Aller au contenu

kdance

Membres
  • Compteur de contenus

    27
  • Inscription

  • Dernière visite

Réputation sur la communauté

0 Neutral

À propos de kdance

  • Rang
    Member

Contact Methods

  • Website URL
    http://
  • ICQ
    0

Profile Information

  • Sexe
    Male

Autres informations

  • Mes langues
    français et allemand
  1. Bonjour, Depuis quelques jours ma souris ne réagit plus à toutes les sollicitations. Elle bloque, elle repart, ne réagit pas toujours à un clic et à moins que je ne me trompe, j'ai l'impression que cela commence après avoir lancé une première fois mon navigateur (FireFox ou IE c'est pareil) Je suppose donc une infection par malware et je poste en conséquence le log de HJ ci-dessous : Logfile of HijackThis v1.99.1 Scan saved at 16:11:25, on 15/02/2007 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16414) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Windows Defender\MsMpEng.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Hijackthis Version Française\VERSION TRADUITE ORIGINALE.EXE R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: Alcohol Toolbar Helper - {52D06F97-5511-43FA-8FDA-C481864FD26E} - C:\Program Files\Alcohol Toolbar\v3.2.0.0\Alcohol_Toolbar.dll O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file) O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O3 - Toolbar: Alcohol Toolbar - {4C4E7CDB-5BFC-4D74-83E2-8AE659B7EDA2} - C:\Program Files\Alcohol Toolbar\v3.2.0.0\Alcohol_Toolbar.dll O4 - HKLM\..\Run: [LVCOMS] C:\Program Files\Fichiers communs\Logitech\QCDriver3\LVCOMS.EXE O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [Tweak UI] RUNDLL32.EXE TWEAKUI.CPL,TweakMeUp O4 - HKLM\..\Run: [LogitechGalleryRepair] C:\Program Files\Logitech\ImageStudio\ISStart.exe O4 - HKLM\..\Run: [Volkey] C:\Documents and Settings\Standard\Mes documents\Ma musique\Volkey\Volkey.exe O4 - HKLM\..\Run: [LogitechImageStudioTray] C:\Program Files\Logitech\ImageStudio\LogiTray.exe O4 - HKLM\..\Run: [WINDVDPatch] CTHELPER.EXE O4 - HKLM\..\Run: [updReg] C:\WINDOWS\UpdReg.EXE O4 - HKLM\..\Run: [Jet Detection] "C:\Program Files\Creative\SBLive\PROGRAM\ADGJDet.exe" O4 - HKLM\..\Run: [intelliPoint] "C:\Program Files\Microsoft IntelliPoint\ipoint.exe" O4 - HKLM\..\Run: [Windows Defender] "C:\Program Files\Windows Defender\MSASCui.exe" -hide O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k O4 - HKLM\..\Run: [bDMCon] "C:\Program Files\Softwin\BitDefender10\bdmcon.exe" /reg O4 - HKLM\..\Run: [bDAgent] "C:\Program Files\Softwin\BitDefender10\bdagent.exe" O4 - HKCU\..\Run: [TClockEx] C:\Program Files\TClockEx\TCLOCKEX.EXE O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background O4 - HKCU\..\Run: [skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - Global Startup: Alarm Manager.LNK = C:\Program Files\Palm\AlarmApp.exe O4 - Global Startup: DataViz Inc Messenger.lnk = C:\Program Files\Common Files\DataViz\DvzIncMsgr.exe O4 - Global Startup: PC-80 Software Synthesizer.LNK = C:\Program Files\EDIROL\PC-80 Software Synthesizer\PC-80Synth.exe O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\ADOBE\Acrobat 7.0\Reader\reader_sl.exe O8 - Extra context menu item: &Add animation to IncrediMail Style Box - C:\PROGRA~1\INCRED~1\bin\resources\WebMenuImg.htm O8 - Extra context menu item: &Google Search - res://c:\program files\google\GoogleToolbar2.dll/cmsearch.html O8 - Extra context menu item: Pages liées - res://c:\program files\google\GoogleToolbar2.dll/cmbacklinks.html O8 - Extra context menu item: Pages similaires - res://c:\program files\google\GoogleToolbar2.dll/cmsimilar.html O8 - Extra context menu item: Version de la page actuelle disponible dans le cache Google - res://c:\program files\google\GoogleToolbar2.dll/cmcache.html O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O12 - Plugin for .mu3: C:\Program Files\Internet Explorer\Plugins\NPMyrMus.dll O12 - Plugin for .mus: C:\Program Files\Internet Explorer\Plugins\NPMyrMus.dll O12 - Plugin for .mut: C:\Program Files\Internet Explorer\Plugins\NPMyrMus.dll O12 - Plugin for .myr: C:\Program Files\Internet Explorer\Plugins\NPMyrMus.dll O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204 O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/2003120...all/xscan53.cab O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shoc...ash/swflash.cab O17 - HKLM\System\CCS\Services\Tcpip\..\{EA3312A0-537B-4FB5-8D3A-0A70BB71EAF5}: NameServer = 80.10.246.2,80.10.246.129 O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL O20 - Winlogon Notify: ComPlusSetup - C:\WINDOWS\System32\catsrvut.dll O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe O23 - Service: Adobe Active File Monitor V4 (AdobeActiveFileMonitor4.0) - Unknown owner - C:\Program Files\Adobe\Photoshop Elements 4.0\PhotoshopElementsFileAgent.exe O23 - Service: BitDefender Scan Server (bdss) - Unknown owner - C:\Program Files\Fichiers communs\Softwin\BitDefender Scan Server\bdss.exe" /service (file missing) O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido anti-malware\ewidoctrl.exe O23 - Service: GhostStartService - Symantec Corporation - C:\PROGRA~1\Symantec\NORTON~1\GHOSTS~2.EXE O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: Iomega App Services - Iomega Corporation - C:\PROGRA~1\Iomega\System32\AppServices.exe O23 - Service: BitDefender Desktop Update Service (LIVESRV) - Unknown owner - C:\Program Files\Fichiers communs\Softwin\BitDefender Update Service\livesrv.exe" /service (file missing) O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe O23 - Service: StarWind iSCSI Service (StarWindService) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 52\StarWind\StarWindService.exe O23 - Service: BitDefender Virus Shield (VSSERV) - Unknown owner - C:\Program Files\Softwin\BitDefender10\vsserv.exe" /service (file missing) O23 - Service: Service de lancement de WlanCfg (Wlancfg) - Inventel - C:\Program Files\Inventel\Gateway\wlancfg.exe O23 - Service: BitDefender Communicator (XCOMM) - Unknown owner - C:\Program Files\Fichiers communs\Softwin\BitDefender Communicator\xcommsvr.exe" /service (file missing) Merci de bien vouloir en faire l'analyse
  2. kdance

    souris instable

    bonsoir, merci pour les réponses mais la solution était toute simple mais je n'y ai pas pensé de suite. Il s'agissait du tapis de souris qui était réfléchissant et qui provoquait donc un curseur volage. Donc pb réglé.
  3. kdance

    souris instable

    bonjour, depuis que je suis connecté avec la livebox en wifi j'ai le curseur de la souris qui disparait et après avoir bougé la souris une dizaine de fois le curseur réapparaît et ceci dans n'importe quelle appli. J'ai supprimé le driver (intellipoint) pour ma souris sans fil et j'ai réinstallé la dernière version du driver. Rien n'y fait c'est toujours pareil. Quelle est la manip à faire pour remédier (probablement un conflit) à cet inconvénient ? merci beaucoup
  4. kdance

    media player classic

    Salut à tous, Je ne vois qu'une solution au pb. Télécharge le fichier : media-player-classic_media_player_classic_6.4.9.0b_xp_.exe_francais_11019.exe puis remplace le dossier "media player classic" dans program Files\K-Lite Codec Pack\ par celui que tu as téléchargé. En ce qui concerne les icônes des fichiers, il y aura peut-être lieu de les modifier (explorer - outils - option des dossiers) Bonne continuation
  5. Salut charles ingals, Avec toutes ces recommandations, je suis sur le chemin du "pro" Je ne manquerais pas de les mettre en application et c'est sur que je surferai sur le site pour glaner de "linstruction". Merci de tout coeur.
  6. Salut charles ingals, Ouf, ça va bien mieux maintenant. Un grand merci à toi notamment, qui t'es occupé de mon pb., mais également à S. Birkoff ainsi qu'à tous les autres qui se dévouent et mettent leur compétence au service des personnes qui, comme moi, en ont bien besoin. Toute petite question encore. FireFox met plus lontemps à démarrer que IE alors qu'au début (lorsque j'ai installé FireFox) c'était l'inverse. Mais bon, ce n'est pas bien méchant. Je peux attendre sereinement l'arrivée de Vista (avec son lot de bugs). Bonne continuation
  7. Salut charles ingals et salut S. Birkoff, Alors là, avec toute cette aide, mon ordi va de nouveau ronronner. Actuellement, j'ai l'impression qu'il a une meilleure santé si ce n'est comme je l'avais que lors d'un redémarrage en "mode sans échec" j'avais l'impression que j'avais droit à un plantage total. Bon, j'ai nettoyé avec CCleaner et j'ai fais un nouveau HJT. Je pense, comme tu me l'avais proposé, charles ingals, il y aurait lieu à fixer quelques 04 et autres. merci à tous les deux. Logfile of HijackThis v1.99.1 Scan saved at 23:08:25, on 06/03/2006 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Adobe\Photoshop Elements 4.0\PhotoshopElementsFileAgent.exe C:\Program Files\ewido anti-malware\ewidoctrl.exe C:\PROGRA~1\Symantec\NORTON~1\GHOSTS~2.EXE C:\PROGRA~1\Iomega\System32\AppServices.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Fichiers communs\Softwin\BitDefender Communicator\xcommsvr.exe C:\Program Files\Fichiers communs\Logitech\QCDriver3\LVCOMS.EXE C:\Program Files\ADSL Autoconnect\ADSL Autoconnect.exe C:\PROGRA~1\WANADOO\CnxMon.exe C:\PROGRA~1\WANADOO\TaskbarIcon.exe C:\WINDOWS\system32\devldr32.exe C:\Program Files\Microsoft AntiSpyware\gcasServ.exe C:\Program Files\Softwin\BitDefender8\bdoesrv.exe C:\PROGRA~1\Softwin\BITDEF~1\bdnagent.exe C:\Program Files\Softwin\BitDefender8\bdswitch.exe C:\Program Files\Adobe\Photoshop Elements 4.0\apdproxy.exe C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe C:\Program Files\Copernic Desktop Search\CopernicDesktopSearch.exe C:\Program Files\MSN Messenger\msnmsgr.exe C:\Program Files\ADSL Autoconnect\ADSL Autoconnect.exe C:\Program Files\Skype\Phone\Skype.exe C:\Program Files\Palm\AlarmApp.exe C:\Program Files\Logitech\SetPoint\KEM.exe C:\Program Files\Common Files\DataViz\DvzIncMsgr.exe C:\Program Files\Windows Media Components\encoder\Wmencagt.exe C:\Program Files\Palm\HOTSYNC.EXE C:\Program Files\Microsoft AntiSpyware\gcasDtServ.exe C:\Program Files\Logitech\SetPoint\KHALMNPR.EXE C:\Program Files\Fichiers communs\Softwin\BitDefender Scan Server\bdss.exe C:\Program Files\Softwin\BitDefender8\vsserv.exe c:\progra~1\softwin\bitdef~1\bdmcon.exe C:\Program Files\Hijackthis Version Française\VERSION TRADUITE ORIGINALE.EXE R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = +s R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.wanadoo.fr/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = +s R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.wanadoo.fr/ R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Wanadoo R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\PROGRA~1\WANADOO\SEARCH~1.DLL F2 - REG:system.ini: UserInit=userinit.exe, O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll O3 - Toolbar: Copernic Desktop Search - {C5F7A735-70F1-477F-8C36-6FF3C736017B} - C:\Program Files\Copernic Desktop Search\CopernicDesktopSearchIntegration910.dll O4 - HKLM\..\Run: [LVCOMS] C:\Program Files\Fichiers communs\Logitech\QCDriver3\LVCOMS.EXE O4 - HKLM\..\Run: [CloneCDElbyCDFL] "C:\Program Files\Elaborate Bytes\CloneCD\ElbyCheck.exe" /L ElbyCDFL O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [Tweak UI] RUNDLL32.EXE TWEAKUI.CPL,TweakMeUp O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\system32\NeroCheck.exe O4 - HKLM\..\Run: [LogitechGalleryRepair] C:\Program Files\Logitech\ImageStudio\ISStart.exe O4 - HKLM\..\Run: [LogitechImageStudioTray] C:\Program Files\Logitech\ImageStudio\LogiTray.exe O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKLM\..\Run: [iomega Automatic Backup 1.0.1] C:\Program Files\Iomega\Iomega Automatic Backup\ibackup.exe O4 - HKLM\..\Run: [WooCnxMon] C:\PROGRA~1\WANADOO\CnxMon.exe O4 - HKLM\..\Run: [WOOWATCH] C:\PROGRA~1\WANADOO\Watch.exe O4 - HKLM\..\Run: [WOOTASKBARICON] C:\PROGRA~1\WANADOO\TaskbarIcon.exe O4 - HKLM\..\Run: [gcasServ] "C:\Program Files\Microsoft AntiSpyware\gcasServ.exe" O4 - HKLM\..\Run: [bDMCon] C:\PROGRA~1\Softwin\BITDEF~1\bdmcon.exe O4 - HKLM\..\Run: [bDOESRV] C:\Program Files\Softwin\BitDefender8\\bdoesrv.exe O4 - HKLM\..\Run: [bDNewsAgent] "c:\progra~1\softwin\bitdef~1\bdnagent.exe" O4 - HKLM\..\Run: [bDSwitchAgent] C:\Program Files\Softwin\BitDefender8\\bdswitch.exe O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Elements 4.0\apdproxy.exe" O4 - HKLM\..\Run: [sunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe O4 - HKCU\..\Run: [Copernic Desktop Search] "C:\Program Files\Copernic Desktop Search\CopernicDesktopSearch.exe" /tray O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background O4 - HKCU\..\Run: [TClockEx] C:\Program Files\TClockEx\TCLOCKEX.EXE O4 - HKCU\..\Run: [skwatAutoconnect] C:\Program Files\ADSL Autoconnect\ADSL Autoconnect.exe O4 - HKCU\..\Run: [skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized O4 - Startup: HotSync Manager.lnk = C:\Program Files\Palm\HOTSYNC.EXE O4 - Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Fichiers communs\ADOBE\Calibration\Adobe Gamma Loader.exe O4 - Startup: PowerReg Scheduler V3.exe O4 - Global Startup: Alarm Manager.LNK = C:\Program Files\Palm\AlarmApp.exe O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE O4 - Global Startup: Adobe Gamma Loader.lnk = ? O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\KEM.exe O4 - Global Startup: DataViz Inc Messenger.lnk = C:\Program Files\Common Files\DataViz\DvzIncMsgr.exe O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\ADOBE\Acrobat 7.0\Reader\reader_sl.exe O4 - Global Startup: Encoder Agent.lnk = C:\Program Files\Windows Media Components\encoder\WMENCAGT.EXE O8 - Extra context menu item: &Add animation to IncrediMail Style Box - C:\PROGRA~1\INCRED~1\bin\resources\WebMenuImg.htm O8 - Extra context menu item: &Google Search - res://c:\program files\google\GoogleToolbar2.dll/cmsearch.html O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office10\EXCEL.EXE/3000 O8 - Extra context menu item: Pages liées - res://c:\program files\google\GoogleToolbar2.dll/cmbacklinks.html O8 - Extra context menu item: Pages similaires - res://c:\program files\google\GoogleToolbar2.dll/cmsimilar.html O8 - Extra context menu item: Version de la page actuelle disponible dans le cache Google - res://c:\program files\google\GoogleToolbar2.dll/cmcache.html O9 - Extra button: Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\system32\msjava.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\system32\msjava.dll O12 - Plugin for .mu3: C:\Program Files\Internet Explorer\Plugins\NPMyrMus.dll O12 - Plugin for .mus: C:\Program Files\Internet Explorer\Plugins\NPMyrMus.dll O12 - Plugin for .mut: C:\Program Files\Internet Explorer\Plugins\NPMyrMus.dll O12 - Plugin for .myr: C:\Program Files\Internet Explorer\Plugins\NPMyrMus.dll O16 - DPF: {0A5FD7C5-A45C-49FC-ADB5-9952547D5715} (Creative Software AutoUpdate) - http://www.creative.com/su/ocx/15009/CTSUEng.cab O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204 O16 - DPF: {2359626E-7524-4F87-B04E-22CD38A0C88C} (ICSScannerLight Class) - http://download.zonelabs.com/bin/free/cm/ICSCM.cab O16 - DPF: {68C1822F-F5C7-4404-A73F-03C10E0E94DA} (telechargement-photoweb) - http://www3.photoweb.fr/telechargement/Photoweb_uploader.cab O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/2003120....com/housecall/ xscan53.cab O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab O16 - DPF: {A7E092C3-692A-11D0-A7E5-08002B322F3B} (WebResponseAttachments Control) - https://webresponse.one.microsoft.com/oas/A...eX/FileXfer.cab O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMesse...pDownloader.cab O16 - DPF: {F58E1CEF-A068-4C15-BA5E-587CAF3EE8C6} (MSN Chat Control 4.5) - http://fdl.msn.com/public/chat/msnchat45.cab O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} (Creative Software AutoUpdate Support Package) - http://www.creative.com/su/ocx/15010/CTPID.cab O17 - HKLM\System\CCS\Services\Tcpip\..\{6330025B-F01F-4275-83EF-C575C0F04 C1C}: NameServer = 80.10.246.130 80.10.246.3 O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing) O20 - AppInit_DLLs: sockspy.dll sockspy.dll sockspy.dll sockspy.dll sockspy.dll sockspy.dll sockspy.dll sockspy.dll sockspy.dll sockspy.dll sockspy.dll sockspy.dll sockspy.dll sockspy.dll sockspy.dll sockspy.dll sockspy.dll sockspy.dll sockspy.dll O20 - Winlogon Notify: ComPlusSetup - C:\WINDOWS\System32\catsrvut.dll O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe O23 - Service: Adobe Active File Monitor V4 (AdobeActiveFileMonitor4.0) - Unknown owner - C:\Program Files\Adobe\Photoshop Elements 4.0\PhotoshopElementsFileAgent.exe O23 - Service: ADSLAutoconnect - Unknown owner - C:\Program Files\ADSL Autoconnect\ADSL Autoconnect.exe" -z (file missing) O23 - Service: BitDefender Scan Server (bdss) - Unknown owner - C:\Program Files\Fichiers communs\Softwin\BitDefender Scan Server\bdss.exe" /service (file missing) O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido anti-malware\ewidoctrl.exe O23 - Service: GhostStartService - Symantec Corporation - C:\PROGRA~1\Symantec\NORTON~1\GHOSTS~2.EXE O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: Iomega App Services - Iomega Corporation - C:\PROGRA~1\Iomega\System32\AppServices.exe O23 - Service: Norman API-hooking helper (NipSvc) - Unknown owner - C:\NORMAN\Nvc\BIN\nipsvc.exe (file missing) O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe O23 - Service: BitDefender Virus Shield (VSSERV) - Unknown owner - C:\Program Files\Softwin\BitDefender8\vsserv.exe" /service (file missing) O23 - Service: BitDefender Communicator (XCOMM) - Unknown owner - C:\Program Files\Fichiers communs\Softwin\BitDefender Communicator\xcommsvr.exe" /service (file missing) Bonne soirée à tous deux.
  8. Bonsoir charles ingals, Ce fut long, mais mon ordi met 20 à 25 minutes pour démarrer en "mode sans échec" que ce soit par F8 ou en modifiant le boot ini (safe). Bon, voici les 2 rapports : Incident Statut Analyse Spyware:Cookie/Xiti No Désinfecté C:\RECYCLED\Dc11.txt Adware:Adware/CWS.008k No Désinfecté C:\Documents and Settings\Standard\Local Settings\Temporary Internet Files\Content.IE5\O1U385EF\AppWrap[8].exe Spyware:Cookie/Doubleclick No Désinfecté C:\Documents and Settings\Standard\Application Data\Mozilla\Firefox\Profiles\snvjqwqs.default\cookies.txt[] ____________________________________________ AboutBuster 6.0 Scan started on [06/03/2006] at [17:47:31] ------------------------------------------------------------- Internet Explorer Instances Terminated! HomeSearch Service stopped if present ------------------------------------------------------------- Streams(ADS) not scanned: System not NTFS ------------------------------------------------------------- No Files Found! ------------------------------------------------------------- Scan was COMPLETED SUCCESSFULLY at 17:52:35
  9. Bonjour charles ingals, comme dans une pub : "quand il n'y en a plus, il y en a encore". Question naïve : mon antivirus "BitDefender pro" est-il moins bon que d'autres ? ou est-ce les virus qui sont meilleurs ? En tout cas, je suis partant pour fixer qq. "04" et autres qui ralentissent effectivement mon ordi. Voici le rapport de scan de Panda : Incident Statut Analyse Dialer:Dialer.FFT No Désinfecté C:\WINDOWS\adiras.exe Adware:Adware/404Search No Désinfecté C:\WINDOWS\INF\gsim.inf Virus:Trj/Qhost.Y Désinfecté C:\WINDOWS\SYSTEM32\DRIVERS\etc\hosts.20050205-154345.backup Virus:Trj/Qhost.Y Désinfecté C:\WINDOWS\SYSTEM32\DRIVERS\etc\hosts.20050205-190905.backup Virus:Trj/Qhost.Y Désinfecté C:\WINDOWS\SYSTEM32\DRIVERS\etc\hosts.20050202-232004.backup Virus:Trj/Qhost.Y Désinfecté C:\WINDOWS\SYSTEM32\DRIVERS\etc\hosts.20050202-232005.backup Virus:Trj/Qhost.Y Désinfecté C:\WINDOWS\SYSTEM32\DRIVERS\etc\hosts.20050203-011054.backup Virus:Trj/Qhost.Y Désinfecté C:\WINDOWS\SYSTEM32\DRIVERS\etc\hosts.20050203-011055.backup Virus:Trj/Qhost.Y Désinfecté C:\WINDOWS\SYSTEM32\DRIVERS\etc\hosts.20050203-153847.backup Dialer:Dialer.Gen No Désinfecté C:\WINDOWS\SYSTEM32\HornyCam_fr-uninstall.exe Dialer:Dialer.Gen No Désinfecté C:\WINDOWS\SYSTEM32\XXXNow_fr-uninstall.exe Adware:adware/powersearch No Désinfecté C:\WINDOWS\SYSTEM32\stlb2.xml Adware:Adware/CWS.008k No Désinfecté C:\WINDOWS\icont.exe Adware:Adware/CWS.008k No Désinfecté C:\Documents and Settings\Standard\Local Settings\Temporary Internet Files\Content.IE5\O1U385EF\AppWrap[8].exe Adware:Adware/Lop No Désinfecté C:\Documents and Settings\Standard\Mes documents\1. Informatique\Utilitaires\Internet\Barre d'outils\toolbar_uninstall.exe Spyware:Cookie/Xiti No Désinfecté C:\Documents and Settings\Standard\Cookies\[email protected][1].txt Spyware:Cookie/Xiti No Désinfecté C:\Documents and Settings\Standard\Application Data\Mozilla\Firefox\Profiles\snvjqwqs.default\cookies.txt[] Adware:Adware/Lop No Désinfecté D:\1. Informatique\Utilitaires\Internet\Barre d'outils\toolbar_uninstall.exe Merci beaucoup.
  10. Bonsoir charles ingals, n'ayant pas eu de réponse à mon post ci-dessus, je viens par ce message demander si le pb est grave ne serait-ce que pour me faire une oppinion de l'état de mon ordi. merci de me rassurer.
  11. Bonjour charles ingals, Voici les rapports HJT et du scan d'Ewido. Je tiens à signaler que lors de la suppression des fichiers par EasyCleaner, les 3 fichiers suivants n'ont pû être supprimer : C:\Windows\Local Settings\Temporary Internet Files\Content.IE5\index.dat C:\Windows\Local Settings\Temporary Internet Files\Content.IE5 C:\Windows\Local Settings\Temp\Perflib_Perfdata_424.dat Tout cela fait beaucoup de choses à vérifier et un "merci" de plus ne peut être superflu. Donc, un grand merci. _______________________________ Logfile of HijackThis v1.99.1 Scan saved at 16:45:00, on 04/03/2006 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Adobe\Photoshop Elements 4.0\PhotoshopElementsFileAgent.exe C:\Program Files\ewido anti-malware\ewidoctrl.exe C:\PROGRA~1\Symantec\NORTON~1\GHOSTS~2.EXE C:\PROGRA~1\Iomega\System32\AppServices.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Fichiers communs\Softwin\BitDefender Communicator\xcommsvr.exe C:\Program Files\Fichiers communs\Softwin\BitDefender Scan Server\bdss.exe C:\Program Files\Fichiers communs\Logitech\QCDriver3\LVCOMS.EXE C:\PROGRA~1\WANADOO\CnxMon.exe C:\Program Files\ADSL Autoconnect\ADSL Autoconnect.exe C:\PROGRA~1\WANADOO\TaskbarIcon.exe C:\Program Files\Microsoft AntiSpyware\gcasServ.exe C:\PROGRA~1\Softwin\BITDEF~1\bdmcon.exe C:\Program Files\Softwin\BitDefender8\bdoesrv.exe C:\PROGRA~1\Softwin\BITDEF~1\bdnagent.exe C:\Program Files\Softwin\BitDefender8\bdswitch.exe C:\WINDOWS\system32\devldr32.exe C:\Program Files\Adobe\Photoshop Elements 4.0\apdproxy.exe C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe C:\Program Files\Microsoft AntiSpyware\gcasDtServ.exe C:\Program Files\Softwin\BitDefender8\vsserv.exe C:\Program Files\Copernic Desktop Search\CopernicDesktopSearch.exe C:\WINDOWS\system32\wuauclt.exe C:\Program Files\MSN Messenger\msnmsgr.exe C:\Program Files\ADSL Autoconnect\ADSL Autoconnect.exe C:\Program Files\Skype\Phone\Skype.exe C:\Program Files\Palm\AlarmApp.exe C:\Program Files\Windows Media Components\encoder\Wmencagt.exe C:\Program Files\Logitech\SetPoint\KEM.exe C:\Program Files\Common Files\DataViz\DvzIncMsgr.exe C:\Program Files\ADOBE\Acrobat 7.0\Reader\reader_sl.exe C:\Program Files\Palm\HOTSYNC.EXE C:\Program Files\Logitech\SetPoint\KHALMNPR.EXE C:\Program Files\United Devices\UD.EXE C:\Program Files\Hijackthis Version Française\VERSION TRADUITE ORIGINALE.EXE R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = +s R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.wanadoo.fr/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = +s R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.wanadoo.fr/ R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Wanadoo R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\PROGRA~1\WANADOO\SEARCH~1.DLL F2 - REG:system.ini: UserInit=userinit.exe, O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll O3 - Toolbar: Copernic Desktop Search - {C5F7A735-70F1-477F-8C36-6FF3C736017B} - C:\Program Files\Copernic Desktop Search\CopernicDesktopSearchIntegration910.dll O4 - HKLM\..\Run: [LVCOMS] C:\Program Files\Fichiers communs\Logitech\QCDriver3\LVCOMS.EXE O4 - HKLM\..\Run: [CloneCDElbyCDFL] "C:\Program Files\Elaborate Bytes\CloneCD\ElbyCheck.exe" /L ElbyCDFL O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [Tweak UI] RUNDLL32.EXE TWEAKUI.CPL,TweakMeUp O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\system32\NeroCheck.exe O4 - HKLM\..\Run: [LogitechGalleryRepair] C:\Program Files\Logitech\ImageStudio\ISStart.exe O4 - HKLM\..\Run: [LogitechImageStudioTray] C:\Program Files\Logitech\ImageStudio\LogiTray.exe O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKLM\..\Run: [iomega Automatic Backup 1.0.1] C:\Program Files\Iomega\Iomega Automatic Backup\ibackup.exe O4 - HKLM\..\Run: [WooCnxMon] C:\PROGRA~1\WANADOO\CnxMon.exe O4 - HKLM\..\Run: [WOOWATCH] C:\PROGRA~1\WANADOO\Watch.exe O4 - HKLM\..\Run: [WOOTASKBARICON] C:\PROGRA~1\WANADOO\TaskbarIcon.exe O4 - HKLM\..\Run: [gcasServ] "C:\Program Files\Microsoft AntiSpyware\gcasServ.exe" O4 - HKLM\..\Run: [bDMCon] C:\PROGRA~1\Softwin\BITDEF~1\bdmcon.exe O4 - HKLM\..\Run: [bDOESRV] C:\Program Files\Softwin\BitDefender8\\bdoesrv.exe O4 - HKLM\..\Run: [bDNewsAgent] "C:\PROGRA~1\Softwin\BITDEF~1\bdnagent.exe" O4 - HKLM\..\Run: [bDSwitchAgent] C:\Program Files\Softwin\BitDefender8\\bdswitch.exe O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Elements 4.0\apdproxy.exe" O4 - HKLM\..\Run: [sunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe O4 - HKCU\..\Run: [Copernic Desktop Search] "C:\Program Files\Copernic Desktop Search\CopernicDesktopSearch.exe" /tray O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background O4 - HKCU\..\Run: [TClockEx] C:\Program Files\TClockEx\TCLOCKEX.EXE O4 - HKCU\..\Run: [skwatAutoconnect] C:\Program Files\ADSL Autoconnect\ADSL Autoconnect.exe O4 - HKCU\..\Run: [skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized O4 - Startup: HotSync Manager.lnk = C:\Program Files\Palm\HOTSYNC.EXE O4 - Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Fichiers communs\ADOBE\Calibration\Adobe Gamma Loader.exe O4 - Startup: UD Agent.lnk = C:\Program Files\United Devices\UD.EXE O4 - Startup: PowerReg Scheduler V3.exe O4 - Global Startup: Alarm Manager.LNK = C:\Program Files\Palm\AlarmApp.exe O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE O4 - Global Startup: Adobe Gamma Loader.lnk = ? O4 - Global Startup: Palm Desktop.lnk = ? O4 - Global Startup: Encoder Agent.lnk = C:\Program Files\Windows Media Components\encoder\WMENCAGT.EXE O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\KEM.exe O4 - Global Startup: DataViz Inc Messenger.lnk = C:\Program Files\Common Files\DataViz\DvzIncMsgr.exe O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\ADOBE\Acrobat 7.0\Reader\reader_sl.exe O8 - Extra context menu item: &Add animation to IncrediMail Style Box - C:\PROGRA~1\INCRED~1\bin\resources\WebMenuImg.htm O8 - Extra context menu item: &Google Search - res://c:\program files\google\GoogleToolbar2.dll/cmsearch.html O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office10\EXCEL.EXE/3000 O8 - Extra context menu item: Pages liées - res://c:\program files\google\GoogleToolbar2.dll/cmbacklinks.html O8 - Extra context menu item: Pages similaires - res://c:\program files\google\GoogleToolbar2.dll/cmsimilar.html O8 - Extra context menu item: Version de la page actuelle disponible dans le cache Google - res://c:\program files\google\GoogleToolbar2.dll/cmcache.html O9 - Extra button: Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\system32\msjava.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\system32\msjava.dll O12 - Plugin for .mu3: C:\Program Files\Internet Explorer\Plugins\NPMyrMus.dll O12 - Plugin for .mus: C:\Program Files\Internet Explorer\Plugins\NPMyrMus.dll O12 - Plugin for .mut: C:\Program Files\Internet Explorer\Plugins\NPMyrMus.dll O12 - Plugin for .myr: C:\Program Files\Internet Explorer\Plugins\NPMyrMus.dll O16 - DPF: {0A5FD7C5-A45C-49FC-ADB5-9952547D5715} (Creative Software AutoUpdate) - http://www.creative.com/su/ocx/15009/CTSUEng.cab O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204 O16 - DPF: {2359626E-7524-4F87-B04E-22CD38A0C88C} (ICSScannerLight Class) - http://download.zonelabs.com/bin/free/cm/ICSCM.cab O16 - DPF: {68C1822F-F5C7-4404-A73F-03C10E0E94DA} (telechargement-photoweb) - http://www3.photoweb.fr/telechargement/Photoweb_uploader.cab O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/2003120...all/xscan53.cab O16 - DPF: {A7E092C3-692A-11D0-A7E5-08002B322F3B} (WebResponseAttachments Control) - https://webresponse.one.microsoft.com/oas/A...eX/FileXfer.cab O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMesse...pDownloader.cab O16 - DPF: {F58E1CEF-A068-4C15-BA5E-587CAF3EE8C6} (MSN Chat Control 4.5) - http://fdl.msn.com/public/chat/msnchat45.cab O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} (Creative Software AutoUpdate Support Package) - http://www.creative.com/su/ocx/15010/CTPID.cab O17 - HKLM\System\CCS\Services\Tcpip\..\{6330025B-F01F-4275-83EF-C575C0F04C1C}: NameServer = 80.10.246.130 80.10.246.3 O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing) O20 - AppInit_DLLs: sockspy.dll sockspy.dll sockspy.dll sockspy.dll sockspy.dll sockspy.dll sockspy.dll sockspy.dll sockspy.dll sockspy.dll sockspy.dll sockspy.dll sockspy.dll sockspy.dll sockspy.dll sockspy.dll sockspy.dll sockspy.dll sockspy.dll O20 - Winlogon Notify: ComPlusSetup - C:\WINDOWS\System32\catsrvut.dll O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe O23 - Service: Adobe Active File Monitor V4 (AdobeActiveFileMonitor4.0) - Unknown owner - C:\Program Files\Adobe\Photoshop Elements 4.0\PhotoshopElementsFileAgent.exe O23 - Service: ADSLAutoconnect - Unknown owner - C:\Program Files\ADSL Autoconnect\ADSL Autoconnect.exe" -z (file missing) O23 - Service: BitDefender Scan Server (bdss) - Unknown owner - C:\Program Files\Fichiers communs\Softwin\BitDefender Scan Server\bdss.exe" /service (file missing) O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido anti-malware\ewidoctrl.exe O23 - Service: GhostStartService - Symantec Corporation - C:\PROGRA~1\Symantec\NORTON~1\GHOSTS~2.EXE O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: Iomega App Services - Iomega Corporation - C:\PROGRA~1\Iomega\System32\AppServices.exe O23 - Service: Norman API-hooking helper (NipSvc) - Unknown owner - C:\NORMAN\Nvc\BIN\nipsvc.exe (file missing) O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe O23 - Service: BitDefender Virus Shield (VSSERV) - Unknown owner - C:\Program Files\Softwin\BitDefender8\vsserv.exe" /service (file missing) O23 - Service: BitDefender Communicator (XCOMM) - Unknown owner - C:\Program Files\Fichiers communs\Softwin\BitDefender Communicator\xcommsvr.exe" /service (file missing) _____________________________________ --------------------------------------------------------- ewido anti-malware - Rapport de scan --------------------------------------------------------- + Créé le: 16:25:11, 04/03/2006 + Somme de contrôle: 8B79DD8E + Résultats du scan: C:\Program Files\SnadBoy Software\Revelation\Revelation.exe -> Not-A-Virus.PSWTool.Win32.SnadBoy.11 : Nettoyer et sauvegarder C:\Documents and Settings\Standard\Mes documents\1. Informatique\Utilitaires\SCAN\Anti-scanneur\attacker.exe -> Not-A-Virus.DoS.Win32.Ataker.a : Nettoyer et sauvegarder C:\Documents and Settings\Standard\Mes documents\1. Informatique\Utilitaires\SCAN\Anti-scanneur\attacker.zip/attacker.exe -> Not-A-Virus.DoS.Win32.Ataker.a : Nettoyer et sauvegarder :mozilla.9:C:\Documents and Settings\Standard\Application Data\Mozilla\Firefox\Profiles\snvjqwqs.default\cookies.txt -> TrackingCookie.Doubleclick : Nettoyer et sauvegarder :mozilla.24:C:\Documents and Settings\Standard\Application Data\Mozilla\Firefox\Profiles\snvjqwqs.default\cookies.txt -> TrackingCookie.Falkag : Nettoyer et sauvegarder :mozilla.25:C:\Documents and Settings\Standard\Application Data\Mozilla\Firefox\Profiles\snvjqwqs.default\cookies.txt -> TrackingCookie.Falkag : Nettoyer et sauvegarder :mozilla.26:C:\Documents and Settings\Standard\Application Data\Mozilla\Firefox\Profiles\snvjqwqs.default\cookies.txt -> TrackingCookie.Falkag : Nettoyer et sauvegarder :mozilla.27:C:\Documents and Settings\Standard\Application Data\Mozilla\Firefox\Profiles\snvjqwqs.default\cookies.txt -> TrackingCookie.Falkag : Nettoyer et sauvegarder :mozilla.28:C:\Documents and Settings\Standard\Application Data\Mozilla\Firefox\Profiles\snvjqwqs.default\cookies.txt -> TrackingCookie.Falkag : Nettoyer et sauvegarder :mozilla.33:C:\Documents and Settings\Standard\Application Data\Mozilla\Firefox\Profiles\snvjqwqs.default\cookies.txt -> TrackingCookie.Smartadserver : Nettoyer et sauvegarder :mozilla.34:C:\Documents and Settings\Standard\Application Data\Mozilla\Firefox\Profiles\snvjqwqs.default\cookies.txt -> TrackingCookie.Smartadserver : Nettoyer et sauvegarder :mozilla.35:C:\Documents and Settings\Standard\Application Data\Mozilla\Firefox\Profiles\snvjqwqs.default\cookies.txt -> TrackingCookie.Smartadserver : Nettoyer et sauvegarder :mozilla.36:C:\Documents and Settings\Standard\Application Data\Mozilla\Firefox\Profiles\snvjqwqs.default\cookies.txt -> TrackingCookie.Weborama : Nettoyer et sauvegarder :mozilla.37:C:\Documents and Settings\Standard\Application Data\Mozilla\Firefox\Profiles\snvjqwqs.default\cookies.txt -> TrackingCookie.Weborama : Nettoyer et sauvegarder :mozilla.44:C:\Documents and Settings\Standard\Application Data\Mozilla\Firefox\Profiles\snvjqwqs.default\cookies.txt -> TrackingCookie.Bluestreak : Nettoyer et sauvegarder :mozilla.50:C:\Documents and Settings\Standard\Application Data\Mozilla\Firefox\Profiles\snvjqwqs.default\cookies.txt -> TrackingCookie.Com : Nettoyer et sauvegarder :mozilla.51:C:\Documents and Settings\Standard\Application Data\Mozilla\Firefox\Profiles\snvjqwqs.default\cookies.txt -> TrackingCookie.Com : Nettoyer et sauvegarder :mozilla.53:C:\Documents and Settings\Standard\Application Data\Mozilla\Firefox\Profiles\snvjqwqs.default\cookies.txt -> TrackingCookie.Atdmt : Nettoyer et sauvegarder :mozilla.57:C:\Documents and Settings\Standard\Application Data\Mozilla\Firefox\Profiles\snvjqwqs.default\cookies.txt -> TrackingCookie.Advertising : Nettoyer et sauvegarder :mozilla.58:C:\Documents and Settings\Standard\Application Data\Mozilla\Firefox\Profiles\snvjqwqs.default\cookies.txt -> TrackingCookie.Webtrendslive : Nettoyer et sauvegarder :mozilla.59:C:\Documents and Settings\Standard\Application Data\Mozilla\Firefox\Profiles\snvjqwqs.default\cookies.txt -> TrackingCookie.Webtrendslive : Nettoyer et sauvegarder :mozilla.60:C:\Documents and Settings\Standard\Application Data\Mozilla\Firefox\Profiles\snvjqwqs.default\cookies.txt -> TrackingCookie.Webtrendslive : Nettoyer et sauvegarder :mozilla.61:C:\Documents and Settings\Standard\Application Data\Mozilla\Firefox\Profiles\snvjqwqs.default\cookies.txt -> TrackingCookie.Webtrendslive : Nettoyer et sauvegarder :mozilla.62:C:\Documents and Settings\Standard\Application Data\Mozilla\Firefox\Profiles\snvjqwqs.default\cookies.txt -> TrackingCookie.Webtrendslive : Nettoyer et sauvegarder :mozilla.63:C:\Documents and Settings\Standard\Application Data\Mozilla\Firefox\Profiles\snvjqwqs.default\cookies.txt -> TrackingCookie.Webtrendslive : Nettoyer et sauvegarder :mozilla.65:C:\Documents and Settings\Standard\Application Data\Mozilla\Firefox\Profiles\snvjqwqs.default\cookies.txt -> TrackingCookie.Statcounter : Nettoyer et sauvegarder :mozilla.66:C:\Documents and Settings\Standard\Application Data\Mozilla\Firefox\Profiles\snvjqwqs.default\cookies.txt -> TrackingCookie.Statcounter : Nettoyer et sauvegarder :mozilla.67:C:\Documents and Settings\Standard\Application Data\Mozilla\Firefox\Profiles\snvjqwqs.default\cookies.txt -> TrackingCookie.Tribalfusion : Nettoyer et sauvegarder :mozilla.70:C:\Documents and Settings\Standard\Application Data\Mozilla\Firefox\Profiles\snvjqwqs.default\cookies.txt -> TrackingCookie.Mediaplex : Nettoyer et sauvegarder :mozilla.80:C:\Documents and Settings\Standard\Application Data\Mozilla\Firefox\Profiles\snvjqwqs.default\cookies.txt -> TrackingCookie.Estat : Nettoyer et sauvegarder :mozilla.84:C:\Documents and Settings\Standard\Application Data\Mozilla\Firefox\Profiles\snvjqwqs.default\cookies.txt -> TrackingCookie.247realmedia : Nettoyer et sauvegarder C:\System Volume Information\_restore{41027108-98BC-434E-9C74-734087CCAAEF}\RP368\A0062467.exe -> Dialer.Generic : Nettoyer et sauvegarder D:\System Volume Information\_restore{41027108-98BC-434E-9C74-734087CCAAEF}\RP376\A0065727.exe -> Not-A-Virus.DoS.Win32.Ataker.a : Nettoyer et sauvegarder ::Fin du rapport
  12. Bonsoir charles ingals, Ce fut long, mais j'ai suivi tes recommandations. Encore merci. Je vais me dépécher de poster le log, car j'étais en train de le poster lorsque mon ordi a fait un redémarrage tout seul. Apparemment ça va. Voici donc le log HJT après éradication de 9 "bestioles" par Antivir. Logfile of HijackThis v1.99.1 Scan saved at 22:57:27, on 03/03/2006 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Adobe\Photoshop Elements 4.0\PhotoshopElementsFileAgent.exe C:\PROGRA~1\Symantec\NORTON~1\GHOSTS~2.EXE C:\PROGRA~1\Iomega\System32\AppServices.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Fichiers communs\Softwin\BitDefender Communicator\xcommsvr.exe C:\Program Files\Fichiers communs\Softwin\BitDefender Scan Server\bdss.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Softwin\BitDefender8\vsserv.exe C:\Program Files\ADSL Autoconnect\ADSL Autoconnect.exe C:\Program Files\Fichiers communs\Logitech\QCDriver3\LVCOMS.EXE C:\WINDOWS\system32\devldr32.exe C:\PROGRA~1\WANADOO\CnxMon.exe C:\PROGRA~1\WANADOO\TaskbarIcon.exe C:\Program Files\Microsoft AntiSpyware\gcasServ.exe C:\PROGRA~1\Softwin\BITDEF~1\bdmcon.exe C:\PROGRA~1\Softwin\BITDEF~1\bdnagent.exe C:\Program Files\Softwin\BitDefender8\bdoesrv.exe C:\Program Files\Softwin\BitDefender8\bdswitch.exe C:\Program Files\Adobe\Photoshop Elements 4.0\apdproxy.exe C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe C:\WINDOWS\System32\shellexpi.exe C:\Program Files\Copernic Desktop Search\CopernicDesktopSearch.exe C:\Program Files\MSN Messenger\msnmsgr.exe C:\Program Files\ADSL Autoconnect\ADSL Autoconnect.exe C:\Program Files\Skype\Phone\Skype.exe C:\Program Files\Microsoft AntiSpyware\gcasDtServ.exe C:\Program Files\Palm\AlarmApp.exe C:\WINDOWS\system32\wuauclt.exe C:\Program Files\Windows Media Components\encoder\Wmencagt.exe C:\Program Files\Logitech\SetPoint\KEM.exe C:\Program Files\Common Files\DataViz\DvzIncMsgr.exe C:\Program Files\ADOBE\Acrobat 7.0\Reader\reader_sl.exe C:\Program Files\Palm\HOTSYNC.EXE C:\Program Files\Microsoft Office\Office\1036\OLFSNT40.EXE C:\Program Files\Logitech\SetPoint\KHALMNPR.EXE C:\Program Files\Hijackthis Version Française\VERSION TRADUITE ORIGINALE.EXE R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = +s R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.wanadoo.fr/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = +s R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.wanadoo.fr/ R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Wanadoo R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\PROGRA~1\WANADOO\SEARCH~1.DLL F2 - REG:system.ini: UserInit=userinit.exe, O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll O3 - Toolbar: Copernic Desktop Search - {C5F7A735-70F1-477F-8C36-6FF3C736017B} - C:\Program Files\Copernic Desktop Search\CopernicDesktopSearchIntegration910.dll O4 - HKLM\..\Run: [LVCOMS] C:\Program Files\Fichiers communs\Logitech\QCDriver3\LVCOMS.EXE O4 - HKLM\..\Run: [CloneCDElbyCDFL] "C:\Program Files\Elaborate Bytes\CloneCD\ElbyCheck.exe" /L ElbyCDFL O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [Tweak UI] RUNDLL32.EXE TWEAKUI.CPL,TweakMeUp O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\system32\NeroCheck.exe O4 - HKLM\..\Run: [LogitechGalleryRepair] C:\Program Files\Logitech\ImageStudio\ISStart.exe O4 - HKLM\..\Run: [LogitechImageStudioTray] C:\Program Files\Logitech\ImageStudio\LogiTray.exe O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKLM\..\Run: [iomega Automatic Backup 1.0.1] C:\Program Files\Iomega\Iomega Automatic Backup\ibackup.exe O4 - HKLM\..\Run: [WooCnxMon] C:\PROGRA~1\WANADOO\CnxMon.exe O4 - HKLM\..\Run: [WOOWATCH] C:\PROGRA~1\WANADOO\Watch.exe O4 - HKLM\..\Run: [WOOTASKBARICON] C:\PROGRA~1\WANADOO\TaskbarIcon.exe O4 - HKLM\..\Run: [gcasServ] "C:\Program Files\Microsoft AntiSpyware\gcasServ.exe" O4 - HKLM\..\Run: [bDMCon] C:\PROGRA~1\Softwin\BITDEF~1\bdmcon.exe O4 - HKLM\..\Run: [bDOESRV] C:\Program Files\Softwin\BitDefender8\\bdoesrv.exe O4 - HKLM\..\Run: [bDNewsAgent] "C:\PROGRA~1\Softwin\BITDEF~1\bdnagent.exe" O4 - HKLM\..\Run: [bDSwitchAgent] C:\Program Files\Softwin\BitDefender8\\bdswitch.exe O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Elements 4.0\apdproxy.exe" O4 - HKLM\..\Run: [sunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe O4 - HKCU\..\Run: [Explorer] C:\WINDOWS\System32\shellexpi.exe en O4 - HKCU\..\Run: [Copernic Desktop Search] "C:\Program Files\Copernic Desktop Search\CopernicDesktopSearch.exe" /tray O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background O4 - HKCU\..\Run: [TClockEx] C:\Program Files\TClockEx\TCLOCKEX.EXE O4 - HKCU\..\Run: [skwatAutoconnect] C:\Program Files\ADSL Autoconnect\ADSL Autoconnect.exe O4 - HKCU\..\Run: [skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized O4 - Startup: HotSync Manager.lnk = C:\Program Files\Palm\HOTSYNC.EXE O4 - Startup: Symantec Fax Starter Edition Port.lnk = C:\Program Files\Microsoft Office\Office\1036\OLFSNT40.EXE O4 - Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE O4 - Startup: TribalWeb.net.lnk = ? O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Fichiers communs\ADOBE\Calibration\Adobe Gamma Loader.exe O4 - Startup: UD Agent.lnk = C:\Program Files\United Devices\UD.EXE O4 - Startup: PowerReg Scheduler V3.exe O4 - Global Startup: Alarm Manager.LNK = C:\Program Files\Palm\AlarmApp.exe O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE O4 - Global Startup: Adobe Gamma Loader.lnk = ? O4 - Global Startup: Palm Desktop.lnk = ? O4 - Global Startup: Encoder Agent.lnk = C:\Program Files\Windows Media Components\encoder\WMENCAGT.EXE O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\KEM.exe O4 - Global Startup: DataViz Inc Messenger.lnk = C:\Program Files\Common Files\DataViz\DvzIncMsgr.exe O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\ADOBE\Acrobat 7.0\Reader\reader_sl.exe O8 - Extra context menu item: &Add animation to IncrediMail Style Box - C:\PROGRA~1\INCRED~1\bin\resources\WebMenuImg.htm O8 - Extra context menu item: &Google Search - res://c:\program files\google\GoogleToolbar2.dll/cmsearch.html O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office10\EXCEL.EXE/3000 O8 - Extra context menu item: Pages liées - res://c:\program files\google\GoogleToolbar2.dll/cmbacklinks.html O8 - Extra context menu item: Pages similaires - res://c:\program files\google\GoogleToolbar2.dll/cmsimilar.html O8 - Extra context menu item: Version de la page actuelle disponible dans le cache Google - res://c:\program files\google\GoogleToolbar2.dll/cmcache.html O9 - Extra button: Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\system32\msjava.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\system32\msjava.dll O12 - Plugin for .mu3: C:\Program Files\Internet Explorer\Plugins\NPMyrMus.dll O12 - Plugin for .mus: C:\Program Files\Internet Explorer\Plugins\NPMyrMus.dll O12 - Plugin for .mut: C:\Program Files\Internet Explorer\Plugins\NPMyrMus.dll O12 - Plugin for .myr: C:\Program Files\Internet Explorer\Plugins\NPMyrMus.dll O16 - DPF: {0A5FD7C5-A45C-49FC-ADB5-9952547D5715} (Creative Software AutoUpdate) - http://www.creative.com/su/ocx/15009/CTSUEng.cab O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204 O16 - DPF: {2359626E-7524-4F87-B04E-22CD38A0C88C} (ICSScannerLight Class) - http://download.zonelabs.com/bin/free/cm/ICSCM.cab O16 - DPF: {68C1822F-F5C7-4404-A73F-03C10E0E94DA} (telechargement-photoweb) - http://www3.photoweb.fr/telechargement/Photoweb_uploader.cab O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/2003120...all/xscan53.cab O16 - DPF: {A7E092C3-692A-11D0-A7E5-08002B322F3B} (WebResponseAttachments Control) - https://webresponse.one.microsoft.com/oas/A...eX/FileXfer.cab O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMesse...pDownloader.cab O16 - DPF: {F58E1CEF-A068-4C15-BA5E-587CAF3EE8C6} (MSN Chat Control 4.5) - http://fdl.msn.com/public/chat/msnchat45.cab O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} (Creative Software AutoUpdate Support Package) - http://www.creative.com/su/ocx/15010/CTPID.cab O17 - HKLM\System\CCS\Services\Tcpip\..\{6330025B-F01F-4275-83EF-C575C0F04C1C}: NameServer = 80.10.246.1 80.10.246.132 O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing) O20 - AppInit_DLLs: sockspy.dll sockspy.dll sockspy.dll sockspy.dll sockspy.dll sockspy.dll sockspy.dll sockspy.dll sockspy.dll sockspy.dll sockspy.dll sockspy.dll sockspy.dll sockspy.dll sockspy.dll sockspy.dll sockspy.dll sockspy.dll sockspy.dll O20 - Winlogon Notify: ComPlusSetup - C:\WINDOWS\System32\catsrvut.dll O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe O23 - Service: Adobe Active File Monitor V4 (AdobeActiveFileMonitor4.0) - Unknown owner - C:\Program Files\Adobe\Photoshop Elements 4.0\PhotoshopElementsFileAgent.exe O23 - Service: ADSLAutoconnect - Unknown owner - C:\Program Files\ADSL Autoconnect\ADSL Autoconnect.exe" -z (file missing) O23 - Service: BitDefender Scan Server (bdss) - Unknown owner - C:\Program Files\Fichiers communs\Softwin\BitDefender Scan Server\bdss.exe" /service (file missing) O23 - Service: GhostStartService - Symantec Corporation - C:\PROGRA~1\Symantec\NORTON~1\GHOSTS~2.EXE O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: Iomega App Services - Iomega Corporation - C:\PROGRA~1\Iomega\System32\AppServices.exe O23 - Service: Norman API-hooking helper (NipSvc) - Unknown owner - C:\NORMAN\Nvc\BIN\nipsvc.exe (file missing) O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe O23 - Service: BitDefender Virus Shield (VSSERV) - Unknown owner - C:\Program Files\Softwin\BitDefender8\vsserv.exe" /service (file missing) O23 - Service: BitDefender Communicator (XCOMM) - Unknown owner - C:\Program Files\Fichiers communs\Softwin\BitDefender Communicator\xcommsvr.exe" /service (file missing)
  13. Bonjour ipl_001, bonjour à tous ces bons samaritains, Tout d'abord merci pour la réponse mais je pense que mon post n'était pas assez explicite. Autant pour moi. Ce qui m'intrigue c'est pourqoi, en supprimant "04 - Startup: PowerReg Scheduler V3.exe" que tout le monde dit être un Trojan, ma navigation internet est altérée. Lorsque j'ai restauré XP, donc réinstallation de "PowerReg Scheduler", tout fonctionne de nouveau. En d'autres termes qu'est-ce que PowerReg Scheduler ? Par ailleurs, sans trop vouloir abuser des uns et des autres, quelqu'un pourrait-il me dire que supprimer d'emblée dans le log ci-dessous : Logfile of HijackThis v1.99.1 Scan saved at 14:24:56, on 02/03/2006 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Adobe\Photoshop Elements 4.0\PhotoshopElementsFileAgent.exe C:\PROGRA~1\Symantec\NORTON~1\GHOSTS~2.EXE C:\PROGRA~1\Iomega\System32\AppServices.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Fichiers communs\Softwin\BitDefender Communicator\xcommsvr.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Fichiers communs\Softwin\BitDefender Scan Server\bdss.exe C:\Program Files\ADSL Autoconnect\ADSL Autoconnect.exe C:\Program Files\Softwin\BitDefender8\vsserv.exe C:\Program Files\Fichiers communs\Logitech\QCDriver3\LVCOMS.EXE C:\WINDOWS\system32\devldr32.exe C:\PROGRA~1\WANADOO\CnxMon.exe C:\PROGRA~1\WANADOO\TaskbarIcon.exe C:\Program Files\Microsoft AntiSpyware\gcasServ.exe C:\PROGRA~1\Softwin\BITDEF~1\bdmcon.exe C:\Program Files\Softwin\BitDefender8\bdoesrv.exe C:\progra~1\softwin\bitdef~1\bdnagent.exe C:\Program Files\Softwin\BitDefender8\bdswitch.exe C:\Program Files\Adobe\Photoshop Elements 4.0\apdproxy.exe C:\Program Files\Musicmatch\Musicmatch Jukebox\mmtask.exe C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe C:\Program Files\Microsoft AntiSpyware\gcasDtServ.exe C:\WINDOWS\System32\shellexpi.exe C:\Program Files\Copernic Desktop Search\CopernicDesktopSearch.exe C:\Program Files\MSN Messenger\msnmsgr.exe C:\Program Files\ADSL Autoconnect\ADSL Autoconnect.exe C:\Program Files\Skype\Phone\Skype.exe C:\Program Files\Palm\AlarmApp.exe C:\Program Files\Windows Media Components\encoder\Wmencagt.exe C:\Program Files\Logitech\SetPoint\KEM.exe C:\Program Files\Common Files\DataViz\DvzIncMsgr.exe C:\Program Files\Palm\HOTSYNC.EXE C:\Program Files\Microsoft Office\Office\1036\OLFSNT40.EXE C:\PROGRA~1\TRIBAL~1.NET\tribalweb.exe C:\Program Files\Logitech\SetPoint\KHALMNPR.EXE C:\Program Files\United Devices\UD.EXE C:\Program Files\United Devices\ud_7657531.exe C:\Program Files\United Devices\ud_7657531_0.dir\WCGrid_Rosetta.exe C:\Program Files\Hijackthis Version Française\VERSION TRADUITE ORIGINALE.EXE R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = +s R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.wanadoo.fr/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = +s R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.wanadoo.fr/ R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Wanadoo R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\PROGRA~1\WANADOO\SEARCH~1.DLL F2 - REG:system.ini: UserInit=userinit.exe, O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll O3 - Toolbar: Copernic Desktop Search - {C5F7A735-70F1-477F-8C36-6FF3C736017B} - C:\Program Files\Copernic Desktop Search\CopernicDesktopSearchIntegration910.dll O4 - HKLM\..\Run: [LVCOMS] C:\Program Files\Fichiers communs\Logitech\QCDriver3\LVCOMS.EXE O4 - HKLM\..\Run: [CloneCDElbyCDFL] "C:\Program Files\Elaborate Bytes\CloneCD\ElbyCheck.exe" /L ElbyCDFL O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [Tweak UI] RUNDLL32.EXE TWEAKUI.CPL,TweakMeUp O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\system32\NeroCheck.exe O4 - HKLM\..\Run: [LogitechGalleryRepair] C:\Program Files\Logitech\ImageStudio\ISStart.exe O4 - HKLM\..\Run: [LogitechImageStudioTray] C:\Program Files\Logitech\ImageStudio\LogiTray.exe O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKLM\..\Run: [iomega Automatic Backup 1.0.1] C:\Program Files\Iomega\Iomega Automatic Backup\ibackup.exe O4 - HKLM\..\Run: [WooCnxMon] C:\PROGRA~1\WANADOO\CnxMon.exe O4 - HKLM\..\Run: [WOOWATCH] C:\PROGRA~1\WANADOO\Watch.exe O4 - HKLM\..\Run: [WOOTASKBARICON] C:\PROGRA~1\WANADOO\TaskbarIcon.exe O4 - HKLM\..\Run: [gcasServ] "C:\Program Files\Microsoft AntiSpyware\gcasServ.exe" O4 - HKLM\..\Run: [bDMCon] C:\PROGRA~1\Softwin\BITDEF~1\bdmcon.exe O4 - HKLM\..\Run: [bDOESRV] C:\Program Files\Softwin\BitDefender8\\bdoesrv.exe O4 - HKLM\..\Run: [bDNewsAgent] "C:\PROGRA~1\Softwin\BITDEF~1\bdnagent.exe" O4 - HKLM\..\Run: [bDSwitchAgent] C:\Program Files\Softwin\BitDefender8\\bdswitch.exe O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Elements 4.0\apdproxy.exe" O4 - HKLM\..\Run: [mmtask] "C:\Program Files\Musicmatch\Musicmatch Jukebox\mmtask.exe" O4 - HKLM\..\Run: [sunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe O4 - HKCU\..\Run: [Explorer] C:\WINDOWS\System32\shellexpi.exe en O4 - HKCU\..\Run: [Copernic Desktop Search] "C:\Program Files\Copernic Desktop Search\CopernicDesktopSearch.exe" /tray O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background O4 - HKCU\..\Run: [TClockEx] C:\Program Files\TClockEx\TCLOCKEX.EXE O4 - HKCU\..\Run: [skwatAutoconnect] C:\Program Files\ADSL Autoconnect\ADSL Autoconnect.exe O4 - HKCU\..\Run: [skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized O4 - Startup: HotSync Manager.lnk = C:\Program Files\Palm\HOTSYNC.EXE O4 - Startup: Symantec Fax Starter Edition Port.lnk = C:\Program Files\Microsoft Office\Office\1036\OLFSNT40.EXE O4 - Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE O4 - Startup: TribalWeb.net.lnk = ? O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Fichiers communs\ADOBE\Calibration\Adobe Gamma Loader.exe O4 - Startup: UD Agent.lnk = C:\Program Files\United Devices\UD.EXE O4 - Startup: PowerReg Scheduler V3.exe O4 - Global Startup: Alarm Manager.LNK = C:\Program Files\Palm\AlarmApp.exe O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE O4 - Global Startup: Adobe Gamma Loader.lnk = ? O4 - Global Startup: Palm Desktop.lnk = ? O4 - Global Startup: Encoder Agent.lnk = C:\Program Files\Windows Media Components\encoder\WMENCAGT.EXE O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\KEM.exe O4 - Global Startup: DataViz Inc Messenger.lnk = C:\Program Files\Common Files\DataViz\DvzIncMsgr.exe O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\ADOBE\Acrobat 7.0\Reader\reader_sl.exe O8 - Extra context menu item: &Add animation to IncrediMail Style Box - C:\PROGRA~1\INCRED~1\bin\resources\WebMenuImg.htm O8 - Extra context menu item: &Google Search - res://c:\program files\google\GoogleToolbar2.dll/cmsearch.html O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office10\EXCEL.EXE/3000 O8 - Extra context menu item: Pages liées - res://c:\program files\google\GoogleToolbar2.dll/cmbacklinks.html O8 - Extra context menu item: Pages similaires - res://c:\program files\google\GoogleToolbar2.dll/cmsimilar.html O8 - Extra context menu item: Version de la page actuelle disponible dans le cache Google - res://c:\program files\google\GoogleToolbar2.dll/cmcache.html O9 - Extra button: Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\system32\msjava.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\system32\msjava.dll O12 - Plugin for .mu3: C:\Program Files\Internet Explorer\Plugins\NPMyrMus.dll O12 - Plugin for .mus: C:\Program Files\Internet Explorer\Plugins\NPMyrMus.dll O12 - Plugin for .mut: C:\Program Files\Internet Explorer\Plugins\NPMyrMus.dll O12 - Plugin for .myr: C:\Program Files\Internet Explorer\Plugins\NPMyrMus.dll O16 - DPF: {0A5FD7C5-A45C-49FC-ADB5-9952547D5715} (Creative Software AutoUpdate) - http://www.creative.com/su/ocx/15009/CTSUEng.cab O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204 O16 - DPF: {2359626E-7524-4F87-B04E-22CD38A0C88C} (ICSScannerLight Class) - http://download.zonelabs.com/bin/free/cm/ICSCM.cab O16 - DPF: {68C1822F-F5C7-4404-A73F-03C10E0E94DA} (telechargement-photoweb) - http://www3.photoweb.fr/telechargement/Photoweb_uploader.cab O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/2003120...all/xscan53.cab O16 - DPF: {A7E092C3-692A-11D0-A7E5-08002B322F3B} (WebResponseAttachments Control) - https://webresponse.one.microsoft.com/oas/A...eX/FileXfer.cab O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMesse...pDownloader.cab O16 - DPF: {F58E1CEF-A068-4C15-BA5E-587CAF3EE8C6} (MSN Chat Control 4.5) - http://fdl.msn.com/public/chat/msnchat45.cab O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} (Creative Software AutoUpdate Support Package) - http://www.creative.com/su/ocx/15010/CTPID.cab O17 - HKLM\System\CCS\Services\Tcpip\..\{6330025B-F01F-4275-83EF-C575C0F04C1C}: NameServer = 80.10.246.1 80.10.246.132 O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing) O20 - AppInit_DLLs: sockspy.dll sockspy.dll sockspy.dll sockspy.dll sockspy.dll sockspy.dll sockspy.dll sockspy.dll sockspy.dll sockspy.dll sockspy.dll sockspy.dll sockspy.dll sockspy.dll sockspy.dll sockspy.dll sockspy.dll sockspy.dll sockspy.dll O20 - Winlogon Notify: ComPlusSetup - C:\WINDOWS\System32\catsrvut.dll O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe O23 - Service: Adobe Active File Monitor V4 (AdobeActiveFileMonitor4.0) - Unknown owner - C:\Program Files\Adobe\Photoshop Elements 4.0\PhotoshopElementsFileAgent.exe O23 - Service: ADSLAutoconnect - Unknown owner - C:\Program Files\ADSL Autoconnect\ADSL Autoconnect.exe" -z (file missing) O23 - Service: BitDefender Scan Server (bdss) - Unknown owner - C:\Program Files\Fichiers communs\Softwin\BitDefender Scan Server\bdss.exe" /service (file missing) O23 - Service: GhostStartService - Symantec Corporation - C:\PROGRA~1\Symantec\NORTON~1\GHOSTS~2.EXE O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: Iomega App Services - Iomega Corporation - C:\PROGRA~1\Iomega\System32\AppServices.exe O23 - Service: Norman API-hooking helper (NipSvc) - Unknown owner - C:\NORMAN\Nvc\BIN\nipsvc.exe (file missing) O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe O23 - Service: BitDefender Virus Shield (VSSERV) - Unknown owner - C:\Program Files\Softwin\BitDefender8\vsserv.exe" /service (file missing) O23 - Service: BitDefender Communicator (XCOMM) - Unknown owner - C:\Program Files\Fichiers communs\Softwin\BitDefender Communicator\xcommsvr.exe" /service (file missing) Merci beaucoup
  14. ---édition ipl_001 : ce message provient de la discussion "Rapport Hijackthis -> Optimisation système !" dans laquelle kdance avait posté. Bonjour, Je viens de prendre connaissance de cette discussion qui date de novembre 2005, mais ayant qq soucis lorsque je me connecte à Internet en lançant FireFox (alerte de Trojan mais bloqué par l'antivirus), j'ai lancé HJT et j'ai constaté la présence de "04-Startup: PowerReg Scheduler V3.exe". Sur ce j'ai fixé ce dernier et lorsque j'ai voulu me reconnecter à Internet, ma page d'accueil s'affiche et il ne m'est plus possible de naviguer ailleurs. J'ai tj le message Impossible d'afficher la page demandée, vérifier....etc. Par ailleurs, j'ai trouvé les explications de "tesgaz" hautement enrichissantes. J'ai moi-même une foule de processus et de 04 ou de 08 dans mon log et ma machine rame énormément. Comme j'ai eu le pb cité plus haut je n'ose pas m'avancer plus loin. C'est pourtant diablement tentant. Merci à tesgaz pour des encouragemets explicatifs éventuels.
  15. n'y aurait-il personne qui ai une idée, du moins de quoi me permettre de rechercher plus avant ? merci pour les réponses
×
×
  • Créer...