Se connecter / S'enregistrer
Votre question

help, virus nokia 19 sur msn

Tags :
  • Nokia
  • Sécurité
Dernière réponse : dans Sécurité et virus
29 Octobre 2007 21:03:54

Bonjour,

J'ai attrapé un virus Nokia 19 sur msn, Je vous coller le rapport.
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 21:00:50, on 29/10/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\LEXPPS.EXE
C:\WINDOWS\Explorer.EXE
C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\SearchIndexer.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxpers.exe
C:\Program Files\Dell\Media Experience\DMXLauncher.exe
C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe
C:\WINDOWS\system32\LXSUPMON.EXE
C:\PROGRA~1\Sony\SONICS~1\SsAAD.exe
C:\Program Files\Corel\Corel Photo Album 6\MediaDetect.exe
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\Program Files\HP DVD\Umbrella\DVDTray.exe
C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd2.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe
C:\Program Files\Hercules\Hercules DualPix HD Webcam\CamService.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\LBTWiz.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Fichiers communs\Ahead\lib\NMBgMonitor.exe
C:\Program Files\Microsoft ActiveSync\WCESCOMM.EXE
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\Google\Google Updater\GoogleUpdater.exe
C:\Program Files\Windows Desktop Search\WindowsSearch.exe
C:\Program Files\Fichiers communs\Sony Shared\AVLib\SSScsiSV.exe
C:\Program Files\Windows Live\Messenger\usnsvc.exe
C:\WINDOWS\tsitra1148.exe
C:\Program Files\Avant Browser\avant.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.dell.fr/myway
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://home.sweetim.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: SweetIM For Internet Explorer - {BC4FFE41-DE9F-46fa-B455-AAD49B9F9938} - C:\Program Files\Macrogaming\SweetIMBarForIE\toolbar.dll (file missing)
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: BHO pour Compagnon Web Encarta - {955BE0B8-BC85-4CAF-856E-8E0D8B610560} - C:\Program Files\Fichiers communs\Microsoft Shared\Encarta Web Companion\2007\ENCWCBAR.DLL
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.1.615.5858\swg.dll
O3 - Toolbar: Compagnon Web Encarta - {147D6308-0614-4112-89B1-31402F9B82C4} - C:\Program Files\Fichiers communs\Microsoft Shared\Encarta Web Companion\2007\ENCWCBAR.DLL
O3 - Toolbar: (no name) - {0BF43445-2F28-4351-9252-17FE6E806AA0} - (no file)
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O4 - HKLM\..\Run: [igfxtray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [igfxhkcmd] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [igfxpers] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [DMXLauncher] C:\Program Files\Dell\Media Experience\DMXLauncher.exe
O4 - HKLM\..\Run: [ISUSPM Startup] "C:\Program Files\Fichiers communs\InstallShield\UpdateService\isuspm.exe" -startup
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [LXSUPMON] C:\WINDOWS\system32\LXSUPMON.EXE RUN
O4 - HKLM\..\Run: [SsAAD.exe] C:\PROGRA~1\Sony\SONICS~1\SsAAD.exe
O4 - HKLM\..\Run: [Corel Photo Downloader] C:\Program Files\Corel\Corel Photo Album 6\MediaDetect.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [MSKDetectorExe] C:\Program Files\McAfee\SpamKiller\MSKDetct.exe /uninstall
O4 - HKLM\..\Run: [DVDTray] "C:\Program Files\HP DVD\Umbrella\DVDTray.exe"
O4 - HKLM\..\Run: [DVDBitSet] "C:\Program Files\HP DVD\Umbrella\DVDBitSet.exe" /NOUI
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe"
O4 - HKLM\..\Run: [HerculesCamService] C:\Program Files\Hercules\Hercules DualPix HD Webcam\CamService.exe
O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\Run: [LBTWiz.exe] C:\WINDOWS\LBTWiz.exe
O4 - HKLM\..\Run: [runner1] C:\WINDOWS\tsitra1148.exe 61A847B5BBF72813339F30466188719AB689201522886B092CBD44BD8689220221DD3257
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [WOOKIT] C:\PROGRA~1\Wanadoo\GestMaj.exe EspaceWanadoo.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Fichiers communs\Ahead\lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Program Files\Microsoft ActiveSync\WCESCOMM.EXE"
O4 - HKCU\..\Run: [SweetIM] C:\Program Files\Macrogaming\SweetIM\SweetIM.exe
O4 - HKCU\..\Run: [pingpop] C:\DOCUME~1\TISSER~1\APPLIC~1\LOGPRO~1\vc draw curb.exe
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [WinAble] C:\Program Files\WinAble\winable.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: Outil de mise à jour Google.lnk = C:\Program Files\Google\Google Updater\GoogleUpdater.exe
O4 - Global Startup: Windows Desktop Search.lnk = C:\Program Files\Windows Desktop Search\WindowsSearch.exe
O8 - Extra context menu item: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra button: (no name) - {1A93C934-025B-4c3a-B38E-9654A7003239} - C:\WINDOWS\system32\shdocvw.dll
O9 - Extra 'Tools' menuitem: GamesBar - {1A93C934-025B-4c3a-B38E-9654A7003239} - C:\WINDOWS\system32\shdocvw.dll
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Créer un Favori de l'appareil mobile - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\inetrepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\inetrepl.dll
O9 - Extra 'Tools' menuitem: Créer un Favori de l'appareil mobile... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\inetrepl.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O9 - Extra button: Barre de recherche Encarta - {B205A35E-1FC4-4CE3-818B-899DBBB3388C} - C:\Program Files\Fichiers communs\Microsoft Shared\Encarta Search Bar\ENCSBAR.DLL
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {0E8D0700-75DF-11D3-8B4A-0008C7450C4A} (DjVuCtl Class) - http://downloadcenter.samsung.com/content/common/cab/Dj...
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://webscanner.kaspersky.fr/kavwebscan_unicode.cab
O16 - DPF: {2357B3CF-7F8D-4451-8D81-FD6097610AEE} (CamfrogWEB Advanced Unicode Control) - http://activex.camfrogweb.com/advanced/2.0.1.14/cfweb_a...
O16 - DPF: {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} - http://download.mcafee.com/molbin/shared/mcinsctl/4,0,0...
O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~2\GOEC62~1.DLL
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Boonty Games - BOONTY - C:\Program Files\Fichiers communs\BOONTY Shared\Service\Boonty.exe
O23 - Service: GoogleDesktopManager - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: MSCSPTISRV - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\MSCSPTISRV.exe
O23 - Service: Intel NCS NetService (NetSvc) - Intel(R) Corporation - C:\Program Files\Intel\PROSetWired\NCS\Sync\NetSvc.exe
O23 - Service: PACSPTISVR - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\PACSPTISVR.exe
O23 - Service: Planificateur LiveUpdate automatique - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\SPTISRV.exe
O23 - Service: SonicStage SCSI Service (SSScsiSV) - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\SSScsiSV.exe
O23 - Service: Windows Live Setup Service (WLSetupSvc) - Unknown owner - C:\Program Files\Windows Live\installer\WLSetupSvc.exe

--
End of file - 13166 bytes

Autres pages sur : help virus nokia msn

29 Octobre 2007 21:58:14

voici le rapport msnfix:

MSNFix 1.557

C:\Documents and Settings\tisserand raphael\Bureau\MSNFix
Fix exécuté le 29/10/2007 - 21:42:11.07 By tisserand raphael
mode normal

************************ Recherche les fichiers présents

... C:\Program Files\Fichiers communs\Carlson\carlton
... C:\PROGRA~1\Temporary\wininstall.exe
... C:\k3d3t4t8n7l.exe
... C:\zr-1-1148.exe
... C:\WINDOWS\b122.exe
... C:\WINDOWS\LBTWiz.exe
... C:\WINDOWS\Nokia_19_jpg.zip
... C:\WINDOWS\tsitra1148.exe
... C:\WINDOWS\system32\microsoft\backup.ftp
... C:\WINDOWS\system32\microsoft\backup.tftp
... C:\WINDOWS\Nokia_19_jpg.zip

************************ MSNCHK ***** /!\ beta test /!\

[!] C:\WINDOWS\Nokia_19_jpg.zip is INFECTED


************************ Recherche les dossiers présents

... C:\Program Files\Fichiers communs\Carlson\
... C:\PROGRA~1\Temporary\
... C:\PROGRA~1\WinAble\




************************ Suppression des fichiers

.. OK ... C:\Program Files\Fichiers communs\Carlson\carlton
.. OK ... C:\PROGRA~1\Temporary\wininstall.exe
.. OK ... C:\k3d3t4t8n7l.exe
.. OK ... C:\zr-1-1148.exe
/!\ ... C:\WINDOWS\b122.exe
/!\ ... C:\WINDOWS\LBTWiz.exe
.. OK ... C:\WINDOWS\Nokia_19_jpg.zip
/!\ ... C:\WINDOWS\tsitra1148.exe
.. OK ... C:\WINDOWS\system32\microsoft\backup.ftp
.. OK ... C:\WINDOWS\system32\microsoft\backup.tftp
.. OK ... C:\k3d3t4t8n7l.exe
.. OK ... C:\k3d3t4t8n7l.exe
.. OK ... C:\k3d3t4t8n7l.exe
.. OK ... C:\k3d3t4t8n7l.exe
.. OK ... C:\WINDOWS\Nokia_19_jpg.zip


************************ Suppression des dossiers

.. OK ... C:\Program Files\Fichiers communs\Carlson\
.. OK ... C:\PROGRA~1\Temporary\
.. OK ... C:\PROGRA~1\WinAble\


************************ Nettoyage du registre



Les fichiers encore présents seront supprimés au prochain redémarrage


************************ Suppression des fichiers

.. OK ... C:\WINDOWS\LBTWiz.exe
.. OK ... C:\WINDOWS\tsitra1148.exe



************************ Fichiers suspects

/!\ ces fichiers nécessitent un avis expérimenté avant toute intervention

[C:\WINDOWS\WLXPGSS.SCR] 6896D0403B2169BDE78F897EB89F5362

==> SVP merci d'envoyer le fichier C:\DOCUME~1\TISSER~1\Bureau\Upload_Me.zip sur http://upload.changelog.fr



Les fichiers et clés de registre supprimés ont été sauvegardés dans le fichier 29102007_214755.76.zip


------------------------------------------------------------------------
Auteur : !aur3n7 Contact: http://changelog.fr
------------------------------------------------------------------------

--------------------------------------------- END ---------------------------------------------

Aucun Fichier trouvé



************************ Fichiers suspects

/!\ ces fichiers nécessitent un avis expérimenté avant toute intervention

[C:\WINDOWS\WLXPGSS.SCR] 6896D0403B2169BDE78F897EB89F5362

==> SVP merci d'envoyer le fichier C:\DOCUME~1\TISSER~1\Bureau\Upload_Me.zip sur http://upload.changelog.fr



Les fichiers et clés de registre supprimés ont été sauvegardés dans le fichier 29102007_215332.32.zip


------------------------------------------------------------------------
Auteur : !aur3n7 Contact: http://changelog.fr
------------------------------------------------------------------------

--------------------------------------------- END ---------------------------------------------

29 Octobre 2007 21:59:51

voici le rapport msnfix:

MSNFix 1.557

C:\Documents and Settings\tisserand raphael\Bureau\MSNFix
Fix exécuté le 29/10/2007 - 21:42:11.07 By tisserand raphael
mode normal

************************ Recherche les fichiers présents

... C:\Program Files\Fichiers communs\Carlson\carlton
... C:\PROGRA~1\Temporary\wininstall.exe
... C:\k3d3t4t8n7l.exe
... C:\zr-1-1148.exe
... C:\WINDOWS\b122.exe
... C:\WINDOWS\LBTWiz.exe
... C:\WINDOWS\Nokia_19_jpg.zip
... C:\WINDOWS\tsitra1148.exe
... C:\WINDOWS\system32\microsoft\backup.ftp
... C:\WINDOWS\system32\microsoft\backup.tftp
... C:\WINDOWS\Nokia_19_jpg.zip

************************ MSNCHK ***** /!\ beta test /!\

[!] C:\WINDOWS\Nokia_19_jpg.zip is INFECTED


************************ Recherche les dossiers présents

... C:\Program Files\Fichiers communs\Carlson\
... C:\PROGRA~1\Temporary\
... C:\PROGRA~1\WinAble\




************************ Suppression des fichiers

.. OK ... C:\Program Files\Fichiers communs\Carlson\carlton
.. OK ... C:\PROGRA~1\Temporary\wininstall.exe
.. OK ... C:\k3d3t4t8n7l.exe
.. OK ... C:\zr-1-1148.exe
/!\ ... C:\WINDOWS\b122.exe
/!\ ... C:\WINDOWS\LBTWiz.exe
.. OK ... C:\WINDOWS\Nokia_19_jpg.zip
/!\ ... C:\WINDOWS\tsitra1148.exe
.. OK ... C:\WINDOWS\system32\microsoft\backup.ftp
.. OK ... C:\WINDOWS\system32\microsoft\backup.tftp
.. OK ... C:\k3d3t4t8n7l.exe
.. OK ... C:\k3d3t4t8n7l.exe
.. OK ... C:\k3d3t4t8n7l.exe
.. OK ... C:\k3d3t4t8n7l.exe
.. OK ... C:\WINDOWS\Nokia_19_jpg.zip


************************ Suppression des dossiers

.. OK ... C:\Program Files\Fichiers communs\Carlson\
.. OK ... C:\PROGRA~1\Temporary\
.. OK ... C:\PROGRA~1\WinAble\


************************ Nettoyage du registre



Les fichiers encore présents seront supprimés au prochain redémarrage


************************ Suppression des fichiers

.. OK ... C:\WINDOWS\LBTWiz.exe
.. OK ... C:\WINDOWS\tsitra1148.exe



************************ Fichiers suspects

/!\ ces fichiers nécessitent un avis expérimenté avant toute intervention

[C:\WINDOWS\WLXPGSS.SCR] 6896D0403B2169BDE78F897EB89F5362

==> SVP merci d'envoyer le fichier C:\DOCUME~1\TISSER~1\Bureau\Upload_Me.zip sur http://upload.changelog.fr



Les fichiers et clés de registre supprimés ont été sauvegardés dans le fichier 29102007_214755.76.zip


------------------------------------------------------------------------
Auteur : !aur3n7 Contact: http://changelog.fr
------------------------------------------------------------------------

--------------------------------------------- END ---------------------------------------------

Aucun Fichier trouvé



************************ Fichiers suspects

/!\ ces fichiers nécessitent un avis expérimenté avant toute intervention

[C:\WINDOWS\WLXPGSS.SCR] 6896D0403B2169BDE78F897EB89F5362

==> SVP merci d'envoyer le fichier C:\DOCUME~1\TISSER~1\Bureau\Upload_Me.zip sur http://upload.changelog.fr



Les fichiers et clés de registre supprimés ont été sauvegardés dans le fichier 29102007_215332.32.zip


------------------------------------------------------------------------
Auteur : !aur3n7 Contact: http://changelog.fr
------------------------------------------------------------------------

--------------------------------------------- END ---------------------------------------------

Contenus similaires
a b 8 Sécurité
30 Octobre 2007 11:50:12

Bonjour,

[#ff0000]CECI EST UNE ETAPE IMPORTANTE A REALISER ![/#f]
Upload l'archive Upload_Me.zip contenant les fichiers suspects afin de développer l'outil MSNFix.
AIDE : Upload des fichiers supects pour MSNFix
30 Octobre 2007 18:40:12

voilà c'est fait. Maintenant je fais quoi ?
a b 8 Sécurité
30 Octobre 2007 19:01:57

Reposte un rapport Hijackthis.
30 Octobre 2007 19:17:19

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 19:17:03, on 30/10/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\LEXPPS.EXE
C:\WINDOWS\Explorer.EXE
C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\SearchIndexer.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxpers.exe
C:\Program Files\Dell\Media Experience\DMXLauncher.exe
C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe
C:\WINDOWS\system32\LXSUPMON.EXE
C:\PROGRA~1\Sony\SONICS~1\SsAAD.exe
C:\Program Files\Corel\Corel Photo Album 6\MediaDetect.exe
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\Program Files\HP DVD\Umbrella\DVDTray.exe
C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd2.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Fichiers communs\Sony Shared\AVLib\SSScsiSV.exe
C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe
C:\Program Files\Hercules\Hercules DualPix HD Webcam\CamService.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Fichiers communs\Ahead\lib\NMBgMonitor.exe
C:\Program Files\Microsoft ActiveSync\WCESCOMM.EXE
C:\Program Files\Macrogaming\SweetIM\SweetIM.exe
C:\Program Files\Google\Google Updater\GoogleUpdater.exe
C:\Program Files\Windows Desktop Search\WindowsSearch.exe
C:\Program Files\Avant Browser\avant.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.dell.fr/myway
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://home.sweetim.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: SweetIM For Internet Explorer - {BC4FFE41-DE9F-46fa-B455-AAD49B9F9938} - C:\Program Files\Macrogaming\SweetIMBarForIE\toolbar.dll (file missing)
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: BHO pour Compagnon Web Encarta - {955BE0B8-BC85-4CAF-856E-8E0D8B610560} - C:\Program Files\Fichiers communs\Microsoft Shared\Encarta Web Companion\2007\ENCWCBAR.DLL
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.1.615.5858\swg.dll
O3 - Toolbar: Compagnon Web Encarta - {147D6308-0614-4112-89B1-31402F9B82C4} - C:\Program Files\Fichiers communs\Microsoft Shared\Encarta Web Companion\2007\ENCWCBAR.DLL
O3 - Toolbar: (no name) - {0BF43445-2F28-4351-9252-17FE6E806AA0} - (no file)
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O4 - HKLM\..\Run: [igfxtray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [igfxhkcmd] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [igfxpers] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [DMXLauncher] C:\Program Files\Dell\Media Experience\DMXLauncher.exe
O4 - HKLM\..\Run: [ISUSPM Startup] "C:\Program Files\Fichiers communs\InstallShield\UpdateService\isuspm.exe" -startup
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [LXSUPMON] C:\WINDOWS\system32\LXSUPMON.EXE RUN
O4 - HKLM\..\Run: [SsAAD.exe] C:\PROGRA~1\Sony\SONICS~1\SsAAD.exe
O4 - HKLM\..\Run: [Corel Photo Downloader] C:\Program Files\Corel\Corel Photo Album 6\MediaDetect.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [MSKDetectorExe] C:\Program Files\McAfee\SpamKiller\MSKDetct.exe /uninstall
O4 - HKLM\..\Run: [DVDTray] "C:\Program Files\HP DVD\Umbrella\DVDTray.exe"
O4 - HKLM\..\Run: [DVDBitSet] "C:\Program Files\HP DVD\Umbrella\DVDBitSet.exe" /NOUI
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe"
O4 - HKLM\..\Run: [HerculesCamService] C:\Program Files\Hercules\Hercules DualPix HD Webcam\CamService.exe
O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [WOOKIT] C:\PROGRA~1\Wanadoo\GestMaj.exe EspaceWanadoo.exe
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Fichiers communs\Ahead\lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Program Files\Microsoft ActiveSync\WCESCOMM.EXE"
O4 - HKCU\..\Run: [SweetIM] C:\Program Files\Macrogaming\SweetIM\SweetIM.exe
O4 - HKCU\..\Run: [pingpop] C:\DOCUME~1\TISSER~1\APPLIC~1\LOGPRO~1\vc draw curb.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: Outil de mise à jour Google.lnk = C:\Program Files\Google\Google Updater\GoogleUpdater.exe
O4 - Global Startup: Windows Desktop Search.lnk = C:\Program Files\Windows Desktop Search\WindowsSearch.exe
O8 - Extra context menu item: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra button: (no name) - {1A93C934-025B-4c3a-B38E-9654A7003239} - C:\WINDOWS\system32\shdocvw.dll
O9 - Extra 'Tools' menuitem: GamesBar - {1A93C934-025B-4c3a-B38E-9654A7003239} - C:\WINDOWS\system32\shdocvw.dll
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Créer un Favori de l'appareil mobile - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\inetrepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\inetrepl.dll
O9 - Extra 'Tools' menuitem: Créer un Favori de l'appareil mobile... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\inetrepl.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O9 - Extra button: Barre de recherche Encarta - {B205A35E-1FC4-4CE3-818B-899DBBB3388C} - C:\Program Files\Fichiers communs\Microsoft Shared\Encarta Search Bar\ENCSBAR.DLL
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {0E8D0700-75DF-11D3-8B4A-0008C7450C4A} (DjVuCtl Class) - http://downloadcenter.samsung.com/content/common/cab/Dj...
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://webscanner.kaspersky.fr/kavwebscan_unicode.cab
O16 - DPF: {2357B3CF-7F8D-4451-8D81-FD6097610AEE} (CamfrogWEB Advanced Unicode Control) - http://activex.camfrogweb.com/advanced/2.0.1.14/cfweb_a...
O16 - DPF: {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} - http://download.mcafee.com/molbin/shared/mcinsctl/4,0,0...
O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~2\GOEC62~1.DLL
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Boonty Games - BOONTY - C:\Program Files\Fichiers communs\BOONTY Shared\Service\Boonty.exe
O23 - Service: GoogleDesktopManager - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: MSCSPTISRV - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\MSCSPTISRV.exe
O23 - Service: Intel NCS NetService (NetSvc) - Intel(R) Corporation - C:\Program Files\Intel\PROSetWired\NCS\Sync\NetSvc.exe
O23 - Service: PACSPTISVR - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\PACSPTISVR.exe
O23 - Service: Planificateur LiveUpdate automatique - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\SPTISRV.exe
O23 - Service: SonicStage SCSI Service (SSScsiSV) - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\SSScsiSV.exe
O23 - Service: Windows Live Setup Service (WLSetupSvc) - Unknown owner - C:\Program Files\Windows Live\installer\WLSetupSvc.exe

--
30 Octobre 2007 19:19:58

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 19:17:03, on 30/10/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\LEXPPS.EXE
C:\WINDOWS\Explorer.EXE
C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\SearchIndexer.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxpers.exe
C:\Program Files\Dell\Media Experience\DMXLauncher.exe
C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe
C:\WINDOWS\system32\LXSUPMON.EXE
C:\PROGRA~1\Sony\SONICS~1\SsAAD.exe
C:\Program Files\Corel\Corel Photo Album 6\MediaDetect.exe
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\Program Files\HP DVD\Umbrella\DVDTray.exe
C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd2.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Fichiers communs\Sony Shared\AVLib\SSScsiSV.exe
C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe
C:\Program Files\Hercules\Hercules DualPix HD Webcam\CamService.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Fichiers communs\Ahead\lib\NMBgMonitor.exe
C:\Program Files\Microsoft ActiveSync\WCESCOMM.EXE
C:\Program Files\Macrogaming\SweetIM\SweetIM.exe
C:\Program Files\Google\Google Updater\GoogleUpdater.exe
C:\Program Files\Windows Desktop Search\WindowsSearch.exe
C:\Program Files\Avant Browser\avant.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.dell.fr/myway
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://home.sweetim.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: SweetIM For Internet Explorer - {BC4FFE41-DE9F-46fa-B455-AAD49B9F9938} - C:\Program Files\Macrogaming\SweetIMBarForIE\toolbar.dll (file missing)
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: BHO pour Compagnon Web Encarta - {955BE0B8-BC85-4CAF-856E-8E0D8B610560} - C:\Program Files\Fichiers communs\Microsoft Shared\Encarta Web Companion\2007\ENCWCBAR.DLL
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.1.615.5858\swg.dll
O3 - Toolbar: Compagnon Web Encarta - {147D6308-0614-4112-89B1-31402F9B82C4} - C:\Program Files\Fichiers communs\Microsoft Shared\Encarta Web Companion\2007\ENCWCBAR.DLL
O3 - Toolbar: (no name) - {0BF43445-2F28-4351-9252-17FE6E806AA0} - (no file)
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O4 - HKLM\..\Run: [igfxtray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [igfxhkcmd] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [igfxpers] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [DMXLauncher] C:\Program Files\Dell\Media Experience\DMXLauncher.exe
O4 - HKLM\..\Run: [ISUSPM Startup] "C:\Program Files\Fichiers communs\InstallShield\UpdateService\isuspm.exe" -startup
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [LXSUPMON] C:\WINDOWS\system32\LXSUPMON.EXE RUN
O4 - HKLM\..\Run: [SsAAD.exe] C:\PROGRA~1\Sony\SONICS~1\SsAAD.exe
O4 - HKLM\..\Run: [Corel Photo Downloader] C:\Program Files\Corel\Corel Photo Album 6\MediaDetect.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [MSKDetectorExe] C:\Program Files\McAfee\SpamKiller\MSKDetct.exe /uninstall
O4 - HKLM\..\Run: [DVDTray] "C:\Program Files\HP DVD\Umbrella\DVDTray.exe"
O4 - HKLM\..\Run: [DVDBitSet] "C:\Program Files\HP DVD\Umbrella\DVDBitSet.exe" /NOUI
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe"
O4 - HKLM\..\Run: [HerculesCamService] C:\Program Files\Hercules\Hercules DualPix HD Webcam\CamService.exe
O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [WOOKIT] C:\PROGRA~1\Wanadoo\GestMaj.exe EspaceWanadoo.exe
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Fichiers communs\Ahead\lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Program Files\Microsoft ActiveSync\WCESCOMM.EXE"
O4 - HKCU\..\Run: [SweetIM] C:\Program Files\Macrogaming\SweetIM\SweetIM.exe
O4 - HKCU\..\Run: [pingpop] C:\DOCUME~1\TISSER~1\APPLIC~1\LOGPRO~1\vc draw curb.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: Outil de mise à jour Google.lnk = C:\Program Files\Google\Google Updater\GoogleUpdater.exe
O4 - Global Startup: Windows Desktop Search.lnk = C:\Program Files\Windows Desktop Search\WindowsSearch.exe
O8 - Extra context menu item: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra button: (no name) - {1A93C934-025B-4c3a-B38E-9654A7003239} - C:\WINDOWS\system32\shdocvw.dll
O9 - Extra 'Tools' menuitem: GamesBar - {1A93C934-025B-4c3a-B38E-9654A7003239} - C:\WINDOWS\system32\shdocvw.dll
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Créer un Favori de l'appareil mobile - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\inetrepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\inetrepl.dll
O9 - Extra 'Tools' menuitem: Créer un Favori de l'appareil mobile... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\inetrepl.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O9 - Extra button: Barre de recherche Encarta - {B205A35E-1FC4-4CE3-818B-899DBBB3388C} - C:\Program Files\Fichiers communs\Microsoft Shared\Encarta Search Bar\ENCSBAR.DLL
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {0E8D0700-75DF-11D3-8B4A-0008C7450C4A} (DjVuCtl Class) - http://downloadcenter.samsung.com/content/common/cab/Dj...
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://webscanner.kaspersky.fr/kavwebscan_unicode.cab
O16 - DPF: {2357B3CF-7F8D-4451-8D81-FD6097610AEE} (CamfrogWEB Advanced Unicode Control) - http://activex.camfrogweb.com/advanced/2.0.1.14/cfweb_a...
O16 - DPF: {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} - http://download.mcafee.com/molbin/shared/mcinsctl/4,0,0...
O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~2\GOEC62~1.DLL
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Boonty Games - BOONTY - C:\Program Files\Fichiers communs\BOONTY Shared\Service\Boonty.exe
O23 - Service: GoogleDesktopManager - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: MSCSPTISRV - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\MSCSPTISRV.exe
O23 - Service: Intel NCS NetService (NetSvc) - Intel(R) Corporation - C:\Program Files\Intel\PROSetWired\NCS\Sync\NetSvc.exe
O23 - Service: PACSPTISVR - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\PACSPTISVR.exe
O23 - Service: Planificateur LiveUpdate automatique - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\SPTISRV.exe
O23 - Service: SonicStage SCSI Service (SSScsiSV) - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\SSScsiSV.exe
O23 - Service: Windows Live Setup Service (WLSetupSvc) - Unknown owner - C:\Program Files\Windows Live\installer\WLSetupSvc.exe

--
a b 8 Sécurité
30 Octobre 2007 19:24:57

Euh...ce n'est pas ce que j'ai demandé.
30 Octobre 2007 19:37:41

je dois cliquer sur quel icone pour Antivir car il y en a plusieurs
a b 8 Sécurité
30 Octobre 2007 19:41:36

Tu l'as installé au moins ?
30 Octobre 2007 19:45:04

non pas encore j'ai pas compris comment faire car je tombe sur une page en Anglais avec plein d'icone et j'ai peur de faire une bétise. Peut tu m'aider !!!
a b 8 Sécurité
30 Octobre 2007 19:47:01

Tu peux le télécharger sur Infos du Net :) 
30 Octobre 2007 19:48:54

ok dans l'onglet téléchargement, merci j'y vais.
30 Octobre 2007 20:06:54

30.10.2007 20:04:23 - Installation Directory: C:\Program Files\Avira\AntiVir PersonalEdition Classic\
30.10.2007 20:04:23 - Backup Directory: C:\Documents and Settings\All Users\Application Data\Avira\AntiVir PersonalEdition Classic\BACKUP\
30.10.2007 20:04:23 - Temp Directory: C:\Documents and Settings\All Users\Application Data\Avira\AntiVir PersonalEdition Classic\Update\AVUPDATE_47278037\
30.10.2007 20:04:24 - Start the Update GUI... Displaymode: 0

30.10.2007 20:04:23 - Installation Directory: C:\Program Files\Avira\AntiVir PersonalEdition Classic\
30.10.2007 20:04:23 - Backup Directory: C:\Documents and Settings\All Users\Application Data\Avira\AntiVir PersonalEdition Classic\BACKUP\
30.10.2007 20:04:23 - Temp Directory: C:\Documents and Settings\All Users\Application Data\Avira\AntiVir PersonalEdition Classic\Update\AVUPDATE_47278037\
30.10.2007 20:04:24 - Start the Update GUI... Displaymode: 0

30.10.2007 20:04:25 - Keyfile: OK [FULL Mode]

30.10.2007 20:04:25 - Avira AntiVir PersonalEdition Classic

30.10.2007 20:04:36 - Master IDX file has changed
30.10.2007 20:04:41 - Keyfile: OK [FULL Mode]

30.10.2007 20:04:43 - Downloading the product.info file from http://dl2.avgate.net/upd/idx/classic-nt-en.info.gz
30.10.2007 20:04:45 - File basic-nt/2k/avgntflt.sys's operating system doesn't match the current one. File ignored.
30.10.2007 20:04:45 - File basic-nt/avadmin.exe's operating system doesn't match the current one. File ignored.
30.10.2007 20:04:45 - File basic-nt/avgio64.sys's operating system doesn't match the current one. File ignored.
30.10.2007 20:04:45 - File basic-nt/imp64b.exe's operating system doesn't match the current one. File ignored.
30.10.2007 20:04:45 - File basic-nt/psapi.dll's operating system doesn't match the current one. File ignored.
30.10.2007 20:04:45 - File basic-nt/shlext64.dll's operating system doesn't match the current one. File ignored.
30.10.2007 20:04:45 - File basic-nt/vista64/avgntflt.sys's operating system doesn't match the current one. File ignored.
30.10.2007 20:04:45 - File basic-nt/wsctool.exe's operating system doesn't match the current one. File ignored.
30.10.2007 20:04:45 - File basic-nt/xp64/avgntflt.sys's operating system doesn't match the current one. File ignored.
30.10.2007 20:04:45 - File basic-nt/2k/avgntdd.sys's operating system doesn't match the current one. File ignored.
30.10.2007 20:04:45 - File basic-nt/2k/avgntmgr.sys's operating system doesn't match the current one. File ignored.
30.10.2007 20:04:45 - File basic-nt/nt/avgntdd.sys's operating system doesn't match the current one. File ignored.
30.10.2007 20:04:45 - File basic-nt/nt/avgntmgr.sys's operating system doesn't match the current one. File ignored.
30.10.2007 20:04:45 - File basic-nt/vista64/avgntflt.sys's operating system doesn't match the current one. File ignored.
30.10.2007 20:04:45 - Downloading the product.info file from http://dl2.avgate.net/upd/idx/vdf.info.gz
30.10.2007 20:04:47 - Keyfile: OK [FULL Mode]

30.10.2007 20:04:47 - Downloading the product.info file from http://dl2.avgate.net/upd/idx/specvir-nt.info.gz
30.10.2007 20:04:48 - Downloading the product.info file from http://dl2.avgate.net/upd/idx/engine.info.gz
30.10.2007 20:04:48 - Downloading the product.info file from http://dl2.avgate.net/upd/idx/engine-nt-en.info.gz
30.10.2007 20:04:51 - Module: SELFUPDATE Source: winwks\en\ Destination: C:\Program Files\Avira\AntiVir PersonalEdition Classic\ Files: 15
30.10.2007 20:04:51 - C:\Program Files\Avira\AntiVir PersonalEdition Classic\updlib.dll 1.2.10.20 < 1.2.10.21
30.10.2007 20:04:51 - Module: MAIN Source: winwks\en\ Destination: C:\Program Files\Avira\AntiVir PersonalEdition Classic\ Files: 75
30.10.2007 20:04:51 - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe 7.2.0.13 < 7.2.0.16
30.10.2007 20:04:51 - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe 7.0.0.81 < 7.0.0.82
30.10.2007 20:04:51 - C:\Program Files\Avira\AntiVir PersonalEdition Classic\ccguard.dll 7.0.1.34 < 7.0.1.35
30.10.2007 20:04:51 - C:\Program Files\Avira\AntiVir PersonalEdition Classic\preupd.exe 7.0.0.34 < 7.0.0.35
30.10.2007 20:04:51 - Module: COMMAPPDATA Source: winwks\en\ Destination: C:\Documents and Settings\All Users\Application Data\ Files: 1
30.10.2007 20:04:51 - Module: TEXT Source: winwks\en\ Destination: C:\Program Files\Avira\AntiVir PersonalEdition Classic\ Files: 3
30.10.2007 20:04:51 - Module: VDF Source: vdf\ Destination: C:\Program Files\Avira\AntiVir PersonalEdition Classic\ Files: 4
30.10.2007 20:04:51 - C:\Program Files\Avira\AntiVir PersonalEdition Classic\antivir2.vdf 7.0.0.1 < 7.0.0.140
30.10.2007 20:04:51 - C:\Program Files\Avira\AntiVir PersonalEdition Classic\antivir3.vdf 7.0.0.2 < 7.0.0.155
30.10.2007 20:04:51 - Module: AVREP_NT Source: engine\nt\ Destination: C:\Program Files\Avira\AntiVir PersonalEdition Classic\ Files: 1
30.10.2007 20:04:51 - Module: ENGINE Source: engine\ Destination: C:\Program Files\Avira\AntiVir PersonalEdition Classic\ Files: 2
30.10.2007 20:04:51 - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avewin32.dll 7.6.0.15 < 7.6.0.30
30.10.2007 20:04:51 - Module: ENGINE_NT_EN Source: engine\nt\ Destination: C:\Program Files\Avira\AntiVir PersonalEdition Classic\ Files: 1
30.10.2007 20:04:51 - Module: DRV Source: winwks\en\ Destination: C:\WINDOWS\SYSTEM32\drivers\ Files: 4
30.10.2007 20:04:51 - C:\WINDOWS\SYSTEM32\drivers\avipbb.sys 1.0.2.11 < 1.0.2.13
30.10.2007 20:04:51 - Minifilter is installed

30.10.2007 20:04:51 - Minifilter is possible

30.10.2007 20:04:51 - Reading registry value successful: Software\Avira\AntiVir PersonalEdition Classic | FilterType

30.10.2007 20:04:51 - Initialize avnotify.exe

30.10.2007 20:04:52 - Starting avnotify.exe successful

30.10.2007 20:04:52 - Preparing to download files
30.10.2007 20:04:52 - 10 files need to be downloaded / copied from http://dl2.avgate.net/upd/
30.10.2007 20:04:52 - #1: Downloading and extracting http://dl2.avgate.net/upd/winwks/en/basic-nt/updlib.dll... to C:\Documents and Settings\All Users\Application Data\Avira\AntiVir PersonalEdition Classic\Update\AVUPDATE_47278037\winwks\en\basic-nt/updlib.dll
30.10.2007 20:04:59 - #2: Downloading and extracting http://dl2.avgate.net/upd/winwks/en/basic-nt/avgnt.exe.... to C:\Documents and Settings\All Users\Application Data\Avira\AntiVir PersonalEdition Classic\Update\AVUPDATE_47278037\winwks\en\basic-nt/avgnt.exe
30.10.2007 20:05:01 - #3: Downloading and extracting http://dl2.avgate.net/upd/winwks/en/basic-nt/avguard.ex... to C:\Documents and Settings\All Users\Application Data\Avira\AntiVir PersonalEdition Classic\Update\AVUPDATE_47278037\winwks\en\basic-nt/avguard.exe
30.10.2007 20:05:05 - #4: Downloading and extracting http://dl2.avgate.net/upd/winwks/en/basic-nt/ccguard.dl... to C:\Documents and Settings\All Users\Application Data\Avira\AntiVir PersonalEdition Classic\Update\AVUPDATE_47278037\winwks\en\basic-nt/ccguard.dll
30.10.2007 20:05:12 - #5: Downloading and extracting http://dl2.avgate.net/upd/winwks/en/basic-nt/preupd.exe... to C:\Documents and Settings\All Users\Application Data\Avira\AntiVir PersonalEdition Classic\Update\AVUPDATE_47278037\winwks\en\basic-nt/preupd.exe
30.10.2007 20:05:16 - #6: Downloading and extracting http://dl2.avgate.net/upd/winwks/en/basic-nt/addr_file.... to C:\Documents and Settings\All Users\Application Data\Avira\AntiVir PersonalEdition Classic\Update\AVUPDATE_47278037\winwks\en\basic-nt/addr_file.html
30.10.2007 20:05:17 - #7: Downloading and extracting http://dl2.avgate.net/upd/vdf/antivir2.vdf.gz to C:\Documents and Settings\All Users\Application Data\Avira\AntiVir PersonalEdition Classic\Update\AVUPDATE_47278037\vdf\antivir2.vdf
30.10.2007 20:05:39 - #8: Downloading and extracting http://dl2.avgate.net/upd/vdf/antivir3.vdf.gz to C:\Documents and Settings\All Users\Application Data\Avira\AntiVir PersonalEdition Classic\Update\AVUPDATE_47278037\vdf\antivir3.vdf
30.10.2007 20:05:41 - #9: Downloading and extracting http://dl2.avgate.net/upd/engine/avewin32.dll.gz to C:\Documents and Settings\All Users\Application Data\Avira\AntiVir PersonalEdition Classic\Update\AVUPDATE_47278037\engine\avewin32.dll
30.10.2007 20:06:09 - #10: Downloading and extracting http://dl2.avgate.net/upd/winwks/en/basic-nt/avipbb.sys... to C:\Documents and Settings\All Users\Application Data\Avira\AntiVir PersonalEdition Classic\Update\AVUPDATE_47278037\winwks\en\basic-nt/avipbb.sys
30.10.2007 20:06:16 - Service AVEService is not installed

30.10.2007 20:06:16 - Service AntiVirMailService is not installed

30.10.2007 20:06:16 - Initialize fwinst.exe

30.10.2007 20:06:16 - Initialize fwinst.exe

30.10.2007 20:06:16 - Service AntiVirFirewallService is not installed

30.10.2007 20:06:16 - Service antivirwebservice is not installed

30.10.2007 20:06:16 - Status of service AntiVirService is running

30.10.2007 20:06:16 - Initialize avgnt.exe

30.10.2007 20:06:16 - Status of service AntiVirScheduler is running

30.10.2007 20:06:16 - Minifilter is installed

30.10.2007 20:06:16 - Minifilter is possible

30.10.2007 20:06:16 - Initialize avscan.exe

30.10.2007 20:06:16 - Initialize avconfig.cpl

30.10.2007 20:06:16 - Initialize avcenter.exe

30.10.2007 20:06:16 - shell extension is installed

30.10.2007 20:06:16 - Reading registry value successful: Software\Avira\AntiVir PersonalEdition Classic | RootkitsInstalled

30.10.2007 20:06:16 - Reading registry value successful: Software\Avira\AntiVir PersonalEdition Classic | RootkitsInstalled

30.10.2007 20:06:16 - Service AVEService is not installed

30.10.2007 20:06:16 - Service AntiVirMailService is not installed

30.10.2007 20:06:16 - Initialize fwinst.exe

30.10.2007 20:06:16 - Initialize fwinst.exe

30.10.2007 20:06:16 - Service AntiVirFirewallService is not installed

30.10.2007 20:06:16 - shell extension is installed

30.10.2007 20:06:16 - Initialize regsvr32.exe

30.10.2007 20:06:17 - shell extension removed successfully

30.10.2007 20:06:17 - avgnt.exe closed.

30.10.2007 20:06:17 - Status of service AntiVirScheduler is running

30.10.2007 20:06:17 - Service AntiVirScheduler successfully stopped

30.10.2007 20:06:17 - Status of service AntiVirService is running

30.10.2007 20:06:19 - Service AntiVirService successfully stopped

30.10.2007 20:06:19 - Starting to install
30.10.2007 20:06:19 - Processing module SELFUPDATE Source: C:\Documents and Settings\All Users\Application Data\Avira\AntiVir PersonalEdition Classic\Update\AVUPDATE_47278037\winwks\en\ Destination: C:\Program Files\Avira\AntiVir PersonalEdition Classic\
30.10.2007 20:06:19 - Current Direcory:C:\Program Files\Avira\AntiVir PersonalEdition Classic, About to execute C:\Documents and Settings\All Users\Application Data\Avira\AntiVir PersonalEdition Classic\Update\AVUPDATE_47278037\SelfUpdateTemp\update.exe --log-template="${DAY}.${MONTH}.${YEAR} ${HOUR}:${MINUTE}:${SECOND} - ${MSG}".Self Update helper
30.10.2007 20:06:20 - Installation Directory: C:\Program Files\Avira\AntiVir PersonalEdition Classic\
30.10.2007 20:06:20 - Backup Directory: C:\Documents and Settings\All Users\Application Data\Avira\AntiVir PersonalEdition Classic\BACKUP\
30.10.2007 20:06:20 - Temp Directory: C:\WINDOWS\TEMP\Update_Temp\
30.10.2007 20:06:20 - Avira AntiVir PersonalEdition Classic

30.10.2007 20:06:20 - Self update: Copying file C:\Documents and Settings\All Users\Application Data\Avira\AntiVir PersonalEdition Classic\Update\AVUPDATE_47278037\winwks\en\basic-nt/updlib.dll to C:\Program Files\Avira\AntiVir PersonalEdition Classic\updlib.dll
30.10.2007 20:06:20 - Executing original update application
30.10.2007 20:06:20 - Current Direcory:C:\Program Files\Avira\AntiVir PersonalEdition Classic, About to execute C:\Program Files\Avira\AntiVir PersonalEdition Classic\update.exe --config-file="C:\Documents and Settings\All Users\Application Data\Avira\AntiVir PersonalEdition Classic\update.conf" --install-path="C:\Program Files\Avira\AntiVir PersonalEdition Classic" --log-template="${DAY}.${MONTH}.${YEAR} ${HOUR}:${MINUTE}:${SECOND} - ${MSG}" --NoSelfUpdate "--TmpDir=C:\Documents and Settings\All Users\Application Data\Avira\AntiVir PersonalEdition Classic\Update\AVUPDATE_47278037" "--LogFile=C:\Documents and Settings\All Users\Application Data\Avira\AntiVir PersonalEdition Classic\LOGFILES\Upd-2007-10-30-20-04-23.log" "--TmpFilesList=C:\Documents and Settings\All Users\Application Data\Avira\AntiVir PersonalEdition Classic\Update\AVUPDATE_47278037\ToRemove.txt".Executing original update application
30.10.2007 20:06:20 - Installation Directory: C:\Program Files\Avira\AntiVir PersonalEdition Classic\
30.10.2007 20:06:20 - Backup Directory: C:\Documents and Settings\All Users\Application Data\Avira\AntiVir PersonalEdition Classic\BACKUP\
30.10.2007 20:06:20 - Temp Directory: C:\Documents and Settings\All Users\Application Data\Avira\AntiVir PersonalEdition Classic\Update\AVUPDATE_47278037\
30.10.2007 20:06:20 - Start the Update GUI... Displaymode: 0

30.10.2007 20:06:20 - Avira AntiVir PersonalEdition Classic

30.10.2007 20:06:21 - Master IDX file has changed
30.10.2007 20:06:21 - File basic-nt/2k/avgntflt.sys's operating system doesn't match the current one. File ignored.
30.10.2007 20:06:21 - File basic-nt/avadmin.exe's operating system doesn't match the current one. File ignored.
30.10.2007 20:06:21 - File basic-nt/avgio64.sys's operating system doesn't match the current one. File ignored.
30.10.2007 20:06:21 - File basic-nt/imp64b.exe's operating system doesn't match the current one. File ignored.
30.10.2007 20:06:21 - File basic-nt/psapi.dll's operating system doesn't match the current one. File ignored.
30.10.2007 20:06:21 - File basic-nt/shlext64.dll's operating system doesn't match the current one. File ignored.
30.10.2007 20:06:21 - File basic-nt/vista64/avgntflt.sys's operating system doesn't match the current one. File ignored.
30.10.2007 20:06:21 - File basic-nt/wsctool.exe's operating system doesn't match the current one. File ignored.
30.10.2007 20:06:21 - File basic-nt/xp64/avgntflt.sys's operating system doesn't match the current one. File ignored.
30.10.2007 20:06:21 - File basic-nt/2k/avgntdd.sys's operating system doesn't match the current one. File ignored.
30.10.2007 20:06:21 - File basic-nt/2k/avgntmgr.sys's operating system doesn't match the current one. File ignored.
30.10.2007 20:06:21 - File basic-nt/nt/avgntdd.sys's operating system doesn't match the current one. File ignored.
30.10.2007 20:06:21 - File basic-nt/nt/avgntmgr.sys's operating system doesn't match the current one. File ignored.
30.10.2007 20:06:21 - File basic-nt/vista64/avgntflt.sys's operating system doesn't match the current one. File ignored.
30.10.2007 20:06:21 - Downloading the product.info file from http://dl1.avgate.net/upd/idx/vdf.info.gz
30.10.2007 20:06:21 - Downloading the product.info file from http://dl1.avgate.net/upd/idx/specvir-nt.info.gz
30.10.2007 20:06:21 - Downloading the product.info file from http://dl1.avgate.net/upd/idx/engine.info.gz
30.10.2007 20:06:21 - Downloading the product.info file from http://dl1.avgate.net/upd/idx/engine-nt-en.info.gz
30.10.2007 20:06:21 - Module: SELFUPDATE Source: winwks\en\ Destination: C:\Program Files\Avira\AntiVir PersonalEdition Classic\ Files: 15
30.10.2007 20:06:21 - Module: MAIN Source: winwks\en\ Destination: C:\Program Files\Avira\AntiVir PersonalEdition Classic\ Files: 75
30.10.2007 20:06:21 - Module: COMMAPPDATA Source: winwks\en\ Destination: C:\Documents and Settings\All Users\Application Data\ Files: 1
30.10.2007 20:06:21 - Module: TEXT Source: winwks\en\ Destination: C:\Program Files\Avira\AntiVir PersonalEdition Classic\ Files: 3
30.10.2007 20:06:21 - Module: VDF Source: vdf\ Destination: C:\Program Files\Avira\AntiVir PersonalEdition Classic\ Files: 4
30.10.2007 20:06:21 - Module: AVREP_NT Source: engine\nt\ Destination: C:\Program Files\Avira\AntiVir PersonalEdition Classic\ Files: 1
30.10.2007 20:06:21 - Module: ENGINE Source: engine\ Destination: C:\Program Files\Avira\AntiVir PersonalEdition Classic\ Files: 2
30.10.2007 20:06:21 - Module: ENGINE_NT_EN Source: engine\nt\ Destination: C:\Program Files\Avira\AntiVir PersonalEdition Classic\ Files: 1
30.10.2007 20:06:21 - Module: DRV Source: winwks\en\ Destination: C:\WINDOWS\SYSTEM32\drivers\ Files: 4
30.10.2007 20:06:21 - Minifilter is installed

30.10.2007 20:06:21 - Minifilter is possible

30.10.2007 20:06:21 - Reading registry value successful: Software\Avira\AntiVir PersonalEdition Classic | FilterType

30.10.2007 20:06:21 - Preparing to download files
30.10.2007 20:06:21 - 9 files need to be downloaded / copied from http://dl1.avgate.net/upd/
30.10.2007 20:06:21 - File C:\Documents and Settings\All Users\Application Data\Avira\AntiVir PersonalEdition Classic\Update\AVUPDATE_47278037\winwks\en\basic-nt\avgnt.exe.gz already exists in temporary folder and it will not be downloaded again
30.10.2007 20:06:21 - File C:\Documents and Settings\All Users\Application Data\Avira\AntiVir PersonalEdition Classic\Update\AVUPDATE_47278037\winwks\en\basic-nt\avguard.exe.gz already exists in temporary folder and it will not be downloaded again
30.10.2007 20:06:21 - File C:\Documents and Settings\All Users\Application Data\Avira\AntiVir PersonalEdition Classic\Update\AVUPDATE_47278037\winwks\en\basic-nt\ccguard.dll.gz already exists in temporary folder and it will not be downloaded again
30.10.2007 20:06:21 - File C:\Documents and Settings\All Users\Application Data\Avira\AntiVir PersonalEdition Classic\Update\AVUPDATE_47278037\winwks\en\basic-nt\preupd.exe.gz already exists in temporary folder and it will not be downloaded again
30.10.2007 20:06:21 - File C:\Documents and Settings\All Users\Application Data\Avira\AntiVir PersonalEdition Classic\Update\AVUPDATE_47278037\winwks\en\basic-nt\addr_file.html.gz already exists in temporary folder and it will not be downloaded again
30.10.2007 20:06:21 - File C:\Documents and Settings\All Users\Application Data\Avira\AntiVir PersonalEdition Classic\Update\AVUPDATE_47278037\vdf\antivir2.vdf.gz already exists in temporary folder and it will not be downloaded again
30.10.2007 20:06:21 - File C:\Documents and Settings\All Users\Application Data\Avira\AntiVir PersonalEdition Classic\Update\AVUPDATE_47278037\vdf\antivir3.vdf.gz already exists in temporary folder and it will not be downloaded again
30.10.2007 20:06:21 - File C:\Documents and Settings\All Users\Application Data\Avira\AntiVir PersonalEdition Classic\Update\AVUPDATE_47278037\engine\avewin32.dll.gz already exists in temporary folder and it will not be downloaded again
30.10.2007 20:06:21 - File C:\Documents and Settings\All Users\Application Data\Avira\AntiVir PersonalEdition Classic\Update\AVUPDATE_47278037\winwks\en\basic-nt\avipbb.sys.gz already exists in temporary folder and it will not be downloaded again
30.10.2007 20:06:21 - Starting to install
30.10.2007 20:06:22 - Processing module MAIN Source: C:\Documents and Settings\All Users\Application Data\Avira\AntiVir PersonalEdition Classic\Update\AVUPDATE_47278037\winwks\en\ Destination: C:\Program Files\Avira\AntiVir PersonalEdition Classic\
30.10.2007 20:06:22 - File C:\Documents and Settings\All Users\Application Data\addr_file.html will not be backed up because it doesn't exist
30.10.2007 20:06:22 - Processing module COMMAPPDATA Source: C:\Documents and Settings\All Users\Application Data\Avira\AntiVir PersonalEdition Classic\Update\AVUPDATE_47278037\winwks\en\ Destination: C:\Documents and Settings\All Users\Application Data\
30.10.2007 20:06:22 - Processing module VDF Source: C:\Documents and Settings\All Users\Application Data\Avira\AntiVir PersonalEdition Classic\Update\AVUPDATE_47278037\vdf\ Destination: C:\Program Files\Avira\AntiVir PersonalEdition Classic\
30.10.2007 20:06:22 - Processing module ENGINE Source: C:\Documents and Settings\All Users\Application Data\Avira\AntiVir PersonalEdition Classic\Update\AVUPDATE_47278037\engine\ Destination: C:\Program Files\Avira\AntiVir PersonalEdition Classic\
30.10.2007 20:06:22 - Processing module DRV Source: C:\Documents and Settings\All Users\Application Data\Avira\AntiVir PersonalEdition Classic\Update\AVUPDATE_47278037\winwks\en\ Destination: C:\WINDOWS\SYSTEM32\drivers\
30.10.2007 20:06:22 - A total of 9 files were updated
30.10.2007 20:06:22 - Registry entry created successfully: Software\Avira\AntiVir PersonalEdition Classic |UpdateInProgress

30.10.2007 20:06:22 - Service AVEService is not installed

30.10.2007 20:06:22 - Service AntiVirMailService is not installed

30.10.2007 20:06:22 - Initialize fwinst.exe

30.10.2007 20:06:22 - Initialize fwinst.exe

30.10.2007 20:06:22 - Service AntiVirFirewallService is not installed

30.10.2007 20:06:22 - Service antivirwebservice is not installed

30.10.2007 20:06:22 - Status of service AntiVirService is stopped

30.10.2007 20:06:22 - Initialize avgnt.exe

30.10.2007 20:06:22 - Status of service AntiVirScheduler is stopped

30.10.2007 20:06:22 - Minifilter is installed

30.10.2007 20:06:22 - Minifilter is possible

30.10.2007 20:06:22 - Initialize avscan.exe

30.10.2007 20:06:22 - Initialize avconfig.cpl

30.10.2007 20:06:22 - Initialize avcenter.exe

30.10.2007 20:06:22 - shell extension is installed

30.10.2007 20:06:22 - Reading registry value successful: Software\Avira\AntiVir PersonalEdition Classic | RootkitsInstalled

30.10.2007 20:06:22 - Reading registry value successful: Software\Avira\AntiVir PersonalEdition Classic | RootkitsInstalled

30.10.2007 20:06:28 - Service AntiVirService successfully started

30.10.2007 20:06:28 - Starting avgnt.exe successful

30.10.2007 20:06:29 - Service AntiVirScheduler successfully started

30.10.2007 20:06:29 - shell extension is installed

30.10.2007 20:06:29 - Initialize regsvr32.exe

30.10.2007 20:06:30 - installation of shell extension successful

30.10.2007 20:06:30 - Cannot start the service antivirwebservice

30.10.2007 20:06:30 - Dialup: 0

30.10.2007 20:06:30 - Downloaded bytes: 2677091

30.10.2007 20:06:30 - Downloaded file(s): 10

30.10.2007 20:06:30 - Downloaded file(s): updlib.dll; avgnt.exe; avguard.exe; ccguard.dll; preupd.exe; addr_file.html; antivir2.vdf; antivir3.vdf; avewin32.dll; avipbb.sys

30.10.2007 20:06:30 - Engine version local : 7.6.0.15

30.10.2007 20:06:30 - Engine version internet: 7.6.0.30

30.10.2007 20:06:30 - 0. VDF version local : 6.40.0.0

30.10.2007 20:06:30 - 0. VDF version internet: 6.40.0.0

30.10.2007 20:06:30 - 1. VDF version local : 7.0.0.0

30.10.2007 20:06:30 - 1. VDF version internet: 7.0.0.0

30.10.2007 20:06:30 - 2. VDF version local : 7.0.0.1

30.10.2007 20:06:30 - 2. VDF version internet: 7.0.0.140

30.10.2007 20:06:30 - 3. VDF version local : 7.0.0.2

30.10.2007 20:06:30 - 3. VDF version internet: 7.0.0.155

30.10.2007 20:06:30 - Required time: 00:09

30.10.2007 20:06:30 - Registry entry created successfully: Software\Avira\AntiVir PersonalEdition Classic |LastUpdate

30.10.2007 20:06:30 - Update finished successfully
30 Octobre 2007 20:18:52

voilà je fais quoi maintenant
30 Octobre 2007 22:55:54

bon j'ai essayé de retourner sur MSN et apparament il n'y a plus de problème. Maia par contre Antivir est un Antivirus comme avast ou bien je dois entrouver un autre ?
Sinon merci de ton aide, c'est la 3 ème fois que je te demande à l'aide et que tu résolu mon problème.
31 Octobre 2007 19:24:21



AntiVir PersonalEdition Classic
Report file date: mercredi 31 octobre 2007 18:14

Scanning for 911601 virus strains and unwanted programs.

Licensed to: Avira AntiVir PersonalEdition Classic
Serial number: 0000149996-ADJIE-0001
Platform: Windows XP
Windows version: (Service Pack 2) [5.1.2600]
Username: tisserand raphael
Computer name: RAPHA

Version information:
BUILD.DAT : 270 15603 Bytes 19/09/2007 13:32:00
AVSCAN.EXE : 7.0.6.1 290856 Bytes 23/08/2007 13:16:29
AVSCAN.DLL : 7.0.6.0 49192 Bytes 16/08/2007 12:23:51
LUKE.DLL : 7.0.5.3 147496 Bytes 14/08/2007 15:32:47
LUKERES.DLL : 7.0.6.1 10280 Bytes 21/08/2007 12:35:20
ANTIVIR0.VDF : 6.40.0.0 11030528 Bytes 18/07/2007 14:27:15
ANTIVIR1.VDF : 7.0.0.0 1640448 Bytes 13/09/2007 14:26:55
ANTIVIR2.VDF : 7.0.0.140 940544 Bytes 26/10/2007 17:11:30
ANTIVIR3.VDF : 7.0.0.160 106496 Bytes 31/10/2007 17:11:30
AVEWIN32.DLL : 7.6.0.30 3056128 Bytes 31/10/2007 17:11:31
AVWINLL.DLL : 1.0.0.7 14376 Bytes 26/02/2007 10:36:26
AVPREF.DLL : 7.0.2.2 25640 Bytes 18/07/2007 07:39:17
AVREP.DLL : 7.0.0.1 155688 Bytes 16/04/2007 13:16:24
AVPACK32.DLL : 7.3.0.15 360488 Bytes 03/08/2007 08:46:00
AVREG.DLL : 7.0.1.6 30760 Bytes 18/07/2007 07:17:06
AVARKT.DLL : 1.0.0.20 278568 Bytes 28/08/2007 12:26:33
AVEVTLOG.DLL : 7.0.0.20 86056 Bytes 18/07/2007 07:10:18
NETNT.DLL : 7.0.0.0 7720 Bytes 08/03/2007 11:09:42
RCIMAGE.DLL : 7.0.1.30 2342952 Bytes 07/08/2007 12:38:13
RCTEXT.DLL : 7.0.62.0 86056 Bytes 21/08/2007 12:50:37
SQLITE3.DLL : 3.3.17.1 339968 Bytes 23/07/2007 09:37:21

Configuration settings for the scan:
Jobname..........................: Local Hard Disks
Configuration file...............: c:\program files\avira\antivir personaledition classic\alldiscs.avp
Logging..........................: low
Primary action...................: interactive
Secondary action.................: ignore
Scan master boot sector..........: off
Scan boot sector.................: on
Boot sectors.....................: C:,
Scan memory......................: on
Process scan.....................: on
Scan registry....................: on
Search for rootkits..............: off
Scan all files...................: Intelligent file selection
Scan archives....................: on
Recursion depth..................: 20
Smart extensions.................: on
Macro heuristic..................: on
File heuristic...................: medium

Start of the scan: mercredi 31 octobre 2007 18:14

The scan of running processes will be started
Scan process 'avscan.exe' - '1' Module(s) have been scanned
Scan process 'avcenter.exe' - '1' Module(s) have been scanned
Scan process 'sched.exe' - '1' Module(s) have been scanned
Scan process 'avgnt.exe' - '1' Module(s) have been scanned
Scan process 'avguard.exe' - '1' Module(s) have been scanned
Scan process 'avant.exe' - '1' Module(s) have been scanned
Scan process 'alg.exe' - '1' Module(s) have been scanned
Scan process 'SSScsiSV.exe' - '1' Module(s) have been scanned
Scan process 'searchindexer.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'WindowsSearch.exe' - '1' Module(s) have been scanned
Scan process 'GoogleUpdater.exe' - '1' Module(s) have been scanned
Scan process 'SweetIM.exe' - '1' Module(s) have been scanned
Scan process 'wcescomm.exe' - '1' Module(s) have been scanned
Scan process 'NMBgMonitor.exe' - '1' Module(s) have been scanned
Scan process 'AluSchedulerSvc.exe' - '1' Module(s) have been scanned
Scan process 'GoogleUpdaterService.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'ctfmon.exe' - '1' Module(s) have been scanned
Scan process 'rundll32.exe' - '1' Module(s) have been scanned
Scan process 'CamService.exe' - '1' Module(s) have been scanned
Scan process 'jusched.exe' - '1' Module(s) have been scanned
Scan process 'qttask.exe' - '1' Module(s) have been scanned
Scan process 'hpwuSchd2.exe' - '1' Module(s) have been scanned
Scan process 'DVDTray.exe' - '1' Module(s) have been scanned
Scan process 'realsched.exe' - '1' Module(s) have been scanned
Scan process 'MediaDetect.exe' - '1' Module(s) have been scanned
Scan process 'SSAAD.exe' - '1' Module(s) have been scanned
Scan process 'LXSUPMON.EXE' - '1' Module(s) have been scanned
Scan process 'issch.exe' - '1' Module(s) have been scanned
Scan process 'DMXLauncher.exe' - '1' Module(s) have been scanned
Scan process 'igfxpers.exe' - '1' Module(s) have been scanned
Scan process 'hkcmd.exe' - '1' Module(s) have been scanned
Scan process 'explorer.exe' - '1' Module(s) have been scanned
Scan process 'LEXPPS.EXE' - '1' Module(s) have been scanned
Scan process 'spoolsv.exe' - '1' Module(s) have been scanned
Scan process 'LEXBCES.EXE' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'lsass.exe' - '1' Module(s) have been scanned
Scan process 'services.exe' - '1' Module(s) have been scanned
Scan process 'winlogon.exe' - '1' Module(s) have been scanned
Scan process 'csrss.exe' - '1' Module(s) have been scanned
Scan process 'smss.exe' - '1' Module(s) have been scanned
48 processes with 48 modules were scanned

Start scanning boot sectors:
Boot sector 'C:\'
[NOTE] No virus was found!

Starting to scan the registry.
The registry was scanned ( '40' files ).


Starting the file scan:

Begin scan in 'C:\'
C:\hiberfil.sys
[WARNING] The file could not be opened!
C:\pagefile.sys
[WARNING] The file could not be opened!
C:\Documents and Settings\All Users\Application Data\Microsoft\Windows Defender\Quarantine\{0000183C-0000-0000-98DB-08493D07CDBF}\DATA.CAB
[0] Archive type: CAB (Microsoft)
--> RESOURCE27
[DETECTION] Is the Trojan horse TR/Drop.VB
[INFO] The file was moved to '477cbc37.qua'!
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\272A0398.exe
[DETECTION] Is the Trojan horse TR/Dldr.Swizzor.Gen
[INFO] The file was moved to '475abc52.qua'!
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\287A6826.exe
[DETECTION] Is the Trojan horse TR/Dldr.Swizzor.Gen
[INFO] The file was moved to '475fbc53.qua'!
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\34430382.exe
[DETECTION] Is the Trojan horse TR/Dldr.Swizzor.Gen
[INFO] The file was moved to '475cbc50.qua'!
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\4E0B7923.exe
[DETECTION] Is the Trojan horse TR/Dldr.Swizzor.Gen
[INFO] The file was moved to '4758bc61.qua'!
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\4ECC264F.exe
[DETECTION] Is the Trojan horse TR/Dldr.Swizzor.Gen
[INFO] The file was moved to '476bbc62.qua'!
C:\Documents and Settings\tisserand raphael\Bureau\Upload_Me.zip
[0] Archive type: ZIP
--> DOCUME~1/TISSER~1/Bureau/Upload_Me/k3d3t4t8n7l.exe
[DETECTION] Is the Trojan horse TR/Dialer.VUY.4
--> DOCUME~1/TISSER~1/Bureau/Upload_Me/LBTWiz.exe
[DETECTION] Contains detection pattern of the worm WORM/SdBot.561152.2
--> DOCUME~1/TISSER~1/Bureau/Upload_Me/Nokia_19_jpg.zip
[1] Archive type: ZIP
--> www.Nokia_19_jpg-msn.com
[DETECTION] Contains detection pattern of the worm WORM/SdBot.561152.2
--> DOCUME~1/TISSER~1/Bureau/Upload_Me/tsitra1148.exe
[DETECTION] Is the Trojan horse TR/Crypt.ULPM.Gen
--> DOCUME~1/TISSER~1/Bureau/Upload_Me/zr-1-1148.exe
[DETECTION] Is the Trojan horse TR/Crypt.ULPM.Gen
[INFO] The file was moved to '4794bcd6.qua'!
C:\Documents and Settings\tisserand raphael\Bureau\MSNFix\29102007_214755.76.zip
[0] Archive type: ZIP
--> backup/carlton
[DETECTION] Is the Trojan horse TR/Dialer.VUY.4
--> backup/k3d3t4t8n7l.exe
[DETECTION] Is the Trojan horse TR/Dialer.VUY.4
--> backup/LBTWiz.exe
[DETECTION] Contains detection pattern of the worm WORM/SdBot.561152.2
--> backup/Nokia_19_jpg.zip
[1] Archive type: ZIP
--> www.Nokia_19_jpg-msn.com
[DETECTION] Contains detection pattern of the worm WORM/SdBot.561152.2
--> backup/tsitra1148.exe
[DETECTION] Is the Trojan horse TR/Crypt.ULPM.Gen
--> backup/zr-1-1148.exe
[DETECTION] Is the Trojan horse TR/Crypt.ULPM.Gen
[INFO] The file was moved to '4759bcf6.qua'!
C:\Documents and Settings\tisserand raphael\Local Settings\Temporary Internet Files\Content.IE5\0HMZCTYV\tsitra[1].exe
[DETECTION] Is the Trojan horse TR/Crypt.ULPM.Gen
[INFO] The file was moved to '4791bd8c.qua'!
C:\Documents and Settings\tisserand raphael\Local Settings\Temporary Internet Files\Content.IE5\CH6FGL2B\wr-1-1148[1].exe
[DETECTION] Is the Trojan horse TR/Crypt.ULPM.Gen
[INFO] The file was moved to '4755be19.qua'!
C:\Documents and Settings\tisserand raphael\Local Settings\Temporary Internet Files\Content.IE5\GJGSVNJ3\dual[1].jpg
[DETECTION] Is the Trojan horse TR/Dialer.VUY.4
[INFO] The file was moved to '4789be3f.qua'!
C:\Documents and Settings\tisserand raphael\Mes documents\Mes fichiers reçus\Nokia_19_jpg.zip
[0] Archive type: ZIP
--> www.Nokia_19_jpg-msn.com
[DETECTION] Contains detection pattern of the worm WORM/SdBot.561152.2
[INFO] The file was moved to '4793bf88.qua'!
C:\Documents and Settings\tisserand raphael\Mes documents\Raphael TISSERAND\wanadoo_toolbarsetup.exe
[DETECTION] Contains detection pattern of the dropper DR/BHO.W.1
[INFO] The file was moved to '4796bffb.qua'!
C:\unzipped\Nokia_19_jpg\www.Nokia_19_jpg-msn.com
[DETECTION] Contains detection pattern of the worm WORM/SdBot.561152.2
[INFO] The file was moved to '479fc623.qua'!


End of the scan: mercredi 31 octobre 2007 19:20
Used time: 1:05:20 min

The scan has been done completely.

7562 Scanning directories
322944 Files were scanned
23 viruses and/or unwanted programs were found
0 Files were classified as suspicious:
0 files were deleted
0 files were repaired
14 files were moved to quarantine
0 files were renamed
2 Files cannot be scanned
322921 Files not concerned
9370 Archives were scanned
2 Warnings
0 Notes

31 Octobre 2007 19:25:13

voilà désolée, et maintenant je fais quoi
a b 8 Sécurité
31 Octobre 2007 19:27:38

Reposte un rapport Hijackthis.
1 Novembre 2007 10:46:52

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 10:46:28, on 01/11/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\LEXPPS.EXE
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxpers.exe
C:\Program Files\Dell\Media Experience\DMXLauncher.exe
C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe
C:\WINDOWS\system32\LXSUPMON.EXE
C:\PROGRA~1\Sony\SONICS~1\SsAAD.exe
C:\Program Files\Corel\Corel Photo Album 6\MediaDetect.exe
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\Program Files\HP DVD\Umbrella\DVDTray.exe
C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd2.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe
C:\Program Files\Hercules\Hercules DualPix HD Webcam\CamService.exe
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
C:\Program Files\Fichiers communs\Ahead\lib\NMBgMonitor.exe
C:\Program Files\Microsoft ActiveSync\WCESCOMM.EXE
C:\Program Files\Google\Google Updater\GoogleUpdater.exe
C:\Program Files\Windows Desktop Search\WindowsSearch.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\SearchIndexer.exe
C:\Program Files\Fichiers communs\Sony Shared\AVLib\SSScsiSV.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
C:\Program Files\Windows Live\Messenger\usnsvc.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Avant Browser\avant.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.dell.fr/myway
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://home.sweetim.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: SweetIM For Internet Explorer - {BC4FFE41-DE9F-46fa-B455-AAD49B9F9938} - C:\Program Files\Macrogaming\SweetIMBarForIE\toolbar.dll (file missing)
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: BHO pour Compagnon Web Encarta - {955BE0B8-BC85-4CAF-856E-8E0D8B610560} - C:\Program Files\Fichiers communs\Microsoft Shared\Encarta Web Companion\2007\ENCWCBAR.DLL
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.1.615.5858\swg.dll
O3 - Toolbar: Compagnon Web Encarta - {147D6308-0614-4112-89B1-31402F9B82C4} - C:\Program Files\Fichiers communs\Microsoft Shared\Encarta Web Companion\2007\ENCWCBAR.DLL
O3 - Toolbar: (no name) - {0BF43445-2F28-4351-9252-17FE6E806AA0} - (no file)
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O4 - HKLM\..\Run: [igfxtray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [igfxhkcmd] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [igfxpers] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [DMXLauncher] C:\Program Files\Dell\Media Experience\DMXLauncher.exe
O4 - HKLM\..\Run: [ISUSPM Startup] "C:\Program Files\Fichiers communs\InstallShield\UpdateService\isuspm.exe" -startup
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [LXSUPMON] C:\WINDOWS\system32\LXSUPMON.EXE RUN
O4 - HKLM\..\Run: [SsAAD.exe] C:\PROGRA~1\Sony\SONICS~1\SsAAD.exe
O4 - HKLM\..\Run: [Corel Photo Downloader] C:\Program Files\Corel\Corel Photo Album 6\MediaDetect.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [MSKDetectorExe] C:\Program Files\McAfee\SpamKiller\MSKDetct.exe /uninstall
O4 - HKLM\..\Run: [DVDTray] "C:\Program Files\HP DVD\Umbrella\DVDTray.exe"
O4 - HKLM\..\Run: [DVDBitSet] "C:\Program Files\HP DVD\Umbrella\DVDBitSet.exe" /NOUI
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe"
O4 - HKLM\..\Run: [HerculesCamService] C:\Program Files\Hercules\Hercules DualPix HD Webcam\CamService.exe
O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [WOOKIT] C:\PROGRA~1\Wanadoo\GestMaj.exe EspaceWanadoo.exe
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Fichiers communs\Ahead\lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Program Files\Microsoft ActiveSync\WCESCOMM.EXE"
O4 - HKCU\..\Run: [SweetIM] C:\Program Files\Macrogaming\SweetIM\SweetIM.exe
O4 - HKCU\..\Run: [pingpop] C:\DOCUME~1\TISSER~1\APPLIC~1\LOGPRO~1\vc draw curb.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: Outil de mise à jour Google.lnk = C:\Program Files\Google\Google Updater\GoogleUpdater.exe
O4 - Global Startup: Windows Desktop Search.lnk = C:\Program Files\Windows Desktop Search\WindowsSearch.exe
O8 - Extra context menu item: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra button: (no name) - {1A93C934-025B-4c3a-B38E-9654A7003239} - C:\WINDOWS\system32\shdocvw.dll
O9 - Extra 'Tools' menuitem: GamesBar - {1A93C934-025B-4c3a-B38E-9654A7003239} - C:\WINDOWS\system32\shdocvw.dll
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Créer un Favori de l'appareil mobile - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\inetrepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\inetrepl.dll
O9 - Extra 'Tools' menuitem: Créer un Favori de l'appareil mobile... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\inetrepl.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O9 - Extra button: Barre de recherche Encarta - {B205A35E-1FC4-4CE3-818B-899DBBB3388C} - C:\Program Files\Fichiers communs\Microsoft Shared\Encarta Search Bar\ENCSBAR.DLL
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {0E8D0700-75DF-11D3-8B4A-0008C7450C4A} (DjVuCtl Class) - http://downloadcenter.samsung.com/content/common/cab/Dj...
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://webscanner.kaspersky.fr/kavwebscan_unicode.cab
O16 - DPF: {2357B3CF-7F8D-4451-8D81-FD6097610AEE} (CamfrogWEB Advanced Unicode Control) - http://activex.camfrogweb.com/advanced/2.0.1.14/cfweb_a...
O16 - DPF: {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} - http://download.mcafee.com/molbin/shared/mcinsctl/4,0,0...
O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~2\GOEC62~1.DLL
O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: Boonty Games - BOONTY - C:\Program Files\Fichiers communs\BOONTY Shared\Service\Boonty.exe
O23 - Service: GoogleDesktopManager - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: MSCSPTISRV - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\MSCSPTISRV.exe
O23 - Service: Intel NCS NetService (NetSvc) - Intel(R) Corporation - C:\Program Files\Intel\PROSetWired\NCS\Sync\NetSvc.exe
O23 - Service: PACSPTISVR - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\PACSPTISVR.exe
O23 - Service: Planificateur LiveUpdate automatique - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\SPTISRV.exe
O23 - Service: SonicStage SCSI Service (SSScsiSV) - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\SSScsiSV.exe
O23 - Service: Windows Live Setup Service (WLSetupSvc) - Unknown owner - C:\Program Files\Windows Live\installer\WLSetupSvc.exe

--
End of file - 12055 bytes
a b 8 Sécurité
1 Novembre 2007 12:06:44

Re,

Télécharge Lop S&D.zip.
Dézippe-le sur ton Bureau uniquement.
Ouvre le dossier Lop S&D puis double-clique sur Scan.bat. Tape sur "R" puis valide en appuyant sur "Entrée".
Un rapport sera généré, poste son contenu ici.
1 Novembre 2007 12:29:37


------------------------------[ Lop S&D 1.5 ]----------------------------

Version : Microsoft Windows XP [version 5.1.2600] [ OS : Windows_NT ]

Lancé depuis : "C:\Documents and Settings\tisserand raphael\Bureau\Lop S&D"

Rapport créé Le 01/11/2007 à 12:27:59.67 PC : RAPHA

! Faire analyser le rapport par un Helper avant intervention !

-------------[ Listing des Dossiers dans Application Data ]-------------

C:\Documents and settings\Administrateur\Application Data\Microsoft
C:\Documents and settings\Administrateur\Application Data\Corel
C:\Documents and settings\Administrateur\Application Data\Sun
C:\Documents and settings\Administrateur\Application Data\Identities
C:\Documents and settings\Administrateur\Application Data\desktop.ini

C:\Documents and settings\All Users\Application Data\Google Updater
C:\Documents and settings\All Users\Application Data\addr_file.html
C:\Documents and settings\All Users\Application Data\Avira
C:\Documents and settings\All Users\Application Data\Spybot - Search & Destroy
C:\Documents and settings\All Users\Application Data\Log Htm Lite Each
C:\Documents and settings\All Users\Application Data\Messenger Plus!
C:\Documents and settings\All Users\Application Data\WLInstaller
C:\Documents and settings\All Users\Application Data\LauncherAccess.dt
C:\Documents and settings\All Users\Application Data\Microsoft Help
C:\Documents and settings\All Users\Application Data\Microsoft
C:\Documents and settings\All Users\Application Data\Windows Live Toolbar
C:\Documents and settings\All Users\Application Data\Bluetooth
C:\Documents and settings\All Users\Application Data\each new axis love
C:\Documents and settings\All Users\Application Data\Symantec
C:\Documents and settings\All Users\Application Data\McAfee
C:\Documents and settings\All Users\Application Data\QTSBandwidthCache
C:\Documents and settings\All Users\Application Data\AOL
C:\Documents and settings\All Users\Application Data\AOL OCP
C:\Documents and settings\All Users\Application Data\AOL Downloads
C:\Documents and settings\All Users\Application Data\McAfee.com
C:\Documents and settings\All Users\Application Data\Google
C:\Documents and settings\All Users\Application Data\Apple Computer
C:\Documents and settings\All Users\Application Data\CyberLink
C:\Documents and settings\All Users\Application Data\muvee Technologies
C:\Documents and settings\All Users\Application Data\Tarma Installer
C:\Documents and settings\All Users\Application Data\Windows Genuine Advantage
C:\Documents and settings\All Users\Application Data\MVTLogs
C:\Documents and settings\All Users\Application Data\BOONTY
C:\Documents and settings\All Users\Application Data\Sony Corporation
C:\Documents and settings\All Users\Application Data\Ciel
C:\Documents and settings\All Users\Application Data\Ahead
C:\Documents and settings\All Users\Application Data\InstallShield
C:\Documents and settings\All Users\Application Data\Adobe
C:\Documents and settings\All Users\Application Data\Viewpoint
C:\Documents and settings\All Users\Application Data\QuickTime
C:\Documents and settings\All Users\Application Data\Sonic
C:\Documents and settings\All Users\Application Data\SBSI
C:\Documents and settings\All Users\Application Data\desktop.ini

C:\Documents and settings\Default User\Application Data\Corel
C:\Documents and settings\Default User\Application Data\Sun
C:\Documents and settings\Default User\Application Data\Identities
C:\Documents and settings\Default User\Application Data\desktop.ini
C:\Documents and settings\Default User\Application Data\Microsoft

C:\Documents and settings\LocalService\Application Data\Microsoft
C:\Documents and settings\LocalService\Application Data\Macromedia
C:\Documents and settings\LocalService\Application Data\Google
C:\Documents and settings\LocalService\Application Data\Avant Profiles

C:\Documents and settings\NetworkService\Application Data\Microsoft
C:\Documents and settings\NetworkService\Application Data\Identities


C:\Documents and settings\RAPHA PERSO\Application Data\Windows Desktop Search
C:\Documents and settings\RAPHA PERSO\Application Data\DivX
C:\Documents and settings\RAPHA PERSO\Application Data\Ahead
C:\Documents and settings\RAPHA PERSO\Application Data\vlc
C:\Documents and settings\RAPHA PERSO\Application Data\Microsoft
C:\Documents and settings\RAPHA PERSO\Application Data\Google
C:\Documents and settings\RAPHA PERSO\Application Data\Macromedia
C:\Documents and settings\RAPHA PERSO\Application Data\Avant Profiles
C:\Documents and settings\RAPHA PERSO\Application Data\Help
C:\Documents and settings\RAPHA PERSO\Application Data\LG Electronics
C:\Documents and settings\RAPHA PERSO\Application Data\Real
C:\Documents and settings\RAPHA PERSO\Application Data\Corel
C:\Documents and settings\RAPHA PERSO\Application Data\Sun
C:\Documents and settings\RAPHA PERSO\Application Data\Identities
C:\Documents and settings\RAPHA PERSO\Application Data\desktop.ini

C:\Documents and settings\tisserand raphael\Application Data\LogProcEggs
C:\Documents and settings\tisserand raphael\Application Data\Windows Live Writer
C:\Documents and settings\tisserand raphael\Application Data\CamfrogWEB
C:\Documents and settings\tisserand raphael\Application Data\Windows Desktop Search
C:\Documents and settings\tisserand raphael\Application Data\Microsoft
C:\Documents and settings\tisserand raphael\Application Data\Azureus
C:\Documents and settings\tisserand raphael\Application Data\Samsung
C:\Documents and settings\tisserand raphael\Application Data\MobileAction
C:\Documents and settings\tisserand raphael\Application Data\DivX
C:\Documents and settings\tisserand raphael\Application Data\Screenshot Sender
C:\Documents and settings\tisserand raphael\Application Data\Mozilla
C:\Documents and settings\tisserand raphael\Application Data\Google
C:\Documents and settings\tisserand raphael\Application Data\Apple Computer
C:\Documents and settings\tisserand raphael\Application Data\GDIPFONTCACHEV1.DAT
C:\Documents and settings\tisserand raphael\Application Data\ArcSoft
C:\Documents and settings\tisserand raphael\Application Data\Avant Profiles
C:\Documents and settings\tisserand raphael\Application Data\Sonic
C:\Documents and settings\tisserand raphael\Application Data\Avant Browser
C:\Documents and settings\tisserand raphael\Application Data\Magic Match
C:\Documents and settings\tisserand raphael\Application Data\Hulabee
C:\Documents and settings\tisserand raphael\Application Data\dvd.bmk
C:\Documents and settings\tisserand raphael\Application Data\MSNInstaller
C:\Documents and settings\tisserand raphael\Application Data\Shareaza
C:\Documents and settings\tisserand raphael\Application Data\McAfee
C:\Documents and settings\tisserand raphael\Application Data\Real
C:\Documents and settings\tisserand raphael\Application Data\.bittorrent
C:\Documents and settings\tisserand raphael\Application Data\Sony Corporation
C:\Documents and settings\tisserand raphael\Application Data\Talkback
C:\Documents and settings\tisserand raphael\Application Data\vlc
C:\Documents and settings\tisserand raphael\Application Data\Ahead
C:\Documents and settings\tisserand raphael\Application Data\LG Electronics
C:\Documents and settings\tisserand raphael\Application Data\eConf
C:\Documents and settings\tisserand raphael\Application Data\Macromedia
C:\Documents and settings\tisserand raphael\Application Data\Help
C:\Documents and settings\tisserand raphael\Application Data\Corel Photo Album
C:\Documents and settings\tisserand raphael\Application Data\Leadertech
C:\Documents and settings\tisserand raphael\Application Data\Adobe
C:\Documents and settings\tisserand raphael\Application Data\Corel
C:\Documents and settings\tisserand raphael\Application Data\You've Got Pictures Screensaver
C:\Documents and settings\tisserand raphael\Application Data\Sun
C:\Documents and settings\tisserand raphael\Application Data\Identities
C:\Documents and settings\tisserand raphael\Application Data\desktop.ini

----------------[ Tâches planifiées dans C:\WINDOWS\tasks ]---------------

C:\WINDOWS\tasks\SA.DAT
C:\WINDOWS\tasks\desktop.ini

---------------[ Listing des dossiers dans Program Files ]--------------

C:\Program Files\ACTUEL-Cidj
C:\Program Files\Adobe
C:\Program Files\Adverts
C:\Program Files\Ahead
C:\Program Files\Alwil Software
C:\Program Files\ArcSoft
C:\Program Files\Avant Browser
C:\Program Files\AvantGo Connect
C:\Program Files\Avira
C:\Program Files\Azureus
C:\Program Files\CDRIPMP3
C:\Program Files\CFWebAdvancedU
C:\Program Files\Ciel
C:\Program Files\Common Files
C:\Program Files\config
C:\Program Files\Corel
C:\Program Files\CyberLink
C:\Program Files\Dell
C:\Program Files\Disney Interactive
C:\Program Files\DivX
C:\Program Files\downloads.bak
C:\Program Files\downloads.txt
C:\Program Files\eMule
C:\Program Files\emule.exe
C:\Program Files\Fichiers communs
C:\Program Files\Formation interactive Microsoft
C:\Program Files\Google
C:\Program Files\Hercules
C:\Program Files\Hewlett-Packard
C:\Program Files\HP DVD
C:\Program Files\Incoming
C:\Program Files\Intel
C:\Program Files\InterActual
C:\Program Files\Internet Explorer
C:\Program Files\Java
C:\Program Files\lang
C:\Program Files\Learn2.com
C:\Program Files\LizardTech
C:\Program Files\LogProcEggs
C:\Program Files\logs
C:\Program Files\Macrogaming
C:\Program Files\McAfee
C:\Program Files\Messenger
C:\Program Files\Messenger Plus! Live
C:\Program Files\Microsoft ActiveSync
C:\Program Files\Microsoft CAPICOM 2.1.0.2
C:\Program Files\Microsoft Encarta
C:\Program Files\microsoft frontpage
C:\Program Files\Microsoft Office
C:\Program Files\Microsoft SQL Server Compact Edition
C:\Program Files\Microsoft Visual Studio
C:\Program Files\Microsoft Visual Studio 8
C:\Program Files\Microsoft Works
C:\Program Files\Microsoft.NET
C:\Program Files\Mobile Action
C:\Program Files\Movie Maker
C:\Program Files\Mozilla Firefox
C:\Program Files\MSBuild
C:\Program Files\MSN
C:\Program Files\MSN Apps
C:\Program Files\MSN Games
C:\Program Files\MSN Gaming Zone
C:\Program Files\MSXML 4.0
C:\Program Files\MSXML 6.0
C:\Program Files\Musicmatch
C:\Program Files\muvee autoProducer 3.0 - HPC
C:\Program Files\Nero
C:\Program Files\NetMeeting
C:\Program Files\OfficeUpdate11
C:\Program Files\Online Services
C:\Program Files\orange
C:\Program Files\Outlook Express
C:\Program Files\PowerDVD
C:\Program Files\PowerQuest
C:\Program Files\QuickTime
C:\Program Files\Real
C:\Program Files\Roxio
C:\Program Files\Samsung
C:\Program Files\Services en ligne
C:\Program Files\Sigmatel
C:\Program Files\skins
C:\Program Files\Sonic
C:\Program Files\Sonic_RecordNow
C:\Program Files\Sony
C:\Program Files\Sony Corporation
C:\Program Files\Spybot - Search & Destroy
C:\Program Files\Symantec
C:\Program Files\Temp
C:\Program Files\Thomson
C:\Program Files\Trend Micro
C:\Program Files\VideoLAN
C:\Program Files\Viewpoint
C:\Program Files\VirtualDub
C:\Program Files\Wanadoo
C:\Program Files\Wanadoo Jeux
C:\Program Files\Windows Desktop Search
C:\Program Files\Windows Live
C:\Program Files\Windows Media Connect 2
C:\Program Files\Windows Media Player
C:\Program Files\Windows NT
C:\Program Files\WinRAR
C:\Program Files\WinZip
C:\Program Files\xerox
C:\Program Files\YesMessenger

------[ Listing des dossiers dans Program Files\Fichiers Communs ]------

C:\program files\fichiers communs\Adobe
C:\program files\fichiers communs\Ahead
C:\program files\fichiers communs\AOL
C:\program files\fichiers communs\BOONTY Shared
C:\program files\fichiers communs\Corel
C:\program files\fichiers communs\Designer
C:\program files\fichiers communs\InstallShield
C:\program files\fichiers communs\Java
C:\program files\fichiers communs\Microsoft Shared
C:\program files\fichiers communs\MSSoap
C:\program files\fichiers communs\muvee Technologies
C:\program files\fichiers communs\Nullsoft
C:\program files\fichiers communs\ODBC
C:\program files\fichiers communs\Real
C:\program files\fichiers communs\Roxio Shared
C:\program files\fichiers communs\SAGE
C:\program files\fichiers communs\Services
C:\program files\fichiers communs\Sonic Shared
C:\program files\fichiers communs\Sony Shared
C:\program files\fichiers communs\SpeechEngines
C:\program files\fichiers communs\SureThing Shared
C:\program files\fichiers communs\Symantec Shared
C:\program files\fichiers communs\System
C:\program files\fichiers communs\TiVo Shared
C:\program files\fichiers communs\xing shared

----------------------[ Recherche dans le Registre ]----------------------

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run]


[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run]

"pingpop"="C:\\DOCUME~1\\TISSER~1\\APPLIC~1\\LOGPRO~1\\vc draw curb.exe"

-----------------[ Recherche de Fichiers - Dossiers Lop ]-----------------

C:\Documents and settings\tisserand raphael\Application Data\LOGPRO~1
C:\Program Files\LOGPRO~1
C:\Program Files\Adverts
C:\Documents and settings\tisserand raphael\Cookies\tisserand raphael@advertstream[2].txt

--------------------[ Vérification du fichier Hosts ]---------------------

Fichier Hosts : MODIFIE

127.0.0.1 localhost
127.0.0.1 bin.errorprotector.com ## added by CiD
127.0.0.1 br.errorsafe.com ## added by CiD
127.0.0.1 br.winantivirus.com ## added by CiD
127.0.0.1 br.winfixer.com ## added by CiD
127.0.0.1 de.errorsafe.com ## added by CiD
127.0.0.1 de.winantivirus.com ## added by CiD
127.0.0.1 download.cdn.winsoftware.com ## added by CiD
127.0.0.1 download.errorsafe.com ## added by CiD
127.0.0.1 download.systemdoctor.com ## added by CiD
127.0.0.1 download.winantispyware.com ## added by CiD
127.0.0.1 download.windrivecleaner.com ## added by CiD
127.0.0.1 download.winfixer.com ## added by CiD
127.0.0.1 drivecleaner.com ## added by CiD
127.0.0.1 dynamique.drivecleaner.com ## added by CiD
127.0.0.1 errorprotector.com ## added by CiD
127.0.0.1 errorsafe.com ## added by CiD
127.0.0.1 es.winantivirus.com ## added by CiD
127.0.0.1 fr.winantivirus.com ## added by CiD
127.0.0.1 fr.winfixer.com ## added by CiD
127.0.0.1 go.drivecleaner.com ## added by CiD
127.0.0.1 go.errorsafe.com ## added by CiD
127.0.0.1 go.winantispyware.com ## added by CiD
127.0.0.1 go.winantivirus.com ## added by CiD
127.0.0.1 hk.winantivirus.com ## added by CiD
127.0.0.1 instlog.errorsafe.com ## added by CiD
127.0.0.1 instlog.winantivirus.com ## added by CiD
127.0.0.1 jsp.drivecleaner.com ## added by CiD
127.0.0.1 kb.errorsafe.com ## added by CiD
127.0.0.1 kb.winantivirus.com ## added by CiD
127.0.0.1 nl.errorsafe.com ## added by CiD
127.0.0.1 se.errorsafe.com ## added by CiD
127.0.0.1 secure.drivecleaner.com ## added by CiD
127.0.0.1 secure.errorsafe.com ## added by CiD
127.0.0.1 secure.winantispam.com ## added by CiD
127.0.0.1 secure.winantispy.com ## added by CiD
127.0.0.1 secure.winantivirus.com ## added by CiD
127.0.0.1 support.winantivirus.com ## added by CiD
127.0.0.1 ulog.winantivirus.com ## added by CiD
127.0.0.1 utils.errorsafe.com ## added by CiD
127.0.0.1 utils.winantivirus.com ## added by CiD
127.0.0.1 winantispyware.com ## added by CiD
127.0.0.1 winantivirus.com ## added by CiD
127.0.0.1 winfixer.com ## added by CiD
127.0.0.1 www.drivecleaner.com ## added by CiD
127.0.0.1 www.errorprotector.com ## added by CiD
127.0.0.1 www.errorsafe.com ## added by CiD
127.0.0.1 www.systemdoctor.com ## added by CiD
127.0.0.1 www.win-anti-virus-pro.com ## added by CiD
127.0.0.1 www.win-virus-pro.com ## added by CiD
127.0.0.1 www.winantispam.com ## added by CiD
127.0.0.1 www.winantispy.com ## added by CiD
127.0.0.1 www.winantispyware.com ## added by CiD
127.0.0.1 www.winantivirus.com ## added by CiD
127.0.0.1 www.winantiviruspro.com ## added by CiD
127.0.0.1 www.windrivecleaner.com ## added by CiD
127.0.0.1 www.windrivesafe.com ## added by CiD
127.0.0.1 www.winfixer.com ## added by CiD
127.0.0.1 cdn.drivecleaner.com ## added by CiD
127.0.0.1 cdn.errorsafe.com ## added by CiD
127.0.0.1 cdn.winsoftware.com ## added by CiD
127.0.0.1 download.cdn.drivecleaner.com ## added by CiD
127.0.0.1 download.cdn.errorsafe.com ## added by CiD
127.0.0.1 instlog.winfixer.com ## added by CiD
127.0.0.1 trial.updates.winsoftware.com ## added by CiD
127.0.0.1 utils.winfixer.com ## added by CiD
127.0.0.1 winfixer2006.com ## added by CiD
127.0.0.1 winsoftware.com ## added by CiD
127.0.0.1 www.utils.winfixer.com ## added by CiD
127.0.0.1 www.winfixer2006.com ## added by CiD
127.0.0.1 www.winsoftware.com ## added by CiD

--------------[ Recherche de fichiers cachés avec Catchme ]---------------

catchme 0.3.1066 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2007-11-01 12:28:14
Windows 5.1.2600 Service Pack 2 NTFS
scanning hidden services & system hive ...
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BTHPORT\Parameters\Keys\001583c7d669]
"001c43b21fa8"=hex:a1,1d,1e,ce,93,f0,e7,ef,18,55,7e,85,d9,18,76,9d
"001b33edc8e5"=hex:be,34,69,2a,d1,40,1a,e8,10,e9,6b,43,93,f6,da,4b
"001256bc423b"=hex:f6,57,f5,4c,37,8d,95,af,06,47,17,b2,86,c0,1b,eb
"001c43e18c43"=hex:48,32,d7,57,a6,48,1e,91,0d,42,9b,86,ed,5b,62,e7
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\BTHPORT\Parameters\Keys\001583c7d669]
"001c43b21fa8"=hex:a1,1d,1e,ce,93,f0,e7,ef,18,55,7e,85,d9,18,76,9d
"001b33edc8e5"=hex:be,34,69,2a,d1,40,1a,e8,10,e9,6b,43,93,f6,da,4b
"001256bc423b"=hex:f6,57,f5,4c,37,8d,95,af,06,47,17,b2,86,c0,1b,eb
"001c43e18c43"=hex:48,32,d7,57,a6,48,1e,91,0d,42,9b,86,ed,5b,62,e7
scanning hidden files ...
scan completed successfully
hidden files: 0

--------------------[ Recherche d'autres infections ]---------------------

Aucune autre infection trouvée !

--------------------[ Fin du rapport à 12:29:10.73 ]----------------------
a b 8 Sécurité
1 Novembre 2007 13:20:17

Re,

Ouvre le dossier Lop S&D puis double-clique sur Scan.bat. Tape sur "S" puis valide en appuyant sur "Entrée".
[#ff0000]! Ne ferme pas la fenêtre lors de la suppression ! [/#f]
Un rapport sera généré, poste son contenu ici.

NOTE : Si ton Bureau ne réapparait pas, appuie simultanément sur Ctrl+Alt+Suppr pour ouvrir le Gestionnaire des tâches.
Rends-toi sur l'onglet "Processus". Clique en haut à gauche sur Fichier et choisis "Exécuter..."
Tape explorer puis valide.
1 Novembre 2007 13:27:11


------------------------------[ Lop S&D 1.5 ]----------------------------

Version : Microsoft Windows XP [version 5.1.2600] [ OS : Windows_NT ]

Lancé depuis : "C:\Documents and Settings\tisserand raphael\Bureau\Lop S&D"

Rapport créé Le 01/11/2007 à 13:25:32.00 PC : RAPHA

! Faire analyser le rapport par un Helper avant intervention !

\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\ SUPPRESSION ///////////////////////////////

Supprimé - C:\Program Files\LOGPRO~1
Supprimé - C:\Documents and settings\tisserand raphael\Application Data\LOGPRO~1
Supprimé - C:\Program Files\Adverts
Supprimé - C:\Documents and settings\tisserand raphael\Cookies\tisserand raphael@advertstream[2].txt
Restauré - Fichier Hosts

\\\\\\\\\\\\\\\\\\\\\\\\\\\ DEUXIEME PASSAGE ///////////////////////////

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Copié ! - [HKLM\Software\Microsoft\Windows\CurrentVersion\Run]
Copié ! - [HKCU\Software\Microsoft\Windows\CurrentVersion\Run]
Supprimé - HKCU\Software\Microsoft\Windows\CurrentVersion\Run | pingpop

//////////////////////////////////////-\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\

-------------[ Listing des Dossiers dans Application Data ]-------------

C:\Documents and settings\Administrateur\Application Data\Microsoft
C:\Documents and settings\Administrateur\Application Data\Corel
C:\Documents and settings\Administrateur\Application Data\Sun
C:\Documents and settings\Administrateur\Application Data\Identities
C:\Documents and settings\Administrateur\Application Data\desktop.ini

C:\Documents and settings\All Users\Application Data\Google Updater
C:\Documents and settings\All Users\Application Data\addr_file.html
C:\Documents and settings\All Users\Application Data\Avira
C:\Documents and settings\All Users\Application Data\Spybot - Search & Destroy
C:\Documents and settings\All Users\Application Data\Log Htm Lite Each
C:\Documents and settings\All Users\Application Data\Messenger Plus!
C:\Documents and settings\All Users\Application Data\WLInstaller
C:\Documents and settings\All Users\Application Data\LauncherAccess.dt
C:\Documents and settings\All Users\Application Data\Microsoft Help
C:\Documents and settings\All Users\Application Data\Microsoft
C:\Documents and settings\All Users\Application Data\Windows Live Toolbar
C:\Documents and settings\All Users\Application Data\Bluetooth
C:\Documents and settings\All Users\Application Data\each new axis love
C:\Documents and settings\All Users\Application Data\Symantec
C:\Documents and settings\All Users\Application Data\McAfee
C:\Documents and settings\All Users\Application Data\QTSBandwidthCache
C:\Documents and settings\All Users\Application Data\AOL
C:\Documents and settings\All Users\Application Data\AOL OCP
C:\Documents and settings\All Users\Application Data\AOL Downloads
C:\Documents and settings\All Users\Application Data\McAfee.com
C:\Documents and settings\All Users\Application Data\Google
C:\Documents and settings\All Users\Application Data\Apple Computer
C:\Documents and settings\All Users\Application Data\CyberLink
C:\Documents and settings\All Users\Application Data\muvee Technologies
C:\Documents and settings\All Users\Application Data\Tarma Installer
C:\Documents and settings\All Users\Application Data\Windows Genuine Advantage
C:\Documents and settings\All Users\Application Data\MVTLogs
C:\Documents and settings\All Users\Application Data\BOONTY
C:\Documents and settings\All Users\Application Data\Sony Corporation
C:\Documents and settings\All Users\Application Data\Ciel
C:\Documents and settings\All Users\Application Data\Ahead
C:\Documents and settings\All Users\Application Data\InstallShield
C:\Documents and settings\All Users\Application Data\Adobe
C:\Documents and settings\All Users\Application Data\Viewpoint
C:\Documents and settings\All Users\Application Data\QuickTime
C:\Documents and settings\All Users\Application Data\Sonic
C:\Documents and settings\All Users\Application Data\SBSI
C:\Documents and settings\All Users\Application Data\desktop.ini

C:\Documents and settings\Default User\Application Data\Corel
C:\Documents and settings\Default User\Application Data\Sun
C:\Documents and settings\Default User\Application Data\Identities
C:\Documents and settings\Default User\Application Data\desktop.ini
C:\Documents and settings\Default User\Application Data\Microsoft

C:\Documents and settings\LocalService\Application Data\Microsoft
C:\Documents and settings\LocalService\Application Data\Macromedia
C:\Documents and settings\LocalService\Application Data\Google
C:\Documents and settings\LocalService\Application Data\Avant Profiles

C:\Documents and settings\NetworkService\Application Data\Microsoft
C:\Documents and settings\NetworkService\Application Data\Identities


C:\Documents and settings\RAPHA PERSO\Application Data\Windows Desktop Search
C:\Documents and settings\RAPHA PERSO\Application Data\DivX
C:\Documents and settings\RAPHA PERSO\Application Data\Ahead
C:\Documents and settings\RAPHA PERSO\Application Data\vlc
C:\Documents and settings\RAPHA PERSO\Application Data\Microsoft
C:\Documents and settings\RAPHA PERSO\Application Data\Google
C:\Documents and settings\RAPHA PERSO\Application Data\Macromedia
C:\Documents and settings\RAPHA PERSO\Application Data\Avant Profiles
C:\Documents and settings\RAPHA PERSO\Application Data\Help
C:\Documents and settings\RAPHA PERSO\Application Data\LG Electronics
C:\Documents and settings\RAPHA PERSO\Application Data\Real
C:\Documents and settings\RAPHA PERSO\Application Data\Corel
C:\Documents and settings\RAPHA PERSO\Application Data\Sun
C:\Documents and settings\RAPHA PERSO\Application Data\Identities
C:\Documents and settings\RAPHA PERSO\Application Data\desktop.ini

C:\Documents and settings\tisserand raphael\Application Data\Windows Live Writer
C:\Documents and settings\tisserand raphael\Application Data\CamfrogWEB
C:\Documents and settings\tisserand raphael\Application Data\Windows Desktop Search
C:\Documents and settings\tisserand raphael\Application Data\Microsoft
C:\Documents and settings\tisserand raphael\Application Data\Azureus
C:\Documents and settings\tisserand raphael\Application Data\Samsung
C:\Documents and settings\tisserand raphael\Application Data\MobileAction
C:\Documents and settings\tisserand raphael\Application Data\DivX
C:\Documents and settings\tisserand raphael\Application Data\Screenshot Sender
C:\Documents and settings\tisserand raphael\Application Data\Mozilla
C:\Documents and settings\tisserand raphael\Application Data\Google
C:\Documents and settings\tisserand raphael\Application Data\Apple Computer
C:\Documents and settings\tisserand raphael\Application Data\GDIPFONTCACHEV1.DAT
C:\Documents and settings\tisserand raphael\Application Data\ArcSoft
C:\Documents and settings\tisserand raphael\Application Data\Avant Profiles
C:\Documents and settings\tisserand raphael\Application Data\Sonic
C:\Documents and settings\tisserand raphael\Application Data\Avant Browser
C:\Documents and settings\tisserand raphael\Application Data\Magic Match
C:\Documents and settings\tisserand raphael\Application Data\Hulabee
C:\Documents and settings\tisserand raphael\Application Data\dvd.bmk
C:\Documents and settings\tisserand raphael\Application Data\MSNInstaller
C:\Documents and settings\tisserand raphael\Application Data\Shareaza
C:\Documents and settings\tisserand raphael\Application Data\McAfee
C:\Documents and settings\tisserand raphael\Application Data\Real
C:\Documents and settings\tisserand raphael\Application Data\.bittorrent
C:\Documents and settings\tisserand raphael\Application Data\Sony Corporation
C:\Documents and settings\tisserand raphael\Application Data\Talkback
C:\Documents and settings\tisserand raphael\Application Data\vlc
C:\Documents and settings\tisserand raphael\Application Data\Ahead
C:\Documents and settings\tisserand raphael\Application Data\LG Electronics
C:\Documents and settings\tisserand raphael\Application Data\eConf
C:\Documents and settings\tisserand raphael\Application Data\Macromedia
C:\Documents and settings\tisserand raphael\Application Data\Help
C:\Documents and settings\tisserand raphael\Application Data\Corel Photo Album
C:\Documents and settings\tisserand raphael\Application Data\Leadertech
C:\Documents and settings\tisserand raphael\Application Data\Adobe
C:\Documents and settings\tisserand raphael\Application Data\Corel
C:\Documents and settings\tisserand raphael\Application Data\You've Got Pictures Screensaver
C:\Documents and settings\tisserand raphael\Application Data\Sun
C:\Documents and settings\tisserand raphael\Application Data\Identities
C:\Documents and settings\tisserand raphael\Application Data\desktop.ini

----------------[ Tâches planifiées dans C:\WINDOWS\tasks ]---------------

C:\WINDOWS\tasks\SA.DAT
C:\WINDOWS\tasks\desktop.ini

---------------[ Listing des dossiers dans Program Files ]--------------

C:\Program Files\ACTUEL-Cidj
C:\Program Files\Adobe
C:\Program Files\Ahead
C:\Program Files\Alwil Software
C:\Program Files\ArcSoft
C:\Program Files\Avant Browser
C:\Program Files\AvantGo Connect
C:\Program Files\Avira
C:\Program Files\Azureus
C:\Program Files\CDRIPMP3
C:\Program Files\CFWebAdvancedU
C:\Program Files\Ciel
C:\Program Files\Common Files
C:\Program Files\config
C:\Program Files\Corel
C:\Program Files\CyberLink
C:\Program Files\Dell
C:\Program Files\Disney Interactive
C:\Program Files\DivX
C:\Program Files\downloads.bak
C:\Program Files\downloads.txt
C:\Program Files\eMule
C:\Program Files\emule.exe
C:\Program Files\Fichiers communs
C:\Program Files\Formation interactive Microsoft
C:\Program Files\Google
C:\Program Files\Hercules
C:\Program Files\Hewlett-Packard
C:\Program Files\HP DVD
C:\Program Files\Incoming
C:\Program Files\Intel
C:\Program Files\InterActual
C:\Program Files\Internet Explorer
C:\Program Files\Java
C:\Program Files\lang
C:\Program Files\Learn2.com
C:\Program Files\LizardTech
C:\Program Files\logs
C:\Program Files\Macrogaming
C:\Program Files\McAfee
C:\Program Files\Messenger
C:\Program Files\Messenger Plus! Live
C:\Program Files\Microsoft ActiveSync
C:\Program Files\Microsoft CAPICOM 2.1.0.2
C:\Program Files\Microsoft Encarta
C:\Program Files\microsoft frontpage
C:\Program Files\Microsoft Office
C:\Program Files\Microsoft SQL Server Compact Edition
C:\Program Files\Microsoft Visual Studio
C:\Program Files\Microsoft Visual Studio 8
C:\Program Files\Microsoft Works
C:\Program Files\Microsoft.NET
C:\Program Files\Mobile Action
C:\Program Files\Movie Maker
C:\Program Files\Mozilla Firefox
C:\Program Files\MSBuild
C:\Program Files\MSN
C:\Program Files\MSN Apps
C:\Program Files\MSN Games
C:\Program Files\MSN Gaming Zone
C:\Program Files\MSXML 4.0
C:\Program Files\MSXML 6.0
C:\Program Files\Musicmatch
C:\Program Files\muvee autoProducer 3.0 - HPC
C:\Program Files\Nero
C:\Program Files\NetMeeting
C:\Program Files\OfficeUpdate11
C:\Program Files\Online Services
C:\Program Files\orange
C:\Program Files\Outlook Express
C:\Program Files\PowerDVD
C:\Program Files\PowerQuest
C:\Program Files\QuickTime
C:\Program Files\Real
C:\Program Files\Roxio
C:\Program Files\Samsung
C:\Program Files\Services en ligne
C:\Program Files\Sigmatel
C:\Program Files\skins
C:\Program Files\Sonic
C:\Program Files\Sonic_RecordNow
C:\Program Files\Sony
C:\Program Files\Sony Corporation
C:\Program Files\Spybot - Search & Destroy
C:\Program Files\Symantec
C:\Program Files\Temp
C:\Program Files\Thomson
C:\Program Files\Trend Micro
C:\Program Files\VideoLAN
C:\Program Files\Viewpoint
C:\Program Files\VirtualDub
C:\Program Files\Wanadoo
C:\Program Files\Wanadoo Jeux
C:\Program Files\Windows Desktop Search
C:\Program Files\Windows Live
C:\Program Files\Windows Media Connect 2
C:\Program Files\Windows Media Player
C:\Program Files\Windows NT
C:\Program Files\WinRAR
C:\Program Files\WinZip
C:\Program Files\xerox
C:\Program Files\YesMessenger

------[ Listing des dossiers dans Program Files\Fichiers Communs ]------

C:\program files\fichiers communs\Adobe
C:\program files\fichiers communs\Ahead
C:\program files\fichiers communs\AOL
C:\program files\fichiers communs\BOONTY Shared
C:\program files\fichiers communs\Corel
C:\program files\fichiers communs\Designer
C:\program files\fichiers communs\InstallShield
C:\program files\fichiers communs\Java
C:\program files\fichiers communs\Microsoft Shared
C:\program files\fichiers communs\MSSoap
C:\program files\fichiers communs\muvee Technologies
C:\program files\fichiers communs\Nullsoft
C:\program files\fichiers communs\ODBC
C:\program files\fichiers communs\Real
C:\program files\fichiers communs\Roxio Shared
C:\program files\fichiers communs\SAGE
C:\program files\fichiers communs\Services
C:\program files\fichiers communs\Sonic Shared
C:\program files\fichiers communs\Sony Shared
C:\program files\fichiers communs\SpeechEngines
C:\program files\fichiers communs\SureThing Shared
C:\program files\fichiers communs\Symantec Shared
C:\program files\fichiers communs\System
C:\program files\fichiers communs\TiVo Shared
C:\program files\fichiers communs\xing shared

----------------------[ Recherche dans le Registre ]----------------------

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run]


[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run]


-----------------[ Recherche de Fichiers - Dossiers Lop ]-----------------

Aucun dossier Lop trouvé !

--------------------[ Vérification du fichier Hosts ]---------------------

Fichier Hosts : Propre

--------------[ Recherche de fichiers cachés avec Catchme ]---------------

catchme 0.3.1066 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2007-11-01 13:25:47
Windows 5.1.2600 Service Pack 2 NTFS
scanning hidden services & system hive ...
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BTHPORT\Parameters\Keys\001583c7d669]
"001c43b21fa8"=hex:a1,1d,1e,ce,93,f0,e7,ef,18,55,7e,85,d9,18,76,9d
"001b33edc8e5"=hex:be,34,69,2a,d1,40,1a,e8,10,e9,6b,43,93,f6,da,4b
"001256bc423b"=hex:f6,57,f5,4c,37,8d,95,af,06,47,17,b2,86,c0,1b,eb
"001c43e18c43"=hex:48,32,d7,57,a6,48,1e,91,0d,42,9b,86,ed,5b,62,e7
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\BTHPORT\Parameters\Keys\001583c7d669]
"001c43b21fa8"=hex:a1,1d,1e,ce,93,f0,e7,ef,18,55,7e,85,d9,18,76,9d
"001b33edc8e5"=hex:be,34,69,2a,d1,40,1a,e8,10,e9,6b,43,93,f6,da,4b
"001256bc423b"=hex:f6,57,f5,4c,37,8d,95,af,06,47,17,b2,86,c0,1b,eb
"001c43e18c43"=hex:48,32,d7,57,a6,48,1e,91,0d,42,9b,86,ed,5b,62,e7
scanning hidden files ...
scan completed successfully
hidden files: 0

--------------------[ Recherche d'autres infections ]---------------------

Aucune autre infection trouvée !

--------------------[ Fin du rapport à 13:26:49.07 ]----------------------
a b 8 Sécurité
1 Novembre 2007 15:43:31

Reposte un rapport Hijackthis.
1 Novembre 2007 16:10:51

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 16:10:34, on 01/11/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\LEXPPS.EXE
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxpers.exe
C:\Program Files\Dell\Media Experience\DMXLauncher.exe
C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe
C:\WINDOWS\system32\LXSUPMON.EXE
C:\PROGRA~1\Sony\SONICS~1\SsAAD.exe
C:\Program Files\Corel\Corel Photo Album 6\MediaDetect.exe
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\Program Files\HP DVD\Umbrella\DVDTray.exe
C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd2.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe
C:\Program Files\Hercules\Hercules DualPix HD Webcam\CamService.exe
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
C:\Program Files\Fichiers communs\Ahead\lib\NMBgMonitor.exe
C:\Program Files\Microsoft ActiveSync\WCESCOMM.EXE
C:\Program Files\Google\Google Updater\GoogleUpdater.exe
C:\Program Files\Windows Desktop Search\WindowsSearch.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\SearchIndexer.exe
C:\Program Files\Fichiers communs\Sony Shared\AVLib\SSScsiSV.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
C:\Program Files\Windows Live\Messenger\usnsvc.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\WINDOWS\system32\rsvp.exe
C:\WINDOWS\explorer.exe
C:\Program Files\Avant Browser\avant.exe
C:\Program Files\Java\jre1.6.0_02\bin\jucheck.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.dell.fr/myway
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://home.sweetim.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: SweetIM For Internet Explorer - {BC4FFE41-DE9F-46fa-B455-AAD49B9F9938} - C:\Program Files\Macrogaming\SweetIMBarForIE\toolbar.dll (file missing)
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: BHO pour Compagnon Web Encarta - {955BE0B8-BC85-4CAF-856E-8E0D8B610560} - C:\Program Files\Fichiers communs\Microsoft Shared\Encarta Web Companion\2007\ENCWCBAR.DLL
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.1.615.5858\swg.dll
O3 - Toolbar: Compagnon Web Encarta - {147D6308-0614-4112-89B1-31402F9B82C4} - C:\Program Files\Fichiers communs\Microsoft Shared\Encarta Web Companion\2007\ENCWCBAR.DLL
O3 - Toolbar: (no name) - {0BF43445-2F28-4351-9252-17FE6E806AA0} - (no file)
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O4 - HKLM\..\Run: [igfxtray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [igfxhkcmd] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [igfxpers] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [DMXLauncher] C:\Program Files\Dell\Media Experience\DMXLauncher.exe
O4 - HKLM\..\Run: [ISUSPM Startup] "C:\Program Files\Fichiers communs\InstallShield\UpdateService\isuspm.exe" -startup
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [LXSUPMON] C:\WINDOWS\system32\LXSUPMON.EXE RUN
O4 - HKLM\..\Run: [SsAAD.exe] C:\PROGRA~1\Sony\SONICS~1\SsAAD.exe
O4 - HKLM\..\Run: [Corel Photo Downloader] C:\Program Files\Corel\Corel Photo Album 6\MediaDetect.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [MSKDetectorExe] C:\Program Files\McAfee\SpamKiller\MSKDetct.exe /uninstall
O4 - HKLM\..\Run: [DVDTray] "C:\Program Files\HP DVD\Umbrella\DVDTray.exe"
O4 - HKLM\..\Run: [DVDBitSet] "C:\Program Files\HP DVD\Umbrella\DVDBitSet.exe" /NOUI
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe"
O4 - HKLM\..\Run: [HerculesCamService] C:\Program Files\Hercules\Hercules DualPix HD Webcam\CamService.exe
O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [WOOKIT] C:\PROGRA~1\Wanadoo\GestMaj.exe EspaceWanadoo.exe
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Fichiers communs\Ahead\lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Program Files\Microsoft ActiveSync\WCESCOMM.EXE"
O4 - HKCU\..\Run: [SweetIM] C:\Program Files\Macrogaming\SweetIM\SweetIM.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: Outil de mise à jour Google.lnk = C:\Program Files\Google\Google Updater\GoogleUpdater.exe
O4 - Global Startup: Windows Desktop Search.lnk = C:\Program Files\Windows Desktop Search\WindowsSearch.exe
O8 - Extra context menu item: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra button: (no name) - {1A93C934-025B-4c3a-B38E-9654A7003239} - C:\WINDOWS\system32\shdocvw.dll
O9 - Extra 'Tools' menuitem: GamesBar - {1A93C934-025B-4c3a-B38E-9654A7003239} - C:\WINDOWS\system32\shdocvw.dll
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Créer un Favori de l'appareil mobile - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\inetrepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\inetrepl.dll
O9 - Extra 'Tools' menuitem: Créer un Favori de l'appareil mobile... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\inetrepl.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O9 - Extra button: Barre de recherche Encarta - {B205A35E-1FC4-4CE3-818B-899DBBB3388C} - C:\Program Files\Fichiers communs\Microsoft Shared\Encarta Search Bar\ENCSBAR.DLL
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {0E8D0700-75DF-11D3-8B4A-0008C7450C4A} (DjVuCtl Class) - http://downloadcenter.samsung.com/content/common/cab/Dj...
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://webscanner.kaspersky.fr/kavwebscan_unicode.cab
O16 - DPF: {2357B3CF-7F8D-4451-8D81-FD6097610AEE} (CamfrogWEB Advanced Unicode Control) - http://activex.camfrogweb.com/advanced/2.0.1.14/cfweb_a...
O16 - DPF: {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} - http://download.mcafee.com/molbin/shared/mcinsctl/4,0,0...
O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~2\GOEC62~1.DLL
O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: Boonty Games - BOONTY - C:\Program Files\Fichiers communs\BOONTY Shared\Service\Boonty.exe
O23 - Service: GoogleDesktopManager - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: MSCSPTISRV - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\MSCSPTISRV.exe
O23 - Service: Intel NCS NetService (NetSvc) - Intel(R) Corporation - C:\Program Files\Intel\PROSetWired\NCS\Sync\NetSvc.exe
O23 - Service: PACSPTISVR - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\PACSPTISVR.exe
O23 - Service: Planificateur LiveUpdate automatique - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\SPTISRV.exe
O23 - Service: SonicStage SCSI Service (SSScsiSV) - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\SSScsiSV.exe
O23 - Service: Windows Live Setup Service (WLSetupSvc) - Unknown owner - C:\Program Files\Windows Live\installer\WLSetupSvc.exe

--
End of file - 12051 bytes
a b 8 Sécurité
1 Novembre 2007 18:06:51

Désinstalle SweetIM puis reposte un rapport Hijackthis.
1 Novembre 2007 22:10:33

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 22:09:37, on 01/11/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\LEXPPS.EXE
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxpers.exe
C:\Program Files\Dell\Media Experience\DMXLauncher.exe
C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe
C:\WINDOWS\system32\LXSUPMON.EXE
C:\PROGRA~1\Sony\SONICS~1\SsAAD.exe
C:\Program Files\Corel\Corel Photo Album 6\MediaDetect.exe
C:\Program Files\HP DVD\Umbrella\DVDTray.exe
C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd2.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe
C:\Program Files\Hercules\Hercules DualPix HD Webcam\CamService.exe
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
C:\Program Files\Fichiers communs\Ahead\lib\NMBgMonitor.exe
C:\Program Files\Microsoft ActiveSync\WCESCOMM.EXE
C:\Program Files\Google\Google Updater\GoogleUpdater.exe
C:\Program Files\Windows Desktop Search\WindowsSearch.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\SearchIndexer.exe
C:\Program Files\Fichiers communs\Sony Shared\AVLib\SSScsiSV.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
C:\Program Files\Windows Live\Messenger\usnsvc.exe
C:\WINDOWS\explorer.exe
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\Program Files\Macrogaming\SweetIM\SweetIM.exe
C:\WINDOWS\system32\msiexec.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.dell.fr/myway
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://home.sweetim.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: SweetIM For Internet Explorer - {BC4FFE41-DE9F-46fa-B455-AAD49B9F9938} - C:\Program Files\Macrogaming\SweetIMBarForIE\toolbar.dll (file missing)
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: BHO pour Compagnon Web Encarta - {955BE0B8-BC85-4CAF-856E-8E0D8B610560} - C:\Program Files\Fichiers communs\Microsoft Shared\Encarta Web Companion\2007\ENCWCBAR.DLL
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.1.615.5858\swg.dll
O3 - Toolbar: Compagnon Web Encarta - {147D6308-0614-4112-89B1-31402F9B82C4} - C:\Program Files\Fichiers communs\Microsoft Shared\Encarta Web Companion\2007\ENCWCBAR.DLL
O3 - Toolbar: (no name) - {0BF43445-2F28-4351-9252-17FE6E806AA0} - (no file)
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O4 - HKLM\..\Run: [igfxtray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [igfxhkcmd] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [igfxpers] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [DMXLauncher] C:\Program Files\Dell\Media Experience\DMXLauncher.exe
O4 - HKLM\..\Run: [ISUSPM Startup] "C:\Program Files\Fichiers communs\InstallShield\UpdateService\isuspm.exe" -startup
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [LXSUPMON] C:\WINDOWS\system32\LXSUPMON.EXE RUN
O4 - HKLM\..\Run: [SsAAD.exe] C:\PROGRA~1\Sony\SONICS~1\SsAAD.exe
O4 - HKLM\..\Run: [Corel Photo Downloader] C:\Program Files\Corel\Corel Photo Album 6\MediaDetect.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [MSKDetectorExe] C:\Program Files\McAfee\SpamKiller\MSKDetct.exe /uninstall
O4 - HKLM\..\Run: [DVDTray] "C:\Program Files\HP DVD\Umbrella\DVDTray.exe"
O4 - HKLM\..\Run: [DVDBitSet] "C:\Program Files\HP DVD\Umbrella\DVDBitSet.exe" /NOUI
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe"
O4 - HKLM\..\Run: [HerculesCamService] C:\Program Files\Hercules\Hercules DualPix HD Webcam\CamService.exe
O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [WOOKIT] C:\PROGRA~1\Wanadoo\GestMaj.exe EspaceWanadoo.exe
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Fichiers communs\Ahead\lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Program Files\Microsoft ActiveSync\WCESCOMM.EXE"
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: Outil de mise à jour Google.lnk = C:\Program Files\Google\Google Updater\GoogleUpdater.exe
O4 - Global Startup: Windows Desktop Search.lnk = C:\Program Files\Windows Desktop Search\WindowsSearch.exe
O8 - Extra context menu item: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra button: (no name) - {1A93C934-025B-4c3a-B38E-9654A7003239} - C:\WINDOWS\system32\shdocvw.dll
O9 - Extra 'Tools' menuitem: GamesBar - {1A93C934-025B-4c3a-B38E-9654A7003239} - C:\WINDOWS\system32\shdocvw.dll
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Créer un Favori de l'appareil mobile - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\inetrepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\inetrepl.dll
O9 - Extra 'Tools' menuitem: Créer un Favori de l'appareil mobile... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\inetrepl.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O9 - Extra button: Barre de recherche Encarta - {B205A35E-1FC4-4CE3-818B-899DBBB3388C} - C:\Program Files\Fichiers communs\Microsoft Shared\Encarta Search Bar\ENCSBAR.DLL
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {0E8D0700-75DF-11D3-8B4A-0008C7450C4A} (DjVuCtl Class) - http://downloadcenter.samsung.com/content/common/cab/Dj...
O16 - DPF: {2357B3CF-7F8D-4451-8D81-FD6097610AEE} (CamfrogWEB Advanced Unicode Control) - http://activex.camfrogweb.com/advanced/2.0.1.14/cfweb_a...
O16 - DPF: {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} - http://download.mcafee.com/molbin/shared/mcinsctl/4,0,0...
O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~2\GOEC62~1.DLL
O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: Boonty Games - BOONTY - C:\Program Files\Fichiers communs\BOONTY Shared\Service\Boonty.exe
O23 - Service: GoogleDesktopManager - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: MSCSPTISRV - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\MSCSPTISRV.exe
O23 - Service: Intel NCS NetService (NetSvc) - Intel(R) Corporation - C:\Program Files\Intel\PROSetWired\NCS\Sync\NetSvc.exe
O23 - Service: PACSPTISVR - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\PACSPTISVR.exe
O23 - Service: Planificateur LiveUpdate automatique - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\SPTISRV.exe
O23 - Service: SonicStage SCSI Service (SSScsiSV) - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\SSScsiSV.exe
O23 - Service: Windows Live Setup Service (WLSetupSvc) - Unknown owner - C:\Program Files\Windows Live\installer\WLSetupSvc.exe

--
End of file - 11752 bytes
1 Novembre 2007 22:11:38

c'est fait.
a b 8 Sécurité
2 Novembre 2007 12:58:43

Re,

Fix les lignes en italique ci-dessous avec Hijackthis : AIDE EN IMAGES

R3 - URLSearchHook: SweetIM For Internet Explorer - {BC4FFE41-DE9F-46fa-B455-AAD49B9F9938} - C:\Program Files\Macrogaming\SweetIMBarForIE\toolbar.dll (file missing)
O3 - Toolbar: (no name) - {0BF43445-2F28-4351-9252-17FE6E806AA0} - (no file)
2 Novembre 2007 18:24:08

et après ?
a b 8 Sécurité
2 Novembre 2007 18:57:19

Reposte un rapport Hijackthis.
3 Novembre 2007 11:13:41

Logfile of HijackThis v1.99.1
Scan saved at 11:13:22, on 03/11/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\LEXPPS.EXE
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\SearchIndexer.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxpers.exe
C:\Program Files\Dell\Media Experience\DMXLauncher.exe
C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe
C:\WINDOWS\system32\LXSUPMON.EXE
C:\PROGRA~1\Sony\SONICS~1\SsAAD.exe
C:\Program Files\Corel\Corel Photo Album 6\MediaDetect.exe
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\Program Files\HP DVD\Umbrella\DVDTray.exe
C:\Program Files\Fichiers communs\Sony Shared\AVLib\SSScsiSV.exe
C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd2.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe
C:\Program Files\Hercules\Hercules DualPix HD Webcam\CamService.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Fichiers communs\Ahead\lib\NMBgMonitor.exe
C:\Program Files\Microsoft ActiveSync\WCESCOMM.EXE
C:\Program Files\Google\Google Updater\GoogleUpdater.exe
C:\Program Files\Windows Desktop Search\WindowsSearch.exe
C:\WINDOWS\system32\SearchProtocolHost.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Avant Browser\avant.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Windows Live\Messenger\usnsvc.exe
C:\Documents and Settings\tisserand raphael\Bureau\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.dell.fr/myway
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://home.sweetim.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: BHO pour Compagnon Web Encarta - {955BE0B8-BC85-4CAF-856E-8E0D8B610560} - C:\Program Files\Fichiers communs\Microsoft Shared\Encarta Web Companion\2007\ENCWCBAR.DLL
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.1.615.5858\swg.dll
O3 - Toolbar: Compagnon Web Encarta - {147D6308-0614-4112-89B1-31402F9B82C4} - C:\Program Files\Fichiers communs\Microsoft Shared\Encarta Web Companion\2007\ENCWCBAR.DLL
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O4 - HKLM\..\Run: [igfxtray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [igfxhkcmd] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [igfxpers] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [DMXLauncher] C:\Program Files\Dell\Media Experience\DMXLauncher.exe
O4 - HKLM\..\Run: [ISUSPM Startup] "C:\Program Files\Fichiers communs\InstallShield\UpdateService\isuspm.exe" -startup
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [LXSUPMON] C:\WINDOWS\system32\LXSUPMON.EXE RUN
O4 - HKLM\..\Run: [SsAAD.exe] C:\PROGRA~1\Sony\SONICS~1\SsAAD.exe
O4 - HKLM\..\Run: [Corel Photo Downloader] C:\Program Files\Corel\Corel Photo Album 6\MediaDetect.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [MSKDetectorExe] C:\Program Files\McAfee\SpamKiller\MSKDetct.exe /uninstall
O4 - HKLM\..\Run: [DVDTray] "C:\Program Files\HP DVD\Umbrella\DVDTray.exe"
O4 - HKLM\..\Run: [DVDBitSet] "C:\Program Files\HP DVD\Umbrella\DVDBitSet.exe" /NOUI
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe"
O4 - HKLM\..\Run: [HerculesCamService] C:\Program Files\Hercules\Hercules DualPix HD Webcam\CamService.exe
O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [WOOKIT] C:\PROGRA~1\Wanadoo\GestMaj.exe EspaceWanadoo.exe
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Fichiers communs\Ahead\lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Program Files\Microsoft ActiveSync\WCESCOMM.EXE"
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: Outil de mise à jour Google.lnk = C:\Program Files\Google\Google Updater\GoogleUpdater.exe
O4 - Global Startup: Windows Desktop Search.lnk = C:\Program Files\Windows Desktop Search\WindowsSearch.exe
O8 - Extra context menu item: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra button: (no name) - {1A93C934-025B-4c3a-B38E-9654A7003239} - C:\WINDOWS\system32\shdocvw.dll
O9 - Extra 'Tools' menuitem: GamesBar - {1A93C934-025B-4c3a-B38E-9654A7003239} - C:\WINDOWS\system32\shdocvw.dll
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Créer un Favori de l'appareil mobile - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\inetrepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\inetrepl.dll
O9 - Extra 'Tools' menuitem: Créer un Favori de l'appareil mobile... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\inetrepl.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O9 - Extra button: Barre de recherche Encarta - {B205A35E-1FC4-4CE3-818B-899DBBB3388C} - C:\Program Files\Fichiers communs\Microsoft Shared\Encarta Search Bar\ENCSBAR.DLL
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {0E8D0700-75DF-11D3-8B4A-0008C7450C4A} (DjVuCtl Class) - http://downloadcenter.samsung.com/content/common/cab/Dj...
O16 - DPF: {2357B3CF-7F8D-4451-8D81-FD6097610AEE} (CamfrogWEB Advanced Unicode Control) - http://activex.camfrogweb.com/advanced/2.0.1.14/cfweb_a...
O16 - DPF: {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} - http://download.mcafee.com/molbin/shared/mcinsctl/4,0,0...
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WINDOW~4\MESSEN~1\MSGRAP~1.DLL
O18 - Protocol: ms-help - {314111C7-A502-11D2-BBCA-00C04F8EC294} - C:\Program Files\Fichiers communs\Microsoft Shared\Help\hxds.dll
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WINDOW~4\MESSEN~1\MSGRAP~1.DLL
O18 - Protocol: wlmailhtml - {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Program Files\Windows Live\Mail\mailcomm.dll
O18 - Filter hijack: text/xml - {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~1\FICHIE~1\MICROS~1\OFFICE12\MSOXMLMF.DLL
O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~2\GOEC62~1.DLL
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxdev.dll
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: Boonty Games - BOONTY - C:\Program Files\Fichiers communs\BOONTY Shared\Service\Boonty.exe
O23 - Service: GoogleDesktopManager - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: MSCSPTISRV - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\MSCSPTISRV.exe
O23 - Service: Intel NCS NetService (NetSvc) - Intel(R) Corporation - C:\Program Files\Intel\PROSetWired\NCS\Sync\NetSvc.exe
O23 - Service: PACSPTISVR - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\PACSPTISVR.exe
O23 - Service: Planificateur LiveUpdate automatique - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\SPTISRV.exe
O23 - Service: SonicStage SCSI Service (SSScsiSV) - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\SSScsiSV.exe
O23 - Service: Windows Live Setup Service (WLSetupSvc) - Unknown owner - C:\Program Files\Windows Live\installer\WLSetupSvc.exe

a b 8 Sécurité
3 Novembre 2007 11:22:11

Même soucis ?
3 Novembre 2007 16:11:07

non c'est bon. Merci de ton aide. Bonne continuation. Nadouge
a b 8 Sécurité
3 Novembre 2007 21:56:02

Bon surf.
Tom's guide dans le monde
  • Allemagne
  • Italie
  • Irlande
  • Royaume Uni
  • Etats Unis
Suivre Tom's Guide
Inscrivez-vous à la Newsletter
  • ajouter à twitter
  • ajouter à facebook
  • ajouter un flux RSS