Sujet Précédent Sujet Suivant

Cheval de Troie : De l'aide !!

Résolu/Fermé
Claire - 29 sept. 2006 à 11:44
 mic - 29 avril 2007 à 16:08
Bonjour,
Pouvez vous m'aider ? Je suis perdue.
Je copie le rapport HijackThis.
Merci beaucoup d'avance.

Logfile of HijackThis v1.99.1
Scan saved at 19:42:48, on 27/09/2006
Platform: Windows 2000 SP4 (WinNT 5.00.2195)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINNT\System32\smss.exe
C:\WINNT\system32\winlogon.exe
C:\WINNT\system32\services.exe
C:\WINNT\system32\lsass.exe
C:\WINNT\system32\Ati2evxx.exe
C:\WINNT\system32\svchost.exe
C:\WINNT\system32\spoolsv.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINNT\system32\svchost.exe
C:\WINNT\system32\regsvc.exe
C:\WINNT\system32\MSTask.exe
C:\WINNT\system32\stisvc.exe
C:\WINNT\System32\WBEM\WinMgmt.exe
C:\Program Files\Fichiers communs\Softwin\BitDefender Communicator\xcommsvr.exe
C:\Program Files\Fichiers communs\Softwin\BitDefender Scan Server\bdss.exe
C:\WINNT\system32\Ati2evxx.exe
C:\WINNT\Explorer.exe
C:\WINNT\system32\msejavaupdt32.exe
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\Program Files\MessengerPlus! 3\MsgPlus.exe
C:\Program Files\Softwin\BitDefender8\vsserv.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\WINNT\system32\wunupdsr.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\Softwin\BitDefender8\bdnagent.exe
C:\WINNT\system32\dev.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\WINNT\system32\internat.exe
C:\Program Files\MSN Messenger\MsnMsgr.Exe
C:\PROGRA~1\INCRED~1\bin\IMApp.exe
C:\Program Files\Incredimail\bin\IncMail.exe
C:\Program Files\Microsoft Office\Office\WINWORD.EXE
C:\WINNT\msagent\AgentSvr.exe
C:\Program Files\Hijackthis\hijackthis_199\HijackThis.exe

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: DeskbarBHO - {A8B28872-3324-4CD2-8AA3-7D555C872D96} - C:\Program Files\Deskbar\deskbar.dll
F2 - REG:system.ini: Shell=Explorer.exe msejavaupdt32.exe
F2 - REG:system.ini: UserInit=C:\WINNT\system32\userinit.exe,msejavaupdt32.exe
O2 - BHO: DeskbarBHO - {A8B28872-3324-4CD2-8AA3-7D555C872D96} - C:\Program Files\Deskbar\deskbar.dll
O3 - Toolbar: @msdxmLC.dll,-1@1033,&Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINNT\system32\msdxm.ocx
O4 - HKLM\..\Run: [Synchronization Manager] mobsync.exe /logon
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [MessengerPlus3] "C:\Program Files\MessengerPlus! 3\MsgPlus.exe"
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [Connection Managers] wunupdsr.exe
O4 - HKLM\..\Run: [Ms Update WinServices NT/XP] winservnt32.exe
O4 - HKLM\..\Run: [Ms Java Update For Windows NT/XP] msejavaupdt32.exe
O4 - HKLM\..\Run: [BDMCon] C:\Program Files\Softwin\BitDefender8\\bdmcon.exe
O4 - HKLM\..\Run: [BDSwitchAgent] C:\Program Files\Softwin\BitDefender8\\bdswitch.exe
O4 - HKLM\..\Run: [BDNewsAgent] C:\Program Files\Softwin\BitDefender8\\bdnagent.exe
O4 - HKLM\..\Run: [Windows APCI Verifier] dev.exe
O4 - HKLM\..\Run: [Windows Explorer] C:\WINNT\system32\explorer.exe
O4 - HKLM\..\RunServices: [Connection Managers] wunupdsr.exe
O4 - HKLM\..\RunServices: [Windows APCI Verifier] dev.exe
O4 - HKCU\..\Run: [internat.exe] internat.exe
O4 - HKCU\..\Run: [IncrediMail] C:\Program Files\IncrediMail\bin\IncMail.exe /c
O4 - HKCU\..\Run: [MessengerPlus3] "C:\Program Files\MessengerPlus! 3\MsgPlus.exe" /WinStart
O4 - HKCU\..\Run: [Ms Update WinServices NT/XP] winservnt32.exe
O4 - HKCU\..\Run: [Ms Java Update For Windows NT/XP] msejavaupdt32.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINNT\web\related.htm
O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINNT\web\related.htm
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - update.microsoft.com
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - update.microsoft.com
O18 - Protocol: bw+0 - {36A4CCE1-1C42-4153-A4B5-6FEA9FB00351} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {36A4CCE1-1C42-4153-A4B5-6FEA9FB00351} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {36A4CCE1-1C42-4153-A4B5-6FEA9FB00351} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {36A4CCE1-1C42-4153-A4B5-6FEA9FB00351} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {36A4CCE1-1C42-4153-A4B5-6FEA9FB00351} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {36A4CCE1-1C42-4153-A4B5-6FEA9FB00351} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {36A4CCE1-1C42-4153-A4B5-6FEA9FB00351} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {36A4CCE1-1C42-4153-A4B5-6FEA9FB00351} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {36A4CCE1-1C42-4153-A4B5-6FEA9FB00351} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {36A4CCE1-1C42-4153-A4B5-6FEA9FB00351} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {36A4CCE1-1C42-4153-A4B5-6FEA9FB00351} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {36A4CCE1-1C42-4153-A4B5-6FEA9FB00351} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {36A4CCE1-1C42-4153-A4B5-6FEA9FB00351} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {36A4CCE1-1C42-4153-A4B5-6FEA9FB00351} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {36A4CCE1-1C42-4153-A4B5-6FEA9FB00351} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {36A4CCE1-1C42-4153-A4B5-6FEA9FB00351} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {36A4CCE1-1C42-4153-A4B5-6FEA9FB00351} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {36A4CCE1-1C42-4153-A4B5-6FEA9FB00351} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {36A4CCE1-1C42-4153-A4B5-6FEA9FB00351} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {36A4CCE1-1C42-4153-A4B5-6FEA9FB00351} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {36A4CCE1-1C42-4153-A4B5-6FEA9FB00351} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {36A4CCE1-1C42-4153-A4B5-6FEA9FB00351} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {36A4CCE1-1C42-4153-A4B5-6FEA9FB00351} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {36A4CCE1-1C42-4153-A4B5-6FEA9FB00351} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {36A4CCE1-1C42-4153-A4B5-6FEA9FB00351} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {36A4CCE1-1C42-4153-A4B5-6FEA9FB00351} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {36A4CCE1-1C42-4153-A4B5-6FEA9FB00351} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {36A4CCE1-1C42-4153-A4B5-6FEA9FB00351} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {36A4CCE1-1C42-4153-A4B5-6FEA9FB00351} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {36A4CCE1-1C42-4153-A4B5-6FEA9FB00351} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {36A4CCE1-1C42-4153-A4B5-6FEA9FB00351} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {36A4CCE1-1C42-4153-A4B5-6FEA9FB00351} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {36A4CCE1-1C42-4153-A4B5-6FEA9FB00351} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {36A4CCE1-1C42-4153-A4B5-6FEA9FB00351} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {36A4CCE1-1C42-4153-A4B5-6FEA9FB00351} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {36A4CCE1-1C42-4153-A4B5-6FEA9FB00351} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {36A4CCE1-1C42-4153-A4B5-6FEA9FB00351} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {36A4CCE1-1C42-4153-A4B5-6FEA9FB00351} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {36A4CCE1-1C42-4153-A4B5-6FEA9FB00351} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {36A4CCE1-1C42-4153-A4B5-6FEA9FB00351} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {36A4CCE1-1C42-4153-A4B5-6FEA9FB00351} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {36A4CCE1-1C42-4153-A4B5-6FEA9FB00351} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {36A4CCE1-1C42-4153-A4B5-6FEA9FB00351} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {36A4CCE1-1C42-4153-A4B5-6FEA9FB00351} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {36A4CCE1-1C42-4153-A4B5-6FEA9FB00351} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {36A4CCE1-1C42-4153-A4B5-6FEA9FB00351} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {36A4CCE1-1C42-4153-A4B5-6FEA9FB00351} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {36A4CCE1-1C42-4153-A4B5-6FEA9FB00351} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {36A4CCE1-1C42-4153-A4B5-6FEA9FB00351} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {36A4CCE1-1C42-4153-A4B5-6FEA9FB00351} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {36A4CCE1-1C42-4153-A4B5-6FEA9FB00351} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {36A4CCE1-1C42-4153-A4B5-6FEA9FB00351} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {36A4CCE1-1C42-4153-A4B5-6FEA9FB00351} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {36A4CCE1-1C42-4153-A4B5-6FEA9FB00351} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {36A4CCE1-1C42-4153-A4B5-6FEA9FB00351} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {36A4CCE1-1C42-4153-A4B5-6FEA9FB00351} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {36A4CCE1-1C42-4153-A4B5-6FEA9FB00351} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {36A4CCE1-1C42-4153-A4B5-6FEA9FB00351} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {36A4CCE1-1C42-4153-A4B5-6FEA9FB00351} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {36A4CCE1-1C42-4153-A4B5-6FEA9FB00351} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {36A4CCE1-1C42-4153-A4B5-6FEA9FB00351} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {36A4CCE1-1C42-4153-A4B5-6FEA9FB00351} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {36A4CCE1-1C42-4153-A4B5-6FEA9FB00351} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {36A4CCE1-1C42-4153-A4B5-6FEA9FB00351} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {36A4CCE1-1C42-4153-A4B5-6FEA9FB00351} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {36A4CCE1-1C42-4153-A4B5-6FEA9FB00351} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {36A4CCE1-1C42-4153-A4B5-6FEA9FB00351} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {36A4CCE1-1C42-4153-A4B5-6FEA9FB00351} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {36A4CCE1-1C42-4153-A4B5-6FEA9FB00351} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {36A4CCE1-1C42-4153-A4B5-6FEA9FB00351} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {36A4CCE1-1C42-4153-A4B5-6FEA9FB00351} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {36A4CCE1-1C42-4153-A4B5-6FEA9FB00351} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {36A4CCE1-1C42-4153-A4B5-6FEA9FB00351} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {36A4CCE1-1C42-4153-A4B5-6FEA9FB00351} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {36A4CCE1-1C42-4153-A4B5-6FEA9FB00351} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {36A4CCE1-1C42-4153-A4B5-6FEA9FB00351} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: offline-8876480 - {36A4CCE1-1C42-4153-A4B5-6FEA9FB00351} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O20 - AppInit_DLLs: sockspy.dll sockspy.dll sockspy.dll sockspy.dll sockspy.dll sockspy.dll sockspy.dll sockspy.dll sockspy.dll sockspy.dll sockspy.dll sockspy.dll sockspy.dll sockspy.dll sockspy.dll sockspy.dll sockspy.dll sockspy.dll
O20 - Winlogon Notify: Run - C:\WINNT\system32\enj0l11m1.dll (file missing)
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINNT\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINNT\system32\ati2sgag.exe
O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: BitDefender Scan Server (bdss) - Unknown owner - C:\Program Files\Fichiers communs\Softwin\BitDefender Scan Server\bdss.exe" /service (file missing)
O23 - Service: Service d'administration du Gestionnaire de disque logique (dmadmin) - VERITAS Software Corp. - C:\WINNT\System32\dmadmin.exe
O23 - Service: BitDefender Virus Shield (VSSERV) - Unknown owner - C:\Program Files\Softwin\BitDefender8\vsserv.exe" /service (file missing)
O23 - Service: Microsoft Languages Service (Windows Languages Service) - Unknown owner - C:\WINNT\csrss.exe (file missing)
O23 - Service: BitDefender Communicator (XCOMM) - Unknown owner - C:\Program Files\Fichiers communs\Softwin\BitDefender Communicator\xcommsvr.exe" /service (file missing)

Claire
A voir également:

50 réponses

Précédent
Réponse 21 / 50
Claire
9 oct. 2006 à 20:55
Salut,

bon we j'espère

voici le rapport de Vundo (je l'ai lancé 2 fois) :


VundoFix V6.2.1

Checking Java version...

Sun Java not detected
Scan started at 20:42:41 09/10/2006

Listing files found while scanning....

C:\WINNT\system32\ffulilkk.dll
C:\WINNT\system32\gebyy.dll
C:\WINNT\system32\yybeg.ini
C:\WINNT\system32\yybeg.bak1
C:\WINNT\system32\yybeg.bak2
C:\WINNT\system32\hhwutdwv.dll
C:\WINNT\system32\qoxoneqg.dll
C:\WINNT\system32\tvsgkipe.dll
C:\WINNT\system32\umbembxy.dll
C:\WINNT\system32\yqlpeygw.exe
C:\WINNT\system32\gebyy.dll
C:\WINNT\system32\yybeg.ini
C:\WINNT\system32\yybeg.bak1
C:\WINNT\system32\yybeg.bak2
C:\WINNT\system32\yybeg.ini
C:\WINNT\system32\yybeg.bak1
C:\WINNT\system32\yybeg.bak2

Beginning removal...

Attempting to delete C:\WINNT\system32\ffulilkk.dll
C:\WINNT\system32\ffulilkk.dll Has been deleted!

Attempting to delete C:\WINNT\system32\gebyy.dll
C:\WINNT\system32\gebyy.dll Has been deleted!

Attempting to delete C:\WINNT\system32\yybeg.ini
C:\WINNT\system32\yybeg.ini Has been deleted!

Attempting to delete C:\WINNT\system32\yybeg.bak1
C:\WINNT\system32\yybeg.bak1 Has been deleted!

Attempting to delete C:\WINNT\system32\yybeg.bak2
C:\WINNT\system32\yybeg.bak2 Has been deleted!

Attempting to delete C:\WINNT\system32\hhwutdwv.dll
C:\WINNT\system32\hhwutdwv.dll Has been deleted!

Attempting to delete C:\WINNT\system32\qoxoneqg.dll
C:\WINNT\system32\qoxoneqg.dll Has been deleted!

Attempting to delete C:\WINNT\system32\tvsgkipe.dll
C:\WINNT\system32\tvsgkipe.dll Has been deleted!

Attempting to delete C:\WINNT\system32\umbembxy.dll
C:\WINNT\system32\umbembxy.dll Has been deleted!

Attempting to delete C:\WINNT\system32\yqlpeygw.exe
C:\WINNT\system32\yqlpeygw.exe Has been deleted!

Performing Repairs to the registry.
Done!

VundoFix V6.2.1

Checking Java version...

Sun Java not detected
Scan started at 20:48:03 09/10/2006

Listing files found while scanning....

No infected files were found.


Beginning removal...


Celui de HijackThis :

Logfile of HijackThis v1.99.1
Scan saved at 20:56:00, on 09/10/2006
Platform: Windows 2000 SP4 (WinNT 5.00.2195)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINNT\System32\smss.exe
C:\WINNT\system32\winlogon.exe
C:\WINNT\system32\services.exe
C:\WINNT\system32\lsass.exe
C:\WINNT\system32\Ati2evxx.exe
C:\WINNT\system32\svchost.exe
C:\WINNT\system32\spoolsv.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINNT\system32\svchost.exe
C:\Program Files\ewido anti-spyware 4.0\guard.exe
C:\WINNT\system32\regsvc.exe
C:\WINNT\system32\MSTask.exe
C:\WINNT\system32\stisvc.exe
C:\WINNT\System32\WBEM\WinMgmt.exe
C:\WINNT\system32\svchost.exe
C:\WINNT\system32\Ati2evxx.exe
C:\WINNT\Explorer.EXE
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\MessengerPlus! 3\MsgPlus.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\WINNT\system32\internat.exe
C:\PROGRA~1\INCRED~1\bin\IMApp.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Program Files\Incredimail\bin\IncMail.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Hijackthis\scan.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = C:\windows\system32\blank.htm
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\windows\system32\blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: edit_html Class - {14D1A72D-8705-11D8-B120-0040F46CB696} - C:\WINNT\system32\92861357.dll (file missing)
O2 - BHO: (no name) - {35D719C4-7879-4BF1-A73B-AF222DD16C30} - C:\WINNT\system32\gebyy.dll (file missing)
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: (no name) - {849B9523-785F-4014-9CAF-079FB4A74C61} - C:\WINNT\system32\msqgbcal.dll (file missing)
O2 - BHO: (no name) - {D12CF65C-9EF6-44F2-A475-B727085FD7CC} - C:\WINNT\system32\pmnlmjh.dll
O3 - Toolbar: @msdxmLC.dll,-1@1033,&Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINNT\system32\msdxm.ocx
O3 - Toolbar: Easy-WebPrint - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:\Program Files\Canon\Easy-WebPrint\Toolband.dll
O4 - HKLM\..\Run: [Synchronization Manager] mobsync.exe /logon
O4 - HKLM\..\Run: [MessengerPlus3] "C:\Program Files\MessengerPlus! 3\MsgPlus.exe"
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [TrojanScanner] C:\Program Files\Trojan Remover\Trjscan.exe
O4 - HKLM\..\RunServices: [Windows APCI Verifier] dev.exe
O4 - HKCU\..\Run: [internat.exe] internat.exe
O4 - HKCU\..\Run: [IncrediMail] C:\Program Files\IncrediMail\bin\IncMail.exe /c
O4 - HKCU\..\Run: [MessengerPlus3] "C:\Program Files\MessengerPlus! 3\MsgPlus.exe" /WinStart
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O8 - Extra context menu item: Easy-WebPrint Ajouter à la liste d'impressions - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_AddToList.html
O8 - Extra context menu item: Easy-WebPrint Impression rapide - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_HSPrint.html
O8 - Extra context menu item: Easy-WebPrint Imprimer - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_Print.html
O8 - Extra context menu item: Easy-WebPrint Prévisualiser - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_Preview.html
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - update.microsoft.com
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - update.microsoft.com
O20 - AppInit_DLLs: sockspy.dll sockspy.dll sockspy.dll
O20 - Winlogon Notify: pmnlmjh - C:\WINNT\SYSTEM32\pmnlmjh.dll
O20 - Winlogon Notify: Run - C:\WINNT\system32\enj0l11m1.dll (file missing)
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINNT\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINNT\system32\ati2sgag.exe
O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: Service d'administration du Gestionnaire de disque logique (dmadmin) - VERITAS Software Corp. - C:\WINNT\System32\dmadmin.exe
O23 - Service: ewido anti-spyware 4.0 guard - Anti-Malware Development a.s. - C:\Program Files\ewido anti-spyware 4.0\guard.exe
O23 - Service: Microsoft Languages Service (Windows Languages Service) - Unknown owner - C:\WINNT\csrss.exe (file missing)

Bonne soirée

Claire
0
Réponse 22 / 50
Claire-et-Tof Messages postés 11 Date d'inscription lundi 9 octobre 2006 Statut Membre Dernière intervention 23 octobre 2006
14 oct. 2006 à 15:01
Salut,

j'espère que tu ne nous as pas oublié car il reste encore quelques chevaux.
Merci de ton aide.

(Le message est passé en résolu : est-ce normal ?)

Bonne journée.
0
Réponse 23 / 50
Séb08 Messages postés 16503 Date d'inscription dimanche 13 novembre 2005 Statut Contributeur Dernière intervention 17 février 2023 1 430
14 oct. 2006 à 15:14
Désolé ...

Je ne sais pas qui a coché .

remet un log Hijack

a+
0
Réponse 24 / 50
Claire-et-Tof Messages postés 11 Date d'inscription lundi 9 octobre 2006 Statut Membre Dernière intervention 23 octobre 2006
14 oct. 2006 à 19:58
voilà

Logfile of HijackThis v1.99.1
Scan saved at 19:59:38, on 14/10/2006
Platform: Windows 2000 SP4 (WinNT 5.00.2195)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINNT\System32\smss.exe
C:\WINNT\system32\winlogon.exe
C:\WINNT\system32\services.exe
C:\WINNT\system32\lsass.exe
C:\WINNT\system32\Ati2evxx.exe
C:\WINNT\system32\svchost.exe
C:\WINNT\system32\spoolsv.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINNT\system32\svchost.exe
C:\Program Files\ewido anti-spyware 4.0\guard.exe
C:\WINNT\system32\regsvc.exe
C:\WINNT\system32\MSTask.exe
C:\WINNT\system32\stisvc.exe
C:\WINNT\System32\WBEM\WinMgmt.exe
C:\WINNT\system32\svchost.exe
C:\WINNT\system32\Ati2evxx.exe
C:\WINNT\Explorer.EXE
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\MessengerPlus! 3\MsgPlus.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\WINNT\system32\internat.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\PROGRA~1\INCRED~1\bin\IMApp.exe
C:\PROGRA~1\INCRED~1\bin\IncMail.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Hijackthis\scan.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = C:\windows\system32\blank.htm
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\windows\system32\blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: (no name) - {14D1A72D-8705-11D8-B120-0040F46CB696} - (no file)
O2 - BHO: (no name) - {1DAEFCB9-06C8-47c6-8F20-3FB54B244DAA} - C:\WINNT\system32\ikfnipus.dll
O2 - BHO: (no name) - {35D719C4-7879-4BF1-A73B-AF222DD16C30} - (no file)
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: (no name) - {BC0FA29E-09DF-453C-A610-32109430EFDC} - C:\WINNT\system32\ssqpm.dll
O3 - Toolbar: @msdxmLC.dll,-1@1033,&Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINNT\system32\msdxm.ocx
O3 - Toolbar: Easy-WebPrint - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:\Program Files\Canon\Easy-WebPrint\Toolband.dll
O4 - HKLM\..\Run: [Synchronization Manager] mobsync.exe /logon
O4 - HKLM\..\Run: [MessengerPlus3] "C:\Program Files\MessengerPlus! 3\MsgPlus.exe"
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [TrojanScanner] C:\Program Files\Trojan Remover\Trjscan.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINNT\system32\NeroCheck.exe
O4 - HKLM\..\RunServices: [Windows APCI Verifier] dev.exe
O4 - HKCU\..\Run: [internat.exe] internat.exe
O4 - HKCU\..\Run: [IncrediMail] C:\Program Files\IncrediMail\bin\IncMail.exe /c
O4 - HKCU\..\Run: [MessengerPlus3] "C:\Program Files\MessengerPlus! 3\MsgPlus.exe" /WinStart
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O8 - Extra context menu item: Easy-WebPrint Ajouter à la liste d'impressions - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_AddToList.html
O8 - Extra context menu item: Easy-WebPrint Impression rapide - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_HSPrint.html
O8 - Extra context menu item: Easy-WebPrint Imprimer - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_Print.html
O8 - Extra context menu item: Easy-WebPrint Prévisualiser - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_Preview.html
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - update.microsoft.com
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - update.microsoft.com
O20 - AppInit_DLLs: sockspy.dll sockspy.dll sockspy.dll
O20 - Winlogon Notify: Run - C:\WINNT\system32\enj0l11m1.dll (file missing)
O20 - Winlogon Notify: ssqpm - C:\WINNT\system32\ssqpm.dll
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINNT\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINNT\system32\ati2sgag.exe
O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: Service d'administration du Gestionnaire de disque logique (dmadmin) - VERITAS Software Corp. - C:\WINNT\System32\dmadmin.exe
O23 - Service: ewido anti-spyware 4.0 guard - Anti-Malware Development a.s. - C:\Program Files\ewido anti-spyware 4.0\guard.exe
O23 - Service: Microsoft Languages Service (Windows Languages Service) - Unknown owner - C:\WINNT\csrss.exe (file missing)

Merci

Bonne soirée
0

Vous n’avez pas trouvé la réponse que vous recherchez ?

Posez votre question
Réponse 25 / 50
Séb08 Messages postés 16503 Date d'inscription dimanche 13 novembre 2005 Statut Contributeur Dernière intervention 17 février 2023 1 430
14 oct. 2006 à 20:07
Vundo est encore présent refait la manip cité + haut avec Vundofix STP

a+
0
Réponse 26 / 50
Claire-et-Tof Messages postés 11 Date d'inscription lundi 9 octobre 2006 Statut Membre Dernière intervention 23 octobre 2006
14 oct. 2006 à 20:27
Voici le rapport mais juste avant de demander de rebooter il me dit qu'il est impossible d'ouvrir Vundo....reg.

(je l'ai fait 3 fois)

Sun Java not detected
Scan started at 20:15:52 14/10/2006

Listing files found while scanning....

C:\WINNT\system32\ssqpm.dll
C:\WINNT\system32\mpqss.ini
C:\WINNT\system32\mpqss.bak1
C:\WINNT\system32\mpqss.bak2

Beginning removal...

Attempting to delete C:\WINNT\system32\ssqpm.dll
C:\WINNT\system32\ssqpm.dll Has been deleted!

Attempting to delete C:\WINNT\system32\mpqss.ini
C:\WINNT\system32\mpqss.ini Has been deleted!

Attempting to delete C:\WINNT\system32\mpqss.bak1
C:\WINNT\system32\mpqss.bak1 Has been deleted!

Attempting to delete C:\WINNT\system32\mpqss.bak2
C:\WINNT\system32\mpqss.bak2 Has been deleted!

Performing Repairs to the registry.
Done!

VundoFix V6.2.2

Checking Java version...

Sun Java not detected
Scan started at 20:21:36 14/10/2006

Listing files found while scanning....

C:\WINNT\system32\byxxxvv.dll
C:\WINNT\system32\cbxvuro.dll
C:\WINNT\system32\cbxwwtu.dll
C:\WINNT\system32\ddccyxv.dll
C:\WINNT\system32\efcawwu.dll
C:\WINNT\system32\efccdaa.dll
C:\WINNT\system32\efcdded.dll
C:\WINNT\system32\efcywxx.dll
C:\WINNT\system32\gebbccd.dll
C:\WINNT\system32\hggddee.dll
C:\WINNT\system32\hggeedc.dll
C:\WINNT\system32\hggfeee.dll
C:\WINNT\system32\hgggdab.dll
C:\WINNT\system32\iifdeff.dll
C:\WINNT\system32\ikfnipus.dll
C:\WINNT\system32\jkkkkkl.dll
C:\WINNT\system32\khfcayx.dll
C:\WINNT\system32\khffdby.dll
C:\WINNT\system32\khfgfda.dll
C:\WINNT\system32\ljjihed.dll
C:\WINNT\system32\ljjklii.dll
C:\WINNT\system32\nnnkjij.dll
C:\WINNT\system32\nnnomnk.dll
C:\WINNT\system32\opnkkll.dll
C:\WINNT\system32\opnljjh.dll
C:\WINNT\system32\opnllml.dll
C:\WINNT\system32\pmnkhee.dll
C:\WINNT\system32\pmnlmjh.dll
C:\WINNT\system32\pmnmmli.dll
C:\WINNT\system32\qomklmn.dll
C:\WINNT\system32\qommjjh.dll
C:\WINNT\system32\rqrpmli.dll
C:\WINNT\system32\rqrqnnn.dll
C:\WINNT\system32\ssqrqpq.dll
C:\WINNT\system32\tuvuspo.dll
C:\WINNT\system32\urqolmm.dll
C:\WINNT\system32\vtutstt.dll
C:\WINNT\system32\wvurqpo.dll
C:\WINNT\system32\xxyxuvu.dll
C:\WINNT\system32\yayaxvw.dll
C:\WINNT\system32\yayvvwt.dll

Beginning removal...

Attempting to delete C:\WINNT\system32\byxxxvv.dll
C:\WINNT\system32\byxxxvv.dll Has been deleted!

Attempting to delete C:\WINNT\system32\cbxvuro.dll
C:\WINNT\system32\cbxvuro.dll Has been deleted!

Attempting to delete C:\WINNT\system32\cbxwwtu.dll
C:\WINNT\system32\cbxwwtu.dll Has been deleted!

Attempting to delete C:\WINNT\system32\ddccyxv.dll
C:\WINNT\system32\ddccyxv.dll Has been deleted!

Attempting to delete C:\WINNT\system32\efcawwu.dll
C:\WINNT\system32\efcawwu.dll Has been deleted!

Attempting to delete C:\WINNT\system32\efccdaa.dll
C:\WINNT\system32\efccdaa.dll Has been deleted!

Attempting to delete C:\WINNT\system32\efcdded.dll
C:\WINNT\system32\efcdded.dll Has been deleted!

Attempting to delete C:\WINNT\system32\efcywxx.dll
C:\WINNT\system32\efcywxx.dll Has been deleted!

Attempting to delete C:\WINNT\system32\gebbccd.dll
C:\WINNT\system32\gebbccd.dll Has been deleted!

Attempting to delete C:\WINNT\system32\hggddee.dll
C:\WINNT\system32\hggddee.dll Has been deleted!

Attempting to delete C:\WINNT\system32\hggeedc.dll
C:\WINNT\system32\hggeedc.dll Has been deleted!

Attempting to delete C:\WINNT\system32\hggfeee.dll
C:\WINNT\system32\hggfeee.dll Has been deleted!

Attempting to delete C:\WINNT\system32\hgggdab.dll
C:\WINNT\system32\hgggdab.dll Has been deleted!

Attempting to delete C:\WINNT\system32\iifdeff.dll
C:\WINNT\system32\iifdeff.dll Has been deleted!

Attempting to delete C:\WINNT\system32\ikfnipus.dll
C:\WINNT\system32\ikfnipus.dll Has been deleted!

Attempting to delete C:\WINNT\system32\jkkkkkl.dll
C:\WINNT\system32\jkkkkkl.dll Has been deleted!

Attempting to delete C:\WINNT\system32\khfcayx.dll
C:\WINNT\system32\khfcayx.dll Has been deleted!

Attempting to delete C:\WINNT\system32\khffdby.dll
C:\WINNT\system32\khffdby.dll Has been deleted!

Attempting to delete C:\WINNT\system32\khfgfda.dll
C:\WINNT\system32\khfgfda.dll Has been deleted!

Attempting to delete C:\WINNT\system32\ljjihed.dll
C:\WINNT\system32\ljjihed.dll Has been deleted!

Attempting to delete C:\WINNT\system32\ljjklii.dll
C:\WINNT\system32\ljjklii.dll Has been deleted!

Attempting to delete C:\WINNT\system32\nnnkjij.dll
C:\WINNT\system32\nnnkjij.dll Has been deleted!

Attempting to delete C:\WINNT\system32\nnnomnk.dll
C:\WINNT\system32\nnnomnk.dll Has been deleted!

Attempting to delete C:\WINNT\system32\opnkkll.dll
C:\WINNT\system32\opnkkll.dll Has been deleted!

Attempting to delete C:\WINNT\system32\opnljjh.dll
C:\WINNT\system32\opnljjh.dll Has been deleted!

Attempting to delete C:\WINNT\system32\opnllml.dll
C:\WINNT\system32\opnllml.dll Has been deleted!

Attempting to delete C:\WINNT\system32\pmnkhee.dll
C:\WINNT\system32\pmnkhee.dll Has been deleted!

Attempting to delete C:\WINNT\system32\pmnlmjh.dll
C:\WINNT\system32\pmnlmjh.dll Has been deleted!

Attempting to delete C:\WINNT\system32\pmnmmli.dll
C:\WINNT\system32\pmnmmli.dll Has been deleted!

Attempting to delete C:\WINNT\system32\qomklmn.dll
C:\WINNT\system32\qomklmn.dll Has been deleted!

Attempting to delete C:\WINNT\system32\qommjjh.dll
C:\WINNT\system32\qommjjh.dll Has been deleted!

Attempting to delete C:\WINNT\system32\rqrpmli.dll
C:\WINNT\system32\rqrpmli.dll Has been deleted!

Attempting to delete C:\WINNT\system32\rqrqnnn.dll
C:\WINNT\system32\rqrqnnn.dll Has been deleted!

Attempting to delete C:\WINNT\system32\ssqrqpq.dll
C:\WINNT\system32\ssqrqpq.dll Has been deleted!

Attempting to delete C:\WINNT\system32\tuvuspo.dll
C:\WINNT\system32\tuvuspo.dll Has been deleted!

Attempting to delete C:\WINNT\system32\urqolmm.dll
C:\WINNT\system32\urqolmm.dll Has been deleted!

Attempting to delete C:\WINNT\system32\vtutstt.dll
C:\WINNT\system32\vtutstt.dll Has been deleted!

Attempting to delete C:\WINNT\system32\wvurqpo.dll
C:\WINNT\system32\wvurqpo.dll Has been deleted!

Attempting to delete C:\WINNT\system32\xxyxuvu.dll
C:\WINNT\system32\xxyxuvu.dll Has been deleted!

Attempting to delete C:\WINNT\system32\yayaxvw.dll
C:\WINNT\system32\yayaxvw.dll Has been deleted!

Attempting to delete C:\WINNT\system32\yayvvwt.dll
C:\WINNT\system32\yayvvwt.dll Has been deleted!

Performing Repairs to the registry.
Done!


Sun Java not detected
Scan started at 20:27:55 14/10/2006

Listing files found while scanning....

No infected files were found.
0
Réponse 27 / 50
Séb08 Messages postés 16503 Date d'inscription dimanche 13 novembre 2005 Statut Contributeur Dernière intervention 17 février 2023 1 430
14 oct. 2006 à 20:33
Remet un log Hijack STP
0
Réponse 28 / 50
Claire-et-Tof Messages postés 11 Date d'inscription lundi 9 octobre 2006 Statut Membre Dernière intervention 23 octobre 2006
15 oct. 2006 à 00:21
Logfile of HijackThis v1.99.1
Scan saved at 00:23:21, on 15/10/2006
Platform: Windows 2000 SP4 (WinNT 5.00.2195)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINNT\System32\smss.exe
C:\WINNT\system32\winlogon.exe
C:\WINNT\system32\services.exe
C:\WINNT\system32\lsass.exe
C:\WINNT\system32\Ati2evxx.exe
C:\WINNT\system32\svchost.exe
C:\WINNT\system32\spoolsv.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINNT\system32\svchost.exe
C:\Program Files\ewido anti-spyware 4.0\guard.exe
C:\WINNT\system32\regsvc.exe
C:\WINNT\system32\MSTask.exe
C:\WINNT\system32\stisvc.exe
C:\WINNT\System32\WBEM\WinMgmt.exe
C:\WINNT\system32\svchost.exe
C:\WINNT\system32\Ati2evxx.exe
C:\WINNT\Explorer.EXE
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\MessengerPlus! 3\MsgPlus.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\WINNT\system32\internat.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\PROGRA~1\INCRED~1\bin\IMApp.exe
C:\PROGRA~1\INCRED~1\bin\IncMail.exe
C:\Program Files\Hijackthis\scan.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = C:\windows\system32\blank.htm
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\windows\system32\blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: (no name) - {14D1A72D-8705-11D8-B120-0040F46CB696} - (no file)
O2 - BHO: (no name) - {1DAEFCB9-06C8-47c6-8F20-3FB54B244DAA} - C:\WINNT\system32\ikfnipus.dll (file missing)
O2 - BHO: (no name) - {35D719C4-7879-4BF1-A73B-AF222DD16C30} - (no file)
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: (no name) - {BC0FA29E-09DF-453C-A610-32109430EFDC} - C:\WINNT\system32\ssqpm.dll (file missing)
O3 - Toolbar: @msdxmLC.dll,-1@1033,&Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINNT\system32\msdxm.ocx
O3 - Toolbar: Easy-WebPrint - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:\Program Files\Canon\Easy-WebPrint\Toolband.dll
O4 - HKLM\..\Run: [Synchronization Manager] mobsync.exe /logon
O4 - HKLM\..\Run: [MessengerPlus3] "C:\Program Files\MessengerPlus! 3\MsgPlus.exe"
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [TrojanScanner] C:\Program Files\Trojan Remover\Trjscan.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINNT\system32\NeroCheck.exe
O4 - HKLM\..\RunServices: [Windows APCI Verifier] dev.exe
O4 - HKCU\..\Run: [internat.exe] internat.exe
O4 - HKCU\..\Run: [IncrediMail] C:\Program Files\IncrediMail\bin\IncMail.exe /c
O4 - HKCU\..\Run: [MessengerPlus3] "C:\Program Files\MessengerPlus! 3\MsgPlus.exe" /WinStart
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O8 - Extra context menu item: Easy-WebPrint Ajouter à la liste d'impressions - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_AddToList.html
O8 - Extra context menu item: Easy-WebPrint Impression rapide - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_HSPrint.html
O8 - Extra context menu item: Easy-WebPrint Imprimer - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_Print.html
O8 - Extra context menu item: Easy-WebPrint Prévisualiser - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_Preview.html
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - update.microsoft.com
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - update.microsoft.com
O20 - AppInit_DLLs: sockspy.dll sockspy.dll sockspy.dll
O20 - Winlogon Notify: Run - C:\WINNT\system32\enj0l11m1.dll (file missing)
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINNT\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINNT\system32\ati2sgag.exe
O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: Service d'administration du Gestionnaire de disque logique (dmadmin) - VERITAS Software Corp. - C:\WINNT\System32\dmadmin.exe
O23 - Service: ewido anti-spyware 4.0 guard - Anti-Malware Development a.s. - C:\Program Files\ewido anti-spyware 4.0\guard.exe
O23 - Service: Microsoft Languages Service (Windows Languages Service) - Unknown owner - C:\WINNT\csrss.exe (file missing)
0
Réponse 29 / 50
Séb08 Messages postés 16503 Date d'inscription dimanche 13 novembre 2005 Statut Contributeur Dernière intervention 17 février 2023 1 430
15 oct. 2006 à 01:59
Relance Hijack , choisi « do a scan only » coches ces lignes :

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = C:\windows\system32\blank.htm
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\windows\system32\blank.htm

O2 - BHO: (no name) - {14D1A72D-8705-11D8-B120-0040F46CB696} - (no file)
O2 - BHO: (no name) - {1DAEFCB9-06C8-47c6-8F20-3FB54B244DAA} - C:\WINNT\system32\ikfnipus.dll (file missing)
O2 - BHO: (no name) - {35D719C4-7879-4BF1-A73B-AF222DD16C30} - (no file)
O2 - BHO: (no name) - {BC0FA29E-09DF-453C-A610-32109430EFDC} - C:\WINNT\system32\ssqpm.dll (file missing)

O4 - HKLM\..\RunServices: [Windows APCI Verifier] dev.exe

O20 - Winlogon Notify: Run - C:\WINNT\system32\enj0l11m1.dll (file missing)

O23 - Service: Microsoft Languages Service (Windows Languages Service) - Unknown owner - C:\WINNT\csrss.exe (file missing)

Ensuite cliques sur « fix checked ».

=====================================
recherche et supprime si présent ces fichiers en gras :

C:\WINNT\system32\ikfnipus.dll
C:\WINNT\system32\ssqpm.dll
C:\WINNT\system32\enj0l11m1.dll
C:\WINNT\csrss.exe
dev.exe

====================================

Arrête ce service Microsoft Languages Service pour ça fais cette manip :
Démarrer -> executer tape services.msc clic droit sur le service cité - > propriétés et dans "type de démarrage" et mets le sur « arrêté « et « désactivé ».

et met celui là ewido anti-spyware 4.0 guard sur "manuel".

Vide ta corbeille, redémarre ton PC installe ce parefeu :

Kério (pare feu):
www.01net.com
lire le tuto: pour configurer et comprendre Kerio
https://kerio.probb.fr/

Renomme Hijack comme à l'origine et dis moi ou en sont tes probs.

a+


0
Réponse 30 / 50
Claire-et-Tof Messages postés 11 Date d'inscription lundi 9 octobre 2006 Statut Membre Dernière intervention 23 octobre 2006
15 oct. 2006 à 15:37
On a trois fois un message de Trojan Scanner au démarrage concernant : "sockspy.dll"
dans hkey_local_machine\software\microsoft\windowsNT\currentVersion\Windows\"Applnit_DLLs"

Et le rapport Hijack :

Logfile of HijackThis v1.99.1
Scan saved at 15:38:49, on 15/10/2006
Platform: Windows 2000 SP4 (WinNT 5.00.2195)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINNT\System32\smss.exe
C:\WINNT\system32\winlogon.exe
C:\WINNT\system32\services.exe
C:\WINNT\system32\lsass.exe
C:\WINNT\system32\Ati2evxx.exe
C:\WINNT\system32\svchost.exe
C:\WINNT\system32\spoolsv.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINNT\system32\svchost.exe
C:\Program Files\Sunbelt Software\Personal Firewall\kpf4ss.exe
C:\WINNT\system32\regsvc.exe
C:\WINNT\system32\MSTask.exe
C:\WINNT\system32\stisvc.exe
C:\WINNT\System32\WBEM\WinMgmt.exe
C:\WINNT\system32\svchost.exe
C:\Program Files\Sunbelt Software\Personal Firewall\kpf4gui.exe
C:\WINNT\system32\Ati2evxx.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\WINNT\Explorer.EXE
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINNT\system32\mobsync.exe
C:\Program Files\Sunbelt Software\Personal Firewall\kpf4gui.exe
C:\Program Files\MessengerPlus! 3\MsgPlus.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\WINNT\system32\internat.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\PROGRA~1\INCRED~1\bin\IMApp.exe
C:\Program Files\Incredimail\bin\IncMail.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Hijackthis\hijackthis.exe

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O3 - Toolbar: @msdxmLC.dll,-1@1033,&Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINNT\system32\msdxm.ocx
O3 - Toolbar: Easy-WebPrint - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:\Program Files\Canon\Easy-WebPrint\Toolband.dll
O4 - HKLM\..\Run: [Synchronization Manager] mobsync.exe /logon
O4 - HKLM\..\Run: [MessengerPlus3] "C:\Program Files\MessengerPlus! 3\MsgPlus.exe"
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [TrojanScanner] C:\Program Files\Trojan Remover\Trjscan.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINNT\system32\NeroCheck.exe
O4 - HKCU\..\Run: [internat.exe] internat.exe
O4 - HKCU\..\Run: [IncrediMail] C:\Program Files\IncrediMail\bin\IncMail.exe /c
O4 - HKCU\..\Run: [MessengerPlus3] "C:\Program Files\MessengerPlus! 3\MsgPlus.exe" /WinStart
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O8 - Extra context menu item: Easy-WebPrint Ajouter à la liste d'impressions - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_AddToList.html
O8 - Extra context menu item: Easy-WebPrint Impression rapide - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_HSPrint.html
O8 - Extra context menu item: Easy-WebPrint Imprimer - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_Print.html
O8 - Extra context menu item: Easy-WebPrint Prévisualiser - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_Preview.html
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - update.microsoft.com
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - update.microsoft.com
O20 - AppInit_DLLs: sockspy.dll sockspy.dll sockspy.dll
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINNT\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINNT\system32\ati2sgag.exe
O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: Service d'administration du Gestionnaire de disque logique (dmadmin) - VERITAS Software Corp. - C:\WINNT\System32\dmadmin.exe
O23 - Service: ewido anti-spyware 4.0 guard - Anti-Malware Development a.s. - C:\Program Files\ewido anti-spyware 4.0\guard.exe
O23 - Service: Sunbelt Kerio Personal Firewall 4 (KPF4) - Sunbelt Software - C:\Program Files\Sunbelt Software\Personal Firewall\kpf4ss.exe
0
Réponse 31 / 50
Séb08 Messages postés 16503 Date d'inscription dimanche 13 novembre 2005 Statut Contributeur Dernière intervention 17 février 2023 1 430
16 oct. 2006 à 10:32
Apparemment tu n'as plus Bitdefender donc tu peux supprimer la dll qui en fait partie c'est à dire sockspy.dll

Donc relance Hijack et fixe cette ligne :

O20 - AppInit_DLLs: sockspy.dll sockspy.dll sockspy.dll

recherche et supprimes la dll (sockspy.dll ) et ça devrait le faire .

Vide ta poubelle , redémarre tono PC et dis moi ou en sont tes probs.

a+
0
Réponse 32 / 50
Claire-et-Tof Messages postés 11 Date d'inscription lundi 9 octobre 2006 Statut Membre Dernière intervention 23 octobre 2006
16 oct. 2006 à 19:49
Salut,

plus de cheval à l'horizon

voici log hijack

Logfile of HijackThis v1.99.1
Scan saved at 19:42:41, on 16/10/2006
Platform: Windows 2000 SP4 (WinNT 5.00.2195)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINNT\System32\smss.exe
C:\WINNT\system32\winlogon.exe
C:\WINNT\system32\services.exe
C:\WINNT\system32\lsass.exe
C:\WINNT\system32\Ati2evxx.exe
C:\WINNT\system32\svchost.exe
C:\WINNT\system32\spoolsv.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINNT\system32\svchost.exe
C:\Program Files\Sunbelt Software\Personal Firewall\kpf4ss.exe
C:\WINNT\system32\regsvc.exe
C:\WINNT\system32\MSTask.exe
C:\WINNT\system32\stisvc.exe
C:\WINNT\System32\WBEM\WinMgmt.exe
C:\WINNT\system32\svchost.exe
C:\Program Files\Sunbelt Software\Personal Firewall\kpf4gui.exe
C:\WINNT\system32\Ati2evxx.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINNT\Explorer.EXE
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\WINNT\system32\mobsync.exe
C:\Program Files\MessengerPlus! 3\MsgPlus.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Sunbelt Software\Personal Firewall\kpf4gui.exe
C:\WINNT\system32\internat.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\PROGRA~1\INCRED~1\bin\IMApp.exe
C:\Program Files\Hijackthis\hijackthis.exe

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O3 - Toolbar: @msdxmLC.dll,-1@1033,&Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINNT\system32\msdxm.ocx
O3 - Toolbar: Easy-WebPrint - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:\Program Files\Canon\Easy-WebPrint\Toolband.dll
O4 - HKLM\..\Run: [Synchronization Manager] mobsync.exe /logon
O4 - HKLM\..\Run: [MessengerPlus3] "C:\Program Files\MessengerPlus! 3\MsgPlus.exe"
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [TrojanScanner] C:\Program Files\Trojan Remover\Trjscan.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINNT\system32\NeroCheck.exe
O4 - HKCU\..\Run: [internat.exe] internat.exe
O4 - HKCU\..\Run: [IncrediMail] C:\Program Files\IncrediMail\bin\IncMail.exe /c
O4 - HKCU\..\Run: [MessengerPlus3] "C:\Program Files\MessengerPlus! 3\MsgPlus.exe" /WinStart
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O8 - Extra context menu item: Easy-WebPrint Ajouter à la liste d'impressions - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_AddToList.html
O8 - Extra context menu item: Easy-WebPrint Impression rapide - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_HSPrint.html
O8 - Extra context menu item: Easy-WebPrint Imprimer - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_Print.html
O8 - Extra context menu item: Easy-WebPrint Prévisualiser - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_Preview.html
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - go.microsoft.com/fwlink/?LinkID=39204
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - update.microsoft.com
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - update.microsoft.com
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINNT\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINNT\system32\ati2sgag.exe
O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: Service d'administration du Gestionnaire de disque logique (dmadmin) - VERITAS Software Corp. - C:\WINNT\System32\dmadmin.exe
O23 - Service: ewido anti-spyware 4.0 guard - Anti-Malware Development a.s. - C:\Program Files\ewido anti-spyware 4.0\guard.exe
O23 - Service: Sunbelt Kerio Personal Firewall 4 (KPF4) - Sunbelt Software - C:\Program Files\Sunbelt Software\Personal Firewall\kpf4ss.exe

Encore une question : comment remettre les mises à jour automatiques (Windows) car tous dans la fenêtre est masquée.

Merci encore.

Bonne soirée.
0
Réponse 33 / 50
Séb08 Messages postés 16503 Date d'inscription dimanche 13 novembre 2005 Statut Contributeur Dernière intervention 17 février 2023 1 430
17 oct. 2006 à 00:13
Ok bien ça m'a l'air clean :)

Mets ce service:

ewido anti-spyware 4.0 guard

sur "manuel" pour ça fais ceci :

Démarrer ->executer ->tape service.msc fais un clic droit sur le service cité -> propriété et dans type de démarrage mets le sur "manuel".

Encore une question : comment remettre les mises à jour automatiques (Windows) car tous dans la fenêtre est masquée.

Quelle fenêtres ?

Démarrer - > panneau de config (en affichage classique) -> mise à jour automatiques et là tu choisis le choix que tu veux.

A lire pour en savoir + ;-) :

support.microsoft.com/kb/327850/

a+
0
Réponse 34 / 50
Claire-et-Tof Messages postés 11 Date d'inscription lundi 9 octobre 2006 Statut Membre Dernière intervention 23 octobre 2006
22 oct. 2006 à 16:29
Salut,

désolée de ne pas avoir répondu plus tot.

Merci pour tes conseils

Concernant les mises à jour automatique, le pb est justement que ce dont tu me parles est tout grisé donc pas de choix possible.
D'aiileurs ce service est absent de services.msc.

Bon fin de we.

Claire
0
Réponse 35 / 50
Séb08 Messages postés 16503 Date d'inscription dimanche 13 novembre 2005 Statut Contributeur Dernière intervention 17 février 2023 1 430
23 oct. 2006 à 15:55
tu es bien connecté a ton PC en tant qu'administrateur ?
0
Réponse 36 / 50
Claire-et-Tof Messages postés 11 Date d'inscription lundi 9 octobre 2006 Statut Membre Dernière intervention 23 octobre 2006
23 oct. 2006 à 18:58
Oui
0
Réponse 37 / 50
Séb08 Messages postés 16503 Date d'inscription dimanche 13 novembre 2005 Statut Contributeur Dernière intervention 17 février 2023 1 430
23 oct. 2006 à 19:06
fais cette vérif :

Démarrer -> panneau de config (en affichage classique) -> Outils d'administration > Services > Mise A Jour automatique > l'état est bien "démarré" et type de démarrage sur "automatique"..

a+
0
Réponse 38 / 50
Claire-et-Tof Messages postés 11 Date d'inscription lundi 9 octobre 2006 Statut Membre Dernière intervention 23 octobre 2006
23 oct. 2006 à 19:22
En fait c'est ce que j'avais dit, mise à jour n'est pas présent dans services.
0
Réponse 39 / 50
Séb08 Messages postés 16503 Date d'inscription dimanche 13 novembre 2005 Statut Contributeur Dernière intervention 17 février 2023 1 430
23 oct. 2006 à 19:39
Fais ceci pour vérif dans ta base de registre :

démarrer -> executer -> tape regedit

Suis la branche de la base (BDR) :

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv

Modifier la valeur DWORD : Start

Valeur : 4 <--- mise à jour désactivé

Valeur : 3 <--- mise à jour en manuel

Valeur : 2 <--- mise à jour en auto

Si la valeur chez toi est sur 4 mets la sur 2 (ou 3 comme tu veux) et redémarre ton PC pour que la modif prenne effet.

a +

0
Réponse 40 / 50
Claire-et-Tof Messages postés 11 Date d'inscription lundi 9 octobre 2006 Statut Membre Dernière intervention 23 octobre 2006
23 oct. 2006 à 19:48
Elle est déjà sur 2
0

Discussions similaires

expressions francaises
bifaka -
lanonyme -

4 réponses
L'antivirus ESET NOD32 bloque UPTOBOX ( HTML/ScrInject.B ).
Logan -
Snoopyx -

10 réponses
Présence ou non de cheval de troie ?
hunter55 -
Malekal_morte- -

14 réponses
Nom d'une musique classique
panoramaaa -
Thierry -

9 réponses
windows defender cheval de troie
dplonguet -
Faarid.31 -

3 réponses