virus win32:malware-gen probleme de son.Résolu/Fermé

Question

Bonjour,
donc voilà mon soucis.
il y à une semaine de ça,j'ai commencé à ne plus avoir de son venant d'internet,puis de ma carte télé,alors que sur la meme carte télè,la radio fonctionne.
windows media player fonctione aussi. 
au départ pensant que c'etait juste un probleme de branchement,en débranchant et rebranchant le prise son de mon ampli,ma carte graphique à grillé,j'ai donc supposé qu'il y avait peut etre un rapport. 
mais au final je pense que c'etait juste la lois des séries...
en effectuant un scan au démarage avec avast,il mà indiqué 4 virus au niveau du volume s'apelant:malware-gen.
je les ai suprimés,mais le son ne fonctionne toujours pas correctement.
j'ai donc téléchargé hijackthis v2.0.2 qui m'indique ceci:


Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 12:32:15, on 27/01/2010
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\AlwilSoftware-AvastHomeEdition\aswUpdSv.exe
C:\AlwilSoftware-AvastHomeEdition\ashServ.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\PROGRA~1\WinTV\EPG Services\System\EPGService.exe
C:\Program Files\Fichiers communs\EPSON\EBAPI\SAgent2.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
C:\WINDOWS\system32\svchost.exe
C:\TomTom-Home\TomTom HOME 2\TomTomHOMEService.exe
C:\WINDOWS\System32\TUProgSt.exe
C:\WINDOWS\Logi_MwX.Exe
C:\ALWILS~1\ashDisp.exe
C:\PROGRA~1\WinTV\EPG Services\System\EPGClient.exe
C:\Maxtor\msssort.exe
C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe
C:\Program Files\Analog Devices\SoundMAX\smax4.exe
C:\Program Files\BroadJump\Client Foundation\CFD.exe
C:\Program Files\Analog Devices\Core\smax4pnp.exe
C:\TomTom-Home\TomTom HOME 2\TomTomHOMERunner.exe
C:\Program Files\Veoh Networks\Veoh\VeohClient.exe
C:\Program Files\Windows Media Player\WMPNSCFG.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files\WinTV\Ir.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe
C:\AlwilSoftware-AvastHomeEdition\ashMaiSv.exe
C:\AlwilSoftware-AvastHomeEdition\ashWebSv.exe
C:\Program Files\Fichiers communs\Teleca Shared\Generic.exe
C:\Program Files\Sony Ericsson\Mobile2\Mobile Phone Monitor\epmworker.exe
C:\AlwilSoftware-AvastHomeEdition\ashSimpl.exe
C:\Documents and Settings\MDNL\Bureau\HiJackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = https://www.bing.com/?cc=fr&toHttps=1&redig=55729C844D6A45819CAD368B3E178C9F
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://fr.yahoo.com/
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = 127.0.0.1
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file)
O2 - BHO: Aide à la navigation SFR - {0F6E720A-1A6B-40E1-A294-1D4D19F156C8} - C:\Program Files\SFR\Kit\SFRNavErrorHelper.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: myBabylon Toolbar - {34ea1c70-42cc-42c5-aa29-ec58b95a343e} - C:\Program Files\myBabylon	bmyBa.dll
O2 - BHO: NP Helper Class - {35B8D58C-B0CB-46b0-BA64-05B3804E4E86} - C:\Program Files\Internet Saving Optimizer\3.7.0.4550\NPIEAddOn.dll
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: myBabylon English Toolbar - {b2e293ee-fd7e-4c71-a714-5f4750d8d7b7} - C:\Program Files\myBabylon_English	bmyBa.dll
O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: Veoh Browser Plug-in - {D0943516-5076-4020-A3B5-AEFAF26AB263} - C:\Program Files\Veoh Networks\Veoh\Pluginseg\VeohToolbar.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
O3 - Toolbar: myBabylon English Toolbar - {b2e293ee-fd7e-4c71-a714-5f4750d8d7b7} - C:\Program Files\myBabylon_English	bmyBa.dll
O3 - Toolbar: myBabylon Toolbar - {34ea1c70-42cc-42c5-aa29-ec58b95a343e} - C:\Program Files\myBabylon	bmyBa.dll
O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O4 - HKLM\..\Run: [Logitech Utility] Logi_MwX.Exe
O4 - HKLM\..\Run: [Tweak UI] RUNDLL32.EXE TWEAKUI.CPL,TweakMeUp
O4 - HKLM\..\Run: [avast!] C:\ALWILS~1\ashDisp.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [EPGServiceTool] C:\PROGRA~1\WinTV\EPG Services\System\EPGClient.exe
O4 - HKLM\..\Run: [mssSort] C:\Maxtor\msssort.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [Sony Ericsson PC Suite] "C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe" /startoptions
O4 - HKLM\..\Run: [SoundMax] "C:\Program Files\Analog Devices\SoundMAX\smax4.exe" /tray
O4 - HKLM\..\Run: [BJCFD] C:\Program Files\BroadJump\Client Foundation\CFD.exe
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\ADOBE-AcrobatReader\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Fichiers communs\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe
O4 - HKCU\..\Run: [TomTomHOME.exe] "C:\TomTom-Home\TomTom HOME 2\TomTomHOMERunner.exe"
O4 - HKCU\..\Run: [Veoh] "C:\Program Files\Veoh Networks\Veoh\VeohClient.exe" /VeohHide
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: AutoStart IR.lnk = C:\Program Files\WinTV\Ir.exe
O4 - Global Startup: EPSON Status Monitor 3 Environment Check.lnk = C:\WINDOWS\system32\spool\drivers\w32x86\3\E_SRCV03.EXE
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {05CA9FB0-3E3E-4B36-BF41-0E3A5CAA8CD8} (Office Genuine Advantage Validation Tool) - http://download.microsoft.com/download/C/B/F/CBF23A2C-3E55-4664-BC5C-762780D79BA0/OGAControl.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab
O16 - DPF: {1E3F1348-4370-4BBE-A67A-CC7ED824CA85} (Microsoft Genuine Advantage Self Support Tool) - http://download.microsoft.com/download/7/4/9/749b0dc5-2175-4d5b-a6dd-9c4bc923683e/Selfhelpcontrol.cab
O16 - DPF: {5C051655-FCD5-4969-9182-770EA5AA5565} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown.cab56986.cab
O16 - DPF: {5D637FAD-E202-48D1-8F18-5B9C459BD1E3} (Image Uploader Control) - http://copainsdavant.linternaute.com/...
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/MessengerGamesContent/GameContent/fr/uno1/GAME_UNO1.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/...
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/...
O16 - DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} (Facebook Photo Uploader 5 Control) - http://upload.facebook.com/controls/2009.07.28_v5.5.8.1/FacebookPhotoUploader55.cab
O16 - DPF: {952F9A71-131A-11D5-8404-00500445A7D0} (ActiveMiniplug Class) - https://xlnet.xlairways.fr/AppStar/mplugax.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O23 - Service: Adobe LM Service - Unknown owner - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\AlwilSoftware-AvastHomeEdition\aswUpdSv.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\AlwilSoftware-AvastHomeEdition\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\AlwilSoftware-AvastHomeEdition\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\AlwilSoftware-AvastHomeEdition\ashWebSv.exe
O23 - Service: EPGService - Hauppauge Computer Works - C:\PROGRA~1\WinTV\EPG Services\System\EPGService.exe
O23 - Service: EPSON Printer Status Agent2 (EPSONStatusAgent2) - SEIKO EPSON CORPORATION - C:\Program Files\Fichiers communs\EPSON\EBAPI\SAgent2.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32
vsvc32.exe
O23 - Service: TomTomHOMEService - TomTom - C:\TomTom-Home\TomTom HOME 2\TomTomHOMEService.exe
O23 - Service: TuneUp Drive Defrag Service (TuneUp.Defrag) - TuneUp Software - C:\WINDOWS\System32\TuneUpDefragService.exe
O23 - Service: TuneUp Program Statistics Service (TuneUp.ProgramStatisticsSvc) - TuneUp Software - C:\WINDOWS\System32\TUProgSt.exe

piyi · Answer

j'ai bloqué boardjump,j'ai vu qu'apparement c'est inutile donc voilà.
par contre,impossible de virer teleca shared,j'arrive pas à trouver comment faire.
j'ai supprimer toutes les (toolbar inutile),enfin voilà ou j'en suis avez vous d'autres conseils à me donner pour m'aider?

piyi · Answer

j'ai supprimé teleca dans les cle du registre,mais ça n'à pas réglé mon probleme de son.

piyi · Answer

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 14:57:21, on 27/01/2010
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\AlwilSoftware-AvastHomeEdition\aswUpdSv.exe
C:\AlwilSoftware-AvastHomeEdition\ashServ.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\WinTV\EPG Services\System\EPGService.exe
C:\Program Files\Fichiers communs\EPSON\EBAPI\SAgent2.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
C:\WINDOWS\system32\svchost.exe
C:\TomTom-Home\TomTom HOME 2\TomTomHOMEService.exe
C:\WINDOWS\System32\TUProgSt.exe
C:\WINDOWS\system32\wuauclt.exe
C:\AlwilSoftware-AvastHomeEdition\ashMaiSv.exe
C:\AlwilSoftware-AvastHomeEdition\ashWebSv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\Logi_MwX.Exe
C:\ALWILS~1\ashDisp.exe
C:\PROGRA~1\WinTV\EPG Services\System\EPGClient.exe
C:\Maxtor\msssort.exe
C:\Program Files\Analog Devices\SoundMAX\smax4.exe
C:\ADOBE-AcrobatReader\Reader\Reader_sl.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files\Analog Devices\Core\smax4pnp.exe
C:\TomTom-Home\TomTom HOME 2\TomTomHOMERunner.exe
C:\Program Files\Veoh Networks\Veoh\VeohClient.exe
C:\Program Files\Windows Media Player\WMPNSCFG.exe
C:\Program Files\WinTV\Ir.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe
C:\Documents and Settings\MDNL\Bureau\HiJackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = 127.0.0.1
O2 - BHO: Aide à la navigation SFR - {0F6E720A-1A6B-40E1-A294-1D4D19F156C8} - C:\Program Files\SFR\Kit\SFRNavErrorHelper.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: NP Helper Class - {35B8D58C-B0CB-46b0-BA64-05B3804E4E86} - C:\Program Files\Internet Saving Optimizer\3.7.0.4550\NPIEAddOn.dll
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O4 - HKLM\..\Run: [Logitech Utility] Logi_MwX.Exe
O4 - HKLM\..\Run: [Tweak UI] RUNDLL32.EXE TWEAKUI.CPL,TweakMeUp
O4 - HKLM\..\Run: [avast!] C:\ALWILS~1\ashDisp.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [EPGServiceTool] C:\PROGRA~1\WinTV\EPG Services\System\EPGClient.exe
O4 - HKLM\..\Run: [mssSort] C:\Maxtor\msssort.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [Sony Ericsson PC Suite] "C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe" /startoptions
O4 - HKLM\..\Run: [SoundMax] "C:\Program Files\Analog Devices\SoundMAX\smax4.exe" /tray
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\ADOBE-AcrobatReader\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Fichiers communs\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe
O4 - HKCU\..\Run: [TomTomHOME.exe] "C:\TomTom-Home\TomTom HOME 2\TomTomHOMERunner.exe"
O4 - HKCU\..\Run: [Veoh] "C:\Program Files\Veoh Networks\Veoh\VeohClient.exe" /VeohHide
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: AutoStart IR.lnk = C:\Program Files\WinTV\Ir.exe
O4 - Global Startup: EPSON Status Monitor 3 Environment Check.lnk = C:\WINDOWS\system32\spool\drivers\w32x86\3\E_SRCV03.EXE
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {05CA9FB0-3E3E-4B36-BF41-0E3A5CAA8CD8} (Office Genuine Advantage Validation Tool) - http://download.microsoft.com/download/C/B/F/CBF23A2C-3E55-4664-BC5C-762780D79BA0/OGAControl.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab
O16 - DPF: {1E3F1348-4370-4BBE-A67A-CC7ED824CA85} (Microsoft Genuine Advantage Self Support Tool) - http://download.microsoft.com/download/7/4/9/749b0dc5-2175-4d5b-a6dd-9c4bc923683e/Selfhelpcontrol.cab
O16 - DPF: {5C051655-FCD5-4969-9182-770EA5AA5565} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown.cab56986.cab
O16 - DPF: {5D637FAD-E202-48D1-8F18-5B9C459BD1E3} (Image Uploader Control) - http://copainsdavant.linternaute.com/...
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/...
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/...
O16 - DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} (Facebook Photo Uploader 5 Control) - http://upload.facebook.com/controls/2009.07.28_v5.5.8.1/FacebookPhotoUploader55.cab
O16 - DPF: {952F9A71-131A-11D5-8404-00500445A7D0} (ActiveMiniplug Class) - https://xlnet.xlairways.fr/AppStar/mplugax.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O23 - Service: Adobe LM Service - Unknown owner - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\AlwilSoftware-AvastHomeEdition\aswUpdSv.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\AlwilSoftware-AvastHomeEdition\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\AlwilSoftware-AvastHomeEdition\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\AlwilSoftware-AvastHomeEdition\ashWebSv.exe
O23 - Service: EPGService - Hauppauge Computer Works - C:\PROGRA~1\WinTV\EPG Services\System\EPGService.exe
O23 - Service: EPSON Printer Status Agent2 (EPSONStatusAgent2) - SEIKO EPSON CORPORATION - C:\Program Files\Fichiers communs\EPSON\EBAPI\SAgent2.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32
vsvc32.exe
O23 - Service: TomTomHOMEService - TomTom - C:\TomTom-Home\TomTom HOME 2\TomTomHOMEService.exe
O23 - Service: TuneUp Drive Defrag Service (TuneUp.Defrag) - TuneUp Software - C:\WINDOWS\System32\TuneUpDefragService.exe
O23 - Service: TuneUp Program Statistics Service (TuneUp.ProgramStatisticsSvc) - TuneUp Software - C:\WINDOWS\System32\TUProgSt.exe

piyi · Answer

j'ai refait un scan au démarage,et il à rien trouvé....j'ai plus d'idées...

piyi · Answer

WIN 32  ROOTKIT GEN est ceque ce vrai faux virus est la cause de mon probleme?
vu que d'apres avast j'ai plus de virus.(vu que j'ai tout suprimé)
et pourtant j'ai toujours pas de son...
ça me ferai plaisir d'avoir au moins un semblant de réponse,trop plaisir.

piyi · Answer

j'ai instaler malwarebytes qui en scanant me trouve déjà 18 element suspect...

piyi · Answer

Malwarebytes' Anti-Malware 1.44
Version de la base de données: 3646
Windows 5.1.2600 Service Pack 3
Internet Explorer 8.0.6001.18702

27/01/2010 22:16:37
mbam-log-2010-01-27 (22-16-12).txt

Type de recherche: Examen complet (C:\|D:\|)
Eléments examinés: 205529
Temps écoulé: 37 minute(s), 22 second(s)

Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 23
Valeur(s) du Registre infectée(s): 2
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 33
Fichier(s) infecté(s): 163

Processus mémoire infecté(s):
(Aucun élément nuisible détecté)

Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)

Clé(s) du Registre infectée(s):
HKEY_CLASSES_ROOT\explorerbar.funexplorer (Adware.DoubleD) -> No action taken.
HKEY_CLASSES_ROOT\TypeLib\{c28a0312-c403-417b-a425-a915bc0519cd} (Adware.DoubleD) -> No action taken.
HKEY_CLASSES_ROOT\Interface\{877f3eab-4462-44df-8475-6064eafd7fbf} (Adware.DoubleD) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{35b8d58c-b0cb-46b0-ba64-05b3804e4e86} (Adware.DoubleD) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{35b8d58c-b0cb-46b0-ba64-05b3804e4e86} (Adware.DoubleD) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{35b8d58c-b0cb-46b0-ba64-05b3804e4e86} (Adware.DoubleD) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{35b8d58c-b0cb-46b0-ba64-05b3804e4e86} (Adware.DoubleD) -> No action taken.
HKEY_CLASSES_ROOT\explorerbar.funexplorer.1 (Adware.DoubleD) -> No action taken.
HKEY_CLASSES_ROOT\explorerbar.funredirector (Adware.DoubleD) -> No action taken.
HKEY_CLASSES_ROOT\explorerbar.funredirector.1 (Adware.DoubleD) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{cdbfb47b-58a8-4111-bf95-06178dce326d} (Adware.DoubleD) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{5617eca9-488d-4ba2-8562-9710b9ab78d2} (Adware.DoubleD) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{cdbfb47b-58a8-4111-bf95-06178dce326d} (Adware.DoubleD) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{5617eca9-488d-4ba2-8562-9710b9ab78d2} (Adware.DoubleD) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{cdbfb47b-58a8-4111-bf95-06178dce326d} (Adware.DoubleD) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\Setup.exe (Adware.DoubleD) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\QUAD Registry Cleaner v2 (Adware.QUADRegClean) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Internet Saving Optimizer (Adware.DoubleD) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\DoubleD (Adware.DoubleD) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Internet Saving Optimizer (Adware.DoubleD) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Media Access Startup (Adware.DoubleD) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{16b6279b-9ff5-41fb-8bf9-404324f5dd1f}}_is1 (Adware.DoubleD) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{c5096216-7703-409e-b85a-8a6ee7395128}}_is1 (Adware.DoubleD) -> No action taken.

Valeur(s) du Registre infectée(s):
HKEY_LOCAL_MACHINE\SOFTWARE\Mozilla\Firefox\Extensions\{0ba0192d-94a5-45e3-b2b8-3ec5a1a0b5ec} (Adware.DoubleD) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Mozilla\Firefox\Extensions\{2224e955-00e9-4613-a844-ce69fccaae91} (Adware.DoubleD) -> No action taken.

Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)

Dossier(s) infecté(s):
C:\Program Files\Internet Saving Optimizer (Adware.DoubleD) -> No action taken.
C:\Program Files\Internet Saving Optimizer\3.7.0.4550 (Adware.DoubleD) -> No action taken.
C:\Program Files\Internet Saving Optimizer\3.7.0.4550\Data (Adware.DoubleD) -> No action taken.
C:\Program Files\Internet Saving Optimizer\3.7.0.4550\FF (Adware.DoubleD) -> No action taken.
C:\Program Files\Internet Saving Optimizer\3.7.0.4550\FF\chrome (Adware.DoubleD) -> No action taken.
C:\Program Files\Internet Saving Optimizer\3.7.0.4550\FF\chrome\content (Adware.DoubleD) -> No action taken.
C:\Program Files\Internet Saving Optimizer\3.7.0.4550\FF\components (Adware.DoubleD) -> No action taken.
C:\Program Files\Media Access Startup (Adware.DoubleD) -> No action taken.
C:\Program Files\Media Access Startup\1.5.6.910 (Adware.DoubleD) -> No action taken.
C:\Program Files\Media Access Startup\1.5.6.910\Data (Adware.DoubleD) -> No action taken.
C:\Program Files\Media Access Startup\1.5.6.910\FF (Adware.DoubleD) -> No action taken.
C:\Program Files\Media Access Startup\1.5.6.910\FF\chrome (Adware.DoubleD) -> No action taken.
C:\Program Files\Media Access Startup\1.5.6.910\FF\chrome\content (Adware.DoubleD) -> No action taken.
C:\Program Files\Media Access Startup\1.5.6.910\FF\components (Adware.DoubleD) -> No action taken.
C:\Program Files\System Search Dispatcher (Adware.DoubleD) -> No action taken.
C:\Program Files\System Search Dispatcher\1.4.0.970 (Adware.DoubleD) -> No action taken.
C:\Program Files\System Search Dispatcher\1.4.0.970\Data (Adware.DoubleD) -> No action taken.
C:\Documents and Settings
athan libert\Local Settings\Application Data\DoubleD (Adware.DoubleD) -> No action taken.
C:\Documents and Settings
athan libert\Local Settings\Application Data\DoubleD\JuicyAccess Toolbar (Adware.DoubleD) -> No action taken.
C:\Documents and Settings\MDNL\Local Settings\Application Data\Internet Saving Optimizer (Adware.DoubleD) -> No action taken.
C:\Documents and Settings\MDNL\Local Settings\Application Data\Internet Saving Optimizer\3.7.0.4550 (Adware.DoubleD) -> No action taken.
C:\Documents and Settings\MDNL\Local Settings\Application Data\Internet Saving Optimizer\3.7.0.4550 (Adware.DoubleD) -> Files: 353 -> No action taken.
C:\Documents and Settings
athan libert\Local Settings\Application Data\Internet Saving Optimizer (Adware.DoubleD) -> No action taken.
C:\Documents and Settings
athan libert\Local Settings\Application Data\Internet Saving Optimizer\3.7.0.4550 (Adware.DoubleD) -> No action taken.
C:\Documents and Settings
athan libert\Local Settings\Application Data\Media Access Startup (Adware.DoubleD) -> No action taken.
C:\Documents and Settings
athan libert\Local Settings\Application Data\Media Access Startup\1.5.6.910 (Adware.DoubleD) -> No action taken.
C:\Documents and Settings
athan libert\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2} (Adware.DoubleD) -> No action taken.
C:\Documents and Settings
athan libert\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\Data (Adware.DoubleD) -> No action taken.
C:\Documents and Settings
athan libert\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF (Adware.DoubleD) -> No action taken.
C:\Documents and Settings
athan libert\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Cache (Adware.DoubleD) -> No action taken.
C:\Documents and Settings
athan libert\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Data (Adware.DoubleD) -> No action taken.
C:\Documents and Settings
athan libert\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Icons (Adware.DoubleD) -> No action taken.
C:\Documents and Settings
athan libert\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Skins (Adware.DoubleD) -> No action taken.

Fichier(s) infecté(s):
C:\Program Files\Internet Saving Optimizer\3.7.0.4550\NPIEAddOn.dll (Adware.DoubleD) -> No action taken.
C:\Program Files\Internet Saving Optimizer\3.7.0.4550\unins000.dat (Adware.DoubleD) -> No action taken.
C:\Program Files\Internet Saving Optimizer\3.7.0.4550\unins000.exe (Adware.DoubleD) -> No action taken.
C:\Program Files\Internet Saving Optimizer\3.7.0.4550\Data\config.md (Adware.DoubleD) -> No action taken.
C:\Program Files\Internet Saving Optimizer\3.7.0.4550\FF\chrome.manifest (Adware.DoubleD) -> No action taken.
C:\Program Files\Internet Saving Optimizer\3.7.0.4550\FF\install.rdf (Adware.DoubleD) -> No action taken.
C:\Program Files\Internet Saving Optimizer\3.7.0.4550\FF\chrome\NPAddOn.jar (Adware.DoubleD) -> No action taken.
C:\Program Files\Internet Saving Optimizer\3.7.0.4550\FF\chrome\content\NPAddOn.js (Adware.DoubleD) -> No action taken.
C:\Program Files\Internet Saving Optimizer\3.7.0.4550\FF\chrome\content\NPAddOn.xul (Adware.DoubleD) -> No action taken.
C:\Program Files\Internet Saving Optimizer\3.7.0.4550\FF\components\NPFFAddOn.xpt (Adware.DoubleD) -> No action taken.
C:\Program Files\Internet Saving Optimizer\3.7.0.4550\FF\components\NPFFHelperComponent.js (Adware.DoubleD) -> No action taken.
C:\Program Files\Media Access Startup\1.5.6.910\HPCommon.dll (Adware.DoubleD) -> No action taken.
C:\Program Files\Media Access Startup\1.5.6.910\hppx.exe (Adware.DoubleD) -> No action taken.
C:\Program Files\Media Access Startup\1.5.6.910\MAHelper.exe (Adware.DoubleD) -> No action taken.
C:\Program Files\Media Access Startup\1.5.6.910\unins000.dat (Adware.DoubleD) -> No action taken.
C:\Program Files\Media Access Startup\1.5.6.910\unins000.exe (Adware.DoubleD) -> No action taken.
C:\Program Files\Media Access Startup\1.5.6.910\Data\config.md (Adware.DoubleD) -> No action taken.
C:\Program Files\Media Access Startup\1.5.6.910\FF\chrome.manifest (Adware.DoubleD) -> No action taken.
C:\Program Files\Media Access Startup\1.5.6.910\FF\install.rdf (Adware.DoubleD) -> No action taken.
C:\Program Files\Media Access Startup\1.5.6.910\FF\chrome\HPAddOn.jar (Adware.DoubleD) -> No action taken.
C:\Program Files\Media Access Startup\1.5.6.910\FF\chrome\content\HPAddOn.js (Adware.DoubleD) -> No action taken.
C:\Program Files\Media Access Startup\1.5.6.910\FF\chrome\content\HPAddOn.xul (Adware.DoubleD) -> No action taken.
C:\Program Files\Media Access Startup\1.5.6.910\FF\components\HPFFAddOn.dll (Adware.DoubleD) -> No action taken.
C:\Program Files\Media Access Startup\1.5.6.910\FF\components\HPFFAddOn.xpt (Adware.DoubleD) -> No action taken.
C:\Program Files\Media Access Startup\1.5.6.910\FF\components\HPFFHelperComponent.js (Adware.DoubleD) -> No action taken.
C:\Program Files\System Search Dispatcher\1.4.0.970\unins000.dat (Adware.DoubleD) -> No action taken.
C:\Program Files\System Search Dispatcher\1.4.0.970\unins000.exe (Adware.DoubleD) -> No action taken.
C:\Program Files\System Search Dispatcher\1.4.0.970\Data\eacore.mx (Adware.DoubleD) -> No action taken.
C:\Program Files\System Search Dispatcher\1.4.0.970\Data\URLDynamic.mx (Adware.DoubleD) -> No action taken.
C:\Program Files\System Search Dispatcher\1.4.0.970\Data\URLStatic.mx (Adware.DoubleD) -> No action taken.
C:\Documents and Settings
athan libert\Local Settings\Application Data\Internet Saving Optimizer\3.7.0.4550\config.md (Adware.DoubleD) -> No action taken.
C:\Documents and Settings
athan libert\Local Settings\Application Data\Internet Saving Optimizer\3.7.0.4550\ipdata.md (Adware.DoubleD) -> No action taken.
C:\Documents and Settings
athan libert\Local Settings\Application Data\Internet Saving Optimizer\3.7.0.4550\NP_20090829-125509.937.log (Adware.DoubleD) -> No action taken.
C:\Documents and Settings
athan libert\Local Settings\Application Data\Internet Saving Optimizer\3.7.0.4550\NP_20090829-125516.578.log (Adware.DoubleD) -> No action taken.
C:\Documents and Settings
athan libert\Local Settings\Application Data\Internet Saving Optimizer\3.7.0.4550\NP_20090829-125536.906.log (Adware.DoubleD) -> No action taken.
C:\Documents and Settings
athan libert\Local Settings\Application Data\Internet Saving Optimizer\3.7.0.4550\NP_20090829-125659.156.log (Adware.DoubleD) -> No action taken.
C:\Documents and Settings
athan libert\Local Settings\Application Data\Internet Saving Optimizer\3.7.0.4550\NP_20090829-130540.984.log (Adware.DoubleD) -> No action taken.
C:\Documents and Settings
athan libert\Local Settings\Application Data\Internet Saving Optimizer\3.7.0.4550\NP_20090829-130556.265.log (Adware.DoubleD) -> No action taken.
C:\Documents and Settings
athan libert\Local Settings\Application Data\Internet Saving Optimizer\3.7.0.4550\NP_20090829-130920.437.log (Adware.DoubleD) -> No action taken.
C:\Documents and Settings
athan libert\Local Settings\Application Data\Internet Saving Optimizer\3.7.0.4550\NP_20090829-130930.265.log (Adware.DoubleD) -> No action taken.
C:\Documents and Settings
athan libert\Local Settings\Application Data\Internet Saving Optimizer\3.7.0.4550\NP_20090829-131101.250.log (Adware.DoubleD) -> No action taken.
C:\Documents and Settings
athan libert\Local Settings\Application Data\Internet Saving Optimizer\3.7.0.4550\NP_20090829-131355.546.log (Adware.DoubleD) -> No action taken.
C:\Documents and Settings
athan libert\Local Settings\Application Data\Internet Saving Optimizer\3.7.0.4550\NP_20090829-131509.718.log (Adware.DoubleD) -> No action taken.
C:\Documents and Settings
athan libert\Local Settings\Application Data\Internet Saving Optimizer\3.7.0.4550\NP_20090829-131531.000.log (Adware.DoubleD) -> No action taken.
C:\Documents and Settings
athan libert\Local Settings\Application Data\Internet Saving Optimizer\3.7.0.4550\NP_20090829-133226.375.log (Adware.DoubleD) -> No action taken.
C:\Documents and Settings
athan libert\Local Settings\Application Data\Internet Saving Optimizer\3.7.0.4550\NP_20090830-001617.453.log (Adware.DoubleD) -> No action taken.
C:\Documents and Settings
athan libert\Local Settings\Application Data\Internet Saving Optimizer\3.7.0.4550\NP_20090830-001631.718.log (Adware.DoubleD) -> No action taken.
C:\Documents and Settings
athan libert\Local Settings\Application Data\Internet Saving Optimizer\3.7.0.4550\NP_20090831-071731.765.log (Adware.DoubleD) -> No action taken.
C:\Documents and Settings
athan libert\Local Settings\Application Data\Internet Saving Optimizer\3.7.0.4550\NP_20090831-071746.000.log (Adware.DoubleD) -> No action taken.
C:\Documents and Settings
athan libert\Local Settings\Application Data\Internet Saving Optimizer\3.7.0.4550\NP_20090831-071835.671.log (Adware.DoubleD) -> No action taken.
C:\Documents and Settings
athan libert\Local Settings\Application Data\Internet Saving Optimizer\3.7.0.4550\NP_20090831-071952.671.log (Adware.DoubleD) -> No action taken.
C:\Documents and Settings
athan libert\Local Settings\Application Data\Internet Saving Optimizer\3.7.0.4550\NP_20090831-094703.031.log (Adware.DoubleD) -> No action taken.
C:\Documents and Settings
athan libert\Local Settings\Application Data\Internet Saving Optimizer\3.7.0.4550\NP_20090831-094711.046.log (Adware.DoubleD) -> No action taken.
C:\Documents and Settings
athan libert\Local Settings\Application Data\Internet Saving Optimizer\3.7.0.4550\NP_20090831-094713.625.log (Adware.DoubleD) -> No action taken.
C:\Documents and Settings
athan libert\Local Settings\Application Data\Internet Saving Optimizer\3.7.0.4550\NP_20090831-094717.843.log (Adware.DoubleD) -> No action taken.
C:\Documents and Settings
athan libert\Local Settings\Application Data\Internet Saving Optimizer\3.7.0.4550\NP_20090831-094719.156.log (Adware.DoubleD) -> No action taken.
C:\Documents and Settings
athan libert\Local Settings\Application Data\Internet Saving Optimizer\3.7.0.4550\NP_20090831-094731.890.log (Adware.DoubleD) -> No action taken.
C:\Documents and Settings
athan libert\Local Settings\Application Data\Internet Saving Optimizer\3.7.0.4550\NP_20090831-094735.890.log (Adware.DoubleD) -> No action taken.
C:\Documents and Settings
athan libert\Local Settings\Application Data\Internet Saving Optimizer\3.7.0.4550\NP_20090831-094744.312.log (Adware.DoubleD) -> No action taken.
C:\Documents and Settings
athan libert\Local Settings\Application Data\Internet Saving Optimizer\3.7.0.4550\NP_20090831-094903.203.log (Adware.DoubleD) -> No action taken.
C:\Documents and Settings
athan libert\Local Settings\Application Data\Internet Saving Optimizer\3.7.0.4550\NP_20090831-174452.609.log (Adware.DoubleD) -> No action taken.
C:\Documents and Settings
athan libert\Local Settings\Application Data\Internet Saving Optimizer\3.7.0.4550\NP_20090831-174452.625.log (Adware.DoubleD) -> No action taken.
C:\Documents and Settings
athan libert\Local Settings\Application Data\Internet Saving Optimizer\3.7.0.4550\NP_20090831-174452.640.log (Adware.DoubleD) -> No action taken.
C:\Documents and Settings
athan libert\Local Settings\Application Data\Internet Saving Optimizer\3.7.0.4550\NP_20090831-174646.906.log (Adware.DoubleD) -> No action taken.
C:\Documents and Settings
athan libert\Local Settings\Application Data\Internet Saving Optimizer\3.7.0.4550\NP_20090831-174829.140.log (Adware.DoubleD) -> No action taken.
C:\Documents and Settings
athan libert\Local Settings\Application Data\Internet Saving Optimizer\3.7.0.4550\NP_20090831-175532.156.log (Adware.DoubleD) -> No action taken.
C:\Documents and Settings
athan libert\Local Settings\Application Data\Internet Saving Optimizer\3.7.0.4550\NP_20090831-175636.734.log (Adware.DoubleD) -> No action taken.
C:\Documents and Settings
athan libert\Local Settings\Application Data\Internet Saving Optimizer\3.7.0.4550\NP_20090831-180125.968.log (Adware.DoubleD) -> No action taken.
C:\Documents and Settings
athan libert\Local Settings\Application Data\Internet Saving Optimizer\3.7.0.4550\NP_20090831-182648.203.log (Adware.DoubleD) -> No action taken.
C:\Documents and Settings
athan libert\Local Settings\Application Data\Internet Saving Optimizer\3.7.0.4550\NP_20090831-204945.281.log (Adware.DoubleD) -> No action taken.
C:\Documents and Settings
athan libert\Local Settings\Application Data\Internet Saving Optimizer\3.7.0.4550\NP_20090831-205043.234.log (Adware.DoubleD) -> No action taken.
C:\Documents and Settings
athan libert\Local Settings\Application Data\Internet Saving Optimizer\3.7.0.4550\NP_20090831-205228.625.log (Adware.DoubleD) -> No action taken.
C:\Documents and Settings
athan libert\Local Settings\Application Data\Internet Saving Optimizer\3.7.0.4550\NP_20090831-205303.859.log (Adware.DoubleD) -> No action taken.
C:\Documents and Settings
athan libert\Local Settings\Application Data\Internet Saving Optimizer\3.7.0.4550\NP_20090831-205325.062.log (Adware.DoubleD) -> No action taken.
C:\Documents and Settings
athan libert\Local Settings\Application Data\Internet Saving Optimizer\3.7.0.4550\NP_20090831-205545.562.log (Adware.DoubleD) -> No action taken.
C:\Documents and Settings
athan libert\Local Settings\Application Data\Internet Saving Optimizer\3.7.0.4550\NP_20090831-205605.578.log (Adware.DoubleD) -> No action taken.
C:\Documents and Settings
athan libert\Local Settings\Application Data\Internet Saving Optimizer\3.7.0.4550\NP_20090831-205654.468.log (Adware.DoubleD) -> No action taken.
C:\Documents and Settings
athan libert\Local Settings\Application Data\Internet Saving Optimizer\3.7.0.4550\NP_20090831-205714.093.log (Adware.DoubleD) -> No action taken.
C:\Documents and Settings
athan libert\Local Settings\Application Data\Internet Saving Optimizer\3.7.0.4550\NP_20090831-205734.015.log (Adware.DoubleD) -> No action taken.
C:\Documents and Settings
athan libert\Local Settings\Application Data\Internet Saving Optimizer\3.7.0.4550\NP_20090831-210504.687.log (Adware.DoubleD) -> No action taken.
C:\Documents and Settings
athan libert\Local Settings\Application Data\Internet Saving Optimizer\3.7.0.4550\NP_20090831-211027.171.log (Adware.DoubleD) -> No action taken.
C:\Documents and Settings
athan libert\Local Settings\Application Data\Internet Saving Optimizer\3.7.0.4550\NP_20090831-211119.562.log (Adware.DoubleD) -> No action taken.
C:\Documents and Settings
athan libert\Local Settings\Application Data\Internet Saving Optimizer\3.7.0.4550\NP_20090831-211608.109.log (Adware.DoubleD) -> No action taken.
C:\Documents and Settings
athan libert\Local Settings\Application Data\Internet Saving Optimizer\3.7.0.4550\NP_20090831-211611.359.log (Adware.DoubleD) -> No action taken.
C:\Documents and Settings
athan libert\Local Settings\Application Data\Internet Saving Optimizer\3.7.0.4550\NP_20090831-212317.000.log (Adware.DoubleD) -> No action taken.
C:\Documents and Settings
athan libert\Local Settings\Application Data\Internet Saving Optimizer\3.7.0.4550\NP_20090831-212521.843.log (Adware.DoubleD) -> No action taken.
C:\Documents and Settings
athan libert\Local Settings\Application Data\Internet Saving Optimizer\3.7.0.4550\NP_20090831-212542.093.log (Adware.DoubleD) -> No action taken.
C:\Documents and Settings
athan libert\Local Settings\Application Data\Internet Saving Optimizer\3.7.0.4550\NP_20090831-213753.281.log (Adware.DoubleD) -> No action taken.
C:\Documents and Settings
athan libert\Local Settings\Application Data\Internet Saving Optimizer\3.7.0.4550status.md (Adware.DoubleD) -> No action taken.
C:\Documents and Settings
athan libert\Local Settings\Application Data\Media Access Startup\1.5.6.910\config.md (Adware.DoubleD) -> No action taken.
C:\Documents and Settings
athan libert\Local Settings\Application Data\Media Access Startup\1.5.6.910\HJHP_20090829-125446.265.log (Adware.DoubleD) -> No action taken.
C:\Documents and Settings
athan libert\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\CurrentVersion.xml (Adware.DoubleD) -> No action taken.
C:\Documents and Settings
athan libert\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\ExtractZipFile.zip (Adware.DoubleD) -> No action taken.
C:\Documents and Settings
athan libert\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\icon.ico (Adware.DoubleD) -> No action taken.
C:\Documents and Settings
athan libert\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\productinfo.dll (Adware.DoubleD) -> No action taken.
C:\Documents and Settings
athan libert\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\Setup.exe (Adware.DoubleD) -> No action taken.
C:\Documents and Settings
athan libert\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}	df.dat (Adware.DoubleD) -> No action taken.
C:\Documents and Settings
athan libert\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\Data\ProductInfo.mx (Adware.DoubleD) -> No action taken.
C:\Documents and Settings
athan libert\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Cache\01c9eb2893468d1fba80553d2b75bd30.gif (Adware.DoubleD) -> No action taken.
C:\Documents and Settings
athan libert\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Cache\867b44b1158783875052f103c3a2f11a.gif (Adware.DoubleD) -> No action taken.
C:\Documents and Settings
athan libert\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Cache\bc83ac54dd36e7479704363c8fbd7e43.gif (Adware.DoubleD) -> No action taken.
C:\Documents and Settings
athan libert\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Cache\c14631dd1d688aa0ae8e9c9dd396c653.gif (Adware.DoubleD) -> No action taken.
C:\Documents and Settings
athan libert\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Cache\default1.dat (Adware.DoubleD) -> No action taken.
C:\Documents and Settings
athan libert\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Cache\loading.dat (Adware.DoubleD) -> No action taken.
C:\Documents and Settings
athan libert\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Cache\loading.gif (Adware.DoubleD) -> No action taken.
C:\Documents and Settings
athan libert\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Data\Module_DailyVideo.mx (Adware.DoubleD) -> No action taken.
C:\Documents and Settings
athan libert\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Data\Module_Game.mx (Adware.DoubleD) -> No action taken.
C:\Documents and Settings
athan libert\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Data\Module_Logo.mx (Adware.DoubleD) -> No action taken.
C:\Documents and Settings
athan libert\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Data\Module_Option.mx (Adware.DoubleD) -> No action taken.
C:\Documents and Settings
athan libert\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Data\Module_Search.mx (Adware.DoubleD) -> No action taken.
C:\Documents and Settings
athan libert\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Data\Module_Smiley_Config.mx (Adware.DoubleD) -> No action taken.
C:\Documents and Settings
athan libert\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Data\Module_Smiley_TellAFriend.mx (Adware.DoubleD) -> No action taken.
C:\Documents and Settings
athan libert\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Data\Module_Wallpaper.mx (Adware.DoubleD) -> No action taken.
C:\Documents and Settings
athan libert\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Data\Module_Web.mx (Adware.DoubleD) -> No action taken.
C:\Documents and Settings
athan libert\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Data\pixel.mx (Adware.DoubleD) -> No action taken.
C:\Documents and Settings
athan libert\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Data\ProductInfo.mx (Adware.DoubleD) -> No action taken.
C:\Documents and Settings
athan libert\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Data\profile.mx (Adware.DoubleD) -> No action taken.
C:\Documents and Settings
athan libert\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Data\SearchEngineList.mx (Adware.DoubleD) -> No action taken.
C:\Documents and Settings
athan libert\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Data	bcore.mx (Adware.DoubleD) -> No action taken.
C:\Documents and Settings
athan libert\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Data\ToolbarLayout.mx (Adware.DoubleD) -> No action taken.
C:\Documents and Settings
athan libert\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Data\UpdateCentre.mx (Adware.DoubleD) -> No action taken.
C:\Documents and Settings
athan libert\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Data\UpdateCentreBk.mx (Adware.DoubleD) -> No action taken.
C:\Documents and Settings
athan libert\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Data\URLDynamic.mx (Adware.DoubleD) -> No action taken.
C:\Documents and Settings
athan libert\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Data\URLStatic.mx (Adware.DoubleD) -> No action taken.
C:\Documents and Settings
athan libert\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Icons\About.mg (Adware.DoubleD) -> No action taken.
C:\Documents and Settings
athan libert\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Icons\Component_ComboBox.mg (Adware.DoubleD) -> No action taken.
C:\Documents and Settings
athan libert\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Icons\Module_DailyVideo.mg (Adware.DoubleD) -> No action taken.
C:\Documents and Settings
athan libert\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Icons\Module_Game.mg (Adware.DoubleD) -> No action taken.
C:\Documents and Settings
athan libert\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Icons\Module_Logo.mg (Adware.DoubleD) -> No action taken.
C:\Documents and Settings
athan libert\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Icons\Module_Option.mg (Adware.DoubleD) -> No action taken.
C:\Documents and Settings
athan libert\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Icons\Module_Search.mg (Adware.DoubleD) -> No action taken.
C:\Documents and Settings
athan libert\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Icons\Module_Smiley.mg (Adware.DoubleD) -> No action taken.
C:\Documents and Settings
athan libert\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Icons\Module_Wallpaper.mg (Adware.DoubleD) -> No action taken.
C:\Documents and Settings
athan libert\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Icons\Module_Web.mg (Adware.DoubleD) -> No action taken.
C:\Documents and Settings
athan libert\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Icons\TBBtnDefault.png (Adware.DoubleD) -> No action taken.
C:\Documents and Settings
athan libert\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Icons\TBBtnDisplay.bmp (Adware.DoubleD) -> No action taken.
C:\Documents and Settings
athan libert\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Icons\TBBtnDisplay.png (Adware.DoubleD) -> No action taken.
C:\Documents and Settings
athan libert\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Icons\TBBtnDisplay18.bmp (Adware.DoubleD) -> No action taken.
C:\Documents and Settings
athan libert\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Icons\TBBtnDisplay20.bmp (Adware.DoubleD) -> No action taken.
C:\Documents and Settings
athan libert\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Icons\TBBtnGlitters.bmp (Adware.DoubleD) -> No action taken.
C:\Documents and Settings
athan libert\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Icons\TBBtnGlitters.png (Adware.DoubleD) -> No action taken.
C:\Documents and Settings
athan libert\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Icons\TBBtnGlitters18.bmp (Adware.DoubleD) -> No action taken.
C:\Documents and Settings
athan libert\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Icons\TBBtnGlitters20.bmp (Adware.DoubleD) -> No action taken.
C:\Documents and Settings
athan libert\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Icons\TBBtnOption.png (Adware.DoubleD) -> No action taken.
C:\Documents and Settings
athan libert\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Icons\TBBtnSmiley.bmp (Adware.DoubleD) -> No action taken.
C:\Documents and Settings
athan libert\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Icons\TBBtnSmiley.png (Adware.DoubleD) -> No action taken.
C:\Documents and Settings
athan libert\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Icons\TBBtnSmiley18.bmp (Adware.DoubleD) -> No action taken.
C:\Documents and Settings
athan libert\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Icons\TBBtnSmiley20.bmp (Adware.DoubleD) -> No action taken.
C:\Documents and Settings
athan libert\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Icons\TBBtnTellFd.bmp (Adware.DoubleD) -> No action taken.
C:\Documents and Settings
athan libert\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Icons\TBBtnTellFd.png (Adware.DoubleD) -> No action taken.
C:\Documents and Settings
athan libert\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Icons\TBBtnTellFd18.bmp (Adware.DoubleD) -> No action taken.
C:\Documents and Settings
athan libert\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Icons\TBBtnTellFd20.bmp (Adware.DoubleD) -> No action taken.
C:\Documents and Settings
athan libert\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Icons\TBBtnWink.bmp (Adware.DoubleD) -> No action taken.
C:\Documents and Settings
athan libert\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Icons\TBBtnWink.png (Adware.DoubleD) -> No action taken.
C:\Documents and Settings
athan libert\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Icons\TBBtnWink18.bmp (Adware.DoubleD) -> No action taken.
C:\Documents and Settings
athan libert\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Icons\TBBtnWink20.bmp (Adware.DoubleD) -> No action taken.
C:\Documents and Settings
athan libert\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Skins\myskin1.skf (Adware.DoubleD) -> No action taken.
C:\Documents and Settings
athan libert\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Skins\myskin2.skf (Adware.DoubleD) -> No action taken.
C:\Documents and Settings
athan libert\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Skins\myskin3.skf (Adware.DoubleD) -> No action taken.
C:\Documents and Settings
athan libert\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Skins\myskin4.skf (Adware.DoubleD) -> No action taken.
C:\Documents and Settings
athan libert\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Skins\TellafriendSkin.skf (Adware.DoubleD) -> No action taken.
C:\Documents and Settings
athan libert\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Skins\TellafriendSkin_s.skf (Adware.DoubleD) -> No action taken.
C:\Documents and Settings
athan libert\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Skins\ToastSkin.skf (Adware.DoubleD) -> No action taken.




voilà ce que malware à trouvé,je vais esseillé de me dépatouiller avec ça.

piyi · Answer

j'ai envie de pleurer,j'ai tout suprimé et j'ai toujours pas de son,c'est bon je vais me coucher,j'en ai trop mare.

piyi · Answer

C:\System Volume Information\_restore{CC82CBDC-DF61-4B78-84D3-C43A60C72CBD}\R­P155\A0019943.exe -> Dialer.Agent.z : Nettoyé et sauvegardé (mise en quarantaine). 

slt 

pour virer ca: 

désactive la restauration système pour purger les virus qui seraient dedans puis réactive là (dans DEMARRER puis TOUS LES PROGRAMMES puis ACCESSOIRE puis OUTILS SYSTEME puis RESTAURATION SYSTEME puis paramètre 

______________ 

ensuite pour voir si il reste rien: 


Colle le rapport : 
Clean permettra de faire du nettoyage et supprimer des fichiers que des anti-virus et anti-spywares n'ont pas pu trouver. Le logiciel est régulièrement mis à jour, vous devrez donc le re-téléchargé pour obtenir une version plus récente. 

· Téléchargez clean.zip, décompressez-le sur votre bureau (clic droit / extraire tout), vous obtenez alors un dossier clean 
· Démarrez Windows en mode sans échec : Guide pour redémarrer en mode sans échec 
· Ouvrez le dossier clean qui se trouve sur ton bureau, et double-cliquez sur clean.cmd, une fenêtre noire va apparaître pendant un instant, laissez la ouverte jusqu'à ce qu'elle se ferme. 

http://kerio.probb.fr/tuto-Clean-h37.html 

______________ 


colle le rapport d'un scan en ligne 
avec un des suivants: 


bitdefender en ligne : 
http://www.bitdefender.fr/scan_fr/scan8/ie.html 

scan en ligne firefox 

https://www.trendmicro.com/fr_fr/business.html 

Panda en ligne : 
http://pandasoftware.fr 


________________ 




si ca persiste 

colle un rapport hijackthis 
https://www.01net.com/telecharger/windows/Securite/anti-spyware/fiches/29061.html 


manuel : 

https://leblogdeclaude.blogspot.com/2006/10/informatique-section-hijackthis.html 


Je conseille de renomer Hijackthis, pour contrer une éventuelle infection de Vundo. 

ex:Renomme le fichier HijackThis.exe en eden.exe pour cela, fais un clic droit sur le fichier HijackThis.exe et choisis renommer dans la liste 

Ensuite avec Explorer créer un dossier c:\hijackthis 
Décompresser Hijackthis dans ce dossier. 
C'est important pour les sauvegardes."




bon je vais esseiller çà,sa à l'air d'etre le meme probleme que le mien.

dédétraqué · Answer

Salut piyi


On va vérifier cela, télécharge RSIT (de random/random) sur le bureau ici :
http://images.malwareremoval.com/random/RSIT.exe

- Double clique sur RSIT.exe qui est sur le bureau
- Clique sur Continue dans la fenêtre
- RSIT téléchargera HijackThis si il n’est pas présent où détecté, alors il faudra accepter la licence
- Poste le contenue des deux rapports, log.txt et info.txt(réduit dans la barre des tâches) à la fin de l’analyse

Les rapports sont dans le dossier ici C:\rsit

Je vérifie ton rapport après le boulot ce soir, bonne journée


@++ :)

piyi · Answer

à zut clean zip marche plus...

piyi · Answer

ha merci c'est trop cool,parceque ça fait une semaine que j'y suis et je m'en sort pas.
je vais y geter un coup d'oeuil voir si ça me parle...

piyi · Answer

alors, les trucs que je ne savait pas ce que c'était:
saeport(meme si apparement des fois ça pose probleme,j'ai pas l'imprétion que moi ça me concerne)?...
Mrendiss:NDIS protocol service (donc je garde)...
RTK audio service,déjà ça ça m'a l'air plus suspect,je vais approfondire.
04-HKLM...run:[NVcpl Daemon]Rudll32.exe.         ça à l'air normal.
Nv media center:pilote de nvidia  ok
nwiz.exe,ça aussi c'est en rapport avec nvidia.
mss Sort:utile pour maxtor(microsoft) donc pas de soucis.
CTFMON.exe(alternative user imput services)utile pour office xp...

donc voilà je cherche vers RTK audio service.
merci encore ça m'aide bien,si tu vois autres choses de suspect...
en attendant j'esseille d'avancer.

piyi · Answer

ah bas non RTK c'est realtek,ça peut pas etre ça...

piyi · Answer

j'ai effacé realtek et nvidia car c'etait respectivement mon ancien driver son et mon ancienne carte graphique,et j'avais retelechargé realtek penssant au début que c t un probleme de driver,mais en fait c'est impossible,vu que j'ai du son sur windows media player,j'avoue aujourd'hui je me suis moin creusé la téte ,je m'éssoufle....
si on me donne des trucs à faire je le ferai.
c'est pas super urgent mais je voudrai juste pouvoir reregarder ma télé avec le son,au pire je rebooterai le pc,mais franchement en derniere option.
j'ai penssé à faire une restauration de systém,mais comme le probleme date d'avant le changement de ma carte graphique,et que je dois désactiver la carte son incluse de la carte graphique pour pas qu'elle soit en confrontation avec mon autre carte son, en gros ça me saoul.
enfin si j'ai d'autres options.
comme ça fait une semaine que j'y suis j'aurai fait un reboot,j'aurai déjà résolu mon probleme....pfff.
à oui je retrouve plus le cd d'instale de cette fameuse carte son.

piyi · Answer

de désespoir,je suis allée à surcouf, j'explique mon probleme, le technicien branche mon ordi, tout marche, le son sur internet, tout...
je rentre chez moi désespérée,en me disant que mon probleme n'etait pas réglé, je reconecte tout, je fait un essai internet ça marche, je fait un essai télé, ça marche???!!!

donc le probleme est résolu, j'aimerai bien donner une solution, mais apart le mot miracle....je vois pas????
peut etre avait il besoin d'une balade...non vraiment je vois pas...

enfin merci à tout ceux qui m'ont aider.

Virus win32:malware-gen probleme de son.

16 réponses

Discussions similaires

Newsletters