goreman Posté(e) le 21 avril 2007 Partager Posté(e) le 21 avril 2007 Salut Snooky, ma grand-mère a un problème avec son paycay, tout est parti, windaube de mes pieds Vla le rapport, si ça peut aider Logfile of Trend Micro HijackThis v2.0.0 (BETA) Scan saved at 17:02:58, on 21/04/2007 Platform: Windows XP SP2 (WinNT 5.01.2600) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Windows Defender\MsMpEng.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\Ati2evxx.exe C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe C:\Program Files\Alwil Software\Avast4\ashServ.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe C:\Program Files\Alwil Software\Avast4\ashWebSv.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\SOUNDMAN.EXE C:\Program Files\ZTE Corporation\ZXDSL852\CnxDslTb.exe C:\WINDOWS\AGRSMMSG.exe C:\Program Files\Java\jre1.5.0_11\bin\jusched.exe C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe C:\Program Files\eBay\eBay Toolbar2\eBayTBDaemon.exe C:\Program Files\HP\HP Software Update\HPWuSchd2.exe C:\Program Files\Windows Defender\MSASCui.exe C:\WINDOWS\System32\CTFMON.EXE C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.EXE C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Documents and Settings\TEMP\Mes documents\HiJackThis_v2.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://go.microsoft.com/fwlink/?LinkId=74005 R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: eBay Toolbar Helper - {22D8E815-4A5E-4DFB-845E-AAB64207F5BD} - C:\Program Files\eBay\eBay Toolbar2\eBayTB.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_11\bin\ssv.dll O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file) O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O3 - Toolbar: eBay Toolbar - {92085AD4-F48A-450D-BD93-B28CC7DF67CE} - C:\Program Files\eBay\eBay Toolbar2\eBayTB.dll O4 - HKLM\..\Run: [soundMan] SOUNDMAN.EXE O4 - HKLM\..\Run: [CnxDslTaskBar] "C:\Program Files\ZTE Corporation\ZXDSL852\CnxDslTb.exe" "ZTE Corporation\ZXDSL852" O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre1.5.0_11\bin\jusched.exe" O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe O4 - HKLM\..\Run: [eBayToolbar] C:\Program Files\eBay\eBay Toolbar2\eBayTBDaemon.exe O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe O4 - HKLM\..\Run: [Windows Defender] "C:\Program Files\Windows Defender\MSASCui.exe" -masquer O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [startCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user') O4 - Global Startup: Adobe Reader Synchronizer.lnk = C:\Program Files\Adobe\Reader 8.0\Reader\AdobeCollabSync.exe O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Reader 8.0\Reader\reader_sl.exe O8 - Extra context menu item: &eBay Search - res://C:\Program Files\eBay\eBay Toolbar2\eBayTb.dll/RCSearch.html O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_11\bin\ssv.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_11\bin\ssv.dll O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing) O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing) O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/...b?1158764279139 O17 - HKLM\System\CCS\Services\Tcpip\..\{32CC05AD-FBE0-4DF5-9AE6-42E08F640E63}: NameServer = 80.10.246.130 80.10.246.3 O22 - SharedTaskScheduler: Pré-chargeur Browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\System32\browseui.dll O22 - SharedTaskScheduler: Démon de cache des catégories de composant - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\System32\browseui.dll O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe O23 - Service: Service d'administration du Gestionnaire de disque logique (dmadmin) - Unknown owner - C:\WINDOWS\System32\dmadmin.exe O23 - Service: Journal des événements (Eventlog) - Unknown owner - C:\WINDOWS\system32\services.exe O23 - Service: Service COM de gravage de CD IMAPI (ImapiService) - Unknown owner - C:\WINDOWS\System32\imapi.exe O23 - Service: Partage de Bureau à distance NetMeeting (mnmsrvc) - Unknown owner - C:\WINDOWS\System32\mnmsrvc.exe O23 - Service: Plug-and-Play (PlugPlay) - Unknown owner - C:\WINDOWS\system32\services.exe O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe O23 - Service: Gestionnaire de session d'aide sur le Bureau à distance (RDSessMgr) - Unknown owner - C:\WINDOWS\system32\sessmgr.exe O23 - Service: Carte à puce (SCardSvr) - Unknown owner - C:\WINDOWS\System32\SCardSvr.exe O23 - Service: Journaux et alertes de performance (SysmonLog) - Unknown owner - C:\WINDOWS\system32\smlogsvc.exe O23 - Service: Cliché instantané de volume (VSS) - Unknown owner - C:\WINDOWS\System32\vssvc.exe O23 - Service: Carte de performance WMI (WmiApSrv) - Unknown owner - C:\WINDOWS\System32\wbem\wmiapsrv.exe O23 - Service: Service Partage réseau du Lecteur Windows Media (WMPNetworkSvc) - Unknown owner - C:\Program Files\Windows Media Player\WMPNetwk.exe -- End of file - 7918 bytes Lien vers le commentaire Partager sur d’autres sites More sharing options...
jibsonedge Posté(e) le 21 avril 2007 Partager Posté(e) le 21 avril 2007 Décidemment tu es très demandé snooky !!! Bon l'execution de smitfraudfix est toujours impossible même après avoir désactivé Avast. (Toujours ce pb de Windows active script) De ce fait, l'ouverture de Firefox me vaut toujours l'ouverture de IE. J'ai fais un scan avec AVG Antispyware et voici le rapport : + Créé à: 18:25:05 21/04/2007 + Résultat de l'analyse: C:\WINDOWS\system32\__delete_on_reboot__r_e_s_m_r_s_._d_l_l_ -> Adware.VB : Aucune action entreprise. [1904] C:\WINDOWS\system32\resmrs.dll -> Adware.VB : Aucune action entreprise. :mozilla.176:C:\Documents and Settings\bidgi.BIDGI-SNLGFLXHL\Application Data\Mozilla\Firefox\Profiles\pztlg73p.default\cookies.txt -> TrackingCookie.247realmedia : Aucune action entreprise. :mozilla.177:C:\Documents and Settings\bidgi.BIDGI-SNLGFLXHL\Application Data\Mozilla\Firefox\Profiles\pztlg73p.default\cookies.txt -> TrackingCookie.247realmedia : Aucune action entreprise. :mozilla.178:C:\Documents and Settings\bidgi.BIDGI-SNLGFLXHL\Application Data\Mozilla\Firefox\Profiles\pztlg73p.default\cookies.txt -> TrackingCookie.247realmedia : Aucune action entreprise. :mozilla.179:C:\Documents and Settings\bidgi.BIDGI-SNLGFLXHL\Application Data\Mozilla\Firefox\Profiles\pztlg73p.default\cookies.txt -> TrackingCookie.247realmedia : Aucune action entreprise. :mozilla.181:C:\Documents and Settings\bidgi.BIDGI-SNLGFLXHL\Application Data\Mozilla\Firefox\Profiles\pztlg73p.default\cookies.txt -> TrackingCookie.247realmedia : Aucune action entreprise. :mozilla.182:C:\Documents and Settings\bidgi.BIDGI-SNLGFLXHL\Application Data\Mozilla\Firefox\Profiles\pztlg73p.default\cookies.txt -> TrackingCookie.247realmedia : Aucune action entreprise. :mozilla.183:C:\Documents and Settings\bidgi.BIDGI-SNLGFLXHL\Application Data\Mozilla\Firefox\Profiles\pztlg73p.default\cookies.txt -> TrackingCookie.247realmedia : Aucune action entreprise. :mozilla.346:C:\Documents and Settings\bidgi.BIDGI-SNLGFLXHL\Application Data\Mozilla\Firefox\Profiles\pztlg73p.default\cookies.txt -> TrackingCookie.2o7 : Aucune action entreprise. :mozilla.347:C:\Documents and Settings\bidgi.BIDGI-SNLGFLXHL\Application Data\Mozilla\Firefox\Profiles\pztlg73p.default\cookies.txt -> TrackingCookie.2o7 : Aucune action entreprise. :mozilla.348:C:\Documents and Settings\bidgi.BIDGI-SNLGFLXHL\Application Data\Mozilla\Firefox\Profiles\pztlg73p.default\cookies.txt -> TrackingCookie.2o7 : Aucune action entreprise. :mozilla.349:C:\Documents and Settings\bidgi.BIDGI-SNLGFLXHL\Application Data\Mozilla\Firefox\Profiles\pztlg73p.default\cookies.txt -> TrackingCookie.2o7 : Aucune action entreprise. :mozilla.350:C:\Documents and Settings\bidgi.BIDGI-SNLGFLXHL\Application Data\Mozilla\Firefox\Profiles\pztlg73p.default\cookies.txt -> TrackingCookie.2o7 : Aucune action entreprise. :mozilla.351:C:\Documents and Settings\bidgi.BIDGI-SNLGFLXHL\Application Data\Mozilla\Firefox\Profiles\pztlg73p.default\cookies.txt -> TrackingCookie.2o7 : Aucune action entreprise. :mozilla.352:C:\Documents and Settings\bidgi.BIDGI-SNLGFLXHL\Application Data\Mozilla\Firefox\Profiles\pztlg73p.default\cookies.txt -> TrackingCookie.2o7 : Aucune action entreprise. :mozilla.443:C:\Documents and Settings\bidgi.BIDGI-SNLGFLXHL\Application Data\Mozilla\Firefox\Profiles\pztlg73p.default\cookies.txt -> TrackingCookie.2o7 : Aucune action entreprise. :mozilla.444:C:\Documents and Settings\bidgi.BIDGI-SNLGFLXHL\Application Data\Mozilla\Firefox\Profiles\pztlg73p.default\cookies.txt -> TrackingCookie.2o7 : Aucune action entreprise. :mozilla.463:C:\Documents and Settings\bidgi.BIDGI-SNLGFLXHL\Application Data\Mozilla\Firefox\Profiles\pztlg73p.default\cookies.txt -> TrackingCookie.2o7 : Aucune action entreprise. :mozilla.577:C:\Documents and Settings\bidgi.BIDGI-SNLGFLXHL\Application Data\Mozilla\Firefox\Profiles\pztlg73p.default\cookies.txt -> TrackingCookie.2o7 : Aucune action entreprise. :mozilla.592:C:\Documents and Settings\bidgi.BIDGI-SNLGFLXHL\Application Data\Mozilla\Firefox\Profiles\pztlg73p.default\cookies.txt -> TrackingCookie.2o7 : Aucune action entreprise. :mozilla.753:C:\Documents and Settings\bidgi.BIDGI-SNLGFLXHL\Application Data\Mozilla\Firefox\Profiles\pztlg73p.default\cookies.txt -> TrackingCookie.2o7 : Aucune action entreprise. :mozilla.424:C:\Documents and Settings\bidgi.BIDGI-SNLGFLXHL\Application Data\Mozilla\Firefox\Profiles\pztlg73p.default\cookies.txt -> TrackingCookie.Adbrite : Aucune action entreprise. :mozilla.425:C:\Documents and Settings\bidgi.BIDGI-SNLGFLXHL\Application Data\Mozilla\Firefox\Profiles\pztlg73p.default\cookies.txt -> TrackingCookie.Adbrite : Aucune action entreprise. :mozilla.605:C:\Documents and Settings\bidgi.BIDGI-SNLGFLXHL\Application Data\Mozilla\Firefox\Profiles\pztlg73p.default\cookies.txt -> TrackingCookie.Adrevolver : Aucune action entreprise. :mozilla.606:C:\Documents and Settings\bidgi.BIDGI-SNLGFLXHL\Application Data\Mozilla\Firefox\Profiles\pztlg73p.default\cookies.txt -> TrackingCookie.Adrevolver : Aucune action entreprise. :mozilla.607:C:\Documents and Settings\bidgi.BIDGI-SNLGFLXHL\Application Data\Mozilla\Firefox\Profiles\pztlg73p.default\cookies.txt -> TrackingCookie.Adrevolver : Aucune action entreprise. :mozilla.608:C:\Documents and Settings\bidgi.BIDGI-SNLGFLXHL\Application Data\Mozilla\Firefox\Profiles\pztlg73p.default\cookies.txt -> TrackingCookie.Adrevolver : Aucune action entreprise. :mozilla.609:C:\Documents and Settings\bidgi.BIDGI-SNLGFLXHL\Application Data\Mozilla\Firefox\Profiles\pztlg73p.default\cookies.txt -> TrackingCookie.Adrevolver : Aucune action entreprise. :mozilla.307:C:\Documents and Settings\bidgi.BIDGI-SNLGFLXHL\Application Data\Mozilla\Firefox\Profiles\pztlg73p.default\cookies.txt -> TrackingCookie.Adtech : Aucune action entreprise. :mozilla.308:C:\Documents and Settings\bidgi.BIDGI-SNLGFLXHL\Application Data\Mozilla\Firefox\Profiles\pztlg73p.default\cookies.txt -> TrackingCookie.Adtech : Aucune action entreprise. :mozilla.152:C:\Documents and Settings\bidgi.BIDGI-SNLGFLXHL\Application Data\Mozilla\Firefox\Profiles\pztlg73p.default\cookies.txt -> TrackingCookie.Advertising : Aucune action entreprise. :mozilla.153:C:\Documents and Settings\bidgi.BIDGI-SNLGFLXHL\Application Data\Mozilla\Firefox\Profiles\pztlg73p.default\cookies.txt -> TrackingCookie.Advertising : Aucune action entreprise. :mozilla.154:C:\Documents and Settings\bidgi.BIDGI-SNLGFLXHL\Application Data\Mozilla\Firefox\Profiles\pztlg73p.default\cookies.txt -> TrackingCookie.Advertising : Aucune action entreprise. :mozilla.155:C:\Documents and Settings\bidgi.BIDGI-SNLGFLXHL\Application Data\Mozilla\Firefox\Profiles\pztlg73p.default\cookies.txt -> TrackingCookie.Advertising : Aucune action entreprise. :mozilla.156:C:\Documents and Settings\bidgi.BIDGI-SNLGFLXHL\Application Data\Mozilla\Firefox\Profiles\pztlg73p.default\cookies.txt -> TrackingCookie.Advertising : Aucune action entreprise. :mozilla.112:C:\Documents and Settings\bidgi.BIDGI-SNLGFLXHL\Application Data\Mozilla\Firefox\Profiles\pztlg73p.default\cookies.txt -> TrackingCookie.Atdmt : Aucune action entreprise. :mozilla.678:C:\Documents and Settings\bidgi.BIDGI-SNLGFLXHL\Application Data\Mozilla\Firefox\Profiles\pztlg73p.default\cookies.txt -> TrackingCookie.Bluestreak : Aucune action entreprise. :mozilla.97:C:\Documents and Settings\bidgi.BIDGI-SNLGFLXHL\Application Data\Mozilla\Firefox\Profiles\pztlg73p.default\cookies.txt -> TrackingCookie.Bluestreak : Aucune action entreprise. :mozilla.345:C:\Documents and Settings\bidgi.BIDGI-SNLGFLXHL\Application Data\Mozilla\Firefox\Profiles\pztlg73p.default\cookies.txt -> TrackingCookie.Com : Aucune action entreprise. :mozilla.188:C:\Documents and Settings\bidgi.BIDGI-SNLGFLXHL\Application Data\Mozilla\Firefox\Profiles\pztlg73p.default\cookies.txt -> TrackingCookie.Comclick : Aucune action entreprise. :mozilla.189:C:\Documents and Settings\bidgi.BIDGI-SNLGFLXHL\Application Data\Mozilla\Firefox\Profiles\pztlg73p.default\cookies.txt -> TrackingCookie.Comclick : Aucune action entreprise. :mozilla.190:C:\Documents and Settings\bidgi.BIDGI-SNLGFLXHL\Application Data\Mozilla\Firefox\Profiles\pztlg73p.default\cookies.txt -> TrackingCookie.Comclick : Aucune action entreprise. :mozilla.768:C:\Documents and Settings\bidgi.BIDGI-SNLGFLXHL\Application Data\Mozilla\Firefox\Profiles\pztlg73p.default\cookies.txt -> TrackingCookie.Coremetrics : Aucune action entreprise. :mozilla.434:C:\Documents and Settings\bidgi.BIDGI-SNLGFLXHL\Application Data\Mozilla\Firefox\Profiles\pztlg73p.default\cookies.txt -> TrackingCookie.Cpvfeed : Aucune action entreprise. :mozilla.435:C:\Documents and Settings\bidgi.BIDGI-SNLGFLXHL\Application Data\Mozilla\Firefox\Profiles\pztlg73p.default\cookies.txt -> TrackingCookie.Cpvfeed : Aucune action entreprise. :mozilla.436:C:\Documents and Settings\bidgi.BIDGI-SNLGFLXHL\Application Data\Mozilla\Firefox\Profiles\pztlg73p.default\cookies.txt -> TrackingCookie.Cpvfeed : Aucune action entreprise. :mozilla.437:C:\Documents and Settings\bidgi.BIDGI-SNLGFLXHL\Application Data\Mozilla\Firefox\Profiles\pztlg73p.default\cookies.txt -> TrackingCookie.Cpvfeed : Aucune action entreprise. C:\Documents and Settings\bidgi.BIDGI-SNLGFLXHL\Cookies\bidgi@cpvfeed[2].txt -> TrackingCookie.Cpvfeed : Aucune action entreprise. :mozilla.21:C:\Documents and Settings\bidgi.BIDGI-SNLGFLXHL\Application Data\Mozilla\Firefox\Profiles\pztlg73p.default\cookies.txt -> TrackingCookie.Doubleclick : Aucune action entreprise. C:\Documents and Settings\bidgi.BIDGI-SNLGFLXHL\Cookies\bidgi@doubleclick[1].txt -> TrackingCookie.Doubleclick : Aucune action entreprise. :mozilla.204:C:\Documents and Settings\bidgi.BIDGI-SNLGFLXHL\Application Data\Mozilla\Firefox\Profiles\pztlg73p.default\cookies.txt -> TrackingCookie.Estat : Aucune action entreprise. :mozilla.526:C:\Documents and Settings\bidgi.BIDGI-SNLGFLXHL\Application Data\Mozilla\Firefox\Profiles\pztlg73p.default\cookies.txt -> TrackingCookie.Etracker : Aucune action entreprise. :mozilla.528:C:\Documents and Settings\bidgi.BIDGI-SNLGFLXHL\Application Data\Mozilla\Firefox\Profiles\pztlg73p.default\cookies.txt -> TrackingCookie.Etracker : Aucune action entreprise. :mozilla.593:C:\Documents and Settings\bidgi.BIDGI-SNLGFLXHL\Application Data\Mozilla\Firefox\Profiles\pztlg73p.default\cookies.txt -> TrackingCookie.Falkag : Aucune action entreprise. :mozilla.273:C:\Documents and Settings\bidgi.BIDGI-SNLGFLXHL\Application Data\Mozilla\Firefox\Profiles\pztlg73p.default\cookies.txt -> TrackingCookie.Fastclick : Aucune action entreprise. :mozilla.275:C:\Documents and Settings\bidgi.BIDGI-SNLGFLXHL\Application Data\Mozilla\Firefox\Profiles\pztlg73p.default\cookies.txt -> TrackingCookie.Fastclick : Aucune action entreprise. :mozilla.276:C:\Documents and Settings\bidgi.BIDGI-SNLGFLXHL\Application Data\Mozilla\Firefox\Profiles\pztlg73p.default\cookies.txt -> TrackingCookie.Fastclick : Aucune action entreprise. :mozilla.277:C:\Documents and Settings\bidgi.BIDGI-SNLGFLXHL\Application Data\Mozilla\Firefox\Profiles\pztlg73p.default\cookies.txt -> TrackingCookie.Fastclick : Aucune action entreprise. :mozilla.278:C:\Documents and Settings\bidgi.BIDGI-SNLGFLXHL\Application Data\Mozilla\Firefox\Profiles\pztlg73p.default\cookies.txt -> TrackingCookie.Fastclick : Aucune action entreprise. :mozilla.303:C:\Documents and Settings\bidgi.BIDGI-SNLGFLXHL\Application Data\Mozilla\Firefox\Profiles\pztlg73p.default\cookies.txt -> TrackingCookie.Googleadservices : Aucune action entreprise. :mozilla.587:C:\Documents and Settings\bidgi.BIDGI-SNLGFLXHL\Application Data\Mozilla\Firefox\Profiles\pztlg73p.default\cookies.txt -> TrackingCookie.Googleadservices : Aucune action entreprise. :mozilla.684:C:\Documents and Settings\bidgi.BIDGI-SNLGFLXHL\Application Data\Mozilla\Firefox\Profiles\pztlg73p.default\cookies.txt -> TrackingCookie.Googleadservices : Aucune action entreprise. :mozilla.716:C:\Documents and Settings\bidgi.BIDGI-SNLGFLXHL\Application Data\Mozilla\Firefox\Profiles\pztlg73p.default\cookies.txt -> TrackingCookie.Googleadservices : Aucune action entreprise. :mozilla.719:C:\Documents and Settings\bidgi.BIDGI-SNLGFLXHL\Application Data\Mozilla\Firefox\Profiles\pztlg73p.default\cookies.txt -> TrackingCookie.Googleadservices : Aucune action entreprise. :mozilla.751:C:\Documents and Settings\bidgi.BIDGI-SNLGFLXHL\Application Data\Mozilla\Firefox\Profiles\pztlg73p.default\cookies.txt -> TrackingCookie.Googleadservices : Aucune action entreprise. :mozilla.785:C:\Documents and Settings\bidgi.BIDGI-SNLGFLXHL\Application Data\Mozilla\Firefox\Profiles\pztlg73p.default\cookies.txt -> TrackingCookie.Googleadservices : Aucune action entreprise. :mozilla.809:C:\Documents and Settings\bidgi.BIDGI-SNLGFLXHL\Application Data\Mozilla\Firefox\Profiles\pztlg73p.default\cookies.txt -> TrackingCookie.Googleadservices : Aucune action entreprise. :mozilla.900:C:\Documents and Settings\bidgi.BIDGI-SNLGFLXHL\Application Data\Mozilla\Firefox\Profiles\pztlg73p.default\cookies.txt -> TrackingCookie.Googleadservices : Aucune action entreprise. :mozilla.916:C:\Documents and Settings\bidgi.BIDGI-SNLGFLXHL\Application Data\Mozilla\Firefox\Profiles\pztlg73p.default\cookies.txt -> TrackingCookie.Googleadservices : Aucune action entreprise. :mozilla.927:C:\Documents and Settings\bidgi.BIDGI-SNLGFLXHL\Application Data\Mozilla\Firefox\Profiles\pztlg73p.default\cookies.txt -> TrackingCookie.Googleadservices : Aucune action entreprise. :mozilla.664:C:\Documents and Settings\bidgi.BIDGI-SNLGFLXHL\Application Data\Mozilla\Firefox\Profiles\pztlg73p.default\cookies.txt -> TrackingCookie.Hitbox : Aucune action entreprise. :mozilla.665:C:\Documents and Settings\bidgi.BIDGI-SNLGFLXHL\Application Data\Mozilla\Firefox\Profiles\pztlg73p.default\cookies.txt -> TrackingCookie.Hitbox : Aucune action entreprise. :mozilla.666:C:\Documents and Settings\bidgi.BIDGI-SNLGFLXHL\Application Data\Mozilla\Firefox\Profiles\pztlg73p.default\cookies.txt -> TrackingCookie.Hitbox : Aucune action entreprise. :mozilla.779:C:\Documents and Settings\bidgi.BIDGI-SNLGFLXHL\Application Data\Mozilla\Firefox\Profiles\pztlg73p.default\cookies.txt -> TrackingCookie.Hitbox : Aucune action entreprise. :mozilla.845:C:\Documents and Settings\bidgi.BIDGI-SNLGFLXHL\Application Data\Mozilla\Firefox\Profiles\pztlg73p.default\cookies.txt -> TrackingCookie.Hitbox : Aucune action entreprise. :mozilla.846:C:\Documents and Settings\bidgi.BIDGI-SNLGFLXHL\Application Data\Mozilla\Firefox\Profiles\pztlg73p.default\cookies.txt -> TrackingCookie.Hitbox : Aucune action entreprise. C:\Documents and Settings\bidgi.BIDGI-SNLGFLXHL\Cookies\bidgi@ehg-hollywoodmedia.hitbox[1].txt -> TrackingCookie.Hitbox : Aucune action entreprise. C:\Documents and Settings\bidgi.BIDGI-SNLGFLXHL\Cookies\bidgi@hitbox[1].txt -> TrackingCookie.Hitbox : Aucune action entreprise. :mozilla.703:C:\Documents and Settings\bidgi.BIDGI-SNLGFLXHL\Application Data\Mozilla\Firefox\Profiles\pztlg73p.default\cookies.txt -> TrackingCookie.Imrworldwide : Aucune action entreprise. :mozilla.704:C:\Documents and Settings\bidgi.BIDGI-SNLGFLXHL\Application Data\Mozilla\Firefox\Profiles\pztlg73p.default\cookies.txt -> TrackingCookie.Imrworldwide : Aucune action entreprise. :mozilla.465:C:\Documents and Settings\bidgi.BIDGI-SNLGFLXHL\Application Data\Mozilla\Firefox\Profiles\pztlg73p.default\cookies.txt -> TrackingCookie.Itrack : Aucune action entreprise. :mozilla.466:C:\Documents and Settings\bidgi.BIDGI-SNLGFLXHL\Application Data\Mozilla\Firefox\Profiles\pztlg73p.default\cookies.txt -> TrackingCookie.Itrack : Aucune action entreprise. :mozilla.467:C:\Documents and Settings\bidgi.BIDGI-SNLGFLXHL\Application Data\Mozilla\Firefox\Profiles\pztlg73p.default\cookies.txt -> TrackingCookie.Itrack : Aucune action entreprise. :mozilla.468:C:\Documents and Settings\bidgi.BIDGI-SNLGFLXHL\Application Data\Mozilla\Firefox\Profiles\pztlg73p.default\cookies.txt -> TrackingCookie.Itrack : Aucune action entreprise. :mozilla.875:C:\Documents and Settings\bidgi.BIDGI-SNLGFLXHL\Application Data\Mozilla\Firefox\Profiles\pztlg73p.default\cookies.txt -> TrackingCookie.Liveperson : Aucune action entreprise. :mozilla.876:C:\Documents and Settings\bidgi.BIDGI-SNLGFLXHL\Application Data\Mozilla\Firefox\Profiles\pztlg73p.default\cookies.txt -> TrackingCookie.Liveperson : Aucune action entreprise. :mozilla.879:C:\Documents and Settings\bidgi.BIDGI-SNLGFLXHL\Application Data\Mozilla\Firefox\Profiles\pztlg73p.default\cookies.txt -> TrackingCookie.Liveperson : Aucune action entreprise. :mozilla.65:C:\Documents and Settings\bidgi.BIDGI-SNLGFLXHL\Application Data\Mozilla\Firefox\Profiles\pztlg73p.default\cookies.txt -> TrackingCookie.Mediaplex : Aucune action entreprise. :mozilla.67:C:\Documents and Settings\bidgi.BIDGI-SNLGFLXHL\Application Data\Mozilla\Firefox\Profiles\pztlg73p.default\cookies.txt -> TrackingCookie.Mediaplex : Aucune action entreprise. C:\Documents and Settings\Administrateur\Cookies\administrateur@mediaplex[1].txt -> TrackingCookie.Mediaplex : Aucune action entreprise. :mozilla.370:C:\Documents and Settings\bidgi.BIDGI-SNLGFLXHL\Application Data\Mozilla\Firefox\Profiles\pztlg73p.default\cookies.txt -> TrackingCookie.Onestat : Aucune action entreprise. :mozilla.371:C:\Documents and Settings\bidgi.BIDGI-SNLGFLXHL\Application Data\Mozilla\Firefox\Profiles\pztlg73p.default\cookies.txt -> TrackingCookie.Onestat : Aucune action entreprise. :mozilla.378:C:\Documents and Settings\bidgi.BIDGI-SNLGFLXHL\Application Data\Mozilla\Firefox\Profiles\pztlg73p.default\cookies.txt -> TrackingCookie.Overture : Aucune action entreprise. :mozilla.379:C:\Documents and Settings\bidgi.BIDGI-SNLGFLXHL\Application Data\Mozilla\Firefox\Profiles\pztlg73p.default\cookies.txt -> TrackingCookie.Overture : Aucune action entreprise. :mozilla.380:C:\Documents and Settings\bidgi.BIDGI-SNLGFLXHL\Application Data\Mozilla\Firefox\Profiles\pztlg73p.default\cookies.txt -> TrackingCookie.Overture : Aucune action entreprise. :mozilla.159:C:\Documents and Settings\bidgi.BIDGI-SNLGFLXHL\Application Data\Mozilla\Firefox\Profiles\pztlg73p.default\cookies.txt -> TrackingCookie.Paypal : Aucune action entreprise. :mozilla.52:C:\Documents and Settings\bidgi.BIDGI-SNLGFLXHL\Application Data\Mozilla\Firefox\Profiles\pztlg73p.default\cookies.txt -> TrackingCookie.Reliablestats : Aucune action entreprise. :mozilla.53:C:\Documents and Settings\bidgi.BIDGI-SNLGFLXHL\Application Data\Mozilla\Firefox\Profiles\pztlg73p.default\cookies.txt -> TrackingCookie.Reliablestats : Aucune action entreprise. :mozilla.54:C:\Documents and Settings\bidgi.BIDGI-SNLGFLXHL\Application Data\Mozilla\Firefox\Profiles\pztlg73p.default\cookies.txt -> TrackingCookie.Reliablestats : Aucune action entreprise. :mozilla.55:C:\Documents and Settings\bidgi.BIDGI-SNLGFLXHL\Application Data\Mozilla\Firefox\Profiles\pztlg73p.default\cookies.txt -> TrackingCookie.Reliablestats : Aucune action entreprise. :mozilla.56:C:\Documents and Settings\bidgi.BIDGI-SNLGFLXHL\Application Data\Mozilla\Firefox\Profiles\pztlg73p.default\cookies.txt -> TrackingCookie.Reliablestats : Aucune action entreprise. :mozilla.57:C:\Documents and Settings\bidgi.BIDGI-SNLGFLXHL\Application Data\Mozilla\Firefox\Profiles\pztlg73p.default\cookies.txt -> TrackingCookie.Reliablestats : Aucune action entreprise. :mozilla.58:C:\Documents and Settings\bidgi.BIDGI-SNLGFLXHL\Application Data\Mozilla\Firefox\Profiles\pztlg73p.default\cookies.txt -> TrackingCookie.Reliablestats : Aucune action entreprise. :mozilla.59:C:\Documents and Settings\bidgi.BIDGI-SNLGFLXHL\Application Data\Mozilla\Firefox\Profiles\pztlg73p.default\cookies.txt -> TrackingCookie.Reliablestats : Aucune action entreprise. :mozilla.60:C:\Documents and Settings\bidgi.BIDGI-SNLGFLXHL\Application Data\Mozilla\Firefox\Profiles\pztlg73p.default\cookies.txt -> TrackingCookie.Reliablestats : Aucune action entreprise. :mozilla.61:C:\Documents and Settings\bidgi.BIDGI-SNLGFLXHL\Application Data\Mozilla\Firefox\Profiles\pztlg73p.default\cookies.txt -> TrackingCookie.Reliablestats : Aucune action entreprise. :mozilla.62:C:\Documents and Settings\bidgi.BIDGI-SNLGFLXHL\Application Data\Mozilla\Firefox\Profiles\pztlg73p.default\cookies.txt -> TrackingCookie.Reliablestats : Aucune action entreprise. C:\Documents and Settings\Administrateur\Cookies\administrateur@stats1.reliablestats[1].txt -> TrackingCookie.Reliablestats : Aucune action entreprise. :mozilla.543:C:\Documents and Settings\bidgi.BIDGI-SNLGFLXHL\Application Data\Mozilla\Firefox\Profiles\pztlg73p.default\cookies.txt -> TrackingCookie.Revsci : Aucune action entreprise. :mozilla.544:C:\Documents and Settings\bidgi.BIDGI-SNLGFLXHL\Application Data\Mozilla\Firefox\Profiles\pztlg73p.default\cookies.txt -> TrackingCookie.Revsci : Aucune action entreprise. :mozilla.604:C:\Documents and Settings\bidgi.BIDGI-SNLGFLXHL\Application Data\Mozilla\Firefox\Profiles\pztlg73p.default\cookies.txt -> TrackingCookie.Revsci : Aucune action entreprise. :mozilla.643:C:\Documents and Settings\bidgi.BIDGI-SNLGFLXHL\Application Data\Mozilla\Firefox\Profiles\pztlg73p.default\cookies.txt -> TrackingCookie.Serving-sys : Aucune action entreprise. :mozilla.644:C:\Documents and Settings\bidgi.BIDGI-SNLGFLXHL\Application Data\Mozilla\Firefox\Profiles\pztlg73p.default\cookies.txt -> TrackingCookie.Serving-sys : Aucune action entreprise. :mozilla.645:C:\Documents and Settings\bidgi.BIDGI-SNLGFLXHL\Application Data\Mozilla\Firefox\Profiles\pztlg73p.default\cookies.txt -> TrackingCookie.Serving-sys : Aucune action entreprise. :mozilla.646:C:\Documents and Settings\bidgi.BIDGI-SNLGFLXHL\Application Data\Mozilla\Firefox\Profiles\pztlg73p.default\cookies.txt -> TrackingCookie.Serving-sys : Aucune action entreprise. :mozilla.647:C:\Documents and Settings\bidgi.BIDGI-SNLGFLXHL\Application Data\Mozilla\Firefox\Profiles\pztlg73p.default\cookies.txt -> TrackingCookie.Serving-sys : Aucune action entreprise. :mozilla.648:C:\Documents and Settings\bidgi.BIDGI-SNLGFLXHL\Application Data\Mozilla\Firefox\Profiles\pztlg73p.default\cookies.txt -> TrackingCookie.Serving-sys : Aucune action entreprise. :mozilla.851:C:\Documents and Settings\bidgi.BIDGI-SNLGFLXHL\Application Data\Mozilla\Firefox\Profiles\pztlg73p.default\cookies.txt -> TrackingCookie.Sitestat : Aucune action entreprise. :mozilla.852:C:\Documents and Settings\bidgi.BIDGI-SNLGFLXHL\Application Data\Mozilla\Firefox\Profiles\pztlg73p.default\cookies.txt -> TrackingCookie.Sitestat : Aucune action entreprise. :mozilla.913:C:\Documents and Settings\bidgi.BIDGI-SNLGFLXHL\Application Data\Mozilla\Firefox\Profiles\pztlg73p.default\cookies.txt -> TrackingCookie.Sitestat : Aucune action entreprise. :mozilla.104:C:\Documents and Settings\bidgi.BIDGI-SNLGFLXHL\Application Data\Mozilla\Firefox\Profiles\pztlg73p.default\cookies.txt -> TrackingCookie.Smartadserver : Aucune action entreprise. :mozilla.105:C:\Documents and Settings\bidgi.BIDGI-SNLGFLXHL\Application Data\Mozilla\Firefox\Profiles\pztlg73p.default\cookies.txt -> TrackingCookie.Smartadserver : Aucune action entreprise. :mozilla.106:C:\Documents and Settings\bidgi.BIDGI-SNLGFLXHL\Application Data\Mozilla\Firefox\Profiles\pztlg73p.default\cookies.txt -> TrackingCookie.Smartadserver : Aucune action entreprise. :mozilla.107:C:\Documents and Settings\bidgi.BIDGI-SNLGFLXHL\Application Data\Mozilla\Firefox\Profiles\pztlg73p.default\cookies.txt -> TrackingCookie.Smartadserver : Aucune action entreprise. :mozilla.623:C:\Documents and Settings\bidgi.BIDGI-SNLGFLXHL\Application Data\Mozilla\Firefox\Profiles\pztlg73p.default\cookies.txt -> TrackingCookie.Statcounter : Aucune action entreprise. :mozilla.266:C:\Documents and Settings\bidgi.BIDGI-SNLGFLXHL\Application Data\Mozilla\Firefox\Profiles\pztlg73p.default\cookies.txt -> TrackingCookie.Tradedoubler : Aucune action entreprise. :mozilla.267:C:\Documents and Settings\bidgi.BIDGI-SNLGFLXHL\Application Data\Mozilla\Firefox\Profiles\pztlg73p.default\cookies.txt -> TrackingCookie.Tradedoubler : Aucune action entreprise. :mozilla.268:C:\Documents and Settings\bidgi.BIDGI-SNLGFLXHL\Application Data\Mozilla\Firefox\Profiles\pztlg73p.default\cookies.txt -> TrackingCookie.Tradedoubler : Aucune action entreprise. :mozilla.269:C:\Documents and Settings\bidgi.BIDGI-SNLGFLXHL\Application Data\Mozilla\Firefox\Profiles\pztlg73p.default\cookies.txt -> TrackingCookie.Tradedoubler : Aucune action entreprise. :mozilla.917:C:\Documents and Settings\bidgi.BIDGI-SNLGFLXHL\Application Data\Mozilla\Firefox\Profiles\pztlg73p.default\cookies.txt -> TrackingCookie.Tribalfusion : Aucune action entreprise. :mozilla.18:C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\usoiliaf.default\cookies.txt -> TrackingCookie.Weborama : Aucune action entreprise. :mozilla.90:C:\Documents and Settings\bidgi.BIDGI-SNLGFLXHL\Application Data\Mozilla\Firefox\Profiles\pztlg73p.default\cookies.txt -> TrackingCookie.Weborama : Aucune action entreprise. :mozilla.91:C:\Documents and Settings\bidgi.BIDGI-SNLGFLXHL\Application Data\Mozilla\Firefox\Profiles\pztlg73p.default\cookies.txt -> TrackingCookie.Weborama : Aucune action entreprise. :mozilla.92:C:\Documents and Settings\bidgi.BIDGI-SNLGFLXHL\Application Data\Mozilla\Firefox\Profiles\pztlg73p.default\cookies.txt -> TrackingCookie.Weborama : Aucune action entreprise. :mozilla.502:C:\Documents and Settings\bidgi.BIDGI-SNLGFLXHL\Application Data\Mozilla\Firefox\Profiles\pztlg73p.default\cookies.txt -> TrackingCookie.Webtrends : Aucune action entreprise. :mozilla.103:C:\Documents and Settings\bidgi.BIDGI-SNLGFLXHL\Application Data\Mozilla\Firefox\Profiles\pztlg73p.default\cookies.txt -> TrackingCookie.Webtrendslive : Aucune action entreprise. :mozilla.426:C:\Documents and Settings\bidgi.BIDGI-SNLGFLXHL\Application Data\Mozilla\Firefox\Profiles\pztlg73p.default\cookies.txt -> TrackingCookie.Yieldmanager : Aucune action entreprise. :mozilla.427:C:\Documents and Settings\bidgi.BIDGI-SNLGFLXHL\Application Data\Mozilla\Firefox\Profiles\pztlg73p.default\cookies.txt -> TrackingCookie.Yieldmanager : Aucune action entreprise. :mozilla.428:C:\Documents and Settings\bidgi.BIDGI-SNLGFLXHL\Application Data\Mozilla\Firefox\Profiles\pztlg73p.default\cookies.txt -> TrackingCookie.Yieldmanager : Aucune action entreprise. :mozilla.429:C:\Documents and Settings\bidgi.BIDGI-SNLGFLXHL\Application Data\Mozilla\Firefox\Profiles\pztlg73p.default\cookies.txt -> TrackingCookie.Yieldmanager : Aucune action entreprise. :mozilla.430:C:\Documents and Settings\bidgi.BIDGI-SNLGFLXHL\Application Data\Mozilla\Firefox\Profiles\pztlg73p.default\cookies.txt -> TrackingCookie.Yieldmanager : Aucune action entreprise. :mozilla.602:C:\Documents and Settings\bidgi.BIDGI-SNLGFLXHL\Application Data\Mozilla\Firefox\Profiles\pztlg73p.default\cookies.txt -> TrackingCookie.Zedo : Aucune action entreprise. [576] C:\WINDOWS\system32\pmnli.dll -> Trojan.Vundo.ah : Aucune action entreprise. Fin du rapport Et revoici un rapport HIJACKTHIS Logfile of Trend Micro HijackThis v2.0.0 (BETA) Scan saved at 18:48:24, on 21/04/2007 Platform: Windows XP SP2 (WinNT 5.01.2600) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\csrss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe C:\Program Files\Alwil Software\Avast4\ashServ.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\LEXBCES.EXE C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\system32\LEXPPS.EXE C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe C:\WINDOWS\System32\LXSUPMON.EXE C:\Program Files\DAEMON Tools\daemon.exe C:\WINDOWS\system32\Dsp24Set.exe C:\WINDOWS\system32\DSP24Set.exe C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe C:\Program Files\Uniblue\SpeedUpMyPC\SpeedUpMyPC.exe C:\Program Files\Nero\Nero 7\InCD\InCDsrv.exe C:\Program Files\Calendrier\Cld2000.exe C:\WINDOWS\system32\SLEE81.exe C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Fichiers communs\Ulead Systems\DVD\ULCDRSvr.exe C:\WINDOWS\system32\wdfmgr.exe C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe C:\Program Files\Alwil Software\Avast4\ashWebSv.exe C:\WINDOWS\System32\alg.exe C:\WINDOWS\System32\wbem\wmiprvse.exe C:\WINDOWS\system32\wuauclt.exe C:\PROGRA~1\Mozilla Firefox\firefox.exe C:\Program Files\Internet Explorer\iexplore.exe C:\HiJackThis_v2.exe C:\WINDOWS\System32\wbem\wmiprvse.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: (no name) - {0D63E5A0-6231-4F88-87CC-6AEAD155FD6E} - (no file) O2 - BHO: (no name) - {1557B435-8242-4686-9AA3-9265BF7525A4} - C:\WINDOWS\system32\baqyogjr.dll O2 - BHO: (no name) - {182B90A3-F372-438A-800C-6814B4DE417B} - C:\WINDOWS\system32\fccawxu.dll O2 - BHO: (no name) - {32B2863F-29FD-41A3-89C1-CD0D2270373E} - C:\WINDOWS\system32\pmnli.dll (file missing) O2 - BHO: PopUpBlocker ; XpTuner2004 - {49E0E0F0-5C30-11D4-945D-000000000010} - C:\PROGRA~1\SIMONT~1\XPTUNE~1\PopUp.dll O2 - BHO: (no name) - {5D7E5E99-DD5B-463F-966A-D9E143138AB8} - C:\WINDOWS\system32\tcbefotr.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file) O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll O2 - BHO: (no name) - {EEA67378-BF59-4F1D-8A01-0B1D07ADAF50} - C:\WINDOWS\system32\ddcca.dll O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe O4 - HKLM\..\Run: [LXSUPMON] C:\WINDOWS\System32\LXSUPMON.EXE RUN O4 - HKLM\..\Run: [uVS10 Preload] C:\Program Files\Ulead Systems\Ulead VideoStudio 10\uvPL.exe O4 - HKLM\..\Run: [AudioDSP24 External Links] EL.EXE O4 - HKLM\..\Run: [DAEMON Tools] "C:\Program Files\DAEMON Tools\daemon.exe" -lang 1033 O4 - HKLM\..\Run: [DSP24] Dsp24Set.exe /n O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized O4 - HKCU\..\Run: [uniblue SpeedUpMyPC] C:\Program Files\Uniblue\SpeedUpMyPC\SpeedUpMyPC.exe -s O4 - HKCU\..\Run: [Cld2000.exe] C:\Program Files\Calendrier\Cld2000.exe O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-19\..\RunOnce: [sSS7] "C:\Program Files\Steganos Security Suite 7\SSS7.exe" -firstboot (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU') O4 - HKUS\S-1-5-20\..\RunOnce: [sSS7] "C:\Program Files\Steganos Security Suite 7\SSS7.exe" -firstboot (User 'SERVICE RÉSEAU') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\S-1-5-18\..\RunOnce: [sSS7] "C:\Program Files\Steganos Security Suite 7\SSS7.exe" -firstboot (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user') O4 - HKUS\.DEFAULT\..\RunOnce: [sSS7] "C:\Program Files\Steganos Security Suite 7\SSS7.exe" -firstboot (User 'Default user') O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm O8 - Extra context menu item: Ouvrir dans un nouvel onglet d'arrière-plan - res://C:\Program Files\Windows Live Toolbar\Components\fr-fr\msntabres.dll.mui/229?de75e9731d8e4a5fa69466fe1228b3d0 O8 - Extra context menu item: Ouvrir dans un nouvel onglet de premier plan - res://C:\Program Files\Windows Live Toolbar\Components\fr-fr\msntabres.dll.mui/230?de75e9731d8e4a5fa69466fe1228b3d0 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll O20 - Winlogon Notify: ddayw - C:\WINDOWS\System32\ddayw.dll (file missing) O20 - Winlogon Notify: ddcca - C:\WINDOWS\system32\ddcca.dll O20 - Winlogon Notify: fccawxu - C:\WINDOWS\SYSTEM32\fccawxu.dll O20 - Winlogon Notify: pmnli - C:\WINDOWS\system32\pmnli.dll (file missing) O22 - SharedTaskScheduler: Pré-chargeur Browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\System32\browseui.dll O22 - SharedTaskScheduler: Démon de cache des catégories de composant - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\System32\browseui.dll O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe O23 - Service: Boonty Games - BOONTY - C:\Program Files\Fichiers communs\BOONTY Shared\Service\Boonty.exe O23 - Service: Service d'administration du Gestionnaire de disque logique (dmadmin) - Unknown owner - C:\WINDOWS\System32\dmadmin.exe O23 - Service: Journal des événements (Eventlog) - Unknown owner - C:\WINDOWS\system32\services.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: Imapi Helper - Alex Feinman - C:\Program Files\Alex Feinman\ISO Recorder\ImapiHelper.exe O23 - Service: Service COM de gravage de CD IMAPI (ImapiService) - Unknown owner - C:\WINDOWS\System32\imapi.exe O23 - Service: InCD Helper (InCDsrv) - Nero AG - C:\Program Files\Nero\Nero 7\InCD\InCDsrv.exe O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE O23 - Service: Plug-and-Play (PlugPlay) - Unknown owner - C:\WINDOWS\system32\services.exe O23 - Service: Carte à puce (SCardSvr) - Unknown owner - C:\WINDOWS\System32\SCardSvr.exe O23 - Service: Steganos Live Encryption Engine 8.1 [service] (SLEE_81_SERVICE) - Unknown owner - C:\WINDOWS\system32\SLEE81.exe O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe O23 - Service: Journaux et alertes de performance (SysmonLog) - Unknown owner - C:\WINDOWS\system32\smlogsvc.exe O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Fichiers communs\Ulead Systems\DVD\ULCDRSvr.exe O23 - Service: Cliché instantané de volume (VSS) - Unknown owner - C:\WINDOWS\System32\vssvc.exe O23 - Service: Carte de performance WMI (WmiApSrv) - Unknown owner - C:\WINDOWS\System32\wbem\wmiapsrv.exe -- End of file - 8630 bytes Merci à vous. Lien vers le commentaire Partager sur d’autres sites More sharing options...
snooky Posté(e) le 22 avril 2007 Auteur Partager Posté(e) le 22 avril 2007 @ jibsonedge : As-tu esaayé Smitfraudfix en mode sans échec ? Mets un screen de l'erreur ... Paramètre Ewido pour qu'il supprime les fichiers trouvés . Tu ne dois plus avoir dans le rapport Aucune action entreprise ... Passe également ce fix : http://www.atribune.org/ccount/click.php?id=4 Lien vers le commentaire Partager sur d’autres sites More sharing options...
jibsonedge Posté(e) le 22 avril 2007 Partager Posté(e) le 22 avril 2007 Oui j'ai bien essayé Smitfraudfix en mode sans echec mais voici ce que j'ai... "Erreur CScript : L'accés à Windows Script Host est désactivé sur cette machine. Contactez votre admin système pour plus d'infos. 'SetPaths.bat' n'est pas reconnu en tant que commande interne ou externe, un programme exécutable ou un fichier de commandes. Impossible de trouver C:SmitfraudFix\SetPaths.bat" Et quand je valide j'arrive au fameux menu, je peux lancer une recherche ou un nettoyage mais j'obtiens le message : "Recherche Process... Erreur CScript : L'accès à Windows Script Host est désactivé sur cette machine. Contactez votre Admin bla bla bla... Le fichier spécifié est introuvable. Impossible de trouver C:\SmitfraudFix\Process.txt Recherche hosts..." Voilà, je refais un scan AVG. Lien vers le commentaire Partager sur d’autres sites More sharing options...
snooky Posté(e) le 22 avril 2007 Auteur Partager Posté(e) le 22 avril 2007 Installe ceci et tente à nouveau SmitfraudFix : http://snooky730.free.fr/Programmes/Script...344-x86-fra.rar Lien vers le commentaire Partager sur d’autres sites More sharing options...
jibsonedge Posté(e) le 22 avril 2007 Partager Posté(e) le 22 avril 2007 Toujours le même pb CScript malgré installation d'après ton lien. Par contre bien vu pour Vundo, il l'a bien trouvé et viré les dll. Le pb internet semble résolu. J'ai refais un scan AVG mais il n'a rien trouvé. (Quand tu as vu dans le rapport qu'aucune action n'avait été entreprise, c'est que je lui ai demandé de supprimer les fichiers infectés au redémarrage de l'ordi je pense) Par contre mon pc me semble vraiment très lent... Voici un nouveau rapport Hijackthis. Logfile of Trend Micro HijackThis v2.0.0 (BETA) Scan saved at 17:08:52, on 22/04/2007 Platform: Windows XP SP2 (WinNT 5.01.2600) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe C:\Program Files\Alwil Software\Avast4\ashServ.exe C:\WINDOWS\system32\LEXBCES.EXE C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\system32\LEXPPS.EXE C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe C:\WINDOWS\System32\LXSUPMON.EXE C:\Program Files\DAEMON Tools\daemon.exe C:\WINDOWS\system32\Dsp24Set.exe C:\WINDOWS\system32\DSP24Set.exe C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe C:\Program Files\Nero\Nero 7\InCD\InCDsrv.exe C:\WINDOWS\system32\SLEE81.exe C:\Program Files\Uniblue\SpeedUpMyPC\SpeedUpMyPC.exe C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Fichiers communs\Ulead Systems\DVD\ULCDRSvr.exe C:\WINDOWS\system32\wuauclt.exe C:\PROGRA~1\Mozilla Firefox\firefox.exe C:\WINDOWS\system32\wscntfy.exe C:\WINDOWS\explorer.exe C:\HiJackThis_v2.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: (no name) - {0D63E5A0-6231-4F88-87CC-6AEAD155FD6E} - (no file) O2 - BHO: (no name) - {1557B435-8242-4686-9AA3-9265BF7525A4} - C:\WINDOWS\system32\baqyogjr.dll O2 - BHO: (no name) - {32B2863F-29FD-41A3-89C1-CD0D2270373E} - C:\WINDOWS\system32\pmnli.dll (file missing) O2 - BHO: PopUpBlocker ; XpTuner2004 - {49E0E0F0-5C30-11D4-945D-000000000010} - C:\PROGRA~1\SIMONT~1\XPTUNE~1\PopUp.dll O2 - BHO: (no name) - {5D7E5E99-DD5B-463F-966A-D9E143138AB8} - C:\WINDOWS\system32\tcbefotr.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file) O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll O2 - BHO: (no name) - {C9D571BE-73D6-47D3-A104-B71CD125C364} - C:\WINDOWS\system32\ddcca.dll (file missing) O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe O4 - HKLM\..\Run: [LXSUPMON] C:\WINDOWS\System32\LXSUPMON.EXE RUN O4 - HKLM\..\Run: [uVS10 Preload] C:\Program Files\Ulead Systems\Ulead VideoStudio 10\uvPL.exe O4 - HKLM\..\Run: [AudioDSP24 External Links] EL.EXE O4 - HKLM\..\Run: [DAEMON Tools] "C:\Program Files\DAEMON Tools\daemon.exe" -lang 1033 O4 - HKLM\..\Run: [DSP24] Dsp24Set.exe /n O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized O4 - HKLM\..\RunOnce: [Regsister WScript] wscript -regserver O4 - HKCU\..\Run: [uniblue SpeedUpMyPC] C:\Program Files\Uniblue\SpeedUpMyPC\SpeedUpMyPC.exe -s O4 - HKCU\..\Run: [Cld2000.exe] C:\Program Files\Calendrier\Cld2000.exe O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-19\..\RunOnce: [sSS7] "C:\Program Files\Steganos Security Suite 7\SSS7.exe" -firstboot (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU') O4 - HKUS\S-1-5-20\..\RunOnce: [sSS7] "C:\Program Files\Steganos Security Suite 7\SSS7.exe" -firstboot (User 'SERVICE RÉSEAU') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\S-1-5-18\..\RunOnce: [sSS7] "C:\Program Files\Steganos Security Suite 7\SSS7.exe" -firstboot (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user') O4 - HKUS\.DEFAULT\..\RunOnce: [sSS7] "C:\Program Files\Steganos Security Suite 7\SSS7.exe" -firstboot (User 'Default user') O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm O8 - Extra context menu item: Ouvrir dans un nouvel onglet d'arrière-plan - res://C:\Program Files\Windows Live Toolbar\Components\fr-fr\msntabres.dll.mui/229?de75e9731d8e4a5fa69466fe1228b3d0 O8 - Extra context menu item: Ouvrir dans un nouvel onglet de premier plan - res://C:\Program Files\Windows Live Toolbar\Components\fr-fr\msntabres.dll.mui/230?de75e9731d8e4a5fa69466fe1228b3d0 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll O20 - Winlogon Notify: ddayw - C:\WINDOWS\System32\ddayw.dll (file missing) O20 - Winlogon Notify: pmnli - C:\WINDOWS\system32\pmnli.dll (file missing) O22 - SharedTaskScheduler: Pré-chargeur Browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\System32\browseui.dll O22 - SharedTaskScheduler: Démon de cache des catégories de composant - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\System32\browseui.dll O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe O23 - Service: Boonty Games - BOONTY - C:\Program Files\Fichiers communs\BOONTY Shared\Service\Boonty.exe O23 - Service: Service d'administration du Gestionnaire de disque logique (dmadmin) - Unknown owner - C:\WINDOWS\System32\dmadmin.exe O23 - Service: Journal des événements (Eventlog) - Unknown owner - C:\WINDOWS\system32\services.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: Imapi Helper - Alex Feinman - C:\Program Files\Alex Feinman\ISO Recorder\ImapiHelper.exe O23 - Service: Service COM de gravage de CD IMAPI (ImapiService) - Unknown owner - C:\WINDOWS\System32\imapi.exe O23 - Service: InCD Helper (InCDsrv) - Nero AG - C:\Program Files\Nero\Nero 7\InCD\InCDsrv.exe O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE O23 - Service: Plug-and-Play (PlugPlay) - Unknown owner - C:\WINDOWS\system32\services.exe O23 - Service: Carte à puce (SCardSvr) - Unknown owner - C:\WINDOWS\System32\SCardSvr.exe O23 - Service: Steganos Live Encryption Engine 8.1 [service] (SLEE_81_SERVICE) - Unknown owner - C:\WINDOWS\system32\SLEE81.exe O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe O23 - Service: Journaux et alertes de performance (SysmonLog) - Unknown owner - C:\WINDOWS\system32\smlogsvc.exe O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Fichiers communs\Ulead Systems\DVD\ULCDRSvr.exe O23 - Service: Cliché instantané de volume (VSS) - Unknown owner - C:\WINDOWS\System32\vssvc.exe O23 - Service: Carte de performance WMI (WmiApSrv) - Unknown owner - C:\WINDOWS\System32\wbem\wmiapsrv.exe -- End of file - 7994 bytes Merci. Lien vers le commentaire Partager sur d’autres sites More sharing options...
Valin Horn Posté(e) le 22 avril 2007 Partager Posté(e) le 22 avril 2007 Salut, j'ai depuis quelques jours des fenêtres de pubs intempestives qui s'ouvre en même temps que IE 7 ( c'est sur le pc de mes parents hein ^^ pas le mien). J'ai passé un coup de ad aware mais cela n'y a rien fait. Donc j'ai fais un scan et je vous communique le résultat : Logfile of Trend Micro HijackThis v2.0.0 (BETA) Scan saved at 18:11:44, on 22/04/2007 Platform: Windows XP SP2 (WinNT 5.01.2600) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\Ati2evxx.exe C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe C:\Program Files\Alwil Software\Avast4\ashServ.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Alwil Software\Avast4\ashWebSv.exe C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe C:\WINDOWS\SOUNDMAN.EXE C:\WINDOWS\system32\LVCOMSX.EXE C:\Program Files\Logitech\Video\LogiTray.exe C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe C:\Program Files\HP\HP Software Update\HPWuSchd2.exe C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe C:\Program Files\QuickTime\qttask.exe C:\Program Files\iTunes\iTunesHelper.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Messenger\msmsgs.exe C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe c:\progra~1\intern~1\iexplore.exe C:\Program Files\Panasonic\LUMIXSimpleViewer\PhLeAutoRun.exe C:\Program Files\Internet Explorer\IEXPLORE.EXE C:\Program Files\Logitech\Video\FxSvr2.exe C:\Program Files\iPod\bin\iPodService.exe C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe C:\WINDOWS\system32\wuauclt.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Documents and Settings\Hughes\Mes documents\HiJackThis_v2.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.orange.fr/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://download.microsoft.com/download/8/b...sdk_oct2006.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file) O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll O2 - BHO: WebManager Class - {D5792AA9-D373-4039-8670-2CDAB6A71F15} - C:\Program Files\BitDownload\TorrentManager.dll O3 - Toolbar: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe O4 - HKLM\..\Run: [soundMan] SOUNDMAN.EXE O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe" O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe O4 - HKLM\..\Run: [sunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe" O4 - HKLM\..\Run: [Nurb Dale City For] C:\Documents and Settings\All Users\Application Data\mpeginsidenurbdale\Filminfo.exe O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.2.908.5008\GoogleToolbarNotifier.exe O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background O4 - HKCU\..\Run: [boreSite] C:\DOCUME~1\Hughes\APPLIC~1\Idleelse\heck license.exe O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe O4 - Global Startup: LUMIX Simple Viewer.lnk = ? O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing) O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing) O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineS...er.cab31267.cab O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab31267.cab O22 - SharedTaskScheduler: Pré-chargeur Browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll O22 - SharedTaskScheduler: Démon de cache des catégories de composant - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe O23 - Service: Service d'administration du Gestionnaire de disque logique (dmadmin) - Unknown owner - C:\WINDOWS\System32\dmadmin.exe O23 - Service: Journal des événements (Eventlog) - Unknown owner - C:\WINDOWS\system32\services.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: Service COM de gravage de CD IMAPI (ImapiService) - Unknown owner - C:\WINDOWS\system32\imapi.exe O23 - Service: iPod Service - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: Partage de Bureau à distance NetMeeting (mnmsrvc) - Unknown owner - C:\WINDOWS\system32\mnmsrvc.exe O23 - Service: Plug-and-Play (PlugPlay) - Unknown owner - C:\WINDOWS\system32\services.exe O23 - Service: Gestionnaire de session d'aide sur le Bureau à distance (RDSessMgr) - Unknown owner - C:\WINDOWS\system32\sessmgr.exe O23 - Service: Carte à puce (SCardSvr) - Unknown owner - C:\WINDOWS\System32\SCardSvr.exe O23 - Service: Journaux et alertes de performance (SysmonLog) - Unknown owner - C:\WINDOWS\system32\smlogsvc.exe O23 - Service: Cliché instantané de volume (VSS) - Unknown owner - C:\WINDOWS\System32\vssvc.exe O23 - Service: Carte de performance WMI (WmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\wmiapsrv.exe O23 - Service: Service Partage réseau du Lecteur Windows Media (WMPNetworkSvc) - Unknown owner - C:\Program Files\Windows Media Player\WMPNetwk.exe -- End of file - 9228 bytes Voila, en espérant que vous pourrez m'aider. Merci d'avance des vos réponses. Lien vers le commentaire Partager sur d’autres sites More sharing options...
goreman Posté(e) le 22 avril 2007 Partager Posté(e) le 22 avril 2007 ça se bouscule dans la file d'attente Lien vers le commentaire Partager sur d’autres sites More sharing options...
poups05 Posté(e) le 22 avril 2007 Partager Posté(e) le 22 avril 2007 salut snooky je tenvoie le rapport de l ordi de ma mere qui plante souvent. merci d avance Logfile of Trend Micro HijackThis v2.0.0 (BETA) Scan saved at 19:27:01, on 22/04/2007 Platform: Windows XP SP2 (WinNT 5.01.2600) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe c:\program files\fichiers communs\logitech\lvmvfm\LVPrcSrv.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\RTHDCPL.EXE C:\Program Files\CyberLink\PowerCinema\PCMService.exe C:\Program Files\HP\HP Software Update\HPwuSchd2.exe C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIAEE.EXE C:\Program Files\QuickTime\qttask.exe C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe C:\Program Files\Softwin\BitDefender10\bdmcon.exe C:\Program Files\Softwin\BitDefender10\bdagent.exe C:\Program Files\Fichiers communs\Logitech\LComMgr\Communications_Helper.exe C:\Program Files\CyberLink\PowerCinema\Kernel\TV\CLCapSvc.exe C:\Program Files\Logitech\QuickCam10\QuickCam10.exe C:\Program Files\CyberLink\PowerCinema\Kernel\CLML_NTService\CLMLServer.exe C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe C:\Program Files\FinePixViewerS\QuickDCF2.exe C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Fichiers communs\Softwin\BitDefender Communicator\xcommsvr.exe C:\Program Files\Fichiers communs\Softwin\BitDefender Scan Server\bdss.exe C:\Program Files\CyberLink\PowerCinema\Kernel\TV\CLSched.exe C:\Program Files\Fichiers communs\Softwin\BitDefender Update Service\livesrv.exe C:\Program Files\Fichiers communs\Logitech\LComMgr\LVComSX.exe C:\Program Files\Softwin\BitDefender10\vsserv.exe C:\Program Files\Fichiers communs\Logishrd\LQCVFX\COCIManager.exe C:\HP\KBD\KBD.EXE C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe c:\windows\system\hpsysdrv.exe C:\Program Files\Java\jre1.5.0_05\bin\jusched.exe C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe C:\Documents and Settings\louise\Mes documents\HiJackThis_v2.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&a...&pf=desktop R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.aliceadsl.fr/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.aliceadsl.fr R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://ie.redirect.hp.com/svs/rdr?TYPE=3&a...&pf=desktop R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = "C:\Program Files\Outlook Express\msimn.exe" R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Alice ADSL R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file) O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar3.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.3558\swg.dll O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar3.dll O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE O4 - HKLM\..\Run: [HPHUPD08] c:\Program Files\HP\Digital Imaging\{33D6CC28-9F75-4d1b-A11D-98895B3A3729}\hphupd08.exe O4 - HKLM\..\Run: [PCMService] "C:\Program Files\CyberLink\PowerCinema\PCMService.exe" O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE O4 - HKLM\..\Run: [HPBootOp] "C:\Program Files\Hewlett-Packard\HP Boot Optimizer\HPBootOp.exe" /run O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPwuSchd2.exe O4 - HKLM\..\Run: [EPSON Stylus DX4200 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIAEE.EXE /P26 "EPSON Stylus DX4200 Series" /O6 "USB001" /M "Stylus DX4200" O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot O4 - HKLM\..\Run: [bDMCon] "C:\Program Files\Softwin\BitDefender10\bdmcon.exe" /reg O4 - HKLM\..\Run: [bDAgent] "C:\Program Files\Softwin\BitDefender10\bdagent.exe" O4 - HKLM\..\Run: [LogitechCommunicationsManager] "C:\Program Files\Fichiers communs\Logitech\LComMgr\Communications_Helper.exe" O4 - HKLM\..\Run: [LogitechQuickCamRibbon] "C:\Program Files\Logitech\QuickCam10\QuickCam10.exe" /hide O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU') O4 - HKUS\S-1-5-18\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background (User 'Default user') O4 - .DEFAULT User Startup: Pin.lnk = C:\hp\bin\CLOAKER.EXE (User 'Default user') O4 - Startup: Pin.lnk = C:\hp\bin\CLOAKER.EXE O4 - Global Startup: Exif Launcher S.lnk = C:\Program Files\FinePixViewerS\QuickDCF2.exe O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_05\bin\npjpi150_05.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_05\bin\npjpi150_05.dll O9 - Extra button: Aide à la connexion - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm O9 - Extra 'Tools' menuitem: Aide à la connexion - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing) O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing) O9 - Extra button: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra button: Alice ADSL - {368CC47D-FA00-478B-9CB9-80C2BF388068} - http://www.aliceadsl.fr (file missing) (HKCU) O14 - IERESET.INF: START_PAGE_URL=http://www.aliceadsl.fr O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus scanner) - http://security.symantec.com/sscv6/SharedC...bin/AvSniff.cab O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll O16 - DPF: {54D53429-945C-4188-B460-C81356541882} (SaveImageFiles Class) - http://eshare.hpphoto.com/Download/HPeServicesLocalPrint.CAB O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/SharedC...n/bin/cabsa.cab O18 - Protocol: bw+0 - {D2260056-54B6-46F8-AD16-1DDB9672E4EC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw+0s - {D2260056-54B6-46F8-AD16-1DDB9672E4EC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw-0 - {D2260056-54B6-46F8-AD16-1DDB9672E4EC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw-0s - {D2260056-54B6-46F8-AD16-1DDB9672E4EC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw00 - {D2260056-54B6-46F8-AD16-1DDB9672E4EC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw00s - {D2260056-54B6-46F8-AD16-1DDB9672E4EC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw10 - {D2260056-54B6-46F8-AD16-1DDB9672E4EC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw10s - {D2260056-54B6-46F8-AD16-1DDB9672E4EC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw20 - {D2260056-54B6-46F8-AD16-1DDB9672E4EC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw20s - {D2260056-54B6-46F8-AD16-1DDB9672E4EC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw30 - {D2260056-54B6-46F8-AD16-1DDB9672E4EC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw30s - {D2260056-54B6-46F8-AD16-1DDB9672E4EC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw40 - {D2260056-54B6-46F8-AD16-1DDB9672E4EC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw40s - {D2260056-54B6-46F8-AD16-1DDB9672E4EC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw50 - {D2260056-54B6-46F8-AD16-1DDB9672E4EC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw50s - {D2260056-54B6-46F8-AD16-1DDB9672E4EC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw60 - {D2260056-54B6-46F8-AD16-1DDB9672E4EC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw60s - {D2260056-54B6-46F8-AD16-1DDB9672E4EC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw70 - {D2260056-54B6-46F8-AD16-1DDB9672E4EC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw70s - {D2260056-54B6-46F8-AD16-1DDB9672E4EC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw80 - {D2260056-54B6-46F8-AD16-1DDB9672E4EC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw80s - {D2260056-54B6-46F8-AD16-1DDB9672E4EC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw90 - {D2260056-54B6-46F8-AD16-1DDB9672E4EC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw90s - {D2260056-54B6-46F8-AD16-1DDB9672E4EC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwa0 - {D2260056-54B6-46F8-AD16-1DDB9672E4EC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwa0s - {D2260056-54B6-46F8-AD16-1DDB9672E4EC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwb0 - {D2260056-54B6-46F8-AD16-1DDB9672E4EC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwb0s - {D2260056-54B6-46F8-AD16-1DDB9672E4EC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwc0 - {D2260056-54B6-46F8-AD16-1DDB9672E4EC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwc0s - {D2260056-54B6-46F8-AD16-1DDB9672E4EC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwd0 - {D2260056-54B6-46F8-AD16-1DDB9672E4EC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwd0s - {D2260056-54B6-46F8-AD16-1DDB9672E4EC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwe0 - {D2260056-54B6-46F8-AD16-1DDB9672E4EC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwe0s - {D2260056-54B6-46F8-AD16-1DDB9672E4EC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwf0 - {D2260056-54B6-46F8-AD16-1DDB9672E4EC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwf0s - {D2260056-54B6-46F8-AD16-1DDB9672E4EC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll O18 - Protocol: bwg0 - {D2260056-54B6-46F8-AD16-1DDB9672E4EC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwg0s - {D2260056-54B6-46F8-AD16-1DDB9672E4EC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwh0 - {D2260056-54B6-46F8-AD16-1DDB9672E4EC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwh0s - {D2260056-54B6-46F8-AD16-1DDB9672E4EC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwi0 - {D2260056-54B6-46F8-AD16-1DDB9672E4EC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwi0s - {D2260056-54B6-46F8-AD16-1DDB9672E4EC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwj0 - {D2260056-54B6-46F8-AD16-1DDB9672E4EC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwj0s - {D2260056-54B6-46F8-AD16-1DDB9672E4EC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwk0 - {D2260056-54B6-46F8-AD16-1DDB9672E4EC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwk0s - {D2260056-54B6-46F8-AD16-1DDB9672E4EC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwl0 - {D2260056-54B6-46F8-AD16-1DDB9672E4EC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwl0s - {D2260056-54B6-46F8-AD16-1DDB9672E4EC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwm0 - {D2260056-54B6-46F8-AD16-1DDB9672E4EC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwm0s - {D2260056-54B6-46F8-AD16-1DDB9672E4EC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwn0 - {D2260056-54B6-46F8-AD16-1DDB9672E4EC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwn0s - {D2260056-54B6-46F8-AD16-1DDB9672E4EC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwo0 - {D2260056-54B6-46F8-AD16-1DDB9672E4EC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwo0s - {D2260056-54B6-46F8-AD16-1DDB9672E4EC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwp0 - {D2260056-54B6-46F8-AD16-1DDB9672E4EC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwp0s - {D2260056-54B6-46F8-AD16-1DDB9672E4EC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwq0 - {D2260056-54B6-46F8-AD16-1DDB9672E4EC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwq0s - {D2260056-54B6-46F8-AD16-1DDB9672E4EC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwr0 - {D2260056-54B6-46F8-AD16-1DDB9672E4EC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwr0s - {D2260056-54B6-46F8-AD16-1DDB9672E4EC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bws0 - {D2260056-54B6-46F8-AD16-1DDB9672E4EC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bws0s - {D2260056-54B6-46F8-AD16-1DDB9672E4EC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwt0 - {D2260056-54B6-46F8-AD16-1DDB9672E4EC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwt0s - {D2260056-54B6-46F8-AD16-1DDB9672E4EC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwu0 - {D2260056-54B6-46F8-AD16-1DDB9672E4EC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwu0s - {D2260056-54B6-46F8-AD16-1DDB9672E4EC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwv0 - {D2260056-54B6-46F8-AD16-1DDB9672E4EC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwv0s - {D2260056-54B6-46F8-AD16-1DDB9672E4EC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bww0 - {D2260056-54B6-46F8-AD16-1DDB9672E4EC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bww0s - {D2260056-54B6-46F8-AD16-1DDB9672E4EC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwx0 - {D2260056-54B6-46F8-AD16-1DDB9672E4EC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwx0s - {D2260056-54B6-46F8-AD16-1DDB9672E4EC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwy0 - {D2260056-54B6-46F8-AD16-1DDB9672E4EC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwy0s - {D2260056-54B6-46F8-AD16-1DDB9672E4EC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwz0 - {D2260056-54B6-46F8-AD16-1DDB9672E4EC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwz0s - {D2260056-54B6-46F8-AD16-1DDB9672E4EC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: offline-8876480 - {D2260056-54B6-46F8-AD16-1DDB9672E4EC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O22 - SharedTaskScheduler: Pré-chargeur Browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll O22 - SharedTaskScheduler: Démon de cache des catégories de composant - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll O23 - Service: AOL Connectivity Service (AOL ACS) - AOL LLC - C:\PROGRA~1\FICHIE~1\AOL\ACS\AOLacsd.exe O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe O23 - Service: BitDefender Scan Server (bdss) - Unknown owner - C:\Program Files\Fichiers communs\Softwin\BitDefender Scan Server\bdss.exe O23 - Service: CyberLink Background Capture Service (CBCS) (CLCapSvc) - Unknown owner - C:\Program Files\CyberLink\PowerCinema\Kernel\TV\CLCapSvc.exe O23 - Service: CyberLink Task Scheduler (CTS) (CLSched) - Unknown owner - C:\Program Files\CyberLink\PowerCinema\Kernel\TV\CLSched.exe O23 - Service: CyberLink Media Library Service - Cyberlink - C:\Program Files\CyberLink\PowerCinema\Kernel\CLML_NTService\CLMLServer.exe O23 - Service: Service d'administration du Gestionnaire de disque logique (dmadmin) - Unknown owner - C:\WINDOWS\System32\dmadmin.exe O23 - Service: Journal des événements (Eventlog) - Unknown owner - C:\WINDOWS\system32\services.exe O23 - Service: Fax - Unknown owner - C:\WINDOWS\system32\fxssvc.exe O23 - Service: GoogleDesktopManager - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktopManager.exe O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1050\Intel 32\IDriverT.exe O23 - Service: Service COM de gravage de CD IMAPI (ImapiService) - Unknown owner - C:\WINDOWS\system32\imapi.exe O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe O23 - Service: BitDefender Desktop Update Service (LIVESRV) - SOFTWIN S.R.L. - C:\Program Files\Fichiers communs\Softwin\BitDefender Update Service\livesrv.exe O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - c:\program files\fichiers communs\logitech\lvmvfm\LVPrcSrv.exe O23 - Service: LVSrvLauncher - Logitech Inc. - C:\Program Files\Fichiers communs\Logitech\SrvLnch\SrvLnch.exe O23 - Service: Partage de Bureau à distance NetMeeting (mnmsrvc) - Unknown owner - C:\WINDOWS\system32\mnmsrvc.exe O23 - Service: Planificateur LiveUpdate automatique - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe O23 - Service: Plug-and-Play (PlugPlay) - Unknown owner - C:\WINDOWS\system32\services.exe O23 - Service: Gestionnaire de session d'aide sur le Bureau à distance (RDSessMgr) - Unknown owner - C:\WINDOWS\system32\sessmgr.exe O23 - Service: Carte à puce (SCardSvr) - Unknown owner - C:\WINDOWS\System32\SCardSvr.exe O23 - Service: Journaux et alertes de performance (SysmonLog) - Unknown owner - C:\WINDOWS\system32\smlogsvc.exe O23 - Service: Cliché instantané de volume (VSS) - Unknown owner - C:\WINDOWS\System32\vssvc.exe O23 - Service: BitDefender Virus Shield (VSSERV) - SOFTWIN S.R.L. - C:\Program Files\Softwin\BitDefender10\vsserv.exe O23 - Service: WAN Miniport (ATW) Service (WANMiniportService) - America Online, Inc. - C:\WINDOWS\wanmpsvc.exe O23 - Service: Carte de performance WMI (WmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\wmiapsrv.exe O23 - Service: Service Partage réseau du Lecteur Windows Media (WMPNetworkSvc) - Unknown owner - C:\Program Files\Windows Media Player\WMPNetwk.exe O23 - Service: BitDefender Communicator (XCOMM) - SOFTWIN S.R.L - C:\Program Files\Fichiers communs\Softwin\BitDefender Communicator\xcommsvr.exe -- End of file - 25337 bytes Lien vers le commentaire Partager sur d’autres sites More sharing options...
Philou34 Posté(e) le 22 avril 2007 Partager Posté(e) le 22 avril 2007 Salut Docteur Snooky, je te poste mon rapport juste pour une petite vérification.Merci d'avance et en espérant que tout soit clean ! Logfile of HijackThis v1.99.1 Scan saved at 17:11 PHIL'S PC, on 18/04/2007 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe C:\Program Files\Alwil Software\Avast4\ashServ.exe C:\WINDOWS\system32\brsvc01a.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\system32\brss01a.exe c:\program files\fichiers communs\logitech\lvmvfm\LVPrcSrv.exe C:\Program Files\Autodesk\Data Management Server 5\Server\Dispatch\Connectivity.WindowsService.JobDispatch.exe C:\Program Files\Autodesk\Data Management Server 5\Server\Webserver\Connectivity.EDMWS.Server.exe C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe C:\WINDOWS\system32\DRIVERS\CDANTSRV.EXE C:\Program Files\Executive Software\DiskeeperLite\DKService.exe C:\Program Files\Kerio\Personal Firewall 4\kpf4ss.exe C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe C:\Program Files\Microsoft SQL Server\MSSQL$AUTODESKVAULT\Binn\sqlservr.exe C:\Program Files\Kerio\Personal Firewall 4\kpf4gui.exe C:\Program Files\Microsoft SQL Server\MSSQL$KBMSS\Binn\sqlservr.exe C:\WINDOWS\system32\nvsvc32.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Fichiers communs\D.P.Technology\Floating License\lservnt.exe C:\WINDOWS\system32\svchost.exe C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe C:\WINDOWS\system32\rundll32.exe C:\Program Files\ASUS\Probe\AsusProb.exe C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe C:\WINDOWS\SOUNDMAN.EXE C:\Program Files\Brother\ControlCenter2\brctrcen.exe C:\WINDOWS\system32\LVCOMSX.EXE C:\WINDOWS\system32\RunDLL32.exe C:\PROGRA~1\Grisoft\AVG7\avgcc.exe C:\Program Files\QuickTime Alternative\qttask.exe C:\Program Files\iTunes\iTunesHelper.exe C:\Program Files\MSN Messenger\MsnMsgr.Exe C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe C:\Program Files\Alwil Software\Avast4\ashWebSv.exe C:\Program Files\SpeedFan\speedfan.exe C:\Program Files\Yahoo!\WidgetEngine\YahooWidgetEngine.exe C:\Program Files\iPod\bin\iPodService.exe C:\Program Files\Yahoo!\WidgetEngine\YahooWidgetEngine.exe C:\Program Files\Yahoo!\WidgetEngine\YahooWidgetEngine.exe C:\Program Files\Yahoo!\WidgetEngine\YahooWidgetEngine.exe C:\Program Files\Kerio\Personal Firewall 4\kpf4gui.exe C:\Program Files\Yahoo!\WidgetEngine\YahooWidgetEngine.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\PROGRA~1\MOZILL~1\FIREFOX.EXE C:\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/ R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe O4 - HKLM\..\Run: [bluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe O4 - HKLM\..\Run: [ASUS Probe] C:\Program Files\ASUS\Probe\AsusProb.exe O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe" O4 - HKLM\..\Run: [soundMan] SOUNDMAN.EXE O4 - HKLM\..\Run: [sSBkgdUpdate] "C:\Program Files\Fichiers communs\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Embedding -boot O4 - HKLM\..\Run: [setDefPrt] C:\Program Files\Brother\Brmfl05a\BrStDvPt.exe O4 - HKLM\..\Run: [ControlCenter2.0] C:\Program Files\Brother\ControlCenter2\brctrcen.exe /autorun O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKLM\..\Run: [NvMediaCenter] RunDLL32.exe NvMCTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVG7\avgcc.exe /STARTUP O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime Alternative\qttask.exe" -atboottime O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe" O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background O4 - HKCU\..\Run: [ccleaner] "C:\Program Files\CCleaner\ccleaner.exe" /AUTO O4 - HKCU\..\Run: [Winlogin] C:\WINDOWS\system32\winlogin.exe O4 - Startup: SpeedFan.lnk = C:\Program Files\SpeedFan\speedfan.exe O4 - Startup: Yahoo! Widget Engine.lnk = C:\Program Files\Yahoo!\WidgetEngine\YahooWidgetEngine.exe O4 - Global Startup: Contrôleur d’état.lnk = C:\Program Files\Brother\Brmfcmon\BrMfcWnd.exe O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll O20 - Winlogon Notify: WRNotifier - WRLogonNTF.dll (file missing) O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe O23 - Service: Autodesk Data Management Job Dispatch - Autodesk Inc - C:\Program Files\Autodesk\Data Management Server 5\Server\Dispatch\Connectivity.WindowsService.JobDispatch.exe O23 - Service: Autodesk EDM Server - Autodesk Inc - C:\Program Files\Autodesk\Data Management Server 5\Server\Webserver\Connectivity.EDMWS.Server.exe O23 - Service: Autodesk Licensing Service - Autodesk - C:\Program Files\Fichiers communs\Autodesk Shared\Service\AdskScSrv.exe O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing) O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing) O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe O23 - Service: BrSplService (Brother XP spl Service) - brother Industries Ltd - C:\WINDOWS\system32\brsvc01a.exe O23 - Service: C-DillaSrv - C-Dilla Ltd - C:\WINDOWS\system32\DRIVERS\CDANTSRV.EXE O23 - Service: Diskeeper - Executive Software International, Inc. - C:\Program Files\Executive Software\DiskeeperLite\DKService.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: Kerio Personal Firewall 4 (KPF4) - Kerio Technologies - C:\Program Files\Kerio\Personal Firewall 4\kpf4ss.exe O23 - Service: Logitech Process Monitor (LVPrcSrv) - Logitech Inc. - c:\program files\fichiers communs\logitech\lvmvfm\LVPrcSrv.exe O23 - Service: MSSQL$AUTODESKVAULT - Unknown owner - C:\Program Files\Microsoft SQL Server\MSSQL$AUTODESKVAULT\Binn\sqlservr.exe" -sAUTODESKVAULT (file missing) O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: SentinelLM - Rainbow Technologies, Inc. - C:\Program Files\Fichiers communs\D.P.Technology\Floating License\lservnt.exe O23 - Service: SQLAgent$AUTODESKVAULT - Unknown owner - C:\Program Files\Microsoft SQL Server\MSSQL$AUTODESKVAULT\Binn\sqlagent.EXE" -i AUTODESKVAULT (file missing) Lien vers le commentaire Partager sur d’autres sites More sharing options...
snooky Posté(e) le 23 avril 2007 Auteur Partager Posté(e) le 23 avril 2007 @ Philou34 : Désactive la restauration système . Coche et fixe ces lignes avec Hijackthis : O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe" O4 - HKLM\..\Run: [soundMan] SOUNDMAN.EXE O4 - HKLM\..\Run: [sSBkgdUpdate] "C:\Program Files\Fichiers communs\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Embedding -boot O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKLM\..\Run: [NvMediaCenter] RunDLL32.exe NvMCTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime Alternative\qttask.exe" -atboottime O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe" O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background O4 - HKCU\..\Run: [ccleaner] "C:\Program Files\CCleaner\ccleaner.exe" /AUTO O4 - HKCU\..\Run: [Winlogin] C:\WINDOWS\system32\winlogin.exe Fait afficher les fichiers cachés : http://www.informatruc.com/afficher_fichiers_caches.php Recherche et supprime ce fichier : C:\WINDOWS\system32\winlogin.exe Passe Clean 1.6 byFRUiT , procédure 1 . Redémarre en mode sans échec et passe AVG7.5 . Lien vers le commentaire Partager sur d’autres sites More sharing options...
snooky Posté(e) le 23 avril 2007 Auteur Partager Posté(e) le 23 avril 2007 @ poups05 : Coche et fixe ces lignes : O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPwuSchd2.exe O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot O4 - HKLM\..\Run: [LogitechCommunicationsManager] "C:\Program Files\Fichiers communs\Logitech\LComMgr\Communications_Helper.exe" O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU') O4 - HKUS\S-1-5-18\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background (User 'Default user') O4 - .DEFAULT User Startup: Pin.lnk = C:\hp\bin\CLOAKER.EXE (User 'Default user') O4 - Startup: Pin.lnk = C:\hp\bin\CLOAKER.EXE O4 - Global Startup: Exif Launcher S.lnk = C:\Program Files\FinePixViewerS\QuickDCF2.exe O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing) O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing) O9 - Extra button: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe + toutes les lignes 018 Installe cette mise à jour : http://www.generation-nt.com/divers/click....cb-f7b3b0fd3d86 Passe Clean 1.6 by FRUiT , procédure 1 . Lien vers le commentaire Partager sur d’autres sites More sharing options...
snooky Posté(e) le 23 avril 2007 Auteur Partager Posté(e) le 23 avril 2007 @ Valin Horn : Désactive la restauration système . Coche et fixe ces lignes avec Hijackthis : O4 - HKLM\..\Run: [soundMan] SOUNDMAN.EXE O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe" O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe O4 - HKLM\..\Run: [sunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe" O4 - HKLM\..\Run: [Nurb Dale City For] C:\Documents and Settings\All Users\Application Data\mpeginsidenurbdale\Filminfo.exe O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background O4 - HKCU\..\Run: [boreSite] C:\DOCUME~1\Hughes\APPLIC~1\Idleelse\heck license.exe O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE Fait afficher les fichiers cachés : http://www.informatruc.com/afficher_fichiers_caches.php Recherche et supprime ces dossiers : C:\Documents and Settings\All Users\Application Data\mpeginsidenurbdale C:\DOCUME~1\Hughes\APPLIC~1\Idleelse Installe Ewido ( AVG 7.5 ) , mets à jour et paramètre - le pour supprimer les fichiers trouvés . Passe Clean 1.6 byFRUiT , procédure 1 . Redémarre le pc et poste un nouveau rapport Hijackthis . Lien vers le commentaire Partager sur d’autres sites More sharing options...
goreman Posté(e) le 23 avril 2007 Partager Posté(e) le 23 avril 2007 Et moi alors? Tous les autres passent avant moi, sympa Lien vers le commentaire Partager sur d’autres sites More sharing options...
snooky Posté(e) le 23 avril 2007 Auteur Partager Posté(e) le 23 avril 2007 @ jibsonedge : Coche et fixe ces lignes : O2 - BHO: (no name) - {0D63E5A0-6231-4F88-87CC-6AEAD155FD6E} - (no file) O2 - BHO: (no name) - {1557B435-8242-4686-9AA3-9265BF7525A4} - C:\WINDOWS\system32\baqyogjr.dll O2 - BHO: (no name) - {32B2863F-29FD-41A3-89C1-CD0D2270373E} - C:\WINDOWS\system32\pmnli.dll (file missing) O2 - BHO: (no name) - {5D7E5E99-DD5B-463F-966A-D9E143138AB8} - C:\WINDOWS\system32\tcbefotr.dll O2 - BHO: (no name) - {C9D571BE-73D6-47D3-A104-B71CD125C364} - C:\WINDOWS\system32\ddcca.dll (file missing) O4 - HKLM\..\RunOnce: [Regsister WScript] wscript -regserver O4 - HKCU\..\Run: [uniblue SpeedUpMyPC] C:\Program Files\Uniblue\SpeedUpMyPC\SpeedUpMyPC.exe -s O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-19\..\RunOnce: [sSS7] "C:\Program Files\Steganos Security Suite 7\SSS7.exe" -firstboot (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU') O4 - HKUS\S-1-5-20\..\RunOnce: [sSS7] "C:\Program Files\Steganos Security Suite 7\SSS7.exe" -firstboot (User 'SERVICE RÉSEAU') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\S-1-5-18\..\RunOnce: [sSS7] "C:\Program Files\Steganos Security Suite 7\SSS7.exe" -firstboot (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user') O4 - HKUS\.DEFAULT\..\RunOnce: [sSS7] "C:\Program Files\Steganos Security Suite 7\SSS7.exe" -firstboot (User 'Default user') O20 - Winlogon Notify: ddayw - C:\WINDOWS\System32\ddayw.dll (file missing) O20 - Winlogon Notify: pmnli - C:\WINDOWS\system32\pmnli.dll (file missing) Passe ces fix en mode sans échec : http://support.kaspersky.com/downloads/utils/klwk.zip ftp://ftp.kaspersky.com/utils/clrav/clrav.zip http://www.symantec.com/content/en/us/glob...eups/fixkak.exe Redémarre le pc en mode sans échec et teste à nouveau Smitfraudfix . Passe également AVG en mode sans échec . Poste un nouveau rapport Hijackthis . Lien vers le commentaire Partager sur d’autres sites More sharing options...
snooky Posté(e) le 23 avril 2007 Auteur Partager Posté(e) le 23 avril 2007 @ goreman : Coche et fixe ces lignes : O4 - HKLM\..\Run: [soundMan] SOUNDMAN.EXE O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre1.5.0_11\bin\jusched.exe" O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe O4 - HKLM\..\Run: [Windows Defender] "C:\Program Files\Windows Defender\MSASCui.exe" -masquer O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user') O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Reader 8.0\Reader\reader_sl.exe O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing) O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing) Passe Clean 1.6 by FRUiT , procédure 1 . Passe BlacklLight et poste le rapport: http://www.f-secure.com/blacklight/ Redémarre le pc . Quel est le problème ? Lien vers le commentaire Partager sur d’autres sites More sharing options...
goreman Posté(e) le 23 avril 2007 Partager Posté(e) le 23 avril 2007 @ goreman :Coche et fixe ces lignes : O4 - HKLM\..\Run: [soundMan] SOUNDMAN.EXE O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre1.5.0_11\bin\jusched.exe" O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe O4 - HKLM\..\Run: [Windows Defender] "C:\Program Files\Windows Defender\MSASCui.exe" -masquer O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user') O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Reader 8.0\Reader\reader_sl.exe O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing) O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing) Passe Clean 1.6 by FRUiT , procédure 1 . Passe BlacklLight et poste le rapport: http://www.f-secure.com/blacklight/ Redémarre le pc . Quel est le problème ? Bah si tu veux c'est comme si y'avait eu un formatage et à chaque démarage ça marque que le fichier utilisateur est corrompu ou un truc dans le genre. Je vais déjà essayer ce que tu as marqué, je verrais si ça arrange ou pas... Lien vers le commentaire Partager sur d’autres sites More sharing options...
goreman Posté(e) le 23 avril 2007 Partager Posté(e) le 23 avril 2007 Bon le fait de fixer les lignes ne fait rien et blacklight ne trouve rien Reste plus qu'à formater je crois non? Lien vers le commentaire Partager sur d’autres sites More sharing options...
snooky Posté(e) le 23 avril 2007 Auteur Partager Posté(e) le 23 avril 2007 Désinstalle Windows Defender . As-tu passé clean 1.6 ? Combien de Mo supprimés ( en fin de rapport ) ? C'est un pc " pré-installé " ? Explique un peu mieux le problème ... Avec Hijackthis créer un rapport des applications installées sur le pc : / Config / Outils / ajout suppr des progr / Sauver ( à droite ) Copie / colle le log uninstall_list.txt ici . Lien vers le commentaire Partager sur d’autres sites More sharing options...
goreman Posté(e) le 23 avril 2007 Partager Posté(e) le 23 avril 2007 Désinstalle Windows Defender .As-tu passé clean 1.6 ? Combien de Mo supprimés ( en fin de rapport ) ? C'est un pc " pré-installé " ? Explique un peu mieux le problème ... Avec Hijackthis créer un rapport des applications installées sur le pc : / Config / Outils / ajout suppr des progr / Sauver ( à droite ) Copie / colle le log uninstall_list.txt ici . Laisse faire je vais formater, c'est irrémédiable j'ai tout essayé Lien vers le commentaire Partager sur d’autres sites More sharing options...
winphoenix Posté(e) le 24 avril 2007 Partager Posté(e) le 24 avril 2007 Bonsoir, voici mon rapport pourriez vous me dire ou sa cloche, je rencontre quelques problemes en ce moment : Logfile of HijackThis v1.99.1 Scan saved at 21:08:01, on 24/04/2007 Platform: Unknown Windows (WinNT 6.00.1904) MSIE: Internet Explorer v7.00 (7.00.6000.16386) Running processes: C:\Windows\system32\taskeng.exe C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Program Files\Windows Defender\MSASCui.exe C:\Program Files\Wirelwss LAN Utility\TIWLANCu.exe C:\Program Files\Adobe\Acrobat 7.0\Distillr\AcroTray.exe C:\Program Files\Adobe\Adobe Version Cue\ControlPanel\VersionCueTray.exe C:\Program Files\QuickTime\qttask.exe C:\Program Files\Java\jre1.6.0\bin\jusched.exe C:\Program Files\Microsoft IntelliType Pro\itype.exe C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe C:\Program Files\Labtec\WebCam10\WebCam10.exe C:\Windows\SOUNDMAN.EXE C:\Program Files\Windows Sidebar\sidebar.exe C:\Windows\ehome\ehtray.exe C:\Program Files\Internet Download Manager\IDMan.exe C:\Program Files\MSN Messenger\msnmsgr.exe C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.EXE C:\Windows\ehome\ehmsas.exe C:\Program Files\Windows Sidebar\sidebar.exe C:\Windows\system32\wbem\unsecapp.exe C:\Program Files\Internet Download Manager\IEMonitor.exe C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe C:\Program Files\Common Files\LogiShrd\LComMgr\LVComSX.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Windows\system32\SearchFilterHost.exe C:\Program Files\Hijackthis Version Française\VERSION TRADUITE ORIGINALE.EXE R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = 67.94.174.220:8080 R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = O1 - Hosts: ::1 localhost O2 - BHO: IDM Helper - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files\Internet Download Manager\IDMIECC.dll O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0\bin\ssv.dll O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file) O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide O4 - HKLM\..\Run: [TI WLAN] C:\Program Files\Wirelwss LAN Utility\TIWLANCu.exe O4 - HKLM\..\Run: [Acrobat Assistant 7.0] "C:\Program Files\Adobe\Acrobat 7.0\Distillr\Acrotray.exe" O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe O4 - HKLM\..\Run: [AdobeVersionCue] C:\Program Files\Adobe\Adobe Version Cue\ControlPanel\VersionCueTray.exe O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0\bin\jusched.exe" O4 - HKLM\..\Run: [itype] "C:\Program Files\Microsoft IntelliType Pro\itype.exe" O4 - HKLM\..\Run: [LogitechCommunicationsManager] "C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe" O4 - HKLM\..\Run: [LogitechQuickCamRibbon] "C:\Program Files\Labtec\WebCam10\WebCam10.exe" /hide O4 - HKLM\..\Run: [soundMan] SOUNDMAN.EXE O4 - HKLM\..\Run: [NetAnalyse] C:\Program Files\NetAnalyse\NetAnalyse.exe O4 - HKCU\..\Run: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe O4 - HKCU\..\Run: [iDMan] C:\Program Files\Internet Download Manager\IDMan.exe /onboot O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background O4 - HKCU\..\Run: [startCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe O4 - Startup: NetAnalyse.lnk = C:\Program Files\NetAnalyse\NetAnalyse.exe O4 - Global Startup: Adobe Acrobat Speed Launcher.lnk = ? O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe O8 - Extra context menu item: Convertir en Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html O8 - Extra context menu item: Convertir en un fichier PDF existant - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html O8 - Extra context menu item: Convertir la cible du lien en Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html O8 - Extra context menu item: Convertir la cible du lien en un fichier PDF existant - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html O8 - Extra context menu item: Convertir la sélection en Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html O8 - Extra context menu item: Convertir la sélection en un fichier PDF existant - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html O8 - Extra context menu item: Convertir les liens sélectionnés en fichier Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html O8 - Extra context menu item: Convertir les liens sélectionnés en un fichier PDF existant - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html O8 - Extra context menu item: Download All Links with IDM - C:\Program Files\Internet Download Manager\IEGetAll.htm O8 - Extra context menu item: Download with IDM - C:\Program Files\Internet Download Manager\IEExt.htm O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\PROGRA~1\Java\JRE16~1.0\bin\ssv.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\PROGRA~1\Java\JRE16~1.0\bin\ssv.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL O9 - Extra button: Ghost Navigator - {ECC5777A-6E88-BFCE-13CE-81F134789E7B} - C:\Program Files\Ghost Navigator2_7_15\Ghost (file missing) O9 - Extra 'Tools' menuitem: Ghost Navigator - {ECC5777A-6E88-BFCE-13CE-81F134789E7B} - C:\Program Files\Ghost Navigator2_7_15\Ghost (file missing) O10 - Unknown file in Winsock LSP: c:\windows\system32\nlaapi.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\napinsp.dll O10 - Unknown file in Winsock LSP: c:\program files\hide my ip 2007\proxyfilter.dll O10 - Unknown file in Winsock LSP: c:\program files\hide my ip 2007\proxyfilter.dll O10 - Unknown file in Winsock LSP: c:\program files\hide my ip 2007\proxyfilter.dll O10 - Unknown file in Winsock LSP: c:\program files\hide my ip 2007\proxyfilter.dll O10 - Unknown file in Winsock LSP: c:\program files\hide my ip 2007\proxyfilter.dll O10 - Unknown file in Winsock LSP: c:\program files\hide my ip 2007\proxyfilter.dll O10 - Unknown file in Winsock LSP: c:\program files\hide my ip 2007\proxyfilter.dll O10 - Unknown file in Winsock LSP: c:\program files\hide my ip 2007\proxyfilter.dll O10 - Unknown file in Winsock LSP: c:\program files\hide my ip 2007\proxyfilter.dll O10 - Unknown file in Winsock LSP: c:\program files\hide my ip 2007\proxyfilter.dll O10 - Unknown file in Winsock LSP: c:\program files\hide my ip 2007\proxyfilter.dll O10 - Unknown file in Winsock LSP: c:\program files\hide my ip 2007\proxyfilter.dll O10 - Unknown file in Winsock LSP: c:\program files\hide my ip 2007\proxyfilter.dll O10 - Unknown file in Winsock LSP: c:\program files\hide my ip 2007\proxyfilter.dll O11 - Options group: [iNTERNATIONAL] International* O13 - Gopher Prefix: O16 - DPF: {BB21F850-63F4-4EC9-BF9D-565BD30C9AE9} (a-squared Scanner) - http://ax.emsisoft.com/asquared.cab O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O18 - Protocol: ms-help - {314111C7-A502-11D2-BBCA-00C04F8EC294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O18 - Filter hijack: text/xml - {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe O23 - Service: AdobeVersionCue - Adobe Sytems - C:\Program Files\Adobe\Adobe Version Cue\service\VersionCue.exe O23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:\Windows\system32\Ati2evxx.exe O23 - Service: @%SystemRoot%\ehome\ehstart.dll,-101 (ehstart) - Unknown owner - %windir%\system32\svchost.exe (file missing) O23 - Service: LVSrvLauncher - Labtec Inc. - C:\Program Files\Common Files\LogiShrd\SrvLnch\SrvLnch.exe O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe O23 - Service: @%SystemRoot%\system32\qwave.dll,-1 (QWAVE) - Unknown owner - %windir%\system32\svchost.exe (file missing) O23 - Service: @%SystemRoot%\system32\seclogon.dll,-7001 (seclogon) - Unknown owner - %windir%\system32\svchost.exe (file missing) O23 - Service: SolidWorks Licensing Service - SolidWorks - C:\Program Files\Common Files\SolidWorks Shared\Service\SolidWorksLicensing.exe O23 - Service: @%ProgramFiles%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - %ProgramFiles%\Windows Media Player\wmpnetwk.exe (file missing) Lien vers le commentaire Partager sur d’autres sites More sharing options...
snooky Posté(e) le 25 avril 2007 Auteur Partager Posté(e) le 25 avril 2007 @ winphoenix : Désinstalle NetAnalyze et Hide My Ip 2007 . Passe Clean 1.6 by FRUiT , procédure 1 . Redémarre le pc . Passe BlacklLight et poste le rapport: http://www.f-secure.com/blacklight/ Lien vers le commentaire Partager sur d’autres sites More sharing options...
gotier50 Posté(e) le 26 avril 2007 Partager Posté(e) le 26 avril 2007 Voila pour moi,merci d'avance.ciao Logfile of HijackThis v1.99.1 Scan saved at 16:06:22, on 26/04/2007 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:\windows\System32\smss.exe C:\windows\system32\csrss.exe C:\windows\system32\winlogon.exe C:\windows\system32\services.exe C:\windows\system32\lsass.exe C:\windows\system32\svchost.exe C:\windows\system32\svchost.exe C:\windows\System32\svchost.exe C:\windows\system32\svchost.exe C:\windows\system32\svchost.exe C:\windows\Explorer.EXE C:\windows\system32\spoolsv.exe C:\windows\RTHDCPL.EXE C:\Program Files\Alwil Software\Avast4\ashDisp.exe C:\windows\system32\RunDLL32.exe C:\windows\lclock.exe C:\Program Files\SuperCopier2\SuperCopier2.exe C:\Program Files\Logitech\SetPoint\SetPoint.exe C:\WINDOWS\BricoPacks\Vista Inspirat\ObjectDock\ObjectDock.exe C:\windows\system32\svchost.exe C:\windows\system32\netdde.exe C:\Program Files\Fichiers communs\Logitech\KHAL\KHALMNPR.EXE C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe C:\Program Files\Alwil Software\Avast4\ashServ.exe C:\Prog\BlueSoleil\BTNtService.exe C:\windows\system32\svchost.exe C:\windows\system32\cisvc.exe C:\windows\system32\clipsrv.exe C:\WINDOWS\system32\imapi.exe C:\windows\system32\nvsvc32.exe C:\WINDOWS\system32\HPZipm12.exe C:\windows\system32\svchost.exe C:\WINDOWS\system32\tlntsvr.exe C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe C:\Program Files\Alwil Software\Avast4\ashWebSv.exe C:\windows\System32\alg.exe C:\Program Files\MSN Messenger\msnmsgr.exe C:\Program Files\MSN Messenger\usnsvc.exe C:\Prog\Hijackthis Version Française\VERSION TRADUITE ORIGINALE.EXE R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.fr/ie R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.google.fr R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.winlsd.org R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.fr/ie R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://www.google.fr/keyword/%s R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file) O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE O4 - HKLM\..\Run: [Logitech Hardware Abstraction Layer] KHALMNPR.EXE O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [avast!] "C:\Program Files\Alwil Software\Avast4\ashDisp.exe" O4 - HKLM\..\Run: [NvMediaCenter] RunDLL32.exe NvMCTray.dll,NvTaskbarInit O4 - HKCU\..\Run: [LClock] lclock.exe O4 - HKCU\..\Run: [superCopier2.exe] C:\Program Files\SuperCopier2\SuperCopier2.exe O4 - Startup: Stardock ObjectDock.lnk = C:\WINDOWS\BricoPacks\Vista Inspirat\ObjectDock\ObjectDock.exe O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (Installation Support) - C:\Program Files\Yahoo!\Common\Yinsthelper.dll O16 - DPF: {5C051655-FCD5-4969-9182-770EA5AA5565} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/Solit...wn.cab56986.cab O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.cab O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab31267.cab O16 - DPF: {97E71027-0BA2-44F2-97DB-F84D808ED0B6} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab55762.cab O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://messenger.zone.msn.com/binary/ZIntro.cab55579.cab O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab56907.cab O16 - DPF: {F6BF0D00-0B2A-4A75-BF7B-F385591623AF} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/Solit...wn.cab31267.cab O17 - HKLM\System\CCS\Services\Tcpip\..\{D30564FB-2AF4-4FA3-913D-CC3AEB7E0D59}: NameServer = 192.168.1.1 O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSN Messenger\msgrapp.8.1.0178.00.dll O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSN Messenger\msgrapp.8.1.0178.00.dll O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashServ.exe O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing) O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing) O23 - Service: BlueSoleil Hid Service - Unknown owner - C:\Prog\BlueSoleil\BTNtService.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\windows\system32\nvsvc32.exe O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe O23 - Service: SF FrontLine Drivers Auto Removal (v1) (sfrem01) - Protection Technology (StarForce) - C:\windows\system32\sfrem01.exe O23 - Service: TuneUp WinStyler Theme Service (TUWinStylerThemeSvc) - TuneUp Software GmbH - C:\Prog\TuneUp Utilities 2006\WinStylerThemeSvc.exe Lien vers le commentaire Partager sur d’autres sites More sharing options...
harold50 Posté(e) le 27 avril 2007 Partager Posté(e) le 27 avril 2007 Salut Snooky voilà le log que tu m'avais demandé pour mon IE qui se relançais tout le temps. Logfile of HijackThis v1.99.1 Scan saved at 20:03:10, on 26/04/2007 Platform: Unknown Windows (WinNT 6.00.1904) MSIE: Internet Explorer v7.00 (7.00.6000.16386) Running processes: C:\Windows\system32\taskeng.exe C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Program Files\Windows Defender\MSASCui.exe C:\Program Files\Synaptics\SynTP\SynTPEnh.exe C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe C:\Program Files\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe C:\Program Files\Java\jre1.6.0\bin\jusched.exe C:\Program Files\Alwil Software\Avast4\ashDisp.exe C:\Program Files\Microsoft IntelliPoint\ipoint.exe C:\Windows\System32\WDBtnMgr.exe C:\Windows\system32\wbem\unsecapp.exe C:\Program Files\Picasa2\PicasaMediaDetector.exe C:\Program Files\Western Digital Technologies\Spindown\ExSpinDn.exe C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe C:\Windows\ehome\ehtray.exe C:\Program Files\Windows Media Player\wmpnscfg.exe C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe C:\Windows\System32\rundll32.exe C:\Windows\ehome\ehmsas.exe C:\PROGRA~1\HEWLET~1\Shared\HPQTOA~1.EXE C:\Program Files\MSN Messenger\msnmsgr.exe C:\Program Files\Google\Google Desktop Search\GoogleDesktopIndex.exe C:\Program Files\Google\Google Desktop Search\GoogleDesktopCrawl.exe C:\Program Files\Internet Explorer\IEUser.exe C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLLoginProxy.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Windows\system32\Macromed\Flash\FlashUtil9b.exe C:\Users\Harold\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\WMAYF0DT\fsbl[1].exe C:\Program Files\Hijackthis Version Française\VERSION TRADUITE ORIGINALE.EXE R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://g.msn.fr/0SEFRFR/SAOS01?FORM=TOOLBR R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://g.msn.fr/0SEFRFR/SAOS01?FORM=TOOLBR R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.fr/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&a...n&pf=laptop R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.hp.com/svs/rdr?TYPE=3&a...n&pf=laptop R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://g.msn.fr/0SEFRFR/SAOS01?FORM=TOOLBR R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = proxy.intranet.int:3128 R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file) O1 - Hosts: ::1 localhost O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\PROGRA~1\Skype\Phone\IEPlugin\SKYPEI~1.DLL O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0\bin\ssv.dll O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file) O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide O4 - HKLM\..\Run: [synTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe O4 - HKLM\..\Run: [QlbCtrl] %ProgramFiles%\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start O4 - HKLM\..\Run: [HP Health Check Scheduler] C:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe O4 - HKLM\..\Run: [WAWifiMessage] %ProgramFiles%\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe O4 - HKLM\..\Run: [hpWirelessAssistant] %ProgramFiles%\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0\bin\jusched.exe" O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe O4 - HKLM\..\Run: [NvSvc] RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [intelliPoint] "C:\Program Files\Microsoft IntelliPoint\ipoint.exe" O4 - HKLM\..\Run: [WD Button Manager] WDBtnMgr.exe O4 - HKLM\..\Run: [Picasa Media Detector] C:\Program Files\Picasa2\PicasaMediaDetector.exe O4 - HKLM\..\Run: [WD Spindown Utility] "C:\Program Files\Western Digital Technologies\Spindown\ExSpinDn.exe" O4 - HKLM\..\Run: [PCSuiteTrayApplication] C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe -startup O4 - HKLM\..\Run: [EPSON Stylus DX4800 Series] C:\Windows\system32\spool\DRIVERS\W32X86\3\E_FATIADE.EXE /F "C:\Windows\TEMP\E_SAB9A.tmp" /EF "HKLM" O4 - HKLM\..\Run: [EPSON Stylus DX4800 Series (Copie 1)] C:\Windows\system32\spool\DRIVERS\W32X86\3\E_FATIADE.EXE /F "C:\Windows\TEMP\E_S3CB2.tmp" /EF "HKLM" O4 - HKLM\..\RunOnce: [Launcher] %WINDIR%\SMINST\launcher.exe O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe O4 - HKCU\..\Run: [iSUSPM Startup] C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\isuspm.exe -startup O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe O4 - HKCU\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000 O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0\bin\ssv.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0\bin\ssv.dll O9 - Extra button: Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll O9 - Extra 'Tools' menuitem: &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\PROGRA~1\Skype\Phone\IEPlugin\SKYPEI~1.DLL O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL O10 - Unknown file in Winsock LSP: c:\windows\system32\nlaapi.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\napinsp.dll O11 - Options group: [iNTERNATIONAL] International* O13 - Gopher Prefix: O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://messenger.zone.msn.com/binary/ZIntro.cab56649.cab O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab56907.cab O16 - DPF: {E6187999-9FEC-46A1-A20F-F4CA977D5643} (ZoneChess Object) - http://messenger.zone.msn.com/binary/Chess.cab57176.cab O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O18 - Protocol: ms-help - {314111C7-A502-11D2-BBCA-00C04F8EC294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL O18 - Filter hijack: text/xml - {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL O23 - Service: AddFiltr - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\AddFiltr.exe O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing) O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing) O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Unknown owner - c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe" /h ccCommon (file missing) O23 - Service: @%SystemRoot%\ehome\ehstart.dll,-101 (ehstart) - Unknown owner - %windir%\system32\svchost.exe (file missing) O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: HP Health Check Service - Hewlett-Packard - C:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Roxio\Roxio MyDVD Basic v9\InstallShield\Driver\1050\Intel 32\IDriverT.exe O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe O23 - Service: @%SystemRoot%\system32\qwave.dll,-1 (QWAVE) - Unknown owner - %windir%\system32\svchost.exe (file missing) O23 - Service: RoxMediaDB9 - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe O23 - Service: @%SystemRoot%\system32\seclogon.dll,-7001 (seclogon) - Unknown owner - %windir%\system32\svchost.exe (file missing) O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe O23 - Service: stllssvr - MicroVision Development, Inc. - C:\Program Files\Common Files\SureThing Shared\stllssvr.exe O23 - Service: @%ProgramFiles%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - %ProgramFiles%\Windows Media Player\wmpnetwk.exe (file missing) O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe voila le rapport. je supprime quoi? Lien vers le commentaire Partager sur d’autres sites More sharing options...
snooky Posté(e) le 27 avril 2007 Auteur Partager Posté(e) le 27 avril 2007 @ harold50 : Coche et fixe ces lignes : O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide O4 - HKLM\..\Run: [HP Health Check Scheduler] C:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0\bin\jusched.exe" O4 - HKLM\..\Run: [NvSvc] RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\RunOnce: [Launcher] %WINDIR%\SMINST\launcher.exe O4 - HKCU\..\Run: [iSUSPM Startup] C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\isuspm.exe -startup O4 - HKCU\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Unknown owner - c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe" /h ccCommon (file missing) services.msc dans Exécuter et arrête ce service : Symantec Lic NetConnect service Passe ce remover Symantec : ftp://ftp.symantec.com/public/english_us_...emoval_Tool.exe Passe SmitfraudFix et poste le rapport créé . Lien vers le commentaire Partager sur d’autres sites More sharing options...
Messages recommandés
Archivé
Ce sujet est désormais archivé et ne peut plus recevoir de nouvelles réponses.