no save
Identification
Assistance
Achat
News

Forum | virus/sécurité
Problèmes favoris non supprimables
Isabelle, le dim. 01 oct. 2006 à 09:31:57
Bonjour,

J'ai fait la manip et ensuite mis spybot en route mais le problème persiste. Voici le nouveau rapport hijackthis :

Logfile of HijackThis v1.99.1
Scan saved at 09:20:37, on 01/10/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Fichiers communs\Logitech\QCDriver3\LVCOMS.EXE
C:\Program Files\Logitech\ImageStudio\LogiTray.exe
C:\WINDOWS\System32\DSentry.exe
C:\Program Files\Dell\AccessDirect\dadapp.exe
C:\Program Files\AntiVir PersonalEdition Classic\sched.exe
C:\WINDOWS\system32\carpserv.exe
C:\Program Files\Dell\AccessDirect\DadTray.exe
C:\PROGRA~1\ACDSYS~1\DEVDET~1\DEVDET~1.EXE
C:\Program Files\AntiVir PersonalEdition Classic\avguard.exe
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\Program Files\AntiVir PersonalEdition Classic\avgnt.exe
C:\WINDOWS\System32\Ati2evxx.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Logitech\ImageStudio\LowLight.exe
C:\PROGRA~1\Yahoo!\MESSEN~1\YAHOOM~1.EXE
C:\WINDOWS\System32\dkcktkn.exe
C:\Program Files\Digital Line Detect\DLG.exe
C:\Program Files\interMute\SpySubtract\SpySub.exe
C:\Palm\HOTSYNC.EXE
C:\Palm\palm.exe
c:\progra~1\intern~1\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\WINDOWS\system32\fxssvc.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Documents and Settings\Isabelle Bétend\Mes documents\Internet\HijackThis.exe

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O1 - Hosts: 82.195.155.5 c3310.z1301.winmx.com c3311.z1301.winmx.com
O1 - Hosts: c3312.z1301.winmx.com c3313.z1301.winmx.com c3314.z1301.winmx.com
O1 - Hosts: c3315.z1301.winmx.com c3316.z1301.winmx.com c3317.z1301.winmx.com
O1 - Hosts: c3318.z1301.winmx.com c3319.z1301.winmx.com
O1 - Hosts: 82.195.155.5 c3310.z1302.winmx.com c3311.z1302.winmx.com
O1 - Hosts: c3312.z1302.winmx.com c3313.z1302.winmx.com c3314.z1302.winmx.com
O1 - Hosts: c3315.z1302.winmx.com c3316.z1302.winmx.com c3317.z1302.winmx.com
O1 - Hosts: c3318.z1302.winmx.com c3319.z1302.winmx.com
O1 - Hosts: 82.195.155.5 c3310.z1303.winmx.com c3311.z1303.winmx.com
O1 - Hosts: c3312.z1303.winmx.com c3313.z1303.winmx.com c3314.z1303.winmx.com
O1 - Hosts: c3315.z1303.winmx.com c3316.z1303.winmx.com c3317.z1303.winmx.com
O1 - Hosts: c3318.z1303.winmx.com c3319.z1303.winmx.com
O1 - Hosts: 82.195.155.5 c3310.z1304.winmx.com c3311.z1304.winmx.com
O1 - Hosts: c3312.z1304.winmx.com c3313.z1304.winmx.com c3314.z1304.winmx.com
O1 - Hosts: c3315.z1304.winmx.com c3316.z1304.winmx.com
O1 - Hosts: c3317.z1304.winmx.comc3318.z1304.winmx.com c3319.z1304.winmx.com
O1 - Hosts: 82.195.155.5 c3310.z1305.winmx.com c3311.z1305.winmx.com
O1 - Hosts: c3312.z1305.winmx.com c3313.z1305.winmx.com c3314.z1305.winmx.com
O1 - Hosts: c3315.z1305.winmx.com c3316.z1305.winmx.com c3317.z1305.winmx.com
O1 - Hosts: c3318.z1305.winmx.com c3319.z1305.winmx.com
O1 - Hosts: 82.195.155.5 c3310.z1306.winmx.com c3311.z1306.winmx.com
O1 - Hosts: c3312.z1306.winmx.com c3313.z1306.winmx.com c3314.z1306.winmx.com
O1 - Hosts: c3315.z1306.winmx.com c3316.z1306.winmx.com
O1 - Hosts: c3317.z1306.winmx.comc3318.z1306.winmx.com c3319.z1306.winmx.com
O1 - Hosts: 82.195.155.5 c3520.z1301.winmx.com c3521.z1301.winmx.com
O1 - Hosts: c3522.z1301.winmx.com c3523.z1301.winmx.com c3524.z1301.winmx.com
O1 - Hosts: c3525.z1301.winmx.com c3526.z1301.winmx.com c3527.z1301.winmx.com
O1 - Hosts: c3528.z1301.winmx.com c3529.z1301.winmx.com
O1 - Hosts: 82.195.155.5 c3520.z1302.winmx.com c3521.z1302.winmx.com
O1 - Hosts: c3522.z1302.winmx.com c3523.z1302.winmx.com c3524.z1302.winmx.com
O1 - Hosts: c3525.z1302.winmx.com c3526.z1302.winmx.com c3527.z1302.winmx.com
O1 - Hosts: 3528.z1302.winmx.com c3529.z1302.winmx.com
O1 - Hosts: 82.195.155.5 c3520.z1303.winmx.com c3521.z1303.winmx.com
O1 - Hosts: c3522.z1303.winmx.com c3523.z1303.winmx.com c3524.z1303.winmx.com
O1 - Hosts: c3525.z1303.winmx.com c3526.z1303.winmx.com c3527.z1303.winmx.com
O1 - Hosts: c3528.z1303.winmx.com c3529.z1303.winmx.com
O1 - Hosts: 82.195.155.5 c3520.z1304.winmx.com c3521.z1304.winmx.com
O1 - Hosts: c3522.z1304.winmx.com c3523.z1304.winmx.com c3524.z1304.winmx.com
O1 - Hosts: c3525.z1304.winmx.com c3526.z1304.winmx.com c3527.z1304.winmx.com
O1 - Hosts: c3528.z1304.winmx.com c3529.z1304.winmx.com
O1 - Hosts: 82.195.155.5 c3520.z1305.winmx.com c3521.z1305.winmx.com
O1 - Hosts: c3522.z1305.winmx.com c3523.z1305.winmx.com c3524.z1305.winmx.com
O1 - Hosts: c3525.z1305.winmx.com c3526.z1305.winmx.com c3527.z1305.winmx.com
O1 - Hosts: c3528.z1305.winmx.com c3529.z1305.winmx.com
O1 - Hosts: 82.195.155.5 c3520.z1306.winmx.com c3521.z1306.winmx.com
O1 - Hosts: c3522.z1306.winmx.com c3523.z1306.winmx.comc3524.z1306.winmx.com
O1 - Hosts: c3525.z1306.winmx.com c3526.z1306.winmx.com c3527.z1306.winmx.com
O1 - Hosts: c3528.z1306.winmx.comc3529.z1306.winmx.com
O2 - BHO: (no name) - {3D806643-C091-27FD-15B0-D3CA97B83F8F} - C:\DOCUME~1\ISABEL~1\APPLIC~1\ARMYCH~1\pile body.exe
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: EoRezoBHO - {64F56FC1-1272-44CD-BA6E-39723696E350} - C:\PROGRA~1\eoRezo\EoAdv\EOREZO~1.DLL (file missing)
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [LVCOMS] C:\Program Files\Fichiers communs\Logitech\QCDriver3\LVCOMS.EXE
O4 - HKLM\..\Run: [LogitechImageStudioTray] C:\Program Files\Logitech\ImageStudio\LogiTray.exe
O4 - HKLM\..\Run: [LogitechGalleryRepair] C:\Program Files\Logitech\ImageStudio\ISStart.exe
O4 - HKLM\..\Run: [DVDSentry] C:\WINDOWS\System32\DSentry.exe
O4 - HKLM\..\Run: [DkStartup] C:\Program Files\Rainbow Technologies\iKey 2000 Series Software\DkStartup.exe
O4 - HKLM\..\Run: [DkAutoReg.exe] C:\Program Files\Rainbow Technologies\iKey 2000 Series Software\DkAutoReg.exe
O4 - HKLM\..\Run: [DadApp] C:\Program Files\Dell\AccessDirect\dadapp.exe
O4 - HKLM\..\Run: [CARPService] carpserv.exe
O4 - HKLM\..\Run: [Camera Detector] C:\PROGRA~1\ACDSYS~1\DEVDET~1\DEVDET~1.EXE -autorun
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [ATIModeChange] Ati2mdxx.exe
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [sizewaybookdog] C:\Documents and Settings\All Users\Application Data\exitchinsizeway\Sixth Draw.exe
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [Yahoo! Pager] "C:\PROGRA~1\Yahoo!\MESSEN~1\YAHOOM~1.EXE" -quiet
O4 - HKCU\..\Run: [debug lite] C:\DOCUME~1\ISABEL~1\APPLIC~1\ANTISE~1\Tray Two.exe
O4 - Startup: HotSync Manager.lnk = C:\Palm\HOTSYNC.EXE
O4 - Startup: Palm Desktop.lnk = C:\Palm\palm.exe
O4 - Startup: PowerReg Scheduler.exe
O4 - Global Startup: Digital Line Detect.lnk = ?
O4 - Global Startup: SpySubtract.lnk = C:\Program Files\interMute\SpySubtract\SpySub.exe
O8 - Extra context menu item: &Recherche AOL Toolbar - res://C:\Program Files\AOL Toolbar\toolbar.dll/SEARCH.HTML
O8 - Extra context menu item: &Traduire à partir de l'anglais - res://c:\program files\google\GoogleToolbar2.dll/cmwordtrans.html
O8 - Extra context menu item: Pages liées - res://c:\program files\google\GoogleToolbar2.dll/cmbacklinks.html
O8 - Extra context menu item: Pages similaires - res://c:\program files\google\GoogleToolbar2.dll/cmsimilar.html
O8 - Extra context menu item: Recherche &Google - res://c:\program files\google\GoogleToolbar2.dll/cmsearch.html
O8 - Extra context menu item: Version de la page actuelle disponible dans le cache Google - res://c:\program files\google\GoogleToolbar2.dll/cmcache.html
O9 - Extra button: Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\Program Files\Yahoo!\Messenger\yhexbmes.dll
O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\Program Files\Yahoo!\Messenger\yhexbmes.dll
O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no file)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: JT's Blocks - http://download.games.yahoo.com/games/clients/y/blt1_x.cab
O16 - DPF: Yahoo! Chat - http://us.chat1.yimg.com/us.yimg.com/i/chat/applet/c381/chat.cab
O16 - DPF: Yahoo! Chess - http://download.games.yahoo.com/games/clients/y/ct2_x.cab
O16 - DPF: Yahoo! Dominoes - http://download.games.yahoo.com/games/clients/y/dot2_x.cab
O16 - DPF: Yahoo! Klondike Solitaire - http://yog55.games.scd.yahoo.com/yog/y/ks12_x.cab
O16 - DPF: Yahoo! Literati - http://download.games.yahoo.com/games/clients/y/tt4_x.cab
O16 - DPF: Yahoo! MahJong Solitaire - http://download.games.yahoo.com/games/clients/y/mjst3_x.cab
O16 - DPF: Yahoo! Pool 2 - http://download.games.yahoo.com/games/clients/y/potd_x.cab
O16 - DPF: Yahoo! Pyramids - http://download.games.yahoo.com/games/clients/y/pyt1_x.cab
O16 - DPF: {084DAC27-6FA3-4F55-9005-033F2F102F5C} (ITPPDiagIE Class) - http://downloads.winwise.fr/Common/npwwg.cab
O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab31267.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://querle.spaces.msn.com//PhotoUpload/MsnPUpld.cab
O16 - DPF: {5CE7A7AF-8C5E-48CF-AE30-8FC6F01C27E3} - http://us.dl1.yimg.com/download.yahoo.com/dl/installs/ydropper/ydropper1_3fr.cab
O16 - DPF: {6BEA1C48-1850-486C-8F58-C7354BA3165E} (Install Class) - http://updates.lifescapeinc.com/installers/pinstall/pinstall.cab
O16 - DPF: {6DB731A3-B074-4118-8B1C-32511C65D836} (FotovistaPhotoUploader.ctrFpu) - http://www.mypixmania.com/fr/fr/tools/activex/fpu.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab
O16 - DPF: {A06BE318-C096-11D4-964F-0010A4D06F69} (TeleTVA Control) - https://tva.dgi.minefi.gouv.fr/activeX/TeleTVA.tva
O16 - DPF: {A18962F6-E6ED-40B1-97C9-1FB36F38BFA8} (Aurigma Image Uploader 3.5 Control) - http://www.extrafilm.fr/net/Import/ImageUploader3.cab
O16 - DPF: {ABB08127-7417-11D4-8566-00500448008D} (Chat Class) - http://downloads.winwise.fr/Common/npchatlax.cab
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMessengerSetupDownloader.cab
O16 - DPF: {CE69F98F-2AF3-4306-BAC6-A79070EDA1B4} (Zylom Loader Object) - http://eu.download.games.yahoo.com/zylom/activex/zylomloader.cab
O16 - DPF: {F00F4763-7355-4725-82F7-0DA94A256D46} (IMDownloader Class) - http://www2.incredimail.com/contents/setup/downloader/imloader.cab
O16 - DPF: {F58E1CEF-A068-4C15-BA5E-587CAF3EE8C6} (MSN Chat Control 4.5) - http://chat.msn.com/controls/msnchat45.cab
O16 - DPF: {F6BF0D00-0B2A-4A75-BF7B-F385591623AF} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown.cab31267.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{2703359A-E827-4E29-A40F-EDDA20732BE8}: NameServer = 192.168.0.1
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - AVIRA GmbH - C:\Program Files\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\System32\Ati2evxx.exe
O23 - Service: Datakey's Log Service (DkLogger) - Datakey, Inc. - C:\WINDOWS\System32\DkLog.exe
O23 - Service: Datakey's Token Service (DkTknSrv) - Datakey, Inc. - C:\WINDOWS\System32\dkcktkn.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\Security Center\SymWSC.exe

Encore merci pour votre aide.

Isabelle
PrécédentSéb08
sept. 06
boulepate62
oct. 06
Suivant
REPONSES
Séb08
sept. 06
Isabelle
oct. 06
boulepate62
oct. 06
Isabelle
oct. 06
Séb08
oct. 06
Isabelle
oct. 06
Séb08
oct. 06
Isabelle
oct. 06
Séb08
oct. 06
Isabelle
oct. 06
Version Web
Mentions légales (c)2009
Réalisé par RedShift
no save