Page internet " about blank"

Résolu
cachou52fr -  
 Dan185 -
Bonjour,

A l'ouverture d'internet explorer, une autre page publicitaire s'ouvre par dessus ma page orange avec une petite fenêtre au démarrage (About Blank) Comment faire pour empêcher cette publicité forcée. J’ai passé mon anti virus Avira AntiVir à jour, mon anti spyware Spybot et Malwarebyte et rien ne vire ce virus ou expions. Comment faire si vous avez une solution, merci d'avance
Configuration: Windows 7 Internet Explorer 7.0

29 réponses

  • 1
  • 2
Résumé de la discussion

Le problème décrit une publicité intrusive qui s'ouvre au lancement d'Internet Explorer et s'affiche par-dessus une page orange, avec une fenêtre About Blank bloquant l'affichage normal. Plusieurs pistes techniques ont été proposées, incluant des outils de détection et de suppression, des nettoyeurs et la génération de rapports pour identifier les éléments indésirables. Les solutions recommandent ensuite des étapes en mode sans échec, puis l’utilisation d’outils spécialisés et la suppression de composants ou moteurs de recherche indésirés. D’autres éléments nuancent le diagnostic en évoquant une éventuelle version non à jour ou piratée de Windows 7, ce qui peut expliquer l’absence d’installation correcte des options de sécurité.

Généré automatiquement par IA
sur la base des meilleures réponses
  1. eZula Messages postés 3509 Statut Contributeur 392
     
    Bonjour,

    télécharge GenProc http://www.genproc.com/GenProc.exe

    double-clique sur GenProc.exe et poste le contenu du rapport qui s'ouvre
    2
  2. cachou52fr Messages postés 24 Statut Membre 3
     
    ok merci a tout de suite avec le rapport, et merci d'avance
    1
  3. cachou52fr Messages postés 24 Statut Membre 3
     
    Rapport GenProc 2.637 [1] - 12/10/2009 à 14:50:56
    @ Windows 7 - Mode normal
    @ Internet Explorer (8.0.7100.0) [Navigateur par défaut]

    ~~ CM DISK ERROR ~~

    # Etape 1/ Télécharge :

    - CCleaner https://www.ccleaner.com/ccleaner/download (FileHippo). Ce logiciel va permettre de supprimer tous les fichiers temporaires. Lance-le et clique sur "Options", "Avancé" et décoche la case "Effacer uniquement les fichiers, du dossier Temp de Windows, plus vieux que 48 heures". Par la suite, laisse-le avec ses réglages par défaut. Ferme le programme.

    - Lop S&D https://77b4795d-a-62cb3a1a-s-sites.googlegroups.com/site/eric71mespages/LopSD.exe?attachauth=ANoY7co3ntqUavpZ3q1BG-h4pc13vqDZmhcNeEPChtsyrgAykRbhE8bZzhk979EfQD4AgwtQUHCaQ7ZQwNYMo3_0kA8htAspckDJtu2K5t6J9z6dLW4fpZyH4FpFL1tVMBZ8H-KnN7afZ5vt-WxZRpnynk-a0XmV_Y0C0q6DxGEDKie1TnPT7gFoZnoCnspzBmbW6ZzxA4fNr3oEDlbelNZON-LjF8nOmQ%3D%3D&attredirects=2 (Eric 71 & Angeldark) sur ton Bureau.

    - Toolbar-S&D https://77b4795d-a-62cb3a1a-s-sites.googlegroups.com/site/eric71mespages/ToolBarSD.exe?attachauth=ANoY7cpVobGk5bHnxrhQ4yaoEUDJvOYNnEGyYjgqHZz5GqZLfutR3fMFPlsC3-CGIilfupPAguYATNyua3csodN_frdMK8sSzUpit10Yac-QJCOkMqJKkbdKcP6ySs8trWPgoNVIq4TGGWCe6o0txXQv-ZueJF9vZzw3RXsGwFYIqN2lvF2LPdQzS8mE1d5kWOVOz6EMzQuE5-lClSJM869uq3oc7-t7yg%3D%3D&attredirects=3 (Team IDN) sur ton Bureau.

    - ComboFix http://download.bleepingcomputer.com/sUBs/ComboFix.exe (sUBs) sur ton Bureau.

    Redémarre en mode sans échec comme indiqué ici https://www.wekyo.com/demarrer-le-pc-en-mode-sans-echec-windows-7-et-8/ ; Choisis ta session courante *** Robert *** (pour retrouver le rapport, clique sur le raccourci "Rapport GenProc[1]" sur ton bureau).

    # Etape 2/

    Lance Toolbar-S&D situé sur le Bureau. Tape sur "2" puis valide en appuyant sur "Entrée". Ne ferme pas la fenêtre lors de la suppression.

    # Etape 3/

    Double-clique sur Lop S&D pour lancer l'installation, séléctionne la langue souhaitée, puis choisis l'Option 2 - Suppression - et patiente jusqu'à ce qu'il ait terminé.

    # Etape 4/

    Double clique sur combofix.exe et suis les instructions. Attention de ne pas utiliser ta souris ni ton clavier (ni un autre système de pointage) pendant que le programme tourne au risque de figer l'ordinateur.

    # Etape 5/

    Lance CCleaner : "Nettoyeur"/"lancer le nettoyage" et c'est tout.

    # Etape 6/

    Redémarre normalement et poste, dans la même réponse :

    - Le contenu du rapport TB.txt situé dans C:\ ;
    - Le contenu du rapport lopR.txt situé dans C:\ ;
    - Le contenu du rapport Combofix.txt situé dans C:\ ;
    - Un nouveau rapport HijackThis https://forums.cnetfrance.fr/tutoriels-securite-informatique/1549-hijackthis-comment-l-utiliser ;
    - Un nouveau rapport GenProc ;

    Précise les difficultés que tu as eu (ce que tu n'as pas pu faire...) ainsi que l'évolution de la situation.

    ~~ Arguments de la procédure ~~

    # Détections [1] GenProc 2.637 12/10/2009 à 14:51:12
    Lop:le 12/10/2009 à 14:51:43 "C:\Program Files\Multi_Media_France"
    Toolbar:le 12/10/2009 à 14:51:44 "C:\Program Files\Multi_Media_France"
    TDSS:le 12/10/2009 à 14:51:51 "C:\Windows\System32\ovfst*.???"

    ----------------------------------------------------------------------
    Sites officiels GenProc : www.alt-shift-return.org et www.genproc.com
    ----------------------------------------------------------------------

    ~~ Fin à 14:53:11 ~~
    1
  4. eZula Messages postés 3509 Statut Contributeur 392
     
    Suis la procédure, je reviens en fin d'après midi pour controler tout ça
    0
    1. cachou52fr
       
      fin de procédure mais a l'ouverture de l'explorer, le probleme est toujours présent
      0
  5. Vous n’avez pas trouvé la réponse que vous recherchez ?

    Posez votre question
  6. eZula Messages postés 3509 Statut Contributeur 392
     
    # Etape 6/
    0
    1. cachou52fr
       
      rapport

      --------------------\\ Lop S&D 4.2.5-0 XP/Vista

      Microsoft Windows 7 Édition Intégrale ( v6.1.7100 )
      X86-based PC ( Multiprocessor Free : Intel(R) Core(TM)2 Duo CPU T8300 @ 2.40GHz )
      BIOS : Default System BIOS
      USER : Robert ( Administrator )
      BOOT : Fail-safe boot
      C:\ (Local Disk) - NTFS - Total:60 Go (Free:18 Go)
      D:\ (Local Disk) - NTFS - Total:164 Go (Free:62 Go)
      E:\ (CD or DVD)

      "C:\Lop SD" ( MAJ : 19-12-2008|23:40 )
      Option : [2] ( 12/10/2009|18:00 )

      [ UAC => 1 ]


      \\\\\\\\\\\\\\\\\\\\\\\\\\\\\\


      --------------------\\ Listing des dossiers dans Local

      [17/07/2009|13:32] C:\Users\Robert\AppData\Local\ABBYY
      [10/10/2009|16:07] C:\Users\Robert\AppData\Local\ACD Systems
      [17/07/2009|13:32] C:\Users\Robert\AppData\Local\Adobe
      [17/07/2009|13:32] C:\Users\Robert\AppData\Local\Ahead
      [17/07/2009|13:32] C:\Users\Robert\AppData\Local\Apple
      [17/07/2009|13:32] C:\Users\Robert\AppData\Local\Apple Computer
      [17/07/2009|13:03] C:\Users\Robert\AppData\Local\Application Data
      [22/08/2009|21:51] C:\Users\Robert\AppData\Local\ApplicationHistory
      [10/10/2009|16:07] C:\Users\Robert\AppData\Local\Apps
      [10/10/2009|16:07] C:\Users\Robert\AppData\Local\ASUS
      [17/07/2009|13:32] C:\Users\Robert\AppData\Local\ATI
      [11/10/2009|13:54] C:\Users\Robert\AppData\Local\Corel
      [29/07/2009|18:40] C:\Users\Robert\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
      [28/08/2009|14:07] C:\Users\Robert\AppData\Local\Diagnostics
      [11/10/2009|14:03] C:\Users\Robert\AppData\Local\Downloaded Installations
      [23/08/2009|21:20] C:\Users\Robert\AppData\Local\ElevatedDiagnostics
      [10/10/2009|16:07] C:\Users\Robert\AppData\Local\eMule
      [10/10/2009|16:07] C:\Users\Robert\AppData\Local\Frameworkx
      [10/10/2009|16:07] C:\Users\Robert\AppData\Local\Frameworkx.com
      [22/08/2009|21:50] C:\Users\Robert\AppData\Local\fusioncache.dat
      [17/07/2009|13:32] C:\Users\Robert\AppData\Local\G DATA
      [25/08/2009|11:16] C:\Users\Robert\AppData\Local\GDIPFONTCACHEV1.DAT
      [10/10/2009|16:07] C:\Users\Robert\AppData\Local\Google
      [17/07/2009|13:03] C:\Users\Robert\AppData\Local\Historique
      [12/10/2009|17:54] C:\Users\Robert\AppData\Local\IconCache.db
      [07/08/2009|08:08] C:\Users\Robert\AppData\Local\IsolatedStorage
      [17/07/2009|13:32] C:\Users\Robert\AppData\Local\JollyBear
      [10/10/2009|16:07] C:\Users\Robert\AppData\Local\Macromedia
      [10/10/2009|17:16] C:\Users\Robert\AppData\Local\Microsoft
      [17/07/2009|13:34] C:\Users\Robert\AppData\Local\Microsoft Corporation
      [10/10/2009|16:07] C:\Users\Robert\AppData\Local\Microsoft Games
      [22/05/2008|22:22] C:\Users\Robert\AppData\Local\Microsoft Help
      [10/10/2009|16:07] C:\Users\Robert\AppData\Local\Mozilla
      [17/07/2009|13:34] C:\Users\Robert\AppData\Local\Nero
      [17/07/2009|13:34] C:\Users\Robert\AppData\Local\O&O
      [17/07/2009|13:34] C:\Users\Robert\AppData\Local\Oberon Games
      [10/10/2009|16:07] C:\Users\Robert\AppData\Local\Opera
      [23/05/2008|09:38] C:\Users\Robert\AppData\Local\Panda Software
      [17/07/2009|13:34] C:\Users\Robert\AppData\Local\Qurb4
      [10/10/2009|16:07] C:\Users\Robert\AppData\Local\ROUTE 66 Sync 9
      [17/07/2009|13:34] C:\Users\Robert\AppData\Local\SpookyManor
      [10/10/2009|16:07] C:\Users\Robert\AppData\Local\SYSTRAN
      [10/10/2009|16:07] C:\Users\Robert\AppData\Local\TechSmith
      [12/10/2009|18:00] C:\Users\Robert\AppData\Local\Temp
      [17/07/2009|13:03] C:\Users\Robert\AppData\Local\Temporary Internet Files
      [10/10/2009|16:07] C:\Users\Robert\AppData\Local\Thunderbird
      [10/10/2009|16:07] C:\Users\Robert\AppData\Local\TomTom
      [10/10/2009|16:07] C:\Users\Robert\AppData\Local\TwinglyScreensaver
      [10/10/2009|16:07] C:\Users\Robert\AppData\Local\VirtualStore
      [17/07/2009|13:34] C:\Users\Robert\AppData\Local\WinAVI
      [17/07/2009|13:34] C:\Users\Robert\AppData\Local\Windows Live Writer
      [17/07/2009|13:34] C:\Users\Robert\AppData\Local\Xara
      [17/07/2009|13:34] C:\Users\Robert\AppData\Local\Yahoo

      --------------------\\ Tâches planifiées dans C:\Windows\tasks

      [11/10/2009 22:27][--a------] C:\Windows\tasks\Ad-Aware Update (Daily).job
      [05/07/2009 22:54][--a------] C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
      [12/10/2009 17:31][--a------] C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
      [06/05/2009 11:34][--a------] C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3314911836-3212641011-1656975525-1000.job
      [12/10/2009 17:31][--ah-----] C:\Windows\tasks\SA.DAT
      [22/04/2009 10:27][--a------] C:\Windows\tasks\SCHEDLGU.TXT
      [12/10/2009 17:33][--a------] C:\Windows\tasks\Google Software Updater.job
      [27/04/2009 21:18][--ah-----] C:\Windows\tasks\User_Feed_Synchronization-{751E10C5-FC60-416B-9048-DF3209294C73}.job

      --------------------\\ Listing des dossiers dans C:\ProgramData

      [10/10/2009|16:07] C:\ProgramData\{3276BE95_AF08_429F_A64F_CA64CB79BCF6}
      [17/07/2009|13:14] C:\ProgramData\{55A29068-F2CE-456C-9148-C869879E2357}
      [17/07/2009|13:13] C:\ProgramData\4D
      [17/07/2009|13:13] C:\ProgramData\ACD Systems
      [10/10/2009|16:07] C:\ProgramData\Acronis
      [10/10/2009|16:07] C:\ProgramData\Activ Software
      [17/07/2009|13:13] C:\ProgramData\Adobe
      [17/07/2009|13:13] C:\ProgramData\AppData
      [10/10/2009|16:07] C:\ProgramData\Apple
      [22/04/2009|10:27] C:\ProgramData\Application Data
      [17/07/2009|13:13] C:\ProgramData\Arcade Lab
      [10/10/2009|16:07] C:\ProgramData\ASUS
      [17/07/2009|13:13] C:\ProgramData\ATI
      [10/10/2009|17:16] C:\ProgramData\avg9
      [10/10/2009|17:31] C:\ProgramData\Avira
      [17/07/2009|13:13] C:\ProgramData\Backup
      [03/03/2009|20:55] C:\ProgramData\BSD
      [17/07/2009|13:13] C:\ProgramData\BSD Concept
      [17/07/2009|14:34] C:\ProgramData\Bureau
      [17/07/2009|13:13] C:\ProgramData\Ciel
      [10/10/2009|16:07] C:\ProgramData\Corel
      [22/04/2009|10:27] C:\ProgramData\Desktop
      [22/04/2009|10:27] C:\ProgramData\Documents
      [10/10/2009|16:07] C:\ProgramData\eMule
      [17/07/2009|14:34] C:\ProgramData\Favoris
      [22/04/2009|10:27] C:\ProgramData\Favorites
      [17/07/2009|13:13] C:\ProgramData\FLEXnet
      [21/08/2009|09:30] C:\ProgramData\GoldWave
      [10/10/2009|16:07] C:\ProgramData\Google
      [12/10/2009|14:22] C:\ProgramData\Google Updater
      [22/07/2009|14:44] C:\ProgramData\Iconix
      [10/10/2009|16:07] C:\ProgramData\InstallShield
      [10/10/2009|16:07] C:\ProgramData\Intel
      [10/10/2009|16:07] C:\ProgramData\JollyBear
      [11/10/2009|19:37] C:\ProgramData\Lavasoft
      [10/10/2009|16:07] C:\ProgramData\Logishrd
      [17/07/2009|13:13] C:\ProgramData\Logitech
      [17/07/2009|13:13] C:\ProgramData\ma-config.com
      [17/07/2009|13:13] C:\ProgramData\Macrovision
      [10/10/2009|16:07] C:\ProgramData\Malwarebytes
      [17/07/2009|14:34] C:\ProgramData\Menu D‚marrer
      [10/10/2009|16:07] C:\ProgramData\Microsoft
      [17/07/2009|13:13] C:\ProgramData\Microsoft Corporation
      [11/10/2009|00:18] C:\ProgramData\Microsoft Help
      [17/07/2009|14:34] C:\ProgramData\ModŠles
      [17/07/2009|13:13] C:\ProgramData\MysteryChronicles
      [10/10/2009|16:07] C:\ProgramData\Nero
      [17/07/2009|13:14] C:\ProgramData\P4G
      [10/10/2009|16:07] C:\ProgramData\PC Drivers HeadQuarters
      [17/07/2009|13:14] C:\ProgramData\PC SOFT
      [17/07/2009|13:14] C:\ProgramData\PlatriumSA
      [17/07/2009|13:14] C:\ProgramData\PopCap Games
      [17/07/2009|13:14] C:\ProgramData\Sandlot Games
      [10/10/2009|16:07] C:\ProgramData\ScanSoft
      [10/10/2009|16:07] C:\ProgramData\Seagate
      [17/07/2009|13:14] C:\ProgramData\sentinel
      [10/10/2009|16:07] C:\ProgramData\SlySoft
      [12/10/2009|11:46] C:\ProgramData\Spybot - Search & Destroy
      [22/04/2009|10:27] C:\ProgramData\Start Menu
      [21/08/2009|20:33] C:\ProgramData\Stylus Studio
      [10/10/2009|23:35] C:\ProgramData\SUPERAntiSpyware.com
      [10/10/2009|16:07] C:\ProgramData\TechSmith
      [12/10/2009|09:45] C:\ProgramData\TEMP
      [22/04/2009|10:27] C:\ProgramData\Templates
      [17/07/2009|13:14] C:\ProgramData\WindowsSearch
      [10/10/2009|16:07] C:\ProgramData\Yahoo!
      [10/10/2009|16:07] C:\ProgramData\Zylom

      --------------------\\ Listing des dossiers dans C:\Program Files

      [17/07/2009|13:05] C:\Program Files\3D Starstrike
      [17/07/2009|13:05] C:\Program Files\3ivx
      [17/07/2009|13:05] C:\Program Files\About Font
      [17/07/2009|13:05] C:\Program Files\ACD Systems
      [17/07/2009|13:05] C:\Program Files\Acronis
      [17/07/2009|13:05] C:\Program Files\Activation Assistant for the 2007 Microsoft Office suites
      [17/07/2009|13:05] C:\Program Files\Adobe
      [17/07/2009|13:05] C:\Program Files\AnvSoft Photo Flash Maker Professional
      [17/07/2009|13:05] C:\Program Files\Apple Software Update
      [17/07/2009|13:05] C:\Program Files\ASUS
      [17/07/2009|13:05] C:\Program Files\ATI
      [17/07/2009|13:05] C:\Program Files\ATI Technologies
      [17/07/2009|13:06] C:\Program Files\ATK Hotkey
      [17/07/2009|13:06] C:\Program Files\ATKGFNEX
      [17/07/2009|13:06] C:\Program Files\ATKOSD2
      [17/07/2009|13:06] C:\Program Files\Bricks Of Atlantis
      [17/07/2009|13:06] C:\Program Files\Bricks Of Camelot
      [17/07/2009|13:06] C:\Program Files\BSD Concept
      [17/07/2009|13:06] C:\Program Files\Cisco
      [17/07/2009|13:06] C:\Program Files\Cluedo
      [11/10/2009|19:28] C:\Program Files\Common Files
      [17/07/2009|13:08] C:\Program Files\Conduit
      [17/07/2009|13:08] C:\Program Files\DIFX
      [17/07/2009|13:08] C:\Program Files\DivX
      [22/04/2009|12:12] C:\Program Files\DVD Maker
      [03/08/2009|14:36] C:\Program Files\Google
      [10/10/2009|15:28] C:\Program Files\Grisoft
      [17/07/2009|13:09] C:\Program Files\Iconix
      [25/08/2009|11:02] C:\Program Files\InstallShield Installation Information
      [17/07/2009|13:09] C:\Program Files\Intel
      [10/10/2009|16:08] C:\Program Files\Internet Explorer
      [17/07/2009|13:09] C:\Program Files\iPod
      [11/10/2009|09:44] C:\Program Files\IsoBuster
      [31/08/2009|20:54] C:\Program Files\Java
      [17/07/2009|13:10] C:\Program Files\K-Lite Codec Pack
      [24/07/2009|15:49] C:\Program Files\LameACM
      [11/10/2009|22:26] C:\Program Files\Lavasoft
      [17/07/2009|13:10] C:\Program Files\LG Electronics
      [17/07/2009|13:10] C:\Program Files\Logitech
      [17/07/2009|13:10] C:\Program Files\Marvell
      [10/10/2009|16:08] C:\Program Files\mes donn‚es
      [17/07/2009|13:10] C:\Program Files\Microsoft
      [17/07/2009|13:10] C:\Program Files\Microsoft CAPICOM 2.1.0.2
      [17/07/2009|13:10] C:\Program Files\Microsoft Games
      [10/10/2009|16:08] C:\Program Files\Microsoft IntelliPoint
      [17/07/2009|13:10] C:\Program Files\Microsoft Money 2005
      [17/07/2009|13:11] C:\Program Files\Microsoft Office
      [10/10/2009|17:18] C:\Program Files\Microsoft Silverlight
      [17/07/2009|13:11] C:\Program Files\Microsoft SQL Server Compact Edition
      [17/07/2009|13:11] C:\Program Files\Microsoft Sync Framework
      [17/07/2009|13:11] C:\Program Files\Microsoft Visual Studio
      [17/07/2009|13:11] C:\Program Files\Microsoft Visual Studio 8
      [17/07/2009|13:11] C:\Program Files\Microsoft Works
      [17/07/2009|13:11] C:\Program Files\Microsoft.NET
      [17/07/2009|13:00] C:\Program Files\Motorola
      [17/07/2009|13:11] C:\Program Files\Mozilla Firefox
      [17/07/2009|13:11] C:\Program Files\MSBuild
      [17/07/2009|13:11] C:\Program Files\MSN Money Investment Toolbox
      [17/07/2009|13:11] C:\Program Files\Nero
      [17/07/2009|13:11] C:\Program Files\On2 Technologies
      [17/07/2009|13:11] C:\Program Files\Opera
      [17/07/2009|13:11] C:\Program Files\P4G
      [11/10/2009|09:44] C:\Program Files\pdfforge Toolbar
      [10/10/2009|16:08] C:\Program Files\Pense-bete
      [17/07/2009|13:11] C:\Program Files\Primelabs
      [17/07/2009|13:11] C:\Program Files\QuickTime
      [17/07/2009|13:11] C:\Program Files\Real
      [17/07/2009|13:11] C:\Program Files\Realtek
      [22/04/2009|10:55] C:\Program Files\Reference Assemblies
      [17/07/2009|13:11] C:\Program Files\Smart Projects
      [17/07/2009|13:11] C:\Program Files\SWiSH Jukebox
      [17/07/2009|13:11] C:\Program Files\SWiSH Max2
      [17/07/2009|13:11] C:\Program Files\swishmax2
      [17/07/2009|13:00] C:\Program Files\Synaptics
      [17/07/2009|13:11] C:\Program Files\SystemRequirementsLab
      [17/07/2009|13:11] C:\Program Files\Tablet
      [17/07/2009|13:11] C:\Program Files\TomTom International B.V
      [12/10/2009|09:51] C:\Program Files\TuneUp Utilities 2009
      [07/08/2009|08:08] C:\Program Files\Virtual Earth 3D
      [17/07/2009|13:12] C:\Program Files\VSO
      [17/07/2009|13:12] C:\Program Files\Windows Collaboration
      [22/04/2009|12:01] C:\Program Files\Windows Defender
      [22/04/2009|12:12] C:\Program Files\Windows Journal
      [10/10/2009|19:17] C:\Program Files\Windows Live
      [17/07/2009|13:12] C:\Program Files\Windows Live Safety Center
      [17/07/2009|13:12] C:\Program Files\Windows Live SkyDrive
      [22/04/2009|12:01] C:\Program Files\Windows Mail
      [22/04/2009|12:01] C:\Program Files\Windows Media Player
      [17/07/2009|14:34] C:\Program Files\Windows NT
      [22/04/2009|12:01] C:\Program Files\Windows Photo Viewer
      [10/10/2009|16:08] C:\Program Files\Windows Sidebar
      [17/07/2009|13:12] C:\Program Files\WinRAR
      [17/07/2009|13:12] C:\Program Files\Wireless Console 2
      [17/07/2009|13:12] C:\Program Files\XviD
      [17/07/2009|13:12] C:\Program Files\Yahoo!
      [17/07/2009|13:12] C:\Program Files\Zylom Games

      --------------------\\ Listing des dossiers dans C:\Program Files\Common Files

      [17/07/2009|13:06] C:\Program Files\Common Files\ACD Systems
      [10/10/2009|18:58] C:\Program Files\Common Files\Acronis
      [17/07/2009|13:07] C:\Program Files\Common Files\Adobe
      [17/07/2009|13:07] C:\Program Files\Common Files\Adobe AIR
      [17/07/2009|13:07] C:\Program Files\Common Files\Apple
      [17/07/2009|13:08] C:\Program Files\Common Files\Borland Shared
      [17/07/2009|13:08] C:\Program Files\Common Files\Corel
      [17/07/2009|13:08] C:\Program Files\Common Files\DESIGNER
      [17/07/2009|13:08] C:\Program Files\Common Files\DivX Shared
      [10/10/2009|23:01] C:\Program Files\Common Files\Iconix
      [17/07/2009|13:08] C:\Program Files\Common Files\iGrafx
      [17/07/2009|13:08] C:\Program Files\Common Files\InstallShield
      [17/07/2009|13:08] C:\Program Files\Common Files\Java
      [17/07/2009|13:08] C:\Program Files\Common Files\L&H
      [17/07/2009|13:08] C:\Program Files\Common Files\LogiShrd
      [17/07/2009|13:08] C:\Program Files\Common Files\Macromedia
      [17/07/2009|13:08] C:\Program Files\Common Files\Macromedia Shared
      [17/07/2009|13:08] C:\Program Files\Common Files\Macrovision Shared
      [03/08/2009|12:06] C:\Program Files\Common Files\microsoft shared
      [17/07/2009|13:08] C:\Program Files\Common Files\MimarSinan
      [17/07/2009|13:08] C:\Program Files\Common Files\Nero
      [23/05/2008|09:41] C:\Program Files\Common Files\Panda Software
      [17/07/2009|13:08] C:\Program Files\Common Files\PX Storage Engine
      [17/07/2009|13:08] C:\Program Files\Common Files\Real
      [17/07/2009|13:08] C:\Program Files\Common Files\Scansoft Shared
      [22/04/2009|08:17] C:\Program Files\Common Files\Services
      [17/07/2009|13:08] C:\Program Files\Common Files\SourceTec
      [22/04/2009|08:17] C:\Program Files\Common Files\SpeechEngines
      [17/07/2009|13:08] C:\Program Files\Common Files\SureThing Shared
      [17/07/2009|13:08] C:\Program Files\Common Files\SWiSHzone.com
      [17/07/2009|13:08] C:\Program Files\Common Files\Symantec Shared
      [22/04/2009|12:01] C:\Program Files\Common Files\System
      [17/07/2009|13:08] C:\Program Files\Common Files\Windows Live
      [17/07/2009|13:08] C:\Program Files\Common Files\WindowsLiveInstaller
      [12/10/2009|09:41] C:\Program Files\Common Files\Wise Installation Wizard
      [17/07/2009|13:08] C:\Program Files\Common Files\Xara
      [17/07/2009|13:08] C:\Program Files\Common Files\xing shared

      --------------------\\ Process

      ( 8 Processes )

      ... OK !

      --------------------\\ Recherche avec S_Lop

      Aucun fichier / dossier Lop trouvé !

      --------------------\\ Recherche de Fichiers / Dossiers Lop

      Aucun fichier / dossier Lop trouvé !

      --------------------\\ Verification du Registre

      ..... OK !

      --------------------\\ Verification du fichier Hosts

      Fichier Hosts PROPRE


      --------------------\\ Recherche de fichiers avec Catchme

      catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
      Rootkit scan 2009-10-12 18:00:27
      Windows 6.1.7100 NTFS
      detected NTDLL code modification:
      ZwEnumerateKey 0 != 116, ZwQueryKey 0 != 244, ZwOpenKey 0 != 182, ZwClose 0 != 50, ZwEnumerateValueKey 0 != 119, ZwQueryValueKey 0 != 266, ZwOpenFile 0 != 179, ZwQueryDirectoryFile 0 != 223, ZwQuerySystemInformation 0 != 261Initialization error

      --------------------\\ Recherche d'autres infections


      Aucune autre infection trouvée !

      [F:1][D:1]-> C:\Users\Robert\AppData\Local\Temp
      [F:3][D:1]-> C:\Users\Robert\AppData\Roaming\MICROS~1\Windows\Cookies
      [F:2][D:0]-> C:\Users\Robert\AppData\Local\MICROS~1\Windows\TEMPOR~1\content.IE5
      [F:8][D:3]-> C:\$Recycle.Bin

      1 - "C:\Lop SD\LopR_1.txt" - 12/10/2009|15:30 - Option : [2]
      2 - "C:\Lop SD\LopR_2.txt" - 12/10/2009|17:29 - Option : [2]
      3 - "C:\Lop SD\LopR_3.txt" - 12/10/2009|18:01 - Option : [2]

      --------------------\\ Fin du rapport a 18:01:17
      [ UAC => 1 ]
      0
    2. cachou52fr
       
      Je n'ai pas le rapport TB.txt et ni le rapport Combofix.txt . avec combofix j' eu un message d'erreur " windows ne trouve pas NircmdB.exe . vérifiez que vous avez entré le nom correct, puis réessayez
      0
  7. cachou52fr
     
    je n'ai pas le rapport TB.txt et ni le rapport Combofix.txt . avec combofix j' eu un message d'erreur " windows ne trouve pas NircmdB.exe . vérifiez que vous avez entré le nom correct, puis réessayez
    0
  8. cachou52fr
     
    nouveau rapport HijackThis

    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 18:24:14, on 12/10/2009
    Platform: Unknown Windows (WinNT 6.01.3004)
    MSIE: Internet Explorer v8.00 (8.00.7100.0000)
    Boot mode: Normal

    Running processes:
    C:\Windows\system32\taskhost.exe
    C:\Windows\system32\Dwm.exe
    C:\Windows\Explorer.EXE
    C:\Program Files\Common Files\Acronis\Schedule2\schedhlp.exe
    C:\Windows\system32\taskeng.exe
    C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe
    C:\Windows\system32\WTablet\Pen_TabletUser.exe
    C:\Windows\System32\rundll32.exe
    C:\Windows\ASScrPro.exe
    C:\Program Files\Microsoft IntelliPoint\ipoint.exe
    C:\UTIL\Malwarebytes' Anti-Malware\mbamgui.exe
    C:\Windows\System32\oodtray.exe
    C:\UTIL\Antivirus\Avira\AntiVir Desktop\avgnt.exe
    D:\Logiciels Divers\Acronis\TrueImageMonitor.exe
    D:\Logiciels Divers\Paint shop pro 12\CorelIOMonitor.exe
    C:\UTIL\RocketDock\RocketDock.exe
    C:\UTIL\GadWin\PrintScreen.exe
    C:\Program Files\Windows Sidebar\sidebar.exe
    D:\Logiciels Divers\CircleDock0.9.2Alpha8.1\CircleDock.exe
    C:\Program Files\Pense-bete\pb79f.exe
    C:\Windows\system32\Macromed\Flash\FlashUtil10c.exe
    C:\Program Files\Common Files\Microsoft Shared\Ink\InputPersonalization.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\Program Files\Google\Google Toolbar\GoogleToolbarUser_32.exe
    C:\Program Files\Windows Live\Toolbar\wltuser.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\UTIL\HijackThis\HijackThis.exe

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.asus.com
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.bing.com/?toHttps=1&redig=F6E03C3CC058415AA40F1BC2D47E2332
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.asus.com
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
    O2 - BHO: SnagIt Toolbar Loader - {00C6482D-C502-44C8-8409-FCE54AD9C208} - D:\Logiciels Divers\Snagit\SnagItBHO.dll
    O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
    O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\UTIL\SPYBOT~1\SDHelper.dll
    O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
    O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
    O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.2.4204.1700\swg.dll
    O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_B7C5AC242193BB3E.dll
    O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
    O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
    O3 - Toolbar: SnagIt - {8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3} - D:\Logiciels Divers\Snagit\SnagItIEAddin.dll
    O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
    O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
    O4 - HKLM\..\Run: [ASUS Screen Saver Protector] C:\Windows\ASScrPro.exe
    O4 - HKLM\..\Run: [IntelliPoint] "C:\Program Files\Microsoft IntelliPoint\ipoint.exe"
    O4 - HKLM\..\Run: [Malwarebytes' Anti-Malware] "C:\UTIL\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray
    O4 - HKLM\..\Run: [OODefragTray] C:\Windows\system32\oodtray.exe
    O4 - HKLM\..\Run: [avgnt] "C:\UTIL\Antivirus\Avira\AntiVir Desktop\avgnt.exe" /min
    O4 - HKLM\..\Run: [TrueImageMonitor.exe] D:\Logiciels Divers\Acronis\TrueImageMonitor.exe
    O4 - HKLM\..\Run: [Service Scheduler2 Acronis] "C:\Program Files\Common Files\Acronis\Schedule2\schedhlp.exe"
    O4 - HKLM\..\Run: [Corel File Shell Monitor] D:\Logiciels Divers\Paint shop pro 12\CorelIOMonitor.exe
    O4 - HKCU\..\Run: [RocketDock] "C:\UTIL\RocketDock\RocketDock.exe"
    O4 - HKCU\..\Run: [Gadwin PrintScreen] "C:\UTIL\GadWin\PrintScreen.exe" /nosplash
    O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
    O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
    O4 - Startup: CircleDock.exe.lnk = D:\Logiciels Divers\CircleDock0.9.2Alpha8.1\CircleDock.exe
    O4 - Startup: Pense-Bête 79f.lnk = C:\Program Files\Pense-bete\pb79f.exe
    O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
    O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
    O9 - Extra button: (no name) - {400A6CFA-E326-4d61-A90C-9AD75358DC5F} - (no file)
    O9 - Extra 'Tools' menuitem: Email ID Préférences - {400A6CFA-E326-4d61-A90C-9AD75358DC5F} - (no file)
    O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\Windows\bdoscandel.exe
    O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\Windows\bdoscandel.exe
    O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MIF5BA~1\Office12\REFIEBAR.DLL
    O9 - Extra button: (no name) - {BC3F6B6D-2E49-4603-B028-7411655713F3} - (no file)
    O9 - Extra 'Tools' menuitem: À propos de Email ID - {BC3F6B6D-2E49-4603-B028-7411655713F3} - (no file)
    O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\UTIL\SPYBOT~1\SDHelper.dll
    O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\UTIL\SPYBOT~1\SDHelper.dll
    O9 - Extra button: Sothink SWF Catcher - {E19ADC6E-3909-43E4-9A89-B7B676377EE3} - C:\Program Files\Common Files\SourceTec\SWF Catcher\InternetExplorer.htm
    O9 - Extra 'Tools' menuitem: Sothink SWF Catcher - {E19ADC6E-3909-43E4-9A89-B7B676377EE3} - C:\Program Files\Common Files\SourceTec\SWF Catcher\InternetExplorer.htm
    O9 - Extra button: Correcteur - {F7C8E5F6-B6D1-45db-8D91-2BCFA5DF11A9} - D:\Logiciels Divers\Antidote 2008\Internet Explorer\7\Antidote K - IE 7.htm (HKCU)
    O9 - Extra button: Dictionnaires - {F9B969E8-58D0-4dd9-AC8A-EE2336FF8F65} - D:\Logiciels Divers\Antidote 2008\Internet Explorer\7\Antidote D - IE 7.htm (HKCU)
    O9 - Extra button: Guides - {FA089E36-3F1B-4c51-9A1A-C4E7012483AF} - D:\Logiciels Divers\Antidote 2008\Internet Explorer\7\Antidote G - IE 7.htm (HKCU)
    O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
    O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
    O13 - Gopher Prefix:
    O15 - Trusted Zone: http://www.secuser.com
    O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262F} (System Requirements Lab) - https://www.nvidia.com/content/DriverDownload/srl/3.0.0.4/srl_bin/sysreqlab_nvd.cab
    O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
    O16 - DPF: {4871A87A-BFDD-4106-8153-FFDE2BAC2967} (DLM Control) - http://dlm.tools.akamai.com/dlmanager/versions/activex/dlm-activex-2.2.5.1.cab
    O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.bitdefender.fr/scan_fr/scan8/oscan8.cab
    O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/...
    O16 - DPF: {70BA88C8-DAE8-4CE9-92BB-979C4A75F53B} - http://www.gamespy.com
    O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - https://www.trendmicro.com/en_us/forHome/products/housecall.html
    O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} (HardwareDetection Control) - http://www.ma-config.com/activex/hardwaredetection_3_1_2_0.cab
    O16 - DPF: {B79A53C0-1DAC-4636-BACE-FD086A7A79BF} (AdSignerLCContrl Class) - https://static.impots.gouv.fr/tdir/static/adpform/AdSignerADP-2.0.cab
    O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
    O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/flashplayer/current/swflash.cab
    O23 - Service: Acronis OS Selector Reinstall Service (AcronisOSSReinstallSvc) - Unknown owner - C:\Program Files\Common Files\Acronis\Acronis Disk Director\oss_reinstall_svc.exe
    O23 - Service: Service Scheduler2 Acronis (AcrSch2Svc) - Acronis - C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe
    O23 - Service: ADSM Service (ADSMService) - Unknown owner - C:\Program Files\ASUS\ASUS Data Security Manager\ADSMSrv.exe
    O23 - Service: Acronis Nonstop Backup service (afcdpsrv) - Acronis - C:\Program Files\Common Files\Acronis\CDP\afcdpsrv.exe
    O23 - Service: AMD External Events Utility - AMD - C:\Windows\system32\atiesrxx.exe
    O23 - Service: Avira AntiVir MailGuard (AntiVirMailService) - Avira GmbH - C:\UTIL\Antivirus\Avira\AntiVir Desktop\avmailc.exe
    O23 - Service: Avira AntiVir Planificateur (AntiVirSchedulerService) - Avira GmbH - C:\UTIL\Antivirus\Avira\AntiVir Desktop\sched.exe
    O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\UTIL\Antivirus\Avira\AntiVir Desktop\avguard.exe
    O23 - Service: Avira AntiVir WebGuard (AntiVirWebService) - Avira GmbH - C:\UTIL\Antivirus\Avira\AntiVir Desktop\AVWEBGRD.EXE
    O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
    O23 - Service: ASLDR Service (ASLDRService) - Unknown owner - C:\Program Files\ATK Hotkey\ASLDRSrv.exe
    O23 - Service: ATKGFNEX Service (ATKGFNEXSrv) - Unknown owner - C:\Program Files\ATKGFNEX\GFNEXSrv.exe
    O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
    O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
    O23 - Service: Google Update Service (gupdate1c95c85dab44e17) (gupdate1c95c85dab44e17) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
    O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
    O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe
    O23 - Service: Iconix Update Service (IconixService) - Unknown owner - C:\Program Files\Common Files\Iconix\IconixService.exe
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
    O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
    O23 - Service: LVCOMSer - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe
    O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
    O23 - Service: LVSrvLauncher - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\SrvLnch\SrvLnch.exe
    O23 - Service: Ma-Config Service (maconfservice) - CybelSoft - C:\UTIL\Ma configue\maconfservice.exe
    O23 - Service: Macromedia Licensing Service - Unknown owner - C:\Program Files\Common Files\Macromedia Shared\Service\Macromedia Licensing.exe
    O23 - Service: MBAMService - Malwarebytes Corporation - C:\UTIL\Malwarebytes' Anti-Malware\mbamservice.exe
    O23 - Service: Nero BackItUp Scheduler 4.0 - Nero AG - C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe
    O23 - Service: O&O Defrag - O&O Software GmbH - C:\Windows\system32\oodag.exe
    O23 - Service: ProtexisLicensing - Unknown owner - C:\Windows\system32\PSIService.exe
    O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
    O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:\UTIL\Spybot - Search & Destroy\SDWinSec.exe
    O23 - Service: Seagate Scheduler2 Service (SgtSch2Svc) - Unknown owner - C:\Program Files\Common Files\Seagate\Schedule2\schedul2.exe (file missing)
    O23 - Service: spmgr - Unknown owner - C:\Program Files\ASUS\NB Probe\SPM\spmgr.exe
    O23 - Service: TabletServicePen - Wacom Technology, Corp. - C:\Windows\system32\Pen_Tablet.exe
    O23 - Service: TomTomHOMEService - TomTom - D:\Logiciels Divers\TomTom HOME 2\TomTomHOMEService.exe
    O23 - Service: Acronis Try And Decide Service (TryAndDecideService) - Unknown owner - C:\Program Files\Common Files\Acronis\Fomatik\TrueImageTryStartService.exe (file missing)
    O23 - Service: TuneUp Drive Defrag Service (TuneUp.Defrag) - TuneUp Software - C:\Windows\System32\TuneUpDefragService.exe
    O23 - Service: TuneUp Program Statistics Service (TuneUp.ProgramStatisticsSvc) - TuneUp Software - C:\Windows\System32\TUProgSt.exe
    0
  9. eZula Messages postés 3509 Statut Contributeur 392
     
    désactive antivir, et reprends le téléchargement de combofix, ainsi que la manip
    0
    1. cachou52fr
       
      Toujours pareil sans l'anti virus
      0
  10. eZula Messages postés 3509 Statut Contributeur 392
     
    dans ce cas retélécharge-le en mode sans échec avec prise ne charge réseau
    0
    1. cachou52fr
       
      bon j'ai tout re téléchargé sans échec et le probleme est pareil( ne trouve pas NircmdB.exe)
      0
  11. eZula Messages postés 3509 Statut Contributeur 392
     
    bon, dernier essai, toujours en ss échec, télécharge-le, renomme-le braviax.exe et lance-le
    0
  12. danetmi
     
    j'ai resolu le probleme avec : outils < option internet > general - suppression de " about blank " et afficher une autre page d'accueil. ensuite > demarrer - executer msconfig et dans la section services et demarrage decocher about blank.
    Un logiciel gratuit tel que Glary Utilities et les sections demarrage ou processus en cours peuvent resoudre le pbme. bonne chance
    0
  13. eZula Messages postés 3509 Statut Contributeur 392
     
    TDSS:le 12/10/2009 à 14:51:51 "C:\Windows\System32\ovfst*.???"
    0
    1. cachou52fr
       
      toujours le meme probleme
      0
  14. eZula Messages postés 3509 Statut Contributeur 392
     
    Télécharge Sysprot https://3c416dfc-a-62cb3a1a-s-sites.googlegroups.com/site/sysprotantirootkit/Home/SysProt.zip?attachauth=ANoY7cqxnzQSAOweMB1j1RjBx63qHLQnx1RrB041ebnNnUkA2E7iUZlFXPn94FP1IUHBJSwoSr5WblYwsVBjiyaDOKhebdI3IV9oewennApIgI_z92W9PJmfwsnozJcQn66wJBG1RP0eCl1Xv_HZjeP-n-Pf2uHskwiOLYePagIzgigsE9RUmK40KwAL0DRxju5sEcAU_uOSbkivGezpyqu7eDpAxIo2TUMVmuDywLmABSKQ80dw0gw%3D&attredirects=2
    dézippe-le et lance l'exécutable
    vas dans l'onglet "Log" et coche ttes les cases, ainsi que "Hidden objects only", puis "create log"
    patiente qques instants, sélectionne "all drives " lorsque c'est demandé" et à la fin poste le rapport SysProtLog.txt qui est dans le même dossier que Sysprot.Exe
    0
  15. cachou52fr
     
    SysProt AntiRootkit v1.0.1.0
    by swatkat

    ******************************************************************************************
    ******************************************************************************************

    No Hidden Processes found

    ******************************************************************************************
    ******************************************************************************************
    No Hidden Kernel Modules found

    ******************************************************************************************
    ******************************************************************************************
    No SSDT Hooks found

    ******************************************************************************************
    ******************************************************************************************
    No Kernel Hooks found

    ******************************************************************************************
    ******************************************************************************************
    No IRP Hooks found

    ******************************************************************************************
    ******************************************************************************************
    Ports:
    Local Address: ROBERT:49795
    Remote Address: SPYNET2.MICROSOFT.COM:HTTPS
    Type: TCP
    Process: 6856 (PID)
    State: ESTABLISHED

    Local Address: ROBERT:49792
    Remote Address: WWW-GOOGLE-ANALYTICS.L.GOOGLE.COM:HTTP
    Type: TCP
    Process: 4356 (PID)
    State: ESTABLISHED

    Local Address: ROBERT:49786
    Remote Address: 81.52.140.16:HTTP
    Type: TCP
    Process: 4356 (PID)
    State: ESTABLISHED

    Local Address: ROBERT:49785
    Remote Address: 81.52.140.16:HTTP
    Type: TCP
    Process: 4356 (PID)
    State: ESTABLISHED

    Local Address: ROBERT:49778
    Remote Address: 81.52.140.16:HTTP
    Type: TCP
    Process: 4356 (PID)
    State: ESTABLISHED

    Local Address: ROBERT:49770
    Remote Address: A350.G.AKAMAI.NET:HTTP
    Type: TCP
    Process: 4356 (PID)
    State: ESTABLISHED

    Local Address: ROBERT:49764
    Remote Address: PAGEAD.L.GOOGLE.COM:HTTP
    Type: TCP
    Process: 4356 (PID)
    State: ESTABLISHED

    Local Address: ROBERT:49762
    Remote Address: PAGEAD.L.GOOGLE.COM:HTTP
    Type: TCP
    Process: 4356 (PID)
    State: ESTABLISHED

    Local Address: ROBERT:49761
    Remote Address: PAGEAD.L.GOOGLE.COM:HTTP
    Type: TCP
    Process: 4356 (PID)
    State: ESTABLISHED

    Local Address: ROBERT:49756
    Remote Address: A2.X.AKAMAI.NET:HTTP
    Type: TCP
    Process: 4356 (PID)
    State: ESTABLISHED

    Local Address: ROBERT:49754
    Remote Address: A2.X.AKAMAI.NET:HTTP
    Type: TCP
    Process: 4356 (PID)
    State: ESTABLISHED

    Local Address: ROBERT:49753
    Remote Address: A2.X.AKAMAI.NET:HTTP
    Type: TCP
    Process: 4356 (PID)
    State: ESTABLISHED

    Local Address: ROBERT:49744
    Remote Address: A1727.B.AKAMAI.NET:HTTP
    Type: TCP
    Process: 4356 (PID)
    State: ESTABLISHED

    Local Address: ROBERT:49738
    Remote Address: WWW.ABCOMPTEUR.COM:HTTP
    Type: TCP
    Process: 0 (PID)
    State: TIME_WAIT

    Local Address: ROBERT:49717
    Remote Address: A4.BING.COM:HTTP
    Type: TCP
    Process: 4356 (PID)
    State: ESTABLISHED

    Local Address: ROBERT:49690
    Remote Address: C.ATDMT.COM.NSATC.NET:HTTP
    Type: TCP
    Process: 4356 (PID)
    State: ESTABLISHED

    Local Address: ROBERT:49686
    Remote Address: PAGEAD.L.DOUBLECLICK.NET:HTTP
    Type: TCP
    Process: 4356 (PID)
    State: ESTABLISHED

    Local Address: ROBERT:49685
    Remote Address: PAGEAD.L.GOOGLE.COM:HTTP
    Type: TCP
    Process: 4356 (PID)
    State: ESTABLISHED

    Local Address: ROBERT:49682
    Remote Address: C.LIVE.COM.NSATC.NET:HTTP
    Type: TCP
    Process: 4356 (PID)
    State: ESTABLISHED

    Local Address: ROBERT:49660
    Remote Address: WWW.BING.COM:HTTP
    Type: TCP
    Process: 4356 (PID)
    State: ESTABLISHED

    Local Address: ROBERT:49658
    Remote Address: PAGEAD.L.GOOGLE.COM:HTTP
    Type: TCP
    Process: 4356 (PID)
    State: ESTABLISHED

    Local Address: ROBERT:49646
    Remote Address: WWW.BING.COM:HTTP
    Type: TCP
    Process: 0 (PID)
    State: TIME_WAIT

    Local Address: ROBERT:49640
    Remote Address: WWW.BING.COM:HTTP
    Type: TCP
    Process: 4356 (PID)
    State: ESTABLISHED

    Local Address: ROBERT:NETBIOS-SSN
    Remote Address: 0.0.0.0:0
    Type: TCP
    Process: 4 (PID)
    State: LISTENING

    Local Address: ROBERT:50300
    Remote Address: LOCALHOST:49157
    Type: TCP
    Process: 3148 (PID)
    State: ESTABLISHED

    Local Address: ROBERT:49791
    Remote Address: LOCALHOST:44080
    Type: TCP
    Process: 6648 (PID)
    State: ESTABLISHED

    Local Address: ROBERT:49782
    Remote Address: LOCALHOST:44080
    Type: TCP
    Process: 6648 (PID)
    State: ESTABLISHED

    Local Address: ROBERT:49781
    Remote Address: LOCALHOST:44080
    Type: TCP
    Process: 6648 (PID)
    State: ESTABLISHED

    Local Address: ROBERT:49780
    Remote Address: LOCALHOST:44080
    Type: TCP
    Process: 6648 (PID)
    State: CLOSE_WAIT

    Local Address: ROBERT:49779
    Remote Address: LOCALHOST:44080
    Type: TCP
    Process: 6648 (PID)
    State: CLOSE_WAIT

    Local Address: ROBERT:49776
    Remote Address: LOCALHOST:44080
    Type: TCP
    Process: 6648 (PID)
    State: ESTABLISHED

    Local Address: ROBERT:49769
    Remote Address: LOCALHOST:44080
    Type: TCP
    Process: 6648 (PID)
    State: ESTABLISHED

    Local Address: ROBERT:49763
    Remote Address: LOCALHOST:44080
    Type: TCP
    Process: 6648 (PID)
    State: ESTABLISHED

    Local Address: ROBERT:49760
    Remote Address: LOCALHOST:44080
    Type: TCP
    Process: 6648 (PID)
    State: ESTABLISHED

    Local Address: ROBERT:49759
    Remote Address: LOCALHOST:44080
    Type: TCP
    Process: 6648 (PID)
    State: ESTABLISHED

    Local Address: ROBERT:49755
    Remote Address: LOCALHOST:44080
    Type: TCP
    Process: 6648 (PID)
    State: ESTABLISHED

    Local Address: ROBERT:49752
    Remote Address: LOCALHOST:44080
    Type: TCP
    Process: 6648 (PID)
    State: ESTABLISHED

    Local Address: ROBERT:49751
    Remote Address: LOCALHOST:44080
    Type: TCP
    Process: 6648 (PID)
    State: ESTABLISHED

    Local Address: ROBERT:49743
    Remote Address: LOCALHOST:44080
    Type: TCP
    Process: 6648 (PID)
    State: ESTABLISHED

    Local Address: ROBERT:49715
    Remote Address: LOCALHOST:44080
    Type: TCP
    Process: 6648 (PID)
    State: ESTABLISHED

    Local Address: ROBERT:49689
    Remote Address: LOCALHOST:44080
    Type: TCP
    Process: 6648 (PID)
    State: ESTABLISHED

    Local Address: ROBERT:49684
    Remote Address: LOCALHOST:44080
    Type: TCP
    Process: 6648 (PID)
    State: ESTABLISHED

    Local Address: ROBERT:49683
    Remote Address: LOCALHOST:44080
    Type: TCP
    Process: 6648 (PID)
    State: ESTABLISHED

    Local Address: ROBERT:49681
    Remote Address: LOCALHOST:44080
    Type: TCP
    Process: 6648 (PID)
    State: ESTABLISHED

    Local Address: ROBERT:49672
    Remote Address: LOCALHOST:44080
    Type: TCP
    Process: 6648 (PID)
    State: CLOSE_WAIT

    Local Address: ROBERT:49661
    Remote Address: LOCALHOST:44080
    Type: TCP
    Process: 6648 (PID)
    State: CLOSE_WAIT

    Local Address: ROBERT:49659
    Remote Address: LOCALHOST:44080
    Type: TCP
    Process: 6648 (PID)
    State: ESTABLISHED

    Local Address: ROBERT:49656
    Remote Address: LOCALHOST:44080
    Type: TCP
    Process: 6648 (PID)
    State: ESTABLISHED

    Local Address: ROBERT:49639
    Remote Address: LOCALHOST:44080
    Type: TCP
    Process: 6648 (PID)
    State: ESTABLISHED

    Local Address: ROBERT:49157
    Remote Address: LOCALHOST:50300
    Type: TCP
    Process: 3048 (PID)
    State: ESTABLISHED

    Local Address: ROBERT:44080
    Remote Address: LOCALHOST:49793
    Type: TCP
    Process: 0 (PID)
    State: TIME_WAIT

    Local Address: ROBERT:44080
    Remote Address: LOCALHOST:49791
    Type: TCP
    Process: 4356 (PID)
    State: ESTABLISHED

    Local Address: ROBERT:44080
    Remote Address: LOCALHOST:49787
    Type: TCP
    Process: 0 (PID)
    State: TIME_WAIT

    Local Address: ROBERT:44080
    Remote Address: LOCALHOST:49782
    Type: TCP
    Process: 4356 (PID)
    State: ESTABLISHED

    Local Address: ROBERT:44080
    Remote Address: LOCALHOST:49781
    Type: TCP
    Process: 4356 (PID)
    State: ESTABLISHED

    Local Address: ROBERT:44080
    Remote Address: LOCALHOST:49780
    Type: TCP
    Process: 4356 (PID)
    State: FIN_WAIT2

    Local Address: ROBERT:44080
    Remote Address: LOCALHOST:49779
    Type: TCP
    Process: 4356 (PID)
    State: FIN_WAIT2

    Local Address: ROBERT:44080
    Remote Address: LOCALHOST:49776
    Type: TCP
    Process: 4356 (PID)
    State: ESTABLISHED

    Local Address: ROBERT:44080
    Remote Address: LOCALHOST:49775
    Type: TCP
    Process: 0 (PID)
    State: TIME_WAIT

    Local Address: ROBERT:44080
    Remote Address: LOCALHOST:49773
    Type: TCP
    Process: 0 (PID)
    State: TIME_WAIT

    Local Address: ROBERT:44080
    Remote Address: LOCALHOST:49771
    Type: TCP
    Process: 0 (PID)
    State: TIME_WAIT

    Local Address: ROBERT:44080
    Remote Address: LOCALHOST:49769
    Type: TCP
    Process: 4356 (PID)
    State: ESTABLISHED

    Local Address: ROBERT:44080
    Remote Address: LOCALHOST:49767
    Type: TCP
    Process: 0 (PID)
    State: TIME_WAIT

    Local Address: ROBERT:44080
    Remote Address: LOCALHOST:49765
    Type: TCP
    Process: 0 (PID)
    State: TIME_WAIT

    Local Address: ROBERT:44080
    Remote Address: LOCALHOST:49763
    Type: TCP
    Process: 4356 (PID)
    State: ESTABLISHED

    Local Address: ROBERT:44080
    Remote Address: LOCALHOST:49760
    Type: TCP
    Process: 4356 (PID)
    State: ESTABLISHED

    Local Address: ROBERT:44080
    Remote Address: LOCALHOST:49759
    Type: TCP
    Process: 4356 (PID)
    State: ESTABLISHED

    Local Address: ROBERT:44080
    Remote Address: LOCALHOST:49757
    Type: TCP
    Process: 0 (PID)
    State: TIME_WAIT

    Local Address: ROBERT:44080
    Remote Address: LOCALHOST:49755
    Type: TCP
    Process: 4356 (PID)
    State: ESTABLISHED

    Local Address: ROBERT:44080
    Remote Address: LOCALHOST:49752
    Type: TCP
    Process: 4356 (PID)
    State: ESTABLISHED

    Local Address: ROBERT:44080
    Remote Address: LOCALHOST:49751
    Type: TCP
    Process: 4356 (PID)
    State: ESTABLISHED

    Local Address: ROBERT:44080
    Remote Address: LOCALHOST:49747
    Type: TCP
    Process: 0 (PID)
    State: TIME_WAIT

    Local Address: ROBERT:44080
    Remote Address: LOCALHOST:49743
    Type: TCP
    Process: 4356 (PID)
    State: ESTABLISHED

    Local Address: ROBERT:44080
    Remote Address: LOCALHOST:49715
    Type: TCP
    Process: 4356 (PID)
    State: ESTABLISHED

    Local Address: ROBERT:44080
    Remote Address: LOCALHOST:49689
    Type: TCP
    Process: 4356 (PID)
    State: ESTABLISHED

    Local Address: ROBERT:44080
    Remote Address: LOCALHOST:49684
    Type: TCP
    Process: 4356 (PID)
    State: ESTABLISHED

    Local Address: ROBERT:44080
    Remote Address: LOCALHOST:49683
    Type: TCP
    Process: 4356 (PID)
    State: ESTABLISHED

    Local Address: ROBERT:44080
    Remote Address: LOCALHOST:49681
    Type: TCP
    Process: 4356 (PID)
    State: ESTABLISHED

    Local Address: ROBERT:44080
    Remote Address: LOCALHOST:49672
    Type: TCP
    Process: 4356 (PID)
    State: FIN_WAIT2

    Local Address: ROBERT:44080
    Remote Address: LOCALHOST:49661
    Type: TCP
    Process: 4356 (PID)
    State: FIN_WAIT2

    Local Address: ROBERT:44080
    Remote Address: LOCALHOST:49659
    Type: TCP
    Process: 4356 (PID)
    State: ESTABLISHED

    Local Address: ROBERT:44080
    Remote Address: LOCALHOST:49656
    Type: TCP
    Process: 4356 (PID)
    State: ESTABLISHED

    Local Address: ROBERT:44080
    Remote Address: LOCALHOST:49639
    Type: TCP
    Process: 4356 (PID)
    State: ESTABLISHED

    Local Address: ROBERT:27015
    Remote Address: 0.0.0.0:0
    Type: TCP
    Process: 2424 (PID)
    State: LISTENING

    Local Address: ROBERT:50300
    Remote Address: 0.0.0.0:0
    Type: TCP
    Process: 3148 (PID)
    State: LISTENING

    Local Address: ROBERT:49161
    Remote Address: 0.0.0.0:0
    Type: TCP
    Process: 4656 (PID)
    State: LISTENING

    Local Address: ROBERT:49158
    Remote Address: 0.0.0.0:0
    Type: TCP
    Process: 844 (PID)
    State: LISTENING

    Local Address: ROBERT:49156
    Remote Address: 0.0.0.0:0
    Type: TCP
    Process: 876 (PID)
    State: LISTENING

    Local Address: ROBERT:49155
    Remote Address: 0.0.0.0:0
    Type: TCP
    Process: 668 (PID)
    State: LISTENING

    Local Address: ROBERT:49154
    Remote Address: 0.0.0.0:0
    Type: TCP
    Process: 1436 (PID)
    State: LISTENING

    Local Address: ROBERT:49153
    Remote Address: 0.0.0.0:0
    Type: TCP
    Process: 1264 (PID)
    State: LISTENING

    Local Address: ROBERT:49152
    Remote Address: 0.0.0.0:0
    Type: TCP
    Process: 792 (PID)
    State: LISTENING

    Local Address: ROBERT:44110
    Remote Address: 0.0.0.0:0
    Type: TCP
    Process: 3884 (PID)
    State: LISTENING

    Local Address: ROBERT:44080
    Remote Address: 0.0.0.0:0
    Type: TCP
    Process: 4356 (PID)
    State: LISTENING

    Local Address: ROBERT:WSD
    Remote Address: 0.0.0.0:0
    Type: TCP
    Process: 4 (PID)
    State: LISTENING

    Local Address: ROBERT:MS-WBT-SERVER
    Remote Address: 0.0.0.0:0
    Type: TCP
    Process: 1660 (PID)
    State: LISTENING

    Local Address: ROBERT:MICROSOFT-DS
    Remote Address: 0.0.0.0:0
    Type: TCP
    Process: 4 (PID)
    State: LISTENING

    Local Address: ROBERT:EPMAP
    Remote Address: 0.0.0.0:0
    Type: TCP
    Process: 1136 (PID)
    State: LISTENING

    Local Address: ROBERT:64891
    Remote Address: NA
    Type: UDP
    Process: 2644 (PID)
    State: NA

    Local Address: ROBERT:SSDP
    Remote Address: NA
    Type: UDP
    Process: 2644 (PID)
    State: NA

    Local Address: ROBERT:138
    Remote Address: NA
    Type: UDP
    Process: 4 (PID)
    State: NA

    Local Address: ROBERT:NETBIOS-NS
    Remote Address: NA
    Type: UDP
    Process: 4 (PID)
    State: NA

    Local Address: ROBERT:64892
    Remote Address: NA
    Type: UDP
    Process: 2644 (PID)
    State: NA

    Local Address: ROBERT:63032
    Remote Address: NA
    Type: UDP
    Process: 6648 (PID)
    State: NA

    Local Address: ROBERT:61248
    Remote Address: NA
    Type: UDP
    Process: 7408 (PID)
    State: NA

    Local Address: ROBERT:50957
    Remote Address: NA
    Type: UDP
    Process: 4304 (PID)
    State: NA

    Local Address: ROBERT:SSDP
    Remote Address: NA
    Type: UDP
    Process: 2644 (PID)
    State: NA

    Local Address: ROBERT:50955
    Remote Address: NA
    Type: UDP
    Process: 1568 (PID)
    State: NA

    Local Address: ROBERT:49152
    Remote Address: NA
    Type: UDP
    Process: 2644 (PID)
    State: NA

    Local Address: ROBERT:LLMNR
    Remote Address: NA
    Type: UDP
    Process: 1660 (PID)
    State: NA

    Local Address: ROBERT:IPSEC-MSFT
    Remote Address: NA
    Type: UDP
    Process: 1436 (PID)
    State: NA

    Local Address: ROBERT:WS-DISCOVERY
    Remote Address: NA
    Type: UDP
    Process: 2644 (PID)
    State: NA

    Local Address: ROBERT:WS-DISCOVERY
    Remote Address: NA
    Type: UDP
    Process: 1568 (PID)
    State: NA

    Local Address: ROBERT:WS-DISCOVERY
    Remote Address: NA
    Type: UDP
    Process: 1568 (PID)
    State: NA

    Local Address: ROBERT:WS-DISCOVERY
    Remote Address: NA
    Type: UDP
    Process: 2644 (PID)
    State: NA

    Local Address: ROBERT:500
    Remote Address: NA
    Type: UDP
    Process: 1436 (PID)
    State: NA

    ******************************************************************************************
    ******************************************************************************************
    No hidden files/folders found
    0
  16. cachou52fr
     
    SysProt AntiRootkit v1.0.1.0
    by swatkat

    ******************************************************************************************
    ******************************************************************************************

    No Hidden Processes found

    ******************************************************************************************
    ******************************************************************************************
    No Hidden Kernel Modules found

    ******************************************************************************************
    ******************************************************************************************
    No SSDT Hooks found

    ******************************************************************************************
    ******************************************************************************************
    No Kernel Hooks found

    ******************************************************************************************
    ******************************************************************************************
    No IRP Hooks found

    ******************************************************************************************
    ******************************************************************************************
    Ports:
    Local Address: ROBERT:49795
    Remote Address: SPYNET2.MICROSOFT.COM:HTTPS
    Type: TCP
    Process: 6856 (PID)
    State: ESTABLISHED

    Local Address: ROBERT:49792
    Remote Address: WWW-GOOGLE-ANALYTICS.L.GOOGLE.COM:HTTP
    Type: TCP
    Process: 4356 (PID)
    State: ESTABLISHED

    Local Address: ROBERT:49786
    Remote Address: 81.52.140.16:HTTP
    Type: TCP
    Process: 4356 (PID)
    State: ESTABLISHED

    Local Address: ROBERT:49785
    Remote Address: 81.52.140.16:HTTP
    Type: TCP
    Process: 4356 (PID)
    State: ESTABLISHED

    Local Address: ROBERT:49778
    Remote Address: 81.52.140.16:HTTP
    Type: TCP
    Process: 4356 (PID)
    State: ESTABLISHED

    Local Address: ROBERT:49770
    Remote Address: A350.G.AKAMAI.NET:HTTP
    Type: TCP
    Process: 4356 (PID)
    State: ESTABLISHED

    Local Address: ROBERT:49764
    Remote Address: PAGEAD.L.GOOGLE.COM:HTTP
    Type: TCP
    Process: 4356 (PID)
    State: ESTABLISHED

    Local Address: ROBERT:49762
    Remote Address: PAGEAD.L.GOOGLE.COM:HTTP
    Type: TCP
    Process: 4356 (PID)
    State: ESTABLISHED

    Local Address: ROBERT:49761
    Remote Address: PAGEAD.L.GOOGLE.COM:HTTP
    Type: TCP
    Process: 4356 (PID)
    State: ESTABLISHED

    Local Address: ROBERT:49756
    Remote Address: A2.X.AKAMAI.NET:HTTP
    Type: TCP
    Process: 4356 (PID)
    State: ESTABLISHED

    Local Address: ROBERT:49754
    Remote Address: A2.X.AKAMAI.NET:HTTP
    Type: TCP
    Process: 4356 (PID)
    State: ESTABLISHED

    Local Address: ROBERT:49753
    Remote Address: A2.X.AKAMAI.NET:HTTP
    Type: TCP
    Process: 4356 (PID)
    State: ESTABLISHED

    Local Address: ROBERT:49744
    Remote Address: A1727.B.AKAMAI.NET:HTTP
    Type: TCP
    Process: 4356 (PID)
    State: ESTABLISHED

    Local Address: ROBERT:49738
    Remote Address: WWW.ABCOMPTEUR.COM:HTTP
    Type: TCP
    Process: 0 (PID)
    State: TIME_WAIT

    Local Address: ROBERT:49717
    Remote Address: A4.BING.COM:HTTP
    Type: TCP
    Process: 4356 (PID)
    State: ESTABLISHED

    Local Address: ROBERT:49690
    Remote Address: C.ATDMT.COM.NSATC.NET:HTTP
    Type: TCP
    Process: 4356 (PID)
    State: ESTABLISHED

    Local Address: ROBERT:49686
    Remote Address: PAGEAD.L.DOUBLECLICK.NET:HTTP
    Type: TCP
    Process: 4356 (PID)
    State: ESTABLISHED

    Local Address: ROBERT:49685
    Remote Address: PAGEAD.L.GOOGLE.COM:HTTP
    Type: TCP
    Process: 4356 (PID)
    State: ESTABLISHED

    Local Address: ROBERT:49682
    Remote Address: C.LIVE.COM.NSATC.NET:HTTP
    Type: TCP
    Process: 4356 (PID)
    State: ESTABLISHED

    Local Address: ROBERT:49660
    Remote Address: WWW.BING.COM:HTTP
    Type: TCP
    Process: 4356 (PID)
    State: ESTABLISHED

    Local Address: ROBERT:49658
    Remote Address: PAGEAD.L.GOOGLE.COM:HTTP
    Type: TCP
    Process: 4356 (PID)
    State: ESTABLISHED

    Local Address: ROBERT:49646
    Remote Address: WWW.BING.COM:HTTP
    Type: TCP
    Process: 0 (PID)
    State: TIME_WAIT

    Local Address: ROBERT:49640
    Remote Address: WWW.BING.COM:HTTP
    Type: TCP
    Process: 4356 (PID)
    State: ESTABLISHED

    Local Address: ROBERT:NETBIOS-SSN
    Remote Address: 0.0.0.0:0
    Type: TCP
    Process: 4 (PID)
    State: LISTENING

    Local Address: ROBERT:50300
    Remote Address: LOCALHOST:49157
    Type: TCP
    Process: 3148 (PID)
    State: ESTABLISHED

    Local Address: ROBERT:49791
    Remote Address: LOCALHOST:44080
    Type: TCP
    Process: 6648 (PID)
    State: ESTABLISHED

    Local Address: ROBERT:49782
    Remote Address: LOCALHOST:44080
    Type: TCP
    Process: 6648 (PID)
    State: ESTABLISHED

    Local Address: ROBERT:49781
    Remote Address: LOCALHOST:44080
    Type: TCP
    Process: 6648 (PID)
    State: ESTABLISHED

    Local Address: ROBERT:49780
    Remote Address: LOCALHOST:44080
    Type: TCP
    Process: 6648 (PID)
    State: CLOSE_WAIT

    Local Address: ROBERT:49779
    Remote Address: LOCALHOST:44080
    Type: TCP
    Process: 6648 (PID)
    State: CLOSE_WAIT

    Local Address: ROBERT:49776
    Remote Address: LOCALHOST:44080
    Type: TCP
    Process: 6648 (PID)
    State: ESTABLISHED

    Local Address: ROBERT:49769
    Remote Address: LOCALHOST:44080
    Type: TCP
    Process: 6648 (PID)
    State: ESTABLISHED

    Local Address: ROBERT:49763
    Remote Address: LOCALHOST:44080
    Type: TCP
    Process: 6648 (PID)
    State: ESTABLISHED

    Local Address: ROBERT:49760
    Remote Address: LOCALHOST:44080
    Type: TCP
    Process: 6648 (PID)
    State: ESTABLISHED

    Local Address: ROBERT:49759
    Remote Address: LOCALHOST:44080
    Type: TCP
    Process: 6648 (PID)
    State: ESTABLISHED

    Local Address: ROBERT:49755
    Remote Address: LOCALHOST:44080
    Type: TCP
    Process: 6648 (PID)
    State: ESTABLISHED

    Local Address: ROBERT:49752
    Remote Address: LOCALHOST:44080
    Type: TCP
    Process: 6648 (PID)
    State: ESTABLISHED

    Local Address: ROBERT:49751
    Remote Address: LOCALHOST:44080
    Type: TCP
    Process: 6648 (PID)
    State: ESTABLISHED

    Local Address: ROBERT:49743
    Remote Address: LOCALHOST:44080
    Type: TCP
    Process: 6648 (PID)
    State: ESTABLISHED

    Local Address: ROBERT:49715
    Remote Address: LOCALHOST:44080
    Type: TCP
    Process: 6648 (PID)
    State: ESTABLISHED

    Local Address: ROBERT:49689
    Remote Address: LOCALHOST:44080
    Type: TCP
    Process: 6648 (PID)
    State: ESTABLISHED

    Local Address: ROBERT:49684
    Remote Address: LOCALHOST:44080
    Type: TCP
    Process: 6648 (PID)
    State: ESTABLISHED

    Local Address: ROBERT:49683
    Remote Address: LOCALHOST:44080
    Type: TCP
    Process: 6648 (PID)
    State: ESTABLISHED

    Local Address: ROBERT:49681
    Remote Address: LOCALHOST:44080
    Type: TCP
    Process: 6648 (PID)
    State: ESTABLISHED

    Local Address: ROBERT:49672
    Remote Address: LOCALHOST:44080
    Type: TCP
    Process: 6648 (PID)
    State: CLOSE_WAIT

    Local Address: ROBERT:49661
    Remote Address: LOCALHOST:44080
    Type: TCP
    Process: 6648 (PID)
    State: CLOSE_WAIT

    Local Address: ROBERT:49659
    Remote Address: LOCALHOST:44080
    Type: TCP
    Process: 6648 (PID)
    State: ESTABLISHED

    Local Address: ROBERT:49656
    Remote Address: LOCALHOST:44080
    Type: TCP
    Process: 6648 (PID)
    State: ESTABLISHED

    Local Address: ROBERT:49639
    Remote Address: LOCALHOST:44080
    Type: TCP
    Process: 6648 (PID)
    State: ESTABLISHED

    Local Address: ROBERT:49157
    Remote Address: LOCALHOST:50300
    Type: TCP
    Process: 3048 (PID)
    State: ESTABLISHED

    Local Address: ROBERT:44080
    Remote Address: LOCALHOST:49793
    Type: TCP
    Process: 0 (PID)
    State: TIME_WAIT

    Local Address: ROBERT:44080
    Remote Address: LOCALHOST:49791
    Type: TCP
    Process: 4356 (PID)
    State: ESTABLISHED

    Local Address: ROBERT:44080
    Remote Address: LOCALHOST:49787
    Type: TCP
    Process: 0 (PID)
    State: TIME_WAIT

    Local Address: ROBERT:44080
    Remote Address: LOCALHOST:49782
    Type: TCP
    Process: 4356 (PID)
    State: ESTABLISHED

    Local Address: ROBERT:44080
    Remote Address: LOCALHOST:49781
    Type: TCP
    Process: 4356 (PID)
    State: ESTABLISHED

    Local Address: ROBERT:44080
    Remote Address: LOCALHOST:49780
    Type: TCP
    Process: 4356 (PID)
    State: FIN_WAIT2

    Local Address: ROBERT:44080
    Remote Address: LOCALHOST:49779
    Type: TCP
    Process: 4356 (PID)
    State: FIN_WAIT2

    Local Address: ROBERT:44080
    Remote Address: LOCALHOST:49776
    Type: TCP
    Process: 4356 (PID)
    State: ESTABLISHED

    Local Address: ROBERT:44080
    Remote Address: LOCALHOST:49775
    Type: TCP
    Process: 0 (PID)
    State: TIME_WAIT

    Local Address: ROBERT:44080
    Remote Address: LOCALHOST:49773
    Type: TCP
    Process: 0 (PID)
    State: TIME_WAIT

    Local Address: ROBERT:44080
    Remote Address: LOCALHOST:49771
    Type: TCP
    Process: 0 (PID)
    State: TIME_WAIT

    Local Address: ROBERT:44080
    Remote Address: LOCALHOST:49769
    Type: TCP
    Process: 4356 (PID)
    State: ESTABLISHED

    Local Address: ROBERT:44080
    Remote Address: LOCALHOST:49767
    Type: TCP
    Process: 0 (PID)
    State: TIME_WAIT

    Local Address: ROBERT:44080
    Remote Address: LOCALHOST:49765
    Type: TCP
    Process: 0 (PID)
    State: TIME_WAIT

    Local Address: ROBERT:44080
    Remote Address: LOCALHOST:49763
    Type: TCP
    Process: 4356 (PID)
    State: ESTABLISHED

    Local Address: ROBERT:44080
    Remote Address: LOCALHOST:49760
    Type: TCP
    Process: 4356 (PID)
    State: ESTABLISHED

    Local Address: ROBERT:44080
    Remote Address: LOCALHOST:49759
    Type: TCP
    Process: 4356 (PID)
    State: ESTABLISHED

    Local Address: ROBERT:44080
    Remote Address: LOCALHOST:49757
    Type: TCP
    Process: 0 (PID)
    State: TIME_WAIT

    Local Address: ROBERT:44080
    Remote Address: LOCALHOST:49755
    Type: TCP
    Process: 4356 (PID)
    State: ESTABLISHED

    Local Address: ROBERT:44080
    Remote Address: LOCALHOST:49752
    Type: TCP
    Process: 4356 (PID)
    State: ESTABLISHED

    Local Address: ROBERT:44080
    Remote Address: LOCALHOST:49751
    Type: TCP
    Process: 4356 (PID)
    State: ESTABLISHED

    Local Address: ROBERT:44080
    Remote Address: LOCALHOST:49747
    Type: TCP
    Process: 0 (PID)
    State: TIME_WAIT

    Local Address: ROBERT:44080
    Remote Address: LOCALHOST:49743
    Type: TCP
    Process: 4356 (PID)
    State: ESTABLISHED

    Local Address: ROBERT:44080
    Remote Address: LOCALHOST:49715
    Type: TCP
    Process: 4356 (PID)
    State: ESTABLISHED

    Local Address: ROBERT:44080
    Remote Address: LOCALHOST:49689
    Type: TCP
    Process: 4356 (PID)
    State: ESTABLISHED

    Local Address: ROBERT:44080
    Remote Address: LOCALHOST:49684
    Type: TCP
    Process: 4356 (PID)
    State: ESTABLISHED

    Local Address: ROBERT:44080
    Remote Address: LOCALHOST:49683
    Type: TCP
    Process: 4356 (PID)
    State: ESTABLISHED

    Local Address: ROBERT:44080
    Remote Address: LOCALHOST:49681
    Type: TCP
    Process: 4356 (PID)
    State: ESTABLISHED

    Local Address: ROBERT:44080
    Remote Address: LOCALHOST:49672
    Type: TCP
    Process: 4356 (PID)
    State: FIN_WAIT2

    Local Address: ROBERT:44080
    Remote Address: LOCALHOST:49661
    Type: TCP
    Process: 4356 (PID)
    State: FIN_WAIT2

    Local Address: ROBERT:44080
    Remote Address: LOCALHOST:49659
    Type: TCP
    Process: 4356 (PID)
    State: ESTABLISHED

    Local Address: ROBERT:44080
    Remote Address: LOCALHOST:49656
    Type: TCP
    Process: 4356 (PID)
    State: ESTABLISHED

    Local Address: ROBERT:44080
    Remote Address: LOCALHOST:49639
    Type: TCP
    Process: 4356 (PID)
    State: ESTABLISHED

    Local Address: ROBERT:27015
    Remote Address: 0.0.0.0:0
    Type: TCP
    Process: 2424 (PID)
    State: LISTENING

    Local Address: ROBERT:50300
    Remote Address: 0.0.0.0:0
    Type: TCP
    Process: 3148 (PID)
    State: LISTENING

    Local Address: ROBERT:49161
    Remote Address: 0.0.0.0:0
    Type: TCP
    Process: 4656 (PID)
    State: LISTENING

    Local Address: ROBERT:49158
    Remote Address: 0.0.0.0:0
    Type: TCP
    Process: 844 (PID)
    State: LISTENING

    Local Address: ROBERT:49156
    Remote Address: 0.0.0.0:0
    Type: TCP
    Process: 876 (PID)
    State: LISTENING

    Local Address: ROBERT:49155
    Remote Address: 0.0.0.0:0
    Type: TCP
    Process: 668 (PID)
    State: LISTENING

    Local Address: ROBERT:49154
    Remote Address: 0.0.0.0:0
    Type: TCP
    Process: 1436 (PID)
    State: LISTENING

    Local Address: ROBERT:49153
    Remote Address: 0.0.0.0:0
    Type: TCP
    Process: 1264 (PID)
    State: LISTENING

    Local Address: ROBERT:49152
    Remote Address: 0.0.0.0:0
    Type: TCP
    Process: 792 (PID)
    State: LISTENING

    Local Address: ROBERT:44110
    Remote Address: 0.0.0.0:0
    Type: TCP
    Process: 3884 (PID)
    State: LISTENING

    Local Address: ROBERT:44080
    Remote Address: 0.0.0.0:0
    Type: TCP
    Process: 4356 (PID)
    State: LISTENING

    Local Address: ROBERT:WSD
    Remote Address: 0.0.0.0:0
    Type: TCP
    Process: 4 (PID)
    State: LISTENING

    Local Address: ROBERT:MS-WBT-SERVER
    Remote Address: 0.0.0.0:0
    Type: TCP
    Process: 1660 (PID)
    State: LISTENING

    Local Address: ROBERT:MICROSOFT-DS
    Remote Address: 0.0.0.0:0
    Type: TCP
    Process: 4 (PID)
    State: LISTENING

    Local Address: ROBERT:EPMAP
    Remote Address: 0.0.0.0:0
    Type: TCP
    Process: 1136 (PID)
    State: LISTENING

    Local Address: ROBERT:64891
    Remote Address: NA
    Type: UDP
    Process: 2644 (PID)
    State: NA

    Local Address: ROBERT:SSDP
    Remote Address: NA
    Type: UDP
    Process: 2644 (PID)
    State: NA

    Local Address: ROBERT:138
    Remote Address: NA
    Type: UDP
    Process: 4 (PID)
    State: NA

    Local Address: ROBERT:NETBIOS-NS
    Remote Address: NA
    Type: UDP
    Process: 4 (PID)
    State: NA

    Local Address: ROBERT:64892
    Remote Address: NA
    Type: UDP
    Process: 2644 (PID)
    State: NA

    Local Address: ROBERT:63032
    Remote Address: NA
    Type: UDP
    Process: 6648 (PID)
    State: NA

    Local Address: ROBERT:61248
    Remote Address: NA
    Type: UDP
    Process: 7408 (PID)
    State: NA

    Local Address: ROBERT:50957
    Remote Address: NA
    Type: UDP
    Process: 4304 (PID)
    State: NA

    Local Address: ROBERT:SSDP
    Remote Address: NA
    Type: UDP
    Process: 2644 (PID)
    State: NA

    Local Address: ROBERT:50955
    Remote Address: NA
    Type: UDP
    Process: 1568 (PID)
    State: NA

    Local Address: ROBERT:49152
    Remote Address: NA
    Type: UDP
    Process: 2644 (PID)
    State: NA

    Local Address: ROBERT:LLMNR
    Remote Address: NA
    Type: UDP
    Process: 1660 (PID)
    State: NA

    Local Address: ROBERT:IPSEC-MSFT
    Remote Address: NA
    Type: UDP
    Process: 1436 (PID)
    State: NA

    Local Address: ROBERT:WS-DISCOVERY
    Remote Address: NA
    Type: UDP
    Process: 2644 (PID)
    State: NA

    Local Address: ROBERT:WS-DISCOVERY
    Remote Address: NA
    Type: UDP
    Process: 1568 (PID)
    State: NA

    Local Address: ROBERT:WS-DISCOVERY
    Remote Address: NA
    Type: UDP
    Process: 1568 (PID)
    State: NA

    Local Address: ROBERT:WS-DISCOVERY
    Remote Address: NA
    Type: UDP
    Process: 2644 (PID)
    State: NA

    Local Address: ROBERT:500
    Remote Address: NA
    Type: UDP
    Process: 1436 (PID)
    State: NA

    ******************************************************************************************
    ******************************************************************************************
    No hidden files/folders found
    0
  17. eZula Messages postés 3509 Statut Contributeur 392
     
    ---> Télécharge Gmer http://www2.gmer.net/gmer.zip sur ton Bureau.

    ---> Extrais le contenu de l'archive puis renomme gmer.exe en tib.exe (Le .exe n'est pas forcément visible).
    sur ton burreau

    ---> Double-clique sur tib.exe.

    ---> si tu as un message warning
    comme celui la
    http://www.genproc.com/gmer.JPG
    clique non puis save, et enregistre sur ton Bureau "gmer.txt".

    ---> Double-clique sur "gmer.txt", le rapport apparaît, poste-le.
    0
    1. cachou52fr
       
      GMER 1.0.15.15125 - http://www.gmer.net
      Rootkit quick scan 2009-10-13 18:34:48
      Windows 6.1.7100
      Running: tib.exe; Driver: C:\Users\Robert\AppData\Local\Temp\pwldrpow.sys


      ---- Devices - GMER 1.0.15 ----

      AttachedDevice \FileSystem\Ntfs \Ntfs AsDsm.sys (Data Security Manager Driver/Windows (R) Codename Longhorn DDK provider)
      AttachedDevice \FileSystem\Ntfs \Ntfs tdrpm251.sys (Acronis Try&Decide Volume Filter Driver/Acronis)
      AttachedDevice \FileSystem\fastfat \Fat fltmgr.sys (Gestionnaire de filtres de système de fichiers Microsoft/Microsoft Corporation)
      AttachedDevice \FileSystem\fastfat \Fat tdrpm251.sys (Acronis Try&Decide Volume Filter Driver/Acronis)
      AttachedDevice \Driver\kbdclass \Device\KeyboardClass0 Wdf01000.sys (Runtime de l’infrastructure de pilotes en mode noyau/Microsoft Corporation)
      AttachedDevice \Driver\kbdclass \Device\KeyboardClass1 Wdf01000.sys (Runtime de l’infrastructure de pilotes en mode noyau/Microsoft Corporation)

      ---- EOF - GMER 1.0.15 ----
      0
  18. eZula Messages postés 3509 Statut Contributeur 392
     
    Dans une fenêtre de commande écris cette instruction et poste le résultat

    dir C:\Windows\System32\ovfst*.???
    0
    1. cachou52fr
       
      je comprend pas ?
      0
    2. cachou52fr
       
      dans Exécuter que je dois écrire cette instruction ?
      0
    3. cachou52fr
       
      Microsoft Windows [version 6.1.7100]
      Copyright (c) 2009 Microsoft Corporation. Tous droits réservés.

      C:\Users\Robert>dir C:\Windows\system32\ovfst*.???
      Le volume dans le lecteur C s'appelle VistaOS
      Le numéro de série du volume est DC80-476F

      Répertoire de C:\Windows\system32

      Fichier introuvable

      C:\Users\Robert>
      0
  19. eZula Messages postés 3509 Statut Contributeur 392
     
    Relance GenProc et dis moi si tu as toujours ton problème
    0
    1. cachou52fr
       
      Rapport GenProc 2.637 [2] - 13/10/2009 à 20:37:10
      @ Windows 7 - Mode normal
      @ Internet Explorer (8.0.7100.0) [Navigateur par défaut]

      ~~ CM DISK ERROR ~~

      GenProc n'a détecté aucune infection caractéristique et suggère de suivre la procédure suivante :


      # Etape 1/ Télécharge :
      ToolsCleaner! http://pc-system.fr/ (A.Rothstein & Dj QUIOU) sur ton Bureau.

      # Etape 2/
      - Double-clique sur ToolsCleaner2.exe pour le lancer.
      - Clique sur Recherche et laisse le scan agir.
      - Clique sur Suppression pour finaliser.
      - Tu peux, si tu le souhaites, te servir des Options Facultatives.
      - Clique sur Quitter pour obtenir le rapport C:\TCleaner.txt


      # Etape 3/
      Poste un rapport Nod32 https://www.eset.com/ (il faut utiliser Internet Explorer)
      - coche toutes les cases à chaque fois, et lorsque c'est terminé, colle le rapport :
      C:\Program Files\EsetOnlineScanner\log.txt




      ~~~~ INFORMATION COMPLEMENTAIRE ~~~~


      Logfile of Trend Micro HijackThis v2.0.2
      Scan saved at 20:38:10, on 13/10/2009
      Platform: Unknown Windows (WinNT 6.01.3004)
      MSIE: Internet Explorer v8.00 (8.00.7100.0000)
      Boot mode: Normal

      Running processes:
      C:\Windows\system32\Dwm.exe
      C:\Windows\system32\taskeng.exe
      C:\Windows\system32\taskhost.exe
      C:\Program Files\ASUS\ASUS Live Update\ALU.exe
      C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe
      C:\Windows\system32\taskeng.exe
      C:\Windows\system32\WTablet\Pen_TabletUser.exe
      C:\Windows\System32\oodtray.exe
      C:\UTIL\Malwarebytes' Anti-Malware\mbamgui.exe
      C:\Program Files\Microsoft IntelliPoint\ipoint.exe
      D:\Logiciels Divers\Paint shop pro 12\CorelIOMonitor.exe
      C:\UTIL\Antivirus\Avira\AntiVir Desktop\avgnt.exe
      C:\Windows\ASScrPro.exe
      C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
      C:\Program Files\Java\jre6\bin\jusched.exe
      C:\Windows\RtHDVCpl.exe
      D:\Logiciels Divers\Acronis\TrueImageMonitor.exe
      C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe
      C:\UTIL\GadWin\PrintScreen.exe
      C:\UTIL\RocketDock\RocketDock.exe
      C:\Program Files\Windows Sidebar\sidebar.exe
      D:\Logiciels Divers\CircleDock0.9.2Alpha8.1\CircleDock.exe
      C:\Program Files\Pense-bete\pb79f.exe
      C:\Program Files\Common Files\Microsoft Shared\Ink\InputPersonalization.exe
      C:\Windows\Explorer.exe
      C:\Windows\system32\Macromed\Flash\FlashUtil10c.exe
      C:\Program Files\Windows Live\Toolbar\wltuser.exe
      C:\Windows\system32\SearchFilterHost.exe
      C:\Program Files\Internet Explorer\iexplore.exe
      C:\Program Files\Internet Explorer\iexplore.exe
      C:\Program Files\Google\Google Toolbar\GoogleToolbarUser_32.exe
      C:\Windows\system32\cmd.exe
      C:\Windows\system32\conhost.exe
      C:\GenProc\outil\Robert_GenProc.exe

      R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.asus.com/fr/
      R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.bing.com/?toHttps=1&redig=F6E03C3CC058415AA40F1BC2D47E2332
      R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.asus.com/fr/
      R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
      R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
      R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
      O2 - BHO: SnagIt Toolbar Loader - {00C6482D-C502-44C8-8409-FCE54AD9C208} - D:\Logiciels Divers\Snagit\SnagItBHO.dll
      O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
      O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\UTIL\SPYBOT~1\SDHelper.dll
      O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
      O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
      O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
      O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.2.4204.1700\swg.dll
      O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_B7C5AC242193BB3E.dll
      O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
      O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
      O3 - Toolbar: SnagIt - {8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3} - D:\Logiciels Divers\Snagit\SnagItIEAddin.dll
      O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
      O4 - HKLM\..\Run: [OODefragTray] C:\Windows\system32\oodtray.exe
      O4 - HKLM\..\Run: [Malwarebytes' Anti-Malware] "C:\UTIL\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray
      O4 - HKLM\..\Run: [IntelliPoint] "C:\Program Files\Microsoft IntelliPoint\ipoint.exe"
      O4 - HKLM\..\Run: [Corel File Shell Monitor] D:\Logiciels Divers\Paint shop pro 12\CorelIOMonitor.exe
      O4 - HKLM\..\Run: [avgnt] "C:\UTIL\Antivirus\Avira\AntiVir Desktop\avgnt.exe" /min
      O4 - HKLM\..\Run: [ASUS Screen Saver Protector] C:\Windows\ASScrPro.exe
      O4 - HKLM\..\Run: [ASUS Camera ScreenSaver] C:\Windows\ASScrProlog.exe
      O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
      O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
      O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
      O4 - HKLM\..\Run: [AcronisTimounterMonitor] D:\Logiciels Divers\Acronis\TimounterMonitor.exe
      O4 - HKLM\..\Run: [TrueImageMonitor.exe] D:\Logiciels Divers\Acronis\TrueImageMonitor.exe
      O4 - HKLM\..\Run: [SMSERIAL] C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe
      O4 - HKLM\..\Run: [AdobeCS4ServiceManager] "C:\Program Files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe" -launchedbylogin
      O4 - HKCU\..\Run: [Gadwin PrintScreen] "C:\UTIL\GadWin\PrintScreen.exe" /nosplash
      O4 - HKCU\..\Run: [RocketDock] "C:\UTIL\RocketDock\RocketDock.exe"
      O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
      O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
      O4 - Startup: CircleDock.exe.lnk = D:\Logiciels Divers\CircleDock0.9.2Alpha8.1\CircleDock.exe
      O4 - Startup: Pense-Bête 79f.lnk = C:\Program Files\Pense-bete\pb79f.exe
      O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
      O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
      O9 - Extra button: (no name) - {400A6CFA-E326-4d61-A90C-9AD75358DC5F} - (no file)
      O9 - Extra 'Tools' menuitem: Email ID Préférences - {400A6CFA-E326-4d61-A90C-9AD75358DC5F} - (no file)
      O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\Windows\bdoscandel.exe
      O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\Windows\bdoscandel.exe
      O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MIF5BA~1\Office12\REFIEBAR.DLL
      O9 - Extra button: (no name) - {BC3F6B6D-2E49-4603-B028-7411655713F3} - (no file)
      O9 - Extra 'Tools' menuitem: À propos de Email ID - {BC3F6B6D-2E49-4603-B028-7411655713F3} - (no file)
      O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\UTIL\SPYBOT~1\SDHelper.dll
      O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\UTIL\SPYBOT~1\SDHelper.dll
      O9 - Extra button: Sothink SWF Catcher - {E19ADC6E-3909-43E4-9A89-B7B676377EE3} - C:\Program Files\Common Files\SourceTec\SWF Catcher\InternetExplorer.htm
      O9 - Extra 'Tools' menuitem: Sothink SWF Catcher - {E19ADC6E-3909-43E4-9A89-B7B676377EE3} - C:\Program Files\Common Files\SourceTec\SWF Catcher\InternetExplorer.htm
      O9 - Extra button: Correcteur - {F7C8E5F6-B6D1-45db-8D91-2BCFA5DF11A9} - D:\Logiciels Divers\Antidote 2008\Internet Explorer\7\Antidote K - IE 7.htm (HKCU)
      O9 - Extra button: Dictionnaires - {F9B969E8-58D0-4dd9-AC8A-EE2336FF8F65} - D:\Logiciels Divers\Antidote 2008\Internet Explorer\7\Antidote D - IE 7.htm (HKCU)
      O9 - Extra button: Guides - {FA089E36-3F1B-4c51-9A1A-C4E7012483AF} - D:\Logiciels Divers\Antidote 2008\Internet Explorer\7\Antidote G - IE 7.htm (HKCU)
      O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
      O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
      O13 - Gopher Prefix:
      O15 - Trusted Zone: http://www.secuser.com
      O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262F} (System Requirements Lab) - https://www.nvidia.com/content/DriverDownload/srl/3.0.0.4/srl_bin/sysreqlab_nvd.cab
      O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
      O16 - DPF: {4871A87A-BFDD-4106-8153-FFDE2BAC2967} (DLM Control) - http://dlm.tools.akamai.com/dlmanager/versions/activex/dlm-activex-2.2.5.1.cab
      O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.bitdefender.fr/scan_fr/scan8/oscan8.cab
      O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/...
      O16 - DPF: {70BA88C8-DAE8-4CE9-92BB-979C4A75F53B} - http://www.gamespy.com
      O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - https://www.trendmicro.com/en_us/forHome/products/housecall.html
      O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} (HardwareDetection Control) - http://www.ma-config.com/activex/hardwaredetection_3_1_2_0.cab
      O16 - DPF: {B79A53C0-1DAC-4636-BACE-FD086A7A79BF} (AdSignerLCContrl Class) - https://static.impots.gouv.fr/tdir/static/adpform/AdSignerADP-2.0.cab
      O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
      O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/flashplayer/current/swflash.cab
      O23 - Service: Acronis OS Selector Reinstall Service (AcronisOSSReinstallSvc) - Unknown owner - C:\Program Files\Common Files\Acronis\Acronis Disk Director\oss_reinstall_svc.exe
      O23 - Service: Service Scheduler2 Acronis (AcrSch2Svc) - Acronis - C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe
      O23 - Service: ADSM Service (ADSMService) - Unknown owner - C:\Program Files\ASUS\ASUS Data Security Manager\ADSMSrv.exe
      O23 - Service: Acronis Nonstop Backup service (afcdpsrv) - Acronis - C:\Program Files\Common Files\Acronis\CDP\afcdpsrv.exe
      O23 - Service: AMD External Events Utility - AMD - C:\Windows\system32\atiesrxx.exe
      O23 - Service: Avira AntiVir MailGuard (AntiVirMailService) - Avira GmbH - C:\UTIL\Antivirus\Avira\AntiVir Desktop\avmailc.exe
      O23 - Service: Avira AntiVir Planificateur (AntiVirSchedulerService) - Avira GmbH - C:\UTIL\Antivirus\Avira\AntiVir Desktop\sched.exe
      O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\UTIL\Antivirus\Avira\AntiVir Desktop\avguard.exe
      O23 - Service: Avira AntiVir WebGuard (AntiVirWebService) - Avira GmbH - C:\UTIL\Antivirus\Avira\AntiVir Desktop\AVWEBGRD.EXE
      O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
      O23 - Service: ASLDR Service (ASLDRService) - Unknown owner - C:\Program Files\ATK Hotkey\ASLDRSrv.exe
      O23 - Service: ATKGFNEX Service (ATKGFNEXSrv) - Unknown owner - C:\Program Files\ATKGFNEX\GFNEXSrv.exe
      O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
      O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
      O23 - Service: Google Update Service (gupdate1c95c85dab44e17) (gupdate1c95c85dab44e17) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
      O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
      O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe
      O23 - Service: Iconix Update Service (IconixService) - Unknown owner - C:\Program Files\Common Files\Iconix\IconixService.exe
      O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
      O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
      O23 - Service: LVCOMSer - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe
      O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
      O23 - Service: LVSrvLauncher - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\SrvLnch\SrvLnch.exe
      O23 - Service: Ma-Config Service (maconfservice) - CybelSoft - C:\UTIL\Ma configue\maconfservice.exe
      O23 - Service: Macromedia Licensing Service - Unknown owner - C:\Program Files\Common Files\Macromedia Shared\Service\Macromedia Licensing.exe
      O23 - Service: MBAMService - Malwarebytes Corporation - C:\UTIL\Malwarebytes' Anti-Malware\mbamservice.exe
      O23 - Service: Nero BackItUp Scheduler 4.0 - Nero AG - C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe
      O23 - Service: O&O Defrag - O&O Software GmbH - C:\Windows\system32\oodag.exe
      O23 - Service: ProtexisLicensing - Unknown owner - C:\Windows\system32\PSIService.exe
      O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
      O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:\UTIL\Spybot - Search & Destroy\SDWinSec.exe
      O23 - Service: Seagate Scheduler2 Service (SgtSch2Svc) - Unknown owner - C:\Program Files\Common Files\Seagate\Schedule2\schedul2.exe (file missing)
      O23 - Service: spmgr - Unknown owner - C:\Program Files\ASUS\NB Probe\SPM\spmgr.exe
      O23 - Service: TabletServicePen - Wacom Technology, Corp. - C:\Windows\system32\Pen_Tablet.exe
      O23 - Service: TomTomHOMEService - TomTom - D:\Logiciels Divers\TomTom HOME 2\TomTomHOMEService.exe
      O23 - Service: Acronis Try And Decide Service (TryAndDecideService) - Unknown owner - C:\Program Files\Common Files\Acronis\Fomatik\TrueImageTryStartService.exe (file missing)
      O23 - Service: TuneUp Drive Defrag Service (TuneUp.Defrag) - TuneUp Software - C:\Windows\System32\TuneUpDefragService.exe
      O23 - Service: TuneUp Program Statistics Service (TuneUp.ProgramStatisticsSvc) - TuneUp Software - C:\Windows\System32\TUProgSt.exe
      0
      1. cachou52fr > cachou52fr
         
        bonjour,
        le probleme est toujours présent a l'ouverture d'internet explorer
        0
  20. eZula Messages postés 3509 Statut Contributeur 392
     
    fais le scan nod32 suggéré
    0
  • 1
  • 2