Posez votre question Forum Virus/Sécurité

Ils ont besoin de votre aide

00:04 Question Urgente : Camtasia 5 (Windows)
00:04 ouverture et fermeture xp (Windows)
00:04 alert (Linux/Unix)
00:02 Ordinateur infecté (Virus/Sécurité)
21/08 Cherche titre et artiste de chanson (Audio numérique)
21/08 Avis aux plus grands.. merci (Virus/Sécurité)

Statut : Non résolu

Virus trojan

Ludivinne77, le mercredi 13 décembre 2006 à 15:43:30

Bonjour depuis quelque jour j'ai un trojan qui s'est installer avast me le détecte je le supprime mais le lendemain il est toujours la, j'ai utiliser Aquared, spybot, adware, avast mais rien n'y fait le prob est toujours là j'ai utliser hijackthis voivi ce qu'il me donne Please aidez moi
Logfile of HijackThis v1.99.1
Scan saved at 23:07:03, on 12/12/2006
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\ZONELABS\vsmon.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\System32\drivers\CDAC11BA.EXE
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\InstallHardware.exe
C:\Program Files\Thomson\SpeedTouch USB\Dragdiag.exe
C:\Program Files\Monitor.exe
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIACE.EXE
C:\WINDOWS\System32\drivers32.exe
C:\Program Files\QuickTime\qttask.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\WINDOWS\System32\MSDHCP32.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Java\jre1.5.0_09\bin\jusched.exe
C:\WINDOWS\System32\MSEXECP32.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\WINDOWS\System32\ctfmon.exe
C:\Program Files\Fichiers communs\Ahead\lib\NMBgMonitor.exe
C:\Program Files\Multimedia Keyboard Driver\PS2USBKbdDrv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\explorer.exe
C:\WINDOWS\system32\ntvdm.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\ludivinne \Bureau\hijackthis_hijackthis_1.99.1_anglais_17891.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.be/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = about:blank
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.fr.msn.be/
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: (no name) - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - (no file)
O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: (no name) - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - (no file)
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O4 - HKLM\..\Run: [SiSUSBRG] C:\WINDOWS\SiSUSBrg.exe
O4 - HKLM\..\Run: [InstallHardware] C:\WINDOWS\System32\InstallHardware.exe
O4 - HKLM\..\Run: [SpeedTouch USB Diagnostics] "C:\Program Files\Thomson\SpeedTouch USB\Dragdiag.exe" /icon
O4 - HKLM\..\Run: [Ulead AutoDetector] C:\Program Files\Monitor.exe
O4 - HKLM\..\Run: [EPSON Stylus DX3800 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIACE.EXE /P26 "EPSON Stylus DX3800 Series" /O6 "USB001" /M "Stylus DX3800"
O4 - HKLM\..\Run: [system_service] drivers32.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\System32\NeroCheck.exe
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [MS Dynamic Host Configuration Protocol] MSDHCP32.exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.5.0_09\bin\jusched.exe"
O4 - HKLM\..\Run: [MS Windows Executor Process] MSEXECP32.exe
O4 - HKLM\..\Run: [Zone Labs Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKLM\..\Run: [WireLessKeyboard] C:\Program Files\Multimedia Keyboard Driver\StartAutorun.exe PS2USBKbdDrv.exe
O4 - HKLM\..\RunServices: [system_service] drivers32.exe
O4 - HKLM\..\RunServices: [MS Dynamic Host Configuration Protocol] MSDHCP32.exe
O4 - HKLM\..\RunServices: [MS Windows Executor Process] MSEXECP32.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\ctfmon.exe
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Fichiers communs\Ahead\lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [MS Dynamic Host Configuration Protocol] MSDHCP32.exe
O4 - HKCU\..\Run: [AnyDVD] C:\Program Files\SlySoft\AnyDVD\AnyDVD.exe
O4 - HKCU\..\Run: [MS Windows Executor Process] MSEXECP32.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: Ouvrir dans un nouvel onglet d'arrière-plan - res://C:\Program Files\Windows Live Toolbar\Components\fr-be\msntabres.dll.mui/229?dde4b7b736134c50bf92b6f104ed8e83
O8 - Extra context menu item: Ouvrir dans un nouvel onglet de premier plan - res://C:\Program Files\Windows Live Toolbar\Components\fr-be\msntabres.dll.mui/230?dde4b7b736134c50bf92b6f104ed8e83
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll
O9 - Extra button: Unibet Fr Poker - {1DAA624F-A7AB-4b31-97A4-67205FF6963C} - C:\Program Files\mrbookmakerfrMPP\MPPoker.exe (file missing)
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra button: (no name) - {FB5F1910-F110-11d2-BB9E-00C04F795683} - (no file)
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - (no file)
O12 - Plugin for .mp3: C:\PROGRA~1\INTERN~1\PLUGINS\npqtplugin4.dll
O14 - IERESET.INF: START_PAGE_URL=http://www.google.fr/
O15 - ProtocolDefaults: 'http' protocol is in My Computer Zone, should be Internet Zone
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {1754A1BA-A1DF-4F10-B199-AA55AA1A120F} (InstallerBehaviorFactory Class) - https://signup.msn.com/pages/MsnInstC.cab
O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab31267.cab
O16 - DPF: {2D2BEE6E-3C9A-4D58-B9EC-458EDB28D0F6} - http://www.drivecleaner.com/.freeware/installdrivecleanerstart.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://by12fd.bay12.hotmail.msn.com/resources/MsnPUpld.cab
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.bitdefender.fr/scan8/oscan8.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/...
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/...
O16 - DPF: {7B297BFD-85E4-4092-B2AF-16A91B2EA103} (WScanCtl Class) - http://www.virustraq.com/img/scan_virus/webscan.cab
O16 - DPF: {80DD2229-B8E4-4C77-B72F-F22972D723EA} (AvxScanOnline Control) - http://www.inoculer.com/antivirus/Msie/bitdefender.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab
O16 - DPF: {A0D8CBD7-1223-4A64-B603-D6680A055A08} - https://secured.payvisionservices.com/DownloadManager/FRSActiveX.ocx
O16 - DPF: {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} (Zylom Games Player) - http://game11.zylom.com/activex/zylomgamesplayer.cab
O16 - DPF: {C4925E65-7A1E-11D2-8BB4-00A0C9CC72C3} - http://a532.g.akamai.net/...
O16 - DPF: {CE69F98F-2AF3-4306-BAC6-A79070EDA1B4} (Zylom Loader Object) - http://eu.download.games.yahoo.com/zylom/activex/zylomloader.cab
O16 - DPF: {E1342154-4889-42B5-BEF6-19237577048F} (OberongamesLoader Object) - http://www.gamenext.fr/online2/zuma/oberongamesloader.cab
O16 - DPF: {E23FABEE-12E3-33DA-DA12-195DAC123984} (GameDesire Mahjong) - http://67.15.101.3/g_bin/eng/mahjong_2_0_0_24.cab
O16 - DPF: {E68718BB-5451-4F6F-B8B8-41B4AB672747} (IgbInstall Class) - http://www.internetgamebox.com/content/AxInst.cab
O16 - DPF: {EF148DBB-5B6D-4130-B2A1-661571E86260} (Playtime Games Launcher) - http://www.bigfishgames.com/online/mahjongescapeancie/PTGameLauncher.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{B056C4F9-60E1-4183-8B37-27E463CA295D}: NameServer = 195.238.2.22 195.238.2.21
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: Boonty Games - BOONTY - C:\Program Files\Fichiers communs\BOONTY Shared\Service\Boonty.exe
O23 - Service: C-DillaCdaC11BA - Macrovision - C:\WINDOWS\System32\drivers\CDAC11BA.EXE
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZONELABS\vsmon.exe

Configuration: Windows XP
Firefox 2.0

Répondre à Ludivinne77 Signaler ce message aux modérateurs Aller au dernier message

Ce message vous semble utile, votez !
Signaler ce message aux modérateurs

salwa5, le mercredi 13 décembre 2006 à 16:15:25

bonjour ouvre hijack coche ces lignes puis clic sur fix checked

O2 - BHO: (no name) - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - (no file)
O3 - Toolbar: (no name) - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - (no file)

O4 - HKLM\..\Run: [system_service] drivers32.exe
O4 - HKLM\..\Run: [MS Dynamic Host Configuration Protocol] MSDHCP32.exe
O4 - HKLM\..\Run: [MS Windows Executor Process] MSEXECP32.exe
O4 - HKLM\..\RunServices: [system_service] drivers32.exe
O4 - HKLM\..\RunServices: [MS Dynamic Host Configuration Protocol] MSDHCP32.exe
O4 - HKLM\..\RunServices: [MS Windows Executor Process] MSEXECP32.exe
O4 - HKCU\..\Run: [MS Dynamic Host Configuration Protocol] MSDHCP32.exe
O4 - HKCU\..\Run: [MS Windows Executor Process] MSEXECP32.exe

O9 - Extra button: Unibet Fr Poker - {1DAA624F-A7AB-4b31-97A4-67205FF6963C} - C:\Program Files\mrbookmakerfrMPP\MPPoker.exe (file missing)
O9 - Extra button: (no name) - {FB5F1910-F110-11d2-BB9E-00C04F795683} - (no file)
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - (no file)
O15 - ProtocolDefaults: 'http' protocol is in My Computer Zone, should be Internet Zone Méchant
O16 - DPF: {2D2BEE6E-3C9A-4D58-B9EC-458EDB28D0F6} - http://www.drivecleaner.com/.freeware/installdrivecleanerstart.cab
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/...
O16 - DPF: {C4925E65-7A1E-11D2-8BB4-00A0C9CC72C3} - http://a532.g.akamai.net/...

O16 - DPF: {E1342154-4889-42B5-BEF6-19237577048F} (OberongamesLoader Object) - http://www.gamenext.fr/online2/zuma/oberongamesloader.cab
O16 - DPF: {E23FABEE-12E3-33DA-DA12-195DAC123984} (GameDesire Mahjong) - http://67.15.101.3/g_bin/eng/mahjong_2_0_0_24.cab
O16 - DPF: {E68718BB-5451-4F6F-B8B8-41B4AB672747} (IgbInstall Class) - http://www.internetgamebox.com/content/AxInst.cab
O16 - DPF: {EF148DBB-5B6D-4130-B2A1-661571E86260} (Playtime Games Launcher) - http://www.bigfishgames.com/online/mahjongescapeancie/PTGameLauncher.cab

redemare en mode sans echec (redemarrage + tapotte sans arret sur F8 desque l'ordi s'allume)

cherches et supprime les fichiers en gras :

C:\WINDOWS\System32\drivers32.exe
C:\WINDOWS\System32\MSDHCP32.exe

redemare en mode normal telecharge et execute

AVG anti spyware
http://www.01net.com/...

Copier/coller le rapport entier sur le forum. (n'oublie pas de le mettre a jour avant de lancer le scan)
NB suis les instruction du tutoriel
http://www.malekal.com/tutorial_AVG_AntiSpyware.html
http://www.kachouri.com/tuto/tuto-161-avg-anti-spyware-75-pour-votre-securite.html

a+++

Répondre à salwa5

Ce message vous semble utile, votez !
Signaler ce message aux modérateurs

Ludivinne77, le mercredi 13 décembre 2006 à 16:35:11

je n'ai pas trouver le fichier drivers32.exe

Répondre à Ludivinne77

Ce message vous semble utile, votez !
Signaler ce message aux modérateurs

salwa5, le mercredi 13 décembre 2006 à 16:53:25

pas grave continue les manip ensuite remet un log hijack

a+++

Répondre à salwa5

Ce message vous semble utile, votez !
Signaler ce message aux modérateurs

Ludivinne77, le mercredi 13 décembre 2006 à 17:29:45

Voici le rapport AVG

--------
AVG Anti-Spyware - Rapport d'analyse
---------------------------------------------------------

+ Créé à: 17:26:12 13/12/2006

+ Résultat de l'analyse:

C:\System Volume Information\_restore{E67D62F9-54F0-4E44-9159-C4D2E2B85C29}\RP71\A0015466.exe -> Adware.Altnet : Ignoré.
HKU\S-1-5-21-1757981266-651377827-839522115-1003\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{8B6DA27E-7F64-4694-8F8F-DC87AB8C6B22} -> Adware.LinkMaker : Ignoré.
HKLM\SYSTEM\ControlSet003\Enum\PCI\VEN_1039&DEV_7001&SUBSYS_0C54105B&REV_0F\3&61aaa01&0&1A\\Service -> Adware.SaveNow : Ignoré.
C:\WINDOWS\system32\ofyxxmns.exe -> Adware.Searchcolor : Ignoré.
C:\WINDOWS\system32\MSEXECP32.exe -> Backdoor.Rbot : Ignoré.
C:\winsc23.exe -> Backdoor.Rbot : Ignoré.
C:\System Volume Information\_restore{5B72DCBE-4B2D-49C3-B11E-511BE5F711B5}\RP464\A0297950.exe -> Backdoor.Rbot.aeu : Ignoré.
C:\WINDOWS\system32\__delete_on_reboot__d_r_i_v_e_r_s_3_2_._e_x_e_ -> Backdoor.Rbot.aeu : Ignoré.
C:\Recycled\Dc600.exe -> Backdoor.Rbot.bhf : Ignoré.
C:\Documents and Settings\ludivinne letens\Mes documents\Mes fichiers PSP\Filtre\simple_filtre.zip/simple_filtre/Acces Immediat.ex -> Dialer.Agent.a : Ignoré.
C:\WINDOWS\Downloaded Program Files\CONFLICT.1\USDR6V_0001_D18M3107NetInstaller.exe -> Not-A-Virus.Downloader.Win32.WinFixer.l : Ignoré.
C:\WINDOWS\Downloaded Program Files\CONFLICT.2\USDR6V_0001_D18M3107NetInstaller.exe -> Not-A-Virus.Downloader.Win32.WinFixer.l : Ignoré.
C:\WINDOWS\Downloaded Program Files\CONFLICT.3\USDR6V_0001_D18M3107NetInstaller.exe -> Not-A-Virus.Downloader.Win32.WinFixer.l : Ignoré.
C:\WINDOWS\Downloaded Program Files\CONFLICT.4\USDR6V_0001_D18M3107NetInstaller.exe -> Not-A-Virus.Downloader.Win32.WinFixer.l : Ignoré.
C:\WINDOWS\Downloaded Program Files\USDR6V_0001_D18M3107NetInstaller.exe -> Not-A-Virus.Downloader.Win32.WinFixer.l : Ignoré.
C:\WINDOWS\Downloaded Program Files\CONFLICT.10\UDC6_0001_D19M1908NetInstaller.exe -> Not-A-Virus.Downloader.Win32.WinFixer.m : Ignoré.
C:\WINDOWS\Downloaded Program Files\CONFLICT.1\UDC6_0001_D18M1108NetInstaller.exe -> Not-A-Virus.Downloader.Win32.WinFixer.m : Ignoré.
C:\WINDOWS\Downloaded Program Files\CONFLICT.1\UDC6_0001_D19M1908NetInstaller.exe -> Not-A-Virus.Downloader.Win32.WinFixer.m : Ignoré.
C:\WINDOWS\Downloaded Program Files\CONFLICT.2\UDC6_0001_D18M1108NetInstaller.exe -> Not-A-Virus.Downloader.Win32.WinFixer.m : Ignoré.
C:\WINDOWS\Downloaded Program Files\CONFLICT.2\UDC6_0001_D19M1908NetInstaller.exe -> Not-A-Virus.Downloader.Win32.WinFixer.m : Ignoré.
C:\WINDOWS\Downloaded Program Files\CONFLICT.3\UDC6_0001_D18M1108NetInstaller.exe -> Not-A-Virus.Downloader.Win32.WinFixer.m : Ignoré.
C:\WINDOWS\Downloaded Program Files\CONFLICT.3\UDC6_0001_D19M1908NetInstaller.exe -> Not-A-Virus.Downloader.Win32.WinFixer.m : Ignoré.
C:\WINDOWS\Downloaded Program Files\CONFLICT.5\UDC6_0001_D19M1908NetInstaller.exe -> Not-A-Virus.Downloader.Win32.WinFixer.m : Ignoré.
C:\WINDOWS\Downloaded Program Files\CONFLICT.6\UDC6_0001_D19M1908NetInstaller.exe -> Not-A-Virus.Downloader.Win32.WinFixer.m : Ignoré.
C:\WINDOWS\Downloaded Program Files\CONFLICT.7\UDC6_0001_D19M1908NetInstaller.exe -> Not-A-Virus.Downloader.Win32.WinFixer.m : Ignoré.
C:\WINDOWS\Downloaded Program Files\CONFLICT.8\UDC6_0001_D19M1908NetInstaller.exe -> Not-A-Virus.Downloader.Win32.WinFixer.m : Ignoré.
C:\WINDOWS\Downloaded Program Files\CONFLICT.9\UDC6_0001_D19M1908NetInstaller.exe -> Not-A-Virus.Downloader.Win32.WinFixer.m : Ignoré.
C:\WINDOWS\Downloaded Program Files\UDC6_0001_D18M1108NetInstaller.exe -> Not-A-Virus.Downloader.Win32.WinFixer.m : Ignoré.
C:\WINDOWS\Downloaded Program Files\UDC6_0001_D19M1908NetInstaller.exe -> Not-A-Virus.Downloader.Win32.WinFixer.m : Ignoré.
:mozilla.11:C:\Documents and Settings\ludivinne letens\Application Data\Mozilla\Firefox\Profiles\7edtmdbn.default\cookies.txt -> TrackingCookie.247realmedia : Ignoré.
:mozilla.13:C:\Documents and Settings\ludivinne letens\Application Data\Mozilla\Firefox\Profiles\7edtmdbn.default\cookies.txt -> TrackingCookie.247realmedia : Ignoré.
:mozilla.14:C:\Documents and Settings\ludivinne letens\Application Data\Mozilla\Firefox\Profiles\7edtmdbn.default\cookies.txt -> TrackingCookie.247realmedia : Ignoré.
:mozilla.15:C:\Documents and Settings\ludivinne letens\Application Data\Mozilla\Firefox\Profiles\7edtmdbn.default\cookies.txt -> TrackingCookie.247realmedia : Ignoré.
:mozilla.16:C:\Documents and Settings\ludivinne letens\Application Data\Mozilla\Firefox\Profiles\7edtmdbn.default\cookies.txt -> TrackingCookie.247realmedia : Ignoré.
:mozilla.17:C:\Documents and Settings\ludivinne letens\Application Data\Mozilla\Firefox\Profiles\7edtmdbn.default\cookies.txt -> TrackingCookie.247realmedia : Ignoré.
:mozilla.18:C:\Documents and Settings\ludivinne letens\Application Data\Mozilla\Firefox\Profiles\7edtmdbn.default\cookies.txt -> TrackingCookie.247realmedia : Ignoré.
:mozilla.19:C:\Documents and Settings\ludivinne letens\Application Data\Mozilla\Firefox\Profiles\7edtmdbn.default\cookies.txt -> TrackingCookie.247realmedia : Ignoré.
:mozilla.20:C:\Documents and Settings\ludivinne letens\Application Data\Mozilla\Firefox\Profiles\7edtmdbn.default\cookies.txt -> TrackingCookie.247realmedia : Ignoré.
C:\Documents and Settings\ludivinne letens\Cookies\ludivinne letens@247realmedia[2].txt -> TrackingCookie.247realmedia : Ignoré.
:mozilla.136:C:\Documents and Settings\ludivinne letens\Application Data\Mozilla\Firefox\Profiles\7edtmdbn.default\cookies.txt -> TrackingCookie.2o7 : Ignoré.
:mozilla.204:C:\Documents and Settings\ludivinne letens\Application Data\Mozilla\Firefox\Profiles\7edtmdbn.default\cookies.txt -> TrackingCookie.2o7 : Ignoré.
:mozilla.294:C:\Documents and Settings\ludivinne letens\Application Data\Mozilla\Firefox\Profiles\7edtmdbn.default\cookies.txt -> TrackingCookie.Adbrite : Ignoré.
:mozilla.295:C:\Documents and Settings\ludivinne letens\Application Data\Mozilla\Firefox\Profiles\7edtmdbn.default\cookies.txt -> TrackingCookie.Adbrite : Ignoré.
:mozilla.73:C:\Documents and Settings\ludivinne letens\Application Data\Mozilla\Firefox\Profiles\7edtmdbn.default\cookies.txt -> TrackingCookie.Adtech : Ignoré.
:mozilla.74:C:\Documents and Settings\ludivinne letens\Application Data\Mozilla\Firefox\Profiles\7edtmdbn.default\cookies.txt -> TrackingCookie.Adtech : Ignoré.
:mozilla.250:C:\Documents and Settings\ludivinne letens\Application Data\Mozilla\Firefox\Profiles\7edtmdbn.default\cookies.txt -> TrackingCookie.Advertising : Ignoré.
:mozilla.37:C:\Documents and Settings\ludivinne letens\Application Data\Mozilla\Firefox\Profiles\7edtmdbn.default\cookies.txt -> TrackingCookie.Atdmt : Ignoré.
:mozilla.12:C:\Documents and Settings\ludivinne letens\Application Data\Mozilla\Firefox\Profiles\7edtmdbn.default\cookies.txt -> TrackingCookie.Bluestreak : Ignoré.
:mozilla.76:C:\Documents and Settings\ludivinne letens\Application Data\Mozilla\Firefox\Profiles\7edtmdbn.default\cookies.txt -> TrackingCookie.Casalemedia : Ignoré.
:mozilla.82:C:\Documents and Settings\ludivinne letens\Application Data\Mozilla\Firefox\Profiles\7edtmdbn.default\cookies.txt -> TrackingCookie.Casalemedia : Ignoré.
:mozilla.83:C:\Documents and Settings\ludivinne letens\Application Data\Mozilla\Firefox\Profiles\7edtmdbn.default\cookies.txt -> TrackingCookie.Casalemedia : Ignoré.
:mozilla.86:C:\Documents and Settings\ludivinne letens\Application Data\Mozilla\Firefox\Profiles\7edtmdbn.default\cookies.txt -> TrackingCookie.Casalemedia : Ignoré.
:mozilla.87:C:\Documents and Settings\ludivinne letens\Application Data\Mozilla\Firefox\Profiles\7edtmdbn.default\cookies.txt -> TrackingCookie.Casalemedia : Ignoré.
:mozilla.59:C:\Documents and Settings\ludivinne letens\Application Data\Mozilla\Firefox\Profiles\7edtmdbn.default\cookies.txt -> TrackingCookie.Comclick : Ignoré.
:mozilla.60:C:\Documents and Settings\ludivinne letens\Application Data\Mozilla\Firefox\Profiles\7edtmdbn.default\cookies.txt -> TrackingCookie.Comclick : Ignoré.
:mozilla.61:C:\Documents and Settings\ludivinne letens\Application Data\Mozilla\Firefox\Profiles\7edtmdbn.default\cookies.txt -> TrackingCookie.Comclick : Ignoré.
:mozilla.27:C:\Documents and Settings\ludivinne letens\Application Data\Mozilla\Firefox\Profiles\7edtmdbn.default\cookies.txt -> TrackingCookie.Doubleclick : Ignoré.
C:\Documents and Settings\ludivinne letens\Cookies\ludivinne letens@doubleclick[1].txt -> TrackingCookie.Doubleclick : Ignoré.
:mozilla.173:C:\Documents and Settings\ludivinne letens\Application Data\Mozilla\Firefox\Profiles\7edtmdbn.default\cookies.txt -> TrackingCookie.Esomniture : Ignoré.
:mozilla.269:C:\Documents and Settings\ludivinne letens\Application Data\Mozilla\Firefox\Profiles\7edtmdbn.default\cookies.txt -> TrackingCookie.Esomniture : Ignoré.
:mozilla.270:C:\Documents and Settings\ludivinne letens\Application Data\Mozilla\Firefox\Profiles\7edtmdbn.default\cookies.txt -> TrackingCookie.Esomniture : Ignoré.
:mozilla.219:C:\Documents and Settings\ludivinne letens\Application Data\Mozilla\Firefox\Profiles\7edtmdbn.default\cookies.txt -> TrackingCookie.Estat : Ignoré.
:mozilla.38:C:\Documents and Settings\ludivinne letens\Application Data\Mozilla\Firefox\Profiles\7edtmdbn.default\cookies.txt -> TrackingCookie.Falkag : Ignoré.
:mozilla.92:C:\Documents and Settings\ludivinne letens\Application Data\Mozilla\Firefox\Profiles\7edtmdbn.default\cookies.txt -> TrackingCookie.Fastclick : Ignoré.
:mozilla.93:C:\Documents and Settings\ludivinne letens\Application Data\Mozilla\Firefox\Profiles\7edtmdbn.default\cookies.txt -> TrackingCookie.Fastclick : Ignoré.
:mozilla.94:C:\Documents and Settings\ludivinne letens\Application Data\Mozilla\Firefox\Profiles\7edtmdbn.default\cookies.txt -> TrackingCookie.Fastclick : Ignoré.
:mozilla.95:C:\Documents and Settings\ludivinne letens\Application Data\Mozilla\Firefox\Profiles\7edtmdbn.default\cookies.txt -> TrackingCookie.Fastclick : Ignoré.
:mozilla.107:C:\Documents and Settings\ludivinne letens\Application Data\Mozilla\Firefox\Profiles\7edtmdbn.default\cookies.txt -> TrackingCookie.Googleadservices : Ignoré.
:mozilla.110:C:\Documents and Settings\ludivinne letens\Application Data\Mozilla\Firefox\Profiles\7edtmdbn.default\cookies.txt -> TrackingCookie.Googleadservices : Ignoré.
:mozilla.273:C:\Documents and Settings\ludivinne letens\Application Data\Mozilla\Firefox\Profiles\7edtmdbn.default\cookies.txt -> TrackingCookie.Hitbox : Ignoré.
:mozilla.274:C:\Documents and Settings\ludivinne letens\Application Data\Mozilla\Firefox\Profiles\7edtmdbn.default\cookies.txt -> TrackingCookie.Hitbox : Ignoré.
:mozilla.275:C:\Documents and Settings\ludivinne letens\Application Data\Mozilla\Firefox\Profiles\7edtmdbn.default\cookies.txt -> TrackingCookie.Hitbox : Ignoré.
:mozilla.131:C:\Documents and Settings\ludivinne letens\Application Data\Mozilla\Firefox\Profiles\7edtmdbn.default\cookies.txt -> TrackingCookie.Mediaplex : Ignoré.
:mozilla.213:C:\Documents and Settings\ludivinne letens\Application Data\Mozilla\Firefox\Profiles\7edtmdbn.default\cookies.txt -> TrackingCookie.Pointroll : Ignoré.
:mozilla.214:C:\Documents and Settings\ludivinne letens\Application Data\Mozilla\Firefox\Profiles\7edtmdbn.default\cookies.txt -> TrackingCookie.Pointroll : Ignoré.
:mozilla.215:C:\Documents and Settings\ludivinne letens\Application Data\Mozilla\Firefox\Profiles\7edtmdbn.default\cookies.txt -> TrackingCookie.Pointroll : Ignoré.
:mozilla.216:C:\Documents and Settings\ludivinne letens\Application Data\Mozilla\Firefox\Profiles\7edtmdbn.default\cookies.txt -> TrackingCookie.Pointroll : Ignoré.
:mozilla.48:C:\Documents and Settings\ludivinne letens\Application Data\Mozilla\Firefox\Profiles\7edtmdbn.default\cookies.txt -> TrackingCookie.Questionmarket : Ignoré.
:mozilla.49:C:\Documents and Settings\ludivinne letens\Application Data\Mozilla\Firefox\Profiles\7edtmdbn.default\cookies.txt -> TrackingCookie.Questionmarket : Ignoré.
:mozilla.50:C:\Documents and Settings\ludivinne letens\Application Data\Mozilla\Firefox\Profiles\7edtmdbn.default\cookies.txt -> TrackingCookie.Questionmarket : Ignoré.
:mozilla.51:C:\Documents and Settings\ludivinne letens\Application Data\Mozilla\Firefox\Profiles\7edtmdbn.default\cookies.txt -> TrackingCookie.Questionmarket : Ignoré.
:mozilla.30:C:\Documents and Settings\ludivinne letens\Application Data\Mozilla\Firefox\Profiles\7edtmdbn.default\cookies.txt -> TrackingCookie.Serving-sys : Ignoré.
:mozilla.31:C:\Documents and Settings\ludivinne letens\Application Data\Mozilla\Firefox\Profiles\7edtmdbn.default\cookies.txt -> TrackingCookie.Serving-sys : Ignoré.
:mozilla.32:C:\Documents and Settings\ludivinne letens\Application Data\Mozilla\Firefox\Profiles\7edtmdbn.default\cookies.txt -> TrackingCookie.Serving-sys : Ignoré.
:mozilla.33:C:\Documents and Settings\ludivinne letens\Application Data\Mozilla\Firefox\Profiles\7edtmdbn.default\cookies.txt -> TrackingCookie.Serving-sys : Ignoré.
:mozilla.34:C:\Documents and Settings\ludivinne letens\Application Data\Mozilla\Firefox\Profiles\7edtmdbn.default\cookies.txt -> TrackingCookie.Serving-sys : Ignoré.
:mozilla.35:C:\Documents and Settings\ludivinne letens\Application Data\Mozilla\Firefox\Profiles\7edtmdbn.default\cookies.txt -> TrackingCookie.Serving-sys : Ignoré.
:mozilla.159:C:\Documents and Settings\ludivinne letens\Application Data\Mozilla\Firefox\Profiles\7edtmdbn.default\cookies.txt -> TrackingCookie.Sitestat : Ignoré.
:mozilla.161:C:\Documents and Settings\ludivinne letens\Application Data\Mozilla\Firefox\Profiles\7edtmdbn.default\cookies.txt -> TrackingCookie.Sitestat : Ignoré.
:mozilla.21:C:\Documents and Settings\ludivinne letens\Application Data\Mozilla\Firefox\Profiles\7edtmdbn.default\cookies.txt -> TrackingCookie.Smartadserver : Ignoré.
:mozilla.22:C:\Documents and Settings\ludivinne letens\Application Data\Mozilla\Firefox\Profiles\7edtmdbn.default\cookies.txt -> TrackingCookie.Smartadserver : Ignoré.
:mozilla.23:C:\Documents and Settings\ludivinne letens\Application Data\Mozilla\Firefox\Profiles\7edtmdbn.default\cookies.txt -> TrackingCookie.Smartadserver : Ignoré.
:mozilla.69:C:\Documents and Settings\ludivinne letens\Application Data\Mozilla\Firefox\Profiles\7edtmdbn.default\cookies.txt -> TrackingCookie.Tradedoubler : Ignoré.
:mozilla.70:C:\Documents and Settings\ludivinne letens\Application Data\Mozilla\Firefox\Profiles\7edtmdbn.default\cookies.txt -> TrackingCookie.Tradedoubler : Ignoré.
:mozilla.71:C:\Documents and Settings\ludivinne letens\Application Data\Mozilla\Firefox\Profiles\7edtmdbn.default\cookies.txt -> TrackingCookie.Tradedoubler : Ignoré.
:mozilla.72:C:\Documents and Settings\ludivinne letens\Application Data\Mozilla\Firefox\Profiles\7edtmdbn.default\cookies.txt -> TrackingCookie.Tradedoubler : Ignoré.
:mozilla.24:C:\Documents and Settings\ludivinne letens\Application Data\Mozilla\Firefox\Profiles\7edtmdbn.default\cookies.txt -> TrackingCookie.Weborama : Ignoré.
:mozilla.26:C:\Documents and Settings\ludivinne letens\Application Data\Mozilla\Firefox\Profiles\7edtmdbn.default\cookies.txt -> TrackingCookie.Weborama : Ignoré.
:mozilla.75:C:\Documents and Settings\ludivinne letens\Application Data\Mozilla\Firefox\Profiles\7edtmdbn.default\cookies.txt -> TrackingCookie.Yieldmanager : Ignoré.
C:\System Volume Information\_restore{5B72DCBE-4B2D-49C3-B11E-511BE5F711B5}\RP462\A0297782.exe/D3.reg -> Trojan.LowZones.h : Ignoré.
C:\System Volume Information\_restore{5B72DCBE-4B2D-49C3-B11E-511BE5F711B5}\RP462\A0297782.exe/F2.reg -> Trojan.LowZones.h : Ignoré.
C:\System Volume Information\_restore{5B72DCBE-4B2D-49C3-B11E-511BE5F711B5}\RP462\A0297782.exe/G1.reg -> Trojan.LowZones.h : Ignoré.
C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\QZOP4J01\teller2[1].htm -> Trojan.Small : Ignoré.

Fin du rapport

et le rapport HIJACKTHIS

Scan saved at 17:27:56, on 13/12/2006
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\ZONELABS\vsmon.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\System32\InstallHardware.exe
C:\Program Files\Thomson\SpeedTouch USB\Dragdiag.exe
C:\WINDOWS\System32\drivers\CDAC11BA.EXE
C:\Program Files\Monitor.exe
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIACE.EXE
C:\WINDOWS\System32\svchost.exe
C:\Program Files\QuickTime\qttask.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Java\jre1.5.0_09\bin\jusched.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\WINDOWS\System32\ctfmon.exe
C:\Program Files\Fichiers communs\Ahead\lib\NMBgMonitor.exe
C:\Program Files\Multimedia Keyboard Driver\PS2USBKbdDrv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\Documents and Settings\ludivinne letens\Bureau\hijackthis_hijackthis_1.99.1_anglais_17891.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.be/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = about:blank
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.fr.msn.be/
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O4 - HKLM\..\Run: [SiSUSBRG] C:\WINDOWS\SiSUSBrg.exe
O4 - HKLM\..\Run: [InstallHardware] C:\WINDOWS\System32\InstallHardware.exe
O4 - HKLM\..\Run: [SpeedTouch USB Diagnostics] "C:\Program Files\Thomson\SpeedTouch USB\Dragdiag.exe" /icon
O4 - HKLM\..\Run: [Ulead AutoDetector] C:\Program Files\Monitor.exe
O4 - HKLM\..\Run: [EPSON Stylus DX3800 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIACE.EXE /P26 "EPSON Stylus DX3800 Series" /O6 "USB001" /M "Stylus DX3800"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\System32\NeroCheck.exe
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.5.0_09\bin\jusched.exe"
O4 - HKLM\..\Run: [Zone Labs Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKLM\..\Run: [WireLessKeyboard] C:\Program Files\Multimedia Keyboard Driver\StartAutorun.exe PS2USBKbdDrv.exe
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\ctfmon.exe
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Fichiers communs\Ahead\lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [AnyDVD] C:\Program Files\SlySoft\AnyDVD\AnyDVD.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: Ouvrir dans un nouvel onglet d'arrière-plan - res://C:\Program Files\Windows Live Toolbar\Components\fr-be\msntabres.dll.mui/229?dde4b7b736134c50bf92b6f104ed8e83
O8 - Extra context menu item: Ouvrir dans un nouvel onglet de premier plan - res://C:\Program Files\Windows Live Toolbar\Components\fr-be\msntabres.dll.mui/230?dde4b7b736134c50bf92b6f104ed8e83
O9 - Extra button: Unibet Fr Poker - {1DAA624F-A7AB-4b31-97A4-67205FF6963C} - C:\Program Files\mrbookmakerfrMPP\MPPoker.exe (file missing)
O9 - Extra button: (no name) - {FB5F1910-F110-11d2-BB9E-00C04F795683} - (no file)
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - (no file)
O12 - Plugin for .mp3: C:\PROGRA~1\INTERN~1\PLUGINS\npqtplugin4.dll
O14 - IERESET.INF: START_PAGE_URL=http://www.google.fr/
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://webscanner.kaspersky.fr/kavwebscan_unicode.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {1754A1BA-A1DF-4F10-B199-AA55AA1A120F} (InstallerBehaviorFactory Class) - https://signup.msn.com/pages/MsnInstC.cab
O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab31267.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://by12fd.bay12.hotmail.msn.com/resources/MsnPUpld.cab
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.bitdefender.fr/scan8/oscan8.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/...
O16 - DPF: {7B297BFD-85E4-4092-B2AF-16A91B2EA103} (WScanCtl Class) - http://www.virustraq.com/img/scan_virus/webscan.cab
O16 - DPF: {80DD2229-B8E4-4C77-B72F-F22972D723EA} (AvxScanOnline Control) - http://www.inoculer.com/antivirus/Msie/bitdefender.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab
O16 - DPF: {A0D8CBD7-1223-4A64-B603-D6680A055A08} - https://secured.payvisionservices.com/DownloadManager/FRSActiveX.ocx
O16 - DPF: {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} (Zylom Games Player) - http://game11.zylom.com/activex/zylomgamesplayer.cab
O16 - DPF: {CE69F98F-2AF3-4306-BAC6-A79070EDA1B4} (Zylom Loader Object) - http://eu.download.games.yahoo.com/zylom/activex/zylomloader.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{B056C4F9-60E1-4183-8B37-27E463CA295D}: NameServer = 195.238.2.22 195.238.2.21
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: Boonty Games - BOONTY - C:\Program Files\Fichiers communs\BOONTY Shared\Service\Boonty.exe
O23 - Service: C-DillaCdaC11BA - Macrovision - C:\WINDOWS\System32\drivers\CDAC11BA.EXE
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZONELABS\vsmon.exe

Répondre à Ludivinne77

Ce message vous semble utile, votez !
Signaler ce message aux modérateurs

salwa5, le mercredi 13 décembre 2006 à 17:41:03

ree pour avg fallais lire les tutorial que je t'ai donné

pour qu'il supprime ce qu'il a trouvé il faut aller dans paremetre , dans l'option comment reagir choisi sois qurantaine ou supprimé

ensuiite colle le resultat ici :)

a+++

Répondre à salwa5

Ce message vous semble utile, votez !
Signaler ce message aux modérateurs

Ludivinne77, le mercredi 13 décembre 2006 à 17:56:18

ok j'ai supprimé voila le rapport hijackthis

Logfile of HijackThis v1.99.1
Scan saved at 17:55:06, on 13/12/2006
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\ZONELABS\vsmon.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\System32\InstallHardware.exe
C:\Program Files\Thomson\SpeedTouch USB\Dragdiag.exe
C:\WINDOWS\System32\drivers\CDAC11BA.EXE
C:\Program Files\Monitor.exe
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIACE.EXE
C:\WINDOWS\System32\svchost.exe
C:\Program Files\QuickTime\qttask.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Java\jre1.5.0_09\bin\jusched.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\WINDOWS\System32\ctfmon.exe
C:\Program Files\Fichiers communs\Ahead\lib\NMBgMonitor.exe
C:\Program Files\Multimedia Keyboard Driver\PS2USBKbdDrv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\Documents and Settings\ludivinne letens\Bureau\hijackthis_hijackthis_1.99.1_anglais_17891.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.be/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = about:blank
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.fr.msn.be/
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O4 - HKLM\..\Run: [SiSUSBRG] C:\WINDOWS\SiSUSBrg.exe
O4 - HKLM\..\Run: [InstallHardware] C:\WINDOWS\System32\InstallHardware.exe
O4 - HKLM\..\Run: [SpeedTouch USB Diagnostics] "C:\Program Files\Thomson\SpeedTouch USB\Dragdiag.exe" /icon
O4 - HKLM\..\Run: [Ulead AutoDetector] C:\Program Files\Monitor.exe
O4 - HKLM\..\Run: [EPSON Stylus DX3800 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIACE.EXE /P26 "EPSON Stylus DX3800 Series" /O6 "USB001" /M "Stylus DX3800"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\System32\NeroCheck.exe
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.5.0_09\bin\jusched.exe"
O4 - HKLM\..\Run: [Zone Labs Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKLM\..\Run: [WireLessKeyboard] C:\Program Files\Multimedia Keyboard Driver\StartAutorun.exe PS2USBKbdDrv.exe
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\ctfmon.exe
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Fichiers communs\Ahead\lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [AnyDVD] C:\Program Files\SlySoft\AnyDVD\AnyDVD.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: Ouvrir dans un nouvel onglet d'arrière-plan - res://C:\Program Files\Windows Live Toolbar\Components\fr-be\msntabres.dll.mui/229?dde4b7b736134c50bf92b6f104ed8e83
O8 - Extra context menu item: Ouvrir dans un nouvel onglet de premier plan - res://C:\Program Files\Windows Live Toolbar\Components\fr-be\msntabres.dll.mui/230?dde4b7b736134c50bf92b6f104ed8e83
O9 - Extra button: Unibet Fr Poker - {1DAA624F-A7AB-4b31-97A4-67205FF6963C} - C:\Program Files\mrbookmakerfrMPP\MPPoker.exe (file missing)
O9 - Extra button: (no name) - {FB5F1910-F110-11d2-BB9E-00C04F795683} - (no file)
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - (no file)
O12 - Plugin for .mp3: C:\PROGRA~1\INTERN~1\PLUGINS\npqtplugin4.dll
O14 - IERESET.INF: START_PAGE_URL=http://www.google.fr/
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://webscanner.kaspersky.fr/kavwebscan_unicode.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {1754A1BA-A1DF-4F10-B199-AA55AA1A120F} (InstallerBehaviorFactory Class) - https://signup.msn.com/pages/MsnInstC.cab
O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab31267.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://by12fd.bay12.hotmail.msn.com/resources/MsnPUpld.cab
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.bitdefender.fr/scan8/oscan8.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/...
O16 - DPF: {7B297BFD-85E4-4092-B2AF-16A91B2EA103} (WScanCtl Class) - http://www.virustraq.com/img/scan_virus/webscan.cab
O16 - DPF: {80DD2229-B8E4-4C77-B72F-F22972D723EA} (AvxScanOnline Control) - http://www.inoculer.com/antivirus/Msie/bitdefender.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab
O16 - DPF: {A0D8CBD7-1223-4A64-B603-D6680A055A08} - https://secured.payvisionservices.com/DownloadManager/FRSActiveX.ocx
O16 - DPF: {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} (Zylom Games Player) - http://game11.zylom.com/activex/zylomgamesplayer.cab
O16 - DPF: {CE69F98F-2AF3-4306-BAC6-A79070EDA1B4} (Zylom Loader Object) - http://eu.download.games.yahoo.com/zylom/activex/zylomloader.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{B056C4F9-60E1-4183-8B37-27E463CA295D}: NameServer = 195.238.2.22 195.238.2.21
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: Boonty Games - BOONTY - C:\Program Files\Fichiers communs\BOONTY Shared\Service\Boonty.exe
O23 - Service: C-DillaCdaC11BA - Macrovision - C:\WINDOWS\System32\drivers\CDAC11BA.EXE
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZONELABS\vsmon.exe

Répondre à Ludivinne77

Ce message vous semble utile, votez !
Signaler ce message aux modérateurs

salwa5, le mercredi 13 décembre 2006 à 18:00:00

rebonsoir ton log a l'air propre esque avast te signal toujour la presence du virus ?? si il le faut redemare pour voir si le virus revien

a+

Répondre à salwa5

Ce message vous semble utile, votez !
Signaler ce message aux modérateurs

Ludivinne77, le mercredi 13 décembre 2006 à 18:02:27

non tout va bien il ne le détecte pas , ok merci beaucoup pour ton aide A++++++++++ BiZ et en cas on ne se verait plus Je te souhaite un Joyeux noël et une très bonne année BIZZZZZZZZZZZZZZZZZ

Répondre à Ludivinne77

Ce message vous semble utile, votez !
Signaler ce message aux modérateurs

salwa5, le mercredi 13 décembre 2006 à 18:05:20

de rien :) j'espere qu'il est bien parti , si il revien n'hesite pas a revenir :p

a++

Répondre à salwa5

Posez votre question Répondre

[virus] Trojan impossible a supprimer (Résolu) Virus: Trojan.Vundo.b (Résolu) Comment se debarasser d un virus trojan? (Résolu) Comment détruire un virus trojan (Résolu)

Trucs & astuces pertinents trouvés dans la base de connaissances

03/08 12h08	Virus et Malwares ... Le truc pour les éliminer	Virus
03/06 16h22	Se prémunir des virus et autres saletés ?? pas si compliqué :-)	Sécurité
10/02 03h08	Trojan, comment ça marche ?	Sécurité/Piratage
11/06 03h59	Tous les scans en ligne anti-virus gratuitement	Sécurité
24/06 18h34	Supprimer le trojan Vundo/Virtumonde	Spywares

Plus d'astuces sur « virus et trojan »

Discussions pertinentes trouvées dans le forum

08/08 16h36	VISTA VIRUS TROJAN + PRB PROFIL UTILISATEUR	31
06/08 15h22	Virus trojan.zlob.cds	13
05/08 15h41	VIRUS Trojan.Win32.Monder.czg	5
03/08 23h29	Virus trojan system32 windows XP	10
02/08 20h06	Virus/trojan besoin aide svp	24

Plus de discussions sur « virus et trojan »

Logiciels pertinents trouvés dans les téléchargements

	avast! Virus Cleaner - Tout le monde connaît l' antivirus gratuit Avast . Son éditeur propose avast! Virus Cleaner, un nettoyeur de virus...	Catégorie: Antivirus Licence: Freeware/gratuit
	ZipRepar - Qui n'est jamais tombé sur une archive zip corrompue. ZipRepar permet de réparer la plupart des archives Zip corrompues ou...	Catégorie: Compression/Décompression Licence: Freeware/gratuit
	Trojan Remover - Spécialement conçu pour éliminer les trojans (aussi appelés troyens ou chevaux de Troie ) ainsi que les intrus de type ...	Catégorie: Anti-Spyware Licence: Demo
	Avast! 4 Familial - Avast! 4 Home Edition est un antivirus complet prévu pour les utilisateurs personnels et un usage non commercial. Le...	Catégorie: Antivirus Licence: Freeware/gratuit

Plus de logiciels gratuits sur « virus et trojan »

Produits relatifs

	Virus	Catégorie: Jeu vidéo PC
	Virus	Catégorie: Jeu Playstation

Plus de produits sur « virus et trojan »