Bonjour, j’ai subi un virus ou un spyware dimanche dernier et depuis je recontre problème sur problème. Ma config est un windows XP SP2, portable Lenovo T61. Pourtant, j’ai Symantec Antivirus et Firewall. Le 1er symptôme a été que spybot ne peut plus se lancer même après réinstallation. J’ai un écran bleu si j’allume le PC avec le wifi actif. Si le wifi est inactif, j’arrive à utiliser normalement à me connecter à Internet via Firefox mais quand j’utilisais Internet explorer 6, cela plantait complètement le PC (impossible de faire alt+Ctrl+del). J’ai réparé internet explorer 6, cela a marché quelque temps puis a refait le problème. J’ai installé internet explorer 7, cela a marché quelque temps puis maintenant plante le pc au 1er appel. J’ai besoin d’internet explorer pour certaines applications professionnelles donc j’aimerais résoudre ce problème. Merci de votre aide.
Voici le log donné par Hijack this.
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 17:50:55, on 26/04/2009
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16414)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\ibmpmsvc.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
C:\WINDOWS\system32\ngvpnmgr.exe
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\Program Files\Common Files\Symantec Shared\ccProxy.exe
C:\Program Files\Symantec Client Security\Symantec Client Firewall\ISSVC.exe
C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\Drivers\trcboot.exe
C:\Program Files\IBM\Personal Communications\PCS_AGNT.EXE
C:\Program Files\ThinkPad\ConnectUtilities\AcPrfMgrSvc.exe
C:\Program Files\IBM\Mobility Client\artstartsvc.exe
C:\WINDOWS\system32\cisvc.exe
C:\Program Files\IBM\tivoli\dcd\client\ISSI\cds\CDSWinSrv.exe
C:\Program Files\Symantec Client Security\Symantec AntiVirus\DefWatch.exe
C:\Program Files\Juniper Networks\Common Files\dsNcService.exe
C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
C:\WINDOWS\system32\cmd.exe
C:\Program Files\c4ebreg\c4ebreg.exe
c:\sdwork\issimsvc.exe
C:\Program Files\Microsoft SQL Server\Mssql$JDELocal\BinnMSSQL$JDELOCAL\Binn\sqlservr.exe
C:\notes\ntmulti.exe
C:\Program Files\AT&T Network Client\NetCfgSv.EXE
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
C:\Program Files\Symantec Client Security\Symantec AntiVirus\SavRoam.exe
C:\Program Files\SolidDocuments\SolidConverterPDF\SCPDF\SolidPdfService.exe
C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
C:\Program Files\Symantec Client Security\Symantec AntiVirus\Rtvscan.exe
C:\Program Files\Symantec Client Security\Symantec Client Firewall\SymSPort.exe
C:\Program Files\IBM\tivoli\dcd\client\ISSI_jvm\jre\bin\java.exe
C:\WINDOWS\System32\TPHDEXLG.exe
C:\WINDOWS\system32\TpKmpSVC.exe
C:\WINDOWS\system32\Drivers\ldlcserv.exe
C:\Program Files\ThinkPad\ConnectUtilities\AcSvc.exe
C:\Program Files\ThinkPad\ConnectUtilities\SvcGuiHlpr.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\c4ebreg\isamtray.exe
C:\PROGRA~1\SYMANT~2\SYMANT~2\VPTray.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Microsoft ActiveSync\wcescomm.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\CommonTime\mNotes\CdzSvc.exe
C:\PROGRA~1\MICROS~3\rapimgr.exe
C:\Program Files\CommonTime\mNotes\cadenza.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\system32\cidaemon.exe
C:\Documents and Settings\Administrator\Desktop\HiJackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = go.microsoft.com…
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = go.microsoft.com…
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = go.microsoft.com…
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = go.microsoft.com…
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = w3.ibm.com…
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = 222.179.57.225:808
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\userinit.exe
O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Solid Converter PDF - {259F616C-A300-44F5-B04A-ED001A26C85C} - C:\Program Files\SolidDocuments\SolidConverterPDF\SCPDF\ExploreExtPDF.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: EoRezoBHO - {64F56FC1-1272-44CD-BA6E-39723696E350} - C:\Program Files\EoRezo\EoAdv\EoRezoBHO.dll (file missing)
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SearchHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: Programme d’aide de l’Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll
O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O2 - BHO: TBSB07827 - {F8DECFD3-B735-46DD-AFF9-D2D5F06FDC52} - C:\Program Files\IBM\Practitioner Portal Toolbar\gbsppietoolbar.dll
O3 - Toolbar: Solid Converter PDF - {259F616C-A300-44F5-B04A-ED001A26C85C} - C:\Program Files\SolidDocuments\SolidConverterPDF\SCPDF\ExploreExtPDF.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: Practitioner Portal Toolbar - {E7128DAA-707C-4552-AF47-906D4C610549} - C:\Program Files\IBM\Practitioner Portal Toolbar\gbsppietoolbar.dll
O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O4 - HKLM…\Run: [C4EBReg] “C:\Program Files\c4ebreg\c4ebreg.exe” /q
O4 - HKLM…\Run: [Isamtray] “C:\Program Files\c4ebreg\isamtray.exe”
O4 - HKLM…\Run: [ISSI Service] “c:\sdwork\issimsvc.exe”
O4 - HKLM…\Run: [vptray] C:\PROGRA~1\SYMANT~2\SYMANT~2\VPTray.exe
O4 - HKLM…\Run: [stgclean] c:\sdwork\w32main2.exe /cleanup
O4 - HKLM…\Run: [QuickTime Task] “C:\Program Files\QuickTime\qttask.exe” -atboottime
O4 - HKLM…\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM…\Run: [Google Desktop Search] “C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe” /startup
O4 - HKLM…\Run: [ccApp] “C:\Program Files\Common Files\Symantec Shared\ccApp.exe”
O4 - HKCU…\Run: [NetSP - restore settings on power failure] “C:\Program Files\AT&T Network client\NetSP.exe” -show
O4 - HKCU…\Run: [MSMSGS] “C:\Program Files\Messenger\msmsgs.exe” /background
O4 - HKCU…\Run: [H/PC Connection Agent] “C:\Program Files\Microsoft ActiveSync\wcescomm.exe”
O4 - HKCU…\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU…\Run: [Cadenza] C:\Program Files\CommonTime\mNotes\CdzSvc.exe
O4 - HKUS\S-1-5-18…\Run: [ctfmon.exe] C:\WINDOWS\system32\CTFMON.EXE (User ‘SYSTEM’)
O4 - HKUS.DEFAULT…\Run: [ctfmon.exe] C:\WINDOWS\system32\CTFMON.EXE (User ‘Default user’)
O4 - Global Startup: hpoddt01.exe.lnk = ?
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra ‘Tools’ menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra ‘Tools’ menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~3\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~3\INetRepl.dll
O9 - Extra ‘Tools’ menuitem: Créer un favori mobile… - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~3\INetRepl.dll
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - SolidConverterPDF - (no file) (HKCU)
O11 - Options group: [JAVA_IBM] Java (IBM)
O14 - IERESET.INF: START_PAGE_URL=http://w3.ibm.com
O15 - Trusted IP range: 172.26.248.87…
O15 - Trusted IP range: 172.26.248.84…
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - webscanner.kaspersky.fr…
O16 - DPF: {1ACECAFE-0015-0000-0000-ABCDEFFEDCBA} (Java2 Runtime Environment 1.5.0) - …
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - gfx1.hotmail.com…
O16 - DPF: {5F30F398-64B6-4D5B-AF59-164FB61F56A6} (One Force Compplanner) - comp.emea.workscape.com… […] master.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - update.microsoft.com… […] 0600100171
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - update.microsoft.com… […] 0600070546
O16 - DPF: {814EA0DA-E0D9-4AA4-833C-A1A6D38E79E9} (DASWebDownload Class) - das.microsoft.com… […] DASAct.cab
O16 - DPF: {9519B2A2-6592-4E41-8290-D0298459270C} (LNWebAssist Class) - w3.ibm.com…
O16 - DPF: {B1D21FC5-A742-4261-86F2-C7B7F1A31C5D} (JDEWebRTFEditU Control) - jde:90…
O16 - DPF: {CAFEEFAC-0015-0000-0000-ABCDEFFEDCBA} (Java2 Runtime Environment 1.5.0) - …
O16 - DPF: {E5F5D008-DD2C-4D32-977D-1A0ADF03058B} (JuniperSetupSP1 Control) - intranet.alfesca.fr… […] tupSP1.cab
O16 - DPF: {F9E542CE-C16A-47FA-B7A8-D88E5F1C5719} (JDEExcelAutoU Control) - 172.26.248.87:81…
O17 - HKLM\System\CCS\Services\Tcpip…{15AC09C7-E6AF-4A00-BD89-9F38FED9B9D4}: NameServer = 193.55.10.101,193.55.10.102
O17 - HKLM\System\CS2\Services\Tcpip…{15AC09C7-E6AF-4A00-BD89-9F38FED9B9D4}: NameServer = 193.55.10.101,193.55.10.102
O17 - HKLM\System\CS3\Services\Tcpip…{15AC09C7-E6AF-4A00-BD89-9F38FED9B9D4}: NameServer = 193.55.10.101,193.55.10.102
O17 - HKLM\System\CS4\Services\Tcpip…{15AC09C7-E6AF-4A00-BD89-9F38FED9B9D4}: NameServer = 193.55.10.101,193.55.10.102
O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL
O20 - Winlogon Notify: ACNotify - ACNotify.dll (file missing)
O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
O23 - Service: Ac Profile Manager Service (AcPrfMgrSvc) - Lenovo - C:\Program Files\ThinkPad\ConnectUtilities\AcPrfMgrSvc.exe
O23 - Service: Access Connections Main Service (AcSvc) - Lenovo - C:\Program Files\ThinkPad\ConnectUtilities\AcSvc.exe
O23 - Service: AppnNode - IBM Corporation - C:\WINDOWS\system32\Drivers\appnnode.exe
O23 - Service: Mobility Client (ArtourService) - IBM - C:\Program Files\IBM\Mobility Client\artsvc.exe
O23 - Service: IBM Mobility Client Start Utility (artstartsvc) - Unknown owner - C:\Program Files\IBM\Mobility Client\artstartsvc.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Network Proxy (ccProxy) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccProxy.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
O23 - Service: IBM DCD Standard Client (DCDClient-ISSI) (DCDClient-ISSI) - Unknown owner - C:\Program Files\IBM\tivoli\dcd\client\ISSI\cds\CDSWinSrv.exe
O23 - Service: Symantec AntiVirus Definition Watcher (DefWatch) - Symantec Corporation - C:\Program Files\Symantec Client Security\Symantec AntiVirus\DefWatch.exe
O23 - Service: Juniper Network Connect Service (dsNcService) - Juniper Networks - C:\Program Files\Juniper Networks\Common Files\dsNcService.exe
O23 - Service: Intel® PROSet/Wireless Event Log (EvtEng) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
O23 - Service: Google Desktop Manager 5.7.806.10245 (GoogleDesktopManager-061008-081103) - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: ThinkPad PM Service (IBMPMSVC) - Lenovo - C:\WINDOWS\system32\ibmpmsvc.exe
O23 - Service: Sony SPTI Service for DVE (ICDSPTSV) - Sony Corporation - C:\WINDOWS\system32\IcdSptSv.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: ISAM SMT Service (ISAMsmt) - Unknown owner - C:\Program Files\C4ebreg\isamsmt.exe (file missing)
O23 - Service: IBM Standard Asset Manager Service (ISAMSvc) - IBM Corp. - C:\Program Files\c4ebreg\c4ebreg.exe
O23 - Service: ISSI (ISSIMon) - IBM Corp. - c:\sdwork\issimsvc.exe
O23 - Service: IS Service (ISSVC) - Symantec Corporation - C:\Program Files\Symantec Client Security\Symantec Client Firewall\ISSVC.exe
O23 - Service: IBM Enterprise Extender (ldlcserv) - IBM Corporation - C:\WINDOWS\system32\Drivers\ldlcserv.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: Multi-user Cleanup Service - IBM Corp - C:\notes\ntmulti.exe
O23 - Service: My Help (MyHelp) - Unknown owner - C:\Program Files\IBM\My Help\plugins\com.ibm.myhelp.installer\service\MyHelpService.exe (file missing)
O23 - Service: Network Configuration Service (NetCfgSvr) - AT&T - C:\Program Files\AT&T Network Client\NetCfgSv.EXE
O23 - Service: Aventail VPN Client (NgVpnMgr) - Aventail Corporation - C:\WINDOWS\system32\ngvpnmgr.exe
O23 - Service: Intel® PROSet/Wireless Registry Service (RegSrvc) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
O23 - Service: Intel® PROSet/Wireless Service (S24EventMonitor) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
O23 - Service: SAVRoam (SavRoam) - symantec - C:\Program Files\Symantec Client Security\Symantec AntiVirus\SavRoam.exe
O23 - Service: SolidPDFConverterReadSpool (ScReadSpool) - VoyagerSoft, LLC - C:\Program Files\SolidDocuments\SolidConverterPDF\SCPDF\SolidPdfService.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
O23 - Service: Symantec AntiVirus - Symantec Corporation - C:\Program Files\Symantec Client Security\Symantec AntiVirus\Rtvscan.exe
O23 - Service: Symantec SecurePort (SymSecurePort) - Symantec Corporation - C:\Program Files\Symantec Client Security\Symantec Client Firewall\SymSPort.exe
O23 - Service: ThinkPad HDD APS Logging Service (TPHDEXLGSVC) - Lenovo. - C:\WINDOWS\System32\TPHDEXLG.exe
O23 - Service: IBM KCU Service (TpKmpSVC) - Unknown owner - C:\WINDOWS\system32\TpKmpSVC.exe
O23 - Service: IBM Trace Facility (TrcBoot) - IBM Corporation - C:\WINDOWS\system32\Drivers\trcboot.exe
–
End of file - 15909 bytes