Virus avec msn

Bonjour à tous,

Voila je suis nouveau sur le site dc je my connais pas trop en infrmatique mais hier soir étant sur msn jai recu un message instantané de la part dun ami me disant de regarder une video par un lien.Comme un con je lai ouvert, le lien éait un truc du genre "livecam1......". Mais maintenant des que je me connecte sur msn cela envoit la meme chose a tous mes contacts sans que je ne fasse rien.Jai dej fait une analyse anti virus avec BitDefender mais il ne le pas trouver que faire ?
Merci d'avance

bonjour

tu fais tout ce qui se trouve ICI

Merci beaucoup mais tes ur que ca supprimera bien le virus correspondant ?

tu fais , tu mest ici les rapports AVG, MSNFIX et Hijack
et je te dirai ( ou un autre ) s'il reste quelque chose à supprimer

Tu vas surement me trouver débile mais je ne sais pas comment faire ces rapports :S


Ajout du 27-07-2007 à 12:40:

Ah non cest bon merci ^^


Ajout du 27-07-2007 à 16:03:

Voici le rapport de AVG :
+ Résultat de l'analyse:



HKU\S-1-5-21-1678348891-70603989-4189488356-1006\Software\Microsoft\Internet Explorer\Extensions\CmdMapping\\{c95fe080-8f5d-11d2-a20b-00aa003c157a} -> Adware.Generic : Nettoyé et sauvegardé (mise en quarantaine).
HKU\S-1-5-21-1678348891-70603989-4189488356-1006\Software\New.net -> Adware.NewDotNet : Nettoyé et sauvegardé (mise en quarantaine).
C:\System Volume Information\_restore{4080C76C-CC4B-47ED-8B65-ADF9A95CD9EE}\RP329\A0197628.exe -> Adware.Zango : Nettoyé et sauvegardé (mise en quarantaine).
C:\System Volume Information\_restore{4080C76C-CC4B-47ED-8B65-ADF9A95CD9EE}\RP329\A0197629.exe -> Adware.Zango : Nettoyé et sauvegardé (mise en quarantaine).
C:\Program Files\MAIET\Gunz\XTrap\XTrapM2S.exe -> Backdoor.Rbot.bpq : Nettoyé et sauvegardé (mise en quarantaine).
C:\System Volume Information\_restore{4080C76C-CC4B-47ED-8B65-ADF9A95CD9EE}\RP339\A0209632.dll -> Downloader.ClickMe.a : Nettoyé et sauvegardé (mise en quarantaine).
C:\System Volume Information\_restore{4080C76C-CC4B-47ED-8B65-ADF9A95CD9EE}\RP415\A0327099.exe -> Not-A-Virus.Hacktool.EvID : Nettoyé et sauvegardé (mise en quarantaine).
:mozilla.77:C:\Documents and Settings\Romain\Application Data\Mozilla\Firefox\Profiles\j1kjrzzo.default\cookies.txt -> TrackingCookie.247realmedia : Nettoyé.
:mozilla.78:C:\Documents and Settings\Romain\Application Data\Mozilla\Firefox\Profiles\j1kjrzzo.default\cookies.txt -> TrackingCookie.247realmedia : Nettoyé.
:mozilla.79:C:\Documents and Settings\Romain\Application Data\Mozilla\Firefox\Profiles\j1kjrzzo.default\cookies.txt -> TrackingCookie.247realmedia : Nettoyé.
:mozilla.80:C:\Documents and Settings\Romain\Application Data\Mozilla\Firefox\Profiles\j1kjrzzo.default\cookies.txt -> TrackingCookie.247realmedia : Nettoyé.
:mozilla.189:C:\Documents and Settings\Romain\Application Data\Mozilla\Firefox\Profiles\j1kjrzzo.default\cookies.txt -> TrackingCookie.2o7 : Nettoyé.
:mozilla.190:C:\Documents and Settings\Romain\Application Data\Mozilla\Firefox\Profiles\j1kjrzzo.default\cookies.txt -> TrackingCookie.2o7 : Nettoyé.
:mozilla.191:C:\Documents and Settings\Romain\Application Data\Mozilla\Firefox\Profiles\j1kjrzzo.default\cookies.txt -> TrackingCookie.2o7 : Nettoyé.
:mozilla.192:C:\Documents and Settings\Romain\Application Data\Mozilla\Firefox\Profiles\j1kjrzzo.default\cookies.txt -> TrackingCookie.2o7 : Nettoyé.
:mozilla.193:C:\Documents and Settings\Romain\Application Data\Mozilla\Firefox\Profiles\j1kjrzzo.default\cookies.txt -> TrackingCookie.2o7 : Nettoyé.
:mozilla.194:C:\Documents and Settings\Romain\Application Data\Mozilla\Firefox\Profiles\j1kjrzzo.default\cookies.txt -> TrackingCookie.2o7 : Nettoyé.
:mozilla.195:C:\Documents and Settings\Romain\Application Data\Mozilla\Firefox\Profiles\j1kjrzzo.default\cookies.txt -> TrackingCookie.2o7 : Nettoyé.
:mozilla.219:C:\Documents and Settings\Romain\Application Data\Mozilla\Firefox\Profiles\j1kjrzzo.default\cookies.txt -> TrackingCookie.2o7 : Nettoyé.
:mozilla.220:C:\Documents and Settings\Romain\Application Data\Mozilla\Firefox\Profiles\j1kjrzzo.default\cookies.txt -> TrackingCookie.2o7 : Nettoyé.
:mozilla.405:C:\Documents and Settings\Romain\Application Data\Mozilla\Firefox\Profiles\j1kjrzzo.default\cookies.txt -> TrackingCookie.2o7 : Nettoyé.
:mozilla.600:C:\Documents and Settings\Romain\Application Data\Mozilla\Firefox\Profiles\j1kjrzzo.default\cookies.txt -> TrackingCookie.Ad-logics : Nettoyé.
:mozilla.458:C:\Documents and Settings\Romain\Application Data\Mozilla\Firefox\Profiles\j1kjrzzo.default\cookies.txt -> TrackingCookie.Adbrite : Nettoyé.
:mozilla.459:C:\Documents and Settings\Romain\Application Data\Mozilla\Firefox\Profiles\j1kjrzzo.default\cookies.txt -> TrackingCookie.Adbrite : Nettoyé.
:mozilla.456:C:\Documents and Settings\Romain\Application Data\Mozilla\Firefox\Profiles\j1kjrzzo.default\cookies.txt -> TrackingCookie.Adrevolver : Nettoyé.
:mozilla.457:C:\Documents and Settings\Romain\Application Data\Mozilla\Firefox\Profiles\j1kjrzzo.default\cookies.txt -> TrackingCookie.Adrevolver : Nettoyé.
:mozilla.169:C:\Documents and Settings\Romain\Application Data\Mozilla\Firefox\Profiles\j1kjrzzo.default\cookies.txt -> TrackingCookie.Adtech : Nettoyé.
:mozilla.170:C:\Documents and Settings\Romain\Application Data\Mozilla\Firefox\Profiles\j1kjrzzo.default\cookies.txt -> TrackingCookie.Adtech : Nettoyé.
:mozilla.233:C:\Documents and Settings\Romain\Application Data\Mozilla\Firefox\Profiles\j1kjrzzo.default\cookies.txt -> TrackingCookie.Advertising : Nettoyé.
:mozilla.234:C:\Documents and Settings\Romain\Application Data\Mozilla\Firefox\Profiles\j1kjrzzo.default\cookies.txt -> TrackingCookie.Advertising : Nettoyé.
:mozilla.235:C:\Documents and Settings\Romain\Application Data\Mozilla\Firefox\Profiles\j1kjrzzo.default\cookies.txt -> TrackingCookie.Advertising : Nettoyé.
:mozilla.236:C:\Documents and Settings\Romain\Application Data\Mozilla\Firefox\Profiles\j1kjrzzo.default\cookies.txt -> TrackingCookie.Advertising : Nettoyé.
:mozilla.237:C:\Documents and Settings\Romain\Application Data\Mozilla\Firefox\Profiles\j1kjrzzo.default\cookies.txt -> TrackingCookie.Advertising : Nettoyé.
:mozilla.38:C:\Documents and Settings\Romain\Application Data\Mozilla\Firefox\Profiles\j1kjrzzo.default\cookies.txt -> TrackingCookie.Atdmt : Nettoyé.
:mozilla.607:C:\Documents and Settings\Romain\Application Data\Mozilla\Firefox\Profiles\j1kjrzzo.default\cookies.txt -> TrackingCookie.Bfast : Nettoyé.
:mozilla.74:C:\Documents and Settings\Romain\Application Data\Mozilla\Firefox\Profiles\j1kjrzzo.default\cookies.txt -> TrackingCookie.Bluestreak : Nettoyé.
:mozilla.378:C:\Documents and Settings\Romain\Application Data\Mozilla\Firefox\Profiles\j1kjrzzo.default\cookies.txt -> TrackingCookie.Casalemedia : Nettoyé.
:mozilla.222:C:\Documents and Settings\Romain\Application Data\Mozilla\Firefox\Profiles\j1kjrzzo.default\cookies.txt -> TrackingCookie.Comclick : Nettoyé.
:mozilla.223:C:\Documents and Settings\Romain\Application Data\Mozilla\Firefox\Profiles\j1kjrzzo.default\cookies.txt -> TrackingCookie.Comclick : Nettoyé.
:mozilla.224:C:\Documents and Settings\Romain\Application Data\Mozilla\Firefox\Profiles\j1kjrzzo.default\cookies.txt -> TrackingCookie.Comclick : Nettoyé.
C:\Documents and Settings\Romain\Cookies\romain@fl01.ct2.comclick[2].txt -> TrackingCookie.Comclick : Nettoyé.
:mozilla.535:C:\Documents and Settings\Romain\Application Data\Mozilla\Firefox\Profiles\j1kjrzzo.default\cookies.txt -> TrackingCookie.Dealtime : Nettoyé.
:mozilla.19:C:\Documents and Settings\Romain\Application Data\Mozilla\Firefox\Profiles\j1kjrzzo.default\cookies.txt -> TrackingCookie.Doubleclick : Nettoyé.
:mozilla.111:C:\Documents and Settings\Romain\Application Data\Mozilla\Firefox\Profiles\j1kjrzzo.default\cookies.txt -> TrackingCookie.Estat : Nettoyé.
:mozilla.124:C:\Documents and Settings\Romain\Application Data\Mozilla\Firefox\Profiles\j1kjrzzo.default\cookies.txt -> TrackingCookie.Fastclick : Nettoyé.
:mozilla.125:C:\Documents and Settings\Romain\Application Data\Mozilla\Firefox\Profiles\j1kjrzzo.default\cookies.txt -> TrackingCookie.Fastclick : Nettoyé.
:mozilla.126:C:\Documents and Settings\Romain\Application Data\Mozilla\Firefox\Profiles\j1kjrzzo.default\cookies.txt -> TrackingCookie.Fastclick : Nettoyé.
:mozilla.127:C:\Documents and Settings\Romain\Application Data\Mozilla\Firefox\Profiles\j1kjrzzo.default\cookies.txt -> TrackingCookie.Fastclick : Nettoyé.
:mozilla.128:C:\Documents and Settings\Romain\Application Data\Mozilla\Firefox\Profiles\j1kjrzzo.default\cookies.txt -> TrackingCookie.Fastclick : Nettoyé.
:mozilla.129:C:\Documents and Settings\Romain\Application Data\Mozilla\Firefox\Profiles\j1kjrzzo.default\cookies.txt -> TrackingCookie.Fastclick : Nettoyé.
:mozilla.286:C:\Documents and Settings\Romain\Application Data\Mozilla\Firefox\Profiles\j1kjrzzo.default\cookies.txt -> TrackingCookie.Hitbox : Nettoyé.
:mozilla.287:C:\Documents and Settings\Romain\Application Data\Mozilla\Firefox\Profiles\j1kjrzzo.default\cookies.txt -> TrackingCookie.Hitbox : Nettoyé.
:mozilla.291:C:\Documents and Settings\Romain\Application Data\Mozilla\Firefox\Profiles\j1kjrzzo.default\cookies.txt -> TrackingCookie.Hitbox : Nettoyé.
:mozilla.292:C:\Documents and Settings\Romain\Application Data\Mozilla\Firefox\Profiles\j1kjrzzo.default\cookies.txt -> TrackingCookie.Hitbox : Nettoyé.
:mozilla.293:C:\Documents and Settings\Romain\Application Data\Mozilla\Firefox\Profiles\j1kjrzzo.default\cookies.txt -> TrackingCookie.Hitbox : Nettoyé.
:mozilla.294:C:\Documents and Settings\Romain\Application Data\Mozilla\Firefox\Profiles\j1kjrzzo.default\cookies.txt -> TrackingCookie.Hitbox : Nettoyé.
:mozilla.295:C:\Documents and Settings\Romain\Application Data\Mozilla\Firefox\Profiles\j1kjrzzo.default\cookies.txt -> TrackingCookie.Hitbox : Nettoyé.
:mozilla.309:C:\Documents and Settings\Romain\Application Data\Mozilla\Firefox\Profiles\j1kjrzzo.default\cookies.txt -> TrackingCookie.Imrworldwide : Nettoyé.
:mozilla.426:C:\Documents and Settings\Romain\Application Data\Mozilla\Firefox\Profiles\j1kjrzzo.default\cookies.txt -> TrackingCookie.Information : Nettoyé.
C:\Documents and Settings\Romain\Cookies\romain@searchportal.information[1].txt -> TrackingCookie.Information : Nettoyé.
:mozilla.18:C:\Documents and Settings\Romain\Application Data\Mozilla\Firefox\Profiles\j1kjrzzo.default\cookies.txt -> TrackingCookie.Mediaplex : Nettoyé.
:mozilla.583:C:\Documents and Settings\Romain\Application Data\Mozilla\Firefox\Profiles\j1kjrzzo.default\cookies.txt -> TrackingCookie.Need2find : Nettoyé.
:mozilla.584:C:\Documents and Settings\Romain\Application Data\Mozilla\Firefox\Profiles\j1kjrzzo.default\cookies.txt -> TrackingCookie.Need2find : Nettoyé.
:mozilla.585:C:\Documents and Settings\Romain\Application Data\Mozilla\Firefox\Profiles\j1kjrzzo.default\cookies.txt -> TrackingCookie.Need2find : Nettoyé.
:mozilla.586:C:\Documents and Settings\Romain\Application Data\Mozilla\Firefox\Profiles\j1kjrzzo.default\cookies.txt -> TrackingCookie.Need2find : Nettoyé.
:mozilla.112:C:\Documents and Settings\Romain\Application Data\Mozilla\Firefox\Profiles\j1kjrzzo.default\cookies.txt -> TrackingCookie.Overture : Nettoyé.
:mozilla.113:C:\Documents and Settings\Romain\Application Data\Mozilla\Firefox\Profiles\j1kjrzzo.default\cookies.txt -> TrackingCookie.Overture : Nettoyé.
:mozilla.114:C:\Documents and Settings\Romain\Application Data\Mozilla\Firefox\Profiles\j1kjrzzo.default\cookies.txt -> TrackingCookie.Overture : Nettoyé.
:mozilla.461:C:\Documents and Settings\Romain\Application Data\Mozilla\Firefox\Profiles\j1kjrzzo.default\cookies.txt -> TrackingCookie.Paypal : Nettoyé.
:mozilla.301:C:\Documents and Settings\Romain\Application Data\Mozilla\Firefox\Profiles\j1kjrzzo.default\cookies.txt -> TrackingCookie.Questionmarket : Nettoyé.
:mozilla.302:C:\Documents and Settings\Romain\Application Data\Mozilla\Firefox\Profiles\j1kjrzzo.default\cookies.txt -> TrackingCookie.Questionmarket : Nettoyé.
:mozilla.594:C:\Documents and Settings\Romain\Application Data\Mozilla\Firefox\Profiles\j1kjrzzo.default\cookies.txt -> TrackingCookie.Realmedia : Nettoyé.
:mozilla.425:C:\Documents and Settings\Romain\Application Data\Mozilla\Firefox\Profiles\j1kjrzzo.default\cookies.txt -> TrackingCookie.Revenue : Nettoyé.
:mozilla.453:C:\Documents and Settings\Romain\Application Data\Mozilla\Firefox\Profiles\j1kjrzzo.default\cookies.txt -> TrackingCookie.Revsci : Nettoyé.
:mozilla.454:C:\Documents and Settings\Romain\Application Data\Mozilla\Firefox\Profiles\j1kjrzzo.default\cookies.txt -> TrackingCookie.Revsci : Nettoyé.
:mozilla.455:C:\Documents and Settings\Romain\Application Data\Mozilla\Firefox\Profiles\j1kjrzzo.default\cookies.txt -> TrackingCookie.Revsci : Nettoyé.
:mozilla.140:C:\Documents and Settings\Romain\Application Data\Mozilla\Firefox\Profiles\j1kjrzzo.default\cookies.txt -> TrackingCookie.Serving-sys : Nettoyé.
:mozilla.141:C:\Documents and Settings\Romain\Application Data\Mozilla\Firefox\Profiles\j1kjrzzo.default\cookies.txt -> TrackingCookie.Serving-sys : Nettoyé.
:mozilla.142:C:\Documents and Settings\Romain\Application Data\Mozilla\Firefox\Profiles\j1kjrzzo.default\cookies.txt -> TrackingCookie.Serving-sys : Nettoyé.
:mozilla.143:C:\Documents and Settings\Romain\Application Data\Mozilla\Firefox\Profiles\j1kjrzzo.default\cookies.txt -> TrackingCookie.Serving-sys : Nettoyé.
:mozilla.144:C:\Documents and Settings\Romain\Application Data\Mozilla\Firefox\Profiles\j1kjrzzo.default\cookies.txt -> TrackingCookie.Serving-sys : Nettoyé.
:mozilla.145:C:\Documents and Settings\Romain\Application Data\Mozilla\Firefox\Profiles\j1kjrzzo.default\cookies.txt -> TrackingCookie.Serving-sys : Nettoyé.
:mozilla.146:C:\Documents and Settings\Romain\Application Data\Mozilla\Firefox\Profiles\j1kjrzzo.default\cookies.txt -> TrackingCookie.Serving-sys : Nettoyé.
C:\Documents and Settings\Romain\Cookies\romain@serving-sys[2].txt -> TrackingCookie.Serving-sys : Nettoyé.
:mozilla.26:C:\Documents and Settings\Romain\Application Data\Mozilla\Firefox\Profiles\j1kjrzzo.default\cookies.txt -> TrackingCookie.Smartadserver : Nettoyé.
:mozilla.27:C:\Documents and Settings\Romain\Application Data\Mozilla\Firefox\Profiles\j1kjrzzo.default\cookies.txt -> TrackingCookie.Smartadserver : Nettoyé.
:mozilla.28:C:\Documents and Settings\Romain\Application Data\Mozilla\Firefox\Profiles\j1kjrzzo.default\cookies.txt -> TrackingCookie.Smartadserver : Nettoyé.
:mozilla.29:C:\Documents and Settings\Romain\Application Data\Mozilla\Firefox\Profiles\j1kjrzzo.default\cookies.txt -> TrackingCookie.Smartadserver : Nettoyé.
:mozilla.30:C:\Documents and Settings\Romain\Application Data\Mozilla\Firefox\Profiles\j1kjrzzo.default\cookies.txt -> TrackingCookie.Smartadserver : Nettoyé.
:mozilla.383:C:\Documents and Settings\Romain\Application Data\Mozilla\Firefox\Profiles\j1kjrzzo.default\cookies.txt -> TrackingCookie.Specificclick : Nettoyé.
:mozilla.384:C:\Documents and Settings\Romain\Application Data\Mozilla\Firefox\Profiles\j1kjrzzo.default\cookies.txt -> TrackingCookie.Specificclick : Nettoyé.
:mozilla.385:C:\Documents and Settings\Romain\Application Data\Mozilla\Firefox\Profiles\j1kjrzzo.default\cookies.txt -> TrackingCookie.Statcounter : Nettoyé.
:mozilla.386:C:\Documents and Settings\Romain\Application Data\Mozilla\Firefox\Profiles\j1kjrzzo.default\cookies.txt -> TrackingCookie.Statcounter : Nettoyé.
:mozilla.122:C:\Documents and Settings\Romain\Application Data\Mozilla\Firefox\Profiles\j1kjrzzo.default\cookies.txt -> TrackingCookie.Tradedoubler : Nettoyé.
:mozilla.174:C:\Documents and Settings\Romain\Application Data\Mozilla\Firefox\Profiles\j1kjrzzo.default\cookies.txt -> TrackingCookie.Tribalfusion : Nettoyé.
:mozilla.542:C:\Documents and Settings\Romain\Application Data\Mozilla\Firefox\Profiles\j1kjrzzo.default\cookies.txt -> TrackingCookie.Valueclick : Nettoyé.
:mozilla.31:C:\Documents and Settings\Romain\Application Data\Mozilla\Firefox\Profiles\j1kjrzzo.default\cookies.txt -> TrackingCookie.Weborama : Nettoyé.
:mozilla.32:C:\Documents and Settings\Romain\Application Data\Mozilla\Firefox\Profiles\j1kjrzzo.default\cookies.txt -> TrackingCookie.Weborama : Nettoyé.
:mozilla.33:C:\Documents and Settings\Romain\Application Data\Mozilla\Firefox\Profiles\j1kjrzzo.default\cookies.txt -> TrackingCookie.Weborama : Nettoyé.
C:\Documents and Settings\Romain\Cookies\romain@weborama[2].txt -> TrackingCookie.Weborama : Nettoyé.
:mozilla.299:C:\Documents and Settings\Romain\Application Data\Mozilla\Firefox\Profiles\j1kjrzzo.default\cookies.txt -> TrackingCookie.Webtrendslive : Nettoyé.
:mozilla.231:C:\Documents and Settings\Romain\Application Data\Mozilla\Firefox\Profiles\j1kjrzzo.default\cookies.txt -> TrackingCookie.Yieldmanager : Nettoyé.
:mozilla.232:C:\Documents and Settings\Romain\Application Data\Mozilla\Firefox\Profiles\j1kjrzzo.default\cookies.txt -> TrackingCookie.Yieldmanager : Nettoyé.
:mozilla.266:C:\Documents and Settings\Romain\Application Data\Mozilla\Firefox\Profiles\j1kjrzzo.default\cookies.txt -> TrackingCookie.Zedo : Nettoyé.
:mozilla.267:C:\Documents and Settings\Romain\Application Data\Mozilla\Firefox\Profiles\j1kjrzzo.default\cookies.txt -> TrackingCookie.Zedo : Nettoyé.


Fin du rapport


pouvez vous maider?

il faudrait la suite => Msnfix et hijack

Voici pour MSNFixe :

MSN_Fix 1.344

C:\Documents and Settings\Romain\Bureau\MSNFix\MSNFix
Fix exécuté le 27/07/2007 - 18:43:33,25 By Romain
mode normal

************************ Recherche les fichiers présents

Aucun Fichier trouvé

************************ Recherche les dossiers présents

Aucun dossier trouvé


************************ Fichiers suspects

/!\ ces fichiers nécessitent un avis expérimenté avant toute intervention

[C:\WINDOWS\BENGAL2.SCR] B8330D08F1DF31347F68DB21A1DFC2C3
[C:\WINDOWS\Harley1.scr] D9C632DE781F7A797EA073CEE24C1ECF
[C:\WINDOWS\mgs_ss.scr] 52C2700A10324B0B5B08FBD116371893
[C:\WINDOWS\PlayStationSaver.scr] EFB3E3FB1435D39C399BEF3B7F702755
[C:\WINDOWS\system32\UC3D.scr] CBC093A760B2BED2DF87A91F47249683
[C:\ffx_saver_pc.zip] 60E86A5C82B2F1E2357A0160D2EB7FE3
[C:\sc_chaos_theory-sp_demo_JeuxVideo.com_9540.zip] B4973CBADE52A2C77183B1078B7CDF60



------------------------------------------------------------------------
Auteur : !aur3n7 Contact: http://246694.aceboard.fr
------------------------------------------------------------------------

--------------------------------------------- END ---------------------------------------------



Ajout du 27-07-2007 à 18:48:

Et pour Hijack :

Logfile of HijackThis v1.99.1
Scan saved at 18:46:40, on 27/07/2007
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\System32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\WINDOWS\System32\CTSvcCDA.EXE
C:\WINDOWS\ehome\ehSched.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Webroot\Spy Sweeper\WRSSSDK.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\System32\MsPMSPSv.exe
C:\Program Files\Fichiers communs\Softwin\BitDefender Communicator\xcommsvr.exe
C:\WINDOWS\ehome\ehtray.exe
C:\WINDOWS\ehome\ehmsas.exe
C:\Program Files\Java\jre1.5.0_08\bin\jusched.exe
C:\windows\system\hpsysdrv.exe
C:\Program Files\HP\hpcoretech\hpcmpmgr.exe
C:\WINDOWS\System32\hphmon05.exe
C:\WINDOWS\System32\CTHELPER.EXE
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\Program Files\Creative\SBAudigy2ZS\DVDAudio\CTDVDDet.EXE
C:\PROGRA~1\MESSAG~1\StartMessager.exe
C:\Program Files\Alcatel\SpeedTouch USB\Dragdiag.exe
C:\Program Files\Fichiers communs\Microsoft Shared\Works Shared\WkUFind.exe
C:\Program Files\Creative\Shared Files\CAMTRAY.EXE
C:\PROGRA~1\softwin\BITDEF~1\bdswitch.exe
C:\Program Files\Softwin\BitDefender9\bdoesrv.exe
C:\PROGRA~1\softwin\BITDEF~1\bdnagent.exe
C:\PROGRA~1\Wanadoo\CnxMon.exe
C:\PROGRA~1\Wanadoo\TaskbarIcon.exe
C:\Program Files\Samsung\Samsung Media Studio\SamsungMediaStudioAgent.exe
C:\Program Files\pspvideo9\pspVideo9.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\WINDOWS\System32\msiexec.exe
C:\Program Files\HP\Digital Imaging\bin\hpqimzone.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files\HP\Digital Imaging\Product Assistant\bin\hprblog.exe
C:\Program Files\Fichiers communs\Softwin\BitDefender Update Service\livesrv.exe
C:\Program Files\Fichiers communs\Softwin\BitDefender Scan Server\bdss.exe
C:\Program Files\Softwin\BitDefender9\vsserv.exe
C:\Program Files\MSN Messenger\usnsvc.exe
C:\PROGRA~1\softwin\BITDEF~1\bdmcon.exe
C:\PROGRA~1\Wanadoo\EspaceWanadoo.exe
C:\PROGRA~1\Wanadoo\ComComp.exe
C:\PROGRA~1\Wanadoo\Watch.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\Romain\Bureau\hijackthis\test.exe.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.wanadoo.fr/go/page_recherche/
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.wanadoo.fr/bin/frame.cgi?service=communiquer&u=http://webmail.wanadoo.fr/wanadoo/inbox.html
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=FR_FR&c=Q304&bd=pavilion&pf=desktop
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Wanadoo
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: (no name) - {549B5CA7-4A86-11D7-A4DF-000874180BB3} - (no file)
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_08\bin\ssv.dll
O2 - BHO: (no name) - {FDD3B846-8D59-4ffb-8758-209B6AD74ACC} - (no file)
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.5.0_08\bin\jusched.exe"
O4 - HKLM\..\Run: [hpsysdrv] c:\windows\system\hpsysdrv.exe
O4 - HKLM\..\Run: [HP Component Manager] "C:\Program Files\HP\hpcoretech\hpcmpmgr.exe"
O4 - HKLM\..\Run: [HPHUPD05] c:\Program Files\HP\{45B6180B-DCAB-4093-8EE8-6164457517F0}\hphupd05.exe
O4 - HKLM\..\Run: [HPHmon05] C:\WINDOWS\System32\hphmon05.exe
O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KBD.EXE
O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE
O4 - HKLM\..\Run: [VTTimer] VTTimer.exe
O4 - HKLM\..\Run: [PS2] C:\WINDOWS\system32\ps2.exe
O4 - HKLM\..\Run: [CTHelper] CTHELPER.EXE
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [CTDVDDET] C:\Program Files\Creative\SBAudigy2ZS\DVDAudio\CTDVDDet.EXE
O4 - HKLM\..\Run: [UpdReg] C:\WINDOWS\UpdReg.EXE
O4 - HKLM\..\Run: [UpdateManager] "c:\Program Files\Fichiers communs\Sonic\Update Manager\sgtray.exe" /r
O4 - HKLM\..\Run: [MessagerStarter Wanadoo] C:\PROGRA~1\MESSAG~1\StartMessager.exe Messager Wanadoo
O4 - HKLM\..\Run: [autoclk] autoclk.exe
O4 - HKLM\..\Run: [SpeedTouch USB Diagnostics] "C:\Program Files\Alcatel\SpeedTouch USB\Dragdiag.exe" /icon
O4 - HKLM\..\Run: [Microsoft Works Update Detection] C:\Program Files\Fichiers communs\Microsoft Shared\Works Shared\WkUFind.exe
O4 - HKLM\..\Run: [Creative WebCam Tray] C:\Program Files\Creative\Shared Files\CAMTRAY.EXE
O4 - HKLM\..\Run: [HPHUPD08] C:\Program Files\HP\Digital Imaging\{33D6CC28-9F75-4d1b-A11D-98895B3A3729}\hphupd08.exe
O4 - HKLM\..\Run: [AutoTBar] c:\Program Files\HP\Digital Imaging\bin\AUTOTBAR.EXE
O4 - HKLM\..\Run: [BDSwitchAgent] "C:\PROGRA~1\softwin\BITDEF~1\bdswitch.exe"
O4 - HKLM\..\Run: [BDMCon] c:\PROGRA~1\softwin\BITDEF~1\bdmcon.exe
O4 - HKLM\..\Run: [BDOESRV] "C:\Program Files\Softwin\BitDefender9\bdoesrv.exe"
O4 - HKLM\..\Run: [BDNewsAgent] "C:\PROGRA~1\softwin\BITDEF~1\bdnagent.exe"
O4 - HKLM\..\Run: [SpySweeper] "C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe" /startintray
O4 - HKLM\..\Run: [WooCnxMon] C:\PROGRA~1\Wanadoo\CnxMon.exe
O4 - HKLM\..\Run: [WOOWATCH] C:\PROGRA~1\Wanadoo\Watch.exe
O4 - HKLM\..\Run: [WOOTASKBARICON] C:\PROGRA~1\Wanadoo\TaskbarIcon.exe
O4 - HKLM\..\Run: [YeppStudioAgent] C:\Program Files\Samsung\Samsung Media Studio\SamsungMediaStudioAgent.exe
O4 - HKLM\..\Run: [PSPVideo9] C:\Program Files\pspvideo9\pspVideo9.exe -t
O4 - HKLM\..\Run: [default second bleh thunk] C:\Documents and Settings\All Users\Application Data\creativeobjdefaultsecond\CoolRegs.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKLM\..\RunOnce: [OD] "C:\Program Files\Softwin\BitDefender9\od.exe"
O4 - HKCU\..\Run: [WOOKIT] C:\PROGRA~1\Wanadoo\GestMaj.exe EspaceWanadoo.exe
O4 - HKCU\..\Run: [EACH SIXTH] C:\DOCUME~1\Romain\APPLIC~1\FLAWMA~1\MATHGREATMEMO.exe
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Fichiers communs\Ahead\lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [BitTorrent] "C:\Program Files\BitTorrent\bittorrent.exe" --force_start_minimized
O4 - Global Startup: DSLMON.lnk = C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe
O4 - Global Startup: Démarrage rapide du logiciel HP Image Zone.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: NPADEMO.lnk = C:\Program Files\Net Pro Anti Popup\NPADEMO.exe
O8 - Extra context menu item: &Search - http://kx.bar.need2find.com/KX/menusearch.html?p=KX
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_08\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_08\bin\ssv.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O9 - Extra button: Wanadoo - {1462651F-F4BA-4C76-A001-C4284D0FE16E} - http://www.wanadoo.fr (file missing) (HKCU)
O16 - DPF: {CD995117-98E5-4169-9920-6C12D4C0B548} (HGPlugin9USA Class) - http://gamedownload.ijjimax.com/gamedownload/dist/hgstart/HGPlugin9USA.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{CF15CC08-3529-4086-8725-1F67E445AA47}: NameServer = 80.10.246.130 80.10.246.3
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll
O20 - Winlogon Notify: WRNotifier - C:\WINDOWS\SYSTEM32\WRLogonNTF.dll
O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\System32\Ati2evxx.exe
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: BitDefender Scan Server (bdss) - Unknown owner - C:\Program Files\Fichiers communs\Softwin\BitDefender Scan Server\bdss.exe" /service (file missing)
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\System32\CTSvcCDA.EXE
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: BitDefender Desktop Update Service (LIVESRV) - Unknown owner - C:\Program Files\Fichiers communs\Softwin\BitDefender Update Service\livesrv.exe" /service (file missing)
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\System32\HPZipm12.exe
O23 - Service: Webroot Spy Sweeper Engine (svcWRSSSDK) - Webroot Software, Inc. - C:\Program Files\Webroot\Spy Sweeper\WRSSSDK.exe
O23 - Service: BitDefender Virus Shield (VSSERV) - Unknown owner - C:\Program Files\Softwin\BitDefender9\vsserv.exe" /service (file missing)
O23 - Service: BitDefender Communicator (XCOMM) - Unknown owner - C:\Program Files\Fichiers communs\Softwin\BitDefender Communicator\xcommsvr.exe" /service (file missing)

Télécharger sur le bureau

OTMoveIt.exe

---------------
relancer hijack

cocher ces lignes et clic ensuite sur FIX CHECKED

O2 - BHO: (no name) - {549B5CA7-4A86-11D7-A4DF-000874180BB3} - (no file)
O4 - HKLM\..\Run: [default second bleh thunk] C:\Documents and Settings\All Users\Application Data\creativeobjdefaultsecond\CoolRegs.exe
O4 - HKCU\..\Run: [EACH SIXTH] C:\DOCUME~1\Romain\APPLIC~1\FLAWMA~1\MATHGREATMEMO.exe
O8 - Extra context menu item: &Search - http://kx.bar.need2find.com/KX/menusearch.html?p=KX

-------------
= Copier ce texte en gras

C:\Documents and Settings\All Users\Application Data\creativeobjdefaultsecond\CoolRegs.exe
C:\DOCUME~1\Romain\APPLIC~1\FLAWMA~1\MATHGREATMEMO.exe

= Double-clic sur OTMoveIt.exe
= Dans le cadre de Gauche ==> clic-droit ==> coller
= Clic MoveIt!
= si redémarrage demandé==> Clic : YES
= Un rapport dans ==> C:\_OTMoveIt\MovedFiles\date du jour à copier/coller dans la réponse
------------

dire si tu as encore des problèmes

jai ça :

C:\Documents and Settings\All Users\Application Data\creativeobjdefaultsecond\CoolRegs.exe moved successfully.
File/Folder C:\DOCUME~1\Romain\APPLIC~1\FLAWMA~1\MATHGREATMEMO.exe not found.

Created on 07/27/2007 19:15:01


mais je ne trouve pas le rapport..

fait démarrer ==> rechercher ==> tous les fichiers et tous les dossiers
dans avancé tu coches les 3 premières cases

et tu lances le recherche avec MATHGREATMEMO

supprime le si présent.

encore des soucis ?