Sujet Précédent Sujet Suivant

Urgent!! recherche sur google réorientée

titepuce45 -  
 titepuce45 -
Bonjour,
quand je fais une recherche sur google, je suis réorientée vers des pages d'autres sites de recherches.
quand je tape le nom dans la barre d'adresse j'ai le même problème.
il me met aussi certains site "connexion échouée"
Je ne sais plus quoi faire.
Merci d'avoir une aide.

A voir également:

7 réponses

Réponse 1 / 7
titepuce45
 
après examen avec hijackthis

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 23:14:29, on 01/12/2010
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.17091)
Boot mode: Normal

Running processes:
D:\WINDOWS\System32\smss.exe
D:\WINDOWS\system32\winlogon.exe
D:\WINDOWS\system32\services.exe
D:\WINDOWS\system32\lsass.exe
D:\WINDOWS\System32\Ati2evxx.exe
D:\WINDOWS\system32\svchost.exe
D:\WINDOWS\System32\svchost.exe
D:\WINDOWS\system32\Ati2evxx.exe
D:\WINDOWS\system32\spoolsv.exe
D:\WINDOWS\Explorer.EXE
D:\Program Files\Avira\AntiVir Desktop\sched.exe
D:\WINDOWS\System32\svchost.exe
D:\Program Files\Avira\AntiVir Desktop\avguard.exe
D:\WINDOWS\System32\svchost.exe
D:\Program Files\Java\jre6\bin\jqs.exe
D:\WINDOWS\system32\PnkBstrA.exe
D:\WINDOWS\system32\PnkBstrB.exe
D:\WINDOWS\System32\wbem\wmiapsrv.exe
D:\Program Files\Avira\AntiVir Desktop\avgnt.exe
D:\WINDOWS\RTHDCPL.EXE
D:\PROGRA~1\WI9130~1\Datamngr\DATAMN~1.EXE
D:\WINDOWS\system32\ctfmon.exe
D:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.EXE
D:\Program Files\Messenger\msmsgs.exe
D:\Program Files\Windows Media Player\WMPNSCFG.exe
D:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe
D:\Program Files\Mozilla Firefox\firefox.exe
D:\Program Files\Mozilla Firefox\plugin-container.exe
D:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = https://actus.sfr.fr
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = https://actus.sfr.fr
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.sfr.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = https://actus.sfr.fr
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
F2 - REG:system.ini: UserInit=D:\WINDOWS\system32\userinit.exe,D:\Program Files\Soluto\soluto.exe /userinit
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - D:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - D:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - D:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - D:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O4 - HKLM\..\Run: [avgnt] "D:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "D:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "D:\Program Files\Fichiers communs\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [QuickTime Task] "D:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\RunOnce: [removeSearchqutoolbar] cmd.exe /c RD /S /Q "D:\Program Files\Windows Searchqu Toolbar\ToolBar"
O4 - HKLM\..\RunOnce: [removeSearchqudatamngr] cmd.exe /c RD /S /Q "D:\Program Files\Windows Searchqu Toolbar"
O4 - HKCU\..\Run: [ctfmon.exe] D:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [StartCCC] D:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe
O4 - HKCU\..\Run: [MSMSGS] "D:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [WMPNSCFG] D:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKCU\..\Run: [Pando Media Booster] D:\Program Files\Pando Networks\Media Booster\PMB.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] D:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] D:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] D:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] D:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: Free YouTube to Mp3 Converter - D:\Documents and Settings\Skuraii\Application Data\DVDVideoSoftIEHelpers\youtubetomp3.htm
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - D:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - D:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - D:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - D:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - D:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - D:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/...
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/...
O20 - AppInit_DLLs:
O23 - Service: Avira AntiVir Planificateur (AntiVirSchedulerService) - Avira GmbH - D:\Program Files\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - D:\Program Files\Avira\AntiVir Desktop\avguard.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - D:\WINDOWS\System32\Ati2evxx.exe
O23 - Service: Service Google Update (gupdate) (gupdate) - Google Inc. - D:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - D:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: nProtect GameGuard Service (npggsvc) - Unknown owner - D:\WINDOWS\system32\GameMon.des.exe (file missing)
O23 - Service: PnkBstrA - Unknown owner - D:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: PnkBstrB - Unknown owner - D:\WINDOWS\system32\PnkBstrB.exe
0
Réponse 2 / 7
titepuce45
 
après avoir utilisé hostsXpert, je reposte un examen hijackthis
j'essaie d'utiliser cette méthode: https://www.commentcamarche.net/faq/6063-page-internet-google-redirigee#methode-de-desinfection

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 23:18:46, on 01/12/2010
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.17091)
Boot mode: Normal

Running processes:
D:\WINDOWS\System32\smss.exe
D:\WINDOWS\system32\winlogon.exe
D:\WINDOWS\system32\services.exe
D:\WINDOWS\system32\lsass.exe
D:\WINDOWS\System32\Ati2evxx.exe
D:\WINDOWS\system32\svchost.exe
D:\WINDOWS\System32\svchost.exe
D:\WINDOWS\system32\Ati2evxx.exe
D:\WINDOWS\system32\spoolsv.exe
D:\WINDOWS\Explorer.EXE
D:\Program Files\Avira\AntiVir Desktop\sched.exe
D:\WINDOWS\System32\svchost.exe
D:\Program Files\Avira\AntiVir Desktop\avguard.exe
D:\WINDOWS\System32\svchost.exe
D:\Program Files\Java\jre6\bin\jqs.exe
D:\WINDOWS\system32\PnkBstrA.exe
D:\WINDOWS\system32\PnkBstrB.exe
D:\WINDOWS\System32\wbem\wmiapsrv.exe
D:\Program Files\Avira\AntiVir Desktop\avgnt.exe
D:\WINDOWS\RTHDCPL.EXE
D:\PROGRA~1\WI9130~1\Datamngr\DATAMN~1.EXE
D:\WINDOWS\system32\ctfmon.exe
D:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.EXE
D:\Program Files\Messenger\msmsgs.exe
D:\Program Files\Windows Media Player\WMPNSCFG.exe
D:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe
D:\Program Files\Mozilla Firefox\firefox.exe
D:\Program Files\Mozilla Firefox\plugin-container.exe
D:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://recherche.neuf.fr/ie/default.html
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://recherche.neuf.fr/
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.sfr.fr/accueil/adsl.html
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://recherche.neuf.fr/ie/default.html
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
F2 - REG:system.ini: UserInit=D:\WINDOWS\system32\userinit.exe,D:\Program Files\Soluto\soluto.exe /userinit
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - D:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - D:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - D:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - D:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O4 - HKLM\..\Run: [avgnt] "D:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "D:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "D:\Program Files\Fichiers communs\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [QuickTime Task] "D:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\RunOnce: [removeSearchqutoolbar] cmd.exe /c RD /S /Q "D:\Program Files\Windows Searchqu Toolbar\ToolBar"
O4 - HKLM\..\RunOnce: [removeSearchqudatamngr] cmd.exe /c RD /S /Q "D:\Program Files\Windows Searchqu Toolbar"
O4 - HKCU\..\Run: [ctfmon.exe] D:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [StartCCC] D:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe
O4 - HKCU\..\Run: [MSMSGS] "D:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [WMPNSCFG] D:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKCU\..\Run: [Pando Media Booster] D:\Program Files\Pando Networks\Media Booster\PMB.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] D:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] D:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] D:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] D:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: Free YouTube to Mp3 Converter - D:\Documents and Settings\Skuraii\Application Data\DVDVideoSoftIEHelpers\youtubetomp3.htm
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - D:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - D:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - D:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - D:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - D:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - D:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/...
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/...
O20 - AppInit_DLLs:
O23 - Service: Avira AntiVir Planificateur (AntiVirSchedulerService) - Avira GmbH - D:\Program Files\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - D:\Program Files\Avira\AntiVir Desktop\avguard.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - D:\WINDOWS\System32\Ati2evxx.exe
O23 - Service: Service Google Update (gupdate) (gupdate) - Google Inc. - D:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - D:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: nProtect GameGuard Service (npggsvc) - Unknown owner - D:\WINDOWS\system32\GameMon.des.exe (file missing)
O23 - Service: PnkBstrA - Unknown owner - D:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: PnkBstrB - Unknown owner - D:\WINDOWS\system32\PnkBstrB.exe
0
Réponse 3 / 7
titepuce45
 
** Rapport MyHosts.txt **

MyHosts V.1.0.0.2 de jeanmimigab

Merci à la team MH, W-T ,C_XX, Laddy et à Batch_man pour leurs aides

Résultat de l'opération:restauration du fichier hosts réussi...

** Fin du rapport **
0
Réponse 4 / 7
titepuce45
 
DDS (Ver_10-11-27.01) - NTFSx86
Run by Skuraii at 23:28:24,53 on 01/12/2010
Internet Explorer: 7.0.5730.13 BrowserJavaVersion: 1.6.0_20
Microsoft Windows XP Professionnel 5.1.2600.3.1252.33.1036.18.894.361 [GMT 1:00]

AV: AntiVir Desktop *On-access scanning enabled* (Updated) {AD166499-45F9-482A-A743-FDD3350758C7}

============== Running Processes ===============

D:\WINDOWS\System32\Ati2evxx.exe
D:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
D:\WINDOWS\System32\svchost.exe -k netsvcs
svchost.exe
svchost.exe
D:\WINDOWS\system32\Ati2evxx.exe
D:\WINDOWS\system32\spoolsv.exe
D:\WINDOWS\Explorer.EXE
D:\Program Files\Avira\AntiVir Desktop\sched.exe
svchost.exe
D:\WINDOWS\System32\svchost.exe -k Akamai
D:\Program Files\Avira\AntiVir Desktop\avguard.exe
D:\WINDOWS\System32\svchost.exe -k HTTPFilter
D:\Program Files\Java\jre6\bin\jqs.exe
D:\WINDOWS\system32\PnkBstrA.exe
D:\WINDOWS\system32\PnkBstrB.exe
D:\WINDOWS\System32\wbem\wmiapsrv.exe
D:\Program Files\Avira\AntiVir Desktop\avgnt.exe
D:\WINDOWS\RTHDCPL.EXE
D:\PROGRA~1\WI9130~1\Datamngr\DATAMN~1.EXE
D:\WINDOWS\system32\ctfmon.exe
D:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.EXE
D:\Program Files\Messenger\msmsgs.exe
D:\Program Files\Windows Media Player\WMPNSCFG.exe
D:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe
D:\Program Files\Mozilla Firefox\firefox.exe
D:\Program Files\Mozilla Firefox\plugin-container.exe
D:\Documents and Settings\Skuraii\Bureau\dds.scr

============== Pseudo HJT Report ===============

uStart Page = hxxp://www.sfr.fr/accueil/adsl.html
uSearch Page = hxxp://recherche.neuf.fr/
uSearch Bar = hxxp://recherche.neuf.fr/ie/default.html
mSearchAssistant = hxxp://recherche.neuf.fr/ie/default.html
mWinlogon: Userinit=d:\windows\system32\userinit.exe,d:\program files\soluto\soluto.exe /userinit
BHO: Aide pour le lien d'Adobe PDF Reader: {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - d:\program files\fichiers communs\adobe\acrobat\activex\AcroIEHelper.dll
BHO: {5C255C8A-E604-49b4-9D64-90988571CECB} - No File
BHO: Programme d'aide de l'Assistant de connexion Windows Live: {9030d464-4c02-4abf-8ecc-5164760863c6} - d:\program files\fichiers communs\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - d:\program files\java\jre6\bin\jp2ssv.dll
BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - d:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
EB: {32683183-48a0-441b-a342-7c2a440a9478} - No File
uRun: [ctfmon.exe] d:\windows\system32\ctfmon.exe
uRun: [<NO NAME>]
uRun: [StartCCC] d:\program files\ati technologies\ati.ace\core-static\CLIStart.exe
uRun: [MSMSGS] "d:\program files\messenger\msmsgs.exe" /background
uRun: [WMPNSCFG] d:\program files\windows media player\WMPNSCFG.exe
uRun: [Pando Media Booster] d:\program files\pando networks\media booster\PMB.exe
mRun: [avgnt] "d:\program files\avira\antivir desktop\avgnt.exe" /min
mRun: [RTHDCPL] RTHDCPL.EXE
mRun: [Alcmtr] ALCMTR.EXE
mRun: [Adobe Reader Speed Launcher] "d:\program files\adobe\reader 8.0\reader\Reader_sl.exe"
mRun: [Adobe ARM] "d:\program files\fichiers communs\adobe\arm\1.0\AdobeARM.exe"
mRun: [QuickTime Task] "d:\program files\quicktime\qttask.exe" -atboottime
mRunOnce: [removeSearchqutoolbar] cmd.exe /c RD /S /Q "d:\program files\windows searchqu toolbar\ToolBar"
mRunOnce: [removeSearchqudatamngr] cmd.exe /c RD /S /Q "d:\program files\Windows Searchqu Toolbar"
dRun: [CTFMON.EXE] d:\windows\system32\CTFMON.EXE
IE: Free YouTube to Mp3 Converter - d:\documents and settings\skuraii\application data\dvdvideosoftiehelpers\youtubetomp3.htm
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - d:\program files\messenger\msmsgs.exe
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - d:\program files\windows live\writer\WriterBrowserExtension.dll
DPF: {17492023-C23A-453E-A040-C7C580BBF700} - hxxp://go.microsoft.com/fwlink/?linkid=39204
DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} - hxxp://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1262055203998
DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} - hxxp://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1262056422435
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
Notify: AtiExtEvent - Ati2evxx.dll
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - d:\windows\system32\WPDShServiceObj.dll
mASetup: ccc-core-static - msiexec /fums {A75BF1D0-C7C3-CB55-EE17-3225387FD154} /qb

================= FIREFOX ===================

FF - ProfilePath - d:\docume~1\skuraii\applic~1\mozilla\firefox\profiles\ozi2vr0i.default\
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxp://www.google.fr/
FF - prefs.js: keyword.URL - hxxp://search.freecause.com/search?fr=freecause&ourmark=3&type=61101&p=
FF - component: d:\documents and settings\skuraii\application data\mozilla\firefox\profiles\ozi2vr0i.default\extensions\{636fae0b-69b4-4324-9fea-80fc7fb887dc}\components\Engine.dll
FF - component: d:\documents and settings\skuraii\application data\mozilla\firefox\profiles\ozi2vr0i.default\extensions\{7b13ec3e-999a-4b70-b9cb-2617b8323822}\components\FFExternalAlert.dll
FF - component: d:\documents and settings\skuraii\application data\mozilla\firefox\profiles\ozi2vr0i.default\extensions\{7b13ec3e-999a-4b70-b9cb-2617b8323822}\components\RadioWMPCore.dll
FF - plugin: d:\documents and settings\all users\application data\zylom\zylomgamesplayer\npzylomgamesplayer.dll
FF - plugin: d:\documents and settings\skuraii\application data\mozilla\plugins\np-mswmp.dll
FF - plugin: d:\program files\google\google earth\plugin\npgeplugin.dll
FF - plugin: d:\program files\google\update\1.2.183.39\npGoogleOneClick8.dll
FF - plugin: d:\program files\java\jre6\bin\new_plugin\npdeployJava1.dll
FF - plugin: d:\program files\mozilla firefox\plugins\npOGPPlugin.dll
FF - plugin: d:\program files\pando networks\media booster\npPandoWebPlugin.dll
FF - plugin: d:\program files\windows live\photo gallery\NPWLPG.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - d:\windows\microsoft.net\framework\v3.5\windows presentation foundation\dotnetassistantextension\
FF - HiddenExtension: Java Console: No Registry Reference - d:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA}
FF - HiddenExtension: Java Console: No Registry Reference - d:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0019-ABCDEFFEDCBA}
FF - HiddenExtension: Java Console: No Registry Reference - d:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
FF - Extension: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - d:\program files\mozilla firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Extension: Java Console: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} - d:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA}
FF - Extension: Java Console: {CAFEEFAC-0016-0000-0019-ABCDEFFEDCBA} - d:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0019-ABCDEFFEDCBA}
FF - Extension: Java Console: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} - d:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
FF - Extension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - d:\windows\microsoft.net\framework\v3.5\windows presentation foundation\DotNetAssistantExtension
FF - Extension: Java Quick Starter: jqs@sun.com - d:\program files\java\jre6\lib\deploy\jqs\ff
FF - Extension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - d:\docume~1\skuraii\applic~1\mozilla\firefox\profiles\ozi2vr0i.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
FF - Extension: DVDVideoSoft Menu: {ACAA314B-EEBA-48e4-AD47-84E31C44796C} - d:\docume~1\skuraii\applic~1\mozilla\firefox\profiles\ozi2vr0i.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}
FF - Extension: Zynga Toolbar: {7b13ec3e-999a-4b70-b9cb-2617b8323822} - d:\docume~1\skuraii\applic~1\mozilla\firefox\profiles\ozi2vr0i.default\extensions\{7b13ec3e-999a-4b70-b9cb-2617b8323822}
FF - Extension: FIFA Online Web Launcher: eafo3fflauncher@ea.com - d:\docume~1\skuraii\applic~1\mozilla\firefox\profiles\ozi2vr0i.default\extensions\eafo3fflauncher@ea.com
FF - Extension: Is Cool: {636fae0b-69b4-4324-9fea-80fc7fb887dc} - d:\docume~1\skuraii\applic~1\mozilla\firefox\profiles\ozi2vr0i.default\extensions\{636fae0b-69b4-4324-9fea-80fc7fb887dc}

---- FIREFOX POLICIES ----
FF - user.js: yahoo.homepage.dontask - true
============= SERVICES / DRIVERS ===============

R1 avgio;avgio;d:\program files\avira\antivir desktop\avgio.sys [2009-12-29 11608]
R2 Akamai;Akamai NetSession Interface;d:\windows\system32\svchost.exe -k Akamai [2001-8-28 14336]
R2 AntiVirSchedulerService;Avira AntiVir Planificateur;d:\program files\avira\antivir desktop\sched.exe [2009-12-29 108289]
R2 AntiVirService;Avira AntiVir Guard;d:\program files\avira\antivir desktop\avguard.exe [2009-12-29 185089]
R2 avgntflt;avgntflt;d:\windows\system32\drivers\avgntflt.sys [2009-12-29 56816]
S2 gupdate;Service Google Update (gupdate);d:\program files\google\update\GoogleUpdate.exe [2010-2-12 135664]
S3 npggsvc;nProtect GameGuard Service;d:\windows\system32\gamemon.des -service --> d:\windows\system32\GameMon.des -service [?]
S3 XDva281;XDva281;\??\d:\windows\system32\xdva281.sys --> d:\windows\system32\XDva281.sys [?]

=============== Created Last 30 ================

2010-12-01 22:22:38 -------- d-----w- D:\MyHosts
2010-12-01 22:14:17 -------- d-----w- d:\program files\Trend Micro
2010-11-30 18:01:27 -------- d-----w- d:\program files\SimCity 4
2010-11-30 17:46:23 -------- d-----w- d:\program files\Maxis
2010-11-30 00:13:24 -------- d-----w- d:\program files\Farming Simulator 2011
2010-11-29 22:59:11 -------- d-----w- d:\docume~1\skuraii\applic~1\KranX Productions
2010-11-29 22:58:19 -------- d-----w- d:\program files\Artifacts of the past
2010-11-23 22:20:55 -------- d-----w- d:\program files\LeeGTs Games
2010-11-22 20:03:45 -------- d-----w- d:\program files\Hidden Expedition - Le Triangle du Diable
2010-11-21 20:31:58 -------- d-----w- d:\docume~1\skuraii\applic~1\WhiteSmoke
2010-11-21 20:31:15 -------- d-----w- d:\program files\Windows Searchqu Toolbar
2010-11-21 20:30:36 -------- d-----w- d:\program files\Quick Web Player
2010-11-21 12:01:51 -------- d-----w- d:\program files\Virtual Villagers - The Tree of Life
2010-11-19 23:12:03 -------- d-----w- d:\docume~1\skuraii\applic~1\SerpentOfIsis
2010-11-18 21:45:04 -------- d-----w- d:\docume~1\skuraii\locals~1\applic~1\Game Mill Files
2010-11-18 03:45:36 -------- d-----w- d:\docume~1\skuraii\applic~1\Lost in the City
2010-11-17 03:15:07 -------- d-----w- d:\docume~1\skuraii\applic~1\Elephant Games
2010-11-16 23:24:19 -------- d-----w- d:\docume~1\skuraii\applic~1\Jetdogs Studios
2010-11-16 22:26:19 -------- d-----w- d:\docume~1\skuraii\applic~1\ERS Game Studios
2010-11-16 21:39:59 -------- d-----w- d:\docume~1\skuraii\applic~1\Artogon
2010-11-16 13:57:06 -------- d-----w- d:\docume~1\skuraii\locals~1\applic~1\The Lord of the Rings Online
2010-11-16 04:22:41 -------- d-----w- d:\docume~1\skuraii\locals~1\applic~1\Turbine
2010-11-16 04:21:20 -------- d-----w- d:\docume~1\skuraii\locals~1\applic~1\ApplicationHistory
2010-11-16 04:19:28 -------- d-----w- d:\windows\system32\URTTEMP
2010-11-16 03:09:11 -------- d-----w- d:\program files\Codemasters
2010-11-12 00:53:45 -------- d-----w- d:\docume~1\skuraii\applic~1\Enki Games
2010-11-11 23:47:57 -------- d-----w- d:\docume~1\skuraii\applic~1\Specialbit
2010-11-11 02:36:34 -------- d-----w- d:\docume~1\skuraii\applic~1\SunRay Games
2010-11-11 01:33:49 -------- d-----w- d:\docume~1\skuraii\applic~1\TeleportGamesLtd
2010-11-11 01:33:49 -------- d-----w- d:\docume~1\alluse~1\applic~1\TeleportGamesLtd
2010-11-06 23:57:16 -------- d-----w- d:\docume~1\skuraii\applic~1\ShaoLin
2010-11-06 16:10:14 -------- d-----w- d:\docume~1\skuraii\applic~1\Awem
2010-11-05 01:15:52 -------- d-----w- d:\docume~1\alluse~1\applic~1\Alawar Stargaze

==================== Find3M ====================

2010-09-18 10:23:26 974848 ----a-w- d:\windows\system32\mfc42u.dll
2010-09-18 06:53:24 974848 ----a-w- d:\windows\system32\mfc42.dll
2010-09-18 06:53:24 954368 ----a-w- d:\windows\system32\mfc40.dll
2010-09-18 06:53:24 953856 ----a-w- d:\windows\system32\mfc40u.dll
2010-09-09 13:34:12 832512 ----a-w- d:\windows\system32\wininet.dll
2010-09-09 13:34:10 78336 ------w- d:\windows\system32\ieencode.dll
2010-09-09 13:34:10 1830912 ------w- d:\windows\system32\inetcpl.cpl
2010-09-09 13:34:09 17408 ------w- d:\windows\system32\corpol.dll
2010-09-08 15:57:57 389120 ------w- d:\windows\system32\html.iec

============= FINISH: 23:28:57,06 ===============
0

Vous n’avez pas trouvé la réponse que vous recherchez ?

Posez votre question
Réponse 5 / 7
titepuce45
 
Malgré tous ces examens suivis à la lettre sur le site mentionné plus haut, j'ai toujours le même problème.
je lance une recherche dans la barre google et on m'envoie sur freeeducationloan.com ou autre site.
pareil quand je copie/colle l'adresse dans la barre.
0
Réponse 6 / 7
titepuce45
 
Nettoyage CCleaner effectué aussi. avira comme antivirus et arovax antispyware.
je ne comprends pas d'où ça vient.
J'espère avoir fourni assez d'explications pour que l'on puisse m'aider.
Merci d'avance!
0
Réponse 7 / 7
titepuce45
 
alerte avira: trojan dans Windows, explorer.exe
0