Aller au contenu

ctc94

Membres
 Afficher le profil  Afficher son activité

  • Compteur de contenus

    16

  • Inscription

  • Dernière visite

Autres informations

  • Mes langues
    Français, Anglais

ctc94's Achievements

Junior Member

Junior Member (3/12)

0

Réputation sur la communauté

  1. ctc94

    Plus de connexion web !!

    ctc94 a répondu à un(e) sujet de ctc94 dans Internet & Réseaux

    Bonsoir, Antivir, Spybot .. tout a déjà été fait. Par contre, je ne ping pas la freebox !!! Le plus étonnant, c'est que le CTRL-C ne me rend même pas la main. Que dois-je faire ?
  2. ctc94
    Bonjour, Suite à pas mal de manip (HijackThis, SmitfraudFix, Zone Alarm ...) pour corriger un problème de spyware, je n'ai plus de connexion internet, et ce quelque soit le soft avec lequel je cherche à y accéder. Je pense qu'il y a peu de temps, j'arrivais à surfer sur 3-4 pages avant d'avoir une erreur "serveur introuvable ...". Maintenant, c'est systématique, tout accès est impossible. J'ai vérifié les paramètres de Zone alarm, tout à l'air correct. Je ne sais plus où chercher. Si quelqu'un a une idée ?? Merci d'avance.
  3. ctc94
    OK, je vais regarder aujourd'hui. Merci pour ton aide. A+
  4. ctc94
    bonjour, Rien à signaler au niveau de Zone alarm. Je ne vois vraiment pas ce qui se passe. Si aucune solution n'est trouvée d'ici demain soir, je pense refaire le PC jeudi. Je n'en ai pas trop envie mais ça devient vraiment trop pénible de bosser sur ce portable qui n'avance plus !! Merci
  5. ctc94
    Oui, j'ai réessayé .. cela n'a rien amélioré !!
  6. ctc94
    "Serveur introuvable" avec Mozilla Firefox "Impossible d'afficher la page" avec IE "la tâche pop3.free.fr a signalé une erreur : impossible de trouver le serveur" avec Outlook
  7. ctc94
    Même chose : aucun accès internet http://forum.zebulon.fr/style_images/1/fol...icons/icon2.gif http://forum.zebulon.fr/style_images/1/fol...icons/icon2.gif
  8. ctc94
    Voici le rapport HijackThis en mode normal, après traitement de la ligne "020 - .. " en mode sans échec. Le point après tout cela : les pop-up liés au virus OHPE ont disparu (depuis pas mal de temps) mais je n'ai aucun lient avec l'internet (navigation, messagerie, freeplayer) ! Logfile of HijackThis v1.99.1 Scan saved at 11:16:26, on 03/07/2006 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\Explorer.EXE C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe C:\Program Files\NVIDIA Corporation\NvMixer\NVMixerTray.exe C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe C:\Program Files\Samsung\Samsung Media Studio\SamsungMediaStudioAgent.exe C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe C:\Program Files\AntiVir PersonalEdition Classic\avgnt.exe C:\Program Files\ewido anti-spyware 4.0\ewido.exe C:\Program Files\LaCie\Backup Software\LaCieBackup.exe C:\Program Files\MSN Messenger\MsnMsgr.Exe C:\Program Files\Messenger\msmsgs.exe C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpobnz08.exe C:\Palm\HOTSYNC.EXE C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpoevm08.exe C:\Program Files\AntiVir PersonalEdition Classic\sched.exe C:\Program Files\AntiVir PersonalEdition Classic\avguard.exe C:\Program Files\ewido anti-spyware 4.0\guard.exe C:\Program Files\FileZilla Server\FileZilla Server.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\acer\eRecovery\Monitor.exe C:\WINDOWS\system32\ZONELABS\vsmon.exe C:\Program Files\Hewlett-Packard\Digital Imaging\Bin\hpoSTS08.exe C:\WINDOWS\system32\wbem\wmiapsrv.exe C:\WINDOWS\system32\wuauclt.exe C:\Program Files\HijackThis\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll O3 - Toolbar: Barre d'outils MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Toolbar\01.01.2607.0\fr\msntb.dll O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O4 - HKLM\..\Run: [LaunchApp] Alaunch O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe" O4 - HKLM\..\Run: [iMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32 O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName O4 - HKLM\..\Run: [NVMixerTray] "C:\Program Files\NVIDIA Corporation\NvMixer\NVMixerTray.exe" O4 - HKLM\..\Run: [eRecoveryService] C:\Windows\System32\Check.exe O4 - HKLM\..\Run: [sunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe O4 - HKLM\..\Run: [YeppStudioAgent] C:\Program Files\Samsung\Samsung Media Studio\SamsungMediaStudioAgent.exe O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot O4 - HKLM\..\Run: [Zone Labs Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe" O4 - HKLM\..\Run: [FileZilla Server Interface] "C:\Program Files\FileZilla Server\FileZilla Server Interface.exe" O4 - HKLM\..\Run: [avgnt] "C:\Program Files\AntiVir PersonalEdition Classic\avgnt.exe" /min O4 - HKLM\..\Run: [!ewido] "C:\Program Files\ewido anti-spyware 4.0\ewido.exe" /minimized O4 - HKCU\..\Run: [LaCie Backup] C:\Program Files\LaCie\Backup Software\\LaCieBackup.exe /background O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background O4 - Startup: HotSync Manager.lnk = C:\Palm\HOTSYNC.EXE O4 - Global Startup: hpoddt01.exe.lnk = ? O4 - Global Startup: hp psc 2000 Series.lnk = C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpobnz08.exe O8 - Extra context menu item: &Traduire à partir de l'anglais - res://c:\program files\google\GoogleToolbar2.dll/cmwordtrans.html O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 O8 - Extra context menu item: Pages liées - res://c:\program files\google\GoogleToolbar2.dll/cmbacklinks.html O8 - Extra context menu item: Pages similaires - res://c:\program files\google\GoogleToolbar2.dll/cmsimilar.html O8 - Extra context menu item: Recherche &Google - res://c:\program files\google\GoogleToolbar2.dll/cmsearch.html O8 - Extra context menu item: Version de la page actuelle disponible dans le cache Google - res://c:\program files\google\GoogleToolbar2.dll/cmcache.html O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O16 - DPF: {A2505C6C-6F17-456F-89D2-4301FBDC6EC7} (Iewiper Control) - https://atome.lemonde.fr/nortel_cacheable/iewiper.cab O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing) O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\AntiVir PersonalEdition Classic\sched.exe O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - AVIRA GmbH - C:\Program Files\AntiVir PersonalEdition Classic\avguard.exe O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe O23 - Service: ewido anti-spyware 4.0 guard - Anti-Malware Development a.s. - C:\Program Files\ewido anti-spyware 4.0\guard.exe O23 - Service: FileZilla Server FTP server (FileZilla Server) - Unknown owner - C:\Program Files\FileZilla Server\FileZilla Server.exe O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZONELABS\vsmon.exe
  9. ctc94
    Bonjour, Voilà, c'est fait. 1 - SmartfraudFix, option 1 SmitFraudFix v2.66 Rapport fait à 9:20:12,68, 03/07/2006 Executé à partir de C:\Documents and Settings\Parents\Bureau\SmitfraudFix OS: Microsoft Windows XP [version 5.1.2600] - Windows_NT Fix executé en mode normal »»»»»»»»»»»»»»»»»»»»»»»» C:\ »»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS »»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system »»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\Web »»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system32 C:\WINDOWS\system32\dcomcfg.exe PRESENT ! C:\WINDOWS\system32\hp???.tmp PRESENT ! C:\WINDOWS\system32\hp????.tmp PRESENT ! C:\WINDOWS\system32\regperf.exe PRESENT ! C:\WINDOWS\system32\simpole.tlb PRESENT ! C:\WINDOWS\system32\stdole3.tlb PRESENT ! »»»»»»»»»»»»»»»»»»»»»»»» C:\Documents and Settings\Parents\Application Data »»»»»»»»»»»»»»»»»»»»»»»» Menu Démarrer »»»»»»»»»»»»»»»»»»»»»»»» C:\DOCUME~1\PARENTS\FAVORIS »»»»»»»»»»»»»»»»»»»»»»»» Bureau »»»»»»»»»»»»»»»»»»»»»»»» C:\Program Files »»»»»»»»»»»»»»»»»»»»»»»» Clés corrompues »»»»»»»»»»»»»»»»»»»»»»»» Eléments du bureau »»»»»»»»»»»»»»»»»»»»»»»» Sharedtaskscheduler !!!Attention, les clés qui suivent ne sont pas forcément infectées!!! SrchSTS.exe by S!Ri Search SharedTaskScheduler's .dll [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler] "{6af69c4d-420a-4c95-b34f-e4635f84f53b}"="forevouched" »»»»»»»»»»»»»»»»»»»»»»»» Recherche infection wininet.dll »»»»»»»»»»»»»»»»»»»»»»»» Fin 2 - SmartfraudFix, option 2, mode sans échec SmitFraudFix v2.66 Rapport fait à 9:22:02,54, 03/07/2006 Executé à partir de C:\Documents and Settings\Parents\Bureau\SmitfraudFix OS: Microsoft Windows XP [version 5.1.2600] - Windows_NT Fix executé en mode sans echec »»»»»»»»»»»»»»»»»»»»»»»» Avant SmitFraudFix !!!Attention, les clés qui suivent ne sont pas forcément infectées!!! SrchSTS.exe by S!Ri Search SharedTaskScheduler's .dll [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler] "{6af69c4d-420a-4c95-b34f-e4635f84f53b}"="forevouched" »»»»»»»»»»»»»»»»»»»»»»»» Arret des processus »»»»»»»»»»»»»»»»»»»»»»»» Generic Renos Fix GenericRenosFix by S!Ri »»»»»»»»»»»»»»»»»»»»»»»» Suppression des fichiers infectés C:\WINDOWS\system32\dcomcfg.exe supprimé C:\WINDOWS\system32\hp???.tmp supprimé C:\WINDOWS\system32\regperf.exe supprimé C:\WINDOWS\system32\simpole.tlb supprimé C:\WINDOWS\system32\stdole3.tlb supprimé »»»»»»»»»»»»»»»»»»»»»»»» Suppression Fichiers Temporaires »»»»»»»»»»»»»»»»»»»»»»»» Nettoyage du registre Nettoyage terminé. »»»»»»»»»»»»»»»»»»»»»»»» Après SmitFraudFix !!!Attention, les clés qui suivent ne sont pas forcément infectées!!! SrchSTS.exe by S!Ri Search SharedTaskScheduler's .dll »»»»»»»»»»»»»»»»»»»»»»»» Fin 3 - HijackThis Logfile of HijackThis v1.99.1 Scan saved at 09:24:34, on 03/07/2006 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\Explorer.EXE C:\Program Files\AntiVir PersonalEdition Classic\sched.exe C:\Program Files\AntiVir PersonalEdition Classic\avguard.exe C:\Program Files\ewido anti-spyware 4.0\guard.exe C:\Program Files\FileZilla Server\FileZilla Server.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe C:\Program Files\NVIDIA Corporation\NvMixer\NVMixerTray.exe C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe C:\Program Files\Samsung\Samsung Media Studio\SamsungMediaStudioAgent.exe C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe C:\Program Files\AntiVir PersonalEdition Classic\avgnt.exe C:\Program Files\ewido anti-spyware 4.0\ewido.exe C:\Program Files\LaCie\Backup Software\LaCieBackup.exe C:\Program Files\MSN Messenger\MsnMsgr.Exe C:\Program Files\Messenger\msmsgs.exe C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpobnz08.exe C:\Palm\HOTSYNC.EXE C:\WINDOWS\system32\ZONELABS\vsmon.exe C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpoevm08.exe C:\Program Files\acer\eRecovery\Monitor.exe C:\WINDOWS\system32\wbem\wmiapsrv.exe C:\Program Files\Hewlett-Packard\Digital Imaging\Bin\hpoSTS08.exe C:\WINDOWS\system32\wuauclt.exe C:\Program Files\HijackThis\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll O3 - Toolbar: Barre d'outils MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Toolbar\01.01.2607.0\fr\msntb.dll O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O4 - HKLM\..\Run: [LaunchApp] Alaunch O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe" O4 - HKLM\..\Run: [iMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32 O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName O4 - HKLM\..\Run: [NVMixerTray] "C:\Program Files\NVIDIA Corporation\NvMixer\NVMixerTray.exe" O4 - HKLM\..\Run: [eRecoveryService] C:\Windows\System32\Check.exe O4 - HKLM\..\Run: [sunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe O4 - HKLM\..\Run: [YeppStudioAgent] C:\Program Files\Samsung\Samsung Media Studio\SamsungMediaStudioAgent.exe O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot O4 - HKLM\..\Run: [Zone Labs Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe" O4 - HKLM\..\Run: [FileZilla Server Interface] "C:\Program Files\FileZilla Server\FileZilla Server Interface.exe" O4 - HKLM\..\Run: [avgnt] "C:\Program Files\AntiVir PersonalEdition Classic\avgnt.exe" /min O4 - HKLM\..\Run: [!ewido] "C:\Program Files\ewido anti-spyware 4.0\ewido.exe" /minimized O4 - HKCU\..\Run: [LaCie Backup] C:\Program Files\LaCie\Backup Software\\LaCieBackup.exe /background O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background O4 - Startup: HotSync Manager.lnk = C:\Palm\HOTSYNC.EXE O4 - Global Startup: hpoddt01.exe.lnk = ? O4 - Global Startup: hp psc 2000 Series.lnk = C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpobnz08.exe O8 - Extra context menu item: &Traduire à partir de l'anglais - res://c:\program files\google\GoogleToolbar2.dll/cmwordtrans.html O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 O8 - Extra context menu item: Pages liées - res://c:\program files\google\GoogleToolbar2.dll/cmbacklinks.html O8 - Extra context menu item: Pages similaires - res://c:\program files\google\GoogleToolbar2.dll/cmsimilar.html O8 - Extra context menu item: Recherche &Google - res://c:\program files\google\GoogleToolbar2.dll/cmsearch.html O8 - Extra context menu item: Version de la page actuelle disponible dans le cache Google - res://c:\program files\google\GoogleToolbar2.dll/cmcache.html O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O16 - DPF: {A2505C6C-6F17-456F-89D2-4301FBDC6EC7} (Iewiper Control) - https://atome.lemonde.fr/nortel_cacheable/iewiper.cab O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing) O20 - Winlogon Notify: NavLogon - C:\WINDOWS\ O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\AntiVir PersonalEdition Classic\sched.exe O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - AVIRA GmbH - C:\Program Files\AntiVir PersonalEdition Classic\avguard.exe O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe O23 - Service: ewido anti-spyware 4.0 guard - Anti-Malware Development a.s. - C:\Program Files\ewido anti-spyware 4.0\guard.exe O23 - Service: FileZilla Server FTP server (FileZilla Server) - Unknown owner - C:\Program Files\FileZilla Server\FileZilla Server.exe O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZONELABS\vsmon.exe
  10. ctc94
    0 - Désinstallation de Norton effectuée. 1 - Ewido téléchargé et installé. Par contre, mise à jour impossible car je n'ai plus de connexion internet sur le PC infecté ! 2 - HijackThis : ligne supprimée et "fix checked". 3 - Fichier HP100.TMP supprimé. Par contre, ce fichier est recréé lorsque je reboot en mode normal. 4 - Scan Ewido en mode sans échec, dont voici le rapport : --------------------------------------------------------- ewido anti-spyware - Scan Report --------------------------------------------------------- + Created at: 15:41:23 02/07/2006 + Scan result: :mozilla.162:C:\Documents and Settings\Lou\Application Data\Mozilla\Firefox\Profiles\r3j8hhlm.default\cookies.txt -> TrackingCookie.247realmedia : Cleaned. :mozilla.337:C:\Documents and Settings\Kim\Application Data\Mozilla\Firefox\Profiles\3190qfvq.default\cookies.txt -> TrackingCookie.247realmedia : Cleaned. :mozilla.119:C:\Documents and Settings\Kim\Application Data\Mozilla\Firefox\Profiles\3190qfvq.default\cookies.txt -> TrackingCookie.2o7 : Cleaned. :mozilla.121:C:\Documents and Settings\Kim\Application Data\Mozilla\Firefox\Profiles\3190qfvq.default\cookies.txt -> TrackingCookie.2o7 : Cleaned. :mozilla.196:C:\Documents and Settings\Lou\Application Data\Mozilla\Firefox\Profiles\r3j8hhlm.default\cookies.txt -> TrackingCookie.2o7 : Cleaned. :mozilla.35:C:\Documents and Settings\Lou\Application Data\Mozilla\Firefox\Profiles\r3j8hhlm.default\cookies.txt -> TrackingCookie.Adtech : Cleaned. :mozilla.36:C:\Documents and Settings\Lou\Application Data\Mozilla\Firefox\Profiles\r3j8hhlm.default\cookies.txt -> TrackingCookie.Adtech : Cleaned. :mozilla.80:C:\Documents and Settings\Kim\Application Data\Mozilla\Firefox\Profiles\3190qfvq.default\cookies.txt -> TrackingCookie.Adtech : Cleaned. :mozilla.81:C:\Documents and Settings\Kim\Application Data\Mozilla\Firefox\Profiles\3190qfvq.default\cookies.txt -> TrackingCookie.Adtech : Cleaned. :mozilla.23:C:\Documents and Settings\Kim\Application Data\Mozilla\Firefox\Profiles\3190qfvq.default\cookies.txt -> TrackingCookie.Advertising : Cleaned. :mozilla.24:C:\Documents and Settings\Kim\Application Data\Mozilla\Firefox\Profiles\3190qfvq.default\cookies.txt -> TrackingCookie.Advertising : Cleaned. :mozilla.25:C:\Documents and Settings\Kim\Application Data\Mozilla\Firefox\Profiles\3190qfvq.default\cookies.txt -> TrackingCookie.Advertising : Cleaned. :mozilla.77:C:\Documents and Settings\Lou\Application Data\Mozilla\Firefox\Profiles\r3j8hhlm.default\cookies.txt -> TrackingCookie.Advertising : Cleaned. :mozilla.78:C:\Documents and Settings\Lou\Application Data\Mozilla\Firefox\Profiles\r3j8hhlm.default\cookies.txt -> TrackingCookie.Advertising : Cleaned. :mozilla.79:C:\Documents and Settings\Lou\Application Data\Mozilla\Firefox\Profiles\r3j8hhlm.default\cookies.txt -> TrackingCookie.Advertising : Cleaned. :mozilla.143:C:\Documents and Settings\Lou\Application Data\Mozilla\Firefox\Profiles\r3j8hhlm.default\cookies.txt -> TrackingCookie.Atdmt : Cleaned. :mozilla.66:C:\Documents and Settings\Kim\Application Data\Mozilla\Firefox\Profiles\3190qfvq.default\cookies.txt -> TrackingCookie.Atdmt : Cleaned. :mozilla.260:C:\Documents and Settings\Kim\Application Data\Mozilla\Firefox\Profiles\3190qfvq.default\cookies.txt -> TrackingCookie.Bfast : Cleaned. :mozilla.111:C:\Documents and Settings\Lou\Application Data\Mozilla\Firefox\Profiles\r3j8hhlm.default\cookies.txt -> TrackingCookie.Bluestreak : Cleaned. :mozilla.36:C:\Documents and Settings\Parents\Application Data\Mozilla\Firefox\Profiles\e86mk02f.default\cookies.txt -> TrackingCookie.Bluestreak : Cleaned. :mozilla.38:C:\Documents and Settings\Kim\Application Data\Mozilla\Firefox\Profiles\3190qfvq.default\cookies.txt -> TrackingCookie.Bluestreak : Cleaned. :mozilla.116:C:\Documents and Settings\Lou\Application Data\Mozilla\Firefox\Profiles\r3j8hhlm.default\cookies.txt -> TrackingCookie.Casalemedia : Cleaned. :mozilla.117:C:\Documents and Settings\Lou\Application Data\Mozilla\Firefox\Profiles\r3j8hhlm.default\cookies.txt -> TrackingCookie.Casalemedia : Cleaned. :mozilla.118:C:\Documents and Settings\Lou\Application Data\Mozilla\Firefox\Profiles\r3j8hhlm.default\cookies.txt -> TrackingCookie.Casalemedia : Cleaned. :mozilla.293:C:\Documents and Settings\Kim\Application Data\Mozilla\Firefox\Profiles\3190qfvq.default\cookies.txt -> TrackingCookie.Casalemedia : Cleaned. :mozilla.294:C:\Documents and Settings\Kim\Application Data\Mozilla\Firefox\Profiles\3190qfvq.default\cookies.txt -> TrackingCookie.Casalemedia : Cleaned. :mozilla.295:C:\Documents and Settings\Kim\Application Data\Mozilla\Firefox\Profiles\3190qfvq.default\cookies.txt -> TrackingCookie.Casalemedia : Cleaned. :mozilla.288:C:\Documents and Settings\Kim\Application Data\Mozilla\Firefox\Profiles\3190qfvq.default\cookies.txt -> TrackingCookie.Clickzs : Cleaned. :mozilla.289:C:\Documents and Settings\Kim\Application Data\Mozilla\Firefox\Profiles\3190qfvq.default\cookies.txt -> TrackingCookie.Clickzs : Cleaned. :mozilla.84:C:\Documents and Settings\Lou\Application Data\Mozilla\Firefox\Profiles\r3j8hhlm.default\cookies.txt -> TrackingCookie.Comclick : Cleaned. :mozilla.85:C:\Documents and Settings\Lou\Application Data\Mozilla\Firefox\Profiles\r3j8hhlm.default\cookies.txt -> TrackingCookie.Comclick : Cleaned. :mozilla.86:C:\Documents and Settings\Lou\Application Data\Mozilla\Firefox\Profiles\r3j8hhlm.default\cookies.txt -> TrackingCookie.Comclick : Cleaned. :mozilla.88:C:\Documents and Settings\Kim\Application Data\Mozilla\Firefox\Profiles\3190qfvq.default\cookies.txt -> TrackingCookie.Comclick : Cleaned. :mozilla.89:C:\Documents and Settings\Kim\Application Data\Mozilla\Firefox\Profiles\3190qfvq.default\cookies.txt -> TrackingCookie.Comclick : Cleaned. :mozilla.90:C:\Documents and Settings\Kim\Application Data\Mozilla\Firefox\Profiles\3190qfvq.default\cookies.txt -> TrackingCookie.Comclick : Cleaned. :mozilla.65:C:\Documents and Settings\Kim\Application Data\Mozilla\Firefox\Profiles\3190qfvq.default\cookies.txt -> TrackingCookie.Doubleclick : Cleaned. :mozilla.96:C:\Documents and Settings\Lou\Application Data\Mozilla\Firefox\Profiles\r3j8hhlm.default\cookies.txt -> TrackingCookie.Doubleclick : Cleaned. :mozilla.22:C:\Documents and Settings\Lou\Application Data\Mozilla\Firefox\Profiles\r3j8hhlm.default\cookies.txt -> TrackingCookie.Estat : Cleaned. :mozilla.6:C:\Documents and Settings\Kim\Application Data\Mozilla\Firefox\Profiles\3190qfvq.default\cookies.txt -> TrackingCookie.Estat : Cleaned. :mozilla.265:C:\Documents and Settings\Kim\Application Data\Mozilla\Firefox\Profiles\3190qfvq.default\cookies.txt -> TrackingCookie.Falkag : Cleaned. :mozilla.266:C:\Documents and Settings\Kim\Application Data\Mozilla\Firefox\Profiles\3190qfvq.default\cookies.txt -> TrackingCookie.Falkag : Cleaned. :mozilla.267:C:\Documents and Settings\Kim\Application Data\Mozilla\Firefox\Profiles\3190qfvq.default\cookies.txt -> TrackingCookie.Falkag : Cleaned. :mozilla.268:C:\Documents and Settings\Kim\Application Data\Mozilla\Firefox\Profiles\3190qfvq.default\cookies.txt -> TrackingCookie.Falkag : Cleaned. :mozilla.341:C:\Documents and Settings\Kim\Application Data\Mozilla\Firefox\Profiles\3190qfvq.default\cookies.txt -> TrackingCookie.Falkag : Cleaned. :mozilla.261:C:\Documents and Settings\Kim\Application Data\Mozilla\Firefox\Profiles\3190qfvq.default\cookies.txt -> TrackingCookie.Fastclick : Cleaned. :mozilla.262:C:\Documents and Settings\Kim\Application Data\Mozilla\Firefox\Profiles\3190qfvq.default\cookies.txt -> TrackingCookie.Fastclick : Cleaned. :mozilla.80:C:\Documents and Settings\Lou\Application Data\Mozilla\Firefox\Profiles\r3j8hhlm.default\cookies.txt -> TrackingCookie.Fastclick : Cleaned. :mozilla.81:C:\Documents and Settings\Lou\Application Data\Mozilla\Firefox\Profiles\r3j8hhlm.default\cookies.txt -> TrackingCookie.Fastclick : Cleaned. :mozilla.135:C:\Documents and Settings\Kim\Application Data\Mozilla\Firefox\Profiles\3190qfvq.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned. :mozilla.137:C:\Documents and Settings\Kim\Application Data\Mozilla\Firefox\Profiles\3190qfvq.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned. :mozilla.138:C:\Documents and Settings\Kim\Application Data\Mozilla\Firefox\Profiles\3190qfvq.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned. :mozilla.313:C:\Documents and Settings\Kim\Application Data\Mozilla\Firefox\Profiles\3190qfvq.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned. :mozilla.314:C:\Documents and Settings\Kim\Application Data\Mozilla\Firefox\Profiles\3190qfvq.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned. :mozilla.315:C:\Documents and Settings\Kim\Application Data\Mozilla\Firefox\Profiles\3190qfvq.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned. :mozilla.388:C:\Documents and Settings\Kim\Application Data\Mozilla\Firefox\Profiles\3190qfvq.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned. :mozilla.37:C:\Documents and Settings\Lou\Application Data\Mozilla\Firefox\Profiles\r3j8hhlm.default\cookies.txt -> TrackingCookie.Mediaplex : Cleaned. :mozilla.82:C:\Documents and Settings\Kim\Application Data\Mozilla\Firefox\Profiles\3190qfvq.default\cookies.txt -> TrackingCookie.Mediaplex : Cleaned. :mozilla.117:C:\Documents and Settings\Kim\Application Data\Mozilla\Firefox\Profiles\3190qfvq.default\cookies.txt -> TrackingCookie.Questionmarket : Cleaned. :mozilla.118:C:\Documents and Settings\Kim\Application Data\Mozilla\Firefox\Profiles\3190qfvq.default\cookies.txt -> TrackingCookie.Questionmarket : Cleaned. :mozilla.120:C:\Documents and Settings\Kim\Application Data\Mozilla\Firefox\Profiles\3190qfvq.default\cookies.txt -> TrackingCookie.Questionmarket : Cleaned. :mozilla.139:C:\Documents and Settings\Lou\Application Data\Mozilla\Firefox\Profiles\r3j8hhlm.default\cookies.txt -> TrackingCookie.Questionmarket : Cleaned. :mozilla.60:C:\Documents and Settings\Kim\Application Data\Mozilla\Firefox\Profiles\3190qfvq.default\cookies.txt -> TrackingCookie.Serving-sys : Cleaned. :mozilla.61:C:\Documents and Settings\Kim\Application Data\Mozilla\Firefox\Profiles\3190qfvq.default\cookies.txt -> TrackingCookie.Serving-sys : Cleaned. :mozilla.62:C:\Documents and Settings\Kim\Application Data\Mozilla\Firefox\Profiles\3190qfvq.default\cookies.txt -> TrackingCookie.Serving-sys : Cleaned. :mozilla.63:C:\Documents and Settings\Kim\Application Data\Mozilla\Firefox\Profiles\3190qfvq.default\cookies.txt -> TrackingCookie.Serving-sys : Cleaned. :mozilla.64:C:\Documents and Settings\Kim\Application Data\Mozilla\Firefox\Profiles\3190qfvq.default\cookies.txt -> TrackingCookie.Serving-sys : Cleaned. :mozilla.90:C:\Documents and Settings\Lou\Application Data\Mozilla\Firefox\Profiles\r3j8hhlm.default\cookies.txt -> TrackingCookie.Serving-sys : Cleaned. :mozilla.91:C:\Documents and Settings\Lou\Application Data\Mozilla\Firefox\Profiles\r3j8hhlm.default\cookies.txt -> TrackingCookie.Serving-sys : Cleaned. :mozilla.92:C:\Documents and Settings\Lou\Application Data\Mozilla\Firefox\Profiles\r3j8hhlm.default\cookies.txt -> TrackingCookie.Serving-sys : Cleaned. :mozilla.93:C:\Documents and Settings\Lou\Application Data\Mozilla\Firefox\Profiles\r3j8hhlm.default\cookies.txt -> TrackingCookie.Serving-sys : Cleaned. :mozilla.105:C:\Documents and Settings\Lou\Application Data\Mozilla\Firefox\Profiles\r3j8hhlm.default\cookies.txt -> TrackingCookie.Sitestat : Cleaned. :mozilla.106:C:\Documents and Settings\Lou\Application Data\Mozilla\Firefox\Profiles\r3j8hhlm.default\cookies.txt -> TrackingCookie.Sitestat : Cleaned. :mozilla.14:C:\Documents and Settings\Parents\Application Data\Mozilla\Firefox\Profiles\e86mk02f.default\cookies.txt -> TrackingCookie.Smartadserver : Cleaned. :mozilla.15:C:\Documents and Settings\Parents\Application Data\Mozilla\Firefox\Profiles\e86mk02f.default\cookies.txt -> TrackingCookie.Smartadserver : Cleaned. :mozilla.16:C:\Documents and Settings\Parents\Application Data\Mozilla\Firefox\Profiles\e86mk02f.default\cookies.txt -> TrackingCookie.Smartadserver : Cleaned. :mozilla.38:C:\Documents and Settings\Lou\Application Data\Mozilla\Firefox\Profiles\r3j8hhlm.default\cookies.txt -> TrackingCookie.Smartadserver : Cleaned. :mozilla.39:C:\Documents and Settings\Kim\Application Data\Mozilla\Firefox\Profiles\3190qfvq.default\cookies.txt -> TrackingCookie.Smartadserver : Cleaned. :mozilla.39:C:\Documents and Settings\Lou\Application Data\Mozilla\Firefox\Profiles\r3j8hhlm.default\cookies.txt -> TrackingCookie.Smartadserver : Cleaned. :mozilla.40:C:\Documents and Settings\Kim\Application Data\Mozilla\Firefox\Profiles\3190qfvq.default\cookies.txt -> TrackingCookie.Smartadserver : Cleaned. :mozilla.40:C:\Documents and Settings\Lou\Application Data\Mozilla\Firefox\Profiles\r3j8hhlm.default\cookies.txt -> TrackingCookie.Smartadserver : Cleaned. :mozilla.41:C:\Documents and Settings\Kim\Application Data\Mozilla\Firefox\Profiles\3190qfvq.default\cookies.txt -> TrackingCookie.Smartadserver : Cleaned. :mozilla.306:C:\Documents and Settings\Kim\Application Data\Mozilla\Firefox\Profiles\3190qfvq.default\cookies.txt -> TrackingCookie.Spylog : Cleaned. :mozilla.307:C:\Documents and Settings\Kim\Application Data\Mozilla\Firefox\Profiles\3190qfvq.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned. :mozilla.308:C:\Documents and Settings\Kim\Application Data\Mozilla\Firefox\Profiles\3190qfvq.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned. :mozilla.45:C:\Documents and Settings\Lou\Application Data\Mozilla\Firefox\Profiles\r3j8hhlm.default\cookies.txt -> TrackingCookie.Tradedoubler : Cleaned. :mozilla.46:C:\Documents and Settings\Lou\Application Data\Mozilla\Firefox\Profiles\r3j8hhlm.default\cookies.txt -> TrackingCookie.Tradedoubler : Cleaned. :mozilla.47:C:\Documents and Settings\Lou\Application Data\Mozilla\Firefox\Profiles\r3j8hhlm.default\cookies.txt -> TrackingCookie.Tradedoubler : Cleaned. :mozilla.85:C:\Documents and Settings\Kim\Application Data\Mozilla\Firefox\Profiles\3190qfvq.default\cookies.txt -> TrackingCookie.Tradedoubler : Cleaned. :mozilla.86:C:\Documents and Settings\Kim\Application Data\Mozilla\Firefox\Profiles\3190qfvq.default\cookies.txt -> TrackingCookie.Tradedoubler : Cleaned. :mozilla.132:C:\Documents and Settings\Lou\Application Data\Mozilla\Firefox\Profiles\r3j8hhlm.default\cookies.txt -> TrackingCookie.Tribalfusion : Cleaned. :mozilla.299:C:\Documents and Settings\Kim\Application Data\Mozilla\Firefox\Profiles\3190qfvq.default\cookies.txt -> TrackingCookie.Tribalfusion : Cleaned. :mozilla.167:C:\Documents and Settings\Lou\Application Data\Mozilla\Firefox\Profiles\r3j8hhlm.default\cookies.txt -> TrackingCookie.Valueclick : Cleaned. :mozilla.168:C:\Documents and Settings\Lou\Application Data\Mozilla\Firefox\Profiles\r3j8hhlm.default\cookies.txt -> TrackingCookie.Valueclick : Cleaned. :mozilla.53:C:\Documents and Settings\Kim\Application Data\Mozilla\Firefox\Profiles\3190qfvq.default\cookies.txt -> TrackingCookie.Valueclick : Cleaned. :mozilla.54:C:\Documents and Settings\Kim\Application Data\Mozilla\Firefox\Profiles\3190qfvq.default\cookies.txt -> TrackingCookie.Valueclick : Cleaned. :mozilla.112:C:\Documents and Settings\Kim\Application Data\Mozilla\Firefox\Profiles\3190qfvq.default\cookies.txt -> TrackingCookie.Weborama : Cleaned. :mozilla.113:C:\Documents and Settings\Kim\Application Data\Mozilla\Firefox\Profiles\3190qfvq.default\cookies.txt -> TrackingCookie.Weborama : Cleaned. :mozilla.114:C:\Documents and Settings\Kim\Application Data\Mozilla\Firefox\Profiles\3190qfvq.default\cookies.txt -> TrackingCookie.Weborama : Cleaned. :mozilla.140:C:\Documents and Settings\Lou\Application Data\Mozilla\Firefox\Profiles\r3j8hhlm.default\cookies.txt -> TrackingCookie.Weborama : Cleaned. :mozilla.141:C:\Documents and Settings\Lou\Application Data\Mozilla\Firefox\Profiles\r3j8hhlm.default\cookies.txt -> TrackingCookie.Weborama : Cleaned. :mozilla.142:C:\Documents and Settings\Lou\Application Data\Mozilla\Firefox\Profiles\r3j8hhlm.default\cookies.txt -> TrackingCookie.Weborama : Cleaned. C:\Documents and Settings\Kim\Cookies\kim@weborama[2].txt -> TrackingCookie.Weborama : Cleaned. :mozilla.179:C:\Documents and Settings\Lou\Application Data\Mozilla\Firefox\Profiles\r3j8hhlm.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned. :mozilla.282:C:\Documents and Settings\Kim\Application Data\Mozilla\Firefox\Profiles\3190qfvq.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned. :mozilla.283:C:\Documents and Settings\Kim\Application Data\Mozilla\Firefox\Profiles\3190qfvq.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned. :mozilla.284:C:\Documents and Settings\Kim\Application Data\Mozilla\Firefox\Profiles\3190qfvq.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned. C:\Documents and Settings\Kim\Cookies\kim@ad.yieldmanager[2].txt -> TrackingCookie.Yieldmanager : Cleaned. :mozilla.168:C:\Documents and Settings\Kim\Application Data\Mozilla\Firefox\Profiles\3190qfvq.default\cookies.txt -> TrackingCookie.Zedo : Cleaned. :mozilla.169:C:\Documents and Settings\Kim\Application Data\Mozilla\Firefox\Profiles\3190qfvq.default\cookies.txt -> TrackingCookie.Zedo : Cleaned. :mozilla.170:C:\Documents and Settings\Kim\Application Data\Mozilla\Firefox\Profiles\3190qfvq.default\cookies.txt -> TrackingCookie.Zedo : Cleaned. C:\Program Files\Media-Codec -> Trojan.Small : Cleaned with backup (quarantined). C:\Program Files\Media-Codec\uninst.exe -> Trojan.Small : Cleaned with backup (quarantined). C:\WINDOWS\system32\atmclk.exe -> Trojan.Small : Cleaned with backup (quarantined). ::Report end 5 - Rapport HijackThis en mode normal : Logfile of HijackThis v1.99.1 Scan saved at 15:54:06, on 02/07/2006 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\Explorer.EXE C:\Program Files\AntiVir PersonalEdition Classic\sched.exe C:\Program Files\AntiVir PersonalEdition Classic\avguard.exe C:\Program Files\ewido anti-spyware 4.0\guard.exe C:\Program Files\FileZilla Server\FileZilla Server.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\dcomcfg.exe C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe C:\Program Files\NVIDIA Corporation\NvMixer\NVMixerTray.exe C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe C:\Program Files\Samsung\Samsung Media Studio\SamsungMediaStudioAgent.exe C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe C:\Program Files\AntiVir PersonalEdition Classic\avgnt.exe C:\Program Files\ewido anti-spyware 4.0\ewido.exe C:\Program Files\LaCie\Backup Software\LaCieBackup.exe C:\Program Files\MSN Messenger\MsnMsgr.Exe C:\Program Files\Messenger\msmsgs.exe C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpobnz08.exe C:\Palm\HOTSYNC.EXE C:\WINDOWS\system32\ZONELABS\vsmon.exe C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpoevm08.exe C:\Program Files\acer\eRecovery\Monitor.exe C:\WINDOWS\system32\wbem\wmiapsrv.exe C:\Program Files\Hewlett-Packard\Digital Imaging\Bin\hpoSTS08.exe C:\Program Files\HijackThis\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O2 - BHO: Nothing - {5f4c3d09-b3b9-4f88-aa82-31332fee1c08} - C:\WINDOWS\system32\hp100.tmp O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll O3 - Toolbar: Barre d'outils MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Toolbar\01.01.2607.0\fr\msntb.dll O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O4 - HKLM\..\Run: [LaunchApp] Alaunch O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe" O4 - HKLM\..\Run: [iMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32 O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName O4 - HKLM\..\Run: [NVMixerTray] "C:\Program Files\NVIDIA Corporation\NvMixer\NVMixerTray.exe" O4 - HKLM\..\Run: [eRecoveryService] C:\Windows\System32\Check.exe O4 - HKLM\..\Run: [sunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe O4 - HKLM\..\Run: [YeppStudioAgent] C:\Program Files\Samsung\Samsung Media Studio\SamsungMediaStudioAgent.exe O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot O4 - HKLM\..\Run: [Zone Labs Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe" O4 - HKLM\..\Run: [FileZilla Server Interface] "C:\Program Files\FileZilla Server\FileZilla Server Interface.exe" O4 - HKLM\..\Run: [avgnt] "C:\Program Files\AntiVir PersonalEdition Classic\avgnt.exe" /min O4 - HKLM\..\Run: [!ewido] "C:\Program Files\ewido anti-spyware 4.0\ewido.exe" /minimized O4 - HKCU\..\Run: [LaCie Backup] C:\Program Files\LaCie\Backup Software\\LaCieBackup.exe /background O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background O4 - Startup: HotSync Manager.lnk = C:\Palm\HOTSYNC.EXE O4 - Global Startup: hpoddt01.exe.lnk = ? O4 - Global Startup: hp psc 2000 Series.lnk = C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpobnz08.exe O8 - Extra context menu item: &Traduire à partir de l'anglais - res://c:\program files\google\GoogleToolbar2.dll/cmwordtrans.html O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 O8 - Extra context menu item: Pages liées - res://c:\program files\google\GoogleToolbar2.dll/cmbacklinks.html O8 - Extra context menu item: Pages similaires - res://c:\program files\google\GoogleToolbar2.dll/cmsimilar.html O8 - Extra context menu item: Recherche &Google - res://c:\program files\google\GoogleToolbar2.dll/cmsearch.html O8 - Extra context menu item: Version de la page actuelle disponible dans le cache Google - res://c:\program files\google\GoogleToolbar2.dll/cmcache.html O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O16 - DPF: {A2505C6C-6F17-456F-89D2-4301FBDC6EC7} (Iewiper Control) - https://atome.lemonde.fr/nortel_cacheable/iewiper.cab O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing) O20 - Winlogon Notify: NavLogon - C:\WINDOWS\ O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\AntiVir PersonalEdition Classic\sched.exe O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - AVIRA GmbH - C:\Program Files\AntiVir PersonalEdition Classic\avguard.exe O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe O23 - Service: ewido anti-spyware 4.0 guard - Anti-Malware Development a.s. - C:\Program Files\ewido anti-spyware 4.0\guard.exe O23 - Service: FileZilla Server FTP server (FileZilla Server) - Unknown owner - C:\Program Files\FileZilla Server\FileZilla Server.exe O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZONELABS\vsmon.exe Honnêtement, y a-t-il un espoir de désinfecté le PC ? Dans un délai raisonnable ? Sinon, je me résignerai à faire une grosse sauvegarde externe et à réinstaller la machine. Merci pour ta collaboration.
  11. ctc94
    1 SmartFraudFix, option 1 : SmitFraudFix v2.29 Rapport fait à 12:40:14,33, 02/07/2006 Executé à partir de C:\Documents and Settings\Parents\Bureau\SmitfraudFix OS: Microsoft Windows XP [version 5.1.2600] »»»»»»»»»»»»»»»»»»»»»»»» C:\ »»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS »»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system »»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\Web »»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system32 C:\WINDOWS\system32\hp????.tmp PRESENT ! »»»»»»»»»»»»»»»»»»»»»»»» C:\Documents and Settings\Parents\Application Data »»»»»»»»»»»»»»»»»»»»»»»» Menu Démarrer »»»»»»»»»»»»»»»»»»»»»»»» C:\Documents and Settings\Parents\Favoris »»»»»»»»»»»»»»»»»»»»»»»» Bureau »»»»»»»»»»»»»»»»»»»»»»»» C:\Program Files »»»»»»»»»»»»»»»»»»»»»»»» Clés corrompues »»»»»»»»»»»»»»»»»»»»»»»» Eléments du bureau »»»»»»»»»»»»»»»»»»»»»»»» Sharedtaskscheduler SrchSTS.exe by S!Ri Search SharedTaskScheduler's .dll [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler] "{438755C2-A8BA-11D1-B96B-00A0C90312E1}"="Pré-chargeur Browseui" [HKEY_CLASSES_ROOT\CLSID\{438755C2-A8BA-11D1-B96B-00A0C90312E1}\InProcServer32] @="%SystemRoot%\system32\browseui.dll" [HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{438755C2-A8BA-11D1-B96B-00A0C90312E1}\InProcServer32] @="%SystemRoot%\system32\browseui.dll" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler] "{8C7461EF-2B13-11d2-BE35-3078302C2030}"="Démon de cache des catégories de composant" [HKEY_CLASSES_ROOT\CLSID\{8C7461EF-2B13-11d2-BE35-3078302C2030}\InProcServer32] @="%SystemRoot%\system32\browseui.dll" [HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{8C7461EF-2B13-11d2-BE35-3078302C2030}\InProcServer32] @="%SystemRoot%\system32\browseui.dll" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler] "{6af69c4d-420a-4c95-b34f-e4635f84f53b}"="forevouched" [HKEY_CLASSES_ROOT\CLSID\{6af69c4d-420a-4c95-b34f-e4635f84f53b}\InProcServer32] @="C:\WINDOWS\system32\viwpzla.dll" [HKEY_CURRENT_USER\Software\Classes\CLSID\{6af69c4d-420a-4c95-b34f-e4635f84f53b}\InProcServer32] @="C:\WINDOWS\system32\viwpzla.dll" »»»»»»»»»»»»»»»»»»»»»»»» Recherche infection wininet.dll »»»»»»»»»»»»»»»»»»»»»»»» Fin 2 SmartFraudFix, option 2, mode sans échec : SmitFraudFix v2.29 Rapport fait à 12:44:01,96, 02/07/2006 Executé à partir de C:\Documents and Settings\Parents\Bureau\SmitfraudFix OS: Microsoft Windows XP [version 5.1.2600] »»»»»»»»»»»»»»»»»»»»»»»» Arret des processus »»»»»»»»»»»»»»»»»»»»»»»» Suppression des fichiers infectés C:\WINDOWS\system32\hp????.tmp supprimé »»»»»»»»»»»»»»»»»»»»»»»» Suppression Fichiers Temporaires »»»»»»»»»»»»»»»»»»»»»»»» Nettoyage du registre Nettoyage terminé. »»»»»»»»»»»»»»»»»»»»»»»» Fin 3 HijackThis, mode normal : Logfile of HijackThis v1.99.1 Scan saved at 12:47:18, on 02/07/2006 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\AntiVir PersonalEdition Classic\sched.exe C:\Program Files\AntiVir PersonalEdition Classic\avguard.exe C:\Program Files\Symantec AntiVirus\DefWatch.exe C:\Program Files\FileZilla Server\FileZilla Server.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Symantec AntiVirus\Rtvscan.exe C:\WINDOWS\system32\ZONELABS\vsmon.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\dcomcfg.exe C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe C:\Program Files\NVIDIA Corporation\NvMixer\NVMixerTray.exe C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe C:\Program Files\Samsung\Samsung Media Studio\SamsungMediaStudioAgent.exe C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe C:\Program Files\acer\eRecovery\Monitor.exe C:\Program Files\AntiVir PersonalEdition Classic\avgnt.exe C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe C:\PROGRA~1\SYMANT~1\VPTray.exe C:\Program Files\LaCie\Backup Software\LaCieBackup.exe C:\Program Files\MSN Messenger\MsnMsgr.Exe C:\Program Files\Messenger\msmsgs.exe C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpobnz08.exe C:\Palm\HOTSYNC.EXE C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpoevm08.exe C:\Program Files\Hewlett-Packard\Digital Imaging\Bin\hpoSTS08.exe C:\WINDOWS\system32\wbem\wmiapsrv.exe C:\WINDOWS\system32\wuauclt.exe C:\WINDOWS\system32\wuauclt.exe C:\Program Files\HijackThis\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O2 - BHO: Nothing - {5f4c3d09-b3b9-4f88-aa82-31332fee1c08} - C:\WINDOWS\system32\hp100.tmp O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll O3 - Toolbar: Barre d'outils MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Toolbar\01.01.2607.0\fr\msntb.dll O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O4 - HKLM\..\Run: [LaunchApp] Alaunch O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe" O4 - HKLM\..\Run: [iMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32 O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName O4 - HKLM\..\Run: [NVMixerTray] "C:\Program Files\NVIDIA Corporation\NvMixer\NVMixerTray.exe" O4 - HKLM\..\Run: [eRecoveryService] C:\Windows\System32\Check.exe O4 - HKLM\..\Run: [sunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe O4 - HKLM\..\Run: [YeppStudioAgent] C:\Program Files\Samsung\Samsung Media Studio\SamsungMediaStudioAgent.exe O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot O4 - HKLM\..\Run: [Zone Labs Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe" O4 - HKLM\..\Run: [FileZilla Server Interface] "C:\Program Files\FileZilla Server\FileZilla Server Interface.exe" O4 - HKLM\..\Run: [avgnt] "C:\Program Files\AntiVir PersonalEdition Classic\avgnt.exe" /min O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe" O4 - HKLM\..\Run: [vptray] C:\PROGRA~1\SYMANT~1\VPTray.exe O4 - HKCU\..\Run: [LaCie Backup] C:\Program Files\LaCie\Backup Software\\LaCieBackup.exe /background O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background O4 - Startup: HotSync Manager.lnk = C:\Palm\HOTSYNC.EXE O4 - Global Startup: hpoddt01.exe.lnk = ? O4 - Global Startup: hp psc 2000 Series.lnk = C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpobnz08.exe O8 - Extra context menu item: &Traduire à partir de l'anglais - res://c:\program files\google\GoogleToolbar2.dll/cmwordtrans.html O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 O8 - Extra context menu item: Pages liées - res://c:\program files\google\GoogleToolbar2.dll/cmbacklinks.html O8 - Extra context menu item: Pages similaires - res://c:\program files\google\GoogleToolbar2.dll/cmsimilar.html O8 - Extra context menu item: Recherche &Google - res://c:\program files\google\GoogleToolbar2.dll/cmsearch.html O8 - Extra context menu item: Version de la page actuelle disponible dans le cache Google - res://c:\program files\google\GoogleToolbar2.dll/cmcache.html O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O16 - DPF: {A2505C6C-6F17-456F-89D2-4301FBDC6EC7} (Iewiper Control) - https://atome.lemonde.fr/nortel_cacheable/iewiper.cab O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing) O20 - Winlogon Notify: NavLogon - C:\WINDOWS\system32\NavLogon.dll O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\AntiVir PersonalEdition Classic\sched.exe O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - AVIRA GmbH - C:\Program Files\AntiVir PersonalEdition Classic\avguard.exe O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccPwdSvc.exe O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe O23 - Service: Symantec AntiVirus Definition Watcher (DefWatch) - Symantec Corporation - C:\Program Files\Symantec AntiVirus\DefWatch.exe O23 - Service: FileZilla Server FTP server (FileZilla Server) - Unknown owner - C:\Program Files\FileZilla Server\FileZilla Server.exe O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe O23 - Service: SAVRoam (SavRoam) - symantec - C:\Program Files\Symantec AntiVirus\SavRoam.exe O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\SPBBC\SPBBCSvc.exe O23 - Service: Symantec AntiVirus - Symantec Corporation - C:\Program Files\Symantec AntiVirus\Rtvscan.exe O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZONELABS\vsmon.exe
  12. ctc94
    Bonjour, Voici le logfile of HijackThis v1.99.1 Scan saved at 11:29:05, on 02/07/2006 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\AntiVir PersonalEdition Classic\sched.exe C:\Program Files\AntiVir PersonalEdition Classic\avguard.exe C:\Program Files\Symantec AntiVirus\DefWatch.exe C:\Program Files\FileZilla Server\FileZilla Server.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Symantec AntiVirus\Rtvscan.exe C:\WINDOWS\system32\ZONELABS\vsmon.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\dcomcfg.exe C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe C:\Program Files\NVIDIA Corporation\NvMixer\NVMixerTray.exe C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe C:\Program Files\Samsung\Samsung Media Studio\SamsungMediaStudioAgent.exe C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe C:\Program Files\AntiVir PersonalEdition Classic\avgnt.exe C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe C:\PROGRA~1\SYMANT~1\VPTray.exe C:\Program Files\LaCie\Backup Software\LaCieBackup.exe C:\Program Files\MSN Messenger\MsnMsgr.Exe C:\Program Files\Messenger\msmsgs.exe C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpobnz08.exe C:\Program Files\Nikon\PictureProject\NkbMonitor.exe C:\Palm\HOTSYNC.EXE C:\Program Files\acer\eRecovery\Monitor.exe C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpoevm08.exe C:\WINDOWS\system32\wbem\wmiapsrv.exe C:\Program Files\Hewlett-Packard\Digital Imaging\Bin\hpoSTS08.exe C:\WINDOWS\system32\wuauclt.exe C:\WINDOWS\system32\wuauclt.exe C:\Program Files\HijackThis\HijackThis.exe C:\Program Files\Symantec\LiveUpdate\NDETECT.EXE R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O2 - BHO: Nothing - {5f4c3d09-b3b9-4f88-aa82-31332fee1c08} - C:\WINDOWS\system32\hp100.tmp O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll O3 - Toolbar: Barre d'outils MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Toolbar\01.01.2607.0\fr\msntb.dll O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O4 - HKLM\..\Run: [LaunchApp] Alaunch O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe" O4 - HKLM\..\Run: [iMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32 O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName O4 - HKLM\..\Run: [NVMixerTray] "C:\Program Files\NVIDIA Corporation\NvMixer\NVMixerTray.exe" O4 - HKLM\..\Run: [eRecoveryService] C:\Windows\System32\Check.exe O4 - HKLM\..\Run: [sunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe O4 - HKLM\..\Run: [YeppStudioAgent] C:\Program Files\Samsung\Samsung Media Studio\SamsungMediaStudioAgent.exe O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot O4 - HKLM\..\Run: [Zone Labs Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe" O4 - HKLM\..\Run: [FileZilla Server Interface] "C:\Program Files\FileZilla Server\FileZilla Server Interface.exe" O4 - HKLM\..\Run: [avgnt] "C:\Program Files\AntiVir PersonalEdition Classic\avgnt.exe" /min O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe" O4 - HKLM\..\Run: [vptray] C:\PROGRA~1\SYMANT~1\VPTray.exe O4 - HKCU\..\Run: [LaCie Backup] C:\Program Files\LaCie\Backup Software\\LaCieBackup.exe /background O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background O4 - Startup: HotSync Manager.lnk = C:\Palm\HOTSYNC.EXE O4 - Global Startup: hpoddt01.exe.lnk = ? O4 - Global Startup: hp psc 2000 Series.lnk = C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpobnz08.exe O4 - Global Startup: NkbMonitor.exe.lnk = C:\Program Files\Nikon\PictureProject\NkbMonitor.exe O8 - Extra context menu item: &Traduire à partir de l'anglais - res://c:\program files\google\GoogleToolbar2.dll/cmwordtrans.html O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 O8 - Extra context menu item: Pages liées - res://c:\program files\google\GoogleToolbar2.dll/cmbacklinks.html O8 - Extra context menu item: Pages similaires - res://c:\program files\google\GoogleToolbar2.dll/cmsimilar.html O8 - Extra context menu item: Recherche &Google - res://c:\program files\google\GoogleToolbar2.dll/cmsearch.html O8 - Extra context menu item: Version de la page actuelle disponible dans le cache Google - res://c:\program files\google\GoogleToolbar2.dll/cmcache.html O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O16 - DPF: {A2505C6C-6F17-456F-89D2-4301FBDC6EC7} (Iewiper Control) - https://atome.lemonde.fr/nortel_cacheable/iewiper.cab O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing) O20 - Winlogon Notify: NavLogon - C:\WINDOWS\system32\NavLogon.dll O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\AntiVir PersonalEdition Classic\sched.exe O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - AVIRA GmbH - C:\Program Files\AntiVir PersonalEdition Classic\avguard.exe O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccPwdSvc.exe O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe O23 - Service: Symantec AntiVirus Definition Watcher (DefWatch) - Symantec Corporation - C:\Program Files\Symantec AntiVirus\DefWatch.exe O23 - Service: FileZilla Server FTP server (FileZilla Server) - Unknown owner - C:\Program Files\FileZilla Server\FileZilla Server.exe O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe O23 - Service: SAVRoam (SavRoam) - symantec - C:\Program Files\Symantec AntiVirus\SavRoam.exe O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\SPBBC\SPBBCSvc.exe O23 - Service: Symantec AntiVirus - Symantec Corporation - C:\Program Files\Symantec AntiVirus\Rtvscan.exe O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZONELABS\vsmon.exe
  13. ctc94
    Y a du nouveau : Ce matin, j'ai constaté que Antivir était inactif, impossible à activer. J'ai donc installer un autre version de Norton (v 10) qui m'a signalé la présence d'un fichier indésirable : VIWPZLA.DLL. Après quelques recherches, j'ai compris que ce fichier était responsable de la présence d'une icône signalant l'existence d'un virus et proposant de télécharger le logiciel qui allait me sauver la vie ! En redémarrant le PC en mode sans échec, sous la compte administrateur, j'ai réussi à supprimer ce fichier. Cette icône a disparue et il me semble qu'il n'y a plus de pop-up qui s'ouvrent de manière inattendue. Par contre, j'ai toujours de soucis avec ma connexion internet ainsi que la messagerie (j'utilise un portable et une autre connexion pour accéder à ce forum). Voici donc les rapports demandés. Merci d'avance pour tes lumineux conseils. SMITFRAUDFIX, option 2 : SmitFraudFix v2.29 Rapport fait à 14:30:52,70, 30/06/2006 Executé à partir de C:\Documents and Settings\Parents\Bureau\SmitfraudFix OS: Microsoft Windows XP [version 5.1.2600] »»»»»»»»»»»»»»»»»»»»»»»» Arret des processus »»»»»»»»»»»»»»»»»»»»»»»» Suppression des fichiers infectés C:\WINDOWS\system32\hp????.tmp supprimé C:\Documents and Settings\Parents\Favoris\Antivirus Test Online.url supprimé »»»»»»»»»»»»»»»»»»»»»»»» Suppression Fichiers Temporaires »»»»»»»»»»»»»»»»»»»»»»»» Nettoyage du registre Nettoyage terminé. »»»»»»»»»»»»»»»»»»»»»»»» Fin HIJACKTHIS : Logfile of HijackThis v1.99.1 Scan saved at 14:36:45, on 30/06/2006 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\AntiVir PersonalEdition Classic\sched.exe C:\Program Files\AntiVir PersonalEdition Classic\avguard.exe C:\Program Files\Symantec AntiVirus\DefWatch.exe C:\Program Files\FileZilla Server\FileZilla Server.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Symantec AntiVirus\Rtvscan.exe C:\WINDOWS\system32\ZONELABS\vsmon.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\dcomcfg.exe C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe C:\Program Files\NVIDIA Corporation\NvMixer\NVMixerTray.exe C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe C:\Program Files\Samsung\Samsung Media Studio\SamsungMediaStudioAgent.exe C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe C:\Program Files\AntiVir PersonalEdition Classic\avgnt.exe C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe C:\PROGRA~1\SYMANT~1\VPTray.exe C:\Program Files\LaCie\Backup Software\LaCieBackup.exe C:\Program Files\MSN Messenger\MsnMsgr.Exe C:\Program Files\Messenger\msmsgs.exe C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpobnz08.exe C:\Program Files\Nikon\PictureProject\NkbMonitor.exe C:\Palm\HOTSYNC.EXE C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpoevm08.exe C:\Program Files\acer\eRecovery\Monitor.exe C:\Program Files\Hewlett-Packard\Digital Imaging\Bin\hpoSTS08.exe C:\WINDOWS\system32\wbem\wmiapsrv.exe C:\WINDOWS\system32\wuauclt.exe C:\Program Files\HijackThis\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O2 - BHO: Nothing - {5f4c3d09-b3b9-4f88-aa82-31332fee1c08} - C:\WINDOWS\system32\hp100.tmp O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll O3 - Toolbar: Barre d'outils MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Toolbar\01.01.2607.0\fr\msntb.dll O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O4 - HKLM\..\Run: [LaunchApp] Alaunch O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe" O4 - HKLM\..\Run: [iMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32 O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName O4 - HKLM\..\Run: [NVMixerTray] "C:\Program Files\NVIDIA Corporation\NvMixer\NVMixerTray.exe" O4 - HKLM\..\Run: [eRecoveryService] C:\Windows\System32\Check.exe O4 - HKLM\..\Run: [sunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe O4 - HKLM\..\Run: [YeppStudioAgent] C:\Program Files\Samsung\Samsung Media Studio\SamsungMediaStudioAgent.exe O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot O4 - HKLM\..\Run: [Zone Labs Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe" O4 - HKLM\..\Run: [FileZilla Server Interface] "C:\Program Files\FileZilla Server\FileZilla Server Interface.exe" O4 - HKLM\..\Run: [avgnt] "C:\Program Files\AntiVir PersonalEdition Classic\avgnt.exe" /min O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe" O4 - HKLM\..\Run: [vptray] C:\PROGRA~1\SYMANT~1\VPTray.exe O4 - HKCU\..\Run: [LaCie Backup] C:\Program Files\LaCie\Backup Software\\LaCieBackup.exe /background O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background O4 - Startup: HotSync Manager.lnk = C:\Palm\HOTSYNC.EXE O4 - Global Startup: hpoddt01.exe.lnk = ? O4 - Global Startup: hp psc 2000 Series.lnk = C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpobnz08.exe O4 - Global Startup: NkbMonitor.exe.lnk = C:\Program Files\Nikon\PictureProject\NkbMonitor.exe O8 - Extra context menu item: &Traduire à partir de l'anglais - res://c:\program files\google\GoogleToolbar2.dll/cmwordtrans.html O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 O8 - Extra context menu item: Pages liées - res://c:\program files\google\GoogleToolbar2.dll/cmbacklinks.html O8 - Extra context menu item: Pages similaires - res://c:\program files\google\GoogleToolbar2.dll/cmsimilar.html O8 - Extra context menu item: Recherche &Google - res://c:\program files\google\GoogleToolbar2.dll/cmsearch.html O8 - Extra context menu item: Version de la page actuelle disponible dans le cache Google - res://c:\program files\google\GoogleToolbar2.dll/cmcache.html O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O16 - DPF: {A2505C6C-6F17-456F-89D2-4301FBDC6EC7} (Iewiper Control) - https://atome.lemonde.fr/nortel_cacheable/iewiper.cab O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing) O20 - Winlogon Notify: NavLogon - C:\WINDOWS\system32\NavLogon.dll O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\AntiVir PersonalEdition Classic\sched.exe O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - AVIRA GmbH - C:\Program Files\AntiVir PersonalEdition Classic\avguard.exe O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccPwdSvc.exe O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe O23 - Service: Symantec AntiVirus Definition Watcher (DefWatch) - Symantec Corporation - C:\Program Files\Symantec AntiVirus\DefWatch.exe O23 - Service: FileZilla Server FTP server (FileZilla Server) - Unknown owner - C:\Program Files\FileZilla Server\FileZilla Server.exe O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe O23 - Service: SAVRoam (SavRoam) - symantec - C:\Program Files\Symantec AntiVirus\SavRoam.exe O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\SPBBC\SPBBCSvc.exe O23 - Service: Symantec AntiVirus - Symantec Corporation - C:\Program Files\Symantec AntiVirus\Rtvscan.exe O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZONELABS\vsmon.exe
  14. ctc94
    Bonsoir, J'ai désinstallé Norton, qui étais déjà présent sur le PC avant que je sois infecté (donc pas très efficace). Après rebbot du PC, j'ai lancé Smitfrausfx dont voici le rapport : ********************************** SmitFraudFix v2.29 Rapport fait à 22:12:12,59, 29/06/2006 Executé à partir de C:\Documents and Settings\Parents\Bureau\SmitfraudFix OS: Microsoft Windows XP [version 5.1.2600] »»»»»»»»»»»»»»»»»»»»»»»» C:\ »»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS »»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system »»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\Web »»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system32 C:\WINDOWS\system32\hp????.tmp PRESENT ! »»»»»»»»»»»»»»»»»»»»»»»» C:\Documents and Settings\Parents\Application Data »»»»»»»»»»»»»»»»»»»»»»»» Menu Démarrer »»»»»»»»»»»»»»»»»»»»»»»» C:\Documents and Settings\Parents\Favoris C:\Documents and Settings\Parents\Favoris\Antivirus Test Online.url PRESENT ! »»»»»»»»»»»»»»»»»»»»»»»» Bureau »»»»»»»»»»»»»»»»»»»»»»»» C:\Program Files »»»»»»»»»»»»»»»»»»»»»»»» Clés corrompues »»»»»»»»»»»»»»»»»»»»»»»» Eléments du bureau [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Desktop\Components\0] "Source"="About:Home" "SubscribedURL"="About:Home" "FriendlyName"="Ma page d'accueil" »»»»»»»»»»»»»»»»»»»»»»»» Sharedtaskscheduler SrchSTS.exe by S!Ri Search SharedTaskScheduler's .dll [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler] "{438755C2-A8BA-11D1-B96B-00A0C90312E1}"="Pré-chargeur Browseui" [HKEY_CLASSES_ROOT\CLSID\{438755C2-A8BA-11D1-B96B-00A0C90312E1}\InProcServer32] @="%SystemRoot%\system32\browseui.dll" [HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{438755C2-A8BA-11D1-B96B-00A0C90312E1}\InProcServer32] @="%SystemRoot%\system32\browseui.dll" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler] "{8C7461EF-2B13-11d2-BE35-3078302C2030}"="Démon de cache des catégories de composant" [HKEY_CLASSES_ROOT\CLSID\{8C7461EF-2B13-11d2-BE35-3078302C2030}\InProcServer32] @="%SystemRoot%\system32\browseui.dll" [HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{8C7461EF-2B13-11d2-BE35-3078302C2030}\InProcServer32] @="%SystemRoot%\system32\browseui.dll" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler] "{6af69c4d-420a-4c95-b34f-e4635f84f53b}"="forevouched" [HKEY_CLASSES_ROOT\CLSID\{6af69c4d-420a-4c95-b34f-e4635f84f53b}\InProcServer32] @="C:\WINDOWS\system32\viwpzla.dll" [HKEY_CURRENT_USER\Software\Classes\CLSID\{6af69c4d-420a-4c95-b34f-e4635f84f53b}\InProcServer32] @="C:\WINDOWS\system32\viwpzla.dll" »»»»»»»»»»»»»»»»»»»»»»»» Recherche infection wininet.dll »»»»»»»»»»»»»»»»»»»»»»»» Fin Voilà, est-ce que cela te parle ? Merci de ta collaboration. ctc94
  15. ctc94
    Bonjour, C'est à mon tour d'être infecté par ce spyware OHPE v 4.12. J'ai fait pas mal de manip avec Antiv Gaurd, CCleaner, Ad Aware, Spybot et HijackThis. Voici 2 compte-rendus : Antivir ********************************************** AntiVir PersonalEdition Classic Report file date: jeudi 29 juin 2006 19:30 Scanning for 397237 virus strains and unwanted programs. Licensed to: AntiVir PersonalEdition Classic Serial number: 0000149996-WURGE-0001 Platform: Windows XP Windows version: (Service Pack 2) [5.1.2600] Username: Parents Computer name: ACER-5C89C15659 Version informations: AVSCAN.EXE : 7.0.0.42 557096 29/06/2006 16:56:05 AVSCAN.DLL : 7.0.0.42 53288 29/06/2006 16:56:05 LUKE.DLL : 7.0.0.42 118824 29/06/2006 16:56:05 LUKERES.DLL : 7.0.0.42 25640 29/06/2006 16:56:05 ANTIVIR0.VDF : 6.35.0.1 7371264 29/06/2006 16:56:05 ANTIVIR1.VDF : 6.35.0.4 2048 29/06/2006 16:56:05 ANTIVIR2.VDF : 6.35.0.5 2048 29/06/2006 16:56:05 ANTIVIR3.VDF : 6.35.0.6 2048 29/06/2006 16:56:05 AVEWIN32.DLL : 7.1.0.10 1511936 29/06/2006 16:56:05 AVPREF.DLL : 7.0.0.1 49192 29/06/2006 16:56:05 AVREP.DLL : 6.35.0.1 643112 29/06/2006 16:56:05 AVRPBASE.DLL : 7.0.0.0 2162728 29/06/2006 16:56:05 AVPACK32.DLL : 7.1.0.1 335912 29/06/2006 16:56:05 AVREG.DLL : 6.31.0.90 27688 29/06/2006 16:56:05 NETNT.DLL : 6.32.0.0 6696 29/06/2006 16:56:05 NETNW.DLL : 6.32.0.0 9768 29/06/2006 16:56:05 RCIMAGE.DLL : 7.0.0.71 1642536 29/06/2006 16:56:05 RCTEXT.DLL : 7.0.0.75 77864 29/06/2006 16:56:05 Configuration settings for the scan: Jobname: '%s'.................: Manual Selection Configuration file............: C:\Documents and Settings\All Users\Application Data\AntiVir PersonalEdition Classic\PROFILES\folder.avp Boot sectors..................: C,D Scan memory...................: 1 Process scan..................: 1 Scan all files................: 1 Scan archives.................: 1 Recursion depth...............: 20 Smart extensions..............: 1 Skipped archive types.........: 1000,1001,1002,1003,1004, Macro heuristic...............: 1 File heuristic................: 2 Primary action................: 1 Secondary action..............: 0 Start of the scan: jeudi 29 juin 2006 19:30 The scan over running processes will be started 13 Processes was scanned Start scanning boot sectors: Boot sector 'C:\' [NOTE] No virus was found! Boot sector 'D:\' [NOTE] No virus was found! Starting to scan the registry. The registry was scanned ( 31 files ). Starting the file scan: C:\pagefile.sys [WARNING] The file could not be opened! C:\WINDOWS\system32\config\system.LOG [WARNING] The file could not be opened! C:\WINDOWS\system32\config\software.LOG [WARNING] The file could not be opened! C:\WINDOWS\system32\config\default.LOG [WARNING] The file could not be opened! C:\WINDOWS\system32\config\SECURITY [WARNING] The file could not be opened! C:\WINDOWS\system32\config\SAM [WARNING] The file could not be opened! C:\WINDOWS\system32\config\SAM.LOG [WARNING] The file could not be opened! C:\WINDOWS\system32\config\SECURITY.LOG [WARNING] The file could not be opened! C:\WINDOWS\system32\config\SYSTEM [WARNING] The file could not be opened! C:\WINDOWS\system32\config\SOFTWARE [WARNING] The file could not be opened! C:\WINDOWS\system32\config\DEFAULT [WARNING] The file could not be opened! C:\Documents and Settings\NetworkService\NTUSER.DAT [WARNING] The file could not be opened! C:\Documents and Settings\NetworkService\ntuser.dat.LOG [WARNING] The file could not be opened! C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat [WARNING] The file could not be opened! C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG [WARNING] The file could not be opened! C:\Documents and Settings\Parents\NTUSER.DAT [WARNING] The file could not be opened! C:\Documents and Settings\Parents\ntuser.dat.LOG [WARNING] The file could not be opened! C:\Documents and Settings\Parents\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat [WARNING] The file could not be opened! C:\Documents and Settings\Parents\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG [WARNING] The file could not be opened! D:\System Volume Information\_restore{C7CA3723-B05F-4094-96E4-7F516AA71A9B}\RP78\A0011405.exe [DETECTION] Contains signature of the dial-up program DIAL/300945 [iNFO] The file was deleted! End of the scan: jeudi 29 juin 2006 19:40 Used time: 10:16 min The scan has been done completely. 4819 Scanning directories 213831 Files were scanned 1 viruses and/or unwanted programs was found 1 files were deleted 0 files were repaired 0 files were moved to quarantine 0 files were renamed 7320 Archives were scanned 19 Warnings 3 Notes ********************************************** et maintenant, HijackThis : Logfile of HijackThis v1.99.1 Scan saved at 19:48:04, on 29/06/2006 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe C:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe C:\Program Files\Fichiers communs\Symantec Shared\SPBBC\SPBBCSvc.exe C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\AntiVir PersonalEdition Classic\sched.exe C:\Program Files\AntiVir PersonalEdition Classic\avguard.exe C:\Program Files\FileZilla Server\FileZilla Server.exe C:\Program Files\Norton AntiVirus\navapsvc.exe C:\Program Files\Norton AntiVirus\IWP\NPFMntor.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\ZONELABS\vsmon.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\dcomcfg.exe C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe C:\Program Files\NVIDIA Corporation\NvMixer\NVMixerTray.exe C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe C:\Program Files\Samsung\Samsung Media Studio\SamsungMediaStudioAgent.exe C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe C:\Program Files\AntiVir PersonalEdition Classic\avgnt.exe C:\Program Files\LaCie\Backup Software\LaCieBackup.exe C:\Program Files\MSN Messenger\MsnMsgr.Exe C:\Program Files\Messenger\msmsgs.exe C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpobnz08.exe C:\Program Files\Nikon\PictureProject\NkbMonitor.exe C:\Palm\HOTSYNC.EXE C:\Program Files\acer\eRecovery\Monitor.exe C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpoevm08.exe C:\WINDOWS\system32\wbem\wmiapsrv.exe C:\Program Files\Hewlett-Packard\Digital Imaging\Bin\hpoSTS08.exe C:\WINDOWS\system32\wuauclt.exe C:\WINDOWS\system32\wuauclt.exe C:\Program Files\HijackThis\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O2 - BHO: Nothing - {5f4c3d09-b3b9-4f88-aa82-31332fee1c08} - C:\WINDOWS\system32\hp100.tmp O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll O2 - BHO: CNavExtBho Class - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton AntiVirus\NavShExt.dll O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton AntiVirus\NavShExt.dll O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll O3 - Toolbar: Barre d'outils MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Toolbar\01.01.2607.0\fr\msntb.dll O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O4 - HKLM\..\Run: [LaunchApp] Alaunch O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe" O4 - HKLM\..\Run: [iMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32 O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe" O4 - HKLM\..\Run: [NVMixerTray] "C:\Program Files\NVIDIA Corporation\NvMixer\NVMixerTray.exe" O4 - HKLM\..\Run: [eRecoveryService] C:\Windows\System32\Check.exe O4 - HKLM\..\Run: [sunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe O4 - HKLM\..\Run: [symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe /Consumer O4 - HKLM\..\Run: [YeppStudioAgent] C:\Program Files\Samsung\Samsung Media Studio\SamsungMediaStudioAgent.exe O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot O4 - HKLM\..\Run: [Zone Labs Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe" O4 - HKLM\..\Run: [FileZilla Server Interface] "C:\Program Files\FileZilla Server\FileZilla Server Interface.exe" O4 - HKLM\..\Run: [avgnt] "C:\Program Files\AntiVir PersonalEdition Classic\avgnt.exe" /min O4 - HKCU\..\Run: [LaCie Backup] C:\Program Files\LaCie\Backup Software\\LaCieBackup.exe /background O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background O4 - Startup: HotSync Manager.lnk = C:\Palm\HOTSYNC.EXE O4 - Global Startup: hpoddt01.exe.lnk = ? O4 - Global Startup: hp psc 2000 Series.lnk = C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpobnz08.exe O4 - Global Startup: NkbMonitor.exe.lnk = C:\Program Files\Nikon\PictureProject\NkbMonitor.exe O8 - Extra context menu item: &Traduire à partir de l'anglais - res://c:\program files\google\GoogleToolbar2.dll/cmwordtrans.html O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 O8 - Extra context menu item: Pages liées - res://c:\program files\google\GoogleToolbar2.dll/cmbacklinks.html O8 - Extra context menu item: Pages similaires - res://c:\program files\google\GoogleToolbar2.dll/cmsimilar.html O8 - Extra context menu item: Recherche &Google - res://c:\program files\google\GoogleToolbar2.dll/cmsearch.html O8 - Extra context menu item: Version de la page actuelle disponible dans le cache Google - res://c:\program files\google\GoogleToolbar2.dll/cmcache.html O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O16 - DPF: {A2505C6C-6F17-456F-89D2-4301FBDC6EC7} (Iewiper Control) - https://atome.lemonde.fr/nortel_cacheable/iewiper.cab O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing) O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\AntiVir PersonalEdition Classic\sched.exe O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - AVIRA GmbH - C:\Program Files\AntiVir PersonalEdition Classic\avguard.exe O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccPwdSvc.exe O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe O23 - Service: FileZilla Server FTP server (FileZilla Server) - Unknown owner - C:\Program Files\FileZilla Server\FileZilla Server.exe O23 - Service: Service Norton AntiVirus Auto-Protect (navapsvc) - Symantec Corporation - C:\Program Files\Norton AntiVirus\navapsvc.exe O23 - Service: Norton AntiVirus Firewall Monitor Service (NPFMntor) - Symantec Corporation - C:\Program Files\Norton AntiVirus\IWP\NPFMntor.exe O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe O23 - Service: SAVScan - Symantec Corporation - C:\Program Files\Norton AntiVirus\SAVScan.exe O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\FICHIE~1\SYMANT~1\SCRIPT~1\SBServ.exe O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\SPBBC\SPBBCSvc.exe O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZONELABS\vsmon.exe ********************************************** Si quelqu'un peut m'éviter de reformater et réinstaller complètement le PC !!! Merci d'avance. CTC94
×
×
  • Créer...