Sujet Précédent Sujet Suivant

Fenetre CiD qui n'arrete pas de s'ouvrir

Résolu/Fermé
Coco - 17 août 2008 à 18:49
jfkpresident Messages postés 13404 Date d'inscription lundi 3 septembre 2007 Statut Contributeur sécurité Dernière intervention 5 janvier 2015 - 1 oct. 2008 à 20:33
Bonjour,
Voila mon probleme du moment:
J'ai des pages de publicitées CiD qui n'arretent pas de s'ouvrir!!
Comment faire pour ne plus en avoir!!
J'ai fais une analyse avec mon anti-virus, il n'a rien trouvé!
J'ai l'antivirus firewall de chez Orange
D'habitude il est vraiment efficace mais la il me dit qu'il n'y a rien.

Est ce que quelqu'un pourrais m'aider??
Ce serai tres gentil!! :)
A voir également:

14 réponses

Réponse 1 / 14
Coco
17 août 2008 à 20:43
j'ai supprimé le sponsor et msn et les CiD sont toujours la! donc merci a toi remih78 pour ton aide mais ce n'est pas ca!

Je vais essayer la soluce de jfkpresident pour savoir si c est ca
0
Réponse 2 / 14
Coco
17 août 2008 à 20:59
voila le rapport:

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 20:55:13, on 17/08/2008
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v7.00 (7.00.6001.18000)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Windows\RtHDVCpl.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe
C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
C:\Program Files\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe
C:\Program Files\HP\HP Software Update\hpwuSchd2.exe
C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
C:\Program Files\HP\Digital Imaging\bin\HpqSRmon.exe
C:\Program Files\Synaptics\SynTP\SynTPStart.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\Securitoo\Common\FSM32.EXE
C:\Windows\WindowsMobile\wmdc.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Windows\System32\rundll32.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\Orange\Player Orange\Orange Player.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\Hewlett-Packard\Shared\HpqToaster.exe
C:\Program Files\Securitoo\FSGUI\fsguidll.exe
C:\Windows\ehome\ehmsas.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Users\coco_niro\AppData\Roaming\Microsoft\Live Search\Notification-LiveSearch.exe
C:\Users\coco_niro\AppData\Roaming\Microsoft\Live Search\Mise-a-jour-LiveSearch.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Windows\system32\conime.exe
C:\Program Files\Internet Explorer\ieuser.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\Windows\system32\Macromed\Flash\FlashUtil9f.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr?cobrand=hp-notebook.msn.com&ocid=HPDHP&pc=HPNTDF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://home.sweetim.com/
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=C:\Windows\system32\userinit.exe
O1 - Hosts: ::1 localhost
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Iminent.SearchTheWeb.HelperObject - {0E896FCA-D07E-45FE-901F-6A26FCF59C02} - mscoree.dll (file missing)
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [SMSERIAL] C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe
O4 - HKLM\..\Run: [QlbCtrl] %ProgramFiles%\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start
O4 - HKLM\..\Run: [HP Health Check Scheduler] C:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe
O4 - HKLM\..\Run: [hpWirelessAssistant] %ProgramFiles%\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
O4 - HKLM\..\Run: [WAWifiMessage] %ProgramFiles%\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [Symantec PIF AlertEng] "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" /a /m "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\AlertEng.dll"
O4 - HKLM\..\Run: [hpqSRMon] C:\Program Files\HP\Digital Imaging\bin\hpqSRMon.exe
O4 - HKLM\..\Run: [SynTPStart] C:\Program Files\Synaptics\SynTP\SynTPStart.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [NvSvc] RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [F-Secure Manager] "C:\Program Files\Securitoo\Common\FSM32.EXE" /splash
O4 - HKLM\..\Run: [F-Secure TNB] "C:\Program Files\Securitoo\FSGUI\TNBUtil.exe" /CHECKALL /WAITFORSW
O4 - HKLM\..\Run: [Windows Mobile Device Center] %windir%\WindowsMobile\wmdc.exe
O4 - HKLM\..\RunOnce: [Launcher] %WINDIR%\SMINST\launcher.exe
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [OrangePlayer] C:\Program Files\Orange\Player Orange\Orange Player.exe /systray
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKCU\..\Run: [1 eq] "C:\ProgramData\warn default default.otzbmc"
O4 - HKCU\..\Run: [warn default inter for] "C:\ProgramData\Bat Mode Hide.mrqzb"
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU')
O4 - Startup: Outil de notification Live Search.lnk = C:\Users\coco_niro\AppData\Roaming\Microsoft\Live Search\Notification-LiveSearch.exe
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra button: Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra 'Tools' menuitem: @C:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O13 - Gopher Prefix:
O16 - DPF: {04CB5B64-5915-4629-B869-8945CEBADD21} (Module de délivrance de certificat MINEFI) - https://static.impots.gouv.fr/abos/static/securite/certdgi1.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx1.hotmail.com/mail/w2/resources/VistaMSNPUpldfr-fr.cab
O16 - DPF: {7FC1B346-83E6-4774-8D20-1A6B09B0E737} (Windows Live Photo Upload Control) - http://cocotimy0.spaces.live.com/PhotoUpload/VistaMsnPUpldfr-fr.cab
O16 - DPF: {BA162249-F2C5-4851-8ADC-FC58CB424243} - http://copainsdavant.linternaute.com/html_include_bibliotheque/objimageuploader/5.1.1.0/ImageUploader5.cab
O16 - DPF: {D6E7CFB5-C074-4D1C-B647-663D1A8D96BF} (Facebook Photo Uploader 4) - http://upload.facebook.com/controls/FacebookPhotoUploader4_5.cab
O23 - Service: FSGKHS (F-Secure Gatekeeper Handler Starter) - F-Secure Corporation - C:\Program Files\Securitoo\Anti-Virus\fsgk32st.exe
O23 - Service: F-Secure Automatic Update Agent (FSAUA) - F-Secure Corporation - C:\Program Files\Securitoo\FSAUA\program\fsaua.exe
O23 - Service: F-Secure Anti-Virus Firewall Daemon (FSDFWD) - F-Secure Corporation - C:\Program Files\Securitoo\FWES\Program\fsdfwd.exe
O23 - Service: F-Secure Management Agent (FSMA) - F-Secure Corporation - C:\Program Files\Securitoo\Common\FSMA32.EXE
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: HP Health Check Service - Hewlett-Packard - C:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe
O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: LiveUpdate Notice Service Ex (LiveUpdate Notice Ex) - Unknown owner - c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (file missing)
O23 - Service: LiveUpdate Notice Service - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
O23 - Service: RoxMediaDB9 - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe
O23 - Service: stllssvr - MicroVision Development, Inc. - C:\Program Files\Common Files\SureThing Shared\stllssvr.exe
0
Réponse 3 / 14
Coco
17 août 2008 à 22:39
Y aurait-il quelqu'un pour m'aider???
0
Réponse 4 / 14
Coco
18 août 2008 à 06:53
Je pensais avoir bien désinstallé Norton avant d'installer l'antivirus orange!

Voila le rapport:


--------------------\\ Lop S&D 4.2.3-0 XP/Vista

[ Windows VISTA (NT 6.0) Workstation Build 6001, Service Pack 1 ]
[ USER : coco_niro ] [ "C:\Lop SD" ] [ Selection : 1 ]
[ 18/08/2008 | 6:40:08 ] [ PC : PC-DE-COCO_NIRO (Proc:x86) ]
[ MAJ : 17-08-2008 | 01:58 ]
[ UAC => 1 ]

--------------------\\ Listing des dossiers dans Local

[25/11/2007|16:45] C:\Users\COCO_N~1\AppData\Local\Adobe
[13/11/2007|17:45] C:\Users\COCO_N~1\AppData\Local\Application Data
[13/11/2007|18:11] C:\Users\COCO_N~1\AppData\Local\AtStart.txt
[19/04/2008|08:47] C:\Users\COCO_N~1\AppData\Local\Bitmanagement Software
[21/02/2008|15:26] C:\Users\COCO_N~1\AppData\Local\d3d9caps.dat
[28/07/2008|20:51] C:\Users\COCO_N~1\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[13/11/2007|18:11] C:\Users\COCO_N~1\AppData\Local\DSwitch.txt
[12/12/2007|23:46] C:\Users\COCO_N~1\AppData\Local\GDIPFONTCACHEV1.DAT
[13/11/2007|20:11] C:\Users\COCO_N~1\AppData\Local\Google
[13/11/2007|17:45] C:\Users\COCO_N~1\AppData\Local\Historique
[13/11/2007|20:11] C:\Users\COCO_N~1\AppData\Local\HP
[17/08/2008|22:48] C:\Users\COCO_N~1\AppData\Local\IconCache.db
[29/12/2007|12:43] C:\Users\COCO_N~1\AppData\Local\Iminent
[16/11/2007|09:42] C:\Users\COCO_N~1\AppData\Local\IsolatedStorage
[25/11/2007|03:20] C:\Users\COCO_N~1\AppData\Local\MessLive
[07/07/2008|06:42] C:\Users\COCO_N~1\AppData\Local\Microsoft
[20/11/2007|17:16] C:\Users\COCO_N~1\AppData\Local\Microsoft Games
[19/05/2008|18:04] C:\Users\COCO_N~1\AppData\Local\Mozilla
[13/11/2007|18:11] C:\Users\COCO_N~1\AppData\Local\QSwitch.txt
[16/02/2008|13:44] C:\Users\COCO_N~1\AppData\Local\QuickPlay
[18/08/2008|06:37] C:\Users\COCO_N~1\AppData\Local\Temp
[13/11/2007|17:45] C:\Users\COCO_N~1\AppData\Local\Temporary Internet Files
[28/11/2007|23:30] C:\Users\COCO_N~1\AppData\Local\VirtualStore

--------------------\\ Tâches planifiées dans C:\Windows\tasks

[18/08/2008 06:05][--a------] C:\Windows\tasks\Scheduled scanning task.job
[17/08/2008 20:36][--ah-----] C:\Windows\tasks\User_Feed_Synchronization-{DF42D40C-224E-4464-956E-761246259D3B}.job
[18/08/2008 06:05][--ah-----] C:\Windows\tasks\SA.DAT
[17/08/2008 22:48][--a------] C:\Windows\tasks\SCHEDLGU.TXT

--------------------\\ Listing des dossiers dans C:\ProgramData

[18/05/2007|03:47] C:\ProgramData\{623D32E9-0C62-4453-AD44-98B31F52A5E1}
[10/02/2008|09:48] C:\ProgramData\Adobe
[13/11/2007|17:41] C:\ProgramData\Application Data
[12/02/2008|20:58] C:\ProgramData\Azureus
[13/08/2008|00:16] C:\ProgramData\Bat Mode Hide.mrqzb
[13/11/2007|17:41] C:\ProgramData\Bureau
[26/11/2007|17:11] C:\ProgramData\CyberLink
[13/11/2007|17:41] C:\ProgramData\Documents
[13/11/2007|17:41] C:\ProgramData\Favoris
[15/07/2008|22:10] C:\ProgramData\F-Secure
[15/07/2008|22:07] C:\ProgramData\fssg
[18/05/2007|03:59] C:\ProgramData\Google
[18/05/2007|04:23] C:\ProgramData\Hewlett-Packard
[13/11/2007|19:56] C:\ProgramData\HP
[26/11/2007|18:38] C:\ProgramData\hpzinstall.log
[15/08/2008|04:32] C:\ProgramData\Knob Memo Locks
[13/11/2007|17:41] C:\ProgramData\Menu D‚marrer
[18/08/2008|06:06] C:\ProgramData\Messenger Plus!
[31/12/2007|09:28] C:\ProgramData\Microsoft
[14/08/2008|19:10] C:\ProgramData\Microsoft Help
[13/11/2007|17:41] C:\ProgramData\ModŠles
[18/05/2007|03:28] C:\ProgramData\Roxio
[18/05/2007|03:23] C:\ProgramData\Sonic
[03/01/2008|22:48] C:\ProgramData\Spybot - Search & Destroy
[12/08/2008|23:36] C:\ProgramData\SweetIM
[13/08/2008|00:16] C:\ProgramData\Time Dead Warn Default
[07/01/2008|02:42] C:\ProgramData\warn default default.326u5
[07/01/2008|00:53] C:\ProgramData\warn default default.6bshu4t
[04/01/2008|21:58] C:\ProgramData\warn default default.75czx
[07/01/2008|01:15] C:\ProgramData\warn default default.a5v6pmf
[07/01/2008|01:59] C:\ProgramData\warn default default.cw4k6jm
[26/12/2007|14:16] C:\ProgramData\warn default default.g3pxp1p
[07/01/2008|02:21] C:\ProgramData\warn default default.h1ewx
[07/01/2008|03:04] C:\ProgramData\warn default default.im0u3
[07/01/2008|00:31] C:\ProgramData\warn default default.iq7to
[06/01/2008|23:48] C:\ProgramData\warn default default.lfox83
[07/01/2008|03:26] C:\ProgramData\warn default default.ljyi0w
[04/01/2008|21:58] C:\ProgramData\warn default default.nlmpp
[13/08/2008|00:15] C:\ProgramData\warn default default.otzbmc
[07/01/2008|00:10] C:\ProgramData\warn default default.qjwy40w
[07/01/2008|01:37] C:\ProgramData\warn default default.t8xvij
[13/08/2008|00:15] C:\ProgramData\warn default default.w2vme
[17/08/2008|20:45] C:\ProgramData\WLInstaller

--------------------\\ Listing des dossiers dans C:\Program Files

[18/05/2007|03:47] C:\Program Files\Activation Assistant for the 2007 Microsoft Office suites
[01/07/2008|20:36] C:\Program Files\Adobe
[23/05/2008|17:40] C:\Program Files\Azureus
[19/04/2008|08:47] C:\Program Files\Bitmanagement Software
[23/05/2008|18:38] C:\Program Files\BitTyrant
[24/04/2008|10:15] C:\Program Files\Common Files
[02/07/2008|22:31] C:\Program Files\desktop.ini
[20/11/2007|17:49] C:\Program Files\directx
[18/05/2007|03:59] C:\Program Files\EasyBits
[13/11/2007|17:41] C:\Program Files\Fichiers communs [C:\Program Files\Common Files]
[24/11/2007|17:59] C:\Program Files\Google
[18/05/2007|04:17] C:\Program Files\Hewlett-Packard
[26/11/2007|18:37] C:\Program Files\HP
[18/05/2007|04:06] C:\Program Files\HPQ
[15/11/2007|19:10] C:\Program Files\Illustrate
[13/08/2008|20:19] C:\Program Files\Iminent
[01/03/2008|11:03] C:\Program Files\InstallShield Installation Information
[18/05/2007|03:09] C:\Program Files\Intel
[02/07/2008|22:19] C:\Program Files\Internet Explorer
[20/04/2008|22:45] C:\Program Files\Java
[19/05/2008|19:00] C:\Program Files\LimeWire
[25/11/2007|09:00] C:\Program Files\Live-Prod
[15/11/2007|20:03] C:\Program Files\MatroskaProp
[17/08/2008|17:22] C:\Program Files\Messenger
[17/08/2008|21:19] C:\Program Files\Messenger Plus! Live
[26/11/2007|04:18] C:\Program Files\Microsoft CAPICOM 2.1.0.2
[02/11/2006|14:37] C:\Program Files\Microsoft Games
[18/05/2007|03:45] C:\Program Files\Microsoft Office
[02/07/2008|19:22] C:\Program Files\Microsoft Silverlight
[29/11/2007|00:20] C:\Program Files\Microsoft SQL Server Compact Edition
[18/05/2007|03:46] C:\Program Files\Microsoft Works
[18/05/2007|03:45] C:\Program Files\Microsoft.NET
[18/05/2007|02:48] C:\Program Files\Motorola
[02/07/2008|22:19] C:\Program Files\Movie Maker
[26/07/2008|20:12] C:\Program Files\Mozilla Firefox
[02/11/2006|14:37] C:\Program Files\MSBuild
[26/11/2007|04:04] C:\Program Files\MSXML 4.0
[01/02/2008|17:45] C:\Program Files\Orange
[25/02/2008|21:24] C:\Program Files\QuickTime
[18/02/2008|23:32] C:\Program Files\Real
[18/05/2007|04:04] C:\Program Files\Realtek
[02/11/2006|14:37] C:\Program Files\Reference Assemblies
[18/05/2007|03:28] C:\Program Files\Roxio
[01/03/2008|11:03] C:\Program Files\SAGEM
[15/07/2008|22:37] C:\Program Files\Securitoo
[18/05/2007|04:00] C:\Program Files\Services en ligne
[12/12/2007|23:42] C:\Program Files\SP38015
[03/01/2008|22:49] C:\Program Files\Spybot - Search & Destroy
[18/05/2007|02:54] C:\Program Files\Synaptics
[17/08/2008|20:54] C:\Program Files\Trend Micro
[02/11/2006|15:01] C:\Program Files\Uninstall Information
[23/05/2008|21:02] C:\Program Files\uTorrent
[24/04/2008|10:15] C:\Program Files\Vodafone
[26/11/2007|20:28] C:\Program Files\Wanadoo
[02/07/2008|22:19] C:\Program Files\Windows Calendar
[02/07/2008|22:19] C:\Program Files\Windows Collaboration
[02/07/2008|22:19] C:\Program Files\Windows Defender
[02/07/2008|22:19] C:\Program Files\Windows Journal
[27/02/2008|16:47] C:\Program Files\Windows Live
[07/02/2008|22:09] C:\Program Files\Windows Live Toolbar
[14/08/2008|19:13] C:\Program Files\Windows Mail
[02/07/2008|22:19] C:\Program Files\Windows Media Player
[13/11/2007|17:41] C:\Program Files\Windows NT
[02/07/2008|22:19] C:\Program Files\Windows Photo Gallery
[02/07/2008|22:19] C:\Program Files\Windows Sidebar
[24/11/2007|18:22] C:\Program Files\WinRAR

--------------------\\ Listing des dossiers dans C:\Program Files\Common Files

[10/02/2008|09:48] C:\Program Files\Common Files\Adobe
[18/05/2007|03:45] C:\Program Files\Common Files\DESIGNER
[26/11/2007|20:42] C:\Program Files\Common Files\France Telecom
[18/05/2007|03:57] C:\Program Files\Common Files\HP
[18/05/2007|04:04] C:\Program Files\Common Files\InstallShield
[18/05/2007|04:22] C:\Program Files\Common Files\Java
[18/05/2007|04:06] C:\Program Files\Common Files\LightScribe
[05/05/2008|17:46] C:\Program Files\Common Files\microsoft shared
[19/02/2008|15:23] C:\Program Files\Common Files\Real
[18/05/2007|03:27] C:\Program Files\Common Files\Roxio Shared
[02/11/2006|13:18] C:\Program Files\Common Files\Services
[18/05/2007|03:27] C:\Program Files\Common Files\Sonic Shared
[02/11/2006|13:18] C:\Program Files\Common Files\SpeechEngines
[18/05/2007|03:28] C:\Program Files\Common Files\SureThing Shared
[18/08/2008|06:30] C:\Program Files\Common Files\Symantec Shared
[02/07/2008|22:19] C:\Program Files\Common Files\System
[24/11/2007|18:32] C:\Program Files\Common Files\WindowsLiveInstaller
[24/04/2008|10:15] C:\Program Files\Common Files\Wise Installation Wizard

--------------------\\ Process

( 85 Processus )

iexplore.exe ~ [PID:2244] ~ [Threads:14]
iexplore.exe ~ [PID:4428] ~ [Threads:5]
iexplore.exe ~ [PID:4452] ~ [Threads:36]

--------------------\\ Recherche avec S_Lop

C:\ProgramData\Bat Mode Hide.mrqzb
C:\ProgramData\warn default default.326u5
C:\ProgramData\warn default default.75czx
C:\ProgramData\warn default default.h1ewx
C:\ProgramData\warn default default.im0u3
C:\ProgramData\warn default default.iq7to
C:\ProgramData\warn default default.nlmpp
C:\ProgramData\warn default default.w2vme
C:\ProgramData\warn default default.lfox83
C:\ProgramData\warn default default.ljyi0w
C:\ProgramData\warn default default.otzbmc
C:\ProgramData\warn default default.t8xvij
C:\ProgramData\warn default default.6bshu4t
C:\ProgramData\warn default default.a5v6pmf
C:\ProgramData\warn default default.cw4k6jm
C:\ProgramData\warn default default.g3pxp1p
C:\ProgramData\warn default default.qjwy40w
C:\Users\COCO_N~1\AppData\Local\Temp\bis9481.exe

--------------------\\ Recherche de Fichiers / Dossiers Lop

C:\ProgramData\Time Dead Warn Default
C:\ProgramData\Time Dead Warn Default\stupid third.exe
C:\Users\COCO_N~1\AppData\Roaming\MICROS~1\Windows\Cookies\coco_niro@adopt.euroclick[2].txt

--------------------\\ Verification du Registre

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"warn default inter for"="\"C:\\ProgramData\\Bat Mode Hide.mrqzb\""
"1 eq"="\"C:\\ProgramData\\warn default default.otzbmc\""

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

--------------------\\ Verification du fichier Hosts

Fichier Hosts PROPRE


--------------------\\ Recherche de fichiers avec Catchme

catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-08-18 06:40:51
Windows 6.0.6001 Service Pack 1 NTFS
scanning hidden processes ...
scanning hidden files ...
scan completed successfully
hidden processes: 0
hidden files: 15

--------------------\\ Recherche d'autres infections


Aucune autre infection trouvée !

[F:1498][D:43]-> C:\Users\COCO_N~1\AppData\Local\Temp
[F:214][D:1]-> C:\Users\COCO_N~1\AppData\Roaming\MICROS~1\Windows\Cookies
[F:145][D:16]-> C:\Users\COCO_N~1\AppData\Local\MICROS~1\Windows\TEMPOR~1\content.IE5
[F:12][D:5]-> C:\$Recycle.Bin

--------------------\\ Fin du rapport a 6:44:33,84
[ UAC => 1 ]
0

Vous n’avez pas trouvé la réponse que vous recherchez ?

Posez votre question
Réponse 5 / 14
Coco
19 août 2008 à 06:58
dsl de ne pas t'avoir repondu hier gt pa chez mo!

rapport de LopS&D:


--------------------\\ Lop S&D 4.2.3-0 XP/Vista

[ Windows VISTA (NT 6.0) Workstation Build 6001, Service Pack 1 ]
[ USER : coco_niro ] [ "C:\Lop SD" ] [ Selection : 2 ]
[ 19/08/2008 | 6:47:21 ] [ PC : PC-DE-COCO_NIRO (Proc:x86) ]
[ MAJ : 17-08-2008 | 01:58 ]
[ UAC => 1 ]


\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\ SUPPRESSION

Supprime! - C:\ProgramData\Time Dead Warn Default\stupid third.exe
Supprime! - C:\Users\COCO_N~1\AppData\Roaming\MICROS~1\Windows\Cookies\coco_niro@adopt.euroclick[2].txt
Supprime! - C:\ProgramData\Bat Mode Hide.mrqzb
Supprime! - C:\ProgramData\warn default default.326u5
Supprime! - C:\ProgramData\warn default default.75czx
Supprime! - C:\ProgramData\warn default default.h1ewx
Supprime! - C:\ProgramData\warn default default.im0u3
Supprime! - C:\ProgramData\warn default default.iq7to
Supprime! - C:\ProgramData\warn default default.nlmpp
Supprime! - C:\ProgramData\warn default default.w2vme
Supprime! - C:\ProgramData\warn default default.lfox83
Supprime! - C:\ProgramData\warn default default.ljyi0w
Supprime! - C:\ProgramData\warn default default.otzbmc
Supprime! - C:\ProgramData\warn default default.t8xvij
Supprime! - C:\ProgramData\warn default default.6bshu4t
Supprime! - C:\ProgramData\warn default default.a5v6pmf
Supprime! - C:\ProgramData\warn default default.cw4k6jm
Supprime! - C:\ProgramData\warn default default.g3pxp1p
Supprime! - C:\ProgramData\warn default default.qjwy40w
Supprime! - C:\Users\COCO_N~1\AppData\Local\Temp\bis9481.exe
Supprime! - C:\ProgramData\Time Dead Warn Default
-
[ Fichier Hosts ] .. Restaure!

\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\


--------------------\\ Listing des dossiers dans Local

[25/11/2007|16:45] C:\Users\COCO_N~1\AppData\Local\Adobe
[13/11/2007|17:45] C:\Users\COCO_N~1\AppData\Local\Application Data
[13/11/2007|18:11] C:\Users\COCO_N~1\AppData\Local\AtStart.txt
[19/04/2008|08:47] C:\Users\COCO_N~1\AppData\Local\Bitmanagement Software
[21/02/2008|15:26] C:\Users\COCO_N~1\AppData\Local\d3d9caps.dat
[28/07/2008|20:51] C:\Users\COCO_N~1\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[13/11/2007|18:11] C:\Users\COCO_N~1\AppData\Local\DSwitch.txt
[12/12/2007|23:46] C:\Users\COCO_N~1\AppData\Local\GDIPFONTCACHEV1.DAT
[13/11/2007|20:11] C:\Users\COCO_N~1\AppData\Local\Google
[13/11/2007|17:45] C:\Users\COCO_N~1\AppData\Local\Historique
[13/11/2007|20:11] C:\Users\COCO_N~1\AppData\Local\HP
[17/08/2008|22:48] C:\Users\COCO_N~1\AppData\Local\IconCache.db
[29/12/2007|12:43] C:\Users\COCO_N~1\AppData\Local\Iminent
[16/11/2007|09:42] C:\Users\COCO_N~1\AppData\Local\IsolatedStorage
[25/11/2007|03:20] C:\Users\COCO_N~1\AppData\Local\MessLive
[07/07/2008|06:42] C:\Users\COCO_N~1\AppData\Local\Microsoft
[20/11/2007|17:16] C:\Users\COCO_N~1\AppData\Local\Microsoft Games
[19/05/2008|18:04] C:\Users\COCO_N~1\AppData\Local\Mozilla
[13/11/2007|18:11] C:\Users\COCO_N~1\AppData\Local\QSwitch.txt
[16/02/2008|13:44] C:\Users\COCO_N~1\AppData\Local\QuickPlay
[19/08/2008|06:47] C:\Users\COCO_N~1\AppData\Local\Temp
[13/11/2007|17:45] C:\Users\COCO_N~1\AppData\Local\Temporary Internet Files
[28/11/2007|23:30] C:\Users\COCO_N~1\AppData\Local\VirtualStore

--------------------\\ Tâches planifiées dans C:\Windows\tasks

[19/08/2008 06:24][--a------] C:\Windows\tasks\Scheduled scanning task.job
[19/08/2008 06:25][--ah-----] C:\Windows\tasks\User_Feed_Synchronization-{DF42D40C-224E-4464-956E-761246259D3B}.job
[19/08/2008 06:24][--ah-----] C:\Windows\tasks\SA.DAT
[17/08/2008 22:48][--a------] C:\Windows\tasks\SCHEDLGU.TXT

--------------------\\ Listing des dossiers dans C:\ProgramData

[18/05/2007|03:47] C:\ProgramData\{623D32E9-0C62-4453-AD44-98B31F52A5E1}
[10/02/2008|09:48] C:\ProgramData\Adobe
[13/11/2007|17:41] C:\ProgramData\Application Data
[12/02/2008|20:58] C:\ProgramData\Azureus
[13/11/2007|17:41] C:\ProgramData\Bureau
[26/11/2007|17:11] C:\ProgramData\CyberLink
[13/11/2007|17:41] C:\ProgramData\Documents
[13/11/2007|17:41] C:\ProgramData\Favoris
[15/07/2008|22:10] C:\ProgramData\F-Secure
[15/07/2008|22:07] C:\ProgramData\fssg
[18/05/2007|03:59] C:\ProgramData\Google
[18/05/2007|04:23] C:\ProgramData\Hewlett-Packard
[13/11/2007|19:56] C:\ProgramData\HP
[26/11/2007|18:38] C:\ProgramData\hpzinstall.log
[15/08/2008|04:32] C:\ProgramData\Knob Memo Locks
[13/11/2007|17:41] C:\ProgramData\Menu D‚marrer
[18/08/2008|06:06] C:\ProgramData\Messenger Plus!
[31/12/2007|09:28] C:\ProgramData\Microsoft
[14/08/2008|19:10] C:\ProgramData\Microsoft Help
[13/11/2007|17:41] C:\ProgramData\ModŠles
[18/05/2007|03:28] C:\ProgramData\Roxio
[18/05/2007|03:23] C:\ProgramData\Sonic
[03/01/2008|22:48] C:\ProgramData\Spybot - Search & Destroy
[12/08/2008|23:36] C:\ProgramData\SweetIM
[17/08/2008|20:45] C:\ProgramData\WLInstaller

--------------------\\ Listing des dossiers dans C:\Program Files

[18/05/2007|03:47] C:\Program Files\Activation Assistant for the 2007 Microsoft Office suites
[01/07/2008|20:36] C:\Program Files\Adobe
[23/05/2008|17:40] C:\Program Files\Azureus
[19/04/2008|08:47] C:\Program Files\Bitmanagement Software
[23/05/2008|18:38] C:\Program Files\BitTyrant
[24/04/2008|10:15] C:\Program Files\Common Files
[02/07/2008|22:31] C:\Program Files\desktop.ini
[20/11/2007|17:49] C:\Program Files\directx
[18/05/2007|03:59] C:\Program Files\EasyBits
[13/11/2007|17:41] C:\Program Files\Fichiers communs [C:\Program Files\Common Files]
[24/11/2007|17:59] C:\Program Files\Google
[18/05/2007|04:17] C:\Program Files\Hewlett-Packard
[26/11/2007|18:37] C:\Program Files\HP
[18/05/2007|04:06] C:\Program Files\HPQ
[15/11/2007|19:10] C:\Program Files\Illustrate
[13/08/2008|20:19] C:\Program Files\Iminent
[01/03/2008|11:03] C:\Program Files\InstallShield Installation Information
[18/05/2007|03:09] C:\Program Files\Intel
[02/07/2008|22:19] C:\Program Files\Internet Explorer
[20/04/2008|22:45] C:\Program Files\Java
[19/05/2008|19:00] C:\Program Files\LimeWire
[25/11/2007|09:00] C:\Program Files\Live-Prod
[15/11/2007|20:03] C:\Program Files\MatroskaProp
[17/08/2008|17:22] C:\Program Files\Messenger
[17/08/2008|21:19] C:\Program Files\Messenger Plus! Live
[26/11/2007|04:18] C:\Program Files\Microsoft CAPICOM 2.1.0.2
[02/11/2006|14:37] C:\Program Files\Microsoft Games
[18/05/2007|03:45] C:\Program Files\Microsoft Office
[02/07/2008|19:22] C:\Program Files\Microsoft Silverlight
[29/11/2007|00:20] C:\Program Files\Microsoft SQL Server Compact Edition
[18/05/2007|03:46] C:\Program Files\Microsoft Works
[18/05/2007|03:45] C:\Program Files\Microsoft.NET
[18/05/2007|02:48] C:\Program Files\Motorola
[02/07/2008|22:19] C:\Program Files\Movie Maker
[26/07/2008|20:12] C:\Program Files\Mozilla Firefox
[02/11/2006|14:37] C:\Program Files\MSBuild
[26/11/2007|04:04] C:\Program Files\MSXML 4.0
[01/02/2008|17:45] C:\Program Files\Orange
[25/02/2008|21:24] C:\Program Files\QuickTime
[18/02/2008|23:32] C:\Program Files\Real
[18/05/2007|04:04] C:\Program Files\Realtek
[02/11/2006|14:37] C:\Program Files\Reference Assemblies
[18/05/2007|03:28] C:\Program Files\Roxio
[01/03/2008|11:03] C:\Program Files\SAGEM
[15/07/2008|22:37] C:\Program Files\Securitoo
[18/05/2007|04:00] C:\Program Files\Services en ligne
[12/12/2007|23:42] C:\Program Files\SP38015
[03/01/2008|22:49] C:\Program Files\Spybot - Search & Destroy
[18/05/2007|02:54] C:\Program Files\Synaptics
[17/08/2008|20:54] C:\Program Files\Trend Micro
[02/11/2006|15:01] C:\Program Files\Uninstall Information
[23/05/2008|21:02] C:\Program Files\uTorrent
[24/04/2008|10:15] C:\Program Files\Vodafone
[26/11/2007|20:28] C:\Program Files\Wanadoo
[02/07/2008|22:19] C:\Program Files\Windows Calendar
[02/07/2008|22:19] C:\Program Files\Windows Collaboration
[02/07/2008|22:19] C:\Program Files\Windows Defender
[02/07/2008|22:19] C:\Program Files\Windows Journal
[27/02/2008|16:47] C:\Program Files\Windows Live
[07/02/2008|22:09] C:\Program Files\Windows Live Toolbar
[14/08/2008|19:13] C:\Program Files\Windows Mail
[02/07/2008|22:19] C:\Program Files\Windows Media Player
[13/11/2007|17:41] C:\Program Files\Windows NT
[02/07/2008|22:19] C:\Program Files\Windows Photo Gallery
[02/07/2008|22:19] C:\Program Files\Windows Sidebar
[24/11/2007|18:22] C:\Program Files\WinRAR

--------------------\\ Listing des dossiers dans C:\Program Files\Common Files

[10/02/2008|09:48] C:\Program Files\Common Files\Adobe
[18/05/2007|03:45] C:\Program Files\Common Files\DESIGNER
[26/11/2007|20:42] C:\Program Files\Common Files\France Telecom
[18/05/2007|03:57] C:\Program Files\Common Files\HP
[18/05/2007|04:04] C:\Program Files\Common Files\InstallShield
[18/05/2007|04:22] C:\Program Files\Common Files\Java
[18/05/2007|04:06] C:\Program Files\Common Files\LightScribe
[05/05/2008|17:46] C:\Program Files\Common Files\microsoft shared
[19/02/2008|15:23] C:\Program Files\Common Files\Real
[18/05/2007|03:27] C:\Program Files\Common Files\Roxio Shared
[02/11/2006|13:18] C:\Program Files\Common Files\Services
[18/05/2007|03:27] C:\Program Files\Common Files\Sonic Shared
[02/11/2006|13:18] C:\Program Files\Common Files\SpeechEngines
[18/05/2007|03:28] C:\Program Files\Common Files\SureThing Shared
[18/08/2008|06:30] C:\Program Files\Common Files\Symantec Shared
[02/07/2008|22:19] C:\Program Files\Common Files\System
[24/11/2007|18:32] C:\Program Files\Common Files\WindowsLiveInstaller
[24/04/2008|10:15] C:\Program Files\Common Files\Wise Installation Wizard

--------------------\\ Process

( 89 Processus )

iexplore.exe ~ [PID:3480] ~ [Threads:9]
iexplore.exe ~ [PID:5732] ~ [Threads:35]
iexplore.exe ~ [PID:4868] ~ [Threads:3]

--------------------\\ Recherche avec S_Lop

Aucun fichier / dossier Lop trouvé !

--------------------\\ Recherche de Fichiers / Dossiers Lop

Aucun fichier / dossier Lop trouvé !

--------------------\\ Verification du Registre

..... OK !

--------------------\\ Verification du fichier Hosts

Fichier Hosts PROPRE


--------------------\\ Recherche de fichiers avec Catchme

catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-08-19 06:48:25
Windows 6.0.6001 Service Pack 1 NTFS
scanning hidden processes ...
scanning hidden files ...
scan completed successfully
hidden processes: 0
hidden files: 15

--------------------\\ Recherche d'autres infections


Aucune autre infection trouvée !

[F:1499][D:43]-> C:\Users\COCO_N~1\AppData\Local\Temp
[F:226][D:1]-> C:\Users\COCO_N~1\AppData\Roaming\MICROS~1\Windows\Cookies
[F:178][D:16]-> C:\Users\COCO_N~1\AppData\Local\MICROS~1\Windows\TEMPOR~1\content.IE5
[F:3][D:3]-> C:\$Recycle.Bin

--------------------\\ Fin du rapport a 6:53:22,32
[ UAC => 1 ]


rapport de Hijack :

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 06:57:37, on 19/08/2008
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v7.00 (7.00.6001.18000)
Boot mode: Normal

Running processes:
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Windows\RtHDVCpl.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe
C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
C:\Program Files\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe
C:\Program Files\HP\HP Software Update\hpwuSchd2.exe
C:\Program Files\HP\Digital Imaging\bin\HpqSRmon.exe
C:\Program Files\Synaptics\SynTP\SynTPStart.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\Securitoo\Common\FSM32.EXE
C:\Windows\WindowsMobile\wmdc.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\Orange\Player Orange\Orange Player.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Users\coco_niro\AppData\Roaming\Microsoft\Live Search\Notification-LiveSearch.exe
C:\Windows\system32\conime.exe
C:\Users\coco_niro\AppData\Roaming\Microsoft\Live Search\Mise-a-jour-LiveSearch.exe
C:\Windows\System32\rundll32.exe
C:\Windows\ehome\ehmsas.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Securitoo\FSGUI\fsguidll.exe
C:\Program Files\Hewlett-Packard\Shared\HpqToaster.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Internet Explorer\ieuser.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\Windows\system32\Macromed\Flash\FlashUtil9f.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Windows\explorer.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr?cobrand=hp-notebook.msn.com&ocid=HPDHP&pc=HPNTDF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://home.sweetim.com/
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=C:\Windows\system32\userinit.exe
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Iminent.SearchTheWeb.HelperObject - {0E896FCA-D07E-45FE-901F-6A26FCF59C02} - mscoree.dll (file missing)
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [SMSERIAL] C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe
O4 - HKLM\..\Run: [QlbCtrl] %ProgramFiles%\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start
O4 - HKLM\..\Run: [HP Health Check Scheduler] C:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe
O4 - HKLM\..\Run: [hpWirelessAssistant] %ProgramFiles%\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
O4 - HKLM\..\Run: [WAWifiMessage] %ProgramFiles%\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [hpqSRMon] C:\Program Files\HP\Digital Imaging\bin\hpqSRMon.exe
O4 - HKLM\..\Run: [SynTPStart] C:\Program Files\Synaptics\SynTP\SynTPStart.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [NvSvc] RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [F-Secure Manager] "C:\Program Files\Securitoo\Common\FSM32.EXE" /splash
O4 - HKLM\..\Run: [F-Secure TNB] "C:\Program Files\Securitoo\FSGUI\TNBUtil.exe" /CHECKALL /WAITFORSW
O4 - HKLM\..\Run: [Windows Mobile Device Center] %windir%\WindowsMobile\wmdc.exe
O4 - HKLM\..\RunOnce: [Launcher] %WINDIR%\SMINST\launcher.exe
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [OrangePlayer] C:\Program Files\Orange\Player Orange\Orange Player.exe /systray
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU')
O4 - Startup: Outil de notification Live Search.lnk = C:\Users\coco_niro\AppData\Roaming\Microsoft\Live Search\Notification-LiveSearch.exe
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra button: Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra 'Tools' menuitem: @C:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O13 - Gopher Prefix:
O16 - DPF: {04CB5B64-5915-4629-B869-8945CEBADD21} (Module de délivrance de certificat MINEFI) - https://static.impots.gouv.fr/abos/static/securite/certdgi1.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx1.hotmail.com/mail/w2/resources/VistaMSNPUpldfr-fr.cab
O16 - DPF: {7FC1B346-83E6-4774-8D20-1A6B09B0E737} (Windows Live Photo Upload Control) - http://cocotimy0.spaces.live.com/PhotoUpload/VistaMsnPUpldfr-fr.cab
O16 - DPF: {BA162249-F2C5-4851-8ADC-FC58CB424243} - http://copainsdavant.linternaute.com/html_include_bibliotheque/objimageuploader/5.1.1.0/ImageUploader5.cab
O16 - DPF: {D6E7CFB5-C074-4D1C-B647-663D1A8D96BF} (Facebook Photo Uploader 4) - http://upload.facebook.com/controls/FacebookPhotoUploader4_5.cab
O23 - Service: FSGKHS (F-Secure Gatekeeper Handler Starter) - F-Secure Corporation - C:\Program Files\Securitoo\Anti-Virus\fsgk32st.exe
O23 - Service: F-Secure Automatic Update Agent (FSAUA) - F-Secure Corporation - C:\Program Files\Securitoo\FSAUA\program\fsaua.exe
O23 - Service: F-Secure Anti-Virus Firewall Daemon (FSDFWD) - F-Secure Corporation - C:\Program Files\Securitoo\FWES\Program\fsdfwd.exe
O23 - Service: F-Secure Management Agent (FSMA) - F-Secure Corporation - C:\Program Files\Securitoo\Common\FSMA32.EXE
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: HP Health Check Service - Hewlett-Packard - C:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe
O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: RoxMediaDB9 - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe
O23 - Service: stllssvr - MicroVision Development, Inc. - C:\Program Files\Common Files\SureThing Shared\stllssvr.exe
0
Réponse 6 / 14
Coco
19 août 2008 à 22:32
coucou,
bah ecoute j'ai fais exactement ce que tu m'as dis et il n'y a plus rien :)
Plus de pages CiD c'est trop bien :)
je suis trop contente!!!

Mon anti-virus fait aussi anti-spywares! je comprend pas pourquoi tu me dis que je n'en ai pas!

Si je peux faire quoi que se soit pour toi fais moi signe!!
0
Réponse 7 / 14
hhgd nht
1 oct. 2008 à 19:30
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 19:22:03, on 01/10/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16705)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccSvcHst.exe
C:\Program Files\Fichiers communs\Symantec Shared\AppCore\AppSvc32.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\LEXPPS.EXE
C:\PROGRA~1\FICHIE~1\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
C:\WINDOWS\System32\PAStiSvc.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe
C:\Program Files\Orange HSS\Systray\SystrayApp.exe
C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\PROGRA~1\FICHIE~1\France Telecom\Shared Modules\AlertModule\0\AlertModule.exe
C:\Program Files\Lexmark X1100 Series\lxbkbmgr.exe
C:\Program Files\Lexmark X1100 Series\lxbkbmon.exe
C:\Acer\Empowering Technology\eRecovery\Monitor.exe
C:\Program Files\QuickTime\QTTask.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\DAEMON Tools Lite\daemon.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\documents and settings\luke\local settings\application data\jfhegc.exe
C:\Program Files\Electronic Arts\EADM\Core.exe
C:\WINDOWS\explorer.exe
C:\Program Files\Java\jre1.6.0_05\bin\jucheck.exe
C:\Program Files\Fichiers communs\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\Program Files\LimeWire\LimeWire.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\explorer.exe
C:\Program Files\Java\jre1.6.0_05\bin\jucheck.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\WINDOWS\system32\notepad.exe
C:\Documents and Settings\PARENTS\Bureau\HiJackThis.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.lo.st
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://lo.st
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = "C:\Program Files\Outlook Express\msimn.exe"
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\Program Files\Orange HSS\SearchURLHook\SearchPageURL.dll
R3 - URLSearchHook: (no name) - {00A6FAF6-072E-44cf-8957-5838F569A31D} - (no file)
R3 - URLSearchHook: (no name) - {9CB65206-89C4-402c-BA80-02D8C59F9B1D} - C:\Program Files\AskTBar\SrchAstt\2.bin\A5SRCHAS.DLL
R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - K:\Outils\Antispy\SPYBOT~1.4BE\SDHelper.dll (file missing)
O2 - BHO: EoRezoBHO - {64F56FC1-1272-44CD-BA6E-39723696E350} - C:\Program Files\EoRezo\EoAdv\EoRezoBHO.dll (file missing)
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Ask Search Assistant BHO - {9CB65201-89C4-402c-BA80-02D8C59F9B1D} - C:\Program Files\AskTBar\SrchAstt\2.bin\A5SRCHAS.DLL
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\3.1.807.1746\swg.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O2 - BHO: free-downloads.net Toolbar - {ecdee021-0d17-467f-a1ff-c7a115230949} - C:\Program Files\free-downloads.net\tbfre1.dll
O2 - BHO: Share Accelerator Toolbar - {f5c93451-2609-4723-a053-5c19516be1a8} - C:\Program Files\Share_Accelerator\tbSha1.dll
O2 - BHO: Ask Toolbar BHO - {FE063DB1-4EC0-403e-8DD8-394C54984B2C} - C:\Program Files\AskTBar\bar\3.bin\ASKTBAR.DLL
O3 - Toolbar: Share Accelerator Toolbar - {f5c93451-2609-4723-a053-5c19516be1a8} - C:\Program Files\Share_Accelerator\tbSha1.dll
O3 - Toolbar: My &Web Search - {07B18EA9-A523-4961-B6BB-170DE4475CCA} - C:\Program Files\MyWebSearch\bar\2.bin\MWSBAR.DLL (file missing)
O3 - Toolbar: Ask Toolbar - {FE063DB9-4EC0-403e-8DD8-394C54984B2C} - C:\Program Files\AskTBar\bar\3.bin\ASKTBAR.DLL
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: (no name) - {381FFDE8-2394-4f90-B10D-FC6124A40F8C} - (no file)
O3 - Toolbar: free-downloads.net Toolbar - {ecdee021-0d17-467f-a1ff-c7a115230949} - C:\Program Files\free-downloads.net\tbfre1.dll
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [book ante] C:\DOCUME~1\PARENTS\APPLIC~1\ELSEPL~1\AXISNEW.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [omeou] "c:\documents and settings\parents\local settings\application data\omeou.exe" omeou
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-21-1669369553-2926707012-732487486-1007\..\Run: [book ante] C:\DOCUME~1\LUKE\APPLIC~1\ELSEPL~1\AXISNEW.exe (User 'LUKE')
O4 - HKUS\S-1-5-21-1669369553-2926707012-732487486-1007\..\Run: [AlcoholAutomount] "C:\Program Files\Alcohol Soft\Alcohol 120\axcmd.exe" /automount (User 'LUKE')
O4 - HKUS\S-1-5-21-1669369553-2926707012-732487486-1007\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (User 'LUKE')
O4 - HKUS\S-1-5-21-1669369553-2926707012-732487486-1007\..\Run: [jfhegc] "c:\documents and settings\luke\local settings\application data\jfhegc.exe" jfhegc (User 'LUKE')
O4 - HKUS\S-1-5-21-1669369553-2926707012-732487486-1007\..\Run: [EA Core] C:\Program Files\Electronic Arts\EADM\Core.exe -silent (User 'LUKE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: Ouvrir dans un nouvel onglet d'arrière-plan - res://C:\Program Files\Windows Live Toolbar\Components\fr-fr\msntabres.dll.mui/229?85443627245349d282a14622204ffceb
O8 - Extra context menu item: Ouvrir dans un nouvel onglet de premier plan - res://C:\Program Files\Windows Live Toolbar\Components\fr-fr\msntabres.dll.mui/230?85443627245349d282a14622204ffceb
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra button: Stop Pub - {10954C80-4F0F-11d3-B17C-00C0DFE39736} - C:\Program Files\JCA2000\StopPub\StopPub.exe
O9 - Extra 'Tools' menuitem: Stop Pub - {10954C80-4F0F-11d3-B17C-00C0DFE39736} - C:\Program Files\JCA2000\StopPub\StopPub.exe
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {5C051655-FCD5-4969-9182-770EA5AA5565} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown.cab56986.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O23 - Service: Acer Media Server - Unknown owner - C:\Program Files\Acer\Acer eConsole\MediaServerService.exe (file missing)
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSvcHst.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSvcHst.exe
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSvcHst.exe
O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom SA - C:\PROGRA~1\FICHIE~1\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Validation de mot de passe Symantec IS (ISPwdSvc) - Symantec Corporation - C:\Program Files\Norton AntiVirus\isPwdSvc.exe
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE
O23 - Service: BitDefender Desktop Update Service (LIVESRV) - Unknown owner - C:\Program Files\Fichiers communs\BitDefender\BitDefender Update Service\livesrv.exe (file missing)
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: LiveUpdate Notice Service Ex (LiveUpdate Notice Ex) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSvcHst.exe
O23 - Service: LiveUpdate Notice Service - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Planificateur LiveUpdate automatique - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
O23 - Service: StarWind AE Service (StarWindServiceAE) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
O23 - Service: STI Simulator - Unknown owner - C:\WINDOWS\System32\PAStiSvc.exe
O23 - Service: Symantec Core LC - Unknown owner - C:\Program Files\Fichiers communs\Symantec Shared\CCPD-LC\symlcsvc.exe
O23 - Service: Symantec AppCore Service (SymAppCore) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\AppCore\AppSvc32.exe
O23 - Service: BitDefender Virus Shield (VSSERV) - Unknown owner - C:\Program Files\BitDefender\BitDefender 2008\vsserv.exe (file missing)
O23 - Service: BitDefender Communicator (XCOMM) - Unknown owner - C:\Program Files\Fichiers communs\BitDefender\BitDefender Communicator\xcommsvr.exe (file missing)
0
Réponse 8 / 14
jfkpresident Messages postés 13404 Date d'inscription lundi 3 septembre 2007 Statut Contributeur sécurité Dernière intervention 5 janvier 2015 1 175
17 août 2008 à 18:50
salut;

1) télécharge hijackthis ici:hijackthis
ceci est un outil pour diagnostiquer ton pc .

*.Enregistre HJTInstall.exe sur ton bureau
*. Double-clique sur HJTInstall.exe pour lancer le programme
*. Par défaut, il s'installera là C:\Program Files\Trend Micro\HijackThis
*. Accepte la license en cliquant sur le bouton "I Accept"
*. Choisis l'option "Do a system scan and save a log file"
*. Clique sur "Save log" pour enregistrer le rapport qui s'ouvrira avec le bloc-note
*. Clique sur "Edition -> Sélectionner tout", puis sur "Edition -> Copier" pour copier tout le contenu du rapport
*. Colle le rapport que tu viens de copier sur ce forum
*. Ne fixe encore AUCUNE ligne, cela pourrait empêcher ton PC de fonctionner correctement

tutoriel générer un rapport
-1
Réponse 9 / 14
remih78 Messages postés 88 Date d'inscription mardi 17 avril 2007 Statut Membre Dernière intervention 31 janvier 2010 1
17 août 2008 à 18:54
Bonjour, si c'est ce que je pense c'est que tu a installé les sponsors de msn plus il te suffit de supprimer ces sponsors dans panneau de configuration - ajout/suppression de programme.
-1
Réponse 10 / 14
jfkpresident Messages postés 13404 Date d'inscription lundi 3 septembre 2007 Statut Contributeur sécurité Dernière intervention 5 janvier 2015 1 175
18 août 2008 à 00:33
Y aurait-il quelqu'un pour m'aider???

N'as tu pas lu ma signature ?

tu as deux antivirus actifs sur ta machine ! deux antivirus peuvent rentrer en conflits et ralentir ton pc /!\

désinstalle norton avec cet outil : http://service1.symantec.com/SUPPORT/INTER/tsgeninfointl.nsf/fr_docid/20050414110429924

ensuite :

télécharge lopS&D

*double-cliquez dessus pour installer le programme.
* Un raccourci sera créé sur votre bureau , double-cliquez dessus pour lancer l'outil.
*choisis la langue .
*choisis l'option 1 (recherche) .
*copie/colle le rapport sur le forum.

-1
Réponse 11 / 14
jfkpresident Messages postés 13404 Date d'inscription lundi 3 septembre 2007 Statut Contributeur sécurité Dernière intervention 5 janvier 2015 1 175
18 août 2008 à 09:47
relance LopS&D et choisis l'option 2 .
ensuite colle le rapport généré .

recolle moi un hijack dans la foulée .
-1
Réponse 12 / 14
jfkpresident Messages postés 13404 Date d'inscription lundi 3 septembre 2007 Statut Contributeur sécurité Dernière intervention 5 janvier 2015 1 175
19 août 2008 à 17:36
salut coco ;

-> Relance HijackThis cliques sur « scanner seulement » ou (« do a scan only »),
coche les cases devant ces lignes :

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://home.sweetim.com
O2 - BHO: Iminent.SearchTheWeb.HelperObject - {0E896FCA-D07E-45FE-901F-6A26FCF59C02} - mscoree.dll (file missing)
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O4 - HKLM\..\RunOnce: [Launcher] %WINDIR%\SMINST\launcher.exe


et ensuite ferme toutes les fenêtres actives autres que HijackThis!, navigateur inclus,
puis clique "Fix checked"( ou « fixer objet »). Ferme HijackThis!

-------------------------------------------------------------------------------------------------------------------------------------------------------------------

tu n'as pas d'anti-spywares ,installe celui ci et fait un scan avec :

superantispyware : https://www.superantispyware.com/superantispywarefreevspro.html

Dis moi ensuite si tu as encore des soucis ?
-1
Réponse 13 / 14
jfkpresident Messages postés 13404 Date d'inscription lundi 3 septembre 2007 Statut Contributeur sécurité Dernière intervention 5 janvier 2015 1 175
19 août 2008 à 22:39
pour l'anti-spyware ,désolé mais tu peux quand meme l'installer avec celui que tu as ...A toi de voir .

Si je peux faire quoi que se soit pour toi fais moi signe!!

NE REVIENS JAMAIS :)))

Tch@O
-1
Réponse 14 / 14
jfkpresident Messages postés 13404 Date d'inscription lundi 3 septembre 2007 Statut Contributeur sécurité Dernière intervention 5 janvier 2015 1 175
1 oct. 2008 à 20:33
bonsoir ;

créé ton propre message afin qu'on puisse t'aider STP MERCI !
procede comme suit:http://pageperso.aol.fr/balltrap34/demofairesontmessage.htm
-1

Discussions similaires

"Aucune application permettant d'ouvrir cette URL"
sidojaice -
JIP -

24 réponses
E mail s'arrête systématiquement
Patafix -
Utilisateur anonyme -

10 réponses