[RESOLU] Gros cheval de troie

pour l'instans moi je les pas encors le virus en+ sa tombe bien se topic
voila un copain a doner mon adresse a mon pire ennemie
qui lui veu m'envoiyer un cheval de troie
mais sa va faire quoi?
et essse vrais que sa s'envoie par courier?
et si il le fait comme y dit aije le droit de porter plainte?
merci de me répondre a moi et a wartezing

Eh Rachichoz, je pense que tu pourrais porter plainte... si tu as vraiment la preuve que c'est un truc infecté, le mieux c'est que tu n'ouvre pas ses messages...

Sinon j'ai télcharger Hijacthis Version française sur zebulon, j'ai fait un scan et voilà ce qu'il me dit :


Logfile of HijackThis v1.99.1
Scan saved at 10:08:07, on 09/06/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.5730.0011)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\System32\drivers\CDAC11BA.EXE
C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\slserv.exe
C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\PROGRA~1\Wanadoo\CnxMon.exe
C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb05.exe
C:\PROGRA~1\Wanadoo\taskbaricon.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\DAEMON Tools\daemon.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe
C:\Program Files\Google\Google Updater\GoogleUpdater.exe
C:\PROGRA~1\Wanadoo\EspaceWanadoo.exe
C:\PROGRA~1\Wanadoo\ComComp.exe
C:\PROGRA~1\Wanadoo\Watch.exe
C:\Program Files\MSN Messenger\usnsvc.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Adobe\Acrobat 5.0\Reader\AcroRd32.exe
C:\Documents and Settings\Rémy\Local Settings\Temporary Internet Files\Content.IE5\2YMPXNVD\HiJackThis_v2[1].exe
C:\Program Files\Hijackthis Version Française\VERSION TRADUITE ORIGINALE.EXE

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\PROGRA~1\Wanadoo\SEARCH~1.DLL
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.5672\swg.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (file missing)
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [WooCnxMon] C:\PROGRA~1\Wanadoo\CnxMon.exe
O4 - HKLM\..\Run: [WOOWATCH] C:\PROGRA~1\Wanadoo\Watch.exe
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb05.exe
O4 - HKLM\..\Run: [WOOTASKBARICON] C:\PROGRA~1\Wanadoo\taskbaricon.exe
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [.nvsvc] C:\WINDOWS\system\smss.exe /w
O4 - HKLM\..\Run: [DAEMON Tools] "C:\Program Files\DAEMON Tools\daemon.exe" -lang 1033
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - Startup: PowerReg Scheduler V3.exe
O4 - Global Startup: Accélérateur de démarrage AutoCAD.lnk = C:\Program Files\Fichiers communs\Autodesk Shared\acstart17.exe
O4 - Global Startup: DSLMON.lnk = C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe
O4 - Global Startup: Outil de mise à jour Google.lnk = C:\Program Files\Google\Google Updater\GoogleUpdater.exe
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: Wanadoo - {1462651F-F4BA-4C76-A001-C4284D0FE16E} - http://www.wanadoo.fr (file missing) (HKCU)
O11 - Options group: [INTERNATIONAL] International*
O14 - IERESET.INF: START_PAGE_URL=http://www.01net.com/telecharger/
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {31B7EB4E-8B4B-11D1-A789-00A0CC6651A8} (Cult3D ActiveX Player) - http://host.cycore.net/plugins/windows/ie/Cult3D_IE_5.3...
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls...
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Contro...
O17 - HKLM\System\CCS\Services\Tcpip\..\{C78874C1-2DFF-4FFE-9F84-39182E0D895C}: NameServer = 80.10.246.1 80.10.246.132
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: ms-help - {314111C7-A502-11D2-BBCA-00C04F8EC294} - C:\Program Files\Fichiers communs\Microsoft Shared\Help\hxds.dll
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Filter hijack: text/xml - {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~1\FICHIE~1\MICROS~1\OFFICE12\MSOXMLMF.DLL
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Autodesk Licensing Service - Autodesk - C:\Program Files\Fichiers communs\Autodesk Shared\Service\AdskScSrv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: C-DillaCdaC11BA - C-Dilla Ltd - C:\WINDOWS\System32\drivers\CDAC11BA.EXE
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Imapi Helper - Alex Feinman - C:\Program Files\Alex Feinman\ISO Recorder\ImapiHelper.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: SmartLinkService (SLService) - - C:\WINDOWS\SYSTEM32\slserv.exe
O23 - Service: StarWind iSCSI Service (StarWindService) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe



Alors que doit-je faire maintenant ?

Pour répondre à rachichoz :
Si il t'envoi un cheval de troie il pourra prendre le controle de ton ordi,réseau,... et les chevaux de troies son desfois sous la forme de logiciel qu'il faut installé donc si jamais quelqu'un que tu ne connais pas t'envoi un courrier éléctronique tu l'ouvre pas [ bien sur !!] ensuite sio tu connais cette personne tu télécharge le fichier mais tu l'éxécute (installé) sur tout pas !!!!!
Tu fais tout de suite une analyse ( un scan ) avec ton anti-virus si tu a Norton ouvre pas tes messages temp que tu na pas changé d'antivirus !!

Et je vais t'envoyer un mp pour te dire quelque chose d'autre

Ensuite si tu sais que c'est bien lui qui a envoyé ce virus tu peux je pense ( rensaigne sur le site internet de la justice francaise ) porter plainte , mais avant de vouloir porté plainte menace de porté plainte !

Après il faut voir si il v avraiment le faire si il est un peu bon en informatique ...

Sur ce bYe  

Comme je vous les dis plus haut que reçoit constament des messages d'avast, j'en ai encore reçu un :




Le nom de l'.exe à encore changer... A chaque fois que ça fait cela, je fait supprimer !!

Comment je peut faire maintenant ?

S'il vous plait, aidez moi ...  

Bonjour,

Télécharge SDFix (créé par AndyManchesta) et sauvegarde le sur ton Bureau.
Double clique sur SDFix.exe et choisis Install pour l'extraire sur le Bureau.

Redémarre en mode sans échec

Ouvre le dossier SDFix qui vient d'être créé à la racine de ton dique dur (C:) et double clique sur RunThis.bat pour lancer le script.

Appuie sur Y pour commencer le processus de nettoyage.

Il va supprimer les services et les entrées du Registre de certains trojans trouvés puis te demandera d'appuyer sur une touche pour redémarrer.

Appuie sur une touche pour redémarrer le PC.

Ton système sera plus long pour redémarrer qu'à l'accoutumée car l'outil va continuer à s'exécuter et supprimer des fichiers.

Après le chargement du Bureau, l'outil terminera son travail et affichera Finished.

Appuie sur une touche pour finir l'exécution du script et charger les icônes de ton Bureau.

Les icônes du Bureau affichées, le rapport SDFix s'ouvrira à l'écran et s'enregistrera aussi dans le dossier SDFix sous le nom Report.txt.

Enfin, copie/colle le contenu du fichier Report.txt dans ta prochaine réponse sur le forum, avec un nouveau log Hijackthis.

Report.txt :


SDFix: Version 1.86

Run by Administrateur - 09/06/2007 - 18:08:14,12

Microsoft Windows XP [version 5.1.2600]

Running From: C:\SDFix

Safe Mode:
Checking Services:






Restoring Windows Registry Values
Restoring Windows Default Hosts File
Restoring Missing Security Center Service
Restoring Missing SharedAccess Service

Rebooting...


Normal Mode:
Checking Files:

Below files will be copied to Backups folder then removed:

C:\WINDOWS\system\smss.exe - Deleted



Removing Temp Files...

ADS Check:

Checking if ADS is attached to system32 Folder
C:\WINDOWS\system32
No streams found.

Checking if ADS is attached to svchost.exe
C:\WINDOWS\system32\svchost.exe
No streams found.

Checking if ADS is attached to ntoskrnl.exe
C:\WINDOWS\system32\ntoskrnl.exe
No streams found.



Final Check:

Remaining Services:
------------------



Authorized Application Key Export:

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\\Program Files\\MSN Messenger\\msnmsgr.exe"="C:\\Program Files\\MSN Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.1"
"C:\\Program Files\\MSN Messenger\\livecall.exe"="C:\\Program Files\\MSN Messenger\\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)"
"C:\\DOCUME~1\\RMY~1\\LOCALS~1\\Temp\\22exinjs.a9.exe"="C:\\DOCUME~1\\RMY~1\\LOCALS~1\\Temp\\22exinjs.a9.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\RMY~1\\LOCALS~1\\Temp\\97exinjs.a9.exe"="C:\\DOCUME~1\\RMY~1\\LOCALS~1\\Temp\\97exinjs.a9.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\RMY~1\\LOCALS~1\\Temp\\53exinjs.a9.exe"="C:\\DOCUME~1\\RMY~1\\LOCALS~1\\Temp\\53exinjs.a9.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\RMY~1\\LOCALS~1\\Temp\\9exinjs.a9.exe"="C:\\DOCUME~1\\RMY~1\\LOCALS~1\\Temp\\9exinjs.a9.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\RMY~1\\LOCALS~1\\Temp\\18exinjs.a9.exe"="C:\\DOCUME~1\\RMY~1\\LOCALS~1\\Temp\\18exinjs.a9.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\RMY~1\\LOCALS~1\\Temp\\90exinjs.a9.exe"="C:\\DOCUME~1\\RMY~1\\LOCALS~1\\Temp\\90exinjs.a9.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\RMY~1\\LOCALS~1\\Temp\\87exinjs.a9.exe"="C:\\DOCUME~1\\RMY~1\\LOCALS~1\\Temp\\87exinjs.a9.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\RMY~1\\LOCALS~1\\Temp\\20exinjs.a9.exe"="C:\\DOCUME~1\\RMY~1\\LOCALS~1\\Temp\\20exinjs.a9.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\RMY~1\\LOCALS~1\\Temp\\94exinjs.a9.exe"="C:\\DOCUME~1\\RMY~1\\LOCALS~1\\Temp\\94exinjs.a9.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\RMY~1\\LOCALS~1\\Temp\\81exinjs.a9.exe"="C:\\DOCUME~1\\RMY~1\\LOCALS~1\\Temp\\81exinjs.a9.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\RMY~1\\LOCALS~1\\Temp\\44exinjs.a9.exe"="C:\\DOCUME~1\\RMY~1\\LOCALS~1\\Temp\\44exinjs.a9.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\RMY~1\\LOCALS~1\\Temp\\7exinjs.a9.exe"="C:\\DOCUME~1\\RMY~1\\LOCALS~1\\Temp\\7exinjs.a9.exe:*:Enabled:Microsoft Update"
"C:\\WINDOWS\\system32\\dpvsetup.exe"="C:\\WINDOWS\\system32\\dpvsetup.exe:*:Enabled:Microsoft DirectPlay Voice Test"
"C:\\DOCUME~1\\RMY~1\\LOCALS~1\\Temp\\32exinjs.a9.exe"="C:\\DOCUME~1\\RMY~1\\LOCALS~1\\Temp\\32exinjs.a9.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\RMY~1\\LOCALS~1\\Temp\\41exinjs.a9.exe"="C:\\DOCUME~1\\RMY~1\\LOCALS~1\\Temp\\41exinjs.a9.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\RMY~1\\LOCALS~1\\Temp\\57exinjs.a9.exe"="C:\\DOCUME~1\\RMY~1\\LOCALS~1\\Temp\\57exinjs.a9.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\RMY~1\\LOCALS~1\\Temp\\15exinjs.a9.exe"="C:\\DOCUME~1\\RMY~1\\LOCALS~1\\Temp\\15exinjs.a9.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\RMY~1\\LOCALS~1\\Temp\\29exinjs.a9.exe"="C:\\DOCUME~1\\RMY~1\\LOCALS~1\\Temp\\29exinjs.a9.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\RMY~1\\LOCALS~1\\Temp\\79exinjs.a9.exe"="C:\\DOCUME~1\\RMY~1\\LOCALS~1\\Temp\\79exinjs.a9.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\RMY~1\\LOCALS~1\\Temp\\65exinjs.a9.exe"="C:\\DOCUME~1\\RMY~1\\LOCALS~1\\Temp\\65exinjs.a9.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\RMY~1\\LOCALS~1\\Temp\\36exinjs.a9.exe"="C:\\DOCUME~1\\RMY~1\\LOCALS~1\\Temp\\36exinjs.a9.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\RMY~1\\LOCALS~1\\Temp\\30exinjs.a9.exe"="C:\\DOCUME~1\\RMY~1\\LOCALS~1\\Temp\\30exinjs.a9.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\RMY~1\\LOCALS~1\\Temp\\4exinjs.a9.exe"="C:\\DOCUME~1\\RMY~1\\LOCALS~1\\Temp\\4exinjs.a9.exe:*:Enabled:Microsoft Update"
"C:\\Program Files\\eMule\\emule.exe"="C:\\Program Files\\eMule\\emule.exe:*:Enabled:eMule"
"C:\\DOCUME~1\\RMY~1\\LOCALS~1\\Temp\\60exinjs.a9.exe"="C:\\DOCUME~1\\RMY~1\\LOCALS~1\\Temp\\60exinjs.a9.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\RMY~1\\LOCALS~1\\Temp\\42exinjs.a9.exe"="C:\\DOCUME~1\\RMY~1\\LOCALS~1\\Temp\\42exinjs.a9.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\RMY~1\\LOCALS~1\\Temp\\17exinjs.a9.exe"="C:\\DOCUME~1\\RMY~1\\LOCALS~1\\Temp\\17exinjs.a9.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\RMY~1\\LOCALS~1\\Temp\\99exinjs.a9.exe"="C:\\DOCUME~1\\RMY~1\\LOCALS~1\\Temp\\99exinjs.a9.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\RMY~1\\LOCALS~1\\Temp\\69exinjs.a9.exe"="C:\\DOCUME~1\\RMY~1\\LOCALS~1\\Temp\\69exinjs.a9.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\RMY~1\\LOCALS~1\\Temp\\77exinjs.a9.exe"="C:\\DOCUME~1\\RMY~1\\LOCALS~1\\Temp\\77exinjs.a9.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\RMY~1\\LOCALS~1\\Temp\\5exinjs.a9.exe"="C:\\DOCUME~1\\RMY~1\\LOCALS~1\\Temp\\5exinjs.a9.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\RMY~1\\LOCALS~1\\Temp\\49exinjs.a9.exe"="C:\\DOCUME~1\\RMY~1\\LOCALS~1\\Temp\\49exinjs.a9.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\RMY~1\\LOCALS~1\\Temp\\85exinjs.a9.exe"="C:\\DOCUME~1\\RMY~1\\LOCALS~1\\Temp\\85exinjs.a9.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\RMY~1\\LOCALS~1\\Temp\\6exinjs.a9.exe"="C:\\DOCUME~1\\RMY~1\\LOCALS~1\\Temp\\6exinjs.a9.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\RMY~1\\LOCALS~1\\Temp\\88exinjs.a9.exe"="C:\\DOCUME~1\\RMY~1\\LOCALS~1\\Temp\\88exinjs.a9.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\RMY~1\\LOCALS~1\\Temp\\3exinjs.a9.exe"="C:\\DOCUME~1\\RMY~1\\LOCALS~1\\Temp\\3exinjs.a9.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\RMY~1\\LOCALS~1\\Temp\\23exinjs.a9.exe"="C:\\DOCUME~1\\RMY~1\\LOCALS~1\\Temp\\23exinjs.a9.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\RMY~1\\LOCALS~1\\Temp\\43exinjs.a9.exe"="C:\\DOCUME~1\\RMY~1\\LOCALS~1\\Temp\\43exinjs.a9.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\RMY~1\\LOCALS~1\\Temp\\33exinjs.a9.exe"="C:\\DOCUME~1\\RMY~1\\LOCALS~1\\Temp\\33exinjs.a9.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\RMY~1\\LOCALS~1\\Temp\\51exinjs.a9.exe"="C:\\DOCUME~1\\RMY~1\\LOCALS~1\\Temp\\51exinjs.a9.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\RMY~1\\LOCALS~1\\Temp\\1exinjs.a9.exe"="C:\\DOCUME~1\\RMY~1\\LOCALS~1\\Temp\\1exinjs.a9.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\RMY~1\\LOCALS~1\\Temp\\67exinjs.a9.exe"="C:\\DOCUME~1\\RMY~1\\LOCALS~1\\Temp\\67exinjs.a9.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\RMY~1\\LOCALS~1\\Temp\\45exinjs.a9.exe"="C:\\DOCUME~1\\RMY~1\\LOCALS~1\\Temp\\45exinjs.a9.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\RMY~1\\LOCALS~1\\Temp\\31exinjs.a9.exe"="C:\\DOCUME~1\\RMY~1\\LOCALS~1\\Temp\\31exinjs.a9.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\RMY~1\\LOCALS~1\\Temp\\39exinjs.a9.exe"="C:\\DOCUME~1\\RMY~1\\LOCALS~1\\Temp\\39exinjs.a9.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\RMY~1\\LOCALS~1\\Temp\\47exinjs.a9.exe"="C:\\DOCUME~1\\RMY~1\\LOCALS~1\\Temp\\47exinjs.a9.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\RMY~1\\LOCALS~1\\Temp\\56exinjs.a9.exe"="C:\\DOCUME~1\\RMY~1\\LOCALS~1\\Temp\\56exinjs.a9.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\RMY~1\\LOCALS~1\\Temp\\86exinjs.a9.exe"="C:\\DOCUME~1\\RMY~1\\LOCALS~1\\Temp\\86exinjs.a9.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\RMY~1\\LOCALS~1\\Temp\\55exinjs.a9.exe"="C:\\DOCUME~1\\RMY~1\\LOCALS~1\\Temp\\55exinjs.a9.exe:*:Enabled:Microsoft Update"
"C:\\Program Files\\uTorrent\\utorrent.exe"="C:\\Program Files\\uTorrent\\utorrent.exe:*:Enabled:utorrent"
"C:\\DOCUME~1\\RMY~1\\LOCALS~1\\Temp\\10exinjs.a9.exe"="C:\\DOCUME~1\\RMY~1\\LOCALS~1\\Temp\\10exinjs.a9.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\RMY~1\\LOCALS~1\\Temp\\83exinjs.a9.exe"="C:\\DOCUME~1\\RMY~1\\LOCALS~1\\Temp\\83exinjs.a9.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\RMY~1\\LOCALS~1\\Temp\\84exinjs.a9.exe"="C:\\DOCUME~1\\RMY~1\\LOCALS~1\\Temp\\84exinjs.a9.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\RMY~1\\LOCALS~1\\Temp\\58exinjs.a9.exe"="C:\\DOCUME~1\\RMY~1\\LOCALS~1\\Temp\\58exinjs.a9.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\RMY~1\\LOCALS~1\\Temp\\74exinjs.a9.exe"="C:\\DOCUME~1\\RMY~1\\LOCALS~1\\Temp\\74exinjs.a9.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\RMY~1\\LOCALS~1\\Temp\\48exinjs.a9.exe"="C:\\DOCUME~1\\RMY~1\\LOCALS~1\\Temp\\48exinjs.a9.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\RMY~1\\LOCALS~1\\Temp\\73exinjs.a9.exe"="C:\\DOCUME~1\\RMY~1\\LOCALS~1\\Temp\\73exinjs.a9.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\RMY~1\\LOCALS~1\\Temp\\35exinjs.a9.exe"="C:\\DOCUME~1\\RMY~1\\LOCALS~1\\Temp\\35exinjs.a9.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\RMY~1\\LOCALS~1\\Temp\\78exinjs.a9.exe"="C:\\DOCUME~1\\RMY~1\\LOCALS~1\\Temp\\78exinjs.a9.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\RMY~1\\LOCALS~1\\Temp\\54exinjs.a9.exe"="C:\\DOCUME~1\\RMY~1\\LOCALS~1\\Temp\\54exinjs.a9.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\RMY~1\\LOCALS~1\\Temp\\8exinjs.a9.exe"="C:\\DOCUME~1\\RMY~1\\LOCALS~1\\Temp\\8exinjs.a9.exe:*:Enabled:Microsoft Update"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\\Program Files\\MSN Messenger\\msnmsgr.exe"="C:\\Program Files\\MSN Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.1"
"C:\\Program Files\\MSN Messenger\\livecall.exe"="C:\\Program Files\\MSN Messenger\\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)"

Remaining Files:
---------------

Backups Folder: - C:\SDFix\backups\backups.zip

Listing Files with Hidden Attributes:

C:\Program Files\Autodesk\Autodesk DWF Viewer\_Setup.dll
C:\Program Files\Autodesk\Autodesk DWF Viewer\_Setupx.dll
C:\Program Files\Autodesk\Autodesk DWF Viewer\Setup.exe
C:\Documents and Settings\All Users\DRM\Cache\Indiv01.tmp
C:\WINDOWS\SoftwareDistribution\Download\S-1-5-18\035933f8200812cad539195e91cbe107\BIT30.tmp
C:\WINDOWS\SoftwareDistribution\Download\S-1-5-18\087c95038fa0513bb8de57c8b3f3084d\download\BIT58.tmp
C:\WINDOWS\SoftwareDistribution\Download\S-1-5-18\09cb817dc3540e715f6f79d4a0adf6be\BIT47.tmp
C:\WINDOWS\SoftwareDistribution\Download\S-1-5-18\0d7569a279576eea9ab33afe1d3e51f7\download\BIT5A.tmp
C:\WINDOWS\SoftwareDistribution\Download\S-1-5-18\1059f9fa18db5c659dd880c6bde1acd8\download\BIT57.tmp
C:\WINDOWS\SoftwareDistribution\Download\S-1-5-18\11bda45ddac56c922dc03bbcfa39ab38\BIT2E.tmp
C:\WINDOWS\SoftwareDistribution\Download\S-1-5-18\1369c6d3d1e461b8f6eb4aab4a0a2c8a\download\BIT65.tmp
C:\WINDOWS\SoftwareDistribution\Download\S-1-5-18\15adc2524e94dfdbb0290c0f6b64f81a\BIT35.tmp
C:\WINDOWS\SoftwareDistribution\Download\S-1-5-18\172a12d8728d24242cc986274c5879c4\BIT4F.tmp
C:\WINDOWS\SoftwareDistribution\Download\S-1-5-18\175fcb601eafb4c2ac2a80afd20179a4\BIT29.tmp
C:\WINDOWS\SoftwareDistribution\Download\S-1-5-18\1cb61171c8bf46aa66bd49f5988112ac\BIT46.tmp
C:\WINDOWS\SoftwareDistribution\Download\S-1-5-18\20b3cabb260cb882b3d8b497abda1f71\download\BIT62.tmp
C:\WINDOWS\SoftwareDistribution\Download\S-1-5-18\212ef97adb30b428f03e14a016c454ca\BIT21.tmp
C:\WINDOWS\SoftwareDistribution\Download\S-1-5-18\2188236ebfb773be9367bf47c988d6f4\BIT3B.tmp
C:\WINDOWS\SoftwareDistribution\Download\S-1-5-18\242cc29ce69e492094dd1cf04a7c8f8f\BIT44.tmp
C:\WINDOWS\SoftwareDistribution\Download\S-1-5-18\2e21e9bd7f1bbd5d78c6f14c2cf30295\download\BIT5B.tmp
C:\WINDOWS\SoftwareDistribution\Download\S-1-5-18\2ffcd6f975143621cd7ba191a25e7dee\BIT23.tmp
C:\WINDOWS\SoftwareDistribution\Download\S-1-5-18\309266066c4a71d5da0ed1a55fbc90c1\BIT3C.tmp
C:\WINDOWS\SoftwareDistribution\Download\S-1-5-18\36b5592e74c8c35cb5b23faed8f385d3\BIT43.tmp
C:\WINDOWS\SoftwareDistribution\Download\S-1-5-18\4042804c2a776995a3f497dfcca87fe6\download\BIT55.tmp
C:\WINDOWS\SoftwareDistribution\Download\S-1-5-18\43b6a33ce0cc0d9f775487c3b03ab6aa\BIT3A.tmp
C:\WINDOWS\SoftwareDistribution\Download\S-1-5-18\46b6215de5d83b8828fa6f76b79196ef\download\BIT6C.tmp
C:\WINDOWS\SoftwareDistribution\Download\S-1-5-18\4a7b0ea7ae6499b37f82b5d560f847fc\BIT4E.tmp
C:\WINDOWS\SoftwareDistribution\Download\S-1-5-18\5224af626898b31ba0c7476966921e26\BIT2F.tmp
C:\WINDOWS\SoftwareDistribution\Download\S-1-5-18\588346cfa33dbf7932fb97a7724ea135\BIT22.tmp
C:\WINDOWS\SoftwareDistribution\Download\S-1-5-18\5d517eaaa9133b0aeaba239b1f097b26\download\BIT54.tmp
C:\WINDOWS\SoftwareDistribution\Download\S-1-5-18\602bff9cd5e4a4e7039bbbe857eb7ff2\download\BIT51.tmp
C:\WINDOWS\SoftwareDistribution\Download\S-1-5-18\60e05582324722f8544d6085e0e80928\BIT3E.tmp
C:\WINDOWS\SoftwareDistribution\Download\S-1-5-18\652df4481e78cf8db95f337e5e6fd06c\BIT38.tmp
C:\WINDOWS\SoftwareDistribution\Download\S-1-5-18\7039435cbcb0652994017275f19e6e5a\BIT32.tmp
C:\WINDOWS\SoftwareDistribution\Download\S-1-5-18\75b33b4a04c484cff6a32aee5a3eeba8\BIT41.tmp
C:\WINDOWS\SoftwareDistribution\Download\S-1-5-18\7792e49aac169b8463c5ae0e56c85d4f\BIT4D.tmp
C:\WINDOWS\SoftwareDistribution\Download\S-1-5-18\8a7f7c98df0a30ead57d10a0a13cfc46\download\BIT52.tmp
C:\WINDOWS\SoftwareDistribution\Download\S-1-5-18\8fe41575b7c5135c5481192ab0c1266b\BIT4C.tmp
C:\WINDOWS\SoftwareDistribution\Download\S-1-5-18\92187aedab601bb25548bba6adc50cc9\BIT45.tmp
C:\WINDOWS\SoftwareDistribution\Download\S-1-5-18\925c7afc2ba478434e358c78673b4a12\BIT2A.tmp
C:\WINDOWS\SoftwareDistribution\Download\S-1-5-18\92980ddd780cf4738bc5e1b3d6706ba7\download\BIT69.tmp
C:\WINDOWS\SoftwareDistribution\Download\S-1-5-18\94dd5c86d2211543a830b2de82b24440\download\BIT5C.tmp
C:\WINDOWS\SoftwareDistribution\Download\S-1-5-18\96323f4b2477b2d772cfb04f3513215f\BIT34.tmp
C:\WINDOWS\SoftwareDistribution\Download\S-1-5-18\967887277fa6d2b1bc642d5a1b513174\download\BIT56.tmp
C:\WINDOWS\SoftwareDistribution\Download\S-1-5-18\97e754582377d850e2164a4adca20caa\download\BIT5E.tmp
C:\WINDOWS\SoftwareDistribution\Download\S-1-5-18\98091b7e393d32343cd6ee6419786bb1\download\BIT67.tmp
C:\WINDOWS\SoftwareDistribution\Download\S-1-5-18\982e3592e6cb28f674d1d6319523b1b9\BIT33.tmp
C:\WINDOWS\SoftwareDistribution\Download\S-1-5-18\9d141fe443dceca575dc6e6f2f0eca89\BIT26.tmp
C:\WINDOWS\SoftwareDistribution\Download\S-1-5-18\a1a09926ba55692e4bb839d62c2c1e21\download\BIT59.tmp
C:\WINDOWS\SoftwareDistribution\Download\S-1-5-18\a2c448c58d4a6982f549f50b49b5a63a\download\BIT4B.tmp
C:\WINDOWS\SoftwareDistribution\Download\S-1-5-18\a784624f51e504c24fcaaa117668f3b6\download\BIT50.tmp
C:\WINDOWS\SoftwareDistribution\Download\S-1-5-18\a9e93f8b9968640870c66d6cd37b81d2\BIT40.tmp
C:\WINDOWS\SoftwareDistribution\Download\S-1-5-18\b5e09bc917afa4d382c3d83a8fea8126\BIT3D.tmp
C:\WINDOWS\SoftwareDistribution\Download\S-1-5-18\bdbc2001decde12012366b57c981e5e9\BIT37.tmp
C:\WINDOWS\SoftwareDistribution\Download\S-1-5-18\bec6ccdc2e87326a059fbc24a1ba98c2\BIT36.tmp
C:\WINDOWS\SoftwareDistribution\Download\S-1-5-18\c27bd89901ef6b60dcbba81071f79f35\BIT25.tmp
C:\WINDOWS\SoftwareDistribution\Download\S-1-5-18\c2c90d07259878f31cc0a433c5f7cbdb\download\BIT66.tmp
C:\WINDOWS\SoftwareDistribution\Download\S-1-5-18\c431dc4bbdccd59d7eec2075c4336ebf\download\BIT63.tmp
C:\WINDOWS\SoftwareDistribution\Download\S-1-5-18\ca1695c7fb59dd42a14490b9124cb8d7\BIT2C.tmp
C:\WINDOWS\SoftwareDistribution\Download\S-1-5-18\caba68ba086fd3fb31100e13b6c192ae\BIT2B.tmp
C:\WINDOWS\SoftwareDistribution\Download\S-1-5-18\d138a1775812050c324458347919de13\download\BIT64.tmp
C:\WINDOWS\SoftwareDistribution\Download\S-1-5-18\d34105cbc07cfc82a840c12d5e028679\BIT39.tmp
C:\WINDOWS\SoftwareDistribution\Download\S-1-5-18\d4a37460d445a728eedf3490051e8fa1\download\BIT53.tmp
C:\WINDOWS\SoftwareDistribution\Download\S-1-5-18\d50db80046c205ad16f51b74e13487ba\BIT28.tmp
C:\WINDOWS\SoftwareDistribution\Download\S-1-5-18\e6c3db259a836f1550d18daa86b32f0b\BIT4A.tmp
C:\WINDOWS\SoftwareDistribution\Download\S-1-5-18\eb54cd851acca1509d7ffb5dc4f80842\download\BIT6A.tmp
C:\WINDOWS\SoftwareDistribution\Download\S-1-5-18\ee1608e4453bf012111368b651f3cf15\BIT42.tmp
C:\WINDOWS\SoftwareDistribution\Download\S-1-5-18\f3e7858db8ebf255ea0c4b70d83969b2\BIT24.tmp
C:\WINDOWS\SoftwareDistribution\Download\S-1-5-18\f988e17e25499b085c2b8eb6d796fccc\download\BIT5D.tmp
C:\WINDOWS\SoftwareDistribution\Download\S-1-5-18\fda4a07ab7a56c6d4616537d15334ad6\download\BIT6B.tmp

Listing User Accounts:

comptes d'utilisateurs de \\

Administrateur HelpAssistant Invit‚
R‚my SUPPORT_388945a0
Des erreurs ont affect‚ l'ex‚cution de la commande.


Finished



______________________________________________________


Logfile of HijackThis v1.99.1
Scan saved at 18:27:21, on 09/06/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.5730.0011)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\System32\drivers\CDAC11BA.EXE
C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\slserv.exe
C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\system32\notepad.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\PROGRA~1\Wanadoo\CnxMon.exe
C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb05.exe
C:\PROGRA~1\Wanadoo\taskbaricon.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\DAEMON Tools\daemon.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe
C:\Program Files\Google\Google Updater\GoogleUpdater.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\PROGRA~1\Wanadoo\EspaceWanadoo.exe
C:\PROGRA~1\Wanadoo\ComComp.exe
C:\PROGRA~1\Wanadoo\Watch.exe
C:\Program Files\MSN Messenger\usnsvc.exe
C:\Program Files\Hijackthis Version Française\VERSION TRADUITE ORIGINALE.EXE

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\PROGRA~1\Wanadoo\SEARCH~1.DLL
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.5672\swg.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (file missing)
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [WooCnxMon] C:\PROGRA~1\Wanadoo\CnxMon.exe
O4 - HKLM\..\Run: [WOOWATCH] C:\PROGRA~1\Wanadoo\Watch.exe
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb05.exe
O4 - HKLM\..\Run: [WOOTASKBARICON] C:\PROGRA~1\Wanadoo\taskbaricon.exe
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [DAEMON Tools] "C:\Program Files\DAEMON Tools\daemon.exe" -lang 1033
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - Startup: PowerReg Scheduler V3.exe
O4 - Global Startup: Accélérateur de démarrage AutoCAD.lnk = C:\Program Files\Fichiers communs\Autodesk Shared\acstart17.exe
O4 - Global Startup: DSLMON.lnk = C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe
O4 - Global Startup: Outil de mise à jour Google.lnk = C:\Program Files\Google\Google Updater\GoogleUpdater.exe
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: Wanadoo - {1462651F-F4BA-4C76-A001-C4284D0FE16E} - http://www.wanadoo.fr (file missing) (HKCU)
O11 - Options group: [INTERNATIONAL] International*
O14 - IERESET.INF: START_PAGE_URL=http://www.01net.com/telecharger/
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {31B7EB4E-8B4B-11D1-A789-00A0CC6651A8} (Cult3D ActiveX Player) - http://host.cycore.net/plugins/windows/ie/Cult3D_IE_5.3...
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls...
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Contro...
O17 - HKLM\System\CCS\Services\Tcpip\..\{C78874C1-2DFF-4FFE-9F84-39182E0D895C}: NameServer = 80.10.246.1 80.10.246.132
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: ms-help - {314111C7-A502-11D2-BBCA-00C04F8EC294} - C:\Program Files\Fichiers communs\Microsoft Shared\Help\hxds.dll
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Filter hijack: text/xml - {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~1\FICHIE~1\MICROS~1\OFFICE12\MSOXMLMF.DLL
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Autodesk Licensing Service - Autodesk - C:\Program Files\Fichiers communs\Autodesk Shared\Service\AdskScSrv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: C-DillaCdaC11BA - C-Dilla Ltd - C:\WINDOWS\System32\drivers\CDAC11BA.EXE
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Imapi Helper - Alex Feinman - C:\Program Files\Alex Feinman\ISO Recorder\ImapiHelper.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: SmartLinkService (SLService) - - C:\WINDOWS\SYSTEM32\slserv.exe
O23 - Service: StarWind iSCSI Service (StarWindService) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe



Voili, voilou !! Alors, j'ai encore ce foutu virus ?

Re,

Télécharge Clean.zip (de Malekal),
Décompresse-le sur ton bureau (Clique-Droit/Extraire tout), tu dois obtenir un dossier Clean.
Ouvre le dossier clean, double-clique sur clean.cmd.
Choisis l'option 1 puis patiente. Poste ensuite le contenu du rapport.

rapport_clean

09/06/2007 a 20:06:56,46

*** Recherche des fichiers dans C:

*** Recherche des fichiers dans C:\WINDOWS\

*** Recherche des fichiers dans C:\WINDOWS\system32
"C:\DOCUME~1\RMY~1\LOCALS~1\Temp\??exinjs.??.exe" FOUND

*** Recherche des fichiers dans C:\Program Files
*** Fin du rapport !
______________________________________________________

Logfile of HijackThis v1.99.1
Scan saved at 20:08:01, on 09/06/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.5730.0011)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\System32\drivers\CDAC11BA.EXE
C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\slserv.exe
C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\PROGRA~1\Wanadoo\CnxMon.exe
C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb05.exe
C:\PROGRA~1\Wanadoo\taskbaricon.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\DAEMON Tools\daemon.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe
C:\PROGRA~1\Wanadoo\EspaceWanadoo.exe
C:\PROGRA~1\Wanadoo\ComComp.exe
C:\PROGRA~1\Wanadoo\Watch.exe
C:\Program Files\MSN Messenger\usnsvc.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Hijackthis Version Française\VERSION TRADUITE ORIGINALE.EXE

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\PROGRA~1\Wanadoo\SEARCH~1.DLL
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.5672\swg.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (file missing)
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [WooCnxMon] C:\PROGRA~1\Wanadoo\CnxMon.exe
O4 - HKLM\..\Run: [WOOWATCH] C:\PROGRA~1\Wanadoo\Watch.exe
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb05.exe
O4 - HKLM\..\Run: [WOOTASKBARICON] C:\PROGRA~1\Wanadoo\taskbaricon.exe
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [DAEMON Tools] "C:\Program Files\DAEMON Tools\daemon.exe" -lang 1033
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - Startup: PowerReg Scheduler V3.exe
O4 - Global Startup: Accélérateur de démarrage AutoCAD.lnk = C:\Program Files\Fichiers communs\Autodesk Shared\acstart17.exe
O4 - Global Startup: DSLMON.lnk = C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe
O4 - Global Startup: Outil de mise à jour Google.lnk = C:\Program Files\Google\Google Updater\GoogleUpdater.exe
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: Wanadoo - {1462651F-F4BA-4C76-A001-C4284D0FE16E} - http://www.wanadoo.fr (file missing) (HKCU)
O11 - Options group: [INTERNATIONAL] International*
O14 - IERESET.INF: START_PAGE_URL=http://www.01net.com/telecharger/
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {31B7EB4E-8B4B-11D1-A789-00A0CC6651A8} (Cult3D ActiveX Player) - http://host.cycore.net/plugins/windows/ie/Cult3D_IE_5.3...
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls...
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Contro...
O17 - HKLM\System\CCS\Services\Tcpip\..\{C78874C1-2DFF-4FFE-9F84-39182E0D895C}: NameServer = 80.10.246.1 80.10.246.132
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: ms-help - {314111C7-A502-11D2-BBCA-00C04F8EC294} - C:\Program Files\Fichiers communs\Microsoft Shared\Help\hxds.dll
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Filter hijack: text/xml - {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~1\FICHIE~1\MICROS~1\OFFICE12\MSOXMLMF.DLL
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Autodesk Licensing Service - Autodesk - C:\Program Files\Fichiers communs\Autodesk Shared\Service\AdskScSrv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: C-DillaCdaC11BA - C-Dilla Ltd - C:\WINDOWS\System32\drivers\CDAC11BA.EXE
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Imapi Helper - Alex Feinman - C:\Program Files\Alex Feinman\ISO Recorder\ImapiHelper.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: SmartLinkService (SLService) - - C:\WINDOWS\SYSTEM32\slserv.exe
O23 - Service: StarWind iSCSI Service (StarWindService) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe


-------------------------------------------------------------
C'est bon je n'ai plus de virus ?

Ton pc se comporte mieux ?

Fais un scan en ligne Kaspersky avec Internet Explorer :

Clique sur

Clique maintenant sur J'accepte.

Valide l'installation d'un ou de plusieurs ActiveX si c'est nécessaire.

Patiente pendant l'installation des Mises à jour.

Choisis par la suite l'analyse du Poste de travail

Sauvegarde puis colle le rapport généré en fin d'analyse.

AIDE : Tuto sur le scan en ligne

NOTE : Si tu reçois le message "La licence de Kaspersky On-line Scanner est périmée", va dans Ajout/Suppression de programmes puis désinstalle On-Line Scanner, reconnecte toi sur le site de Kaspersky pour retenter le scan en ligne.

Bon alors, le scan est terminé, ça donne ça :

Statistiques de l'analyse
Total d'objets analysés 87015
Nombre de virus trouvés 3
Nombre d'objets infectés 108 / 0
Nombre d'objets suspects 0
Durée de l'analyse 06:06:56

Je suis toujours sur cette page car je ne sais pas quoi cliquer...



Je doit cliquer sur quoi maintenant ?  

sinon j'ai enregistrer le rapport disponible sur cette page
__________________________________________________





___________________________________________________
Aussi pour info, j'ai Avast 4.7 Pro   !!

Comment je doit faire maintenant pour supprimer ces 108 fichiers infecté et ces 3 virus ?  

Et je dit que pour faire le scan de 6h, j'ai laisser le PC allumer toute la nuit et avast ne m'a pas signaler de trojan contrairement a kapersky....

Re,

Vide ce dossier :
C:\Documents and Settings\Rémy\Local Settings\Temp

Voilà c'est fait... C'est vider...

Que doit-je faire maintenant ?

_____________________________________________________
Rapport Clean :

11/06/2007 a 12:43:26,18

*** Recherche des fichiers dans C:

*** Recherche des fichiers dans C:\WINDOWS\

*** Recherche des fichiers dans C:\WINDOWS\system32

*** Recherche des fichiers dans C:\Program Files
*** Fin du rapport !

____________________________________________________
Rapport Hijackthis :

Logfile of HijackThis v1.99.1
Scan saved at 12:45:57, on 11/06/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.5730.0011)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\System32\drivers\CDAC11BA.EXE
C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\slserv.exe
C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\PROGRA~1\Wanadoo\CnxMon.exe
C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb05.exe
C:\PROGRA~1\Wanadoo\taskbaricon.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\DAEMON Tools\daemon.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe
C:\PROGRA~1\Wanadoo\EspaceWanadoo.exe
C:\PROGRA~1\Wanadoo\ComComp.exe
C:\PROGRA~1\Wanadoo\Watch.exe
C:\Program Files\MSN Messenger\usnsvc.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Hijackthis Version Française\VERSION TRADUITE ORIGINALE.EXE

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.wanadoo.fr/go/page_recherche/
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.wanadoo.fr
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\PROGRA~1\Wanadoo\SEARCH~1.DLL
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.5672\swg.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (file missing)
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [WooCnxMon] C:\PROGRA~1\Wanadoo\CnxMon.exe
O4 - HKLM\..\Run: [WOOWATCH] C:\PROGRA~1\Wanadoo\Watch.exe
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb05.exe
O4 - HKLM\..\Run: [WOOTASKBARICON] C:\PROGRA~1\Wanadoo\taskbaricon.exe
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [DAEMON Tools] "C:\Program Files\DAEMON Tools\daemon.exe" -lang 1033
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - Startup: PowerReg Scheduler V3.exe
O4 - Global Startup: Accélérateur de démarrage AutoCAD.lnk = C:\Program Files\Fichiers communs\Autodesk Shared\acstart17.exe
O4 - Global Startup: DSLMON.lnk = C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe
O4 - Global Startup: Outil de mise à jour Google.lnk = C:\Program Files\Google\Google Updater\GoogleUpdater.exe
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: Wanadoo - {1462651F-F4BA-4C76-A001-C4284D0FE16E} - http://www.wanadoo.fr (file missing) (HKCU)
O11 - Options group: [INTERNATIONAL] International*
O14 - IERESET.INF: START_PAGE_URL=http://www.01net.com/telecharger/
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://webscanner.kaspersky.fr/kavwebscan_unicode.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {31B7EB4E-8B4B-11D1-A789-00A0CC6651A8} (Cult3D ActiveX Player) - http://host.cycore.net/plugins/windows/ie/Cult3D_IE_5.3...
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls...
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Contro...
O17 - HKLM\System\CCS\Services\Tcpip\..\{C78874C1-2DFF-4FFE-9F84-39182E0D895C}: NameServer = 80.10.246.130 80.10.246.3
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: ms-help - {314111C7-A502-11D2-BBCA-00C04F8EC294} - C:\Program Files\Fichiers communs\Microsoft Shared\Help\hxds.dll
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Filter hijack: text/xml - {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~1\FICHIE~1\MICROS~1\OFFICE12\MSOXMLMF.DLL
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Autodesk Licensing Service - Autodesk - C:\Program Files\Fichiers communs\Autodesk Shared\Service\AdskScSrv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: C-DillaCdaC11BA - C-Dilla Ltd - C:\WINDOWS\System32\drivers\CDAC11BA.EXE
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Imapi Helper - Alex Feinman - C:\Program Files\Alex Feinman\ISO Recorder\ImapiHelper.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: SmartLinkService (SLService) - - C:\WINDOWS\SYSTEM32\slserv.exe
O23 - Service: StarWind iSCSI Service (StarWindService) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe

______________________________________________________


Je fait quoi maintenant ?


Avast ne me dit plus qu'il y a un virus...

Re,

Fix les lignes ci-dessous avec Hijackthis : AIDE EN IMAGES

O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (file missing)

Logfile of HijackThis v1.99.1
Scan saved at 18:52:54, on 11/06/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.5730.0011)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\System32\drivers\CDAC11BA.EXE
C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\slserv.exe
C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\PROGRA~1\Wanadoo\CnxMon.exe
C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb05.exe
C:\PROGRA~1\Wanadoo\taskbaricon.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\DAEMON Tools\daemon.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\MSN Messenger\usnsvc.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Hijackthis Version Française\VERSION TRADUITE ORIGINALE.EXE

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\PROGRA~1\Wanadoo\SEARCH~1.DLL
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.5672\swg.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [WooCnxMon] C:\PROGRA~1\Wanadoo\CnxMon.exe
O4 - HKLM\..\Run: [WOOWATCH] C:\PROGRA~1\Wanadoo\Watch.exe
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb05.exe
O4 - HKLM\..\Run: [WOOTASKBARICON] C:\PROGRA~1\Wanadoo\taskbaricon.exe
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [DAEMON Tools] "C:\Program Files\DAEMON Tools\daemon.exe" -lang 1033
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - Startup: PowerReg Scheduler V3.exe
O4 - Global Startup: Accélérateur de démarrage AutoCAD.lnk = C:\Program Files\Fichiers communs\Autodesk Shared\acstart17.exe
O4 - Global Startup: DSLMON.lnk = C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe
O4 - Global Startup: Outil de mise à jour Google.lnk = C:\Program Files\Google\Google Updater\GoogleUpdater.exe
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: Wanadoo - {1462651F-F4BA-4C76-A001-C4284D0FE16E} - http://www.wanadoo.fr (file missing) (HKCU)
O11 - Options group: [INTERNATIONAL] International*
O14 - IERESET.INF: START_PAGE_URL=http://www.01net.com/telecharger/
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://webscanner.kaspersky.fr/kavwebscan_unicode.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {31B7EB4E-8B4B-11D1-A789-00A0CC6651A8} (Cult3D ActiveX Player) - http://host.cycore.net/plugins/windows/ie/Cult3D_IE_5.3...
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls...
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Contro...
O17 - HKLM\System\CCS\Services\Tcpip\..\{C78874C1-2DFF-4FFE-9F84-39182E0D895C}: NameServer = 80.10.246.130 80.10.246.3
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: ms-help - {314111C7-A502-11D2-BBCA-00C04F8EC294} - C:\Program Files\Fichiers communs\Microsoft Shared\Help\hxds.dll
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Filter hijack: text/xml - {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~1\FICHIE~1\MICROS~1\OFFICE12\MSOXMLMF.DLL
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Autodesk Licensing Service - Autodesk - C:\Program Files\Fichiers communs\Autodesk Shared\Service\AdskScSrv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: C-DillaCdaC11BA - C-Dilla Ltd - C:\WINDOWS\System32\drivers\CDAC11BA.EXE
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Imapi Helper - Alex Feinman - C:\Program Files\Alex Feinman\ISO Recorder\ImapiHelper.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: SmartLinkService (SLService) - - C:\WINDOWS\SYSTEM32\slserv.exe
O23 - Service: StarWind iSCSI Service (StarWindService) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe



Voilà, c'est "fixé" !! Je fait quoi maintenant ?

Encore des problèmes ?

Non, c'est bon, j'ai fait le même scan que la dernière fois sur Kaspersky et aucun virus, aucun fichier infectés... Merci beaucoup ANGELDARK...

Mais une dernière questions...

Comme je l'ai dis j'ai Avast! Version 4.7 Professionnel.
Je voudrais savoir si il me portège des spyware, malware, vers,... Donc si avast ne le fait pas, j'aimerais que l'on me conseille des protuits (enfin logiciel)...

Voilà et encore merci...

Regarde ce lien :
http://www.infos-du-net.com/forum/266006-11-tutos

Merci beaucoup Angledark !!

Sur Ceux,... PROBLEME RESOLU !!

Bon surf !