Se connecter / S'enregistrer
Votre question

problème moteur de recherche et mises à jour impossible

Tags :
  • Moteur de recherche
  • Sécurité
Dernière réponse : dans Sécurité et virus
8 Novembre 2008 15:25:55

Bonjour,
j'ai depuis peu des problèmes avec mes moteurs de recherche: quand je clique sur un lien que proposent Google ou Yahoo, une page s'ouvre et je s'affiche un site qui n'a rien à voir avec le lien (ce sont souvent des sortes de moteurs de recherche bizarre, avec un lien començant par "go.google..." ).
J'ai donc téléchargé "Hijack this" et fait un scan rapide.
J'ai dû faire une bêtise, et éliminer des fichiers importants. Par la suite, toute mise à jour est devenue impossible, je ne peux même plus aller sur le site d'avast ou un site avec scan en ligne...
J'ai recommencé un scan avec "Hijack this", je vous envoie le rapport:
Logfile of HijackThis v1.99.1
Scan saved at 15:09:00, on 08/11/2008
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16735)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Internet Explorer\Iexplore.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\ESTsoft\ALZip\ALZip.exe
C:\Documents and Settings\sylvain\My Documents\HiJackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O11 - Options group: [INTERNATIONAL] International*
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O20 - Winlogon Notify: dimsntfy - %SystemRoot%\System32\dimsntfy.dll (file missing)
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe

Merci pour votre aide

Sylvain

Autres pages sur : probleme moteur recherche mises jour impossible

a b 8 Sécurité
8 Novembre 2008 18:19:42

Bonjour,

  • Télécharge Catchme ([#ff0000]Gmer[/#f]) sur ton Bureau.
  • Double clique sur catchme.exe (le .exe n'est pas forcément visible) afin de le lancer.
  • Lorsque la recherche sera terminée, poste le rapport catchme.log dans ta prochaine réponse.
    9 Novembre 2008 13:56:18

    Bonjour, je n'ai pas réussi à télécharger Catchme (le lien semble mort, et même dans Google, ce logiciel est introuvable); mais j'ai vu dans le forum quelqu'un qui a à peu près le même souci que moi, on lui a conseillé Malwarebyte's anti malware; je l'ai donc téléchargé et je vous poste le rapport que ce logiciel vient d'effectuer:
    Malwarebytes' Anti-Malware 1.30
    Version de la base de données: 1375
    Windows 5.1.2600 Service Pack 3

    09/11/2008 13:51:20
    mbam-log-2008-11-09 (13-51-20).txt

    Type de recherche: Examen rapide
    Eléments examinés: 51219
    Temps écoulé: 7 minute(s), 20 second(s)

    Processus mémoire infecté(s): 0
    Module(s) mémoire infecté(s): 0
    Clé(s) du Registre infectée(s): 2
    Valeur(s) du Registre infectée(s): 0
    Elément(s) de données du Registre infecté(s): 2
    Dossier(s) infecté(s): 5
    Fichier(s) infecté(s): 7

    Processus mémoire infecté(s):
    (Aucun élément nuisible détecté)

    Module(s) mémoire infecté(s):
    (Aucun élément nuisible détecté)

    Clé(s) du Registre infectée(s):
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\tdssdata (Trojan.Agent) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\tdss (Trojan.Agent) -> Quarantined and deleted successfully.

    Valeur(s) du Registre infectée(s):
    (Aucun élément nuisible détecté)

    Elément(s) de données du Registre infecté(s):
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Userinit (Trojan.Agent) -> Data: c:\windows\system32\ -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Userinit (Trojan.Agent) -> Data: system32\ -> Quarantined and deleted successfully.

    Dossier(s) infecté(s):
    C:\Documents and Settings\All Users\Application Data\Software Licensors\Antispyware PRO XP (Rogue.AntiSpywareProXP) -> Quarantined and deleted successfully.
    C:\Documents and Settings\All Users\Application Data\Software Licensors\Antispyware PRO XP\BASE (Rogue.AntiSpywareProXP) -> Quarantined and deleted successfully.
    C:\Documents and Settings\All Users\Application Data\Software Licensors\Antispyware PRO XP\DELETED (Rogue.AntiSpywareProXP) -> Quarantined and deleted successfully.
    C:\Documents and Settings\All Users\Application Data\Software Licensors\Antispyware PRO XP\LOG (Rogue.AntiSpywareProXP) -> Quarantined and deleted successfully.
    C:\Documents and Settings\All Users\Application Data\Software Licensors\Antispyware PRO XP\SAVED (Rogue.AntiSpywareProXP) -> Quarantined and deleted successfully.

    Fichier(s) infecté(s):
    C:\Documents and Settings\All Users\Application Data\Software Licensors\Antispyware PRO XP\LOG\20080909180333281.log (Rogue.AntiSpywareProXP) -> Quarantined and deleted successfully.
    C:\Documents and Settings\All Users\Application Data\services\services.dll (Trojan.Agent) -> Quarantined and deleted successfully.
    C:\WINDOWS\system32\56b1l84N.exe.a_a (Trojan.Agent) -> Quarantined and deleted successfully.
    C:\WINDOWS\system32\y6NXGFv1.exe.a_a (Trojan.Agent) -> Quarantined and deleted successfully.
    C:\WINDOWS\system32\ (Trojan.Agent) -> Quarantined and deleted successfully.
    C:\WINDOWS\system32\drivers\ (Trojan.Agent) -> Quarantined and deleted successfully.
    C:\WINDOWS\system32\drivers\svchost.exe (Heuristics.Reserved.Word.Exploit) -> Quarantined and deleted successfully.
    Contenus similaires
    9 Novembre 2008 13:57:47

    Il m'a éliminé certains spyware, je peux déjà aller sur le site d'avast, c'est bon signe!
    a b 8 Sécurité
    9 Novembre 2008 14:27:48

    Reposte un rapport Hijackthis.
    9 Novembre 2008 14:33:41

    le rapport Hijakthis:
    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 14:33:03, on 09/11/2008
    Platform: Windows XP SP3 (WinNT 5.01.2600)
    MSIE: Internet Explorer v7.00 (7.00.6000.16735)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
    C:\WINDOWS\Explorer.EXE
    C:\WINDOWS\system32\ctfmon.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\wuauclt.exe
    C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\PROGRA~1\MICROS~2\OFFICE11\OUTLOOK.EXE
    C:\Program Files\Microsoft Office\OFFICE11\WINWORD.EXE
    C:\Program Files\Trend Micro\HijackThis\EDEN.exe

    R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
    O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
    O3 - Toolbar: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
    O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
    O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
    O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
    O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
    O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
    O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
    O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
    O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
    O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
    O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe

    --
    End of file - 2923 bytes
    9 Novembre 2008 14:55:48

    J'ai l'impression que tout est revenu dans l'odre, ceci dit, peut être y a t il encore quelque chose que je pourrais "fixer" avec Hijackthis, si vous en voyez une.
    En tous cas, bravo pour ce forum d'entraide, c'est super.
    9 Novembre 2008 15:01:48

    Bien, he vais faire ce que tu me conseille, il est vrai qu'Avast, sur ce coup là, a mal fait son boulot. mais j'ai une peur quand même: est ce qu'antivir ne va pas trop ralentir mon PC? Je vais quand meme faire le test.
    Merci.
    a b 8 Sécurité
    9 Novembre 2008 18:05:26

    AntiVir est un antivirus léger.
    9 Novembre 2008 20:02:19

    Bien, le scan a marché, il a repéré un Trojan que j'ai mis en quarantaine, voici le rapport d'antivir:

    Avira AntiVir Personal
    Report file date: Sunday, November 09, 2008 15:55

    Scanning for 1019829 virus strains and unwanted programs.

    Licensed to: Avira AntiVir PersonalEdition Classic
    Serial number: 0000149996-ADJIE-0001
    Platform: Windows XP
    Windows version: (Service Pack 3) [5.1.2600]
    Boot mode: Normally booted
    Username: SYSTEM
    Computer name: SISI-5FC49ABF46

    Version information:
    BUILD.DAT : 8.2.0.334 16933 Bytes 16/10/2008 14:55:00
    AVSCAN.EXE : 8.1.4.7 315649 Bytes 26/06/2008 09:57:53
    AVSCAN.DLL : 8.1.4.0 40705 Bytes 26/05/2008 08:56:40
    LUKE.DLL : 8.1.4.5 164097 Bytes 12/06/2008 13:44:19
    LUKERES.DLL : 8.1.4.0 12033 Bytes 26/05/2008 08:58:52
    ANTIVIR0.VDF : 7.1.0.0 15603712 Bytes 27/10/2008 14:27:24
    ANTIVIR1.VDF : 7.1.0.21 130560 Bytes 31/10/2008 14:27:25
    ANTIVIR2.VDF : 7.1.0.44 139264 Bytes 06/11/2008 14:27:31
    ANTIVIR3.VDF : 7.1.0.55 139776 Bytes 07/11/2008 14:27:33
    Engineversion : 8.2.0.29
    AEVDF.DLL : 8.1.0.6 102772 Bytes 14/10/2008 11:05:56
    AESCRIPT.DLL : 8.1.1.13 332156 Bytes 09/11/2008 14:27:42
    AESCN.DLL : 8.1.1.5 123251 Bytes 09/11/2008 14:27:41
    AERDL.DLL : 8.1.1.3 438645 Bytes 09/11/2008 14:27:40
    AEPACK.DLL : 8.1.3.3 393591 Bytes 09/11/2008 14:27:39
    AEOFFICE.DLL : 8.1.0.30 196986 Bytes 09/11/2008 14:27:39
    AEHEUR.DLL : 8.1.0.71 1487222 Bytes 09/11/2008 14:27:38
    AEHELP.DLL : 8.1.1.3 119157 Bytes 09/11/2008 14:27:36
    AEGEN.DLL : 8.1.1.0 319859 Bytes 09/11/2008 14:27:35
    AEEMU.DLL : 8.1.0.9 393588 Bytes 14/10/2008 11:05:56
    AECORE.DLL : 8.1.4.1 172405 Bytes 09/11/2008 14:27:34
    AEBB.DLL : 8.1.0.3 53618 Bytes 14/10/2008 11:05:56
    AVWINLL.DLL : 1.0.0.12 15105 Bytes 09/07/2008 09:40:05
    AVPREF.DLL : 8.0.2.0 38657 Bytes 16/05/2008 10:28:01
    AVREP.DLL : 8.0.0.2 98344 Bytes 09/11/2008 14:27:34
    AVREG.DLL : 8.0.0.1 33537 Bytes 09/05/2008 12:26:40
    AVARKT.DLL : 1.0.0.23 307457 Bytes 12/02/2008 09:29:23
    AVEVTLOG.DLL : 8.0.0.16 119041 Bytes 12/06/2008 13:27:49
    SQLITE3.DLL : 3.3.17.1 339968 Bytes 22/01/2008 18:28:02
    SMTPLIB.DLL : 1.2.0.23 28929 Bytes 12/06/2008 13:49:40
    NETNT.DLL : 8.0.0.1 7937 Bytes 25/01/2008 13:05:10
    RCIMAGE.DLL : 8.0.0.51 2371841 Bytes 12/06/2008 14:48:07
    RCTEXT.DLL : 8.0.52.0 86273 Bytes 27/06/2008 14:34:37

    Configuration settings for the scan:
    Jobname..........................: Complete system scan
    Configuration file...............: c:\program files\avira\antivir personaledition classic\sysscan.avp
    Logging..........................: low
    Primary action...................: interactive
    Secondary action.................: ignore
    Scan master boot sector..........: on
    Scan boot sector.................: on
    Boot sectors.....................: C:, D:, H:,
    Process scan.....................: on
    Scan registry....................: on
    Search for rootkits..............: off
    Scan all files...................: Intelligent file selection
    Scan archives....................: on
    Recursion depth..................: 20
    Smart extensions.................: on
    Macro heuristic..................: on
    File heuristic...................: medium

    Start of the scan: Sunday, November 09, 2008 15:55

    The scan of running processes will be started
    Scan process 'avwsc.exe' - '1' Module(s) have been scanned
    Scan process 'avscan.exe' - '1' Module(s) have been scanned
    Scan process 'avscan.exe' - '1' Module(s) have been scanned
    Scan process 'wuauclt.exe' - '1' Module(s) have been scanned
    Scan process 'iexplore.exe' - '1' Module(s) have been scanned
    Scan process 'wmiprvse.exe' - '1' Module(s) have been scanned
    Scan process 'alg.exe' - '1' Module(s) have been scanned
    Scan process 'wuauclt.exe' - '1' Module(s) have been scanned
    Scan process 'avcenter.exe' - '1' Module(s) have been scanned
    Scan process 'svchost.exe' - '1' Module(s) have been scanned
    Scan process 'guard.exe' - '0' Module(s) have been scanned
    Scan process 'avguard.exe' - '1' Module(s) have been scanned
    Scan process 'msmsgs.exe' - '1' Module(s) have been scanned
    Scan process 'ctfmon.exe' - '1' Module(s) have been scanned
    Scan process 'avgnt.exe' - '1' Module(s) have been scanned
    Scan process 'sched.exe' - '1' Module(s) have been scanned
    Scan process 'spoolsv.exe' - '1' Module(s) have been scanned
    Scan process 'explorer.exe' - '1' Module(s) have been scanned
    Scan process 'svchost.exe' - '1' Module(s) have been scanned
    Scan process 'svchost.exe' - '1' Module(s) have been scanned
    Scan process 'svchost.exe' - '1' Module(s) have been scanned
    Scan process 'svchost.exe' - '1' Module(s) have been scanned
    Scan process 'svchost.exe' - '1' Module(s) have been scanned
    Scan process 'lsass.exe' - '1' Module(s) have been scanned
    Scan process 'services.exe' - '1' Module(s) have been scanned
    Scan process 'winlogon.exe' - '1' Module(s) have been scanned
    Scan process 'csrss.exe' - '1' Module(s) have been scanned
    Scan process 'smss.exe' - '1' Module(s) have been scanned
    27 processes with 27 modules were scanned

    Starting master boot sector scan:
    Master boot sector HD0
    [INFO] No virus was found!
    Master boot sector HD1
    [INFO] No virus was found!

    Start scanning boot sectors:
    Boot sector 'C:\'
    [INFO] No virus was found!
    Boot sector 'D:\'
    [INFO] No virus was found!
    Boot sector 'H:\'
    [INFO] No virus was found!

    Starting to scan the registry.
    The registry was scanned ( '43' files ).


    Starting the file scan:

    Begin scan in 'C:\' <New Volume>
    C:\hiberfil.sys
    [WARNING] The file could not be opened!
    C:\pagefile.sys
    [WARNING] The file could not be opened!
    C:\Program Files\AdVantage\AdVUninst.exe
    [DETECTION] Contains recognition pattern of the WORM/SaveNow.A.454096 worm
    [NOTE] The file was moved to '496d1610.qua'!
    C:\System Volume Information\_restore{713B0E39-B7E3-4191-ABC1-A3403515340D}\RP50\A0004046.exe
    [0] Archive type: CAB SFX (self extracting)
    --> \Setup\Data.Cab
    [1] Archive type: CAB (Microsoft)
    --> F5014_Lvkrn13n.dll.F437A828_B4A3_479C_925B_C77D3F4865CF
    [WARNING] No further files can be extracted from this archive. The archive will be closed
    --> \Setup\fra\Lisezmoi.html
    [WARNING] No further files can be extracted from this archive. The archive will be closed
    [WARNING] No further files can be extracted from this archive. The archive will be closed
    Begin scan in 'D:\'
    Begin scan in 'H:\'


    End of the scan: Sunday, November 09, 2008 19:59
    Used time: 4:04:06 Hour(s)

    The scan has been done completely.

    7621 Scanning directories
    445225 Files were scanned
    1 viruses and/or unwanted programs were found
    0 Files were classified as suspicious:
    0 files were deleted
    0 files were repaired
    1 files were moved to quarantine
    0 files were renamed
    3 Files cannot be scanned
    445221 Files not concerned
    3559 Archives were scanned
    5 Warnings
    1 Notes

    a b 8 Sécurité
    10 Novembre 2008 17:33:49

    Reposte un rapport Hijackthis.
    11 Novembre 2008 20:09:11

    Rebonjour,
    J'ai fait tout ce que vous m'avez suggérer...
    Les problèmes que j'avais sont partis maintenant, mais mon ordinateur rame un peu, les logiciels mettent beaucoup de temps à s'ouvrir.
    voici le rapport Hijack:

    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 20:03:42, on 11/11/2008
    Platform: Windows XP SP3 (WinNT 5.01.2600)
    MSIE: Internet Explorer v7.00 (7.00.6000.16735)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\Explorer.EXE
    C:\WINDOWS\system32\spoolsv.exe
    C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
    C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\wuauclt.exe
    C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
    C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
    C:\WINDOWS\system32\taskmgr.exe
    C:\PROGRA~1\MICROS~2\OFFICE11\OUTLOOK.EXE
    C:\Program Files\Microsoft Office\OFFICE11\WINWORD.EXE
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\Program Files\Trend Micro\HijackThis\EDEN.exe

    R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
    O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
    O3 - Toolbar: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
    O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
    O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
    O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
    O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
    O23 - Service: Avira AntiVir Personal - Free Antivirus Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
    O23 - Service: Avira AntiVir Personal - Free Antivirus Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
    O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
    O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe

    --
    End of file - 3020 bytes
    12 Novembre 2008 08:59:34

    Dois je faire quelque chose?
    Merci de votre aide.
    a b 8 Sécurité
    12 Novembre 2008 14:37:04

    Re,

    Apparemment ok.
    12 Novembre 2008 19:12:48

    Cool, merci neaucoup, Angeldark
    a b 8 Sécurité
    13 Novembre 2008 19:04:16

    Bon surf.
    Tom's guide dans le monde
    • Allemagne
    • Italie
    • Irlande
    • Royaume Uni
    • Etats Unis
    Suivre Tom's Guide
    Inscrivez-vous à la Newsletter
    • ajouter à twitter
    • ajouter à facebook
    • ajouter un flux RSS