Aller au contenu

Digabestr

Membres
  • Compteur de contenus

    18
  • Inscription

  • Dernière visite

Autres informations

  • Mes langues
    français, anglais, espagnol

Digabestr's Achievements

Junior Member

Junior Member (3/12)

0

Réputation sur la communauté

  1. Je me permets de remonter ce post vu que je n'ai toujours pas réglé le problème. J'en profite pour poster le HijackThis: Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 23:46:05, on 06/01/2010 Platform: Windows Vista SP2 (WinNT 6.00.1906) MSIE: Internet Explorer v8.00 (8.00.6001.18865) Boot mode: Normal Running processes: C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Windows\system32\taskeng.exe C:\Program Files\Dell Support Center\bin\sprtcmd.exe C:\Windows\ehome\ehtray.exe C:\Program Files\Windows Media Player\wmpnscfg.exe C:\Program Files\COMODO\COMODO Internet Security\cfp.exe C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe C:\Windows\ehome\ehmsas.exe C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe C:\Program Files\Mozilla Thunderbird\thunderbird.exe C:\Windows\system32\Taskmgr.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Trend Micro\HijackThis\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.uk.msn.com/USCON/7 R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.liberation.fr/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Internet Explorer fourni par Dell R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file) O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll O4 - HKLM\..\Run: [dellsupportcenter] "C:\Program Files\Dell Support Center\bin\sprtcmd.exe" /P dellsupportcenter O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU') O4 - .DEFAULT User Startup: Dell Dock First Run.lnk = C:\Program Files\Dell\DellDock\DellDock.exe (User 'Default user') O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office10\EXCEL.EXE/3000 O8 - Extra context menu item: Envoyer au périphérique &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm O8 - Extra context menu item: Envoyer l'&image au périphérique Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O13 - Gopher Prefix: O16 - DPF: {01A88BB1-1174-41EC-ACCB-963509EAE56B} (SysProWmi Class) - http://support.euro.dell.com/systemprofiler/SysPro.CAB O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL C:\Windows\system32\guard32.dll O20 - Winlogon Notify: GoToAssist - C:\Program Files\Citrix\GoToAssist\514\G2AWinLogon.dll O23 - Service: Andrea ST Filters Service (AESTFilters) - Andrea Electronics Corporation - C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_ae0b52e0\aestsrv.exe O23 - Service: Avira AntiVir Planificateur (AntiVirSchedulerService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\sched.exe O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avguard.exe O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe O23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:\Windows\system32\Ati2evxx.exe O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe O23 - Service: COMODO Internet Security Helper Service (cmdAgent) - COMODO - C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe O23 - Service: Dock Login Service (DockLoginService) - Stardock Corporation - C:\Program Files\Dell\DellDock\DockLogin.exe O23 - Service: Google Desktop Manager 5.9.911.3589 (GoogleDesktopManager-110309-193829) - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe O23 - Service: GoToAssist - Citrix Online, a division of Citrix Systems, Inc. - C:\Program Files\Citrix\GoToAssist\514\g2aservice.exe O23 - Service: Advanced Networking Service (hnmsvc) - Dell Inc. - C:\Program Files\Common Files\Dell\Advanced Networking Service\hnm_svc.exe O23 - Service: Intel® Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe O23 - Service: SupportSoft Sprocket Service (DellSupportCenter) (sprtsvc_DellSupportCenter) - SupportSoft, Inc. - C:\Program Files\Dell Support Center\bin\sprtsvc.exe O23 - Service: Audio Service (STacSV) - IDT, Inc. - C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_ae0b52e0\STacSV.exe O23 - Service: stllssvr - MicroVision Development, Inc. - C:\Program Files\Common Files\SureThing Shared\stllssvr.exe O23 - Service: Marvell Yukon Service (yksvc) - Unknown owner - RUNDLL32.EXE (file missing) -- End of file - 8463 bytes
  2. Bonsoir, Oui, j'ai fait tout ça aussi bien par la méthode des fusions que via regedit. Mais il ne se passe rien... J'ai aussi suivi le lien que vous m'avez donné, mais pas trouvé de solution non plus... D
  3. Merci pour votre réponse. Je viens de suivre votre conseil. Malheureusement rien n'a changé, même après redémarrage de l'ordinateur...
  4. Bonjour, J'ai un problème depuis quelques jours: nombres de programmes ne semblent plus démarrer au démarrage de mon ordinateur (Antivir, Google Desktop,Comodo, etc.). En tous cas, leur icône n'apparait plus dans la zone de notification à droite de l'écran et ils ne sont pas non plus dans le gestionnaire des taches (sauf quand je demande d'afficher les processus de tous les utilisateurs). Le problème le plus inquiétant est bien entendu lié à Antivir. Le Centre de sécurité de windows me dit que Antivir tourne. Antivir se met à jour régulièrement. Quand je lance Antivir il me dit qu'il est déjà en fonctionnement depuis que j'ai lancé mon ordinateur. Mais rien à faire pour l'icone: elle ne réapparait pas dans la zone de notification (même quand je lance Antivir manuellement). Donc je ne sais pas si je suis protégé ni si je suis infecté... J'ai déjà passé Kapersky, spybot, Malwarebytes, etc. Mais ils n'ont strictement rien trouvé! Sinon, mon ordinateur fonctionne sous Vista. Merci d'avance pour vos conseils. Cordialement, Digabestr
  5. Bonjour, A priori non. Ou en tous cas s'il y a un problème il est bien caché! Merci beaucoup pour votre aide! Cordialement, Youenn
  6. Bonjour, Désolé du retard de ma réponse: j'étais absent because Noel. Voilà le rapport: ========== PROCESSES ========== Process explorer.exe killed successfully. ========== REGISTRY ========== Registry key HKLM\Software\Classes\CLSID\{47608DFF-4B9A-A959-23BF-89561B­B5EB10}\\ not found. ========== COMMANDS ========== File delete failed. C:\DOCUME~1\Tudi\LOCALS~1\Temp\etilqs_ujv9enSh0ZgzpycGNbaF scheduled to be deleted on reboot. File delete failed. C:\DOCUME~1\Tudi\LOCALS~1\Temp\~DF5857.tmp scheduled to be deleted on reboot. User's Temp folder emptied. User's Temporary Internet Files folder emptied. User's Internet Explorer cache folder emptied. Local Service Temp folder emptied. File delete failed. C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\INDEX.DAT scheduled to be deleted on reboot. Local Service Temporary Internet Files folder emptied. File delete failed. C:\WINDOWS\temp\Perflib_Perfdata_74c.dat scheduled to be deleted on reboot. File delete failed. C:\WINDOWS\temp\ZLT074cd.TMP scheduled to be deleted on reboot. File delete failed. C:\WINDOWS\temp\ZLT07da6.TMP scheduled to be deleted on reboot. Windows Temp folder emptied. Java cache emptied. File delete failed. C:\Documents and Settings\Tudi\Local Settings\Application Data\Mozilla\Firefox\Profiles\bfvfn1en.default\Cache\_CACHE_001_ scheduled to be deleted on reboot. File delete failed. C:\Documents and Settings\Tudi\Local Settings\Application Data\Mozilla\Firefox\Profiles\bfvfn1en.default\Cache\_CACHE_002_ scheduled to be deleted on reboot. File delete failed. C:\Documents and Settings\Tudi\Local Settings\Application Data\Mozilla\Firefox\Profiles\bfvfn1en.default\Cache\_CACHE_003_ scheduled to be deleted on reboot. File delete failed. C:\Documents and Settings\Tudi\Local Settings\Application Data\Mozilla\Firefox\Profiles\bfvfn1en.default\Cache\_CACHE_MAP_ scheduled to be deleted on reboot. File delete failed. C:\Documents and Settings\Tudi\Local Settings\Application Data\Mozilla\Firefox\Profiles\bfvfn1en.default\urlclassifier3.sqlite scheduled to be deleted on reboot. File delete failed. C:\Documents and Settings\Tudi\Local Settings\Application Data\Mozilla\Firefox\Profiles\bfvfn1en.default\XUL.mfl scheduled to be deleted on reboot. FireFox cache emptied. Temp folders emptied. Explorer started successfully OTMoveIt3 by OldTimer - Version 1.0.7.2 log created on 12272008_180307 Files moved on Reboot... File C:\DOCUME~1\Tudi\LOCALS~1\Temp\etilqs_ujv9enSh0ZgzpycGNbaF not found! File C:\DOCUME~1\Tudi\LOCALS~1\Temp\~DF5857.tmp not found! File move failed. C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\INDEX.DAT scheduled to be moved on reboot. C:\WINDOWS\temp\Perflib_Perfdata_74c.dat moved successfully. File C:\WINDOWS\temp\ZLT074cd.TMP not found! File C:\WINDOWS\temp\ZLT07da6.TMP not found! C:\Documents and Settings\Tudi\Local Settings\Application Data\Mozilla\Firefox\Profiles\bfvfn1en.default\Cache\_CACHE_001_ moved successfully. C:\Documents and Settings\Tudi\Local Settings\Application Data\Mozilla\Firefox\Profiles\bfvfn1en.default\Cache\_CACHE_002_ moved successfully. C:\Documents and Settings\Tudi\Local Settings\Application Data\Mozilla\Firefox\Profiles\bfvfn1en.default\Cache\_CACHE_003_ moved successfully. C:\Documents and Settings\Tudi\Local Settings\Application Data\Mozilla\Firefox\Profiles\bfvfn1en.default\Cache\_CACHE_MAP_ moved successfully. C:\Documents and Settings\Tudi\Local Settings\Application Data\Mozilla\Firefox\Profiles\bfvfn1en.default\urlclassifier3.sqlite moved successfully. C:\Documents and Settings\Tudi\Local Settings\Application Data\Mozilla\Firefox\Profiles\bfvfn1en.default\XUL.mfl moved successfully.
  7. Effectivement, Superantispyware a découvert des problèmes. Voilà le log: SUPERAntiSpyware Scan Log http://www.superantispyware.com Generated 12/23/2008 at 02:58 PM Application Version : 4.23.1006 Core Rules Database Version : 3682 Trace Rules Database Version: 1660 Scan type : Complete Scan Total Scan Time : 01:02:21 Memory items scanned : 552 Memory threats detected : 0 Registry items scanned : 6097 Registry threats detected : 3 File items scanned : 23197 File threats detected : 2 Parasite.WareOut HKLM\Software\Classes\CLSID\{47608DFF-4B9A-A959-23BF-89561B­B5EB10} HKCR\CLSID\{47608DFF-4B9A-A959-23BF-89561BB5EB10} HKCR\CLSID\{47608DFF-4B9A-A959-23BF-89561BB5EB10}\InprocSer­ver32 PROGMEN.DLL Adware.Tracking Cookie C:\Documents and Settings\Tudi\Cookies\[email protected][1].txt Autre problème: j'ai essayé de suivre vos conseils ci-dessus, mais je n'arrive vraiment pas à me défaire de TeaTimer. Il réapparait quand je rallume mon ordinateur
  8. J'ai déjà fait une analyse avec MBAM qui n'a strictement rien trouvé... Passé aussi Ccleaner et AdAware, et même ad-squared free...
  9. Bonjour, J'ai attrapé un trojan. Avast m'avertit qu'il s'agit de Win32: Trojan.gen (other). Il le met en quarantaine mais le trojan réapparait systématiquement au bout d'une heure ou deux (à chaque fois à des endroits différents). Le virus à semble-t-il touché thunderbird. Un dossier a été complètement effacé: pas possible de récupérer un seul de ses mails! Merci de m'aider à m'en débarrasser. Cordialement, Youenn Voici mon rapport hijackthis: Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 10:46:39, on 23/12/2008 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\System32\S24EvMon.exe C:\WINDOWS\SYSTEM32\ZoneLabs\vsmon.exe C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe C:\Program Files\Alwil Software\Avast4\ashServ.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe C:\Program Files\Dell\QuickSet\quickset.exe C:\WINDOWS\system32\dla\tfswctrl.exe C:\Program Files\Dell\Media Experience\PCMService.exe C:\WINDOWS\system32\kmw_run.exe C:\Program Files\HP\HP Software Update\HPWuSchd2.exe C:\WINDOWS\system32\hkcmd.exe C:\WINDOWS\system32\igfxpers.exe C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe C:\Program Files\DAEMON Tools\daemon.exe C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.0\Apps\apdproxy.exe C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe C:\WINDOWS\system32\igfxsrvc.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe C:\WINDOWS\system32\KMW_SHOW.EXE C:\Program Files\Digital Line Detect\DLG.exe c:\program files\a-squared free\a2service.exe C:\Program Files\Softissimo\Lexibase Collins FE\exe\l-express.exe C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe C:\WINDOWS\System32\HPZipm12.exe C:\WINDOWS\System32\RegSrvc.exe C:\Program Files\OpenOffice.org 2.4\program\soffice.exe C:\Program Files\OpenOffice.org 2.4\program\soffice.BIN C:\WINDOWS\System32\PAStiSvc.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\HP\Digital Imaging\bin\hpqgalry.exe C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe C:\Program Files\Alwil Software\Avast4\ashWebSv.exe C:\WINDOWS\system32\wscntfy.exe C:\WINDOWS\system32\wuauclt.exe C:\Program Files\Mozilla Thunderbird\thunderbird.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\WINDOWS\system32\taskmgr.exe C:\WINDOWS\system32\wuauclt.exe C:\Program Files\Trend Micro\HijackThis\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.dell.ca/index.htm R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.dell.ca/index.htm R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = wwwcache.uhb.fr:8080 R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file) O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\4.1.805.4472\swg.dll O2 - BHO: PDFCreator Toolbar Helper - {C451C08A-EC37-45DF-AAAD-18B51AB5E837} - C:\Program Files\PDFCreator Toolbar\v3.3.0.1\PDFCreator_Toolbar.dll O3 - Toolbar: PDFCreator Toolbar - {31CF9EBE-5755-4A1D-AC25-2834D952D9B4} - C:\Program Files\PDFCreator Toolbar\v3.3.0.1\PDFCreator_Toolbar.dll O4 - HKLM\..\Run: [Apoint] C:\Program Files\Apoint\Apoint.exe O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe" O4 - HKLM\..\Run: [PRONoMgr.exe] C:\Program Files\Intel\PROSetWireless\NCS\PROSet\PRONoMgr.exe O4 - HKLM\..\Run: [Dell QuickSet] C:\Program Files\Dell\QuickSet\quickset.exe O4 - HKLM\..\Run: [dla] C:\WINDOWS\system32\dla\tfswctrl.exe O4 - HKLM\..\Run: [updateManager] "C:\Program Files\Fichiers communs\Sonic\Update Manager\sgtray.exe" /r O4 - HKLM\..\Run: [PCMService] "C:\Program Files\Dell\Media Experience\PCMService.exe" O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe O4 - HKLM\..\Run: [EPSON Stylus Photo RX420 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATI9CE.EXE /P31 "EPSON Stylus Photo RX420 Series" /O6 "USB001" /M "Stylus Photo RX420" O4 - HKLM\..\Run: [kmw_run.exe] kmw_run.exe O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe O4 - HKLM\..\Run: [igfxtray] C:\WINDOWS\system32\igfxtray.exe O4 - HKLM\..\Run: [igfxhkcmd] C:\WINDOWS\system32\hkcmd.exe O4 - HKLM\..\Run: [igfxpers] C:\WINDOWS\system32\igfxpers.exe O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe O4 - HKLM\..\Run: [DAEMON Tools] "C:\Program Files\DAEMON Tools\daemon.exe" -lang 1033 O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.0\Apps\apdproxy.exe" O4 - HKLM\..\Run: [iMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32 O4 - HKLM\..\Run: [iMEKRMIG6.1] C:\WINDOWS\ime\imkr6_1\IMEKRMIG.EXE O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe" O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [spybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe O4 - HKCU\..\RunOnce: [FFTI] C:\Documents and Settings\Tudi\Application Data\Mozilla\Firefox\Profiles\bfvfn1en.default\extensions\{B13721C7-F507-4982-B2E5-502A71474FED}\ffti.exe /VERYSILENT /SUPPRESSMSGBOXES /NORESTART /DestPath="C:\Documents and Settings\Tudi\Application Data\Mozilla\Firefox\Profiles/bfvfn1en.default\extensions\{B13721C7-F507-4982-B2E5-502A71474FED}" O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user') O4 - Startup: OpenOffice.org 2.4.lnk = C:\Program Files\OpenOffice.org 2.4\program\quickstart.exe O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe O4 - Global Startup: Digital Line Detect.lnk = ? O4 - Global Startup: Démarrage rapide du logiciel HP Image Zone.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe O4 - Global Startup: L-Express.lnk = C:\Program Files\Softissimo\Lexibase Collins FE\exe\l-express.exe O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~4\Office10\EXCEL.EXE/3000 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no file) O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll O14 - IERESET.INF: START_PAGE_URL=http://www.orange.fr O16 - DPF: CabBuilder - http://kiw.imgag.com/imgag/kiw/toolbar/dow...llerControl.cab O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://webscanner.kaspersky.fr/kavwebscan_unicode.cab O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://by15fd.bay15.hotmail.msn.com/resources/MsnPUpld.cab O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/...b?1138045343761 O16 - DPF: {7FA319FB-FFB9-4089-87EB-63179244E6E6} (NetDirect Control) - https://portail.wfg.uhb.fr/NetDirect.cab O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab56907.cab O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL O23 - Service: a-squared Free Service (a2free) - Emsi Software GmbH - c:\program files\a-squared free\a2service.exe O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe O23 - Service: Google Desktop Manager 5.7.806.10245 (GoogleDesktopManager-061008-081103) - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: Intel NCS NetService (NetSvc) - Intel® Corporation - C:\Program Files\Intel\PROSetWired\NCS\Sync\NetSvc.exe O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\System32\HPZipm12.exe O23 - Service: RegSrvc - Intel Corporation - C:\WINDOWS\System32\RegSrvc.exe O23 - Service: Spectrum24 Event Monitor (S24EventMonitor) - Intel Corporation - C:\WINDOWS\System32\S24EvMon.exe O23 - Service: Spyware Doctor Auxiliary Service (sdAuxService) - PC Tools - C:\Program Files\Spyware Doctor\svcntaux.exe O23 - Service: Spyware Doctor Service (sdCoreService) - PC Tools - C:\Program Files\Spyware Doctor\swdsvc.exe O23 - Service: STI Simulator - Unknown owner - C:\WINDOWS\System32\PAStiSvc.exe O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\SYSTEM32\ZoneLabs\vsmon.exe -- End of file - 12360 bytes
  10. Bonjour, Non, merci, il marche bien. Il rame pas mal, mais il ramait déjà avant. Encore merci
  11. Ok, j'ai fait un scan avec Kapersky et il ne trouve rien. Mais il faut dire qu'il ne trouvait rien dimanche dernier non plus alors que j'avais à l'évidence des problèmes... Pas très performant ce truc... Merci pour tout!!! Ciao
  12. Bonsoir, J'ai suivi tes recommendations. Voilà les rapports: --------------------------------------------------------- AVG Anti-Spyware - Rapport d'analyse --------------------------------------------------------- + Créé à: 13:10:17 07/11/2006 + Résultat de l'analyse: :mozilla.117:C:\Documents and Settings\Tudi\Application Data\Mozilla\Firefox\Profiles\bfvfn1en.default\cookies.txt -> TrackingCookie.247realmedia : Nettoyé. :mozilla.118:C:\Documents and Settings\Tudi\Application Data\Mozilla\Firefox\Profiles\bfvfn1en.default\cookies.txt -> TrackingCookie.247realmedia : Nettoyé. :mozilla.119:C:\Documents and Settings\Tudi\Application Data\Mozilla\Firefox\Profiles\bfvfn1en.default\cookies.txt -> TrackingCookie.247realmedia : Nettoyé. :mozilla.120:C:\Documents and Settings\Tudi\Application Data\Mozilla\Firefox\Profiles\bfvfn1en.default\cookies.txt -> TrackingCookie.247realmedia : Nettoyé. C:\Documents and Settings\Tudi\Cookies\[email protected][1].txt -> TrackingCookie.2o7 : Nettoyé. :mozilla.84:C:\Documents and Settings\Tudi\Application Data\Mozilla\Firefox\Profiles\bfvfn1en.default\cookies.txt -> TrackingCookie.Atdmt : Nettoyé. :mozilla.14:C:\Documents and Settings\Tudi\Application Data\Mozilla\Firefox\Profiles\bfvfn1en.default\cookies.txt -> TrackingCookie.Bluestreak : Nettoyé. :mozilla.15:C:\Documents and Settings\Tudi\Application Data\Mozilla\Firefox\Profiles\bfvfn1en.default\cookies.txt -> TrackingCookie.Doubleclick : Nettoyé. :mozilla.19:C:\Documents and Settings\Tudi\Application Data\Mozilla\Firefox\Profiles\bfvfn1en.default\cookies.txt -> TrackingCookie.Estat : Nettoyé. :mozilla.47:C:\Documents and Settings\Tudi\Application Data\Mozilla\Firefox\Profiles\bfvfn1en.default\cookies.txt -> TrackingCookie.Masterstats : Nettoyé. :mozilla.113:C:\Documents and Settings\Tudi\Application Data\Mozilla\Firefox\Profiles\bfvfn1en.default\cookies.txt -> TrackingCookie.Onestat : Nettoyé. :mozilla.114:C:\Documents and Settings\Tudi\Application Data\Mozilla\Firefox\Profiles\bfvfn1en.default\cookies.txt -> TrackingCookie.Onestat : Nettoyé. :mozilla.134:C:\Documents and Settings\Tudi\Application Data\Mozilla\Firefox\Profiles\bfvfn1en.default\cookies.txt -> TrackingCookie.Overture : Nettoyé. :mozilla.136:C:\Documents and Settings\Tudi\Application Data\Mozilla\Firefox\Profiles\bfvfn1en.default\cookies.txt -> TrackingCookie.Pointroll : Nettoyé. :mozilla.137:C:\Documents and Settings\Tudi\Application Data\Mozilla\Firefox\Profiles\bfvfn1en.default\cookies.txt -> TrackingCookie.Pointroll : Nettoyé. :mozilla.138:C:\Documents and Settings\Tudi\Application Data\Mozilla\Firefox\Profiles\bfvfn1en.default\cookies.txt -> TrackingCookie.Pointroll : Nettoyé. :mozilla.139:C:\Documents and Settings\Tudi\Application Data\Mozilla\Firefox\Profiles\bfvfn1en.default\cookies.txt -> TrackingCookie.Pointroll : Nettoyé. C:\Documents and Settings\Tudi\Cookies\[email protected][2].txt -> TrackingCookie.Pointroll : Nettoyé. :mozilla.152:C:\Documents and Settings\Tudi\Application Data\Mozilla\Firefox\Profiles\bfvfn1en.default\cookies.txt -> TrackingCookie.Questionmarket : Nettoyé. :mozilla.153:C:\Documents and Settings\Tudi\Application Data\Mozilla\Firefox\Profiles\bfvfn1en.default\cookies.txt -> TrackingCookie.Questionmarket : Nettoyé. :mozilla.145:C:\Documents and Settings\Tudi\Application Data\Mozilla\Firefox\Profiles\bfvfn1en.default\cookies.txt -> TrackingCookie.Serving-sys : Nettoyé. :mozilla.146:C:\Documents and Settings\Tudi\Application Data\Mozilla\Firefox\Profiles\bfvfn1en.default\cookies.txt -> TrackingCookie.Serving-sys : Nettoyé. :mozilla.147:C:\Documents and Settings\Tudi\Application Data\Mozilla\Firefox\Profiles\bfvfn1en.default\cookies.txt -> TrackingCookie.Serving-sys : Nettoyé. :mozilla.148:C:\Documents and Settings\Tudi\Application Data\Mozilla\Firefox\Profiles\bfvfn1en.default\cookies.txt -> TrackingCookie.Serving-sys : Nettoyé. :mozilla.149:C:\Documents and Settings\Tudi\Application Data\Mozilla\Firefox\Profiles\bfvfn1en.default\cookies.txt -> TrackingCookie.Serving-sys : Nettoyé. :mozilla.14:C:\Documents and Settings\Tudi\Application Data\Thunderbird\Profiles\6ozf2ua6.default\cookies.txt -> TrackingCookie.Serving-sys : Nettoyé. :mozilla.15:C:\Documents and Settings\Tudi\Application Data\Thunderbird\Profiles\6ozf2ua6.default\cookies.txt -> TrackingCookie.Serving-sys : Nettoyé. :mozilla.16:C:\Documents and Settings\Tudi\Application Data\Thunderbird\Profiles\6ozf2ua6.default\cookies.txt -> TrackingCookie.Serving-sys : Nettoyé. :mozilla.17:C:\Documents and Settings\Tudi\Application Data\Thunderbird\Profiles\6ozf2ua6.default\cookies.txt -> TrackingCookie.Serving-sys : Nettoyé. :mozilla.10:C:\Documents and Settings\Tudi\Application Data\Thunderbird\Profiles\6ozf2ua6.default\cookies.txt -> TrackingCookie.Smartadserver : Nettoyé. :mozilla.22:C:\Documents and Settings\Tudi\Application Data\Mozilla\Firefox\Profiles\bfvfn1en.default\cookies.txt -> TrackingCookie.Smartadserver : Nettoyé. :mozilla.23:C:\Documents and Settings\Tudi\Application Data\Mozilla\Firefox\Profiles\bfvfn1en.default\cookies.txt -> TrackingCookie.Smartadserver : Nettoyé. :mozilla.24:C:\Documents and Settings\Tudi\Application Data\Mozilla\Firefox\Profiles\bfvfn1en.default\cookies.txt -> TrackingCookie.Smartadserver : Nettoyé. :mozilla.6:C:\Documents and Settings\Tudi\Application Data\Thunderbird\Profiles\6ozf2ua6.default\cookies.txt -> TrackingCookie.Smartadserver : Nettoyé. :mozilla.9:C:\Documents and Settings\Tudi\Application Data\Thunderbird\Profiles\6ozf2ua6.default\cookies.txt -> TrackingCookie.Smartadserver : Nettoyé. :mozilla.34:C:\Documents and Settings\Tudi\Application Data\Mozilla\Firefox\Profiles\bfvfn1en.default\cookies.txt -> TrackingCookie.Statcounter : Nettoyé. :mozilla.36:C:\Documents and Settings\Tudi\Application Data\Mozilla\Firefox\Profiles\bfvfn1en.default\cookies.txt -> TrackingCookie.Statcounter : Nettoyé. :mozilla.167:C:\Documents and Settings\Tudi\Application Data\Mozilla\Firefox\Profiles\bfvfn1en.default\cookies.txt -> TrackingCookie.Tacoda : Nettoyé. :mozilla.168:C:\Documents and Settings\Tudi\Application Data\Mozilla\Firefox\Profiles\bfvfn1en.default\cookies.txt -> TrackingCookie.Tacoda : Nettoyé. :mozilla.169:C:\Documents and Settings\Tudi\Application Data\Mozilla\Firefox\Profiles\bfvfn1en.default\cookies.txt -> TrackingCookie.Tacoda : Nettoyé. :mozilla.111:C:\Documents and Settings\Tudi\Application Data\Mozilla\Firefox\Profiles\bfvfn1en.default\cookies.txt -> TrackingCookie.Tradedoubler : Nettoyé. :mozilla.112:C:\Documents and Settings\Tudi\Application Data\Mozilla\Firefox\Profiles\bfvfn1en.default\cookies.txt -> TrackingCookie.Tradedoubler : Nettoyé. :mozilla.135:C:\Documents and Settings\Tudi\Application Data\Mozilla\Firefox\Profiles\bfvfn1en.default\cookies.txt -> TrackingCookie.Tribalfusion : Nettoyé. :mozilla.85:C:\Documents and Settings\Tudi\Application Data\Mozilla\Firefox\Profiles\bfvfn1en.default\cookies.txt -> TrackingCookie.Weborama : Nettoyé. :mozilla.86:C:\Documents and Settings\Tudi\Application Data\Mozilla\Firefox\Profiles\bfvfn1en.default\cookies.txt -> TrackingCookie.Weborama : Nettoyé. :mozilla.87:C:\Documents and Settings\Tudi\Application Data\Mozilla\Firefox\Profiles\bfvfn1en.default\cookies.txt -> TrackingCookie.Weborama : Nettoyé. :mozilla.71:C:\Documents and Settings\Tudi\Application Data\Mozilla\Firefox\Profiles\bfvfn1en.default\cookies.txt -> TrackingCookie.Yieldmanager : Nettoyé. :mozilla.72:C:\Documents and Settings\Tudi\Application Data\Mozilla\Firefox\Profiles\bfvfn1en.default\cookies.txt -> TrackingCookie.Yieldmanager : Nettoyé. HKU\S-1-5-21-2989024220-1533013278-3815637794-1006\Software\Classes\CLSID\{35a88e51-b53d-43e9-b8a7-75d4c31b4676} -> Trojan.Small : Nettoyé et sauvegardé (mise en quarantaine). HKU\S-1-5-21-2989024220-1533013278-3815637794-1006_Classes\CLSID\{35a88e51-b53d-43e9-b8a7-75d4c31b4676} -> Trojan.Small : Nettoyé et sauvegardé (mise en quarantaine). Fin du rapport Logfile of HijackThis v1.99.1 Scan saved at 13:17:54, on 07/11/2006 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\System32\S24EvMon.exe C:\WINDOWS\SYSTEM32\ZoneLabs\vsmon.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Java\j2re1.4.2_03\bin\jusched.exe C:\Program Files\Dell\QuickSet\quickset.exe C:\WINDOWS\system32\dla\tfswctrl.exe C:\Program Files\Fichiers communs\Sonic\Update Manager\sgtray.exe C:\Program Files\Dell\Media Experience\PCMService.exe C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe C:\WINDOWS\system32\kmw_run.exe C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe C:\Program Files\HP\HP Software Update\HPWuSchd2.exe C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.0\Apps\apdproxy.exe C:\WINDOWS\system32\hkcmd.exe C:\WINDOWS\system32\igfxpers.exe C:\Program Files\Google\Google Desktop Search\GoogleDesktopIndex.exe C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe C:\Program Files\Prevx1\PXConsole.exe C:\Program Files\DAEMON Tools\daemon.exe C:\WINDOWS\system32\KMW_SHOW.EXE C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe C:\WINDOWS\system32\igfxsrvc.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Digital Line Detect\DLG.exe C:\Program Files\Alwil Software\Avast4\ashServ.exe C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe C:\Program Files\Softissimo\Lexibase Collins FE\exe\l-express.exe C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe C:\Program Files\Google\Google Desktop Search\GoogleDesktopDisplay.exe C:\Program Files\Google\Google Desktop Search\GoogleDesktopCrawl.exe C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe C:\Program Files\Prevx1\PXAgent.exe C:\WINDOWS\System32\RegSrvc.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\HP\Digital Imaging\bin\hpqgalry.exe C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe C:\Program Files\Alwil Software\Avast4\ashWebSv.exe C:\WINDOWS\system32\wuauclt.exe C:\Program Files\Google\Google Desktop Search\GoogleDesktopMail.exe C:\Documents and Settings\Tudi\Bureau\HiJackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.dell.ca/index.htm R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.dell.ca/index.htm R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = wwwcache.uhb.fr:8080 R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\PROGRA~1\Wanadoo\SEARCH~1.DLL (file missing) O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: Malicious Scripts Scanner - {55EA1964-F5E4-4D6A-B9B2-125B37655FCB} - C:\Documents and Settings\All Users\Application Data\Prevx\pxbho.dll O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O4 - HKLM\..\Run: [Apoint] C:\Program Files\Apoint\Apoint.exe O4 - HKLM\..\Run: [sunJavaUpdateSched] C:\Program Files\Java\j2re1.4.2_03\bin\jusched.exe O4 - HKLM\..\Run: [PRONoMgr.exe] C:\Program Files\Intel\PROSetWireless\NCS\PROSet\PRONoMgr.exe O4 - HKLM\..\Run: [Dell QuickSet] C:\Program Files\Dell\QuickSet\quickset.exe O4 - HKLM\..\Run: [dla] C:\WINDOWS\system32\dla\tfswctrl.exe O4 - HKLM\..\Run: [updateManager] "C:\Program Files\Fichiers communs\Sonic\Update Manager\sgtray.exe" /r O4 - HKLM\..\Run: [PCMService] "C:\Program Files\Dell\Media Experience\PCMService.exe" O4 - HKLM\..\Run: [DVDLauncher] "C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe" O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe O4 - HKLM\..\Run: [EPSON Stylus Photo RX420 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATI9CE.EXE /P31 "EPSON Stylus Photo RX420 Series" /O6 "USB001" /M "Stylus Photo RX420" O4 - HKLM\..\Run: [kmw_run.exe] kmw_run.exe O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.0\Apps\apdproxy.exe" O4 - HKLM\..\Run: [igfxtray] C:\WINDOWS\system32\igfxtray.exe O4 - HKLM\..\Run: [igfxhkcmd] C:\WINDOWS\system32\hkcmd.exe O4 - HKLM\..\Run: [igfxpers] C:\WINDOWS\system32\igfxpers.exe O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe O4 - HKLM\..\Run: [PrevxOne] "C:\Program Files\Prevx1\PXConsole.exe" O4 - HKLM\..\Run: [DAEMON Tools] "C:\Program Files\DAEMON Tools\daemon.exe" -lang 1033 O4 - HKLM\..\Run: [Zone Labs Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe" O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [NBJ] "C:\Program Files\Ahead\Nero BackItUp\nbj.exe" O4 - Global Startup: Digital Line Detect.lnk = ? O4 - Global Startup: Démarrage rapide du logiciel HP Image Zone.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe O4 - Global Startup: L-Express.lnk = C:\Program Files\Softissimo\Lexibase Collins FE\exe\l-express.exe O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~4\Office10\EXCEL.EXE/3000 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\msjava.dll (file missing) O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\msjava.dll (file missing) O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\System32\Shdocvw.dll O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O14 - IERESET.INF: START_PAGE_URL=http://www.orange.fr O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://webscanner.kaspersky.fr/kavwebscan_unicode.cab O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://by15fd.bay15.hotmail.msn.com/resources/MsnPUpld.cab O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/...b?1138045343761 O16 - DPF: {7FA319FB-FFB9-4089-87EB-63179244E6E6} (NetDirect Control) - https://portail.wfg.uhb.fr/NetDirect.cab O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - https://download.macromedia.com/pub/shockwa...ash/swflash.cab O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxdev.dll O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashServ.exe O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing) O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing) O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: Intel NCS NetService (NetSvc) - Intel® Corporation - C:\Program Files\Intel\PROSetWired\NCS\Sync\NetSvc.exe O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\System32\HPZipm12.exe O23 - Service: Prevx Agent (PREVXAgent) - Unknown owner - C:\Program Files\Prevx1\PXAgent.exe" -f (file missing) O23 - Service: RegSrvc - Intel Corporation - C:\WINDOWS\System32\RegSrvc.exe O23 - Service: Spectrum24 Event Monitor (S24EventMonitor) - Intel Corporation - C:\WINDOWS\System32\S24EvMon.exe O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\SYSTEM32\ZoneLabs\vsmon.exe J'espère que mon ordi est nettoyé! Tient moi au courant! @+
  13. Bonjour, Apparemment mon problème était dû au parefeu (je n'avais que celui de windows). Aujourd'hui j'ai installé ZoneAlarm et il semble que je n'aie plus de problème: le cheval de troie ne se manifeste plus. Est-ce que je suis quand même la procédure que tu m'indiques ci-dessus? En tous cas merci pour ton aide! @+
  14. Bonsoir, Le cheval de troie vient de se réveiller de nouveau et Avast de s'affoler. Je n'en suis donc pas débarassé à l'évidence Je fais quoi maintenant? Merci d'avance
×
×
  • Créer...