Bonsjour a tous,

Mon ordi n'ouvre plus de dossier sans planter et c'est jour de paye voilà un rapport hijackthis. qui peut-être me sauvera.

Un grand merci a tous

Alladin

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 12:52:07, on 02.07.2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16674)
Boot mode: Normal

Running processes:
G:\WINDOWS\System32\smss.exe
G:\WINDOWS\system32\winlogon.exe
G:\WINDOWS\system32\services.exe
G:\WINDOWS\system32\lsass.exe
G:\WINDOWS\system32\svchost.exe
G:\WINDOWS\System32\svchost.exe
G:\WINDOWS\system32\svchost.exe
G:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
G:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
G:\Program Files\Alwil Software\Avast4\ashServ.exe
G:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
G:\WINDOWS\Logi_MwX.Exe
G:\Program Files\ScanSoft\OmniPageSE2.0\OpwareSE2.exe
G:\Program Files\Logitech\iTouch\iTouch.exe
G:\Program Files\Java\jre1.6.0_05\bin\jusched.exe
G:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
G:\Program Files\iTunes\iTunesHelper.exe
G:\Program Files\Fichiers communs\Ahead\lib\NMBgMonitor.exe
G:\Program Files\Windows Live\Messenger\msnmsgr.exe
G:\WINDOWS\system32\ctfmon.exe
G:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
G:\Program Files\Google\Google Updater\GoogleUpdater.exe
G:\WINDOWS\BricoPacks\Vista Inspirat\ObjectDock\ObjectDock.exe
G:\WINDOWS\system32\spoolsv.exe
G:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
G:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
G:\Program Files\Bonjour\mDNSResponder.exe
G:\Program Files\D-Link\Logiciel Bluetooth\bin\btwdins.exe
G:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
G:\WINDOWS\System32\svchost.exe
G:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
G:\Program Files\Alwil Software\Avast4\ashWebSv.exe
G:\Program Files\iPod\bin\iPodService.exe
G:\Program Files\Windows Live\Messenger\usnsvc.exe
G:\WINDOWS\system32\drwtsn32.exe
G:\WINDOWS\system32\drwtsn32.exe
G:\WINDOWS\explorer.exe
G:\WINDOWS\system32\winlogon.exe
G:\WINDOWS\system32\wuauclt.exe
G:\Program Files\Internet Explorer\iexplore.exe
G:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe
G:\WINDOWS\system32\dwwin.exe
G:\Program Files\Trend Micro\HijackThis\HijackThis.exe
G:\WINDOWS\system32\taskmgr.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.romandie.com/news/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = localhost:3128
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost;*.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Multi Media Toolbar - {b5146c40-189a-4311-bda9-fbae3e023187} - G:\Program Files\Multi_Media\tbMult.dll
R3 - URLSearchHook: multimedia Toolbar - {ea455768-878f-4c0d-a5c9-2dba07a232a6} - G:\Program Files\multimedia\tbmult.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - G:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: ShoppingReport - {100EB1FD-D03E-47FD-81F3-EE91287F9465} - (no file)
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - G:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - G:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - g:\program files\google\googletoolbar1.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - G:\Program Files\Google\GoogleToolbarNotifier\2.1.1119.1736\swg.dll
O2 - BHO: Multi Media Toolbar - {b5146c40-189a-4311-bda9-fbae3e023187} - G:\Program Files\Multi_Media\tbMult.dll
O2 - BHO: multimedia Toolbar - {ea455768-878f-4c0d-a5c9-2dba07a232a6} - G:\Program Files\multimedia\tbmult.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - G:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: Easy-WebPrint - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - G:\Program Files\Canon\Easy-WebPrint\Toolband.dll
O3 - Toolbar: Multi Media Toolbar - {b5146c40-189a-4311-bda9-fbae3e023187} - G:\Program Files\Multi_Media\tbMult.dll
O3 - Toolbar: multimedia Toolbar - {ea455768-878f-4c0d-a5c9-2dba07a232a6} - G:\Program Files\multimedia\tbmult.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - g:\program files\google\googletoolbar1.dll
O4 - HKLM\..\Run: [avast!] G:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [NeroFilterCheck] G:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [Logitech Utility] Logi_MwX.Exe
O4 - HKLM\..\Run: [OpwareSE2] "G:\Program Files\ScanSoft\OmniPageSE2.0\OpwareSE2.exe"
O4 - HKLM\..\Run: [zBrowser Launcher] G:\Program Files\Logitech\iTouch\iTouch.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "G:\Program Files\Java\jre1.6.0_05\bin\jusched.exe"
O4 - HKLM\..\Run: [LogitechVideoRepair] G:\Program Files\Logitech\Video\ISStart.exe
O4 - HKLM\..\Run: [LogitechVideoTray] G:\Program Files\Logitech\Video\LogiTray.exe
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "G:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKLM\..\Run: [Logitech Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [QuickTime Task] "G:\Program Files\MpcStar\Codecs\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "G:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "G:\Program Files\Fichiers communs\Ahead\lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [updateMgr] G:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe AcRdB7_0_9
O4 - HKCU\..\Run: [MessengerPlus3] "G:\Program Files\MessengerPlus! 3\MsgPlus1.exe" /WinStart
O4 - HKCU\..\Run: [msnmsgr] "G:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [ctfmon.exe] G:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [swg] G:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] G:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] G:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-21-448539723-2111687655-1708537768-1004\..\Run: [CTFMON.EXE] G:\WINDOWS\system32\ctfmon.exe (User 'didie')
O4 - HKUS\S-1-5-21-448539723-2111687655-1708537768-1004\..\Run: [msnmsgr] "G:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background (User 'didie')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] G:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] G:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O4 - Startup: Adobe Gamma.lnk = G:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Startup: Stardock ObjectDock.lnk = G:\WINDOWS\BricoPacks\Vista Inspirat\ObjectDock\ObjectDock.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = G:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - Global Startup: Outil de mise à jour Google.lnk = G:\Program Files\Google\Google Updater\GoogleUpdater.exe
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://G:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Easy-WebPrint Ajouter à la liste d'impressions - res://G:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_AddToList.html
O8 - Extra context menu item: Easy-WebPrint Impression rapide - res://G:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_HSPrint.html
O8 - Extra context menu item: Easy-WebPrint Imprimer - res://G:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_Print.html
O8 - Extra context menu item: Easy-WebPrint Prévisualiser - res://G:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_Preview.html
O8 - Extra context menu item: Envoyer à &Bluetooth - G:\Program Files\D-Link\Logiciel Bluetooth\btsendto_ie_ctx.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - G:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - G:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - G:\WINDOWS\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - G:\WINDOWS\bdoscandel.exe
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - G:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: ShopperReports - Compare product prices - {C5428486-50A0-4a02-9D20-520B59A9F9B2} - G:\WINDOWS\System32\shdocvw.dll
O9 - Extra button: ShopperReports - Compare travel rates - {C5428486-50A0-4a02-9D20-520B59A9F9B3} - G:\WINDOWS\System32\shdocvw.dll
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - G:\Program Files\D-Link\Logiciel Bluetooth\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-4017 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - G:\Program Files\D-Link\Logiciel Bluetooth\btsendto_ie.htm
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://www.kaspersky.com/kos/english/kavwebscan_unicode.cab
O16 - DPF: {2D8ED06D-3C30-438B-96AE-4D110FDC1FB8} (ActiveScan 2.0 Installer Class) - http://acs.pandasoftware.com/activescan/cabs/as2stubie.cab
O16 - DPF: {31B7EB4E-8B4B-11D1-A789-00A0CC6651A8} (Cult3D ActiveX Player) - http://www.cult3d.com/download/cult.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx2.hotmail.com/mail/w2/resources/MSNPUpld.cab
O16 - DPF: {512FC5A1-7DE1-43F1-BC0C-371622FCB409} (TotalScan Installer Class) - http://www.nanoscan.com/as/cabs/ascstubie.cab
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.bitdefender.fr/scan8/oscan8.cab
O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} (Windows Live Safety Center Base Module) - http://scan.safety.live.com/resource/download/scanner/wlscbase969.cab
O16 - DPF: {62789780-B744-11D0-986B-00609731A21D} (Autodesk MapGuide ActiveX Control) - http://www.mapguide.cimainfo.com/upload/mgaxctrl.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1190229290567
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/2005111401/housecall.trendmicro.com/housecall/xscan53.cab
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMessengerSetupDownloader.cab
O16 - DPF: {CB50428B-657F-47DF-9B32-671F82AA73F7} - http://www.photodex.com/pxplay.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - G:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O23 - Service: Ad-aware 2007 Service (aawservice) - Lavasoft - G:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: Adobe LM Service - Adobe Systems - G:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Apple Mobile Device - Apple, Inc. - G:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - G:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Autodesk Licensing Service - Autodesk - G:\Program Files\Fichiers communs\Autodesk Shared\Service\AdskScSrv.exe
O23 - Service: avast! Antivirus - ALWIL Software - G:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - G:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - G:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - G:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - G:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation - G:\Program Files\D-Link\Logiciel Bluetooth\bin\btwdins.exe
O23 - Service: Google Updater Service (gusvc) - Google - G:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - G:\Program Files\iPod\bin\iPodService.exe
O23 - Service: ServiceLayer - Nokia. - G:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: TuneUp Drive Defrag Service (TuneUp.Defrag) - TuneUp Software GmbH - G:\WINDOWS\System32\TuneUpDefragService.exe

--
End of file - 13940 bytes

bonjour,

peux tu commencer par ceci stp

Malwarebyte's (tuto PCA)

poste le rapport ici ensuite

Bine le bonjour et un grand merci.

Voilà ce qui a été demandé.

Malwarebytes' Anti-Malware 1.19
Version de la base de données: 914
Windows 5.1.2600 Service Pack 2

22:22:25 02.07.2008
mbam-log-7-2-2008 (22-22-19).txt

Type de recherche: Examen complet (C:\|G:\|)
Eléments examinés: 170625
Temps écoulé: 1 hour(s), 50 minute(s), 39 second(s)

Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 24
Valeur(s) du Registre infectée(s): 2
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 16
Fichier(s) infecté(s): 14

Processus mémoire infecté(s):
(Aucun élément nuisible détecté)

Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)

Clé(s) du Registre infectée(s):
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b} (Adware.Agent) -> No action taken.
HKEY_CLASSES_ROOT\shoppingreport.iebutton (Adware.Shopping.Report) -> No action taken.
HKEY_CLASSES_ROOT\shoppingreport.iebutton.1 (Adware.Shopping.Report) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{c9ccbb35-d123-4a31-affc-9b2933132116} (Adware.Shopping.Report) -> No action taken.
HKEY_CLASSES_ROOT\shoppingreport.hbinfoband (Adware.Shopping.Report) -> No action taken.
HKEY_CLASSES_ROOT\shoppingreport.hbinfoband.1 (Adware.Shopping.Report) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{a7cddcdc-beeb-4685-a062-978f5e07ceee} (Adware.Shopping.Report) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Explorer Bars\{a7cddcdc-beeb-4685-a062-978f5e07ceee} (Adware.Shopping.Report) -> No action taken.
HKEY_CLASSES_ROOT\shoppingreport.iebuttona (Adware.Shopping.Report) -> No action taken.
HKEY_CLASSES_ROOT\shoppingreport.iebuttona.1 (Adware.Shopping.Report) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{a16ad1e9-f69a-45af-9462-b1c286708842} (Adware.Shopping.Report) -> No action taken.
HKEY_CLASSES_ROOT\shoppingreport.rprtctrl (Adware.Shopping.Report) -> No action taken.
HKEY_CLASSES_ROOT\shoppingreport.rprtctrl.1 (Adware.Shopping.Report) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{100eb1fd-d03e-47fd-81f3-ee91287f9465} (Adware.Shopping.Report) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{100eb1fd-d03e-47fd-81f3-ee91287f9465} (Adware.Shopping.Report) -> No action taken.
HKEY_CLASSES_ROOT\Interface\{8ad9ad05-36be-4e40-ba62-5422eb0d02fb} (Adware.Shopping.Report) -> No action taken.
HKEY_CLASSES_ROOT\Interface\{aebf09e2-0c15-43c8-99bf-928c645d98a0} (Adware.Shopping.Report) -> No action taken.
HKEY_CLASSES_ROOT\Interface\{d8560ac2-21b5-4c1a-bdd4-bd12bc83b082} (Adware.Shopping.Report) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{c5428486-50a0-4a02-9d20-520b59a9f9b2} (Adware.Shopping.Report) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{c5428486-50a0-4a02-9d20-520b59a9f9b3} (Adware.Shopping.Report) -> No action taken.
\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\shoppingreport (Adware.Shopping.Report) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\ShoppingReport (Adware.Shopping.Report) -> No action taken.
HKEY_CLASSES_ROOT\shoppingreport.hbax (Adware.Shopping.Report) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\ShoppingReport (Adware.Shopping.Report) -> No action taken.

Valeur(s) du Registre infectée(s):
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Extensions\CmdMapping\{c5428486-50a0-4a02-9d20-520b59a9f9b2} (Adware.Shopping.Report) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Extensions\CmdMapping\{c5428486-50a0-4a02-9d20-520b59a9f9b3} (Adware.Shopping.Report) -> No action taken.

Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)

Dossier(s) infecté(s):
G:\Program Files\ShoppingReport (Adware.Shopping.Report) -> No action taken.
G:\Program Files\ShoppingReport\Bin (Adware.Shopping.Report) -> No action taken.
G:\Program Files\ShoppingReport\Bin\2.0.24 (Adware.Shopping.Report) -> No action taken.
G:\Program Files\ShoppingReport\cs (Adware.Shopping.Report) -> No action taken.
G:\Documents and Settings\didie\Application Data\ShoppingReport (Adware.Shopping.Report) -> No action taken.
G:\Documents and Settings\didie\Application Data\ShoppingReport\cs (Adware.Shopping.Report) -> No action taken.
G:\Documents and Settings\didie\Application Data\ShoppingReport\cs\db (Adware.Shopping.Report) -> No action taken.
G:\Documents and Settings\didie\Application Data\ShoppingReport\cs\dwld (Adware.Shopping.Report) -> No action taken.
G:\Documents and Settings\didie\Application Data\ShoppingReport\cs\report (Adware.Shopping.Report) -> No action taken.
G:\Documents and Settings\didie\Application Data\ShoppingReport\cs\res2 (Adware.Shopping.Report) -> No action taken.
G:\Documents and Settings\aletfa\Application Data\ShoppingReport (Adware.Shopping.Report) -> No action taken.
G:\Documents and Settings\aletfa\Application Data\ShoppingReport\cs (Adware.Shopping.Report) -> No action taken.
G:\Documents and Settings\aletfa\Application Data\ShoppingReport\cs\db (Adware.Shopping.Report) -> No action taken.
G:\Documents and Settings\aletfa\Application Data\ShoppingReport\cs\dwld (Adware.Shopping.Report) -> No action taken.
G:\Documents and Settings\aletfa\Application Data\ShoppingReport\cs\report (Adware.Shopping.Report) -> No action taken.
G:\Documents and Settings\aletfa\Application Data\ShoppingReport\cs\res2 (Adware.Shopping.Report) -> No action taken.

Fichier(s) infecté(s):
G:\Program Files\ShoppingReport\Uninst.exe (Adware.Shopping.Report) -> No action taken.
G:\Documents and Settings\didie\Application Data\ShoppingReport\cs\Config.xml (Adware.Shopping.Report) -> No action taken.
G:\Documents and Settings\didie\Application Data\ShoppingReport\cs\db\Aliases.dbs (Adware.Shopping.Report) -> No action taken.
G:\Documents and Settings\didie\Application Data\ShoppingReport\cs\db\Sites.dbs (Adware.Shopping.Report) -> No action taken.
G:\Documents and Settings\didie\Application Data\ShoppingReport\cs\dwld\WhiteList.xip (Adware.Shopping.Report) -> No action taken.
G:\Documents and Settings\didie\Application Data\ShoppingReport\cs\report\aggr_storage.xml (Adware.Shopping.Report) -> No action taken.
G:\Documents and Settings\didie\Application Data\ShoppingReport\cs\report\send_storage.xml (Adware.Shopping.Report) -> No action taken.
G:\Documents and Settings\didie\Application Data\ShoppingReport\cs\res2\WhiteList.dbs (Adware.Shopping.Report) -> No action taken.
G:\Documents and Settings\aletfa\Application Data\ShoppingReport\cs\Config.xml (Adware.Shopping.Report) -> No action taken.
G:\Documents and Settings\aletfa\Application Data\ShoppingReport\cs\db\Aliases.dbs (Adware.Shopping.Report) -> No action taken.
G:\Documents and Settings\aletfa\Application Data\ShoppingReport\cs\dwld\WhiteList.xip (Adware.Shopping.Report) -> No action taken.
G:\Documents and Settings\aletfa\Application Data\ShoppingReport\cs\report\aggr_storage.xml (Adware.Shopping.Report) -> No action taken.
G:\Documents and Settings\aletfa\Application Data\ShoppingReport\cs\report\send_storage.xml (Adware.Shopping.Report) -> No action taken.
G:\Documents and Settings\aletfa\Application Data\ShoppingReport\cs\res2\WhiteList.dbs (Adware.Shopping.Report) -> No action taken.

et le rapport Hijack

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 06:24:29, on 03.07.2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16674)
Boot mode: Normal

Running processes:
G:\WINDOWS\System32\smss.exe
G:\WINDOWS\system32\winlogon.exe
G:\WINDOWS\system32\services.exe
G:\WINDOWS\system32\lsass.exe
G:\WINDOWS\system32\svchost.exe
G:\WINDOWS\System32\svchost.exe
G:\WINDOWS\system32\svchost.exe
G:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
G:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
G:\Program Files\Alwil Software\Avast4\ashServ.exe
G:\WINDOWS\system32\spoolsv.exe
G:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
G:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
G:\Program Files\Bonjour\mDNSResponder.exe
G:\Program Files\D-Link\Logiciel Bluetooth\bin\btwdins.exe
G:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
G:\WINDOWS\System32\svchost.exe
G:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
G:\Program Files\Alwil Software\Avast4\ashWebSv.exe
G:\WINDOWS\Explorer.EXE
G:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
G:\WINDOWS\Logi_MwX.Exe
G:\Program Files\ScanSoft\OmniPageSE2.0\OpwareSE2.exe
G:\Program Files\Logitech\iTouch\iTouch.exe
G:\Program Files\Java\jre1.6.0_05\bin\jusched.exe
G:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
G:\Program Files\iTunes\iTunesHelper.exe
G:\Program Files\Fichiers communs\Ahead\lib\NMBgMonitor.exe
G:\Program Files\Windows Live\Messenger\msnmsgr.exe
G:\WINDOWS\system32\ctfmon.exe
G:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
G:\Program Files\Google\Google Updater\GoogleUpdater.exe
G:\WINDOWS\BricoPacks\Vista Inspirat\ObjectDock\ObjectDock.exe
G:\Program Files\iPod\bin\iPodService.exe
G:\Program Files\Windows Live\Messenger\usnsvc.exe
G:\WINDOWS\system32\wuauclt.exe
G:\Program Files\Internet Explorer\iexplore.exe
G:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe
G:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.romandie.com/news/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = localhost:3128
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost;*.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Multi Media Toolbar - {b5146c40-189a-4311-bda9-fbae3e023187} - G:\Program Files\Multi_Media\tbMult.dll
R3 - URLSearchHook: multimedia Toolbar - {ea455768-878f-4c0d-a5c9-2dba07a232a6} - G:\Program Files\multimedia\tbmult.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - G:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - G:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - G:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - g:\program files\google\googletoolbar1.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - G:\Program Files\Google\GoogleToolbarNotifier\2.1.1119.1736\swg.dll
O2 - BHO: Multi Media Toolbar - {b5146c40-189a-4311-bda9-fbae3e023187} - G:\Program Files\Multi_Media\tbMult.dll
O2 - BHO: multimedia Toolbar - {ea455768-878f-4c0d-a5c9-2dba07a232a6} - G:\Program Files\multimedia\tbmult.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - G:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: Easy-WebPrint - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - G:\Program Files\Canon\Easy-WebPrint\Toolband.dll
O3 - Toolbar: Multi Media Toolbar - {b5146c40-189a-4311-bda9-fbae3e023187} - G:\Program Files\Multi_Media\tbMult.dll
O3 - Toolbar: multimedia Toolbar - {ea455768-878f-4c0d-a5c9-2dba07a232a6} - G:\Program Files\multimedia\tbmult.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - g:\program files\google\googletoolbar1.dll
O4 - HKLM\..\Run: [avast!] G:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [NeroFilterCheck] G:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [Logitech Utility] Logi_MwX.Exe
O4 - HKLM\..\Run: [OpwareSE2] "G:\Program Files\ScanSoft\OmniPageSE2.0\OpwareSE2.exe"
O4 - HKLM\..\Run: [zBrowser Launcher] G:\Program Files\Logitech\iTouch\iTouch.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "G:\Program Files\Java\jre1.6.0_05\bin\jusched.exe"
O4 - HKLM\..\Run: [LogitechVideoRepair] G:\Program Files\Logitech\Video\ISStart.exe
O4 - HKLM\..\Run: [LogitechVideoTray] G:\Program Files\Logitech\Video\LogiTray.exe
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "G:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKLM\..\Run: [Logitech Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [QuickTime Task] "G:\Program Files\MpcStar\Codecs\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "G:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "G:\Program Files\Fichiers communs\Ahead\lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [updateMgr] G:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe AcRdB7_0_9
O4 - HKCU\..\Run: [MessengerPlus3] "G:\Program Files\MessengerPlus! 3\MsgPlus1.exe" /WinStart
O4 - HKCU\..\Run: [msnmsgr] "G:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [ctfmon.exe] G:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [swg] G:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] G:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] G:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] G:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] G:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O4 - Startup: Adobe Gamma.lnk = G:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Startup: Stardock ObjectDock.lnk = G:\WINDOWS\BricoPacks\Vista Inspirat\ObjectDock\ObjectDock.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = G:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - Global Startup: Outil de mise à jour Google.lnk = G:\Program Files\Google\Google Updater\GoogleUpdater.exe
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://G:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Easy-WebPrint Ajouter à la liste d'impressions - res://G:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_AddToList.html
O8 - Extra context menu item: Easy-WebPrint Impression rapide - res://G:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_HSPrint.html
O8 - Extra context menu item: Easy-WebPrint Imprimer - res://G:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_Print.html
O8 - Extra context menu item: Easy-WebPrint Prévisualiser - res://G:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_Preview.html
O8 - Extra context menu item: Envoyer à &Bluetooth - G:\Program Files\D-Link\Logiciel Bluetooth\btsendto_ie_ctx.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - G:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - G:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - G:\WINDOWS\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - G:\WINDOWS\bdoscandel.exe
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - G:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - G:\Program Files\D-Link\Logiciel Bluetooth\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-4017 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - G:\Program Files\D-Link\Logiciel Bluetooth\btsendto_ie.htm
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://www.kaspersky.com/kos/english/kavwebscan_unicode.cab
O16 - DPF: {2D8ED06D-3C30-438B-96AE-4D110FDC1FB8} (ActiveScan 2.0 Installer Class) - http://acs.pandasoftware.com/activescan/cabs/as2stubie.cab
O16 - DPF: {31B7EB4E-8B4B-11D1-A789-00A0CC6651A8} (Cult3D ActiveX Player) - http://www.cult3d.com/download/cult.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx2.hotmail.com/mail/w2/resources/MSNPUpld.cab
O16 - DPF: {512FC5A1-7DE1-43F1-BC0C-371622FCB409} (TotalScan Installer Class) - http://www.nanoscan.com/as/cabs/ascstubie.cab
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.bitdefender.fr/scan8/oscan8.cab
O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} (Windows Live Safety Center Base Module) - http://scan.safety.live.com/resource/download/scanner/wlscbase969.cab
O16 - DPF: {62789780-B744-11D0-986B-00609731A21D} (Autodesk MapGuide ActiveX Control) - http://www.mapguide.cimainfo.com/upload/mgaxctrl.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1190229290567
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/2005111401/housecall.trendmicro.com/housecall/xscan53.cab
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMessengerSetupDownloader.cab
O16 - DPF: {CB50428B-657F-47DF-9B32-671F82AA73F7} - http://www.photodex.com/pxplay.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - G:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O23 - Service: Ad-aware 2007 Service (aawservice) - Lavasoft - G:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: Adobe LM Service - Adobe Systems - G:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Apple Mobile Device - Apple, Inc. - G:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - G:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Autodesk Licensing Service - Autodesk - G:\Program Files\Fichiers communs\Autodesk Shared\Service\AdskScSrv.exe
O23 - Service: avast! Antivirus - ALWIL Software - G:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - G:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - G:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - G:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - G:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation - G:\Program Files\D-Link\Logiciel Bluetooth\bin\btwdins.exe
O23 - Service: Google Updater Service (gusvc) - Google - G:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - G:\Program Files\iPod\bin\iPodService.exe
O23 - Service: ServiceLayer - Nokia. - G:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: TuneUp Drive Defrag Service (TuneUp.Defrag) - TuneUp Software GmbH - G:\WINDOWS\System32\TuneUpDefragService.exe

--
End of file - 13147 bytes

Un grand merci et une Superbe journée

Alladin

bonjour,

petite précision stp

as tu appliqué les actions avec Malwarebyte's ? si non recommence le scan stp.

j'aimerai bien savoir ce qu'il a fait ou non.

ps : je ferai mon possible pour repasser aujourd'hui, un imprévu.

Modifié par philae le 03/07/2008 14:29

Bonjour!

Il me semble que j'ai suprimé 56 malware..

Je refais pour en être certain.

Un grand merci

Alladin

Re bonjour ou plus facilement bonsoir

J'ai refais un scan et il n'y a plus rien

Merci de m'aider

Alladin

bonsoir,

* fait un scan antivirus en ligne

Kaspersky (tuto PCA)

poste le rapport ici ensuite stp

Bien le bonjour,

Hélas il me laisse pas faire le scan, il me marque:la licence de Kaspersky On-line Scaner est périmée!

Une bonne journée

Alladin

re

essaye celui ci

Bitdefender (tuto PCA)

Bonjour. Voilà le résulta du scan avec BitDefender ,je n'ai appliqué aucune action , sauf la mise en ligne du rapprot Un grand merci de m'aider et un bon week-end Alladin BitDefender Online Scanner
Rapport d'analyse généré à: Fri, Jul 04, 2008 - 18:05:58
Voie d'analyse: A:\;C:\;D:\;E:\;G:\;
Statistiques Temps 01:40:15 Fichiers 103046 Directoires 9535 Secteurs de boot 4 Archives 1213 Paquets programmes 8483
Résultats Virus identifiés 2 Fichiers infectés 4 Fichiers suspects 0 Avertissements 0 Désinfectés 0 Fichiers effacés 4
Info sur les moteurs Définition virus 1221122 Version des moteurs AVCORE v1.0 (build 2422) (i386) (Sep 25 2007 08:26:36) Analyse des plugins 14 Archive des plugins 39 Unpack des plugins 7 E-mail plugins 6 Système plugins 1
Paramètres d'analyse Première action Désinfecté Seconde Action Supprimé Heuristique Oui Acceptez les avertissements Oui Extensions analysées exe;com;dll;ocx;scr;bin;dat;386;vxd;sys;wdm;cla;class;ovl;ole;hlp;doc;dot;xls;ppt;wbk;wiz;pot;ppa;xla;xlt;vbs;vbe;mdb;rtf;htm;hta;html;xml;xtp;php;asp;js;shs;chm;lnk;pif;prc;url;smm;pfd;msi;ini;csc;cmd;bas; Excludez les extensions Analyse d'emails Oui Analyse des Archives Oui Analyser paquets programmes Oui Analyse des fichiers Oui Analyse de boot Oui
Fichier analysé Statut G:\Documents and Settings\aletfa\Nouveau dossier\Signer_eng.exe=>(ZIP Sfx o)=>XpressSigner_eng.exe Infecté par: Trojan.Generic.279913 G:\Documents and Settings\aletfa\Nouveau dossier\Signer_eng.exe=>(ZIP Sfx o)=>XpressSigner_eng.exe Echec de la désinfection G:\Documents and Settings\aletfa\Nouveau dossier\Signer_eng.exe=>(ZIP Sfx o)=>XpressSigner_eng.exe Supprimé G:\Documents and Settings\aletfa\Nouveau dossier\Signer_eng.exe=>(ZIP Sfx o) Mis à jour G:\Documents and Settings\aletfa\Nouveau dossier\Signer_eng.exe Echec de la mise à jour G:\Program Files\Corel\Corel Paint Shop Pro X\replacer.exe Infecté par: Trojan.Crackpai.A G:\Program Files\Corel\Corel Paint Shop Pro X\replacer.exe Echec de la désinfection G:\Program Files\Corel\Corel Paint Shop Pro X\replacer.exe Supprimé G:\System Volume Information\_restore{59858B7A-9AB7-4A7A-B6A3-2EA10AF6FDDF}\RP838\A0195470.exe Infecté par: Trojan.Generic.279913 G:\System Volume Information\_restore{59858B7A-9AB7-4A7A-B6A3-2EA10AF6FDDF}\RP838\A0195470.exe Echec de la désinfection G:\System Volume Information\_restore{59858B7A-9AB7-4A7A-B6A3-2EA10AF6FDDF}\RP838\A0195470.exe Supprimé G:\System Volume Information\_restore{59858B7A-9AB7-4A7A-B6A3-2EA10AF6FDDF}\RP853\A0208731.exe Infecté par: Trojan.Crackpai.A G:\System Volume Information\_restore{59858B7A-9AB7-4A7A-B6A3-2EA10AF6FDDF}\RP853\A0208731.exe Echec de la désinfection G:\System Volume Information\_restore{59858B7A-9AB7-4A7A-B6A3-2EA10AF6FDDF}\RP853\A0208731.exe Supprimé

bonjour,

qu'est-ce que

G:\Documents and Settings\aletfa\Nouveau dossier\Signer_eng.exe ????

Bonjour,

C'est un logiciel pour signer sous (Nokia- symbian ) des logiciels comme gps ou autres ..

Merci

Alladin

l'as tu acheté ou l'as tu télécharger sur émule ou autre ?

il a l'air infecté

Bonjour,

Je l'ai téléchargé ..Aie!!!!

Je vais le virer

Merci

Alladin

re

oui il me semble que ce serait mieux. Les téléchargements sont plutôt à éviter. Lit les liens de ma signature : Danger du Warez et Conséquences du P2P tu comprendras ....

où en es tu de tes problèmes ?

Hello!

Déja un grand merci!

Mon problème est toujours là..hélas! quand j'ouvre un document word exel ou autres il me vien un rapport d'erreur et voulez-vous signaliser a microsoft ...blablabla habituel

Alladin

bonsoir,

je repasserais tout à l'heure. Peut être pas un problème infectieux tout ceci par contre.

mais j'aimerais quand même que tu fasses

* Télécharge DiagHelp.zip sur ton bureau(Merci Malekal)

Tuto : http://www.malekal.com/DiagHelp/DiagHelp.php

* Ne double-clique pas dessus !! Fais un clic droit sur le fichier et extraire tout.
* Un nouveau dossier chercher va être créé.
* Ouvre le et double-clic sur go.cmd(le .cmd peut ne pas apparaître)
* Une fenêtre va s'ouvrir, choisis l'option 1
* L'analyse va commencer, ceci peut durer quelques minutes, laisse faire et appuie sur une touche quand on te le demande.
* Pendant l'analyse après le rapport CATCHME sur l'écran rouge, tu dois appuyer sue entrée pour que l'outil continue ses recherches. Suis les consignes écrites.

* Une fenêtre avec le rapport s'ouvre alors. Copie/colle son contenu. (Il se trouve aussi ici : c:\resultat.txt)
* Double-clique sur ce fichier, Fais CTRL+A puis CTRL+C.
* Dans ta prochaine réponse, colle le rapport en faisant CTRL+V.

Bine le bonsoir et encore milles merci.

Voilà le rapport et j'espère avoir fais les manips justes

Merci

Alladin

DiagHelp version - http://www.malekal.com
excute le 05.07.2008 à 22:08:37.00


Liste des derniers fichies modifies/crees dans windir\system32 et prefetch
G:\WINDOWS\prefetch\CHCP.COM-18156052.pf -->05.07.2008 22:08:30
G:\WINDOWS\prefetch\CMD.EXE-087B4001.pf -->05.07.2008 22:07:41
G:\WINDOWS\prefetch\IZARC.EXE-1F7960A4.pf -->05.07.2008 22:05:44
G:\WINDOWS\prefetch\VERCLSID.EXE-3667BD89.pf -->05.07.2008 22:04:52
G:\WINDOWS\prefetch\QTTASK.EXE-053054A1.pf -->05.07.2008 22:01:22
G:\WINDOWS\prefetch\WLLOGINPROXY.EXE-2D4B6027.pf -->05.07.2008 22:00:03
G:\WINDOWS\prefetch\ONECLICKSTARTER.EXE-1492110E.pf -->05.07.2008 22:00:01
G:\WINDOWS\prefetch\IEXPLORE.EXE-27122324.pf -->05.07.2008 21:59:53
G:\WINDOWS\prefetch\MSFEEDSSYNC.EXE-25E13438.pf -->05.07.2008 21:55:10
G:\WINDOWS\prefetch\Layout.ini -->05.07.2008 21:10:02

G:\WINDOWS\System32\drivers\mbamcatchme.sys -->28.06.2008 14:16:40
G:\WINDOWS\System32\drivers\mbam.sys -->28.06.2008 14:16:36
G:\WINDOWS\System32\drivers\bthport.sys -->14.06.2008 19:59:52
G:\WINDOWS\System32\drivers\aswSP.sys -->16.05.2008 01:20:32
G:\WINDOWS\System32\drivers\aswmon2.sys -->16.05.2008 01:18:33
G:\WINDOWS\System32\drivers\aswFsBlk.sys -->16.05.2008 01:16:06
G:\WINDOWS\System32\drivers\aswRdr.sys -->16.05.2008 01:15:29

G:\WINDOWS\System32\wpa.dbl -->05.07.2008 15:55:06
G:\WINDOWS\System32\MRT.exe -->30.05.2008 01:35:11
G:\WINDOWS\System32\CONFIG.NT -->24.05.2008 20:54:12
G:\WINDOWS\System32\aswBoot.exe -->16.05.2008 01:24:43
G:\WINDOWS\System32\AVASTSS.scr -->16.05.2008 01:12:36
G:\WINDOWS\System32\FNTCACHE.DAT -->10.05.2008 00:21:00
G:\WINDOWS\System32\Faclc -->09.05.2008 12:32:57
G:\WINDOWS\System32\Caadfc1 -->09.05.2008 12:32:57
G:\WINDOWS\System32\quartz.dll -->07.05.2008 07:15:36
G:\WINDOWS\System32\mshtml.dll -->23.04.2008 22:16:42
G:\WINDOWS\System32\wininet.dll -->23.04.2008 06:16:40
G:\WINDOWS\System32\webcheck.dll -->23.04.2008 06:16:40
G:\WINDOWS\System32\urlmon.dll -->23.04.2008 06:16:40
G:\WINDOWS\System32\url.dll -->23.04.2008 06:16:40
G:\WINDOWS\System32\pngfilt.dll -->23.04.2008 06:16:40
G:\WINDOWS\System32\occache.dll -->23.04.2008 06:16:40
G:\WINDOWS\System32\mstime.dll -->23.04.2008 06:16:40
G:\WINDOWS\System32\msrating.dll -->23.04.2008 06:16:40
G:\WINDOWS\System32\mshtmled.dll -->23.04.2008 06:16:40
G:\WINDOWS\System32\msfeedsbs.dll -->23.04.2008 06:16:40
G:\WINDOWS\System32\msfeeds.dll -->23.04.2008 06:16:40
G:\WINDOWS\System32\jsproxy.dll -->23.04.2008 06:16:40
G:\WINDOWS\System32\inetcpl.cpl -->23.04.2008 06:16:40
G:\WINDOWS\System32\iertutil.dll -->23.04.2008 06:16:39
G:\WINDOWS\System32\iernonce.dll -->23.04.2008 06:16:39

G:\WINDOWS\WindowsUpdate.log -->05.07.2008 17:24:37
G:\WINDOWS\wiadebug.log -->05.07.2008 16:12:36
G:\WINDOWS\QTFont.qfn -->05.07.2008 15:56:00
G:\WINDOWS\0.log -->05.07.2008 15:52:01
G:\WINDOWS\wiaservc.log -->05.07.2008 15:51:19
G:\WINDOWS\bootstat.dat -->05.07.2008 15:50:18
G:\WINDOWS\SchedLgU.Txt -->05.07.2008 12:06:16
G:\WINDOWS\ntbtlog.txt -->03.07.2008 18:40:55
G:\WINDOWS\setupapi.log -->30.06.2008 18:39:11
G:\WINDOWS\setupact.log -->30.06.2008 18:39:11
G:\WINDOWS\setuperr.log -->29.06.2008 20:31:30
G:\WINDOWS\NeroDigital.ini -->21.06.2008 00:16:23
G:\WINDOWS\PhotoSnapViewer.INI -->29.05.2008 12:39:15
G:\WINDOWS\QTFont.for -->20.04.2008 19:23:29
G:\WINDOWS\Sti_Trace.log -->22.03.2008 23:56:44

winlogon.exe
Verified: Signed
svchost.exe
Verified: Signed
ws2_32.dll
Verified: Signed
user32.dll
Verified: Signed
tcpip.sys
Verified: Signed
ndis.sys
Verified: Signed
null.sys
Verified: Signed

ListDLLs v2.25 - DLL lister for Win9x/NT
Copyright (C) 1997-2004 Mark Russinovich
Sysinternals - www.sysinternals.com

------------------------------------------------------------------------------
explorer.exe pid: 2752
Command line: G:\WINDOWS\Explorer.EXE

Base Size Version Path
0x44080000 0xd0000 7.00.6000.16674 G:\WINDOWS\system32\WININET.dll
0x00400000 0x9000 6.00.5441.0000 G:\WINDOWS\system32\Normaliz.dll
0x43e00000 0x45000 7.00.6000.16674 G:\WINDOWS\system32\iertutil.dll
0x58b50000 0x9a000 5.82.2900.2982 G:\WINDOWS\system32\comctl32.dll
0x76f80000 0x7f000 2001.12.4414.0308 G:\WINDOWS\system32\CLBCATQ.DLL
0x77000000 0xd4000 2001.12.4414.0258 G:\WINDOWS\system32\COMRes.dll
0x60c60000 0x26000 16.02.0054.0000 G:\WINDOWS\system32\AcSignIcon.dll
0x74bf0000 0x2c000 4.02.5406.0000 G:\WINDOWS\system32\OLEACC.dll
0x76010000 0x65000 6.02.3104.0000 G:\WINDOWS\system32\MSVCP60.dll
0x7d200000 0x2be000 3.01.4000.4039 G:\WINDOWS\system32\msi.dll
0x01390000 0x10000 2.00.0039.0000 G:\WINDOWS\system32\CSH.dll
0x60d00000 0x39000 16.02.0054.0000 G:\Program Files\Fichiers communs\Autodesk Shared\AcSignCore16.dll
0x76ac0000 0x11000 3.05.2284.0000 G:\WINDOWS\system32\ATL.DLL
0x44360000 0x5cd000 7.00.6000.16674 G:\WINDOWS\system32\ieframe.dll
0x44160000 0x127000 7.00.6000.16674 G:\WINDOWS\system32\urlmon.dll
0x442b0000 0x3c000 7.00.6000.16674 G:\WINDOWS\system32\webcheck.dll
0x164a0000 0x23000 5.02.5721.5145 G:\WINDOWS\system32\WPDShServiceObj.dll
0x02190000 0x11000 3.00.0001.0915 G:\WINDOWS\system32\btncopy.dll
0x021c0000 0x8e000 6.82.0063.0009 G:\Program Files\Nokia\Nokia PC Suite 6\PhoneBrowser.dll
0x02a00000 0x8b000 6.82.0077.0000 G:\Program Files\Nokia\Nokia PC Suite 6\PCSCM.dll
0x02500000 0x3b000 6.82.0072.0002 G:\Program Files\PC Connectivity Solution\ConnAPI.DLL
0x7c420000 0x87000 8.00.50727.0762 G:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_6b128700\MSVCP80.dll
0x78130000 0x9b000 8.00.50727.0762 G:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_6b128700\MSVCR80.dll
0x7c3a0000 0x7b000 7.10.3077.0000 G:\WINDOWS\system32\MSVCP71.dll
0x7c340000 0x56000 7.10.3052.0004 G:\WINDOWS\system32\MSVCR71.dll
0x02bb0000 0xa000 6.82.0036.0001 G:\Program Files\Nokia\Nokia PC Suite 6\Lang\PhoneBrowser_eng.nlr
0x02bc0000 0x79000 6.82.0014.0000 G:\Program Files\Nokia\Nokia PC Suite 6\Resource\PhoneBrowser_Nokia.ngr
0x109c0000 0x2c000 5.02.5721.5145 G:\WINDOWS\system32\PortableDeviceTypes.dll
0x10930000 0x49000 5.02.5721.5145 G:\WINDOWS\system32\PortableDeviceApi.dll
0x02c50000 0x29000 12.00.0000.0001 G:\Program Files\ScanSoft\OmniPageSE2.0\ophookSE2.dll
0x01fb0000 0x1e000 1.01.0000.0000 G:\Program Files\Fichiers communs\Logitech\Scrolling\LgMsgHk.dll
0x00c60000 0x5000 G:\WINDOWS\BricoPacks\Vista Inspirat\ObjectDock\DockShellHook.dll
0x00af0000 0x7000 1.00.0000.0000 G:\Program Files\Logitech\iTouch\iTchHk.dll
0x74730000 0x3d000 3.525.1117.0000 G:\WINDOWS\system32\ODBC32.dll
0x01cd0000 0x18000 3.525.1117.0000 G:\WINDOWS\system32\odbcint.dll
0x10000000 0x13000 7.05.0001.0036 G:\Program Files\Grisoft\AVG Anti-Spyware 7.5\shellexecutehook.dll
0x01260000 0x29000 G:\Program Files\Haali\MatroskaSplitter\mmfinfo.dll
0x01600000 0xb000 G:\Program Files\Haali\MatroskaSplitter\mkunicode.dll
0x04660000 0x1b9000 2.00.0000.0008 G:\Program Files\Fichiers communs\Ahead\Lib\NeroDigitalExt.dll
0x7c140000 0x103000 7.10.3077.0000 G:\Program Files\Fichiers communs\Ahead\Lib\MFC71.DLL
0x5d360000 0xf000 7.10.3077.0000 G:\WINDOWS\system32\MFC71FRA.DLL
0x03780000 0x1c000 7.00.0000.0000 G:\Program Files\Adobe\Acrobat 7.0\ActiveX\PDFShell.dll
0x038f0000 0x9000 2.00.0000.0004 G:\PROGRA~1\TUNEUP~2\SDShelEx-win32.dll
0x04820000 0x9a000 G:\PROGRA~1\IZArc\IZArcCM.dll
0x03cb0000 0x2a000 7.05.0001.0036 G:\Program Files\Grisoft\AVG Anti-Spyware 7.5\context.dll
0x03cf0000 0x14000 2.00.0000.0006 G:\Program Files\Nero\Nero 7\Nero BackItUp\NBShell.dll
0x04ac0000 0x102000 7.10.3077.0000 G:\Program Files\Nero\Nero 7\Nero BackItUp\MFC71U.DLL
0x03d50000 0x8000 1.00.0000.0000 G:\Program Files\Malwarebytes' Anti-Malware\mbamext.dll
0x64f00000 0x12000 4.08.1201.0000 G:\Program Files\Alwil Software\Avast4\ashShell.dll
0x018b0000 0xd000 7.00.0009.0050 G:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
0x04e10000 0x12d000 4.05.0132.0000 G:\Program Files\Multi_Media\tbMult.dll
0x04f40000 0x13a000 4.05.0134.0000 G:\Program Files\multimedia\tbmult.dll
0x325c0000 0x12000 11.00.5510.0000 G:\Program Files\Microsoft Office\OFFICE11\msohev.dll

ListDLLs v2.25 - DLL lister for Win9x/NT
Copyright (C) 1997-2004 Mark Russinovich
Sysinternals - www.sysinternals.com

------------------------------------------------------------------------------
winlogon.exe pid: 524
Command line: winlogon.exe

Base Size Version Path
0x01000000 0x81000 \??\G:\WINDOWS\system32\winlogon.exe
0x58b50000 0x9a000 5.82.2900.2982 G:\WINDOWS\system32\COMCTL32.dll
0x74730000 0x3d000 3.525.1117.0000 G:\WINDOWS\system32\ODBC32.dll
0x20000000 0x18000 3.525.1117.0000 G:\WINDOWS\system32\odbcint.dll
0x01150000 0x3b000 1.07.0018.0007 G:\WINDOWS\system32\WgaLogon.dll
0x76f80000 0x7f000 2001.12.4414.0308 G:\WINDOWS\system32\CLBCATQ.DLL
0x77000000 0xd4000 2001.12.4414.0258 G:\WINDOWS\system32\COMRes.dll
0x76010000 0x65000 6.02.3104.0000 G:\WINDOWS\system32\MSVCP60.dll


Le volume dans le lecteur G n'a pas de nom.
Le numéro de série du volume est 54A2-ADEE

Répertoire de G:\WINDOWS\system32

19.08.2004 16:09 6'144 csrss.exe
1 fichier(s) 6'144 octets
0 Rép(s) 29'038'669'824 octets libres

Contenu de Downloaded Program Files
Le volume dans le lecteur G n'a pas de nom.
Le numéro de série du volume est 54A2-ADEE

Répertoire de G:\WINDOWS\Downloaded Program Files

22.06.2008 08:58 <REP> .
22.06.2008 08:58 <REP> ..
21.08.2007 15:37 124'208 ascstubie.dll
21.08.2007 15:25 395 ascstubie.inf
24.08.2006 09:28 141'424 asinst.dll
22.08.2006 10:06 537 asinst.inf
07.12.2004 16:07 32 bdcore.dll
01.03.2005 14:08 118'784 bdupd.dll
22.06.2008 08:58 <REP> CONFLICT.1
07.01.2004 16:35 1'134 Cult.inf
28.03.2006 18:18 65 desktop.ini
25.07.2002 19:13 24'576 dwusplay.dll
25.07.2002 19:13 196'608 dwusplay.exe
05.03.2005 14:23 302'712 IDrop.ocx
05.03.2005 14:57 113'784 IDropENU.dll
07.03.2005 20:01 114'256 IDropFRA.dll
01.03.2005 14:08 53'248 ipsupd.dll
10.06.2005 10:44 417'792 isusweb.dll
03.05.2006 03:57 876 jinstall-1_5_0_07.inf
07.01.2007 11:55 2'305 kavwebscan.inf
16.03.2005 11:34 7'407 lang.ini
18.07.2007 15:49 12'592 libcomm.dll
07.12.2004 16:07 32 libfn.dll
14.03.2005 13:38 126 live.ini
06.01.2002 00:02 3'405'472 MgAxCtrl.dll
04.01.2002 14:32 158 MgAxCtrl.inf
30.06.2005 15:19 227 MSNMessengerSetupDownloader.inf
14.08.2005 00:26 113'664 MSNMessengerSetupDownloader.ocx
20.06.2006 16:44 379'704 MSNPUpld.dll
19.06.2006 15:40 393 MSNPUpld.inf
30.07.2007 19:24 295 muweb.inf
01.03.2005 11:15 1'246 oscan8.inf
16.03.2005 11:31 475'136 oscan8.ocx
20.06.2006 16:44 117'560 PURen-us.dll
09.01.2007 09:30