Mon pc a surement un virus

nadine3324 Messages postés 221 Statut Membre -  
Regis59 Messages postés 21143 Date d'inscription   Statut Contributeur sécurité Dernière intervention   -
bonsoir a tous

j'aurai besoin d'aide car mon pc a surement un virus ou du moins un problème.
je vous explique
tous les problèmes sont intermittents, ils n'arrivent pas toujours
les pages internet se bloquent, si je fais ctr/alt/supp cela me repond que le programme ne repond pas
lorsque je clique sur outlook, parfois, il ne s'ouvre pas et si plus tard je souhaite couper mon pc, ben il me repond que outlook ne repond pas, et je dois le fermer autant de fois que j'ai cliquer sur l'icone. (je ne sais pas si je suis clair :-) )
j'ai fait un cleaner mais ça a durer tres longtemps, c'est la premiere fois que ça dure autant
j'ai voulu faire un spyboot, mais j'ai pas reussi a aller au bout dscan (trop long), j'ai abandonné.
j'ai fait un scan et une defragmentation vendredi dernier, mais ça n'a rien arrangé

Parfois on ne peux pas couper le pc, et si on le coupe en appuyant sur le bouton (je sais c pas cool) ben il redemarre tout seul
bref, c'est pas trés réjouissant

je vous mets ci dessous un hijack this
j'espère que ça pourra vous aider, car moi j'y connais rien

Logfile of HijackThis v1.99.1
Scan saved at 20:50:18, on 12/12/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\WINDOWS\System32\FTRTSVC.exe
C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
C:\Program Files\Sunbelt Software\Personal Firewall\kpf4ss.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\Program Files\Sunbelt Software\Personal Firewall\kpf4gui.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\Sunbelt Software\Personal Firewall\kpf4gui.exe
C:\WINDOWS\system32\WgaTray.exe
C:\WINDOWS\Explorer.EXE
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
C:\PROGRA~1\Wanadoo\TaskBarIcon.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\PROGRA~1\Wanadoo\GestionnaireInternet.exe
C:\Program Files\D-Link\D-Link AirPlus G+ Wireless Adapter Utility\DWLGTI.EXE
C:\PROGRA~1\Wanadoo\ComComp.exe
C:\PROGRA~1\Wanadoo\Toaster.exe
C:\Program Files\TimeLeft3\TimeLeft.exe
C:\PROGRA~1\Wanadoo\Inactivity.exe
C:\PROGRA~1\Wanadoo\PollingModule.exe
C:\WINDOWS\System32\ALERTM~1\ALERTM~1.EXE
C:\PROGRA~1\Wanadoo\Watch.exe
C:\Program Files\Fichiers communs\Adobe\Updater5\AdobeUpdater.exe
C:\Program Files\Alwil Software\Avast4\setup\avast.setup
C:\Program Files\WinRAR\WinRAR.exe
C:\DOCUME~1\nous\LOCALS~1\Temp\Rar$EX00.094\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.orange.fr/portail
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Orange
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\PROGRA~1\Wanadoo\SEARCH~1.DLL
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.1.615.5858\swg.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [EPSON Stylus Photo R240 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIAHE.EXE /F "C:\WINDOWS\TEMP\E_S73.tmp" /EF "HKLM"
O4 - HKLM\..\Run: [EPSON Stylus Photo R240 Series (Copie 1)] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIAHE.EXE /P40 "EPSON Stylus Photo R240 Series (Copie 1)" /O5 "LPT1:" /M "Stylus Photo R240"
O4 - HKLM\..\Run: [EPSON Stylus Photo R240 Series (Copie 2)] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIAHE.EXE /P40 "EPSON Stylus Photo R240 Series (Copie 2)" /O5 "LPT1:" /M "Stylus Photo R240"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [WOOWATCH] C:\PROGRA~1\Wanadoo\Watch.exe
O4 - HKLM\..\Run: [WOOTASKBARICON] C:\PROGRA~1\Wanadoo\GestMaj.exe TaskBarIcon.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [WOOKIT] C:\PROGRA~1\Wanadoo\Shell.exe appLaunchClientZone.shl|PARAM= cnx
O4 - Startup: TimeLeft.lnk = C:\Program Files\TimeLeft3\TimeLeft.exe
O4 - Global Startup: D-Link AirPlus G+ Wireless Adapter Utility.lnk = C:\Program Files\D-Link\D-Link AirPlus G+ Wireless Adapter Utility\DWLGTI.EXE
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O9 - Extra button: Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra button: Orange - {1462651F-F4BA-4C76-A001-C4284D0FE16E} - https://www.orange.fr/portail (file missing) (HKCU)
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://www.kaspersky.com/kos/eng/partner/71365/kavwebscan_unicode.cab
O16 - DPF: {6E5E167B-1566-4316-B27F-0DDAB3484CF7} (Image Uploader Control) - http://www.mypix.com/importer/ImageUploader4.cab
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: Boonty Games - Unknown owner - C:\Program Files\Fichiers communs\BOONTY Shared\Service\Boonty.exe (file missing)
O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom - C:\WINDOWS\System32\FTRTSVC.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Sunbelt Kerio Personal Firewall 4 (KPF4) - Sunbelt Software - C:\Program Files\Sunbelt Software\Personal Firewall\kpf4ss.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe

merci beaucoup d'avance pour votre aide
je compte sur vous, vous etes super au top en general
A++
Configuration: Windows XP
Internet Explorer 6.0

13 réponses

  1. isa_41
     
    bonjour

    apparament tu as un sacré problème
    je serais toi si tu n'arrive a rien faire car il est trop long
    c'est peut etre une solution radicale mais assez éfficasse
    passe part le formatage surtout sauvarde bien toutes tes donner que tu veux garder car après le formatage tu n'aurras plus rien
    contrôle également que tu à bien tout les cd d'instalation avant de le formater
    pour pouvoir les réinstaler

    bon courrage
    0
  2. nadine3324 Messages postés 221 Statut Membre 2
     
    salut
    merci de ta rep rapide
    je passe spyboot, je l'ai dejà sur mon pc, mais tout a l'heure je n'y suis pas arrivé
    comme je l'ai dis dans mon message j'ai arreté de la passé
    je réessaye et te recontacte
    merci
    0
  3. nadine3324 Messages postés 221 Statut Membre 2
     
    salut
    tu dis que j'ai un sacré problème
    mais peux tu m'en dire un peu plus sur le problème
    merci de ton aide
    0
  4. Vous n’avez pas trouvé la réponse que vous recherchez ?

    Posez votre question
  5. isa_41
     
    bonjour

    pour moir si le spybot l'antivirus ne t'aide pas c'est que tu as un virus plus important que l'on pourais croire
    donc pour moi sa veudire formatage mais comme je ne suis pas une pro ça n'engage que moi je lé fait sur le mien et depuis ça fonctionne

    donc je te le conseille

    après c'est à toi de voir
    0
  6. nadine3324 Messages postés 221 Statut Membre 2
     
    merci de ton aide
    mais avec l'aide des petits génies de ce site j'ai déjà réussi a enlever des super virus
    donc avant de formater, je fais confiance au pros de ce site
    merci quand meme de ton aide
    0
  7. nadine3324 Messages postés 221 Statut Membre 2
     
    re
    je viens de passer spybot
    ça a été un peu long mais il a rien trouver
    que dois je faire maintenant
    peux tu me dire les problèmes que tu as trouvé sur mon pc

    merci de ton aide
    A++
    0
  8. nadine3324 Messages postés 221 Statut Membre 2
     
    kelkun peu m'aider
    merci d'avance
    0
  9. nadine3324 Messages postés 221 Statut Membre 2
     
    salut à tous

    voici le rapport sdfix

    SDFix: Version 1.118

    Run by nous on 13/12/2007 at 13:20

    Microsoft Windows XP [version 5.1.2600]

    Running From: C:\DOCUME~1\nous\Bureau\sdfix\SDFix

    Safe Mode:
    Checking Services:

    Restoring Windows Registry Values
    Restoring Windows Default Hosts File

    Rebooting...

    Normal Mode:
    Checking Files:

    Trojan Files Found:

    C:\WINDOWS\system32\TFTP1132 - Deleted
    C:\WINDOWS\system32\TFTP2308 - Deleted
    C:\WINDOWS\system32\TFTP3020 - Deleted

    Removing Temp Files...

    ADS Check:

    C:\WINDOWS
    No streams found.

    C:\WINDOWS\system32
    No streams found.

    C:\WINDOWS\system32\svchost.exe
    No streams found.

    C:\WINDOWS\system32\ntoskrnl.exe
    No streams found.

    Final Check:

    catchme 0.3.1262.1 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
    Rootkit scan 2007-12-13 13:29:22
    Windows 5.1.2600 Service Pack 2 NTFS

    scanning hidden processes ...

    IPC error: 2 Le fichier spécifié est introuvable.
    scanning hidden services & system hive ...

    scanning hidden registry entries ...

    scanning hidden files ...

    C:\Documents and Settings\nous\Local Settings\Application Data\Microsoft\Messenger\nico_a_le_style@hotmail.com\SharingMetadata\ben.gauffre@hotmail.fr\DFSR\Staging\CS{DD6E57D7-D97E-C717-4DED-18160ADE9D1B}\01\14-{DD6E57D7-D97E-C717-4DED-18160ADE9D1B}-v1-{F71A0AFB-BB5B-4B06-AC78-65546EBC5ED4}-v14-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS 8 bytes hidden from API
    C:\Documents and Settings\nous\Local Settings\Application Data\Microsoft\Messenger\nico_a_le_style@hotmail.com\SharingMetadata\tuning.maths@hotmail.fr\DFSR\Staging\CS{F96D8D5F-510F-1F21-BA96-2FAFDCD5EF35}\01\10-{F96D8D5F-510F-1F21-BA96-2FAFDCD5EF35}-v1-{F71A0AFB-BB5B-4B06-AC78-65546EBC5ED4}-v10-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS 8 bytes hidden from API
    C:\Documents and Settings\nous\Local Settings\Application Data\Microsoft\Messenger\nico_a_le_style@hotmail.com\SharingMetadata\tuning.maths@hotmail.fr\DFSR\Staging\CS{F96D8D5F-510F-1F21-BA96-2FAFDCD5EF35}\32\11-{D623B0C2-B4C5-4CD2-9BCC-1C68D291A028}-v32-{F71A0AFB-BB5B-4B06-AC78-65546EBC5ED4}-v11-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1 5844 bytes hidden from API
    C:\Documents and Settings\nous\Local Settings\Application Data\Microsoft\Messenger\nico_a_le_style@hotmail.com\SharingMetadata\tuning.maths@hotmail.fr\DFSR\Staging\CS{F96D8D5F-510F-1F21-BA96-2FAFDCD5EF35}\32\11-{D623B0C2-B4C5-4CD2-9BCC-1C68D291A028}-v32-{F71A0AFB-BB5B-4B06-AC78-65546EBC5ED4}-v11-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS 648 bytes hidden from API
    C:\Documents and Settings\nous\Local Settings\Application Data\Microsoft\Messenger\nico_a_le_style@hotmail.com\SharingMetadata\virg_56@hotmail.fr\DFSR\Staging\CS{2FA02C89-D2A8-1E51-FC58-EB1B81C24E0D}\01\13-{2FA02C89-D2A8-1E51-FC58-EB1B81C24E0D}-v1-{F71A0AFB-BB5B-4B06-AC78-65546EBC5ED4}-v13-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS 8 bytes hidden from API
    C:\Documents and Settings\nous\Local Settings\Application Data\Microsoft\Messenger\nico_a_le_style@hotmail.com\SharingMetadata\virg_56@hotmail.fr\DFSR\Staging\CS{2FA02C89-D2A8-1E51-FC58-EB1B81C24E0D}\75\11-{09AEB091-3E94-47B1-8C31-CD1B85F71048}-v75-{517457BA-AFDD-4724-8073-488778015D26}-v11-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS 128 bytes hidden from API
    C:\Documents and Settings\nous\Local Settings\Application Data\Microsoft\Messenger\nico_a_le_style@hotmail.com\SharingMetadata\virg_56@hotmail.fr\DFSR\Staging\CS{2FA02C89-D2A8-1E51-FC58-EB1B81C24E0D}\78\16-{09AEB091-3E94-47B1-8C31-CD1B85F71048}-v78-{4C1F1C49-636F-423C-B9C3-42377A26CB18}-v16-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS 160 bytes hidden from API
    C:\Documents and Settings\nous\Local Settings\Application Data\Microsoft\Messenger\nidan3324@hotmail.fr\SharingMetadata\didierdu12@hotmail.fr\DFSR\Staging\CS{7CBD1A76-4DDE-7B04-46C6-602BEBBFBE0D}\01\10-{7CBD1A76-4DDE-7B04-46C6-602BEBBFBE0D}-v1-{29CF6D80-871A-47B4-9EB6-7FC8AECC1D36}-v10-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS 8 bytes hidden from API

    scan completed successfully
    hidden processes: 0
    hidden services: 0
    hidden files: 8

    Remaining Services:
    ------------------

    Authorized Application Key Export:

    [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

    [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

    Remaining Files:
    ---------------

    File Backups: - C:\DOCUME~1\nous\Bureau\sdfix\SDFix\backups\backups.zip

    Files with Hidden Attributes:

    Fri 26 Oct 2007 5,903,928 A..H. --- "C:\Program Files\Picasa2\setup.exe"
    Mon 9 Oct 2006 4,348 ..SH. --- "C:\Documents and Settings\All Users\DRM\DRMv1.bak"

    Finished!

    et voilà un nouveau hijackthis

    Logfile of HijackThis v1.99.1
    Scan saved at 13:43:18, on 13/12/2007
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
    C:\Program Files\Alwil Software\Avast4\ashServ.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\WINDOWS\Explorer.EXE
    C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
    C:\WINDOWS\System32\FTRTSVC.exe
    C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
    C:\WINDOWS\System32\nvsvc32.exe
    C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
    C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
    C:\WINDOWS\system32\WgaTray.exe
    C:\WINDOWS\system32\wscntfy.exe
    C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
    C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
    C:\PROGRA~1\Wanadoo\TaskBarIcon.exe
    C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
    C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
    C:\WINDOWS\system32\wuauclt.exe
    C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
    C:\PROGRA~1\Wanadoo\GestionnaireInternet.exe
    C:\PROGRA~1\Wanadoo\ComComp.exe
    C:\Program Files\D-Link\D-Link AirPlus G+ Wireless Adapter Utility\DWLGTI.EXE
    C:\PROGRA~1\Wanadoo\Toaster.exe
    C:\PROGRA~1\Wanadoo\Inactivity.exe
    C:\PROGRA~1\Wanadoo\PollingModule.exe
    C:\WINDOWS\System32\ALERTM~1\ALERTM~1.EXE
    C:\Program Files\TimeLeft3\TimeLeft.exe
    C:\PROGRA~1\Wanadoo\Watch.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\Program Files\WinRAR\WinRAR.exe
    C:\DOCUME~1\nous\LOCALS~1\Temp\Rar$EX00.469\HijackThis.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.orange.fr/portail
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
    R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\PROGRA~1\Wanadoo\SEARCH~1.DLL
    O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
    O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
    O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
    O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.1.615.5858\swg.dll
    O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
    O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
    O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
    O4 - HKLM\..\Run: [EPSON Stylus Photo R240 Series (Copie 1)] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIAHE.EXE /P40 "EPSON Stylus Photo R240 Series (Copie 1)" /O5 "LPT1:" /M "Stylus Photo R240"
    O4 - HKLM\..\Run: [EPSON Stylus Photo R240 Series (Copie 2)] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIAHE.EXE /P40 "EPSON Stylus Photo R240 Series (Copie 2)" /O5 "LPT1:" /M "Stylus Photo R240"
    O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
    O4 - HKLM\..\Run: [WOOWATCH] C:\PROGRA~1\Wanadoo\Watch.exe
    O4 - HKLM\..\Run: [WOOTASKBARICON] C:\PROGRA~1\Wanadoo\GestMaj.exe TaskBarIcon.exe
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
    O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
    O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
    O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
    O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
    O4 - HKCU\..\Run: [WOOKIT] C:\PROGRA~1\Wanadoo\Shell.exe appLaunchClientZone.shl|PARAM= cnx
    O4 - Startup: TimeLeft.lnk = C:\Program Files\TimeLeft3\TimeLeft.exe
    O4 - Global Startup: D-Link AirPlus G+ Wireless Adapter Utility.lnk = C:\Program Files\D-Link\D-Link AirPlus G+ Wireless Adapter Utility\DWLGTI.EXE
    O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
    O9 - Extra button: Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
    O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
    O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
    O9 - Extra button: Orange - {1462651F-F4BA-4C76-A001-C4284D0FE16E} - https://www.orange.fr/portail (file missing) (HKCU)
    O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://www.kaspersky.com/kos/eng/partner/71365/kavwebscan_unicode.cab
    O16 - DPF: {6E5E167B-1566-4316-B27F-0DDAB3484CF7} (Image Uploader Control) - http://www.mypix.com/importer/ImageUploader4.cab
    O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
    O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
    O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
    O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
    O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
    O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
    O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
    O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
    O23 - Service: Boonty Games - Unknown owner - C:\Program Files\Fichiers communs\BOONTY Shared\Service\Boonty.exe (file missing)
    O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom - C:\WINDOWS\System32\FTRTSVC.exe
    O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
    O23 - Service: Sunbelt Kerio Personal Firewall 4 (KPF4) - Sunbelt Software - C:\Program Files\Sunbelt Software\Personal Firewall\kpf4ss.exe
    O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe

    merci de ton aide
    0
  10. nadine3324 Messages postés 221 Statut Membre 2
     
    voilà je viens de passer combo, le rapport est dessous
    merci de me dire ce que tu en penses et ce que je dois faire
    A++

    ComboFix 07-12-12.3 - nous 2007-12-18 13:25:49.2 - NTFSx86
    Running from: C:\Documents and Settings\nous\Bureau\ComboFix.exe
    .

    ((((((((((((((((((((((((((((( Fichiers cr‚‚s 2007-11-18 to 2007-12-18 ))))))))))))))))))))))))))))))))))))
    .

    2007-12-17 08:50 . 2007-12-11 23:34 129,784 --------- C:\WINDOWS\system32\pxafs.dll
    2007-12-15 13:17 . 2007-12-15 13:17 0 --a------ C:\WINDOWS\iplayer.INI
    2007-12-15 13:15 . 2007-12-16 14:00 <REP> d-------- C:\Program Files\InterActual
    2007-12-13 13:19 . 2007-12-13 13:19 <REP> d-------- C:\WINDOWS\ERUNT
    2007-12-11 23:35 . 2007-12-11 23:35 524,288 --a------ C:\WINDOWS\system32\DivXsm.exe
    2007-12-11 23:35 . 2007-12-11 23:35 9,878 --a------ C:\WINDOWS\system32\dsm_fr.qm
    2007-12-11 23:35 . 2007-12-11 23:35 4,816 --a------ C:\WINDOWS\system32\divxsm.tlb
    2007-12-11 23:34 . 2007-12-11 23:34 3,596,288 --a------ C:\WINDOWS\system32\qt-dx331.dll
    2007-12-11 23:34 . 2007-12-11 23:34 1,044,480 --a------ C:\WINDOWS\system32\libdivx.dll
    2007-12-11 23:34 . 2007-12-11 23:34 200,704 --a------ C:\WINDOWS\system32\ssldivx.dll
    2007-12-11 23:32 . 2007-12-11 23:32 156,992 --a------ C:\WINDOWS\system32\DivXCodecVersionChecker.exe
    2007-12-11 23:32 . 2007-12-11 23:32 12,288 --a------ C:\WINDOWS\system32\DivXWMPExtType.dll
    2007-12-11 23:32 . 2007-12-11 23:32 8,835 --a------ C:\WINDOWS\system32\dpufr.qm
    2007-12-11 23:32 . 2007-12-11 23:32 3,162 --a------ C:\WINDOWS\system32\dtu_fr.qm
    2007-12-02 18:09 . 2007-12-02 18:32 <REP> d-------- C:\Program Files\Bayo

    .
    (((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
    .
    2007-12-18 12:38 --------- d-----w C:\Program Files\Wanadoo
    2007-12-18 09:03 --------- d-----w C:\Program Files\eMule
    2007-12-17 14:06 --------- d-----w C:\Documents and Settings\All Users\Application Data\Google Updater
    2007-12-17 07:50 --------- d-----w C:\Program Files\DivX
    2007-12-13 12:10 1,301 -c--a-w C:\WINDOWS\system32\drivers\fwdrv.err
    2007-12-12 20:22 --------- d-----w C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
    2007-12-11 22:34 43,528 ------w C:\WINDOWS\system32\drivers\pxhelp20.sys
    2007-12-04 14:56 93,264 ----a-w C:\WINDOWS\system32\drivers\aswmon.sys
    2007-12-04 14:55 94,544 ----a-w C:\WINDOWS\system32\drivers\aswmon2.sys
    2007-12-04 14:53 23,152 ----a-w C:\WINDOWS\system32\drivers\aswRdr.sys
    2007-12-04 14:51 42,912 ----a-w C:\WINDOWS\system32\drivers\aswTdi.sys
    2007-12-04 14:49 26,624 ----a-w C:\WINDOWS\system32\drivers\aavmker4.sys
    2007-12-02 17:40 --------- d-----w C:\Program Files\CartoNavPlus
    2007-12-02 17:33 --------- d--h--w C:\Program Files\InstallShield Installation Information
    2007-11-16 15:43 --------- d-----w C:\Program Files\GamesBar
    2007-11-02 18:38 --------- d-----w C:\Program Files\Fichiers communs\Adobe
    2007-10-30 11:52 --------- d-----w C:\Program Files\CartoNav
    2007-10-30 11:43 49,723 ----a-w C:\Uninstal.exe
    2007-10-26 17:30 --------- d-----w C:\Program Files\Picasa2
    2007-10-24 09:06 --------- d-----w C:\Documents and Settings\All Users\Application Data\Kaspersky Lab
    2007-10-24 08:36 --------- d-----w C:\Program Files\Panda Security
    2007-03-01 11:21 774,144 -c--a-w C:\Program Files\RngInterstitial.dll
    2006-08-24 13:16 10,392,903 ----a-w C:\WINDOWS\Internet Logs\vsmon_on_demand_2006_08_24_15_14_59_full.dmp.zip
    2004-08-20 17:09 62,865 -c--a-w C:\WINDOWS\inf\IM\odysseyIM3.sys
    2004-08-20 17:09 45,056 -c--a-w C:\WINDOWS\inf\IM\imdinst.exe
    2004-08-20 17:09 12,739 -c--a-w C:\WINDOWS\inf\IM\odNetInstall.dll
    2001-11-23 04:08 712,704 -c--a-w C:\WINDOWS\inf\OTHER\audio3d.dll
    .

    ((((((((((((((((((((((((((((( snapshot@2007-12-12_23.38.44.10 )))))))))))))))))))))))))))))))))))))))))
    .
    + 2007-12-11 20:15:23 163,328 ----a-w C:\WINDOWS\ERUNT\SDFIX\ERDNT.EXE
    + 2007-12-13 12:19:48 6,545,408 ----a-w C:\WINDOWS\ERUNT\SDFIX\Users\[u]0[/u]0000001\ntuser.dat
    + 2007-12-13 12:19:48 233,472 ----a-w C:\WINDOWS\ERUNT\SDFIX\Users\[u]0[/u]0000002\UsrClass.dat
    + 2007-12-11 20:15:23 163,328 ----a-w C:\WINDOWS\ERUNT\SDFIX_First_Run\ERDNT.EXE
    + 2007-12-13 12:19:37 6,545,408 ----a-w C:\WINDOWS\ERUNT\SDFIX_First_Run\Users\[u]0[/u]0000001\ntuser.dat
    + 2007-12-13 12:19:37 233,472 ----a-w C:\WINDOWS\ERUNT\SDFIX_First_Run\Users\[u]0[/u]0000002\UsrClass.dat
    - 2006-10-02 19:04:39 635,486 ----a-w C:\WINDOWS\system32\DivX.dll
    + 2007-12-11 22:33:04 682,496 ----a-w C:\WINDOWS\system32\DivX.dll
    - 2006-10-02 19:04:40 806,912 ----a-w C:\WINDOWS\system32\divx_xx07.dll
    + 2007-12-11 22:33:04 823,296 ----a-w C:\WINDOWS\system32\divx_xx07.dll
    - 2006-10-02 19:04:40 806,912 ----a-w C:\WINDOWS\system32\divx_xx0c.dll
    + 2007-12-11 22:33:04 823,296 ----a-w C:\WINDOWS\system32\divx_xx0c.dll
    - 2006-10-02 19:04:40 790,528 ----a-w C:\WINDOWS\system32\divx_xx11.dll
    + 2007-12-11 22:33:04 802,816 ----a-w C:\WINDOWS\system32\divx_xx11.dll
    - 2006-08-10 23:03:58 73,728 ----a-w C:\WINDOWS\system32\dpl100.dll
    + 2007-12-11 22:33:14 81,920 ----a-w C:\WINDOWS\system32\dpl100.dll
    - 2006-07-11 22:54:31 294,912 ----a-w C:\WINDOWS\system32\dpu10.dll
    + 2007-12-11 22:33:06 294,912 ----a-w C:\WINDOWS\system32\dpu10.dll
    - 2006-07-11 22:54:31 294,912 ----a-w C:\WINDOWS\system32\dpu11.dll
    + 2007-12-11 22:33:06 294,912 ----a-w C:\WINDOWS\system32\dpu11.dll
    - 2006-07-11 22:54:34 53,248 ----a-w C:\WINDOWS\system32\dpuGUI10.dll
    + 2007-12-11 22:33:08 53,248 ----a-w C:\WINDOWS\system32\dpuGUI10.dll
    - 2006-07-11 22:54:31 593,920 ----a-w C:\WINDOWS\system32\dpuGUI11.dll
    + 2007-12-11 22:33:06 593,920 ----a-w C:\WINDOWS\system32\dpuGUI11.dll
    - 2006-07-11 22:54:31 344,064 ----a-w C:\WINDOWS\system32\dpus11.dll
    + 2007-12-11 22:33:06 344,064 ----a-w C:\WINDOWS\system32\dpus11.dll
    - 2006-07-11 22:54:31 57,344 ----a-w C:\WINDOWS\system32\dpv11.dll
    + 2007-12-11 22:33:06 57,344 ----a-w C:\WINDOWS\system32\dpv11.dll
    - 2006-08-10 23:03:57 196,608 ----a-w C:\WINDOWS\system32\dtu100.dll
    + 2007-12-11 22:33:14 196,608 ----a-w C:\WINDOWS\system32\dtu100.dll
    - 2006-09-27 21:53:22 514,808 ------w C:\WINDOWS\system32\px.dll
    + 2007-12-11 22:34:50 551,672 ------w C:\WINDOWS\system32\px.dll
    - 2006-07-27 17:28:33 56,832 ------w C:\WINDOWS\system32\pxcpya64.exe
    + 2007-12-11 22:34:50 66,296 ------w C:\WINDOWS\system32\pxcpya64.exe
    - 2006-07-27 17:28:33 108,544 ------w C:\WINDOWS\system32\pxcpyi64.exe
    + 2007-12-11 22:34:50 120,056 ------w C:\WINDOWS\system32\pxcpyi64.exe
    - 2006-09-27 21:53:22 477,944 ------w C:\WINDOWS\system32\pxdrv.dll
    + 2007-12-11 22:34:50 518,904 ------w C:\WINDOWS\system32\pxdrv.dll
    - 2006-09-27 21:53:22 68,344 ------w C:\WINDOWS\system32\pxhpinst.exe
    + 2007-12-11 22:34:52 72,440 ------w C:\WINDOWS\system32\pxhpinst.exe
    - 2006-07-27 17:28:33 56,320 ------w C:\WINDOWS\system32\pxinsa64.exe
    + 2007-12-11 22:34:48 64,760 ------w C:\WINDOWS\system32\pxinsa64.exe
    - 2006-07-27 17:28:33 109,568 ------w C:\WINDOWS\system32\pxinsi64.exe
    + 2007-12-11 22:34:50 118,520 ------w C:\WINDOWS\system32\pxinsi64.exe
    - 2006-09-27 21:53:22 183,032 ------w C:\WINDOWS\system32\pxmas.dll
    + 2007-12-11 22:34:52 187,128 ------w C:\WINDOWS\system32\pxmas.dll
    + 2007-12-11 22:34:50 1,628,920 ------w C:\WINDOWS\system32\pxsfs.dll
    - 2006-09-27 21:53:23 379,640 ------w C:\WINDOWS\system32\pxwave.dll
    + 2007-12-11 22:34:50 379,640 ------w C:\WINDOWS\system32\pxwave.dll
    - 2006-09-27 21:53:23 39,672 ------w C:\WINDOWS\system32\vxblock.dll
    + 2007-12-11 22:34:48 88,824 ------w C:\WINDOWS\system32\vxblock.dll
    + 2007-12-14 17:22:49 16,384 ----atw C:\WINDOWS\Temp\Perflib_Perfdata_6ec.dat
    .
    -- Snapshot reset to current date --
    .
    ((((((((((((((((((((((((((((((((( Point de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))))
    .
    .
    REGEDIT4
    *Note* les ‚l‚ments vides & les ‚l‚ments initiaux l‚gitimes ne sont pas list‚s

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "swg"="C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2007-04-12 18:37]
    "WOOKIT"="C:\PROGRA~1\Wanadoo\Shell.exe" [2004-08-23 13:50]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "avast!"="C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe" [2007-12-04 14:00]
    "NvCplDaemon"="RUNDLL32.exe" [2004-08-19 15:10 C:\WINDOWS\system32\rundll32.exe]
    "EPSON Stylus Photo R240 Series (Copie 1)"="C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIAHE.exe" [2005-04-25 03:00]
    "EPSON Stylus Photo R240 Series (Copie 2)"="C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIAHE.exe" [2005-04-25 03:00]
    "NeroFilterCheck"="C:\WINDOWS\system32\NeroCheck.exe" [2001-07-09 09:50]
    "WOOWATCH"="C:\PROGRA~1\Wanadoo\Watch.exe" [2004-08-23 13:49]
    "WOOTASKBARICON"="C:\PROGRA~1\Wanadoo\GestMaj.exe" [2004-10-14 15:55]
    "SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe" [2007-09-25 00:11]
    "!AVG Anti-Spyware"="C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" [2007-09-04 17:09]
    "QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [2007-09-20 20:38]
    "TkBellExe"="C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" [2007-10-03 09:14]
    "Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2007-05-11 03:06]

    [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
    "CTFMON.EXE"="C:\WINDOWS\System32\CTFMON.EXE" [2004-08-19 15:09]
    "Win32"="illltcj.exe" []
    "Ms System Config"="Mscfg.exe" []

    [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunServices]
    "Ms System Config"="Mscfg.exe" []

    [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\system]
    "DisableRegistryTools"= 0 (0x0)

    [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
    Notification Packages REG_MULTI_SZ scecli scecli scecli scecli scecli

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^nous^Menu Démarrer^Programmes^Démarrage^reminder-Enregistrement du produit ScanSoft.lnk]
    backup=C:\WINDOWS\pss\reminder-Enregistrement du produit ScanSoft.lnkStartup

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^nous^Menu Démarrer^Programmes^Démarrage^Watch.lnk]
    backup=C:\WINDOWS\pss\Watch.lnkStartup

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\C-Media Mixer]
    Mixer.exe /startup

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\InstantAccess]
    C:\PROGRA~1\TEXTBR~1.0\Bin\INSTAN~1.EXE /h

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
    2001-07-09 09:50 155648 --a------ C:\WINDOWS\system32\NeroCheck.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvCplDaemon]
    RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvMediaCenter]
    RUNDLL32.EXE C:\WINDOWS\System32\NvMcTray.dll,NvTaskbarInit

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\nwiz]
    nwiz.exe /install

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
    C:\Program Files\QuickTime\qttask.exe -atboottime

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RegisterDropHandler]
    1998-07-07 15:20 22528 --a--c--- C:\PROGRA~1\TEXTBR~1.0\Bin\REGIST~1.EXE

    R1 fwdrv;Firewall Driver;C:\WINDOWS\system32\drivers\fwdrv.sys
    R1 khips;Kerio HIPS Driver;C:\WINDOWS\system32\drivers\khips.sys
    R3 TNET1130;D-Link AirPlus G+ Wireless Adapter;C:\WINDOWS\system32\DRIVERS\GPlus.sys
    S3 Boonty Games;Boonty Games;"C:\Program Files\Fichiers communs\BOONTY Shared\Service\Boonty.exe"
    S3 odysseyIM3;Odyssey Network Services Miniport;C:\WINDOWS\system32\DRIVERS\odysseyIM3.sys
    S3 SetupNTGLM7X;SetupNTGLM7X;\??\E:\NTGLM7X.sys
    S3 SFC4;SFC4;C:\WINDOWS\system32\drivers\SFC4.sys

    [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{1b696172-36b2-11db-85cd-001346b09cf4}]
    \Shell\AutoRun\command - F:\setupSNK.exe

    [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{412208b0-4873-11db-8675-001346b09cf4}]
    \Shell\AutoRun\command - F:\setupSNK.exe

    .
    **************************************************************************

    catchme 0.3.1333 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
    Rootkit scan 2007-12-18 13:37:39
    Windows 5.1.2600 Service Pack 2 NTFS

    scanning hidden processes ...

    scanning hidden autostart entries ...

    scanning hidden files ...

    scan completed successfully
    hidden files: 0

    **************************************************************************
    .
    Completion time: 2007-12-18 13:40:36 - machine was rebooted
    C:\ComboFix2.txt ... 2007-12-12 23:40
    C:\ComboFix3.txt ... 2006-09-22 14:28
    C:\ComboFix4 ...
    .
    2007-11-10 21:34:44 --- E O F ---
    0
  11. Regis59 Messages postés 21143 Date d'inscription   Statut Contributeur sécurité Dernière intervention   1 349
     
    [*]Télécharge http://cluster1.easy-hebergement.net/
    [*]Dézippe l'archive sur ton Bureau.
    [*]Ouvre le dossier BTFix.
    [*]Double clique sur BTFix.exe.
    [*]Clique sur Rechercher.
    [*]Un rapport va apparaître, copie/colle-le dans ta prochaine réponse.

    ---------------------------------------------

    [*]Ouvre BTFix.
    [*]Clique sur Nettoyer.
    [*]Un rapport va apparaître, copie/colle-le dans ta prochaine réponse.
    0
  12. nadine3324 Messages postés 221 Statut Membre 2
     
    salut
    bon j'espère que t bien réveillé et que ta bien dormi...lol
    voici les 2 rapport

    le combofix :

    ComboFix 07-12-12.3 - nous 2007-12-18 23:13:42.3 - NTFSx86
    Running from: C:\Documents and Settings\nous\Bureau\ComboFix.exe
    .

    ((((((((((((((((((((((((((((( Fichiers cr‚‚s 2007-11-18 to 2007-12-18 ))))))))))))))))))))))))))))))))))))
    .

    2007-12-18 18:49 . 2007-12-18 18:49 54,156 --ah----- C:\WINDOWS\QTFont.qfn
    2007-12-18 18:49 . 2007-12-18 18:49 1,409 --a------ C:\WINDOWS\QTFont.for
    2007-12-17 08:50 . 2007-12-11 23:34 129,784 --------- C:\WINDOWS\system32\pxafs.dll
    2007-12-15 13:17 . 2007-12-15 13:17 0 --a------ C:\WINDOWS\iplayer.INI
    2007-12-15 13:15 . 2007-12-18 14:35 <REP> d-------- C:\Program Files\InterActual
    2007-12-13 13:19 . 2007-12-13 13:19 <REP> d-------- C:\WINDOWS\ERUNT
    2007-12-11 23:35 . 2007-12-11 23:35 524,288 --a------ C:\WINDOWS\system32\DivXsm.exe
    2007-12-11 23:35 . 2007-12-11 23:35 9,878 --a------ C:\WINDOWS\system32\dsm_fr.qm
    2007-12-11 23:35 . 2007-12-11 23:35 4,816 --a------ C:\WINDOWS\system32\divxsm.tlb
    2007-12-11 23:34 . 2007-12-11 23:34 3,596,288 --a------ C:\WINDOWS\system32\qt-dx331.dll
    2007-12-11 23:34 . 2007-12-11 23:34 1,044,480 --a------ C:\WINDOWS\system32\libdivx.dll
    2007-12-11 23:34 . 2007-12-11 23:34 200,704 --a------ C:\WINDOWS\system32\ssldivx.dll
    2007-12-11 23:32 . 2007-12-11 23:32 156,992 --a------ C:\WINDOWS\system32\DivXCodecVersionChecker.exe
    2007-12-11 23:32 . 2007-12-11 23:32 12,288 --a------ C:\WINDOWS\system32\DivXWMPExtType.dll
    2007-12-11 23:32 . 2007-12-11 23:32 8,835 --a------ C:\WINDOWS\system32\dpufr.qm
    2007-12-11 23:32 . 2007-12-11 23:32 3,162 --a------ C:\WINDOWS\system32\dtu_fr.qm
    2007-12-02 18:09 . 2007-12-02 18:32 <REP> d-------- C:\Program Files\Bayo

    .
    (((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
    .
    2007-12-18 22:25 --------- d-----w C:\Program Files\Wanadoo
    2007-12-18 21:32 1,468 -c--a-w C:\WINDOWS\system32\drivers\fwdrv.err
    2007-12-18 20:26 --------- d-----w C:\Program Files\eMule
    2007-12-18 15:07 --------- d-----w C:\Documents and Settings\All Users\Application Data\Google Updater
    2007-12-17 07:50 --------- d-----w C:\Program Files\DivX
    2007-12-12 20:22 --------- d-----w C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
    2007-12-11 22:34 43,528 ------w C:\WINDOWS\system32\drivers\pxhelp20.sys
    2007-12-11 22:34 120,056 ------w C:\WINDOWS\system32\pxcpyi64.exe
    2007-12-11 22:34 118,520 ------w C:\WINDOWS\system32\pxinsi64.exe
    2007-12-11 22:33 823,296 ----a-w C:\WINDOWS\system32\divx_xx0c.dll
    2007-12-11 22:33 823,296 ----a-w C:\WINDOWS\system32\divx_xx07.dll
    2007-12-11 22:33 81,920 ----a-w C:\WINDOWS\system32\dpl100.dll
    2007-12-11 22:33 802,816 ----a-w C:\WINDOWS\system32\divx_xx11.dll
    2007-12-11 22:33 682,496 ----a-w C:\WINDOWS\system32\DivX.dll
    2007-12-11 22:33 593,920 ----a-w C:\WINDOWS\system32\dpuGUI11.dll
    2007-12-11 22:33 57,344 ----a-w C:\WINDOWS\system32\dpv11.dll
    2007-12-11 22:33 53,248 ----a-w C:\WINDOWS\system32\dpuGUI10.dll
    2007-12-11 22:33 344,064 ----a-w C:\WINDOWS\system32\dpus11.dll
    2007-12-11 22:33 294,912 ----a-w C:\WINDOWS\system32\dpu11.dll
    2007-12-11 22:33 294,912 ----a-w C:\WINDOWS\system32\dpu10.dll
    2007-12-11 22:33 196,608 ----a-w C:\WINDOWS\system32\dtu100.dll
    2007-12-04 14:56 93,264 ----a-w C:\WINDOWS\system32\drivers\aswmon.sys
    2007-12-04 14:55 94,544 ----a-w C:\WINDOWS\system32\drivers\aswmon2.sys
    2007-12-04 14:53 23,152 ----a-w C:\WINDOWS\system32\drivers\aswRdr.sys
    2007-12-04 14:51 42,912 ----a-w C:\WINDOWS\system32\drivers\aswTdi.sys
    2007-12-04 14:49 26,624 ----a-w C:\WINDOWS\system32\drivers\aavmker4.sys
    2007-12-04 13:04 837,496 ----a-w C:\WINDOWS\system32\aswBoot.exe
    2007-12-04 12:54 95,608 ----a-w C:\WINDOWS\system32\AVASTSS.scr
    2007-12-02 17:40 --------- d-----w C:\Program Files\CartoNavPlus
    2007-12-02 17:33 --------- d--h--w C:\Program Files\InstallShield Installation Information
    2007-11-02 18:38 --------- d-----w C:\Program Files\Fichiers communs\Adobe
    2007-10-30 11:52 --------- d-----w C:\Program Files\CartoNav
    2007-10-30 11:43 49,723 ----a-w C:\Uninstal.exe
    2007-10-30 11:41 21,840 ----atw C:\WINDOWS\system32\SIntfNT.dll
    2007-10-30 11:41 17,212 ----atw C:\WINDOWS\system32\SIntf32.dll
    2007-10-30 11:41 12,067 ----atw C:\WINDOWS\system32\SIntf16.dll
    2007-10-26 17:30 --------- d-----w C:\Program Files\Picasa2
    2007-10-24 09:06 --------- d-----w C:\Documents and Settings\All Users\Application Data\Kaspersky Lab
    2007-10-24 08:36 --------- d-----w C:\Program Files\Panda Security
    2007-03-01 11:21 774,144 -c--a-w C:\Program Files\RngInterstitial.dll
    2006-08-24 13:16 10,392,903 ----a-w C:\WINDOWS\Internet Logs\vsmon_on_demand_2006_08_24_15_14_59_full.dmp.zip
    2004-08-20 17:09 62,865 -c--a-w C:\WINDOWS\inf\IM\odysseyIM3.sys
    2004-08-20 17:09 45,056 -c--a-w C:\WINDOWS\inf\IM\imdinst.exe
    2004-08-20 17:09 12,739 -c--a-w C:\WINDOWS\inf\IM\odNetInstall.dll
    2001-11-23 04:08 712,704 -c--a-w C:\WINDOWS\inf\OTHER\audio3d.dll
    .

    ((((((((((((((((((((((((((((( snapshot_2007-12-18_13.39.22.09 )))))))))))))))))))))))))))))))))))))))))
    .
    + 2005-05-17 12:22:04 285,472 ----a-w C:\WINDOWS\system32\itiimg3.dll
    + 2007-12-18 22:21:56 16,384 ----atw C:\WINDOWS\Temp\Perflib_Perfdata_6f0.dat
    .
    ((((((((((((((((((((((((((((((((( Point de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))))
    .
    .
    REGEDIT4
    *Note* les ‚l‚ments vides & les ‚l‚ments initiaux l‚gitimes ne sont pas list‚s

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "swg"="C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2007-04-12 18:37]
    "WOOKIT"="C:\PROGRA~1\Wanadoo\Shell.exe" [2004-08-23 13:50]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "avast!"="C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe" [2007-12-04 14:00]
    "NvCplDaemon"="RUNDLL32.exe" [2004-08-19 15:10 C:\WINDOWS\system32\rundll32.exe]
    "EPSON Stylus Photo R240 Series (Copie 1)"="C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIAHE.exe" [2005-04-25 03:00]
    "EPSON Stylus Photo R240 Series (Copie 2)"="C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIAHE.exe" [2005-04-25 03:00]
    "NeroFilterCheck"="C:\WINDOWS\system32\NeroCheck.exe" [2001-07-09 09:50]
    "WOOWATCH"="C:\PROGRA~1\Wanadoo\Watch.exe" [2004-08-23 13:49]
    "WOOTASKBARICON"="C:\PROGRA~1\Wanadoo\GestMaj.exe" [2004-10-14 15:55]
    "SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe" [2007-09-25 00:11]
    "!AVG Anti-Spyware"="C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" [2007-09-04 17:09]
    "QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [2007-09-20 20:38]
    "TkBellExe"="C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" [2007-10-03 09:14]
    "Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2007-05-11 03:06]

    [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
    "CTFMON.EXE"="C:\WINDOWS\System32\CTFMON.EXE" [2004-08-19 15:09]

    [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\system]
    "DisableRegistryTools"= 0 (0x0)

    [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
    Notification Packages REG_MULTI_SZ scecli scecli scecli scecli scecli

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^nous^Menu Démarrer^Programmes^Démarrage^reminder-Enregistrement du produit ScanSoft.lnk]
    backup=C:\WINDOWS\pss\reminder-Enregistrement du produit ScanSoft.lnkStartup

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^nous^Menu Démarrer^Programmes^Démarrage^Watch.lnk]
    backup=C:\WINDOWS\pss\Watch.lnkStartup

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\C-Media Mixer]
    Mixer.exe /startup

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\InstantAccess]
    C:\PROGRA~1\TEXTBR~1.0\Bin\INSTAN~1.EXE /h

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
    2001-07-09 09:50 155648 --a------ C:\WINDOWS\system32\NeroCheck.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvCplDaemon]
    RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvMediaCenter]
    RUNDLL32.EXE C:\WINDOWS\System32\NvMcTray.dll,NvTaskbarInit

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\nwiz]
    nwiz.exe /install

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
    C:\Program Files\QuickTime\qttask.exe -atboottime

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RegisterDropHandler]
    1998-07-07 15:20 22528 --a--c--- C:\PROGRA~1\TEXTBR~1.0\Bin\REGIST~1.EXE

    R1 fwdrv;Firewall Driver;C:\WINDOWS\system32\drivers\fwdrv.sys
    R1 khips;Kerio HIPS Driver;C:\WINDOWS\system32\drivers\khips.sys
    R3 TNET1130;D-Link AirPlus G+ Wireless Adapter;C:\WINDOWS\system32\DRIVERS\GPlus.sys
    S3 Boonty Games;Boonty Games;"C:\Program Files\Fichiers communs\BOONTY Shared\Service\Boonty.exe"
    S3 odysseyIM3;Odyssey Network Services Miniport;C:\WINDOWS\system32\DRIVERS\odysseyIM3.sys
    S3 SetupNTGLM7X;SetupNTGLM7X;\??\E:\NTGLM7X.sys
    S3 SFC4;SFC4;C:\WINDOWS\system32\drivers\SFC4.sys

    [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{1b696172-36b2-11db-85cd-001346b09cf4}]
    \Shell\AutoRun\command - F:\setupSNK.exe

    [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{412208b0-4873-11db-8675-001346b09cf4}]
    \Shell\AutoRun\command - F:\setupSNK.exe

    .
    **************************************************************************

    catchme 0.3.1333 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
    Rootkit scan 2007-12-18 23:23:49
    Windows 5.1.2600 Service Pack 2 NTFS

    scanning hidden processes ...

    scanning hidden autostart entries ...

    scanning hidden files ...

    scan completed successfully
    hidden files: 0

    **************************************************************************
    .
    Completion time: 2007-12-18 23:27:52 - machine was rebooted
    C:\ComboFix2.txt ... 2007-12-18 13:40
    C:\ComboFix3.txt ... 2007-12-12 23:40
    C:\ComboFix4 ...
    .
    2007-11-10 21:34:44 --- E O F ---

    et hijackthis :

    Logfile of HijackThis v1.99.1
    Scan saved at 23:15, on 2007-12-18
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
    C:\Program Files\Alwil Software\Avast4\ashServ.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\WINDOWS\Explorer.EXE
    C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
    C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
    C:\WINDOWS\System32\FTRTSVC.exe
    C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
    C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
    C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
    C:\PROGRA~1\Wanadoo\TaskBarIcon.exe
    C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
    C:\Program Files\Sunbelt Software\Personal Firewall\kpf4ss.exe
    C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
    C:\PROGRA~1\Wanadoo\GestionnaireInternet.exe
    C:\Program Files\D-Link\D-Link AirPlus G+ Wireless Adapter Utility\DWLGTI.EXE
    C:\PROGRA~1\Wanadoo\ComComp.exe
    C:\Program Files\TimeLeft3\TimeLeft.exe
    C:\PROGRA~1\Wanadoo\Toaster.exe
    C:\PROGRA~1\Wanadoo\Inactivity.exe
    C:\PROGRA~1\Wanadoo\PollingModule.exe
    C:\WINDOWS\System32\nvsvc32.exe
    C:\WINDOWS\System32\ALERTM~1\ALERTM~1.EXE
    C:\Program Files\Sunbelt Software\Personal Firewall\kpf4gui.exe
    C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
    C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
    C:\Program Files\Sunbelt Software\Personal Firewall\kpf4gui.exe
    C:\PROGRA~1\Wanadoo\Watch.exe
    C:\WINDOWS\system32\WgaTray.exe
    C:\WINDOWS\system32\wuauclt.exe
    C:\WINDOWS\system32\wuauclt.exe
    C:\Program Files\MSN Messenger\msnmsgr.exe
    C:\Program Files\MSN Messenger\usnsvc.exe
    C:\WINDOWS\system32\cmd.exe
    C:\WINDOWS\system32\cmd.exe
    C:\ComboFix\nircmd.cfexe
    C:\Program Files\WinRAR\WinRAR.exe
    C:\DOCUME~1\nous\LOCALS~1\Temp\Rar$EX00.516\HijackThis.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
    R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\PROGRA~1\Wanadoo\SEARCH~1.DLL
    O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
    O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
    O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
    O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.1.615.5858\swg.dll
    O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
    O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
    O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
    O4 - HKLM\..\Run: [EPSON Stylus Photo R240 Series (Copie 1)] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIAHE.EXE /P40 "EPSON Stylus Photo R240 Series (Copie 1)" /O5 "LPT1:" /M "Stylus Photo R240"
    O4 - HKLM\..\Run: [EPSON Stylus Photo R240 Series (Copie 2)] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIAHE.EXE /P40 "EPSON Stylus Photo R240 Series (Copie 2)" /O5 "LPT1:" /M "Stylus Photo R240"
    O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
    O4 - HKLM\..\Run: [WOOWATCH] C:\PROGRA~1\Wanadoo\Watch.exe
    O4 - HKLM\..\Run: [WOOTASKBARICON] C:\PROGRA~1\Wanadoo\GestMaj.exe TaskBarIcon.exe
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
    O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
    O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
    O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
    O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
    O4 - HKCU\..\Run: [WOOKIT] C:\PROGRA~1\Wanadoo\Shell.exe appLaunchClientZone.shl|PARAM= cnx
    O4 - Startup: TimeLeft.lnk = C:\Program Files\TimeLeft3\TimeLeft.exe
    O4 - Global Startup: D-Link AirPlus G+ Wireless Adapter Utility.lnk = C:\Program Files\D-Link\D-Link AirPlus G+ Wireless Adapter Utility\DWLGTI.EXE
    O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
    O9 - Extra button: Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
    O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
    O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
    O9 - Extra button: Orange - {1462651F-F4BA-4C76-A001-C4284D0FE16E} - https://www.orange.fr/portail (file missing) (HKCU)
    O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://www.kaspersky.com/kos/eng/partner/71365/kavwebscan_unicode.cab
    O16 - DPF: {6E5E167B-1566-4316-B27F-0DDAB3484CF7} (Image Uploader Control) - http://www.mypix.com/importer/ImageUploader4.cab
    O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
    O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
    O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
    O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
    O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
    O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
    O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
    O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
    O23 - Service: Boonty Games - Unknown owner - C:\Program Files\Fichiers communs\BOONTY Shared\Service\Boonty.exe (file missing)
    O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom - C:\WINDOWS\System32\FTRTSVC.exe
    O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
    O23 - Service: Sunbelt Kerio Personal Firewall 4 (KPF4) - Sunbelt Software - C:\Program Files\Sunbelt Software\Personal Firewall\kpf4ss.exe
    O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe

    tu en penses koi ???
    je me connectes sur msn mercredi midi et mercredi soir
    A++ et encore merci beaucoup
    0
  13. Regis59 Messages postés 21143 Date d'inscription   Statut Contributeur sécurité Dernière intervention   1 349
     
    Nadine,

    Ou en sont tes soucis?

    A+
    0