plagnard

bonjour tout le monde, j'ai été infecté ce soir pas le cheval de troie suivant: win32:small-IKZ Pouriez-vous m'aider svp

voila je crois que c'est ca! Logfile of HijackThis v1.99.1 Scan saved at 23:31:45, on 27/10/2007 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16544) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe C:\Program Files\Alwil Software\Avast4\ashServ.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Acer\Acer eConsole\MediaServerService.exe C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe C:\WINDOWS\system32\nvsvc32.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe C:\WINDOWS\RTHDCPL.EXE C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe C:\Program Files\QuickTime\qttask.exe C:\WINDOWS\system32\RUNDLL32.EXE C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe C:\Program Files\Alwil Software\Avast4\ashWebSv.exe C:\Program Files\Acer\Acer eConsole\MediaSync.exe C:\WINDOWS\system32\LVCOMSX.EXE C:\Program Files\Logitech\Video\LogiTray.exe C:\Acer\Empowering Technology\eRecovery\Monitor.exe C:\Program Files\BroadJump\Client Foundation\CFD.exe C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe C:\Program Files\Acer\Acer eMode Management\AspireService.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.0\Apps\apdproxy.exe C:\Program Files\DAEMON Tools\daemon.exe C:\Program Files\Logitech\Video\FxSvr2.exe C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BackWeb-8876480.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Java\jre1.6.0_02\bin\jucheck.exe C:\Program Files\eMule\emule.exe C:\Program Files\PC Connectivity Solution\ServiceLayer.exe C:\Program Files\hijackThis\scanner.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://recherche.neuf.fr/ie/default.html R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://recherche.neuf.fr/ R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://home.neuf.fr/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://recherche.neuf.fr/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://recherche.neuf.fr/ie/default.html R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://patrick.kolla.de/spybotsd.html R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Internet Explorer avec Club-Internet R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - c:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file) O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O4 - HKLM\..\Run: [Workflow] E:\install\Workflow.exe O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe" O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe" O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [ntiMUI] c:\Program Files\NewTech Infosystems\NTI CD & DVD-Maker 7\ntiMUI.exe O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC O4 - HKLM\..\Run: [MediaSync] C:\Program Files\Acer\Acer eConsole\MediaSync.exe O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe O4 - HKLM\..\Run: [LaunchApp] Alaunch O4 - HKLM\..\Run: [iMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32 O4 - HKLM\..\Run: [High Definition Audio Property Page Shortcut] HDAShCut.exe O4 - HKLM\..\Run: [eRecoveryService] C:\Acer\Empowering Technology\eRecovery\Monitor.exe O4 - HKLM\..\Run: [bJCFD] C:\Program Files\BroadJump\Client Foundation\CFD.exe O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe O4 - HKLM\..\Run: [AspireService] C:\Program Files\Acer\Acer eMode Management\AspireService.exe O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.0\Apps\apdproxy.exe" O4 - HKLM\..\Run: [DAEMON Tools] "C:\Program Files\DAEMON Tools\daemon.exe" -lang 1033 O4 - HKLM\..\Run: [] "C:\Program Files\" O4 - HKCU\..\Run: [LogitechSoftwareUpdate] "C:\Program Files\Logitech\Video\ManifestEngine.exe" boot O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BackWeb-8876480.exe O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing) O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing) O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O11 - Options group: [iNTERNATIONAL] International* O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://tomgrub.spaces.live.com//PhotoUpload/MsnPUpld.cab O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} (Windows Live Safety Center Base Module) - http://cdn.scan.safety.live.com/resource/d...wlscbase969.cab O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/2005111...all/xscan53.cab O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll O23 - Service: Acer Media Server - Acer Inc. - C:\Program Files\Acer\Acer eConsole\MediaServerService.exe O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing) O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing) O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe

Bonjour tout le monde, j'ai un petit problème, quand j'allume mon ordi le dossier programme files s'affiche!!* Que se passe t-il? que dois-je faire? Merci de votre aide

bon et bien le nouveau scan ne trouve rien et le fichier est toujours en quarantaine, ce doit être bon, merci de ton aide.

ok je vais refaire un scan pour voir si tout va bien...

Le voici: Logfile of HijackThis v1.99.1 Scan saved at 23:18:00, on 08/04/2007 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16414) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Acer\Acer eConsole\MediaServerService.exe C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe C:\Program Files\Alwil Software\Avast4\ashServ.exe C:\Program Files\Java\jre1.5.0_11\bin\jusched.exe C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe C:\Program Files\QuickTime\qttask.exe C:\WINDOWS\system32\RUNDLL32.EXE C:\WINDOWS\system32\nvsvc32.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Acer\Acer eConsole\MediaSync.exe C:\WINDOWS\system32\LVCOMSX.EXE C:\Program Files\Logitech\Video\LogiTray.exe C:\Acer\Empowering Technology\eRecovery\Monitor.exe C:\Program Files\BroadJump\Client Foundation\CFD.exe C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe C:\Program Files\Acer\Acer eMode Management\AspireService.exe C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.0\Apps\apdproxy.exe C:\Program Files\DAEMON Tools\daemon.exe C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe C:\Program Files\MSN Messenger\MsnMsgr.Exe C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BackWeb-8876480.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Logitech\Video\FxSvr2.exe C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe C:\Program Files\Alwil Software\Avast4\ashWebSv.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\wuauclt.exe C:\Program Files\MSN Messenger\usnsvc.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Lavasoft\Ad-Aware SE Personal\Ad-Aware.exe C:\Program Files\WinRAR\WinRAR.exe C:\DOCUME~1\Tom\LOCALS~1\Temp\Rar$EX02.094\scanner.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.club-internet.fr/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://patrick.kolla.de/spybotsd.html R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Internet Explorer avec Club-Internet R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - c:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_11\bin\ssv.dll O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file) O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O4 - HKLM\..\Run: [Workflow] E:\install\Workflow.exe O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre1.5.0_11\bin\jusched.exe" O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe" O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [ntiMUI] c:\Program Files\NewTech Infosystems\NTI CD & DVD-Maker 7\ntiMUI.exe O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC O4 - HKLM\..\Run: [MediaSync] C:\Program Files\Acer\Acer eConsole\MediaSync.exe O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe O4 - HKLM\..\Run: [LaunchApp] Alaunch O4 - HKLM\..\Run: [iMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32 O4 - HKLM\..\Run: [High Definition Audio Property Page Shortcut] HDAShCut.exe O4 - HKLM\..\Run: [eRecoveryService] C:\Acer\Empowering Technology\eRecovery\Monitor.exe O4 - HKLM\..\Run: [bJCFD] C:\Program Files\BroadJump\Client Foundation\CFD.exe O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe O4 - HKLM\..\Run: [AspireService] C:\Program Files\Acer\Acer eMode Management\AspireService.exe O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.0\Apps\apdproxy.exe" O4 - HKLM\..\Run: [DAEMON Tools] "C:\Program Files\DAEMON Tools\daemon.exe" -lang 1033 O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background O4 - HKCU\..\Run: [LogitechSoftwareUpdate] "C:\Program Files\Logitech\Video\ManifestEngine.exe" boot O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BackWeb-8876480.exe O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_11\bin\ssv.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_11\bin\ssv.dll O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing) O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing) O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O11 - Options group: [iNTERNATIONAL] International* O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://tomgrub.spaces.live.com//PhotoUpload/MsnPUpld.cab O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} (Windows Live Safety Center Base Module) - http://cdn.scan.safety.live.com/resource/d...wlscbase969.cab O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/2005111...all/xscan53.cab O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab O17 - HKLM\System\CCS\Services\Tcpip\..\{E6165DD4-C5FC-470A-A685-5D9535A5A207}: NameServer = 194.117.200.10,194.117.200.15 O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll O23 - Service: Acer Media Server - Acer Inc. - C:\Program Files\Acer\Acer eConsole\MediaServerService.exe O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashServ.exe O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing) O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing) O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe

dans c:/system volume information/_restore{787DC6C3-51B9-452C-97E3-A31D31627396}/RP113/A0021796.exe

Bonjour à tous, je reviens auprès de vous car j'ai fait à l'instant une analyse avec AVG anti-spyware et voici le résultat qu'il m'a donné: Worm.luder.a avec noté risque élevé, Que dois-je faire svp? Je vous remercie de votre aide

Et bien merci beaucoup de ton aide, juste tu sais ce que c'est ce trojan? qu'est-ce qu'il fait?

et voici le rapport: C:\WINDOWS\System32/drivers\sptd.sys -->30/01/2007 22:06:05 C:\WINDOWS\System32/drivers\aswRdr.sys -->15/01/2007 19:26:08 C:\WINDOWS\System32/drivers\aswTdi.sys -->15/01/2007 19:25:24 C:\WINDOWS\System32/drivers\aswmon.sys -->21/12/2006 01:56:13 C:\WINDOWS\System32/drivers\aswmon2.sys -->21/12/2006 01:56:00 C:\WINDOWS\System32/drivers\aavmker4.sys -->21/12/2006 01:51:58 C:\WINDOWS\System32/drivers\fidbox2.idx -->18/10/2006 22:40:12 C:\WINDOWS\System32\LVCOMSX.LOG -->02/04/2007 20:07:49 C:\WINDOWS\System32\eRLog.ini -->02/04/2007 20:07:47 C:\WINDOWS\System32\nvapps.xml -->02/04/2007 20:07:17 C:\WINDOWS\System32\wpa.dbl -->02/04/2007 20:07:09 C:\WINDOWS\System32\PerfStringBackup.INI -->25/03/2007 03:47:15 C:\WINDOWS\System32\perfh00C.dat -->25/03/2007 03:47:15 C:\WINDOWS\System32\perfh009.dat -->25/03/2007 03:47:15 C:\WINDOWS\System32\perfc00C.dat -->25/03/2007 03:47:15 C:\WINDOWS\System32\perfc009.dat -->25/03/2007 03:47:15 C:\WINDOWS\System32\MRT.exe -->07/03/2007 22:36:32 C:\WINDOWS\System32\jupdate-1.5.0_11-b03.log -->24/02/2007 18:22:25 C:\WINDOWS\System32\TZLog.log -->17/02/2007 16:50:58 C:\WINDOWS\System32\tzchange.exe -->29/01/2007 10:58:06 C:\WINDOWS\System32\hhctrl.ocx -->23/01/2007 21:31:20 C:\WINDOWS\System32\CONFIG.NT -->23/01/2007 13:29:21 C:\WINDOWS\System32\sirenacm.dll -->19/01/2007 13:53:04 C:\WINDOWS\System32\aswBoot.exe -->15/01/2007 19:32:07 C:\WINDOWS\System32\AVASTSS.scr -->15/01/2007 19:23:20 C:\WINDOWS\System32\wininet.dll -->12/01/2007 10:27:42 C:\WINDOWS\System32\webcheck.dll -->12/01/2007 10:27:42 C:\WINDOWS\System32\urlmon.dll -->12/01/2007 10:27:42 C:\WINDOWS\System32\mstime.dll -->12/01/2007 10:27:42 C:\WINDOWS\System32\mshtmled.dll -->12/01/2007 10:27:42 C:\WINDOWS\System32\mshtml.dll -->12/01/2007 10:27:42 C:\WINDOWS\System32\msfeedsbs.dll -->12/01/2007 10:27:42 C:\WINDOWS.log -->02/04/2007 20:07:02 C:\WINDOWS\WindowsUpdate.log -->02/04/2007 20:06:30 C:\WINDOWS\wiadebug.log -->02/04/2007 20:06:30 C:\WINDOWS\wiaservc.log -->02/04/2007 20:06:27 C:\WINDOWS\bootstat.dat -->02/04/2007 20:06:04 C:\WINDOWS\SchedLgU.Txt -->02/04/2007 19:05:45 C:\WINDOWS\WgaNotify.log -->29/03/2007 13:19:56 C:\WINDOWS\setupapi.log -->29/03/2007 13:19:49 C:\WINDOWS\wmsetup.log -->26/03/2007 14:58:37 C:\WINDOWS\tsoc.log -->15/03/2007 12:27:36 C:\WINDOWS\ocmsn.log -->15/03/2007 12:27:36 C:\WINDOWS\ocgen.log -->15/03/2007 12:27:36 C:\WINDOWS\ntdtcsetup.log -->15/03/2007 12:27:36 C:\WINDOWS\msgsocm.log -->15/03/2007 12:27:36 C:\WINDOWS\KB929338.log -->15/03/2007 12:27:36 C:\WINDOWS\Alaunch.exe |23/06/2005 18:36:20 C:\WINDOWS\Alcmtr.exe |03/05/2005 19:43:28 C:\WINDOWS\alcwzrd.exe |21/09/2005 16:32:56 C:\WINDOWS\AMOVE.EXE |24/05/2002 17:34:46 C:\WINDOWS\APANEL.EXE |31/05/2002 15:24:48 C:\WINDOWS\bw6uinst.exe |26/02/2007 23:37:31 C:\WINDOWS\bwUnin-6.1.4.68-8876480L.exe |25/07/2006 20:32:08 C:\WINDOWS\IsUn040c.exe |02/07/2006 23:17:31 C:\WINDOWS\IsUninst.exe |18/07/2006 14:13:33 C:\WINDOWS\MicCal.exe |07/09/2005 11:40:20 C:\WINDOWS\PATCH.EXE |16/10/2006 10:51:29 C:\WINDOWS\PLAY32.EXE |26/08/1996 03:12:00 C:\WINDOWS\QT32INST.EXE |26/08/1996 03:12:00 C:\WINDOWS\QTW32DEL.EXE |26/08/1996 03:12:00 C:\WINDOWS\RTHDCPL.exe |22/09/2005 14:36:20 C:\WINDOWS\RTLCPL.exe |21/09/2005 16:23:42 C:\WINDOWS\RtlUpd.exe |21/09/2005 17:29:08 C:\WINDOWS\runtsckl.exe |02/11/2005 18:07:12 C:\WINDOWS\SoundMan.exe |21/09/2005 11:24:02 C:\WINDOWS\tsc.exe |16/10/2006 10:52:02 C:\WINDOWS\twunk_16.exe |05/08/2004 07:00:00 C:\WINDOWS\twunk_32.exe |05/08/2004 07:00:00 C:\WINDOWS\unvise32qt.exe |07/07/2006 21:00:43 C:\WINDOWS\VIEW32.EXE |26/08/1996 03:12:00 C:\WINDOWS\AuHCcup1.dll |23/07/1999 10:53:20 C:\WINDOWS\BPMNT.dll |16/10/2006 10:52:01 C:\WINDOWS\hcextoutput.dll |16/10/2006 10:52:02 C:\WINDOWS\loadhttp.dll |15/10/2002 14:29:40 C:\WINDOWS\patchw32.dll |14/12/2001 13:34:46 C:\WINDOWS\PCDLIB32.DLL |29/06/2006 20:18:30 C:\WINDOWS\RtlExUpd.dll |16/04/2005 23:20:00 C:\WINDOWS\TMUPDATE.DLL |16/10/2006 10:51:30 C:\WINDOWS\twain.dll |05/08/2004 07:00:00 C:\WINDOWS\twain_32.dll |05/08/2004 07:00:00 C:\WINDOWS\UNZIP.DLL |16/10/2006 10:51:29 C:\WINDOWS\vsapi32.dll |16/10/2006 10:52:02 C:\WINDOWS\system32\append.exe |05/08/2004 07:00:00 C:\WINDOWS\system32\aswBoot.exe |01/10/2006 14:03:28 C:\WINDOWS\system32\ati2evxx.exe |15/04/2005 03:09:32 C:\WINDOWS\system32\Ati2mdxx.exe |15/04/2005 03:10:48 C:\WINDOWS\system32\ChCfg.exe |15/07/2005 17:48:46 C:\WINDOWS\system32\CNMCP50.exe |17/07/2006 18:40:57 C:\WINDOWS\system32\debug.exe |05/08/2004 07:00:00 C:\WINDOWS\system32\dosx.exe |05/08/2004 07:00:00 C:\WINDOWS\system32\dvdplay.exe |05/08/2004 07:00:00 C:\WINDOWS\system32\edlin.exe |05/08/2004 07:00:00 C:\WINDOWS\system32\exe2bin.exe |05/08/2004 07:00:00 C:\WINDOWS\system32\fastopen.exe |05/08/2004 07:00:00 C:\WINDOWS\system32\GkSui20.EXE |02/11/2006 00:47:33 C:\WINDOWS\system32\HdAShCut.exe |07/01/2005 18:07:16 C:\WINDOWS\system32\InstMed.exe |25/07/2006 20:33:44 C:\WINDOWS\system32\java.exe |24/02/2007 18:22:25 C:\WINDOWS\system32\javaw.exe |24/02/2007 18:22:25 C:\WINDOWS\system32\javaws.exe |24/02/2007 18:22:25 C:\WINDOWS\system32\keystone.exe |02/08/2005 18:35:00 C:\WINDOWS\system32\LVCOMSX.EXE |21/05/2004 19:11:22 C:\WINDOWS\system32\mem.exe |05/08/2004 07:00:00 C:\WINDOWS\system32\mscdexnt.exe |05/08/2004 07:00:00 C:\WINDOWS\system32\nlsfunc.exe |05/08/2004 07:00:00 C:\WINDOWS\system32\nvappbar.exe |02/08/2005 18:35:00 C:\WINDOWS\system32\nvcolor.exe |02/08/2005 18:35:00 C:\WINDOWS\system32\nvdspsch.exe |02/08/2005 18:35:00 C:\WINDOWS\system32\nvsvc32.exe |02/08/2005 18:35:00 C:\WINDOWS\system32\nvudisp.exe |29/06/2006 20:01:09 C:\WINDOWS\system32\nwiz.exe |02/08/2005 18:35:00 C:\WINDOWS\system32\pxhpinst.exe |29/06/2006 23:27:12 C:\WINDOWS\system32\redir.exe |05/08/2004 07:00:00 C:\WINDOWS\system32\setver.exe |05/08/2004 07:00:00 C:\WINDOWS\system32\share.exe |05/08/2004 07:00:00 C:\WINDOWS\system32\Uninstall_eRecovery.exe |26/09/2005 17:40:32 C:\WINDOWS\system32\usrmlnka.exe |05/08/2004 07:00:00 C:\WINDOWS\system32\usrprbda.exe |05/08/2004 07:00:00 C:\WINDOWS\system32\usrshuta.exe |05/08/2004 07:00:00 C:\WINDOWS\system32\3ivx.dll |20/07/2006 15:45:24 C:\WINDOWS\system32\3ivxVfWCodec.dll |20/07/2006 15:45:24 C:\WINDOWS\system32\amstream.dll |05/08/2004 07:00:00 C:\WINDOWS\system32\ati2cqag.dll |15/04/2005 02:40:40 C:\WINDOWS\system32\ati2dvag.dll |15/04/2005 03:15:16 C:\WINDOWS\system32\ati2edxx.dll |15/04/2005 03:10:44 C:\WINDOWS\system32\ati2evxx.dll |15/04/2005 03:10:36 C:\WINDOWS\system32\ati3duag.dll |15/04/2005 03:02:20 C:\WINDOWS\system32\ATIDDC.DLL |15/04/2005 03:09:10 C:\WINDOWS\system32\ATIDEMGR.dll |15/04/2005 05:10:46 C:\WINDOWS\system32\atiiiexx.dll |15/04/2005 05:39:52 C:\WINDOWS\system32\atikvmag.dll |15/04/2005 02:46:02 C:\WINDOWS\system32\atioglx1.dll |15/04/2005 04:33:30 C:\WINDOWS\system32\atioglxx.dll |15/04/2005 03:29:58 C:\WINDOWS\system32\atipdlxx.dll |15/04/2005 03:11:04 C:\WINDOWS\system32\atitvo32.dll |15/04/2005 02:45:22 C:\WINDOWS\system32\ativcoxx.dll |09/11/2001 16:01:04 C:\WINDOWS\system32\ativvaxx.dll |15/04/2005 02:56:22 C:\WINDOWS\system32\atmfd.dll |05/08/2004 07:00:00 C:\WINDOWS\system32\atmlib.dll |05/08/2004 07:00:00 C:\WINDOWS\system32\BJBase_2-2-2_DDR.dll |18/07/2006 14:13:42 C:\WINDOWS\system32\CMGR32.DLL |26/08/1996 03:12:00 C:\WINDOWS\system32\CNMLM50.DLL |17/07/2006 18:41:01 C:\WINDOWS\system32\CNMVS50.DLL |17/07/2006 18:41:01 C:\WINDOWS\system32\compatUI.dll |05/08/2004 07:00:00 C:\WINDOWS\system32\cpuinf32.dll |08/07/2006 12:47:03 C:\WINDOWS\system32\crun500.dll |02/11/2006 15:24:52 C:\WINDOWS\system32\dgrpsetu.dll |05/08/2004 07:00:00 C:\WINDOWS\system32\dgsetup.dll |05/08/2004 07:00:00 C:\WINDOWS\system32\divx.dll |20/07/2006 15:45:22 C:\WINDOWS\system32\dpl100.dll |20/07/2006 15:45:22 C:\WINDOWS\system32\dtu100.dll |20/07/2006 15:45:22 C:\WINDOWS\system32\encdec.dll |05/08/2004 07:00:00 C:\WINDOWS\system32\EqnClass.Dll |05/08/2004 07:00:00 C:\WINDOWS\system32\ff_vfw.dll |20/07/2006 15:45:21 C:\WINDOWS\system32\fsuz.dll |02/11/2006 00:47:33 C:\WINDOWS\system32\HdAProp.dll |07/01/2005 18:07:16 C:\WINDOWS\system32\HdAudRes.dll |07/01/2005 18:07:04 C:\WINDOWS\system32\Hmpg12.dll |04/09/2001 00:46:38 C:\WINDOWS\system32\HMPV2_ENC.dll |30/07/2001 17:33:56 C:\WINDOWS\system32\HMPV2_ENC_MMX.dll |23/07/2001 23:04:36 C:\WINDOWS\system32\HNDLR32.DLL |26/08/1996 03:12:00 C:\WINDOWS\system32\hticons.dll |05/08/2004 07:00:00 C:\WINDOWS\system32\hypertrm.dll |17/11/2004 19:42:34 C:\WINDOWS\system32\Iacenc.dll |18/11/1998 15:33:16 C:\WINDOWS\system32\iccvid.dll |05/08/2004 07:00:00 C:\WINDOWS\system32\indounin.dll |27/01/1999 13:39:06 C:\WINDOWS\system32\ir32_32.dll |05/08/2004 07:00:00 C:\WINDOWS\system32\ir41_qc.dll |05/08/2004 07:00:00 C:\WINDOWS\system32\ir41_qcx.dll |05/08/2004 07:00:00 C:\WINDOWS\system32\ir50_32.dll |05/08/2004 07:00:00 C:\WINDOWS\system32\ir50_qc.dll |05/08/2004 07:00:00 C:\WINDOWS\system32\ir50_qcx.dll |05/08/2004 07:00:00 C:\WINDOWS\system32\isrdbg32.dll |05/08/2004 07:00:00 C:\WINDOWS\system32\Iyvu9_32.dll |13/06/1997 07:56:08 C:\WINDOWS\system32\jgaw400.dll |05/08/2004 07:00:00 C:\WINDOWS\system32\jgdw400.dll |05/08/2004 07:00:00 C:\WINDOWS\system32\jgmd400.dll |05/08/2004 07:00:00 C:\WINDOWS\system32\jgpl400.dll |05/08/2004 07:00:00 C:\WINDOWS\system32\jgsd400.dll |05/08/2004 07:00:00 C:\WINDOWS\system32\jgsh400.dll |05/08/2004 07:00:00 C:\WINDOWS\system32\LCamCpl.dll |01/06/2004 12:01:54 C:\WINDOWS\system32\lfbmp12n.dll |01/06/2004 11:37:50 C:\WINDOWS\system32\lfbmp13n.dll |14/11/2006 00:40:20 C:\WINDOWS\system32\Lfcmp12n.dll |01/06/2004 11:37:50 C:\WINDOWS\system32\lfcmp13n.dll |14/11/2006 00:40:20 C:\WINDOWS\system32\lffax12n.dll |01/06/2004 11:37:50 C:\WINDOWS\system32\lfgif13n.dll |14/11/2006 00:40:22 C:\WINDOWS\system32\lftif12n.dll |01/06/2004 11:37:50 C:\WINDOWS\system32\libdivx.dll |20/07/2006 15:45:22 C:\WINDOWS\system32\libeay32_1-1-0_DDR.dll |18/07/2006 14:13:43 C:\WINDOWS\system32\LQCUI2.dll |01/06/2004 11:43:16 C:\WINDOWS\system32\Ltdis12n.dll |01/06/2004 11:37:52 C:\WINDOWS\system32\ltdis13n.dll |14/11/2006 00:40:20 C:\WINDOWS\system32\Ltefx12n.dll |01/06/2004 11:37:52 C:\WINDOWS\system32\ltefx13n.dll |14/11/2006 00:40:20 C:\WINDOWS\system32\Ltfil12n.dll |01/06/2004 11:37:52 C:\WINDOWS\system32\ltfil13n.dll |14/11/2006 00:40:20 C:\WINDOWS\system32\Ltimg12n.dll |01/06/2004 11:37:54 C:\WINDOWS\system32\ltimg13n.dll |14/11/2006 00:40:20 C:\WINDOWS\system32\Ltkrn12n.dll |01/06/2004 11:37:54 C:\WINDOWS\system32\ltkrn13n.dll |14/11/2006 00:40:20 C:\WINDOWS\system32\Ltwvc12n.dll |01/06/2004 11:37:58 C:\WINDOWS\system32\LVCodec2.dll |25/07/2006 20:33:16 C:\WINDOWS\system32\lvcoinst.dll |25/07/2006 20:33:19 C:\WINDOWS\system32\LVCOMCX.dll |21/05/2004 19:12:38 C:\WINDOWS\system32\Lvkrn12n.dll |01/06/2004 11:37:58 C:\WINDOWS\system32\LVMAENUM.dll |21/05/2004 19:11:48 C:\WINDOWS\system32\LVUI2.dll |25/07/2006 20:33:18 C:\WINDOWS\system32\LVUI2RC.dll |25/07/2006 20:33:18 C:\WINDOWS\system32\mdwmdmsp.dll |05/08/2004 07:00:00 C:\WINDOWS\system32\msdmo.dll |05/08/2004 07:00:00 C:\WINDOWS\system32\msencode.dll |05/08/2004 07:00:00 C:\WINDOWS\system32\multiplex_vcd.dll |26/12/2001 17:12:30 C:\WINDOWS\system32\nmwcdcls.dll |19/11/2006 22:50:43 C:\WINDOWS\system32\Npindeo.dll |20/11/1998 13:38:58 C:\WINDOWS\system32\NTIBUN4.dll |16/12/2005 03:20:36 C:\WINDOWS\system32\NTICDMK7.dll |16/12/2005 03:19:44 C:\WINDOWS\system32\NTIFCD3.dll |16/12/2005 03:19:44 C:\WINDOWS\system32\NTIMP3.dll |16/12/2005 03:19:44 C:\WINDOWS\system32\NTIMPEG2.dll |16/12/2005 03:19:44 C:\WINDOWS\system32\nv4_disp.dll |02/08/2005 18:35:00 C:\WINDOWS\system32\nvcod.dll |02/08/2005 18:35:00 C:\WINDOWS\system32\nvcodins.dll |02/08/2005 18:35:00 C:\WINDOWS\system32\nvcpl.dll |02/08/2005 18:35:00 C:\WINDOWS\system32\nvhwvid.dll |02/08/2005 18:35:00 C:\WINDOWS\system32\nview.dll |02/08/2005 18:35:00 C:\WINDOWS\system32\nvmctray.dll |02/08/2005 18:35:00 C:\WINDOWS\system32\nvnt4cpl.dll |02/08/2005 18:35:00 C:\WINDOWS\system32\nvoglnt.dll |02/08/2005 18:35:00 C:\WINDOWS\system32\nvrsar.dll |02/08/2005 18:35:00 C:\WINDOWS\system32\nvrscs.dll |02/08/2005 18:35:00 C:\WINDOWS\system32\nvrsda.dll |02/08/2005 18:35:00 C:\WINDOWS\system32\nvrsde.dll |02/08/2005 18:35:00 C:\WINDOWS\system32\nvrsel.dll |02/08/2005 18:35:00 C:\WINDOWS\system32\nvrseng.dll |02/08/2005 18:35:00 C:\WINDOWS\system32\nvrses.dll |02/08/2005 18:35:00 C:\WINDOWS\system32\nvrsesm.dll |02/08/2005 18:35:00 C:\WINDOWS\system32\nvrsfi.dll |02/08/2005 18:35:00 C:\WINDOWS\system32\nvrsfr.dll |02/08/2005 18:35:00 C:\WINDOWS\system32\nvrshe.dll |02/08/2005 18:35:00 C:\WINDOWS\system32\nvrshu.dll |02/08/2005 18:35:00 C:\WINDOWS\system32\nvrsit.dll |02/08/2005 18:35:00 C:\WINDOWS\system32\nvrsja.dll |02/08/2005 18:35:00 C:\WINDOWS\system32\nvrsko.dll |02/08/2005 18:35:00 C:\WINDOWS\system32\nvrsnl.dll |02/08/2005 18:35:00 C:\WINDOWS\system32\nvrsno.dll |02/08/2005 18:35:00 C:\WINDOWS\system32\nvrspl.dll |02/08/2005 18:35:00 C:\WINDOWS\system32\nvrspt.dll |02/08/2005 18:35:00 C:\WINDOWS\system32\nvrsptb.dll |02/08/2005 18:35:00 C:\WINDOWS\system32\nvrsru.dll |02/08/2005 18:35:00 C:\WINDOWS\system32\nvrssk.dll |02/08/2005 18:35:00 C:\WINDOWS\system32\nvrssl.dll |02/08/2005 18:35:00 C:\WINDOWS\system32\nvrssv.dll |02/08/2005 18:35:00 C:\WINDOWS\system32\nvrstr.dll |02/08/2005 18:35:00 C:\WINDOWS\system32\nvrszhc.dll |02/08/2005 18:35:00 C:\WINDOWS\system32\nvrszht.dll |02/08/2005 18:35:00 C:\WINDOWS\system32\nvshell.dll |02/08/2005 18:35:00 C:\WINDOWS\system32\nvwddi.dll |02/08/2005 18:35:00 C:\WINDOWS\system32\nvwdmcpl.dll |02/08/2005 18:35:00 C:\WINDOWS\system32\nvwimg.dll |02/08/2005 18:35:00 C:\WINDOWS\system32\nvwrsar.dll |02/08/2005 18:35:00 C:\WINDOWS\system32\nvwrscs.dll |02/08/2005 18:35:00 C:\WINDOWS\system32\nvwrsda.dll |02/08/2005 18:35:00 C:\WINDOWS\system32\nvwrsde.dll |02/08/2005 18:35:00 C:\WINDOWS\system32\nvwrsel.dll |02/08/2005 18:35:00 C:\WINDOWS\system32\nvwrseng.dll |02/08/2005 18:35:00 C:\WINDOWS\system32\nvwrses.dll |02/08/2005 18:35:00 C:\WINDOWS\system32\nvwrsesm.dll |02/08/2005 18:35:00 C:\WINDOWS\system32\nvwrsfi.dll |02/08/2005 18:35:00 C:\WINDOWS\system32\nvwrsfr.dll |02/08/2005 18:35:00 C:\WINDOWS\system32\nvwrshe.dll |02/08/2005 18:35:00 C:\WINDOWS\system32\nvwrshu.dll |02/08/2005 18:35:00 C:\WINDOWS\system32\nvwrsit.dll |02/08/2005 18:35:00 C:\WINDOWS\system32\nvwrsja.dll |02/08/2005 18:35:00 C:\WINDOWS\system32\nvwrsko.dll |02/08/2005 18:35:00 C:\WINDOWS\system32\nvwrsnl.dll |02/08/2005 18:35:00 C:\WINDOWS\system32\nvwrsno.dll |02/08/2005 18:35:00 C:\WINDOWS\system32\nvwrspl.dll |02/08/2005 18:35:00 C:\WINDOWS\system32\nvwrspt.dll |02/08/2005 18:35:00 C:\WINDOWS\system32\nvwrsptb.dll |02/08/2005 18:35:00 C:\WINDOWS\system32\nvwrsru.dll |02/08/2005 18:35:00 C:\WINDOWS\system32\nvwrssk.dll |02/08/2005 18:35:00 C:\WINDOWS\system32\nvwrssl.dll |02/08/2005 18:35:00 C:\WINDOWS\system32\nvwrssv.dll |02/08/2005 18:35:00 C:\WINDOWS\system32\nvwrstr.dll |02/08/2005 18:35:00 C:\WINDOWS\system32\nvwrszhc.dll |02/08/2005 18:35:00 C:\WINDOWS\system32\nvwrszht.dll |02/08/2005 18:35:00 C:\WINDOWS\system32\Oemdspif.dll |15/04/2005 03:10:54 C:\WINDOWS\system32\paqsp.dll |05/08/2004 07:00:00 C:\WINDOWS\system32\px.dll |29/06/2006 23:27:11 C:\WINDOWS\system32\pxdrv.dll |29/06/2006 23:27:12 C:\WINDOWS\system32\pxmas.dll |29/06/2006 23:27:12 C:\WINDOWS\system32\pxwave.dll |29/06/2006 23:27:12 C:\WINDOWS\system32\QCUI2.dll |01/06/2004 11:44:54 C:\WINDOWS\system32\qedwipes.dll |05/08/2004 07:00:00 C:\WINDOWS\system32\qt-dx331.dll |20/07/2006 15:45:22 C:\WINDOWS\system32\QTIM32.DLL |26/08/1996 03:12:00 C:\WINDOWS\system32\QTOLE32.DLL |26/08/1996 03:12:00 C:\WINDOWS\system32\QTWMCI32.DLL |26/08/1996 03:12:00 C:\WINDOWS\system32\RtlCPAPI.dll |16/09/2005 15:14:36 C:\WINDOWS\system32\sbe.dll |05/08/2004 07:00:00 C:\WINDOWS\system32\slbcsp.dll |05/08/2004 07:00:00 C:\WINDOWS\system32\slbiop.dll |05/08/2004 07:00:00 C:\WINDOWS\system32\slbrccsp.dll |05/08/2004 07:00:00 C:\WINDOWS\system32\spnike.dll |05/08/2004 07:00:00 C:\WINDOWS\system32\sprio600.dll |05/08/2004 07:00:00 C:\WINDOWS\system32\sprio800.dll |05/08/2004 07:00:00 C:\WINDOWS\system32\spxcoins.dll |05/08/2004 07:00:00 C:\WINDOWS\system32\ssldivx.dll |20/07/2006 15:45:23 C:\WINDOWS\system32\ssleay32_1-1-0_DDR.dll |18/07/2006 14:13:43 C:\WINDOWS\system32\stlport_4_0_0_DDR.dll |18/07/2006 14:13:42 C:\WINDOWS\system32\tsd32.dll |05/08/2004 07:00:00 C:\WINDOWS\system32\unrar.dll |08/07/2006 12:47:06 C:\WINDOWS\system32\usrcntra.dll |05/08/2004 07:00:00 C:\WINDOWS\system32\usrcoina.dll |05/08/2004 07:00:00 C:\WINDOWS\system32\usrdpa.dll |05/08/2004 07:00:00 C:\WINDOWS\system32\usrdtea.dll |05/08/2004 07:00:00 C:\WINDOWS\system32\usrfaxa.dll |05/08/2004 07:00:00 C:\WINDOWS\system32\usrlbva.dll |05/08/2004 07:00:00 C:\WINDOWS\system32\usrrtosa.dll |05/08/2004 07:00:00 C:\WINDOWS\system32\usrsdpia.dll |05/08/2004 07:00:00 C:\WINDOWS\system32\usrsvpia.dll |05/08/2004 07:00:00 C:\WINDOWS\system32\usrv42a.dll |05/08/2004 07:00:00 C:\WINDOWS\system32\usrv80a.dll |05/08/2004 07:00:00 C:\WINDOWS\system32\usrvoica.dll |05/08/2004 07:00:00 C:\WINDOWS\system32\usrvpa.dll |05/08/2004 07:00:00 C:\WINDOWS\system32\vxblock.dll |29/06/2006 23:27:12 C:\WINDOWS\system32\W32n50.dll |18/07/2006 14:20:59 C:\WINDOWS\system32\win87em.dll |05/08/2004 07:00:00 C:\WINDOWS\system32\WooDial2000.dll |29/06/2006 21:14:44 C:\WINDOWS\system32\x264vfw.dll |20/07/2006 15:45:24 C:\WINDOWS\system32\XceedCry.dll |02/02/2003 13:01:34 C:\WINDOWS\system32\XceedSco.dll |19/05/2003 12:37:20 C:\WINDOWS\system32\xerces-c_1_40_0_DDR.dll |18/07/2006 14:13:43 C:\WINDOWS\system32\xvidcore.dll |20/07/2006 15:45:23 C:\WINDOWS\system32\xvidvfw.dll |20/07/2006 15:45:23 C:\WINDOWS\system32\zlib.dll |02/11/2006 00:47:35 Le volume dans le lecteur C s'appelle ACER Le numéro de série du volume est E4DD-CB2B Répertoire de C:\WINDOWS\system 25/12/1998 09:15 345 983 RCDSETUP.EXE 1 fichier(s) 345 983 octets 0 Rép(s) 21 642 625 024 octets libres Le volume dans le lecteur C s'appelle ACER Le numéro de série du volume est E4DD-CB2B Répertoire de C:\WINDOWS\system32 05/08/2004 07:00 6 144 csrss.exe 1 fichier(s) 6 144 octets 0 Rép(s) 21 642 625 024 octets libres Contenu de Downloaded Program Files Le volume dans le lecteur C s'appelle ACER Le numéro de série du volume est E4DD-CB2B Répertoire de C:\WINDOWS\Downloaded Program Files 18/01/2007 23:53 <REP> . 18/01/2007 23:53 <REP> .. 24/08/2006 08:28 141 424 asinst.dll 22/08/2006 09:06 537 asinst.inf 16/12/2005 03:07 65 desktop.ini 20/01/2000 15:25 1 162 Microsoft XML Parser for Java.osd 20/06/2006 16:44 379 704 MsnPUpld.dll 19/06/2006 15:40 393 MsnPUpld.inf 20/06/2006 16:44 117 560 PURen-us.dll 31/05/2002 10:20 117 328 purfr-fr.dll 15/10/2004 08:59 110 592 PURfr-xx.dll 09/11/2006 15:36 5 019 swflash.inf 27/07/2006 16:33 452 920 wlscBase.dll 27/07/2006 16:40 319 wlscBase.inf 02/11/2005 18:01 1 777 xscan.inf 02/11/2005 18:07 435 712 xscan53.ocx 14 fichier(s) 1 764 512 octets Total des fichiers listés : 14 fichier(s) 1 764 512 octets 2 Rép(s) 21 642 625 024 octets libres Recherche de rootkit! (Merci S!Ri) Recherche d'infections connues catchme 0.2 W2K/XP/Vista - userland rootkit detector by Gmer, 17 October 2006 http://www.gmer.net scanning hidden processes ... scanning hidden services ... scanning hidden autostart entries ... scanning hidden files ... scan completed successfully hidden processes: 0 hidden services: 0 hidden files: 0 Liste des programmes installes Acer eConsole Acer eMode Management Ad-Aware SE Personal Adobe Common File Installer Adobe Flash Player 9 ActiveX Adobe Help Center 2.0 Adobe Photoshop 7.0 Adobe Premiere Elements 2.0 Adobe Premiere Elements 2.0 Adobe Reader 7.0 Adobe® Photoshop® Album Edition Découverte 3.0 Archiveur WinRAR ATI Display Driver avast! Antivirus AVG Anti-Spyware 7.5 BroadJump Client Foundation Canon i250 CCleaner (remove only) Correctif pour Windows XP (KB914440) Far Cry Far Cry FreeRIP v2.951 Google Earth HijackThis 1.99.1 Hotfix for Windows XP (KB915865) J2SE Runtime Environment 5.0 Update 10 J2SE Runtime Environment 5.0 Update 11 J2SE Runtime Environment 5.0 Update 5 J2SE Runtime Environment 5.0 Update 6 K-Lite Codec Pack 2.72 Full Language pack for Ad-Aware SE LiveUpdate 2.5 (Symantec Corporation) Logitech Desktop Messenger Logitech Print Service Logitech QuickCam Microsoft .NET Framework 1.1 Microsoft .NET Framework 1.1 French Language Pack Microsoft Internationalized Domain Names Mitigation APIs Microsoft National Language Support Downlevel APIs Microsoft Office Professional Edition 2003 Mise à jour de sécurité pour Lecteur Windows Media 6.4 (KB925398) Mise à jour de sécurité pour Windows Internet Explorer 7 (KB928090) Mise à jour de sécurité pour Windows Internet Explorer 7 (KB929969) Mise à jour de sécurité pour Windows XP (KB918118) Mise à jour de sécurité pour Windows XP (KB923689) Mise à jour de sécurité pour Windows XP (KB923694) Mise à jour de sécurité pour Windows XP (KB924667) Mise à jour de sécurité pour Windows XP (KB926255) Mise à jour de sécurité pour Windows XP (KB926436) Mise à jour de sécurité pour Windows XP (KB927779) Mise à jour de sécurité pour Windows XP (KB927802) Mise à jour de sécurité pour Windows XP (KB928255) Mise à jour de sécurité pour Windows XP (KB928843) Mise à jour pour Windows XP (KB904942) Mise à jour pour Windows XP (KB929338) Mise à jour pour Windows XP (KB931836) MSXML 4.0 SP2 (KB927978) NTI Backup NOW! 4 NTI Backup NOW! 4 NTI CD & DVD-Maker NTI CD & DVD-Maker NTI HomeVideo-Maker NVIDIA Drivers PC Connectivity Solution PowerDVD Programme de gestion Camera de Logitech® QuickTime QuickTime for Windows (32-bit) Realtek High Definition Audio Driver SAGEM F@st 800-840 Spybot - Search & Destroy 1.4 WebFldrs XP Windows Driver Package - Nokia (WUDFRd) WPD (11/03/2006 6.82.26.2) Windows Genuine Advantage Notifications (KB905474) Windows Internet Explorer 7 Windows Live Messenger Windows Live Safety Scanner Windows Live Sign-in Assistant Windows Media Format Runtime Le volume dans le lecteur C s'appelle ACER Le numéro de série du volume est E4DD-CB2B Répertoire de C:\Program Files 04/03/2007 02:53 <REP> . 04/03/2007 02:53 <REP> .. 29/06/2006 20:19 <REP> Acer 18/01/2007 18:48 <REP> Adobe 01/10/2006 14:03 <REP> Alwil Software 18/07/2006 14:13 <REP> BroadJump 30/11/2006 02:47 <REP> CCleaner 18/07/2006 14:19 <REP> Common Files 01/10/2006 01:21 <REP> ComPlus Applications 16/12/2005 03:22 <REP> CyberLink 30/01/2007 23:13 <REP> DAEMON Tools 19/11/2006 22:51 <REP> DIFX 04/03/2007 02:43 <REP> Fichiers communs 15/12/2006 19:02 <REP> FreeRIP2 07/11/2006 02:19 <REP> Gamenext 19/07/2006 18:10 <REP> Google 20/03/2007 20:21 <REP> Grisoft 21/10/2006 12:30 <REP> hijackThis 17/02/2007 16:50 <REP> Internet Explorer 24/02/2007 18:22 <REP> Java 18/10/2006 21:36 <REP> Kaspersky Lab 20/07/2006 15:45 <REP> K-Lite Codec Pack 29/06/2006 21:02 <REP> Lavasoft 20/11/2006 12:02 <REP> Logitech 19/01/2007 00:16 <REP> Ludiclub 16/12/2005 03:11 <REP> Messenger 13/04/2006 18:53 <REP> microsoft frontpage 07/11/2006 01:03 <REP> Microsoft Office 02/07/2006 17:43 <REP> Microsoft.NET 01/10/2006 01:21 <REP> Motive 01/10/2006 01:21 <REP> Motive(2) 16/12/2005 03:07 <REP> Movie Maker 13/04/2006 18:53 <REP> MSN 16/12/2005 03:06 <REP> MSN Gaming Zone 12/02/2007 10:05 <REP> MSN Messenger 18/11/2006 04:00 <REP> MSXML 4.0 27/07/2006 07:38 <REP> MyGlobalSearch 16/12/2005 03:07 <REP> NetMeeting 29/06/2006 20:18 <REP> NewTech Infosystems 13/04/2006 18:53 <REP> Online Services 16/12/2006 04:00 <REP> Outlook Express 02/01/2007 20:32 <REP> PC Connectivity Solution 18/10/2006 20:22 <REP> QuickTime 13/04/2006 18:53 <REP> Realtek 13/04/2006 18:53 <REP> Services en ligne 15/02/2007 01:17 <REP> Spybot - Search & Destroy 01/10/2006 14:03 <REP> Symantec 30/01/2007 23:24 <REP> Ubisoft 30/06/2006 12:48 <REP> Wanadoo 16/10/2006 04:38 <REP> Windows Live Safety Center 28/11/2006 03:50 <REP> Windows Media Player 13/04/2006 18:53 <REP> Windows NT 30/01/2007 22:05 <REP> WinRAR 13/04/2006 18:53 <REP> xerox 30/11/2006 00:12 <REP> Yahoo! 0 fichier(s) 0 octets 55 Rép(s) 21 642 563 584 octets libres Le volume dans le lecteur C s'appelle ACER Le numéro de série du volume est E4DD-CB2B Répertoire de C:\Program Files\fichiers communs 04/03/2007 02:43 <REP> . 04/03/2007 02:43 <REP> .. 18/01/2007 18:48 <REP> Adobe 29/06/2006 20:19 <REP> ArcSoft 02/07/2006 17:44 <REP> DESIGNER 20/11/2006 12:02 <REP> FotoWire 16/12/2005 03:19 <REP> InstallShield 16/12/2005 03:21 <REP> Java 25/07/2006 20:32 <REP> Logitech 20/07/2006 15:38 <REP> Microsoft Shared 01/10/2006 01:21 <REP> Motive 13/04/2006 18:52 <REP> MSSoap 16/12/2005 03:20 <REP> muvee Technologies 16/12/2005 03:19 <REP> NewTech Infosystems 01/10/2006 01:21 <REP> ODBC 04/03/2007 02:43 <REP> PCSuite 13/04/2006 18:52 <REP> Services 13/04/2006 18:52 <REP> SpeechEngines 01/10/2006 14:03 <REP> Symantec Shared 16/12/2006 04:00 <REP> System 19/11/2006 21:46 <REP> Teleca Shared 0 fichier(s) 0 octets 21 Rép(s) 21 642 563 584 octets libres Le volume dans le lecteur C s'appelle ACER Le numéro de série du volume est E4DD-CB2B Répertoire de C:\Program Files\fichiers communs\Microsoft Shared\Web Folders 02/07/2006 17:44 <REP> . 02/07/2006 17:44 <REP> .. 02/07/2006 17:44 <REP> 1033 02/07/2006 17:43 <REP> 1036 11/07/2003 10:15 1 292 872 MSONSEXT.DLL 15/07/2003 06:52 35 896 MSOSV.DLL 03/06/1999 13:09 122 937 MSOWS409.DLL 07/03/2001 08:00 127 033 MSOWS40c.DLL 11/07/2003 02:25 80 448 PKMWS.DLL 5 fichier(s) 1 659 186 octets 4 Rép(s) 21 642 563 584 octets libres Le volume dans le lecteur C s'appelle ACER Le numéro de série du volume est E4DD-CB2B Répertoire de C:\Program Files\common files 18/07/2006 14:19 <REP> . 18/07/2006 14:19 <REP> .. 01/10/2006 13:08 <REP> Motive 0 fichier(s) 0 octets 3 Rép(s) 21 642 563 584 octets libres Le volume dans le lecteur C s'appelle ACER Le numéro de série du volume est E4DD-CB2B Répertoire de C:\ 11/11/2001 00:00 68 096 diff.exe 27/08/2006 14:10 103 424 grep.exe 2 fichier(s) 171 520 octets 0 Rép(s) 21 642 563 584 octets libres c:\Documents and Settings\Anne\Local Settings\Temp\bwgo0049f1bf.exe c:\Documents and Settings\Anne\Local Settings\Temp\bwgo0081d5ab.exe c:\Documents and Settings\Anne\Local Settings\Temp\bwgo00c4aa5f.exe c:\Documents and Settings\Tom\Bureau\DiagHelp\catchme.exe c:\Documents and Settings\Tom\Bureau\DiagHelp\diff.exe c:\Documents and Settings\Tom\Bureau\DiagHelp\dumphive.exe c:\Documents and Settings\Tom\Bureau\DiagHelp\FilesInfoCmd.exe c:\Documents and Settings\Tom\Bureau\DiagHelp\Fport.exe c:\Documents and Settings\Tom\Bureau\DiagHelp\grep.exe c:\Documents and Settings\Tom\Bureau\DiagHelp\LFiles.exe c:\Documents and Settings\Tom\Bureau\DiagHelp\LISTDLLS.exe c:\Documents and Settings\Tom\Bureau\DiagHelp\pslist.exe c:\Documents and Settings\Tom\Bureau\DiagHelp\streams.exe c:\Documents and Settings\Tom\Bureau\DiagHelp\swreg.exe c:\Documents and Settings\Tom\Bureau\vidal\Crack 3006 Vidal Expert.exe c:\Documents and Settings\Tom\Local Settings\Temp\BitTorrent-5.0.6.exe c:\Documents and Settings\Tom\Local Settings\Temp\Rar$EX01.687\HijackThis.exe c:\Documents and Settings\Tom\Local Settings\Temp\Rar$EX10.453\scanner.exe c:\Documents and Settings\Tom\Mes documents\avgas-setup-7.5.0.50.exe c:\Documents and Settings\Tom\Mes documents\i250\cnmunins.exe c:\Documents and Settings\Tom\Mes documents\i250\setup.exe c:\Documents and Settings\Tom\Mes documents\internet\ccsetup135.exe c:\Documents and Settings\Tom\Mes documents\internet\eMule0.47c-Installer.exe c:\Documents and Settings\Tom\Mes documents\internet\freeripmp3.exe c:\Documents and Settings\Tom\Mes documents\internet\Install_Messenger.exe c:\Documents and Settings\Tom\Mes documents\internet\klcodec272f.exe c:\Documents and Settings\Tom\Mes documents\internet\pilote imprimante.exe c:\Documents and Settings\Tom\Mes documents\internet\setupimaginewheel2_1.exe c:\Documents and Settings\Tom\Mes documents\internet\visioneur pps.exe c:\Documents and Settings\Tom\Mes documents\Mes fichiers reçus\GoogleEarthWin.exe c:\Documents and Settings\Tom\Mes documents\set up secu internet\aawsepersonal.exe c:\Documents and Settings\Tom\Mes documents\set up secu internet\Avast.exe c:\Documents and Settings\Tom\Mes documents\set up secu internet\pllangs.exe c:\Documents and Settings\Tom\Mes documents\set up secu internet\spybotsd14.exe c:\Documents and Settings\All Users\Application Data\Kaspersky Lab\AVP6\Bases\avcmhk4.dll c:\Documents and Settings\All Users\Application Data\Microsoft\IdentityCRL\production\ppcrlconfig.dll c:\Documents and Settings\LocalService\Application Data\Microsoft\UPnP Device Host\upnphost\udhisapi.dll

et voilà le rapport: Logfile of HijackThis v1.99.1 Scan saved at 22:28:11, on 02/04/2007 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16414) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Acer\Acer eConsole\MediaServerService.exe C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe C:\Program Files\Alwil Software\Avast4\ashServ.exe C:\WINDOWS\system32\nvsvc32.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe C:\Program Files\Alwil Software\Avast4\ashWebSv.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Java\jre1.5.0_11\bin\jusched.exe C:\WINDOWS\RTHDCPL.EXE C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe C:\Program Files\QuickTime\qttask.exe C:\WINDOWS\system32\RUNDLL32.EXE C:\Program Files\Acer\Acer eConsole\MediaSync.exe C:\WINDOWS\system32\LVCOMSX.EXE C:\Program Files\Logitech\Video\LogiTray.exe C:\Acer\Empowering Technology\eRecovery\Monitor.exe C:\Program Files\BroadJump\Client Foundation\CFD.exe C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe C:\Program Files\Acer\Acer eMode Management\AspireService.exe C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.0\Apps\apdproxy.exe C:\Program Files\DAEMON Tools\daemon.exe C:\Program Files\MSN Messenger\MsnMsgr.Exe C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BackWeb-8876480.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Logitech\Video\FxSvr2.exe C:\WINDOWS\system32\wuauclt.exe C:\Program Files\MSN Messenger\usnsvc.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\WinRAR\WinRAR.exe C:\DOCUME~1\Tom\LOCALS~1\Temp\Rar$EX01.687\HijackThis.exe C:\DOCUME~1\Tom\LOCALS~1\Temp\Rar$EX10.453\scanner.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.club-internet.fr/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://patrick.kolla.de/spybotsd.html R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Internet Explorer avec Club-Internet R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - c:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_11\bin\ssv.dll O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file) O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O4 - HKLM\..\Run: [Workflow] E:\install\Workflow.exe O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre1.5.0_11\bin\jusched.exe" O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe" O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [ntiMUI] c:\Program Files\NewTech Infosystems\NTI CD & DVD-Maker 7\ntiMUI.exe O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC O4 - HKLM\..\Run: [MediaSync] C:\Program Files\Acer\Acer eConsole\MediaSync.exe O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe O4 - HKLM\..\Run: [LaunchApp] Alaunch O4 - HKLM\..\Run: [iMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32 O4 - HKLM\..\Run: [High Definition Audio Property Page Shortcut] HDAShCut.exe O4 - HKLM\..\Run: [eRecoveryService] C:\Acer\Empowering Technology\eRecovery\Monitor.exe O4 - HKLM\..\Run: [bJCFD] C:\Program Files\BroadJump\Client Foundation\CFD.exe O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe O4 - HKLM\..\Run: [AspireService] C:\Program Files\Acer\Acer eMode Management\AspireService.exe O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.0\Apps\apdproxy.exe" O4 - HKLM\..\Run: [DAEMON Tools] "C:\Program Files\DAEMON Tools\daemon.exe" -lang 1033 O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background O4 - HKCU\..\Run: [LogitechSoftwareUpdate] "C:\Program Files\Logitech\Video\ManifestEngine.exe" boot O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BackWeb-8876480.exe O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [bitTorrent] "C:\Program Files\BitTorrent\bittorrent.exe" --force_start_minimized O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_11\bin\ssv.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_11\bin\ssv.dll O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing) O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing) O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O11 - Options group: [iNTERNATIONAL] International* O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://tomgrub.spaces.live.com//PhotoUpload/MsnPUpld.cab O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} (Windows Live Safety Center Base Module) - http://cdn.scan.safety.live.com/resource/d...wlscbase969.cab O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/2005111...all/xscan53.cab O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab O17 - HKLM\System\CCS\Services\Tcpip\..\{E6165DD4-C5FC-470A-A685-5D9535A5A207}: NameServer = 194.117.200.10,194.117.200.15 O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll O23 - Service: Acer Media Server - Acer Inc. - C:\Program Files\Acer\Acer eConsole\MediaServerService.exe O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashServ.exe O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing) O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing) O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe

j'ai refait un scan qui ne m'a pas détecté le trojan mais si vous préférer un rapport je m'en occupe

Ok merci j'essaie déjà la solution de thorgal et je refais un scan pour voir, je vous tiens au courant merci de votre aide

Bonjour tout le monde, alors que je faisias une recherche de routine avec avg anti-spyware, il m'a trouvé le problème suivant avec un risque élevé: trojan.small Qu'est-ce que c'est? est-ce grave par rapprt à mon utilisation du pc? Que puis-je faire?, merci de me donner un coup de main je suis perdu

bonjour, et ce que je craignais est arrivé c'est à dire que ca continu alors là je ne sais plus quoi faire, suis-je vraiment infecté à ce point ou quoi? je ne sais pas si tu as d'autres idées kevin veux-tu que je refasse un scan avec hijackthis? @ plus

me revoilà, aie j'ai encore un truc chiant... alors le truc qui n'a pas changé c'est que quand j'éteind mon ordi juste avant la musique de fin j'ai un bruit, le même bruit que quand tu cliques sur une fenêtre et que tu dois en fermer une avant et ca c'est resté alors d'ou ca vient? je ne sais pas mais je t'assure que c'est très agaçant... j'ai pourtant tout fait ce que tu m'as dit, je vais lancer la défragmentation cette nuit et je te dirai après. Aller @+

salut Kevin, ca tombe bien moi aussi j'ai eu un peu d'absence, j'ai fait tout ce que tu m'as dit dans le dernier message et je vais voir ce qu'il en ait après, je te dirai en tout cas merci beaucoup à toi de m'aider comme ça.. c'est cool de ta part @ plus

bon et bien voilà je crois que c'est tout bon, voilà les fichiers: avec avg: --------------------------------------------------------- AVG Anti-Spyware - Rapport d'analyse --------------------------------------------------------- + Créé à: 12:21:48 21/10/2006 + Résultat de l'analyse: C:\Documents and Settings\Tom\Cookies\tom@247realmedia[2].txt -> TrackingCookie.247realmedia : Nettoyé. C:\Documents and Settings\Tom\Cookies\tom@2o7[1].txt -> TrackingCookie.2o7 : Nettoyé. C:\Documents and Settings\Tom\Cookies\tom@msnportal.112.2o7[1].txt -> TrackingCookie.2o7 : Nettoyé. C:\Documents and Settings\Tom\Cookies\tom@sfr.122.2o7[1].txt -> TrackingCookie.2o7 : Nettoyé. C:\Documents and Settings\Tom\Cookies\tom@adtech[2].txt -> TrackingCookie.Adtech : Nettoyé. C:\Documents and Settings\Tom\Cookies\tom@advertising[1].txt -> TrackingCookie.Advertising : Nettoyé. C:\Documents and Settings\Tom\Cookies\tom@atdmt[2].txt -> TrackingCookie.Atdmt : Nettoyé. C:\Documents and Settings\Tom\Cookies\tom@bluestreak[2].txt -> TrackingCookie.Bluestreak : Nettoyé. C:\Documents and Settings\Tom\Cookies\tom@com[1].txt -> TrackingCookie.Com : Nettoyé. C:\Documents and Settings\Tom\Cookies\tom@fl01.ct2.comclick[2].txt -> TrackingCookie.Comclick : Nettoyé. C:\Documents and Settings\Tom\Cookies\tom@data.coremetrics[1].txt -> TrackingCookie.Coremetrics : Nettoyé. C:\Documents and Settings\Tom\Cookies\tom@doubleclick[1].txt -> TrackingCookie.Doubleclick : Nettoyé. C:\Documents and Settings\Tom\Cookies\tom@estat[1].txt -> TrackingCookie.Estat : Nettoyé. C:\Documents and Settings\Tom\Cookies\tom@as1.falkag[2].txt -> TrackingCookie.Falkag : Nettoyé. C:\Documents and Settings\Tom\Cookies\tom@mediaplex[1].txt -> TrackingCookie.Mediaplex : Nettoyé. C:\Documents and Settings\Tom\Cookies\tom@questionmarket[1].txt -> TrackingCookie.Questionmarket : Nettoyé. C:\Documents and Settings\Tom\Cookies\tom@serving-sys[1].txt -> TrackingCookie.Serving-sys : Nettoyé. C:\Documents and Settings\Tom\Cookies\tom@www.smartadserver[2].txt -> TrackingCookie.Smartadserver : Nettoyé. C:\Documents and Settings\Tom\Cookies\tom@tradedoubler[1].txt -> TrackingCookie.Tradedoubler : Nettoyé. C:\Documents and Settings\Tom\Cookies\tom@tribalfusion[1].txt -> TrackingCookie.Tribalfusion : Nettoyé. C:\Documents and Settings\Tom\Cookies\tom@weborama[1].txt -> TrackingCookie.Weborama : Nettoyé. C:\Documents and Settings\Tom\Cookies\tom@ad.yieldmanager[1].txt -> TrackingCookie.Yieldmanager : Nettoyé. Fin du rapport avec hijackthis: Logfile of HijackThis v1.99.1 Scan saved at 12:29:20, on 21/10/2006 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Acer\Acer eConsole\MediaServerService.exe C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe C:\Program Files\Alwil Software\Avast4\ashServ.exe C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe C:\WINDOWS\system32\nvsvc32.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe C:\Program Files\Alwil Software\Avast4\ashWebSv.exe C:\WINDOWS\System32\svchost.exe C:\Acer\Empowering Technology\eRecovery\Monitor.exe C:\WINDOWS\RTHDCPL.EXE C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe C:\WINDOWS\system32\wuauclt.exe C:\WINDOWS\system32\RUNDLL32.EXE C:\Program Files\Acer\Acer eMode Management\AspireService.exe C:\Program Files\Acer\Acer eConsole\MediaSync.exe C:\Program Files\QuickTime\qttask.exe C:\Program Files\BroadJump\Client Foundation\CFD.exe C:\WINDOWS\system32\LVCOMSX.EXE C:\Program Files\Logitech\Video\LogiTray.exe C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe C:\Program Files\Logitech\Video\FxSvr2.exe C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\MSN Messenger\MsnMsgr.Exe C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe C:\DOCUME~1\Tom\LOCALS~1\Temp\bwgo0001b05f.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Internet Explorer\IEXPLORE.EXE C:\Program Files\hijackThis\scanner.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.club-internet.fr/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://global.acer.com R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://patrick.kolla.de/spybotsd.html R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Internet Explorer avec Club-Internet R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - c:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O4 - HKLM\..\Run: [LaunchApp] Alaunch O4 - HKLM\..\Run: [High Definition Audio Property Page Shortcut] HDAShCut.exe O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE O4 - HKLM\..\Run: [ntiMUI] c:\Program Files\NewTech Infosystems\NTI CD & DVD-Maker 7\ntiMUI.exe O4 - HKLM\..\Run: [sunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe" O4 - HKLM\..\Run: [iMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32 O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName O4 - HKLM\..\Run: [eRecoveryService] C:\Acer\Empowering Technology\eRecovery\Monitor.exe O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [AspireService] C:\Program Files\Acer\Acer eMode Management\AspireService.exe O4 - HKLM\..\Run: [MediaSync] C:\Program Files\Acer\Acer eConsole\MediaSync.exe O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [bJCFD] C:\Program Files\BroadJump\Client Foundation\CFD.exe O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe O4 - HKLM\..\Run: [Workflow] E:\install\Workflow.exe O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background O4 - HKCU\..\Run: [LogitechSoftwareUpdate] "C:\Program Files\Logitech\Video\ManifestEngine.exe" boot O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BackWeb-8876480.exe O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} (Windows Live Safety Center Base Module) - http://cdn.scan.safety.live.com/resource/d...wlscbase969.cab O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/2005111...all/xscan53.cab O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll O23 - Service: Acer Media Server - Acer Inc. - C:\Program Files\Acer\Acer eConsole\MediaServerService.exe O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashServ.exe O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing) O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing) O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe et avec blacklight: 10/21/06 12:30:44 [info]: BlackLight Engine 1.0.47 initialized 10/21/06 12:30:44 [info]: OS: 5.1 build 2600 (Service Pack 2) 10/21/06 12:30:44 [Note]: 7019 4 10/21/06 12:30:44 [Note]: 7005 0 10/21/06 12:31:07 [Note]: 7006 0 10/21/06 12:31:07 [Note]: 7011 1436 10/21/06 12:31:07 [Note]: 7026 0 10/21/06 12:31:07 [Note]: 7026 0 10/21/06 12:31:13 [Note]: FSRAW library version 1.7.1020 10/21/06 12:33:29 [Note]: 2000 1012 10/21/06 12:34:52 [Note]: 7007 0 voilà, j'espère que ca pourra t'aider. @ +

heu... une autre petite question le fichier que je dois renommer hijackthis, c'est quoi c'est le programme ?, celui sur lequel je double clic pour lancer le scan? merci

salut, dis moi le fichier blacklight que je dois créer, je le met dans c: desinfection? j'ouvre le poste de travail, double clic sur c: puis sur desinfection et la je fais clic droit nouveau document texte et je le nomme blacklight c'est ca?

Oh lala j'hallucine j'ai oublié de coller le rapport... bon et bien cette fois je le met @ plus Logfile of HijackThis v1.99.1 Scan saved at 18:36:35, on 19/10/2006 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Acer\Acer eConsole\MediaServerService.exe C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe C:\Program Files\Alwil Software\Avast4\ashServ.exe C:\WINDOWS\system32\nvsvc32.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe C:\Program Files\Alwil Software\Avast4\ashWebSv.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\RTHDCPL.EXE C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe C:\Acer\Empowering Technology\eRecovery\Monitor.exe C:\WINDOWS\system32\RUNDLL32.EXE C:\Program Files\Acer\Acer eMode Management\AspireService.exe C:\Program Files\Acer\Acer eConsole\MediaSync.exe C:\Program Files\QuickTime\qttask.exe C:\Program Files\BroadJump\Client Foundation\CFD.exe C:\WINDOWS\system32\LVCOMSX.EXE C:\Program Files\Logitech\Video\LogiTray.exe C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\MSN Messenger\MsnMsgr.Exe C:\DOCUME~1\Tom\LOCALS~1\Temp\bwgo000189eb.exe C:\Program Files\Logitech\Video\FxSvr2.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\hijackThis\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.club-internet.fr/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://global.acer.com R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://patrick.kolla.de/spybotsd.html R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Internet Explorer avec Club-Internet R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - c:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O4 - HKLM\..\Run: [LaunchApp] Alaunch O4 - HKLM\..\Run: [High Definition Audio Property Page Shortcut] HDAShCut.exe O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE O4 - HKLM\..\Run: [ntiMUI] c:\Program Files\NewTech Infosystems\NTI CD & DVD-Maker 7\ntiMUI.exe O4 - HKLM\..\Run: [sunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe" O4 - HKLM\..\Run: [iMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32 O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName O4 - HKLM\..\Run: [eRecoveryService] C:\Acer\Empowering Technology\eRecovery\Monitor.exe O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [AspireService] C:\Program Files\Acer\Acer eMode Management\AspireService.exe O4 - HKLM\..\Run: [MediaSync] C:\Program Files\Acer\Acer eConsole\MediaSync.exe O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [bJCFD] C:\Program Files\BroadJump\Client Foundation\CFD.exe O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe O4 - HKLM\..\Run: [Workflow] E:\install\Workflow.exe O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background O4 - HKCU\..\Run: [LogitechSoftwareUpdate] "C:\Program Files\Logitech\Video\ManifestEngine.exe" boot O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BackWeb-8876480.exe O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} (Windows Live Safety Center Base Module) - http://cdn.scan.safety.live.com/resource/d...wlscbase969.cab O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/2005111...all/xscan53.cab O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll O23 - Service: Acer Media Server - Acer Inc. - C:\Program Files\Acer\Acer eConsole\MediaServerService.exe O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashServ.exe O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing) O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing) O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe

bonjou, voici le fichier log, moi ca ne me parle pas j'espère que vous oui merci @+

[bonsoir, je pense avoir tout fait juste une chose où dois-je mettre mon fichier hijackthis maintenant pour vous le montrez?

bonjour à tout le monde je suis nouveau sur le forum, j'ai un petit souci d'infection sur mon ordinateur. Le logiciel avast me trouve un virus nommé: win32:CTX. Je l'ai mis en quarantaine mais que dois-je en faire? Merci de votre aide je ne suis pas très callé là-dedans...