Beaucoup de Trojans...

lolliz -  
servabat Messages postés 2073 Statut Membre -
Bonjour,
Je suis désolée mais je suis infectée de nombreux trojans et je ne sais pas bien quoi faire...
Merci d'avance
Lolliz
Configuration: Windows Vista
Internet Explorer 7.0

12 réponses

  1. brahim33 Messages postés 6827 Statut Membre 1 166
     
    salut
    ton antivirus ne fait rien? ta quoi comme antivirus et antispyware ...etc?
    0
  2. servabat Messages postés 2073 Statut Membre 269
     
    => Fait un scan hijackthis :
    _ pour ceci , telecharge le ici
    _ Demarre le
    _ Appuie sur "Do a system scan an save a log file"
    _boit un coca
    _A la fin le notepad souvre. Copie en le contenu est copie le ici
    => Ensuite, laisse hijackthis et telecharge RSIT puis fait un scan. Pour ceci,
    _Installe le, normalement c'est deja fait
    _Accepte le condition (clique sur Continue)
    _boit un thé
    _Deux fichier notepad souvre , copie en le contenu
    =>Fait un scan Ad-aware , a telecharger ici
    _installe le , fait un scan
    _boit un ju dorange
    _ copie le scan ici
    =>Fait un scan Usb-fix ,en le telechargant et l'installant ici pour ceci,
    _Branche tout tes support de stockage
    _double clique sur Usb-fix
    _Choisis l'option 1
    _Boit un café
    _Copie le ici
    =>En suite, fait un scan active scan (c'est en ligne ici https://www.pandasecurity.com/en/homeusers/online-antivirus/?ref=activescan
    pour ceci
    _ouvre le lien avec INTERNET EXPLORER
    _appuis sur analyser
    _Installe le plugin
    _recharge la page
    _boit du vin
    _copie tout ici
    => fait un scan a squared https://www.01net.com/telecharger/
    pour ceci , installe le
    _boit ce que tu veut
    _copie tout ici
    => apres tu en auras marre de boire , desolé
    0
  3. lolliz
     
    avast 4 tourne mais il voulait plus se mettre à jour depuis qq temps...
    C'est windows defender qui m'a avertit des problemes.
    Mais plusieurs choses ne tournaient déjà pas rond depuis l'achat de mon pc en vista... Je ne peux pas mettre vista service pack 2 car sinon je n'ai plus accès au sites en https... c'est génant. Donc j'ai l'impression qu'avast n'a plus voulu se mettre à jour depuis que le système n'était lui même plus à jour...
    C'est du compliqué pour moi tout ça !
    0
  4. lolliz
     
    Voici le rapport :

    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 14:24:51, on 19/04/2009
    Platform: Windows Vista (WinNT 6.00.1904)
    MSIE: Internet Explorer v7.00 (7.00.6000.16681)
    Boot mode: Normal

    Running processes:
    C:\Windows\system32\taskeng.exe
    C:\Windows\system32\Dwm.exe
    C:\Windows\Explorer.EXE
    C:\Program Files\Windows Defender\MSASCui.exe
    C:\Windows\RtHDVCpl.exe
    C:\hp\support\hpsysdrv.exe
    C:\Program Files\Hewlett-Packard\On-Screen OSD Indicator\OSD.exe
    C:\Windows\system32\schtasks.exe
    C:\Program Files\Alwil Software\Avast4\ashDisp.exe
    C:\Program Files\HP\HP Software Update\hpwuSchd2.exe
    c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
    C:\Program Files\Windows Sidebar\sidebar.exe
    c:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.EXE
    C:\Program Files\Hewlett-Packard\HP Advisor\HPAdvisor.exe
    C:\Windows\ehome\ehtray.exe
    C:\Windows\ehome\ehmsas.exe
    C:\Windows\System32\mobsync.exe
    C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
    C:\hp\kbd\kbd.exe
    C:\Windows\system32\wuauclt.exe
    C:\Program Files\Internet Explorer\ieuser.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\Windows\system32\Macromed\Flash\FlashUtil9f.exe
    C:\Users\nousote\Desktop\HiJackThis.exe

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/...
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/...
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.hp.com/...
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
    O1 - Hosts: ::1 localhost
    O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
    O2 - BHO: NCO 2.0 IE BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - (no file)
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
    O2 - BHO: AOL Toolbar Launcher - {7C554162-8CB7-45A4-B8F4-8EA1C75885F9} - C:\Program Files\AOL\AOL Toolbar 5.0\aoltb.dll
    O3 - Toolbar: (no name) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - (no file)
    O3 - Toolbar: AOL Toolbar - {DE9C389F-3316-41A7-809B-AA305ED9D922} - C:\Program Files\AOL\AOL Toolbar 5.0\aoltb.dll
    O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
    O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
    O4 - HKLM\..\Run: [hpsysdrv] c:\hp\support\hpsysdrv.exe
    O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KbdStub.EXE
    O4 - HKLM\..\Run: [OsdMaestro] "C:\Program Files\Hewlett-Packard\On-Screen OSD Indicator\OSD.exe"
    O4 - HKLM\..\Run: [StartCCC] "c:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe"
    O4 - HKLM\..\Run: [HP Health Check Scheduler] [ProgramFilesFolder]Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe
    O4 - HKLM\..\Run: [SunJavaUpdateReg] "C:\Windows\system32\jureg.exe"
    O4 - HKLM\..\Run: [ccApp] "c:\Program Files\Common Files\Symantec Shared\ccApp.exe"
    O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
    O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
    O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
    O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
    O4 - HKCU\..\Run: [HPAdvisor] C:\Program Files\Hewlett-Packard\HP Advisor\HPAdvisor.exe autorun=AUTORUN
    O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
    O9 - Extra button: AOL Toolbar - {3369AF0D-62E9-4bda-8103-B4C75499B578} - C:\Program Files\AOL\AOL Toolbar 5.0\aoltb.dll
    O13 - Gopher Prefix:
    O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} (Facebook Photo Uploader 5 Control) - http://upload.facebook.com/controls/2008.10.10_v5.5.8/FacebookPhotoUploader5.cab
    O16 - DPF: {BA162249-F2C5-4851-8ADC-FC58CB424243} (Image Uploader Control) - http://copainsdavant.linternaute.com/...
    O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
    O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
    O23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:\Windows\system32\Ati2evxx.exe
    O23 - Service: Planificateur LiveUpdate automatique (Automatic LiveUpdate Scheduler) - Symantec Corporation - c:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe
    O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
    O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
    O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
    O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
    O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
    O23 - Service: GameConsoleService - WildTangent, Inc. - C:\Program Files\HP Games\My HP Game Console\GameConsoleService.exe
    O23 - Service: HP Health Check Service - Hewlett-Packard - c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe
    O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - c:\Program Files\Common Files\LightScribe\LSSrvc.exe
    O23 - Service: LiveUpdate - Symantec Corporation - c:\Program Files\Symantec\LiveUpdate\LuComServer_3_4.EXE
    0
  5. Vous n’avez pas trouvé la réponse que vous recherchez ?

    Posez votre question
  6. lolliz
     
    Rapport adware

    Logfile created: 19/04/2009 14:56:56
    Lavasoft Ad-Aware version: 8.0
    Extended engine version: 8.1
    User performing scan: nousote

    *********************** Definitions database information ***********************
    Lavasoft definition file: 144.0
    Extended engine definition file: 8.1

    ******************************** Scan results: *********************************
    Scan profile name: Analyse astucieuse (ID: smart)
    Objects scanned: 22229
    Objects detected: 12

    Type Detected
    ==========================
    Processes.......: 0
    Registry entries: 0
    Hostfile entries: 0
    Files...........: 0
    Folders.........: 0
    LSPs............: 0
    Cookies.........: 12
    Browser hijacks.: 0
    MRU objects.....: 0

    Removed items:
    Description: *ad.yieldmanager* Family Name: Cookies Clean status: Success Item ID: 409172 Family ID: 0
    Description: *advertis* Family Name: Cookies Clean status: Success Item ID: 408918 Family ID: 0
    Description: *advertising* Family Name: Cookies Clean status: Success Item ID: 409017 Family ID: 0
    Description: *atdmt* Family Name: Cookies Clean status: Success Item ID: 408910 Family ID: 0
    Description: *weborama* Family Name: Cookies Clean status: Success Item ID: 408955 Family ID: 0
    Description: *doubleclick* Family Name: Cookies Clean status: Success Item ID: 408875 Family ID: 0
    Description: *kontera* Family Name: Cookies Clean status: Success Item ID: 409363 Family ID: 0
    Description: *adserver* Family Name: Cookies Clean status: Success Item ID: 408737 Family ID: 0
    Description: *adserv* Family Name: Cookies Clean status: Success Item ID: 408921 Family ID: 0
    Description: *adserve* Family Name: Cookies Clean status: Success Item ID: 409020 Family ID: 0
    Description: *statcounter* Family Name: Cookies Clean status: Success Item ID: 409185 Family ID: 0
    Description: *tradedoubler* Family Name: Cookies Clean status: Success Item ID: 408964 Family ID: 0

    Scan and cleaning complete: Finished correctly after 22 seconds

    *********************************** Settings ***********************************

    Scan profile:
    ID: smart, enabled:1, value: Analyse astucieuse
    ID: scancriticalareas, enabled:1, value: true
    ID: scanrunningapps, enabled:1, value: true
    ID: scanregistry, enabled:1, value: true
    ID: scanlsp, enabled:1, value: true
    ID: scanads, enabled:1, value: false
    ID: scanhostsfile, enabled:1, value: false
    ID: scanmru, enabled:1, value: false
    ID: scanbrowserhijacks, enabled:1, value: true
    ID: scantrackingcookies, enabled:1, value: true
    ID: closebrowsers, enabled:1, value: false
    ID: folderstoscan, enabled:1, value:
    ID: scanrootkits, enabled:1, value: true
    ID: usespywareheuristics, enabled:1, value: true
    ID: extendedengine, enabled:0, value: true
    ID: useheuristics, enabled:0, value: true
    ID: heuristicslevel, enabled:0, value: mild, domain: medium,mild,strict
    ID: filescanningoptions, enabled:1
    ID: archives, enabled:1, value: false
    ID: onlyexecutables, enabled:1, value: true
    ID: skiplargerthan, enabled:1, value: 20480

    Scan global:
    ID: global, enabled:1
    ID: addtocontextmenu, enabled:1, value: true
    ID: playsoundoninfection, enabled:1, value: false
    ID: soundfile, enabled:0, value: *to be filled in automatically*\alert.wav

    Scheduled scan settings:
    <Empty>

    Update settings:
    ID: updates, enabled:1
    ID: launchthreatworksafterscan, enabled:1, value: normal, domain: normal,off,silently
    ID: displaystatus, enabled:1, value: false
    ID: deffiles, enabled:1, value: downloadandinstall, domain: dontcheck,downloadandinstall
    ID: autodetectproxy, enabled:1, value: false
    ID: useautoconfigscript, enabled:1, value: false
    ID: autoconfigurl, enabled:0, value:
    ID: useproxy, enabled:1, value: false
    ID: proxyserver, enabled:0, value:
    ID: softwareupdates, enabled:1, value: downloadandinstall, domain: dontcheck,downloadandinstall
    ID: licenseandinfo, enabled:1, value: downloadandinstall, domain: dontcheck,downloadandinstall
    ID: schedules, enabled:1, value: true
    ID: updatedaily, enabled:1, value: Daily
    ID: time, enabled:1, value: Sun Apr 19 14:42:00 2009
    ID: frequency, enabled:1, value: daily, domain: daily,monthly,once,systemstart,weekly
    ID: weekdays, enabled:1
    ID: monday, enabled:1, value: false
    ID: tuesday, enabled:1, value: false
    ID: wednesday, enabled:1, value: false
    ID: thursday, enabled:1, value: false
    ID: friday, enabled:1, value: false
    ID: saturday, enabled:1, value: false
    ID: sunday, enabled:1, value: false
    ID: monthly, enabled:1, value: 1, minvalue: 1, maxvalue: 31
    ID: scanprofile, enabled:1, value:
    ID: auto_deal_with_infections, enabled:1, value: false
    ID: updateweekly, enabled:1, value: Weekly
    ID: time, enabled:1, value: Sun Apr 19 14:42:00 2009
    ID: frequency, enabled:1, value: weekly, domain: daily,monthly,once,systemstart,weekly
    ID: weekdays, enabled:1
    ID: monday, enabled:1, value: true
    ID: tuesday, enabled:1, value: false
    ID: wednesday, enabled:1, value: false
    ID: thursday, enabled:1, value: false
    ID: friday, enabled:1, value: false
    ID: saturday, enabled:1, value: false
    ID: sunday, enabled:1, value: true
    ID: monthly, enabled:1, value: 1, minvalue: 1, maxvalue: 31
    ID: scanprofile, enabled:1, value:
    ID: auto_deal_with_infections, enabled:1, value: false

    Appearance settings:
    ID: appearance, enabled:1
    ID: skin, enabled:1, value: default.egl, reglocation: HKEY_LOCAL_MACHINE\SOFTWARE\Lavasoft\Ad-Aware\Resource
    ID: showtrayicon, enabled:1, value: true
    ID: language, enabled:1, value: fr, reglocation: HKEY_LOCAL_MACHINE\SOFTWARE\Lavasoft\Ad-Aware\Language

    Realtime protection settings:
    ID: realtime, enabled:1
    ID: processprotection, enabled:1, value: true
    ID: registryprotection, enabled:0, value: true
    ID: networkprotection, enabled:0, value: true
    ID: loadatstartup, enabled:1, value: true
    ID: usespywareheuristics, enabled:0, value: true
    ID: extendedengine, enabled:0, value: true
    ID: useheuristics, enabled:0, value: true
    ID: heuristicslevel, enabled:0, value: strict, domain: medium,mild,strict
    ID: infomessages, enabled:1, value: display, domain: animated,display,dontnotify

    ****************************** System information ******************************
    Computer name: PC-DE-NOUSOTE
    Processor name: AMD Athlon(tm) 64 X2 Dual Core Processor 4400+
    Processor identifier: x86 Family 15 Model 107 Stepping 2
    Raw info: processorarchitecture 0, processortype 586, processorlevel 15, processor revision 27394, number of processors 2
    Physical memory available: 2185871360 bytes
    Physical memory total: 3218997248 bytes
    Virtual memory available: 2030559232 bytes
    Virtual memory total: 2147352576 bytes
    Memory load: 32%
    Microsoft Windows Vista Home Premium Edition, 32-bit (build 6000)
    Windows startup mode:

    Running processes:
    PID: 412 name: C:\Windows\System32\smss.exe owner: SYSTEM domain: AUTORITE NT
    PID: 480 name: C:\Windows\System32\csrss.exe owner: SYSTEM domain: AUTORITE NT
    PID: 540 name: C:\Windows\System32\wininit.exe owner: SYSTEM domain: AUTORITE NT
    PID: 552 name: C:\Windows\System32\csrss.exe owner: SYSTEM domain: AUTORITE NT
    PID: 584 name: C:\Windows\System32\services.exe owner: SYSTEM domain: AUTORITE NT
    PID: 596 name: C:\Windows\System32\lsass.exe owner: SYSTEM domain: AUTORITE NT
    PID: 604 name: C:\Windows\System32\lsm.exe owner: SYSTEM domain: AUTORITE NT
    PID: 744 name: C:\Windows\System32\svchost.exe owner: SYSTEM domain: AUTORITE NT
    PID: 776 name: C:\Windows\System32\winlogon.exe owner: SYSTEM domain: AUTORITE NT
    PID: 848 name: C:\Windows\System32\svchost.exe owner: SERVICE RÉSEAU domain: AUTORITE NT
    PID: 888 name: C:\Windows\System32\svchost.exe owner: SYSTEM domain: AUTORITE NT
    PID: 976 name: C:\Windows\System32\Ati2evxx.exe owner: SYSTEM domain: AUTORITE NT
    PID: 992 name: C:\Windows\System32\svchost.exe owner: SERVICE LOCAL domain: AUTORITE NT
    PID: 1020 name: C:\Windows\System32\svchost.exe owner: SYSTEM domain: AUTORITE NT
    PID: 1036 name: C:\Windows\System32\svchost.exe owner: SYSTEM domain: AUTORITE NT
    PID: 1192 name: C:\Windows\System32\SLsvc.exe owner: SERVICE RÉSEAU domain: AUTORITE NT
    PID: 1224 name: C:\Windows\System32\svchost.exe owner: SERVICE LOCAL domain: AUTORITE NT
    PID: 1340 name: C:\Windows\System32\Ati2evxx.exe owner: SYSTEM domain: AUTORITE NT
    PID: 1408 name: C:\Windows\System32\svchost.exe owner: SERVICE RÉSEAU domain: AUTORITE NT
    PID: 1552 name: C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe owner: SYSTEM domain: AUTORITE NT
    PID: 1568 name: C:\Program Files\Alwil Software\Avast4\ashServ.exe owner: SYSTEM domain: AUTORITE NT
    PID: 1624 name: C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe owner: SYSTEM domain: AUTORITE NT
    PID: 1876 name: C:\Windows\System32\spoolsv.exe owner: SYSTEM domain: AUTORITE NT
    PID: 1900 name: C:\Program Files\Common Files\Symantec Shared\CCSVCHST.EXE owner: SYSTEM domain: AUTORITE NT
    PID: 1976 name: C:\Windows\System32\svchost.exe owner: SERVICE LOCAL domain: AUTORITE NT
    PID: 1156 name: C:\Program Files\Common Files\LightScribe\LSSrvc.exe owner: SYSTEM domain: AUTORITE NT
    PID: 712 name: C:\Windows\System32\svchost.exe owner: SERVICE RÉSEAU domain: AUTORITE NT
    PID: 636 name: C:\Windows\System32\svchost.exe owner: SERVICE LOCAL domain: AUTORITE NT
    PID: 1032 name: C:\Windows\System32\svchost.exe owner: SYSTEM domain: AUTORITE NT
    PID: 1380 name: C:\Windows\System32\SearchIndexer.exe owner: SYSTEM domain: AUTORITE NT
    PID: 2216 name: C:\Windows\System32\WUDFHost.exe owner: SERVICE LOCAL domain: AUTORITE NT
    PID: 2320 name: C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe owner: SYSTEM domain: AUTORITE NT
    PID: 2344 name: C:\Program Files\Alwil Software\Avast4\ashWebSv.exe owner: SYSTEM domain: AUTORITE NT
    PID: 2508 name: C:\Windows\System32\wbem\unsecapp.exe owner: SYSTEM domain: AUTORITE NT
    PID: 2524 name: C:\Windows\System32\taskeng.exe owner: SYSTEM domain: AUTORITE NT
    PID: 2700 name: C:\Windows\System32\wbem\WmiPrvSE.exe owner: SYSTEM domain: AUTORITE NT
    PID: 3456 name: C:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe owner: SYSTEM domain: AUTORITE NT
    PID: 3564 name: C:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Service.exe owner: SYSTEM domain: AUTORITE NT
    PID: 3428 name: C:\Windows\System32\taskeng.exe owner: nousote domain: PC-de-nousote
    PID: 2716 name: C:\Windows\System32\dwm.exe owner: nousote domain: PC-de-nousote
    PID: 3496 name: C:\Windows\explorer.exe owner: nousote domain: PC-de-nousote
    PID: 1420 name: C:\Windows\System32\SearchProtocolHost.exe owner: SYSTEM domain: AUTORITE NT
    PID: 4044 name: C:\Windows\System32\SearchFilterHost.exe owner: SYSTEM domain: AUTORITE NT
    PID: 3396 name: C:\Program Files\Windows Defender\MSASCui.exe owner: nousote domain: PC-de-nousote
    PID: 2844 name: C:\Windows\RtHDVCpl.exe owner: nousote domain: PC-de-nousote
    PID: 2384 name: C:\hp\support\hpsysdrv.exe owner: nousote domain: PC-de-nousote
    PID: 3972 name: C:\hp\KBD\KbdStub.exe owner: nousote domain: PC-de-nousote
    PID: 3588 name: C:\Program Files\Hewlett-Packard\On-Screen OSD Indicator\OSD.exe owner: nousote domain: PC-de-nousote
    PID: 2756 name: C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe owner: nousote domain: PC-de-nousote
    PID: 2964 name: C:\Windows\System32\schtasks.exe owner: nousote domain: PC-de-nousote
    PID: 2676 name: C:\Program Files\Adobe\Reader 8.0\Reader\reader_sl.exe owner: nousote domain: PC-de-nousote
    PID: 2376 name: C:\Program Files\Alwil Software\Avast4\ashDisp.exe owner: nousote domain: PC-de-nousote
    PID: 2352 name: C:\Program Files\Common Files\Symantec Shared\CCSVCHST.EXE owner: nousote domain: PC-de-nousote
    PID: 4068 name: C:\Program Files\HP\HP Software Update\hpwuSchd2.exe owner: nousote domain: PC-de-nousote
    PID: 3888 name: C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe owner: nousote domain: PC-de-nousote
    PID: 3012 name: C:\Program Files\Windows Sidebar\sidebar.exe owner: nousote domain: PC-de-nousote
    PID: 2552 name: C:\Program Files\Hewlett-Packard\HP Advisor\HPAdvisor.exe owner: nousote domain: PC-de-nousote
    PID: 2640 name: C:\Windows\ehome\ehtray.exe owner: nousote domain: PC-de-nousote
    PID: 3472 name: C:\Windows\System32\wuauclt.exe owner: nousote domain: PC-de-nousote
    PID: 4076 name: C:\Windows\ehome\ehmsas.exe owner: nousote domain: PC-de-nousote
    PID: 1080 name: C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe owner: nousote domain: PC-de-nousote
    PID: 2108 name: C:\Program Files\Internet Explorer\ieuser.exe owner: nousote domain: PC-de-nousote
    PID: 252 name: C:\Program Files\Internet Explorer\iexplore.exe owner: nousote domain: PC-de-nousote
    PID: 3468 name: C:\Windows\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe owner: SERVICE LOCAL domain: AUTORITE NT
    PID: 2084 name: C:\Windows\System32\Macromed\Flash\FlashUtil9f.exe owner: nousote domain: PC-de-nousote
    PID: 3392 name: C:\Program Files\Lavasoft\Ad-Aware\Ad-Aware.exe owner: nousote domain: PC-de-nousote

    Startup items:
    Name: Windows Defender
    imagepath: %ProgramFiles%\Windows Defender\MSASCui.exe -hide
    Name: RtHDVCpl
    imagepath: RtHDVCpl.exe
    Name: hpsysdrv
    imagepath: c:\hp\support\hpsysdrv.exe
    Name: KBD
    imagepath: C:\HP\KBD\KbdStub.EXE
    Name: OsdMaestro
    imagepath: "C:\Program Files\Hewlett-Packard\On-Screen OSD Indicator\OSD.exe"
    Name: StartCCC
    imagepath: "c:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe"
    Name: HP Health Check Scheduler
    imagepath: [ProgramFilesFolder]Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe
    Name: SunJavaUpdateReg
    imagepath: "C:\Windows\system32\jureg.exe"
    Name: ccApp
    imagepath: "c:\Program Files\Common Files\Symantec Shared\ccApp.exe"
    Name:
    imagepath:
    Name: Adobe Reader Speed Launcher
    imagepath: "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
    Name: avast!
    imagepath: C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
    Name: HP Software Update
    imagepath: C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
    Name: QuickTime Task
    imagepath: "C:\Program Files\QuickTime\QTTask.exe" -atboottime
    Name: Ad-Watch
    imagepath: C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe
    Name: {8C7461EF-2B13-11d2-BE35-3078302C2030}
    imagepath: Component Categories cache daemon
    Name: WebCheck
    imagepath: {E6FB5E20-DE35-11CF-9C87-00AA005127ED}

    Bootexecute items:
    Name:
    imagepath: autocheck autochk *

    Running services:
    Name: AeLookupSvc
    displayname: Expérience d
    0
  7. lolliz
     
    scan active scan

    Niveau de risque faible (5) Cookie/Xiti Cookie de surveillance Latent(e) Masquer +Infos
    1. C:\Users\nousote\AppData\Roaming\Microsoft\Wi...ows\Cookies\Low\nousote@xiti[1].txt

    Cookie/Smartad... Cookie de surveillance Latent(e) Masquer +Infos
    1. C:\Users\nousote\AppData\Roaming\Microsoft\Wi...es\Low\nousote@smartadserver[2].txt

    Cookie/Weboram... Cookie de surveillance Latent(e) Masquer +Infos
    1. C:\Users\nousote\AppData\Roaming\Microsoft\Wi...Cookies\Low\nousote@weborama[1].txt

    Cookie/Adverti... Cookie de surveillance Latent(e) Masquer +Infos
    1. C:\Users\nousote\AppData\Roaming\Microsoft\Wi...kies\Low\nousote@advertising[2].txt

    Cookie/Bluestr... Cookie de surveillance Latent(e) Masquer +Infos
    1. C:\Users\nousote\AppData\Roaming\Microsoft\Wi...okies\Low\nousote@bluestreak[2].txt
    0
  8. lolliz
     
    Bon a squared me demandait une mise à jour, mais comme tous ces types de logiciels, mon pc ne veut pas, il bloque l'accès internet pour la mise a jour apparemenr... oO
    Pourtant je suis bien connectée je ne sais pas comment faire. Pour ca qu'avast non plus ne l'était pas...

    Bref, je suis caféinée, vitaminée et bourrée, toutes les analyses sont finies...
    J'attend mon verdict doc !
    Merci d'avance

    Version - a-squared Free 4.0
    Dernière mise à jour : N/A

    Paramètres des balayages :

    Éléments : Mémoire, Traces, Cookies, C:\, D:\
    Balaye dans les archives : Marche
    Analyse heuristique : Arrêt
    Balaye dans les ADS : Marche

    Début du balayage : 19/04/2009 16:09:14

    Analysé

    Fichiers : 337061
    Traces : 491947
    Cookies : 2
    Processus : 64

    Objets trouvés

    Fichiers : 0
    Traces : 0
    Cookies : 0
    Processus : 0
    Clés de Registre : 0

    Fin du balayage : 19/04/2009 17:32:11
    Temps du balayage : 1:22:57
    0
  9. lolliz
     
    désolée,je suis peut être impatiente mais je n'ai plus de réponses...
    0
  10. servabat Messages postés 2073 Statut Membre 269
     
    attend , sa prend du temp a lire tout ca
    0
  11. servabat Messages postés 2073 Statut Membre 269
     
    je ne vois pas grand chose °-°!
    creer un disque de boot
    le live cd
    ou
    Ubcd 3.22 for windows
    il propose tout les deux de faire des analyze anti virus avast et autre
    quand tu aura booté dessur , tu verra , c'est facille , essaye
    0
  12. servabat Messages postés 2073 Statut Membre 269
     
    harg , tu a une toolbar !!!!!!!!!!!!!!!!!!!!!!!
    mais desinsttalle la !
    0
  13. lolliz
     
    bon j'ai desinstaller une toolbar AOL, je ne sais pas d'ou elle vient d'ailleurs...
    Bref, donc maintenant je dois faire un boot c'est ça ? Pas trop compliqué ?
    0
    1. servabat Messages postés 2073 Statut Membre 269
       
      crée un cd de boot.
      0