Se connecter avec
S'enregistrer | Connectez-vous

virus avast

Dernière réponse : dans Sécurité

bonjour a tous , je viens solliciter votre aide car je suis novice en informatique at j ai un gros souci . en effet il y a quelques jours avast a decouvert un virus ou plutot un cheval de troie sur mon pc . je l ai mis en quarantaine mais c est tout et desormais quand je fais un scan avec avast a chaque fois il ressort une infection que je mets en quarantaine mais que dois je faire pour ne plus etre embeter . j ai fait un scan avec hijackthis comme je l ai lu sur un autre sujet de ce site et voici le resultat :
Logfile of Trend Micro HijackThis v2.0.0 (BETA)
Scan saved at 15:36:54, on 05/07/2007
Platform: Windows XP (WinNT 5.01.2600)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Thomson\SpeedTouch USB\Dragdiag.exe
C:\PROGRA~1\Wanadoo\TaskbarIcon.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\ScanSoft\OmniPageSE\opware32.exe
C:\Program Files\Java\jre1.5.0_11\bin\jusched.exe
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\WINDOWS\System32\ctfmon.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\PROGRA~1\Wanadoo\EspaceWanadoo.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\Panasonic\LUMIXSimpleViewer\PhLeAutoRun.exe
C:\PROGRA~1\Wanadoo\ComComp.exe
C:\PROGRA~1\Wanadoo\Watch.exe
C:\WINDOWS\System32\wuauclt.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files\Java\jre1.5.0_11\bin\jucheck.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Documents and Settings\Sylvain\Local Settings\Temporary Internet Files\Content.IE5\C1YZOPQV\HiJackThis_v2[1].exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.wanadoo.fr
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Wanadoo
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\PROGRA~1\Wanadoo\SEARCH~1.DLL
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar3.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar3.dll
O4 - HKLM\..\Run: [SpeedTouch USB Diagnostics] "C:\Program Files\Thomson\SpeedTouch USB\Dragdiag.exe" /icon
O4 - HKLM\..\Run: [WOOWATCH] C:\PROGRA~1\Wanadoo\Watch.exe
O4 - HKLM\..\Run: [WOOTASKBARICON] C:\PROGRA~1\Wanadoo\TaskbarIcon.exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [Omnipage] C:\Program Files\ScanSoft\OmniPageSE\opware32.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.5.0_11\bin\jusched.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [mstsdsc.exe] c:\windows\system32\mstsdsc.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\ctfmon.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: LUMIX Simple Viewer.lnk = ?
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_11\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_11\bin\ssv.dll
O9 - Extra button: Wanadoo - {1462651F-F4BA-4C76-A001-C4284D0FE16E} - http://www.wanadoo.fr (file missing) (HKCU)
O16 - DPF: {127698E4-E730-4E5C-A2B1-21490A70C8A1} (CEnroll Class) - https://static.impots.gouv.fr/abos/securite/xenroll.cab
O16 - DPF: {B79A53C0-1DAC-4636-BACE-FD086A7A79BF} (AdSignerLCContrl Class) - https://static.impots.gouv.fr/tdir/static/adpform/AdSig...
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - https://download.macromedia.com/pub/shockwave/cabs/flas...
O17 - HKLM\System\CCS\Services\Tcpip\..\{5B7050DF-F271-4D30-BCB5-7A8C1A2ADB98}: NameServer = 80.10.246.1 80.10.246.132
O22 - SharedTaskScheduler: Pré-chargeur Browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\System32\browseui.dll
O22 - SharedTaskScheduler: Démon de cache des catégories de composant - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\System32\browseui.dll
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Service d'administration du Gestionnaire de disque logique (dmadmin) - Unknown owner - C:\WINDOWS\System32\dmadmin.exe
O23 - Service: Journal des événements (Eventlog) - Unknown owner - C:\WINDOWS\system32\services.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Service COM de gravage de CD IMAPI (ImapiService) - Unknown owner - C:\WINDOWS\System32\imapi.exe
O23 - Service: Partage de Bureau à distance NetMeeting (mnmsrvc) - Unknown owner - C:\WINDOWS\System32\mnmsrvc.exe
O23 - Service: DDE réseau (NetDDE) - Unknown owner - C:\WINDOWS\system32\netdde.exe
O23 - Service: DSDM DDE réseau (NetDDEdsdm) - Unknown owner - C:\WINDOWS\system32\netdde.exe
O23 - Service: Plug-and-Play (PlugPlay) - Unknown owner - C:\WINDOWS\system32\services.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\System32\HPZipm12.exe
O23 - Service: Gestionnaire de session d'aide sur le Bureau à distance (RDSessMgr) - Unknown owner - C:\WINDOWS\system32\sessmgr.exe
O23 - Service: Prise en charge des cartes à puces (SCardDrv) - Unknown owner - C:\WINDOWS\System32\SCardSvr.exe
O23 - Service: Carte à puce (SCardSvr) - Unknown owner - C:\WINDOWS\System32\SCardSvr.exe
O23 - Service: Journaux et alertes de performance (SysmonLog) - Unknown owner - C:\WINDOWS\system32\smlogsvc.exe
O23 - Service: Telnet (TlntSvr) - Unknown owner - C:\WINDOWS\System32\tlntsvr.exe
O23 - Service: Cliché instantané de volume (VSS) - Unknown owner - C:\WINDOWS\System32\vssvc.exe
O23 - Service: Carte de performance WMI (WmiApSrv) - Unknown owner - C:\WINDOWS\System32\wbem\wmiapsrv.exe

--
End of file - 7579 bytes
d avance merci

Autres pages sur : virus avast

Lassé par la pub ? Créez un compte

tout d abord bonjour et grand merci pour cette aide car je flippe un peu . j ai donc effectuer les operations que vous m avez indique et voici le resultat du scan :
05/07/2007 a 16:18:33,35

*** Recherche des fichiers dans C:

*** Recherche des fichiers dans C:\WINDOWS\

*** Recherche des fichiers dans C:\WINDOWS\system32

*** Recherche des fichiers dans C:\Program Files
*** Fin du rapport !


d autre part si ca peut vous aider j avais note dans avast le nom des virus en quarantaine :win32:cimuz-af (trj) et plusieurs autres avec win32:small-eke (trj) . j attends de vos precieuses infos : encore une fois MERCI A VOUS

ANTIVIR n existe qu en anglais !! je n y comprends pas grand chose !!!! quand je clique sur scanners de antivir il me propose plusieurs lignes : laquelle faut il scanner ? local drives - local hard disks - removable drives -windows system directory -my documents - activ process -rootkit search - manula selection
que dois je scanner ?
devrais je garder cet antivirus par la suite ? si oui est il possible d avaoir la version francaise ?

a priori un scan est en cours avec antivir mais ca rame vachement . j espere vraiment que vous pourrez m aider a trouver une solution et que tout pourra rentrer dans l ordre .
en plus je suis aussi nul en anglais qu en info donc antivir j ai du mal mais bon si je me sors de ces virus ca sera deja super

j ai clique sur scan pour local drives : est ce que cela sera suffisant pour une analyse completecomme demandé plus haut . en tout cas le scan n est qu a 50% apres 2h45 mn !! ca vient de mon pc qui est nul ou c est antivir qui est tres long a analyser en regle general ?

surprise mais je suis passe de 60% a 100% en 3 mn ? en tout cas voici le rapport du scan pour la ligne local drives . dois je effectuer le scan pour les autres lignes indiques dans scan de antivir ?
rapport :

AntiVir PersonalEdition Classic
Report file date: jeudi 5 juillet 2007 17:33

Scanning for 740715 virus strains and unwanted programs.

Licensed to: Avira AntiVir PersonalEdition Classic
Serial number: 0000149996-ADJIE-0001
Platform: Windows XP
Windows version: (plain) [5.1.2600]
Username: Sylvain
Computer name: 3DFAYJJALOY0L20

Version information:
BUILD.DAT : 248 14437 Bytes 31/05/2007 16:59:00
AVSCAN.EXE : 7.0.4.15 282664 Bytes 20/04/2007 11:37:14
AVSCAN.DLL : 7.0.4.4 33832 Bytes 27/03/2007 11:31:54
LUKE.DLL : 7.0.4.11 143400 Bytes 27/03/2007 11:26:04
LUKERES.DLL : 7.0.4.0 10280 Bytes 19/03/2007 11:18:59
ANTIVIR0.VDF : 6.35.0.1 7371264 Bytes 31/05/2006 13:08:58
ANTIVIR1.VDF : 6.37.1.151 4303360 Bytes 23/02/2007 13:09:01
ANTIVIR2.VDF : 6.38.0.214 729600 Bytes 12/04/2007 13:09:02
ANTIVIR3.VDF : 6.38.0.225 50688 Bytes 16/04/2007 13:09:02
AVEWIN32.DLL : 7.4.0.12 2404864 Bytes 13/04/2007 13:04:24
AVWINLL.DLL : 1.0.0.7 14376 Bytes 26/02/2007 09:36:26
AVPREF.DLL : 7.0.2.1 24616 Bytes 27/03/2007 11:31:50
AVREP.DLL : 7.0.0.1 155688 Bytes 16/04/2007 12:16:24
AVPACK32.DLL : 7.3.0.8 360488 Bytes 27/03/2007 07:48:28
AVREG.DLL : 7.0.1.2 31784 Bytes 15/03/2007 08:05:08
AVEVTLOG.DLL : 7.0.0.18 86056 Bytes 27/03/2007 11:16:05
AVARKT.DLL : 1.0.0.17 278568 Bytes 02/05/2007 10:32:26
NETNT.DLL : 7.0.0.0 7720 Bytes 08/03/2007 10:09:42
RCIMAGE.DLL : 7.0.1.15 2228264 Bytes 13/03/2007 09:46:18
RCTEXT.DLL : 7.0.45.0 86056 Bytes 19/03/2007 11:42:42

Configuration settings for the scan:
Jobname..........................: Local Drives
Configuration file...............: C:\Program Files\AntiVir PersonalEdition Classic\alldrives.avp
Logging..........................: low
Primary action...................: interactive
Secondary action.................: ignore
Scan master boot sector..........: off
Scan boot sector.................: on
Boot sectors.....................: E:,
Scan memory......................: on
Process scan.....................: on
Scan registry....................: on
Search for rootkits..............: off
Scan all files...................: Intelligent file selection
Scan archives....................: on
Recursion depth..................: 20
Smart extensions.................: on
Macro heuristic..................: on
File heuristic...................: medium

Start of the scan: jeudi 5 juillet 2007 17:33

The scan of running processes will be started
Scan process 'avscan.exe' - '1' Module(s) have been scanned
Scan process 'avcenter.exe' - '1' Module(s) have been scanned
Scan process 'avgnt.exe' - '1' Module(s) have been scanned
Scan process 'avguard.exe' - '1' Module(s) have been scanned
Scan process 'sched.exe' - '1' Module(s) have been scanned
Scan process 'msimn.exe' - '1' Module(s) have been scanned
Scan process 'IEXPLORE.EXE' - '1' Module(s) have been scanned
Scan process 'jucheck.exe' - '1' Module(s) have been scanned
Scan process 'hpqste08.exe' - '1' Module(s) have been scanned
Scan process 'wuauclt.exe' - '1' Module(s) have been scanned
Scan process 'Watch.exe' - '1' Module(s) have been scanned
Scan process 'ComComp.exe' - '1' Module(s) have been scanned
Scan process 'PhLeAutoRun.exe' - '1' Module(s) have been scanned
Scan process 'hpqtra08.exe' - '1' Module(s) have been scanned
Scan process 'EspaceWanadoo.exe' - '1' Module(s) have been scanned
Scan process 'GoogleToolbarNotifier.exe' - '1' Module(s) have been scanned
Scan process 'ctfmon.exe' - '1' Module(s) have been scanned
Scan process 'hpwuSchd2.exe' - '1' Module(s) have been scanned
Scan process 'realsched.exe' - '1' Module(s) have been scanned
Scan process 'jusched.exe' - '1' Module(s) have been scanned
Scan process 'opware32.exe' - '1' Module(s) have been scanned
Scan process 'TaskBarIcon.exe' - '1' Module(s) have been scanned
Scan process 'dragdiag.exe' - '1' Module(s) have been scanned
Scan process 'explorer.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'alg.exe' - '1' Module(s) have been scanned
Scan process 'spoolsv.exe' - '1' Module(s) have been scanned
Scan process 'ashServ.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'lsass.exe' - '1' Module(s) have been scanned
Scan process 'services.exe' - '1' Module(s) have been scanned
Scan process 'winlogon.exe' - '1' Module(s) have been scanned
Scan process 'csrss.exe' - '1' Module(s) have been scanned
Scan process 'smss.exe' - '1' Module(s) have been scanned
37 processes with 37 modules were scanned

Start scanning boot sectors:
Boot sector 'C:\'
[NOTE] No virus was found!
Boot sector 'A:\'
[NOTE] In the drive 'A:\' no data medium is inserted!

Starting to scan the registry.
The registry was scanned ( '21' files ).


Starting the file scan:

Begin scan in 'C:\'
C:\hiberfil.sys
[WARNING] The file could not be opened!
C:\pagefile.sys
[WARNING] The file could not be opened!
Begin scan in 'A:\'
Search path A:\ could not be opened!
Le volume ne contient pas de système de fichiers connu. Vérifiez si tous les pilotes de système
de fichiers nécessaires sont chargés et si le volume n'est pas endommagé.

Begin scan in 'D:\'
Search path D:\ could not be opened!
Le périphérique n'est pas prêt.

Begin scan in 'E:\'
Search path E:\ could not be opened!
Le périphérique n'est pas prêt.



End of the scan: jeudi 5 juillet 2007 20:35
Used time: 3:02:03 min

The scan has been done completely.

2275 Scanning directories
285843 Files were scanned
0 viruses and/or unwanted programs were found
0 classified as suspicious:
0 files were deleted
0 files were repaired
0 files were moved to quarantine
0 files were renamed
2 Files cannot be scanned
285843 Files not concerned
8097 Archives were scanned
2 Warnings
0 Notes
0 Hidden objects were found

voila le resultat :
Logfile of HijackThis v1.99.1
Scan saved at 21:13:51, on 05/07/2007
Platform: Windows XP (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 (6.00.2600.0000)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\AntiVir PersonalEdition Classic\avguard.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Thomson\SpeedTouch USB\Dragdiag.exe
C:\PROGRA~1\Wanadoo\TaskbarIcon.exe
C:\Program Files\ScanSoft\OmniPageSE\opware32.exe
C:\Program Files\Java\jre1.5.0_11\bin\jusched.exe
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\Program Files\AntiVir PersonalEdition Classic\avgnt.exe
C:\WINDOWS\System32\ctfmon.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\Panasonic\LUMIXSimpleViewer\PhLeAutoRun.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files\AntiVir PersonalEdition Classic\sched.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Wanadoo\EspaceWanadoo.exe
C:\Program Files\Wanadoo\ComComp.exe
C:\Program Files\Wanadoo\Watch.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Outlook Express\msimn.exe
C:\WINDOWS\System32\wuauclt.exe
C:\Program Files\Java\jre1.5.0_11\bin\jucheck.exe
C:\Documents and Settings\Sylvain\Local Settings\Temp\Répertoire temporaire 1 pour hijackthis.zip\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.wanadoo.fr
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Wanadoo
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\PROGRA~1\Wanadoo\SEARCH~1.DLL
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar3.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar3.dll
O4 - HKLM\..\Run: [SpeedTouch USB Diagnostics] "C:\Program Files\Thomson\SpeedTouch USB\Dragdiag.exe" /icon
O4 - HKLM\..\Run: [WOOWATCH] C:\PROGRA~1\Wanadoo\Watch.exe
O4 - HKLM\..\Run: [WOOTASKBARICON] C:\PROGRA~1\Wanadoo\TaskbarIcon.exe
O4 - HKLM\..\Run: [Omnipage] C:\Program Files\ScanSoft\OmniPageSE\opware32.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.5.0_11\bin\jusched.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [mstsdsc.exe] c:\windows\system32\mstsdsc.exe
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\ctfmon.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: LUMIX Simple Viewer.lnk = ?
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_11\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_11\bin\ssv.dll
O9 - Extra button: Wanadoo - {1462651F-F4BA-4C76-A001-C4284D0FE16E} - http://www.wanadoo.fr (file missing) (HKCU)
O16 - DPF: {127698E4-E730-4E5C-A2B1-21490A70C8A1} (CEnroll Class) - https://static.impots.gouv.fr/abos/securite/xenroll.cab
O16 - DPF: {B79A53C0-1DAC-4636-BACE-FD086A7A79BF} (AdSignerLCContrl Class) - https://static.impots.gouv.fr/tdir/static/adpform/AdSig...
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - https://download.macromedia.com/pub/shockwave/cabs/flas...
O17 - HKLM\System\CCS\Services\Tcpip\..\{5B7050DF-F271-4D30-BCB5-7A8C1A2ADB98}: NameServer = 80.10.246.1 80.10.246.132
O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - Avira GmbH - C:\Program Files\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\System32\HPZipm12.exe


alors comment ca se presente ??

Re,

Télécharge puis installe AVG Anti-Spyware (AVG AS)
Fais les mises à jour mais ne lance pas de scan pour le moment.
AIDE : Tuto sur AVG Anti-Spyware (Malekal)

Redémarre en mode sans échec

Relance AVG AS :
- Choisis l'onglet "Analyse"
- Puis l'onglet "Paramètres"
- Sous la question "Comment réagir ?", clique sur "Actions recommandées" et choisis "Quarantaine"
- Re-clique sur l'onglet "Analyse" puis réalise une "Analyse complète du système"

[#ff0000]Si un fichier est infecté en fin d'analyse, clique sur "Appliquer toutes les actions"[/#f]

Clique sur "Enregistrer le rapport" puis sur "Enregistrer le rapport sous"
Enregistre ce fichier texte sur ton bureau.

Redémarre normalement.
Poste le rapport AVG AS ainsi qu'un rapport Hijackthis.

re-bonjour : voici les resultats du scan avg en mode echec ( je me suis retrouve avec 107 fichiers infectes !!!! dont 2 avec risque eleve , les autres etant en moyen ) :
---------------------------------------------------------
AVG Anti-Spyware - Rapport d'analyse
---------------------------------------------------------

+ Créé à: 23:39:05 05/07/2007

+ Résultat de l'analyse:



C:\System Volume Information\_restore{C2839DEC-035F-4CD4-A6D8-38631EEABB63}\RP47\A0052335.exe -> Downloader.Agent.aqk : Nettoyé.
C:\Documents and Settings\Sylvain\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\file\game.class-506f6b50-1c69a2f3.class -> Not-A-Virus.Exploit.Java.Gimsh.a : Nettoyé.
C:\Documents and Settings\Sylvain\Cookies\sylvain@247realmedia[1].txt -> TrackingCookie.247realmedia : Nettoyé.
:mozilla.258:C:\Documents and Settings\Sylvain\Application Data\Mozilla\Firefox\Profiles\fkb3sx28.default\cookies.txt -> TrackingCookie.2o7 : Nettoyé.
:mozilla.284:C:\Documents and Settings\Sylvain\Application Data\Mozilla\Firefox\Profiles\fkb3sx28.default\cookies.txt -> TrackingCookie.2o7 : Nettoyé.
C:\Documents and Settings\Sylvain\Cookies\sylvain@112.2o7[2].txt -> TrackingCookie.2o7 : Nettoyé.
C:\Documents and Settings\Sylvain\Cookies\sylvain@aolfr.122.2o7[1].txt -> TrackingCookie.2o7 : Nettoyé.
C:\Documents and Settings\Sylvain\Cookies\sylvain@betandwinwebbeta.122.2o7[2].txt -> TrackingCookie.2o7 : Nettoyé.
C:\Documents and Settings\Sylvain\Cookies\sylvain@boonty.122.2o7[1].txt -> TrackingCookie.2o7 : Nettoyé.
C:\Documents and Settings\Sylvain\Cookies\sylvain@bwincom.122.2o7[2].txt -> TrackingCookie.2o7 : Nettoyé.
C:\Documents and Settings\Sylvain\Cookies\sylvain@canadiantourismcommission.112.2o7[1].txt -> TrackingCookie.2o7 : Nettoyé.
C:\Documents and Settings\Sylvain\Cookies\sylvain@fnac.112.2o7[1].txt -> TrackingCookie.2o7 : Nettoyé.
C:\Documents and Settings\Sylvain\Cookies\sylvain@karavel.112.2o7[1].txt -> TrackingCookie.2o7 : Nettoyé.
C:\Documents and Settings\Sylvain\Cookies\sylvain@metacafe.122.2o7[1].txt -> TrackingCookie.2o7 : Nettoyé.
C:\Documents and Settings\Sylvain\Cookies\sylvain@mistergooddeal.112.2o7[1].txt -> TrackingCookie.2o7 : Nettoyé.
C:\Documents and Settings\Sylvain\Cookies\sylvain@msnportal.112.2o7[1].txt -> TrackingCookie.2o7 : Nettoyé.
C:\Documents and Settings\Sylvain\Cookies\sylvain@opodo.122.2o7[1].txt -> TrackingCookie.2o7 : Nettoyé.
C:\Documents and Settings\Sylvain\Cookies\sylvain@paypal.112.2o7[1].txt -> TrackingCookie.2o7 : Nettoyé.
C:\Documents and Settings\Sylvain\Cookies\sylvain@sfr.122.2o7[1].txt -> TrackingCookie.2o7 : Nettoyé.
C:\Documents and Settings\Sylvain\Cookies\sylvain@snapfish.112.2o7[1].txt -> TrackingCookie.2o7 : Nettoyé.
C:\Documents and Settings\Sylvain\Local Settings\Temp\Cookies\sylvain@opodo.122.2o7[1].txt -> TrackingCookie.2o7 : Nettoyé.
C:\Documents and Settings\Sylvain\Cookies\sylvain@2.adbrite[2].txt -> TrackingCookie.Adbrite : Nettoyé.
C:\Documents and Settings\Sylvain\Cookies\sylvain@3.adbrite[1].txt -> TrackingCookie.Adbrite : Nettoyé.
C:\Documents and Settings\Sylvain\Cookies\sylvain@adbrite[2].txt -> TrackingCookie.Adbrite : Nettoyé.
C:\Documents and Settings\Sylvain\Cookies\sylvain@ads.adbrite[1].txt -> TrackingCookie.Adbrite : Nettoyé.
C:\Documents and Settings\Sylvain\Cookies\sylvain@www.adobe[1].txt -> TrackingCookie.Adobe : Nettoyé.
:mozilla.62:C:\Documents and Settings\Sylvain\Application Data\Mozilla\Firefox\Profiles\fkb3sx28.default\cookies.txt -> TrackingCookie.Adtech : Nettoyé.
:mozilla.63:C:\Documents and Settings\Sylvain\Application Data\Mozilla\Firefox\Profiles\fkb3sx28.default\cookies.txt -> TrackingCookie.Adtech : Nettoyé.
C:\Documents and Settings\Sylvain\Cookies\sylvain@adtech[2].txt -> TrackingCookie.Adtech : Nettoyé.
:mozilla.66:C:\Documents and Settings\Sylvain\Application Data\Mozilla\Firefox\Profiles\fkb3sx28.default\cookies.txt -> TrackingCookie.Advertising : Nettoyé.
:mozilla.67:C:\Documents and Settings\Sylvain\Application Data\Mozilla\Firefox\Profiles\fkb3sx28.default\cookies.txt -> TrackingCookie.Advertising : Nettoyé.
:mozilla.68:C:\Documents and Settings\Sylvain\Application Data\Mozilla\Firefox\Profiles\fkb3sx28.default\cookies.txt -> TrackingCookie.Advertising : Nettoyé.
C:\Documents and Settings\Sylvain\Cookies\sylvain@advertising[2].txt -> TrackingCookie.Advertising : Nettoyé.
:mozilla.49:C:\Documents and Settings\Sylvain\Application Data\Mozilla\Firefox\Profiles\fkb3sx28.default\cookies.txt -> TrackingCookie.Atdmt : Nettoyé.
C:\Documents and Settings\Sylvain\Cookies\sylvain@atdmt[2].txt -> TrackingCookie.Atdmt : Nettoyé.
:mozilla.134:C:\Documents and Settings\Sylvain\Application Data\Mozilla\Firefox\Profiles\fkb3sx28.default\cookies.txt -> TrackingCookie.Bluestreak : Nettoyé.
C:\Documents and Settings\Sylvain\Cookies\sylvain@bluestreak[2].txt -> TrackingCookie.Bluestreak : Nettoyé.
C:\Documents and Settings\Sylvain\Cookies\sylvain@ads10.bpath[2].txt -> TrackingCookie.Bpath : Nettoyé.
C:\Documents and Settings\Sylvain\Cookies\sylvain@casalemedia[1].txt -> TrackingCookie.Casalemedia : Nettoyé.
C:\Documents and Settings\Sylvain\Cookies\sylvain@ad1.clickhype[1].txt -> TrackingCookie.Clickhype : Nettoyé.
C:\Documents and Settings\Sylvain\Cookies\sylvain@com[1].txt -> TrackingCookie.Com : Nettoyé.
:mozilla.164:C:\Documents and Settings\Sylvain\Application Data\Mozilla\Firefox\Profiles\fkb3sx28.default\cookies.txt -> TrackingCookie.Comclick : Nettoyé.
:mozilla.165:C:\Documents and Settings\Sylvain\Application Data\Mozilla\Firefox\Profiles\fkb3sx28.default\cookies.txt -> TrackingCookie.Comclick : Nettoyé.
:mozilla.166:C:\Documents and Settings\Sylvain\Application Data\Mozilla\Firefox\Profiles\fkb3sx28.default\cookies.txt -> TrackingCookie.Comclick : Nettoyé.
C:\Documents and Settings\Sylvain\Cookies\sylvain@comclick[2].txt -> TrackingCookie.Comclick : Nettoyé.
C:\Documents and Settings\Sylvain\Cookies\sylvain@fl01.ct2.comclick[1].txt -> TrackingCookie.Comclick : Nettoyé.
:mozilla.23:C:\Documents and Settings\Sylvain\Application Data\Mozilla\Firefox\Profiles\fkb3sx28.default\cookies.txt -> TrackingCookie.Connextra : Nettoyé.
:mozilla.24:C:\Documents and Settings\Sylvain\Application Data\Mozilla\Firefox\Profiles\fkb3sx28.default\cookies.txt -> TrackingCookie.Connextra : Nettoyé.
:mozilla.27:C:\Documents and Settings\Sylvain\Application Data\Mozilla\Firefox\Profiles\fkb3sx28.default\cookies.txt -> TrackingCookie.Connextra : Nettoyé.
C:\Documents and Settings\Sylvain\Cookies\sylvain@connextra[1].txt -> TrackingCookie.Connextra : Nettoyé.
C:\Documents and Settings\Sylvain\Cookies\sylvain@stat.dealtime[1].txt -> TrackingCookie.Dealtime : Nettoyé.
:mozilla.37:C:\Documents and Settings\Sylvain\Application Data\Mozilla\Firefox\Profiles\fkb3sx28.default\cookies.txt -> TrackingCookie.Doubleclick : Nettoyé.
C:\Documents and Settings\Sylvain\Cookies\sylvain@doubleclick[1].txt -> TrackingCookie.Doubleclick : Nettoyé.
:mozilla.155:C:\Documents and Settings\Sylvain\Application Data\Mozilla\Firefox\Profiles\fkb3sx28.default\cookies.txt -> TrackingCookie.Estat : Nettoyé.
C:\Documents and Settings\Sylvain\Cookies\sylvain@estat[1].txt -> TrackingCookie.Estat : Nettoyé.
C:\Documents and Settings\Sylvain\Cookies\sylvain@adopt.euroclick[2].txt -> TrackingCookie.Euroclick : Nettoyé.
:mozilla.229:C:\Documents and Settings\Sylvain\Application Data\Mozilla\Firefox\Profiles\fkb3sx28.default\cookies.txt -> TrackingCookie.Falkag : Nettoyé.
C:\Documents and Settings\Sylvain\Cookies\sylvain@fastclick[1].txt -> TrackingCookie.Fastclick : Nettoyé.
C:\Documents and Settings\Sylvain\Cookies\sylvain@media.fastclick[2].txt -> TrackingCookie.Fastclick : Nettoyé.
:mozilla.153:C:\Documents and Settings\Sylvain\Application Data\Mozilla\Firefox\Profiles\fkb3sx28.default\cookies.txt -> TrackingCookie.Googleadservices : Nettoyé.
:mozilla.41:C:\Documents and Settings\Sylvain\Application Data\Mozilla\Firefox\Profiles\fkb3sx28.default\cookies.txt -> TrackingCookie.Hitbox : Nettoyé.
:mozilla.42:C:\Documents and Settings\Sylvain\Application Data\Mozilla\Firefox\Profiles\fkb3sx28.default\cookies.txt -> TrackingCookie.Hitbox : Nettoyé.
:mozilla.43:C:\Documents and Settings\Sylvain\Application Data\Mozilla\Firefox\Profiles\fkb3sx28.default\cookies.txt -> TrackingCookie.Hitbox : Nettoyé.
:mozilla.44:C:\Documents and Settings\Sylvain\Application Data\Mozilla\Firefox\Profiles\fkb3sx28.default\cookies.txt -> TrackingCookie.Hitbox : Nettoyé.
:mozilla.45:C:\Documents and Settings\Sylvain\Application Data\Mozilla\Firefox\Profiles\fkb3sx28.default\cookies.txt -> TrackingCookie.Hitbox : Nettoyé.
:mozilla.46:C:\Documents and Settings\Sylvain\Application Data\Mozilla\Firefox\Profiles\fkb3sx28.default\cookies.txt -> TrackingCookie.Hitbox : Nettoyé.
:mozilla.47:C:\Documents and Settings\Sylvain\Application Data\Mozilla\Firefox\Profiles\fkb3sx28.default\cookies.txt -> TrackingCookie.Hitbox : Nettoyé.
C:\Documents and Settings\Sylvain\Cookies\sylvain@searchportal.information[1].txt -> TrackingCookie.Information : Nettoyé.
C:\Documents and Settings\Sylvain\Cookies\sylvain@ilead.itrack[2].txt -> TrackingCookie.Itrack : Nettoyé.
C:\Documents and Settings\Sylvain\Cookies\sylvain@ivwbox[1].txt -> TrackingCookie.Ivwbox : Nettoyé.
:mozilla.60:C:\Documents and Settings\Sylvain\Application Data\Mozilla\Firefox\Profiles\fkb3sx28.default\cookies.txt -> TrackingCookie.Mediaplex : Nettoyé.
:mozilla.61:C:\Documents and Settings\Sylvain\Application Data\Mozilla\Firefox\Profiles\fkb3sx28.default\cookies.txt -> TrackingCookie.Mediaplex : Nettoyé.
C:\Documents and Settings\Sylvain\Cookies\sylvain@mediaplex[1].txt -> TrackingCookie.Mediaplex : Nettoyé.
C:\Documents and Settings\Sylvain\Cookies\sylvain@ssl-hints.netflame[2].txt -> TrackingCookie.Netflame : Nettoyé.
:mozilla.113:C:\Documents and Settings\Sylvain\Application Data\Mozilla\Firefox\Profiles\fkb3sx28.default\cookies.txt -> TrackingCookie.Overture : Nettoyé.
:mozilla.114:C:\Documents and Settings\Sylvain\Application Data\Mozilla\Firefox\Profiles\fkb3sx28.default\cookies.txt -> TrackingCookie.Overture : Nettoyé.
C:\Documents and Settings\Sylvain\Cookies\sylvain@overture[1].txt -> TrackingCookie.Overture : Nettoyé.
:mozilla.275:C:\Documents and Settings\Sylvain\Application Data\Mozilla\Firefox\Profiles\fkb3sx28.default\cookies.txt -> TrackingCookie.Paypal : Nettoyé.
C:\Documents and Settings\Sylvain\Cookies\sylvain@www.paypal[1].txt -> TrackingCookie.Paypal : Nettoyé.
C:\Documents and Settings\Sylvain\Cookies\sylvain@fr.real[1].txt -> TrackingCookie.Real : Nettoyé.
C:\Documents and Settings\Sylvain\Cookies\sylvain@real[1].txt -> TrackingCookie.Real : Nettoyé.
C:\Documents and Settings\Sylvain\Cookies\sylvain@realguide.real[2].txt -> TrackingCookie.Real : Nettoyé.
C:\Documents and Settings\Sylvain\Cookies\sylvain@revenue[1].txt -> TrackingCookie.Revenue : Nettoyé.
C:\Documents and Settings\Sylvain\Cookies\sylvain@bs.serving-sys[1].txt -> TrackingCookie.Serving-sys : Nettoyé.
C:\Documents and Settings\Sylvain\Cookies\sylvain@serving-sys[1].txt -> TrackingCookie.Serving-sys : Nettoyé.
:mozilla.130:C:\Documents and Settings\Sylvain\Application Data\Mozilla\Firefox\Profiles\fkb3sx28.default\cookies.txt -> TrackingCookie.Smartadserver : Nettoyé.
:mozilla.131:C:\Documents and Settings\Sylvain\Application Data\Mozilla\Firefox\Profiles\fkb3sx28.default\cookies.txt -> TrackingCookie.Smartadserver : Nettoyé.
:mozilla.132:C:\Documents and Settings\Sylvain\Application Data\Mozilla\Firefox\Profiles\fkb3sx28.default\cookies.txt -> TrackingCookie.Smartadserver : Nettoyé.
:mozilla.133:C:\Documents and Settings\Sylvain\Application Data\Mozilla\Firefox\Profiles\fkb3sx28.default\cookies.txt -> TrackingCookie.Smartadserver : Nettoyé.
C:\Documents and Settings\Sylvain\Cookies\sylvain@www.smartadserver[2].txt -> TrackingCookie.Smartadserver : Nettoyé.
C:\Documents and Settings\Sylvain\Cookies\sylvain@statcounter[1].txt -> TrackingCookie.Statcounter : Nettoyé.
C:\Documents and Settings\Sylvain\Cookies\sylvain@tacoda[2].txt -> TrackingCookie.Tacoda : Nettoyé.
:mozilla.53:C:\Documents and Settings\Sylvain\Application Data\Mozilla\Firefox\Profiles\fkb3sx28.default\cookies.txt -> TrackingCookie.Tradedoubler : Nettoyé.
:mozilla.54:C:\Documents and Settings\Sylvain\Application Data\Mozilla\Firefox\Profiles\fkb3sx28.default\cookies.txt -> TrackingCookie.Tradedoubler : Nettoyé.
:mozilla.55:C:\Documents and Settings\Sylvain\Application Data\Mozilla\Firefox\Profiles\fkb3sx28.default\cookies.txt -> TrackingCookie.Tradedoubler : Nettoyé.
:mozilla.56:C:\Documents and Settings\Sylvain\Application Data\Mozilla\Firefox\Profiles\fkb3sx28.default\cookies.txt -> TrackingCookie.Tradedoubler : Nettoyé.
C:\Documents and Settings\Sylvain\Cookies\sylvain@tradedoubler[1].txt -> TrackingCookie.Tradedoubler : Nettoyé.
:mozilla.142:C:\Documents and Settings\Sylvain\Application Data\Mozilla\Firefox\Profiles\fkb3sx28.default\cookies.txt -> TrackingCookie.Weborama : Nettoyé.
:mozilla.143:C:\Documents and Settings\Sylvain\Application Data\Mozilla\Firefox\Profiles\fkb3sx28.default\cookies.txt -> TrackingCookie.Weborama : Nettoyé.
:mozilla.144:C:\Documents and Settings\Sylvain\Application Data\Mozilla\Firefox\Profiles\fkb3sx28.default\cookies.txt -> TrackingCookie.Weborama : Nettoyé.
C:\Documents and Settings\Sylvain\Cookies\sylvain@weborama[1].txt -> TrackingCookie.Weborama : Nettoyé.
:mozilla.247:C:\Documents and Settings\Sylvain\Application Data\Mozilla\Firefox\Profiles\fkb3sx28.default\cookies.txt -> TrackingCookie.Webtrends : Nettoyé.
C:\Documents and Settings\Sylvain\Cookies\sylvain@m.webtrends[2].txt -> TrackingCookie.Webtrends : Nettoyé.
C:\Documents and Settings\Sylvain\Cookies\sylvain@yadro[2].txt -> TrackingCookie.Yadro : Nettoyé.
C:\Documents and Settings\Sylvain\Cookies\sylvain@ad.yieldmanager[2].txt -> TrackingCookie.Yieldmanager : Nettoyé.
:mozilla.175:C:\Documents and Settings\Sylvain\Application Data\Mozilla\Firefox\Profiles\fkb3sx28.default\cookies.txt -> TrackingCookie.Zedo : Nettoyé.
C:\Documents and Settings\Sylvain\Cookies\sylvain@zedo[1].txt -> TrackingCookie.Zedo : Nettoyé.


Fin du rapport

voici aussi le resultat du rapport hijakthis :
Logfile of HijackThis v1.99.1
Scan saved at 09:10:48, on 06/07/2007
Platform: Windows XP (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 (6.00.2600.0000)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\AntiVir PersonalEdition Classic\avguard.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Thomson\SpeedTouch USB\Dragdiag.exe
C:\PROGRA~1\Wanadoo\TaskbarIcon.exe
C:\Program Files\ScanSoft\OmniPageSE\opware32.exe
C:\Program Files\Java\jre1.5.0_11\bin\jusched.exe
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\Program Files\AntiVir PersonalEdition Classic\avgnt.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\Program Files\AntiVir PersonalEdition Classic\sched.exe
C:\WINDOWS\System32\ctfmon.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\Panasonic\LUMIXSimpleViewer\PhLeAutoRun.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\WINDOWS\System32\wuauclt.exe
C:\Program Files\Wanadoo\EspaceWanadoo.exe
C:\Program Files\Wanadoo\ComComp.exe
C:\Program Files\Wanadoo\Watch.exe
C:\Program Files\Java\jre1.5.0_11\bin\jucheck.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Outlook Express\msimn.exe
C:\Documents and Settings\Sylvain\Local Settings\Temp\Répertoire temporaire 2 pour hijackthis.zip\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.wanadoo.fr
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Wanadoo
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\PROGRA~1\Wanadoo\SEARCH~1.DLL
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar3.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar3.dll
O4 - HKLM\..\Run: [SpeedTouch USB Diagnostics] "C:\Program Files\Thomson\SpeedTouch USB\Dragdiag.exe" /icon
O4 - HKLM\..\Run: [WOOWATCH] C:\PROGRA~1\Wanadoo\Watch.exe
O4 - HKLM\..\Run: [WOOTASKBARICON] C:\PROGRA~1\Wanadoo\TaskbarIcon.exe
O4 - HKLM\..\Run: [Omnipage] C:\Program Files\ScanSoft\OmniPageSE\opware32.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.5.0_11\bin\jusched.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [mstsdsc.exe] c:\windows\system32\mstsdsc.exe
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\ctfmon.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: LUMIX Simple Viewer.lnk = ?
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_11\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_11\bin\ssv.dll
O9 - Extra button: Wanadoo - {1462651F-F4BA-4C76-A001-C4284D0FE16E} - http://www.wanadoo.fr (file missing) (HKCU)
O16 - DPF: {127698E4-E730-4E5C-A2B1-21490A70C8A1} (CEnroll Class) - https://static.impots.gouv.fr/abos/securite/xenroll.cab
O16 - DPF: {B79A53C0-1DAC-4636-BACE-FD086A7A79BF} (AdSignerLCContrl Class) - https://static.impots.gouv.fr/tdir/static/adpform/AdSig...
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - https://download.macromedia.com/pub/shockwave/cabs/flas...
O17 - HKLM\System\CCS\Services\Tcpip\..\{5B7050DF-F271-4D30-BCB5-7A8C1A2ADB98}: NameServer = 80.10.246.1 80.10.246.132
O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - Avira GmbH - C:\Program Files\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\System32\HPZipm12.exe

j espere que le probleme est resolu ou du moins peut l etre !!!! encore merci

j ai fait fix checked sur la ligne
O4 - HKLM\..\Run: [mstsdsc.exe] c:\windows\system32\mstsdsc.exe
j espere que c etait ca .
par contre je ne sais pas vraiment ou aller pour supprimer le fichier
c:\windows\system32\mstsdsc.exe ?
j ai pas saisi le message precedent !!

voila le rapport :
Logfile of HijackThis v1.99.1
Scan saved at 13:15:19, on 06/07/2007
Platform: Windows XP (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 (6.00.2600.0000)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Thomson\SpeedTouch USB\Dragdiag.exe
C:\PROGRA~1\Wanadoo\TaskbarIcon.exe
C:\Program Files\ScanSoft\OmniPageSE\opware32.exe
C:\Program Files\Java\jre1.5.0_11\bin\jusched.exe
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\Program Files\AntiVir PersonalEdition Classic\sched.exe
C:\WINDOWS\System32\ctfmon.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\Panasonic\LUMIXSimpleViewer\PhLeAutoRun.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\WINDOWS\System32\wuauclt.exe
C:\Program Files\Wanadoo\EspaceWanadoo.exe
C:\Program Files\Wanadoo\ComComp.exe
C:\Program Files\Wanadoo\Watch.exe
C:\Program Files\Java\jre1.5.0_11\bin\jucheck.exe
C:\Program Files\AntiVir PersonalEdition Classic\avguard.exe
C:\Program Files\AntiVir PersonalEdition Classic\avgnt.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Outlook Express\msimn.exe
C:\Documents and Settings\Sylvain\Local Settings\Temp\Répertoire temporaire 6 pour hijackthis.zip\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.wanadoo.fr
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Wanadoo
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\PROGRA~1\Wanadoo\SEARCH~1.DLL
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar3.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar3.dll
O4 - HKLM\..\Run: [SpeedTouch USB Diagnostics] "C:\Program Files\Thomson\SpeedTouch USB\Dragdiag.exe" /icon
O4 - HKLM\..\Run: [WOOWATCH] C:\PROGRA~1\Wanadoo\Watch.exe
O4 - HKLM\..\Run: [WOOTASKBARICON] C:\PROGRA~1\Wanadoo\TaskbarIcon.exe
O4 - HKLM\..\Run: [Omnipage] C:\Program Files\ScanSoft\OmniPageSE\opware32.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.5.0_11\bin\jusched.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\ctfmon.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: LUMIX Simple Viewer.lnk = ?
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_11\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_11\bin\ssv.dll
O9 - Extra button: Wanadoo - {1462651F-F4BA-4C76-A001-C4284D0FE16E} - http://www.wanadoo.fr (file missing) (HKCU)
O16 - DPF: {127698E4-E730-4E5C-A2B1-21490A70C8A1} (CEnroll Class) - https://static.impots.gouv.fr/abos/securite/xenroll.cab
O16 - DPF: {B79A53C0-1DAC-4636-BACE-FD086A7A79BF} (AdSignerLCContrl Class) - https://static.impots.gouv.fr/tdir/static/adpform/AdSig...
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - https://download.macromedia.com/pub/shockwave/cabs/flas...
O17 - HKLM\System\CCS\Services\Tcpip\..\{5B7050DF-F271-4D30-BCB5-7A8C1A2ADB98}: NameServer = 80.10.246.1 80.10.246.132
O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - Avira GmbH - C:\Program Files\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\System32\HPZipm12.exe

Lassé par la pub ? Créez un compte

Créer un nouveau sujet

Tom's guide dans le monde