Erreur processing...
Fermé
zouav
-
10 sept. 2008 à 15:04
geoffrey5 Messages postés 13732 Date d'inscription dimanche 20 mai 2007 Statut Contributeur sécurité Dernière intervention 21 mai 2010 - 11 sept. 2008 à 13:16
geoffrey5 Messages postés 13732 Date d'inscription dimanche 20 mai 2007 Statut Contributeur sécurité Dernière intervention 21 mai 2010 - 11 sept. 2008 à 13:16
A voir également:
- Erreur processing...
- Erreur 0x80070643 - Accueil - Windows
- Erreur 0x80070643 Windows 10 : comment résoudre le problème de la mise à jour KB5001716 - Accueil - Windows
- Erreur 1001 outlook - Accueil - Bureautique
- Erreur vidéo freebox ✓ - Forum TV & Vidéo
- Une erreur s'est produite instagram ✓ - Forum Instagram
20 réponses
geoffrey5
Messages postés
13732
Date d'inscription
dimanche 20 mai 2007
Statut
Contributeur sécurité
Dernière intervention
21 mai 2010
10
10 sept. 2008 à 15:07
10 sept. 2008 à 15:07
Salut !!
ton rapport hijackthis est incomplet :s
ton rapport hijackthis est incomplet :s
geoffrey5
Messages postés
13732
Date d'inscription
dimanche 20 mai 2007
Statut
Contributeur sécurité
Dernière intervention
21 mai 2010
10
10 sept. 2008 à 15:07
10 sept. 2008 à 15:07
Comment copier/coller le rapport :
Quand tu as le rapport à l écran, tu fais ctrl A pour "sélectionner tout" puis ctrl C pour "copier".
ensuite tu viens sur le forum pour me répondre et tu fais ctrl V pour "coller" le rapport.
Une explication des raccourcis clavier sont illustrés à cette adresse :
https://www.androidworld.fr/
Quand tu as le rapport à l écran, tu fais ctrl A pour "sélectionner tout" puis ctrl C pour "copier".
ensuite tu viens sur le forum pour me répondre et tu fais ctrl V pour "coller" le rapport.
Une explication des raccourcis clavier sont illustrés à cette adresse :
https://www.androidworld.fr/
ok désolé
voilli
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 14:47:54, on 10/09/2008
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)
Boot mode: Normal
Running processes:
I:\WINDOWS\System32\smss.exe
I:\WINDOWS\system32\winlogon.exe
I:\WINDOWS\system32\services.exe
I:\WINDOWS\system32\lsass.exe
I:\WINDOWS\system32\svchost.exe
I:\Program Files\Windows Defender\MsMpEng.exe
I:\WINDOWS\System32\svchost.exe
I:\WINDOWS\system32\ZoneLabs\vsmon.exe
I:\WINDOWS\Explorer.EXE
I:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
I:\Program Files\Alwil Software\Avast4\ashServ.exe
I:\WINDOWS\system32\spoolsv.exe
I:\WINDOWS\System32\FTRTSVC.exe
I:\WINDOWS\system32\nvsvc32.exe
I:\WINDOWS\system32\svchost.exe
I:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
I:\Program Files\Alwil Software\Avast4\ashWebSv.exe
I:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
I:\WINDOWS\system32\RunDll32.exe
I:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
I:\WINDOWS\system32\ctfmon.exe
I:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
I:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpohmr08.exe
I:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe
I:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpoevm08.exe
I:\Program Files\Hewlett-Packard\Digital Imaging\Bin\hpoSTS08.exe
I:\Program Files\Windows Live\Messenger\usnsvc.exe
I:\PROGRA~1\Wanadoo\Toaster.exe
I:\PROGRA~1\Wanadoo\Inactivity.exe
I:\PROGRA~1\Wanadoo\PollingModule.exe
I:\WINDOWS\System32\ALERTM~1\ALERTM~1.EXE
I:\Program Files\Wanadoo\GestionnaireInternet.exe
I:\Program Files\Wanadoo\ComComp.exe
I:\Program Files\Wanadoo\Watch.exe
I:\Program Files\Spybot - Search & Destroy\SpybotSD.exe
I:\Documents and Settings\nico\Bureau\HiJackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.orange.fr/portail
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Orange
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - I:\PROGRA~1\Wanadoo\SEARCH~1.DLL
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - I:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - I:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: ZoneAlarm Spy Blocker BHO - {F0D4B231-DA4B-4daf-81E4-DFEE4931A4AA} - I:\Program Files\ZoneAlarmSB\bar\2.bin\SPYBLOCK.DLL
O3 - Toolbar: ZoneAlarm Spy Blocker - {F0D4B239-DA4B-4daf-81E4-DFEE4931A4AA} - I:\Program Files\ZoneAlarmSB\bar\2.bin\SPYBLOCK.DLL
O4 - HKLM\..\Run: [avast!] I:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE I:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [WOOWATCH] I:\PROGRA~1\Wanadoo\Watch.exe
O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd
O4 - HKLM\..\Run: [ZoneAlarm Client] "I:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] I:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [WOOKIT] I:\PROGRA~1\Wanadoo\Shell.exe appLaunchClientZone.shl|PARAM= cnx
O4 - HKCU\..\Run: [SpybotSD TeaTimer] I:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [Phase24FireWireService] "I:\Program Files\Fichiers communs\TerraTec\PhaseFW\driver\PhaseFWService.exe"
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] I:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] I:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] I:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] I:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: hp psc 1000 series.lnk = ?
O4 - Global Startup: hpoddt01.exe.lnk = ?
O9 - Extra button: Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - I:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - I:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - I:\Program Files\Java\jre1.6.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - I:\Program Files\Java\jre1.6.0_06\bin\ssv.dll
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - I:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - I:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - I:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - I:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - I:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - I:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: Orange - {1462651F-F4BA-4C76-A001-C4284D0FE16E} - https://www.orange.fr/portail (file missing) (HKCU)
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - I:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - I:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - I:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - I:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom - I:\WINDOWS\System32\FTRTSVC.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - I:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Pml Driver HPZ12 - HP - I:\WINDOWS\system32\HPZipm12.exe
O23 - Service: ServiceLayer - Nokia. - I:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: TuneUp Drive Defrag Service (TuneUp.Defrag) - TuneUp Software GmbH - I:\WINDOWS\System32\TuneUpDefragService.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - I:\WINDOWS\system32\ZoneLabs\vsmon.exe
O23 - Service: X10 Device Network Service (x10nets) - X10 - I:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe
voilli
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 14:47:54, on 10/09/2008
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)
Boot mode: Normal
Running processes:
I:\WINDOWS\System32\smss.exe
I:\WINDOWS\system32\winlogon.exe
I:\WINDOWS\system32\services.exe
I:\WINDOWS\system32\lsass.exe
I:\WINDOWS\system32\svchost.exe
I:\Program Files\Windows Defender\MsMpEng.exe
I:\WINDOWS\System32\svchost.exe
I:\WINDOWS\system32\ZoneLabs\vsmon.exe
I:\WINDOWS\Explorer.EXE
I:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
I:\Program Files\Alwil Software\Avast4\ashServ.exe
I:\WINDOWS\system32\spoolsv.exe
I:\WINDOWS\System32\FTRTSVC.exe
I:\WINDOWS\system32\nvsvc32.exe
I:\WINDOWS\system32\svchost.exe
I:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
I:\Program Files\Alwil Software\Avast4\ashWebSv.exe
I:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
I:\WINDOWS\system32\RunDll32.exe
I:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
I:\WINDOWS\system32\ctfmon.exe
I:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
I:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpohmr08.exe
I:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe
I:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpoevm08.exe
I:\Program Files\Hewlett-Packard\Digital Imaging\Bin\hpoSTS08.exe
I:\Program Files\Windows Live\Messenger\usnsvc.exe
I:\PROGRA~1\Wanadoo\Toaster.exe
I:\PROGRA~1\Wanadoo\Inactivity.exe
I:\PROGRA~1\Wanadoo\PollingModule.exe
I:\WINDOWS\System32\ALERTM~1\ALERTM~1.EXE
I:\Program Files\Wanadoo\GestionnaireInternet.exe
I:\Program Files\Wanadoo\ComComp.exe
I:\Program Files\Wanadoo\Watch.exe
I:\Program Files\Spybot - Search & Destroy\SpybotSD.exe
I:\Documents and Settings\nico\Bureau\HiJackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.orange.fr/portail
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Orange
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - I:\PROGRA~1\Wanadoo\SEARCH~1.DLL
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - I:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - I:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: ZoneAlarm Spy Blocker BHO - {F0D4B231-DA4B-4daf-81E4-DFEE4931A4AA} - I:\Program Files\ZoneAlarmSB\bar\2.bin\SPYBLOCK.DLL
O3 - Toolbar: ZoneAlarm Spy Blocker - {F0D4B239-DA4B-4daf-81E4-DFEE4931A4AA} - I:\Program Files\ZoneAlarmSB\bar\2.bin\SPYBLOCK.DLL
O4 - HKLM\..\Run: [avast!] I:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE I:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [WOOWATCH] I:\PROGRA~1\Wanadoo\Watch.exe
O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd
O4 - HKLM\..\Run: [ZoneAlarm Client] "I:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] I:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [WOOKIT] I:\PROGRA~1\Wanadoo\Shell.exe appLaunchClientZone.shl|PARAM= cnx
O4 - HKCU\..\Run: [SpybotSD TeaTimer] I:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [Phase24FireWireService] "I:\Program Files\Fichiers communs\TerraTec\PhaseFW\driver\PhaseFWService.exe"
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] I:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] I:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] I:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] I:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: hp psc 1000 series.lnk = ?
O4 - Global Startup: hpoddt01.exe.lnk = ?
O9 - Extra button: Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - I:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - I:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - I:\Program Files\Java\jre1.6.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - I:\Program Files\Java\jre1.6.0_06\bin\ssv.dll
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - I:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - I:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - I:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - I:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - I:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - I:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: Orange - {1462651F-F4BA-4C76-A001-C4284D0FE16E} - https://www.orange.fr/portail (file missing) (HKCU)
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - I:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - I:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - I:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - I:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom - I:\WINDOWS\System32\FTRTSVC.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - I:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Pml Driver HPZ12 - HP - I:\WINDOWS\system32\HPZipm12.exe
O23 - Service: ServiceLayer - Nokia. - I:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: TuneUp Drive Defrag Service (TuneUp.Defrag) - TuneUp Software GmbH - I:\WINDOWS\System32\TuneUpDefragService.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - I:\WINDOWS\system32\ZoneLabs\vsmon.exe
O23 - Service: X10 Device Network Service (x10nets) - X10 - I:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe
geoffrey5
Messages postés
13732
Date d'inscription
dimanche 20 mai 2007
Statut
Contributeur sécurité
Dernière intervention
21 mai 2010
10
10 sept. 2008 à 15:12
10 sept. 2008 à 15:12
je ne vois pas d infections dans ton rapport mais fais quand meme ceci stp :
Télécharger sur le bureau malwarebytes à cette adresse :
https://www.androidworld.fr/
Voici un tuto pour bien l installer et bien l utiliser :
https://www.androidworld.fr/
aide toi bien du tuto pour supprimer correctement ce qu il aura trouvé
Après l analyse, redémarrer le pc et poste le rapport !!
as tu essayer de le désinstaller et le réinstaller ??
Télécharger sur le bureau malwarebytes à cette adresse :
https://www.androidworld.fr/
Voici un tuto pour bien l installer et bien l utiliser :
https://www.androidworld.fr/
aide toi bien du tuto pour supprimer correctement ce qu il aura trouvé
Après l analyse, redémarrer le pc et poste le rapport !!
as tu essayer de le désinstaller et le réinstaller ??
Vous n’avez pas trouvé la réponse que vous recherchez ?
Posez votre question
re
alors l'examen rapide n'a rien decelé
sinon j'ai juste essayé de reinstaller spybot sans le désinstaller avant je vais donc essayer
alors l'examen rapide n'a rien decelé
sinon j'ai juste essayé de reinstaller spybot sans le désinstaller avant je vais donc essayer
geoffrey5
Messages postés
13732
Date d'inscription
dimanche 20 mai 2007
Statut
Contributeur sécurité
Dernière intervention
21 mai 2010
10
10 sept. 2008 à 15:24
10 sept. 2008 à 15:24
fais quand meme une analyse complete stp
geoffrey5
Messages postés
13732
Date d'inscription
dimanche 20 mai 2007
Statut
Contributeur sécurité
Dernière intervention
21 mai 2010
10
10 sept. 2008 à 15:25
10 sept. 2008 à 15:25
pourquoi ?? tu as un virus msn ??
geoffrey5
Messages postés
13732
Date d'inscription
dimanche 20 mai 2007
Statut
Contributeur sécurité
Dernière intervention
21 mai 2010
10
10 sept. 2008 à 20:21
10 sept. 2008 à 20:21
tu as refais une analyse complete avec malwarebytes ??
re
desolé pour hier j'ai du m'absenter
ceci dit j'avais bien fait une analyse complete avec malware...rien à signaler,je vais donc desinstaler puis réinstaler spybot
desolé pour hier j'ai du m'absenter
ceci dit j'avais bien fait une analyse complete avec malware...rien à signaler,je vais donc desinstaler puis réinstaler spybot
j'ai donc désinstaller puis reinstalé msn fix et spybot pas de changement,toujours le meme message erreur...
geoffrey5
Messages postés
13732
Date d'inscription
dimanche 20 mai 2007
Statut
Contributeur sécurité
Dernière intervention
21 mai 2010
10
11 sept. 2008 à 11:37
11 sept. 2008 à 11:37
Salut !!
télécharge combofix (par sUBs) à cette adresse :
(c est le numéro 5 en bas de la page) : https://www.androidworld.fr/
et enregistre le sur le Bureau.
désactive tes protections et ferme toutes tes applications(antivirus, parefeu, garde en temps réel de l'antispyware)
Voici un tuto pour bien l'installer et savoir l utiliser : https://www.androidworld.fr/
ensuite envois le rapport et refais un nouveau rapport hijackthis stp
télécharge combofix (par sUBs) à cette adresse :
(c est le numéro 5 en bas de la page) : https://www.androidworld.fr/
et enregistre le sur le Bureau.
désactive tes protections et ferme toutes tes applications(antivirus, parefeu, garde en temps réel de l'antispyware)
Voici un tuto pour bien l'installer et savoir l utiliser : https://www.androidworld.fr/
ensuite envois le rapport et refais un nouveau rapport hijackthis stp
ok voila le rapport!!!???hum
ComboFix 08-09-10.04 - nico 2008-09-11 12:51:48.1 - NTFSx86
Microsoft Windows XP Édition familiale 5.1.2600.3.1252.1.1036.18.653 [GMT 2:00]
Endroit: I:\Documents and Settings\nico\Bureau\ComboFix2.exe
* Création d'un nouveau point de restauration
[color=red][b]AVERTISSEMENT - LA CONSOLE DE RÉCUPÉRATION N'EST PAS INSTALLÉE SUR CETTE MACHINE !![/b][/color]
.
((((((((((((((((((((((((((((( Fichiers créés 2008-08-11 to 2008-09-11 ))))))))))))))))))))))))))))))))))))
.
2008-09-11 11:27 . 2008-09-11 11:29 <REP> d-------- I:\Program Files\Spybot - Search & Destroy
2008-09-11 11:27 . 2008-09-11 11:27 <REP> d-------- I:\Program Files\MSNFix
2008-09-10 15:16 . 2008-09-10 15:17 <REP> d-------- I:\Program Files\Malwarebytes' Anti-Malware
2008-09-10 15:16 . 2008-09-10 15:16 <REP> d-------- I:\Documents and Settings\nico\Application Data\Malwarebytes
2008-09-10 15:16 . 2008-09-10 15:16 <REP> d-------- I:\Documents and Settings\All Users\Application Data\Malwarebytes
2008-09-10 15:16 . 2008-09-10 00:04 38,528 --a------ I:\WINDOWS\system32\drivers\mbamswissarmy.sys
2008-09-10 15:16 . 2008-09-10 00:03 17,200 --a------ I:\WINDOWS\system32\drivers\mbam.sys
2008-09-09 04:49 . 2008-09-09 04:49 <REP> d-------- I:\Documents and Settings\nico\Application Data\TuneUp Software
2008-09-09 04:49 . 2008-09-09 04:49 355,584 --a------ I:\WINDOWS\system32\TuneUpDefragService.exe
2008-09-09 04:49 . 2008-05-29 09:28 28,416 --a------ I:\WINDOWS\system32\uxtuneup.dll
2008-09-09 04:48 . 2008-09-09 04:49 <REP> d-------- I:\Program Files\TuneUp Utilities 2008
2008-09-09 04:48 . 2008-09-09 04:48 <REP> d-------- I:\Program Files\Fichiers communs\Wise Installation Wizard
2008-09-09 04:48 . 2008-09-09 04:48 <REP> d-------- I:\Documents and Settings\All Users\Application Data\TuneUp Software
2008-09-08 11:50 . 2008-09-08 11:50 <REP> d-------- I:\Program Files\Microsoft Silverlight
2008-09-03 00:52 . 2008-09-03 00:52 <REP> d-------- I:\Program Files\Securitoo
2008-09-03 00:52 . 2008-09-03 00:52 <REP> d-------- I:\Program Files\CCleaner
2008-09-03 00:52 . 2008-09-03 00:52 <REP> d-------- I:\Documents and Settings\All Users\Application Data\MailFrontier
2008-09-03 00:51 . 2008-09-03 00:51 <REP> d-------- I:\Program Files\Podmailing
2008-09-01 00:18 . 2008-09-03 00:52 <REP> d-------- I:\Program Files\Zattoo
2008-08-30 15:48 . 2008-07-07 22:28 253,952 -----c--- I:\WINDOWS\system32\dllcache\es.dll
2008-08-30 15:48 . 2008-06-24 18:44 74,240 -----c--- I:\WINDOWS\system32\dllcache\mscms.dll
2008-08-30 15:47 . 2008-06-26 10:13 1,499,648 -----c--- I:\WINDOWS\system32\dllcache\shdocvw.dll
2008-08-30 15:47 . 2008-04-11 21:05 691,712 -----c--- I:\WINDOWS\system32\dllcache\inetcomm.dll
2008-08-30 15:47 . 2008-06-26 10:13 620,544 -----c--- I:\WINDOWS\system32\dllcache\urlmon.dll
2008-08-30 13:53 . 2008-09-03 00:58 <REP> d-------- I:\Program Files\Windows Defender
2008-08-26 14:17 . 2008-09-03 00:51 <REP> d-------- I:\Program Files\Podmailing(2)
2008-08-25 21:05 . 2008-09-03 00:51 <REP> d-------- I:\Program Files\Phun
2008-08-18 17:11 . 2008-08-18 17:11 <REP> d-------- I:\Documents and Settings\nico\Application Data\Template
2008-08-18 17:11 . 2008-08-18 17:12 106 --a------ I:\Documents and Settings\nico\Application Data\wklnhst.dat
2008-08-18 17:05 . 2008-08-30 15:41 <REP> d-------- I:\Program Files\Microsoft Works
2008-08-16 16:38 . 2008-08-16 16:38 <REP> d-------- I:\WINDOWS\system32\LogFiles
2008-08-14 04:09 . 2008-09-11 12:53 5,017,632 --ahs---- I:\WINDOWS\system32\drivers\fidbox.dat
2008-08-14 04:09 . 2008-09-11 11:22 60,008 --ahs---- I:\WINDOWS\system32\drivers\fidbox.idx
2008-08-14 04:07 . 2008-08-14 04:07 <REP> d-------- I:\Program Files\ZoneAlarmSB
2008-08-14 04:05 . 2008-09-03 00:52 <REP> d-------- I:\WINDOWS\system32\ZoneLabs
2008-08-14 04:05 . 2008-08-14 04:05 <REP> d-------- I:\Program Files\Zone Labs
2008-08-14 04:05 . 2008-09-11 11:23 352,920 --a------ I:\WINDOWS\system32\vsconfig.xml
2008-08-14 04:05 . 2008-08-30 17:12 4,212 ---h----- I:\WINDOWS\system32\zllictbl.dat
2008-08-14 04:04 . 2008-09-11 12:46 <REP> d-------- I:\WINDOWS\Internet Logs
.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-09-11 10:51 --------- d-----w I:\Program Files\Wanadoo
2008-09-11 09:29 --------- d-----w I:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
2008-09-10 22:21 --------- d-----w I:\Documents and Settings\nico\Application Data\foobar2000
2008-09-02 22:51 --------- d-----w I:\Program Files\GUILD WARS(2)
2008-09-02 22:51 --------- d-----w I:\Program Files\Fichiers communs\PCSuite
2008-09-02 21:43 1,094,474 ----a-w I:\WINDOWS\Internet Logs\tvDebug.zip
2008-08-29 12:12 --------- d-----w I:\Program Files\Java
2008-08-28 02:49 --------- d-----w I:\Documents and Settings\nico\Application Data\Podmailing
2008-08-27 20:31 --------- d-----w I:\Documents and Settings\nico\Application Data\DivX
2008-08-06 14:46 --------- d-----w I:\Documents and Settings\nico\Application Data\Nokia Multimedia Player
2008-08-05 15:58 --------- d-----w I:\Program Files\Nokia
2008-08-05 15:57 --------- d-----w I:\Documents and Settings\All Users\Application Data\Installations
2008-08-03 22:18 --------- d--h--w I:\Program Files\InstallShield Installation Information
2008-08-03 22:18 --------- d-----w I:\Program Files\Eidos
2008-07-29 15:07 --------- d-----w I:\Program Files\Qnext
2008-07-21 16:04 --------- d-----w I:\Program Files\GameSpy Arcade
2008-07-21 15:39 --------- d-----w I:\Program Files\Codemasters
2008-07-18 20:10 94,920 ----a-w I:\WINDOWS\system32\cdm.dll
2008-07-18 20:10 53,448 ----a-w I:\WINDOWS\system32\wuauclt.exe
2008-07-18 20:10 45,768 ----a-w I:\WINDOWS\system32\wups2.dll
2008-07-18 20:10 45,768 ----a-w I:\WINDOWS\system32\wups2(2)(2).dll
2008-07-18 20:10 36,552 ----a-w I:\WINDOWS\system32\wups.dll
2008-07-18 20:10 36,552 ----a-w I:\WINDOWS\system32\wups(2)(2).dll
2008-07-18 20:09 563,912 ----a-w I:\WINDOWS\system32\wuapi.dll
2008-07-18 20:09 325,832 ----a-w I:\WINDOWS\system32\wucltui.dll
2008-07-18 20:09 205,000 ----a-w I:\WINDOWS\system32\wuweb.dll
2008-07-18 20:09 1,811,656 ----a-w I:\WINDOWS\system32\wuaueng.dll
2008-07-18 20:07 270,880 ----a-w I:\WINDOWS\system32\mucltui.dll
2008-07-18 20:07 210,976 ----a-w I:\WINDOWS\system32\muweb.dll
2008-07-09 07:05 75,248 ----a-w I:\WINDOWS\zllsputility.exe
2008-07-09 07:05 1,086,952 ----a-w I:\WINDOWS\system32\zpeng24.dll
2008-07-07 20:28 253,952 ----a-w I:\WINDOWS\system32\es.dll
2008-07-07 20:28 253,952 ----a-w I:\WINDOWS\system32\es(5)(2).dll
2008-06-26 08:13 620,544 ----a-w I:\WINDOWS\system32\urlmon(2)(2).dll
2008-06-26 08:13 1,499,648 ----a-w I:\WINDOWS\system32\shdocvw(2)(2).dll
2008-06-24 16:44 74,240 ----a-w I:\WINDOWS\system32\mscms.dll
2008-06-23 15:10 670,208 ----a-w I:\WINDOWS\system32\wininet.dll
2008-06-23 15:10 670,208 ----a-w I:\WINDOWS\system32\wininet(2)(2).dll
2008-06-20 17:47 247,808 ----a-w I:\WINDOWS\system32\mswsock.dll
2005-01-27 19:27 17,245 -c--a-w I:\WINDOWS\inf\hxdll.dll
2004-10-28 17:14 27,036 -c--a-w I:\WINDOWS\inf\mdusb.sys
2008-05-13 04:22 32,768 -csha-w I:\WINDOWS\system32\config\systemprofile\Local Settings\Historique\History.IE5\MSHist012008051320080514\index.dat
.
((((((((((((((((((((((((((((((((( Point de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="I:\WINDOWS\system32\ctfmon.exe" [2008-04-14 15360]
"WOOKIT"="I:\PROGRA~1\Wanadoo\Shell.exe" [2004-08-23 122880]
"SpybotSD TeaTimer"="I:\Program Files\Spybot - Search & Destroy\TeaTimer.exe" [2008-08-18 1832272]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"avast!"="I:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe" [2008-07-19 78008]
"NvCplDaemon"="I:\WINDOWS\system32\NvCpl.dll" [2007-11-06 8523776]
"WOOWATCH"="I:\PROGRA~1\Wanadoo\Watch.exe" [2004-08-23 20480]
"ZoneAlarm Client"="I:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe" [2008-07-09 919016]
"nwiz"="nwiz.exe" [2007-11-06 I:\WINDOWS\system32\nwiz.exe]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="I:\WINDOWS\system32\CTFMON.EXE" [2008-04-14 15360]
I:\Documents and Settings\All Users\Menu D‚marrer\Programmes\D‚marrage\
hp psc 1000 series.lnk - I:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpohmr08.exe [2003-04-06 147456]
hpoddt01.exe.lnk - I:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe [2003-04-06 28672]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"midi2"= hxdll.dll
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\ZoneLabsFirewall]
"DisableMonitoring"=dword:00000001
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"I:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"I:\\Program Files\\Windows Live\\Messenger\\livecall.exe"=
"I:\\WINDOWS\\system32\\dpvsetup.exe"=
"I:\\Program Files\\Qnext\\qnextclient.exe"=
"I:\\Program Files\\Podmailing\\podmailing.exe"=
"I:\\Program Files\\GameSpy Arcade\\Aphex.exe"=
R1 aswSP;avast! Self Protection;I:\WINDOWS\system32\drivers\aswSP.sys [2008-07-19 78416]
R2 aswFsBlk;aswFsBlk;I:\WINDOWS\system32\DRIVERS\aswFsBlk.sys [2008-07-19 20560]
R2 UxTuneUp;TuneUp Extension de thème;I:\WINDOWS\System32\svchost.exe [2008-04-14 14336]
R3 Cap7134;MEDION (7134) WDM Video Capture;I:\WINDOWS\system32\DRIVERS\Cap7134.sys [2003-06-05 350752]
R3 cmudax;C-Media High Definition Audio Interface;I:\WINDOWS\system32\drivers\cmudax.sys [2005-05-12 1287296]
R3 PhTVTune;MEDION TV-TUNER 7134 MK2/3;I:\WINDOWS\system32\DRIVERS\PhTVTune.sys [2003-06-12 24704]
S3 TTPhase1394;TTPhase1394;I:\WINDOWS\system32\Drivers\TTPhase1394.sys [2004-10-14 97152]
S3 TTPhaseA;TTPhaseA;I:\WINDOWS\system32\Drivers\TTPhaseA.sys [2004-10-14 24576]
S3 TuneUp.Defrag;TuneUp Drive Defrag Service;I:\WINDOWS\System32\TuneUpDefragService.exe [2008-09-09 355584]
S3 USBMIDI;UF USB MIDI Driver;I:\WINDOWS\system32\Drivers\Mdusb.sys [2004-10-28 27036]
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
UxTuneUp
*Newly Created Service* - PROCEXP90
.
Contenu du dossier 'Scheduled Tasks/Tâches planifiées'
.
- - - - ORPHANS REMOVED - - - -
HKCU-Run-Phase24FireWireService - I:\Program Files\Fichiers communs\TerraTec\PhaseFW\driver\PhaseFWService.exe
HKLM-Run-Cmaudio - cmicnfg.cpl
.
------- Supplementary Scan -------
.
FireFox -: Profile - I:\Documents and Settings\nico\Application Data\Mozilla\Firefox\Profiles\yfyrm5oh.default\
FireFox -: prefs.js - STARTUP.HOMEPAGE - hxxp://fr.yahoo.com/
FF -: plugin - I:\PROGRA~1\MOZILL~1\plugins\npdivx32.dll
FF -: plugin - I:\PROGRA~1\MOZILL~1\plugins\npDivxPlayerPlugin.dll
FF -: plugin - I:\PROGRA~1\MOZILL~1\plugins\npnul32.dll
FF -: plugin - I:\PROGRA~1\MOZILL~1\plugins\NPSWF32.dll
FF -: plugin - I:\PROGRA~1\MOZILL~1\plugins\NPZoneSB.dll
.
**************************************************************************
catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-09-11 12:53:26
Windows 5.1.2600 Service Pack 3 NTFS
Balayage processus cachés ...
Balayage caché autostart entries ...
Balayage des fichiers cachés ...
Scan terminé avec succès
Les fichiers cachés: 0
**************************************************************************
.
Temps d'accomplissement: 2008-09-11 12:54:31
ComboFix-quarantined-files.txt 2008-09-11 10:54:26
Pre-Run: 43,774,357,504 octets libres
Post-Run: 43,769,147,392 octets libres
173 --- E O F --- 2008-09-10 10:38:35
ComboFix 08-09-10.04 - nico 2008-09-11 12:51:48.1 - NTFSx86
Microsoft Windows XP Édition familiale 5.1.2600.3.1252.1.1036.18.653 [GMT 2:00]
Endroit: I:\Documents and Settings\nico\Bureau\ComboFix2.exe
* Création d'un nouveau point de restauration
[color=red][b]AVERTISSEMENT - LA CONSOLE DE RÉCUPÉRATION N'EST PAS INSTALLÉE SUR CETTE MACHINE !![/b][/color]
.
((((((((((((((((((((((((((((( Fichiers créés 2008-08-11 to 2008-09-11 ))))))))))))))))))))))))))))))))))))
.
2008-09-11 11:27 . 2008-09-11 11:29 <REP> d-------- I:\Program Files\Spybot - Search & Destroy
2008-09-11 11:27 . 2008-09-11 11:27 <REP> d-------- I:\Program Files\MSNFix
2008-09-10 15:16 . 2008-09-10 15:17 <REP> d-------- I:\Program Files\Malwarebytes' Anti-Malware
2008-09-10 15:16 . 2008-09-10 15:16 <REP> d-------- I:\Documents and Settings\nico\Application Data\Malwarebytes
2008-09-10 15:16 . 2008-09-10 15:16 <REP> d-------- I:\Documents and Settings\All Users\Application Data\Malwarebytes
2008-09-10 15:16 . 2008-09-10 00:04 38,528 --a------ I:\WINDOWS\system32\drivers\mbamswissarmy.sys
2008-09-10 15:16 . 2008-09-10 00:03 17,200 --a------ I:\WINDOWS\system32\drivers\mbam.sys
2008-09-09 04:49 . 2008-09-09 04:49 <REP> d-------- I:\Documents and Settings\nico\Application Data\TuneUp Software
2008-09-09 04:49 . 2008-09-09 04:49 355,584 --a------ I:\WINDOWS\system32\TuneUpDefragService.exe
2008-09-09 04:49 . 2008-05-29 09:28 28,416 --a------ I:\WINDOWS\system32\uxtuneup.dll
2008-09-09 04:48 . 2008-09-09 04:49 <REP> d-------- I:\Program Files\TuneUp Utilities 2008
2008-09-09 04:48 . 2008-09-09 04:48 <REP> d-------- I:\Program Files\Fichiers communs\Wise Installation Wizard
2008-09-09 04:48 . 2008-09-09 04:48 <REP> d-------- I:\Documents and Settings\All Users\Application Data\TuneUp Software
2008-09-08 11:50 . 2008-09-08 11:50 <REP> d-------- I:\Program Files\Microsoft Silverlight
2008-09-03 00:52 . 2008-09-03 00:52 <REP> d-------- I:\Program Files\Securitoo
2008-09-03 00:52 . 2008-09-03 00:52 <REP> d-------- I:\Program Files\CCleaner
2008-09-03 00:52 . 2008-09-03 00:52 <REP> d-------- I:\Documents and Settings\All Users\Application Data\MailFrontier
2008-09-03 00:51 . 2008-09-03 00:51 <REP> d-------- I:\Program Files\Podmailing
2008-09-01 00:18 . 2008-09-03 00:52 <REP> d-------- I:\Program Files\Zattoo
2008-08-30 15:48 . 2008-07-07 22:28 253,952 -----c--- I:\WINDOWS\system32\dllcache\es.dll
2008-08-30 15:48 . 2008-06-24 18:44 74,240 -----c--- I:\WINDOWS\system32\dllcache\mscms.dll
2008-08-30 15:47 . 2008-06-26 10:13 1,499,648 -----c--- I:\WINDOWS\system32\dllcache\shdocvw.dll
2008-08-30 15:47 . 2008-04-11 21:05 691,712 -----c--- I:\WINDOWS\system32\dllcache\inetcomm.dll
2008-08-30 15:47 . 2008-06-26 10:13 620,544 -----c--- I:\WINDOWS\system32\dllcache\urlmon.dll
2008-08-30 13:53 . 2008-09-03 00:58 <REP> d-------- I:\Program Files\Windows Defender
2008-08-26 14:17 . 2008-09-03 00:51 <REP> d-------- I:\Program Files\Podmailing(2)
2008-08-25 21:05 . 2008-09-03 00:51 <REP> d-------- I:\Program Files\Phun
2008-08-18 17:11 . 2008-08-18 17:11 <REP> d-------- I:\Documents and Settings\nico\Application Data\Template
2008-08-18 17:11 . 2008-08-18 17:12 106 --a------ I:\Documents and Settings\nico\Application Data\wklnhst.dat
2008-08-18 17:05 . 2008-08-30 15:41 <REP> d-------- I:\Program Files\Microsoft Works
2008-08-16 16:38 . 2008-08-16 16:38 <REP> d-------- I:\WINDOWS\system32\LogFiles
2008-08-14 04:09 . 2008-09-11 12:53 5,017,632 --ahs---- I:\WINDOWS\system32\drivers\fidbox.dat
2008-08-14 04:09 . 2008-09-11 11:22 60,008 --ahs---- I:\WINDOWS\system32\drivers\fidbox.idx
2008-08-14 04:07 . 2008-08-14 04:07 <REP> d-------- I:\Program Files\ZoneAlarmSB
2008-08-14 04:05 . 2008-09-03 00:52 <REP> d-------- I:\WINDOWS\system32\ZoneLabs
2008-08-14 04:05 . 2008-08-14 04:05 <REP> d-------- I:\Program Files\Zone Labs
2008-08-14 04:05 . 2008-09-11 11:23 352,920 --a------ I:\WINDOWS\system32\vsconfig.xml
2008-08-14 04:05 . 2008-08-30 17:12 4,212 ---h----- I:\WINDOWS\system32\zllictbl.dat
2008-08-14 04:04 . 2008-09-11 12:46 <REP> d-------- I:\WINDOWS\Internet Logs
.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-09-11 10:51 --------- d-----w I:\Program Files\Wanadoo
2008-09-11 09:29 --------- d-----w I:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
2008-09-10 22:21 --------- d-----w I:\Documents and Settings\nico\Application Data\foobar2000
2008-09-02 22:51 --------- d-----w I:\Program Files\GUILD WARS(2)
2008-09-02 22:51 --------- d-----w I:\Program Files\Fichiers communs\PCSuite
2008-09-02 21:43 1,094,474 ----a-w I:\WINDOWS\Internet Logs\tvDebug.zip
2008-08-29 12:12 --------- d-----w I:\Program Files\Java
2008-08-28 02:49 --------- d-----w I:\Documents and Settings\nico\Application Data\Podmailing
2008-08-27 20:31 --------- d-----w I:\Documents and Settings\nico\Application Data\DivX
2008-08-06 14:46 --------- d-----w I:\Documents and Settings\nico\Application Data\Nokia Multimedia Player
2008-08-05 15:58 --------- d-----w I:\Program Files\Nokia
2008-08-05 15:57 --------- d-----w I:\Documents and Settings\All Users\Application Data\Installations
2008-08-03 22:18 --------- d--h--w I:\Program Files\InstallShield Installation Information
2008-08-03 22:18 --------- d-----w I:\Program Files\Eidos
2008-07-29 15:07 --------- d-----w I:\Program Files\Qnext
2008-07-21 16:04 --------- d-----w I:\Program Files\GameSpy Arcade
2008-07-21 15:39 --------- d-----w I:\Program Files\Codemasters
2008-07-18 20:10 94,920 ----a-w I:\WINDOWS\system32\cdm.dll
2008-07-18 20:10 53,448 ----a-w I:\WINDOWS\system32\wuauclt.exe
2008-07-18 20:10 45,768 ----a-w I:\WINDOWS\system32\wups2.dll
2008-07-18 20:10 45,768 ----a-w I:\WINDOWS\system32\wups2(2)(2).dll
2008-07-18 20:10 36,552 ----a-w I:\WINDOWS\system32\wups.dll
2008-07-18 20:10 36,552 ----a-w I:\WINDOWS\system32\wups(2)(2).dll
2008-07-18 20:09 563,912 ----a-w I:\WINDOWS\system32\wuapi.dll
2008-07-18 20:09 325,832 ----a-w I:\WINDOWS\system32\wucltui.dll
2008-07-18 20:09 205,000 ----a-w I:\WINDOWS\system32\wuweb.dll
2008-07-18 20:09 1,811,656 ----a-w I:\WINDOWS\system32\wuaueng.dll
2008-07-18 20:07 270,880 ----a-w I:\WINDOWS\system32\mucltui.dll
2008-07-18 20:07 210,976 ----a-w I:\WINDOWS\system32\muweb.dll
2008-07-09 07:05 75,248 ----a-w I:\WINDOWS\zllsputility.exe
2008-07-09 07:05 1,086,952 ----a-w I:\WINDOWS\system32\zpeng24.dll
2008-07-07 20:28 253,952 ----a-w I:\WINDOWS\system32\es.dll
2008-07-07 20:28 253,952 ----a-w I:\WINDOWS\system32\es(5)(2).dll
2008-06-26 08:13 620,544 ----a-w I:\WINDOWS\system32\urlmon(2)(2).dll
2008-06-26 08:13 1,499,648 ----a-w I:\WINDOWS\system32\shdocvw(2)(2).dll
2008-06-24 16:44 74,240 ----a-w I:\WINDOWS\system32\mscms.dll
2008-06-23 15:10 670,208 ----a-w I:\WINDOWS\system32\wininet.dll
2008-06-23 15:10 670,208 ----a-w I:\WINDOWS\system32\wininet(2)(2).dll
2008-06-20 17:47 247,808 ----a-w I:\WINDOWS\system32\mswsock.dll
2005-01-27 19:27 17,245 -c--a-w I:\WINDOWS\inf\hxdll.dll
2004-10-28 17:14 27,036 -c--a-w I:\WINDOWS\inf\mdusb.sys
2008-05-13 04:22 32,768 -csha-w I:\WINDOWS\system32\config\systemprofile\Local Settings\Historique\History.IE5\MSHist012008051320080514\index.dat
.
((((((((((((((((((((((((((((((((( Point de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="I:\WINDOWS\system32\ctfmon.exe" [2008-04-14 15360]
"WOOKIT"="I:\PROGRA~1\Wanadoo\Shell.exe" [2004-08-23 122880]
"SpybotSD TeaTimer"="I:\Program Files\Spybot - Search & Destroy\TeaTimer.exe" [2008-08-18 1832272]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"avast!"="I:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe" [2008-07-19 78008]
"NvCplDaemon"="I:\WINDOWS\system32\NvCpl.dll" [2007-11-06 8523776]
"WOOWATCH"="I:\PROGRA~1\Wanadoo\Watch.exe" [2004-08-23 20480]
"ZoneAlarm Client"="I:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe" [2008-07-09 919016]
"nwiz"="nwiz.exe" [2007-11-06 I:\WINDOWS\system32\nwiz.exe]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="I:\WINDOWS\system32\CTFMON.EXE" [2008-04-14 15360]
I:\Documents and Settings\All Users\Menu D‚marrer\Programmes\D‚marrage\
hp psc 1000 series.lnk - I:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpohmr08.exe [2003-04-06 147456]
hpoddt01.exe.lnk - I:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe [2003-04-06 28672]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"midi2"= hxdll.dll
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\ZoneLabsFirewall]
"DisableMonitoring"=dword:00000001
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"I:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"I:\\Program Files\\Windows Live\\Messenger\\livecall.exe"=
"I:\\WINDOWS\\system32\\dpvsetup.exe"=
"I:\\Program Files\\Qnext\\qnextclient.exe"=
"I:\\Program Files\\Podmailing\\podmailing.exe"=
"I:\\Program Files\\GameSpy Arcade\\Aphex.exe"=
R1 aswSP;avast! Self Protection;I:\WINDOWS\system32\drivers\aswSP.sys [2008-07-19 78416]
R2 aswFsBlk;aswFsBlk;I:\WINDOWS\system32\DRIVERS\aswFsBlk.sys [2008-07-19 20560]
R2 UxTuneUp;TuneUp Extension de thème;I:\WINDOWS\System32\svchost.exe [2008-04-14 14336]
R3 Cap7134;MEDION (7134) WDM Video Capture;I:\WINDOWS\system32\DRIVERS\Cap7134.sys [2003-06-05 350752]
R3 cmudax;C-Media High Definition Audio Interface;I:\WINDOWS\system32\drivers\cmudax.sys [2005-05-12 1287296]
R3 PhTVTune;MEDION TV-TUNER 7134 MK2/3;I:\WINDOWS\system32\DRIVERS\PhTVTune.sys [2003-06-12 24704]
S3 TTPhase1394;TTPhase1394;I:\WINDOWS\system32\Drivers\TTPhase1394.sys [2004-10-14 97152]
S3 TTPhaseA;TTPhaseA;I:\WINDOWS\system32\Drivers\TTPhaseA.sys [2004-10-14 24576]
S3 TuneUp.Defrag;TuneUp Drive Defrag Service;I:\WINDOWS\System32\TuneUpDefragService.exe [2008-09-09 355584]
S3 USBMIDI;UF USB MIDI Driver;I:\WINDOWS\system32\Drivers\Mdusb.sys [2004-10-28 27036]
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
UxTuneUp
*Newly Created Service* - PROCEXP90
.
Contenu du dossier 'Scheduled Tasks/Tâches planifiées'
.
- - - - ORPHANS REMOVED - - - -
HKCU-Run-Phase24FireWireService - I:\Program Files\Fichiers communs\TerraTec\PhaseFW\driver\PhaseFWService.exe
HKLM-Run-Cmaudio - cmicnfg.cpl
.
------- Supplementary Scan -------
.
FireFox -: Profile - I:\Documents and Settings\nico\Application Data\Mozilla\Firefox\Profiles\yfyrm5oh.default\
FireFox -: prefs.js - STARTUP.HOMEPAGE - hxxp://fr.yahoo.com/
FF -: plugin - I:\PROGRA~1\MOZILL~1\plugins\npdivx32.dll
FF -: plugin - I:\PROGRA~1\MOZILL~1\plugins\npDivxPlayerPlugin.dll
FF -: plugin - I:\PROGRA~1\MOZILL~1\plugins\npnul32.dll
FF -: plugin - I:\PROGRA~1\MOZILL~1\plugins\NPSWF32.dll
FF -: plugin - I:\PROGRA~1\MOZILL~1\plugins\NPZoneSB.dll
.
**************************************************************************
catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-09-11 12:53:26
Windows 5.1.2600 Service Pack 3 NTFS
Balayage processus cachés ...
Balayage caché autostart entries ...
Balayage des fichiers cachés ...
Scan terminé avec succès
Les fichiers cachés: 0
**************************************************************************
.
Temps d'accomplissement: 2008-09-11 12:54:31
ComboFix-quarantined-files.txt 2008-09-11 10:54:26
Pre-Run: 43,774,357,504 octets libres
Post-Run: 43,769,147,392 octets libres
173 --- E O F --- 2008-09-10 10:38:35
et le nouveau hi jack
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 13:03:23, on 11/09/2008
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)
Boot mode: Normal
Running processes:
I:\WINDOWS\System32\smss.exe
I:\WINDOWS\system32\winlogon.exe
I:\WINDOWS\system32\services.exe
I:\WINDOWS\system32\lsass.exe
I:\WINDOWS\system32\svchost.exe
I:\Program Files\Windows Defender\MsMpEng.exe
I:\WINDOWS\System32\svchost.exe
I:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
I:\Program Files\Alwil Software\Avast4\ashServ.exe
I:\WINDOWS\system32\spoolsv.exe
I:\WINDOWS\System32\FTRTSVC.exe
I:\WINDOWS\system32\nvsvc32.exe
I:\WINDOWS\system32\svchost.exe
I:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
I:\WINDOWS\system32\RunDll32.exe
I:\WINDOWS\system32\ctfmon.exe
I:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpohmr08.exe
I:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe
I:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpoevm08.exe
I:\Program Files\Hewlett-Packard\Digital Imaging\Bin\hpoSTS08.exe
I:\PROGRA~1\Wanadoo\Toaster.exe
I:\PROGRA~1\Wanadoo\Inactivity.exe
I:\PROGRA~1\Wanadoo\PollingModule.exe
I:\Program Files\Windows Live\Messenger\usnsvc.exe
I:\WINDOWS\explorer.exe
I:\WINDOWS\system32\notepad.exe
I:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
I:\Program Files\Alwil Software\Avast4\ashWebSv.exe
I:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
I:\WINDOWS\system32\ZoneLabs\vsmon.exe
I:\Program Files\Wanadoo\GestionnaireInternet.exe
I:\Program Files\Wanadoo\ComComp.exe
I:\Program Files\Wanadoo\Watch.exe
I:\WINDOWS\System32\ALERTM~1\ALERTM~1.EXE
I:\Program Files\Windows Live\Messenger\msnmsgr.exe
I:\Program Files\Internet Explorer\iexplore.exe
I:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe
I:\Documents and Settings\nico\Bureau\HiJackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.orange.fr/portail
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - I:\PROGRA~1\Wanadoo\SEARCH~1.DLL
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - I:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - I:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: ZoneAlarm Spy Blocker BHO - {F0D4B231-DA4B-4daf-81E4-DFEE4931A4AA} - I:\Program Files\ZoneAlarmSB\bar\2.bin\SPYBLOCK.DLL
O3 - Toolbar: ZoneAlarm Spy Blocker - {F0D4B239-DA4B-4daf-81E4-DFEE4931A4AA} - I:\Program Files\ZoneAlarmSB\bar\2.bin\SPYBLOCK.DLL
O4 - HKLM\..\Run: [avast!] I:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE I:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [WOOWATCH] I:\PROGRA~1\Wanadoo\Watch.exe
O4 - HKLM\..\Run: [ZoneAlarm Client] "I:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] I:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [WOOKIT] I:\PROGRA~1\Wanadoo\Shell.exe appLaunchClientZone.shl|PARAM= cnx
O4 - HKCU\..\Run: [SpybotSD TeaTimer] I:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [Phase24FireWireService] "I:\Program Files\Fichiers communs\TerraTec\PhaseFW\driver\PhaseFWService.exe"
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] I:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] I:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] I:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] I:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: hp psc 1000 series.lnk = ?
O4 - Global Startup: hpoddt01.exe.lnk = ?
O9 - Extra button: Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - I:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - I:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - I:\Program Files\Java\jre1.6.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - I:\Program Files\Java\jre1.6.0_06\bin\ssv.dll
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - I:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - I:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - I:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - I:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: Orange - {1462651F-F4BA-4C76-A001-C4284D0FE16E} - https://www.orange.fr/portail (file missing) (HKCU)
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - I:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - I:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - I:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - I:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom - I:\WINDOWS\System32\FTRTSVC.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - I:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Pml Driver HPZ12 - HP - I:\WINDOWS\system32\HPZipm12.exe
O23 - Service: ServiceLayer - Nokia. - I:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: TuneUp Drive Defrag Service (TuneUp.Defrag) - TuneUp Software GmbH - I:\WINDOWS\System32\TuneUpDefragService.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - I:\WINDOWS\system32\ZoneLabs\vsmon.exe
O23 - Service: X10 Device Network Service (x10nets) - X10 - I:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 13:03:23, on 11/09/2008
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)
Boot mode: Normal
Running processes:
I:\WINDOWS\System32\smss.exe
I:\WINDOWS\system32\winlogon.exe
I:\WINDOWS\system32\services.exe
I:\WINDOWS\system32\lsass.exe
I:\WINDOWS\system32\svchost.exe
I:\Program Files\Windows Defender\MsMpEng.exe
I:\WINDOWS\System32\svchost.exe
I:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
I:\Program Files\Alwil Software\Avast4\ashServ.exe
I:\WINDOWS\system32\spoolsv.exe
I:\WINDOWS\System32\FTRTSVC.exe
I:\WINDOWS\system32\nvsvc32.exe
I:\WINDOWS\system32\svchost.exe
I:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
I:\WINDOWS\system32\RunDll32.exe
I:\WINDOWS\system32\ctfmon.exe
I:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpohmr08.exe
I:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe
I:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpoevm08.exe
I:\Program Files\Hewlett-Packard\Digital Imaging\Bin\hpoSTS08.exe
I:\PROGRA~1\Wanadoo\Toaster.exe
I:\PROGRA~1\Wanadoo\Inactivity.exe
I:\PROGRA~1\Wanadoo\PollingModule.exe
I:\Program Files\Windows Live\Messenger\usnsvc.exe
I:\WINDOWS\explorer.exe
I:\WINDOWS\system32\notepad.exe
I:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
I:\Program Files\Alwil Software\Avast4\ashWebSv.exe
I:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
I:\WINDOWS\system32\ZoneLabs\vsmon.exe
I:\Program Files\Wanadoo\GestionnaireInternet.exe
I:\Program Files\Wanadoo\ComComp.exe
I:\Program Files\Wanadoo\Watch.exe
I:\WINDOWS\System32\ALERTM~1\ALERTM~1.EXE
I:\Program Files\Windows Live\Messenger\msnmsgr.exe
I:\Program Files\Internet Explorer\iexplore.exe
I:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe
I:\Documents and Settings\nico\Bureau\HiJackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.orange.fr/portail
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - I:\PROGRA~1\Wanadoo\SEARCH~1.DLL
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - I:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - I:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: ZoneAlarm Spy Blocker BHO - {F0D4B231-DA4B-4daf-81E4-DFEE4931A4AA} - I:\Program Files\ZoneAlarmSB\bar\2.bin\SPYBLOCK.DLL
O3 - Toolbar: ZoneAlarm Spy Blocker - {F0D4B239-DA4B-4daf-81E4-DFEE4931A4AA} - I:\Program Files\ZoneAlarmSB\bar\2.bin\SPYBLOCK.DLL
O4 - HKLM\..\Run: [avast!] I:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE I:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [WOOWATCH] I:\PROGRA~1\Wanadoo\Watch.exe
O4 - HKLM\..\Run: [ZoneAlarm Client] "I:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] I:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [WOOKIT] I:\PROGRA~1\Wanadoo\Shell.exe appLaunchClientZone.shl|PARAM= cnx
O4 - HKCU\..\Run: [SpybotSD TeaTimer] I:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [Phase24FireWireService] "I:\Program Files\Fichiers communs\TerraTec\PhaseFW\driver\PhaseFWService.exe"
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] I:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] I:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] I:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] I:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: hp psc 1000 series.lnk = ?
O4 - Global Startup: hpoddt01.exe.lnk = ?
O9 - Extra button: Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - I:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - I:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - I:\Program Files\Java\jre1.6.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - I:\Program Files\Java\jre1.6.0_06\bin\ssv.dll
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - I:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - I:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - I:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - I:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: Orange - {1462651F-F4BA-4C76-A001-C4284D0FE16E} - https://www.orange.fr/portail (file missing) (HKCU)
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - I:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - I:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - I:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - I:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom - I:\WINDOWS\System32\FTRTSVC.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - I:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Pml Driver HPZ12 - HP - I:\WINDOWS\system32\HPZipm12.exe
O23 - Service: ServiceLayer - Nokia. - I:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: TuneUp Drive Defrag Service (TuneUp.Defrag) - TuneUp Software GmbH - I:\WINDOWS\System32\TuneUpDefragService.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - I:\WINDOWS\system32\ZoneLabs\vsmon.exe
O23 - Service: X10 Device Network Service (x10nets) - X10 - I:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe
et le nouveau hi jack
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 13:03:23, on 11/09/2008
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)
Boot mode: Normal
Running processes:
I:\WINDOWS\System32\smss.exe
I:\WINDOWS\system32\winlogon.exe
I:\WINDOWS\system32\services.exe
I:\WINDOWS\system32\lsass.exe
I:\WINDOWS\system32\svchost.exe
I:\Program Files\Windows Defender\MsMpEng.exe
I:\WINDOWS\System32\svchost.exe
I:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
I:\Program Files\Alwil Software\Avast4\ashServ.exe
I:\WINDOWS\system32\spoolsv.exe
I:\WINDOWS\System32\FTRTSVC.exe
I:\WINDOWS\system32\nvsvc32.exe
I:\WINDOWS\system32\svchost.exe
I:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
I:\WINDOWS\system32\RunDll32.exe
I:\WINDOWS\system32\ctfmon.exe
I:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpohmr08.exe
I:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe
I:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpoevm08.exe
I:\Program Files\Hewlett-Packard\Digital Imaging\Bin\hpoSTS08.exe
I:\PROGRA~1\Wanadoo\Toaster.exe
I:\PROGRA~1\Wanadoo\Inactivity.exe
I:\PROGRA~1\Wanadoo\PollingModule.exe
I:\Program Files\Windows Live\Messenger\usnsvc.exe
I:\WINDOWS\explorer.exe
I:\WINDOWS\system32\notepad.exe
I:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
I:\Program Files\Alwil Software\Avast4\ashWebSv.exe
I:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
I:\WINDOWS\system32\ZoneLabs\vsmon.exe
I:\Program Files\Wanadoo\GestionnaireInternet.exe
I:\Program Files\Wanadoo\ComComp.exe
I:\Program Files\Wanadoo\Watch.exe
I:\WINDOWS\System32\ALERTM~1\ALERTM~1.EXE
I:\Program Files\Windows Live\Messenger\msnmsgr.exe
I:\Program Files\Internet Explorer\iexplore.exe
I:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe
I:\Documents and Settings\nico\Bureau\HiJackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.orange.fr/portail
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - I:\PROGRA~1\Wanadoo\SEARCH~1.DLL
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - I:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - I:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: ZoneAlarm Spy Blocker BHO - {F0D4B231-DA4B-4daf-81E4-DFEE4931A4AA} - I:\Program Files\ZoneAlarmSB\bar\2.bin\SPYBLOCK.DLL
O3 - Toolbar: ZoneAlarm Spy Blocker - {F0D4B239-DA4B-4daf-81E4-DFEE4931A4AA} - I:\Program Files\ZoneAlarmSB\bar\2.bin\SPYBLOCK.DLL
O4 - HKLM\..\Run: [avast!] I:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE I:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [WOOWATCH] I:\PROGRA~1\Wanadoo\Watch.exe
O4 - HKLM\..\Run: [ZoneAlarm Client] "I:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] I:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [WOOKIT] I:\PROGRA~1\Wanadoo\Shell.exe appLaunchClientZone.shl|PARAM= cnx
O4 - HKCU\..\Run: [SpybotSD TeaTimer] I:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [Phase24FireWireService] "I:\Program Files\Fichiers communs\TerraTec\PhaseFW\driver\PhaseFWService.exe"
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] I:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] I:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] I:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] I:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: hp psc 1000 series.lnk = ?
O4 - Global Startup: hpoddt01.exe.lnk = ?
O9 - Extra button: Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - I:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - I:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - I:\Program Files\Java\jre1.6.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - I:\Program Files\Java\jre1.6.0_06\bin\ssv.dll
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - I:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - I:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - I:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - I:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: Orange - {1462651F-F4BA-4C76-A001-C4284D0FE16E} - https://www.orange.fr/portail (file missing) (HKCU)
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - I:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - I:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - I:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - I:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom - I:\WINDOWS\System32\FTRTSVC.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - I:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Pml Driver HPZ12 - HP - I:\WINDOWS\system32\HPZipm12.exe
O23 - Service: ServiceLayer - Nokia. - I:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: TuneUp Drive Defrag Service (TuneUp.Defrag) - TuneUp Software GmbH - I:\WINDOWS\System32\TuneUpDefragService.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - I:\WINDOWS\system32\ZoneLabs\vsmon.exe
O23 - Service: X10 Device Network Service (x10nets) - X10 - I:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 13:03:23, on 11/09/2008
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)
Boot mode: Normal
Running processes:
I:\WINDOWS\System32\smss.exe
I:\WINDOWS\system32\winlogon.exe
I:\WINDOWS\system32\services.exe
I:\WINDOWS\system32\lsass.exe
I:\WINDOWS\system32\svchost.exe
I:\Program Files\Windows Defender\MsMpEng.exe
I:\WINDOWS\System32\svchost.exe
I:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
I:\Program Files\Alwil Software\Avast4\ashServ.exe
I:\WINDOWS\system32\spoolsv.exe
I:\WINDOWS\System32\FTRTSVC.exe
I:\WINDOWS\system32\nvsvc32.exe
I:\WINDOWS\system32\svchost.exe
I:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
I:\WINDOWS\system32\RunDll32.exe
I:\WINDOWS\system32\ctfmon.exe
I:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpohmr08.exe
I:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe
I:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpoevm08.exe
I:\Program Files\Hewlett-Packard\Digital Imaging\Bin\hpoSTS08.exe
I:\PROGRA~1\Wanadoo\Toaster.exe
I:\PROGRA~1\Wanadoo\Inactivity.exe
I:\PROGRA~1\Wanadoo\PollingModule.exe
I:\Program Files\Windows Live\Messenger\usnsvc.exe
I:\WINDOWS\explorer.exe
I:\WINDOWS\system32\notepad.exe
I:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
I:\Program Files\Alwil Software\Avast4\ashWebSv.exe
I:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
I:\WINDOWS\system32\ZoneLabs\vsmon.exe
I:\Program Files\Wanadoo\GestionnaireInternet.exe
I:\Program Files\Wanadoo\ComComp.exe
I:\Program Files\Wanadoo\Watch.exe
I:\WINDOWS\System32\ALERTM~1\ALERTM~1.EXE
I:\Program Files\Windows Live\Messenger\msnmsgr.exe
I:\Program Files\Internet Explorer\iexplore.exe
I:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe
I:\Documents and Settings\nico\Bureau\HiJackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.orange.fr/portail
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - I:\PROGRA~1\Wanadoo\SEARCH~1.DLL
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - I:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - I:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: ZoneAlarm Spy Blocker BHO - {F0D4B231-DA4B-4daf-81E4-DFEE4931A4AA} - I:\Program Files\ZoneAlarmSB\bar\2.bin\SPYBLOCK.DLL
O3 - Toolbar: ZoneAlarm Spy Blocker - {F0D4B239-DA4B-4daf-81E4-DFEE4931A4AA} - I:\Program Files\ZoneAlarmSB\bar\2.bin\SPYBLOCK.DLL
O4 - HKLM\..\Run: [avast!] I:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE I:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [WOOWATCH] I:\PROGRA~1\Wanadoo\Watch.exe
O4 - HKLM\..\Run: [ZoneAlarm Client] "I:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] I:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [WOOKIT] I:\PROGRA~1\Wanadoo\Shell.exe appLaunchClientZone.shl|PARAM= cnx
O4 - HKCU\..\Run: [SpybotSD TeaTimer] I:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [Phase24FireWireService] "I:\Program Files\Fichiers communs\TerraTec\PhaseFW\driver\PhaseFWService.exe"
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] I:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] I:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] I:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] I:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: hp psc 1000 series.lnk = ?
O4 - Global Startup: hpoddt01.exe.lnk = ?
O9 - Extra button: Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - I:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - I:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - I:\Program Files\Java\jre1.6.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - I:\Program Files\Java\jre1.6.0_06\bin\ssv.dll
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - I:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - I:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - I:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - I:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: Orange - {1462651F-F4BA-4C76-A001-C4284D0FE16E} - https://www.orange.fr/portail (file missing) (HKCU)
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - I:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - I:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - I:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - I:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom - I:\WINDOWS\System32\FTRTSVC.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - I:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Pml Driver HPZ12 - HP - I:\WINDOWS\system32\HPZipm12.exe
O23 - Service: ServiceLayer - Nokia. - I:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: TuneUp Drive Defrag Service (TuneUp.Defrag) - TuneUp Software GmbH - I:\WINDOWS\System32\TuneUpDefragService.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - I:\WINDOWS\system32\ZoneLabs\vsmon.exe
O23 - Service: X10 Device Network Service (x10nets) - X10 - I:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe
geoffrey5
Messages postés
13732
Date d'inscription
dimanche 20 mai 2007
Statut
Contributeur sécurité
Dernière intervention
21 mai 2010
10
11 sept. 2008 à 13:09
11 sept. 2008 à 13:09
je ne vois pourtant plus d infections...
relance hijackthis en cliquant sur scan only et coches ces lignes stp :
O4 - Global Startup: hp psc 1000 series.lnk = ?
O9 - Extra button: Orange - {1462651F-F4BA-4C76-A001-C4284D0FE16E} - https://www.orange.fr/portail (file missing) (HKCU)
O4 - Global Startup: hp psc 1000 series.lnk = ?
O9 - Extra button: Orange - {1462651F-F4BA-4C76-A001-C4284D0FE16E} - https://www.orange.fr/portail (file missing) (HKCU)
puis tu cliques sur fix checked.
vas aussi faire la mise à niveau de java à cette adresse stp : https://www.java.com/fr/download/manual.jsp
et ensuite désinstalle la version antérieure.
C est peut etre ton pare feu zone alarm qui le bloque...essais en le désactivant
relance hijackthis en cliquant sur scan only et coches ces lignes stp :
O4 - Global Startup: hp psc 1000 series.lnk = ?
O9 - Extra button: Orange - {1462651F-F4BA-4C76-A001-C4284D0FE16E} - https://www.orange.fr/portail (file missing) (HKCU)
O4 - Global Startup: hp psc 1000 series.lnk = ?
O9 - Extra button: Orange - {1462651F-F4BA-4C76-A001-C4284D0FE16E} - https://www.orange.fr/portail (file missing) (HKCU)
puis tu cliques sur fix checked.
vas aussi faire la mise à niveau de java à cette adresse stp : https://www.java.com/fr/download/manual.jsp
et ensuite désinstalle la version antérieure.
C est peut etre ton pare feu zone alarm qui le bloque...essais en le désactivant
ok bon je vais devoir faire ça plutard
merci encore je te tiens au courant des que
j'aurais fait ces manip
merci encore je te tiens au courant des que
j'aurais fait ces manip
geoffrey5
Messages postés
13732
Date d'inscription
dimanche 20 mai 2007
Statut
Contributeur sécurité
Dernière intervention
21 mai 2010
10
11 sept. 2008 à 13:16
11 sept. 2008 à 13:16
ok pas de problemes @+