coco-shhh

voilà le rapport d'antivir : Avira AntiVir Personal Report file date: mercredi 13 août 2008 13:54 Scanning for 1549798 virus strains and unwanted programs. Licensed to: Avira AntiVir PersonalEdition Classic Serial number: 0000149996-ADJIE-0001 Platform: Windows XP Windows version: (Service Pack 2) [5.1.2600] Boot mode: Normally booted Username: SYSTEM Computer name: INDY_PC Version information: BUILD.DAT : 8.1.0.326 16933 Bytes 11/07/2008 12:57:00 AVSCAN.EXE : 8.1.4.7 315649 Bytes 26/06/2008 08:57:53 AVSCAN.DLL : 8.1.4.0 40705 Bytes 26/05/2008 07:56:40 LUKE.DLL : 8.1.4.5 164097 Bytes 12/06/2008 12:44:19 LUKERES.DLL : 8.1.4.0 12033 Bytes 26/05/2008 07:58:52 ANTIVIR0.VDF : 6.40.0.0 11030528 Bytes 18/07/2007 10:33:34 ANTIVIR1.VDF : 7.0.5.1 8182784 Bytes 24/06/2008 13:54:15 ANTIVIR2.VDF : 7.0.5.207 2316800 Bytes 04/08/2008 14:04:42 ANTIVIR3.VDF : 7.0.6.5 266240 Bytes 13/08/2008 11:53:34 Engineversion : 8.1.1.19 AEVDF.DLL : 8.1.0.5 102772 Bytes 09/07/2008 08:46:50 AESCRIPT.DLL : 8.1.0.63 311673 Bytes 11/08/2008 14:04:53 AESCN.DLL : 8.1.0.23 119156 Bytes 11/08/2008 14:04:52 AERDL.DLL : 8.1.0.20 418165 Bytes 09/07/2008 08:46:50 AEPACK.DLL : 8.1.2.1 364917 Bytes 11/08/2008 14:04:52 AEOFFICE.DLL : 8.1.0.21 192891 Bytes 11/08/2008 14:04:51 AEHEUR.DLL : 8.1.0.47 1368437 Bytes 11/08/2008 14:04:50 AEHELP.DLL : 8.1.0.15 115063 Bytes 09/07/2008 08:46:50 AEGEN.DLL : 8.1.0.35 315764 Bytes 11/08/2008 14:04:47 AEEMU.DLL : 8.1.0.7 430452 Bytes 11/08/2008 14:04:45 AECORE.DLL : 8.1.1.8 172406 Bytes 11/08/2008 14:04:44 AEBB.DLL : 8.1.0.1 53617 Bytes 24/04/2008 08:50:42 AVWINLL.DLL : 1.0.0.12 15105 Bytes 09/07/2008 08:40:05 AVPREF.DLL : 8.0.2.0 38657 Bytes 16/05/2008 09:28:01 AVREP.DLL : 8.0.0.2 98344 Bytes 11/08/2008 14:04:43 AVREG.DLL : 8.0.0.1 33537 Bytes 09/05/2008 11:26:40 AVARKT.DLL : 1.0.0.23 307457 Bytes 12/02/2008 08:29:23 AVEVTLOG.DLL : 8.0.0.16 119041 Bytes 12/06/2008 12:27:49 SQLITE3.DLL : 3.3.17.1 339968 Bytes 22/01/2008 17:28:02 SMTPLIB.DLL : 1.2.0.23 28929 Bytes 12/06/2008 12:49:40 NETNT.DLL : 8.0.0.1 7937 Bytes 25/01/2008 12:05:10 RCIMAGE.DLL : 8.0.0.51 2371841 Bytes 12/06/2008 13:48:07 RCTEXT.DLL : 8.0.52.0 86273 Bytes 27/06/2008 13:34:37 Configuration settings for the scan: Jobname..........................: Complete system scan Configuration file...............: c:\program files\avira\antivir personaledition classic\sysscan.avp Logging..........................: low Primary action...................: interactive Secondary action.................: ignore Scan master boot sector..........: on Scan boot sector.................: on Boot sectors.....................: C:, D:, E:, F:, G:, Process scan.....................: on Scan registry....................: on Search for rootkits..............: off Scan all files...................: Intelligent file selection Scan archives....................: on Recursion depth..................: 20 Smart extensions.................: on Macro heuristic..................: on File heuristic...................: medium Start of the scan: mercredi 13 août 2008 13:54 The scan of running processes will be started Scan process 'avscan.exe' - '1' Module(s) have been scanned Scan process 'avcenter.exe' - '1' Module(s) have been scanned Scan process 'NclRSSrv.exe' - '1' Module(s) have been scanned Scan process 'NclUSBSrv.exe' - '1' Module(s) have been scanned Scan process 'CLI.exe' - '1' Module(s) have been scanned Scan process 'CLI.exe' - '1' Module(s) have been scanned Scan process 'MPAPI3s.exe' - '1' Module(s) have been scanned Scan process 'KHALMNPR.EXE' - '1' Module(s) have been scanned Scan process 'YahooWidgets.exe' - '1' Module(s) have been scanned Scan process 'SetPoint.exe' - '1' Module(s) have been scanned Scan process 'DTProAgent.exe' - '1' Module(s) have been scanned Scan process 'CLI.exe' - '1' Module(s) have been scanned Scan process 'msnmsgr.exe' - '1' Module(s) have been scanned Scan process 'PCSuite.exe' - '1' Module(s) have been scanned Scan process 'PcSync2.exe' - '1' Module(s) have been scanned Scan process 'ctfmon.exe' - '1' Module(s) have been scanned Scan process 'avgnt.exe' - '1' Module(s) have been scanned Scan process 'zlclient.exe' - '0' Module(s) have been scanned Scan process 'vsnpstd3.exe' - '1' Module(s) have been scanned Scan process 'tsnpstd3.exe' - '1' Module(s) have been scanned Scan process 'jusched.exe' - '1' Module(s) have been scanned Scan process 'winampa.exe' - '1' Module(s) have been scanned Scan process 'SMax4.exe' - '1' Module(s) have been scanned Scan process 'smax4pnp.exe' - '1' Module(s) have been scanned Scan process 'UnlockerAssistant.exe' - '1' Module(s) have been scanned Scan process 'explorer.exe' - '1' Module(s) have been scanned Scan process 'ati2evxx.exe' - '1' Module(s) have been scanned Scan process 'winlogon.exe' - '1' Module(s) have been scanned Scan process 'csrss.exe' - '1' Module(s) have been scanned Scan process 'msnmsgr.exe' - '1' Module(s) have been scanned Scan process 'firefox.exe' - '1' Module(s) have been scanned Scan process 'YahooWidgets.exe' - '1' Module(s) have been scanned Scan process 'YahooWidgets.exe' - '1' Module(s) have been scanned Scan process 'KHALMNPR.EXE' - '1' Module(s) have been scanned Scan process 'MPAPI3s.exe' - '1' Module(s) have been scanned Scan process 'ServiceLayer.exe' - '1' Module(s) have been scanned Scan process 'YahooWidgets.exe' - '1' Module(s) have been scanned Scan process 'SetPoint.exe' - '1' Module(s) have been scanned Scan process 'DTProAgent.exe' - '1' Module(s) have been scanned Scan process 'PCSuite.exe' - '1' Module(s) have been scanned Scan process 'PcSync2.exe' - '1' Module(s) have been scanned Scan process 'ctfmon.exe' - '1' Module(s) have been scanned Scan process 'avgnt.exe' - '1' Module(s) have been scanned Scan process 'zlclient.exe' - '0' Module(s) have been scanned Scan process 'vsnpstd3.exe' - '1' Module(s) have been scanned Scan process 'tsnpstd3.exe' - '1' Module(s) have been scanned Scan process 'winampa.exe' - '1' Module(s) have been scanned Scan process 'SMax4.exe' - '1' Module(s) have been scanned Scan process 'smax4pnp.exe' - '1' Module(s) have been scanned Scan process 'UnlockerAssistant.exe' - '1' Module(s) have been scanned Scan process 'explorer.exe' - '1' Module(s) have been scanned Scan process 'alg.exe' - '1' Module(s) have been scanned Scan process 'svchost.exe' - '1' Module(s) have been scanned Scan process 'PD91Agent.exe' - '1' Module(s) have been scanned Scan process 'mdm.exe' - '1' Module(s) have been scanned Scan process 'avguard.exe' - '1' Module(s) have been scanned Scan process 'sched.exe' - '1' Module(s) have been scanned Scan process 'spoolsv.exe' - '1' Module(s) have been scanned Scan process 'vsmon.exe' - '0' Module(s) have been scanned Scan process 'svchost.exe' - '1' Module(s) have been scanned Scan process 'svchost.exe' - '1' Module(s) have been scanned Scan process 'ati2evxx.exe' - '1' Module(s) have been scanned Scan process 'svchost.exe' - '1' Module(s) have been scanned Scan process 'svchost.exe' - '1' Module(s) have been scanned Scan process 'svchost.exe' - '1' Module(s) have been scanned Scan process 'ati2evxx.exe' - '1' Module(s) have been scanned Scan process 'lsass.exe' - '1' Module(s) have been scanned Scan process 'services.exe' - '1' Module(s) have been scanned Scan process 'winlogon.exe' - '1' Module(s) have been scanned Scan process 'csrss.exe' - '1' Module(s) have been scanned Scan process 'smss.exe' - '1' Module(s) have been scanned 68 processes with 68 modules were scanned Starting master boot sector scan: Master boot sector HD0 [iNFO] No virus was found! Start scanning boot sectors: Boot sector 'C:\' [iNFO] No virus was found! Boot sector 'D:\' [iNFO] No virus was found! Boot sector 'E:\' [iNFO] No virus was found! Boot sector 'F:\' [iNFO] No virus was found! Boot sector 'G:\' [iNFO] No virus was found! Starting to scan the registry. The registry was scanned ( '60' files ). Starting the file scan: Begin scan in 'C:\' C:\pagefile.sys [WARNING] The file could not be opened! C:\Documents and Settings\Cyril\Local Settings\Application Data\Mozilla\Firefox\Profiles\ucugb89k.default\Cache\70BD4CE8d01 [0] Archive type: RAR SFX (self extracting) --> keygen.exe [DETECTION] Is the TR/Vundo.ffn.1 Trojan --> patch.exe [DETECTION] Is the TR/Crypt.FD.42 Trojan --> install.exe [DETECTION] Is the TR/Crypt.ULPM.Gen Trojan --> RUNME.bat [DETECTION] Is the TR/Horse.CJ Trojan [NOTE] The file was deleted! C:\System Volume Information\_restore{208125D3-8770-41C6-9672-8E23A5CF3D87}\RP100\A0032827.dll [DETECTION] Is the TR/Vundo.Gen Trojan [NOTE] The file was deleted! C:\System Volume Information\_restore{208125D3-8770-41C6-9672-8E23A5CF3D87}\RP100\A0032828.dll [DETECTION] Is the TR/Vundo.Gen Trojan [NOTE] The file was deleted! C:\System Volume Information\_restore{208125D3-8770-41C6-9672-8E23A5CF3D87}\RP100\A0032829.dll [DETECTION] Is the TR/Vundo.Gen Trojan [NOTE] The file was deleted! C:\System Volume Information\_restore{208125D3-8770-41C6-9672-8E23A5CF3D87}\RP100\A0032839.dll [DETECTION] Is the TR/Trash.Gen Trojan [NOTE] The file was deleted! C:\System Volume Information\_restore{208125D3-8770-41C6-9672-8E23A5CF3D87}\RP100\A0032841.dll [DETECTION] Is the TR/Trash.Gen Trojan [NOTE] The file was deleted! C:\System Volume Information\_restore{208125D3-8770-41C6-9672-8E23A5CF3D87}\RP100\A0032842.dll [DETECTION] Is the TR/Trash.Gen Trojan [NOTE] The file was deleted! C:\System Volume Information\_restore{208125D3-8770-41C6-9672-8E23A5CF3D87}\RP100\A0032877.dll [DETECTION] Is the TR/Crypt.XPACK.Gen Trojan [NOTE] The file was deleted! C:\System Volume Information\_restore{208125D3-8770-41C6-9672-8E23A5CF3D87}\RP101\A0032975.dll [DETECTION] Is the TR/Crypt.XPACK.Gen Trojan [NOTE] The file was deleted! C:\System Volume Information\_restore{208125D3-8770-41C6-9672-8E23A5CF3D87}\RP101\A0032976.dll [DETECTION] Is the TR/Crypt.Morphine.Gen Trojan [NOTE] The file was deleted! C:\System Volume Information\_restore{208125D3-8770-41C6-9672-8E23A5CF3D87}\RP101\A0032977.dll [DETECTION] Is the TR/Crypt.Morphine.Gen Trojan [NOTE] The file was deleted! C:\System Volume Information\_restore{208125D3-8770-41C6-9672-8E23A5CF3D87}\RP101\A0032978.dll [DETECTION] Is the TR/Crypt.Morphine.Gen Trojan [NOTE] The file was deleted! C:\System Volume Information\_restore{208125D3-8770-41C6-9672-8E23A5CF3D87}\RP101\A0032979.dll [DETECTION] Is the TR/Crypt.XPACK.Gen Trojan [NOTE] The file was deleted! C:\System Volume Information\_restore{208125D3-8770-41C6-9672-8E23A5CF3D87}\RP101\A0032980.dll [DETECTION] Is the TR/Crypt.FD.47 Trojan [NOTE] The file was deleted! C:\System Volume Information\_restore{208125D3-8770-41C6-9672-8E23A5CF3D87}\RP101\A0032981.dll [DETECTION] Is the TR/Crypt.Morphine.Gen Trojan [NOTE] The file was deleted! C:\System Volume Information\_restore{208125D3-8770-41C6-9672-8E23A5CF3D87}\RP101\A0032982.dll [DETECTION] Is the TR/Crypt.XPACK.Gen Trojan [NOTE] The file was deleted! C:\System Volume Information\_restore{208125D3-8770-41C6-9672-8E23A5CF3D87}\RP101\A0032983.dll [DETECTION] Is the TR/Crypt.XPACK.Gen Trojan [NOTE] The file was deleted! C:\System Volume Information\_restore{208125D3-8770-41C6-9672-8E23A5CF3D87}\RP101\A0032984.dll [DETECTION] Is the TR/Crypt.Morphine.Gen Trojan [NOTE] The file was deleted! C:\System Volume Information\_restore{208125D3-8770-41C6-9672-8E23A5CF3D87}\RP101\A0032985.dll [DETECTION] Is the TR/Crypt.Morphine.Gen Trojan [NOTE] The file was deleted! C:\System Volume Information\_restore{208125D3-8770-41C6-9672-8E23A5CF3D87}\RP101\A0032986.dll [DETECTION] Is the TR/Crypt.Morphine.Gen Trojan [NOTE] The file was deleted! C:\System Volume Information\_restore{208125D3-8770-41C6-9672-8E23A5CF3D87}\RP101\A0032987.dll [DETECTION] Is the TR/Crypt.Morphine.Gen Trojan [NOTE] The file was deleted! C:\System Volume Information\_restore{208125D3-8770-41C6-9672-8E23A5CF3D87}\RP101\A0032988.dll [DETECTION] Is the TR/Crypt.Morphine.Gen Trojan [NOTE] The file was deleted! C:\System Volume Information\_restore{208125D3-8770-41C6-9672-8E23A5CF3D87}\RP101\A0032989.dll [DETECTION] Is the TR/Crypt.Morphine.Gen Trojan [NOTE] The file was deleted! C:\System Volume Information\_restore{208125D3-8770-41C6-9672-8E23A5CF3D87}\RP101\A0032991.exe [DETECTION] Is the TR/Trash.Gen Trojan [NOTE] The file was deleted! C:\WINDOWS\SoftwareDistribution\Download\ec854db7302b4e2bd4917985c00041fe\BIT42.tmp [0] Archive type: CAB (Microsoft) --> x64\vsnpx64.dll [WARNING] No further files can be extracted from this archive. The archive will be closed C:\WINDOWS\system32\xencnguk.dll [DETECTION] Is the TR/Crypt.Morphine.Gen Trojan [NOTE] The file was deleted! C:\WINDOWS\system32\drivers\sptd.sys [WARNING] The file could not be opened! Begin scan in 'D:\' <Films> Begin scan in 'E:\' <Jeux> E:\Maxi Mah-Jong\Gekko_Mahjongg_World_Championship_v1.18.zip.exe [0] Archive type: RAR SFX (self extracting) --> keygen.exe [DETECTION] Is the TR/Vundo.ffn.1 Trojan --> patch.exe [DETECTION] Is the TR/Crypt.FD.42 Trojan --> install.exe [DETECTION] Is the TR/Crypt.ULPM.Gen Trojan --> RUNME.bat [DETECTION] Is the TR/Horse.CJ Trojan [NOTE] The file was deleted! E:\Maxi Mah-Jong\RUNME.bat [DETECTION] Is the TR/Horse.CJ Trojan [NOTE] The file was deleted! E:\System Volume Information\_restore{208125D3-8770-41C6-9672-8E23A5CF3D87}\RP101\A0033053.exe [0] Archive type: RAR SFX (self extracting) --> keygen.exe [DETECTION] Is the TR/Vundo.ffn.1 Trojan --> patch.exe [DETECTION] Is the TR/Crypt.FD.42 Trojan --> install.exe [DETECTION] Is the TR/Crypt.ULPM.Gen Trojan --> RUNME.bat [DETECTION] Is the TR/Horse.CJ Trojan [NOTE] The file was deleted! E:\System Volume Information\_restore{208125D3-8770-41C6-9672-8E23A5CF3D87}\RP101\A0033054.bat [DETECTION] Is the TR/Horse.CJ Trojan [NOTE] The file was deleted! Begin scan in 'F:\' <Musique> Begin scan in 'G:\' <Divers> End of the scan: mercredi 13 août 2008 14:22 Used time: 27:58 Minute(s) The scan has been done completely. 5626 Scanning directories 208222 Files were scanned 38 viruses and/or unwanted programs were found 0 Files were classified as suspicious: 29 files were deleted 0 files were repaired 0 files were moved to quarantine 0 files were renamed 2 Files cannot be scanned 208182 Files not concerned 1523 Archives were scanned 3 Warnings 29 Notes

oki il termine et je te donne ca

Ah en fait ce n'est pas encore résolu Je suis en train de faire une analyse sous antivir et il vient de me faire déjà 27 détections et ce n'est pas encore fini.

Bonjour, après un petit passage sur le côté sécurité je viens vers vous pour que vous puissiez m'aider dans mon problème. Je trouve que mon pc ne tourne plus aussi vite qu'avant, j'aimerai que vous m'aidiez à l'optimiser. Voici l'HiJack : Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 13:19:51, on 13/08/2008 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16674) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\ZoneLabs\vsmon.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\mdm.exe C:\Program Files\Raxco\PerfectDisk2008\PD91Agent.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\PC Connectivity Solution\ServiceLayer.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Unlocker\UnlockerAssistant.exe C:\Program Files\Analog Devices\Core\smax4pnp.exe C:\Program Files\Analog Devices\SoundMAX\Smax4.exe C:\Program Files\Winamp\winampa.exe C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe C:\WINDOWS\tsnpstd3.exe C:\WINDOWS\vsnpstd3.exe C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Nokia\Nokia PC Suite 6\PCSync2.exe C:\Program Files\Nokia\Nokia PC Suite 6\PCSuite.exe C:\Program Files\Windows Live\Messenger\msnmsgr.exe C:\Program Files\ATI Technologies\ATI.ACE\CLI.EXE C:\Program Files\DAEMON Tools Pro\DTProAgent.exe C:\Program Files\Logitech\SetPoint\SetPoint.exe C:\Program Files\Yahoo!\Widgets\YahooWidgets.exe C:\Program Files\Fichiers communs\Logitech\KHAL\KHALMNPR.EXE C:\Program Files\PC Connectivity Solution\Transports\NclUSBSrv.exe C:\Program Files\PC Connectivity Solution\Transports\NclRSSrv.exe C:\Program Files\Fichiers communs\Nokia\MPAPI\MPAPI3s.exe C:\Program Files\ATI Technologies\ATI.ACE\cli.exe C:\Program Files\ATI Technologies\ATI.ACE\cli.exe C:\Program Files\HiJack This\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll O4 - HKLM\..\Run: [Logitech Hardware Abstraction Layer] KHALMNPR.EXE O4 - HKLM\..\Run: [unlockerAssistant] C:\Program Files\Unlocker\UnlockerAssistant.exe -H O4 - HKLM\..\Run: [soundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe O4 - HKLM\..\Run: [soundMAX] "C:\Program Files\Analog Devices\SoundMAX\Smax4.exe" /tray O4 - HKLM\..\Run: [synchronization Manager] %SystemRoot%\system32\mobsync.exe /logon O4 - HKLM\..\Run: [WinampAgent] "C:\Program Files\Winamp\winampa.exe" O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe" O4 - HKLM\..\Run: [ATICCC] "C:\Program Files\ATI Technologies\ATI.ACE\CLIStart.exe" O4 - HKLM\..\Run: [JMB36X Configure] C:\WINDOWS\system32\JMRaidTool.exe boot O4 - HKLM\..\Run: [tsnpstd3] C:\WINDOWS\tsnpstd3.exe O4 - HKLM\..\Run: [snpstd3] C:\WINDOWS\vsnpstd3.exe O4 - HKLM\..\Run: [NBKeyScan] "C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe" O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe" O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [AlcoholAutomount] "C:\Program Files\Alcohol Soft\Alcohol 120\axcmd.exe" /automount O4 - HKCU\..\Run: [Nokia.PCSync] "C:\Program Files\Nokia\Nokia PC Suite 6\PCSync2.exe" /NoDialog O4 - HKCU\..\Run: [PC Suite Tray] "C:\Program Files\Nokia\Nokia PC Suite 6\PCSuite.exe" -onlytray O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background O4 - HKCU\..\Run: [indxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Fichiers communs\Nero\Lib\NMIndexStoreSvr.exe" ASO-616B5711-6DAE-4795-A05F-39A1E5104020 O4 - HKCU\..\Run: [DAEMON Tools Pro Agent] "C:\Program Files\DAEMON Tools Pro\DTProAgent.exe" O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-19\..\RunOnce: [nltide3] cmd.exe /C rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-19\..\RunOnce: [nltide2] cmd.exe /C rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,L,,4,N (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU') O4 - HKUS\S-1-5-20\..\RunOnce: [nltide3] cmd.exe /C rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'SERVICE RÉSEAU') O4 - HKUS\S-1-5-21-1123561945-1078145449-839522115-1009\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe (User 'Cyril') O4 - HKUS\S-1-5-21-1123561945-1078145449-839522115-1009\..\Run: [cmds] rundll32.exe C:\DOCUME~1\Cyril\LOCALS~1\Temp\mlJCUMEV.dll,c (User 'Cyril') O4 - HKUS\S-1-5-21-1123561945-1078145449-839522115-1009\..\Run: [bM73a98bb3] Rundll32.exe "C:\DOCUME~1\Cyril\LOCALS~1\Temp\wfmmoqyh.dll",s (User 'Cyril') O4 - HKUS\S-1-5-21-1123561945-1078145449-839522115-1009\..\Run: [709ab82f] rundll32.exe "C:\DOCUME~1\Cyril\LOCALS~1\Temp\sqjwgpgc.dll",b (User 'Cyril') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\S-1-5-18\..\RunOnce: [nltide3] cmd.exe /C rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O4 - HKUS\.DEFAULT\..\RunOnce: [nltide3] cmd.exe /C rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'Default user') O4 - S-1-5-21-1123561945-1078145449-839522115-1009 Startup: Yahoo! Widgets.lnk = C:\Program Files\Yahoo!\Widgets\YahooWidgets.exe (User 'Cyril') O4 - S-1-5-21-1123561945-1078145449-839522115-1009 User Startup: Yahoo! Widgets.lnk = C:\Program Files\Yahoo!\Widgets\YahooWidgets.exe (User 'Cyril') O4 - Startup: Yahoo! Widgets.lnk = C:\Program Files\Yahoo!\Widgets\YahooWidgets.exe O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O23 - Service: Avira AntiVir Personal - Free Antivirus Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe O23 - Service: Avira AntiVir Personal - Free Antivirus Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe O23 - Service: Ma-Config Service (maconfservice) - CybelSoft - C:\Program Files\ma-config.com\maconfservice.exe O23 - Service: PD91Agent - Raxco Software, Inc. - C:\Program Files\Raxco\PerfectDisk2008\PD91Agent.exe O23 - Service: PD91Engine - Raxco Software, Inc. - C:\Program Files\Raxco\PerfectDisk2008\PD91Engine.exe O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe -- End of file - 9282 bytes

Pas de problèmes, je passe maintenant sur le coté optimisation. Merci pour tout tes conseils. Bonne journée.

Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 11:26:21, on 13/08/2008 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16674) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\ZoneLabs\vsmon.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\mdm.exe C:\Program Files\Raxco\PerfectDisk2008\PD91Agent.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Unlocker\UnlockerAssistant.exe C:\Program Files\Analog Devices\Core\smax4pnp.exe C:\Program Files\Analog Devices\SoundMAX\Smax4.exe C:\Program Files\Winamp\winampa.exe C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe C:\WINDOWS\tsnpstd3.exe C:\WINDOWS\vsnpstd3.exe C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Nokia\Nokia PC Suite 6\PCSync2.exe C:\Program Files\Nokia\Nokia PC Suite 6\PCSuite.exe C:\Program Files\Windows Live\Messenger\msnmsgr.exe C:\Program Files\ATI Technologies\ATI.ACE\CLI.EXE C:\Program Files\DAEMON Tools Pro\DTProAgent.exe C:\Program Files\Logitech\SetPoint\SetPoint.exe C:\Program Files\Yahoo!\Widgets\YahooWidgets.exe C:\Program Files\PC Connectivity Solution\ServiceLayer.exe C:\Program Files\PC Connectivity Solution\Transports\NclUSBSrv.exe C:\Program Files\PC Connectivity Solution\Transports\NclRSSrv.exe C:\Program Files\Fichiers communs\Nokia\MPAPI\MPAPI3s.exe C:\Program Files\Fichiers communs\Logitech\KHAL\KHALMNPR.EXE C:\Program Files\ATI Technologies\ATI.ACE\cli.exe C:\Program Files\ATI Technologies\ATI.ACE\cli.exe C:\Program Files\HiJack This\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll O4 - HKLM\..\Run: [Logitech Hardware Abstraction Layer] KHALMNPR.EXE O4 - HKLM\..\Run: [unlockerAssistant] C:\Program Files\Unlocker\UnlockerAssistant.exe -H O4 - HKLM\..\Run: [soundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe O4 - HKLM\..\Run: [soundMAX] "C:\Program Files\Analog Devices\SoundMAX\Smax4.exe" /tray O4 - HKLM\..\Run: [synchronization Manager] %SystemRoot%\system32\mobsync.exe /logon O4 - HKLM\..\Run: [WinampAgent] "C:\Program Files\Winamp\winampa.exe" O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe" O4 - HKLM\..\Run: [ATICCC] "C:\Program Files\ATI Technologies\ATI.ACE\CLIStart.exe" O4 - HKLM\..\Run: [JMB36X Configure] C:\WINDOWS\system32\JMRaidTool.exe boot O4 - HKLM\..\Run: [tsnpstd3] C:\WINDOWS\tsnpstd3.exe O4 - HKLM\..\Run: [snpstd3] C:\WINDOWS\vsnpstd3.exe O4 - HKLM\..\Run: [NBKeyScan] "C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe" O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe" O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [AlcoholAutomount] "C:\Program Files\Alcohol Soft\Alcohol 120\axcmd.exe" /automount O4 - HKCU\..\Run: [Nokia.PCSync] "C:\Program Files\Nokia\Nokia PC Suite 6\PCSync2.exe" /NoDialog O4 - HKCU\..\Run: [PC Suite Tray] "C:\Program Files\Nokia\Nokia PC Suite 6\PCSuite.exe" -onlytray O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background O4 - HKCU\..\Run: [indxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Fichiers communs\Nero\Lib\NMIndexStoreSvr.exe" ASO-616B5711-6DAE-4795-A05F-39A1E5104020 O4 - HKCU\..\Run: [DAEMON Tools Pro Agent] "C:\Program Files\DAEMON Tools Pro\DTProAgent.exe" O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-19\..\RunOnce: [nltide3] cmd.exe /C rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-19\..\RunOnce: [nltide2] cmd.exe /C rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,L,,4,N (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU') O4 - HKUS\S-1-5-20\..\RunOnce: [nltide3] cmd.exe /C rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'SERVICE RÉSEAU') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\S-1-5-18\..\RunOnce: [nltide3] cmd.exe /C rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O4 - HKUS\.DEFAULT\..\RunOnce: [nltide3] cmd.exe /C rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'Default user') O4 - Startup: Yahoo! Widgets.lnk = C:\Program Files\Yahoo!\Widgets\YahooWidgets.exe O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O23 - Service: Avira AntiVir Personal - Free Antivirus Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe O23 - Service: Avira AntiVir Personal - Free Antivirus Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe O23 - Service: Ma-Config Service (maconfservice) - CybelSoft - C:\Program Files\ma-config.com\maconfservice.exe O23 - Service: PD91Agent - Raxco Software, Inc. - C:\Program Files\Raxco\PerfectDisk2008\PD91Agent.exe O23 - Service: PD91Engine - Raxco Software, Inc. - C:\Program Files\Raxco\PerfectDisk2008\PD91Engine.exe O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe -- End of file - 8338 bytes

Voici le nouveau log HiJack : Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 11:14:38, on 13/08/2008 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16674) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\ZoneLabs\vsmon.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\mdm.exe C:\Program Files\Raxco\PerfectDisk2008\PD91Agent.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Unlocker\UnlockerAssistant.exe C:\Program Files\Analog Devices\Core\smax4pnp.exe C:\Program Files\Analog Devices\SoundMAX\Smax4.exe C:\Program Files\Winamp\winampa.exe C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe C:\WINDOWS\tsnpstd3.exe C:\WINDOWS\vsnpstd3.exe C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Nokia\Nokia PC Suite 6\PCSync2.exe C:\Program Files\Nokia\Nokia PC Suite 6\PCSuite.exe C:\Program Files\Windows Live\Messenger\msnmsgr.exe C:\Program Files\ATI Technologies\ATI.ACE\CLI.EXE C:\Program Files\DAEMON Tools Pro\DTProAgent.exe C:\Program Files\Logitech\SetPoint\SetPoint.exe C:\Program Files\Yahoo!\Widgets\YahooWidgets.exe C:\Program Files\PC Connectivity Solution\ServiceLayer.exe C:\Program Files\PC Connectivity Solution\Transports\NclUSBSrv.exe C:\Program Files\PC Connectivity Solution\Transports\NclRSSrv.exe C:\Program Files\Fichiers communs\Nokia\MPAPI\MPAPI3s.exe C:\Program Files\Fichiers communs\Logitech\KHAL\KHALMNPR.EXE C:\Program Files\ATI Technologies\ATI.ACE\cli.exe C:\Program Files\ATI Technologies\ATI.ACE\cli.exe C:\WINDOWS\system32\wuauclt.exe C:\Program Files\HiJack This\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll O4 - HKLM\..\Run: [Logitech Hardware Abstraction Layer] KHALMNPR.EXE O4 - HKLM\..\Run: [unlockerAssistant] C:\Program Files\Unlocker\UnlockerAssistant.exe -H O4 - HKLM\..\Run: [soundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe O4 - HKLM\..\Run: [soundMAX] "C:\Program Files\Analog Devices\SoundMAX\Smax4.exe" /tray O4 - HKLM\..\Run: [synchronization Manager] %SystemRoot%\system32\mobsync.exe /logon O4 - HKLM\..\Run: [WinampAgent] "C:\Program Files\Winamp\winampa.exe" O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe" O4 - HKLM\..\Run: [ATICCC] "C:\Program Files\ATI Technologies\ATI.ACE\CLIStart.exe" O4 - HKLM\..\Run: [JMB36X Configure] C:\WINDOWS\system32\JMRaidTool.exe boot O4 - HKLM\..\Run: [tsnpstd3] C:\WINDOWS\tsnpstd3.exe O4 - HKLM\..\Run: [snpstd3] C:\WINDOWS\vsnpstd3.exe O4 - HKLM\..\Run: [NBKeyScan] "C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe" O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe" O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [AlcoholAutomount] "C:\Program Files\Alcohol Soft\Alcohol 120\axcmd.exe" /automount O4 - HKCU\..\Run: [Nokia.PCSync] "C:\Program Files\Nokia\Nokia PC Suite 6\PCSync2.exe" /NoDialog O4 - HKCU\..\Run: [PC Suite Tray] "C:\Program Files\Nokia\Nokia PC Suite 6\PCSuite.exe" -onlytray O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background O4 - HKCU\..\Run: [indxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Fichiers communs\Nero\Lib\NMIndexStoreSvr.exe" ASO-616B5711-6DAE-4795-A05F-39A1E5104020 O4 - HKCU\..\Run: [DAEMON Tools Pro Agent] "C:\Program Files\DAEMON Tools Pro\DTProAgent.exe" O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-19\..\RunOnce: [nltide3] cmd.exe /C rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-19\..\RunOnce: [nltide2] cmd.exe /C rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,L,,4,N (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU') O4 - HKUS\S-1-5-20\..\RunOnce: [nltide3] cmd.exe /C rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'SERVICE RÉSEAU') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\S-1-5-18\..\RunOnce: [nltide3] cmd.exe /C rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O4 - HKUS\.DEFAULT\..\RunOnce: [nltide3] cmd.exe /C rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'Default user') O4 - Startup: Yahoo! Widgets.lnk = C:\Program Files\Yahoo!\Widgets\YahooWidgets.exe O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O20 - Winlogon Notify: khfGwWPF - khfGwWPF.dll (file missing) O23 - Service: Avira AntiVir Personal - Free Antivirus Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe O23 - Service: Avira AntiVir Personal - Free Antivirus Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe O23 - Service: Ma-Config Service (maconfservice) - CybelSoft - C:\Program Files\ma-config.com\maconfservice.exe O23 - Service: PD91Agent - Raxco Software, Inc. - C:\Program Files\Raxco\PerfectDisk2008\PD91Agent.exe O23 - Service: PD91Engine - Raxco Software, Inc. - C:\Program Files\Raxco\PerfectDisk2008\PD91Engine.exe O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe -- End of file - 8434 bytes

Oui, comme me l'a demandé MBAM le pc a redémarré. Pour info depuis le dernier log j'ai désinstallé ma version d'adobe reader pour installé foxit. J'ai commencé par MBAM car j'étais harcelé par les alertes de antivir.

Bon je crois qu'il y a du nouveau et pas du bon en plus. Je t'envoie le rapport de MBAM : Malwarebytes' Anti-Malware 1.24 Version de la base de données: 1047 Windows 5.1.2600 Service Pack 2 10:30:39 13/08/2008 mbam-log-8-13-2008 (10-30-39).txt Type de recherche: Examen complet (C:\|D:\|E:\|F:\|G:\|) Eléments examinés: 99375 Temps écoulé: 1 hour(s), 15 minute(s), 6 second(s) Processus mémoire infecté(s): 0 Module(s) mémoire infecté(s): 1 Clé(s) du Registre infectée(s): 16 Valeur(s) du Registre infectée(s): 4 Elément(s) de données du Registre infecté(s): 2 Dossier(s) infecté(s): 0 Fichier(s) infecté(s): 37 Processus mémoire infecté(s): (Aucun élément nuisible détecté) Module(s) mémoire infecté(s): C:\WINDOWS\system32\ljJbyaYO.dll (Trojan.Vundo) -> Delete on reboot. Clé(s) du Registre infectée(s): HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{01450ae1-61db-47ab-a129-0076ca1a7f99} (Trojan.Vundo) -> Delete on reboot. HKEY_CLASSES_ROOT\CLSID\{01450ae1-61db-47ab-a129-0076ca1a7f99} (Trojan.Vundo) -> Delete on reboot. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{ab6cea86-91ca-4389-b5ae-be0d53151255} (Trojan.BHO) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{ab6cea86-91ca-4389-b5ae-be0d53151255} (Trojan.BHO) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{fffb03ad-a461-4b99-9a23-d3b127d7c995} (Trojan.Vundo) -> Delete on reboot. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{fffb03ad-a461-4b99-9a23-d3b127d7c995} (Trojan.Vundo) -> Delete on reboot. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\winzlo32 (Dialer) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\WR (Malware.Trace) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\Microsoft\rdfa (Trojan.Vundo) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\Microsoft\contim (Trojan.Vundo) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\dslcnnct (Trojan.Vundo) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\IProxyProvider (Trojan.Vundo) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\FCOVM (Trojan.Vundo) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\RemoveRP (Trojan.Vundo) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MSSMGR (Trojan.Downloader) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\aoprndtws (Trojan.Vundo) -> Quarantined and deleted successfully. Valeur(s) du Registre infectée(s): HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks\{fffb03ad-a461-4b99-9a23-d3b127d7c995} (Trojan.Vundo) -> Delete on reboot. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\bm73a98bb3 (Trojan.Agent) -> Delete on reboot. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\709ab82f (Trojan.Vundo) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\runner1 (Trojan.Downloader) -> Quarantined and deleted successfully. Elément(s) de données du Registre infecté(s): HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\LSA\Notification Packages (Trojan.Vundo) -> Data: c:\windows\system32\ljjbyayo -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\LSA\Authentication Packages (Trojan.Vundo) -> Data: c:\windows\system32\ljjbyayo -> Delete on reboot. Dossier(s) infecté(s): (Aucun élément nuisible détecté) Fichier(s) infecté(s): C:\WINDOWS\system32\ljJbyaYO.dll (Trojan.Vundo) -> Delete on reboot. C:\WINDOWS\system32\OYaybJjl.ini (Trojan.Vundo) -> Quarantined and deleted successfully. C:\WINDOWS\system32\OYaybJjl.ini2 (Trojan.Vundo) -> Quarantined and deleted successfully. C:\WINDOWS\system32\cdlnqauq.dll (Trojan.BHO) -> Quarantined and deleted successfully. C:\ARK6.tmp (Trojan.Vundo) -> Delete on reboot. C:\System Volume Information\_restore{208125D3-8770-41C6-9672-8E23A5CF3D87}\RP100\A0032812.exe (Trojan.Downloader) -> Quarantined and deleted successfully. C:\System Volume Information\_restore{208125D3-8770-41C6-9672-8E23A5CF3D87}\RP99\A0032800.exe (Trojan.Downloader) -> Quarantined and deleted successfully. C:\WINDOWS\mrofinu2000352.exe.tmp (Trojan.Downloader) -> Quarantined and deleted successfully. C:\WINDOWS\system32\cbXpQkIC.dll (Trojan.Vundo) -> Quarantined and deleted successfully. C:\WINDOWS\system32\cbXqOfeb.dll (Trojan.Vundo) -> Quarantined and deleted successfully. C:\WINDOWS\system32\iifecdaw.dll (Trojan.Vundo) -> Quarantined and deleted successfully. C:\WINDOWS\system32\xwgscllb.exe (Trojan.Vundo) -> Quarantined and deleted successfully. C:\Documents and Settings\Cyril\Local Settings\Temp\axfgumkw.exe (Trojan.Vundo) -> Quarantined and deleted successfully. C:\Documents and Settings\Cyril\Local Settings\Temp\mlJCUMEV.dll (Trojan.Vundo) -> Quarantined and deleted successfully. C:\Documents and Settings\Cyril\Local Settings\Temp\pmnkHWpQ.dll (Trojan.Vundo) -> Quarantined and deleted successfully. C:\Documents and Settings\Cyril\Local Settings\Temp\rkknetbw.dll (Trojan.Vundo) -> Quarantined and deleted successfully. C:\Documents and Settings\Cyril\Local Settings\Temp\sqjwgpgc.dll (Trojan.Vundo) -> Quarantined and deleted successfully. C:\Documents and Settings\Cyril\Local Settings\Temp\urqPheeF.dll (Trojan.Vundo) -> Quarantined and deleted successfully. C:\Documents and Settings\Cyril\Local Settings\Temp\wfmmoqyh.dll (Trojan.Vundo) -> Quarantined and deleted successfully. C:\Documents and Settings\Cyril\Local Settings\Temporary Internet Files\Content.IE5\3BT423OO\ico[1] (Trojan.Vundo) -> Quarantined and deleted successfully. C:\Documents and Settings\Cyril\Local Settings\Temporary Internet Files\Content.IE5\3BT423OO\kb65666[1] (Trojan.Vundo) -> Quarantined and deleted successfully. C:\Documents and Settings\Cyril\Local Settings\Temporary Internet Files\Content.IE5\MD030COZ\kb671231[1] (Trojan.Vundo) -> Quarantined and deleted successfully. C:\Documents and Settings\Cyril\Local Settings\Temporary Internet Files\Content.IE5\OJ7QG1K0\kb456456[1] (Trojan.Vundo) -> Quarantined and deleted successfully. C:\Documents and Settings\Cyril\Local Settings\Temporary Internet Files\Content.IE5\VJJUDP0C\kb767887[1] (Trojan.Vundo) -> Quarantined and deleted successfully. C:\Documents and Settings\Lile\Local Settings\Temporary Internet Files\Content.IE5\F9T8D188\17PHolmes[1].cmt (Trojan.Downloader) -> Quarantined and deleted successfully. C:\Documents and Settings\Lile\Local Settings\Temporary Internet Files\Content.IE5\H1QZQQP1\ico[1] (Trojan.Vundo) -> Quarantined and deleted successfully. C:\Documents and Settings\Lile\Local Settings\Temporary Internet Files\Content.IE5\NAOBR5GD\kb456456[1] (Trojan.Vundo) -> Quarantined and deleted successfully. C:\Documents and Settings\Lile\Local Settings\Temporary Internet Files\Content.IE5\NAOBR5GD\kb767887[1] (Trojan.Vundo) -> Delete on reboot. C:\Documents and Settings\Lile\Local Settings\Temporary Internet Files\Content.IE5\P22IMIBS\kb65666[1] (Trojan.Vundo) -> Delete on reboot. E:\System Volume Information\_restore{208125D3-8770-41C6-9672-8E23A5CF3D87}\RP68\A0025123.EXE (Trojan.Agent) -> Quarantined and deleted successfully. C:\WINDOWS\system32\ (Dialer) -> Delete on reboot. C:\WINDOWS\system32\okvwbway.dll (Trojan.Agent) -> Delete on reboot. C:\WINDOWS\system32\ewntafjh.dll (Trojan.Vundo) -> Delete on reboot. C:\WINDOWS\pskt.ini (Trojan.Vundo) -> Quarantined and deleted successfully. C:\WINDOWS\system32\vuohoxrm.dll (Trojan.Vundo) -> Quarantined and deleted successfully. C:\WINDOWS\BM73a98bb3.xml (Trojan.Vundo) -> Quarantined and deleted successfully. C:\WINDOWS\BM73a98bb3.txt (Trojan.Vundo) -> Quarantined and deleted successfully. Voici le nouveau rapport HiJack : Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 10:41:07, on 13/08/2008 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16674) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\ZoneLabs\vsmon.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\mdm.exe C:\Program Files\Raxco\PerfectDisk2008\PD91Agent.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\wscntfy.exe C:\Program Files\Unlocker\UnlockerAssistant.exe C:\Program Files\Analog Devices\Core\smax4pnp.exe C:\Program Files\Analog Devices\SoundMAX\Smax4.exe C:\Program Files\Winamp\winampa.exe C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe C:\WINDOWS\tsnpstd3.exe C:\Program Files\ATI Technologies\ATI.ACE\CLI.EXE C:\WINDOWS\vsnpstd3.exe C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Nokia\Nokia PC Suite 6\PCSync2.exe C:\Program Files\Nokia\Nokia PC Suite 6\PCSuite.exe C:\Program Files\Windows Live\Messenger\msnmsgr.exe C:\Program Files\DAEMON Tools Pro\DTProAgent.exe C:\Program Files\Logitech\SetPoint\SetPoint.exe C:\Program Files\Yahoo!\Widgets\YahooWidgets.exe C:\Program Files\PC Connectivity Solution\ServiceLayer.exe C:\Program Files\PC Connectivity Solution\Transports\NclUSBSrv.exe C:\Program Files\Fichiers communs\Logitech\KHAL\KHALMNPR.EXE C:\Program Files\PC Connectivity Solution\Transports\NclRSSrv.exe C:\Program Files\Fichiers communs\Nokia\MPAPI\MPAPI3s.exe C:\Program Files\ATI Technologies\ATI.ACE\cli.exe C:\Program Files\ATI Technologies\ATI.ACE\cli.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\HiJack This\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens O2 - BHO: {f135e3ed-c466-b678-8264-55a2c2a3b4c5} - {5c4b3a2c-2a55-4628-876b-664cde3e531f} - C:\WINDOWS\system32\womguc.dll (file missing) O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll O4 - HKLM\..\Run: [Logitech Hardware Abstraction Layer] KHALMNPR.EXE O4 - HKLM\..\Run: [unlockerAssistant] C:\Program Files\Unlocker\UnlockerAssistant.exe -H O4 - HKLM\..\Run: [soundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe O4 - HKLM\..\Run: [soundMAX] "C:\Program Files\Analog Devices\SoundMAX\Smax4.exe" /tray O4 - HKLM\..\Run: [synchronization Manager] %SystemRoot%\system32\mobsync.exe /logon O4 - HKLM\..\Run: [WinampAgent] "C:\Program Files\Winamp\winampa.exe" O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe" O4 - HKLM\..\Run: [ATICCC] "C:\Program Files\ATI Technologies\ATI.ACE\CLIStart.exe" O4 - HKLM\..\Run: [JMB36X Configure] C:\WINDOWS\system32\JMRaidTool.exe boot O4 - HKLM\..\Run: [tsnpstd3] C:\WINDOWS\tsnpstd3.exe O4 - HKLM\..\Run: [snpstd3] C:\WINDOWS\vsnpstd3.exe O4 - HKLM\..\Run: [NBKeyScan] "C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe" O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe" O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [AlcoholAutomount] "C:\Program Files\Alcohol Soft\Alcohol 120\axcmd.exe" /automount O4 - HKCU\..\Run: [Nokia.PCSync] "C:\Program Files\Nokia\Nokia PC Suite 6\PCSync2.exe" /NoDialog O4 - HKCU\..\Run: [PC Suite Tray] "C:\Program Files\Nokia\Nokia PC Suite 6\PCSuite.exe" -onlytray O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background O4 - HKCU\..\Run: [indxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Fichiers communs\Nero\Lib\NMIndexStoreSvr.exe" ASO-616B5711-6DAE-4795-A05F-39A1E5104020 O4 - HKCU\..\Run: [DAEMON Tools Pro Agent] "C:\Program Files\DAEMON Tools Pro\DTProAgent.exe" O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-19\..\RunOnce: [nltide3] cmd.exe /C rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-19\..\RunOnce: [nltide2] cmd.exe /C rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,L,,4,N (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU') O4 - HKUS\S-1-5-20\..\RunOnce: [nltide3] cmd.exe /C rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'SERVICE RÉSEAU') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\S-1-5-18\..\RunOnce: [nltide3] cmd.exe /C rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O4 - HKUS\.DEFAULT\..\RunOnce: [nltide3] cmd.exe /C rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'Default user') O4 - Startup: Yahoo! Widgets.lnk = C:\Program Files\Yahoo!\Widgets\YahooWidgets.exe O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O20 - Winlogon Notify: khfGwWPF - khfGwWPF.dll (file missing) O23 - Service: Avira AntiVir Personal - Free Antivirus Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe O23 - Service: Avira AntiVir Personal - Free Antivirus Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe O23 - Service: Ma-Config Service (maconfservice) - CybelSoft - C:\Program Files\ma-config.com\maconfservice.exe O23 - Service: PD91Agent - Raxco Software, Inc. - C:\Program Files\Raxco\PerfectDisk2008\PD91Agent.exe O23 - Service: PD91Engine - Raxco Software, Inc. - C:\Program Files\Raxco\PerfectDisk2008\PD91Engine.exe O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe -- End of file - 8725 bytes

Est ce qu'en lisant ce rapport on peut y voir que le ralentissement est du à une infection ou est ce que je dois voir plutot avec la rubrique "optimisation" ?

Bonjour à tous Depuis peu j'ai constaté que mon PC tourne au ralenti. Je ne vois vraiment pas d'où cela peut venir, Antivir ne me détecte aucun malware. J'ai suivi la procédure donnée et me voilà devant vous avec un joli rapport HiJack. Si l'un d'entre vous peut me dire d'où vient mon problème et comment le régler. Merci d'avance. Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 15:43:23, on 11/08/2008 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16674) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\ZoneLabs\vsmon.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\mdm.exe C:\Program Files\Raxco\PerfectDisk2008\PD91Agent.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\wscntfy.exe C:\Program Files\Unlocker\UnlockerAssistant.exe C:\Program Files\Analog Devices\Core\smax4pnp.exe C:\Program Files\Analog Devices\SoundMAX\Smax4.exe C:\Program Files\Winamp\winampa.exe C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe C:\WINDOWS\tsnpstd3.exe C:\WINDOWS\vsnpstd3.exe C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\ATI Technologies\ATI.ACE\CLI.EXE C:\Program Files\Nokia\Nokia PC Suite 6\PCSync2.exe C:\Program Files\Nokia\Nokia PC Suite 6\PCSuite.exe C:\Program Files\Windows Live\Messenger\msnmsgr.exe C:\Program Files\DAEMON Tools Pro\DTProAgent.exe C:\Program Files\Logitech\SetPoint\SetPoint.exe C:\Program Files\Yahoo!\Widgets\YahooWidgets.exe C:\Program Files\PC Connectivity Solution\ServiceLayer.exe C:\Program Files\PC Connectivity Solution\Transports\NclUSBSrv.exe C:\Program Files\PC Connectivity Solution\Transports\NclRSSrv.exe C:\Program Files\Fichiers communs\Logitech\KHAL\KHALMNPR.EXE C:\Program Files\Fichiers communs\Nokia\MPAPI\MPAPI3s.exe C:\Program Files\ATI Technologies\ATI.ACE\cli.exe C:\Program Files\ATI Technologies\ATI.ACE\cli.exe C:\WINDOWS\system32\wuauclt.exe C:\Program Files\HiJack This\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file) O4 - HKLM\..\Run: [Logitech Hardware Abstraction Layer] KHALMNPR.EXE O4 - HKLM\..\Run: [unlockerAssistant] C:\Program Files\Unlocker\UnlockerAssistant.exe -H O4 - HKLM\..\Run: [soundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe O4 - HKLM\..\Run: [soundMAX] "C:\Program Files\Analog Devices\SoundMAX\Smax4.exe" /tray O4 - HKLM\..\Run: [synchronization Manager] %SystemRoot%\system32\mobsync.exe /logon O4 - HKLM\..\Run: [WinampAgent] "C:\Program Files\Winamp\winampa.exe" O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe" O4 - HKLM\..\Run: [ATICCC] "C:\Program Files\ATI Technologies\ATI.ACE\CLIStart.exe" O4 - HKLM\..\Run: [JMB36X Configure] C:\WINDOWS\system32\JMRaidTool.exe boot O4 - HKLM\..\Run: [tsnpstd3] C:\WINDOWS\tsnpstd3.exe O4 - HKLM\..\Run: [snpstd3] C:\WINDOWS\vsnpstd3.exe O4 - HKLM\..\Run: [NBKeyScan] "C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe" O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe" O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [AlcoholAutomount] "C:\Program Files\Alcohol Soft\Alcohol 120\axcmd.exe" /automount O4 - HKCU\..\Run: [Nokia.PCSync] "C:\Program Files\Nokia\Nokia PC Suite 6\PCSync2.exe" /NoDialog O4 - HKCU\..\Run: [PC Suite Tray] "C:\Program Files\Nokia\Nokia PC Suite 6\PCSuite.exe" -onlytray O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background O4 - HKCU\..\Run: [indxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Fichiers communs\Nero\Lib\NMIndexStoreSvr.exe" ASO-616B5711-6DAE-4795-A05F-39A1E5104020 O4 - HKCU\..\Run: [DAEMON Tools Pro Agent] "C:\Program Files\DAEMON Tools Pro\DTProAgent.exe" O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-19\..\RunOnce: [nltide3] cmd.exe /C rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-19\..\RunOnce: [nltide2] cmd.exe /C rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,L,,4,N (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU') O4 - HKUS\S-1-5-20\..\RunOnce: [nltide3] cmd.exe /C rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'SERVICE RÉSEAU') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\S-1-5-18\..\RunOnce: [nltide3] cmd.exe /C rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O4 - HKUS\.DEFAULT\..\RunOnce: [nltide3] cmd.exe /C rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'Default user') O4 - Startup: Yahoo! Widgets.lnk = C:\Program Files\Yahoo!\Widgets\YahooWidgets.exe O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe O23 - Service: Ma-Config Service (maconfservice) - CybelSoft - C:\Program Files\ma-config.com\maconfservice.exe O23 - Service: PD91Agent - Raxco Software, Inc. - C:\Program Files\Raxco\PerfectDisk2008\PD91Agent.exe O23 - Service: PD91Engine - Raxco Software, Inc. - C:\Program Files\Raxco\PerfectDisk2008\PD91Engine.exe O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe -- End of file - 8179 bytes

Merci à vous

Bonjour à tous, Voilà j'ai un petit problème tout ridicule mais qui m'agace. Depuis que je viens de réinstaller Windows XP je n'ai plus l'icone Bureau sur la barre de lancement rapide. Je ne sais pas du tout où la retrouver. Si quelqu'un peut me renseigner. Merci.

Oki c'est tout bon, et c'était tout bête Merci angélique

Bonjour, Voilà j'espère être dans la section adapté. J'ai un petit problème : je viens d'installer windows XP, j'ai mis un mot de passe à la session admin, j'ai créer une nouvelle session admin et une utilisateur. Le problème c'est que lorsque que je démarre le pc il se dirige directement vers la première session administrateur sans demander de mot de passe alors que celle ci ne doit apparaitre qu'au démarrage en mode sans échec. Est ce que quelqu'un pourrait me dire d'où vient ce problème et comment faire pour avoir la page de démarrage me donnant le choix entre mes divers sessions. Merci.

Oki pour l'instant ca va, wait and see... En tout cas le problème pour lequel j'avais demandé de l'aide est résolu donc merci pour tout.

AAAARRRRRRRRRRRGGGGGGGGGHHHHHHHHHHHHHHH!!!!! J'en ai marre!!! La avec juste RTL2 en diffusion ca plante!!! Help!!!!!

Moueff par contre j'ai l'impression qu'on se trompe de voie avec la vidéo : ce soir le pc a freezer 2 fois alors que - 1° fois : juste grabit + winrar + MSN en cours - 2° fois : juste grabit + radio en ligne + MSN en cours Une idée d'où ca pourrait venir ? Je précise que les autres fois où ca a fait la même chose MSN ou grabit n'était pas forcément allumé... Si tu pouvais m'aider la dessus par que je ne vois vraiment pas d'où ca pourrait venir.

c'est bon

c fait

J'ai jamais eu d'écran bleu, ca se fige d'un coup et hop y'a plus qu'a redémarrer

Bon alors ça c'est fait par contre la mauvaise nouvelle c'est que le pc a encore planté et ce pendant que je regardais une petite vidéo en streaming. Pas d'autre choix que le reboot, encore

Ok. Merci pour tout. C'est tout bon ou il reste encore des optimisations que tu me conseille de faire?

Et beh ! Je sais pas ce que tu m'as fait faire exactement mais ça marche beaucoup mieux : je l'ai forcé au niveau lecture de film et R.A.S. Merci

Désolé je pars bosser. Je te dis ça demain dans la journée. Bonne soirée