Plusieurs virus que je n'arrive pas à élimine

Résolu
bugs83 Messages postés 5 Statut Membre -  
philae83 Messages postés 12854 Statut Contributeur sécurité -
Bonjour;

Voici mon mes infections sous avast et mon log hyjack this quelqu'un peut il me donner un conseil?

Merci d'avance pour vos conseils éclairés.

Avast:

20/02/2007 10:00:58 Serge 4040 Sign of "Win32:Trojano-1640 [Trj]" has been found in "C:\WINDOWS\system32\tmp~2.exe\unpack7.exe\csrs.exe" file.
20/02/2007 10:02:34 Serge 4040 Sign of "Win32:Trojano-794 [Trj]" has been found in "C:\WINDOWS\system32\tmp~2.exe\unpack7.exe\lssas.exe" file.
20/02/2007 10:02:43 Serge 4040 Sign of "Win32:Trojano-793 [Trj]" has been found in "C:\WINDOWS\system32\tmp~2.exe\unpack7.exe\stt.exe" file.
20/02/2007 10:03:42 Serge 4040 Sign of "Win32:Trojan-gen. {VC}" has been found in "C:\WINDOWS\system32\tmp~2.exe\unpack7.exe\winmgnt.exe" file.
20/02/2007 10:03:49 Serge 4040 Sign of "VBS:Malware [Gen]" has been found in "C:\WINDOWS\system32\tmp~2.exe\unpack7.exe\msmqins.dll" file.
20/02/2007 10:03:55 Serge 4040 Sign of "Win32:Trojano-1640 [Trj]" has been found in "C:\WINDOWS\system32\unpack7.exe\csrs.exe" file.
20/02/2007 10:03:59 Serge 4040 Sign of "Win32:Trojano-794 [Trj]" has been found in "C:\WINDOWS\system32\unpack7.exe\lssas.exe" file.
20/02/2007 10:04:02 Serge 4040 Sign of "Win32:Trojano-793 [Trj]" has been found in "C:\WINDOWS\system32\unpack7.exe\stt.exe" file.
20/02/2007 10:04:04 Serge 4040 Sign of "Win32:Trojan-gen. {VC}" has been found in "C:\WINDOWS\system32\unpack7.exe\winmgnt.exe" file.
20/02/2007 10:04:06 Serge 4040 Sign of "VBS:Malware [Gen]" has been found in "C:\WINDOWS\system32\unpack7.exe\msmqins.dll" file.
20/02/2007 18:24:29 Serge 2628 Sign of "Win32:Trojano-1640 [Trj]" has been found in "C:\WINDOWS\system32\tmp~2.exe\unpack7.exe\csrs.exe" file.
20/02/2007 18:24:54 Serge 2628 Sign of "Win32:Trojano-794 [Trj]" has been found in "C:\WINDOWS\system32\tmp~2.exe\unpack7.exe\lssas.exe" file.
20/02/2007 18:24:57 Serge 2628 Sign of "Win32:Trojano-793 [Trj]" has been found in "C:\WINDOWS\system32\tmp~2.exe\unpack7.exe\stt.exe" file.
20/02/2007 18:24:59 Serge 2628 Sign of "Win32:Trojan-gen. {VC}" has been found in "C:\WINDOWS\system32\tmp~2.exe\unpack7.exe\winmgnt.exe" file.
20/02/2007 18:25:01 Serge 2628 Sign of "VBS:Malware [Gen]" has been found in "C:\WINDOWS\system32\tmp~2.exe\unpack7.exe\msmqins.dll" file.
20/02/2007 18:25:06 Serge 2628 Sign of "Win32:Trojano-1640 [Trj]" has been found in "C:\WINDOWS\system32\unpack7.exe\csrs.exe" file.
20/02/2007 18:25:08 Serge 2628 Sign of "Win32:Trojano-794 [Trj]" has been found in "C:\WINDOWS\system32\unpack7.exe\lssas.exe" file.
20/02/2007 18:25:12 Serge 2628 Sign of "Win32:Trojano-793 [Trj]" has been found in "C:\WINDOWS\system32\unpack7.exe\stt.exe" file.
20/02/2007 18:25:15 Serge 2628 Sign of "Win32:Trojan-gen. {VC}" has been found in "C:\WINDOWS\system32\unpack7.exe\winmgnt.exe" file.
20/02/2007 18:25:22 Serge 2628 Sign of "VBS:Malware [Gen]" has been found in "C:\WINDOWS\system32\unpack7.exe\msmqins.dll" file.

Logfile of HijackThis v1.99.1
Scan saved at 12:58:07, on 21/02/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\CTHELPER.EXE
C:\Program Files\ScanSoft\OmniPageSE\opware32.exe
C:\Program Files\Logitech\iTouch\iTouch.exe
C:\Program Files\Logitech\ImageStudio\LogiTray.exe
C:\WINDOWS\system32\LVCOMSX.EXE
C:\Program Files\Logitech\Video\LogiTray.exe
C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb06.exe
C:\Program Files\Alwil Software\Avast4\ashDisp.exe
C:\Program Files\MessengerPlus! 3\MsgPlus.exe
C:\Program Files\Java\jre1.5.0_10\bin\jusched.exe
C:\PROGRA~1\MSN Messenger\msnmsgr.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Plextor\PlexTool.exe
C:\Program Files\WinZip\WZQKPICK.EXE
C:\Program Files\Logitech\MouseWare\system\em_exec.exe
C:\Program Files\Logitech\ImageStudio\LowLight.exe
C:\Program Files\Logitech\Video\FxSvr2.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Documents and Settings\Serge\Mes documents\Haking\scaner.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.fr/toolbar/ie8/sidebar.html
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.google.fr/?gws_rd=ssl
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = https://www.google.fr/?gws_rd=ssl
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE NvQTwk,NvCplDaemon initialize
O4 - HKLM\..\Run: [NVCLOCK] rundll32 nvclock.dll,fnNvclock
O4 - HKLM\..\Run: [CTHelper] CTHELPER.EXE
O4 - HKLM\..\Run: [Omnipage] C:\Program Files\ScanSoft\OmniPageSE\opware32.exe
O4 - HKLM\..\Run: [zBrowser Launcher] C:\Program Files\Logitech\iTouch\iTouch.exe
O4 - HKLM\..\Run: [Logitech Utility] Logi_MwX.Exe
O4 - HKLM\..\Run: [LogitechGalleryRepair] C:\Program Files\Logitech\ImageStudio\ISStart.exe
O4 - HKLM\..\Run: [LogitechImageStudioTray] C:\Program Files\Logitech\ImageStudio\LogiTray.exe
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe
O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe
O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\system32\\NeroCheck.exe
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb06.exe
O4 - HKLM\..\Run: [avast!] "C:\Program Files\Alwil Software\Avast4\ashDisp.exe"
O4 - HKLM\..\Run: [MessengerPlus3] "C:\Program Files\MessengerPlus! 3\MsgPlus.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.5.0_10\bin\jusched.exe"
O4 - HKLM\..\Run: [TrojanScanner] C:\Program Files\Trojan Remover\Trjscan.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\PROGRA~1\MSN Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: PlexTools Professional.lnk = C:\Program Files\Plextor\PlexTool.exe
O4 - Global Startup: WinZip Quick Pick.lnk = C:\Program Files\WinZip\WZQKPICK.EXE
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\Microsoft Office\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Sothink SWF Catcher - C:\Program Files\Fichiers communs\SourceTec\SWF Catcher\InternetExplorer.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\Microsoft Office\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no file)
O9 - Extra button: Sothink SWF Catcher - {E19ADC6E-3909-43E4-9A89-B7B676377EE3} - C:\Program Files\Fichiers communs\SourceTec\SWF Catcher\InternetExplorer.htm
O9 - Extra 'Tools' menuitem: Sothink SWF Catcher - {E19ADC6E-3909-43E4-9A89-B7B676377EE3} - C:\Program Files\Fichiers communs\SourceTec\SWF Catcher\InternetExplorer.htm
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSN Messenger\msgrapp.dll" (file missing)
O20 - AppInit_DLLs: MsgPlusLoader.dll
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
Configuration: Windows XP
Internet Explorer 6.0

10 réponses

  1. philae83 Messages postés 12854 Statut Contributeur sécurité 206
     
    Bonjour,

    fait un scan antivirus en ligne stp et poste le rapport ici ensuite

    https://www.bitdefender.fr/

    * En bas, à gauche de la fenêtre, clique sur BitDefender SCAN ONLINE
    * Dans la nouvelle fenêtre, clique sur I agree
    * La fenêtre change encore, clique sur Click here to scan
    * Les signatures se chargent, etc.
    0
  2. bugs83 Messages postés 5 Statut Membre
     
    Bonjour,

    Merci de ta réponse Voici le resultat du scan merci d'avance pour tes conseils.

    BitDefender Online Scanner

    Scan report generated at: Thu, Feb 22, 2007 - 12:14:50

    Scan path: A:\;C:\;D:\;E:\;F:\;G:\;H:\;I:\;J:\;

    Statistics

    Time
    02:54:01

    Files
    899587

    Folders
    7366

    Boot Sectors
    4

    Archives
    11637

    Packed Files
    127545

    Results

    Identified Viruses
    7

    Infected Files
    7

    Suspect Files
    0

    Warnings
    0

    Disinfected
    0

    Deleted Files
    7

    Engines Info

    Virus Definitions
    389422

    Engine build
    AVCORE v1.0 (build 2397) (i386) (Feb 8 2007 14:24:08)

    Scan plugins
    14

    Archive plugins
    38

    Unpack plugins
    6

    E-mail plugins
    6

    System plugins
    1

    Scan Settings

    First Action
    Disinfect

    Second Action
    Delete

    Heuristics
    Yes

    Enable Warnings
    Yes

    Scanned Extensions
    *;

    Exclude Extensions

    Scan Emails
    Yes

    Scan Archives
    Yes

    Scan Packed
    Yes

    Scan Files
    Yes

    Scan Boot
    Yes

    Scanned File
    Status

    C:\WINDOWS\system32\unpack7.exe=>(RAR Sfx o)=>csrs.exe
    Infected with: Backdoor.Mirc.S

    C:\WINDOWS\system32\unpack7.exe=>(RAR Sfx o)=>csrs.exe
    Disinfection failed

    C:\WINDOWS\system32\unpack7.exe=>(RAR Sfx o)=>csrs.exe
    Deleted

    C:\WINDOWS\system32\unpack7.exe=>(RAR Sfx o)
    Update failed

    C:\WINDOWS\system32\unpack7.exe=>(RAR Sfx o)=>lssas.exe
    Infected with: Backdoor.FTP.ioFtpd.B

    C:\WINDOWS\system32\unpack7.exe=>(RAR Sfx o)=>lssas.exe
    Disinfection failed

    C:\WINDOWS\system32\unpack7.exe=>(RAR Sfx o)=>lssas.exe
    Deleted

    C:\WINDOWS\system32\unpack7.exe=>(RAR Sfx o)
    Update failed

    C:\WINDOWS\system32\unpack7.exe=>(RAR Sfx o)=>stt.exe
    Infected with: VirTool.Maxxx.A

    C:\WINDOWS\system32\unpack7.exe=>(RAR Sfx o)=>stt.exe
    Disinfection failed

    C:\WINDOWS\system32\unpack7.exe=>(RAR Sfx o)=>stt.exe
    Deleted

    C:\WINDOWS\system32\unpack7.exe=>(RAR Sfx o)
    Update failed

    C:\WINDOWS\system32\unpack7.exe=>(RAR Sfx o)=>es32.dll
    Infected with: Backdoor.Irc.Zapchast.BB

    C:\WINDOWS\system32\unpack7.exe=>(RAR Sfx o)=>es32.dll
    Disinfection failed

    C:\WINDOWS\system32\unpack7.exe=>(RAR Sfx o)=>es32.dll
    Deleted

    C:\WINDOWS\system32\unpack7.exe=>(RAR Sfx o)
    Update failed

    C:\WINDOWS\system32\unpack7.exe=>(RAR Sfx o)=>msmqins.dll
    Infected with: Trojan.Leechpie.B

    C:\WINDOWS\system32\unpack7.exe=>(RAR Sfx o)=>msmqins.dll
    Disinfection failed

    C:\WINDOWS\system32\unpack7.exe=>(RAR Sfx o)=>msmqins.dll
    Deleted

    C:\WINDOWS\system32\unpack7.exe=>(RAR Sfx o)
    Update failed

    C:\WINDOWS\system32\unpack7.exe=>(RAR Sfx o)=>ntio40.sys
    Infected with: Backdoor.IRC.Zapchast

    C:\WINDOWS\system32\unpack7.exe=>(RAR Sfx o)=>ntio40.sys
    Disinfection failed

    C:\WINDOWS\system32\unpack7.exe=>(RAR Sfx o)=>ntio40.sys
    Deleted

    C:\WINDOWS\system32\unpack7.exe=>(RAR Sfx o)
    Update failed

    D:\Telecharg\hack\iMeshV22.exe=>wise0020
    Infected with: Trojan.Freg.A

    D:\Telecharg\hack\iMeshV22.exe=>wise0020
    Disinfection failed

    D:\Telecharg\hack\iMeshV22.exe=>wise0020
    Deleted

    D:\Telecharg\hack\iMeshV22.exe
    Update failed
    0
  3. philae83 Messages postés 12854 Statut Contributeur sécurité 206
     
    bonjour,

    normalement bitdefender a nettoyé.

    que te dit avast maintenant ?
    0
  4. bugs83 Messages postés 5 Statut Membre
     
    Bonsoir,
    Merci pour ta réponse mais bit def n'as rien supprimé Tj les entrées

    22/02/2007 20:41:51 Serge 2560 Sign of "Win32:Trojano-1640 [Trj]" has been found in "C:\WINDOWS\system32\unpack7.exe\csrs.exe" file.
    22/02/2007 20:42:01 Serge 2560 Sign of "Win32:Trojano-794 [Trj]" has been found in "C:\WINDOWS\system32\unpack7.exe\lssas.exe" file.
    22/02/2007 20:42:04 Serge 2560 Sign of "Win32:Trojano-793 [Trj]" has been found in "C:\WINDOWS\system32\unpack7.exe\stt.exe" file.
    22/02/2007 20:42:07 Serge 2560 Sign of "Win32:Trojan-gen. {VC}" has been found in "C:\WINDOWS\system32\unpack7.exe\winmgnt.exe" file.
    22/02/2007 20:42:10 Serge 2560 Sign of "VBS:Malware [Gen]" has been found in "C:\WINDOWS\system32\unpack7.exe\msmqins.dll" file.

    Avec avast faut il un nouveau log hyjackthis?

    comment supprimer les virus manuellement?

    seraije obligé de reformater?

    Merc d'avance
    0
  5. Vous n’avez pas trouvé la réponse que vous recherchez ?

    Posez votre question
  6. philae83 Messages postés 12854 Statut Contributeur sécurité 206
     
    Bonsoir,

    non on ne formate pas pour si peu.

    * Assure toi d'avoir accès à tous les fichiers

    -démarrer

    -poste de travail ou autre dossier

    -menu outils

    -options de dossier

    -onglet affichage

    puis

    - activer la case : Afficher les fichiers et dossiers cachés

    - désactiver la case : Masquer les extensions des fichiers dont le type est connu

    - désactiver la case : Masquer les fichier protégés du système d'exploitation

    Puis - Appliquer

    * et Supprime le(s) fichier(s) ci dessous si il(s) est (sont) présent(s) :

    C:\WINDOWS\system32\unpack7.exe

    * Dans l'Explorateur Windows recache les fichiers système afin de ne pas faire d'erreur à l'avenir. Retourne à la fenêtre Paramètres de dossiers et sélectionne Ne pas afficher les fichiers cachés ou les fichiers système

    si résistance, essaye en mode sans échec

    reposte un rapport Hijackthis également.
    0
  7. bugs83 Messages postés 5 Statut Membre
     
    Bonjour,

    J'hésitai à supprimer ce fichier manuellement mais je vien de le faire sur tes conseils.

    Ci dessous le log HijackThis .

    Logfile of HijackThis v1.99.1
    Scan saved at 10:26:26, on 24/02/2007
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
    C:\Program Files\Alwil Software\Avast4\ashServ.exe
    C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
    C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE
    C:\WINDOWS\system32\nvsvc32.exe
    C:\WINDOWS\system32\svchost.exe
    C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
    C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
    C:\WINDOWS\Explorer.EXE
    C:\WINDOWS\CTHELPER.EXE
    C:\Program Files\ScanSoft\OmniPageSE\opware32.exe
    C:\Program Files\Logitech\iTouch\iTouch.exe
    C:\Program Files\Logitech\ImageStudio\LogiTray.exe
    C:\WINDOWS\system32\LVCOMSX.EXE
    C:\Program Files\Logitech\Video\LogiTray.exe
    C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb06.exe
    C:\Program Files\Alwil Software\Avast4\ashDisp.exe
    C:\Program Files\MessengerPlus! 3\MsgPlus.exe
    C:\Program Files\Java\jre1.5.0_10\bin\jusched.exe
    C:\Program Files\Logitech\MouseWare\system\em_exec.exe
    C:\Program Files\Logitech\Video\FxSvr2.exe
    C:\Program Files\Logitech\ImageStudio\LowLight.exe
    C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
    C:\PROGRA~1\MSN Messenger\msnmsgr.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
    C:\Program Files\Plextor\PlexTool.exe
    C:\Program Files\WinZip\WZQKPICK.EXE
    C:\Documents and Settings\Serge\Mes documents\Haking\scaner.exe

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.fr/toolbar/ie8/sidebar.html
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.google.fr/?gws_rd=ssl
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
    R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = https://www.google.fr/?gws_rd=ssl
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
    O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll
    O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE NvQTwk,NvCplDaemon initialize
    O4 - HKLM\..\Run: [NVCLOCK] rundll32 nvclock.dll,fnNvclock
    O4 - HKLM\..\Run: [CTHelper] CTHELPER.EXE
    O4 - HKLM\..\Run: [Omnipage] C:\Program Files\ScanSoft\OmniPageSE\opware32.exe
    O4 - HKLM\..\Run: [zBrowser Launcher] C:\Program Files\Logitech\iTouch\iTouch.exe
    O4 - HKLM\..\Run: [Logitech Utility] Logi_MwX.Exe
    O4 - HKLM\..\Run: [LogitechGalleryRepair] C:\Program Files\Logitech\ImageStudio\ISStart.exe
    O4 - HKLM\..\Run: [LogitechImageStudioTray] C:\Program Files\Logitech\ImageStudio\LogiTray.exe
    O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
    O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe
    O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe
    O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\system32\\NeroCheck.exe
    O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb06.exe
    O4 - HKLM\..\Run: [avast!] "C:\Program Files\Alwil Software\Avast4\ashDisp.exe"
    O4 - HKLM\..\Run: [MessengerPlus3] "C:\Program Files\MessengerPlus! 3\MsgPlus.exe"
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.5.0_10\bin\jusched.exe"
    O4 - HKLM\..\Run: [TrojanScanner] C:\Program Files\Trojan Remover\Trjscan.exe
    O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
    O4 - HKCU\..\Run: [msnmsgr] "C:\PROGRA~1\MSN Messenger\msnmsgr.exe" /background
    O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
    O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
    O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
    O4 - Global Startup: PlexTools Professional.lnk = C:\Program Files\Plextor\PlexTool.exe
    O4 - Global Startup: WinZip Quick Pick.lnk = C:\Program Files\WinZip\WZQKPICK.EXE
    O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\Microsoft Office\OFFICE11\EXCEL.EXE/3000
    O8 - Extra context menu item: Sothink SWF Catcher - C:\Program Files\Fichiers communs\SourceTec\SWF Catcher\InternetExplorer.htm
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll
    O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
    O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
    O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\Microsoft Office\OFFICE11\REFIEBAR.DLL
    O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no file)
    O9 - Extra button: Sothink SWF Catcher - {E19ADC6E-3909-43E4-9A89-B7B676377EE3} - C:\Program Files\Fichiers communs\SourceTec\SWF Catcher\InternetExplorer.htm
    O9 - Extra 'Tools' menuitem: Sothink SWF Catcher - {E19ADC6E-3909-43E4-9A89-B7B676377EE3} - C:\Program Files\Fichiers communs\SourceTec\SWF Catcher\InternetExplorer.htm
    O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scan8/oscan8.cab
    O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSN Messenger\msgrapp.dll" (file missing)
    O20 - AppInit_DLLs: MsgPlusLoader.dll
    O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
    O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashServ.exe
    O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
    O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
    O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
    O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe

    Y a il des entrées à fixer ou supprimer?

    merci de tes conseils.
    0
  8. philae83 Messages postés 12854 Statut Contributeur sécurité 206
     
    bonjour,

    oui, il y a de l'inutile, je reviens te donner les lignes à virer

    0
  9. philae83 Messages postés 12854 Statut Contributeur sécurité 206
     
    lance hijackthis, coche et fixe ces lignes :

    O4 - HKLM\..\Run: [CTHelper] CTHELPER.EXE
    O4 - HKLM\..\Run: [Omnipage] C:\Program Files\ScanSoft\OmniPageSE\opware32.exe
    O4 - HKLM\..\Run: [LogitechGalleryRepair] C:\Program Files\Logitech\ImageStudio\ISStart.exe
    O4 - HKLM\..\Run: [LogitechImageStudioTray] C:\Program Files\Logitech\ImageStudio\LogiTray.exe
    O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe
    O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe
    O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\system32\\NeroCheck.exe
    O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
    O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
    O4 - Global Startup: WinZip Quick Pick.lnk = C:\Program Files\WinZip\WZQKPICK.EXE
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll
    O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
    O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
    O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\Microsoft Office\OFFICE11\REFIEBAR.DLL
    O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no file)

    et désactive AVG si tu as trojan scanner. Inutile d'avoir 2 antispywares en résident.

    encore des soucis ?

    0
  10. bugs83 Messages postés 5 Statut Membre
     
    Merci de tes conseils je vien de retirer les lignes indiquées.

    Merci pour tout le problème a l'air résolu.

    Par contre mon disque D vien de claquer un drole de bruit répétitif et qui empéche vraisemblablement la lecture mais ce n'est pas le bon forum pour en parler.

    merci encore pour tes conseils éclairés.
    0
  11. philae83 Messages postés 12854 Statut Contributeur sécurité 206
     
    bonjour,

    peut être ton disque D a t il des soucis, si tu as des infos importantes, sauvegarde les avant de les perdre.

    pense à mettre ton topic en RESOLU stp.
    bon dimanche
    0