Tom's Guide > Forum > Sécurité - Virus > antivirus non valide

antivirus non valide

Forum Sécurité - Virus : antivirus non valide

TomsGuide.com : 800 000 inscrits répondent à toutes vos questions high-tech et informatique. Pour obtenir de l'aide, inscrivez-vous gratuitement !
Créer un nouveau sujet Répondre
Mot :    Pseudo :           
 
mimi04   03-12-2008 à 19:25:42

bonjour
mon antivirus antivir n est plus valide
je suis allee sur le site pour le remettre on m a demande d'envoyer un sms pour avoir un code je l'ai fais j'ai rentre le code recu fini le téléchargement et la resultat mon antivir n est toujours pas valide
je ne sais plus comment faire aidez moi
de plus mon ordi rame
merci

Répondre
Liens sponsorisés
Inscrivez-vous ou connectez-vous pour masquer ceci.
Angeldark   04-12-2008 à 19:18:26
- 0 +

Bonjour,

Tu as téléchargé AntiVir sur quel site ? :/

------------------------------ Prévention & Protection||Vous m'aimez ? Cliquez :o
 Répondre à Angeldark
mimi04   04-12-2008 à 20:55:08
- 0 +

par le lien de start antivir

Répondre à mimi04
mimi04   04-12-2008 à 20:56:42
- 0 +

et d plus j ai plein de messages qui viennent antivir 2009 balayage antivirus et comme quoi il y a un virus espion

Message cité 1 fois
Répondre à mimi04
Egwene   04-12-2008 à 21:51:15
- 0 +

mimi04 a écrit :

et d plus j ai plein de messages qui viennent antivir 2009 balayage antivirus et comme quoi il y a un virus espion



Bonsoir,

On dirait que tu as acheté un faux antivirus, un rogue = une arnaque.

AngelDark va s'occuper de toi.

;)

Répondre à Egwene
Angeldark   05-12-2008 à 16:20:05
- 0 +

Le lien de Start ?

Télécharge puis installe Hijackthis (Trend Micro)
Poste ensuite un rapport dans ta prochaine réponse.
AIDE : Comment utiliser Hijackthis v2.0.2

------------------------------ Prévention & Protection||Vous m'aimez ? Cliquez :o
 Répondre à Angeldark
mimi04   05-12-2008 à 19:40:46
- 0 +

voici le rapport


Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 19:38:13, on 05/12/2008
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16735)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
C:\PROGRA~1\FICHIE~1\AOL\ACS\AOLacsd.exe
C:\Program Files\CyberLink\PowerCinema\Kernel\TV\CLCapSvc.exe
C:\Program Files\CyberLink\PowerCinema\Kernel\TV\CLSched.exe
C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLMLServer.exe
C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLMLService.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\wanmpsvc.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\VTTimer.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\USB Storage RW\DskWatch.exe
C:\WINDOWS\system32\carpserv.exe
C:\Program Files\CyberLink\PowerCinema\PCMService.exe
C:\PROGRA~1\TECHCI~1\AOLSAV\AOLAgent.exe
C:\Program Files\Real\RealPlayer\RealPlay.exe
C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb05.exe
C:\Program Files\Ulead Systems\Ulead Photo Explorer 8.0 SE Basic\Monitor.exe
C:\Program Files\Ulead Systems\Ulead Photo Express 5 SE\calcheck.exe
C:\Program Files\Fichiers communs\AOL\1194351093\ee\AOLSoftware.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Windows Media Player\WMPNSCFG.exe
C:\Program Files\AOL 9.0\aoltray.exe
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Windows Live\Messenger\usnsvc.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.msn.com/
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {1469c7db-1be2-4fc1-a8d1-6dfcd287d6e1} - C:\WINDOWS\system32\hojubipa.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\3.1.807.1746\swg.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: AOL Toolbar - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - C:\Program Files\AOL Toolbar\toolbar.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: (no name) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - (no file)
O4 - HKLM\..\Run: [VTTimer] VTTimer.exe
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [USB Storage RW] C:\Program Files\USB Storage RW\DskWatch.exe
O4 - HKLM\..\Run: [CARPService] carpserv.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [PCMService] "C:\Program Files\CyberLink\PowerCinema\PCMService.exe"
O4 - HKLM\..\Run: [AOLSAV] C:\PROGRA~1\TECHCI~1\AOLSAV\AOLAgent.exe
O4 - HKLM\..\Run: [AOLDialer] C:\Program Files\Fichiers communs\AOL\ACS\AOLDial.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [RealTray] C:\Program Files\Real\RealPlayer\RealPlay.exe SYSTEMBOOTHIDEPLAYER
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb05.exe
O4 - HKLM\..\Run: [UserFaultCheck] %systemroot%\system32\dumprep 0 -u
O4 - HKLM\..\Run: [Ulead AutoDetector] C:\Program Files\Ulead Systems\Ulead Photo Explorer 8.0 SE Basic\Monitor.exe
O4 - HKLM\..\Run: [Controleur de calendrier pour Ulead Photo Express] C:\Program Files\Ulead Systems\Ulead Photo Express 5 SE\calcheck.exe
O4 - HKLM\..\Run: [HostManager] C:\Program Files\Fichiers communs\AOL\1194351093\ee\AOLSoftware.exe
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKLM\..\Run: [bend logo clock film] C:\Documents and Settings\All Users\Application Data\Frag great bend logo\for trust.exe
O4 - HKLM\..\Run: [vusenosoto] Rundll32.exe "C:\WINDOWS\system32\nojuvuva.dll",s
O4 - HKLM\..\Run: [CPMffa27c90] Rundll32.exe "c:\windows\system32\yekoyafa.dll",a
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [Dash Regs] C:\DOCUME~1\mylene\APPLIC~1\DARTON~1\CityHelpPop.exe
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: AOL 9.0 Icône AOL.lnk = C:\Program Files\AOL 9.0\aoltray.exe
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: &Recherche AOL Toolbar - res://C:\Program Files\AOL Toolbar\toolbar.dll/SEARCH.HTML
O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx
O9 - Extra button: AOL Toolbar - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - C:\Program Files\AOL Toolbar\toolbar.dll
O9 - Extra 'Tools' menuitem: AOL Toolbar - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - C:\Program Files\AOL Toolbar\toolbar.dll
O9 - Extra button: (no name) - {B205A35E-1FC4-4CE3-818B-899DBBB3388C} - C:\Program Files\Fichiers communs\Microsoft Shared\Encarta Search Bar\ENCSBAR.DLL
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O14 - IERESET.INF: START_PAGE_URL=http://www.targa.co.uk
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/bina [...] b56986.cab
O16 - DPF: {5C051655-FCD5-4969-9182-770EA5AA5565} (Solitaire Showdown Class) - http://messenger.zone.msn.com/bina [...] b56986.cab
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-F [...] E_UNO1.cab
O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} (Windows Live Safety Center Base Module) - http://cdn.scan.onecare.live.com/r [...] se8300.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://v5.windowsupdate.microsoft. [...] 8507380937
O16 - DPF: {88764F69-3831-4EC1-B40B-FF21D8381345} (AdVerifierADPCtrl Class) - https://static.impots.gouv.fr/tdir/ [...] DP-1.0.cab
O16 - DPF: {B79A53C0-1DAC-4636-BACE-FD086A7A79BF} (AdSignerLCContrl Class) - https://static.impots.gouv.fr/tdir/ [...] DP-1.1.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://messenger.zone.msn.com/bina [...] b56649.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/bina [...] b56907.cab
O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/bina [...] b56986.cab
O20 - AppInit_DLLs: C:\WINDOWS\system32\vavosiwo.dll c:\windows\system32\yekoyafa.dll
O21 - SSODL: SSODL - {EC43E3FD-5C60-46a6-97D7-E0B85DBDD6C4} - c:\windows\system32\yekoyafa.dll
O22 - SharedTaskScheduler: STS - {EC43E3FD-5C60-46a6-97D7-E0B85DBDD6C4} - c:\windows\system32\yekoyafa.dll
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: AOL Connectivity Service (AOL ACS) - AOL LLC - C:\PROGRA~1\FICHIE~1\AOL\ACS\AOLacsd.exe
O23 - Service: CyberLink Background Capture Service (CBCS) (CLCapSvc) - Unknown owner - C:\Program Files\CyberLink\PowerCinema\Kernel\TV\CLCapSvc.exe
O23 - Service: CyberLink Task Scheduler (CTS) (CLSched) - Unknown owner - C:\Program Files\CyberLink\PowerCinema\Kernel\TV\CLSched.exe
O23 - Service: CyberLink Media Library Service - Cyberlink - C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLMLServer.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: WAN Miniport (ATW) Service (WANMiniportService) - America Online, Inc. - C:\WINDOWS\wanmpsvc.exe

--
End of file - 11236 bytes

merci de me dire quoi faire

Répondre à mimi04
Angeldark   05-12-2008 à 20:10:37
- 0 +

J'aime quand on répond à mes questions :/

Télécharge MalwareByte's Anti-Malware sur ton Bureau.
Installe-le en double-cliquant sur le fichier Download_mbam-setup.exe.

Une fois l'installation et la mise à jour effectuées, redémarre en mode sans échec.
AIDE : Redémarrer en mode sans échec

  • Exécute maintenant MalwareByte's Anti-Malware. Si cela n'est pas déjà fait, sélectionne "Exécuter un examen complet".
  • Afin de lancer la recherche, clic sur"Rechercher".
  • Une fois le scan terminé, une fenêtre s'ouvre, clic sur OK. Deux possibilités s'offrent à toi :

-- si le programme n'a rien trouvé, appuie sur OK. Un rapport va apparaître, ferme-le.
-- si des infections sont présentes, clic sur "Afficher les résultats" puis sur "Supprimer la sélection". Enregistre le rapport sur ton Bureau afin de le poster dans ta prochaine réponse.
REMARQUE : Si MalwareByte's Anti-Malware a besoin de redémarrer pour terminer la suppression, accepte en cliquant sur Ok.

AIDE : Tuto en images sur MBAM

------------------------------ Prévention & Protection||Vous m'aimez ? Cliquez :o
 Répondre à Angeldark
mimi04   06-12-2008 à 22:02:28
- 0 +

je me suis mis sur le l icone d antivir sart antivir et la tu as la validitee de l'antivirus a partir de la j ai cliquer sur le lien et je suis arrivée sur internet et les differents types d'antivir gratuit et payant
voivi le rapport

Malwarebytes' Anti-Malware 1.31
Version de la base de données: 1456
Windows 5.1.2600 Service Pack 3

06/12/2008 21:54:05
mbam-log-2008-12-06 (21-54-05).txt

Type de recherche: Examen complet (C:\|D:\|)
Eléments examinés: 127701
Temps écoulé: 1 hour(s), 14 minute(s), 29 second(s)

Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 3
Clé(s) du Registre infectée(s): 6
Valeur(s) du Registre infectée(s): 6
Elément(s) de données du Registre infecté(s): 7
Dossier(s) infecté(s): 1
Fichier(s) infecté(s): 20

Processus mémoire infecté(s):
(Aucun élément nuisible détecté)

Module(s) mémoire infecté(s):
c:\WINDOWS\system32\yekoyafa.dll (Trojan.Vundo.H) -> Delete on reboot.
C:\WINDOWS\system32\vavosiwo.dll (Trojan.Vundo.H) -> Delete on reboot.
c:\WINDOWS\system32\kisijegu.dll (Trojan.BHO) -> Delete on reboot.

Clé(s) du Registre infectée(s):
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1469c7db-1be2-4fc1-a8d1-6dfcd287d6e1} (Trojan.Vundo.H) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{1469c7db-1be2-4fc1-a8d1-6dfcd287d6e1} (Trojan.Vundo.H) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{ec43e3fd-5c60-46a6-97d7-e0b85dbdd6c4} (Trojan.Vundo.H) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{1469c7db-1be2-4fc1-a8d1-6dfcd287d6e1} (Trojan.Vundo.H) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\contim (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\rdfa (Trojan.Vundo) -> Quarantined and deleted successfully.

Valeur(s) du Registre infectée(s):
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\fc914f0c (Trojan.Vundo.H) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\vusenosoto (Trojan.Vundo.H) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\cpmffa27c90 (Trojan.Vundo.H) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler\{ec43e3fd-5c60-46a6-97d7-e0b85dbdd6c4} (Trojan.Vundo.H) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\ssodl (Trojan.Vundo.H) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\bend logo clock film (Trojan.Agent) -> Quarantined and deleted successfully.

Elément(s) de données du Registre infecté(s):
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\AppInit_DLLs (Trojan.Vundo.H) -> Data: c:\windows\system32\yekoyafa.dll -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\AppInit_DLLs (Trojan.Vundo.H) -> Data: system32\yekoyafa.dll -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\AppInit_DLLs (Trojan.Vundo.H) -> Data: c:\windows\system32\vavosiwo.dll -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\LSA\Notification Packages (Trojan.Vundo.H) -> Data: c:\windows\system32\vavosiwo.dll -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\AppInit_DLLs (Trojan.Vundo.H) -> Data: system32\vavosiwo.dll -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\AppInit_DLLs (Trojan.BHO) -> Data: c:\windows\system32\kisijegu.dll -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\AppInit_DLLs (Trojan.BHO) -> Data: system32\kisijegu.dll -> Quarantined and deleted successfully.

Dossier(s) infecté(s):
C:\Documents and Settings\All Users\Application Data\Frag great bend logo (Trojan.Agent) -> Quarantined and deleted successfully.

Fichier(s) infecté(s):
C:\WINDOWS\system32\nogorike.dll (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\ekirogon.ini (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\tagetega.dll (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\agetegat.ini (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\zahuzihi.dll (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\ihizuhaz.ini (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\nojuvuva.dll (Trojan.Vundo.H) -> Quarantined and deleted successfully.
c:\WINDOWS\system32\yekoyafa.dll (Trojan.Vundo.H) -> Delete on reboot.
C:\WINDOWS\system32\hojubipa.dll (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\vavosiwo.dll (Trojan.Vundo.H) -> Delete on reboot.
c:\WINDOWS\system32\kisijegu.dll (Trojan.BHO) -> Delete on reboot.
C:\Documents and Settings\mylene\Local Settings\Temporary Internet Files\Content.IE5\F1T7QRO8\cntr[1] (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{F600EB76-36C2-42A6-AEB9-4496F7A72FEE}\RP348\A0039982.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{F600EB76-36C2-42A6-AEB9-4496F7A72FEE}\RP348\A0039983.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{F600EB76-36C2-42A6-AEB9-4496F7A72FEE}\RP348\A0039984.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\bulawasi.dll.tmp (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\lodivoyo.dll.tmp (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\loyayono.dll (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\nonabefa.dll.tmp (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Application Data\Frag great bend logo\for trust.exe (Trojan.Agent) -> Quarantined and deleted successfully.

merci

Répondre à mimi04
Angeldark   07-12-2008 à 14:38:40
- 0 +

Reposte un rapport Hijackthis.

------------------------------ Prévention & Protection||Vous m'aimez ? Cliquez :o
 Répondre à Angeldark
mimi04   07-12-2008 à 18:11:33
- 0 +

Voici le rapport:

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 18:09:57, on 07/12/2008
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16735)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
C:\PROGRA~1\FICHIE~1\AOL\ACS\AOLacsd.exe
C:\Program Files\CyberLink\PowerCinema\Kernel\TV\CLCapSvc.exe
C:\Program Files\CyberLink\PowerCinema\Kernel\TV\CLSched.exe
C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLMLServer.exe
C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLMLService.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\wanmpsvc.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\system32\VTTimer.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\USB Storage RW\DskWatch.exe
C:\WINDOWS\system32\carpserv.exe
C:\Program Files\CyberLink\PowerCinema\PCMService.exe
C:\PROGRA~1\TECHCI~1\AOLSAV\AOLAgent.exe
C:\Program Files\Real\RealPlayer\RealPlay.exe
C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb05.exe
C:\Program Files\Ulead Systems\Ulead Photo Explorer 8.0 SE Basic\Monitor.exe
C:\Program Files\Ulead Systems\Ulead Photo Express 5 SE\calcheck.exe
C:\Program Files\Fichiers communs\AOL\1194351093\ee\AOLSoftware.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Windows Media Player\WMPNSCFG.exe
C:\Program Files\AOL 9.0\aoltray.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Windows Live\Messenger\usnsvc.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.msn.com/
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\3.1.807.1746\swg.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: AOL Toolbar - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - C:\Program Files\AOL Toolbar\toolbar.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: (no name) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - (no file)
O4 - HKLM\..\Run: [VTTimer] VTTimer.exe
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [USB Storage RW] C:\Program Files\USB Storage RW\DskWatch.exe
O4 - HKLM\..\Run: [CARPService] carpserv.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [PCMService] "C:\Program Files\CyberLink\PowerCinema\PCMService.exe"
O4 - HKLM\..\Run: [AOLSAV] C:\PROGRA~1\TECHCI~1\AOLSAV\AOLAgent.exe
O4 - HKLM\..\Run: [AOLDialer] C:\Program Files\Fichiers communs\AOL\ACS\AOLDial.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [RealTray] C:\Program Files\Real\RealPlayer\RealPlay.exe SYSTEMBOOTHIDEPLAYER
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb05.exe
O4 - HKLM\..\Run: [UserFaultCheck] %systemroot%\system32\dumprep 0 -u
O4 - HKLM\..\Run: [Ulead AutoDetector] C:\Program Files\Ulead Systems\Ulead Photo Explorer 8.0 SE Basic\Monitor.exe
O4 - HKLM\..\Run: [Controleur de calendrier pour Ulead Photo Express] C:\Program Files\Ulead Systems\Ulead Photo Express 5 SE\calcheck.exe
O4 - HKLM\..\Run: [HostManager] C:\Program Files\Fichiers communs\AOL\1194351093\ee\AOLSoftware.exe
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [Dash Regs] C:\DOCUME~1\mylene\APPLIC~1\DARTON~1\CityHelpPop.exe
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\Run: [vusenosoto] Rundll32.exe "C:\WINDOWS\system32\nojuvuva.dll",s (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: AOL 9.0 Icône AOL.lnk = C:\Program Files\AOL 9.0\aoltray.exe
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: &Recherche AOL Toolbar - res://C:\Program Files\AOL Toolbar\toolbar.dll/SEARCH.HTML
O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx
O9 - Extra button: AOL Toolbar - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - C:\Program Files\AOL Toolbar\toolbar.dll
O9 - Extra 'Tools' menuitem: AOL Toolbar - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - C:\Program Files\AOL Toolbar\toolbar.dll
O9 - Extra button: (no name) - {B205A35E-1FC4-4CE3-818B-899DBBB3388C} - C:\Program Files\Fichiers communs\Microsoft Shared\Encarta Search Bar\ENCSBAR.DLL
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O14 - IERESET.INF: START_PAGE_URL=http://www.targa.co.uk
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/bina [...] b56986.cab
O16 - DPF: {5C051655-FCD5-4969-9182-770EA5AA5565} (Solitaire Showdown Class) - http://messenger.zone.msn.com/bina [...] b56986.cab
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-F [...] E_UNO1.cab
O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} (Windows Live Safety Center Base Module) - http://cdn.scan.onecare.live.com/r [...] se8300.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://v5.windowsupdate.microsoft. [...] 8507380937
O16 - DPF: {88764F69-3831-4EC1-B40B-FF21D8381345} (AdVerifierADPCtrl Class) - https://static.impots.gouv.fr/tdir/ [...] DP-1.0.cab
O16 - DPF: {B79A53C0-1DAC-4636-BACE-FD086A7A79BF} (AdSignerLCContrl Class) - https://static.impots.gouv.fr/tdir/ [...] DP-1.1.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://messenger.zone.msn.com/bina [...] b56649.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/bina [...] b56907.cab
O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/bina [...] b56986.cab
O20 - AppInit_DLLs:
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: AOL Connectivity Service (AOL ACS) - AOL LLC - C:\PROGRA~1\FICHIE~1\AOL\ACS\AOLacsd.exe
O23 - Service: CyberLink Background Capture Service (CBCS) (CLCapSvc) - Unknown owner - C:\Program Files\CyberLink\PowerCinema\Kernel\TV\CLCapSvc.exe
O23 - Service: CyberLink Task Scheduler (CTS) (CLSched) - Unknown owner - C:\Program Files\CyberLink\PowerCinema\Kernel\TV\CLSched.exe
O23 - Service: CyberLink Media Library Service - Cyberlink - C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLMLServer.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: WAN Miniport (ATW) Service (WANMiniportService) - America Online, Inc. - C:\WINDOWS\wanmpsvc.exe

--
End of file - 10609 bytes

Merci

Répondre à mimi04
Angeldark   08-12-2008 à 17:18:27
- 0 +

Re,

Télécharge FindAWF (random/random & noahdfear)

Sauvegarde le fichier sur ton Bureau.
Double-clique sur l'icône FindAWF. Appuie sur une touche pour poursuivre le lancement de l'outil.

Si une alerte de sécurité apparait, autorise le programme à s'exécuter.
Comme indiqué, presse une touche pour continuer.
Choisis l'option suivante : Press 1 then Enter to scan for bak folders.
Le scan peut prendre un peu de temps, donc sois patient.

Quand il a fini, un rapport Find AWF report est généré.
Poste ce rapport Find AWF report dans ta prochaine réponse.

------------------------------ Prévention & Protection||Vous m'aimez ? Cliquez :o
 Répondre à Angeldark
mimi04   08-12-2008 à 19:20:42
- 0 +

voici le rapport

Find AWF report by noahdfear ©2006
Version 1.40



bak folders found
~~~~~~~~~~~



Duplicate files of bak directory contents
~~~~~~~~~~~~~~~~~~~~~~~



end of report

merci

Répondre à mimi04
Angeldark   08-12-2008 à 20:46:32
- 0 +

Re,

Télécharge Lop S&D.exe (Eric_71) sur ton Bureau.

  • Lance l'installation du programme en exécutant le fichier téléchargé.
  • Double-clique maintenant sur le raccourci de LopS&D.
  • Sélectionne la langue souhaitée en tapant la lettre de ton choix puis en validant avec la touche Entrée.
  • Choisis maintenant l'option 1 (Recherche). Patiente jusqu'à la fin de la recherche.
  • Poste le rapport généré (C:\lopR.txt*)

* le nom de la partition peut changer

------------------------------ Prévention & Protection||Vous m'aimez ? Cliquez :o
 Répondre à Angeldark
mimi04   09-12-2008 à 18:56:38
- 0 +

voila le rapport

--------------------\\ Lop S&D 4.2.4-9c XP/Vista

Microsoft Windows XP Édition familiale ( v5.1.2600 ) Service Pack 3
X86-based PC ( Uniprocessor Free : AMD Sempron(tm) Processor 2600+ )
BIOS : BIOS Date: 02/17/05 15:21:41 Ver: 08.00.09
USER : mylene ( Administrator )
BOOT : Normal boot
Antivirus : Avira AntiVir PersonalEdition 8.0.1.18 (Activated)
C:\ (Local Disk) - NTFS - Total:144 Go (Free:129 Go)
D:\ (Local Disk) - FAT32 - Total:2 Go (Free:1 Go)
E:\ (CD or DVD)
F:\ (USB)
G:\ (USB)
H:\ (USB)
I:\ (USB)

"C:\Lop SD" ( MAJ : 01-11-2008|16:30 )
Option : [1] ( 09/12/2008|18:51 )

--------------------\\ Listing des dossiers dans APPLIC~1

[12/05/2008|10:11] C:\DOCUME~1\ADMINI~1\APPLIC~1\Adobe
[20/02/2005|23:51] C:\DOCUME~1\ADMINI~1\APPLIC~1\AOL
[15/02/2005|06:42] C:\DOCUME~1\ADMINI~1\APPLIC~1\Identities
[17/02/2005|00:11] C:\DOCUME~1\ADMINI~1\APPLIC~1\Microsoft
[20/02/2005|23:50] C:\DOCUME~1\ADMINI~1\APPLIC~1\You've Got Pictures Screensaver

[30/06/2008|18:58] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe
[15/02/2005|23:17] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Ahead
[06/11/2007|13:11] C:\DOCUME~1\ALLUSE~1\APPLIC~1\AOL
[28/05/2008|13:38] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Avira
[14/07/2007|13:30] C:\DOCUME~1\ALLUSE~1\APPLIC~1\CyberLink
[04/05/2007|17:10] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Google
[03/05/2008|19:00] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Lavasoft
[06/12/2008|20:35] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Malwarebytes
[11/06/2008|13:17] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Messenger Plus!
[07/12/2008|19:04] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft
[20/02/2005|23:50] C:\DOCUME~1\ALLUSE~1\APPLIC~1\QuickTime
[15/02/2005|06:50] C:\DOCUME~1\ALLUSE~1\APPLIC~1\SBSI
[06/04/2006|18:00] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Ulead Systems
[20/02/2005|23:50] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Viewpoint
[02/05/2007|17:55] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Genuine Advantage
[03/05/2007|18:36] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Live Toolbar
[21/12/2007|19:28] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WLInstaller

[20/02/2005|23:51] C:\DOCUME~1\DEFAUL~1\APPLIC~1\AOL
[15/02/2005|06:42] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Identities
[17/02/2005|00:11] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft
[20/02/2005|23:50] C:\DOCUME~1\DEFAUL~1\APPLIC~1\You've Got Pictures Screensaver

[20/02/2005|23:51] C:\DOCUME~1\edmomd\APPLIC~1\AOL
[15/02/2005|06:42] C:\DOCUME~1\edmomd\APPLIC~1\Identities
[02/05/2006|18:37] C:\DOCUME~1\edmomd\APPLIC~1\Microsoft
[20/02/2005|23:50] C:\DOCUME~1\edmomd\APPLIC~1\You've Got Pictures Screensaver

[15/02/2005|06:45] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft

[13/09/2005|17:40] C:\DOCUME~1\mumu\APPLIC~1\Ahead
[20/02/2005|23:51] C:\DOCUME~1\mumu\APPLIC~1\AOL
[25/08/2007|19:04] C:\DOCUME~1\mumu\APPLIC~1\Google
[15/02/2005|06:42] C:\DOCUME~1\mumu\APPLIC~1\Identities
[04/05/2007|16:53] C:\DOCUME~1\mumu\APPLIC~1\Macromedia
[04/05/2007|16:54] C:\DOCUME~1\mumu\APPLIC~1\Microsoft
[02/08/2006|11:44] C:\DOCUME~1\mumu\APPLIC~1\Ulead Systems
[20/02/2005|23:50] C:\DOCUME~1\mumu\APPLIC~1\You've Got Pictures Screensaver

[17/01/2008|19:32] C:\DOCUME~1\mylene\APPLIC~1\Adobe
[30/06/2008|18:56] C:\DOCUME~1\mylene\APPLIC~1\AdobeUM
[20/02/2005|23:51] C:\DOCUME~1\mylene\APPLIC~1\AOL
[03/05/2005|17:56] C:\DOCUME~1\mylene\APPLIC~1\ArcSoft
[11/12/2005|12:00] C:\DOCUME~1\mylene\APPLIC~1\CyberLink
[20/08/2008|18:31] C:\DOCUME~1\mylene\APPLIC~1\dart once user
[03/05/2007|17:53] C:\DOCUME~1\mylene\APPLIC~1\F-Secure
[04/05/2007|17:27] C:\DOCUME~1\mylene\APPLIC~1\Google
[11/05/2006|17:27] C:\DOCUME~1\mylene\APPLIC~1\Help
[15/02/2005|06:42] C:\DOCUME~1\mylene\APPLIC~1\Identities
[29/04/2005|18:22] C:\DOCUME~1\mylene\APPLIC~1\Macromedia
[06/12/2008|20:35] C:\DOCUME~1\mylene\APPLIC~1\Malwarebytes
[03/02/2008|20:00] C:\DOCUME~1\mylene\APPLIC~1\Microsoft
[02/05/2007|17:16] C:\DOCUME~1\mylene\APPLIC~1\MSNInstaller
[06/04/2006|18:49] C:\DOCUME~1\mylene\APPLIC~1\Ulead Systems
[10/09/2008|13:03] C:\DOCUME~1\mylene\APPLIC~1\Viewpoint
[20/02/2005|23:50] C:\DOCUME~1\mylene\APPLIC~1\You've Got Pictures Screensaver

[17/12/2005|10:34] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft

[29/04/2005|17:43] C:\DOCUME~1\PROPRI~1\APPLIC~1\You've Got Pictures Screensaver

--------------------\\ Tâches planifiées dans C:\WINDOWS\tasks

[08/12/2008 21:00][--ah-----] C:\WINDOWS\tasks\A8BB70BA9188EB9A.job
[08/12/2008 20:22][--a------] C:\WINDOWS\tasks\V‚rifier les mises … jour de Windows Live Toolbar.job
[09/12/2008 18:38][--ah-----] C:\WINDOWS\tasks\SA.DAT
[05/08/2004 13:00][-r-h-c---] C:\WINDOWS\tasks\desktop.ini

( A8BB70BA9188EB9A.job )=( c:\docume~1\mylene\applic~1\darton~1\CORNFILEDELETE.exe )

--------------------\\ Listing des dossiers dans C:\Program Files

[20/08/2007|11:45] C:\Program Files\Adobe
[15/02/2005|23:22] C:\Program Files\Ahead
[04/05/2007|15:04] C:\Program Files\Alwil Software
[06/11/2007|13:12] C:\Program Files\AOL
[11/05/2006|17:28] C:\Program Files\AOL 9.0
[20/02/2005|23:50] C:\Program Files\AOL Compagnon
[01/05/2007|17:16] C:\Program Files\AOL Toolbar
[03/05/2005|17:53] C:\Program Files\ArcSoft
[28/05/2008|13:38] C:\Program Files\Avira
[15/02/2005|08:10] C:\Program Files\AvRack
[13/07/2008|13:23] C:\Program Files\Circle Developement
[15/02/2005|06:40] C:\Program Files\ComPlus Applications
[15/02/2005|08:13] C:\Program Files\CONEXANT
[20/02/2005|21:32] C:\Program Files\CyberLink
[01/08/2008|18:07] C:\Program Files\dart once user
[06/04/2006|18:02] C:\Program Files\Digital Camera
[15/02/2005|23:35] C:\Program Files\DivX
[20/07/2007|12:02] C:\Program Files\Empire Interactive
[15/02/2005|08:27] C:\Program Files\Encarta
[03/05/2008|18:59] C:\Program Files\Fichiers communs
[24/05/2008|13:07] C:\Program Files\Google
[08/05/2005|17:59] C:\Program Files\Hewlett-Packard
[16/02/2005|00:33] C:\Program Files\HighMAT CD Writing Wizard
[08/05/2005|18:00] C:\Program Files\hp deskjet 3820 series
[07/12/2008|18:43] C:\Program Files\InstallShield Installation Information
[14/10/2008|20:34] C:\Program Files\Internet Explorer
[03/05/2008|18:59] C:\Program Files\Lavasoft
[20/02/2005|23:50] C:\Program Files\Learn2.com
[06/12/2008|20:35] C:\Program Files\Malwarebytes' Anti-Malware
[25/03/2006|18:46] C:\Program Files\Maxis
[09/07/2005|09:34] C:\Program Files\Media Pocket
[17/08/2008|10:01] C:\Program Files\Messenger
[17/09/2008|19:11] C:\Program Files\Messenger Plus! Live
[15/02/2005|08:29] C:\Program Files\Microsoft AutoRoute
[15/02/2005|06:42] C:\Program Files\microsoft frontpage
[29/04/2005|17:52] C:\Program Files\Microsoft Money 2005
[25/03/2006|18:47] C:\Program Files\Microsoft Office
[21/12/2007|19:35] C:\Program Files\Microsoft SQL Server Compact Edition
[15/02/2005|08:21] C:\Program Files\Microsoft Works
[15/02/2005|08:16] C:\Program Files\Microsoft Works Suite 2005
[17/08/2008|09:34] C:\Program Files\Movie Maker
[15/12/2005|18:49] C:\Program Files\MP3 Player Utilities
[22/06/2005|11:57] C:\Program Files\MSN
[15/02/2005|06:39] C:\Program Files\MSN Gaming Zone
[02/05/2007|17:51] C:\Program Files\MSXML 4.0
[17/08/2008|09:31] C:\Program Files\NetMeeting
[18/04/2007|17:41] C:\Program Files\Neuf
[15/02/2005|06:39] C:\Program Files\Online Services
[17/08/2008|09:31] C:\Program Files\Outlook Express
[04/05/2007|17:17] C:\Program Files\Pack S‚curit‚
[24/10/2007|17:17] C:\Program Files\PC Inspector File Recovery
[03/03/2006|20:43] C:\Program Files\Picture It! Premium 10
[20/02/2005|23:50] C:\Program Files\QuickTime
[20/02/2005|23:49] C:\Program Files\Real
[15/02/2005|08:10] C:\Program Files\Realtek Sound Manager
[15/02/2005|08:08] C:\Program Files\S3Inc
[07/12/2008|18:43] C:\Program Files\Samsung
[15/02/2005|06:40] C:\Program Files\Services en ligne
[20/02/2005|23:48] C:\Program Files\TechCity Solutions
[14/05/2008|11:22] C:\Program Files\Trend Micro
[06/04/2006|18:00] C:\Program Files\Ulead Systems
[17/12/2005|09:18] C:\Program Files\Uninstall Information
[15/02/2005|08:13] C:\Program Files\USB Storage RW
[15/02/2005|08:07] C:\Program Files\VIA
[20/02/2005|23:50] C:\Program Files\Viewpoint
[15/02/2005|06:46] C:\Program Files\Windows Journal Viewer
[29/02/2008|18:26] C:\Program Files\Windows Live
[03/05/2007|18:36] C:\Program Files\Windows Live Favorites
[13/08/2007|17:46] C:\Program Files\Windows Live Safety Center
[30/11/2007|22:27] C:\Program Files\Windows Live Toolbar
[28/09/2007|15:04] C:\Program Files\Windows Media Connect
[28/09/2007|15:07] C:\Program Files\Windows Media Connect 2
[17/08/2008|09:31] C:\Program Files\Windows Media Player
[17/08/2008|09:31] C:\Program Files\Windows NT
[15/02/2005|06:40] C:\Program Files\WindowsUpdate
[15/02/2005|06:42] C:\Program Files\xerox

--------------------\\ Listing des dossiers dans C:\Program Files\Fichiers communs

[30/06/2008|18:58] C:\Program Files\Fichiers communs\Adobe
[15/02/2005|23:17] C:\Program Files\Fichiers communs\Ahead
[06/11/2007|13:19] C:\Program Files\Fichiers communs\AOL
[20/02/2005|23:51] C:\Program Files\Fichiers communs\aolback
[14/03/2005|08:07] C:\Program Files\Fichiers communs\aolshare
[15/02/2005|08:21] C:\Program Files\Fichiers communs\Designer
[16/12/2005|19:07] C:\Program Files\Fichiers communs\DirectX
[15/02/2005|08:12] C:\Program Files\Fichiers communs\InstallShield
[21/12/2007|19:32] C:\Program Files\Fichiers communs\Microsoft Shared
[15/02/2005|06:40] C:\Program Files\Fichiers communs\MSSoap
[15/02/2005|23:21] C:\Program Files\Fichiers communs\Nero
[20/02/2005|23:49] C:\Program Files\Fichiers communs\Nullsoft
[15/02/2005|07:35] C:\Program Files\Fichiers communs\ODBC
[20/02/2005|23:49] C:\Program Files\Fichiers communs\Real
[15/02/2005|06:40] C:\Program Files\Fichiers communs\Services
[15/02/2005|07:35] C:\Program Files\Fichiers communs\SpeechEngines
[17/08/2008|09:31] C:\Program Files\Fichiers communs\System
[06/04/2006|17:58] C:\Program Files\Fichiers communs\Ulead Systems
[21/12/2007|19:31] C:\Program Files\Fichiers communs\WindowsLiveInstaller
[03/05/2008|18:59] C:\Program Files\Fichiers communs\Wise Installation Wizard

--------------------\\ Process

( 53 Processes )

IEXPLORE.EXE ~ [PID:452]

--------------------\\ Recherche avec S_Lop

C:\DOCUME~1\mylene\LOCALS~1\Temp\bis2F.exe

--------------------\\ Recherche de Fichiers / Dossiers Lop

C:\DOCUME~1\mylene\APPLIC~1\darton~1
C:\Program Files\darton~1
C:\Program Files\Circle Developement
C:\DOCUME~1\mylene\Cookies\mylene@advertstream[1].txt
C:\DOCUME~1\mylene\Cookies\mylene@advertising[1].txt
C:\DOCUME~1\mylene\Cookies\mylene@adin.bigpoint[1].txt
C:\DOCUME~1\mylene\Cookies\mylene@bigpoint[1].txt
C:\DOCUME~1\mylene\Cookies\mylene@fr.thepimps.bigpoint[2].txt
C:\DOCUME~1\mylene\Cookies\mylene@fr.xblaster.bigpoint[2].txt
C:\DOCUME~1\mylene\Cookies\mylene@fr1.darkorbit.bigpoint[1].txt
C:\DOCUME~1\mylene\Cookies\mylene@fr1.seafight.bigpoint[1].txt
C:\DOCUME~1\mylene\Cookies\mylene@fr1.seafight.bigpoint[3].txt
C:\DOCUME~1\mylene\Cookies\mylene@banner.cotedazurpalace[2].txt
C:\DOCUME~1\mylene\Cookies\mylene@cotedazurpalace[1].txt
C:\DOCUME~1\mylene\Cookies\mylene@www.cotedazurpalace[1].txt
C:\DOCUME~1\mylene\Cookies\mylene@adopt.euroclick[1].txt
C:\DOCUME~1\mylene\Cookies\mylene@pacificpoker[2].txt
C:\DOCUME~1\mylene\Cookies\mylene@partypoker[2].txt
C:\DOCUME~1\mylene\Cookies\mylene@fr1.seafight.bigpoint[1].txt
C:\DOCUME~1\mylene\Cookies\mylene@fr1.seafight.bigpoint[3].txt
C:\DOCUME~1\mylene\Cookies\mylene@32vegas[1].txt
C:\DOCUME~1\mylene\Cookies\mylene@banner.32vegas[2].txt
C:\DOCUME~1\mylene\Cookies\mylene@www.lop[2].txt
C:\DOCUME~1\mylene\Cookies\mylene@2xmoinscher[1].txt
C:\DOCUME~1\mylene\Cookies\mylene@www.2xmoinscher[1].txt
C:\DOCUME~1\mylene\Cookies\mylene@888[1].txt
C:\WINDOWS\Tasks\A8BB70BA9188EB9A.job

--------------------\\ Verification du Registre

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Dash Regs"="C:\\DOCUME~1\\mylene\\APPLIC~1\\DARTON~1\\CityHelpPop.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

--------------------\\ Verification du fichier Hosts

Fichier Hosts PROPRE


--------------------\\ Recherche de fichiers avec Catchme

catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-12-09 18:52:23
Windows 5.1.2600 Service Pack 3 NTFS
scanning hidden processes ...
scanning hidden files ...
scan completed successfully
hidden processes: 0
hidden files: 111

--------------------\\ Recherche d'autres infections


Aucune autre infection trouvée !

[F:1420][D:14]-> C:\DOCUME~1\mylene\LOCALS~1\Temp
[F:1135][D:0]-> C:\DOCUME~1\mylene\Cookies
[F:16951][D:30]-> C:\DOCUME~1\mylene\LOCALS~1\TEMPOR~1\content.IE5

1 - "C:\Lop SD\LopR_1.txt" - 09/12/2008|18:54 - Option : [1]

--------------------\\ Fin du rapport a 18:54:58


vu tout ce que tu me fait faire mon ordi est beaucoup malade!!!!! ou c est simplement une precaution avant de remettre l antivirus
merci

Répondre à mimi04
Angeldark   10-12-2008 à 12:30:31
- 0 +

Re,

Ce n'est pas si grave ;)

Relance Lop S&D en double-cliquant sur le raccourci. Tape sur "2" puis valide en appuyant sur "Entrée".
! Ne ferme pas la fenêtre lors de la suppression !
Un rapport sera généré, poste son contenu ici.

------------------------------ Prévention & Protection||Vous m'aimez ? Cliquez :o
 Répondre à Angeldark
mimi04   10-12-2008 à 18:30:20
- 0 +

le rapport
--------------------\\ Lop S&D 4.2.4-9c XP/Vista

Microsoft Windows XP Édition familiale ( v5.1.2600 ) Service Pack 3
X86-based PC ( Uniprocessor Free : AMD Sempron(tm) Processor 2600+ )
BIOS : BIOS Date: 02/17/05 15:21:41 Ver: 08.00.09
USER : mylene ( Administrator )
BOOT : Normal boot
Antivirus : Avira AntiVir PersonalEdition 8.0.1.18 (Activated)
C:\ (Local Disk) - NTFS - Total:144 Go (Free:129 Go)
D:\ (Local Disk) - FAT32 - Total:2 Go (Free:1 Go)
E:\ (CD or DVD)
F:\ (USB)
G:\ (USB)
H:\ (USB)
I:\ (USB)

"C:\Lop SD" ( MAJ : 01-11-2008|16:30 )
Option : [2] ( 10/12/2008|18:21 )


\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\ SUPPRESSION

Supprime! - C:\DOCUME~1\mylene\Cookies\mylene@adin.bigpoint[1].txt
Supprime! - C:\DOCUME~1\mylene\Cookies\mylene@bigpoint[1].txt
Supprime! - C:\DOCUME~1\mylene\Cookies\mylene@fr.thepimps.bigpoint[2].txt
Supprime! - C:\DOCUME~1\mylene\Cookies\mylene@fr.xblaster.bigpoint[2].txt
Supprime! - C:\DOCUME~1\mylene\Cookies\mylene@fr1.darkorbit.bigpoint[1].txt
Supprime! - C:\DOCUME~1\mylene\Cookies\mylene@fr1.seafight.bigpoint[1].txt
Supprime! - C:\DOCUME~1\mylene\Cookies\mylene@fr1.seafight.bigpoint[3].txt
Supprime! - C:\DOCUME~1\mylene\Cookies\mylene@banner.cotedazurpalace[2].txt
Supprime! - C:\DOCUME~1\mylene\Cookies\mylene@cotedazurpalace[1].txt
Supprime! - C:\DOCUME~1\mylene\Cookies\mylene@www.cotedazurpalace[1].txt
Supprime! - C:\DOCUME~1\mylene\Cookies\mylene@adopt.euroclick[1].txt
Supprime! - C:\DOCUME~1\mylene\Cookies\mylene@pacificpoker[2].txt
Supprime! - C:\DOCUME~1\mylene\Cookies\mylene@partypoker[2].txt
Supprime! - C:\DOCUME~1\mylene\Cookies\mylene@32vegas[1].txt
Supprime! - C:\DOCUME~1\mylene\Cookies\mylene@banner.32vegas[2].txt
Supprime! - C:\DOCUME~1\mylene\Cookies\mylene@www.lop[2].txt
Supprime! - C:\DOCUME~1\mylene\Cookies\mylene@2xmoinscher[1].txt
Supprime! - C:\DOCUME~1\mylene\Cookies\mylene@www.2xmoinscher[1].txt
Supprime! - C:\DOCUME~1\mylene\Cookies\mylene@888[1].txt
Supprime! - C:\WINDOWS\Tasks\A8BB70BA9188EB9A.job
Supprime! - C:\DOCUME~1\mylene\LOCALS~1\Temp\bis2F.exe
Supprime! - C:\DOCUME~1\mylene\APPLIC~1\darton~1
Supprime! - C:\Program Files\darton~1
Supprime! - C:\Program Files\Circle Developement
-
[ Fichier Hosts ] .. Restaure!

\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\

Supprime! - C:\Program Files\Viewpoint
Supprime! - C:\DOCUME~1\mylene\APPLIC~1\Viewpoint
Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\Viewpoint

\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\


--------------------\\ Listing des dossiers dans APPLIC~1

[12/05/2008|10:11] C:\DOCUME~1\ADMINI~1\APPLIC~1\Adobe
[20/02/2005|23:51] C:\DOCUME~1\ADMINI~1\APPLIC~1\AOL
[15/02/2005|06:42] C:\DOCUME~1\ADMINI~1\APPLIC~1\Identities
[17/02/2005|00:11] C:\DOCUME~1\ADMINI~1\APPLIC~1\Microsoft
[20/02/2005|23:50] C:\DOCUME~1\ADMINI~1\APPLIC~1\You've Got Pictures Screensaver

[30/06/2008|18:58] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe
[15/02/2005|23:17] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Ahead
[06/11/2007|13:11] C:\DOCUME~1\ALLUSE~1\APPLIC~1\AOL
[28/05/2008|13:38] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Avira
[14/07/2007|13:30] C:\DOCUME~1\ALLUSE~1\APPLIC~1\CyberLink
[04/05/2007|17:10] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Google
[03/05/2008|19:00] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Lavasoft
[06/12/2008|20:35] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Malwarebytes
[11/06/2008|13:17] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Messenger Plus!
[07/12/2008|19:04] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft
[20/02/2005|23:50] C:\DOCUME~1\ALLUSE~1\APPLIC~1\QuickTime
[15/02/2005|06:50] C:\DOCUME~1\ALLUSE~1\APPLIC~1\SBSI
[06/04/2006|18:00] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Ulead Systems
[02/05/2007|17:55] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Genuine Advantage
[03/05/2007|18:36] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Live Toolbar
[21/12/2007|19:28] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WLInstaller

[20/02/2005|23:51] C:\DOCUME~1\DEFAUL~1\APPLIC~1\AOL
[15/02/2005|06:42] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Identities
[17/02/2005|00:11] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft
[20/02/2005|23:50] C:\DOCUME~1\DEFAUL~1\APPLIC~1\You've Got Pictures Screensaver

[20/02/2005|23:51] C:\DOCUME~1\edmomd\APPLIC~1\AOL
[15/02/2005|06:42] C:\DOCUME~1\edmomd\APPLIC~1\Identities
[02/05/2006|18:37] C:\DOCUME~1\edmomd\APPLIC~1\Microsoft
[20/02/2005|23:50] C:\DOCUME~1\edmomd\APPLIC~1\You've Got Pictures Screensaver

[15/02/2005|06:45] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft

[13/09/2005|17:40] C:\DOCUME~1\mumu\APPLIC~1\Ahead
[20/02/2005|23:51] C:\DOCUME~1\mumu\APPLIC~1\AOL
[25/08/2007|19:04] C:\DOCUME~1\mumu\APPLIC~1\Google
[15/02/2005|06:42] C:\DOCUME~1\mumu\APPLIC~1\Identities
[04/05/2007|16:53] C:\DOCUME~1\mumu\APPLIC~1\Macromedia
[04/05/2007|16:54] C:\DOCUME~1\mumu\APPLIC~1\Microsoft
[02/08/2006|11:44] C:\DOCUME~1\mumu\APPLIC~1\Ulead Systems
[20/02/2005|23:50] C:\DOCUME~1\mumu\APPLIC~1\You've Got Pictures Screensaver

[17/01/2008|19:32] C:\DOCUME~1\mylene\APPLIC~1\Adobe
[30/06/2008|18:56] C:\DOCUME~1\mylene\APPLIC~1\AdobeUM
[20/02/2005|23:51] C:\DOCUME~1\mylene\APPLIC~1\AOL
[03/05/2005|17:56] C:\DOCUME~1\mylene\APPLIC~1\ArcSoft
[11/12/2005|12:00] C:\DOCUME~1\mylene\APPLIC~1\CyberLink
[03/05/2007|17:53] C:\DOCUME~1\mylene\APPLIC~1\F-Secure
[04/05/2007|17:27] C:\DOCUME~1\mylene\APPLIC~1\Google
[11/05/2006|17:27] C:\DOCUME~1\mylene\APPLIC~1\Help
[15/02/2005|06:42] C:\DOCUME~1\mylene\APPLIC~1\Identities
[29/04/2005|18:22] C:\DOCUME~1\mylene\APPLIC~1\Macromedia
[06/12/2008|20:35] C:\DOCUME~1\mylene\APPLIC~1\Malwarebytes
[03/02/2008|20:00] C:\DOCUME~1\mylene\APPLIC~1\Microsoft
[02/05/2007|17:16] C:\DOCUME~1\mylene\APPLIC~1\MSNInstaller
[06/04/2006|18:49] C:\DOCUME~1\mylene\APPLIC~1\Ulead Systems
[20/02/2005|23:50] C:\DOCUME~1\mylene\APPLIC~1\You've Got Pictures Screensaver

[17/12/2005|10:34] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft

[29/04/2005|17:43] C:\DOCUME~1\PROPRI~1\APPLIC~1\You've Got Pictures Screensaver

--------------------\\ Tâches planifiées dans C:\WINDOWS\tasks

[10/12/2008 18:22][--a------] C:\WINDOWS\tasks\V‚rifier les mises … jour de Windows Live Toolbar.job
[10/12/2008 15:46][--ah-----] C:\WINDOWS\tasks\SA.DAT
[05/08/2004 13:00][-r-h-c---] C:\WINDOWS\tasks\desktop.ini

--------------------\\ Listing des dossiers dans C:\Program Files

[20/08/2007|11:45] C:\Program Files\Adobe
[15/02/2005|23:22] C:\Program Files\Ahead
[04/05/2007|15:04] C:\Program Files\Alwil Software
[06/11/2007|13:12] C:\Program Files\AOL
[11/05/2006|17:28] C:\Program Files\AOL 9.0
[20/02/2005|23:50] C:\Program Files\AOL Compagnon
[01/05/2007|17:16] C:\Program Files\AOL Toolbar
[03/05/2005|17:53] C:\Program Files\ArcSoft
[28/05/2008|13:38] C:\Program Files\Avira
[15/02/2005|08:10] C:\Program Files\AvRack
[15/02/2005|06:40] C:\Program Files\ComPlus Applications
[15/02/2005|08:13] C:\Program Files\CONEXANT
[20/02/2005|21:32] C:\Program Files\CyberLink
[06/04/2006|18:02] C:\Program Files\Digital Camera
[15/02/2005|23:35] C:\Program Files\DivX
[20/07/2007|12:02] C:\Program Files\Empire Interactive
[15/02/2005|08:27] C:\Program Files\Encarta
[03/05/2008|18:59] C:\Program Files\Fichiers communs
[24/05/2008|13:07] C:\Program Files\Google
[08/05/2005|17:59] C:\Program Files\Hewlett-Packard
[16/02/2005|00:33] C:\Program Files\HighMAT CD Writing Wizard
[08/05/2005|18:00] C:\Program Files\hp deskjet 3820 series
[07/12/2008|18:43] C:\Program Files\InstallShield Installation Information
[14/10/2008|20:34] C:\Program Files\Internet Explorer
[03/05/2008|18:59] C:\Program Files\Lavasoft
[20/02/2005|23:50] C:\Program Files\Learn2.com
[06/12/2008|20:35] C:\Program Files\Malwarebytes' Anti-Malware
[25/03/2006|18:46] C:\Program Files\Maxis
[09/07/2005|09:34] C:\Program Files\Media Pocket
[17/08/2008|10:01] C:\Program Files\Messenger
[17/09/2008|19:11] C:\Program Files\Messenger Plus! Live
[15/02/2005|08:29] C:\Program Files\Microsoft AutoRoute
[15/02/2005|06:42] C:\Program Files\microsoft frontpage
[29/04/2005|17:52] C:\Program Files\Microsoft Money 2005
[25/03/2006|18:47] C:\Program Files\Microsoft Office
[21/12/2007|19:35] C:\Program Files\Microsoft SQL Server Compact Edition
[15/02/2005|08:21] C:\Program Files\Microsoft Works
[15/02/2005|08:16] C:\Program Files\Microsoft Works Suite 2005
[17/08/2008|09:34] C:\Program Files\Movie Maker
[15/12/2005|18:49] C:\Program Files\MP3 Player Utilities
[22/06/2005|11:57] C:\Program Files\MSN
[15/02/2005|06:39] C:\Program Files\MSN Gaming Zone
[02/05/2007|17:51] C:\Program Files\MSXML 4.0
[17/08/2008|09:31] C:\Program Files\NetMeeting
[18/04/2007|17:41] C:\Program Files\Neuf
[15/02/2005|06:39] C:\Program Files\Online Services
[17/08/2008|09:31] C:\Program Files\Outlook Express
[04/05/2007|17:17] C:\Program Files\Pack S‚curit‚
[24/10/2007|17:17] C:\Program Files\PC Inspector File Recovery
[03/03/2006|20:43] C:\Program Files\Picture It! Premium 10
[20/02/2005|23:50] C:\Program Files\QuickTime
[20/02/2005|23:49] C:\Program Files\Real
[15/02/2005|08:10] C:\Program Files\Realtek Sound Manager
[15/02/2005|08:08] C:\Program Files\S3Inc
[07/12/2008|18:43] C:\Program Files\Samsung
[15/02/2005|06:40] C:\Program Files\Services en ligne
[20/02/2005|23:48] C:\Program Files\TechCity Solutions
[14/05/2008|11:22] C:\Program Files\Trend Micro
[06/04/2006|18:00] C:\Program Files\Ulead Systems
[17/12/2005|09:18] C:\Program Files\Uninstall Information
[15/02/2005|08:13] C:\Program Files\USB Storage RW
[15/02/2005|08:07] C:\Program Files\VIA
[15/02/2005|06:46] C:\Program Files\Windows Journal Viewer
[29/02/2008|18:26] C:\Program Files\Windows Live
[03/05/2007|18:36] C:\Program Files\Windows Live Favorites
[13/08/2007|17:46] C:\Program Files\Windows Live Safety Center
[30/11/2007|22:27] C:\Program Files\Windows Live Toolbar
[28/09/2007|15:04] C:\Program Files\Windows Media Connect
[28/09/2007|15:07] C:\Program Files\Windows Media Connect 2
[17/08/2008|09:31] C:\Program Files\Windows Media Player
[17/08/2008|09:31] C:\Program Files\Windows NT
[15/02/2005|06:40] C:\Program Files\WindowsUpdate
[15/02/2005|06:42] C:\Program Files\xerox

--------------------\\ Listing des dossiers dans C:\Program Files\Fichiers communs

[30/06/2008|18:58] C:\Program Files\Fichiers communs\Adobe
[15/02/2005|23:17] C:\Program Files\Fichiers communs\Ahead
[06/11/2007|13:19] C:\Program Files\Fichiers communs\AOL
[20/02/2005|23:51] C:\Program Files\Fichiers communs\aolback
[14/03/2005|08:07] C:\Program Files\Fichiers communs\aolshare
[15/02/2005|08:21] C:\Program Files\Fichiers communs\Designer
[16/12/2005|19:07] C:\Program Files\Fichiers communs\DirectX
[15/02/2005|08:12] C:\Program Files\Fichiers communs\InstallShield
[21/12/2007|19:32] C:\Program Files\Fichiers communs\Microsoft Shared
[15/02/2005|06:40] C:\Program Files\Fichiers communs\MSSoap
[15/02/2005|23:21] C:\Program Files\Fichiers communs\Nero
[20/02/2005|23:49] C:\Program Files\Fichiers communs\Nullsoft
[15/02/2005|07:35] C:\Program Files\Fichiers communs\ODBC
[20/02/2005|23:49] C:\Program Files\Fichiers communs\Real
[15/02/2005|06:40] C:\Program Files\Fichiers communs\Services
[15/02/2005|07:35] C:\Program Files\Fichiers communs\SpeechEngines
[17/08/2008|09:31] C:\Program Files\Fichiers communs\System
[06/04/2006|17:58] C:\Program Files\Fichiers communs\Ulead Systems
[21/12/2007|19:31] C:\Program Files\Fichiers communs\WindowsLiveInstaller
[03/05/2008|18:59] C:\Program Files\Fichiers communs\Wise Installation Wizard

--------------------\\ Process

( 50 Processes )

... OK !

--------------------\\ Recherche avec S_Lop

Aucun fichier / dossier Lop trouvé !

--------------------\\ Recherche de Fichiers / Dossiers Lop

C:\DOCUME~1\mylene\Cookies\mylene@advertstream[2].txt
C:\DOCUME~1\mylene\Cookies\mylene@advertising[2].txt

--------------------\\ Verification du Registre

..... OK !

--------------------\\ Verification du fichier Hosts

Fichier Hosts PROPRE


--------------------\\ Recherche de fichiers avec Catchme

catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-12-10 18:23:20
Windows 5.1.2600 Service Pack 3 NTFS
scanning hidden processes ...
scanning hidden files ...
scan completed successfully
hidden processes: 0
hidden files: 111

--------------------\\ Recherche d'autres infections


Aucune autre infection trouvée !

[F:1424][D:14]-> C:\DOCUME~1\mylene\LOCALS~1\Temp
[F:1115][D:0]-> C:\DOCUME~1\mylene\Cookies
[F:18138][D:30]-> C:\DOCUME~1\mylene\LOCALS~1\TEMPOR~1\content.IE5

1 - "C:\Lop SD\LopR_1.txt" - 09/12/2008|18:54 - Option : [1]
2 - "C:\Lop SD\LopR_2.txt" - 10/12/2008|18:25 - Option : [2]

--------------------\\ Fin du rapport a 18:25:37

Répondre à mimi04
Angeldark   11-12-2008 à 13:18:48
- 0 +

Reposte un rapport Hijackthis.

------------------------------ Prévention & Protection||Vous m'aimez ? Cliquez :o
 Répondre à Angeldark
mimi04   11-12-2008 à 18:34:32
- 0 +

voici le rapport

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 18:33:53, on 11/12/2008
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16735)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
C:\PROGRA~1\FICHIE~1\AOL\ACS\AOLacsd.exe
C:\Program Files\CyberLink\PowerCinema\Kernel\TV\CLCapSvc.exe
C:\Program Files\CyberLink\PowerCinema\Kernel\TV\CLSched.exe
C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLMLServer.exe
C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLMLService.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\wanmpsvc.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\system32\VTTimer.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\USB Storage RW\DskWatch.exe
C:\WINDOWS\system32\carpserv.exe
C:\Program Files\CyberLink\PowerCinema\PCMService.exe
C:\PROGRA~1\TECHCI~1\AOLSAV\AOLAgent.exe
C:\Program Files\Real\RealPlayer\RealPlay.exe
C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb05.exe
C:\Program Files\Ulead Systems\Ulead Photo Explorer 8.0 SE Basic\Monitor.exe
C:\Program Files\Ulead Systems\Ulead Photo Express 5 SE\calcheck.exe
C:\Program Files\Fichiers communs\AOL\1194351093\ee\AOLSoftware.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Windows Media Player\WMPNSCFG.exe
C:\Program Files\AOL 9.0\aoltray.exe
C:\Program Files\Windows Live\Messenger\usnsvc.exe
C:\Program Files\Outlook Express\msimn.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.msn.com/
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\3.1.807.1746\swg.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: AOL Toolbar - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - C:\Program Files\AOL Toolbar\toolbar.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: (no name) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - (no file)
O4 - HKLM\..\Run: [VTTimer] VTTimer.exe
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [USB Storage RW] C:\Program Files\USB Storage RW\DskWatch.exe
O4 - HKLM\..\Run: [CARPService] carpserv.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [PCMService] "C:\Program Files\CyberLink\PowerCinema\PCMService.exe"
O4 - HKLM\..\Run: [AOLSAV] C:\PROGRA~1\TECHCI~1\AOLSAV\AOLAgent.exe
O4 - HKLM\..\Run: [AOLDialer] C:\Program Files\Fichiers communs\AOL\ACS\AOLDial.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [RealTray] C:\Program Files\Real\RealPlayer\RealPlay.exe SYSTEMBOOTHIDEPLAYER
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb05.exe
O4 - HKLM\..\Run: [UserFaultCheck] %systemroot%\system32\dumprep 0 -u
O4 - HKLM\..\Run: [Ulead AutoDetector] C:\Program Files\Ulead Systems\Ulead Photo Explorer 8.0 SE Basic\Monitor.exe
O4 - HKLM\..\Run: [Controleur de calendrier pour Ulead Photo Express] C:\Program Files\Ulead Systems\Ulead Photo Express 5 SE\calcheck.exe
O4 - HKLM\..\Run: [HostManager] C:\Program Files\Fichiers communs\AOL\1194351093\ee\AOLSoftware.exe
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\Run: [vusenosoto] Rundll32.exe "C:\WINDOWS\system32\nojuvuva.dll",s (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: AOL 9.0 Icône AOL.lnk = C:\Program Files\AOL 9.0\aoltray.exe
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: &Recherche AOL Toolbar - res://C:\Program Files\AOL Toolbar\toolbar.dll/SEARCH.HTML
O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx
O9 - Extra button: AOL Toolbar - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - C:\Program Files\AOL Toolbar\toolbar.dll
O9 - Extra 'Tools' menuitem: AOL Toolbar - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - C:\Program Files\AOL Toolbar\toolbar.dll
O9 - Extra button: (no name) - {B205A35E-1FC4-4CE3-818B-899DBBB3388C} - C:\Program Files\Fichiers communs\Microsoft Shared\Encarta Search Bar\ENCSBAR.DLL
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O14 - IERESET.INF: START_PAGE_URL=http://www.targa.co.uk
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/bina [...] b56986.cab
O16 - DPF: {5C051655-FCD5-4969-9182-770EA5AA5565} (Solitaire Showdown Class) - http://messenger.zone.msn.com/bina [...] b56986.cab
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-F [...] E_UNO1.cab
O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} (Windows Live Safety Center Base Module) - http://cdn.scan.onecare.live.com/r [...] se8300.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://v5.windowsupdate.microsoft. [...] 8507380937
O16 - DPF: {88764F69-3831-4EC1-B40B-FF21D8381345} (AdVerifierADPCtrl Class) - https://static.impots.gouv.fr/tdir/ [...] DP-1.0.cab
O16 - DPF: {B79A53C0-1DAC-4636-BACE-FD086A7A79BF} (AdSignerLCContrl Class) - https://static.impots.gouv.fr/tdir/ [...] DP-1.1.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://messenger.zone.msn.com/bina [...] b56649.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/bina [...] b56907.cab
O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/bina [...] b56986.cab
O20 - AppInit_DLLs:
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: AOL Connectivity Service (AOL ACS) - AOL LLC - C:\PROGRA~1\FICHIE~1\AOL\ACS\AOLacsd.exe
O23 - Service: CyberLink Background Capture Service (CBCS) (CLCapSvc) - Unknown owner - C:\Program Files\CyberLink\PowerCinema\Kernel\TV\CLCapSvc.exe
O23 - Service: CyberLink Task Scheduler (CTS) (CLSched) - Unknown owner - C:\Program Files\CyberLink\PowerCinema\Kernel\TV\CLSched.exe
O23 - Service: CyberLink Media Library Service - Cyberlink - C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLMLServer.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: WAN Miniport (ATW) Service (WANMiniportService) - America Online, Inc. - C:\WINDOWS\wanmpsvc.exe

--
End of file - 10602 bytes

Répondre à mimi04
Angeldark   12-12-2008 à 17:48:04
- 0 +

Re,

Fix les lignes dans le cadre ci-dessous avec HijackThis : AIDE EN IMAGES

O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O3 - Toolbar: (no name) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - (no file)
O20 - AppInit_DLLs:

------------------------------ Prévention & Protection||Vous m'aimez ? Cliquez :o
 Répondre à Angeldark
mimi04   12-12-2008 à 20:01:20
- 0 +

je l ai fais et Reposte un rapport Hijackthis

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 19:59:36, on 12/12/2008
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16735)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
C:\PROGRA~1\FICHIE~1\AOL\ACS\AOLacsd.exe
C:\Program Files\CyberLink\PowerCinema\Kernel\TV\CLCapSvc.exe
C:\Program Files\CyberLink\PowerCinema\Kernel\TV\CLSched.exe
C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLMLServer.exe
C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLMLService.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\wanmpsvc.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\VTTimer.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\USB Storage RW\DskWatch.exe
C:\WINDOWS\system32\carpserv.exe
C:\Program Files\CyberLink\PowerCinema\PCMService.exe
C:\PROGRA~1\TECHCI~1\AOLSAV\AOLAgent.exe
C:\Program Files\Real\RealPlayer\RealPlay.exe
C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb05.exe
C:\Program Files\Ulead Systems\Ulead Photo Explorer 8.0 SE Basic\Monitor.exe
C:\Program Files\Ulead Systems\Ulead Photo Express 5 SE\calcheck.exe
C:\Program Files\Fichiers communs\AOL\1194351093\ee\AOLSoftware.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Windows Media Player\WMPNSCFG.exe
C:\Program Files\AOL 9.0\aoltray.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\Windows Live\Messenger\usnsvc.exe
C:\Program Files\Outlook Express\msimn.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.msn.com/
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\3.1.807.1746\swg.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: AOL Toolbar - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - C:\Program Files\AOL Toolbar\toolbar.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O4 - HKLM\..\Run: [VTTimer] VTTimer.exe
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [USB Storage RW] C:\Program Files\USB Storage RW\DskWatch.exe
O4 - HKLM\..\Run: [CARPService] carpserv.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [PCMService] "C:\Program Files\CyberLink\PowerCinema\PCMService.exe"
O4 - HKLM\..\Run: [AOLSAV] C:\PROGRA~1\TECHCI~1\AOLSAV\AOLAgent.exe
O4 - HKLM\..\Run: [AOLDialer] C:\Program Files\Fichiers communs\AOL\ACS\AOLDial.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [RealTray] C:\Program Files\Real\RealPlayer\RealPlay.exe SYSTEMBOOTHIDEPLAYER
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb05.exe
O4 - HKLM\..\Run: [UserFaultCheck] %systemroot%\system32\dumprep 0 -u
O4 - HKLM\..\Run: [Ulead AutoDetector] C:\Program Files\Ulead Systems\Ulead Photo Explorer 8.0 SE Basic\Monitor.exe
O4 - HKLM\..\Run: [Controleur de calendrier pour Ulead Photo Express] C:\Program Files\Ulead Systems\Ulead Photo Express 5 SE\calcheck.exe
O4 - HKLM\..\Run: [HostManager] C:\Program Files\Fichiers communs\AOL\1194351093\ee\AOLSoftware.exe
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\Run: [vusenosoto] Rundll32.exe "C:\WINDOWS\system32\nojuvuva.dll",s (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: AOL 9.0 Icône AOL.lnk = C:\Program Files\AOL 9.0\aoltray.exe
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: &Recherche AOL Toolbar - res://C:\Program Files\AOL Toolbar\toolbar.dll/SEARCH.HTML
O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx
O9 - Extra button: AOL Toolbar - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - C:\Program Files\AOL Toolbar\toolbar.dll
O9 - Extra 'Tools' menuitem: AOL Toolbar - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - C:\Program Files\AOL Toolbar\toolbar.dll
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O14 - IERESET.INF: START_PAGE_URL=http://www.targa.co.uk
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/bina [...] b56986.cab
O16 - DPF: {5C051655-FCD5-4969-9182-770EA5AA5565} (Solitaire Showdown Class) - http://messenger.zone.msn.com/bina [...] b56986.cab
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-F [...] E_UNO1.cab
O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} (Windows Live Safety Center Base Module) - http://cdn.scan.onecare.live.com/r [...] se8300.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://v5.windowsupdate.microsoft. [...] 8507380937
O16 - DPF: {88764F69-3831-4EC1-B40B-FF21D8381345} (AdVerifierADPCtrl Class) - https://static.impots.gouv.fr/tdir/ [...] DP-1.0.cab
O16 - DPF: {B79A53C0-1DAC-4636-BACE-FD086A7A79BF} (AdSignerLCContrl Class) - https://static.impots.gouv.fr/tdir/ [...] DP-1.1.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://messenger.zone.msn.com/bina [...] b56649.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/bina [...] b56907.cab
O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/bina [...] b56986.cab
O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: AOL Connectivity Service (AOL ACS) - AOL LLC - C:\PROGRA~1\FICHIE~1\AOL\ACS\AOLacsd.exe
O23 - Service: CyberLink Background Capture Service (CBCS) (CLCapSvc) - Unknown owner - C:\Program Files\CyberLink\PowerCinema\Kernel\TV\CLCapSvc.exe
O23 - Service: CyberLink Task Scheduler (CTS) (CLSched) - Unknown owner - C:\Program Files\CyberLink\PowerCinema\Kernel\TV\CLSched.exe
O23 - Service: CyberLink Media Library Service - Cyberlink - C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLMLServer.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: WAN Miniport (ATW) Service (WANMiniportService) - America Online, Inc. - C:\WINDOWS\wanmpsvc.exe

--
End of file - 10094 bytes

Répondre à mimi04
Angeldark   13-12-2008 à 12:47:42
- 0 +

Encore des soucis ?

------------------------------ Prévention & Protection||Vous m'aimez ? Cliquez :o
 Répondre à Angeldark
mimi04   13-12-2008 à 22:04:24
- 0 +

Non, j'aimerais avoir le lien pour pouvoir remettre antivir car j'ai toujours pas d'antivirus.
Merci.

Répondre à mimi04
Angeldark   14-12-2008 à 17:07:06
- 0 +

Bah Google > AntiVir :/

------------------------------ Prévention & Protection||Vous m'aimez ? Cliquez :o
 Répondre à Angeldark
mimi04   15-12-2008 à 12:49:25
- 0 +

merci pour tout

Répondre à mimi04
Créer un nouveau sujet Répondre
Tom's Guide > Forum > Sécurité - Virus > antivirus non valide
Aller à :

Il y a 2384 utilisateurs connus et inconnus. Pour voir la liste des connectés connus, cliquez ici.

Plan du forum
Forum Bestofmedia ©
2000-2009 Bestofmedia Group
Page générée en 0,567 secondes
Attention

Vous allez répondre sur un sujet resté inactif pendant plus de 6 mois.
Assurez-vous d'apporter des éléments nouveaux à la discussion avant de poursuivre.

Répondre Annuler
Liens