Infection ordinateur : demande d'analyse

[maykimaykedelille]

Bonjour,

 

je suis rentré qq jours chez ma mere et le pc de ma petite soeur fonctionne bizarement en ce moment parait il!

alors la configuration du pc indique dans mon profil ne correspond donc pas a celle du pc de ma petite soeur dont il est question ici!

 

j ai effectue les indication du pre nettoyage indiqué sur le site!

 

voila donc le rapport hijackthis!

 

Logfile of HijackThis v1.99.1

Scan saved at 17:28:17, on 11/02/2006

Platform: Windows XP SP2 (WinNT 5.01.2600)

MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

 

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\system32\spoolsv.exe

C:\WINDOWS\Explorer.EXE

C:\WINDOWS\SOUNDMAN.EXE

C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe

C:\PROGRA~1\GOTOSO~1\VADERE~1\Vaderetro_oe.exe

C:\Program Files\SurfAccuracy\SAcc.exe

C:\Program Files\mobile PhoneTools\OESyncTray.exe

C:\Program Files\MessengerPlus! 3\MsgPlus.exe

C:\Program Files\AntiVir PersonalEdition Classic\sched.exe

C:\Program Files\Java\j2re1.4.2_10\bin\jusched.exe

C:\Program Files\HP\HP Software Update\HPWuSchd2.exe

C:\WINDOWS\system32\ctfmon.exe

C:\Program Files\GénéaTique2004\PdfDrv\Install\PDFSaver.exe

C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe

C:\Program Files\Alwil Software\Avast4\ashServ.exe

C:\WINDOWS\System32\svchost.exe

C:\Program Files\Nikon\NkView6\NkvMon.exe

C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe

C:\WINDOWS\FSScrCtl.exe

C:\Program Files\HP\Digital Imaging\bin\hpqimzone.exe

C:\WINDOWS\system32\wscntfy.exe

C:\WINDOWS\system32\wuauclt.exe

C:\Documents and Settings\dominique berton\Local Settings\Temp\HijackThis.exe

 

R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://g.msn.fr/0SEFRFR/SAOS01?FORM=TOOLBR

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens

R3 - URLSearchHook: (no name) - - (no file)

O2 - BHO: RXResultTracker Class - {59879FA4-4790-461c-A1CC-4EC4DE4CA483} - (no file)

O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar3.dll

O2 - BHO: Barre d'outils MSN Search Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Toolbar Suite\TB\02.05.0000.1105\fr-fr\msntb.dll

O3 - Toolbar: Barre d'outils MSN Search - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Toolbar Suite\TB\02.05.0000.1105\fr-fr\msntb.dll

O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar3.dll

O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\System32\\NeroCheck.exe

O4 - HKLM\..\Run: [soundMan] SOUNDMAN.EXE

O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot

O4 - HKLM\..\Run: [Vade Retro Outlook Express] "C:\PROGRA~1\GOTOSO~1\VADERE~1\Vaderetro_oe.exe"

O4 - HKLM\..\Run: [surfAccuracy] C:\Program Files\SurfAccuracy\SAcc.exe

O4 - HKLM\..\Run: [OESyncTray] "C:\Program Files\mobile PhoneTools\OESyncTray.exe"

O4 - HKLM\..\Run: [MessengerPlus3] "C:\Program Files\MessengerPlus! 3\MsgPlus.exe"

O4 - HKLM\..\Run: [sunJavaUpdateSched] C:\Program Files\Java\j2re1.4.2_10\bin\jusched.exe

O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe

O4 - HKLM\..\Run: [avgnt] "C:\Program Files\AntiVir PersonalEdition Classic\avgnt.exe" /min

O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe

O4 - HKCU\..\Run: [PDFSaver] C:\Program Files\GénéaTique2004\PdfDrv\Install\PDFSaver.exe

O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background

O4 - HKCU\..\Run: [MessengerPlus3] "C:\Program Files\MessengerPlus! 3\MsgPlus.exe" /WinStart

O4 - Startup: Adobe Gamma Loader.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe

O4 - Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe

O4 - Startup: NkvMon.exe.lnk = C:\Program Files\Nikon\NkView6\NkvMon.exe

O4 - Startup: Sagem - Utilitaire réseau pour Clé USB Wi-Fi 802.11g.lnk = ?

O4 - Startup: Screen Saver Control.lnk = C:\WINDOWS\FSScrCtl.exe

O4 - Global Startup: Démarrage rapide du logiciel HP Image Zone.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe

O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE

O4 - Global Startup: NkvMon.exe.lnk = C:\Program Files\Nikon\NkView6\NkvMon.exe

O4 - Global Startup: Windows Desktop Search.lnk = C:\Program Files\MSN Toolbar Suite\DS\02.05.0001.1119\fr-fr\bin\WindowsSearch.exe

O4 - Global Startup: WinZip Quick Pick.lnk = C:\Program Files\WinZip\WZQKPICK.EXE

O8 - Extra context menu item: &MSN Search - res://C:\Program Files\MSN Toolbar Suite\TB\02.05.0000.1105\fr-fr\msntb.dll/search.htm

O8 - Extra context menu item: &Traduire à partir de l'anglais - res://c:\program files\google\GoogleToolbar3.dll/cmwordtrans.html

O8 - Extra context menu item: Pages liées - res://c:\program files\google\GoogleToolbar3.dll/cmbacklinks.html

O8 - Extra context menu item: Pages similaires - res://c:\program files\google\GoogleToolbar3.dll/cmsimilar.html

O8 - Extra context menu item: Recherche &Google - res://c:\program files\google\GoogleToolbar3.dll/cmsearch.html

O8 - Extra context menu item: Version de la page actuelle disponible dans le cache Google - res://c:\program files\google\GoogleToolbar3.dll/cmcache.html

O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\msjava.dll

O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\msjava.dll

O9 - Extra button: SideFind - {10E42047-DEB9-4535-A118-B3F6EC39B807} - C:\Program Files\SideFind\sidefind.dll (file missing)

O9 - Extra button: @C:\Program Files\Messenger\Msgslang.dll,-61144 - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O9 - Extra 'Tools' menuitem: @C:\Program Files\Messenger\Msgslang.dll,-61144 - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O12 - Plugin for .pdf: C:\Program Files\Internet Explorer\PLUGINS\nppdf32.dll

O16 - DPF: Interface Chat Wanadoo - http://chat7.x-echo.com/version6/Applet/wchatsign.cab

O16 - DPF: {1754A1BA-A1DF-4F10-B199-AA55AA1A120F} (InstallerBehaviorFactory Class) - https://signup.msn.com/pages/MsnInstC.cab

O16 - DPF: {1D6711C8-7154-40BB-8380-3DEA45B69CBF} (Web P2P Installer) -

O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://spaces.msn.com//PhotoUpload/MsnPUpld.cab

O16 - DPF: {8FCDF9D9-A28B-480F-8C3D-581F119A8AB8} - http://static.zangocash.com/cab/Zango/ie/bridge-c18.cab

O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)

O18 - Filter: text/html - {2AB289AE-4B90-4281-B2AE-1F4BB034B647} - (no file)

O23 - Service: AntiVir Scheduler (AntiVirScheduler) - H+BEDV Datentechnik GmbH - C:\Program Files\AntiVir PersonalEdition Classic\sched.exe

O23 - Service: AntiVir PersonalEdition Classic Service (AntiVirService) - H+BEDV Datentechnik GmbH - C:\Program Files\AntiVir PersonalEdition Classic\avguard.exe

O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe

O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashServ.exe

O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)

O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)

 

 

Je joins aussi le rapport du scan de antivir!

 

 

 

Report file date: samedi 11 février 2006 15:39

 

 

Jobname: 'Manual Selection'

 

Scanning for 284303 virus strains and unwanted programs.

 

Licensed to: AntiVir PersonalEdition Classic

Serialnumber: 0000149996-WURGE-0001

Platform: Windows XP

Windowsversion: (Service Pack 2) [5.1.2600]

Username: dominique berton

Computername: BERTON-I7MZTEU1

 

Versioninformations:

AVSCAN.EXE : 7.0.0.19 524328 23/01/2006 15:35:48

AVSCAN.DLL : 7.0.0.19 42536 23/01/2006 15:35:48

LUKE.DLL : 7.0.0.19 114728 23/01/2006 15:35:48

LUKERES.DLL : 7.0.0.19 27688 23/01/2006 15:35:48

ANTIVIR0.VDF : 6.32.0.60 4323840 06/12/2005 10:47:34

ANTIVIR1.VDF : 6.33.0.97 675328 18/01/2006 14:31:52

ANTIVIR2.VDF : 6.33.0.131 122880 18/01/2006 14:31:52

ANTIVIR3.VDF : 6.33.0.139 28160 18/01/2006 14:31:52

AVEWIN32.DLL : 6.33.0.30 1016320 20/01/2006 11:42:50

AVPREF.DLL : 6.34.0.0 38440 18/01/2006 12:06:02

AVREP.DLL : 6.33.0.106 2301992 10/01/2006 10:10:46

AVPACK32.DLL : 6.33.0.6 331816 09/01/2006 09:03:38

AVREG.DLL : 6.31.0.90 27688 28/07/2005 10:06:36

NETNT.DLL : 6.32.0.0 6696 27/09/2005 07:56:50

NETNW.DLL : 6.32.0.0 9768 27/09/2005 07:56:50

 

 

Start of the scan: samedi 11 février 2006 15:39

 

 

Start scanning boot sectors:

 

Boot sector 'A:'

[NOTE] In the drive 'A:' no data medium is inserted!

Boot sector 'C:'

[NOTE] No virus was found!

 

Starting to scan the registry.

 

The registry was scanned ( 42 files ).

 

 

Starting the file scan:

 

The path A:\ could ot be found!

Le périphérique n'est pas prêt.

 

C:\pagefile.sys

[WARNING] The file could not be opened!

C:\Documents and Settings\All Users\Application Data\Microsoft\Dr Watson\user.dmp

[WARNING] The file could not be opened!

C:\Documents and Settings\All Users.WINDOWS\Documents\Mes images\Échantillons d'images\Thumbs.dble

[WARNING] The file could not be opened!

C:\Documents and Settings\berton\.limewire\Thumbs.dble

[WARNING] The file could not be opened!

C:\Documents and Settings\berton\Bureau\Thumbs.dble

[WARNING] The file could not be opened!

C:\Documents and Settings\berton\Mes documents\Thumbs.dble

[WARNING] The file could not be opened!

C:\Documents and Settings\dominique berton\ntuser.dat

[WARNING] The file could not be opened!

C:\Documents and Settings\dominique berton\NTUSER.DAT.LOG

[WARNING] The file could not be opened!

C:\Documents and Settings\dominique berton\Bureau\Thumbs.dble

[WARNING] The file could not be opened!

C:\Documents and Settings\dominique berton\Bureau\Mes images\Thumbs.dble

[WARNING] The file could not be opened!

C:\Documents and Settings\dominique berton\Bureau\Mes images\anne geddes\Thumbs.dble

[WARNING] The file could not be opened!

C:\Documents and Settings\dominique berton\Bureau\Mes images\divers\Thumbs.dble

[WARNING] The file could not be opened!

C:\Documents and Settings\dominique berton\Bureau\Mes images\doisneau\Thumbs.dble

[WARNING] The file could not be opened!

C:\Documents and Settings\dominique berton\Bureau\Mes images\images\Thumbs.dble

[WARNING] The file could not be opened!

C:\Documents and Settings\dominique berton\Bureau\Mes images\juif\Thumbs.dble

[WARNING] The file could not be opened!

C:\Documents and Settings\dominique berton\Bureau\Mes images\juif\tpe\Thumbs.dble

[WARNING] The file could not be opened!

C:\Documents and Settings\dominique berton\Bureau\Mes images\mes artistes\Thumbs.dble

[WARNING] The file could not be opened!

C:\Documents and Settings\dominique berton\Bureau\Mes images\mes artistes\x\Thumbs.dble

[WARNING] The file could not be opened!

C:\Documents and Settings\dominique berton\Bureau\Mes images\peace and love\Thumbs.dble

[WARNING] The file could not be opened!

C:\Documents and Settings\dominique berton\Bureau\Mes images\peintures\Thumbs.dble

[WARNING] The file could not be opened!

C:\Documents and Settings\dominique berton\Bureau\Mes images\TABLEAUX GERY\Thumbs.dble

[WARNING] The file could not be opened!

C:\Documents and Settings\dominique berton\Bureau\Mes images\Échantillons d'images\Thumbs.dble

[WARNING] The file could not be opened!

C:\Documents and Settings\dominique berton\Bureau\Mes images\élodie gossuin et les miss\Thumbs.dble

[WARNING] The file could not be opened!

C:\Documents and Settings\dominique berton\Bureau\sky\Thumbs.dble

[WARNING] The file could not be opened!

C:\Documents and Settings\dominique berton\Bureau\sky\1999\Thumbs.dble

[WARNING] The file could not be opened!

C:\Documents and Settings\dominique berton\Bureau\sky\2000\Thumbs.dble

[WARNING] The file could not be opened!

C:\Documents and Settings\dominique berton\Bureau\sky\2001\Thumbs.dble

[WARNING] The file could not be opened!

C:\Documents and Settings\dominique berton\Bureau\tous\Thumbs.dble

[WARNING] The file could not be opened!

C:\Documents and Settings\dominique berton\Bureau\tous\divers\Thumbs.dble

[WARNING] The file could not be opened!

C:\Documents and Settings\dominique berton\Bureau\tous\MES COURS\Thumbs.dble

[WARNING] The file could not be opened!

C:\Documents and Settings\dominique berton\Bureau\toutes mes photos\Thumbs.dble

[WARNING] The file could not be opened!

C:\Documents and Settings\dominique berton\Bureau\toutes mes photos\2004 les filles\Thumbs.dble

[WARNING] The file could not be opened!

C:\Documents and Settings\dominique berton\Bureau\toutes mes photos\2006\Thumbs.dble

[WARNING] The file could not be opened!

C:\Documents and Settings\dominique berton\Bureau\toutes mes photos\2006\photos avec les filles\Thumbs.dble

[WARNING] The file could not be opened!

C:\Documents and Settings\dominique berton\Bureau\toutes mes photos\2006\voiture esther\Thumbs.dble

[WARNING] The file could not be opened!

C:\Documents and Settings\dominique berton\Bureau\toutes mes photos\GENEVE fin 2005\Thumbs.dble

[WARNING] The file could not be opened!

C:\Documents and Settings\dominique berton\Bureau\toutes mes photos\les filles 2005\Thumbs.dble

[WARNING] The file could not be opened!

C:\Documents and Settings\dominique berton\Bureau\toutes mes photos\mes amis\Thumbs.dble

[WARNING] The file could not be opened!

C:\Documents and Settings\dominique berton\Bureau\toutes mes photos\mes amis\avec mme gantois 0605\Thumbs.dble

[WARNING] The file could not be opened!

C:\Documents and Settings\dominique berton\Bureau\toutes mes photos\moi avec ma guitare anglaise\Thumbs.dble

[WARNING] The file could not be opened!

C:\Documents and Settings\dominique berton\Bureau\toutes mes photos\moi en hippie\Thumbs.dble

[WARNING] The file could not be opened!

C:\Documents and Settings\dominique berton\Bureau\toutes mes photos\nous petits\Thumbs.dble

[WARNING] The file could not be opened!

C:\Documents and Settings\dominique berton\Bureau\toutes mes photos\paris janvier 2005\Thumbs.dble

[WARNING] The file could not be opened!

C:\Documents and Settings\dominique berton\Bureau\toutes mes photos\photos début 2006\Thumbs.dble

[WARNING] The file could not be opened!

C:\Documents and Settings\dominique berton\Bureau\toutes mes photos\photos fin 2005\Thumbs.dble

[WARNING] The file could not be opened!

C:\Documents and Settings\dominique berton\Bureau\toutes mes photos\photos fin 2005\mayke\Thumbs.dble

[WARNING] The file could not be opened!

C:\Documents and Settings\dominique berton\Bureau\toutes mes photos\pieds ata - dos domi\Thumbs.dble

[WARNING] The file could not be opened!

C:\Documents and Settings\dominique berton\Bureau\toutes mes photos\été 2005\Thumbs.dble

[WARNING] The file could not be opened!

C:\Documents and Settings\dominique berton\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat

[WARNING] The file could not be opened!

C:\Documents and Settings\dominique berton\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG

[WARNING] The file could not be opened!

C:\Documents and Settings\dominique berton\Mes documents\Thumbs.dble

[WARNING] The file could not be opened!

C:\Documents and Settings\dominique berton\Mes documents\Ma musique\Gwen stefani\Thumbs.dble

[WARNING] The file could not be opened!

C:\Documents and Settings\dominique berton\Mes documents\Ma musique\mes musiques\Cali\Thumbs.dble

[WARNING] The file could not be opened!

C:\Documents and Settings\dominique berton\Mes documents\Mes fichiers reçus\Thumbs.dble

[WARNING] The file could not be opened!

C:\Documents and Settings\dominique berton\Mes documents\Mes images\Thumbs.dble

[WARNING] The file could not be opened!

C:\Documents and Settings\NetworkService.AUTORITE NT\NTUSER.DAT

[WARNING] The file could not be opened!

C:\Documents and Settings\NetworkService.AUTORITE NT\ntuser.dat.LOG

[WARNING] The file could not be opened!

C:\Documents and Settings\NetworkService.AUTORITE NT\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat

[WARNING] The file could not be opened!

C:\Documents and Settings\NetworkService.AUTORITE NT\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG

[WARNING] The file could not be opened!

C:\Documents and Settings\sylvie\Bureau\Thumbs.dble

[WARNING] The file could not be opened!

C:\Documents and Settings\sylvie\Local Settings\Temp\hsperfdata_sylvie\3408

[WARNING] The file could not be opened!

C:\Documents and Settings\sylvie\Mes documents\Thumbs.dble

[WARNING] The file could not be opened!

C:\Documents and Settings\sylvie\Mes documents\Mes images\Thumbs.dble

[WARNING] The file could not be opened!

C:\Documents and Settings\sylvie\Recent\Thumbs.dble

[WARNING] The file could not be opened!

C:\ixlaArt\Thumbs.dble

[WARNING] The file could not be opened!

C:\MAGIX\Photos_sur_CD_DVD4\Bitmaps\Thumbs.dble

[WARNING] The file could not be opened!

C:\MAGIX\Photos_sur_CD_DVD4\Borders\Thumbs.dble

[WARNING] The file could not be opened!

C:\MAGIX\Photos_sur_CD_DVD4\Default\Thumbs.dble

[WARNING] The file could not be opened!

C:\MAGIX\Photos_sur_CD_DVD4\My Audio Video\Mes images\Thumbs.dble

[WARNING] The file could not be opened!

C:\MAGIX\Photos_sur_CD_DVD4\My Audio Video\_Image_dans_image_Demo\Thumbs.dble

[WARNING] The file could not be opened!

C:\MAGIX\Photos_sur_CD_DVD4\Tutorials\Thumbs.dble

[WARNING] The file could not be opened!

C:\Program Files\Adobe\Photoshop 7.0\Exemples\Thumbs.dble

[WARNING] The file could not be opened!

C:\Program Files\Adobe\Photoshop Album Edition Découverte\2.0\Shared_Assets\bitmaps\Thumbs.dble

[WARNING] The file could not be opened!

C:\Program Files\Adobe\Photoshop Album Edition Découverte\2.0\Shared_Assets\bitmaps\authoring_wiz\Thumbs.dble

[WARNING] The file could not be opened!

C:\Program Files\Adobe\Photoshop Album Edition Découverte\2.0\Shared_Assets\bitmaps\custom_window\Thumbs.dble

[WARNING] The file could not be opened!

C:\Program Files\Adobe\Photoshop Album Edition Découverte\2.0\Shared_Assets\bitmaps\edit_window\Thumbs.dble

[WARNING] The file could not be opened!

C:\Program Files\Adobe\Photoshop Album Edition Découverte\2.0\Shared_Assets\bitmaps\main_window\Thumbs.dble

[WARNING] The file could not be opened!

C:\Program Files\Adobe\Photoshop Album Edition Découverte\2.0\Shared_Assets\bitmaps\media_player\Thumbs.dble

[WARNING] The file could not be opened!

C:\Program Files\Adobe\Photoshop Album Edition Découverte\2.0\Shared_Assets\bitmaps\navigator\Thumbs.dble

[WARNING] The file could not be opened!

C:\Program Files\Adobe\Photoshop Album Edition Découverte\2.0\Shared_Assets\bitmaps\pim\Thumbs.dble

[WARNING] The file could not be opened!

C:\Program Files\Adobe\Photoshop Album Edition Découverte\2.0\Shared_Assets\bitmaps\project_window\Thumbs.dble

[WARNING] The file could not be opened!

C:\Program Files\Adobe\Photoshop Album Edition Découverte\2.0\Shared_Assets\bitmaps\tag_palette\Thumbs.dble

[WARNING] The file could not be opened!

C:\Program Files\Adobe\Photoshop Album Edition Découverte\2.0\Shared_Assets\bitmaps\upsell\Thumbs.dble

[WARNING] The file could not be opened!

C:\Program Files\Adobe\Photoshop Album Edition Découverte\2.0\Shared_Assets\bitmaps\widgets\Thumbs.dble

[WARNING] The file could not be opened!

C:\Program Files\Adobe\Photoshop Album Edition Découverte\2.0\Shared_Assets\bitmaps\workflow_icons\Thumbs.dble

[WARNING] The file could not be opened!

C:\Program Files\Adobe\Photoshop Album Edition Découverte\2.0\Shared_Assets\locales\fr_fr\bitmaps\Thumbs.dble

[WARNING] The file could not be opened!

C:\Program Files\ArcSoft\Camera Suite\PhotoPrinter\Photos\Thumbs.dble

[WARNING] The file could not be opened!

C:\Program Files\Creative\Creative WebCam NX Pro\Thumbs.dble

[WARNING] The file could not be opened!

C:\Program Files\EasyPhoto2DVD\Thumbs.dble

[WARNING] The file could not be opened!

C:\Program Files\EasyPhoto2DVD\Images\Thumbs.dble

[WARNING] The file could not be opened!

C:\Program Files\EasyPhoto2DVD\XFactor\Thumbs.dble

[WARNING] The file could not be opened!

C:\Program Files\Fichiers communs\Microsoft Shared\Papier à lettres\Thumbs.dble

[WARNING] The file could not be opened!

C:\Program Files\Kodak\Kodak EasyShare software\bin\data\kb\images\Thumbs.dble

[WARNING] The file could not be opened!

C:\Program Files\Kodak\Kodak EasyShare software\bin\data\voasl\images\Thumbs.dble

[WARNING] The file could not be opened!

C:\Program Files\Kodak\Kodak EasyShare software\bin\data\vpahtmm\images\Thumbs.dble

[WARNING] The file could not be opened!

C:\Program Files\Kodak\Kodak EasyShare software\bin\data\vpoconnect\images\Thumbs.dble

[WARNING] The file could not be opened!

C:\Program Files\Kodak\Kodak EasyShare software\bin\data\vpotmm\images\Thumbs.dble

[WARNING] The file could not be opened!

C:\Program Files\Kodak\Kodak EasyShare software\bin\data\vsfetmm\images\Thumbs.dble

[WARNING] The file could not be opened!

C:\Program Files\Kodak\KODAK Software Updater\7288971\6.3.2.62-7288971L\Program\Thumbs.dble

[WARNING] The file could not be opened!

C:\Program Files\Movie Maker\Thumbs.dble

[WARNING] The file could not be opened!

C:\Program Files\Movie Maker\Shared\Thumbs.dble

[WARNING] The file could not be opened!

C:\Program Files\PhotoFiltre\Masks\Thumbs.dble

[WARNING] The file could not be opened!

C:\Program Files\PhotoFiltre\Patterns\Thumbs.dble

[WARNING] The file could not be opened!

C:\Program Files\X-OOM\Photos on TV\XOOM\DemoShow\Animals\Photos\Thumbs.dble

[WARNING] The file could not be opened!

C:\Program Files\X-OOM\Photos on TV\XOOM\DemoShow\Business\Photos\Thumbs.dble

[WARNING] The file could not be opened!

C:\Program Files\X-OOM\Photos on TV\XOOM\DemoShow\City\Photos\Thumbs.dble

[WARNING] The file could not be opened!

C:\Program Files\X-OOM\Photos on TV\XOOM\DemoShow\Deep in the sea\Photos\Thumbs.dble

[WARNING] The file could not be opened!

C:\Program Files\X-OOM\Photos on TV\XOOM\DemoShow\Holiday Beach\Photos\Thumbs.dble

[WARNING] The file could not be opened!

C:\Program Files\X-OOM\Photos on TV\XOOM\DemoShow\Holiday in the mountains\Photos\Thumbs.dble

[WARNING] The file could not be opened!

C:\Program Files\X-OOM\Photos on TV\XOOM\DemoShow\Morphing\Photos\Thumbs.dble

[WARNING] The file could not be opened!

C:\Program Files\X-OOM\Photos on TV\XOOM\DemoShow\Space\Photos\Thumbs.dble

[WARNING] The file could not be opened!

C:\Program Files\X-OOM\Photos on TV\XOOM\LightRoom\Help\Images\Thumbs.dble

[WARNING] The file could not be opened!

C:\Program Files\X-OOM\Photos on TV\XOOM\Mes photos\Animals\Thumbs.dble

[WARNING] The file could not be opened!

C:\Program Files\X-OOM\Photos on TV\XOOM\Mes photos\Buildings\Thumbs.dble

[WARNING] The file could not be opened!

C:\Program Files\X-OOM\Photos on TV\XOOM\Mes photos\Countries\Thumbs.dble

[WARNING] The file could not be opened!

C:\Program Files\X-OOM\Photos on TV\XOOM\Mes photos\Flowers\Thumbs.dble

[WARNING] The file could not be opened!

C:\Program Files\X-OOM\Photos on TV\XOOM\Mes photos\Rivers\Thumbs.dble

[WARNING] The file could not be opened!

C:\Program Files\X-OOM\Photos on TV\XOOM\Mes photos\Sky\Thumbs.dble

[WARNING] The file could not be opened!

C:\Program Files\X-OOM\Photos on TV\XOOM\Mes photos\Trees\Thumbs.dble

[WARNING] The file could not be opened!

C:\Program Files\X-OOM\Photos on TV\XOOM\Mes photos\Underwater\Thumbs.dble

[WARNING] The file could not be opened!

C:\Program Files\X-OOM\Photos on TV\XOOM\Mes photos\Universe\Thumbs.dble

[WARNING] The file could not be opened!

C:\Program Files\XnView\skins\Fantasia\Thumbs.dble

[WARNING] The file could not be opened!

C:\Program Files\XnView\skins\gnome\Thumbs.dble

[WARNING] The file could not be opened!

C:\Program Files\XnView\skins\Matte DeLuxe\Thumbs.dble

[WARNING] The file could not be opened!

C:\Program Files\XnView\skins\mezich\Thumbs.dble

[WARNING] The file could not be opened!

C:\Program Files\XnView\skins\Old\Thumbs.dble

[WARNING] The file could not be opened!

C:\Program Files\XnView\skins\Phoenity\Thumbs.dble

[WARNING] The file could not be opened!

C:\Program Files\XnView\skins\Phoenity 2\Thumbs.dble

[WARNING] The file could not be opened!

C:\Program Files\XnView\skins\PixelManiak\Thumbs.dble

[WARNING] The file could not be opened!

C:\Program Files\XnView\skins\Xp\Thumbs.dble

[WARNING] The file could not be opened!

C:\Program Files\XnView\WebTemplate\Deutsch - Simple[XnView]\nav\Thumbs.dble

[WARNING] The file could not be opened!

C:\Program Files\XnView\WebTemplate\Foo[silver]\Thumbs.dble

[WARNING] The file could not be opened!

C:\Program Files\XnView\WebTemplate\Français - Foo[silver]\Thumbs.dble

[WARNING] The file could not be opened!

C:\Program Files\XnView\WebTemplate\Français - Simple[XnView]\nav\Thumbs.dble

[WARNING] The file could not be opened!

C:\Program Files\XnView\WebTemplate\Simple\nav\Thumbs.dble

[WARNING] The file could not be opened!

C:\Program Files\XnView\WebTemplate\Simple (Deutsch)\nav\Thumbs.dble

[WARNING] The file could not be opened!

C:\Program Files\XnView\WebTemplate\Simple (Français)\nav\Thumbs.dble

[WARNING] The file could not be opened!

C:\Program Files\XnView\WebTemplate\Simple[blue]\nav\Thumbs.dble

[WARNING] The file could not be opened!

C:\Program Files\XnView\WebTemplate\Simple[Green]\nav\Thumbs.dble

[WARNING] The file could not be opened!

C:\Program Files\XnView\WebTemplate\Simple[Mono]\nav\Thumbs.dble

[WARNING] The file could not be opened!

C:\Program Files\XnView\WebTemplate\Simple[Red]\nav\Thumbs.dble

[WARNING] The file could not be opened!

C:\Program Files\XnView\WebTemplate\Simple[XnView]\nav\Thumbs.dble

[WARNING] The file could not be opened!

C:\Program Files\XnView Deluxe 2\images\Thumbs.dble

[WARNING] The file could not be opened!

C:\Program Files\XnView Deluxe 2\Project\Animaux\Thumbs.dble

[WARNING] The file could not be opened!

C:\Program Files\XnView Deluxe 2\Project\Backgrounds\Thumbs.dble

[WARNING] The file could not be opened!

C:\Program Files\XnView Deluxe 2\Project\Corse\Thumbs.dble

[WARNING] The file could not be opened!

C:\Program Files\XnView Deluxe 2\Project\Divers\Thumbs.dble

[WARNING] The file could not be opened!

C:\Program Files\XnView Deluxe 2\Project\Drapeaux\Thumbs.dble

[WARNING] The file could not be opened!

C:\Program Files\XnView Deluxe 2\Project\Enfants\Thumbs.dble

[WARNING] The file could not be opened!

C:\Program Files\XnView Deluxe 2\Project\Fonds d'Ecrans\Thumbs.dble

[WARNING] The file could not be opened!

C:\Program Files\XnView Deluxe 2\Project\Monuments\Thumbs.dble

[WARNING] The file could not be opened!

C:\Program Files\XnView Deluxe 2\Project\Nature\Thumbs.dble

[WARNING] The file could not be opened!

C:\Program Files\XnView Deluxe 2\Project\Nature\Fleurs\Thumbs.dble

[WARNING] The file could not be opened!

C:\Program Files\XnView Deluxe 2\Project\Nature\Mer\Thumbs.dble

[WARNING] The file could not be opened!

C:\Program Files\XnView Deluxe 2\Project\Nature\Paysages\Thumbs.dble

[WARNING] The file could not be opened!

C:\Program Files\XnView Deluxe 2\Project\Personnages\Thumbs.dble

[WARNING] The file could not be opened!

C:\Program Files\XnView Deluxe 2\Project\Sports\Thumbs.dble

[WARNING] The file could not be opened!

C:\Program Files\XnView Deluxe 2\skins\Thumbs.dble

[WARNING] The file could not be opened!

C:\Program Files\XnView Deluxe 2\skins\gromik\Thumbs.dble

[WARNING] The file could not be opened!

C:\Program Files\XnView Deluxe 2\skins\toolbar2\Thumbs.dble

[WARNING] The file could not be opened!

C:\Program Files\XnView Deluxe 2\skins\toolbar3\Thumbs.dble

[WARNING] The file could not be opened!

C:\Program Files\XnView Deluxe 2\skins\toolbar4\Thumbs.dble

[WARNING] The file could not be opened!

C:\Program Files\XnView Deluxe 2\WebTemplate\Aqua\Thumbs.dble

[WARNING] The file could not be opened!

C:\Program Files\XnView Deluxe 2\WebTemplate\Art\Thumbs.dble

[WARNING] The file could not be opened!

C:\Program Files\XnView Deluxe 2\WebTemplate\Bureau Bleu\Thumbs.dble

[WARNING] The file could not be opened!

C:\Program Files\XnView Deluxe 2\WebTemplate\Bureau Metal\Thumbs.dble

[WARNING] The file could not be opened!

C:\Program Files\XnView Deluxe 2\WebTemplate\Design Bleu\Thumbs.dble

[WARNING] The file could not be opened!

C:\Program Files\XnView Deluxe 2\WebTemplate\Ecole\Thumbs.dble

[WARNING] The file could not be opened!

C:\Program Files\XnView Deluxe 2\WebTemplate\Exotique\Thumbs.dble

[WARNING] The file could not be opened!

C:\Program Files\XnView Deluxe 2\WebTemplate\Famille\Thumbs.dble

[WARNING] The file could not be opened!

C:\Program Files\XnView Deluxe 2\WebTemplate\Graphik\Thumbs.dble

[WARNING] The file could not be opened!

C:\Program Files\XnView Deluxe 2\WebTemplate\Humour\Thumbs.dble

[WARNING] The file could not be opened!

C:\Program Files\XnView Deluxe 2\WebTemplate\Musique\Thumbs.dble

[WARNING] The file could not be opened!

C:\Program Files\XnView Deluxe 2\WebTemplate\Reggea\Thumbs.dble

[WARNING] The file could not be opened!

C:\Program Files\XnView Deluxe 2\WebTemplate\Sport\Thumbs.dble

[WARNING] The file could not be opened!

C:\Program Files\XnView Deluxe 2\WebTemplate\Standard\Thumbs.dble

[WARNING] The file could not be opened!

C:\Program Files\XnView Deluxe 2\WebTemplate\Technique\Thumbs.dble

[WARNING] The file could not be opened!

C:\Program Files\XnView Deluxe 2\WebTemplate\Vacances\Thumbs.dble

[WARNING] The file could not be opened!

C:\Program Files\XnView Deluxe 2\WebTemplate\Vacances Mer\Thumbs.dble

[WARNING] The file could not be opened!

C:\Program Files\XnView Deluxe 2\WebTemplate\Voyage\Thumbs.dble

[WARNING] The file could not be opened!

C:\Program Files\Yahoo!\Messenger\Thumbs.dble

[WARNING] The file could not be opened!

C:\RECYCLER\S-1-5-21-448539723-1897051121-1801674531-1003\Dc29\Plugins\StuffPlug-NG\UI\images\Thumbs.dble

[WARNING] The file could not be opened!

C:\RECYCLER\S-1-5-21-448539723-1897051121-1801674531-1003\Dc36\NetTransport 2\Help\images\Thumbs.dble

[WARNING] The file could not be opened!

C:\WINDOWS\system32\config\default

[WARNING] The file could not be opened!

C:\WINDOWS\system32\config\default.LOG

[WARNING] The file could not be opened!

C:\WINDOWS\system32\config\SAM

[WARNING] The file could not be opened!

C:\WINDOWS\system32\config\SAM.LOG

[WARNING] The file could not be opened!

C:\WINDOWS\system32\config\SECURITY

[WARNING] The file could not be opened!

C:\WINDOWS\system32\config\SECURITY.LOG

[WARNING] The file could not be opened!

C:\WINDOWS\system32\config\software

[WARNING] The file could not be opened!

C:\WINDOWS\system32\config\software.LOG

[WARNING] The file could not be opened!

C:\WINDOWS\system32\config\system

[WARNING] The file could not be opened!

C:\WINDOWS\system32\config\system.LOG

[WARNING] The file could not be opened!

C:\WINDOWS\twain_32\AM12EP\Thumbs.dble

[WARNING] The file could not be opened!

The path D:\ could ot be found!

Le périphérique n'est pas prêt.

 

The path E:\ could ot be found!

Le périphérique n'est pas prêt.

 

 

 

End of the scan: samedi 11 février 2006 16:27

Used time: 47:45 min

 

The scan has been done completely.

 

5691 Scanning directories

157219 Files were scanned

0 viruses and/or unwanted programs was found

0 files were deleted

0 files were repaired

0 files were moved to quarantine

0 files were renamed

1706 Archives were scanned

390 Warnings

0 Notes

 

 

Merci de m indiquer ce que vous en pensez, rapidement si possible, je repars bientot!!

 

merci d avance!

 

maykimaykedelille

[Jack_Burton]

Bonsoir,

 

Je démarre une analyse de ton rapport infecté! Réponse dans un moment

 

C:\Documents and Settings\dominique berton\Local Settings\Temp\HijackThis.exe

Pour pouvoir utiliser les sauvegardes créées par HijackThis, il faut que le programme HijackThis soit installé dans un dossier non système, non temporaire, et qui lui est réservé.

Je te conseille donc de créer un dossier (par exemple: C:\Program Files\HJT) puis d'y déplacer le fichier HijackThis.exe.

Si tu le laisses tel qu'il est actuellement, tu ne pourras pas conserver les sauvegardes des lignes fixées!

 

 

Re,

 

Imprime ces instructions ou sauvegarde les dans un fichier texte de façon à pouvoir les consulter en mode sans échec.

 

1/ Télécharge et installe EasyCleaner de Toni Helenius: http://personal.inet.fi/business/toniarts/ecleane.htm

 

2/ Redémarre en mode sans échec.

(au redémarrage de l'ordinateur, une fois le chargement du BIOS terminé, il y a un écran noir qui apparaît rapidement, appuyer sur la touche [F8] ou [F5] jusqu'à l'affichage du menu des options avancées de Windows. Sélectionner "Mode sans échec" et appuyer sur [Entrée].)

 

3/ Vérifie d'avoir accès à tous les fichiers

Démarrer, Poste de travail ou autre dossier, Menu Outils, Option des dossiers, onglet Affichage :

Activer la case : Afficher les fichiers et dossiers cachés

Désactiver la case : Masquer les extensions des fichiers dont le type est connu

Désactiver la case : Masquer les fichiers protégés du système d'exploitation

Puis Appliquer

 

4/ Désinstalle via "panneau de configuration/ajout-suppression de programmes" le(s) logiciel(s) suivant(s) si présent(s):

 

-SurfAccuracy

-SideFind

 

5/ Relance un scan HijackThis, clique sur "Do a system scan only" et coche les lignes ci-dessous (si présentes) :

 

R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://g.msn.fr/0SEFRFR/SAOS01?FORM=TOOLBR

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =

 

R3 - URLSearchHook: (no name) - - (no file)

 

O2 - BHO: RXResultTracker Class - {59879FA4-4790-461c-A1CC-4EC4DE4CA483} - (no file)

 

O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\System32\\NeroCheck.exe

O4 - HKLM\..\Run: [soundMan] SOUNDMAN.EXE

O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot

O4 - HKLM\..\Run: [surfAccuracy] C:\Program Files\SurfAccuracy\SAcc.exe

O4 - HKLM\..\Run: [OESyncTray] "C:\Program Files\mobile PhoneTools\OESyncTray.exe"

O4 - HKLM\..\Run: [MessengerPlus3] "C:\Program Files\MessengerPlus! 3\MsgPlus.exe"

O4 - HKLM\..\Run: [sunJavaUpdateSched] C:\Program Files\Java\j2re1.4.2_10\bin\jusched.exe

O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe

O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe

O4 - HKCU\..\Run: [PDFSaver] C:\Program Files\GénéaTique2004\PdfDrv\Install\PDFSaver.exe

O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background

O4 - HKCU\..\Run: [MessengerPlus3] "C:\Program Files\MessengerPlus! 3\MsgPlus.exe" /WinStart

O4 - Startup: Adobe Gamma Loader.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe

O4 - Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe

 

O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\msjava.dll

O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\msjava.dll

O9 - Extra button: SideFind - {10E42047-DEB9-4535-A118-B3F6EC39B807} - C:\Program Files\SideFind\sidefind.dll (file missing)

 

O16 - DPF: Interface Chat Wanadoo - http://chat7.x-echo.com/version6/Applet/wchatsign.cab

O16 - DPF: {1754A1BA-A1DF-4F10-B199-AA55AA1A120F} (InstallerBehaviorFactory Class) - https://signup.msn.com/pages/MsnInstC.cab

O16 - DPF: {1D6711C8-7154-40BB-8380-3DEA45B69CBF} (Web P2P Installer) -

O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://spaces.msn.com//PhotoUpload/MsnPUpld.cab

O16 - DPF: {8FCDF9D9-A28B-480F-8C3D-581F119A8AB8} - http://static.zangocash.com/cab/Zango/ie/bridge-c18.cab

 

O18 - Filter: text/html - {2AB289AE-4B90-4281-B2AE-1F4BB034B647} - (no file)

 

Ferme toutes les fenêtres sauf HijackThis et "Fix Checked".

 

6/ Supprime le(s) fichier(s) et dossier(s) incriminé(s) [s'il(s) existe(nt) encore] par l'Explorateur Windows :

 

-C:\Program Files\SurfAccuracy<---supprime tout le dossier

-C:\Program Files\SideFind<---supprime tout le dossier

 

7/ Execute EasyCleaner: Utilise les fonctions "Inutiles" et "Registre" seulement. Ne touche pas à la fonction "doublons".

 

8/ Redémarre l'ordinateur en mode normal et poste un nouveau rapport HijackThis à titre de vérification.

 

Aucun firewall présent sur ce rapport. Si tu n en as pas ou si ta soeur utilise la bouse offert par XP alors je lui conseille FORTEMENT d en installer un vrai! Vous en trouverez 3 gratuits et performants dans "les consignes de sécurité" en bas pres de ma signature.

Désinstalle un des antivirus (Antivir)

Modifié le 11 février 2006 par Jack_Burton

[maykimaykedelille]

alors j ai suivi tes indications

voila donc le new rapport hijackthis

 

Logfile of HijackThis v1.99.1

Scan saved at 18:33:21, on 11/02/2006

Platform: Windows XP SP2 (WinNT 5.01.2600)

MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

 

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\system32\spoolsv.exe

C:\WINDOWS\Explorer.EXE

C:\Program Files\AVPersonal\AVGUARD.EXE

C:\PROGRA~1\GOTOSO~1\VADERE~1\Vaderetro_oe.exe

C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe

C:\Program Files\AVPersonal\AVGNT.EXE

C:\Program Files\Alwil Software\Avast4\ashServ.exe

C:\Program Files\AVPersonal\AVWUPSRV.EXE

C:\WINDOWS\System32\svchost.exe

C:\Program Files\Nikon\NkView6\NkvMon.exe

C:\Program Files\MSN Toolbar Suite\DS\02.05.0001.1119\fr-fr\bin\WindowsSearch.exe

C:\Program Files\HP\Digital Imaging\bin\hpqimzone.exe

C:\Program Files\WinZip\WZQKPICK.EXE

C:\Program Files\MSN Toolbar Suite\DS\02.05.0001.1119\fr-fr\bin\WindowsSearchIndexer.exe

C:\WINDOWS\FSScrCtl.exe

C:\WINDOWS\system32\wscntfy.exe

C:\Program Files\hijackthis\HijackThis.exe

 

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens

O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar3.dll

O2 - BHO: Barre d'outils MSN Search Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Toolbar Suite\TB\02.05.0000.1105\fr-fr\msntb.dll

O3 - Toolbar: Barre d'outils MSN Search - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Toolbar Suite\TB\02.05.0000.1105\fr-fr\msntb.dll

O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar3.dll

O4 - HKLM\..\Run: [Vade Retro Outlook Express] "C:\PROGRA~1\GOTOSO~1\VADERE~1\Vaderetro_oe.exe"

O4 - HKLM\..\Run: [AVGCtrl] C:\Program Files\AVPersonal\AVGNT.EXE /min

O4 - Startup: NkvMon.exe.lnk = C:\Program Files\Nikon\NkView6\NkvMon.exe

O4 - Startup: Sagem - Utilitaire réseau pour Clé USB Wi-Fi 802.11g.lnk = ?

O4 - Startup: Screen Saver Control.lnk = C:\WINDOWS\FSScrCtl.exe

O4 - Global Startup: Démarrage rapide du logiciel HP Image Zone.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe

O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE

O4 - Global Startup: NkvMon.exe.lnk = C:\Program Files\Nikon\NkView6\NkvMon.exe

O4 - Global Startup: Windows Desktop Search.lnk = C:\Program Files\MSN Toolbar Suite\DS\02.05.0001.1119\fr-fr\bin\WindowsSearch.exe

O4 - Global Startup: WinZip Quick Pick.lnk = C:\Program Files\WinZip\WZQKPICK.EXE

O8 - Extra context menu item: &MSN Search - res://C:\Program Files\MSN Toolbar Suite\TB\02.05.0000.1105\fr-fr\msntb.dll/search.htm

O8 - Extra context menu item: &Traduire à partir de l'anglais - res://c:\program files\google\GoogleToolbar3.dll/cmwordtrans.html

O8 - Extra context menu item: Pages liées - res://c:\program files\google\GoogleToolbar3.dll/cmbacklinks.html

O8 - Extra context menu item: Pages similaires - res://c:\program files\google\GoogleToolbar3.dll/cmsimilar.html

O8 - Extra context menu item: Recherche &Google - res://c:\program files\google\GoogleToolbar3.dll/cmsearch.html

O8 - Extra context menu item: Version de la page actuelle disponible dans le cache Google - res://c:\program files\google\GoogleToolbar3.dll/cmcache.html

O9 - Extra button: @C:\Program Files\Messenger\Msgslang.dll,-61144 - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O9 - Extra 'Tools' menuitem: @C:\Program Files\Messenger\Msgslang.dll,-61144 - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O12 - Plugin for .pdf: C:\Program Files\Internet Explorer\PLUGINS\nppdf32.dll

O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)

O23 - Service: AntiVir Service (AntiVirService) - H+BEDV Datentechnik GmbH - C:\Program Files\AVPersonal\AVGUARD.EXE

O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe

O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashServ.exe

O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)

O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)

O23 - Service: AntiVir Update (AVWUpSrv) - H+BEDV Datentechnik GmbH, Germany - C:\Program Files\AVPersonal\AVWUPSRV.EXE

 

 

 

tu me dis de desinstaller un antivirus, j aimerai desinstaller antivir mais impossible!! peux tu m aider? il n est pas operationnel de toute facon celui-la! je vais donc laisser antivir

 

je vais leur installer zone alarme aussi

 

pour me service pack 2 je le desinstalle carrement tu crois?

 

et je les passe sous firefox au lieu de internet explorer?

 

merci de tes reponses!!

[Jack_Burton]

Bonsoir le rapport est propre!

As tu des dysfonctionnements?

 

tu me dis de desinstaller un antivirus, j aimerai desinstaller antivir mais impossible!! peux tu m aider? il n est pas operationnel de toute facon celui-la! je vais donc laisser antivir

Pour supprimer Antivir :

 

1/ Redémarre en mode sans échec.

(au redémarrage de l'ordinateur, une fois le chargement du BIOS terminé, il y a un écran noir qui apparaît rapidement, appuyer sur la touche [F8] ou [F5] jusqu'à l'affichage du menu des options avancées de Windows. Sélectionner "Mode sans échec" et appuyer sur [Entrée].)

 

2/ Dans le menu Demarrer>Executer >tape: services.msc

 

Recherche les services avec cette orthographe exacte:

-AntiVir Service (AntiVirService)

-AntiVir Update (AVWUpSrv)

 

Double clic dessus et clic sur [arreter] puis dans :

type de demarrage --> sélectionne désactivé.

 

3/ Désinstalle via "panneau de configuration/ajout-suppression de programmes" le(s) logiciel(s) suivant(s) si présent(s):

 

- AVPersonal ou Antivir

 

4/ Supprime tout le dossier C:\Program Files\AVPersonal

 

5/ Redémarre en mode normal

 

je vais leur installer zone alarme aussi

Attention! Le service webshield d Avast est incompatible avec ZoneAlarm!

 

 

pour me service pack 2 je le desinstalle carrement tu crois?

Ben non! Pourquoi veux tu le désinstaller! Il accroit davantage la sécurité du systeme d exploitation! Gardes le!

 

et je les passe sous firefox au lieu de internet explorer?

Oui, il est conseillé de passer a un navigateur alternatif pour plus de sécurité!

Pourquoi passer sur Firefox (ou Opera) et abandonner IE?

Tout simplement parce que IE n est pas conforme aux standards du W3C, ils gerent ces funestes ActiveX, souvent porteuses d infections virales, il ne propose pas la navigation par onglets si pratique, il n integre pas d anti popups en interne.

 

Pour toutes ces raisons je te conseille de passer sur Firefox que tu peux davantage sécuriser avec les conseils de megataupe

[maykimaykedelille]

ca marche quand meme mieux qu au depart

 

sauf que a chaque lancement de windows j ai une fenetre qui s ouvre pour la configuration de photogallery. Au bout de quelques instants il me demande un cd d installation!!! que faire?

 

sinon j ai prefere laisse antivir mais je n arrive pas a retirer tous les fichiers restants de avast peux tu m aider?

[Jack_Burton]

Bonjour,

 

sauf que a chaque lancement de windows j ai une fenetre qui s ouvre pour la configuration de photogallery. Au bout de quelques instants il me demande un cd d installation!!! que faire?

C est lié a quel logiciel photogallery?

 

sinon j ai prefere laisse antivir mais je n arrive pas a retirer tous les fichiers restants de avast peux tu m aider?

 

1/ Redémarre en mode sans échec.

(au redémarrage de l'ordinateur, une fois le chargement du BIOS terminé, il y a un écran noir qui apparaît rapidement, appuyer sur la touche [F8] ou [F5] jusqu'à l'affichage du menu des options avancées de Windows. Sélectionner "Mode sans échec" et appuyer sur [Entrée].)

 

2/ Vérifie d'avoir accès à tous les fichiers

Démarrer, Poste de travail ou autre dossier, Menu Outils, Option des dossiers, onglet Affichage :

Activer la case : Afficher les fichiers et dossiers cachés

Désactiver la case : Masquer les extensions des fichiers dont le type est connu

Désactiver la case : Masquer les fichiers protégés du système d'exploitation

Puis Appliquer

 

3/ Dans le menu Demarrer>Executer >tape: services.msc

 

Recherche le service avec cette orthographe exacte:

-avast! iAVS4 Control Service (aswUpdSv)

-avast! Antivirus

-avast! Mail Scanner

-avast! Web Scanner

 

 

Double clic dessus et clic sur [arreter] puis dans :

type de demarrage --> sélectionne désactivé.

 

4/ Désinstalle via "panneau de configuration/ajout-suppression de programmes" le(s) logiciel(s) suivant(s) si présent(s):

 

-avast!

 

5/ Supprime le(s) fichier(s) et dossier(s) incriminé(s) [s'il(s) existe(nt) encore] par l'Explorateur Windows :

 

-C:\Program Files\Alwil Software<---supprime tout le dossier

 

5/ Redémarre en mode normal

[maykimaykedelille]

alors photogallery je ne connais pas le logiciel dont ca depend!!!

la seule chose que je peux te dire c que au demarrage la fenetre indique que windows installer veut le configurer, il installe qq fichiers et demande ensuite un cd!!!

 

pour avast, j ai bien suivi tes indications mais impossible d effacer le fichier alwil software, pas acces ou disque plein en ecriture alors que j ai acces a tous les fichiers!!!

 

a toi de me dire! merci

[maykimaykedelille]

alors que faire?

[angelique]

ton photogallery fait reference soit à ton imprimante,soit à ta camera nkview6 donc pour etre sur sans aucun soucis tu lances hijack et tu coches:

 

O4 - Global Startup: Démarrage rapide du logiciel HP Image Zone.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe

O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE

O4 - Global Startup: NkvMon.exe.lnk = C:\Program Files\Nikon\NkView6\NkvMon.exe

 

 

tu fermes tous tes programmes et tu fixchek.

 

nkvmon.exe is a process that belongsto the Nikon CoolPix camera software. It automatically detects if a CoolPix camera is connected. This program should not be terminated unless suspected to be causing problems.

 

et osa9.exe c'est le lancement de office,inutile et ralentit ton pc!

[maykimaykedelille]

sur?