Merci de me répondre.
Les fenêtres vont et viennent sans savoir pourquoi.
Voici un rapport avec l'iframe sur www.google.fr (par exemple) ou même forum.zebulon.fr
De plus j'ai Antivir qui me signal un virus HEUR/Exploit.HTML en même temps mais je ne suis pas sur que cela soit lié car je n'ai pas souvenir d'avoir cette alerte au début des apparitions
Rapport:
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 21:45:56, on 29/01/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16574)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Windows Defender\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
C:\AppsSecur\AVG Anti-Spyware 7.5\guard.exe
c:\appshard\dell printers\Additional Color Laser Software\Status Monitor\DLSDBNT.EXE
C:\AppsComm\LogMeIn\x86\RaMaint.exe
C:\WINDOWS\Explorer.EXE
C:\AppsComm\LogMeIn\x86\LogMeIn.exe
c:\Program Files\Matrox Graphics Inc\PowerDesk HF\Matrox.PowerDesk.Services.exe
G:\AppsComm\Linux\Supervision\Nagios\nsclient\nsclient_201\Win_2k_XP_Bin\pNSClient.exe
C:\AppsComm\nsclient\NSClient++.exe
C:\AppsUtils\OCS Inventory Agent\ocsservice.exe
C:\PGI00\APP\PGIService.exe
C:\WINDOWS\System32\snmp.exe
C:\WINDOWS\system32\svchost.exe
c:\appshard\dell printers\Additional Color Laser Software\Status Monitor\DLPWDNT.EXE
C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
C:\AppsComm\LogMeIn\x86\LogMeInSystray.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\WINDOWS\vsnpstd3.exe
C:\AppsSecur\AVG Anti-Spyware 7.5\avgas.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\appshard\dell printers\Additional Color Laser Software\Status Monitor\DLPSP.EXE
C:\Program Files\VIA\RAID\raid_tool.exe
C:\Program Files\Matrox Graphics Inc\PowerDesk HF\Matrox.PowerDesk.PDeskNet.exe
C:\WINDOWS\system32\RunDll32.exe
C:\AppsUtils\VMware Player\hqtray.exe
C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\MSN Messenger\MsnMsgr.Exe
C:\AppsComm\Skype\Phone\Skype.exe
C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
C:\AppsComm\Microsoft ActiveSync\wcescomm.exe
C:\Program Files\Messenger\msmsgs.exe
C:\AppsSecur\Spybot - Search & Destroy\TeaTimer.exe
C:\AppsImages\Kodak EasyShare software\bin\EasyShare.exe
C:\AppsComm\MICROS~2\rapimgr.exe
C:\AppsBureau\OpenOffice.org 2.3\program\soffice.exe
C:\AppsBureau\OpenOffice.org 2.3\program\soffice.BIN
C:\WINDOWS\system32\wscntfy.exe
C:\AppsComm\Skype\Plugin Manager\skypePM.exe
C:\Program Files\Matrox Graphics Inc\PowerDesk HF\Matrox.PowerDesk.Communications.exe
C:\Program Files\MSN Messenger\usnsvc.exe
C:\AppsSecur\PeerGuardian2\pg2.exe
C:\AppsComm\Microsoft Office\Office12\OUTLOOK.EXE
C:\AppsComm\Mozilla Firefox\firefox.exe
C:\AppsComm\Mozilla Thunderbird\thunderbird.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avcenter.exe
C:\WINDOWS\system32\msiexec.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\APPSSE~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_04\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\AppsBureau\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_04\bin\jusched.exe"
O4 - HKLM\..\Run: [LogMeIn GUI] "C:\AppsComm\LogMeIn\x86\LogMeInSystray.exe"
O4 - HKLM\..\Run: [Logitech Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Fichiers communs\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [soundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [snpstd3] C:\WINDOWS\vsnpstd3.exe
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\AppsSecur\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKLM\..\Run: [DLPSP] "c:\appshard\dell printers\Additional Color Laser Software\Status Monitor\DLPSP.EXE"
O4 - HKLM\..\Run: [RaidTool] C:\Program Files\VIA\RAID\raid_tool.exe
O4 - HKLM\..\Run: [Matrox PowerDesk 8] "c:\Program Files\Matrox Graphics Inc\PowerDesk HF\matrox.powerdesk.exe" /silent
O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd
O4 - HKLM\..\Run: [VMware hqtray] "C:\AppsUtils\VMware Player\hqtray.exe"
O4 - HKLM\..\Run: [PCSuiteTrayApplication] C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe -startup
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [Windows Defender] "C:\Program Files\Windows Defender\MSASCui.exe" -hide
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [skype] "C:\AppsComm\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [PeerGuardian] C:\AppsSecur\PeerGuardian2\pg2.exe
O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\AppsComm\Microsoft ActiveSync\wcescomm.exe"
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [spybotSD TeaTimer] C:\AppsSecur\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: OpenOffice.org 2.3.lnk = C:\AppsBureau\OpenOffice.org 2.3\program\quickstart.exe
O4 - Global Startup: Logiciel Kodak EasyShare.lnk = C:\AppsImages\Kodak EasyShare software\bin\EasyShare.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_04\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_04\bin\ssv.dll
O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\AppsComm\MICROS~2\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\AppsComm\MICROS~2\INetRepl.dll
O9 - Extra 'Tools' menuitem: Créer un favori mobile... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\AppsComm\MICROS~2\INetRepl.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\AppsComm\MICROS~1\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\APPSSE~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\APPSSE~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://webscanner.kaspersky.fr/kavwebscan_unicode.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/windowsupd...b?1189941330812
O16 - DPF: {8167C273-DF59-4416-B647-C8BB2C7EE83E} (WebSDev Control) - http://liveupdate.msi.com.tw/autobios/LOnline/install.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shoc...ash/swflash.cab
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: Domain = prestainfo.com
O17 - HKLM\Software\..\Telephony: DomainName = prestainfo.com
O17 - HKLM\System\CCS\Services\Tcpip\..\{08EEC690-BF79-4810-A662-B453D0AFD94C}: NameServer = 212.27.32.5,212.27.32.175
O17 - HKLM\System\CCS\Services\Tcpip\..\{1F472F68-1B3D-4B93-A83F-89D68A841330}: NameServer = 212.27.32.175,212.27.32.5,212.27.32.176
O17 - HKLM\System\CCS\Services\Tcpip\..\{A2758B27-13B5-4878-A7F7-646702A96CF5}: Domain = prestainfo.com
O17 - HKLM\System\CCS\Services\Tcpip\..\{A2758B27-13B5-4878-A7F7-646702A96CF5}: NameServer = 192.168.0.254
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: Domain = prestainfo.com
O17 - HKLM\System\CS1\Services\Tcpip\..\{08EEC690-BF79-4810-A662-B453D0AFD94C}: NameServer = 212.27.32.5,212.27.32.175
O17 - HKLM\System\CS2\Services\Tcpip\Parameters: Domain = prestainfo.com
O17 - HKLM\System\CS2\Services\Tcpip\..\{08EEC690-BF79-4810-A662-B453D0AFD94C}: NameServer = 212.27.32.5,212.27.32.175
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL
O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\AppsSecur\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: Dell Printer Status Watcher (DLPWD) - Dell Inc. - c:\appshard\dell printers\Additional Color Laser Software\Status Monitor\DLPWDNT.EXE
O23 - Service: Dell Printer Status Database (DLSDB) - Dell Inc. - c:\appshard\dell printers\Additional Color Laser Software\Status Monitor\DLSDBNT.EXE
O23 - Service: LogMeIn Maintenance Service (LMIMaint) - LogMeIn, Inc. - C:\AppsComm\LogMeIn\x86\RaMaint.exe
O23 - Service: LogMeIn - LogMeIn, Inc. - C:\AppsComm\LogMeIn\x86\LogMeIn.exe
O23 - Service: Matrox Centering Service (HF) - Unknown owner - c:\Program Files\Matrox Graphics Inc\PowerDesk HF\Matrox.PowerDesk.Services.exe
O23 - Service: Nagios Agent (NSClient) - ClearCentral Software Inc - G:\AppsComm\Linux\Supervision\Nagios\nsclient\nsclient_201\Win_2k_XP_Bin\pNSClient.exe
O23 - Service: NSClientpp (Nagios) 0.3.0.5 2007-12-04 w32 (NSClientpp) - Unknown owner - C:\AppsComm\nsclient\NSClient++.exe
O23 - Service: OCS INVENTORY SERVICE (OCS INVENTORY) - http://ocsinventory.sourceforge.net - C:\AppsUtils\OCS Inventory Agent\ocsservice.exe
O23 - Service: Cegid eAGL Service (PGIService) - Cegid SA - C:\PGI00\APP\PGIService.exe
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - CACE Technologies - C:\Program Files\WinPcap\rpcapd.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
--
End of file - 12018 bytes
C'est étonnant d'être le seul à remonter ce problème
Merci pour toutes les réponses
A+
Gilbert
