Fenetre cid, rapport hijack
Résolu
zezette69
Messages postés
2
Statut
Membre
-
green day Messages postés 26722 Statut Modérateur, Contributeur sécurité -
green day Messages postés 26722 Statut Modérateur, Contributeur sécurité -
bonjour, depuis quelques j'ouvre la navigation sur le net devient galere.....fenetre cid
ci joint le rapport
merci a ceux qui pourront m'aider
coco
ci joint le rapport
merci a ceux qui pourront m'aider
coco
A voir également:
- Fenetre cid, rapport hijack
- Fenetre windows - Guide
- Fenêtre hors écran windows 11 - Guide
- Plan rapport de stage - Guide
- Hijack this - Télécharger - Antivirus & Antimalwares
- Fenetre de navigation privée - Guide
52 réponses
J'ai aussi ce même probléme.... impossible de me séparer des pubs cid malgré tous les anti ......... Je vous joins mon rapport en espérant que c'est le bon
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 15:27:28, on 22/01/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Unable to get Internet Explorer version!
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\SOUNDMAN.EXE
C:\WINDOWS\system32\LVCOMSX.EXE
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\Program Files\Logitech\Video\LogiTray.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\Fichiers communs\ACD Systems\FR\DevDetect.exe
C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
C:\WINDOWS\SYSTEM32\DWRCS.EXE
C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Weather Watcher\ww.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\slserv.exe
C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe
C:\Program Files\Fichiers communs\Ahead\lib\NMBgMonitor.exe
C:\WINDOWS\system32\svchost.exe
C:\Documents and Settings\Alice_2\Application Data\Maxthon2\Maxthon.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\eMule\emule.exe
C:\Program Files\Logitech\Video\FxSvr2.exe
C:\PROGRA~1\INCRED~1\bin\IMApp.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\SYSTEM32\DWRCST.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Windows Live\Messenger\usnsvc.exe
C:\Program Files\Adobe\Reader 8.0\Reader\AcroRd32.exe
C:\Documents and Settings\Alice_2\Application Data\Maxthon2\Maxthon.exe
C:\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://home.sweetim.com/
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {34F0F1E7-C8CD-652E-0DB1-283859C54B5D} - (no file)
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe
O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [ipfxkgy] c:\windows\system32\ipfxkgy.exe ipfxkgy
O4 - HKLM\..\Run: [Device Detector] DevDetect.exe -autorun
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
O4 - HKLM\..\Run: [FREE VIEW GRIM SOAP] C:\Documents and Settings\All Users\Application Data\Meal Memo Free View\balm upload.exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKCU\..\Run: [IncrediMail] C:\Program Files\IncrediMail\bin\IncMail.exe /c
O4 - HKCU\..\Run: [WeatherWatcher] C:\Program Files\Weather Watcher\ww.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Fichiers communs\Ahead\lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [LogitechSoftwareUpdate] "C:\Program Files\Logitech\Video\ManifestEngine.exe" boot
O4 - HKCU\..\Run: [one ante] C:\DOCUME~1\Alice_2\APPLIC~1\BIKEIN~1\Bags Meet.exe
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [eMuleAutoStart] C:\Program Files\eMule\emule.exe -AutoStart
O8 - Extra context menu item: &Search - ?p=ZN
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (file missing)
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (file missing)
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx1.hotmail.com/mail/w2/pr02/resources/MSNPUpld.cab
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scan8/oscan8.cab
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - https://www.trendmicro.com/en_us/forHome/products/housecall.html
O16 - DPF: {7FC1B346-83E6-4774-8D20-1A6B09B0E737} (Windows Live Photo Upload Control) - http://poemedelavie57.spaces.live.com/PhotoUpload/MsnPUpld.cab
O16 - DPF: {A1F2F2CE-06AF-483C-9F12-D3BAA72477D6} (BatchDownloader Class) - http://appdirectory.messenger.msn.com/AppDirectory/P4Apps/PhotoSwap/DigWXMSN.cab
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMessengerSetupDownloader.cab
O16 - DPF: {B7D07999-2ADB-4AEB-997E-F61CB7B2E2CD} (TSEasyInstallX Control) - http://www.trendsecure.com/easy_install/_activex/fr/TSEasyInstallX.CAB
O17 - HKLM\System\CCS\Services\Tcpip\..\{6E5CEAE4-CAF4-4C71-827B-869E57323092}: NameServer = 86.64.145.145 84.103.237.145
O17 - HKLM\System\CCS\Services\Tcpip\..\{9053B04C-BB2F-4F78-BDBC-04F81F2BC0BE}: NameServer = 192.168.1.1,86.64.145.140
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft AB - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: DameWare Mini Remote Control (DWMRCS) - DameWare Development LLC - C:\WINDOWS\SYSTEM32\DWRCS.EXE
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: SmartLinkService (SLService) - - C:\WINDOWS\SYSTEM32\slserv.exe
O23 - Service: StarWind iSCSI Service (StarWindService) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe
O23 - Service: Windows Live Setup Service (WLSetupSvc) - Unknown owner - C:\Program Files\Windows Live\installer\WLSetupSvc.exe
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 15:27:28, on 22/01/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Unable to get Internet Explorer version!
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\SOUNDMAN.EXE
C:\WINDOWS\system32\LVCOMSX.EXE
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\Program Files\Logitech\Video\LogiTray.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\Fichiers communs\ACD Systems\FR\DevDetect.exe
C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
C:\WINDOWS\SYSTEM32\DWRCS.EXE
C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Weather Watcher\ww.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\slserv.exe
C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe
C:\Program Files\Fichiers communs\Ahead\lib\NMBgMonitor.exe
C:\WINDOWS\system32\svchost.exe
C:\Documents and Settings\Alice_2\Application Data\Maxthon2\Maxthon.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\eMule\emule.exe
C:\Program Files\Logitech\Video\FxSvr2.exe
C:\PROGRA~1\INCRED~1\bin\IMApp.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\SYSTEM32\DWRCST.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Windows Live\Messenger\usnsvc.exe
C:\Program Files\Adobe\Reader 8.0\Reader\AcroRd32.exe
C:\Documents and Settings\Alice_2\Application Data\Maxthon2\Maxthon.exe
C:\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://home.sweetim.com/
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {34F0F1E7-C8CD-652E-0DB1-283859C54B5D} - (no file)
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe
O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [ipfxkgy] c:\windows\system32\ipfxkgy.exe ipfxkgy
O4 - HKLM\..\Run: [Device Detector] DevDetect.exe -autorun
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
O4 - HKLM\..\Run: [FREE VIEW GRIM SOAP] C:\Documents and Settings\All Users\Application Data\Meal Memo Free View\balm upload.exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKCU\..\Run: [IncrediMail] C:\Program Files\IncrediMail\bin\IncMail.exe /c
O4 - HKCU\..\Run: [WeatherWatcher] C:\Program Files\Weather Watcher\ww.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Fichiers communs\Ahead\lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [LogitechSoftwareUpdate] "C:\Program Files\Logitech\Video\ManifestEngine.exe" boot
O4 - HKCU\..\Run: [one ante] C:\DOCUME~1\Alice_2\APPLIC~1\BIKEIN~1\Bags Meet.exe
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [eMuleAutoStart] C:\Program Files\eMule\emule.exe -AutoStart
O8 - Extra context menu item: &Search - ?p=ZN
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (file missing)
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (file missing)
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx1.hotmail.com/mail/w2/pr02/resources/MSNPUpld.cab
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scan8/oscan8.cab
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - https://www.trendmicro.com/en_us/forHome/products/housecall.html
O16 - DPF: {7FC1B346-83E6-4774-8D20-1A6B09B0E737} (Windows Live Photo Upload Control) - http://poemedelavie57.spaces.live.com/PhotoUpload/MsnPUpld.cab
O16 - DPF: {A1F2F2CE-06AF-483C-9F12-D3BAA72477D6} (BatchDownloader Class) - http://appdirectory.messenger.msn.com/AppDirectory/P4Apps/PhotoSwap/DigWXMSN.cab
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMessengerSetupDownloader.cab
O16 - DPF: {B7D07999-2ADB-4AEB-997E-F61CB7B2E2CD} (TSEasyInstallX Control) - http://www.trendsecure.com/easy_install/_activex/fr/TSEasyInstallX.CAB
O17 - HKLM\System\CCS\Services\Tcpip\..\{6E5CEAE4-CAF4-4C71-827B-869E57323092}: NameServer = 86.64.145.145 84.103.237.145
O17 - HKLM\System\CCS\Services\Tcpip\..\{9053B04C-BB2F-4F78-BDBC-04F81F2BC0BE}: NameServer = 192.168.1.1,86.64.145.140
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft AB - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: DameWare Mini Remote Control (DWMRCS) - DameWare Development LLC - C:\WINDOWS\SYSTEM32\DWRCS.EXE
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: SmartLinkService (SLService) - - C:\WINDOWS\SYSTEM32\slserv.exe
O23 - Service: StarWind iSCSI Service (StarWindService) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe
O23 - Service: Windows Live Setup Service (WLSetupSvc) - Unknown owner - C:\Program Files\Windows Live\installer\WLSetupSvc.exe
Salut
Télécharge ceci: (by Moe) :
http://sosvirus.changelog.fr/Green_day/Lopxpsetup.exe
Double clic sur Lopxpsetup.exe pour lancer l'installation
Au menu, choisir l'option 1
Patienter jusqu'à que l'on demande d'appuyer sur une touche, appuyer !
Une rapport sera alors crée, à copie/colle en entier sur le forum.
++
Télécharge ceci: (by Moe) :
http://sosvirus.changelog.fr/Green_day/Lopxpsetup.exe
Double clic sur Lopxpsetup.exe pour lancer l'installation
Au menu, choisir l'option 1
Patienter jusqu'à que l'on demande d'appuyer sur une touche, appuyer !
Une rapport sera alors crée, à copie/colle en entier sur le forum.
++
Salut,
Voici le rapport. Je te remercie par avance
Rapport Lopxp fait le 23/01/2008 à 18:27:39
Exécuté dans : C:\Program Files\Lopxp
- Fin du rapport -
Voici le rapport. Je te remercie par avance
Rapport Lopxp fait le 23/01/2008 à 18:27:39
Exécuté dans : C:\Program Files\Lopxp
___________________________________________________________________________ => Tâches planifiées C:\WINDOWS\tasks\A932E0EA91859912.job Crée le : 09/01/2008 à 14:12 Fichier exécuté => c:\docume~1\guy\applic~1\bikein~1\Manager Bits Roam.exe C:\WINDOWS\tasks\B45B1800908C8198.job Crée le : 06/01/2008 à 14:24 Fichier exécuté => c:\docume~1\sandra\applic~1\bikein~1\Manager Bits Roam.exe ___________________________________________________________________________ => Listing des dossiers Application Data +- C:\Documents and Settings\Administrateur\Application Data 25/12/2005 15:57:33 ... ACDSYS~1 --= ACD Systems 25/03/2007 14:52:22 ... Adobe -----= Adobe 30/12/2007 18:23:15 ... Google ----= Google 08/07/2007 19:14:36 ... Help ------= Help 29/11/2005 12:48:44 ... IDENTI~1 --= Identities 25/12/2005 12:34:41 ... Lavasoft --= Lavasoft 25/12/2005 12:32:20 ... MACROM~1 --= Macromedia 29/11/2005 12:48:34 ... MICROS~1 --= Microsoft 25/03/2007 15:03:19 ... Real ------= Real 08/07/2007 19:08:25 ... Sun -------= Sun 24/09/2006 19:19:19 ... VOIPBU~1 --= VoipBuster +- C:\Documents and Settings\Administrateur\Local Settings\Application Data 25/12/2005 15:57:34 ... ACDSee ----= ACDSee 08/07/2007 19:44:54 ... Adobe -----= Adobe 29/11/2005 16:47:20 ... Ahead -----= Ahead 30/12/2007 18:23:15 ... Google ----= Google 08/07/2007 19:14:36 ... Help ------= Help 25/12/2005 12:39:17 ... IM --------= IM 24/09/2006 20:13:32 ... LOGITE~1 --= Logitech-LS 29/11/2005 12:48:34 ... MICROS~1 --= Microsoft 08/07/2007 19:54:42 ... WMTOOL~1 --= WMTools Downloaded Files +- C:\Documents and Settings\Alice backup\Application Data 29/11/2005 17:24:01 ... ACDSYS~1 --= ACD Systems 29/11/2005 17:24:01 ... Adobe -----= Adobe 29/11/2005 17:24:01 ... AdobeUM ---= AdobeUM 29/11/2005 17:24:01 ... Ahead -----= Ahead 29/11/2005 17:24:01 ... IDENTI~1 --= Identities 30/11/2005 12:52:48 ... KANASO~1 --= Kana Solution 29/11/2005 17:24:01 ... Lavasoft --= Lavasoft 29/11/2005 17:36:08 ... MACROM~1 --= Macromedia 29/11/2005 17:24:00 ... MICROS~1 --= Microsoft 29/11/2005 17:24:00 ... Real ------= Real +- C:\Documents and Settings\Alice backup\Local Settings\Application Data 30/11/2005 09:17:47 ... ACDPHO~1 --= ACDPhotoEditor 29/11/2005 17:24:00 ... ACDSee ----= ACDSee 29/11/2005 17:24:00 ... Adobe -----= Adobe 29/11/2005 17:24:00 ... Ahead -----= Ahead 29/11/2005 17:24:00 ... IDENTI~1 --= Identities 29/11/2005 17:23:58 ... IM --------= IM 29/11/2005 19:29:44 ... LOGITE~1 --= Logitech-LS 29/11/2005 17:23:58 ... MICROS~1 --= Microsoft +- C:\Documents and Settings\Alice_2\Application Data 01/12/2005 12:05:44 ... ACDSYS~1 --= ACD Systems 01/12/2005 12:05:44 ... Adobe -----= Adobe 01/12/2005 12:05:44 ... AdobeUM ---= AdobeUM 01/12/2005 12:05:44 ... Ahead -----= Ahead 09/08/2007 17:18:34 ... Delivery --= Delivery 30/12/2007 10:45:31 ... DivX ------= DivX 10/12/2006 23:29:21 ... DRIVEC~1 --= DriveCleaner 2006 Free 18/09/2007 02:30:12 ... dvdcss ----= dvdcss 08/02/2006 00:02:37 ... EPSON -----= EPSON 21/01/2007 22:31:07 ... Google ----= Google 05/02/2006 13:08:01 ... Help ------= Help 01/12/2005 12:05:44 ... IDENTI~1 --= Identities 06/01/2008 21:28:11 ... ImgBurn ---= ImgBurn 01/09/2007 00:28:13 ... INSTAL~1 --= InstallShield 01/12/2005 12:20:40 ... KANASO~1 --= Kana Solution 01/12/2005 12:05:44 ... Lavasoft --= Lavasoft 01/12/2005 12:16:03 ... MACROM~1 --= Macromedia 13/01/2008 21:30:19 ... Maxthon2 --= Maxthon2 01/12/2005 12:05:44 ... MICROS~1 --= Microsoft 13/02/2006 10:57:44 ... Mozilla ---= Mozilla 08/10/2007 19:12:08 ... MSNINS~1 --= MSNInstaller 13/01/2008 21:34:07 ... MxBoost ---= MxBoost 28/11/2006 14:28:08 ... PCTOOL~1 --= PC Tools 06/12/2005 00:49:26 ... Real ------= Real 18/03/2007 21:27:54 ... SCREEN~1 --= Screenshot Sender 08/01/2006 18:28:56 ... Sun -------= Sun 13/02/2006 10:58:22 ... Talkback --= Talkback 06/01/2006 15:15:43 ... vlc -------= vlc 21/02/2006 12:58:23 ... Webroot ---= Webroot 14/09/2007 13:21:32 ... WINDOW~2 --= Windows Live Writer 30/05/2006 10:27:58 ... Yahoo! ----= Yahoo! +- C:\Documents and Settings\Alice_2\Local Settings\Application Data 04/12/2005 15:16:37 ... ACDPHO~1 --= ACDPhotoEditor 02/12/2005 02:53:31 ... ACDSee ----= ACDSee 04/12/2005 12:42:12 ... Adobe -----= Adobe 01/12/2005 12:06:08 ... Ahead -----= Ahead 28/10/2006 15:49:32 ... APPLEC~1 --= Apple Computer 28/12/2005 11:04:24 ... BVRPSO~1 --= BVRP Software 09/08/2006 16:48:42 ... Google ----= Google 05/02/2006 13:08:01 ... Help ------= Help 31/03/2006 15:35:29 ... IDENTI~1 --= Identities 01/12/2005 22:38:43 ... IM --------= IM 23/12/2005 09:44:37 ... LOGITE~1 --= Logitech-LS 01/12/2005 12:05:44 ... MICROS~1 --= Microsoft 13/02/2006 10:57:44 ... Mozilla ---= Mozilla 12/03/2006 20:49:20 ... MUSICM~1 --= Musicmatch 14/09/2007 13:21:32 ... WINDOW~1 --= Windows Live Writer 26/07/2007 18:14:59 ... WMTOOL~1 --= WMTools Downloaded Files +- C:\Documents and Settings\All Users\Application Data 29/11/2005 15:52:24 ... ACDSYS~1 --= ACD Systems 21/01/2007 15:57:33 ... Adobe -----= Adobe 28/09/2007 20:09:57 ... Ahead -----= Ahead 24/07/2006 19:49:42 ... APPLEC~1 --= Apple Computer 28/12/2005 11:02:29 ... BVRPSO~1 --= BVRP Software 01/09/2007 00:23:41 ... EPSON -----= EPSON 09/08/2007 09:08:05 ... Google ----= Google 13/01/2008 23:26:40 ... Grisoft ---= Grisoft 08/07/2007 19:11:49 ... Lavasoft --= Lavasoft 31/12/2007 12:44:18 ... MEALME~1 --= Meal Memo Free View 22/01/2008 12:17:02 ... MESSEN~1 --= Messenger Plus! 29/11/2005 13:33:57 ... MICROS~1 --= Microsoft 16/10/2006 09:31:37 ... MSSCAN~1 --= MSScanAppDataDir 01/01/2006 18:15:58 ... NVIEW_~1 --= nView_Profiles 07/08/2007 22:01:40 ... OFFICE~1 --= Office Genuine Advantage 25/12/2007 01:29:47 ... Real ------= Real 21/01/2008 12:03:17 ... SPYBOT~1 --= Spybot - Search & Destroy 19/07/2007 13:51:36 ... TEMP ------= TEMP 01/09/2007 00:33:09 ... UDL -------= UDL 07/08/2007 22:01:35 ... WINDOW~1 --= Windows Genuine Advantage 08/11/2006 03:01:44 ... WINDOW~2 --= Windows Live Toolbar 14/09/2007 07:02:13 ... WLINST~1 --= WLInstaller +- C:\Documents and Settings\Guy\Application Data 30/11/2005 18:12:45 ... ACDSYS~1 --= ACD Systems 30/11/2005 18:12:45 ... Adobe -----= Adobe 30/11/2005 18:12:45 ... AdobeUM ---= AdobeUM 30/11/2005 18:12:45 ... Ahead -----= Ahead 25/12/2007 17:40:24 ... DivX ------= DivX 11/12/2006 09:26:41 ... DRIVEC~1 --= DriveCleaner 2006 Free 21/01/2007 17:22:49 ... Google ----= Google 14/01/2008 01:24:47 ... Grisoft ---= Grisoft 01/01/2006 16:00:42 ... Help ------= Help 30/11/2005 18:12:45 ... IDENTI~1 --= Identities 30/11/2005 18:12:45 ... Lavasoft --= Lavasoft 30/11/2005 19:04:02 ... MACROM~1 --= Macromedia 13/01/2008 21:48:40 ... Maxthon2 --= Maxthon2 30/11/2005 18:12:45 ... MICROS~1 --= Microsoft 31/01/2006 16:45:10 ... Mozilla ---= Mozilla 13/01/2008 21:51:38 ... MxBoost ---= MxBoost 04/12/2005 21:14:50 ... Real ------= Real 09/01/2006 18:21:33 ... Sun -------= Sun 31/01/2006 16:45:39 ... Talkback --= Talkback 11/10/2006 06:51:05 ... vlc -------= vlc 21/02/2006 14:11:36 ... Webroot ---= Webroot 16/09/2007 12:24:46 ... WINDOW~1 --= Windows Desktop Search +- C:\Documents and Settings\Guy\Local Settings\Application Data 13/12/2005 14:46:38 ... ACDSee ----= ACDSee 02/12/2005 18:56:58 ... Adobe -----= Adobe 30/11/2005 18:13:02 ... Ahead -----= Ahead 22/09/2006 00:18:41 ... APPLEC~1 --= Apple Computer 16/08/2006 00:39:28 ... Google ----= Google 01/01/2006 16:00:42 ... Help ------= Help 14/04/2006 23:35:45 ... IDENTI~1 --= Identities 30/11/2005 18:16:03 ... IM --------= IM 07/12/2006 00:57:22 ... LOGITE~1 --= Logitech-LS 30/11/2005 18:12:44 ... MICROS~1 --= Microsoft 31/01/2006 16:45:21 ... Mozilla ---= Mozilla 06/01/2008 14:07:37 ... WMTOOL~1 --= WMTools Downloaded Files +- C:\Documents and Settings\old Alice\Application Data 01/12/2005 11:57:26 ... ACDSYS~1 --= ACD Systems 01/12/2005 11:57:27 ... Adobe -----= Adobe 01/12/2005 11:57:27 ... AdobeUM ---= AdobeUM 01/12/2005 11:57:27 ... Ahead -----= Ahead 01/12/2005 11:57:27 ... IDENTI~1 --= Identities 01/12/2005 11:57:27 ... KANASO~1 --= Kana Solution 01/12/2005 11:57:27 ... Lavasoft --= Lavasoft 01/12/2005 11:57:27 ... MACROM~1 --= Macromedia 01/12/2005 11:57:27 ... MICROS~1 --= Microsoft 01/12/2005 11:57:29 ... Real ------= Real +- C:\Documents and Settings\old Alice\Local Settings\Application Data 01/12/2005 11:57:35 ... ACDPHO~1 --= ACDPhotoEditor 01/12/2005 11:57:35 ... ACDSee ----= ACDSee 01/12/2005 11:57:35 ... Adobe -----= Adobe 01/12/2005 11:57:35 ... Ahead -----= Ahead 01/12/2005 11:57:35 ... IDENTI~1 --= Identities 01/12/2005 11:57:35 ... IM --------= IM 01/12/2005 11:57:43 ... LOGITE~1 --= Logitech-LS 01/12/2005 11:57:43 ... MICROS~1 --= Microsoft +- C:\Documents and Settings\old default\Application Data 29/11/2005 16:48:18 ... ACDSYS~1 --= ACD Systems 29/11/2005 16:48:20 ... Adobe -----= Adobe 29/11/2005 16:48:20 ... AdobeUM ---= AdobeUM 29/11/2005 16:48:21 ... Ahead -----= Ahead 29/11/2005 16:48:21 ... IDENTI~1 --= Identities 29/11/2005 16:48:21 ... Lavasoft --= Lavasoft 29/11/2005 13:33:58 ... MICROS~1 --= Microsoft +- C:\Documents and Settings\old default\Local Settings\Application Data 29/11/2005 12:43:00 ... MICROS~1 --= Microsoft +- C:\Documents and Settings\Phil\Application Data 01/12/2005 11:37:06 ... ACDSYS~1 --= ACD Systems +- C:\Documents and Settings\Phil\Local Settings\Application Data 29/11/2005 16:08:00 ... IM --------= IM ___________________________________________________________________________ => Listing du dossier ProgramFiles +- C:\Program Files 01/09/2007 00:30:02 ... ABBYYF~1.0SP --------= ABBYY FineReader 6.0 Sprint 29/11/2005 15:52:23 ... ACDSYS~1 --= ACD Systems 29/11/2005 14:38:41 ... Adobe -----= Adobe 29/11/2005 13:59:50 ... ALCOHO~1 --= Alcohol Soft 29/11/2005 15:08:46 ... ALWILS~1 --= Alwil Software 25/12/2005 15:02:29 ... Auran -----= Auran 29/11/2005 16:04:58 ... AVANCE~1 --= Avance Sound Manager 29/11/2005 16:04:56 ... AvRack ----= AvRack 21/01/2008 13:57:02 ... CCleaner --= CCleaner 29/11/2005 12:39:42 ... COMPLU~1 --= ComPlus Applications 30/10/2006 14:35:54 ... Defenza ---= Defenza 30/11/2005 12:52:39 ... DYNDNS~1 --= DynDNS Updater 29/11/2005 15:42:20 ... eMule -----= eMule 29/11/2005 16:11:48 ... epson -----= epson 29/11/2005 13:34:38 ... FICHIE~1 --= Fichiers communs 26/12/2007 22:59:15 ... FREEDO~1 --= Free Download Manager 09/12/2006 20:28:48 ... Google ----= Google 29/11/2005 16:07:59 ... INCRED~1 --= IncrediMail 29/11/2005 14:45:41 ... INSTAL~1 --= InstallShield Installation Information 21/02/2006 11:43:03 ... INTERM~1 --= InterMute 29/11/2005 12:40:23 ... INTERN~1 --= Internet Explorer 03/12/2005 10:29:50 ... IZArc -----= IZArc 03/01/2008 08:30:11 ... Java ------= Java 25/12/2007 01:29:47 ... K-LITE~1 --= K-Lite Codec Pack 29/11/2005 14:45:36 ... KITADS~1 --= Kit ADSL 08/07/2007 19:11:49 ... Lavasoft --= Lavasoft 29/11/2005 16:22:06 ... Logitech --= Logitech 13/01/2008 18:30:22 ... LOPSD~1 ---= Lop SD 23/01/2008 18:08:54 ... Lopxp -----= Lopxp 07/10/2007 09:50:53 ... LYADME~1 --= Lyad Messenger 04/07/2007 00:41:44 ... MACROG~1 --= Macrogaming 29/11/2005 12:39:20 ... MESSEN~1 --= Messenger 14/01/2008 20:51:00 ... MESSEN~3 --= Messenger Plus! Live 19/01/2006 15:52:03 ... MESSEN~2 --= MessengerPlus! 3 25/03/2007 16:17:55 ... MIEE62~1 --= Microsoft BootVis 14/09/2007 11:21:25 ... MICROS~1.2 --= Microsoft CAPICOM 2.1.0.2 29/11/2005 12:43:36 ... MICROS~1 --= microsoft frontpage 29/11/2005 13:58:26 ... MICROS~2 --= Microsoft Office 25/12/2007 18:52:33 ... MI6DF9~1 --= Microsoft Research 30/11/2005 14:28:34 ... MICROS~3 --= Microsoft Visual Studio 30/11/2005 14:28:43 ... MICROS~4 --= Microsoft Works 29/11/2005 12:40:42 ... MOVIEM~1 --= Movie Maker 31/01/2006 16:45:00 ... MOZILL~1 --= Mozilla Firefox 24/10/2007 11:37:29 ... MSECache --= MSECache 29/11/2005 12:38:48 ... MSN -------= MSN 29/11/2005 12:39:18 ... MSNGAM~1 --= MSN Gaming Zone 29/11/2005 15:32:46 ... MSNMES~1 --= MSN Messenger 25/05/2007 19:30:07 ... MULTI_~1 --= Multi_Media_France 12/03/2006 15:33:55 ... MUSICM~1 --= MUSICMATCH 29/11/2005 15:01:47 ... Nero ------= Nero 29/11/2005 12:40:32 ... NETMEE~1 --= NetMeeting 19/07/2007 13:51:22 ... OBERON~1 --= Oberon Media 29/11/2005 12:39:27 ... ONLINE~1 --= Online Services 29/11/2005 12:40:30 ... OUTLOO~1 --= Outlook Express 09/08/2006 16:48:13 ... Picasa2 ---= Picasa2 02/07/2007 15:11:14 ... PLAYER~1 --= Player Tool 24/07/2006 19:49:15 ... QUICKT~1 --= QuickTime Alternative 30/12/2007 18:54:11 ... Secway ----= Secway 29/11/2005 12:41:36 ... SERVIC~1 --= Services en ligne 21/01/2008 12:03:17 ... SPYBOT~1 --= Spybot - Search & Destroy 29/11/2005 12:48:42 ... UNINST~1 --= Uninstall Information 06/01/2006 14:43:48 ... VideoLAN --= VideoLAN 29/11/2005 16:39:24 ... WEATHE~1 --= Weather Watcher 05/12/2007 08:02:37 ... WEBPUB~1 --= Web Publish 14/09/2007 07:22:22 ... WI459E~1 --= Windows Desktop Search 26/06/2007 08:57:32 ... WI1F86~1 --= Windows Live 29/11/2006 23:16:08 ... WIE5D0~1 --= Windows Live Safety Center 08/11/2006 02:59:41 ... WINDOW~4 --= Windows Live Toolbar 01/07/2007 12:17:26 ... WI4DF6~1 --= Windows Media Connect 2 29/11/2005 12:39:27 ... WINDOW~2 --= Windows Media Player 29/11/2005 12:38:47 ... WINDOW~1 --= Windows NT 29/11/2005 12:41:41 ... WINDOW~3 --= WindowsUpdate 29/11/2005 14:27:39 ... WINPHO~1 --= WinPhone eXPert 29/11/2005 12:43:36 ... xerox -----= xerox 18/05/2006 20:57:12 ... Yahoo! ----= Yahoo! ___________________________________________________________________________ => Clés registre [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "FREE VIEW GRIM SOAP"="C:\Documents and Settings\All Users\Application Data\Meal Memo Free View\balm upload.exe" [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "one ante"="C:\DOCUME~1\Alice_2\APPLIC~1\BIKEIN~1\Bags Meet.exe" ___________________________________________________________________________ => Bloqueur popups Internet Explorer +- Liste des popups autorisés : poemedelavie57.spaces.msn.com aimexpress.aol.com host-domain-lookup.com www.host-domain-lookup.com ___________________________________________________________________________ /!\ Suggestion (Nécessite une interprétation.) +- Dossiers suspects : C:\Documents and Settings\Alice backup\Application Data\Real C:\Documents and Settings\All Users\Application Data\Meal Memo Free View C:\Documents and Settings\All Users\Application Data\Real C:\Documents and Settings\old Alice\Application Data\Real C:\Program Files\Free Download Manager C:\Program Files\Multi_Media_France +- Tâches planifiées suspectes : C:\WINDOWS\tasks\A932E0EA91859912.job C:\WINDOWS\tasks\B45B1800908C8198.job +- Registre: REGEDIT4 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "FREE VIEW GRIM SOAP"=- [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "one ante"=- [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\New Windows\Allow] "host-domain-lookup.com"=- "www.host-domain-lookup.com"=-
- Fin du rapport -
Salut
télécharge OTMoveIt (de Old_Timer) sur ton Bureau :
http://download.bleepingcomputer.com/oldtimer/OTMoveIt.exe
double-clique sur OTMoveIt.exe pour le lancer.
copie la liste qui se trouve en citation ci-dessous,
et colle-la dans le cadre de gauche de OTMoveIt :Paste List of Files/Folders to be moved.
C:\Documents and Settings\All Users\Application Data\Meal Memo Free View
C:\Program Files\Free Download Manager
C:\Program Files\Multi_Media_France
C:\WINDOWS\tasks\A932E0EA91859912.job
C:\WINDOWS\tasks\B45B1800908C8198.job
clique sur MoveIt! pour lancer la suppression.
le résultat apparaitra dans le cadre Results.
clique sur Exit pour fermer.
poste le rapport situé dans C:\_OTMoveIt\MovedFiles.
@+
télécharge OTMoveIt (de Old_Timer) sur ton Bureau :
http://download.bleepingcomputer.com/oldtimer/OTMoveIt.exe
double-clique sur OTMoveIt.exe pour le lancer.
copie la liste qui se trouve en citation ci-dessous,
et colle-la dans le cadre de gauche de OTMoveIt :Paste List of Files/Folders to be moved.
C:\Documents and Settings\All Users\Application Data\Meal Memo Free View
C:\Program Files\Free Download Manager
C:\Program Files\Multi_Media_France
C:\WINDOWS\tasks\A932E0EA91859912.job
C:\WINDOWS\tasks\B45B1800908C8198.job
clique sur MoveIt! pour lancer la suppression.
le résultat apparaitra dans le cadre Results.
clique sur Exit pour fermer.
poste le rapport situé dans C:\_OTMoveIt\MovedFiles.
@+
Vous n’avez pas trouvé la réponse que vous recherchez ?
Posez votre question
voici le résultat
C:\Documents and Settings\All Users\Application Data\Meal Memo Free View moved successfully.
C:\Program Files\Free Download Manager moved successfully.
C:\Program Files\Multi_Media_France moved successfully.
C:\WINDOWS\tasks\A932E0EA91859912.job moved successfully.
C:\WINDOWS\tasks\B45B1800908C8198.job moved successfully.
Created on 01/23/2008 22:13:06
C:\Documents and Settings\All Users\Application Data\Meal Memo Free View moved successfully.
C:\Program Files\Free Download Manager moved successfully.
C:\Program Files\Multi_Media_France moved successfully.
C:\WINDOWS\tasks\A932E0EA91859912.job moved successfully.
C:\WINDOWS\tasks\B45B1800908C8198.job moved successfully.
Created on 01/23/2008 22:13:06
ok, fais ce qui est indiqué ici stp :
http://www.commentcamarche.net/faq/sujet 3174 virus methode preliminaire de desinfection version fr
++
http://www.commentcamarche.net/faq/sujet 3174 virus methode preliminaire de desinfection version fr
++
J'ai fait tout ce qui a été demandé, voici les différents raports
AVG Anti-Spyware - Rapport d'analyse
---------------------------------------------------------
+ Créé à: 23:53:12 23/01/2008
+ Résultat de l'analyse:
AVG Anti-Spyware - Rapport d'analyse
---------------------------------------------------------
+ Créé à: 11:17:20 24/01/2008
+ Résultat de l'analyse:
C:\Documents and Settings\Alice_2\Cookies\alice_2@atdmt[1].txt -> TrackingCookie.Atdmt : Nettoyé.
:mozilla.33:C:\Documents and Settings\Guy\Application Data\Mozilla\Firefox\Profiles\511rqfuu.default\cookies.txt -> TrackingCookie.Connextra : Nettoyé.
:mozilla.122:C:\Documents and Settings\Guy\Application Data\Mozilla\Firefox\Profiles\511rqfuu.default\cookies.txt -> TrackingCookie.Msn : Nettoyé.
:mozilla.114:C:\Documents and Settings\Guy\Application Data\Mozilla\Firefox\Profiles\511rqfuu.default\cookies.txt -> TrackingCookie.Popularix : Nettoyé.
Fin du rapportBitDefender Online Scanner
Scan report generated at: Thu, Jan 24, 2008 - 13:01:37
Scan path: A:\;C:\;D:\;E:\;H:\;I:\;
Statistics
Time
01:41:25
Files
322099
Folders
12106
Boot Sectors
3
Archives
7951
Packed Files
20351
Results
Identified Viruses
1
Infected Files
1
Suspect Files
0
Warnings
0
Disinfected
0
Deleted Files
1
Engines Info
Virus Definitions
893300
Engine build
AVCORE v1.0 (build 2422) (i386) (Sep 25 2007 08:26:36)
Scan plugins
14
Archive plugins
38
Unpack plugins
7
E-mail plugins
6
System plugins
1
Scan Settings
First Action
Disinfect
Second Action
Delete
Heuristics
Yes
Enable Warnings
Yes
Scanned Extensions
*;
Exclude Extensions
Scan Emails
Yes
Scan Archives
Yes
Scan Packed
Yes
Scan Files
Yes
Scan Boot
Yes
Scanned File
Status
D:\PHIL INSTALL\IncrediMail Data.cab=>{42D00B20-479C-11d4-9706-00105A40931C}\Message Store\Inbox.imm=>[Subject: [sourya] Boutade ou r=?ISO-8859-1?B?6W][Date: Mon, 15 Mar 2004 10:47:02 +0100]=>(message body)=>(IFRAME)
Infected with: Exploit.Html.Filedownload.F
D:\PHIL INSTALL\IncrediMail Data.cab=>{42D00B20-479C-11d4-9706-00105A40931C}\Message Store\Inbox.imm=>[Subject: [sourya] Boutade ou r=?ISO-8859-1?B?6W][Date: Mon, 15 Mar 2004 10:47:02 +0100]=>(message body)=>(IFRAME)
Disinfection failed
D:\PHIL INSTALL\IncrediMail Data.cab=>{42D00B20-479C-11d4-9706-00105A40931C}\Message Store\Inbox.imm=>[Subject: [sourya] Boutade ou r=?ISO-8859-1?B?6W][Date: Mon, 15 Mar 2004 10:47:02 +0100]=>(message body)=>(IFRAME)
Deleted
D:\PHIL INSTALL\IncrediMail Data.cab=>{42D00B20-479C-11d4-9706-00105A40931C}\Message Store\Inbox.imm=>[Subject: [sourya] Boutade ou r=?ISO-8859-1?B?6W][Date: Mon, 15 Mar 2004 10:47:02 +0100]=>(message body)
Updated
D:\PHIL INSTALL\IncrediMail Data.cab=>{42D00B20-479C-11d4-9706-00105A40931C}\Message Store\Inbox.imm
Updated
D:\PHIL INSTALL\IncrediMail Data.cab
Update failed
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 13:28:59, on 24/01/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Unable to get Internet Explorer version!
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\WINDOWS\SYSTEM32\DWRCS.EXE
C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\slserv.exe
C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\WINDOWS\system32\LVCOMSX.EXE
C:\Program Files\Logitech\Video\LogiTray.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\Fichiers communs\ACD Systems\FR\DevDetect.exe
C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Weather Watcher\ww.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Fichiers communs\Ahead\lib\NMBgMonitor.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\eMule\emule.exe
C:\Program Files\Logitech\Video\FxSvr2.exe
C:\PROGRA~1\INCRED~1\bin\IMApp.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\SYSTEM32\DWRCST.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Windows Live\Messenger\usnsvc.exe
C:\Documents and Settings\Alice_2\Application Data\Maxthon2\Maxthon.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://home.sweetim.com/
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {34F0F1E7-C8CD-652E-0DB1-283859C54B5D} - (no file)
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe
O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [Device Detector] DevDetect.exe -autorun
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKCU\..\Run: [IncrediMail] C:\Program Files\IncrediMail\bin\IncMail.exe /c
O4 - HKCU\..\Run: [WeatherWatcher] C:\Program Files\Weather Watcher\ww.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Fichiers communs\Ahead\lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [LogitechSoftwareUpdate] "C:\Program Files\Logitech\Video\ManifestEngine.exe" boot
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [eMuleAutoStart] C:\Program Files\eMule\emule.exe -AutoStart
O8 - Extra context menu item: &Search - ?p=ZN
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (file missing)
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (file missing)
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx1.hotmail.com/mail/w2/pr02/resources/MSNPUpld.cab
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scan8/oscan8.cab
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - https://www.trendmicro.com/en_us/forHome/products/housecall.html
O16 - DPF: {7B297BFD-85E4-4092-B2AF-16A91B2EA103} (WScanCtl Class) - http://www.ca.com/us/securityadvisor/virusinfo/webscan.cab
O16 - DPF: {7FC1B346-83E6-4774-8D20-1A6B09B0E737} (Windows Live Photo Upload Control) - http://poemedelavie57.spaces.live.com/PhotoUpload/MsnPUpld.cab
O16 - DPF: {A1F2F2CE-06AF-483C-9F12-D3BAA72477D6} (BatchDownloader Class) - http://appdirectory.messenger.msn.com/AppDirectory/P4Apps/PhotoSwap/DigWXMSN.cab
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMessengerSetupDownloader.cab
O16 - DPF: {B7D07999-2ADB-4AEB-997E-F61CB7B2E2CD} (TSEasyInstallX Control) - http://www.trendsecure.com/easy_install/_activex/fr/TSEasyInstallX.CAB
O17 - HKLM\System\CCS\Services\Tcpip\..\{6E5CEAE4-CAF4-4C71-827B-869E57323092}: NameServer = 84.103.237.141 86.64.145.141
O17 - HKLM\System\CCS\Services\Tcpip\..\{9053B04C-BB2F-4F78-BDBC-04F81F2BC0BE}: NameServer = 192.168.1.1,86.64.145.140
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft AB - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: DameWare Mini Remote Control (DWMRCS) - DameWare Development LLC - C:\WINDOWS\SYSTEM32\DWRCS.EXE
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: SmartLinkService (SLService) - - C:\WINDOWS\SYSTEM32\slserv.exe
O23 - Service: StarWind iSCSI Service (StarWindService) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe
O23 - Service: Windows Live Setup Service (WLSetupSvc) - Unknown owner - C:\Program Files\Windows Live\installer\WLSetupSvc.exe
AVG Anti-Spyware - Rapport d'analyse
---------------------------------------------------------
+ Créé à: 23:53:12 23/01/2008
+ Résultat de l'analyse:
AVG Anti-Spyware - Rapport d'analyse
---------------------------------------------------------
+ Créé à: 11:17:20 24/01/2008
+ Résultat de l'analyse:
C:\Documents and Settings\Alice_2\Cookies\alice_2@atdmt[1].txt -> TrackingCookie.Atdmt : Nettoyé.
:mozilla.33:C:\Documents and Settings\Guy\Application Data\Mozilla\Firefox\Profiles\511rqfuu.default\cookies.txt -> TrackingCookie.Connextra : Nettoyé.
:mozilla.122:C:\Documents and Settings\Guy\Application Data\Mozilla\Firefox\Profiles\511rqfuu.default\cookies.txt -> TrackingCookie.Msn : Nettoyé.
:mozilla.114:C:\Documents and Settings\Guy\Application Data\Mozilla\Firefox\Profiles\511rqfuu.default\cookies.txt -> TrackingCookie.Popularix : Nettoyé.
Fin du rapportBitDefender Online Scanner
Scan report generated at: Thu, Jan 24, 2008 - 13:01:37
Scan path: A:\;C:\;D:\;E:\;H:\;I:\;
Statistics
Time
01:41:25
Files
322099
Folders
12106
Boot Sectors
3
Archives
7951
Packed Files
20351
Results
Identified Viruses
1
Infected Files
1
Suspect Files
0
Warnings
0
Disinfected
0
Deleted Files
1
Engines Info
Virus Definitions
893300
Engine build
AVCORE v1.0 (build 2422) (i386) (Sep 25 2007 08:26:36)
Scan plugins
14
Archive plugins
38
Unpack plugins
7
E-mail plugins
6
System plugins
1
Scan Settings
First Action
Disinfect
Second Action
Delete
Heuristics
Yes
Enable Warnings
Yes
Scanned Extensions
*;
Exclude Extensions
Scan Emails
Yes
Scan Archives
Yes
Scan Packed
Yes
Scan Files
Yes
Scan Boot
Yes
Scanned File
Status
D:\PHIL INSTALL\IncrediMail Data.cab=>{42D00B20-479C-11d4-9706-00105A40931C}\Message Store\Inbox.imm=>[Subject: [sourya] Boutade ou r=?ISO-8859-1?B?6W][Date: Mon, 15 Mar 2004 10:47:02 +0100]=>(message body)=>(IFRAME)
Infected with: Exploit.Html.Filedownload.F
D:\PHIL INSTALL\IncrediMail Data.cab=>{42D00B20-479C-11d4-9706-00105A40931C}\Message Store\Inbox.imm=>[Subject: [sourya] Boutade ou r=?ISO-8859-1?B?6W][Date: Mon, 15 Mar 2004 10:47:02 +0100]=>(message body)=>(IFRAME)
Disinfection failed
D:\PHIL INSTALL\IncrediMail Data.cab=>{42D00B20-479C-11d4-9706-00105A40931C}\Message Store\Inbox.imm=>[Subject: [sourya] Boutade ou r=?ISO-8859-1?B?6W][Date: Mon, 15 Mar 2004 10:47:02 +0100]=>(message body)=>(IFRAME)
Deleted
D:\PHIL INSTALL\IncrediMail Data.cab=>{42D00B20-479C-11d4-9706-00105A40931C}\Message Store\Inbox.imm=>[Subject: [sourya] Boutade ou r=?ISO-8859-1?B?6W][Date: Mon, 15 Mar 2004 10:47:02 +0100]=>(message body)
Updated
D:\PHIL INSTALL\IncrediMail Data.cab=>{42D00B20-479C-11d4-9706-00105A40931C}\Message Store\Inbox.imm
Updated
D:\PHIL INSTALL\IncrediMail Data.cab
Update failed
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 13:28:59, on 24/01/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Unable to get Internet Explorer version!
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\WINDOWS\SYSTEM32\DWRCS.EXE
C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\slserv.exe
C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\WINDOWS\system32\LVCOMSX.EXE
C:\Program Files\Logitech\Video\LogiTray.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\Fichiers communs\ACD Systems\FR\DevDetect.exe
C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Weather Watcher\ww.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Fichiers communs\Ahead\lib\NMBgMonitor.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\eMule\emule.exe
C:\Program Files\Logitech\Video\FxSvr2.exe
C:\PROGRA~1\INCRED~1\bin\IMApp.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\SYSTEM32\DWRCST.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Windows Live\Messenger\usnsvc.exe
C:\Documents and Settings\Alice_2\Application Data\Maxthon2\Maxthon.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://home.sweetim.com/
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {34F0F1E7-C8CD-652E-0DB1-283859C54B5D} - (no file)
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe
O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [Device Detector] DevDetect.exe -autorun
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKCU\..\Run: [IncrediMail] C:\Program Files\IncrediMail\bin\IncMail.exe /c
O4 - HKCU\..\Run: [WeatherWatcher] C:\Program Files\Weather Watcher\ww.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Fichiers communs\Ahead\lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [LogitechSoftwareUpdate] "C:\Program Files\Logitech\Video\ManifestEngine.exe" boot
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [eMuleAutoStart] C:\Program Files\eMule\emule.exe -AutoStart
O8 - Extra context menu item: &Search - ?p=ZN
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (file missing)
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (file missing)
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx1.hotmail.com/mail/w2/pr02/resources/MSNPUpld.cab
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scan8/oscan8.cab
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - https://www.trendmicro.com/en_us/forHome/products/housecall.html
O16 - DPF: {7B297BFD-85E4-4092-B2AF-16A91B2EA103} (WScanCtl Class) - http://www.ca.com/us/securityadvisor/virusinfo/webscan.cab
O16 - DPF: {7FC1B346-83E6-4774-8D20-1A6B09B0E737} (Windows Live Photo Upload Control) - http://poemedelavie57.spaces.live.com/PhotoUpload/MsnPUpld.cab
O16 - DPF: {A1F2F2CE-06AF-483C-9F12-D3BAA72477D6} (BatchDownloader Class) - http://appdirectory.messenger.msn.com/AppDirectory/P4Apps/PhotoSwap/DigWXMSN.cab
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMessengerSetupDownloader.cab
O16 - DPF: {B7D07999-2ADB-4AEB-997E-F61CB7B2E2CD} (TSEasyInstallX Control) - http://www.trendsecure.com/easy_install/_activex/fr/TSEasyInstallX.CAB
O17 - HKLM\System\CCS\Services\Tcpip\..\{6E5CEAE4-CAF4-4C71-827B-869E57323092}: NameServer = 84.103.237.141 86.64.145.141
O17 - HKLM\System\CCS\Services\Tcpip\..\{9053B04C-BB2F-4F78-BDBC-04F81F2BC0BE}: NameServer = 192.168.1.1,86.64.145.140
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft AB - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: DameWare Mini Remote Control (DWMRCS) - DameWare Development LLC - C:\WINDOWS\SYSTEM32\DWRCS.EXE
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: SmartLinkService (SLService) - - C:\WINDOWS\SYSTEM32\slserv.exe
O23 - Service: StarWind iSCSI Service (StarWindService) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe
O23 - Service: Windows Live Setup Service (WLSetupSvc) - Unknown owner - C:\Program Files\Windows Live\installer\WLSetupSvc.exe
Salut
Relance HijackThis : choisis " do a scan only" coche la case devant les lignes ci-dessous et clique en bas sur "fix checked" :
O2 - BHO: (no name) - {34F0F1E7-C8CD-652E-0DB1-283859C54B5D} - (no file)
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe
O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Fichiers communs\Ahead\lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [LogitechSoftwareUpdate] "C:\Program Files\Logitech\Video\ManifestEngine.exe" boot
et précise l'évolution de la situation
++
Relance HijackThis : choisis " do a scan only" coche la case devant les lignes ci-dessous et clique en bas sur "fix checked" :
O2 - BHO: (no name) - {34F0F1E7-C8CD-652E-0DB1-283859C54B5D} - (no file)
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe
O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Fichiers communs\Ahead\lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [LogitechSoftwareUpdate] "C:\Program Files\Logitech\Video\ManifestEngine.exe" boot
et précise l'évolution de la situation
++
Bonjour,
Je n'ai plus de fenêtres cid intempestives. Je pense donc en être débarrassée. Je te remercie beaucoup... à moins que tu me suggéres de faire encore autre chose....
Je n'ai plus de fenêtres cid intempestives. Je pense donc en être débarrassée. Je te remercie beaucoup... à moins que tu me suggéres de faire encore autre chose....
salut
non, c'est tout bon, il faut juste installer un parefeu !
voir ici : http://www.commentcamarche.net/faq/sujet 2432 securite proteger un ordinateur contre les malwares d internet
++
non, c'est tout bon, il faut juste installer un parefeu !
voir ici : http://www.commentcamarche.net/faq/sujet 2432 securite proteger un ordinateur contre les malwares d internet
++
Bonjour à Tous !
Je suis sérieusement entrain de m'énerver à cause des fenêtres CiD,d 'autant plus que je viens de formater mon pc et à nouveau les
fenêtres sont réapparues ! J'ai téléchargé le rapport hijack mais par contre je n'y connais absolument rien... Est ce que quelqu'un peut
m'aider s'il vous plait ? ? ?
Merci d'avance...
Je suis sérieusement entrain de m'énerver à cause des fenêtres CiD,d 'autant plus que je viens de formater mon pc et à nouveau les
fenêtres sont réapparues ! J'ai téléchargé le rapport hijack mais par contre je n'y connais absolument rien... Est ce que quelqu'un peut
m'aider s'il vous plait ? ? ?
Merci d'avance...
