Votre question

pub antivirus et companie sans cesse.

Tags :
  • Hijackthis
  • Sécurité
Dernière réponse : dans Sécurité et virus
19 Juin 2007 19:41:20

depuis un bout de temps j'ai plein de pub intempestive et pourier vous m'aider a les supprimer definitivement de mon ordi.

Autres pages sur : pub antivirus companie cesse

a b 8 Sécurité
19 Juin 2007 19:47:41

Un bonjour ?

Télécharge Hijackthis (de Merjin).
Dézippe-le dans un dossier ou sur ton Bureau.

Lance l'application (Hijackthis.exe) :
- Choisis l'option "Do a system scan and save a logfile"
- Le Bloc-Notes s'ouvre, poste son contenu :

  • Edition / Sélectionner tout
  • Edition / Copier
  • Clique-Droit / Coller dans ta réponse

    AIDE : Tuto en vidéo sur Hijackthis
    19 Juin 2007 19:53:00

    mon rapport:

    Logfile of HijackThis v1.99.1
    Scan saved at 19:52:04, on 19/06/2007
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v7.00 (7.00.6000.16473)

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
    C:\PROGRA~1\SECURI~1\6588780\Program\SERVIC~1.EXE
    C:\Program Files\Anti-Virus\fsgk32st.exe
    C:\Program Files\Securitoo AntiVirus\6588780\program\fsbwsys.exe
    C:\Program Files\Anti-Virus\FSGK32.EXE
    C:\Program Files\Common\FSMA32.EXE
    C:\Program Files\Anti-Virus\fssm32.exe
    C:\WINDOWS\System32\FTRTSVC.exe
    C:\Program Files\Common\FSMB32.EXE
    C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\Common\FCH32.EXE
    C:\Program Files\Common\FAMEH32.EXE
    C:\Program Files\Anti-Virus\fsqh.exe
    C:\Program Files\Anti-Virus\fsrw.exe
    C:\Program Files\Canon\CAL\CALMAIN.exe
    C:\Program Files\FWES\Program\fsdfwd.exe
    C:\Program Files\Anti-Virus\fsav32.exe
    C:\WINDOWS\Explorer.EXE
    C:\Program Files\Thomson\SpeedTouch USB\Dragdiag.exe
    C:\Program Files\Common\FSM32.EXE
    C:\Program Files\FSGUI\ispnews.exe
    C:\Program Files\FSGUI\fsguidll.exe
    C:\Program Files\eBay\eBay Toolbar2\eBayTBDaemon.exe
    C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
    C:\PROGRA~1\Wanadoo\TaskBarIcon.exe
    C:\Program Files\SPYWAREfighter\spftray.exe
    C:\Program Files\Fichiers communs\Ahead\lib\NMBgMonitor.exe
    C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
    C:\Program Files\Securitoo AntiVirus\6588780\Program\fspex.exe
    C:\Program Files\Logitech\SetPoint\KEM.exe
    C:\Program Files\Logitech\SetPoint\KHALMNPR.EXE
    C:\Program Files\SPYWAREfighter\spfprc.exe
    C:\Program Files\SPYWAREfighter\SPYWAREfighter.exe
    C:\Program Files\Wanadoo\GestionnaireInternet.exe
    C:\Program Files\Wanadoo\ComComp.exe
    C:\PROGRA~1\Wanadoo\Toaster.exe
    C:\PROGRA~1\Wanadoo\Inactivity.exe
    C:\PROGRA~1\Wanadoo\PollingModule.exe
    C:\WINDOWS\System32\ALERTM~1\ALERTM~1.EXE
    C:\Program Files\Wanadoo\Watch.exe
    C:\Program Files\Internet Explorer\IEXPLORE.EXE
    C:\Documents and Settings\Nathalie LAURE\Bureau\HIJACKTHIS VF.exe

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.wanadoo.fr
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
    O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
    O2 - BHO: eBay Toolbar Helper - {22D8E815-4A5E-4DFB-845E-AAB64207F5BD} - C:\Program Files\eBay\eBay Toolbar2\eBayTB.dll
    O2 - BHO: (no name) - {68905f96-135e-4fa1-9c66-0812b17d86d4} - C:\WINDOWS\system32\inetnui.dll (file missing)
    O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
    O2 - BHO: (no name) - {DEBEB52F-CFA6-4647-971F-3EDB75B63AFA} - C:\DOCUME~1\NATHAL~1\LOCALS~1\Temp\tmp2B7E.tmp.dll (file missing)
    O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
    O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
    O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
    O3 - Toolbar: eBay Toolbar - {92085AD4-F48A-450D-BD93-B28CC7DF67CE} - C:\Program Files\eBay\eBay Toolbar2\eBayTB.dll
    O4 - HKLM\..\Run: [SpeedTouch USB Diagnostics] "C:\Program Files\Thomson\SpeedTouch USB\Dragdiag.exe" /icon
    O4 - HKLM\..\Run: [F-Secure Manager] "C:\Program Files\Common\FSM32.EXE" /splash
    O4 - HKLM\..\Run: [F-Secure TNB] "C:\Program Files\TNB\TNBUtil.exe" /CHECKALL /WAITFORSW
    O4 - HKLM\..\Run: [F-Secure Startup Wizard] "C:\Program Files\FSGUI\FSSW.EXE" /reboot
    O4 - HKLM\..\Run: [News Service] "C:\Program Files\FSGUI\ispnews.exe"
    O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\System32\NeroCheck.exe
    O4 - HKLM\..\Run: [EPSON Stylus DX5000 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIBVE.EXE /FU "C:\WINDOWS\TEMP\E_S14F.tmp" /EF "HKLM"
    O4 - HKLM\..\Run: [WOOWATCH] C:\PROGRA~1\Wanadoo\Watch.exe
    O4 - HKLM\..\Run: [WOOTASKBARICON] C:\PROGRA~1\Wanadoo\GestMaj.exe TaskBarIcon.exe
    O4 - HKLM\..\Run: [eBayToolbar] C:\Program Files\eBay\eBay Toolbar2\eBayTBDaemon.exe
    O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
    O4 - HKLM\..\Run: [EPSON Product Rappel concernant l'enregistrement] C:\WINDOWS\Temp\RegModule.exe
    O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
    O4 - HKLM\..\Run: [spywarefighterguard] C:\Program Files\SPYWAREfighter\spftray.exe
    O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Fichiers communs\Ahead\lib\NMBgMonitor.exe"
    O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
    O4 - HKCU\..\Run: [WOOKIT] C:\PROGRA~1\Wanadoo\GestMaj.exe GestionnaireInternet.exe
    O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
    O8 - Extra context menu item: &eBay Search - res://C:\Program Files\eBay\eBay Toolbar2\eBayTb.dll/RCSearch.html
    O9 - Extra button: Protection Internet Explorer - {300DB664-75B5-47c0-8B45-A44ACCF73C00} - C:\Program Files\Anti-Spyware\ieshield.dll
    O9 - Extra 'Tools' menuitem: Protection Internet Explorer... - {300DB664-75B5-47c0-8B45-A44ACCF73C00} - C:\Program Files\Anti-Spyware\ieshield.dll
    O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
    O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
    O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (file missing)
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (file missing)
    O9 - Extra button: Orange - {1462651F-F4BA-4C76-A001-C4284D0FE16E} - http://www.orange.fr (file missing) (HKCU)
    O11 - Options group: [INTERNATIONAL] International*
    O16 - DPF: {0B79F48A-E8D6-11DB-9283-E25056D89593} (F-Secure Online Scanner 3.1) - http://support.f-secure.com/ols/fscax.cab
    O16 - DPF: {6E5A37BF-FD42-463A-877C-4EB7002E68AE} (Trend Micro ActiveX Scan Agent 6.5) - http://nsol2.securitoo.com/housecall/applet/html/native...
    O16 - DPF: {88764F69-3831-4EC1-B40B-FF21D8381345} (AdVerifierADPCtrl Class) - https://static.impots.gouv.fr/tdir/static/adpform/AdSig...
    O16 - DPF: {CE3409C4-9E26-4F8E-83E4-778498F9E7B4} (PB_Uploader Class) - http://www.photobox.fr/discount/clients/uploader_v2.2.0...
    O17 - HKLM\System\CCS\Services\Tcpip\..\{CAECCF32-2FB8-4895-A016-D5DA2E83F7FB}: NameServer = 80.10.246.130 80.10.246.3
    O20 - Winlogon Notify: inetnui - inetnui.dll (file missing)
    O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
    O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
    O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
    O23 - Service: Antivirus Firewall (BackWeb Plug-in - 6588780) - Securitoo Portal - C:\PROGRA~1\SECURI~1\6588780\Program\SERVIC~1.EXE
    O23 - Service: Canon Camera Access Library 8 (CCALib8) - Canon Inc. - C:\Program Files\Canon\CAL\CALMAIN.exe
    O23 - Service: FSGKHS (F-Secure Gatekeeper Handler Starter) - F-Secure Corporation - C:\Program Files\Anti-Virus\fsgk32st.exe
    O23 - Service: fsbwsys - F-Secure Corp. - C:\Program Files\Securitoo AntiVirus\6588780\program\fsbwsys.exe
    O23 - Service: F-Secure Anti-Virus Firewall Daemon (FSDFWD) - F-Secure Corporation - C:\Program Files\FWES\Program\fsdfwd.exe
    O23 - Service: F-Secure Management Agent (FSMA) - F-Secure Corporation - C:\Program Files\Common\FSMA32.EXE
    O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom - C:\WINDOWS\System32\FTRTSVC.exe
    O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
    O23 - Service: SPYWAREfighterRP - SpamFighter APS - C:\Program Files\SPYWAREfighter\spfprc.exe

    Contenus similaires
    a b 8 Sécurité
    19 Juin 2007 20:05:01

    Re,

  • Télécharge combofix.exe (par sUBs) sur ton Bureau.
  • Double clique combofix.exe.
  • Tape sur la touche 1 (Yes) pour démarrer le scan.
  • Lorsque le scan sera complété, un rapport apparaîtra. Copie/colle ce rapport dans ta prochaine réponse.

    NOTE : Le rapport se trouve également ici : C:\Combofix.txt
    19 Juin 2007 20:39:21

    1. 2004-07-12 23:05 25088 --a------ C:\Qoobox\Quarantine\C\WINDOWS\system32\msxml3a.dll.vir
    2. 2007-06-17 14:21 131200 --a------ C:\Qoobox\Quarantine\C\WINDOWS\rqronn.dll.vir
    3. 2007-06-17 14:21 922561 --a------ C:\Qoobox\Quarantine\C\WINDOWS\nnorqr.ini.vir
    4.  
    5.  
    6. Structure du dossier
    7. Le num‚ro de s‚rie du volume est B0FC-C0B0
    8. C:\QOOBOX
    9. \---Quarantine
    10. +---C
    11. | \---WINDOWS
    12. | | nnorqr.ini.vir
    13. | | rqronn.dll.vir
    14. | |
    15. | \---system32
    16. | msxml3a.dll.vir
    17. |
    18. \---Registry_backups

    a b 8 Sécurité
    19 Juin 2007 20:45:04

    Ce n'est pas le bon rapport :) 
    19 Juin 2007 20:53:16

    il me note acces refuse
    19 Juin 2007 20:55:13

    ComboFix 07-06-18.2 - C:\Documents and Settings\Nathalie LAURE\Bureau\ComboFix.exe
    "Nathalie LAURE" - 2007-06-19 20:31:11 - Service Pack 2 NTFS


    ((((((((((((((((((((((((( Files Created from 2007-05-19 to 2007-06-19 )))))))))))))))))))))))))))))))


    2007-06-19 20:13 49,152 --a------ C:\WINDOWS\nircmd.exe
    2007-06-19 16:11 <REP> d-------- C:\Program Files\SPYWAREfighter
    2007-06-19 16:11 <REP> d-------- C:\Program Files\Fichiers communs\Application
    2007-06-19 15:53 <REP> d-------- C:\Program Files\Navilog1
    2007-06-19 15:53 <REP> d-------- C:\DOCUME~1\NATHAL~1\Menu Demarrer
    2007-06-19 07:39 <REP> d-------- C:\WINDOWS\SoftwareDistribution
    2007-06-18 16:05 10,872 --a------ C:\WINDOWS\system32\drivers\AvgAsCln.sys
    2007-06-18 06:54 <REP> d-------- C:\Program Files\Hijackthis Version Fran?aise
    2007-06-18 06:54 <REP> d-------- C:\DOCUME~1\ALLUSE~1.WIN\Menu Demarrer
    2007-06-17 19:40 <REP> d-------- C:\DOCUME~1\NATHAL~1\.housecall
    2007-06-17 07:40 <REP> d--h----- C:\WINDOWS\PIF
    2007-06-16 18:53 <REP> d-------- C:\divx
    2007-06-16 06:26 46,336 --a------ C:\WINDOWS\system32\tmp2B7E.tmp.dll
    2007-06-14 16:17 <REP> d-------- C:\WINDOWS\speech
    2007-06-14 06:31 682,232 --a------ C:\WINDOWS\system32\drivers\sptd.sys
    2007-06-12 20:49 442,368 --a------ C:\WINDOWS\system32\vp6vfw.dll
    2007-06-11 18:49 <REP> d-------- C:\DOCUME~1\NATHAL~1\APPLIC~1\River Past G5
    2007-06-11 18:49 <REP> d-------- C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\River Past G5
    2007-06-11 10:01 <REP> d-------- C:\Program Files\QuickTime
    2007-06-11 10:01 <REP> d-------- C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\Apple Computer
    2007-06-11 09:38 33,340 --------- C:\WINDOWS\system32\dbmsqlgc.dll
    2007-06-11 09:38 24,576 --------- C:\WINDOWS\system32\dbmsgnet.dll
    2007-06-11 09:36 <REP> d-------- C:\DOCUME~1\NATHAL~1\APPLIC~1\Sony
    2007-06-09 06:47 59,264 --a------ C:\WINDOWS\system32\drivers\USBAUDIO.sys
    2007-06-08 22:00 55,808 --a------ C:\WINDOWS\system32\DevCon.exe
    2007-06-08 22:00 545 --a------ C:\WINDOWS\UC.PIF
    2007-06-08 22:00 545 --a------ C:\WINDOWS\RAR.PIF
    2007-06-08 22:00 545 --a------ C:\WINDOWS\PKZIP.PIF
    2007-06-08 22:00 545 --a------ C:\WINDOWS\PKUNZIP.PIF
    2007-06-08 22:00 545 --a------ C:\WINDOWS\LHA.PIF
    2007-06-08 22:00 545 --a------ C:\WINDOWS\ARJ.PIF
    2007-06-08 22:00 3,072 --a------ C:\WINDOWS\system32\mswtif.dll
    2007-06-08 22:00 24,576 --a------ C:\WINDOWS\NOCLOSE.PIF
    2007-06-07 18:32 <REP> d-------- C:\DOCUME~1\NATHAL~1\APPLIC~1\fltk.org
    2007-06-04 19:33 <REP> d-------- C:\DOCUME~1\NATHAL~1\APPLIC~1\Talkback
    2007-06-04 18:16 <REP> d-------- C:\DOCUME~1\NATHAL~1\APPLIC~1\WinRAR
    2007-06-03 18:28 81,768 --a------ C:\WINDOWS\system32\xinput1_3.dll
    2007-06-03 18:28 62,744 --a------ C:\WINDOWS\system32\xinput1_2.dll
    2007-06-03 18:28 443,752 --a------ C:\WINDOWS\system32\d3dx10_33.dll
    2007-06-03 18:28 3,495,784 --a------ C:\WINDOWS\system32\d3dx9_33.dll
    2007-06-03 18:28 3,426,072 --a------ C:\WINDOWS\system32\d3dx9_32.dll
    2007-06-03 18:28 261,480 --a------ C:\WINDOWS\system32\xactengine2_7.dll
    2007-06-03 18:28 255,848 --a------ C:\WINDOWS\system32\xactengine2_6.dll
    2007-06-03 18:28 251,672 --a------ C:\WINDOWS\system32\xactengine2_5.dll
    2007-06-03 18:28 237,848 --a------ C:\WINDOWS\system32\xactengine2_4.dll
    2007-06-03 18:28 236,824 --a------ C:\WINDOWS\system32\xactengine2_3.dll
    2007-06-03 18:28 2,414,360 --a------ C:\WINDOWS\system32\d3dx9_31.dll
    2007-06-03 18:28 15,128 --a------ C:\WINDOWS\system32\x3daudio1_1.dll
    2007-06-03 18:28 1,123,696 --a------ C:\WINDOWS\system32\D3DCompiler_33.dll
    2007-05-31 08:45 524,288 --a------ C:\WINDOWS\system32\DivXsm.exe
    2007-05-31 08:44 823,296 --a------ C:\WINDOWS\system32\divx_xx0c.dll
    2007-05-31 08:44 823,296 --a------ C:\WINDOWS\system32\divx_xx07.dll
    2007-05-31 08:44 802,816 --a------ C:\WINDOWS\system32\divx_xx11.dll
    2007-05-31 08:44 740,442 --a------ C:\WINDOWS\system32\DivX.dll
    2007-05-29 16:26 2,297,552 --a------ C:\WINDOWS\system32\d3dx9_26.dll
    2007-05-29 16:26 <REP> d-------- C:\Program Files\MSXML 4.0
    2007-05-24 19:16 63,488 --a------ C:\WINDOWS\system32\unam4ie.exe
    2007-05-24 19:16 4,608 --a------ C:\WINDOWS\system32\w95inf32.dll
    2007-05-24 19:16 38,160 --a------ C:\WINDOWS\system32\LMRTREND.dll
    2007-05-24 19:16 2,272 --a------ C:\WINDOWS\system32\w95inf16.dll
    2007-05-24 19:16 194,320 --a------ C:\WINDOWS\system32\qcut.dll
    2007-05-24 19:16 182,032 --a------ C:\WINDOWS\system32\dxtmsft3.dll
    2007-05-24 19:16 10,240 --a------ C:\WINDOWS\system32\vidx16.dll
    2007-05-23 18:58 737,280 --a------ C:\WINDOWS\iun6002.exe
    2007-05-23 18:54 <REP> d-------- C:\WINDOWS\Profiles
    2007-05-23 18:53 <REP> d-------- C:\DOCUME~1\NATHAL~1\APPLIC~1\InterTrust
    2007-05-22 19:05 <REP> d-------- C:\WINDOWS\system32\SoftwareDistribution
    2007-05-19 20:32 56,832 --------- C:\WINDOWS\system32\iyvu9_32.dll
    2007-05-19 18:51 347 --a------ C:\WINDOWS\ereg077.dat
    2007-05-19 18:50 <REP> d-------- C:\WINDOWS\BBSTORE


    (((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))

    2007-06-19 18:30:42 -------- d-----w C:\Program Files\Wanadoo
    2007-06-19 18:26:53 -------- d-----w C:\Program Files\Anti-Virus
    2007-06-18 19:02:40 -------- d-----w C:\Program Files\Hijackthis Version Française
    2007-06-18 05:35:48 -------- d-----w C:\Program Files\eMule
    2007-06-17 14:24:13 -------- d-----w C:\Program Files\Anti-Spyware
    2007-06-17 10:50:30 -------- d-----w C:\Program Files\Logitech
    2007-06-16 16:43:01 -------- d-----w C:\Program Files\DivX
    2007-06-15 04:22:26 -------- d--h--w C:\Program Files\InstallShield Installation Information
    2007-06-14 15:06:02 -------- d-----w C:\Program Files\Google
    2007-06-12 14:10:03 -------- d-----w C:\Program Files\Microsoft Works
    2007-06-11 11:42:30 78,502 ----a-w C:\WINDOWS\system32\perfc00C.dat
    2007-06-11 11:42:30 476,512 ----a-w C:\WINDOWS\system32\perfh00C.dat
    2007-05-17 19:44:45 -------- d-----w C:\DOCUME~1\NATHAL~1\APPLIC~1\Opera
    2007-05-17 16:46:32 -------- d-----w C:\Program Files\Windows Media Connect 2
    2007-05-17 12:29:23 -------- d-----w C:\Program Files\eBay
    2007-05-16 15:13:53 683,520 ----a-w C:\WINDOWS\system32\inetcomm.dll
    2007-05-12 07:20:30 -------- d-----w C:\Program Files\Canon
    2007-05-12 07:18:55 -------- d-----w C:\Program Files\Fichiers communs\Canon
    2007-05-07 07:30:40 -------- d-----w C:\Program Files\AviSynth 2.5
    2007-05-07 07:30:30 -------- d-----w C:\Program Files\Spam Control
    2007-05-06 19:30:27 -------- d-----w C:\Program Files\ABBYY FineReader 6.0 Sprint
    2007-04-29 17:48:10 -------- d-----w C:\Program Files\ImageBadger
    2007-04-29 17:27:34 -------- d-----w C:\DOCUME~1\NATHAL~1\APPLIC~1\ImageBadger
    2007-04-29 12:20:06 25 ----a-w C:\WINDOWS\SW_Win2000X48.DLL
    2007-04-25 14:22:35 144,896 ----a-w C:\WINDOWS\system32\schannel.dll
    2007-04-23 13:40:08 -------- d-----w C:\DOCUME~1\NATHAL~1\APPLIC~1\CyberLink
    2007-04-23 13:39:59 -------- d-----w C:\DOCUME~1\NATHAL~1\APPLIC~1\Logitech
    2007-04-23 00:15:29 3,596,288 ----a-w C:\WINDOWS\system32\qt-dx331.dll
    2007-04-23 00:15:18 200,704 ----a-w C:\WINDOWS\system32\ssldivx.dll
    2007-04-23 00:15:18 1,044,480 ----a-w C:\WINDOWS\system32\libdivx.dll
    2007-04-23 00:02:34 73,728 ----a-w C:\WINDOWS\system32\dpl100.dll
    2007-04-23 00:02:34 196,608 ----a-w C:\WINDOWS\system32\dtu100.dll
    2007-04-23 00:02:33 53,248 ----a-w C:\WINDOWS\system32\dpuGUI10.dll
    2007-04-23 00:02:31 593,920 ----a-w C:\WINDOWS\system32\dpuGUI11.dll
    2007-04-23 00:02:31 57,344 ----a-w C:\WINDOWS\system32\dpv11.dll
    2007-04-23 00:02:31 344,064 ----a-w C:\WINDOWS\system32\dpus11.dll
    2007-04-23 00:02:31 294,912 ----a-w C:\WINDOWS\system32\dpu11.dll
    2007-04-23 00:02:31 294,912 ----a-w C:\WINDOWS\system32\dpu10.dll
    2007-04-23 00:01:47 12,288 ----a-w C:\WINDOWS\system32\DivXWMPExtType.dll
    2007-04-23 00:01:46 124,472 ----a-w C:\WINDOWS\system32\DivXCodecUpdateChecker.exe
    2007-04-22 06:31:54 -------- d-----w C:\DOCUME~1\NATHAL~1\APPLIC~1\DivX
    2007-04-21 11:14:55 -------- d-----w C:\Program Files\MUSICMATCH
    2007-04-18 16:14:18 2,854,400 ----a-w C:\WINDOWS\system32\msi.dll
    2007-04-16 20:47:36 33,624 ----a-w C:\WINDOWS\system32\wups.dll
    2007-04-16 20:45:54 1,710,936 ----a-w C:\WINDOWS\system32\wuaueng.dll
    2007-04-16 20:45:48 549,720 ----a-w C:\WINDOWS\system32\wuapi.dll
    2007-04-16 20:45:42 325,976 ----a-w C:\WINDOWS\system32\wucltui.dll
    2007-04-16 20:45:36 203,096 ----a-w C:\WINDOWS\system32\wuweb.dll
    2007-04-16 20:45:28 92,504 ----a-w C:\WINDOWS\system32\cdm.dll
    2007-04-16 20:45:20 53,080 ----a-w C:\WINDOWS\system32\wuauclt.exe
    2007-04-16 20:45:20 43,352 ----a-w C:\WINDOWS\system32\wups2.dll
    2007-04-16 20:44:20 271,224 ----a-w C:\WINDOWS\system32\mucltui.dll
    2007-04-16 20:44:18 208,248 ----a-w C:\WINDOWS\system32\muweb.dll
    2007-04-08 10:03:06 45,056 ----a-w C:\WINDOWS\system32\UninstallBeetle.exe
    2007-03-30 13:38:00 77,160 ----a-w C:\DSETUP.dll
    2007-03-30 13:38:00 1,673,576 ----a-w C:\dsetup32.dll


    ((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))


    *Note* empty entries & legit default entries are not shown

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects]
    {22D8E815-4A5E-4DFB-845E-AAB64207F5BD}=C:\Program Files\eBay\eBay Toolbar2\eBayTB.dll [2007-04-27 15:42]
    {68905f96-135e-4fa1-9c66-0812b17d86d4}=C:\WINDOWS\system32\inetnui.dll []
    {AA58ED58-01DD-4d91-8333-CF10577473F7}=c:\program files\google\googletoolbar2.dll [2007-01-20 00:56]
    {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A}=C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll [2005-02-21 22:50]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "SpeedTouch USB Diagnostics"="C:\Program Files\Thomson\SpeedTouch USB\Dragdiag.exe" [2003-09-05 07:59]
    "F-Secure Manager"="C:\Program Files\Common\FSM32.exe" [2005-10-26 03:51]
    "F-Secure TNB"="C:\Program Files\TNB\TNBUtil.exe" [2005-07-18 16:51]
    "F-Secure Startup Wizard"="C:\Program Files\FSGUI\FSSW.exe" [2005-10-18 10:29]
    "News Service"="C:\Program Files\FSGUI\ispnews.exe" [2005-05-31 14:45]
    "WOOWATCH"="C:\PROGRA~1\Wanadoo\Watch.exe" [2004-08-23 14:49]
    "WOOTASKBARICON"="C:\PROGRA~1\Wanadoo\GestMaj.exe" [2004-10-14 16:55]
    "eBayToolbar"="C:\Program Files\eBay\eBay Toolbar2\eBayTBDaemon.exe" [2007-04-27 15:43]
    "Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2007-05-11 03:06]
    "!AVG Anti-Spyware"="C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" [2007-06-11 11:25]
    "spywarefighterguard"="C:\Program Files\SPYWAREfighter\spftray.exe" [2006-12-03 14:19]
    "@"="" []

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="C:\Program Files\Fichiers communs\Ahead\lib\NMBgMonitor.exe" [2005-12-16 13:57]
    "swg"="C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe" [2007-03-11 22:26]
    "WOOKIT"="C:\PROGRA~1\Wanadoo\GestMaj.exe" [2004-10-14 16:55]
    "msnmsgr"="C:\Program Files\MSN Messenger\msnmsgr.exe" []

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
    "{57B86673-276A-48B2-BAE7-C6DBB3020EB8}"="C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\shellexecutehook.dll" [2007-05-30 14:29]

    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\inetnui]
    inetnui.dll

    [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\minimal\AVG Anti-Spyware Driver]

    [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\minimal\AVG Anti-Spyware Guard]


    Contents of the 'Scheduled Tasks' folder
    2007-06-15 15:15:00 C:\WINDOWS\tasks\Maintenance en 1 clic.job
    2007-06-19 00:05:40 C:\WINDOWS\tasks\Scheduled scanning task.job

    **************************************************************************

    catchme 0.3.721 W2K/XP/Vista - userland rootkit detector by Gmer, http://www.gmer.net
    Rootkit scan 2007-06-19 20:33:32
    Windows 5.1.2600 Service Pack 2 NTFS

    scanning hidden processes ...

    scanning hidden autostart entries ...

    scanning hidden files ...

    scan completed successfully
    hidden files: 0

    **************************************************************************

    Completion time: 2007-06-19 20:35:10
    C:\ComboFix-quarantined-files.txt ... 2007-06-19 20:35

    --- E O F ---
    a b 8 Sécurité
    19 Juin 2007 21:17:07

    Reposte un rapport Hijackthis.
    19 Juin 2007 21:18:34

    Logfile of HijackThis v1.99.1
    Scan saved at 21:18, on 2007-06-19
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v7.00 (7.00.6000.16473)

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
    C:\PROGRA~1\SECURI~1\6588780\Program\SERVIC~1.EXE
    C:\Program Files\Anti-Virus\fsgk32st.exe
    C:\Program Files\Securitoo AntiVirus\6588780\program\fsbwsys.exe
    C:\Program Files\Anti-Virus\FSGK32.EXE
    C:\Program Files\Common\FSMA32.EXE
    C:\Program Files\Anti-Virus\fssm32.exe
    C:\WINDOWS\System32\FTRTSVC.exe
    C:\Program Files\Common\FSMB32.EXE
    C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\Common\FCH32.EXE
    C:\Program Files\Common\FAMEH32.EXE
    C:\Program Files\Anti-Virus\fsqh.exe
    C:\Program Files\Anti-Virus\fsrw.exe
    C:\Program Files\Canon\CAL\CALMAIN.exe
    C:\Program Files\Anti-Virus\fsav32.exe
    C:\Program Files\FWES\Program\fsdfwd.exe
    C:\Program Files\Thomson\SpeedTouch USB\Dragdiag.exe
    C:\Program Files\Common\FSM32.EXE
    C:\Program Files\FSGUI\ispnews.exe
    C:\Program Files\eBay\eBay Toolbar2\eBayTBDaemon.exe
    C:\PROGRA~1\Wanadoo\TaskBarIcon.exe
    C:\Program Files\Fichiers communs\Ahead\lib\NMBgMonitor.exe
    C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
    C:\Program Files\FSGUI\fsguidll.exe
    C:\Program Files\Securitoo AntiVirus\6588780\Program\fspex.exe
    C:\Program Files\Logitech\SetPoint\KEM.exe
    C:\Program Files\Logitech\SetPoint\KHALMNPR.EXE
    C:\Program Files\SPYWAREfighter\spfprc.exe
    C:\Program Files\Wanadoo\GestionnaireInternet.exe
    C:\Program Files\Wanadoo\ComComp.exe
    C:\PROGRA~1\Wanadoo\Toaster.exe
    C:\PROGRA~1\Wanadoo\Inactivity.exe
    C:\PROGRA~1\Wanadoo\PollingModule.exe
    C:\WINDOWS\System32\ALERTM~1\ALERTM~1.EXE
    C:\Program Files\Wanadoo\Watch.exe
    C:\WINDOWS\explorer.exe
    C:\Program Files\Internet Explorer\IEXPLORE.EXE
    C:\WINDOWS\system32\wuauclt.exe
    C:\Documents and Settings\Nathalie LAURE\Bureau\HIJACKTHIS VF.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.wanadoo.fr
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
    O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
    O2 - BHO: eBay Toolbar Helper - {22D8E815-4A5E-4DFB-845E-AAB64207F5BD} - C:\Program Files\eBay\eBay Toolbar2\eBayTB.dll
    O2 - BHO: (no name) - {68905f96-135e-4fa1-9c66-0812b17d86d4} - C:\WINDOWS\system32\inetnui.dll (file missing)
    O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
    O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
    O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
    O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
    O3 - Toolbar: eBay Toolbar - {92085AD4-F48A-450D-BD93-B28CC7DF67CE} - C:\Program Files\eBay\eBay Toolbar2\eBayTB.dll
    O4 - HKLM\..\Run: [SpeedTouch USB Diagnostics] "C:\Program Files\Thomson\SpeedTouch USB\Dragdiag.exe" /icon
    O4 - HKLM\..\Run: [F-Secure Manager] "C:\Program Files\Common\FSM32.EXE" /splash
    O4 - HKLM\..\Run: [F-Secure TNB] "C:\Program Files\TNB\TNBUtil.exe" /CHECKALL /WAITFORSW
    O4 - HKLM\..\Run: [F-Secure Startup Wizard] "C:\Program Files\FSGUI\FSSW.EXE" /reboot
    O4 - HKLM\..\Run: [News Service] "C:\Program Files\FSGUI\ispnews.exe"
    O4 - HKLM\..\Run: [WOOWATCH] C:\PROGRA~1\Wanadoo\Watch.exe
    O4 - HKLM\..\Run: [WOOTASKBARICON] C:\PROGRA~1\Wanadoo\GestMaj.exe TaskBarIcon.exe
    O4 - HKLM\..\Run: [eBayToolbar] C:\Program Files\eBay\eBay Toolbar2\eBayTBDaemon.exe
    O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
    O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
    O4 - HKLM\..\Run: [spywarefighterguard] C:\Program Files\SPYWAREfighter\spftray.exe
    O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Fichiers communs\Ahead\lib\NMBgMonitor.exe"
    O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
    O4 - HKCU\..\Run: [WOOKIT] C:\PROGRA~1\Wanadoo\GestMaj.exe GestionnaireInternet.exe
    O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
    O8 - Extra context menu item: &eBay Search - res://C:\Program Files\eBay\eBay Toolbar2\eBayTb.dll/RCSearch.html
    O9 - Extra button: Protection Internet Explorer - {300DB664-75B5-47c0-8B45-A44ACCF73C00} - C:\Program Files\Anti-Spyware\ieshield.dll
    O9 - Extra 'Tools' menuitem: Protection Internet Explorer... - {300DB664-75B5-47c0-8B45-A44ACCF73C00} - C:\Program Files\Anti-Spyware\ieshield.dll
    O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
    O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
    O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (file missing)
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (file missing)
    O9 - Extra button: Orange - {1462651F-F4BA-4C76-A001-C4284D0FE16E} - http://www.orange.fr (file missing) (HKCU)
    O11 - Options group: [INTERNATIONAL] International*
    O16 - DPF: {0B79F48A-E8D6-11DB-9283-E25056D89593} (F-Secure Online Scanner 3.1) - http://support.f-secure.com/ols/fscax.cab
    O16 - DPF: {6E5A37BF-FD42-463A-877C-4EB7002E68AE} (Trend Micro ActiveX Scan Agent 6.5) - http://nsol2.securitoo.com/housecall/applet/html/native...
    O16 - DPF: {88764F69-3831-4EC1-B40B-FF21D8381345} (AdVerifierADPCtrl Class) - https://static.impots.gouv.fr/tdir/static/adpform/AdSig...
    O16 - DPF: {CE3409C4-9E26-4F8E-83E4-778498F9E7B4} (PB_Uploader Class) - http://www.photobox.fr/discount/clients/uploader_v2.2.0...
    O17 - HKLM\System\CCS\Services\Tcpip\..\{CAECCF32-2FB8-4895-A016-D5DA2E83F7FB}: NameServer = 80.10.246.1 80.10.246.132
    O20 - Winlogon Notify: inetnui - inetnui.dll (file missing)
    O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
    O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
    O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
    O23 - Service: Antivirus Firewall (BackWeb Plug-in - 6588780) - Securitoo Portal - C:\PROGRA~1\SECURI~1\6588780\Program\SERVIC~1.EXE
    O23 - Service: Canon Camera Access Library 8 (CCALib8) - Canon Inc. - C:\Program Files\Canon\CAL\CALMAIN.exe
    O23 - Service: FSGKHS (F-Secure Gatekeeper Handler Starter) - F-Secure Corporation - C:\Program Files\Anti-Virus\fsgk32st.exe
    O23 - Service: fsbwsys - F-Secure Corp. - C:\Program Files\Securitoo AntiVirus\6588780\program\fsbwsys.exe
    O23 - Service: F-Secure Anti-Virus Firewall Daemon (FSDFWD) - F-Secure Corporation - C:\Program Files\FWES\Program\fsdfwd.exe
    O23 - Service: F-Secure Management Agent (FSMA) - F-Secure Corporation - C:\Program Files\Common\FSMA32.EXE
    O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom - C:\WINDOWS\System32\FTRTSVC.exe
    O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
    O23 - Service: SPYWAREfighterRP - SpamFighter APS - C:\Program Files\SPYWAREfighter\spfprc.exe

    a b 8 Sécurité
    19 Juin 2007 21:22:01

    Re,

    Télécharge Clean.zip (de Malekal),
    Décompresse-le sur ton bureau (Clique-Droit/Extraire tout), tu dois obtenir un dossier Clean.
    Ouvre le dossier clean, double-clique sur clean.cmd.
    Choisis l'option 1 puis patiente. Poste ensuite le contenu du rapport.
    19 Juin 2007 21:29:13

    2007-06-19 a 21:27:03.31

    *** Recherche des fichiers dans C:

    *** Recherche des fichiers dans C:\WINDOWS\

    *** Recherche des fichiers dans C:\WINDOWS\system32

    *** Recherche des fichiers dans C:\Program Files
    *** Fin du rapport !
    a b 8 Sécurité
    19 Juin 2007 21:30:26

    Re,

    Fix les lignes en italique ci-dessous avec Hijackthis : AIDE EN IMAGES

    O2 - BHO: (no name) - {68905f96-135e-4fa1-9c66-0812b17d86d4} - C:\WINDOWS\system32\inetnui.dll (file missing)
    O20 - Winlogon Notify: inetnui - inetnui.dll (file missing)
    19 Juin 2007 21:42:50

    je les ai fix et apres je fais quoi
    a b 8 Sécurité
    19 Juin 2007 21:46:51

    Reposte un rapport Hijackthis.
    19 Juin 2007 21:54:35

    Logfile of HijackThis v1.99.1
    Scan saved at 21:54, on 2007-06-19
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v7.00 (7.00.6000.16473)

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
    C:\PROGRA~1\SECURI~1\6588780\Program\SERVIC~1.EXE
    C:\Program Files\Anti-Virus\fsgk32st.exe
    C:\Program Files\Securitoo AntiVirus\6588780\program\fsbwsys.exe
    C:\Program Files\Anti-Virus\FSGK32.EXE
    C:\Program Files\Common\FSMA32.EXE
    C:\Program Files\Anti-Virus\fssm32.exe
    C:\WINDOWS\System32\FTRTSVC.exe
    C:\Program Files\Common\FSMB32.EXE
    C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\Common\FCH32.EXE
    C:\Program Files\Common\FAMEH32.EXE
    C:\Program Files\Anti-Virus\fsqh.exe
    C:\Program Files\Anti-Virus\fsrw.exe
    C:\Program Files\Canon\CAL\CALMAIN.exe
    C:\Program Files\Anti-Virus\fsav32.exe
    C:\Program Files\FWES\Program\fsdfwd.exe
    C:\Program Files\Thomson\SpeedTouch USB\Dragdiag.exe
    C:\Program Files\Common\FSM32.EXE
    C:\Program Files\FSGUI\ispnews.exe
    C:\Program Files\eBay\eBay Toolbar2\eBayTBDaemon.exe
    C:\PROGRA~1\Wanadoo\TaskBarIcon.exe
    C:\Program Files\Fichiers communs\Ahead\lib\NMBgMonitor.exe
    C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
    C:\Program Files\FSGUI\fsguidll.exe
    C:\Program Files\Securitoo AntiVirus\6588780\Program\fspex.exe
    C:\Program Files\Logitech\SetPoint\KEM.exe
    C:\Program Files\Logitech\SetPoint\KHALMNPR.EXE
    C:\Program Files\SPYWAREfighter\spfprc.exe
    C:\Program Files\Wanadoo\GestionnaireInternet.exe
    C:\Program Files\Wanadoo\ComComp.exe
    C:\PROGRA~1\Wanadoo\Toaster.exe
    C:\PROGRA~1\Wanadoo\Inactivity.exe
    C:\PROGRA~1\Wanadoo\PollingModule.exe
    C:\WINDOWS\System32\ALERTM~1\ALERTM~1.EXE
    C:\Program Files\Wanadoo\Watch.exe
    C:\WINDOWS\explorer.exe
    C:\WINDOWS\system32\msiexec.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
    \?\C:\WINDOWS\system32\WBEM\WMIADAP.EXE
    C:\WINDOWS\system32\wuauclt.exe
    C:\WINDOWS\system32\wuauclt.exe
    C:\Documents and Settings\Nathalie LAURE\Bureau\HIJACKTHIS VF.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
    O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
    O2 - BHO: eBay Toolbar Helper - {22D8E815-4A5E-4DFB-845E-AAB64207F5BD} - C:\Program Files\eBay\eBay Toolbar2\eBayTB.dll
    O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
    O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
    O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
    O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
    O3 - Toolbar: eBay Toolbar - {92085AD4-F48A-450D-BD93-B28CC7DF67CE} - C:\Program Files\eBay\eBay Toolbar2\eBayTB.dll
    O4 - HKLM\..\Run: [SpeedTouch USB Diagnostics] "C:\Program Files\Thomson\SpeedTouch USB\Dragdiag.exe" /icon
    O4 - HKLM\..\Run: [F-Secure Manager] "C:\Program Files\Common\FSM32.EXE" /splash
    O4 - HKLM\..\Run: [F-Secure TNB] "C:\Program Files\TNB\TNBUtil.exe" /CHECKALL /WAITFORSW
    O4 - HKLM\..\Run: [F-Secure Startup Wizard] "C:\Program Files\FSGUI\FSSW.EXE" /reboot
    O4 - HKLM\..\Run: [News Service] "C:\Program Files\FSGUI\ispnews.exe"
    O4 - HKLM\..\Run: [WOOWATCH] C:\PROGRA~1\Wanadoo\Watch.exe
    O4 - HKLM\..\Run: [WOOTASKBARICON] C:\PROGRA~1\Wanadoo\GestMaj.exe TaskBarIcon.exe
    O4 - HKLM\..\Run: [eBayToolbar] C:\Program Files\eBay\eBay Toolbar2\eBayTBDaemon.exe
    O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
    O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
    O4 - HKLM\..\Run: [spywarefighterguard] C:\Program Files\SPYWAREfighter\spftray.exe
    O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Fichiers communs\Ahead\lib\NMBgMonitor.exe"
    O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
    O4 - HKCU\..\Run: [WOOKIT] C:\PROGRA~1\Wanadoo\GestMaj.exe GestionnaireInternet.exe
    O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
    O4 - HKCU\..\RunOnce: [TSClientMSIUninstaller] cmd.exe /C "cscript %systemroot%\Installer\TSClientMsiTrans\tscuinst.vbs"
    O8 - Extra context menu item: &eBay Search - res://C:\Program Files\eBay\eBay Toolbar2\eBayTb.dll/RCSearch.html
    O9 - Extra button: Protection Internet Explorer - {300DB664-75B5-47c0-8B45-A44ACCF73C00} - C:\Program Files\Anti-Spyware\ieshield.dll
    O9 - Extra 'Tools' menuitem: Protection Internet Explorer... - {300DB664-75B5-47c0-8B45-A44ACCF73C00} - C:\Program Files\Anti-Spyware\ieshield.dll
    O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
    O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
    O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (file missing)
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (file missing)
    O9 - Extra button: Orange - {1462651F-F4BA-4C76-A001-C4284D0FE16E} - http://www.orange.fr (file missing) (HKCU)
    O11 - Options group: [INTERNATIONAL] International*
    O16 - DPF: {0B79F48A-E8D6-11DB-9283-E25056D89593} (F-Secure Online Scanner 3.1) - http://support.f-secure.com/ols/fscax.cab
    O16 - DPF: {6E5A37BF-FD42-463A-877C-4EB7002E68AE} (Trend Micro ActiveX Scan Agent 6.5) - http://nsol2.securitoo.com/housecall/applet/html/native...
    O16 - DPF: {88764F69-3831-4EC1-B40B-FF21D8381345} (AdVerifierADPCtrl Class) - https://static.impots.gouv.fr/tdir/static/adpform/AdSig...
    O16 - DPF: {CE3409C4-9E26-4F8E-83E4-778498F9E7B4} (PB_Uploader Class) - http://www.photobox.fr/discount/clients/uploader_v2.2.0...
    O17 - HKLM\System\CCS\Services\Tcpip\..\{CAECCF32-2FB8-4895-A016-D5DA2E83F7FB}: NameServer = 80.10.246.1 80.10.246.132
    O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
    O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
    O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
    O23 - Service: Antivirus Firewall (BackWeb Plug-in - 6588780) - Securitoo Portal - C:\PROGRA~1\SECURI~1\6588780\Program\SERVIC~1.EXE
    O23 - Service: Canon Camera Access Library 8 (CCALib8) - Canon Inc. - C:\Program Files\Canon\CAL\CALMAIN.exe
    O23 - Service: FSGKHS (F-Secure Gatekeeper Handler Starter) - F-Secure Corporation - C:\Program Files\Anti-Virus\fsgk32st.exe
    O23 - Service: fsbwsys - F-Secure Corp. - C:\Program Files\Securitoo AntiVirus\6588780\program\fsbwsys.exe
    O23 - Service: F-Secure Anti-Virus Firewall Daemon (FSDFWD) - F-Secure Corporation - C:\Program Files\FWES\Program\fsdfwd.exe
    O23 - Service: F-Secure Management Agent (FSMA) - F-Secure Corporation - C:\Program Files\Common\FSMA32.EXE
    O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom - C:\WINDOWS\System32\FTRTSVC.exe
    O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
    O23 - Service: SPYWAREfighterRP - SpamFighter APS - C:\Program Files\SPYWAREfighter\spfprc.exe

    a b 8 Sécurité
    19 Juin 2007 22:10:34

    Re,

  • Fais un scan en ligne Kaspersky avec Internet Explorer :
  • Clique sur
  • Clique maintenant sur J'accepte.
  • Valide l'installation d'un ou de plusieurs ActiveX si c'est nécessaire.
  • Patiente pendant l'installation des Mises à jour.
  • Choisis par la suite l'analyse du Poste de travail
  • Sauvegarde puis colle le rapport généré en fin d'analyse.

    AIDE : Tuto sur le scan en ligne

    NOTE : Si tu reçois le message "La licence de Kaspersky On-line Scanner est périmée", va dans Ajout/Suppression de programmes puis désinstalle On-Line Scanner, reconnecte toi sur le site de Kaspersky pour retenter le scan en ligne.
    21 Juin 2007 07:20:18

    je l'ai fais mais je n'arrive pas a le poster en format html
    a b 8 Sécurité
    21 Juin 2007 12:37:03

    Tu as regardé mon tuto ? ...
    Tu n'as qu'à l'héberger sur le site C-Joint.
    Tom's guide dans le monde
    • Allemagne
    • Italie
    • Irlande
    • Royaume Uni
    • Etats Unis
    Suivre Tom's Guide
    Inscrivez-vous à la Newsletter
    • ajouter à twitter
    • ajouter à facebook
    • ajouter un flux RSS