[Log HijackThis]

Résolu
bliss.my.kiss Messages postés 4 Date d'inscription   Statut Membre -  
green day Messages postés 26374 Date d'inscription   Statut Modérateur, Contributeur sécurité Dernière intervention   -
Bonsoir

Merci d'analyser mon log, je connais des ralentissements que je n'avais pas auparavant.
Si quelqu'un pouvait me dire ce qui ne va pas.

Logfile of HijackThis v1.99.1
Scan saved at 20:27:56, on 21/04/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\System32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\System32\svchost.exe
c:\WINDOWS\System32\wltrysvc.exe
c:\WINDOWS\System32\bcmwltry.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Launch Manager\Wbutton.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
C:\Program Files\Launch Manager\PowerKey.exe
C:\Program Files\Launch Manager\OSD.exe
C:\Program Files\Launch Manager\HotkeyApp.exe
C:\Program Files\Launch Manager\LaunchAp.exe
C:\Program Files\Launch Manager\CtrlVol.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\WINDOWS\AGRSMMSG.exe
C:\PROGRA~1\Sony\SONICS~1\SsAAD.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\VIA Technologies, Inc\VIA Audio Driver Setup Program\AudioDeck\AudioDeck.exe
C:\Program Files\Red Chair Software\Notmad Explorer\notmgr.exe
C:\Program Files\Fichiers communs\Sony Shared\AVLib\SSScsiSV.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Documents and Settings\Thomas\Mes documents\Prog install\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = https://www.acer.com/worldwide/selection.html
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O2 - BHO: IEHlprObj Class - {F62A47A7-4CA3-9D00-95A3-6724d43a9E8C} - LineAudio.dll (file missing)
O4 - HKLM\..\Run: [Wbutton] "C:\Program Files\Launch Manager\Wbutton.exe"
O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
O4 - HKLM\..\Run: [PowerKey] "C:\Program Files\Launch Manager\PowerKey.exe"
O4 - HKLM\..\Run: [LMgrOSD] C:\Program Files\Launch Manager\OSD.exe
O4 - HKLM\..\Run: [LManager] C:\Program Files\Launch Manager\HotkeyApp.exe
O4 - HKLM\..\Run: [LaunchApp] LaunApp
O4 - HKLM\..\Run: [LaunchAp] C:\Program Files\Launch Manager\LaunchAp.exe
O4 - HKLM\..\Run: [CtrlVol] C:\Program Files\Launch Manager\CtrlVol.exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [ATIModeChange] Ati2mdxx.exe
O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM\..\Run: [SsAAD.exe] C:\PROGRA~1\Sony\SONICS~1\SsAAD.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - Startup: Notmad Manager.lnk = C:\Program Files\Red Chair Software\Notmad Explorer\notmgr.exe
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: AudioDeck.lnk = C:\Program Files\VIA Technologies, Inc\VIA Audio Driver Setup Program\AudioDeck\AudioDeck.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra button: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Program Files\PartyGaming\PartyPoker\RunApp.exe
O9 - Extra 'Tools' menuitem: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Program Files\PartyGaming\PartyPoker\RunApp.exe
O9 - Extra button: Absolute Poker - {EFFF8D47-D060-4108-B761-E8EC86622E56} - C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Absolute Poker\Absolute Poker.lnk
O9 - Extra 'Tools' menuitem: Absolute Poker - {EFFF8D47-D060-4108-B761-E8EC86622E56} - C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Absolute Poker\Absolute Poker.lnk
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/wuweb_sit...
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_sit...
O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} (HardwareDetection Control) - http://drivers1.free.fr/hardwaredetection.cab
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMessengerSetupDownloader.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{ACDBB1A3-BAAC-47A4-8D77-50DE5ADE8BF5}: NameServer = 192.168.1.1
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\System32\Ati2evxx.exe
O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: MSCSPTISRV - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\MSCSPTISRV.exe
O23 - Service: PACSPTISVR - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\PACSPTISVR.exe
O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\SPTISRV.exe
O23 - Service: SonicStage SCSI Service (SSScsiSV) - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\SSScsiSV.exe
O23 - Service: WLTRYSVC - Unknown owner - c:\WINDOWS\System32\wltrysvc.exe

7 réponses

  1. green day Messages postés 26374 Date d'inscription   Statut Modérateur, Contributeur sécurité Dernière intervention   2 166
     
    Salut

    rajoute ces rapports stp :

    1/ Télécharger et scanner son PC avec Ewido Security Suite :

    https://www.01net.com/telecharger/

    Copier/coller le rapport entier sur le forum.

    Regarder la démo d'utilisation :
    http://perso.wanadoo.fr/entraide-hijackthis/Ewido/
    (Merci à mOe pour cette réalisation)

    2/ Scanner son PC avec cet antivirus en ligne (sous Internet Explorer) :
    https://www.bitdefender.com/toolbox/
    Cliquer sur "I Agree" et scanner tout le PC.
    Penser à accepter l'ActiveX bloqué par la barre anti-popup du SP2 (elle clignotera en haut).
    Copier/coller le rapport entier sur le forum.

    ++
    0
  2. bliss.my.kiss Messages postés 4 Date d'inscription   Statut Membre
     
    Merci Green day : voilà pour la suite

    Ewido : j'ai trouvé pas mal de mouchards et 3 autres choses pe plus problematiques dans la base de registre. Et des Ip dans le rapport de connection en 'Listening', et là a part le second ordi de mon reseau.(Established ca c'est Ok) Ca pose surement probleme.

    Bitdefender : je n'ai rien trouvé de suspect sur le scan. Je ne donne pas le rapport, sauf si tu en as besoin. (Je l'ai sauvé en format txt au lieu du Html)

    Voilà les rapports :

    ---------------------------------------------------------
    ewido anti-malware - Rapport de scan
    ---------------------------------------------------------

    + Créé le: 01:31:05, 22/04/2006
    + Somme de contrôle: AEBD4677

    + Résultats du scan:

    HKLM\SOFTWARE\Classes\CLSID\{F62A47A7-4CA3-9D00-95A3-6724d43a9E8C} -> Adware.Generic : Nettoyer et sauvegarder
    HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F62A47A7-4CA3-9D00-95A3-6724d43a9E8C} -> Adware.Generic : Nettoyer et sauvegarder
    HKU\S-1-5-21-2438863677-1745837727-190980850-1005\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F62A47A7-4CA3-9D00-95A3-6724D43A9E8C} -> Adware.Generic : Nettoyer et sauvegarder
    C:\Documents and Settings\Thomas\Local Settings\Temp\Cookies\thomas@atdmt[2].txt -> TrackingCookie.Atdmt : Nettoyer et sauvegarder
    C:\Documents and Settings\Thomas\Local Settings\Temp\Cookies\thomas@www.smartadserver[1].txt -> TrackingCookie.Smartadserver : Nettoyer et sauvegarder
    C:\Documents and Settings\Thomas\Local Settings\Temp\Cookies\thomas@doubleclick[1].txt -> TrackingCookie.Doubleclick : Nettoyer et sauvegarder
    C:\Documents and Settings\Thomas\Local Settings\Temp\Cookies\thomas@as1.falkag[1].txt -> TrackingCookie.Falkag : Nettoyer et sauvegarder
    C:\Documents and Settings\Thomas\Local Settings\Temp\Cookies\thomas@fl01.ct2.comclick[2].txt -> TrackingCookie.Comclick : Nettoyer et sauvegarder
    C:\Documents and Settings\Thomas\Local Settings\Temp\Cookies\thomas@tradedoubler[1].txt -> TrackingCookie.Tradedoubler : Nettoyer et sauvegarder
    C:\Documents and Settings\Thomas\Local Settings\Temp\Cookies\thomas@bluestreak[2].txt -> TrackingCookie.Bluestreak : Nettoyer et sauvegarder
    C:\Documents and Settings\Thomas\Local Settings\Temp\Cookies\thomas@2o7[1].txt -> TrackingCookie.2o7 : Nettoyer et sauvegarder
    C:\Documents and Settings\Thomas\Cookies\thomas@estat[1].txt -> TrackingCookie.Estat : Nettoyer et sauvegarder
    C:\Documents and Settings\Thomas\Cookies\thomas@msnportal.112.2o7[1].txt -> TrackingCookie.2o7 : Nettoyer et sauvegarder
    C:\Documents and Settings\Thomas\Cookies\thomas@adtech[2].txt -> TrackingCookie.Adtech : Nettoyer et sauvegarder
    C:\Documents and Settings\Thomas\Cookies\thomas@centrport[1].txt -> TrackingCookie.Centrport : Nettoyer et sauvegarder
    C:\Documents and Settings\Thomas\Cookies\thomas@serving-sys[1].txt -> TrackingCookie.Serving-sys : Nettoyer et sauvegarder
    C:\Documents and Settings\Thomas\Cookies\thomas@stat.onestat[1].txt -> TrackingCookie.Onestat : Nettoyer et sauvegarder
    C:\Documents and Settings\Thomas\Cookies\thomas@casalemedia[2].txt -> TrackingCookie.Casalemedia : Nettoyer et sauvegarder
    C:\Documents and Settings\Thomas\Cookies\thomas@starware[2].txt -> TrackingCookie.Starware : Nettoyer et sauvegarder
    C:\Documents and Settings\Thomas\Cookies\thomas@as1.falkag[1].txt -> TrackingCookie.Falkag : Nettoyer et sauvegarder
    C:\Documents and Settings\Thomas\Cookies\thomas@z1.adserver[1].txt -> TrackingCookie.Adserver : Nettoyer et sauvegarder
    C:\Documents and Settings\Thomas\Cookies\thomas@bs.serving-sys[1].txt -> TrackingCookie.Serving-sys : Nettoyer et sauvegarder
    C:\Documents and Settings\Thomas\Cookies\thomas@tribalfusion[1].txt -> TrackingCookie.Tribalfusion : Nettoyer et sauvegarder
    C:\Documents and Settings\Thomas\Cookies\thomas@trafic[1].txt -> TrackingCookie.Trafic : Nettoyer et sauvegarder
    C:\Documents and Settings\Thomas\Cookies\thomas@fl01.ct2.comclick[2].txt -> TrackingCookie.Comclick : Nettoyer et sauvegarder
    C:\Documents and Settings\Thomas\Cookies\thomas@casinotropez[1].txt -> TrackingCookie.Casinotropez : Nettoyer et sauvegarder
    C:\Documents and Settings\Thomas\Cookies\thomas@ad.yieldmanager[1].txt -> TrackingCookie.Yieldmanager : Nettoyer et sauvegarder
    C:\Documents and Settings\Thomas\Cookies\thomas@statcounter[1].txt -> TrackingCookie.Statcounter : Nettoyer et sauvegarder
    C:\Documents and Settings\Thomas\Cookies\thomas@2o7[2].txt -> TrackingCookie.2o7 : Nettoyer et sauvegarder
    C:\Documents and Settings\Thomas\Cookies\thomas@247realmedia[1].txt -> TrackingCookie.247realmedia : Nettoyer et sauvegarder
    C:\Documents and Settings\Thomas\Cookies\thomas@aolfr.122.2o7[1].txt -> TrackingCookie.2o7 : Nettoyer et sauvegarder
    C:\Documents and Settings\Thomas\Cookies\thomas@tradedoubler[2].txt -> TrackingCookie.Tradedoubler : Nettoyer et sauvegarder
    C:\Documents and Settings\Thomas\Cookies\thomas@perf.overture[1].txt -> TrackingCookie.Overture : Nettoyer et sauvegarder
    C:\Documents and Settings\Thomas\Cookies\thomas@partygaming.122.2o7[1].txt -> TrackingCookie.2o7 : Nettoyer et sauvegarder
    C:\Documents and Settings\Thomas\Cookies\thomas@www.smartadserver[1].txt -> TrackingCookie.Smartadserver : Nettoyer et sauvegarder
    C:\Documents and Settings\Thomas\Cookies\thomas@wreport.weborama[2].txt -> TrackingCookie.Weborama : Nettoyer et sauvegarder
    C:\Documents and Settings\Thomas\Cookies\thomas@weborama[2].txt -> TrackingCookie.Weborama : Nettoyer et sauvegarder
    C:\Documents and Settings\Thomas\Cookies\thomas@ads.pointroll[2].txt -> TrackingCookie.Pointroll : Nettoyer et sauvegarder
    C:\Documents and Settings\Thomas\Cookies\thomas@weborama[1].txt -> TrackingCookie.Weborama : Nettoyer et sauvegarder
    C:\Documents and Settings\Thomas\Cookies\thomas@as1.falkag[3].txt -> TrackingCookie.Falkag : Nettoyer et sauvegarder
    C:\Documents and Settings\Thomas\Cookies\thomas@wreport.weborama[1].txt -> TrackingCookie.Weborama : Nettoyer et sauvegarder
    C:\Documents and Settings\Thomas\Cookies\thomas@burstnet[2].txt -> TrackingCookie.Burstnet : Nettoyer et sauvegarder
    C:\Documents and Settings\Thomas\Cookies\thomas@2o7[1].txt -> TrackingCookie.2o7 : Nettoyer et sauvegarder
    C:\Documents and Settings\Thomas\Cookies\thomas@tacoda[2].txt -> TrackingCookie.Tacoda : Nettoyer et sauvegarder
    C:\Documents and Settings\Thomas\Cookies\thomas@yadro[2].txt -> TrackingCookie.Yadro : Nettoyer et sauvegarder
    C:\Documents and Settings\Thomas\Cookies\thomas@spylog[2].txt -> TrackingCookie.Spylog : Nettoyer et sauvegarder
    C:\Documents and Settings\Thomas\Cookies\thomas@hotlog[1].txt -> TrackingCookie.Hotlog : Nettoyer et sauvegarder
    C:\Documents and Settings\Thomas\Cookies\thomas@tradedoubler[1].txt -> TrackingCookie.Tradedoubler : Nettoyer et sauvegarder
    C:\Documents and Settings\Thomas\Cookies\thomas@247realmedia[3].txt -> TrackingCookie.247realmedia : Nettoyer et sauvegarder
    C:\Documents and Settings\Thomas\Cookies\thomas@www.smartadserver[2].txt -> TrackingCookie.Smartadserver : Nettoyer et sauvegarder
    C:\Documents and Settings\Thomas\Cookies\thomas@bluestreak[3].txt -> TrackingCookie.Bluestreak : Nettoyer et sauvegarder
    C:\Documents and Settings\Thomas\Cookies\thomas@as-us.falkag[1].txt -> TrackingCookie.Falkag : Nettoyer et sauvegarder
    C:\Documents and Settings\Thomas\Cookies\thomas@com[1].txt -> TrackingCookie.Com : Nettoyer et sauvegarder
    C:\Documents and Settings\Thomas\Cookies\thomas@bluestreak[1].txt -> TrackingCookie.Bluestreak : Nettoyer et sauvegarder
    C:\Documents and Settings\Pam\Cookies\pam@doubleclick[1].txt -> TrackingCookie.Doubleclick : Nettoyer et sauvegarder
    C:\Documents and Settings\Pam\Cookies\pam@estat[1].txt -> TrackingCookie.Estat : Nettoyer et sauvegarder
    C:\Documents and Settings\Pam\Cookies\pam@iv2.bluestreak[1].txt -> TrackingCookie.Bluestreak : Nettoyer et sauvegarder
    C:\Documents and Settings\Pam\Cookies\pam@as1.falkag[2].txt -> TrackingCookie.Falkag : Nettoyer et sauvegarder
    C:\Documents and Settings\Pam\Cookies\pam@ad.yieldmanager[1].txt -> TrackingCookie.Yieldmanager : Nettoyer et sauvegarder
    C:\Documents and Settings\Pam\Cookies\pam@lastminute.112.2o7[2].txt -> TrackingCookie.2o7 : Nettoyer et sauvegarder
    C:\Documents and Settings\Pam\Cookies\pam@mediaplex[1].txt -> TrackingCookie.Mediaplex : Nettoyer et sauvegarder
    C:\Documents and Settings\Pam\Cookies\pam@2o7[2].txt -> TrackingCookie.2o7 : Nettoyer et sauvegarder
    C:\Documents and Settings\Pam\Cookies\pam@statse.webtrendslive[1].txt -> TrackingCookie.Webtrendslive : Nettoyer et sauvegarder
    C:\Documents and Settings\Pam\Cookies\pam@hitbox[1].txt -> TrackingCookie.Hitbox : Nettoyer et sauvegarder
    C:\Documents and Settings\Pam\Cookies\pam@ehg-vivacances.hitbox[2].txt -> TrackingCookie.Hitbox : Nettoyer et sauvegarder
    C:\Documents and Settings\Pam\Cookies\pam@112.2o7[1].txt -> TrackingCookie.2o7 : Nettoyer et sauvegarder
    C:\Documents and Settings\Pam\Cookies\pam@serving-sys[2].txt -> TrackingCookie.Serving-sys : Nettoyer et sauvegarder
    C:\Documents and Settings\Pam\Cookies\pam@cs.sexcounter[2].txt -> TrackingCookie.Sexcounter : Nettoyer et sauvegarder
    C:\Documents and Settings\Pam\Cookies\pam@adtech[2].txt -> TrackingCookie.Adtech : Nettoyer et sauvegarder
    C:\Documents and Settings\Pam\Cookies\pam@247realmedia[1].txt -> TrackingCookie.247realmedia : Nettoyer et sauvegarder
    C:\Documents and Settings\Pam\Cookies\pam@overture[1].txt -> TrackingCookie.Overture : Nettoyer et sauvegarder
    C:\Documents and Settings\Pam\Cookies\pam@weborama[2].txt -> TrackingCookie.Weborama : Nettoyer et sauvegarder
    C:\Documents and Settings\Pam\Cookies\pam@fl01.ct2.comclick[2].txt -> TrackingCookie.Comclick : Nettoyer et sauvegarder
    C:\Documents and Settings\Pam\Cookies\pam@valueclick[1].txt -> TrackingCookie.Valueclick : Nettoyer et sauvegarder
    C:\Documents and Settings\Pam\Cookies\pam@tradedoubler[2].txt -> TrackingCookie.Tradedoubler : Nettoyer et sauvegarder
    C:\Documents and Settings\Pam\Cookies\pam@advertising[1].txt -> TrackingCookie.Advertising : Nettoyer et sauvegarder
    C:\Documents and Settings\Pam\Cookies\pam@bluestreak[2].txt -> TrackingCookie.Bluestreak : Nettoyer et sauvegarder
    C:\Documents and Settings\Pam\Cookies\pam@www.smartadserver[2].txt -> TrackingCookie.Smartadserver : Nettoyer et sauvegarder
    C:\Documents and Settings\Pam\Cookies\pam@as-eu.falkag[1].txt -> TrackingCookie.Falkag : Nettoyer et sauvegarder
    C:\Documents and Settings\Pam\Cookies\pam@atdmt[2].txt -> TrackingCookie.Atdmt : Nettoyer et sauvegarder
    C:\Documents and Settings\Pam\Cookies\pam@server.iad.liveperson[2].txt -> TrackingCookie.Liveperson : Nettoyer et sauvegarder
    C:\Documents and Settings\Pam\Cookies\pam@sel.as-eu.falkag[2].txt -> TrackingCookie.Falkag : Nettoyer et sauvegarder
    C:\Documents and Settings\Pam\Cookies\pam@bluestreak[1].txt -> TrackingCookie.Bluestreak : Nettoyer et sauvegarder

    ::Fin du rapport

    rapport de connection :

    ---------------------------------------------------------
    ewido anti-malware - Rapport de connexion
    ---------------------------------------------------------

    + Créé le: 10:57:19, 22/04/2006
    + Somme de contrôle: 6CA5CE81

    TCP 0.0.0.0:135 0.0.0.0:0 LISTENING
    TCP 0.0.0.0:445 0.0.0.0:0 LISTENING
    TCP 0.0.0.0:2869 0.0.0.0:0 LISTENING
    TCP 127.0.0.1:1029 0.0.0.0:0 LISTENING
    TCP 192.168.0.3:139 0.0.0.0:0 LISTENING
    TCP 192.168.0.3:139 192.168.0.2:3372 ESTABLISHED
    UDP 0.0.0.0:445
    UDP 0.0.0.0:500
    UDP 0.0.0.0:1037
    UDP 0.0.0.0:1312
    UDP 0.0.0.0:1313
    UDP 0.0.0.0:4500
    UDP 127.0.0.1:123
    UDP 127.0.0.1:1332
    UDP 127.0.0.1:1513
    UDP 127.0.0.1:1900
    UDP 192.168.0.3:123
    UDP 192.168.0.3:137
    UDP 192.168.0.3:138
    UDP 192.168.0.3:1900

    Rapport de process :

    ---------------------------------------------------------
    ewido anti-malware - Rapport des processus
    ---------------------------------------------------------

    + Créé le: 01:35:51, 22/04/2006
    + Somme de contrôle: 8488AF6C

    0: System Process
    4: System Process
    164: C:\Program Files\Launch Manager\PowerKey.exe
    204: C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
    452: C:\WINDOWS\System32\svchost.exe
    464: C:\Program Files\Launch Manager\CtrlVol.exe
    536: C:\WINDOWS\Explorer.EXE
    592: \SystemRoot\System32\smss.exe
    644: C:\Program Files\Launch Manager\HotkeyApp.exe
    668: C:\WINDOWS\Explorer.EXE
    700: C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
    704: C:\Program Files\Launch Manager\Wbutton.exe
    724: C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
    740: C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
    756: \??\C:\WINDOWS\system32\csrss.exe
    784: \??\C:\WINDOWS\system32\winlogon.exe
    828: C:\WINDOWS\system32\services.exe
    840: C:\WINDOWS\system32\lsass.exe
    940: C:\Program Files\ewido anti-malware\ewidoctrl.exe
    980: C:\WINDOWS\System32\Ati2evxx.exe
    1004: C:\WINDOWS\system32\svchost.exe
    1068: C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
    1120: C:\WINDOWS\System32\alg.exe
    1124: C:\WINDOWS\system32\svchost.exe
    1160: C:\WINDOWS\System32\svchost.exe
    1252: C:\WINDOWS\System32\svchost.exe
    1332: C:\WINDOWS\System32\svchost.exe
    1452: C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
    1568: C:\WINDOWS\system32\spoolsv.exe
    1688: C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
    1704: C:\Program Files\Alwil Software\Avast4\ashServ.exe
    1764: C:\Program Files\Launch Manager\LaunchAp.exe
    1768: C:\WINDOWS\System32\svchost.exe
    1788: C:\WINDOWS\system32\wdfmgr.exe
    1812: C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
    1828: c:\WINDOWS\System32\wltrysvc.exe
    1844: c:\WINDOWS\System32\bcmwltry.exe
    2028: C:\Program Files\Launch Manager\OSD.exe
    2056: C:\WINDOWS\AGRSMMSG.exe
    2204: C:\PROGRA~1\Sony\SONICS~1\SsAAD.exe
    2324: C:\Program Files\Internet Explorer\iexplore.exe
    2356: C:\WINDOWS\system32\ctfmon.exe
    2436: C:\Program Files\VIA Technologies, Inc\VIA Audio Driver Setup Program\AudioDeck\AudioDeck.exe
    2496: C:\Program Files\Red Chair Software\Notmad Explorer\notmgr.exe
    2504: C:\Program Files\Fichiers communs\Sony Shared\AVLib\SSScsiSV.exe
    2536: C:\Program Files\Internet Explorer\iexplore.exe
    2892: C:\Program Files\ewido anti-malware\SecuritySuite.exe
    3528: C:\Program Files\Teamspeak2_RC2\TeamSpeak.exe

    rapport de demarrage :

    ---------------------------------------------------------
    ewido anti-malware - Rapport de démarrage
    ---------------------------------------------------------

    + Créé le: 01:36:33, 22/04/2006
    + Somme de contrôle: B5A907F1

    Reg\HKLM\Run Wbutton "C:\Program Files\Launch Manager\Wbutton.exe"
    Reg\HKLM\Run SynTPLpr C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
    Reg\HKLM\Run SynTPEnh C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
    Reg\HKLM\Run SunJavaUpdateSched C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
    Reg\HKLM\Run PowerKey "C:\Program Files\Launch Manager\PowerKey.exe"
    Reg\HKLM\Run LMgrOSD C:\Program Files\Launch Manager\OSD.exe
    Reg\HKLM\Run LManager C:\Program Files\Launch Manager\HotkeyApp.exe
    Reg\HKLM\Run LaunchApp LaunApp
    Reg\HKLM\Run LaunchAp C:\Program Files\Launch Manager\LaunchAp.exe
    Reg\HKLM\Run CtrlVol C:\Program Files\Launch Manager\CtrlVol.exe
    Reg\HKLM\Run avast! C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
    Reg\HKLM\Run ATIPTA C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
    Reg\HKLM\Run ATIModeChange Ati2mdxx.exe
    Reg\HKLM\Run AGRSMMSG AGRSMMSG.exe
    Reg\HKLM\Run SsAAD.exe C:\PROGRA~1\Sony\SONICS~1\SsAAD.exe
    Reg\HKCU\Run CTFMON.EXE C:\WINDOWS\system32\ctfmon.exe
    Shell\CommonStartup Lancement rapide d'Adobe Reader.lnk C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\Lancement rapide d'Adobe Reader.lnk
    Shell\CommonStartup AudioDeck.lnk C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\AudioDeck.lnk
    Shell\UserStartup Notmad Manager.lnk C:\Documents and Settings\Thomas\Menu Démarrer\Programmes\Démarrage\Notmad Manager.lnk
    0
  3. green day Messages postés 26374 Date d'inscription   Statut Modérateur, Contributeur sécurité Dernière intervention   2 166
     
    Salut

    oui stp mets aussi celui du scan en ligne

    ++
    0
  4. bliss.my.kiss Messages postés 4 Date d'inscription   Statut Membre
     
    Ok, voilà :

    BitDefender Online Scanner - Real Time Virus Report

    Generated at: Sat, Apr 22, 2006 - 16:12:42

    --------------------------------------------------------------------------------

    Scan Info

    Scanned Files
    132453

    Infected Files
    0

    Virus Detected

    No virus found.

    --------------------------------------------------------------------------------

    This summary of the scan process will be used by the BitDefender Antivirus Lab to create agregate statistics about virus activity around the world.

    Merci
    0
  5. Vous n’avez pas trouvé la réponse que vous recherchez ?

    Posez votre question
  6. green day Messages postés 26374 Date d'inscription   Statut Modérateur, Contributeur sécurité Dernière intervention   2 166
     
    re

    ok, ça marche, tu peux remettre un nouveau hijackthis stp et precise tes soucis s'il t'en reste

    ++
    0
  7. bliss.my.kiss Messages postés 4 Date d'inscription   Statut Membre
     
    Merci voilà le dernier log en date.
    Rien de special a signaler donc ?

    Logfile of HijackThis v1.99.1
    Scan saved at 00:05:12, on 24/04/2006
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\System32\Ati2evxx.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
    C:\Program Files\Alwil Software\Avast4\ashServ.exe
    C:\Program Files\ewido anti-malware\ewidoctrl.exe
    C:\WINDOWS\System32\svchost.exe
    c:\WINDOWS\System32\wltrysvc.exe
    c:\WINDOWS\System32\bcmwltry.exe
    C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
    C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
    C:\WINDOWS\Explorer.EXE
    C:\Program Files\Launch Manager\Wbutton.exe
    C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
    C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
    C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
    C:\Program Files\Launch Manager\PowerKey.exe
    C:\Program Files\Launch Manager\OSD.exe
    C:\Program Files\Launch Manager\HotkeyApp.exe
    C:\Program Files\Launch Manager\LaunchAp.exe
    C:\Program Files\Launch Manager\CtrlVol.exe
    C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
    C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
    C:\WINDOWS\AGRSMMSG.exe
    C:\PROGRA~1\Sony\SONICS~1\SsAAD.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\Fichiers communs\Sony Shared\AVLib\SSScsiSV.exe
    C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
    C:\Program Files\VIA Technologies, Inc\VIA Audio Driver Setup Program\AudioDeck\AudioDeck.exe
    C:\Program Files\Red Chair Software\Notmad Explorer\notmgr.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\wuauclt.exe
    C:\Documents and Settings\Thomas\Mes documents\Prog install\HijackThis.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
    R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = https://www.acer.com/worldwide/selection.html
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
    O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
    O4 - HKLM\..\Run: [Wbutton] "C:\Program Files\Launch Manager\Wbutton.exe"
    O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
    O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
    O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
    O4 - HKLM\..\Run: [PowerKey] "C:\Program Files\Launch Manager\PowerKey.exe"
    O4 - HKLM\..\Run: [LMgrOSD] C:\Program Files\Launch Manager\OSD.exe
    O4 - HKLM\..\Run: [LManager] C:\Program Files\Launch Manager\HotkeyApp.exe
    O4 - HKLM\..\Run: [LaunchApp] LaunApp
    O4 - HKLM\..\Run: [LaunchAp] C:\Program Files\Launch Manager\LaunchAp.exe
    O4 - HKLM\..\Run: [CtrlVol] C:\Program Files\Launch Manager\CtrlVol.exe
    O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
    O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
    O4 - HKLM\..\Run: [ATIModeChange] Ati2mdxx.exe
    O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
    O4 - HKLM\..\Run: [SsAAD.exe] C:\PROGRA~1\Sony\SONICS~1\SsAAD.exe
    O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
    O4 - Startup: Notmad Manager.lnk = C:\Program Files\Red Chair Software\Notmad Explorer\notmgr.exe
    O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
    O4 - Global Startup: AudioDeck.lnk = C:\Program Files\VIA Technologies, Inc\VIA Audio Driver Setup Program\AudioDeck\AudioDeck.exe
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
    O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
    O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
    O9 - Extra button: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Program Files\PartyGaming\PartyPoker\RunApp.exe
    O9 - Extra 'Tools' menuitem: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Program Files\PartyGaming\PartyPoker\RunApp.exe
    O9 - Extra button: Absolute Poker - {EFFF8D47-D060-4108-B761-E8EC86622E56} - C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Absolute Poker\Absolute Poker.lnk
    O9 - Extra 'Tools' menuitem: Absolute Poker - {EFFF8D47-D060-4108-B761-E8EC86622E56} - C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Absolute Poker\Absolute Poker.lnk
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scan8/oscan8.cab
    O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/wuweb_sit...
    O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_sit...
    O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} (HardwareDetection Control) - http://drivers1.free.fr/hardwaredetection.cab
    O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMessengerSetupDownloader.cab
    O17 - HKLM\System\CCS\Services\Tcpip\..\{ACDBB1A3-BAAC-47A4-8D77-50DE5ADE8BF5}: NameServer = 192.168.1.1
    O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
    O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
    O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\System32\Ati2evxx.exe
    O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashServ.exe
    O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
    O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
    O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido anti-malware\ewidoctrl.exe
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
    O23 - Service: MSCSPTISRV - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\MSCSPTISRV.exe
    O23 - Service: PACSPTISVR - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\PACSPTISVR.exe
    O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\SPTISRV.exe
    O23 - Service: SonicStage SCSI Service (SSScsiSV) - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\SSScsiSV.exe
    O23 - Service: WLTRYSVC - Unknown owner - c:\WINDOWS\System32\wltrysvc.exe
    0
  8. green day Messages postés 26374 Date d'inscription   Statut Modérateur, Contributeur sécurité Dernière intervention   2 166
     
    Salut

    en effet, pour moi c'est ok, cela dit, je te conseil d'installer un parfeu, comme zone alarme par exemple, assez efficace et simple d'utilisation :

    1) Zone alarme (gratuit, téléchargeable ici) :
    https://www.zonealarm.com/

    Tuto:http://forum.telecharger.01net.com/forum/high-tech/PRODUITS/Questions-techniques/zonealarm-tutorial-sujet_169658_1.htm

    et pour complété ta collection :

    https://www.commentcamarche.net/faq/2432-securite-proteger-un-ordinateur-contre-les-malwares

    ++
    0