Votre question

Aide de toute urgence trojan (msn photo)

Tags :
  • msn
  • Sécurité
Dernière réponse : dans Sécurité et virus
11 Mars 2008 22:10:57

Voilà j' ai eu une photo sur msn je l'ai ouverte est je me suis retrouvé avec un trojan alors voici le rapport HisJackThis et aidez le plus vite possible merci de votre compréhension:

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 21:56:54, on 11/03/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16608)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\ehome\ehtray.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
C:\PROGRA~1\Wanadoo\TaskBarIcon.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\DAEMON Tools\daemon.exe
C:\Program Files\DNA\btdna.exe
C:\PROGRA~1\Wanadoo\GestionnaireInternet.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Windows Media Player\WMPNSCFG.exe
C:\PROGRA~1\Wanadoo\ComComp.exe
C:\PROGRA~1\Wanadoo\Toaster.exe
C:\PROGRA~1\Wanadoo\Inactivity.exe
C:\PROGRA~1\Wanadoo\PollingModule.exe
C:\WINDOWS\System32\ALERTM~1\ALERTM~1.EXE
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\WINDOWS\System32\FTRTSVC.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\dllhost.exe
C:\PROGRA~1\Wanadoo\Watch.exe
C:\WINDOWS\eHome\ehmsas.exe
C:\Program Files\Windows Live\Messenger\usnsvc.exe
c:\rctouc.exe
C:\DOCUME~1\Nicolas\LOCALS~1\Temp\calc.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\mgmrwmrv.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\WINDOWS\system32\msiexec.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.fr/ie
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.google.fr
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.orange.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.fr/ie
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://www.google.fr/keyword/%s
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Orange
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\PROGRA~1\Wanadoo\SEARCH~1.DLL
F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\userinit.exe,C:\DOCUME~1\Nicolas\LOCALS~1\Temp\services.exe
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file)
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: QFX Software KeyScrambler - {2B9F5787-88A5-4945-90E7-C4B18563BC5E} - C:\Program Files\Mozilla Firefox\KeyScrambler\KeyScramblerIE.dll
O2 - BHO: dsWebAllowBHO Class - {2F85D76C-0569-466F-A488-493E6BD0E955} - C:\Program Files\Windows Desktop Search\dsWebAllow.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: e404 helper - {C03FD59D-9104-44B7-929A-9EAA0BA05211} - C:\Program Files\Helper\1205268864.dll
O3 - Toolbar: (no name) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe
O4 - HKLM\..\Run: [SkyTel] SkyTel.EXE
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [WOOWATCH] C:\PROGRA~1\Wanadoo\Watch.exe
O4 - HKLM\..\Run: [WOOTASKBARICON] C:\PROGRA~1\Wanadoo\GestMaj.exe TaskBarIcon.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKCU\..\Run: [fsc-reminder.exe] C:\WINDOWS\reminder\fsc-reminder.exe 2454125 14
O4 - HKCU\..\Run: [WOOKIT] C:\PROGRA~1\Wanadoo\Shell.exe appLaunchClientZone.shl|PARAM= cnx
O4 - HKCU\..\Run: [igndlm.exe] C:\Program Files\IGN\Download Manager\DLM.exe /windowsstart /startifwork
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [DAEMON Tools] "C:\Program Files\DAEMON Tools\daemon.exe" -lang 1033
O4 - HKCU\..\Run: [BitTorrent DNA] "C:\Program Files\DNA\btdna.exe"
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: (no name) - {5C106A59-CC3C-4caa-81A4-6D909B5ACE23} - C:\Program Files\Mozilla Firefox\KeyScrambler\KeyScramblerIE.dll
O9 - Extra 'Tools' menuitem: &KeyScrambler... - {5C106A59-CC3C-4caa-81A4-6D909B5ACE23} - C:\Program Files\Mozilla Firefox\KeyScrambler\KeyScramblerIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Orange - {1462651F-F4BA-4C76-A001-C4284D0FE16E} - http://www.orange.fr (file missing) (HKCU)
O20 - Winlogon Notify: WLCtrl32 - C:\WINDOWS\SYSTEM32\WLCtrl32.dll
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Fichiers communs\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom - C:\WINDOWS\System32\FTRTSVC.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: MSSQL$SONY_MEDIAMGR - Unknown owner - C:\Program Files\Sony\Shared Plug-Ins\Media Manager\MSSQL$SONY_MEDIAMGR\Binn\sqlservr.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: SQLAgent$SONY_MEDIAMGR - Unknown owner - C:\Program Files\Sony\Shared Plug-Ins\Media Manager\MSSQL$SONY_MEDIAMGR\Binn\sqlagent.EXE (file missing)

--
End of file - 9321 bytes

Autres pages sur : aide urgence trojan msn photo

11 Mars 2008 22:48:06

alors voilà j ai essayer de lancer SDFix mais cela n'a rien changer je vous remet donc ce rapport de SDFix et de hisjackThis:


SDFix: Version 1.85

Run by Nicolas - 11/03/2008 - 22:26:09,62

Microsoft Windows XP [version 5.1.2600]

Running From: C:\DOCUME~1\Nicolas\Bureau\SDFix

Safe Mode:
Checking Services:






Restoring Windows Registry Values
Restoring Windows Default Hosts File

Rebooting...


Normal Mode:
Checking Files:

Below files will be copied to Backups folder then removed:

C:\-10584~1 - Deleted

Could Not Remove C:\DOCUME~1\Nicolas\LOCALS~1\Temp\services.exe


Removing Temp Files...

ADS Check:

Checking if ADS is attached to system32 Folder
C:\WINDOWS\system32
No streams found.

Checking if ADS is attached to svchost.exe
C:\WINDOWS\system32\svchost.exe
No streams found.



Final Check:

Remaining Services:
------------------



Authorized Application Key Export:

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\\Program Files\\Messenger\\msmsgs.exe"="C:\\Program Files\\Messenger\\msmsgs.exe:*:Enabled:Windows Messenger"
"C:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"="C:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook"
"C:\\Program Files\\Internet Explorer\\IEXPLORE.EXE"="C:\\Program Files\\Internet Explorer\\IEXPLORE.EXE:*:D isabled:Internet Explorer"
"C:\\Program Files\\Mozilla Firefox\\firefox.exe"="C:\\Program Files\\Mozilla Firefox\\firefox.exe:*:D isabled:Firefox"
"C:\\Program Files\\UT2004\\System\\UT2004.exe"="C:\\Program Files\\UT2004\\System\\UT2004.exe:*:D isabled:UT2004"
"%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\\WINDOWS\\system32\\java.exe"="C:\\WINDOWS\\system32\\java.exe:*:Enabled:Java(TM) Platform SE binary"
"C:\\Program Files\\Atari\\Neverwinter Nights 2\\nwn2main.exe"="C:\\Program Files\\Atari\\Neverwinter Nights 2\\nwn2main.exe:*:Enabled:Neverwinter Nights 2 Main"
"C:\\Program Files\\Atari\\Neverwinter Nights 2\\nwn2main_amdxp.exe"="C:\\Program Files\\Atari\\Neverwinter Nights 2\\nwn2main_amdxp.exe:*:Enabled:Neverwinter Nights 2 AMD"
"C:\\Program Files\\Atari\\Neverwinter Nights 2\\nwupdate.exe"="C:\\Program Files\\Atari\\Neverwinter Nights 2\\nwupdate.exe:*:Enabled:Neverwinter Nights 2 Updater"
"C:\\Program Files\\Atari\\Neverwinter Nights 2\\nwn2server.exe"="C:\\Program Files\\Atari\\Neverwinter Nights 2\\nwn2server.exe:*:Enabled:Neverwinter Nights 2 Server"
"C:\\Program Files\\DNA\\btdna.exe"="C:\\Program Files\\DNA\\btdna.exe:*:Enabled:D NA"
"C:\\Program Files\\BitTorrent\\bittorrent.exe"="C:\\Program Files\\BitTorrent\\bittorrent.exe:*:Enabled:BitTorrent"
"C:\\Program Files\\Stranger\\Stranger.exe"="C:\\Program Files\\Stranger\\Stranger.exe:*:D isabled:Stranger"
"C:\\Program Files\\Bonjour\\mDNSResponder.exe"="C:\\Program Files\\Bonjour\\mDNSResponder.exe:*:Enabled:Bonjour"
"C:\\WINDOWS\\system32\\dllcache\\spoolms.exe"="C:\\WINDOWS\\system32\\dllcache\\spoolms.exe:*:Enabled:Windows Sharing"
"C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"="C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\\Program Files\\Windows Live\\Messenger\\livecall.exe"="C:\\Program Files\\Windows Live\\Messenger\\livecall.exe:*:Enabled:Windows Live Messenger (Phone)"
"C:\\Documents and Settings\\Nicolas\\Bureau\\setup.exe"="C:\\Documents and Settings\\Nicolas\\Bureau\\setup.exe:*:Enabled:p rogramme d'installation de Kaspersky Internet Security 7.0"
"C:\\Program Files\\Unreal Tournament 3 (LG)\\Binaries\\UT3.exe"="C:\\Program Files\\Unreal Tournament 3 (LG)\\Binaries\\UT3.exe:*:Enabled:Unreal Tournament 3"
@=""
"C:\\DOCUME~1\\Nicolas\\LOCALS~1\\Temp\\services.exe"="C:\\DOCUME~1\\Nicolas\\LOCALS~1\\Temp\\services.exe:*:Enabled:Flash Media"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"="C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\\Program Files\\Windows Live\\Messenger\\livecall.exe"="C:\\Program Files\\Windows Live\\Messenger\\livecall.exe:*:Enabled:Windows Live Messenger (Phone)"

Remaining Files:
---------------
C:\DOCUME~1\Nicolas\LOCALS~1\Temp\services.exe Found

Backups Folder: - C:\DOCUME~1\Nicolas\Bureau\SDFix\backups\backups.zip

Checking For Files with Hidden Attributes:

C:\Documents and Settings\Nicolas\Mes documents\Mes vid‚os\Manga\Naruto\Manga\Livre\Saison 2\Naruto Tome 38 Japflap HQ by Gaara-fr.com\Naruto_ch340-FR-[Japflap]\Thumbs.db
C:\Documents and Settings\Nicolas\Mes documents\Mes vid‚os\Manga\Naruto\Manga\Livre\Saison 2\Naruto Tome 38 Japflap HQ by Gaara-fr.com\Naruto_ch340-FR-[Japflap]\bonus\Thumbs.db
C:\Documents and Settings\Nicolas\Mes documents\Mes vid‚os\Manga\Naruto\Manga\Livre\Saison 2\Naruto Tome 38 Japflap HQ by Gaara-fr.com\Naruto_ch341-FR-[Japflap]\Thumbs.db
C:\Documents and Settings\Nicolas\Mes documents\Mes vid‚os\Manga\Naruto\Manga\Livre\Saison 2\Naruto Tome 38 Japflap HQ by Gaara-fr.com\Naruto_ch341-FR-[Japflap]\bonus\Thumbs.db
C:\Documents and Settings\Nicolas\Mes documents\Mes vid‚os\Manga\Naruto\Manga\Livre\Saison 2\Naruto Tome 38 Japflap HQ by Gaara-fr.com\Naruto_ch342-FR-[Japflap]\Thumbs.db
C:\Documents and Settings\Nicolas\Mes documents\Mes vid‚os\Manga\Naruto\Manga\Livre\Saison 2\Naruto Tome 38 Japflap HQ by Gaara-fr.com\Naruto_ch342-FR-[Japflap]\bonus\Thumbs.db
C:\Documents and Settings\Nicolas\Mes documents\Mes vid‚os\Manga\Naruto\Manga\Livre\Saison 2\Naruto Tome 38 Japflap HQ by Gaara-fr.com\Naruto_ch342-FR-[Japflap]\fix\Thumbs.db
C:\Documents and Settings\Nicolas\Mes documents\Mes vid‚os\Manga\Naruto\Manga\Livre\Saison 2\Naruto Tome 38 Japflap HQ by Gaara-fr.com\Naruto_ch343-FR-[Japflap]\Thumbs.db
C:\Documents and Settings\Nicolas\Mes documents\Mes vid‚os\Manga\Naruto\Manga\Livre\Saison 2\Naruto Tome 38 Japflap HQ by Gaara-fr.com\Naruto_ch343-FR-[Japflap]\bonus\Thumbs.db
C:\Documents and Settings\Nicolas\Mes documents\Mes vid‚os\Manga\Naruto\Manga\Livre\Saison 2\Naruto Tome 38 Japflap HQ by Gaara-fr.com\Naruto_ch344-FR-[Japflap]\Thumbs.db
C:\Documents and Settings\Nicolas\Mes documents\Mes vid‚os\Manga\Naruto\Manga\Livre\Saison 2\Naruto Tome 38 Japflap HQ by Gaara-fr.com\Naruto_ch344-FR-[Japflap]\bonus\Thumbs.db
C:\Documents and Settings\Nicolas\Mes documents\Mes vid‚os\Manga\Naruto\Manga\Livre\Saison 2\Naruto Tome 38 Japflap HQ by Gaara-fr.com\Naruto_ch345-FR-[Japflap]\Thumbs.db
C:\Documents and Settings\Nicolas\Mes documents\Mes vid‚os\Manga\Naruto\Manga\Livre\Saison 2\Naruto Tome 38 Japflap HQ by Gaara-fr.com\Naruto_ch345-FR-[Japflap]\bonus\Thumbs.db
C:\Documents and Settings\Nicolas\Mes documents\Mes vid‚os\Manga\Naruto\Manga\Livre\Saison 2\Naruto Tome 38 Japflap HQ by Gaara-fr.com\Naruto_ch346-FR-[Japflap]\Thumbs.db
C:\Documents and Settings\Nicolas\Mes documents\Mes vid‚os\Manga\Naruto\Manga\Livre\Saison 2\Naruto Tome 38 Japflap HQ by Gaara-fr.com\Naruto_ch346-FR-[Japflap]\bonus\Thumbs.db
C:\Documents and Settings\Nicolas\Mes documents\Mes vid‚os\Manga\Naruto\Manga\Livre\Saison 2\Naruto Tome 38 Japflap HQ by Gaara-fr.com\Naruto_ch347-FR-[Japflap]\Thumbs.db
C:\Documents and Settings\Nicolas\Mes documents\Mes vid‚os\Manga\Naruto\Manga\Livre\Saison 2\Naruto Tome 38 Japflap HQ by Gaara-fr.com\Naruto_ch347-FR-[Japflap]\bonus\Thumbs.db
C:\Documents and Settings\Nicolas\Mes documents\Mes vid‚os\Manga\Naruto\Manga\Livre\Saison 2\Naruto Tome 38 Japflap HQ by Gaara-fr.com\Naruto_ch348-FR-[Japflap]\Thumbs.db
C:\Documents and Settings\Nicolas\Mes documents\Mes vid‚os\Manga\Naruto\Manga\Livre\Saison 2\Naruto Tome 38 Japflap HQ by Gaara-fr.com\Naruto_ch349-FR-[Japflap]\Thumbs.db
C:\Documents and Settings\Nicolas\Mes documents\Mes vid‚os\Manga\Naruto\Manga\Livre\Saison 2\Naruto Tome 38 Japflap HQ by Gaara-fr.com\Naruto_ch349-FR-[Japflap]\bonus\Thumbs.db
C:\Documents and Settings\Nicolas\Mes documents\Mes vid‚os\Manga\Naruto\Manga\Livre\Saison 2\Naruto Tome 39 Japflap HQ by Gaara-fr.com\Naruto_ch350-FR-[Japflap]\Thumbs.db
C:\Documents and Settings\Nicolas\Mes documents\Mes vid‚os\Manga\Naruto\Manga\Livre\Saison 2\Naruto Tome 39 Japflap HQ by Gaara-fr.com\Naruto_ch350-FR-[Japflap]\bonus\Thumbs.db
C:\Documents and Settings\Nicolas\Mes documents\Mes vid‚os\Manga\Naruto\Manga\Livre\Saison 2\Naruto Tome 39 Japflap HQ by Gaara-fr.com\Naruto_ch351-FR-[Japflap]\Thumbs.db
C:\Documents and Settings\Nicolas\Mes documents\Mes vid‚os\Manga\Naruto\Manga\Livre\Saison 2\Naruto Tome 39 Japflap HQ by Gaara-fr.com\Naruto_ch351-FR-[Japflap]\Bonus\Thumbs.db
C:\Documents and Settings\Nicolas\Mes documents\Mes vid‚os\Manga\Naruto\Manga\Livre\Saison 2\Naruto Tome 39 Japflap HQ by Gaara-fr.com\Naruto_ch351-FR-[Japflap]\Bonus\Fanarts\Thumbs.db
C:\Documents and Settings\Nicolas\Mes documents\Mes vid‚os\Manga\Naruto\Manga\Livre\Saison 2\Naruto Tome 39 Japflap HQ by Gaara-fr.com\Naruto_ch352-FR-[Japflap]\Thumbs.db
C:\Documents and Settings\Nicolas\Mes documents\Mes vid‚os\Manga\Naruto\Manga\Livre\Saison 2\Naruto Tome 39 Japflap HQ by Gaara-fr.com\Naruto_ch352-FR-[Japflap]\bonus\Thumbs.db
C:\Documents and Settings\Nicolas\Mes documents\Mes vid‚os\Manga\Naruto\Manga\Livre\Saison 2\Naruto Tome 39 Japflap HQ by Gaara-fr.com\Naruto_ch352-FR-[Japflap]\bonus\fanarts\Thumbs.db
C:\Documents and Settings\Nicolas\Mes documents\Mes vid‚os\Manga\Naruto\Manga\Livre\Saison 2\Naruto Tome 39 Japflap HQ by Gaara-fr.com\Naruto_ch353-FR-[Japflap]\Thumbs.db
C:\Documents and Settings\Nicolas\Mes documents\Mes vid‚os\Manga\Naruto\Manga\Livre\Saison 2\Naruto Tome 39 Japflap HQ by Gaara-fr.com\Naruto_ch353-FR-[Japflap]\bonus\Thumbs.db
C:\Documents and Settings\Nicolas\Mes documents\Mes vid‚os\Manga\Naruto\Manga\Livre\Saison 2\Naruto Tome 39 Japflap HQ by Gaara-fr.com\Naruto_ch353-FR-[Japflap]\bonus\fanarts\Thumbs.db
C:\Documents and Settings\Nicolas\Mes documents\Mes vid‚os\Manga\Naruto\Manga\Livre\Saison 2\Naruto Tome 39 Japflap HQ by Gaara-fr.com\Naruto_ch354-FR-[Japflap]\Thumbs.db
C:\Documents and Settings\Nicolas\Mes documents\Mes vid‚os\Manga\Naruto\Manga\Livre\Saison 2\Naruto Tome 39 Japflap HQ by Gaara-fr.com\Naruto_ch354-FR-[Japflap]\bonus\Thumbs.db
C:\Documents and Settings\Nicolas\Mes documents\Mes vid‚os\Manga\Naruto\Manga\Livre\Saison 2\Naruto Tome 39 Japflap HQ by Gaara-fr.com\Naruto_ch354-FR-[Japflap]\bonus\fanarts\Thumbs.db
C:\Documents and Settings\Nicolas\Mes documents\Mes vid‚os\Manga\Naruto\Manga\Livre\Saison 2\Naruto Tome 39 Japflap HQ by Gaara-fr.com\Naruto_ch355-FR-[Japflap]\Thumbs.db
C:\Documents and Settings\Nicolas\Mes documents\Mes vid‚os\Manga\Naruto\Manga\Livre\Saison 2\Naruto Tome 39 Japflap HQ by Gaara-fr.com\Naruto_ch356-FR-[Japflap]\Thumbs.db
C:\Documents and Settings\Nicolas\Mes documents\Mes vid‚os\Manga\Naruto\Manga\Livre\Saison 2\Naruto Tome 39 Japflap HQ by Gaara-fr.com\Naruto_ch357-FR-[Japflap]\Thumbs.db
C:\Documents and Settings\Nicolas\Mes documents\Mes vid‚os\Manga\Naruto\Manga\Livre\Saison 2\Naruto Tome 39 Japflap HQ by Gaara-fr.com\Naruto_ch358-FR-[Japflap]\Thumbs.db
C:\Documents and Settings\Nicolas\Mes documents\Mes vid‚os\Manga\Naruto\Manga\Livre\Saison 2\Naruto Tome 39 Japflap HQ by Gaara-fr.com\Naruto_ch358-FR-[Japflap]\bonus\Thumbs.db
C:\Documents and Settings\Nicolas\Mes documents\Mes vid‚os\Manga\Naruto\Manga\Livre\Saison 2\Naruto Tome 39 Japflap HQ by Gaara-fr.com\Naruto_ch358-FR-[Japflap]\bonus\fanarts\Thumbs.db
C:\Documents and Settings\Nicolas\Mes documents\Mes vid‚os\Manga\Naruto\Manga\Livre\Saison 2\Naruto Tome 39 Japflap HQ by Gaara-fr.com\Naruto_ch359-FR-[Japflap]\Thumbs.db
C:\Documents and Settings\Nicolas\Mes documents\Mes vid‚os\Manga\Naruto\Manga\Livre\Saison 2\Naruto Tome 39 Japflap HQ by Gaara-fr.com\Naruto_ch359-FR-[Japflap]\bonus\Thumbs.db
C:\Documents and Settings\Nicolas\Mes documents\Mes vid‚os\Manga\Naruto\Manga\Livre\Saison 2\Naruto Tome 39 Japflap HQ by Gaara-fr.com\Naruto_ch359-FR-[Japflap]\bonus\fanarts\Thumbs.db
C:\Documents and Settings\Nicolas\Mes documents\Mes vid‚os\Manga\Naruto\Manga\Livre\Saison 2\Naruto Tome 40 Japflap HQ by Gaara-fr.com\Naruto_ch360-FR-[Japflap]\Thumbs.db
C:\Documents and Settings\Nicolas\Mes documents\Mes vid‚os\Manga\Naruto\Manga\Livre\Saison 2\Naruto Tome 40 Japflap HQ by Gaara-fr.com\Naruto_ch360-FR-[Japflap]\bonus\Thumbs.db
C:\Documents and Settings\Nicolas\Mes documents\Mes vid‚os\Manga\Naruto\Manga\Livre\Saison 2\Naruto Tome 40 Japflap HQ by Gaara-fr.com\Naruto_ch360-FR-[Japflap]\bonus\fanarts\Thumbs.db
C:\Documents and Settings\Nicolas\Mes documents\Mes vid‚os\Manga\Naruto\Manga\Livre\Saison 2\Naruto Tome 40 Japflap HQ by Gaara-fr.com\Naruto_ch361-FR-[Japflap]\Thumbs.db
C:\Documents and Settings\Nicolas\Mes documents\Mes vid‚os\Manga\Naruto\Manga\Livre\Saison 2\Naruto Tome 40 Japflap HQ by Gaara-fr.com\Naruto_ch361-FR-[Japflap]\bonus\Thumbs.db
C:\Documents and Settings\Nicolas\Mes documents\Mes vid‚os\Manga\Naruto\Manga\Livre\Saison 2\Naruto Tome 40 Japflap HQ by Gaara-fr.com\Naruto_ch361-FR-[Japflap]\bonus\fanarts\Thumbs.db
C:\Documents and Settings\Nicolas\Mes documents\Mes vid‚os\Manga\Naruto\Manga\Livre\Saison 2\Naruto Tome 40 Japflap HQ by Gaara-fr.com\Naruto_ch362-FR-[Japflap]\Thumbs.db
C:\Documents and Settings\Nicolas\Mes documents\Mes vid‚os\Manga\Naruto\Manga\Livre\Saison 2\Naruto Tome 40 Japflap HQ by Gaara-fr.com\Naruto_ch362-FR-[Japflap]\bonus\Thumbs.db
C:\Documents and Settings\Nicolas\Mes documents\Mes vid‚os\Manga\Naruto\Manga\Livre\Saison 2\Naruto Tome 40 Japflap HQ by Gaara-fr.com\Naruto_ch362-FR-[Japflap]\bonus\fanarts\Thumbs.db
C:\Documents and Settings\Nicolas\Mes documents\Mes vid‚os\Manga\Naruto\Manga\Livre\Saison 2\Naruto Tome 40 Japflap HQ by Gaara-fr.com\Naruto_ch363-FR-[Japflap]\Thumbs.db
C:\Documents and Settings\Nicolas\Mes documents\Mes vid‚os\Manga\Naruto\Manga\Livre\Saison 2\Naruto Tome 40 Japflap HQ by Gaara-fr.com\Naruto_ch363-FR-[Japflap]\Bonus\Thumbs.db
C:\Documents and Settings\Nicolas\Mes documents\Mes vid‚os\Manga\Naruto\Manga\Livre\Saison 2\Naruto Tome 40 Japflap HQ by Gaara-fr.com\Naruto_ch363-FR-[Japflap]\Bonus\fanarts\Thumbs.db
C:\Documents and Settings\Nicolas\Mes documents\Mes vid‚os\Manga\Naruto\Manga\Livre\Saison 2\Naruto Tome 40 Japflap HQ by Gaara-fr.com\Naruto_ch364-FR-[Japflap]\Thumbs.db
C:\Documents and Settings\Nicolas\Mes documents\Mes vid‚os\Manga\Naruto\Manga\Livre\Saison 2\Naruto Tome 40 Japflap HQ by Gaara-fr.com\Naruto_ch365-FR-[Japflap]\Thumbs.db
C:\Documents and Settings\Nicolas\Mes documents\Mes vid‚os\Manga\Naruto\Manga\Livre\Saison 2\Naruto Tome 40 Japflap HQ by Gaara-fr.com\Naruto_ch365-FR-[Japflap]\bonus\Thumbs.db
C:\Documents and Settings\Nicolas\Mes documents\Mes vid‚os\Manga\Naruto\Manga\Livre\Saison 2\Naruto Tome 40 Japflap HQ by Gaara-fr.com\Naruto_ch366-FR-[Japflap]\Thumbs.db
C:\Documents and Settings\Nicolas\Mes documents\Mes vid‚os\Manga\Naruto\Manga\Livre\Saison 2\Naruto Tome 40 Japflap HQ by Gaara-fr.com\Naruto_ch366-FR-[Japflap]\bonus\Thumbs.db
C:\Documents and Settings\Nicolas\Mes documents\Mes vid‚os\Manga\Naruto\Manga\Livre\Saison 2\Naruto Tome 40 Japflap HQ by Gaara-fr.com\Naruto_ch367-FR-[Japflap]\Thumbs.db
C:\Documents and Settings\Nicolas\Mes documents\Mes vid‚os\Manga\Naruto\Manga\Livre\Saison 2\Naruto Tome 40 Japflap HQ by Gaara-fr.com\Naruto_ch367-FR-[Japflap]\bonus\Thumbs.db
C:\Documents and Settings\Nicolas\Mes documents\Mes vid‚os\Manga\Naruto\Manga\Livre\Saison 2\Naruto Tome 40 Japflap HQ by Gaara-fr.com\Naruto_ch368-FR-[Japflap]\Thumbs.db
C:\Documents and Settings\Nicolas\Mes documents\Mes vid‚os\Manga\Naruto\Manga\Livre\Saison 2\Naruto Tome 40 Japflap HQ by Gaara-fr.com\Naruto_ch368-FR-[Japflap]\bonus\Thumbs.db
C:\Documents and Settings\Nicolas\Mes documents\Mes vid‚os\Manga\Naruto\Manga\Livre\Saison 2\Naruto Tome 40 Japflap HQ by Gaara-fr.com\Naruto_ch369-FR-[Japflap]\Thumbs.db
C:\Documents and Settings\Nicolas\Mes documents\Mes vid‚os\Manga\Naruto\Manga\Livre\Saison 2\Naruto Tome 40 Japflap HQ by Gaara-fr.com\Naruto_ch369-FR-[Japflap]\Bonus\Thumbs.db
C:\Program Files\eRightSoft\SUPER\cygwin1.dll
C:\Program Files\eRightSoft\SUPER\cygz.dll
C:\Program Files\eRightSoft\SUPER\_Setup.dll
C:\Program Files\eRightSoft\SUPER\mencoder\14_43260.dll
C:\Program Files\eRightSoft\SUPER\mencoder\28_83260.dll
C:\Program Files\eRightSoft\SUPER\mencoder\atrc3260.dll
C:\Program Files\eRightSoft\SUPER\mencoder\cook3260.dll
C:\Program Files\eRightSoft\SUPER\mencoder\ddnt3260.dll
C:\Program Files\eRightSoft\SUPER\mencoder\dnet3260.dll
C:\Program Files\eRightSoft\SUPER\mencoder\drv13260.dll
C:\Program Files\eRightSoft\SUPER\mencoder\drv23260.dll
C:\Program Files\eRightSoft\SUPER\mencoder\drv33260.dll
C:\Program Files\eRightSoft\SUPER\mencoder\drv43260.dll
C:\Program Files\eRightSoft\SUPER\mencoder\dspr3260.dll
C:\Program Files\eRightSoft\SUPER\mencoder\ivvideo.dll
C:\Program Files\eRightSoft\SUPER\mencoder\qtmlClient.dll
C:\Program Files\eRightSoft\SUPER\mencoder\raac.dll
C:\Program Files\eRightSoft\SUPER\mencoder\rnco3260.dll
C:\Program Files\eRightSoft\SUPER\mencoder\rnlt3260.dll
C:\Program Files\eRightSoft\SUPER\mencoder\rv103260.dll
C:\Program Files\eRightSoft\SUPER\mencoder\rv203260.dll
C:\Program Files\eRightSoft\SUPER\mencoder\rv303260.dll
C:\Program Files\eRightSoft\SUPER\mencoder\rv403260.dll
C:\Program Files\eRightSoft\SUPER\mencoder\sipr3260.dll
C:\Program Files\eRightSoft\SUPER\mencoder\tokr3260.dll
C:\WINDOWS\system32\flvDX.dll
C:\Program Files\eRightSoft\SUPER\Setup.exe
C:\Documents and Settings\All Users\DRM\Cache\Indiv01.tmp
C:\Documents and Settings\All Users\DRM\Cache\Indiv03.tmp
C:\WINDOWS\SoftwareDistribution\Download\0a67b6c406b1d7e0f5c1e6f6d44a3f6e\BIT4.tmp
C:\WINDOWS\SoftwareDistribution\Download\18b19374451d28a8fbaf1939cf31ff45\BIT7.tmp
C:\WINDOWS\SoftwareDistribution\Download\22fb973e059470cc1b5d76c4ae605351\BITB.tmp
C:\WINDOWS\SoftwareDistribution\Download\26924cbc8132a10b438ce6e2b49d4652\BIT3.tmp
C:\WINDOWS\SoftwareDistribution\Download\2769b111678c52099a3b3123b12f2325\BIT8.tmp
C:\WINDOWS\SoftwareDistribution\Download\30285791903730fbf957a83562db4ff4\BIT5.tmp
C:\WINDOWS\SoftwareDistribution\Download\585dc2612ebcefc90e7dee4c276ee95e\BIT2.tmp
C:\WINDOWS\SoftwareDistribution\Download\9e870549834e2bceb796e44a1e3ac6f5\BITA.tmp
C:\WINDOWS\SoftwareDistribution\Download\cb8921d0c7830b2f33c00fa4c8a10d17\BIT6.tmp
C:\WINDOWS\SoftwareDistribution\Download\d77b9b5b8fed23dd91f50d167cce60d3\BIT9.tmp
C:\WINDOWS\SoftwareDistribution\Download\f7db876e78b88fd8276fd7d29cb7e4eb\BIT2.tmp

Finished
_____________________________________________________
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 22:37:16, on 11/03/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16608)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\WINDOWS\System32\FTRTSVC.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\system32\dllhost.exe
C:\WINDOWS\system32\notepad.exe
C:\WINDOWS\ehome\ehtray.exe
C:\WINDOWS\RTHDCPL.EXE
C:\WINDOWS\eHome\ehmsas.exe
C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
C:\PROGRA~1\Wanadoo\TaskBarIcon.exe
C:\WINDOWS\system32\ctfmon.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\DAEMON Tools\daemon.exe
C:\Program Files\DNA\btdna.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Windows Media Player\WMPNSCFG.exe
C:\WINDOWS\System32\svchost.exe
C:\PROGRA~1\Wanadoo\GestionnaireInternet.exe
C:\PROGRA~1\Wanadoo\ComComp.exe
C:\PROGRA~1\Wanadoo\Toaster.exe
C:\PROGRA~1\Wanadoo\Inactivity.exe
C:\PROGRA~1\Wanadoo\PollingModule.exe
C:\WINDOWS\System32\ALERTM~1\ALERTM~1.EXE
C:\PROGRA~1\Wanadoo\Watch.exe
c:\rctouc.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\Nicolas\sqissa.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.fr/ie
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.google.fr
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.orange.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.fr/ie
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://www.google.fr/keyword/%s
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Orange
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\PROGRA~1\Wanadoo\SEARCH~1.DLL
F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\userinit.exe,C:\DOCUME~1\Nicolas\LOCALS~1\Temp\services.exe
O2 - BHO: (no name) - {00000250-0320-4dd4-be4f-7566d2314352} - (no file)
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file)
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {13197ace-6851-45c3-a7ff-c281324d5489} - (no file)
O2 - BHO: (no name) - {15651c7c-e812-44a2-a9ac-b467a2233e7d} - (no file)
O2 - BHO: QFX Software KeyScrambler - {2B9F5787-88A5-4945-90E7-C4B18563BC5E} - C:\Program Files\Mozilla Firefox\KeyScrambler\KeyScramblerIE.dll
O2 - BHO: dsWebAllowBHO Class - {2F85D76C-0569-466F-A488-493E6BD0E955} - C:\Program Files\Windows Desktop Search\dsWebAllow.dll
O2 - BHO: (no name) - {4e1075f4-eec4-4a86-add7-cd5f52858c31} - (no file)
O2 - BHO: (no name) - {4e7bd74f-2b8d-469e-92c6-ce7eb590a94d} - (no file)
O2 - BHO: (no name) - {5929cd6e-2062-44a4-b2c5-2c7e78fbab38} - (no file)
O2 - BHO: (no name) - {5dafd089-24b1-4c5e-bd42-8ca72550717b} - (no file)
O2 - BHO: (no name) - {5fa6752a-c4a0-4222-88c2-928ae5ab4966} - (no file)
O2 - BHO: (no name) - {622cc208-b014-4fe0-801b-874a5e5e403a} - (no file)
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: (no name) - {8674aea0-9d3d-11d9-99dc-00600f9a01f1} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: (no name) - {965a592f-8efa-4250-8630-7960230792f1} - (no file)
O2 - BHO: (no name) - {9c5b2f29-1f46-4639-a6b4-828942301d3e} - (no file)
O2 - BHO: e404 helper - {C03FD59D-9104-44B7-929A-9EAA0BA05211} - C:\Program Files\Helper\1205268864.dll
O2 - BHO: (no name) - {cf021f40-3e14-23a5-cba2-717765728274} - (no file)
O2 - BHO: (no name) - {fc3a74e5-f281-4f10-ae1e-733078684f3c} - (no file)
O2 - BHO: (no name) - {ffff0001-0002-101a-a3c9-08002b2f49fb} - (no file)
O3 - Toolbar: (no name) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe
O4 - HKLM\..\Run: [SkyTel] SkyTel.EXE
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [WOOWATCH] C:\PROGRA~1\Wanadoo\Watch.exe
O4 - HKLM\..\Run: [WOOTASKBARICON] C:\PROGRA~1\Wanadoo\GestMaj.exe TaskBarIcon.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKCU\..\Run: [fsc-reminder.exe] C:\WINDOWS\reminder\fsc-reminder.exe 2454125 14
O4 - HKCU\..\Run: [WOOKIT] C:\PROGRA~1\Wanadoo\Shell.exe appLaunchClientZone.shl|PARAM= cnx
O4 - HKCU\..\Run: [igndlm.exe] C:\Program Files\IGN\Download Manager\DLM.exe /windowsstart /startifwork
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [DAEMON Tools] "C:\Program Files\DAEMON Tools\daemon.exe" -lang 1033
O4 - HKCU\..\Run: [BitTorrent DNA] "C:\Program Files\DNA\btdna.exe"
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: (no name) - {5C106A59-CC3C-4caa-81A4-6D909B5ACE23} - C:\Program Files\Mozilla Firefox\KeyScrambler\KeyScramblerIE.dll
O9 - Extra 'Tools' menuitem: &KeyScrambler... - {5C106A59-CC3C-4caa-81A4-6D909B5ACE23} - C:\Program Files\Mozilla Firefox\KeyScrambler\KeyScramblerIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Orange - {1462651F-F4BA-4C76-A001-C4284D0FE16E} - http://www.orange.fr (file missing) (HKCU)
O20 - Winlogon Notify: WLCtrl32 - C:\WINDOWS\SYSTEM32\WLCtrl32.dll
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Fichiers communs\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom - C:\WINDOWS\System32\FTRTSVC.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: MSSQL$SONY_MEDIAMGR - Unknown owner - C:\Program Files\Sony\Shared Plug-Ins\Media Manager\MSSQL$SONY_MEDIAMGR\Binn\sqlservr.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: SQLAgent$SONY_MEDIAMGR - Unknown owner - C:\Program Files\Sony\Shared Plug-Ins\Media Manager\MSSQL$SONY_MEDIAMGR\Binn\sqlagent.EXE (file missing)

--
End of file - 10216 bytes
11 Mars 2008 23:08:15

bonsoir

Télécharge MSNFix.zip (!aur3n7[/#f]) sur ton Bureau.
Décompresse-le sur ton bureau (Clique-Droit/Extraire tout).
[#ff0000]
Il est indispensable que l'outil soit executé à partir du bureau.


Ouvre le dossier MSNFix puis double-clique sur MSNFix.bat.
- Exécute l'option R.
-- Si l'infection est détectée, presse une touche pour lancer le nettoyage.

[#ff0000]Si une erreur de suppression est détectée un message s'affichera demandant de redémarrer l'ordinateur afin de terminer les opérations.
Dans ce cas il suffit de redémarrer l'ordinateur manuellement.[/#f]

Poste le rapport situé dans le dossier MSNFix.
Le nom du rapport correspond au moment de sa création : date_heure.log

->Tutorial de Malekal<-
Contenus similaires
12 Mars 2008 11:18:08

Voilà le rapport de msnFix. Avast me detectéplus automtiquement de virus (j'ai toujours pas fait de scan mais depuis que j'ai le virus mon PC est super lent sur internet. Voici le rapport msnfix et je remet un rapport HijackThis au cas où :


MSNFix 1.680

C:\Documents and Settings\Nicolas\Bureau\MSNFix
Fix exécuté le 11/03/2008 - 22:56:28,95 By Nicolas
mode normal

************************ Recherche les fichiers présents

... C:\fumkmdgq.exe
... C:\ypvrinp.exe
... C:\fumkmdgq.exe
... C:\xkufbjjc.exe
... C:\ypvrinp.exe
... C:\??????.exe
... C:\DOCUME~1\Nicolas\LOCALS~1\Temp\services.exe
... C:\Documents and Settings\Nicolas\??????.exe
... C:\Documents and Settings\Nicolas\????????.exe
... C:\WINDOWS\system32\real.txt

************************ Recherche les dossiers présents

... \TEMP\
... C:\Temp\




************************ Suppression des fichiers

.. OK ... C:\fumkmdgq.exe
.. OK ... C:\ypvrinp.exe
.. OK ... C:\fumkmdgq.exe
.. OK ... C:\xkufbjjc.exe
.. OK ... C:\ypvrinp.exe
.. OK ... C:\??????.exe
/!\ ... C:\DOCUME~1\Nicolas\LOCALS~1\Temp\services.exe
.. OK ... C:\Documents and Settings\Nicolas\??????.exe
.. OK ... C:\Documents and Settings\Nicolas\????????.exe
.. OK ... C:\WINDOWS\system32\real.txt


************************ Suppression des dossiers

.. OK ... \TEMP\
.. OK ... C:\Temp\


************************ Nettoyage du registre



Les fichiers encore présents seront supprimés au prochain redémarrage


************************ Suppression des fichiers

.. OK ... C:\fumkmdgq.exe
.. OK ... C:\ypvrinp.exe
.. OK ... C:\fumkmdgq.exe
.. OK ... C:\xkufbjjc.exe
.. OK ... C:\ypvrinp.exe
.. OK ... C:\??????.exe
.. OK ... C:\kl.exe
.. OK ... C:\DOCUME~1\Nicolas\LOCALS~1\Temp\services.exe
.. OK ... C:\WINDOWS\system32\real.txt



************************ Fichiers suspects

Aucun Fichier trouvé


Les fichiers et clés de registre supprimés ont été sauvegardés dans le fichier 11032008_23012464.zip



------------------------------------------------------------------------
Auteur : !aur3n7 Contact: http://changelog.fr
------------------------------------------------------------------------

--------------------------------------------- END ---------------------------------------------
______________________________________________________

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 11:13:17, on 12/03/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16608)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\ehome\ehtray.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\WINDOWS\system32\ctfmon.exe
C:\PROGRA~1\Wanadoo\TaskBarIcon.exe
C:\Program Files\DAEMON Tools\daemon.exe
C:\Program Files\DNA\btdna.exe
C:\PROGRA~1\Wanadoo\GestionnaireInternet.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Windows Media Player\WMPNSCFG.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\WINDOWS\System32\FTRTSVC.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\PROGRA~1\Wanadoo\ComComp.exe
C:\PROGRA~1\Wanadoo\Toaster.exe
C:\PROGRA~1\Wanadoo\Inactivity.exe
C:\PROGRA~1\Wanadoo\PollingModule.exe
C:\WINDOWS\System32\ALERTM~1\ALERTM~1.EXE
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\dllhost.exe
C:\PROGRA~1\Wanadoo\Watch.exe
C:\WINDOWS\eHome\ehmsas.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Spybot - Search & Destroy\SpybotSD.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.fr/ie
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.google.fr
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.orange.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.fr/ie
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://www.google.fr/keyword/%s
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Orange
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\PROGRA~1\Wanadoo\SEARCH~1.DLL
F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\userinit.exe,C:\DOCUME~1\Nicolas\LOCALS~1\Temp\services.exe
O2 - BHO: (no name) - {00000250-0320-4dd4-be4f-7566d2314352} - (no file)
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file)
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {13197ace-6851-45c3-a7ff-c281324d5489} - (no file)
O2 - BHO: (no name) - {15651c7c-e812-44a2-a9ac-b467a2233e7d} - (no file)
O2 - BHO: QFX Software KeyScrambler - {2B9F5787-88A5-4945-90E7-C4B18563BC5E} - C:\Program Files\Mozilla Firefox\KeyScrambler\KeyScramblerIE.dll
O2 - BHO: dsWebAllowBHO Class - {2F85D76C-0569-466F-A488-493E6BD0E955} - C:\Program Files\Windows Desktop Search\dsWebAllow.dll
O2 - BHO: (no name) - {4e1075f4-eec4-4a86-add7-cd5f52858c31} - (no file)
O2 - BHO: (no name) - {4e7bd74f-2b8d-469e-92c6-ce7eb590a94d} - (no file)
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: (no name) - {5929cd6e-2062-44a4-b2c5-2c7e78fbab38} - (no file)
O2 - BHO: (no name) - {5dafd089-24b1-4c5e-bd42-8ca72550717b} - (no file)
O2 - BHO: (no name) - {5fa6752a-c4a0-4222-88c2-928ae5ab4966} - (no file)
O2 - BHO: (no name) - {622cc208-b014-4fe0-801b-874a5e5e403a} - (no file)
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: (no name) - {8674aea0-9d3d-11d9-99dc-00600f9a01f1} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: (no name) - {965a592f-8efa-4250-8630-7960230792f1} - (no file)
O2 - BHO: (no name) - {9c5b2f29-1f46-4639-a6b4-828942301d3e} - (no file)
O2 - BHO: e404 helper - {C03FD59D-9104-44B7-929A-9EAA0BA05211} - C:\Program Files\Helper\1205268864.dll
O2 - BHO: (no name) - {cf021f40-3e14-23a5-cba2-717765728274} - (no file)
O2 - BHO: e404 helper - {D4FEDE82-C500-4AA4-BB99-A4DAE5A65A46} - C:\Program Files\Helper\1205272744.dll
O2 - BHO: (no name) - {fc3a74e5-f281-4f10-ae1e-733078684f3c} - (no file)
O2 - BHO: (no name) - {ffff0001-0002-101a-a3c9-08002b2f49fb} - (no file)
O3 - Toolbar: (no name) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe
O4 - HKLM\..\Run: [SkyTel] SkyTel.EXE
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [WOOWATCH] C:\PROGRA~1\Wanadoo\Watch.exe
O4 - HKLM\..\Run: [WOOTASKBARICON] C:\PROGRA~1\Wanadoo\GestMaj.exe TaskBarIcon.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [MRT] "C:\WINDOWS\system32\MRT.exe" /R
O4 - HKCU\..\Run: [fsc-reminder.exe] C:\WINDOWS\reminder\fsc-reminder.exe 2454125 14
O4 - HKCU\..\Run: [WOOKIT] C:\PROGRA~1\Wanadoo\Shell.exe appLaunchClientZone.shl|PARAM= cnx
O4 - HKCU\..\Run: [igndlm.exe] C:\Program Files\IGN\Download Manager\DLM.exe /windowsstart /startifwork
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [DAEMON Tools] "C:\Program Files\DAEMON Tools\daemon.exe" -lang 1033
O4 - HKCU\..\Run: [BitTorrent DNA] "C:\Program Files\DNA\btdna.exe"
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: (no name) - {5C106A59-CC3C-4caa-81A4-6D909B5ACE23} - C:\Program Files\Mozilla Firefox\KeyScrambler\KeyScramblerIE.dll
O9 - Extra 'Tools' menuitem: &KeyScrambler... - {5C106A59-CC3C-4caa-81A4-6D909B5ACE23} - C:\Program Files\Mozilla Firefox\KeyScrambler\KeyScramblerIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Orange - {1462651F-F4BA-4C76-A001-C4284D0FE16E} - http://www.orange.fr (file missing) (HKCU)
O20 - Winlogon Notify: WLCtrl32 - C:\WINDOWS\SYSTEM32\WLCtrl32.dll
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Fichiers communs\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom - C:\WINDOWS\System32\FTRTSVC.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: MSSQL$SONY_MEDIAMGR - Unknown owner - C:\Program Files\Sony\Shared Plug-Ins\Media Manager\MSSQL$SONY_MEDIAMGR\Binn\sqlservr.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: SQLAgent$SONY_MEDIAMGR - Unknown owner - C:\Program Files\Sony\Shared Plug-Ins\Media Manager\MSSQL$SONY_MEDIAMGR\Binn\sqlagent.EXE (file missing)

--
End of file - 10668 bytes

12 Mars 2008 19:20:48

bonsoir

Désactive ton antivirus et tout autre type de protection.
Télécharge ComboFix de sUBs :
ComboFix.exe
et sauvegarde le sur ton bureau et pas ailleurs!

Double-clic sur ComboFix, Il va te poser une question, suis les invites puis attends que combofix ait terminé, il est possible que ton PC reboot, c’est normal, un rapport sera créé.Poste le rapport:C:\Combofix.txt
clique dessus pour l'ouvrir, puis édition "sélectionner tout", édition "copier"

viens sur le forum et édition "coller"

ajoute un nouveau rapport Hijackthis.
Tom's guide dans le monde
  • Allemagne
  • Italie
  • Irlande
  • Royaume Uni
  • Etats Unis
Suivre Tom's Guide
Inscrivez-vous à la Newsletter
  • ajouter à twitter
  • ajouter à facebook
  • ajouter un flux RSS