Tous les sens de ma machine en émoi...

15/02-2007 à 11:49 Bonjour à tous et merci de m'accepter dans votre forum!
Depuis à peu près deux mois mon ordi me donne des cauchemars. Instabilité genérale et...crash.J'ai du formater en étant presque sure que tout allait rentrer dans l'ordre , mais ...non.Voila tout a commencé un jour lorsque j'ai essayé de lire mon courrier.A chaque fois on me redemandait d'introduire mes identifiants..Et lorsque je clique sur le mail pour le lire , là c'est un veritable parcours du combattant! Impossible de le lire.Cela a duré un mois et demi et là depuis hier je constate que par miracle j'arrive a lire mon courrier.Je dois preciser que à la suite d'alertes "zone alarme" j'ai désinstallé la barre yahoo ainsi que messenger yahoo.Voici le type d'alertes qui jusqu'à avant hier me donnait "zone alarme": [S]YAHOO MESS. tente de surveiller les frappes de clavier et les raccourcis afin de pister l'utilisateur, si vous le laisser faire.....etc....Bien sur je me suis dirigée à la page explications de SmartDefenseAdvisor ( ZA pro) et là j'ai lu que yahoo messenger pourrait etre un logiciel malveillant.Et c'est ainsi que je l'ai desactivé ainsi que la tool bar.Et j'ai pu lire mon courrier.Mais j'ai tjrs des problemes à me connecter a yahoo jeux...Ou bien le login marche et j'accede au jeu , ou bien une fois le log passé je n'arrive pas à entrer dans la salle de jeux, la fenêtre ne s'ouvre qu'une fois sur 10.Je précise que le bloqueur de pop up est desactive pour le site et que la fenêtre java s'ouvre normalement, et actualiséee( VersionJRE 150_10)
J'ai scanné mon ordi avec spybot, adware, spysweeper,avg, avast qui sont tous installés mais aucun ne me parle d'infections...Autre chose, il y a un forum que j'avais l'habitude de consulter...je n'arrive plus à y entrer.Lorsque je m'identifie , on me renvoie a une autre page, ensuite impossible de me deconnecter...Lorsque j'y arrive , je tente de consulter, off, la rubrique virus etc, et là une boite de dialogue apparait me disant que je n'ai pas le droit de consulter cette rubrique!!!
Voilà j'espère que ce message vous parviendra et je compte sur la bonne volonté de tout le monde pour apporter des solutions à mon problème
Merci à tous à bientôt!

15/02-2007 à 12:11Bonjour
Refais toutes ces analyses en mode sans échec et restauration désactivée. (à remettre au redémarrage suivant )
Sans oublier de passer par msconfig, pour désactiver tous les lancements automatiques....Aux deux seules exceptions suivantes pare-feu et antivirus. (et éventuellement un processus concernant carte-son ou vidéo, qui se lancerait en tant que service...)
Tu désactives donc tout, sauf pare-feu, antivirus et cartes .

Modifie par Modifié par PAZTO245 le 15/02/

----------
Beethoven était sourd, ça dépasse l' entendement.

15/02-2007 à 15:36Salut PAZTO245
Merci tout d'abord de m'avoir répondu si vite.Je viens de terminer la procedure que tu m'as conseillée et elle a donné ses fruits!
Voici les résultats:

AdAware:1 REGISTRY VALUE IDENTIFIED: Windows regdata Vulnerability HKey_Users:S-1-5-21-12
Spybot: pas de mouchards mais je joins quand meme le rapport

[I]Common Dialogs: History (30 files) (Clé du registre, nothing done)
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\ComDlg32\OpenSaveMRU

Log: Activity: COM+.log (Sauver le fichier, nothing done)
C:\WINDOWS\COM+.log

Log: Activity: SchedLgU.Txt (Sauver le fichier, nothing done)
C:\WINDOWS\SchedLgU.Txt

Log: Activity: imsins.log (Sauver le fichier, nothing done)
C:\WINDOWS\imsins.log

Log: Activity: OEWABLog.txt (Sauver le fichier, nothing done)
C:\WINDOWS\OEWABLog.txt

Log: Activity: ntbtlog.txt (Sauver le fichier, nothing done)
C:\WINDOWS\ntbtlog.txt

Log: Install: comsetup.log (Sauver le fichier, nothing done)
C:\WINDOWS\comsetup.log

Log: Install: ocgen.log (Sauver le fichier, nothing done)
C:\WINDOWS\ocgen.log

Log: Install: setupact.log (Sauver le fichier, nothing done)
C:\WINDOWS\setupact.log

Log: Install: setupapi.log (Sauver le fichier, nothing done)
C:\WINDOWS\setupapi.log

Log: Install: setuplog.txt (Sauver le fichier, nothing done)
C:\WINDOWS\setuplog.txt

Log: Install: wmsetup.log (Sauver le fichier, nothing done)
C:\WINDOWS\wmsetup.log

Log: Install: DtcInstall.log (Sauver le fichier, nothing done)
C:\WINDOWS\DtcInstall.log

Log: Shutdown: System32\wbem\logs\mofcomp.log (Sauver le fichier, nothing done)
C:\WINDOWS\System32\wbem\logs\mofcomp.log

Log: Shutdown: System32\wbem\logs\setup.log (Sauver le fichier, nothing done)
C:\WINDOWS\System32\wbem\logs\setup.log

Log: Shutdown: System32\wbem\logs\wbemcore.log (Sauver le fichier, nothing done)
C:\WINDOWS\System32\wbem\logs\wbemcore.log

Log: Shutdown: System32\wbem\logs\wbemess.lo_ (Sauver le fichier, nothing done)
C:\WINDOWS\System32\wbem\logs\wbemess.lo_

Log: Shutdown: System32\wbem\logs\wbemess.log (Sauver le fichier, nothing done)
C:\WINDOWS\System32\wbem\logs\wbemess.log

Log: Shutdown: System32\wbem\logs\wbemprox.log (Sauver le fichier, nothing done)
C:\WINDOWS\System32\wbem\logs\wbemprox.log

Log: Shutdown: System32\wbem\logs\winmgmt.log (Sauver le fichier, nothing done)
C:\WINDOWS\System32\wbem\logs\winmgmt.log

Log: Shutdown: System32\wbem\logs\wmiadap.log (Sauver le fichier, nothing done)
C:\WINDOWS\System32\wbem\logs\wmiadap.log

Log: Shutdown: System32\wbem\logs\wmiprov.log (Sauver le fichier, nothing done)
C:\WINDOWS\System32\wbem\logs\wmiprov.log

Download Express: Last save as folder (Modification du registre, nothing done)
HKEY_USERS\S-1-5-21-1275210071-813497703-1343024091-1003\Software\MetaProducts\Download Express\LastSaveAsPath!=

Internet Explorer: Typed URL list (16 fichiers) (Clé du registre, nothing done)
HKEY_USERS\S-1-5-21-1275210071-813497703-1343024091-1003\Software\Microsoft\Internet Explorer\TypedURLs

Internet Explorer: Last used directory (Modification du registre, nothing done)
HKEY_USERS\S-1-5-21-1275210071-813497703-1343024091-1003\Software\Microsoft\Internet Explorer\Main\Save Directory!=

Internet Explorer: Download directory (Modification du registre, nothing done)
HKEY_USERS\S-1-5-21-1275210071-813497703-1343024091-1003\Software\Microsoft\Internet Explorer\Download Directory!=

Internet Explorer: User agent (Modification du registre, nothing done)
HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent!=Mozilla/4.0 (compatible; MSIE; Win32)

Internet Explorer: User agent (Modification du registre, nothing done)
HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent!=Mozilla/4.0 (compatible; MSIE; Win32)

Internet Explorer: User agent (Modification du registre, nothing done)
HKEY_USERS\S-1-5-21-1275210071-813497703-1343024091-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent!=Mozilla/4.0 (compatible; MSIE; Win32)

Internet Explorer: User agent (Modification du registre, nothing done)
HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent!=Mozilla/4.0 (compatible; MSIE; Win32)

MS Management Console: Recent command list (4 fichiers) (Clé du registre, nothing done)
HKEY_USERS\S-1-5-21-1275210071-813497703-1343024091-1003\Software\Microsoft\Microsoft Management Console\Recent File List

MS Media Player: Recent file list (1 fichiers) (Clé du registre, nothing done)
HKEY_USERS\S-1-5-21-1275210071-813497703-1343024091-1003\Software\Microsoft\MediaPlayer\Player\RecentFileList

MS Media Player: Last opened playlist (Valeur du registre, nothing done)
HKEY_USERS\S-1-5-21-1275210071-813497703-1343024091-1003\Software\Microsoft\MediaPlayer\Preferences\LastPlaylist

MS Media Player: Last selected track index (Valeur du registre, nothing done)
HKEY_USERS\S-1-5-21-1275210071-813497703-1343024091-1003\Software\Microsoft\MediaPlayer\Preferences\LastPlaylistIndex

MS Media Player: Last selected node (Modification du registre, nothing done)
HKEY_USERS\S-1-5-21-1275210071-813497703-1343024091-1003\Software\Microsoft\MediaPlayer\MediaLibraryUI\MLLastSelectedNode!=

MS Media Player: Client ID (Modification du registre, nothing done)
HKEY_USERS\S-1-5-20\Software\Microsoft\MediaPlayer\Player\Settings\Client ID!=

MS Media Player: Anonymous ID (Modification du registre, nothing done)
HKEY_USERS\S-1-5-21-1275210071-813497703-1343024091-1003\Software\Microsoft\MediaPlayer\Preferences\SendUserGUID!=B=0

MS Direct3D: Most recent application (Modification du registre, nothing done)
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Direct3D\MostRecentApplication\Name!=

MS Direct3D: Most recent application (Modification du registre, nothing done)
HKEY_USERS\.DEFAULT\Software\Microsoft\Direct3D\MostRecentApplication\Name!=

MS Direct3D: Most recent application (Modification du registre, nothing done)
HKEY_USERS\S-1-5-21-1275210071-813497703-1343024091-1003\Software\Microsoft\Direct3D\MostRecentApplication\Name!=

MS Direct3D: Most recent application (Modification du registre, nothing done)
HKEY_USERS\S-1-5-18\Software\Microsoft\Direct3D\MostRecentApplication\Name!=

MS DirectDraw: Most recent application (Modification du registre, nothing done)
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\DirectDraw\MostRecentApplication\Name!=

MS DirectInput: Most recent application (Modification du registre, nothing done)
HKEY_USERS\S-1-5-21-1275210071-813497703-1343024091-1003\Software\Microsoft\DirectInput\MostRecentApplication\Name!=

MS DirectInput: Most recent application ID (Modification du registre, nothing done)
HKEY_USERS\S-1-5-21-1275210071-813497703-1343024091-1003\Software\Microsoft\DirectInput\MostRecentApplication\Id!=

MS Search Assistant: Typed search terms history (Clé du registre, nothing done)
HKEY_USERS\S-1-5-21-1275210071-813497703-1343024091-1003\Software\Microsoft\Search Assistant\ACMru

Windows: Drivers installation paths (Modification du registre, nothing done)
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Setup\Installation Sources!=

Windows Explorer: Recent wallpaper list (38 fichiers) (Clé du registre, nothing done)
HKEY_USERS\S-1-5-21-1275210071-813497703-1343024091-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\Wallpaper\MRU

Windows Explorer: Run history (5 fichiers) (Clé du registre, nothing done)
HKEY_USERS\S-1-5-21-1275210071-813497703-1343024091-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\RunMRU

Windows Explorer: Stream history (5 fichiers) (Clé du registre, nothing done)
HKEY_USERS\S-1-5-21-1275210071-813497703-1343024091-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\StreamMRU

Windows Explorer: User Assistant history IE (15 fichiers) (Clé du registre, nothing done)
HKEY_USERS\S-1-5-21-1275210071-813497703-1343024091-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{5E6AB780-7743-11CF-A12B-00AA004AE837}\Count

Windows Explorer: User Assistant history files (133 fichiers) (Clé du registre, nothing done)
HKEY_USERS\S-1-5-21-1275210071-813497703-1343024091-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{75048700-EF1F-11D0-9888-006097DEACF9}\Count

Windows Explorer: Last visited history (7 fichiers) (Clé du registre, nothing done)
HKEY_USERS\S-1-5-21-1275210071-813497703-1343024091-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\ComDlg32\LastVisitedMRU

Windows Explorer: Recent file global history (Clé du registre, nothing done)
HKEY_USERS\S-1-5-21-1275210071-813497703-1343024091-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\RecentDocs

Windows Media SDK: Computer name (Modification du registre, nothing done)
HKEY_USERS\.DEFAULT\Software\Microsoft\Windows Media\WMSDK\General\ComputerName!=ComputerName

Windows Media SDK: Computer name (Modification du registre, nothing done)
HKEY_USERS\S-1-5-21-1275210071-813497703-1343024091-1003\Software\Microsoft\Windows Media\WMSDK\General\ComputerName!=ComputerName

Windows Media SDK: Computer name (Modification du registre, nothing done)
HKEY_USERS\S-1-5-18\Software\Microsoft\Windows Media\WMSDK\General\ComputerName!=ComputerName

Windows Media SDK: Unique ID (Modification du registre, nothing done)
HKEY_USERS\.DEFAULT\Software\Microsoft\Windows Media\WMSDK\General\UniqueID!={00000000-0000-0000-0000-000000000000}

Windows Media SDK: Unique ID (Modification du registre, nothing done)
HKEY_USERS\S-1-5-21-1275210071-813497703-1343024091-1003\Software\Microsoft\Windows Media\WMSDK\General\UniqueID!={00000000-0000-0000-0000-000000000000}

Windows Media SDK: Unique ID (Modification du registre, nothing done)
HKEY_USERS\S-1-5-18\Software\Microsoft\Windows Media\WMSDK\General\UniqueID!={00000000-0000-0000-0000-000000000000}

Windows Media SDK: Volume serial number (Valeur du registre, nothing done)
HKEY_USERS\.DEFAULT\Software\Microsoft\Windows Media\WMSDK\General\VolumeSerialNumber

Windows Media SDK: Volume serial number (Valeur du registre, nothing done)
HKEY_USERS\S-1-5-21-1275210071-813497703-1343024091-1003\Software\Microsoft\Windows Media\WMSDK\General\VolumeSerialNumber

Windows Media SDK: Volume serial number (Valeur du registre, nothing done)
HKEY_USERS\S-1-5-18\Software\Microsoft\Windows Media\WMSDK\General\VolumeSerialNumber

Cookie: Cookie (4) (Cookie, nothing done)


Cache: Cache (783) (Cache, nothing done)


Félicitations!: Aucun mouchard n'a été trouvé. ()



--- Spybot - Search & Destroy version: 1.4 (build: 20050523) ---

2005-05-31 blindman.exe (1.0.0.1)
2005-05-31 SpybotSD.exe (1.4.0.3)
2005-05-31 TeaTimer.exe (1.4.0.2)
2007-01-31 unins000.exe (51.41.0.0)
2005-05-31 Update.exe (1.4.0.0)
2007-01-15 advcheck.dll (1.2.1.0)
2005-05-31 aports.dll (2.1.0.0)
2005-05-31 borlndmm.dll (7.0.4.453)
2005-05-31 delphimm.dll (7.0.4.453)
2005-05-31 SDHelper.dll (1.4.0.0)
2007-01-02 Tools.dll (2.0.1.0)
2005-05-31 UnzDll.dll (1.73.1.1)
2005-05-31 ZipDll.dll (1.73.2.0)
2007-02-02 Includes\Cookies.sbi (*)
2006-12-08 Includes\Dialer.sbi (*)
2007-02-02 Includes\DialerC.sbi (*)
2006-11-24 Includes\Hijackers.sbi (*)
2007-02-02 Includes\HijackersC.sbi (*)
2006-10-27 Includes\Keyloggers.sbi (*)
2007-02-02 Includes\KeyloggersC.sbi (*)
2004-11-29 Includes\LSP.sbi (*)
2007-01-12 Includes\Malware.sbi (*)
2007-02-02 Includes\MalwareC.sbi (*)
2007-01-19 Includes\PUPS.sbi (*)
2007-02-02 Includes\PUPSC.sbi (*)
2007-02-02 Includes\Revision.sbi (*)
2006-12-08 Includes\Security.sbi (*)
2007-02-02 Includes\SecurityC.sbi (*)
2007-02-02 Includes\Spybots.sbi (*)
2007-02-02 Includes\SpybotsC.sbi (*)
2005-02-17 Includes\Tracks.uti (*)
2006-12-08 Includes\Trojans.sbi (*)
2007-02-02 Includes\TrojansC.sbi (*)[/I]

AVG Rien

et the last but not the least ! AVAST a trouvé ce trojan
Cheval de troie Win32:NetBus_N
Version VPS000713-4, 14 fevrier 2007
Fichier= C: VT6105Mv25FVia.zip, VT6105Mv25FVIA.exe
Avast me dit qu'il est impossible de traiter le fichier a sa demande de le mettre en quarantaine.La boite de dialogue me dit qu'une erreur est survenue lors du deplacement.
Que faire? J'attends tes conseils.Merci de me répondre j'ai la trouille! j'ai l'impression que la bête va crever l'écran et me sauter dessus!

15/02-2007 à 21:24Bonsoir
Est ce que quelqu'un peut me proposer une solution? Merci à toutes les bonnes ames!

17/02-2007 à 12:22Bonjour
Pazto245, merci.La page indiquée n'existe pas....et comme c'était l'unique aide, je me suis dépatouillée toute seule..parceque je n'arrivais pas à me connecter au forum, ni meme pouvoir faire des scans online.Achaque fois tout se bloquait...
Avast m'a trouvé Netbus encore hier et apparament a confirmé la suppression des fichiers.C'etait des fichiers que j'ai teléchargé du site Via tecnologies, de drivers,apres le formatage de mon pc. Est ce que vraiment ce troyen a pu etre éliminé, ou dois je suivre d'autres procédures? Je precise qu'a la suite du scan de Avast j'en ai encore fait 3 autres et tous négatifs.
Merci

17/02-2007 à 13:18Titinou vient de donner ce logiciel.
Vraiment très efficace.
http://www.01net.com/windows/Utilitaire/cryptage_et_securite/fiches/23822.html
Succès garanti sur mémo !

----------
Beethoven était sourd, ça dépasse l' entendement.

17/02-2007 à 13:57Salut PAZTO245
Que dois je faire avec ce logiciel? Et comment dois je proceder? A propos dans le log de Avast il est mentionné une longue liste se rapportant à des fichiers avg et spybot qu'il n'a pas pu scanner parceque fermés avec mot de passe? Moi je n'ai mis de mots de passe à aucun de ces logiciels.Est ce des fichiers infectés, faut il les détruire ou est ce une manoeuvre habituelle des developpeurs de ces logiciels Merci de me répondre.

17/02-2007 à 14:18Salut!
Je l'ai utilisé pour les fichiers temp, mais il m'a laissé quelques uns disant qu'il ne pouvait pas les effacer...

17/02-2007 à 19:52

Que dois je faire avec ce logiciel

Dans la colonne de gauche tu fais clic droit > déposer à droite et , (en haut de l'écran) <<<<<< erase.
< et : hop , y a pu rien ! ! ! !
D'une efficacité que d'aucun n'imaginait ! ! ! ! !

Modifie par Modifié par PAZTO245 le 17/02/

----------
Beethoven était sourd, ça dépasse l' entendement.

17/02-2007 à 20:09http://www.emsisoft.com/fr/software/download/
essaye ça aussi, il démenage!
A+

18/02-2007 à 12:33Bonjour PAZTO245 ? bonjour fredorigolo
C'est la 8e fois que j'essaie de rentrer dans le forum , j'espere que je peux envoyer ce post maintenant
A2squared je l'ai déja et à part qqes cookies , il ne m'a pas révélé autre chose.Seulement j'ai ouvert la section Hijackfree du logiciel et voila ce que j'ai vu dans la partie fichiers Autostart autoexex.nt, nom SET BLASTER, endroit A220 I5D1P330 T3 SANS AUCUNE AUTRE INFORMATION .Serait ce un autre virus??? Comment faire s'il vous plait j'attends votre aide, suis désemparée
PS/ Je me suis rappelée les premiers détails de l'instabilité du système mais a 6 reprises j'envoyais le post et il ne passait pas..

18/02-2007 à 12:38[B][I]AUTOEXEC.NT

19/02-2007 à 07:57Tu n'aurait pas une carte Soundblaster par hasard?

24/02-2007 à 21:01Bonsoir à tous
Voila des jours que j'essaie de me connecter au forum, en vain.....Je n'ai pas de carte Soundblaster fredorigolo78.Tous mes malheurs sont arrivés apres le formatage de mon disque.Et c'est depuis que j'ai cherché des drivers pour mes periph que je me retrouve avec tous ces problèmes.J'ai passé un scan chez secunia et on me trouve plein de trucs notamment ds le logiciel Java..Je viens de faire un scan avec hijackthis , je vous soumet les résultats.J'attends votre aide, svp, j'en ai grandement besoin.Je ne m'y connais pas dans ce domaine et j'ai grandement besoin de retrouver un pc propre .
Voici le log hijackthis

Logfile of HijackThis v1.99.1
Scan saved at 20:26:14, on 24/02/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\System32\alg.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe
C:\Program Files\a-squared Anti-Malware\a2guard.exe
C:\Program Files\Java\jre1.5.0_11\bin\jusched.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\Program Files\VIA Technologies, Inc\VIA Audio Driver Setup Program\AudioDeck\AudioDeck.exe
C:\hijackthis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://yahoo.es/
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Barra Yahoo! - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_11\bin\ssv.dll
O3 - Toolbar: Barra Yahoo! - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [VTPreset] VTPreset.exe
O4 - HKLM\..\Run: [AVG7_CC] "C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe" /STARTUP
O4 - HKLM\..\Run: [a-squared] "C:\Program Files\a-squared Anti-Malware\a2guard.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.5.0_11\bin\jusched.exe"
O4 - HKLM\..\Run: [Zone Labs Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - Global Startup: AudioDeck.lnk = C:\Program Files\VIA Technologies, Inc\VIA Audio Driver Setup Program\AudioDeck\AudioDeck.exe
O8 - Extra context menu item: Télécharger en utilisant Download &Express - C:\Program Files\Download Express\Add_Url.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_11\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_11\bin\ssv.dll
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe

Jattends votre aide!!!!!!! Si je ne réponds pas de suite c que je n'ai pas pu me connecter a votre site..

24/02-2007 à 21:38Bonsoir
Tu as deux anti-virus, il faut choisir l'un ou l'autre.....dans les
023
Puis tu supprimes les lignes R3 et 03

Modifie par Modifié par PAZTO245 le 24/02/

----------
Beethoven était sourd, ça dépasse l' entendement.

24/02-2007 à 22:38Bonsoir PAZTO245
J'ai fait ce que tu me dis mais Avg Alert Manager, avg mail scanner et avg update sont tjrs présents..J'ai refais un autre scan avec toujours hijack et ils sont toujours là.Merci pour ton aide.Je t'envoie également le scan online que j'ai fait avec Asquared Antimalware et les détailsde l'analyse sur le logiciel Java.

Scan AsquaredHijack


Your used version of a-squared HiJackFree: 2.1.0.34
The current version of a-squared HiJackFree: 2.0.0.429

Your used operating system version: Windows XP Service Pack 2
The current version of your operating system: Windows XP Service Pack 2

Registry Autoruns: Result ToDo
Name: avast!
Path: C:\Program Files\ALWILS~1\Avast4\ashDisp.exe
Location: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
Good: 2 - Bad: 0
View Details
Name: VTPreset
Path: VTPreset.exe
Location: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
Good: 1 - Bad: 0
View Details
Name: AVG7_CC
Path: C:\Program Files\Grisoft\AVGFRE~1\avgcc.exe
Location: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
Good: 1 - Bad: 0
View Details
Name: a-squared
Path: C:\Program Files\a-squared Anti-Malware\a2guard.exe
Location: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
Good: 2 - Bad: 0
View Details
Name: SunJavaUpdateSched
Path: C:\Program Files\Java\jre1.5.0_11\bin\jusched.exe
Location: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
Good: 2 - Bad: 3
View Details Requires Attention!
Compare details with your local values
and/or search at Google
Name: Zone Labs Client
Path: C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
Location: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
Good: 2 - Bad: 0
View Details
Tricky and Other Autoruns: Result ToDo
Name: SET BLASTER
Path: A220 I5 D1 P330 T3
Location: autoexec.nt
Not checked Unknown Item
Search at Google
Name: dos
Path: high, umb
Location: config.nt
Not checked Unknown Item
Search at Google
Name: device
Path: %SystemRoot%\system32\himem.sys
Location: config.nt
Not checked Unknown Item
Search at Google
Name: files
Path: 40
Location: config.nt
Not checked Unknown Item
Search at Google
Name: device
Path: C:\Program Files\ALWILS~1\Avast4\aswmonds.sys
Location: config.nt
Not checked Unknown Item
Search at Google
Name: AudioDeck
Path:
Location: C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\
Not checked Unknown Item
Search at Google
Name: Mantenimiento con 1 clic
Path:
Location: C:\WINDOWS\tasks\
Not checked Unknown Item
Search at Google
Name: SA
Path:
Location: C:\WINDOWS\tasks\
Not checked Unknown Item
Search at Google
Name: CTFMON.EXE
Path: C:\WINDOWS\system32\CTFMON.EXE
Location: HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Run\
Not checked Unknown Item
Search at Google
Name: AVG7_Run
Path: C:\Program Files\Grisoft\AVGFRE~1\avgw.exe
Location: HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Run\
Not checked Unknown Item
Search at Google
Name: Shell
Path: Explorer.exe
Location: HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\
Not checked Unknown Item
Search at Google
Name: $GT;{22d6f312-b0f6-11d0-94ab-0080c74c7e95}
Path: C:\WINDOWS\inf\unregmp2.exe
Location: HKLM\Software\Microsoft\Active Setup\Installed Components\
Not checked Unknown Item
Search at Google
Name: $GT;{26923b43-4d38-484f-9b9e-de460746276c}
Path: C:\WINDOWS\system32\shmgrate.exe OCInstallUserConfigIE
Location: HKLM\Software\Microsoft\Active Setup\Installed Components\
Not checked Unknown Item
Search at Google
Name: $GT;{60B49E34-C7CC-11D0-8953-00A0C90347FF}MICROS
Path: RunDLL32 IEDKCS32.DLL,BrandIE4 SIGNUP
Location: HKLM\Software\Microsoft\Active Setup\Installed Components\
Not checked Unknown Item
Search at Google
Name: $GT;{881dd1c5-3dcf-431b-b061-f3f88e8be88a}
Path: C:\WINDOWS\system32\shmgrate.exe OCInstallUserConfigOE
Location: HKLM\Software\Microsoft\Active Setup\Installed Components\
Not checked Unknown Item
Search at Google
Name: {2C7339CF-2B09-4501-B3F3-F3508C9228ED}
Path: C:\WINDOWS\system32\regsvr32.exe
Location: HKLM\Software\Microsoft\Active Setup\Installed Components\
Not checked Unknown Item
Search at Google
Name: {44BBA840-CC51-11CF-AAFA-00AA00B6015C}
Path: "C:\Program Files\Outlook Express\setup50.exe"
Location: HKLM\Software\Microsoft\Active Setup\Installed Components\
Not checked Unknown Item
Search at Google
Name: {44BBA842-CC51-11CF-AAFA-00AA00B6015B}
Path: rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msnetmtg.inf,NetMtg.Install.PerUser.NT
Location: HKLM\Software\Microsoft\Active Setup\Installed Components\
Not checked Unknown Item
Search at Google
Name: {5945c046-1e7d-11d1-bc44-00c04fd912be}
Path: rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msmsgs.inf,BLC.QuietInstall.PerUser
Location: HKLM\Software\Microsoft\Active Setup\Installed Components\
Not checked Unknown Item
Search at Google
Name: {6BF52A52-394A-11d3-B153-00C04F79FAA6}
Path: rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\wmp.inf,PerUserStub
Location: HKLM\Software\Microsoft\Active Setup\Installed Components\
Not checked Unknown Item
Search at Google
Name: {7790769C-0471-11d2-AF11-00C04FA35D02}
Path: "C:\Program Files\Outlook Express\setup50.exe"
Location: HKLM\Software\Microsoft\Active Setup\Installed Components\
Not checked Unknown Item
Search at Google
Name: {89820200-ECBD-11cf-8B85-00AA005B4340}
Path: regsvr32.exe
Location: HKLM\Software\Microsoft\Active Setup\Installed Components\
Not checked Unknown Item
Search at Google
Name: {89820200-ECBD-11cf-8B85-00AA005B4383}
Path: C:\WINDOWS\system32\ie4uinit.exe
Location: HKLM\Software\Microsoft\Active Setup\Installed Components\
Not checked Unknown Item
Search at Google
Name: {89B4C1CD-B018-4511-B0A1-5476DBF70820}
Path: C:\WINDOWS\system32\Rundll32.exe C:\WINDOWS\system32\mscories.dll,Install
Location: HKLM\Software\Microsoft\Active Setup\Installed Components\
Not checked Unknown Item
Search at Google
Name: Fichier script VBScript
Path: C:\WINDOWS\System32\WScript.exe "%1" %*
Location: HKEY_CLASSES_ROOT\vbsfile\shell\open\command\
Not checked Unknown Item
Search at Google
Name: Fichier script crypté VBScript
Path: C:\WINDOWS\System32\WScript.exe "%1" %*
Location: HKEY_CLASSES_ROOT\vbefile\shell\open\command\
Not checked Unknown Item
Search at Google
Name: Fichier script JScript
Path: C:\WINDOWS\System32\WScript.exe "%1" %*
Location: HKEY_CLASSES_ROOT\jsfile\shell\open\command\
Not checked Unknown Item
Search at Google
Name: Fichier script crypté JScript
Path: C:\WINDOWS\System32\WScript.exe "%1" %*
Location: HKEY_CLASSES_ROOT\jsefile\shell\open\command\
Not checked Unknown Item
Search at Google
Name: Fichier de configuration de l'environnement d'exécution de scripts Windows
Path: C:\WINDOWS\System32\WScript.exe "%1" %*
Location: HKEY_CLASSES_ROOT\wshfile\shell\open\command\
Not checked Unknown Item
Search at Google
Name: Fichier script Windows
Path: C:\WINDOWS\System32\WScript.exe "%1" %*
Location: HKEY_CLASSES_ROOT\wsffile\shell\open\command\
Not checked Unknown Item
Search at Google
Name: Application
Path: "%1" %*
Location: HKEY_CLASSES_ROOT\exefile\shell\open\command\
Not checked Unknown Item
Search at Google
Name: Application MS-DOS
Path: "%1" %*
Location: HKEY_CLASSES_ROOT\comfile\shell\open\command\
Not checked Unknown Item
Search at Google
Name: Fichier de commande MS-DOS
Path: "%1" %*
Location: HKEY_CLASSES_ROOT\batfile\shell\open\command\
Not checked Unknown Item
Search at Google
Name: Écran de veille
Path: "%1"
Location: HKEY_CLASSES_ROOT\scrfile\shell\open\command\
Not checked Unknown Item
Search at Google
Name: Raccourci pour le programme MS-DOS
Path: "%1" %*
Location: HKEY_CLASSES_ROOT\piffile\shell\open\command\
Not checked Unknown Item
Search at Google
Name: SCRNSAVE.EXE
Path: C:\WINDOWS\system32\logon.scr
Location: HKCU\Control Panel\Desktop\
Not checked Unknown Item
Search at Google
Name: PostBootReminder
Path: C:\WINDOWS\system32\SHELL32.dll
Location: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\
Not checked Unknown Item
Search at Google
Name: CDBurn
Path: C:\WINDOWS\system32\SHELL32.dll
Location: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\
Not checked Unknown Item
Search at Google
Name: WebCheck
Path: C:\WINDOWS\system32\webcheck.dll
Location: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\
Not checked Unknown Item
Search at Google
Name: SysTray
Path: C:\WINDOWS\system32\stobject.dll
Location: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\
Not checked Unknown Item
Search at Google
Layered Service Providers (LSP): Result ToDo
Name: mswsock.dll
Path: %SystemRoot%\system32\
Location: HKLM\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\
Good: 1 - Bad: 0
View Details
Name: rsvpsp.dll
Path: %SystemRoot%\system32\
Location: HKLM\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\
Good: 1 - Bad: 0
View Details
Explorer And Browser Addons: Result ToDo
Name: Yahoo! Toolbar Helper
Path: C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
Location: HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects
ClsID: {02478D38-C3F9-4EFB-9B51-7695ECA05670}
Good: 1 - Bad: 0
View Details
Name:
Path: C:\Program Files\SPYBOT~1\SDHelper.dll
Location: HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects
ClsID: {53707962-6F74-2D53-2644-206D7942484F}
Good: 1 - Bad: 0
View Details
Name: SSVHelper Class
Path: C:\Program Files\Java\jre1.5.0_11\bin\ssv.dll
Location: HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects
ClsID: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43}
Good: 0 - Bad: 0
Unknown Item
Search at Google
Local Open Ports: Result ToDo
Port: 135 TCP
Path: C:\WINDOWS\system32\svchost.exe (Process ID: 940)
Good: 1 - Bad: 0
View Details
Port: 445 TCP
Path: system (Process ID: 4)
Good: 1 - Bad: 0
View Details
Port: 1025 TCP
Path: C:\WINDOWS\System32\alg.exe (Process ID: 1376)
Good: 1 - Bad: 1
View Details Requires Attention!
Compare details with your local values
and/or search at Google
Port: 10110 TCP
Path: C:\Program Files\Grisoft\AVGFRE~1\avgemc.exe (Process ID: 1756)
Good: 0 - Bad: 0
Unknown Item
Search at Google
Port: 12025 TCP
Path: C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe (Process ID: 624)
Good: 0 - Bad: 0
Unknown Item
Search at Google
Port: 12080 TCP
Path: C:\Program Files\Alwil Software\Avast4\ashWebSv.exe (Process ID: 1008)
Good: 0 - Bad: 0
Unknown Item
Search at Google
Port: 12110 TCP
Path: C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe (Process ID: 624)
Good: 0 - Bad: 0
Unknown Item
Search at Google
Port: 12119 TCP
Path: C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe (Process ID: 624)
Good: 0 - Bad: 0
Unknown Item
Search at Google
Port: 12143 TCP
Path: C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe (Process ID: 624)
Good: 0 - Bad: 0
Unknown Item
Search at Google
Port: 68 UDP
Path: C:\WINDOWS\System32\svchost.exe (Process ID: 1000)
Good: 1 - Bad: 0
View Details
Port: 123 UDP
Path: C:\WINDOWS\System32\svchost.exe (Process ID: 1000)
Good: 1 - Bad: 0
View Details
Port: 445 UDP
Path: system (Process ID: 4)
Good: 1 - Bad: 0
View Details
Port: 500 UDP
Path: C:\WINDOWS\system32\lsass.exe (Process ID: 716)
Good: 1 - Bad: 0
View Details
Port: 1041 UDP
Path: C:\Program Files\Internet Explorer\iexplore.exe (Process ID: 3892)
Good: 0 - Bad: 0
Unknown Item
Search at Google
Port: 1050 UDP
Path: C:\WINDOWS\system32\svchost.exe (Process ID: 1084)
Good: 0 - Bad: 0
Unknown Item
Search at Google
Port: 4500 UDP
Path: C:\WINDOWS\system32\lsass.exe (Process ID: 716)
Good: 0 - Bad: 0
Unknown Item
Search at Google
Running Processes: Result ToDo
Name: [System Process]
Process ID: 0
Path:
Info: Threads: 1 - Priority: N/A - Visible: Non
Good: 1 - Bad: 0
View Details
Name: System
Process ID: 4
Path:
Info: Threads: 60 - Priority: Normal - Visible: Non
Good: 1 - Bad: 0
View Details
Name: smss.exe
Process ID: 572
Path: C:\WINDOWS\System32\smss.exe
Info: Threads: 3 - Priority: Normal - Visible: Non
Good: 1 - Bad: 2
View Details Requires Attention!
Compare details with your local values
and/or search at Google
Name: ashMaiSv.exe
Process ID: 624
Path: C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
Info: Threads: 8 - Priority: Normal - Visible: Non
Good: 1 - Bad: 0
View Details
Name: csrss.exe
Process ID: 636
Path: C:\WINDOWS\system32\csrss.exe
Info: Threads: 10 - Priority: Normal - Visible: Non
Good: 1 - Bad: 3
View Details Requires Attention!
Compare details with your local values
and/or search at Google
Name: winlogon.exe
Process ID: 660
Path: C:\WINDOWS\system32\winlogon.exe
Info: Threads: 20 - Priority: Haut - Visible: Non
Good: 1 - Bad: 2
View Details Requires Attention!
Compare details with your local values
and/or search at Google
Name: services.exe
Process ID: 704
Path: C:\WINDOWS\system32\services.exe
Info: Threads: 16 - Priority: Normal - Visible: Non
Good: 1 - Bad: 3
View Details Requires Attention!
Compare details with your local values
and/or search at Google
Name: lsass.exe
Process ID: 716
Path: C:\WINDOWS\system32\lsass.exe
Info: Threads: 20 - Priority: Normal - Visible: Non
Good: 1 - Bad: 0
View Details
Name: a2HiJackFree.exe (a-squared HiJackFree)
Process ID: 780
Path: C:\Program Files\a-squared Anti-Malware\a2HiJackFree.exe
Info: Threads: 4 - Priority: Normal - Visible: Oui
Good: 1 - Bad: 0
View Details
Name: svchost.exe
Process ID: 860
Path: C:\WINDOWS\system32\svchost.exe
Info: Threads: 17 - Priority: Normal - Visible: Non
Good: 1 - Bad: 2
View Details Requires Attention!
Compare details with your local values
and/or search at Google
Name: svchost.exe
Process ID: 940
Path: C:\WINDOWS\system32\svchost.exe
Info: Threads: 11 - Priority: Normal - Visible: Non
Good: 1 - Bad: 2
View Details Requires Attention!
Compare details with your local values
and/or search at Google
Name: svchost.exe
Process ID: 1000
Path: C:\WINDOWS\System32\svchost.exe
Info: Threads: 85 - Priority: Normal - Visible: Non
Good: 1 - Bad: 2
View Details Requires Attention!
Compare details with your local values
and/or search at Google
Name: ashWebSv.exe
Process ID: 1008
Path: C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
Info: Threads: 17 - Priority: Normal - Visible: Non
Good: 1 - Bad: 0
View Details
Name: svchost.exe
Process ID: 1084
Path: C:\WINDOWS\system32\svchost.exe
Info: Threads: 7 - Priority: Normal - Visible: Non
Good: 1 - Bad: 2
View Details Requires Attention!
Compare details with your local values
and/or search at Google
Name: svchost.exe
Process ID: 1264
Path: C:\WINDOWS\system32\svchost.exe
Info: Threads: 7 - Priority: Normal - Visible: Non
Good: 1 - Bad: 2
View Details Requires Attention!
Compare details with your local values
and/or search at Google
Name: explorer.exe
Process ID: 1288
Path: C:\WINDOWS\Explorer.EXE
Info: Threads: 12 - Priority: Normal - Visible: Non
Good: 2 - Bad: 1
View Details Requires Attention!
Compare details with your local values
and/or search at Google
Name: avgcc.exe
Process ID: 1336
Path: C:\Program Files\Grisoft\AVGFRE~1\avgcc.exe
Info: Threads: 10 - Priority: Normal - Visible: Non
Good: 1 - Bad: 0
View Details
Name: alg.exe
Process ID: 1376
Path: C:\WINDOWS\System32\alg.exe
Info: Threads: 6 - Priority: Normal - Visible: Non
Good: 1 - Bad: 1
View Details Requires Attention!
Compare details with your local values
and/or search at Google
Name: spoolsv.exe
Process ID: 1464
Path: C:\WINDOWS\system32\spoolsv.exe
Info: Threads: 10 - Priority: Normal - Visible: Non
Good: 1 - Bad: 0
View Details
Name: LMonitor.exe
Process ID: 1496
Path: C:\Program Files\MSI\Live Update 3\LMonitor.exe
Info: Threads: 1 - Priority: Normal - Visible: Non
Good: 0 - Bad: 0
Unknown Item
Search at Google
Submit new process info
Name: ashDisp.exe
Process ID: 1512
Path: C:\Program Files\ALWILS~1\Avast4\ashDisp.exe
Info: Threads: 9 - Priority: Normal - Visible: Non
Good: 1 - Bad: 0
View Details
Name: aswUpdSv.exe
Process ID: 1604
Path: C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
Info: Threads: 3 - Priority: Normal - Visible: Non
Good: 1 - Bad: 0
View Details
Name: ashServ.exe
Process ID: 1680
Path: C:\Program Files\Alwil Software\Avast4\ashServ.exe
Info: Threads: 25 - Priority: Haut - Visible: Non
Good: 1 - Bad: 0
View Details
Name: avgamsvr.exe
Process ID: 1700
Path: C:\Program Files\Grisoft\AVGFRE~1\avgamsvr.exe
Info: Threads: 9 - Priority: Normal - Visible: Non
Good: 1 - Bad: 0
View Details
Name: avgupsvc.exe
Process ID: 1720
Path: C:\Program Files\Grisoft\AVGFRE~1\avgupsvc.exe
Info: Threads: 4 - Priority: Normal - Visible: Non
Good: 1 - Bad: 0
View Details
Name: avgemc.exe
Process ID: 1756
Path: C:\Program Files\Grisoft\AVGFRE~1\avgemc.exe
Info: Threads: 10 - Priority: Normal - Visible: Non
Good: 1 - Bad: 0
View Details
Name: vsmon.exe
Process ID: 1844
Path: C:\WINDOWS\system32\ZoneLabs\vsmon.exe
Info: Threads: 25 - Priority: Normal - Visible: Non
Good: 1 - Bad: 0
View Details
Name: a2guard.exe
Process ID: 2080
Path: C:\Program Files\a-squared Anti-Malware\a2guard.exe
Info: Threads: 5 - Priority: Normal - Visible: Non
Good: 1 - Bad: 0
View Details
Name: jusched.exe
Process ID: 2088
Path: C:\Program Files\Java\jre1.5.0_11\bin\jusched.exe
Info: Threads: 1 - Priority: Normal - Visible: Non
Good: 2 - Bad: 0
View Details
Name: zlclient.exe
Process ID: 2164
Path: C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
Info: Threads: 7 - Priority: Normal - Visible: Non
Good: 1 - Bad: 0
View Details
Name: AudioDeck.exe (AudioDeck)
Process ID: 2216
Path: C:\Program Files\VIA Technologies, Inc\VIA Audio Driver Setup Program\AudioDeck\AudioDeck.exe
Info: Threads: 2 - Priority: Normal - Visible: Oui
Good: 0 - Bad: 0
Unknown Item
Search at Google
Submit new process info
Name: avast.setup
Process ID: 3072
Path: C:\Program Files\Alwil Software\Avast4\setup\avast.setup
Info: Threads: 1 - Priority: Au dessous de la normale - Visible: Non
Good: 0 - Bad: 0
Unknown Item
Search at Google
Submit new process info
Name: hh.exe (Aide a-squared)
Process ID: 3816
Path: C:\WINDOWS\hh.exe
Info: Threads: 4 - Priority: Normal - Visible: Oui
Good: 0 - Bad: 0
Unknown Item
Search at Google
Submit new process info


Et ceci se rapporte au sujet de la machine Java

Status Name Command Description
N jusched jusched.exe Checks with Sun's Java updates site to see if newer Java versions are available. Visit http://java.sun.com or just run the Java Plug-In Control Panel
N SunJavaUpdateSched jusched.exe Checks with Sun's Java updates site to see if newer Java versions are available. Visit http://java.sun.com or just run the Java Plug-In Control Panel
X SunJavaUpdateSched scvhost.exe Added by the SDBOT-AVX WORM!
X SunJavaUpdateSched javamx.exe Added by the SDBOT-WI WORM!
X wmon jusched.exe Added by the AGOBOT-OW WORM!

Merci pour ton aide!!!!!!!!!!!!!!

24/02-2007 à 22:39Bonsoir PAZTO245
J'ai fait ce que tu me dis mais Avg Alert Manager, avg mail scanner et avg update sont tjrs présents..J'ai refais un autre scan avec toujours hijack et ils sont toujours là.Merci pour ton aide.Je t'envoie également le scan online que j'ai fait avec Asquared Antimalware et les détailsde l'analyse sur le logiciel Java.

Scan AsquaredHijack


Your used version of a-squared HiJackFree: 2.1.0.34
The current version of a-squared HiJackFree: 2.0.0.429

Your used operating system version: Windows XP Service Pack 2
The current version of your operating system: Windows XP Service Pack 2

Registry Autoruns: Result ToDo
Name: avast!
Path: C:\Program Files\ALWILS~1\Avast4\ashDisp.exe
Location: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
Good: 2 - Bad: 0
View Details
Name: VTPreset
Path: VTPreset.exe
Location: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
Good: 1 - Bad: 0
View Details
Name: AVG7_CC
Path: C:\Program Files\Grisoft\AVGFRE~1\avgcc.exe
Location: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
Good: 1 - Bad: 0
View Details
Name: a-squared
Path: C:\Program Files\a-squared Anti-Malware\a2guard.exe
Location: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
Good: 2 - Bad: 0
View Details
Name: SunJavaUpdateSched
Path: C:\Program Files\Java\jre1.5.0_11\bin\jusched.exe
Location: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
Good: 2 - Bad: 3
View Details Requires Attention!
Compare details with your local values
and/or search at Google
Name: Zone Labs Client
Path: C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
Location: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
Good: 2 - Bad: 0
View Details
Tricky and Other Autoruns: Result ToDo
Name: SET BLASTER
Path: A220 I5 D1 P330 T3
Location: autoexec.nt
Not checked Unknown Item
Search at Google
Name: dos
Path: high, umb
Location: config.nt
Not checked Unknown Item
Search at Google
Name: device
Path: %SystemRoot%\system32\himem.sys
Location: config.nt
Not checked Unknown Item
Search at Google
Name: files
Path: 40
Location: config.nt
Not checked Unknown Item
Search at Google
Name: device
Path: C:\Program Files\ALWILS~1\Avast4\aswmonds.sys
Location: config.nt
Not checked Unknown Item
Search at Google
Name: AudioDeck
Path:
Location: C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\
Not checked Unknown Item
Search at Google
Name: Mantenimiento con 1 clic
Path:
Location: C:\WINDOWS\tasks\
Not checked Unknown Item
Search at Google
Name: SA
Path:
Location: C:\WINDOWS\tasks\
Not checked Unknown Item
Search at Google
Name: CTFMON.EXE
Path: C:\WINDOWS\system32\CTFMON.EXE
Location: HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Run\
Not checked Unknown Item
Search at Google
Name: AVG7_Run
Path: C:\Program Files\Grisoft\AVGFRE~1\avgw.exe
Location: HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Run\
Not checked Unknown Item
Search at Google
Name: Shell
Path: Explorer.exe
Location: HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\
Not checked Unknown Item
Search at Google
Name: $GT;{22d6f312-b0f6-11d0-94ab-0080c74c7e95}
Path: C:\WINDOWS\inf\unregmp2.exe
Location: HKLM\Software\Microsoft\Active Setup\Installed Components\
Not checked Unknown Item
Search at Google
Name: $GT;{26923b43-4d38-484f-9b9e-de460746276c}
Path: C:\WINDOWS\system32\shmgrate.exe OCInstallUserConfigIE
Location: HKLM\Software\Microsoft\Active Setup\Installed Components\
Not checked Unknown Item
Search at Google
Name: $GT;{60B49E34-C7CC-11D0-8953-00A0C90347FF}MICROS
Path: RunDLL32 IEDKCS32.DLL,BrandIE4 SIGNUP
Location: HKLM\Software\Microsoft\Active Setup\Installed Components\
Not checked Unknown Item
Search at Google
Name: $GT;{881dd1c5-3dcf-431b-b061-f3f88e8be88a}
Path: C:\WINDOWS\system32\shmgrate.exe OCInstallUserConfigOE
Location: HKLM\Software\Microsoft\Active Setup\Installed Components\
Not checked Unknown Item
Search at Google
Name: {2C7339CF-2B09-4501-B3F3-F3508C9228ED}
Path: C:\WINDOWS\system32\regsvr32.exe
Location: HKLM\Software\Microsoft\Active Setup\Installed Components\
Not checked Unknown Item
Search at Google
Name: {44BBA840-CC51-11CF-AAFA-00AA00B6015C}
Path: "C:\Program Files\Outlook Express\setup50.exe"
Location: HKLM\Software\Microsoft\Active Setup\Installed Components\
Not checked Unknown Item
Search at Google
Name: {44BBA842-CC51-11CF-AAFA-00AA00B6015B}
Path: rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msnetmtg.inf,NetMtg.Install.PerUser.NT
Location: HKLM\Software\Microsoft\Active Setup\Installed Components\
Not checked Unknown Item
Search at Google
Name: {5945c046-1e7d-11d1-bc44-00c04fd912be}
Path: rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msmsgs.inf,BLC.QuietInstall.PerUser
Location: HKLM\Software\Microsoft\Active Setup\Installed Components\
Not checked Unknown Item
Search at Google
Name: {6BF52A52-394A-11d3-B153-00C04F79FAA6}
Path: rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\wmp.inf,PerUserStub
Location: HKLM\Software\Microsoft\Active Setup\Installed Components\
Not checked Unknown Item
Search at Google
Name: {7790769C-0471-11d2-AF11-00C04FA35D02}
Path: "C:\Program Files\Outlook Express\setup50.exe"
Location: HKLM\Software\Microsoft\Active Setup\Installed Components\
Not checked Unknown Item
Search at Google
Name: {89820200-ECBD-11cf-8B85-00AA005B4340}
Path: regsvr32.exe
Location: HKLM\Software\Microsoft\Active Setup\Installed Components\
Not checked Unknown Item
Search at Google
Name: {89820200-ECBD-11cf-8B85-00AA005B4383}
Path: C:\WINDOWS\system32\ie4uinit.exe
Location: HKLM\Software\Microsoft\Active Setup\Installed Components\
Not checked Unknown Item
Search at Google
Name: {89B4C1CD-B018-4511-B0A1-5476DBF70820}
Path: C:\WINDOWS\system32\Rundll32.exe C:\WINDOWS\system32\mscories.dll,Install
Location: HKLM\Software\Microsoft\Active Setup\Installed Components\
Not checked Unknown Item
Search at Google
Name: Fichier script VBScript
Path: C:\WINDOWS\System32\WScript.exe "%1" %*
Location: HKEY_CLASSES_ROOT\vbsfile\shell\open\command\
Not checked Unknown Item
Search at Google
Name: Fichier script crypté VBScript
Path: C:\WINDOWS\System32\WScript.exe "%1" %*
Location: HKEY_CLASSES_ROOT\vbefile\shell\open\command\
Not checked Unknown Item
Search at Google
Name: Fichier script JScript
Path: C:\WINDOWS\System32\WScript.exe "%1" %*
Location: HKEY_CLASSES_ROOT\jsfile\shell\open\command\
Not checked Unknown Item
Search at Google
Name: Fichier script crypté JScript
Path: C:\WINDOWS\System32\WScript.exe "%1" %*
Location: HKEY_CLASSES_ROOT\jsefile\shell\open\command\
Not checked Unknown Item
Search at Google
Name: Fichier de configuration de l'environnement d'exécution de scripts Windows
Path: C:\WINDOWS\System32\WScript.exe "%1" %*
Location: HKEY_CLASSES_ROOT\wshfile\shell\open\command\
Not checked Unknown Item
Search at Google
Name: Fichier script Windows
Path: C:\WINDOWS\System32\WScript.exe "%1" %*
Location: HKEY_CLASSES_ROOT\wsffile\shell\open\command\
Not checked Unknown Item
Search at Google
Name: Application
Path: "%1" %*
Location: HKEY_CLASSES_ROOT\exefile\shell\open\command\
Not checked Unknown Item
Search at Google
Name: Application MS-DOS
Path: "%1" %*
Location: HKEY_CLASSES_ROOT\comfile\shell\open\command\
Not checked Unknown Item
Search at Google
Name: Fichier de commande MS-DOS
Path: "%1" %*
Location: HKEY_CLASSES_ROOT\batfile\shell\open\command\
Not checked Unknown Item
Search at Google
Name: Écran de veille
Path: "%1"
Location: HKEY_CLASSES_ROOT\scrfile\shell\open\command\
Not checked Unknown Item
Search at Google
Name: Raccourci pour le programme MS-DOS
Path: "%1" %*
Location: HKEY_CLASSES_ROOT\piffile\shell\open\command\
Not checked Unknown Item
Search at Google
Name: SCRNSAVE.EXE
Path: C:\WINDOWS\system32\logon.scr
Location: HKCU\Control Panel\Desktop\
Not checked Unknown Item
Search at Google
Name: PostBootReminder
Path: C:\WINDOWS\system32\SHELL32.dll
Location: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\
Not checked Unknown Item
Search at Google
Name: CDBurn
Path: C:\WINDOWS\system32\SHELL32.dll
Location: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\
Not checked Unknown Item
Search at Google
Name: WebCheck
Path: C:\WINDOWS\system32\webcheck.dll
Location: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\
Not checked Unknown Item
Search at Google
Name: SysTray
Path: C:\WINDOWS\system32\stobject.dll
Location: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\
Not checked Unknown Item
Search at Google
Layered Service Providers (LSP): Result ToDo
Name: mswsock.dll
Path: %SystemRoot%\system32\
Location: HKLM\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\
Good: 1 - Bad: 0
View Details
Name: rsvpsp.dll
Path: %SystemRoot%\system32\
Location: HKLM\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\
Good: 1 - Bad: 0
View Details
Explorer And Browser Addons: Result ToDo
Name: Yahoo! Toolbar Helper
Path: C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
Location: HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects
ClsID: {02478D38-C3F9-4EFB-9B51-7695ECA05670}
Good: 1 - Bad: 0
View Details
Name:
Path: C:\Program Files\SPYBOT~1\SDHelper.dll
Location: HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects
ClsID: {53707962-6F74-2D53-2644-206D7942484F}
Good: 1 - Bad: 0
View Details
Name: SSVHelper Class
Path: C:\Program Files\Java\jre1.5.0_11\bin\ssv.dll
Location: HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects
ClsID: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43}
Good: 0 - Bad: 0
Unknown Item
Search at Google
Local Open Ports: Result ToDo
Port: 135 TCP
Path: C:\WINDOWS\system32\svchost.exe (Process ID: 940)
Good: 1 - Bad: 0
View Details
Port: 445 TCP
Path: system (Process ID: 4)
Good: 1 - Bad: 0
View Details
Port: 1025 TCP
Path: C:\WINDOWS\System32\alg.exe (Process ID: 1376)
Good: 1 - Bad: 1
View Details Requires Attention!
Compare details with your local values
and/or search at Google
Port: 10110 TCP
Path: C:\Program Files\Grisoft\AVGFRE~1\avgemc.exe (Process ID: 1756)
Good: 0 - Bad: 0
Unknown Item
Search at Google
Port: 12025 TCP
Path: C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe (Process ID: 624)
Good: 0 - Bad: 0
Unknown Item
Search at Google
Port: 12080 TCP
Path: C:\Program Files\Alwil Software\Avast4\ashWebSv.exe (Process ID: 1008)
Good: 0 - Bad: 0
Unknown Item
Search at Google
Port: 12110 TCP
Path: C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe (Process ID: 624)
Good: 0 - Bad: 0
Unknown Item
Search at Google
Port: 12119 TCP
Path: C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe (Process ID: 624)
Good: 0 - Bad: 0
Unknown Item
Search at Google
Port: 12143 TCP
Path: C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe (Process ID: 624)
Good: 0 - Bad: 0
Unknown Item
Search at Google
Port: 68 UDP
Path: C:\WINDOWS\System32\svchost.exe (Process ID: 1000)
Good: 1 - Bad: 0
View Details
Port: 123 UDP
Path: C:\WINDOWS\System32\svchost.exe (Process ID: 1000)
Good: 1 - Bad: 0
View Details
Port: 445 UDP
Path: system (Process ID: 4)
Good: 1 - Bad: 0
View Details
Port: 500 UDP
Path: C:\WINDOWS\system32\lsass.exe (Process ID: 716)
Good: 1 - Bad: 0
View Details
Port: 1041 UDP
Path: C:\Program Files\Internet Explorer\iexplore.exe (Process ID: 3892)
Good: 0 - Bad: 0
Unknown Item
Search at Google
Port: 1050 UDP
Path: C:\WINDOWS\system32\svchost.exe (Process ID: 1084)
Good: 0 - Bad: 0
Unknown Item
Search at Google
Port: 4500 UDP
Path: C:\WINDOWS\system32\lsass.exe (Process ID: 716)
Good: 0 - Bad: 0
Unknown Item
Search at Google
Running Processes: Result ToDo
Name: [System Process]
Process ID: 0
Path:
Info: Threads: 1 - Priority: N/A - Visible: Non
Good: 1 - Bad: 0
View Details
Name: System
Process ID: 4
Path:
Info: Threads: 60 - Priority: Normal - Visible: Non
Good: 1 - Bad: 0
View Details
Name: smss.exe
Process ID: 572
Path: C:\WINDOWS\System32\smss.exe
Info: Threads: 3 - Priority: Normal - Visible: Non
Good: 1 - Bad: 2
View Details Requires Attention!
Compare details with your local values
and/or search at Google
Name: ashMaiSv.exe
Process ID: 624
Path: C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
Info: Threads: 8 - Priority: Normal - Visible: Non
Good: 1 - Bad: 0
View Details
Name: csrss.exe
Process ID: 636
Path: C:\WINDOWS\system32\csrss.exe
Info: Threads: 10 - Priority: Normal - Visible: Non
Good: 1 - Bad: 3
View Details Requires Attention!
Compare details with your local values
and/or search at Google
Name: winlogon.exe
Process ID: 660
Path: C:\WINDOWS\system32\winlogon.exe
Info: Threads: 20 - Priority: Haut - Visible: Non
Good: 1 - Bad: 2
View Details Requires Attention!
Compare details with your local values
and/or search at Google
Name: services.exe
Process ID: 704
Path: C:\WINDOWS\system32\services.exe
Info: Threads: 16 - Priority: Normal - Visible: Non
Good: 1 - Bad: 3
View Details Requires Attention!
Compare details with your local values
and/or search at Google
Name: lsass.exe
Process ID: 716
Path: C:\WINDOWS\system32\lsass.exe
Info: Threads: 20 - Priority: Normal - Visible: Non
Good: 1 - Bad: 0
View Details
Name: a2HiJackFree.exe (a-squared HiJackFree)
Process ID: 780
Path: C:\Program Files\a-squared Anti-Malware\a2HiJackFree.exe
Info: Threads: 4 - Priority: Normal - Visible: Oui
Good: 1 - Bad: 0
View Details
Name: svchost.exe
Process ID: 860
Path: C:\WINDOWS\system32\svchost.exe
Info: Threads: 17 - Priority: Normal - Visible: Non
Good: 1 - Bad: 2
View Details Requires Attention!
Compare details with your local values
and/or search at Google
Name: svchost.exe
Process ID: 940
Path: C:\WINDOWS\system32\svchost.exe
Info: Threads: 11 - Priority: Normal - Visible: Non
Good: 1 - Bad: 2
View Details Requires Attention!
Compare details with your local values
and/or search at Google
Name: svchost.exe
Process ID: 1000
Path: C:\WINDOWS\System32\svchost.exe
Info: Threads: 85 - Priority: Normal - Visible: Non
Good: 1 - Bad: 2
View Details Requires Attention!
Compare details with your local values
and/or search at Google
Name: ashWebSv.exe
Process ID: 1008
Path: C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
Info: Threads: 17 - Priority: Normal - Visible: Non
Good: 1 - Bad: 0
View Details
Name: svchost.exe
Process ID: 1084
Path: C:\WINDOWS\system32\svchost.exe
Info: Threads: 7 - Priority: Normal - Visible: Non
Good: 1 - Bad: 2
View Details Requires Attention!
Compare details with your local values
and/or search at Google
Name: svchost.exe
Process ID: 1264
Path: C:\WINDOWS\system32\svchost.exe
Info: Threads: 7 - Priority: Normal - Visible: Non
Good: 1 - Bad: 2
View Details Requires Attention!
Compare details with your local values
and/or search at Google
Name: explorer.exe
Process ID: 1288
Path: C:\WINDOWS\Explorer.EXE
Info: Threads: 12 - Priority: Normal - Visible: Non
Good: 2 - Bad: 1
View Details Requires Attention!
Compare details with your local values
and/or search at Google
Name: avgcc.exe
Process ID: 1336
Path: C:\Program Files\Grisoft\AVGFRE~1\avgcc.exe
Info: Threads: 10 - Priority: Normal - Visible: Non
Good: 1 - Bad: 0
View Details
Name: alg.exe
Process ID: 1376
Path: C:\WINDOWS\System32\alg.exe
Info: Threads: 6 - Priority: Normal - Visible: Non
Good: 1 - Bad: 1
View Details Requires Attention!
Compare details with your local values
and/or search at Google
Name: spoolsv.exe
Process ID: 1464
Path: C:\WINDOWS\system32\spoolsv.exe
Info: Threads: 10 - Priority: Normal - Visible: Non
Good: 1 - Bad: 0
View Details
Name: LMonitor.exe
Process ID: 1496
Path: C:\Program Files\MSI\Live Update 3\LMonitor.exe
Info: Threads: 1 - Priority: Normal - Visible: Non
Good: 0 - Bad: 0
Unknown Item
Search at Google
Submit new process info
Name: ashDisp.exe
Process ID: 1512
Path: C:\Program Files\ALWILS~1\Avast4\ashDisp.exe
Info: Threads: 9 - Priority: Normal - Visible: Non
Good: 1 - Bad: 0
View Details
Name: aswUpdSv.exe
Process ID: 1604
Path: C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
Info: Threads: 3 - Priority: Normal - Visible: Non
Good: 1 - Bad: 0
View Details
Name: ashServ.exe
Process ID: 1680
Path: C:\Program Files\Alwil Software\Avast4\ashServ.exe
Info: Threads: 25 - Priority: Haut - Visible: Non
Good: 1 - Bad: 0
View Details
Name: avgamsvr.exe
Process ID: 1700
Path: C:\Program Files\Grisoft\AVGFRE~1\avgamsvr.exe
Info: Threads: 9 - Priority: Normal - Visible: Non
Good: 1 - Bad: 0
View Details
Name: avgupsvc.exe
Process ID: 1720
Path: C:\Program Files\Grisoft\AVGFRE~1\avgupsvc.exe
Info: Threads: 4 - Priority: Normal - Visible: Non
Good: 1 - Bad: 0
View Details
Name: avgemc.exe
Process ID: 1756
Path: C:\Program Files\Grisoft\AVGFRE~1\avgemc.exe
Info: Threads: 10 - Priority: Normal - Visible: Non
Good: 1 - Bad: 0
View Details
Name: vsmon.exe
Process ID: 1844
Path: C:\WINDOWS\system32\ZoneLabs\vsmon.exe
Info: Threads: 25 - Priority: Normal - Visible: Non
Good: 1 - Bad: 0
View Details
Name: a2guard.exe
Process ID: 2080
Path: C:\Program Files\a-squared Anti-Malware\a2guard.exe
Info: Threads: 5 - Priority: Normal - Visible: Non
Good: 1 - Bad: 0
View Details
Name: jusched.exe
Process ID: 2088
Path: C:\Program Files\Java\jre1.5.0_11\bin\jusched.exe
Info: Threads: 1 - Priority: Normal - Visible: Non
Good: 2 - Bad: 0
View Details
Name: zlclient.exe
Process ID: 2164
Path: C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
Info: Threads: 7 - Priority: Normal - Visible: Non
Good: 1 - Bad: 0
View Details
Name: AudioDeck.exe (AudioDeck)
Process ID: 2216
Path: C:\Program Files\VIA Technologies, Inc\VIA Audio Driver Setup Program\AudioDeck\AudioDeck.exe
Info: Threads: 2 - Priority: Normal - Visible: Oui
Good: 0 - Bad: 0
Unknown Item
Search at Google
Submit new process info
Name: avast.setup
Process ID: 3072
Path: C:\Program Files\Alwil Software\Avast4\setup\avast.setup
Info: Threads: 1 - Priority: Au dessous de la normale - Visible: Non
Good: 0 - Bad: 0
Unknown Item
Search at Google
Submit new process info
Name: hh.exe (Aide a-squared)
Process ID: 3816
Path: C:\WINDOWS\hh.exe
Info: Threads: 4 - Priority: Normal - Visible: Oui
Good: 0 - Bad: 0
Unknown Item
Search at Google
Submit new process info


Et ceci se rapporte au sujet de la machine Java

Status Name Command Description
N jusched jusched.exe Checks with Sun's Java updates site to see if newer Java versions are available. Visit http://java.sun.com or just run the Java Plug-In Control Panel
N SunJavaUpdateSched jusched.exe Checks with Sun's Java updates site to see if newer Java versions are available. Visit http://java.sun.com or just run the Java Plug-In Control Panel
X SunJavaUpdateSched scvhost.exe Added by the SDBOT-AVX WORM!
X SunJavaUpdateSched javamx.exe Added by the SDBOT-WI WORM!
X wmon jusched.exe Added by the AGOBOT-OW WORM!

Merci pour ton aide!!!!!!!!!!!!!!

24/02-2007 à 22:43Pardon, j'ai envoyé 2 fois le meme post....ça coince de temps en temps et comme je crains la deconnexion j'ai un peu trop appuye sur la pédale.