8.1.0.23 119156 Bytes 05/08/2008 20:49:07
AERDL.DLL : 8.1.0.20 418165 Bytes 09/07/2008 08:46:50
AEPACK.DLL : 8.1.2.1 364917 Bytes 05/08/2008 20:49:07
AEOFFICE.DLL : 8.1.0.22 192890 Bytes 18/08/2008 20:03:30
AEHEUR.DLL : 8.1.0.50 1388918 Bytes 18/08/2008 20:03:30
AEHELP.DLL : 8.1.0.15 115063 Bytes 09/07/2008 08:46:50
AEGEN.DLL : 8.1.0.36 315764 Bytes 18/08/2008 20:03:27
AEEMU.DLL : 8.1.0.7 430452 Bytes 05/08/2008 20:49:02
AECORE.DLL : 8.1.1.8 172406 Bytes 05/08/2008 20:49:01
AEBB.DLL : 8.1.0.1 53617 Bytes 24/04/2008 08:50:42
AVWINLL.DLL : 1.0.0.12 15105 Bytes 09/07/2008 08:40:05
AVPREF.DLL : 8.0.2.0 38657 Bytes 16/05/2008 09:28:01
AVREP.DLL : 8.0.0.2 98344 Bytes 05/08/2008 20:49:00
AVREG.DLL : 8.0.0.1 33537 Bytes 09/05/2008 11:26:40
AVARKT.DLL : 1.0.0.23 307457 Bytes 12/02/2008 08:29:23
AVEVTLOG.DLL : 8.0.0.16 119041 Bytes 12/06/2008 12:27:49
SQLITE3.DLL : 3.3.17.1 339968 Bytes 22/01/2008 17:28:02
SMTPLIB.DLL : 1.2.0.23 28929 Bytes 12/06/2008 12:49:40
NETNT.DLL : 8.0.0.1 7937 Bytes 25/01/2008 12:05:10
RCIMAGE.DLL : 8.0.0.51 2371841 Bytes 12/06/2008 13:48:07
RCTEXT.DLL : 8.0.52.0 86273 Bytes 27/06/2008 13:34:37

Configuration settings for the scan:
Jobname..........................: Complete system scan
Configuration file...............: c:\program files\avira\antivir personaledition classic\sysscan.avp
Logging..........................: low
Primary action...................: interactive
Secondary action.................: ignore
Scan master boot sector..........: on
Scan boot sector.................: on
Boot sectors.....................: C:, D:,
Process scan.....................: on
Scan registry....................: on
Search for rootkits..............: off
Scan all files...................: Intelligent file selection
Scan archives....................: on
Recursion depth..................: 20
Smart extensions.................: on
Macro heuristic..................: on
File heuristic...................: medium

Start of the scan: mardi 19 août 2008 11:23

The scan of running processes will be started
Scan process 'avscan.exe' - '1' Module(s) have been scanned
Scan process 'avcenter.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'guard.exe' - '1' Module(s) have been scanned
Scan process 'explorer.exe' - '1' Module(s) have been scanned
Scan process 'aawservice.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'lsass.exe' - '1' Module(s) have been scanned
Scan process 'services.exe' - '1' Module(s) have been scanned
Scan process 'winlogon.exe' - '1' Module(s) have been scanned
Scan process 'csrss.exe' - '1' Module(s) have been scanned
Scan process 'smss.exe' - '1' Module(s) have been scanned
13 processes with 13 modules were scanned

Starting master boot sector scan:
Master boot sector HD0
[INFO] No virus was found!

Start scanning boot sectors:
Boot sector 'C:\'
[INFO] No virus was found!
Boot sector 'D:\'
[INFO] No virus was found!

Starting to scan the registry.
The registry was scanned ( '77' files ).

Starting the file scan:

Begin scan in 'C:\'
C:\pagefile.sys
[WARNING] The file could not be opened!
Begin scan in 'D:\' <HP_RECOVERY>

End of the scan: mardi 19 août 2008 18:28
Used time: 7:04:56 Hour(s)

The scan has been done completely.

10163 Scanning directories
544582 Files were scanned
0 viruses and/or unwanted programs were found
0 Files were classified as suspicious:
0 files were deleted
0 files were repaired
0 files were moved to quarantine
0 files were renamed
1 Files cannot be scanned
544581 Files not concerned
10541 Archives were scanned
1 Warnings
0 Notes

@+
0
Réponse 20 / 25
E..T Messages postés 6565 Statut Contributeur 428
 
Salut,
Poste un rapport hijackthis.
++
0

Discussions similaires

infection
gladiator1952 -
gladiator1952 -

6 réponses
Infection pc
Nanie24 -
Nanie24 -

22 réponses
[pnkbstra]infection
swazolie -
billou631 -

9 réponses
infection virus
Utilisateur anonyme -
Utilisateur anonyme -

3 réponses
Infection Bloom ?
ccm81 -
fabul -

8 réponses