VIVEZ LE
FOOTBALL !
Posez votre question Signaler

Virus win32:malware-gen probleme de son. [Résolu]

piyi 53Messages postés 6 janvier 2009Date d'inscription 16 avril 2012Dernière intervention - Dernière réponse le 3 févr. 2010 à 17:27
Bonjour,
donc voilà mon soucis.
il y à une semaine de ça,j'ai commencé à ne plus avoir de son venant d'internet,puis de ma carte télé,alors que sur la meme carte télè,la radio fonctionne.
windows media player fonctione aussi.
au départ pensant que c'etait juste un probleme de branchement,en débranchant et rebranchant le prise son de mon ampli,ma carte graphique à grillé,j'ai donc supposé qu'il y avait peut etre un rapport.
mais au final je pense que c'etait juste la lois des séries...
en effectuant un scan au démarage avec avast,il mà indiqué 4 virus au niveau du volume s'apelant:malware-gen.
je les ai suprimés,mais le son ne fonctionne toujours pas correctement.
j'ai donc téléchargé hijackthis v2.0.2 qui m'indique ceci:
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 12:32:15, on 27/01/2010
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\AlwilSoftware-AvastHomeEdition\aswUpdSv.exe
C:\AlwilSoftware-AvastHomeEdition\ashServ.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\PROGRA~1\WinTV\EPG Services\System\EPGService.exe
C:\Program Files\Fichiers communs\EPSON\EBAPI\SAgent2.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
C:\WINDOWS\system32\svchost.exe
C:\TomTom-Home\TomTom HOME 2\TomTomHOMEService.exe
C:\WINDOWS\System32\TUProgSt.exe
C:\WINDOWS\Logi_MwX.Exe
C:\ALWILS~1\ashDisp.exe
C:\PROGRA~1\WinTV\EPG Services\System\EPGClient.exe
C:\Maxtor\msssort.exe
C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe
C:\Program Files\Analog Devices\SoundMAX\smax4.exe
C:\Program Files\BroadJump\Client Foundation\CFD.exe
C:\Program Files\Analog Devices\Core\smax4pnp.exe
C:\TomTom-Home\TomTom HOME 2\TomTomHOMERunner.exe
C:\Program Files\Veoh Networks\Veoh\VeohClient.exe
C:\Program Files\Windows Media Player\WMPNSCFG.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files\WinTV\Ir.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe
C:\AlwilSoftware-AvastHomeEdition\ashMaiSv.exe
C:\AlwilSoftware-AvastHomeEdition\ashWebSv.exe
C:\Program Files\Fichiers communs\Teleca Shared\Generic.exe
C:\Program Files\Sony Ericsson\Mobile2\Mobile Phone Monitor\epmworker.exe
C:\AlwilSoftware-AvastHomeEdition\ashSimpl.exe
C:\Documents and Settings\MDNL\Bureau\HiJackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://g.msn.fr/0SEFRFR/SAOS02
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.yahoo.com
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = 127.0.0.1
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file)
O2 - BHO: Aide à la navigation SFR - {0F6E720A-1A6B-40E1-A294-1D4D19F156C8} - C:\Program Files\SFR\Kit\SFRNavErrorHelper.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: myBabylon Toolbar - {34ea1c70-42cc-42c5-aa29-ec58b95a343e} - C:\Program Files\myBabylon\tbmyBa.dll
O2 - BHO: NP Helper Class - {35B8D58C-B0CB-46b0-BA64-05B3804E4E86} - C:\Program Files\Internet Saving Optimizer\3.7.0.4550\NPIEAddOn.dll
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: myBabylon English Toolbar - {b2e293ee-fd7e-4c71-a714-5f4750d8d7b7} - C:\Program Files\myBabylon_English\tbmyBa.dll
O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: Veoh Browser Plug-in - {D0943516-5076-4020-A3B5-AEFAF26AB263} - C:\Program Files\Veoh Networks\Veoh\Plugins\reg\VeohToolbar.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
O3 - Toolbar: myBabylon English Toolbar - {b2e293ee-fd7e-4c71-a714-5f4750d8d7b7} - C:\Program Files\myBabylon_English\tbmyBa.dll
O3 - Toolbar: myBabylon Toolbar - {34ea1c70-42cc-42c5-aa29-ec58b95a343e} - C:\Program Files\myBabylon\tbmyBa.dll
O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O4 - HKLM\..\Run: [Logitech Utility] Logi_MwX.Exe
O4 - HKLM\..\Run: [Tweak UI] RUNDLL32.EXE TWEAKUI.CPL,TweakMeUp
O4 - HKLM\..\Run: [avast!] C:\ALWILS~1\ashDisp.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [EPGServiceTool] C:\PROGRA~1\WinTV\EPG Services\System\EPGClient.exe
O4 - HKLM\..\Run: [mssSort] C:\Maxtor\msssort.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [Sony Ericsson PC Suite] "C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe" /startoptions
O4 - HKLM\..\Run: [SoundMax] "C:\Program Files\Analog Devices\SoundMAX\smax4.exe" /tray
O4 - HKLM\..\Run: [BJCFD] C:\Program Files\BroadJump\Client Foundation\CFD.exe
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\ADOBE-AcrobatReader\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Fichiers communs\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe
O4 - HKCU\..\Run: [TomTomHOME.exe] "C:\TomTom-Home\TomTom HOME 2\TomTomHOMERunner.exe"
O4 - HKCU\..\Run: [Veoh] "C:\Program Files\Veoh Networks\Veoh\VeohClient.exe" /VeohHide
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: AutoStart IR.lnk = C:\Program Files\WinTV\Ir.exe
O4 - Global Startup: EPSON Status Monitor 3 Environment Check.lnk = C:\WINDOWS\system32\spool\drivers\w32x86\3\E_SRCV03.EXE
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {05CA9FB0-3E3E-4B36-BF41-0E3A5CAA8CD8} (Office Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=58813
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {1E3F1348-4370-4BBE-A67A-CC7ED824CA85} (Microsoft Genuine Advantage Self Support Tool) - http://go.microsoft.com/fwlink/?LinkId=82580
O16 - DPF: {5C051655-FCD5-4969-9182-770EA5AA5565} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown.cab56986.cab
O16 - DPF: {5D637FAD-E202-48D1-8F18-5B9C459BD1E3} (Image Uploader Control) - http://copainsdavant.linternaute.com/...
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/...
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/...
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/...
O16 - DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} (Facebook Photo Uploader 5 Control) - http://upload.facebook.com/controls/2009.07.28_v5.5.8.1/FacebookPhotoUploader55.cab
O16 - DPF: {952F9A71-131A-11D5-8404-00500445A7D0} (ActiveMiniplug Class) - https://xlnet.xlairways.fr/AppStar/mplugax.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O23 - Service: Adobe LM Service - Unknown owner - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\AlwilSoftware-AvastHomeEdition\aswUpdSv.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\AlwilSoftware-AvastHomeEdition\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\AlwilSoftware-AvastHomeEdition\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\AlwilSoftware-AvastHomeEdition\ashWebSv.exe
O23 - Service: EPGService - Hauppauge Computer Works - C:\PROGRA~1\WinTV\EPG Services\System\EPGService.exe
O23 - Service: EPSON Printer Status Agent2 (EPSONStatusAgent2) - SEIKO EPSON CORPORATION - C:\Program Files\Fichiers communs\EPSON\EBAPI\SAgent2.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: TomTomHOMEService - TomTom - C:\TomTom-Home\TomTom HOME 2\TomTomHOMEService.exe
O23 - Service: TuneUp Drive Defrag Service (TuneUp.Defrag) - TuneUp Software - C:\WINDOWS\System32\TuneUpDefragService.exe
O23 - Service: TuneUp Program Statistics Service (TuneUp.ProgramStatisticsSvc) - TuneUp Software - C:\WINDOWS\System32\TUProgSt.exe
Lire la suite 

Virus win32:malware-gen probleme de son »

17 réponses
Réponse
+0
moins plus
piyi 53Messages postés 6 janvier 2009Date d'inscription 16 avril 2012Dernière intervention 27 janv. 2010 à 13:36
j'ai bloqué boardjump,j'ai vu qu'apparement c'est inutile donc voilà.
par contre,impossible de virer teleca shared,j'arrive pas à trouver comment faire.
j'ai supprimer toutes les (toolbar inutile),enfin voilà ou j'en suis avez vous d'autres conseils à me donner pour m'aider?

 Ajouter un commentaire
Ajouter un commentaire
Réponse
+0
moins plus
piyi 53Messages postés 6 janvier 2009Date d'inscription 16 avril 2012Dernière intervention 27 janv. 2010 à 14:56
j'ai supprimé teleca dans les cle du registre,mais ça n'à pas réglé mon probleme de son.

 Ajouter un commentaire
Ajouter un commentaire
Réponse
+0
moins plus
piyi 53Messages postés 6 janvier 2009Date d'inscription 16 avril 2012Dernière intervention 27 janv. 2010 à 14:58
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 14:57:21, on 27/01/2010
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\AlwilSoftware-AvastHomeEdition\aswUpdSv.exe
C:\AlwilSoftware-AvastHomeEdition\ashServ.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\WinTV\EPG Services\System\EPGService.exe
C:\Program Files\Fichiers communs\EPSON\EBAPI\SAgent2.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
C:\WINDOWS\system32\svchost.exe
C:\TomTom-Home\TomTom HOME 2\TomTomHOMEService.exe
C:\WINDOWS\System32\TUProgSt.exe
C:\WINDOWS\system32\wuauclt.exe
C:\AlwilSoftware-AvastHomeEdition\ashMaiSv.exe
C:\AlwilSoftware-AvastHomeEdition\ashWebSv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\Logi_MwX.Exe
C:\ALWILS~1\ashDisp.exe
C:\PROGRA~1\WinTV\EPG Services\System\EPGClient.exe
C:\Maxtor\msssort.exe
C:\Program Files\Analog Devices\SoundMAX\smax4.exe
C:\ADOBE-AcrobatReader\Reader\Reader_sl.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files\Analog Devices\Core\smax4pnp.exe
C:\TomTom-Home\TomTom HOME 2\TomTomHOMERunner.exe
C:\Program Files\Veoh Networks\Veoh\VeohClient.exe
C:\Program Files\Windows Media Player\WMPNSCFG.exe
C:\Program Files\WinTV\Ir.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe
C:\Documents and Settings\MDNL\Bureau\HiJackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = 127.0.0.1
O2 - BHO: Aide à la navigation SFR - {0F6E720A-1A6B-40E1-A294-1D4D19F156C8} - C:\Program Files\SFR\Kit\SFRNavErrorHelper.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: NP Helper Class - {35B8D58C-B0CB-46b0-BA64-05B3804E4E86} - C:\Program Files\Internet Saving Optimizer\3.7.0.4550\NPIEAddOn.dll
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O4 - HKLM\..\Run: [Logitech Utility] Logi_MwX.Exe
O4 - HKLM\..\Run: [Tweak UI] RUNDLL32.EXE TWEAKUI.CPL,TweakMeUp
O4 - HKLM\..\Run: [avast!] C:\ALWILS~1\ashDisp.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [EPGServiceTool] C:\PROGRA~1\WinTV\EPG Services\System\EPGClient.exe
O4 - HKLM\..\Run: [mssSort] C:\Maxtor\msssort.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [Sony Ericsson PC Suite] "C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe" /startoptions
O4 - HKLM\..\Run: [SoundMax] "C:\Program Files\Analog Devices\SoundMAX\smax4.exe" /tray
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\ADOBE-AcrobatReader\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Fichiers communs\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe
O4 - HKCU\..\Run: [TomTomHOME.exe] "C:\TomTom-Home\TomTom HOME 2\TomTomHOMERunner.exe"
O4 - HKCU\..\Run: [Veoh] "C:\Program Files\Veoh Networks\Veoh\VeohClient.exe" /VeohHide
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: AutoStart IR.lnk = C:\Program Files\WinTV\Ir.exe
O4 - Global Startup: EPSON Status Monitor 3 Environment Check.lnk = C:\WINDOWS\system32\spool\drivers\w32x86\3\E_SRCV03.EXE
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {05CA9FB0-3E3E-4B36-BF41-0E3A5CAA8CD8} (Office Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=58813
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {1E3F1348-4370-4BBE-A67A-CC7ED824CA85} (Microsoft Genuine Advantage Self Support Tool) - http://go.microsoft.com/fwlink/?LinkId=82580
O16 - DPF: {5C051655-FCD5-4969-9182-770EA5AA5565} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown.cab56986.cab
O16 - DPF: {5D637FAD-E202-48D1-8F18-5B9C459BD1E3} (Image Uploader Control) - http://copainsdavant.linternaute.com/...
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/...
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/...
O16 - DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} (Facebook Photo Uploader 5 Control) - http://upload.facebook.com/controls/2009.07.28_v5.5.8.1/FacebookPhotoUploader55.cab
O16 - DPF: {952F9A71-131A-11D5-8404-00500445A7D0} (ActiveMiniplug Class) - https://xlnet.xlairways.fr/AppStar/mplugax.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O23 - Service: Adobe LM Service - Unknown owner - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\AlwilSoftware-AvastHomeEdition\aswUpdSv.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\AlwilSoftware-AvastHomeEdition\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\AlwilSoftware-AvastHomeEdition\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\AlwilSoftware-AvastHomeEdition\ashWebSv.exe
O23 - Service: EPGService - Hauppauge Computer Works - C:\PROGRA~1\WinTV\EPG Services\System\EPGService.exe
O23 - Service: EPSON Printer Status Agent2 (EPSONStatusAgent2) - SEIKO EPSON CORPORATION - C:\Program Files\Fichiers communs\EPSON\EBAPI\SAgent2.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: TomTomHOMEService - TomTom - C:\TomTom-Home\TomTom HOME 2\TomTomHOMEService.exe
O23 - Service: TuneUp Drive Defrag Service (TuneUp.Defrag) - TuneUp Software - C:\WINDOWS\System32\TuneUpDefragService.exe
O23 - Service: TuneUp Program Statistics Service (TuneUp.ProgramStatisticsSvc) - TuneUp Software - C:\WINDOWS\System32\TUProgSt.exe

Ajouter un commentaire
Ajouter un commentaire
Réponse
+0
moins plus
piyi 53Messages postés 6 janvier 2009Date d'inscription 16 avril 2012Dernière intervention 27 janv. 2010 à 20:56
j'ai refait un scan au démarage,et il à rien trouvé....j'ai plus d'idées...

 Ajouter un commentaire
Ajouter un commentaire
Réponse
+0
moins plus
piyi 53Messages postés 6 janvier 2009Date d'inscription 16 avril 2012Dernière intervention 27 janv. 2010 à 21:31
WIN 32 ROOTKIT GEN est ceque ce vrai faux virus est la cause de mon probleme?
vu que d'apres avast j'ai plus de virus.(vu que j'ai tout suprimé)
et pourtant j'ai toujours pas de son...
ça me ferai plaisir d'avoir au moins un semblant de réponse,trop plaisir.

 Ajouter un commentaire
Ajouter un commentaire
Réponse
+0
moins plus
piyi 53Messages postés 6 janvier 2009Date d'inscription 16 avril 2012Dernière intervention 27 janv. 2010 à 22:06
j'ai instaler malwarebytes qui en scanant me trouve déjà 18 element suspect...

 Ajouter un commentaire
Ajouter un commentaire
Réponse
+0
moins plus
piyi 53Messages postés 6 janvier 2009Date d'inscription 16 avril 2012Dernière intervention 27 janv. 2010 à 22:19
Malwarebytes' Anti-Malware 1.44
Version de la base de données: 3646
Windows 5.1.2600 Service Pack 3
Internet Explorer 8.0.6001.18702

27/01/2010 22:16:37
mbam-log-2010-01-27 (22-16-12).txt

Type de recherche: Examen complet (C:\|D:\|)
Eléments examinés: 205529
Temps écoulé: 37 minute(s), 22 second(s)

Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 23
Valeur(s) du Registre infectée(s): 2
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 33
Fichier(s) infecté(s): 163

Processus mémoire infecté(s):
(Aucun élément nuisible détecté)

Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)

Clé(s) du Registre infectée(s):
HKEY_CLASSES_ROOT\explorerbar.funexplorer (Adware.DoubleD) -> No action taken.
HKEY_CLASSES_ROOT\TypeLib\{c28a0312-c403-417b-a425-a915bc0519cd} (Adware.DoubleD) -> No action taken.
HKEY_CLASSES_ROOT\Interface\{877f3eab-4462-44df-8475-6064eafd7fbf} (Adware.DoubleD) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{35b8d58c-b0cb-46b0-ba64-05b3804e4e86} (Adware.DoubleD) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{35b8d58c-b0cb-46b0-ba64-05b3804e4e86} (Adware.DoubleD) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{35b8d58c-b0cb-46b0-ba64-05b3804e4e86} (Adware.DoubleD) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{35b8d58c-b0cb-46b0-ba64-05b3804e4e86} (Adware.DoubleD) -> No action taken.
HKEY_CLASSES_ROOT\explorerbar.funexplorer.1 (Adware.DoubleD) -> No action taken.
HKEY_CLASSES_ROOT\explorerbar.funredirector (Adware.DoubleD) -> No action taken.
HKEY_CLASSES_ROOT\explorerbar.funredirector.1 (Adware.DoubleD) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{cdbfb47b-58a8-4111-bf95-06178dce326d} (Adware.DoubleD) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{5617eca9-488d-4ba2-8562-9710b9ab78d2} (Adware.DoubleD) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{cdbfb47b-58a8-4111-bf95-06178dce326d} (Adware.DoubleD) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{5617eca9-488d-4ba2-8562-9710b9ab78d2} (Adware.DoubleD) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{cdbfb47b-58a8-4111-bf95-06178dce326d} (Adware.DoubleD) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\Setup.exe (Adware.DoubleD) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\QUAD Registry Cleaner v2 (Adware.QUADRegClean) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Internet Saving Optimizer (Adware.DoubleD) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\DoubleD (Adware.DoubleD) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Internet Saving Optimizer (Adware.DoubleD) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Media Access Startup (Adware.DoubleD) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{16b6279b-9ff5-41fb-8bf9-404324f5dd1f}}_is1 (Adware.DoubleD) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{c5096216-7703-409e-b85a-8a6ee7395128}}_is1 (Adware.DoubleD) -> No action taken.

Valeur(s) du Registre infectée(s):
HKEY_LOCAL_MACHINE\SOFTWARE\Mozilla\Firefox\Extensions\{0ba0192d-94a5-45e3-b2b8-3ec5a1a0b5ec} (Adware.DoubleD) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Mozilla\Firefox\Extensions\{2224e955-00e9-4613-a844-ce69fccaae91} (Adware.DoubleD) -> No action taken.

Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)

Dossier(s) infecté(s):
C:\Program Files\Internet Saving Optimizer (Adware.DoubleD) -> No action taken.
C:\Program Files\Internet Saving Optimizer\3.7.0.4550 (Adware.DoubleD) -> No action taken.
C:\Program Files\Internet Saving Optimizer\3.7.0.4550\Data (Adware.DoubleD) -> No action taken.
C:\Program Files\Internet Saving Optimizer\3.7.0.4550\FF (Adware.DoubleD) -> No action taken.
C:\Program Files\Internet Saving Optimizer\3.7.0.4550\FF\chrome (Adware.DoubleD) -> No action taken.
C:\Program Files\Internet Saving Optimizer\3.7.0.4550\FF\chrome\content (Adware.DoubleD) -> No action taken.
C:\Program Files\Internet Saving Optimizer\3.7.0.4550\FF\components (Adware.DoubleD) -> No action taken.
C:\Program Files\Media Access Startup (Adware.DoubleD) -> No action taken.
C:\Program Files\Media Access Startup\1.5.6.910 (Adware.DoubleD) -> No action taken.
C:\Program Files\Media Access Startup\1.5.6.910\Data (Adware.DoubleD) -> No action taken.
C:\Program Files\Media Access Startup\1.5.6.910\FF (Adware.DoubleD) -> No action taken.
C:\Program Files\Media Access Startup\1.5.6.910\FF\chrome (Adware.DoubleD) -> No action taken.
C:\Program Files\Media Access Startup\1.5.6.910\FF\chrome\content (Adware.DoubleD) -> No action taken.
C:\Program Files\Media Access Startup\1.5.6.910\FF\components (Adware.DoubleD) -> No action taken.
C:\Program Files\System Search Dispatcher (Adware.DoubleD) -> No action taken.
C:\Program Files\System Search Dispatcher\1.4.0.970 (Adware.DoubleD) -> No action taken.
C:\Program Files\System Search Dispatcher\1.4.0.970\Data (Adware.DoubleD) -> No action taken.
C:\Documents and Settings\nathan libert\Local Settings\Application Data\DoubleD (Adware.DoubleD) -> No action taken.
C:\Documents and Settings\nathan libert\Local Settings\Application Data\DoubleD\JuicyAccess Toolbar (Adware.DoubleD) -> No action taken.
C:\Documents and Settings\MDNL\Local Settings\Application Data\Internet Saving Optimizer (Adware.DoubleD) -> No action taken.
C:\Documents and Settings\MDNL\Local Settings\Application Data\Internet Saving Optimizer\3.7.0.4550 (Adware.DoubleD) -> No action taken.
C:\Documents and Settings\MDNL\Local Settings\Application Data\Internet Saving Optimizer\3.7.0.4550 (Adware.DoubleD) -> Files: 353 -> No action taken.
C:\Documents and Settings\nathan libert\Local Settings\Application Data\Internet Saving Optimizer (Adware.DoubleD) -> No action taken.
C:\Documents and Settings\nathan libert\Local Settings\Application Data\Internet Saving Optimizer\3.7.0.4550 (Adware.DoubleD) -> No action taken.
C:\Documents and Settings\nathan libert\Local Settings\Application Data\Media Access Startup (Adware.DoubleD) -> No action taken.
C:\Documents and Settings\nathan libert\Local Settings\Application Data\Media Access Startup\1.5.6.910 (Adware.DoubleD) -> No action taken.
C:\Documents and Settings\nathan libert\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2} (Adware.DoubleD) -> No action taken.
C:\Documents and Settings\nathan libert\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\Data (Adware.DoubleD) -> No action taken.
C:\Documents and Settings\nathan libert\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF (Adware.DoubleD) -> No action taken.
C:\Documents and Settings\nathan libert\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Cache (Adware.DoubleD) -> No action taken.
C:\Documents and Settings\nathan libert\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Data (Adware.DoubleD) -> No action taken.
C:\Documents and Settings\nathan libert\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Icons (Adware.DoubleD) -> No action taken.
C:\Documents and Settings\nathan libert\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Skins (Adware.DoubleD) -> No action taken.

Fichier(s) infecté(s):
C:\Program Files\Internet Saving Optimizer\3.7.0.4550\NPIEAddOn.dll (Adware.DoubleD) -> No action taken.
C:\Program Files\Internet Saving Optimizer\3.7.0.4550\unins000.dat (Adware.DoubleD) -> No action taken.
C:\Program Files\Internet Saving Optimizer\3.7.0.4550\unins000.exe (Adware.DoubleD) -> No action taken.
C:\Program Files\Internet Saving Optimizer\3.7.0.4550\Data\config.md (Adware.DoubleD) -> No action taken.
C:\Program Files\Internet Saving Optimizer\3.7.0.4550\FF\chrome.manifest (Adware.DoubleD) -> No action taken.
C:\Program Files\Internet Saving Optimizer\3.7.0.4550\FF\install.rdf (Adware.DoubleD) -> No action taken.
C:\Program Files\Internet Saving Optimizer\3.7.0.4550\FF\chrome\NPAddOn.jar (Adware.DoubleD) -> No action taken.
C:\Program Files\Internet Saving Optimizer\3.7.0.4550\FF\chrome\content\NPAddOn.js (Adware.DoubleD) -> No action taken.
C:\Program Files\Internet Saving Optimizer\3.7.0.4550\FF\chrome\content\NPAddOn.xul (Adware.DoubleD) -> No action taken.
C:\Program Files\Internet Saving Optimizer\3.7.0.4550\FF\components\NPFFAddOn.xpt (Adware.DoubleD) -> No action taken.
C:\Program Files\Internet Saving Optimizer\3.7.0.4550\FF\components\NPFFHelperComponent.js (Adware.DoubleD) -> No action taken.
C:\Program Files\Media Access Startup\1.5.6.910\HPCommon.dll (Adware.DoubleD) -> No action taken.
C:\Program Files\Media Access Startup\1.5.6.910\hppx.exe (Adware.DoubleD) -> No action taken.
C:\Program Files\Media Access Startup\1.5.6.910\MAHelper.exe (Adware.DoubleD) -> No action taken.
C:\Program Files\Media Access Startup\1.5.6.910\unins000.dat (Adware.DoubleD) -> No action taken.
C:\Program Files\Media Access Startup\1.5.6.910\unins000.exe (Adware.DoubleD) -> No action taken.
C:\Program Files\Media Access Startup\1.5.6.910\Data\config.md (Adware.DoubleD) -> No action taken.
C:\Program Files\Media Access Startup\1.5.6.910\FF\chrome.manifest (Adware.DoubleD) -> No action taken.
C:\Program Files\Media Access Startup\1.5.6.910\FF\install.rdf (Adware.DoubleD) -> No action taken.
C:\Program Files\Media Access Startup\1.5.6.910\FF\chrome\HPAddOn.jar (Adware.DoubleD) -> No action taken.
C:\Program Files\Media Access Startup\1.5.6.910\FF\chrome\content\HPAddOn.js (Adware.DoubleD) -> No action taken.
C:\Program Files\Media Access Startup\1.5.6.910\FF\chrome\content\HPAddOn.xul (Adware.DoubleD) -> No action taken.
C:\Program Files\Media Access Startup\1.5.6.910\FF\components\HPFFAddOn.dll (Adware.DoubleD) -> No action taken.
C:\Program Files\Media Access Startup\1.5.6.910\FF\components\HPFFAddOn.xpt (Adware.DoubleD) -> No action taken.
C:\Program Files\Media Access Startup\1.5.6.910\FF\components\HPFFHelperComponent.js (Adware.DoubleD) -> No action taken.
C:\Program Files\System Search Dispatcher\1.4.0.970\unins000.dat (Adware.DoubleD) -> No action taken.
C:\Program Files\System Search Dispatcher\1.4.0.970\unins000.exe (Adware.DoubleD) -> No action taken.
C:\Program Files\System Search Dispatcher\1.4.0.970\Data\eacore.mx (Adware.DoubleD) -> No action taken.
C:\Program Files\System Search Dispatcher\1.4.0.970\Data\URLDynamic.mx (Adware.DoubleD) -> No action taken.
C:\Program Files\System Search Dispatcher\1.4.0.970\Data\URLStatic.mx (Adware.DoubleD) -> No action taken.
C:\Documents and Settings\nathan libert\Local Settings\Application Data\Internet Saving Optimizer\3.7.0.4550\config.md (Adware.DoubleD) -> No action taken.
C:\Documents and Settings\nathan libert\Local Settings\Application Data\Internet Saving Optimizer\3.7.0.4550\ipdata.md (Adware.DoubleD) -> No action taken.
C:\Documents and Settings\nathan libert\Local Settings\Application Data\Internet Saving Optimizer\3.7.0.4550\NP_20090829-125509.937.log (Adware.DoubleD) -> No action taken.
C:\Documents and Settings\nathan libert\Local Settings\Application Data\Internet Saving Optimizer\3.7.0.4550\NP_20090829-125516.578.log (Adware.DoubleD) -> No action taken.
C:\Documents and Settings\nathan libert\Local Settings\Application Data\Internet Saving Optimizer\3.7.0.4550\NP_20090829-125536.906.log (Adware.DoubleD) -> No action taken.
C:\Documents and Settings\nathan libert\Local Settings\Application Data\Internet Saving Optimizer\3.7.0.4550\NP_20090829-125659.156.log (Adware.DoubleD) -> No action taken.
C:\Documents and Settings\nathan libert\Local Settings\Application Data\Internet Saving Optimizer\3.7.0.4550\NP_20090829-130540.984.log (Adware.DoubleD) -> No action taken.
C:\Documents and Settings\nathan libert\Local Settings\Application Data\Internet Saving Optimizer\3.7.0.4550\NP_20090829-130556.265.log (Adware.DoubleD) -> No action taken.
C:\Documents and Settings\nathan libert\Local Settings\Application Data\Internet Saving Optimizer\3.7.0.4550\NP_20090829-130920.437.log (Adware.DoubleD) -> No action taken.
C:\Documents and Settings\nathan libert\Local Settings\Application Data\Internet Saving Optimizer\3.7.0.4550\NP_20090829-130930.265.log (Adware.DoubleD) -> No action taken.
C:\Documents and Settings\nathan libert\Local Settings\Application Data\Internet Saving Optimizer\3.7.0.4550\NP_20090829-131101.250.log (Adware.DoubleD) -> No action taken.
C:\Documents and Settings\nathan libert\Local Settings\Application Data\Internet Saving Optimizer\3.7.0.4550\NP_20090829-131355.546.log (Adware.DoubleD) -> No action taken.
C:\Documents and Settings\nathan libert\Local Settings\Application Data\Internet Saving Optimizer\3.7.0.4550\NP_20090829-131509.718.log (Adware.DoubleD) -> No action taken.
C:\Documents and Settings\nathan libert\Local Settings\Application Data\Internet Saving Optimizer\3.7.0.4550\NP_20090829-131531.000.log (Adware.DoubleD) -> No action taken.
C:\Documents and Settings\nathan libert\Local Settings\Application Data\Internet Saving Optimizer\3.7.0.4550\NP_20090829-133226.375.log (Adware.DoubleD) -> No action taken.
C:\Documents and Settings\nathan libert\Local Settings\Application Data\Internet Saving Optimizer\3.7.0.4550\NP_20090830-001617.453.log (Adware.DoubleD) -> No action taken.
C:\Documents and Settings\nathan libert\Local Settings\Application Data\Internet Saving Optimizer\3.7.0.4550\NP_20090830-001631.718.log (Adware.DoubleD) -> No action taken.
C:\Documents and Settings\nathan libert\Local Settings\Application Data\Internet Saving Optimizer\3.7.0.4550\NP_20090831-071731.765.log (Adware.DoubleD) -> No action taken.
C:\Documents and Settings\nathan libert\Local Settings\Application Data\Internet Saving Optimizer\3.7.0.4550\NP_20090831-071746.000.log (Adware.DoubleD) -> No action taken.
C:\Documents and Settings\nathan libert\Local Settings\Application Data\Internet Saving Optimizer\3.7.0.4550\NP_20090831-071835.671.log (Adware.DoubleD) -> No action taken.
C:\Documents and Settings\nathan libert\Local Settings\Application Data\Internet Saving Optimizer\3.7.0.4550\NP_20090831-071952.671.log (Adware.DoubleD) -> No action taken.
C:\Documents and Settings\nathan libert\Local Settings\Application Data\Internet Saving Optimizer\3.7.0.4550\NP_20090831-094703.031.log (Adware.DoubleD) -> No action taken.
C:\Documents and Settings\nathan libert\Local Settings\Application Data\Internet Saving Optimizer\3.7.0.4550\NP_20090831-094711.046.log (Adware.DoubleD) -> No action taken.
C:\Documents and Settings\nathan libert\Local Settings\Application Data\Internet Saving Optimizer\3.7.0.4550\NP_20090831-094713.625.log (Adware.DoubleD) -> No action taken.
C:\Documents and Settings\nathan libert\Local Settings\Application Data\Internet Saving Optimizer\3.7.0.4550\NP_20090831-094717.843.log (Adware.DoubleD) -> No action taken.
C:\Documents and Settings\nathan libert\Local Settings\Application Data\Internet Saving Optimizer\3.7.0.4550\NP_20090831-094719.156.log (Adware.DoubleD) -> No action taken.
C:\Documents and Settings\nathan libert\Local Settings\Application Data\Internet Saving Optimizer\3.7.0.4550\NP_20090831-094731.890.log (Adware.DoubleD) -> No action taken.
C:\Documents and Settings\nathan libert\Local Settings\Application Data\Internet Saving Optimizer\3.7.0.4550\NP_20090831-094735.890.log (Adware.DoubleD) -> No action taken.
C:\Documents and Settings\nathan libert\Local Settings\Application Data\Internet Saving Optimizer\3.7.0.4550\NP_20090831-094744.312.log (Adware.DoubleD) -> No action taken.
C:\Documents and Settings\nathan libert\Local Settings\Application Data\Internet Saving Optimizer\3.7.0.4550\NP_20090831-094903.203.log (Adware.DoubleD) -> No action taken.
C:\Documents and Settings\nathan libert\Local Settings\Application Data\Internet Saving Optimizer\3.7.0.4550\NP_20090831-174452.609.log (Adware.DoubleD) -> No action taken.
C:\Documents and Settings\nathan libert\Local Settings\Application Data\Internet Saving Optimizer\3.7.0.4550\NP_20090831-174452.625.log (Adware.DoubleD) -> No action taken.
C:\Documents and Settings\nathan libert\Local Settings\Application Data\Internet Saving Optimizer\3.7.0.4550\NP_20090831-174452.640.log (Adware.DoubleD) -> No action taken.
C:\Documents and Settings\nathan libert\Local Settings\Application Data\Internet Saving Optimizer\3.7.0.4550\NP_20090831-174646.906.log (Adware.DoubleD) -> No action taken.
C:\Documents and Settings\nathan libert\Local Settings\Application Data\Internet Saving Optimizer\3.7.0.4550\NP_20090831-174829.140.log (Adware.DoubleD) -> No action taken.
C:\Documents and Settings\nathan libert\Local Settings\Application Data\Internet Saving Optimizer\3.7.0.4550\NP_20090831-175532.156.log (Adware.DoubleD) -> No action taken.
C:\Documents and Settings\nathan libert\Local Settings\Application Data\Internet Saving Optimizer\3.7.0.4550\NP_20090831-175636.734.log (Adware.DoubleD) -> No action taken.
C:\Documents and Settings\nathan libert\Local Settings\Application Data\Internet Saving Optimizer\3.7.0.4550\NP_20090831-180125.968.log (Adware.DoubleD) -> No action taken.
C:\Documents and Settings\nathan libert\Local Settings\Application Data\Internet Saving Optimizer\3.7.0.4550\NP_20090831-182648.203.log (Adware.DoubleD) -> No action taken.
C:\Documents and Settings\nathan libert\Local Settings\Application Data\Internet Saving Optimizer\3.7.0.4550\NP_20090831-204945.281.log (Adware.DoubleD) -> No action taken.
C:\Documents and Settings\nathan libert\Local Settings\Application Data\Internet Saving Optimizer\3.7.0.4550\NP_20090831-205043.234.log (Adware.DoubleD) -> No action taken.
C:\Documents and Settings\nathan libert\Local Settings\Application Data\Internet Saving Optimizer\3.7.0.4550\NP_20090831-205228.625.log (Adware.DoubleD) -> No action taken.
C:\Documents and Settings\nathan libert\Local Settings\Application Data\Internet Saving Optimizer\3.7.0.4550\NP_20090831-205303.859.log (Adware.DoubleD) -> No action taken.
C:\Documents and Settings\nathan libert\Local Settings\Application Data\Internet Saving Optimizer\3.7.0.4550\NP_20090831-205325.062.log (Adware.DoubleD) -> No action taken.
C:\Documents and Settings\nathan libert\Local Settings\Application Data\Internet Saving Optimizer\3.7.0.4550\NP_20090831-205545.562.log (Adware.DoubleD) -> No action taken.
C:\Documents and Settings\nathan libert\Local Settings\Application Data\Internet Saving Optimizer\3.7.0.4550\NP_20090831-205605.578.log (Adware.DoubleD) -> No action taken.
C:\Documents and Settings\nathan libert\Local Settings\Application Data\Internet Saving Optimizer\3.7.0.4550\NP_20090831-205654.468.log (Adware.DoubleD) -> No action taken.
C:\Documents and Settings\nathan libert\Local Settings\Application Data\Internet Saving Optimizer\3.7.0.4550\NP_20090831-205714.093.log (Adware.DoubleD) -> No action taken.
C:\Documents and Settings\nathan libert\Local Settings\Application Data\Internet Saving Optimizer\3.7.0.4550\NP_20090831-205734.015.log (Adware.DoubleD) -> No action taken.
C:\Documents and Settings\nathan libert\Local Settings\Application Data\Internet Saving Optimizer\3.7.0.4550\NP_20090831-210504.687.log (Adware.DoubleD) -> No action taken.
C:\Documents and Settings\nathan libert\Local Settings\Application Data\Internet Saving Optimizer\3.7.0.4550\NP_20090831-211027.171.log (Adware.DoubleD) -> No action taken.
C:\Documents and Settings\nathan libert\Local Settings\Application Data\Internet Saving Optimizer\3.7.0.4550\NP_20090831-211119.562.log (Adware.DoubleD) -> No action taken.
C:\Documents and Settings\nathan libert\Local Settings\Application Data\Internet Saving Optimizer\3.7.0.4550\NP_20090831-211608.109.log (Adware.DoubleD) -> No action taken.
C:\Documents and Settings\nathan libert\Local Settings\Application Data\Internet Saving Optimizer\3.7.0.4550\NP_20090831-211611.359.log (Adware.DoubleD) -> No action taken.
C:\Documents and Settings\nathan libert\Local Settings\Application Data\Internet Saving Optimizer\3.7.0.4550\NP_20090831-212317.000.log (Adware.DoubleD) -> No action taken.
C:\Documents and Settings\nathan libert\Local Settings\Application Data\Internet Saving Optimizer\3.7.0.4550\NP_20090831-212521.843.log (Adware.DoubleD) -> No action taken.
C:\Documents and Settings\nathan libert\Local Settings\Application Data\Internet Saving Optimizer\3.7.0.4550\NP_20090831-212542.093.log (Adware.DoubleD) -> No action taken.
C:\Documents and Settings\nathan libert\Local Settings\Application Data\Internet Saving Optimizer\3.7.0.4550\NP_20090831-213753.281.log (Adware.DoubleD) -> No action taken.
C:\Documents and Settings\nathan libert\Local Settings\Application Data\Internet Saving Optimizer\3.7.0.4550\rstatus.md (Adware.DoubleD) -> No action taken.
C:\Documents and Settings\nathan libert\Local Settings\Application Data\Media Access Startup\1.5.6.910\config.md (Adware.DoubleD) -> No action taken.
C:\Documents and Settings\nathan libert\Local Settings\Application Data\Media Access Startup\1.5.6.910\HJHP_20090829-125446.265.log (Adware.DoubleD) -> No action taken.
C:\Documents and Settings\nathan libert\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\CurrentVersion.xml (Adware.DoubleD) -> No action taken.
C:\Documents and Settings\nathan libert\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\ExtractZipFile.zip (Adware.DoubleD) -> No action taken.
C:\Documents and Settings\nathan libert\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\icon.ico (Adware.DoubleD) -> No action taken.
C:\Documents and Settings\nathan libert\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\productinfo.dll (Adware.DoubleD) -> No action taken.
C:\Documents and Settings\nathan libert\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\Setup.exe (Adware.DoubleD) -> No action taken.
C:\Documents and Settings\nathan libert\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\tdf.dat (Adware.DoubleD) -> No action taken.
C:\Documents and Settings\nathan libert\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\Data\ProductInfo.mx (Adware.DoubleD) -> No action taken.
C:\Documents and Settings\nathan libert\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Cache\01c9eb2893468d1fba80553d2b75bd30.gif (Adware.DoubleD) -> No action taken.
C:\Documents and Settings\nathan libert\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Cache\867b44b1158783875052f103c3a2f11a.gif (Adware.DoubleD) -> No action taken.
C:\Documents and Settings\nathan libert\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Cache\bc83ac54dd36e7479704363c8fbd7e43.gif (Adware.DoubleD) -> No action taken.
C:\Documents and Settings\nathan libert\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Cache\c14631dd1d688aa0ae8e9c9dd396c653.gif (Adware.DoubleD) -> No action taken.
C:\Documents and Settings\nathan libert\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Cache\default1.dat (Adware.DoubleD) -> No action taken.
C:\Documents and Settings\nathan libert\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Cache\loading.dat (Adware.DoubleD) -> No action taken.
C:\Documents and Settings\nathan libert\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Cache\loading.gif (Adware.DoubleD) -> No action taken.
C:\Documents and Settings\nathan libert\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Data\Module_DailyVideo.mx (Adware.DoubleD) -> No action taken.
C:\Documents and Settings\nathan libert\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Data\Module_Game.mx (Adware.DoubleD) -> No action taken.
C:\Documents and Settings\nathan libert\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Data\Module_Logo.mx (Adware.DoubleD) -> No action taken.
C:\Documents and Settings\nathan libert\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Data\Module_Option.mx (Adware.DoubleD) -> No action taken.
C:\Documents and Settings\nathan libert\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Data\Module_Search.mx (Adware.DoubleD) -> No action taken.
C:\Documents and Settings\nathan libert\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Data\Module_Smiley_Config.mx (Adware.DoubleD) -> No action taken.
C:\Documents and Settings\nathan libert\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Data\Module_Smiley_TellAFriend.mx (Adware.DoubleD) -> No action taken.
C:\Documents and Settings\nathan libert\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Data\Module_Wallpaper.mx (Adware.DoubleD) -> No action taken.
C:\Documents and Settings\nathan libert\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Data\Module_Web.mx (Adware.DoubleD) -> No action taken.
C:\Documents and Settings\nathan libert\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Data\pixel.mx (Adware.DoubleD) -> No action taken.
C:\Documents and Settings\nathan libert\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Data\ProductInfo.mx (Adware.DoubleD) -> No action taken.
C:\Documents and Settings\nathan libert\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Data\profile.mx (Adware.DoubleD) -> No action taken.
C:\Documents and Settings\nathan libert\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Data\SearchEngineList.mx (Adware.DoubleD) -> No action taken.
C:\Documents and Settings\nathan libert\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Data\tbcore.mx (Adware.DoubleD) -> No action taken.
C:\Documents and Settings\nathan libert\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Data\ToolbarLayout.mx (Adware.DoubleD) -> No action taken.
C:\Documents and Settings\nathan libert\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Data\UpdateCentre.mx (Adware.DoubleD) -> No action taken.
C:\Documents and Settings\nathan libert\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Data\UpdateCentreBk.mx (Adware.DoubleD) -> No action taken.
C:\Documents and Settings\nathan libert\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Data\URLDynamic.mx (Adware.DoubleD) -> No action taken.
C:\Documents and Settings\nathan libert\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Data\URLStatic.mx (Adware.DoubleD) -> No action taken.
C:\Documents and Settings\nathan libert\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Icons\About.mg (Adware.DoubleD) -> No action taken.
C:\Documents and Settings\nathan libert\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Icons\Component_ComboBox.mg (Adware.DoubleD) -> No action taken.
C:\Documents and Settings\nathan libert\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Icons\Module_DailyVideo.mg (Adware.DoubleD) -> No action taken.
C:\Documents and Settings\nathan libert\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Icons\Module_Game.mg (Adware.DoubleD) -> No action taken.
C:\Documents and Settings\nathan libert\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Icons\Module_Logo.mg (Adware.DoubleD) -> No action taken.
C:\Documents and Settings\nathan libert\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Icons\Module_Option.mg (Adware.DoubleD) -> No action taken.
C:\Documents and Settings\nathan libert\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Icons\Module_Search.mg (Adware.DoubleD) -> No action taken.
C:\Documents and Settings\nathan libert\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Icons\Module_Smiley.mg (Adware.DoubleD) -> No action taken.
C:\Documents and Settings\nathan libert\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Icons\Module_Wallpaper.mg (Adware.DoubleD) -> No action taken.
C:\Documents and Settings\nathan libert\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Icons\Module_Web.mg (Adware.DoubleD) -> No action taken.
C:\Documents and Settings\nathan libert\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Icons\TBBtnDefault.png (Adware.DoubleD) -> No action taken.
C:\Documents and Settings\nathan libert\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Icons\TBBtnDisplay.bmp (Adware.DoubleD) -> No action taken.
C:\Documents and Settings\nathan libert\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Icons\TBBtnDisplay.png (Adware.DoubleD) -> No action taken.
C:\Documents and Settings\nathan libert\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Icons\TBBtnDisplay18.bmp (Adware.DoubleD) -> No action taken.
C:\Documents and Settings\nathan libert\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Icons\TBBtnDisplay20.bmp (Adware.DoubleD) -> No action taken.
C:\Documents and Settings\nathan libert\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Icons\TBBtnGlitters.bmp (Adware.DoubleD) -> No action taken.
C:\Documents and Settings\nathan libert\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Icons\TBBtnGlitters.png (Adware.DoubleD) -> No action taken.
C:\Documents and Settings\nathan libert\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Icons\TBBtnGlitters18.bmp (Adware.DoubleD) -> No action taken.
C:\Documents and Settings\nathan libert\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Icons\TBBtnGlitters20.bmp (Adware.DoubleD) -> No action taken.
C:\Documents and Settings\nathan libert\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Icons\TBBtnOption.png (Adware.DoubleD) -> No action taken.
C:\Documents and Settings\nathan libert\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Icons\TBBtnSmiley.bmp (Adware.DoubleD) -> No action taken.
C:\Documents and Settings\nathan libert\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Icons\TBBtnSmiley.png (Adware.DoubleD) -> No action taken.
C:\Documents and Settings\nathan libert\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Icons\TBBtnSmiley18.bmp (Adware.DoubleD) -> No action taken.
C:\Documents and Settings\nathan libert\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Icons\TBBtnSmiley20.bmp (Adware.DoubleD) -> No action taken.
C:\Documents and Settings\nathan libert\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Icons\TBBtnTellFd.bmp (Adware.DoubleD) -> No action taken.
C:\Documents and Settings\nathan libert\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Icons\TBBtnTellFd.png (Adware.DoubleD) -> No action taken.
C:\Documents and Settings\nathan libert\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Icons\TBBtnTellFd18.bmp (Adware.DoubleD) -> No action taken.
C:\Documents and Settings\nathan libert\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Icons\TBBtnTellFd20.bmp (Adware.DoubleD) -> No action taken.
C:\Documents and Settings\nathan libert\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Icons\TBBtnWink.bmp (Adware.DoubleD) -> No action taken.
C:\Documents and Settings\nathan libert\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Icons\TBBtnWink.png (Adware.DoubleD) -> No action taken.
C:\Documents and Settings\nathan libert\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Icons\TBBtnWink18.bmp (Adware.DoubleD) -> No action taken.
C:\Documents and Settings\nathan libert\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Icons\TBBtnWink20.bmp (Adware.DoubleD) -> No action taken.
C:\Documents and Settings\nathan libert\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Skins\myskin1.skf (Adware.DoubleD) -> No action taken.
C:\Documents and Settings\nathan libert\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Skins\myskin2.skf (Adware.DoubleD) -> No action taken.
C:\Documents and Settings\nathan libert\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Skins\myskin3.skf (Adware.DoubleD) -> No action taken.
C:\Documents and Settings\nathan libert\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Skins\myskin4.skf (Adware.DoubleD) -> No action taken.
C:\Documents and Settings\nathan libert\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Skins\TellafriendSkin.skf (Adware.DoubleD) -> No action taken.
C:\Documents and Settings\nathan libert\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Skins\TellafriendSkin_s.skf (Adware.DoubleD) -> No action taken.
C:\Documents and Settings\nathan libert\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Skins\ToastSkin.skf (Adware.DoubleD) -> No action taken.




voilà ce que malware à trouvé,je vais esseillé de me dépatouiller avec ça.

 Ajouter un commentaire
Ajouter un commentaire
Réponse
+0
moins plus
piyi 53Messages postés 6 janvier 2009Date d'inscription 16 avril 2012Dernière intervention 27 janv. 2010 à 22:26
j'ai envie de pleurer,j'ai tout suprimé et j'ai toujours pas de son,c'est bon je vais me coucher,j'en ai trop mare.

 Ajouter un commentaire
Ajouter un commentaire
Réponse
+0
moins plus
piyi 53Messages postés 6 janvier 2009Date d'inscription 16 avril 2012Dernière intervention 28 janv. 2010 à 12:54
C:\System Volume Information\_restore{CC82CBDC-DF61-4B78-84D3-C43A60C72CBD}\R­P155\A0019943.exe -> Dialer.Agent.z : Nettoyé et sauvegardé (mise en quarantaine).

slt

pour virer ca:

désactive la restauration système pour purger les virus qui seraient dedans puis réactive là (dans DEMARRER puis TOUS LES PROGRAMMES puis ACCESSOIRE puis OUTILS SYSTEME puis RESTAURATION SYSTEME puis paramètre

______________

ensuite pour voir si il reste rien:


Colle le rapport :
Clean permettra de faire du nettoyage et supprimer des fichiers que des anti-virus et anti-spywares n'ont pas pu trouver. Le logiciel est régulièrement mis à jour, vous devrez donc le re-téléchargé pour obtenir une version plus récente.

· Téléchargez clean.zip, décompressez-le sur votre bureau (clic droit / extraire tout), vous obtenez alors un dossier clean
· Démarrez Windows en mode sans échec : Guide pour redémarrer en mode sans échec
· Ouvrez le dossier clean qui se trouve sur ton bureau, et double-cliquez sur clean.cmd, une fenêtre noire va apparaître pendant un instant, laissez la ouverte jusqu'à ce qu'elle se ferme.

http://kerio.probb.fr/tuto-Clean-h37.html

______________


colle le rapport d'un scan en ligne
avec un des suivants:


bitdefender en ligne :
http://www.bitdefender.fr/scan_fr/scan8/ie.html

scan en ligne firefox

http://fr.trendmicro-europe.com/consumer/housecall/housecall_launch.php

Panda en ligne :
http://www.pandasoftware.fr/Activescan/Activescan.html


________________




si ca persiste

colle un rapport hijackthis
http://www.01net.com/telecharger/windows/Securite/anti-spyware/fiches/29061.html


manuel :

http://leblogdeclaude.blogspot.com/2006/10/informatique-section-hijackthis.html


Je conseille de renomer Hijackthis, pour contrer une éventuelle infection de Vundo.

ex:Renomme le fichier HijackThis.exe en eden.exe pour cela, fais un clic droit sur le fichier HijackThis.exe et choisis renommer dans la liste

Ensuite avec Explorer créer un dossier c:\hijackthis
Décompresser Hijackthis dans ce dossier.
C'est important pour les sauvegardes."




bon je vais esseiller çà,sa à l'air d'etre le meme probleme que le mien.

 Ajouter un commentaire
Ajouter un commentaire
Réponse
+0
moins plus
dédétraqué 4432Messages postés 5 septembre 2008Date d'inscription 23 mai 2012Dernière intervention 28 janv. 2010 à 13:17
Salut piyi


On va vérifier cela, télécharge RSIT (de random/random) sur le bureau ici :
http://images.malwareremoval.com/random/RSIT.exe

- Double clique sur RSIT.exe qui est sur le bureau
- Clique sur Continue dans la fenêtre
- RSIT téléchargera HijackThis si il n’est pas présent où détecté, alors il faudra accepter la licence
- Poste le contenue des deux rapports, log.txt et info.txt(réduit dans la barre des tâches) à la fin de l’analyse

Les rapports sont dans le dossier ici C:\rsit

Je vérifie ton rapport après le boulot ce soir, bonne journée


@++ :)

 Ajouter un commentaire
piyi- 28 janv. 2010 à 13:57
Logfile of random's system information tool 1.06 (written by random/random)
Run by MDNL at 2010-01-28 13:56:31
Microsoft Windows XP Édition familiale Service Pack 3
System drive C: has 5 GB (20%) free of 25 GB
Total RAM: 1023 MB (46% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 13:56:42, on 28/01/2010
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\AlwilSoftware-AvastHomeEdition\aswUpdSv.exe
C:\AlwilSoftware-AvastHomeEdition\ashServ.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\Logi_MwX.Exe
C:\ALWILS~1\ashDisp.exe
C:\Maxtor\msssort.exe
C:\Program Files\Analog Devices\SoundMAX\smax4.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\PROGRA~1\WinTV\EPG Services\System\EPGService.exe
C:\Program Files\Fichiers communs\EPSON\EBAPI\SAgent2.exe
C:\Program Files\Analog Devices\Core\smax4pnp.exe
C:\TomTom-Home\TomTom HOME 2\TomTomHOMERunner.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
C:\Program Files\Veoh Networks\Veoh\VeohClient.exe
C:\Program Files\Windows Media Player\WMPNSCFG.exe
C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
C:\WINDOWS\system32\svchost.exe
C:\TomTom-Home\TomTom HOME 2\TomTomHOMEService.exe
C:\Program Files\WinTV\Ir.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe
C:\AlwilSoftware-AvastHomeEdition\ashMaiSv.exe
C:\AlwilSoftware-AvastHomeEdition\ashWebSv.exe
C:\Program Files\Fichiers communs\EPSON\EBAPI\EBRR.EXE
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Documents and Settings\MDNL\Bureau\RSIT.exe
C:\Documents and Settings\MDNL\Bureau\MDNL.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = 127.0.0.1
O2 - BHO: Aide à la navigation SFR - {0F6E720A-1A6B-40E1-A294-1D4D19F156C8} - C:\Program Files\SFR\Kit\SFRNavErrorHelper.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O4 - HKLM\..\Run: [Logitech Utility] Logi_MwX.Exe
O4 - HKLM\..\Run: [Tweak UI] RUNDLL32.EXE TWEAKUI.CPL,TweakMeUp
O4 - HKLM\..\Run: [avast!] C:\ALWILS~1\ashDisp.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [EPGServiceTool] C:\PROGRA~1\WinTV\EPG Services\System\EPGClient.exe
O4 - HKLM\..\Run: [mssSort] C:\Maxtor\msssort.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [Sony Ericsson PC Suite] "C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe" /startoptions
O4 - HKLM\..\Run: [SoundMax] "C:\Program Files\Analog Devices\SoundMAX\smax4.exe" /tray
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\ADOBE-AcrobatReader\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Fichiers communs\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe
O4 - HKCU\..\Run: [TomTomHOME.exe] "C:\TomTom-Home\TomTom HOME 2\TomTomHOMERunner.exe"
O4 - HKCU\..\Run: [Veoh] "C:\Program Files\Veoh Networks\Veoh\VeohClient.exe" /VeohHide
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: AutoStart IR.lnk = C:\Program Files\WinTV\Ir.exe
O4 - Global Startup: EPSON Status Monitor 3 Environment Check.lnk = C:\WINDOWS\system32\spool\drivers\w32x86\3\E_SRCV03.EXE
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {05CA9FB0-3E3E-4B36-BF41-0E3A5CAA8CD8} (Office Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=58813
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {1E3F1348-4370-4BBE-A67A-CC7ED824CA85} (Microsoft Genuine Advantage Self Support Tool) - http://go.microsoft.com/fwlink/?LinkId=82580
O16 - DPF: {5C051655-FCD5-4969-9182-770EA5AA5565} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown.cab56986.cab
O16 - DPF: {5D637FAD-E202-48D1-8F18-5B9C459BD1E3} (Image Uploader Control) - http://copainsdavant.linternaute.com/...
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/...
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/...
O16 - DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} (Facebook Photo Uploader 5 Control) - http://upload.facebook.com/controls/2009.07.28_v5.5.8.1/FacebookPhotoUploader55.cab
O16 - DPF: {952F9A71-131A-11D5-8404-00500445A7D0} (ActiveMiniplug Class) - https://xlnet.xlairways.fr/AppStar/mplugax.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O23 - Service: Adobe LM Service - Unknown owner - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\AlwilSoftware-AvastHomeEdition\aswUpdSv.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\AlwilSoftware-AvastHomeEdition\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\AlwilSoftware-AvastHomeEdition\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\AlwilSoftware-AvastHomeEdition\ashWebSv.exe
O23 - Service: EPGService - Hauppauge Computer Works - C:\PROGRA~1\WinTV\EPG Services\System\EPGService.exe
O23 - Service: EPSON Printer Status Agent2 (EPSONStatusAgent2) - SEIKO EPSON CORPORATION - C:\Program Files\Fichiers communs\EPSON\EBAPI\SAgent2.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: TomTomHOMEService - TomTom - C:\TomTom-Home\TomTom HOME 2\TomTomHOMEService.exe
Ajouter un commentaire
Réponse
+0
moins plus
piyi 53Messages postés 6 janvier 2009Date d'inscription 16 avril 2012Dernière intervention 28 janv. 2010 à 13:55
à zut clean zip marche plus...

 Ajouter un commentaire
Ajouter un commentaire
Réponse
+0
moins plus
piyi 53Messages postés 6 janvier 2009Date d'inscription 16 avril 2012Dernière intervention 28 janv. 2010 à 14:11
ha merci c'est trop cool,parceque ça fait une semaine que j'y suis et je m'en sort pas.
je vais y geter un coup d'oeuil voir si ça me parle...

 Ajouter un commentaire
Ajouter un commentaire
Réponse
+0
moins plus
piyi 53Messages postés 6 janvier 2009Date d'inscription 16 avril 2012Dernière intervention 28 janv. 2010 à 15:18
alors, les trucs que je ne savait pas ce que c'était:
saeport(meme si apparement des fois ça pose probleme,j'ai pas l'imprétion que moi ça me concerne)?...
Mrendiss:NDIS protocol service (donc je garde)...
RTK audio service,déjà ça ça m'a l'air plus suspect,je vais approfondire.
04-HKLM...run:[NVcpl Daemon]Rudll32.exe. ça à l'air normal.
Nv media center:pilote de nvidia ok
nwiz.exe,ça aussi c'est en rapport avec nvidia.
mss Sort:utile pour maxtor(microsoft) donc pas de soucis.
CTFMON.exe(alternative user imput services)utile pour office xp...

donc voilà je cherche vers RTK audio service.
merci encore ça m'aide bien,si tu vois autres choses de suspect...
en attendant j'esseille d'avancer.

 Ajouter un commentaire
Ajouter un commentaire
Réponse
+0
moins plus
piyi 53Messages postés 6 janvier 2009Date d'inscription 16 avril 2012Dernière intervention 28 janv. 2010 à 15:22
ah bas non RTK c'est realtek,ça peut pas etre ça...

 Ajouter un commentaire
Ajouter un commentaire
Réponse
+0
moins plus
piyi 53Messages postés 6 janvier 2009Date d'inscription 16 avril 2012Dernière intervention 28 janv. 2010 à 20:32
j'ai effacé realtek et nvidia car c'etait respectivement mon ancien driver son et mon ancienne carte graphique,et j'avais retelechargé realtek penssant au début que c t un probleme de driver,mais en fait c'est impossible,vu que j'ai du son sur windows media player,j'avoue aujourd'hui je me suis moin creusé la téte ,je m'éssoufle....
si on me donne des trucs à faire je le ferai.
c'est pas super urgent mais je voudrai juste pouvoir reregarder ma télé avec le son,au pire je rebooterai le pc,mais franchement en derniere option.
j'ai penssé à faire une restauration de systém,mais comme le probleme date d'avant le changement de ma carte graphique,et que je dois désactiver la carte son incluse de la carte graphique pour pas qu'elle soit en confrontation avec mon autre carte son, en gros ça me saoul.
enfin si j'ai d'autres options.
comme ça fait une semaine que j'y suis j'aurai fait un reboot,j'aurai déjà résolu mon probleme....pfff.
à oui je retrouve plus le cd d'instale de cette fameuse carte son.

 Ajouter un commentaire
Ajouter un commentaire
Réponse
+0
moins plus
piyi 53Messages postés 6 janvier 2009Date d'inscription 16 avril 2012Dernière intervention 3 févr. 2010 à 17:27
de désespoir,je suis allée à surcouf, j'explique mon probleme, le technicien branche mon ordi, tout marche, le son sur internet, tout...
je rentre chez moi désespérée,en me disant que mon probleme n'etait pas réglé, je reconecte tout, je fait un essai internet ça marche, je fait un essai télé, ça marche???!!!

donc le probleme est résolu, j'aimerai bien donner une solution, mais apart le mot miracle....je vois pas????
peut etre avait il besoin d'une balade...non vraiment je vois pas...

enfin merci à tout ceux qui m'ont aider.

 Ajouter un commentaire
Ajouter un commentaire
Posez votre question
Ce document intitulé « virus win32:malware-gen probleme de son. » issu de CommentCaMarche (www.commentcamarche.net) est mis à disposition sous les termes de la licence Creative Commons. Vous pouvez copier, modifier des copies de cette page, dans les conditions fixées par la licence, tant que cette note apparaît clairement.
Dossier à la une
Passage au tout numérique : quel coût pour les particuliers ?