virus Nokia

Bonjour
mon ordi déraille.J'ai conversé dimanche avec une amie sur msn.Nous avons partagé des Photos et a un moment elle m'a envoyé un fichier archive Nommé Nokia queque-chose j'ai évidement essayé de l'ouvrir et depuis des fenêtre de conversations viennent par Flash sans que je les ai ouvertes et une amie que j'ai eu au phone hier soir m'a dit que je discutais avec elle sur msn et que je lui disais des trucs bizarre.Je n'ai pas cherché à discuter avec elle depuis un moment donc j'ai tiqué et en surfant sur internet j'ai vu qu'il existait un virus du nom de Nokia.Donc je fais appel à vous et à votre savoir pour m'aider.Merci par avance.

Bonjour,

- Télécharge HiJackThis de Merijn sur ton bureau.
- Renomme le fichier HiJackThis.exe en Scanner.exe pour cela, fais un clic droit sur le fichier HiJackThis.exe et choisis renommer dans la liste
- Tape Scanner.exe et Appuye sur la touche Entrée.
- Génère un rapport en suivant ces indications :
- Double-clic sur Scanner.exe
- Exécute le et clique sur Do a scan and save log file.
- Le rapport s'ouvre sur le Bloc-Note
- Colle le rapport ici, pour cela :
- Menu Edition / Selectionner Tout
- Menu Edition / copier
- Ici dans un nouveau message : clic droit / coller
Aide : N'hésite pas à consulter l'aide HiJackThis -

merci pour cette réponse rapide.

mon système d'exploitation :xp
Antivirus avast 4.7 familiale
Mon niveau de compétence :Débutant
J'ai spybot.

Rapport Hijackthis:

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 11:12:07, on 26/10/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\cisvc.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Sonic\DigitalMedia LE v7\MyDVD LE\USBDeviceService.exe
C:\WINDOWS\system32\SearchIndexer.exe
C:\WINDOWS\system32\dllhost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\ehome\ehtray.exe
C:\Program Files\Sonic\DigitalMedia LE v7\MyDVD LE\DetectorApp.exe
C:\Program Files\ATI Technologies\ATI.ACE\CLI.EXE
C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe
C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe
C:\PROGRA~1\GOTOSO~1\VADERE~1\Vaderetro_oe.exe
C:\WINDOWS\VM_STI.EXE
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Real\RealPlayer\RealPlay.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Windows Live\Contrôle parental\fssui.exe
C:\WINDOWS\eHome\ehmsas.exe
C:\WINDOWS\LBTWiz.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Kodak\KODAK Software Updater\7288971\Program\Kodak Software Updater.exe
C:\Program Files\Kodak\Kodak EasyShare Software\bin\EasyShare.exe
C:\Program Files\Windows Desktop Search\WindowsSearch.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Program Files\Windows Live\Messenger\usnsvc.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\WINDOWS\system32\cidaemon.exe
C:\WINDOWS\system32\cidaemon.exe
C:\Program Files\Windows Media Player\wmplayer.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\system32\SearchProtocolHost.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.neufportail.fr/
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: Solid Converter PDF - {259F616C-A300-44F5-B04A-ED001A26C85C} - C:\Program Files\SolidDocuments\SolidConverterPDF\SCPDF\ExploreExtPDF.dll
O2 - BHO: Windows Live OneCare Family Safety Browser Helper - {4f3ed5cd-0726-42a9-87f5-d13f3d2976ac} - C:\Program Files\Windows Live\Contrôle parental\fssbho.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O3 - Toolbar: Solid Converter PDF - {259F616C-A300-44F5-B04A-ED001A26C85C} - C:\Program Files\SolidDocuments\SolidConverterPDF\SCPDF\ExploreExtPDF.dll
O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe
O4 - HKLM\..\Run: [ATICCC] "C:\Program Files\ATI Technologies\ATI.ACE\CLIStart.exe"
O4 - HKLM\..\Run: [DetectorApp] C:\Program Files\Sonic\DigitalMedia LE v7\MyDVD LE\DetectorApp.exe
O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\FICHIE~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
O4 - HKLM\..\Run: [Vade Retro Outlook Express] "C:\PROGRA~1\GOTOSO~1\VADERE~1\Vaderetro_oe.exe"
O4 - HKLM\..\Run: [BigDogPath] C:\WINDOWS\VM_STI.EXE VIMICRO USB PC Camera
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [RealTray] C:\Program Files\Real\RealPlayer\RealPlay.exe SYSTEMBOOTHIDEPLAYER
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [UserFaultCheck] %systemroot%\system32\dumprep 0 -u
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [fssui] "C:\Program Files\Windows Live\Contrôle parental\fssui.exe"
O4 - HKLM\..\Run: [LBTWiz.exe] C:\WINDOWS\LBTWiz.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [updateMgr] C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe AcRdB7_0_9
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Kodak software updater.lnk = C:\Program Files\Kodak\KODAK Software Updater\7288971\Program\Kodak Software Updater.exe
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Lancement rapide de Microsoft Office OneNote 2003.lnk = C:\Program Files\Microsoft Office\OFFICE11\ONENOTEM.EXE
O4 - Global Startup: Logiciel Kodak EasyShare.lnk = C:\Program Files\Kodak\Kodak EasyShare Software\bin\EasyShare.exe
O4 - Global Startup: Windows Desktop Search.lnk = C:\Program Files\Windows Desktop Search\WindowsSearch.exe
O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Ouvrir dans un nouvel onglet d'arrière-plan - res://C:\Program Files\Windows Live Toolbar\Components\fr-fr\msntabres.dll.mui/229?9f7d7a2ec74b423cadb150559ce81fe9
O8 - Extra context menu item: Ouvrir dans un nouvel onglet de premier plan - res://C:\Program Files\Windows Live Toolbar\Components\fr-fr\msntabres.dll.mui/230?9f7d7a2ec74b423cadb150559ce81fe9
O9 - Extra button: (no name) - SolidConverterPDF - (no file)
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: (no name) - SolidConverterPDF - (no file) (HKCU)
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx1.mail.live.com/mail/w1/resources/MSNPUpld.cab
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab
O16 - DPF: {D0C0F75C-683A-4390-A791-1ACFD5599AB8} (Oberon Flash Game Host) - http://jeuxmultijoueurs.orange.fr/Gameshell/GameHost/1.0/OberonGameHost.cab
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft AB - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Planificateur LiveUpdate automatique - Unknown owner - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe (file missing)
O23 - Service: USBDeviceService - Unknown owner - C:\Program Files\Sonic\DigitalMedia LE v7\MyDVD LE\USBDeviceService.exe
O23 - Service: Windows Live Setup Service (WLSetupSvc) - Unknown owner - C:\Program Files\Windows Live\installer\WLSetupSvc.exe

--
End of file - 10431 bytes

Tu t'es fait avoir par un ver MSN utilisant le social engineering pour duper les utilisateurs MSN. N'ouvre pas de zip de photos, webcam etc... sur MSN, pour plus d'informations sur les infections MSN, voir ce lien : http://forum.malekal.com/viewtopic.php?f=45&t=5161


Télécharge MSNFix.zip (de !aur3n7) sur votre bureau: http://sosvirus.changelog.fr/MSNFix.zi (Tutorial d'aide MSNFix)

Décompresse-le (clic droit >> Extraire ici) et double-clique sur le fichier MSNFix.bat.
- Exécute l'option R.
-- Si l'infection est détectée, un message l'indiquera et il suffira de presser une touche pour lancer le nettoyage

Note :
Si une erreur de suppression est détectée un message s'affichera demandant de redémarrer l'ordinateur afin de terminer les opérations. Dans ce cas il suffit de redémarrer l'ordinateur en mode normal

- Le rapport sera enregistré dans le même dossier que MSNFix sous forme date_heure.txt

Puis :

Avast! est loin de ce que l'on a fait de mieux en matière de protection, voir ce lien pour plus d'informations : http://forum.malekal.com/ftopic3123.php

Clairement, Antivir est beaucoup plus performant, c'est pourquoi, je te conseille TRES VIVEMENT de désinstaller Avast! et installer Antivir à la place : http://www.malekal.com/tutorial_antivir.php

Pour t'aider tu peux suivre ce lien : http://forum.malekal.com/ftopic4192.php

- Après l'installation, mets le à jour - si ton firewall fait une alerte.. accepte la connexion.
- Assure toi qu'Antivir est bien à jour, vérifie la date d'update.

-- Redémarre en mode sans échec, pour cela, redémarre l'ordinateur, avant le logo Windows, tapote sur la touche F8, un menu va apparaître, choisis Mode sans échec et appuye sur la touche entrée du clavier.

- Ouvre Antivir par le menu Démarrer / Programmes
- Cliquez sur l'onglet Scanner.
- Sélectionne Manual Selection
- Sélectionne le disque C
- Lance le scan - Mets en quarantaine tous les éléments détectés.
- Une fois le scan terminé Enregistre le rapport.

Redémarre en mode normal.

Poste le rapport ici.
Poste un nouveau rapport HijackThis.

merci pour cette réponse rapide.

mon système d'exploitation :xp
Antivirus avast 4.7 familiale
Mon niveau de compétence :Débutant
J'ai spybot.

Rapport Hijackthis:

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 11:12:07, on 26/10/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\cisvc.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Sonic\DigitalMedia LE v7\MyDVD LE\USBDeviceService.exe
C:\WINDOWS\system32\SearchIndexer.exe
C:\WINDOWS\system32\dllhost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\ehome\ehtray.exe
C:\Program Files\Sonic\DigitalMedia LE v7\MyDVD LE\DetectorApp.exe
C:\Program Files\ATI Technologies\ATI.ACE\CLI.EXE
C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe
C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe
C:\PROGRA~1\GOTOSO~1\VADERE~1\Vaderetro_oe.exe
C:\WINDOWS\VM_STI.EXE
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Real\RealPlayer\RealPlay.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Windows Live\Contrôle parental\fssui.exe
C:\WINDOWS\eHome\ehmsas.exe
C:\WINDOWS\LBTWiz.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Kodak\KODAK Software Updater\7288971\Program\Kodak Software Updater.exe
C:\Program Files\Kodak\Kodak EasyShare Software\bin\EasyShare.exe
C:\Program Files\Windows Desktop Search\WindowsSearch.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Program Files\Windows Live\Messenger\usnsvc.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\WINDOWS\system32\cidaemon.exe
C:\WINDOWS\system32\cidaemon.exe
C:\Program Files\Windows Media Player\wmplayer.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\system32\SearchProtocolHost.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.neufportail.fr/
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: Solid Converter PDF - {259F616C-A300-44F5-B04A-ED001A26C85C} - C:\Program Files\SolidDocuments\SolidConverterPDF\SCPDF\ExploreExtPDF.dll
O2 - BHO: Windows Live OneCare Family Safety Browser Helper - {4f3ed5cd-0726-42a9-87f5-d13f3d2976ac} - C:\Program Files\Windows Live\Contrôle parental\fssbho.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O3 - Toolbar: Solid Converter PDF - {259F616C-A300-44F5-B04A-ED001A26C85C} - C:\Program Files\SolidDocuments\SolidConverterPDF\SCPDF\ExploreExtPDF.dll
O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe
O4 - HKLM\..\Run: [ATICCC] "C:\Program Files\ATI Technologies\ATI.ACE\CLIStart.exe"
O4 - HKLM\..\Run: [DetectorApp] C:\Program Files\Sonic\DigitalMedia LE v7\MyDVD LE\DetectorApp.exe
O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\FICHIE~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
O4 - HKLM\..\Run: [Vade Retro Outlook Express] "C:\PROGRA~1\GOTOSO~1\VADERE~1\Vaderetro_oe.exe"
O4 - HKLM\..\Run: [BigDogPath] C:\WINDOWS\VM_STI.EXE VIMICRO USB PC Camera
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [RealTray] C:\Program Files\Real\RealPlayer\RealPlay.exe SYSTEMBOOTHIDEPLAYER
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [UserFaultCheck] %systemroot%\system32\dumprep 0 -u
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [fssui] "C:\Program Files\Windows Live\Contrôle parental\fssui.exe"
O4 - HKLM\..\Run: [LBTWiz.exe] C:\WINDOWS\LBTWiz.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [updateMgr] C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe AcRdB7_0_9
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Kodak software updater.lnk = C:\Program Files\Kodak\KODAK Software Updater\7288971\Program\Kodak Software Updater.exe
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Lancement rapide de Microsoft Office OneNote 2003.lnk = C:\Program Files\Microsoft Office\OFFICE11\ONENOTEM.EXE
O4 - Global Startup: Logiciel Kodak EasyShare.lnk = C:\Program Files\Kodak\Kodak EasyShare Software\bin\EasyShare.exe
O4 - Global Startup: Windows Desktop Search.lnk = C:\Program Files\Windows Desktop Search\WindowsSearch.exe
O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Ouvrir dans un nouvel onglet d'arrière-plan - res://C:\Program Files\Windows Live Toolbar\Components\fr-fr\msntabres.dll.mui/229?9f7d7a2ec74b423cadb150559ce81fe9
O8 - Extra context menu item: Ouvrir dans un nouvel onglet de premier plan - res://C:\Program Files\Windows Live Toolbar\Components\fr-fr\msntabres.dll.mui/230?9f7d7a2ec74b423cadb150559ce81fe9
O9 - Extra button: (no name) - SolidConverterPDF - (no file)
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: (no name) - SolidConverterPDF - (no file) (HKCU)
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx1.mail.live.com/mail/w1/resources/MSNPUpld.cab
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab
O16 - DPF: {D0C0F75C-683A-4390-A791-1ACFD5599AB8} (Oberon Flash Game Host) - http://jeuxmultijoueurs.orange.fr/Gameshell/GameHost/1.0/OberonGameHost.cab
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft AB - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Planificateur LiveUpdate automatique - Unknown owner - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe (file missing)
O23 - Service: USBDeviceService - Unknown owner - C:\Program Files\Sonic\DigitalMedia LE v7\MyDVD LE\USBDeviceService.exe
O23 - Service: Windows Live Setup Service (WLSetupSvc) - Unknown owner - C:\Program Files\Windows Live\installer\WLSetupSvc.exe

--
End of file - 10431 bytes

re
j'ai téléchargé msnfix.zip et fait ce que vous m'avez dit.
Rapport:

MSNFix 1.555

C:\Documents and Settings\bebe\Bureau\MSNFix
Fix exécuté le 26/10/2007 - 18:54:20,53 By bebe
mode normal

************************ Recherche les fichiers présents

... C:\WINDOWS\LBTWiz.exe

************************ MSNCHK ***** /!\ beta test /!\



************************ Recherche les dossiers présents

Aucun dossier trouvé




************************ Suppression des fichiers

/!\ ... C:\WINDOWS\LBTWiz.exe



************************ Nettoyage du registre



Les fichiers encore présents seront supprimés au prochain redémarrage


************************ Suppression des fichiers

.. OK ... C:\WINDOWS\LBTWiz.exe



************************ Fichiers suspects

/!\ ces fichiers nécessitent un avis expérimenté avant toute intervention

[C:\Documents and Settings\bebe\SVGView.exe] 52EBF84F468D9183C612EEBF8FCE3C4D

==> SVP merci d'envoyer le fichier C:\DOCUME~1\bebe\Bureau\Upload_Me.zip sur http://upload.changelog.fr



Les fichiers et clés de registre supprimés ont été sauvegardés dans le fichier 26102007_18584007.zip


------------------------------------------------------------------------
Auteur : !aur3n7 Contact: http://changelog.fr
------------------------------------------------------------------------

--------------------------------------------- END ---------------------------------------------

OK continue

Bonjour

J'ai désintallé avast.Installé antivir.Passé en mode sans échec et voici le rapport:
27.10.2007 09:51:22 - Installation Directory: C:\Program Files\Avira\AntiVir PersonalEdition Classic\
27.10.2007 09:51:22 - Backup Directory: C:\Documents and Settings\All Users\Application Data\Avira\AntiVir PersonalEdition Classic\BACKUP\
27.10.2007 09:51:22 - Temp Directory: C:\Documents and Settings\All Users\Application Data\Avira\AntiVir PersonalEdition Classic\Update\AVUPDATE_4722edf9\
27.10.2007 09:51:22 - Start the Update GUI... Displaymode: 0

27.10.2007 09:51:22 - Installation Directory: C:\Program Files\Avira\AntiVir PersonalEdition Classic\
27.10.2007 09:51:22 - Backup Directory: C:\Documents and Settings\All Users\Application Data\Avira\AntiVir PersonalEdition Classic\BACKUP\
27.10.2007 09:51:22 - Temp Directory: C:\Documents and Settings\All Users\Application Data\Avira\AntiVir PersonalEdition Classic\Update\AVUPDATE_4722edf9\
27.10.2007 09:51:22 - Start the Update GUI... Displaymode: 0

27.10.2007 09:51:24 - Keyfile: OK [FULL Mode]

27.10.2007 09:51:24 - Avira AntiVir PersonalEdition Classic

27.10.2007 09:51:25 - Master IDX file has changed
27.10.2007 09:51:30 - Keyfile: OK [FULL Mode]

27.10.2007 09:51:30 - Downloading the product.info file from http://dl8.freeav.net/upd/idx/classic-nt-en.info.gz
27.10.2007 09:51:31 - File basic-nt/2k/avgntflt.sys's operating system doesn't match the current one. File ignored.
27.10.2007 09:51:31 - File basic-nt/avadmin.exe's operating system doesn't match the current one. File ignored.
27.10.2007 09:51:31 - File basic-nt/avgio64.sys's operating system doesn't match the current one. File ignored.
27.10.2007 09:51:31 - File basic-nt/imp64b.exe's operating system doesn't match the current one. File ignored.
27.10.2007 09:51:31 - File basic-nt/psapi.dll's operating system doesn't match the current one. File ignored.
27.10.2007 09:51:31 - File basic-nt/shlext64.dll's operating system doesn't match the current one. File ignored.
27.10.2007 09:51:31 - File basic-nt/vista64/avgntflt.sys's operating system doesn't match the current one. File ignored.
27.10.2007 09:51:31 - File basic-nt/wsctool.exe's operating system doesn't match the current one. File ignored.
27.10.2007 09:51:31 - File basic-nt/xp64/avgntflt.sys's operating system doesn't match the current one. File ignored.
27.10.2007 09:51:31 - File basic-nt/2k/avgntdd.sys's operating system doesn't match the current one. File ignored.
27.10.2007 09:51:31 - File basic-nt/2k/avgntmgr.sys's operating system doesn't match the current one. File ignored.
27.10.2007 09:51:31 - File basic-nt/nt/avgntdd.sys's operating system doesn't match the current one. File ignored.
27.10.2007 09:51:31 - File basic-nt/nt/avgntmgr.sys's operating system doesn't match the current one. File ignored.
27.10.2007 09:51:31 - File basic-nt/vista64/avgntflt.sys's operating system doesn't match the current one. File ignored.
27.10.2007 09:51:31 - Downloading the product.info file from http://dl8.freeav.net/upd/idx/vdf.info.gz
27.10.2007 09:51:34 - Keyfile: OK [FULL Mode]

27.10.2007 09:51:34 - Downloading the product.info file from http://dl8.freeav.net/upd/idx/specvir-nt.info.gz
27.10.2007 09:51:34 - Downloading the product.info file from http://dl8.freeav.net/upd/idx/engine.info.gz
27.10.2007 09:51:35 - Downloading the product.info file from http://dl8.freeav.net/upd/idx/engine-nt-en.info.gz
27.10.2007 09:51:36 - Module: SELFUPDATE Source: winwks\en\ Destination: C:\Program Files\Avira\AntiVir PersonalEdition Classic\ Files: 15
27.10.2007 09:51:36 - C:\Program Files\Avira\AntiVir PersonalEdition Classic\updlib.dll 1.2.10.20 < 1.2.10.21
27.10.2007 09:51:36 - Module: MAIN Source: winwks\en\ Destination: C:\Program Files\Avira\AntiVir PersonalEdition Classic\ Files: 75
27.10.2007 09:51:36 - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe 7.2.0.13 < 7.2.0.16
27.10.2007 09:51:36 - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe 7.0.0.79 < 7.0.0.82
27.10.2007 09:51:36 - C:\Program Files\Avira\AntiVir PersonalEdition Classic\ccguard.dll 7.0.1.34 < 7.0.1.35
27.10.2007 09:51:36 - C:\Program Files\Avira\AntiVir PersonalEdition Classic\ccprofil.dll 7.2.0.5 < 7.2.0.6
27.10.2007 09:51:36 - C:\Program Files\Avira\AntiVir PersonalEdition Classic\preupd.exe 7.0.0.34 < 7.0.0.35
27.10.2007 09:51:36 - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgntflt.sys 7.0.0.2 < 7.0.0.4
27.10.2007 09:51:36 - build.dat 9435a63d8ae0e1bec77b8634a5b0d268 != 6c345d2097f5791881eeda2797081e7c
27.10.2007 09:51:36 - ccplg.xml 472c2b02386229476b2bb7038744dd80 != 92f17221088547222489fd7dbaba9601
27.10.2007 09:51:36 - Module: COMMAPPDATA Source: winwks\en\ Destination: C:\Documents and Settings\All Users\Application Data\ Files: 1
27.10.2007 09:51:36 - Module: TEXT Source: winwks\en\ Destination: C:\Program Files\Avira\AntiVir PersonalEdition Classic\ Files: 3
27.10.2007 09:51:36 - Module: VDF Source: vdf\ Destination: C:\Program Files\Avira\AntiVir PersonalEdition Classic\ Files: 4
27.10.2007 09:51:36 - C:\Program Files\Avira\AntiVir PersonalEdition Classic\antivir0.vdf 6.35.0.1 < 6.40.0.0
27.10.2007 09:51:36 - C:\Program Files\Avira\AntiVir PersonalEdition Classic\antivir1.vdf 6.39.0.129 < 7.0.0.0
27.10.2007 09:51:36 - C:\Program Files\Avira\AntiVir PersonalEdition Classic\antivir2.vdf 6.39.1.43 < 7.0.0.140
27.10.2007 09:51:36 - C:\Program Files\Avira\AntiVir PersonalEdition Classic\antivir3.vdf 6.39.1.51 < 7.0.0.142
27.10.2007 09:51:36 - Module: AVREP_NT Source: engine\nt\ Destination: C:\Program Files\Avira\AntiVir PersonalEdition Classic\ Files: 1
27.10.2007 09:51:36 - Module: ENGINE Source: engine\ Destination: C:\Program Files\Avira\AntiVir PersonalEdition Classic\ Files: 2
27.10.2007 09:51:36 - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avewin32.dll 7.6.0.5 < 7.6.0.30
27.10.2007 09:51:36 - Module: ENGINE_NT_EN Source: engine\nt\ Destination: C:\Program Files\Avira\AntiVir PersonalEdition Classic\ Files: 1
27.10.2007 09:51:36 - Module: DRV Source: winwks\en\ Destination: C:\WINDOWS\SYSTEM32\drivers\ Files: 4
27.10.2007 09:51:36 - C:\WINDOWS\SYSTEM32\drivers\avipbb.sys 1.0.2.11 < 1.0.2.13
27.10.2007 09:51:36 - Minifilter is installed

27.10.2007 09:51:36 - Minifilter is possible

27.10.2007 09:51:36 - Reading registry value successful: Software\Avira\AntiVir PersonalEdition Classic | FilterType

27.10.2007 09:51:36 - Initialize avnotify.exe

27.10.2007 09:51:37 - Starting avnotify.exe successful

27.10.2007 09:51:37 - Preparing to download files
27.10.2007 09:51:37 - 16 files need to be downloaded / copied from http://dl8.freeav.net/upd/
27.10.2007 09:51:37 - #1: Downloading and extracting http://dl8.freeav.net/upd/winwks/en/basic-nt/updlib.dll.gz to C:\Documents and Settings\All Users\Application Data\Avira\AntiVir PersonalEdition Classic\Update\AVUPDATE_4722edf9\winwks\en\basic-nt/updlib.dll
27.10.2007 09:51:38 - #2: Downloading and extracting http://dl8.freeav.net/upd/winwks/en/basic-nt/avgnt.exe.gz to C:\Documents and Settings\All Users\Application Data\Avira\AntiVir PersonalEdition Classic\Update\AVUPDATE_4722edf9\winwks\en\basic-nt/avgnt.exe
27.10.2007 09:51:39 - #3: Downloading and extracting http://dl8.freeav.net/upd/winwks/en/basic-nt/avguard.exe.gz to C:\Documents and Settings\All Users\Application Data\Avira\AntiVir PersonalEdition Classic\Update\AVUPDATE_4722edf9\winwks\en\basic-nt/avguard.exe
27.10.2007 09:51:40 - #4: Downloading and extracting http://dl8.freeav.net/upd/winwks/en/basic-nt/ccguard.dll.gz to C:\Documents and Settings\All Users\Application Data\Avira\AntiVir PersonalEdition Classic\Update\AVUPDATE_4722edf9\winwks\en\basic-nt/ccguard.dll
27.10.2007 09:51:41 - #5: Downloading and extracting http://dl8.freeav.net/upd/winwks/en/basic-nt/ccprofil.dll.gz to C:\Documents and Settings\All Users\Application Data\Avira\AntiVir PersonalEdition Classic\Update\AVUPDATE_4722edf9\winwks\en\basic-nt/ccprofil.dll
27.10.2007 09:51:42 - #6: Downloading and extracting http://dl8.freeav.net/upd/winwks/en/basic-nt/preupd.exe.gz to C:\Documents and Settings\All Users\Application Data\Avira\AntiVir PersonalEdition Classic\Update\AVUPDATE_4722edf9\winwks\en\basic-nt/preupd.exe
27.10.2007 09:51:42 - #7: Downloading and extracting http://dl8.freeav.net/upd/winwks/en/basic-nt/xp/avgntflt.sys.gz to C:\Documents and Settings\All Users\Application Data\Avira\AntiVir PersonalEdition Classic\Update\AVUPDATE_4722edf9\winwks\en\basic-nt/xp/avgntflt.sys
27.10.2007 09:51:43 - #8: Downloading and extracting http://dl8.freeav.net/upd/winwks/en/classic-nt/build.dat.gz to C:\Documents and Settings\All Users\Application Data\Avira\AntiVir PersonalEdition Classic\Update\AVUPDATE_4722edf9\winwks\en\classic-nt/build.dat
27.10.2007 09:51:43 - #9: Downloading and extracting http://dl8.freeav.net/upd/winwks/en/classic-nt/ccplg.xml.gz to C:\Documents and Settings\All Users\Application Data\Avira\AntiVir PersonalEdition Classic\Update\AVUPDATE_4722edf9\winwks\en\classic-nt/ccplg.xml
27.10.2007 09:51:44 - #10: Downloading and extracting http://dl8.freeav.net/upd/winwks/en/basic-nt/addr_file.html.gz to C:\Documents and Settings\All Users\Application Data\Avira\AntiVir PersonalEdition Classic\Update\AVUPDATE_4722edf9\winwks\en\basic-nt/addr_file.html
27.10.2007 09:51:44 - #11: Downloading and extracting http://dl8.freeav.net/upd/vdf/antivir0.vdf.gz to C:\Documents and Settings\All Users\Application Data\Avira\AntiVir PersonalEdition Classic\Update\AVUPDATE_4722edf9\vdf\antivir0.vdf
27.10.2007 09:52:50 - #12: Downloading and extracting http://dl8.freeav.net/upd/vdf/antivir1.vdf.gz to C:\Documents and Settings\All Users\Application Data\Avira\AntiVir PersonalEdition Classic\Update\AVUPDATE_4722edf9\vdf\antivir1.vdf
27.10.2007 09:52:59 - #13: Downloading and extracting http://dl8.freeav.net/upd/vdf/antivir2.vdf.gz to C:\Documents and Settings\All Users\Application Data\Avira\AntiVir PersonalEdition Classic\Update\AVUPDATE_4722edf9\vdf\antivir2.vdf
27.10.2007 09:53:05 - #14: Downloading and extracting http://dl8.freeav.net/upd/vdf/antivir3.vdf.gz to C:\Documents and Settings\All Users\Application Data\Avira\AntiVir PersonalEdition Classic\Update\AVUPDATE_4722edf9\vdf\antivir3.vdf
27.10.2007 09:53:06 - #15: Downloading and extracting http://dl8.freeav.net/upd/engine/avewin32.dll.gz to C:\Documents and Settings\All Users\Application Data\Avira\AntiVir PersonalEdition Classic\Update\AVUPDATE_4722edf9\engine\avewin32.dll
27.10.2007 09:53:14 - #16: Downloading and extracting http://dl8.freeav.net/upd/winwks/en/basic-nt/avipbb.sys.gz to C:\Documents and Settings\All Users\Application Data\Avira\AntiVir PersonalEdition Classic\Update\AVUPDATE_4722edf9\winwks\en\basic-nt/avipbb.sys
27.10.2007 09:53:21 - Service AVEService is not installed

27.10.2007 09:53:21 - Service AntiVirMailService is not installed

27.10.2007 09:53:21 - Initialize fwinst.exe

27.10.2007 09:53:21 - Initialize fwinst.exe

27.10.2007 09:53:21 - Service AntiVirFirewallService is not installed

27.10.2007 09:53:21 - Service antivirwebservice is not installed

27.10.2007 09:53:21 - Status of service AntiVirService is running

27.10.2007 09:53:21 - Initialize avgnt.exe

27.10.2007 09:53:21 - Status of service AntiVirScheduler is running

27.10.2007 09:53:21 - Minifilter is installed

27.10.2007 09:53:21 - Minifilter is possible

27.10.2007 09:53:21 - Initialize avscan.exe

27.10.2007 09:53:21 - Initialize avconfig.cpl

27.10.2007 09:53:21 - Initialize avcenter.exe

27.10.2007 09:53:21 - shell extension is installed

27.10.2007 09:53:21 - Reading registry value successful: Software\Avira\AntiVir PersonalEdition Classic | RootkitsInstalled

27.10.2007 09:53:21 - Reading registry value successful: Software\Avira\AntiVir PersonalEdition Classic | RootkitsInstalled

27.10.2007 09:53:21 - Service AVEService is not installed

27.10.2007 09:53:21 - Service AntiVirMailService is not installed

27.10.2007 09:53:21 - Initialize fwinst.exe

27.10.2007 09:53:21 - Initialize fwinst.exe

27.10.2007 09:53:21 - Service AntiVirFirewallService is not installed

27.10.2007 09:53:21 - shell extension is installed

27.10.2007 09:53:21 - Initialize regsvr32.exe

27.10.2007 09:53:22 - shell extension removed successfully

27.10.2007 09:53:22 - avgnt.exe closed.

27.10.2007 09:53:22 - Status of service AntiVirScheduler is running

27.10.2007 09:53:22 - Service AntiVirScheduler successfully stopped

27.10.2007 09:53:22 - Status of service AntiVirService is running

27.10.2007 09:53:24 - Service AntiVirService successfully stopped

27.10.2007 09:53:24 - Starting to install
27.10.2007 09:53:24 - Processing module SELFUPDATE Source: C:\Documents and Settings\All Users\Application Data\Avira\AntiVir PersonalEdition Classic\Update\AVUPDATE_4722edf9\winwks\en\ Destination: C:\Program Files\Avira\AntiVir PersonalEdition Classic\
27.10.2007 09:53:24 - Current Direcory:C:\Program Files\Avira\AntiVir PersonalEdition Classic, About to execute C:\Documents and Settings\All Users\Application Data\Avira\AntiVir PersonalEdition Classic\Update\AVUPDATE_4722edf9\SelfUpdateTemp\update.exe --log-template="${DAY}.${MONTH}.${YEAR} ${HOUR}:${MINUTE}:${SECOND} - ${MSG}".Self Update helper
27.10.2007 09:53:27 - Installation Directory: C:\Program Files\Avira\AntiVir PersonalEdition Classic\
27.10.2007 09:53:27 - Backup Directory: C:\Documents and Settings\All Users\Application Data\Avira\AntiVir PersonalEdition Classic\BACKUP\
27.10.2007 09:53:27 - Temp Directory: C:\WINDOWS\TEMP\Update_Temp\
27.10.2007 09:53:27 - Avira AntiVir PersonalEdition Classic

27.10.2007 09:53:27 - Self update: Copying file C:\Documents and Settings\All Users\Application Data\Avira\AntiVir PersonalEdition Classic\Update\AVUPDATE_4722edf9\winwks\en\basic-nt/updlib.dll to C:\Program Files\Avira\AntiVir PersonalEdition Classic\updlib.dll
27.10.2007 09:53:27 - Executing original update application
27.10.2007 09:53:27 - Current Direcory:C:\Program Files\Avira\AntiVir PersonalEdition Classic, About to execute C:\Program Files\Avira\AntiVir PersonalEdition Classic\update.exe --config-file="C:\Documents and Settings\All Users\Application Data\Avira\AntiVir PersonalEdition Classic\update.conf" --install-path="C:\Program Files\Avira\AntiVir PersonalEdition Classic" --log-template="${DAY}.${MONTH}.${YEAR} ${HOUR}:${MINUTE}:${SECOND} - ${MSG}" --NoSelfUpdate "--TmpDir=C:\Documents and Settings\All Users\Application Data\Avira\AntiVir PersonalEdition Classic\Update\AVUPDATE_4722edf9" "--LogFile=C:\Documents and Settings\All Users\Application Data\Avira\AntiVir PersonalEdition Classic\LOGFILES\Upd-2007-10-27-09-51-21.log" "--TmpFilesList=C:\Documents and Settings\All Users\Application Data\Avira\AntiVir PersonalEdition Classic\Update\AVUPDATE_4722edf9\ToRemove.txt".Executing original update application
27.10.2007 09:53:28 - Installation Directory: C:\Program Files\Avira\AntiVir PersonalEdition Classic\
27.10.2007 09:53:28 - Backup Directory: C:\Documents and Settings\All Users\Application Data\Avira\AntiVir PersonalEdition Classic\BACKUP\
27.10.2007 09:53:28 - Temp Directory: C:\Documents and Settings\All Users\Application Data\Avira\AntiVir PersonalEdition Classic\Update\AVUPDATE_4722edf9\
27.10.2007 09:53:28 - Start the Update GUI... Displaymode: 0

27.10.2007 09:53:28 - Avira AntiVir PersonalEdition Classic

27.10.2007 09:53:28 - Master IDX file has changed
27.10.2007 09:53:28 - File basic-nt/2k/avgntflt.sys's operating system doesn't match the current one. File ignored.
27.10.2007 09:53:28 - File basic-nt/avadmin.exe's operating system doesn't match the current one. File ignored.
27.10.2007 09:53:28 - File basic-nt/avgio64.sys's operating system doesn't match the current one. File ignored.
27.10.2007 09:53:28 - File basic-nt/imp64b.exe's operating system doesn't match the current one. File ignored.
27.10.2007 09:53:28 - File basic-nt/psapi.dll's operating system doesn't match the current one. File ignored.
27.10.2007 09:53:28 - File basic-nt/shlext64.dll's operating system doesn't match the current one. File ignored.
27.10.2007 09:53:28 - File basic-nt/vista64/avgntflt.sys's operating system doesn't match the current one. File ignored.
27.10.2007 09:53:28 - File basic-nt/wsctool.exe's operating system doesn't match the current one. File ignored.
27.10.2007 09:53:28 - File basic-nt/xp64/avgntflt.sys's operating system doesn't match the current one. File ignored.
27.10.2007 09:53:28 - File basic-nt/2k/avgntdd.sys's operating system doesn't match the current one. File ignored.
27.10.2007 09:53:28 - File basic-nt/2k/avgntmgr.sys's operating system doesn't match the current one. File ignored.
27.10.2007 09:53:28 - File basic-nt/nt/avgntdd.sys's operating system doesn't match the current one. File ignored.
27.10.2007 09:53:28 - File basic-nt/nt/avgntmgr.sys's operating system doesn't match the current one. File ignored.
27.10.2007 09:53:28 - File basic-nt/vista64/avgntflt.sys's operating system doesn't match the current one. File ignored.
27.10.2007 09:53:28 - Downloading the product.info file from http://dl3.avgate.net/upd/idx/vdf.info.gz
27.10.2007 09:53:28 - Downloading the product.info file from http://dl3.avgate.net/upd/idx/specvir-nt.info.gz
27.10.2007 09:53:28 - Downloading the product.info file from http://dl3.avgate.net/upd/idx/engine.info.gz
27.10.2007 09:53:28 - Downloading the product.info file from http://dl3.avgate.net/upd/idx/engine-nt-en.info.gz
27.10.2007 09:53:28 - Module: SELFUPDATE Source: winwks\en\ Destination: C:\Program Files\Avira\AntiVir PersonalEdition Classic\ Files: 15
27.10.2007 09:53:28 - Module: MAIN Source: winwks\en\ Destination: C:\Program Files\Avira\AntiVir PersonalEdition Classic\ Files: 75
27.10.2007 09:53:28 - Module: COMMAPPDATA Source: winwks\en\ Destination: C:\Documents and Settings\All Users\Application Data\ Files: 1
27.10.2007 09:53:28 - Module: TEXT Source: winwks\en\ Destination: C:\Program Files\Avira\AntiVir PersonalEdition Classic\ Files: 3
27.10.2007 09:53:29 - Module: VDF Source: vdf\ Destination: C:\Program Files\Avira\AntiVir PersonalEdition Classic\ Files: 4
27.10.2007 09:53:29 - Module: AVREP_NT Source: engine\nt\ Destination: C:\Program Files\Avira\AntiVir PersonalEdition Classic\ Files: 1
27.10.2007 09:53:29 - Module: ENGINE Source: engine\ Destination: C:\Program Files\Avira\AntiVir PersonalEdition Classic\ Files: 2
27.10.2007 09:53:29 - Module: ENGINE_NT_EN Source: engine\nt\ Destination: C:\Program Files\Avira\AntiVir PersonalEdition Classic\ Files: 1
27.10.2007 09:53:29 - Module: DRV Source: winwks\en\ Destination: C:\WINDOWS\SYSTEM32\drivers\ Files: 4
27.10.2007 09:53:29 - Minifilter is installed

27.10.2007 09:53:29 - Minifilter is possible

27.10.2007 09:53:29 - Reading registry value successful: Software\Avira\AntiVir PersonalEdition Classic | FilterType

27.10.2007 09:53:29 - Preparing to download files
27.10.2007 09:53:29 - 15 files need to be downloaded / copied from http://dl3.avgate.net/upd/
27.10.2007 09:53:29 - File C:\Documents and Settings\All Users\Application Data\Avira\AntiVir PersonalEdition Classic\Update\AVUPDATE_4722edf9\winwks\en\basic-nt\avgnt.exe.gz already exists in temporary folder and it will not be downloaded again
27.10.2007 09:53:29 - File C:\Documents and Settings\All Users\Application Data\Avira\AntiVir PersonalEdition Classic\Update\AVUPDATE_4722edf9\winwks\en\basic-nt\avguard.exe.gz already exists in temporary folder and it will not be downloaded again
27.10.2007 09:53:29 - File C:\Documents and Settings\All Users\Application Data\Avira\AntiVir PersonalEdition Classic\Update\AVUPDATE_4722edf9\winwks\en\basic-nt\ccguard.dll.gz already exists in temporary folder and it will not be downloaded again
27.10.2007 09:53:29 - File C:\Documents and Settings\All Users\Application Data\Avira\AntiVir PersonalEdition Classic\Update\AVUPDATE_4722edf9\winwks\en\basic-nt\ccprofil.dll.gz already exists in temporary folder and it will not be downloaded again
27.10.2007 09:53:29 - File C:\Documents and Settings\All Users\Application Data\Avira\AntiVir PersonalEdition Classic\Update\AVUPDATE_4722edf9\winwks\en\basic-nt\preupd.exe.gz already exists in temporary folder and it will not be downloaded again
27.10.2007 09:53:29 - File C:\Documents and Settings\All Users\Application Data\Avira\AntiVir PersonalEdition Classic\Update\AVUPDATE_4722edf9\winwks\en\basic-nt\xp\avgntflt.sys.gz already exists in temporary folder and it will not be downloaded again
27.10.2007 09:53:29 - File C:\Documents and Settings\All Users\Application Data\Avira\AntiVir PersonalEdition Classic\Update\AVUPDATE_4722edf9\winwks\en\classic-nt\build.dat.gz already exists in temporary folder and it will not be downloaded again
27.10.2007 09:53:29 - File C:\Documents and Settings\All Users\Application Data\Avira\AntiVir PersonalEdition Classic\Update\AVUPDATE_4722edf9\winwks\en\classic-nt\ccplg.xml.gz already exists in temporary folder and it will not be downloaded again
27.10.2007 09:53:29 - File C:\Documents and Settings\All Users\Application Data\Avira\AntiVir PersonalEdition Classic\Update\AVUPDATE_4722edf9\winwks\en\basic-nt\addr_file.html.gz already exists in temporary folder and it will not be downloaded again
27.10.2007 09:53:29 - File C:\Documents and Settings\All Users\Application Data\Avira\AntiVir PersonalEdition Classic\Update\AVUPDATE_4722edf9\vdf\antivir0.vdf.gz already exists in temporary folder and it will not be downloaded again
27.10.2007 09:53:30 - File C:\Documents and Settings\All Users\Application Data\Avira\AntiVir PersonalEdition Classic\Update\AVUPDATE_4722edf9\vdf\antivir1.vdf.gz already exists in temporary folder and it will not be downloaded again
27.10.2007 09:53:30 - File C:\Documents and Settings\All Users\Application Data\Avira\AntiVir PersonalEdition Classic\Update\AVUPDATE_4722edf9\vdf\antivir2.vdf.gz already exists in temporary folder and it will not be downloaded again
27.10.2007 09:53:30 - File C:\Documents and Settings\All Users\Application Data\Avira\AntiVir PersonalEdition Classic\Update\AVUPDATE_4722edf9\vdf\antivir3.vdf.gz already exists in temporary folder and it will not be downloaded again
27.10.2007 09:53:30 - File C:\Documents and Settings\All Users\Application Data\Avira\AntiVir PersonalEdition Classic\Update\AVUPDATE_4722edf9\engine\avewin32.dll.gz already exists in temporary folder and it will not be downloaded again
27.10.2007 09:53:30 - File C:\Documents and Settings\All Users\Application Data\Avira\AntiVir PersonalEdition Classic\Update\AVUPDATE_4722edf9\winwks\en\basic-nt\avipbb.sys.gz already exists in temporary folder and it will not be downloaded again
27.10.2007 09:53:30 - Starting to install
27.10.2007 09:53:30 - Processing module MAIN Source: C:\Documents and Settings\All Users\Application Data\Avira\AntiVir PersonalEdition Classic\Update\AVUPDATE_4722edf9\winwks\en\ Destination: C:\Program Files\Avira\AntiVir PersonalEdition Classic\
27.10.2007 09:53:31 - File C:\Documents and Settings\All Users\Application Data\addr_file.html will not be backed up because it doesn't exist
27.10.2007 09:53:31 - Processing module COMMAPPDATA Source: C:\Documents and Settings\All Users\Application Data\Avira\AntiVir PersonalEdition Classic\Update\AVUPDATE_4722edf9\winwks\en\ Destination: C:\Documents and Settings\All Users\Application Data\
27.10.2007 09:53:33 - Processing module VDF Source: C:\Documents and Settings\All Users\Application Data\Avira\AntiVir PersonalEdition Classic\Update\AVUPDATE_4722edf9\vdf\ Destination: C:\Program Files\Avira\AntiVir PersonalEdition Classic\
27.10.2007 09:53:35 - Processing module ENGINE Source: C:\Documents and Settings\All Users\Application Data\Avira\AntiVir PersonalEdition Classic\Update\AVUPDATE_4722edf9\engine\ Destination: C:\Program Files\Avira\AntiVir PersonalEdition Classic\
27.10.2007 09:53:36 - Processing module DRV Source: C:\Documents and Settings\All Users\Application Data\Avira\AntiVir PersonalEdition Classic\Update\AVUPDATE_4722edf9\winwks\en\ Destination: C:\WINDOWS\SYSTEM32\drivers\
27.10.2007 09:53:36 - A total of 15 files were updated
27.10.2007 09:53:36 - Registry entry created successfully: Software\Avira\AntiVir PersonalEdition Classic |UpdateInProgress

27.10.2007 09:53:36 - Minifilter is installed

27.10.2007 09:53:36 - Minifilter is possible

27.10.2007 09:53:36 - Registry entry created successfully: Software\Avira\AntiVir PersonalEdition Classic |FilterType

27.10.2007 09:53:36 - Service AVEService is not installed

27.10.2007 09:53:36 - Service AntiVirMailService is not installed

27.10.2007 09:53:36 - Initialize fwinst.exe

27.10.2007 09:53:36 - Initialize fwinst.exe

27.10.2007 09:53:36 - Service AntiVirFirewallService is not installed

27.10.2007 09:53:36 - Service antivirwebservice is not installed

27.10.2007 09:53:36 - Status of service AntiVirService is stopped

27.10.2007 09:53:36 - Initialize avgnt.exe

27.10.2007 09:53:36 - Status of service AntiVirScheduler is stopped

27.10.2007 09:53:36 - Minifilter is installed

27.10.2007 09:53:36 - Minifilter is possible

27.10.2007 09:53:36 - Initialize avscan.exe

27.10.2007 09:53:36 - Initialize avconfig.cpl

27.10.2007 09:53:36 - Initialize avcenter.exe

27.10.2007 09:53:36 - shell extension is installed

27.10.2007 09:53:36 - Reading registry value successful: Software\Avira\AntiVir PersonalEdition Classic | RootkitsInstalled

27.10.2007 09:53:36 - Reading registry value successful: Software\Avira\AntiVir PersonalEdition Classic | RootkitsInstalled

27.10.2007 09:53:43 - Service AntiVirService successfully started

27.10.2007 09:53:43 - Starting avgnt.exe successful

27.10.2007 09:53:44 - Service AntiVirScheduler successfully started

27.10.2007 09:53:44 - shell extension is installed

27.10.2007 09:53:44 - Initialize regsvr32.exe

27.10.2007 09:53:44 - installation of shell extension successful

27.10.2007 09:53:44 - Cannot start the service antivirwebservice

27.10.2007 09:53:44 - Dialup: 0

27.10.2007 09:53:44 - Downloaded bytes: 15406123

27.10.2007 09:53:44 - Downloaded file(s): 16

27.10.2007 09:53:44 - Downloaded file(s): updlib.dll; avgnt.exe; avguard.exe; ccguard.dll; ccprofil.dll; preupd.exe; avgntflt.sys; build.dat; ccplg.xml; addr_file.html; antivir0.vdf; antivir1.vdf; antivir2.vdf; antivir3.vdf; avewin32.dll; avipbb.sys

27.10.2007 09:53:44 - Engine version local : 7.6.0.5

27.10.2007 09:53:44 - Engine version internet: 7.6.0.30

27.10.2007 09:53:44 - 0. VDF version local : 6.35.0.1

27.10.2007 09:53:44 - 0. VDF version internet: 6.40.0.0

27.10.2007 09:53:44 - 1. VDF version local : 6.39.0.129

27.10.2007 09:53:44 - 1. VDF version internet: 7.0.0.0

27.10.2007 09:53:44 - 2. VDF version local : 6.39.1.43

27.10.2007 09:53:44 - 2. VDF version internet: 7.0.0.140

27.10.2007 09:53:44 - 3. VDF version local : 6.39.1.51

27.10.2007 09:53:44 - 3. VDF version internet: 7.0.0.142

27.10.2007 09:53:44 - Required time: 00:16

27.10.2007 09:53:44 - Registry entry created successfully: Software\Avira\AntiVir PersonalEdition Classic |LastUpdate

27.10.2007 09:53:44 - Update finished successfully

re.
Voici le nouveLogfile of Trend Micro HijackThis v2.0.2
Scan saved at 10:56:03, on 27/10/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
C:\WINDOWS\system32\cisvc.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Sonic\DigitalMedia LE v7\MyDVD LE\USBDeviceService.exe
C:\WINDOWS\system32\SearchIndexer.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\dllhost.exe
C:\WINDOWS\ehome\ehtray.exe
C:\WINDOWS\eHome\ehmsas.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Sonic\DigitalMedia LE v7\MyDVD LE\DetectorApp.exe
C:\Program Files\ATI Technologies\ATI.ACE\CLI.EXE
C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe
C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
C:\PROGRA~1\GOTOSO~1\VADERE~1\Vaderetro_oe.exe
C:\WINDOWS\VM_STI.EXE
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Real\RealPlayer\RealPlay.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\Windows Live\Contrôle parental\fssui.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Kodak\KODAK Software Updater\7288971\Program\Kodak Software Updater.exe
C:\Program Files\Kodak\Kodak EasyShare Software\bin\EasyShare.exe
C:\Program Files\Windows Desktop Search\WindowsSearch.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\WINDOWS\system32\SearchProtocolHost.exe
C:\WINDOWS\system32\cidaemon.exe
C:\WINDOWS\system32\cidaemon.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.neufportail.fr/
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: Solid Converter PDF - {259F616C-A300-44F5-B04A-ED001A26C85C} - C:\Program Files\SolidDocuments\SolidConverterPDF\SCPDF\ExploreExtPDF.dll
O2 - BHO: Windows Live OneCare Family Safety Browser Helper - {4f3ed5cd-0726-42a9-87f5-d13f3d2976ac} - C:\Program Files\Windows Live\Contrôle parental\fssbho.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O3 - Toolbar: Solid Converter PDF - {259F616C-A300-44F5-B04A-ED001A26C85C} - C:\Program Files\SolidDocuments\SolidConverterPDF\SCPDF\ExploreExtPDF.dll
O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe
O4 - HKLM\..\Run: [ATICCC] "C:\Program Files\ATI Technologies\ATI.ACE\CLIStart.exe"
O4 - HKLM\..\Run: [DetectorApp] C:\Program Files\Sonic\DigitalMedia LE v7\MyDVD LE\DetectorApp.exe
O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\FICHIE~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
O4 - HKLM\..\Run: [Vade Retro Outlook Express] "C:\PROGRA~1\GOTOSO~1\VADERE~1\Vaderetro_oe.exe"
O4 - HKLM\..\Run: [BigDogPath] C:\WINDOWS\VM_STI.EXE VIMICRO USB PC Camera
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [RealTray] C:\Program Files\Real\RealPlayer\RealPlay.exe SYSTEMBOOTHIDEPLAYER
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [UserFaultCheck] %systemroot%\system32\dumprep 0 -u
O4 - HKLM\..\Run: [fssui] "C:\Program Files\Windows Live\Contrôle parental\fssui.exe"
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [updateMgr] C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe AcRdB7_0_9
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Kodak software updater.lnk = C:\Program Files\Kodak\KODAK Software Updater\7288971\Program\Kodak Software Updater.exe
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Lancement rapide de Microsoft Office OneNote 2003.lnk = C:\Program Files\Microsoft Office\OFFICE11\ONENOTEM.EXE
O4 - Global Startup: Logiciel Kodak EasyShare.lnk = C:\Program Files\Kodak\Kodak EasyShare Software\bin\EasyShare.exe
O4 - Global Startup: Windows Desktop Search.lnk = C:\Program Files\Windows Desktop Search\WindowsSearch.exe
O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Ouvrir dans un nouvel onglet d'arrière-plan - res://C:\Program Files\Windows Live Toolbar\Components\fr-fr\msntabres.dll.mui/229?9f7d7a2ec74b423cadb150559ce81fe9
O8 - Extra context menu item: Ouvrir dans un nouvel onglet de premier plan - res://C:\Program Files\Windows Live Toolbar\Components\fr-fr\msntabres.dll.mui/230?9f7d7a2ec74b423cadb150559ce81fe9
O9 - Extra button: (no name) - SolidConverterPDF - (no file)
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: (no name) - SolidConverterPDF - (no file) (HKCU)
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx1.mail.live.com/mail/w1/resources/MSNPUpld.cab
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab
O16 - DPF: {D0C0F75C-683A-4390-A791-1ACFD5599AB8} (Oberon Flash Game Host) - http://jeuxmultijoueurs.orange.fr/Gameshell/GameHost/1.0/OberonGameHost.cab
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft AB - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Planificateur LiveUpdate automatique - Unknown owner - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe (file missing)
O23 - Service: USBDeviceService - Unknown owner - C:\Program Files\Sonic\DigitalMedia LE v7\MyDVD LE\USBDeviceService.exe
O23 - Service: Windows Live Setup Service (WLSetupSvc) - Unknown owner - C:\Program Files\Windows Live\installer\WLSetupSvc.exe

--
End of file - 10095 bytesau rapport Hijackis:

C'est OK, tu n'es plus infecté en suivant les dernières manipulations ci-dessous et lire ATTENTIVEMENT ce qui suit

Essaye de rapporter ton infection sur le site que je te donne ci-dessous, ce serait super cool

Ton infection : ver MSN.


Finir le nettoyage :
- Nettoye ton ordinateur avec CCleaner : http://www.malekal.com/tutorial_CCleaner.html
- Désactive puis réactive la restauration du système :
- Mode d'emploi Windows XP
- Tu peux ensuite désinstaller tous les programmes que l'on a utilisé.



je t'invite à jeter un coup d'oeil à ces liens dans la mesure du possible, essaye de rapporter ton infection :

Pour les utilisateurs d'Avast! Vous n'êtes pas protégé en utilisant Avast!. Antivir est vraiment très performant, c'est pourquoi, je te conseille d'opter pour cet antivirus qui est gratuit (surtout si tu as Avast!), voici le tutorial d'Antivir : http://www.malekal.com/tutorial_antivir.php
Pour plus d'informations, voici un petit comparatif : http://forum.malekal.com/ftopic3123.php

Comment se protéger des virus : - Tout ceci est résume sur cette page : Sécuriser son ordinateur et connaître les menaces
Je t'invite aussi à mettre à jour tous les composants de ton système - Garde l'habitude de les maintenir à jour, un ordinateur avec des logiciels non à jour = infection ! tu peux scanner ton ordinateur pour vérifier quels sont les progammes non à jour en suivant les directives de cette page : http://www.malekal.com/scan_vulnerabilite.php

Faire bouger les choses :

Rapporte ton infection pour faire condamner les auteurs sur Malware-Complaints. Pour faire entendre notre voix, nous devons être le plus nombreux possibles, alors rapport ton infection :
- Voir les règles de Malware-Complaints
- Enregistre sur le forum à partir du bouton register en haut :
Si tu as plus de 13 ans, choisir : I Agree to these terms and am over or exactly 13 years of age
Si tu as moins, clic sur : I Agree to these terms and am under 13 years of age

Après t'être enregistré, tu as sous forme de liste les types d'infection (Look2Me, Smitfraud, SpywareQuake etc..) : http://www.malwarecomplaints.info/viewforum.php?f=10&sid=0ea0981a2025873f(...)

Si le malware que tu as eu n'apparaît pas dans la liste, ou si tu ne sais pas quelle infection tu as eu, créé un message dans le sujet "Autres infections" conforme au règle du forum (age, ville, département etc..) : http://www.malwarecomplaints.info/viewforum.php?f=10

Pour poster un message, clics sur le bouton "post reply" et remplir les informations - NE PAS CREER UN SUJET avec le bouton New Topic.

Pour toutes aides pour poster ton message, tu peux consulter ce lien : http://www.malekal.com/malwarecomplaints.html
Si tu as des questions ou des problèmes, n'hésites pas à me demander ici ou à contacter un des modérateurs du forum : Kimberly, AgnesD ou ipl_001.

re
C'est génial merci encore.
J'ai essayé de rapporter mon infection mais je ne suis pas tout alors si tu le veux bien explique moi exactement les manips et je réessaie.et Bravo