Sujet Précédent Sujet Suivant

Pub intempestive IE7

lerab52 Messages postés 17 Statut Membre -  
ep44 Messages postés 7432 Statut Contributeur -
Bonjour,
voila j ai un probleme de pub intempestive j ai fait ad aware spy bot mais rien n y fait merci de votre aide
je vous laisse le rapport hijackthis

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 18:36:35, on 27/12/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16574)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
C:\WINDOWS\system32\IoctlSvc.exe
C:\WINDOWS\System32\HPZipm12.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Fichiers communs\Softwin\BitDefender Communicator\xcommsvr.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\HP\hpcoretech\hpcmpmgr.exe
C:\Program Files\USB 2.0 Flash Drive Utility\PLBkMon.exe
C:\WINDOWS\system32\HotfixQ0306270.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\Program Files\TomTom HOME\TomTomHOME.exe
C:\Program Files\QuickTime\QTTask.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\DriveCleaner Free\UDC.exe
C:\Program Files\DriveCleaner Free\udc6cw.exe
C:\Program Files\Fichiers communs\DriveCleaner Free\dnse.exe
C:\Program Files\Fichiers communs\DriveCleaner Free\dcsm.exe
C:\Program Files\OCINS\idnsvr.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\Panasonic\LUMIXSimpleViewer\PhLeAutoRun.exe
C:\PROGRA~1\INCRED~1\bin\IMApp.exe
C:\Program Files\Google\Google Updater\GoogleUpdater.exe
C:\Program Files\HP\Digital Imaging\bin\hpqgalry.exe
C:\Program Files\MSN Messenger\usnsvc.exe
C:\Program Files\Fichiers communs\Softwin\BitDefender Scan Server\bdss.exe
c:\progra~1\softwin\bitdef~2\bdmcon.exe
C:\PROGRA~1\INCRED~1\bin\IncMail.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Windows Live Toolbar\msn_sl.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\Annick\Bureau\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?FORM=TOOLBR&cc=fr&toHttps=1&redig=4527FFF1C12746FC9EDB535C75E80ECC
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://client.jogo.cn/cdn/browser/sidesearch/sidesearch-en.html
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = http://client.jogo.cn/cdn/browser/customsearch/customsearch-en.html
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = https://www.bing.com/?FORM=TOOLBR&cc=fr&toHttps=1&redig=4527FFF1C12746FC9EDB535C75E80ECC
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (file missing)
O2 - BHO: IEAux Class - {7605CC7C-00FD-4A5F-BAFD-828342DE6279} - C:\PROGRA~1\OCINS\ieaux.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.1.615.5858\swg.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O4 - HKLM\..\Run: [BDMCon] C:\PROGRA~1\Softwin\BITDEF~2\bdmcon.exe
O4 - HKLM\..\Run: [BDNewsAgent] C:\PROGRA~1\Softwin\BITDEF~2\bdnagent.exe
O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\System32\\NeroCheck.exe
O4 - HKLM\..\Run: [HP Component Manager] "C:\Program Files\HP\hpcoretech\hpcmpmgr.exe"
O4 - HKLM\..\Run: [TSE_PLUtil] C:\Program Files\USB 2.0 Flash Drive Utility\PLBkMon.exe
O4 - HKLM\..\Run: [PLFFAP] C:\WINDOWS\system32\HotfixQ0306270.exe
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - HKLM\..\Run: [TomTomHOME.exe] "C:\Program Files\TomTom HOME\TomTomHOME.exe" -s
O4 - HKLM\..\Run: [NI.UWAS6V_0001_N91M2208] "c:\documents and settings\annick\application data\winantispyware2006freeinstall_fr[1].exe" -nag
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [DriveCleaner Free] C:\Program Files\DriveCleaner Free\UDC.exe /min
O4 - HKLM\..\Run: [udc6cw] "C:\Program Files\DriveCleaner Free\udc6cw.exe" -c
O4 - HKLM\..\Run: [dnse] "C:\Program Files\Fichiers communs\DriveCleaner Free\dnse.exe" -c
O4 - HKLM\..\Run: [Salestart] "C:\Program Files\Fichiers communs\DriveCleaner Free\dcsm.exe"
O4 - HKLM\..\Run: [IdnSvr] C:\Program Files\OCINS\idnsvr.exe
O4 - HKLM\..\Run: [ieup] C:\Program Files\ieup\inetsvr.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [WOOKIT] C:\PROGRA~1\Wanadoo\Shell.exe appLaunchClientZone.shl|DEFAULT=cnx|PARAM=
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [IncrediMail] C:\Program Files\IncrediMail\bin\IncMail.exe /c
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [AdobeUpdater] C:\Program Files\Fichiers communs\Adobe\Updater5\AdobeUpdater.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Démarrage rapide du logiciel HP Image Zone.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: LUMIX Simple Viewer.lnk = ?
O4 - Global Startup: Outil de mise à jour Google.lnk = C:\Program Files\Google\Google Updater\GoogleUpdater.exe
O8 - Extra context menu item: &Access Internet Keyword - C:\Program Files\OCINS\cnrbtn.html
O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: Add to Windows &Live Favorites - https://onedrive.live.com/?id=favorites
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Chinese Navigation - {B012491E-8FA4-4851-AA9B-22E33784FBAD} - C:\Program Files\OCINS\config.exe
O9 - Extra 'Tools' menuitem: Chinese Navigation - {B012491E-8FA4-4851-AA9B-22E33784FBAD} - C:\Program Files\OCINS\config.exe
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll
O16 - DPF: {5C051655-FCD5-4969-9182-770EA5AA5565} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown.cab56986.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/...
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/...
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~3\GOEC62~1.DLL
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: BitDefender Scan Server (bdss) - Unknown owner - C:\Program Files\Fichiers communs\Softwin\BitDefender Scan Server\bdss.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: PLFlash DeviceIoControl Service - Prolific Technology Inc. - C:\WINDOWS\system32\IoctlSvc.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\System32\HPZipm12.exe
O23 - Service: BitDefender Communicator (XCOMM) - Softwin - C:\Program Files\Fichiers communs\Softwin\BitDefender Communicator\xcommsvr.exe
A voir également:

19 réponses

Réponse 1 / 19
ep44 Messages postés 7432 Statut Contributeur 3
 
Bonsoir

Télécharge sur le Bureau.
http://www.atribune.org/ccount/click.php?id=4

=> Double-clic VundoFix.exe.
=> Clic OK
=> Attendre le redemarrage de Vundofix
=> Clic Scan for Vundo
=> Le scan est assez long , à la fin
=> Clic Remove Vundo
=> Puis yes
=> Le Bureau disparaît un moment lors de la suppression des fichiers.
=> Message shutdown
=> clic OK
=> Redémarrage auto
=> copier le rapport qui est dans C:vundofix.txt

ensuite
Télécharge sur le bureau
http://secured2k.home.comcast.net/tools/VirtumundoBeGone.exe
=> Double clic sur VirtumundoBeGone.exe
=> Clic Continue ==> clic Start
=> Clic Oui
=> A la fin si Vundo est présent , le PC s’éteint et redémarre
- Si Ecran bleu et message : Erreur fatale .. pas de problème
=> Poster le rapport VBG.TXT qui est sur le bureau

ensuite une fois ceci fait refais un rapport hijack
@+
0
Réponse 2 / 19
lerab52 Messages postés 17 Statut Membre
 
mince j avais fait avec navilog je vais recommencer alors

Search Navipromo version 3.3.8 commencé le 27/12/2007 à 18:55:22,36

!!! Attention,ce rapport peut indiquer des fichiers/programmes légitimes!!!
!!! Postez ce rapport sur le forum pour le faire analyser !!!
!!! Ne lancez pas la partie désinfection sans l'avis d'un spécialiste !!!

Outil exécuté depuis C:\Program Files\navilog1
Mise à jour le 11.12.2007 à 18h00 par IL-MAFIOSO

Microsoft Windows XP [version 5.1.2600]
Internet Explorer : 7.0.5730.11
Système de fichiers : NTFS

Executé en mode normal

*** Recherche Programmes installés ***

*** Recherche dossiers dans C:\WINDOWS ***

*** Recherche dossiers dans C:\Program Files ***

*** Recherche dossiers dans C:\DOCUME~1\ALLUSE~1\APPLIC~1 ***

*** Recherche dossiers dans "C:\Documents and Settings\Annick\application data" ***

*** Recherche dossiers dans C:\DOCUME~1\ALLUSE~1\MENUDM~1\PROGRA~1 ***

*** Recherche avec Catchme-rootkit/stealth malware detector par gmer ***
pour + d'infos : http://www.gmer.net

Aucun Fichier trouvé

*** Recherche avec GenericNaviSearch ***
!!! Tous ces résultats peuvent révéler des fichiers légitimes !!!
!!! A vérifier impérativement avant toute suppression manuelle !!!

* Recherche dans C:\WINDOWS\system32 *

* Recherche dans "C:\Documents and Settings\Annick\local settings\application data" *

*** Recherche fichiers ***

*** Recherche clés spécifiques dans le Registre ***

*** Module de Recherche complémentaire ***
(Recherche fichiers spécifiques)

1)Recherche nouveaux fichiers Instant Access :

2)Recherche Heuristique :

* Dans C:\WINDOWS\system32 :

* Dans "C:\Documents and Settings\Annick\local settings\application data" :

3)Recherche Certificats :

Certificat Egroup absent !

4)Recherche fichiers connus :

*** Analyse terminée le 27/12/2007 à 19:10:07,88 ***
0
Réponse 3 / 19
ep44 Messages postés 7432 Statut Contributeur 3
 
en effet pour l'instant pas de navilog demander
tu as déjà créer un sujet pour le même soucis http://www.commentcamarche.net/forum/affich 4289045 pubs intempestives avec firefox#0
sauf que maintenant tu dis avoir des soucis avec ie et plus firefox
ok mais il vaut mieux utiliser firefox que ie
pour ce qui est de ton rapport hijack tu est beaucoup plus infectés
donc essaye de suivre les manip demandés
@+
0
Réponse 4 / 19
lerab52 Messages postés 17 Statut Membre
 
oui en effet mais la je suis sur le pc de ma belle mere lol elle n utilise pas firefox le sujet d avant c etait pour mon pc mais je n ai plus de probleme
0

Vous n’avez pas trouvé la réponse que vous recherchez ?

Posez votre question
Réponse 5 / 19
ep44 Messages postés 7432 Statut Contributeur 3
 
oki ;-)

poste les rapports demandés
@+
0
Réponse 6 / 19
lerab52 Messages postés 17 Statut Membre
 
VundoFix V6.7.7

Checking Java version...

Sun Java not detected
Scan started at 20:21:33 27/12/2007

Listing files found while scanning....

No infected files were found.

Beginning removal...

je passe au suivant

[12/27/2007, 21:22:05] - VirtumundoBeGone v1.5 ( "C:\Documents and Settings\Annick\Bureau\VirtumundoBeGone.exe" )
[12/27/2007, 21:22:09] - Detected System Information:
[12/27/2007, 21:22:09] - Windows Version: 5.1.2600, Service Pack 2
[12/27/2007, 21:22:09] - Current Username: Annick (Admin)
[12/27/2007, 21:22:09] - Windows is in NORMAL mode.
[12/27/2007, 21:22:09] - Searching for Browser Helper Objects:
[12/27/2007, 21:22:09] - BHO 1: {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} (Aide pour le lien d'Adobe PDF Reader)
[12/27/2007, 21:22:09] - BHO 2: {7605CC7C-00FD-4A5F-BAFD-828342DE6279} (IEAux Class)
[12/27/2007, 21:22:09] - BHO 3: {9030D464-4C02-4ABF-8ECC-5164760863C6} (Windows Live Sign-in Helper)
[12/27/2007, 21:22:09] - BHO 4: {AA58ED58-01DD-4d91-8333-CF10577473F7} (Google Toolbar Helper)
[12/27/2007, 21:22:09] - BHO 5: {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} (Google Toolbar Notifier BHO)
[12/27/2007, 21:22:09] - BHO 6: {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} (Windows Live Toolbar Helper)
[12/27/2007, 21:22:09] - Finished Searching Browser Helper Objects
[12/27/2007, 21:22:09] - Finishing up...
[12/27/2007, 21:22:09] - Nothing found! Exiting...

hijackthis

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 21:24:36, on 27/12/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16574)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
C:\WINDOWS\system32\IoctlSvc.exe
C:\WINDOWS\System32\HPZipm12.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\HP\hpcoretech\hpcmpmgr.exe
C:\Program Files\USB 2.0 Flash Drive Utility\PLBkMon.exe
C:\WINDOWS\system32\HotfixQ0306270.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\DriveCleaner Free\UDC.exe
C:\Program Files\DriveCleaner Free\udc6cw.exe
C:\Program Files\Fichiers communs\DriveCleaner Free\dnse.exe
C:\Program Files\Fichiers communs\DriveCleaner Free\dcsm.exe
C:\Program Files\OCINS\idnsvr.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\Panasonic\LUMIXSimpleViewer\PhLeAutoRun.exe
C:\PROGRA~1\INCRED~1\bin\IMApp.exe
C:\Program Files\Google\Google Updater\GoogleUpdater.exe
C:\Program Files\HP\Digital Imaging\bin\hpqgalry.exe
C:\Program Files\MSN Messenger\usnsvc.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Documents and Settings\Annick\Bureau\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?FORM=TOOLBR&cc=fr&toHttps=1&redig=4527FFF1C12746FC9EDB535C75E80ECC
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://client.jogo.cn/cdn/browser/sidesearch/sidesearch-en.html
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = http://client.jogo.cn/cdn/browser/customsearch/customsearch-en.html
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = https://www.bing.com/?FORM=TOOLBR&cc=fr&toHttps=1&redig=4527FFF1C12746FC9EDB535C75E80ECC
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (file missing)
O2 - BHO: IEAux Class - {7605CC7C-00FD-4A5F-BAFD-828342DE6279} - C:\PROGRA~1\OCINS\ieaux.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.1.615.5858\swg.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\System32\\NeroCheck.exe
O4 - HKLM\..\Run: [HP Component Manager] "C:\Program Files\HP\hpcoretech\hpcmpmgr.exe"
O4 - HKLM\..\Run: [TSE_PLUtil] C:\Program Files\USB 2.0 Flash Drive Utility\PLBkMon.exe
O4 - HKLM\..\Run: [PLFFAP] C:\WINDOWS\system32\HotfixQ0306270.exe
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - HKLM\..\Run: [TomTomHOME.exe] "C:\Program Files\TomTom HOME\TomTomHOME.exe" -s
O4 - HKLM\..\Run: [NI.UWAS6V_0001_N91M2208] "c:\documents and settings\annick\application data\winantispyware2006freeinstall_fr[1].exe" -nag
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [DriveCleaner Free] C:\Program Files\DriveCleaner Free\UDC.exe /min
O4 - HKLM\..\Run: [udc6cw] "C:\Program Files\DriveCleaner Free\udc6cw.exe" -c
O4 - HKLM\..\Run: [dnse] "C:\Program Files\Fichiers communs\DriveCleaner Free\dnse.exe" -c
O4 - HKLM\..\Run: [Salestart] "C:\Program Files\Fichiers communs\DriveCleaner Free\dcsm.exe"
O4 - HKLM\..\Run: [IdnSvr] C:\Program Files\OCINS\idnsvr.exe
O4 - HKLM\..\Run: [ieup] C:\Program Files\ieup\inetsvr.exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [WOOKIT] C:\PROGRA~1\Wanadoo\Shell.exe appLaunchClientZone.shl|DEFAULT=cnx|PARAM=
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [IncrediMail] C:\Program Files\IncrediMail\bin\IncMail.exe /c
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [AdobeUpdater] C:\Program Files\Fichiers communs\Adobe\Updater5\AdobeUpdater.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Démarrage rapide du logiciel HP Image Zone.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: LUMIX Simple Viewer.lnk = ?
O4 - Global Startup: Outil de mise à jour Google.lnk = C:\Program Files\Google\Google Updater\GoogleUpdater.exe
O8 - Extra context menu item: &Access Internet Keyword - C:\Program Files\OCINS\cnrbtn.html
O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: Add to Windows &Live Favorites - https://onedrive.live.com/?id=favorites
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Chinese Navigation - {B012491E-8FA4-4851-AA9B-22E33784FBAD} - C:\Program Files\OCINS\config.exe
O9 - Extra 'Tools' menuitem: Chinese Navigation - {B012491E-8FA4-4851-AA9B-22E33784FBAD} - C:\Program Files\OCINS\config.exe
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll
O16 - DPF: {5C051655-FCD5-4969-9182-770EA5AA5565} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown.cab56986.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/...
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/...
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~3\GOEC62~1.DLL
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: PLFlash DeviceIoControl Service - Prolific Technology Inc. - C:\WINDOWS\system32\IoctlSvc.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\System32\HPZipm12.exe
0
Réponse 7 / 19
ep44 Messages postés 7432 Statut Contributeur 3
 
rien pour cela
Télécharge Combofix sUBs : http://download.bleepingcomputer.com/sUBs/ComboFix.exe
et sauvegarde le sur ton bureau et pas ailleurs!

Double-clic sur combofix,
Attends que combofix ait terminé, un rapport sera créé. Poste le rapport.
0
Réponse 8 / 19
lerab52 Messages postés 17 Statut Membre
 
voici le rapport merci encore

ComboFix 07-12-21.4 - Annick 2007-12-28 10:03:35.1 - NTFSx86
Microsoft Windows XP Professionnel 5.1.2600.2.1252.1.1036.18.431 [GMT 1:00]Running from: C:\Documents and Settings\Annick\Bureau\ComboFix.exe
* Created a new restore point
.

(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\Documents and Settings\All Users\Application Data.\salesmonitor
C:\Documents and Settings\All Users\Application Data\WinAntiVirus Pro 2007
C:\Documents and Settings\All Users\Application Data\WinAntiVirus Pro 2007\Data\Abbr
C:\Documents and Settings\All Users\Application Data\WinAntiVirus Pro 2007\Data\ActivationCode
C:\Documents and Settings\All Users\Application Data\WinAntiVirus Pro 2007\Data\ProductCode
C:\Documents and Settings\All Users\Menu Démarrer\Programmes.\DriveCleaner Free
C:\Documents and Settings\All Users\Menu Démarrer\Programmes.\DriveCleaner Free\ Page d'accueil deDriveCleaner.lnk
C:\Documents and Settings\All Users\Menu Démarrer\Programmes.\DriveCleaner Free\DriveCleaner.lnk
C:\Documents and Settings\All Users\Menu Démarrer\Programmes.\DriveCleaner Free\Désinstaller de DriveCleaner.lnk
C:\Documents and Settings\All Users\Menu Démarrer\Programmes.\DriveCleaner Free\Mode d'emploi en ligne de DriveCleaner.lnk
C:\Documents and Settings\All Users\Menu Démarrer\Programmes.\DriveCleaner Free\Support en ligne de DriveCleaner.lnk
C:\Documents and Settings\All Users\Menu Démarrer\Programmes\DriveCleaner Free\ Page d'accueil deDriveCleaner.lnk
C:\Documents and Settings\All Users\Menu Démarrer\Programmes\DriveCleaner Free\DriveCleaner.lnk
C:\Documents and Settings\All Users\Menu Démarrer\Programmes\DriveCleaner Free\Désinstaller de DriveCleaner.lnk
C:\Documents and Settings\All Users\Menu Démarrer\Programmes\DriveCleaner Free\Mode d'emploi en ligne de DriveCleaner.lnk
C:\Documents and Settings\All Users\Menu Démarrer\Programmes\DriveCleaner Free\Support en ligne de DriveCleaner.lnk
C:\Documents and Settings\Annick\Application Data\DriveCleaner Free
C:\Documents and Settings\Annick\Application Data\DriveCleaner Free\Logs\update.log
C:\Documents and Settings\Annick\Application Data\WinAntiSpyware 2006
C:\Documents and Settings\Annick\Application Data\WinAntiSpyware 2006\Logs\update.log
C:\Documents and Settings\Annick\Application Data\WinAntiVirus Pro 2007
C:\Documents and Settings\Annick\Application Data\WinAntiVirus Pro 2007\avtasks.dat
C:\Documents and Settings\Annick\Application Data\WinAntiVirus Pro 2007\CookieList.dat
C:\Documents and Settings\Annick\Application Data\WinAntiVirus Pro 2007\history.db
C:\Documents and Settings\Annick\Application Data\WinAntiVirus Pro 2007\Logs\update.log
C:\Documents and Settings\Annick\Application Data\WinAntiVirus Pro 2007\Logs\wa7Support.log
C:\Documents and Settings\Annick\Application Data\WinAntiVirus Pro 2007\Logs\winav.log
C:\Documents and Settings\Annick\Application Data\WinAntiVirus Pro 2007\PGE.dat
C:\Documents and Settings\Annick\Bureau\DriveCleaner Free.lnk
C:\Documents and Settings\Annick\Bureau\Installer WinAntiSpyware 2006 .lnk
C:\Documents and Settings\Annick\err.log
C:\Documents and Settings\Annick\ravmonlog
C:\Documents and Settings\Annick\ResErrors.log
C:\Program Files\DriveCleaner Free
C:\Program Files\DriveCleaner Free\Activate.dat
C:\Program Files\DriveCleaner Free\Appbase\AE_CD_Cr.dat
C:\Program Files\DriveCleaner Free\Appbase\AReadr4.dat
C:\Program Files\DriveCleaner Free\Appbase\AReadr5.dat
C:\Program Files\DriveCleaner Free\Appbase\ASDSEEpv.dat
C:\Program Files\DriveCleaner Free\Appbase\ASPack.dat
C:\Program Files\DriveCleaner Free\Appbase\Babylon.dat
C:\Program Files\DriveCleaner Free\Appbase\BDelphi5.dat
C:\Program Files\DriveCleaner Free\Appbase\CatchUp.dat
C:\Program Files\DriveCleaner Free\Appbase\CBuildr5.dat
C:\Program Files\DriveCleaner Free\Appbase\CCGA.dat
C:\Program Files\DriveCleaner Free\Appbase\CManager.dat
C:\Program Files\DriveCleaner Free\Appbase\CuteFTP4.dat
C:\Program Files\DriveCleaner Free\Appbase\CuteHTML.dat
C:\Program Files\DriveCleaner Free\Appbase\DAcceler.dat
C:\Program Files\DriveCleaner Free\Appbase\DiscJug.dat
C:\Program Files\DriveCleaner Free\Appbase\ECDCreat4.dat
C:\Program Files\DriveCleaner Free\Appbase\Far.dat
C:\Program Files\DriveCleaner Free\Appbase\FFTsks.dat
C:\Program Files\DriveCleaner Free\Appbase\FlashFXP.dat
C:\Program Files\DriveCleaner Free\Appbase\FrntPage.dat
C:\Program Files\DriveCleaner Free\Appbase\FrontPEx.dat
C:\Program Files\DriveCleaner Free\Appbase\FtpEXP.dat
C:\Program Files\DriveCleaner Free\Appbase\FtpVoya.dat
C:\Program Files\DriveCleaner Free\Appbase\GetRight.dat
C:\Program Files\DriveCleaner Free\Appbase\GoZilla.dat
C:\Program Files\DriveCleaner Free\Appbase\GravMRU.dat
C:\Program Files\DriveCleaner Free\Appbase\H_TxtPad.dat
C:\Program Files\DriveCleaner Free\Appbase\HomeSite.dat
C:\Program Files\DriveCleaner Free\Appbase\HotDogPr.dat
C:\Program Files\DriveCleaner Free\Appbase\IconExtr.dat
C:\Program Files\DriveCleaner Free\Appbase\iMesh.dat
C:\Program Files\DriveCleaner Free\Appbase\ImgReady3.dat
C:\Program Files\DriveCleaner Free\Appbase\InsShExp.dat
C:\Program Files\DriveCleaner Free\Appbase\JASC_P_P.dat
C:\Program Files\DriveCleaner Free\Appbase\KaZaA.dat
C:\Program Files\DriveCleaner Free\Appbase\LView.dat
C:\Program Files\DriveCleaner Free\Appbase\MacDir.dat
C:\Program Files\DriveCleaner Free\Appbase\MacDrWea.dat
C:\Program Files\DriveCleaner Free\Appbase\MicAng.dat
C:\Program Files\DriveCleaner Free\Appbase\MicDes.dat
C:\Program Files\DriveCleaner Free\Appbase\MM_CON.dat
C:\Program Files\DriveCleaner Free\Appbase\MMUnDisk.dat
C:\Program Files\DriveCleaner Free\Appbase\Morpheus.dat
C:\Program Files\DriveCleaner Free\Appbase\MPaint.dat
C:\Program Files\DriveCleaner Free\Appbase\MPicPub.dat
C:\Program Files\DriveCleaner Free\Appbase\MPImaGal.dat
C:\Program Files\DriveCleaner Free\Appbase\MSExplorer.dat
C:\Program Files\DriveCleaner Free\Appbase\MSoffice.dat
C:\Program Files\DriveCleaner Free\Appbase\MSRegEdit.dat
C:\Program Files\DriveCleaner Free\Appbase\MSWMP.dat
C:\Program Files\DriveCleaner Free\Appbase\MSWordPad.dat
C:\Program Files\DriveCleaner Free\Appbase\Nero.dat
C:\Program Files\DriveCleaner Free\Appbase\NetShow.dat
C:\Program Files\DriveCleaner Free\Appbase\NTBackup.dat
C:\Program Files\DriveCleaner Free\Appbase\pfilelst.xda
C:\Program Files\DriveCleaner Free\Appbase\PhotShel.dat
C:\Program Files\DriveCleaner Free\Appbase\PHPCoder.dat
C:\Program Files\DriveCleaner Free\Appbase\PowerZIP.dat
C:\Program Files\DriveCleaner Free\Appbase\RapidBr.dat
C:\Program Files\DriveCleaner Free\Appbase\RealAuPl.dat
C:\Program Files\DriveCleaner Free\Appbase\RealDown.dat
C:\Program Files\DriveCleaner Free\Appbase\SecurCRT.dat
C:\Program Files\DriveCleaner Free\Appbase\SL_BlWin.dat
C:\Program Files\DriveCleaner Free\Appbase\SmartClr.dat
C:\Program Files\DriveCleaner Free\Appbase\Sonique.dat
C:\Program Files\DriveCleaner Free\Appbase\StuffIt.dat
C:\Program Files\DriveCleaner Free\Appbase\TelepPro.dat
C:\Program Files\DriveCleaner Free\Appbase\UGifAnim.dat
C:\Program Files\DriveCleaner Free\Appbase\UltraEd.dat
C:\Program Files\DriveCleaner Free\Appbase\UMedStud.dat
C:\Program Files\DriveCleaner Free\Appbase\UPhImpV.dat
C:\Program Files\DriveCleaner Free\Appbase\UPhotoEx.dat
C:\Program Files\DriveCleaner Free\Appbase\UVidStud.dat
C:\Program Files\DriveCleaner Free\Appbase\VNC.dat
C:\Program Files\DriveCleaner Free\Appbase\WebFeret.dat
C:\Program Files\DriveCleaner Free\Appbase\WebReap.dat
C:\Program Files\DriveCleaner Free\Appbase\WinACE.dat
C:\Program Files\DriveCleaner Free\Appbase\WinGate.dat
C:\Program Files\DriveCleaner Free\Appbase\WinRAR.dat
C:\Program Files\DriveCleaner Free\Appbase\WinZIP.dat
C:\Program Files\DriveCleaner Free\Appbase\WiseInst.dat
C:\Program Files\DriveCleaner Free\Appbase\wordslst.xda
C:\Program Files\DriveCleaner Free\Appbase\YahooPl.dat
C:\Program Files\DriveCleaner Free\Appbase\ZipMagic.dat
C:\Program Files\DriveCleaner Free\atl71.dll
C:\Program Files\DriveCleaner Free\AV.dat
C:\Program Files\DriveCleaner Free\bnlink.dat
C:\Program Files\DriveCleaner Free\diagnosis.dat
C:\Program Files\DriveCleaner Free\err.log
C:\Program Files\DriveCleaner Free\InstHelp.exe
C:\Program Files\DriveCleaner Free\lapv.dat
C:\Program Files\DriveCleaner Free\license.rtf
C:\Program Files\DriveCleaner Free\manual.url
C:\Program Files\DriveCleaner Free\mfc71.dll
C:\Program Files\DriveCleaner Free\msvcp71.dll
C:\Program Files\DriveCleaner Free\msvcr71.dll
C:\Program Files\DriveCleaner Free\pv.dat
C:\Program Files\DriveCleaner Free\pv.exe
C:\Program Files\DriveCleaner Free\readme.rtf
C:\Program Files\DriveCleaner Free\remnag.dat
C:\Program Files\DriveCleaner Free\ResErrors.log
C:\Program Files\DriveCleaner Free\ScanReport.dat
C:\Program Files\DriveCleaner Free\Schedule.dat
C:\Program Files\DriveCleaner Free\sr.log
C:\Program Files\DriveCleaner Free\support.url
C:\Program Files\DriveCleaner Free\UDC.exe
C:\Program Files\DriveCleaner Free\UDC.xml
C:\Program Files\DriveCleaner Free\udc6cw.exe
C:\Program Files\DriveCleaner Free\UDC6V.url
C:\Program Files\DriveCleaner Free\UDCPChk.dll
C:\Program Files\DriveCleaner Free\unins000.dat
C:\Program Files\DriveCleaner Free\unins000.exe
C:\Program Files\DriveCleaner Free\uninstall.ico
C:\Program Files\DriveCleaner Free\up.dat
C:\Program Files\DriveCleaner Free\updater.dat
C:\Program Files\DriveCleaner Free\vbpv.dat
C:\Program Files\Fichiers communs\drivecleaner free
C:\Program Files\Fichiers communs\drivecleaner free\dcsm.exe
C:\Program Files\Fichiers communs\drivecleaner free\dnse.exe
C:\Program Files\Fichiers communs\drivecleaner free\up.dat
C:\Program Files\Fichiers communs\winantivirus pro 2007
C:\Program Files\Fichiers communs\winantivirus pro 2007\err.log
C:\Program Files\Fichiers communs\WinAntiVirus Pro 2007\mfc71.dll
C:\Program Files\Fichiers communs\winantivirus pro 2007\msvcp71.dll
C:\Program Files\Fichiers communs\WinAntiVirus Pro 2007\msvcr71.dll
C:\Program Files\OCINS\austr.dll
C:\Program Files\OCINS\cndsv.dll
C:\Program Files\OCINS\cnprovh.dll
C:\Program Files\OCINS\cnrbtn.html
C:\Program Files\OCINS\cnstc.ini
C:\Program Files\OCINS\config.exe
C:\Program Files\OCINS\convf.dll
C:\Program Files\OCINS\convs.dll
C:\Program Files\OCINS\ctrcfg.ini
C:\Program Files\OCINS\cuscfg.dat
C:\Program Files\OCINS\idnaux.dat
C:\Program Files\OCINS\idnsvr.dll
C:\Program Files\OCINS\idnsvr.exe
C:\Program Files\OCINS\ieaux.dll
C:\Program Files\OCINS\kwacs.dat
C:\Program Files\OCINS\kwrep.dat
C:\Program Files\OCINS\ocinfo.dat
C:\Program Files\OCINS\path.dat
C:\Program Files\OCINS\srchsp.dll
C:\Program Files\OCINS\uninstall.exe
C:\Program Files\OCINS\update\austr.dll
C:\Program Files\OCINS\update\cnprov.dat
C:\Program Files\OCINS\update\cnrbtn.html
C:\Program Files\OCINS\update\cnstc.ini
C:\Program Files\OCINS\update\cuscfg.dat
C:\Program Files\OCINS\update\data.cab
C:\Program Files\OCINS\update\data2.cab
C:\Program Files\OCINS\update\idnaux.dat
C:\Program Files\OCINS\update\kwacs.dat
C:\Program Files\OCINS\update\kwrep.dat
C:\Program Files\OCINS\update\ocinfo.dat
C:\Program Files\OCINS\update\path.dat
C:\Program Files\OCINS\update\update.exe
C:\Program Files\OCINS\update\version.dat
C:\Program Files\OCINS\usrcfg.ini
C:\Program Files\OCINS\version.dat
C:\Program Files\winantivirus pro 2007
C:\Program Files\winantivirus pro 2007\ResErrors.log
C:\WINDOWS\ocinfo.dat
C:\WINDOWS\system32\cfx32.ocx
C:\WINDOWS\system32\cnprov.dat
C:\WINDOWS\system32\drivers\cnprov.sys
C:\WINDOWS\system32\drivers\idnaux.sys
C:\WINDOWS\system32\idnreg.dll
C:\WINDOWS\system32\stera.job
C:\Program Files\OCINS

.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))

.
-------\LEGACY_CNPROV
-------\LEGACY_FOPN
-------\cnprov
-------\idnaux
-------\nm

((((((((((((((((((((((((((((( Fichiers cr‚‚s 2007-11-28 to 2007-12-28 ))))))))))))))))))))))))))))))))))))
.

2007-12-27 20:21 . 2007-12-27 20:21 <REP> d-------- C:\VundoFix Backups
2007-12-27 20:19 . 2007-12-04 15:51 42,912 --a------ C:\WINDOWS\system32\drivers\aswTdi.sys
2007-12-27 20:19 . 2007-12-04 15:49 26,624 --a------ C:\WINDOWS\system32\drivers\aavmker4.sys
2007-12-27 20:19 . 2007-12-04 15:53 23,152 --a------ C:\WINDOWS\system32\drivers\aswRdr.sys
2007-12-27 20:18 . 2007-12-27 20:18 <REP> d-------- C:\Program Files\Alwil Software
2007-12-27 20:18 . 2007-12-04 14:04 837,496 --a------ C:\WINDOWS\system32\aswBoot.exe
2007-12-27 20:18 . 2004-01-09 10:13 380,928 --a------ C:\WINDOWS\system32\actskin4.ocx
2007-12-27 20:18 . 2007-12-04 13:54 95,608 --a------ C:\WINDOWS\system32\AvastSS.scr
2007-12-27 20:18 . 2007-12-04 15:55 94,544 --a------ C:\WINDOWS\system32\drivers\aswmon2.sys
2007-12-27 20:18 . 2007-12-04 15:56 93,264 --a------ C:\WINDOWS\system32\drivers\aswmon.sys
2007-12-27 18:54 . 2007-12-27 20:23 <REP> d-------- C:\Program Files\Navilog1
2007-12-04 14:16 . 2007-12-04 14:17 <REP> d-------- C:\Program Files\Snapfish Livres de photo
2007-12-04 14:16 . 2007-12-04 14:17 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Snapfish Livres de photo
2007-12-01 08:25 . 2007-12-01 08:25 32 --a------ C:\WINDOWS\rav_wy.dat
2007-12-01 03:02 . 2007-12-01 03:02 <REP> d-------- C:\Program Files\Windows Live Favorites
2007-11-29 14:17 . 2007-11-29 14:17 <REP> d-------- C:\Program Files\Common Files
2007-11-28 21:42 . 2007-11-28 21:42 <REP> d--hs---- C:\WA7PV
2007-11-28 21:40 . 2001-03-08 19:30 24,064 --a------ C:\WINDOWS\system32\msxml3a.dll
2007-11-28 21:40 . 2004-10-07 14:39 8,704 --a------ C:\WINDOWS\system32\SpOrder.dll

.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2007-12-28 04:10 --------- d-----w C:\Documents and Settings\All Users\Application Data\Google Updater
2007-12-15 21:39 --------- d-----w C:\Program Files\Windows Live Safety Center
2007-12-01 02:03 --------- d-----w C:\Program Files\Windows Live Toolbar
2007-11-19 13:49 --------- d-----w C:\Program Files\Apple Software Update
2007-11-15 13:09 --------- d-----w C:\Program Files\ieup
2007-11-13 10:25 20,480 ----a-w C:\WINDOWS\system32\drivers\secdrv.sys
2007-11-01 07:36 --------- d-----w C:\Program Files\Picasa2
2007-10-29 15:22 --------- d-----w C:\Program Files\DVDFab Express
2007-10-29 15:22 --------- d-----w C:\Documents and Settings\Annick\Application Data\Vso
2007-02-14 13:33 81,920 ----a-w C:\Documents and Settings\Annick\Application Data\ezpinst.exe
2007-02-14 13:33 47,360 ----a-w C:\Documents and Settings\Annick\Application Data\pcouffin.sys
2006-12-24 22:17 278,528 ----a-w C:\Program Files\Fichiers communs\FDEUnInstaller.exe
.

((((((((((((((((((((((((((((((((( Point de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
REGEDIT4
*Note* les ‚l‚ments vides & les ‚l‚ments initiaux l‚gitimes ne sont pas list‚s

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe" [2006-03-02 13:00]
"WOOKIT"="C:\PROGRA~1\Wanadoo\Shell.exe" []
"MsnMsgr"="C:\Program Files\MSN Messenger\MsnMsgr.exe" [2007-01-19 11:55]
"swg"="C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2007-04-05 19:11]
"IncrediMail"="C:\Program Files\IncrediMail\bin\IncMail.exe" [2007-04-15 16:14]
"MSMSGS"="C:\Program Files\Messenger\msmsgs.exe" [2004-10-13 17:24]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NeroCheck"="C:\WINDOWS\System32\\NeroCheck.exe" [2001-07-09 11:50]
"HP Component Manager"="C:\Program Files\HP\hpcoretech\hpcmpmgr.exe" [2005-01-12 14:54]
"TSE_PLUtil"="C:\Program Files\USB 2.0 Flash Drive Utility\PLBkMon.exe" [2004-09-15 16:30]
"PLFFAP"="C:\WINDOWS\system32\HotfixQ0306270.exe" [2003-08-05 10:43]
"HP Software Update"="C:\Program Files\HP\HP Software Update\HPWuSchd2.exe" [2005-02-16 23:11]
"Google Desktop Search"="C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" [2007-04-11 06:41]
"TomTomHOME.exe"="C:\Program Files\TomTom HOME\TomTomHOME.exe" [2007-03-14 15:52]
"Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2007-05-11 02:06]
"QuickTime Task"="C:\Program Files\QuickTime\QTTask.exe" [2007-06-29 05:24]
"iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe" [2007-07-10 08:18]
"ieup"="C:\Program Files\ieup\inetsvr.exe" [2007-09-29 07:55]
"avast!"="C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe" [2007-12-04 14:00]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\System32\CTFMON.EXE" [2006-03-02 13:00]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=C:\PROGRA~1\Google\GOOGLE~3\GOEC62~1.DLL
"LoadAppInit_DLLs"=1 (0x1)

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Authentication Packages REG_MULTI_SZ msv1_0 nwprovau

R0 PLFF;USB Flash Disk Driver;C:\WINDOWS\system32\Drivers\PLFF.sys [2003-10-06 11:29]
R3 mgau;mgau;C:\WINDOWS\system32\DRIVERS\mgaum.sys [2001-08-23 17:03]
R3 SiS7012;Service for AC'97 Sample Driver (WDM);C:\WINDOWS\system32\drivers\sis7012.sys [2004-11-03 13:14]
R3 usbscan;Pilote de scanneur USB;C:\WINDOWS\system32\DRIVERS\usbscan.sys [2004-08-03 22:58]
R3 USBSTOR;Pilote de stockage de masse USB;C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2006-03-02 13:00]
R3 wdm_tridwave;PCI288-Q3DII PCI Audio Driver (WDM);C:\WINDOWS\system32\drivers\tridwave.sys [2007-06-24 14:11]
S3 PL2515;USB SECURITY DEVICE;C:\WINDOWS\system32\DRIVERS\PL2515.sys [2004-09-21 18:39]

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{6e7e5135-4c31-11dc-ab05-000795ede076}]
\Shell\AutoRun\command - E:\InstallTomTomHOME.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{e88aacb4-d1f4-11db-b597-000795ede076}]
\Shell\AutoRun\command - E:\InstallTomTomHOME.exe

.
Contenu du dossier 'Scheduled Tasks/Tƒches planifi‚es'
"2007-12-27 22:51:11 C:\WINDOWS\Tasks\AppleSoftwareUpdate.job"
- C:\Program Files\Apple Software Update\SoftwareUpdate.exe
"2007-12-28 09:10:02 C:\WINDOWS\Tasks\Vérifier les mises à jour de Windows Live Toolbar.job"
.
**************************************************************************

catchme 0.3.1333 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2007-12-28 10:18:00
Windows 5.1.2600 Service Pack 2 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
Completion time: 2007-12-28 10:22:28 - machine was rebooted
.
2007-12-26 21:33:33 --- E O F ---
0
Réponse 9 / 19
ep44 Messages postés 7432 Statut Contributeur 3
 
Bonjour

du ménage de fait ;-)

Télécharge:
http://www.grisoft.cz/filedir/inst/avgas-setup-7.5.1.43.exe AVG-AntiSpyware
= Installer
= Le lancer
= Clic : Mise à jour
------
= Redémarre en mode Sans Échec (le démarrage peut prendre plusieurs minutes)
Attention, pas d’accès à internet dans ce mode. Enregistre ou imprime les consignes.

Relance le Pc et tapote la touche F8 ( ou F5 pour certains) , jusqu’à l’apparition des inscriptions avec choix de démarrage
Avec les touches « flèches », sélectionne Mode sans échec ==> entrée ==>nom utilisateur habituel
-------
= Dans ANALYSE ( en forme de loupe )
==> Paramètres ==> sous COMMENT REAGIR==>clic sur Actions recommandées ==>Quarantaine
==> Clic : Analyse complète du système
En fin de scan ( qui est assez long)
==> Clic Appliquer toutes les actions <== ceci Très important
==> Clic Sauvegarder rapport puis Enregistrer sous et choisir bureau
-------
En mode normal
colle le rapport

--------------------------------------------------------------------------------------
ensuite
telecharge regcleaner

http://ftpclubic70.clubic.com/...

suit les explications de ce tuto pour l'utilisation
http://www.kachouri.com/tuto/tuto-94-regcleaner--nettoyer-le-registre-systeme.html
----------------------------------------------------------------------------------------
ensuite
Fais un scan antivirus en ligne avec Internet Explorer
https://www.bitdefender.fr/
et copie colle le résultat ici
= En bas, à gauche de la fenêtre, clique sur BitDefender SCAN ONLINE
= Dans la nouvelle fenêtre, clique sur I agree
= La fenêtre change encore, clique sur Click here to scan
= Les signatures se chargent, etc.

tuto en image

http://pageperso.aol.fr/rginformatique/mapage/defender.htm

et
reposte un nouveau rapport hijackthis
@+
0
Réponse 10 / 19
lerab52 Messages postés 17 Statut Membre
 
---------------------------------------------------------
AVG Anti-Spyware - Rapport d'analyse
---------------------------------------------------------

+ Créé à: 13:55:23 28/12/2007

+ Résultat de l'analyse:

C:\Program Files\ieup\dsv.dll -> Adware.Cdnup : Nettoyé.
C:\Program Files\Common Files\Companion Wizard\WapCHK.dll -> Adware.Companion : Nettoyé.
C:\qoobox\Quarantine\C\Program Files\DriveCleaner Free\up.dat.vir -> Adware.DriveCleaner : Nettoyé.
C:\qoobox\Quarantine\C\Program Files\DriveCleaner Free\vbpv.dat.vir -> Adware.DriveCleaner : Nettoyé.
C:\System Volume Information\_restore{757AAA3C-E45E-418E-8BFD-BF2DCE196114}\RP372\A0014396.dll -> Adware.ErrorSafe : Nettoyé.
C:\qoobox\Quarantine\C\Program Files\DriveCleaner Free\UDCPChk.dll.vir -> Adware.ErrorSafe : Nettoyé.
C:\System Volume Information\_restore{757AAA3C-E45E-418E-8BFD-BF2DCE196114}\RP372\A0014389.exe -> Adware.Fakealert : Nettoyé.
C:\qoobox\Quarantine\C\Program Files\DriveCleaner Free\InstHelp.exe.vir -> Adware.Fakealert : Nettoyé.
C:\System Volume Information\_restore{757AAA3C-E45E-418E-8BFD-BF2DCE196114}\RP372\A0014403.exe -> Adware.Small : Nettoyé.
C:\System Volume Information\_restore{757AAA3C-E45E-418E-8BFD-BF2DCE196114}\RP372\A0014426.exe -> Adware.Small : Nettoyé.
C:\qoobox\Quarantine\catchme2007-12-28_101714.95.zip/config.exe -> Adware.Small : Nettoyé.
C:\System Volume Information\_restore{757AAA3C-E45E-418E-8BFD-BF2DCE196114}\RP372\A0014410.exe -> Downloader.Agent.bkw : Nettoyé.
C:\System Volume Information\_restore{757AAA3C-E45E-418E-8BFD-BF2DCE196114}\RP372\A0014418.exe -> Downloader.Agent.bkw : Nettoyé.
C:\System Volume Information\_restore{757AAA3C-E45E-418E-8BFD-BF2DCE196114}\RP371\A0014362.exe -> Not-A-Virus.Downloader.Win32.WinFixer.o : Nettoyé.
C:\System Volume Information\_restore{757AAA3C-E45E-418E-8BFD-BF2DCE196114}\RP372\A0014413.exe -> Not-A-Virus.Downloader.Win32.WinFixer.x : Nettoyé.
C:\qoobox\Quarantine\C\Program Files\Fichiers communs\DriveCleaner Free\dcsm.exe.vir -> Not-A-Virus.Downloader.Win32.WinFixer.x : Nettoyé.
C:\Documents and Settings\Annick\Cookies\annick@247realmedia[2].txt -> TrackingCookie.247realmedia : Nettoyé.
:mozilla.305:C:\Documents and Settings\Annick\Application Data\Mozilla\Firefox\Profiles\9301bqoe.default\cookies.txt -> TrackingCookie.2o7 : Nettoyé.
:mozilla.35:C:\Documents and Settings\Annick\Application Data\Mozilla\Firefox\Profiles\9301bqoe.default\cookies.txt -> TrackingCookie.2o7 : Nettoyé.
:mozilla.37:C:\Documents and Settings\Annick\Application Data\Mozilla\Firefox\Profiles\9301bqoe.default\cookies.txt -> TrackingCookie.2o7 : Nettoyé.
:mozilla.38:C:\Documents and Settings\Annick\Application Data\Mozilla\Firefox\Profiles\9301bqoe.default\cookies.txt -> TrackingCookie.2o7 : Nettoyé.
:mozilla.39:C:\Documents and Settings\Annick\Application Data\Mozilla\Firefox\Profiles\9301bqoe.default\cookies.txt -> TrackingCookie.2o7 : Nettoyé.
:mozilla.400:C:\Documents and Settings\Annick\Application Data\Mozilla\Firefox\Profiles\9301bqoe.default\cookies.txt -> TrackingCookie.2o7 : Nettoyé.
:mozilla.413:C:\Documents and Settings\Annick\Application Data\Mozilla\Firefox\Profiles\9301bqoe.default\cookies.txt -> TrackingCookie.2o7 : Nettoyé.
C:\Documents and Settings\Annick\Cookies\annick@2o7[2].txt -> TrackingCookie.2o7 : Nettoyé.
C:\Documents and Settings\Annick\Cookies\annick@aolfr.122.2o7[1].txt -> TrackingCookie.2o7 : Nettoyé.
C:\Documents and Settings\Annick\Cookies\annick@brightcove.112.2o7[1].txt -> TrackingCookie.2o7 : Nettoyé.
C:\Documents and Settings\Annick\Cookies\annick@incredimailltd.112.2o7[1].txt -> TrackingCookie.2o7 : Nettoyé.
C:\Documents and Settings\Annick\Cookies\annick@microsoftwga.112.2o7[1].txt -> TrackingCookie.2o7 : Nettoyé.
C:\Documents and Settings\Annick\Cookies\annick@msnaccountservices.112.2o7[1].txt -> TrackingCookie.2o7 : Nettoyé.
C:\Documents and Settings\Annick\Cookies\annick@msnportal.112.2o7[1].txt -> TrackingCookie.2o7 : Nettoyé.
C:\Documents and Settings\Annick\Cookies\annick@opodo.122.2o7[1].txt -> TrackingCookie.2o7 : Nettoyé.
C:\Documents and Settings\Annick\Cookies\annick@paypal.112.2o7[1].txt -> TrackingCookie.2o7 : Nettoyé.
C:\Documents and Settings\Annick\Cookies\annick@snapfish.112.2o7[1].txt -> TrackingCookie.2o7 : Nettoyé.
:mozilla.125:C:\Documents and Settings\Annick\Application Data\Mozilla\Firefox\Profiles\9301bqoe.default\cookies.txt -> TrackingCookie.Adrevolver : Nettoyé.
C:\Documents and Settings\Annick\Cookies\annick@adrevolver[2].txt -> TrackingCookie.Adrevolver : Nettoyé.
C:\Documents and Settings\Annick\Cookies\annick@media.adrevolver[2].txt -> TrackingCookie.Adrevolver : Nettoyé.
:mozilla.149:C:\Documents and Settings\Annick\Application Data\Mozilla\Firefox\Profiles\9301bqoe.default\cookies.txt -> TrackingCookie.Adtech : Nettoyé.
:mozilla.150:C:\Documents and Settings\Annick\Application Data\Mozilla\Firefox\Profiles\9301bqoe.default\cookies.txt -> TrackingCookie.Adtech : Nettoyé.
C:\Documents and Settings\Annick\Cookies\annick@adtech[2].txt -> TrackingCookie.Adtech : Nettoyé.
:mozilla.23:C:\Documents and Settings\Annick\Application Data\Mozilla\Firefox\Profiles\9301bqoe.default\cookies.txt -> TrackingCookie.Advertising : Nettoyé.
:mozilla.24:C:\Documents and Settings\Annick\Application Data\Mozilla\Firefox\Profiles\9301bqoe.default\cookies.txt -> TrackingCookie.Advertising : Nettoyé.
:mozilla.27:C:\Documents and Settings\Annick\Application Data\Mozilla\Firefox\Profiles\9301bqoe.default\cookies.txt -> TrackingCookie.Advertising : Nettoyé.
:mozilla.28:C:\Documents and Settings\Annick\Application Data\Mozilla\Firefox\Profiles\9301bqoe.default\cookies.txt -> TrackingCookie.Advertising : Nettoyé.
C:\Documents and Settings\Annick\Cookies\annick@advertising[2].txt -> TrackingCookie.Advertising : Nettoyé.
:mozilla.180:C:\Documents and Settings\Annick\Application Data\Mozilla\Firefox\Profiles\9301bqoe.default\cookies.txt -> TrackingCookie.Adviva : Nettoyé.
C:\Documents and Settings\Annick\Cookies\annick@adviva[2].txt -> TrackingCookie.Adviva : Nettoyé.
:mozilla.199:C:\Documents and Settings\Annick\Application Data\Mozilla\Firefox\Profiles\9301bqoe.default\cookies.txt -> TrackingCookie.Atdmt : Nettoyé.
C:\Documents and Settings\Annick\Cookies\annick@atdmt[2].txt -> TrackingCookie.Atdmt : Nettoyé.
:mozilla.124:C:\Documents and Settings\Annick\Application Data\Mozilla\Firefox\Profiles\9301bqoe.default\cookies.txt -> TrackingCookie.Bluestreak : Nettoyé.
C:\Documents and Settings\Annick\Cookies\annick@bluestreak[2].txt -> TrackingCookie.Bluestreak : Nettoyé.
C:\Documents and Settings\Annick\Cookies\annick@iv2.bluestreak[1].txt -> TrackingCookie.Bluestreak : Nettoyé.
:mozilla.352:C:\Documents and Settings\Annick\Application Data\Mozilla\Firefox\Profiles\9301bqoe.default\cookies.txt -> TrackingCookie.Comclick : Nettoyé.
:mozilla.353:C:\Documents and Settings\Annick\Application Data\Mozilla\Firefox\Profiles\9301bqoe.default\cookies.txt -> TrackingCookie.Comclick : Nettoyé.
:mozilla.354:C:\Documents and Settings\Annick\Application Data\Mozilla\Firefox\Profiles\9301bqoe.default\cookies.txt -> TrackingCookie.Comclick : Nettoyé.
C:\Documents and Settings\Annick\Cookies\annick@fl01.ct2.comclick[2].txt -> TrackingCookie.Comclick : Nettoyé.
C:\Documents and Settings\Annick\Cookies\annick@dealtime[1].txt -> TrackingCookie.Dealtime : Nettoyé.
C:\Documents and Settings\Annick\Cookies\annick@stat.dealtime[1].txt -> TrackingCookie.Dealtime : Nettoyé.
:mozilla.93:C:\Documents and Settings\Annick\Application Data\Mozilla\Firefox\Profiles\9301bqoe.default\cookies.txt -> TrackingCookie.Doubleclick : Nettoyé.
C:\Documents and Settings\Annick\Cookies\annick@doubleclick[1].txt -> TrackingCookie.Doubleclick : Nettoyé.
:mozilla.91:C:\Documents and Settings\Annick\Application Data\Mozilla\Firefox\Profiles\9301bqoe.default\cookies.txt -> TrackingCookie.Estat : Nettoyé.
C:\Documents and Settings\Annick\Cookies\annick@estat[1].txt -> TrackingCookie.Estat : Nettoyé.
C:\Documents and Settings\Annick\Cookies\annick@www.etracker[2].txt -> TrackingCookie.Etracker : Nettoyé.
C:\Documents and Settings\Annick\Cookies\annick@as-eu.falkag[1].txt -> TrackingCookie.Falkag : Nettoyé.
:mozilla.290:C:\Documents and Settings\Annick\Application Data\Mozilla\Firefox\Profiles\9301bqoe.default\cookies.txt -> TrackingCookie.Fastclick : Nettoyé.
C:\Documents and Settings\Annick\Cookies\annick@fastclick[1].txt -> TrackingCookie.Fastclick : Nettoyé.
:mozilla.255:C:\Documents and Settings\Annick\Application Data\Mozilla\Firefox\Profiles\9301bqoe.default\cookies.txt -> TrackingCookie.Hitbox : Nettoyé.
:mozilla.256:C:\Documents and Settings\Annick\Application Data\Mozilla\Firefox\Profiles\9301bqoe.default\cookies.txt -> TrackingCookie.Hitbox : Nettoyé.
:mozilla.399:C:\Documents and Settings\Annick\Application Data\Mozilla\Firefox\Profiles\9301bqoe.default\cookies.txt -> TrackingCookie.Hitbox : Nettoyé.
C:\Documents and Settings\Annick\Cookies\annick@ehg-bellcanada.hitbox[1].txt -> TrackingCookie.Hitbox : Nettoyé.
C:\Documents and Settings\Annick\Cookies\annick@ehg-cogemag.hitbox[2].txt -> TrackingCookie.Hitbox : Nettoyé.
C:\Documents and Settings\Annick\Cookies\annick@ehg-dig.hitbox[2].txt -> TrackingCookie.Hitbox : Nettoyé.
C:\Documents and Settings\Annick\Cookies\annick@ehg-foxmovies.hitbox[1].txt -> TrackingCookie.Hitbox : Nettoyé.
C:\Documents and Settings\Annick\Cookies\annick@ehg-frasaget.hitbox[1].txt -> TrackingCookie.Hitbox : Nettoyé.
C:\Documents and Settings\Annick\Cookies\annick@ehg-nokiafin.hitbox[2].txt -> TrackingCookie.Hitbox : Nettoyé.
C:\Documents and Settings\Annick\Cookies\annick@ehg-quechoisir.hitbox[1].txt -> TrackingCookie.Hitbox : Nettoyé.
C:\Documents and Settings\Annick\Cookies\annick@ehg-telecomitalia.hitbox[2].txt -> TrackingCookie.Hitbox : Nettoyé.
C:\Documents and Settings\Annick\Cookies\annick@ehg-yvesrocher.hitbox[2].txt -> TrackingCookie.Hitbox : Nettoyé.
C:\Documents and Settings\Annick\Cookies\annick@hitbox[1].txt -> TrackingCookie.Hitbox : Nettoyé.
C:\Documents and Settings\Annick\Cookies\annick@counter.hitslink[1].txt -> TrackingCookie.Hitslink : Nettoyé.
:mozilla.25:C:\Documents and Settings\Annick\Application Data\Mozilla\Firefox\Profiles\9301bqoe.default\cookies.txt -> TrackingCookie.Imrworldwide : Nettoyé.
:mozilla.26:C:\Documents and Settings\Annick\Application Data\Mozilla\Firefox\Profiles\9301bqoe.default\cookies.txt -> TrackingCookie.Imrworldwide : Nettoyé.
:mozilla.286:C:\Documents and Settings\Annick\Application Data\Mozilla\Firefox\Profiles\9301bqoe.default\cookies.txt -> TrackingCookie.Information : Nettoyé.
C:\Documents and Settings\Annick\Cookies\annick@searchportal.information[1].txt -> TrackingCookie.Information : Nettoyé.
C:\Documents and Settings\Annick\Cookies\annick@ilead.itrack[2].txt -> TrackingCookie.Itrack : Nettoyé.
:mozilla.203:C:\Documents and Settings\Annick\Application Data\Mozilla\Firefox\Profiles\9301bqoe.default\cookies.txt -> TrackingCookie.Mediaplex : Nettoyé.
C:\Documents and Settings\Annick\Cookies\annick@mediaplex[2].txt -> TrackingCookie.Mediaplex : Nettoyé.
:mozilla.221:C:\Documents and Settings\Annick\Application Data\Mozilla\Firefox\Profiles\9301bqoe.default\cookies.txt -> TrackingCookie.Overture : Nettoyé.
C:\Documents and Settings\Annick\Cookies\annick@overture[2].txt -> TrackingCookie.Overture : Nettoyé.
C:\Documents and Settings\Annick\Cookies\annick@ads.planetactive[1].txt -> TrackingCookie.Planetactive : Nettoyé.
:mozilla.427:C:\Documents and Settings\Annick\Application Data\Mozilla\Firefox\Profiles\9301bqoe.default\cookies.txt -> TrackingCookie.Pointroll : Nettoyé.
:mozilla.428:C:\Documents and Settings\Annick\Application Data\Mozilla\Firefox\Profiles\9301bqoe.default\cookies.txt -> TrackingCookie.Pointroll : Nettoyé.
:mozilla.429:C:\Documents and Settings\Annick\Application Data\Mozilla\Firefox\Profiles\9301bqoe.default\cookies.txt -> TrackingCookie.Pointroll : Nettoyé.
:mozilla.430:C:\Documents and Settings\Annick\Application Data\Mozilla\Firefox\Profiles\9301bqoe.default\cookies.txt -> TrackingCookie.Pointroll : Nettoyé.
C:\Documents and Settings\Annick\Cookies\annick@ads.pointroll[1].txt -> TrackingCookie.Pointroll : Nettoyé.
:mozilla.401:C:\Documents and Settings\Annick\Application Data\Mozilla\Firefox\Profiles\9301bqoe.default\cookies.txt -> TrackingCookie.Questionmarket : Nettoyé.
:mozilla.402:C:\Documents and Settings\Annick\Application Data\Mozilla\Firefox\Profiles\9301bqoe.default\cookies.txt -> TrackingCookie.Questionmarket : Nettoyé.
C:\Documents and Settings\Annick\Cookies\annick@questionmarket[2].txt -> TrackingCookie.Questionmarket : Nettoyé.
C:\Documents and Settings\Annick\Cookies\annick@stats1.reliablestats[2].txt -> TrackingCookie.Reliablestats : Nettoyé.
:mozilla.174:C:\Documents and Settings\Annick\Application Data\Mozilla\Firefox\Profiles\9301bqoe.default\cookies.txt -> TrackingCookie.Serving-sys : Nettoyé.
:mozilla.175:C:\Documents and Settings\Annick\Application Data\Mozilla\Firefox\Profiles\9301bqoe.default\cookies.txt -> TrackingCookie.Serving-sys : Nettoyé.
:mozilla.176:C:\Documents and Settings\Annick\Application Data\Mozilla\Firefox\Profiles\9301bqoe.default\cookies.txt -> TrackingCookie.Serving-sys : Nettoyé.
:mozilla.177:C:\Documents and Settings\Annick\Application Data\Mozilla\Firefox\Profiles\9301bqoe.default\cookies.txt -> TrackingCookie.Serving-sys : Nettoyé.
:mozilla.178:C:\Documents and Settings\Annick\Application Data\Mozilla\Firefox\Profiles\9301bqoe.default\cookies.txt -> TrackingCookie.Serving-sys : Nettoyé.
:mozilla.179:C:\Documents and Settings\Annick\Application Data\Mozilla\Firefox\Profiles\9301bqoe.default\cookies.txt -> TrackingCookie.Serving-sys : Nettoyé.
C:\Documents and Settings\Annick\Cookies\annick@bs.serving-sys[1].txt -> TrackingCookie.Serving-sys : Nettoyé.
C:\Documents and Settings\Annick\Cookies\annick@serving-sys[1].txt -> TrackingCookie.Serving-sys : Nettoyé.
C:\Documents and Settings\Annick\Cookies\annick@serving-sys[3].txt -> TrackingCookie.Serving-sys : Nettoyé.
:mozilla.228:C:\Documents and Settings\Annick\Application Data\Mozilla\Firefox\Profiles\9301bqoe.default\cookies.txt -> TrackingCookie.Sitestat : Nettoyé.
:mozilla.229:C:\Documents and Settings\Annick\Application Data\Mozilla\Firefox\Profiles\9301bqoe.default\cookies.txt -> TrackingCookie.Sitestat : Nettoyé.
:mozilla.186:C:\Documents and Settings\Annick\Application Data\Mozilla\Firefox\Profiles\9301bqoe.default\cookies.txt -> TrackingCookie.Smartadserver : Nettoyé.
:mozilla.187:C:\Documents and Settings\Annick\Application Data\Mozilla\Firefox\Profiles\9301bqoe.default\cookies.txt -> TrackingCookie.Smartadserver : Nettoyé.
:mozilla.188:C:\Documents and Settings\Annick\Application Data\Mozilla\Firefox\Profiles\9301bqoe.default\cookies.txt -> TrackingCookie.Smartadserver : Nettoyé.
:mozilla.189:C:\Documents and Settings\Annick\Application Data\Mozilla\Firefox\Profiles\9301bqoe.default\cookies.txt -> TrackingCookie.Smartadserver : Nettoyé.
:mozilla.190:C:\Documents and Settings\Annick\Application Data\Mozilla\Firefox\Profiles\9301bqoe.default\cookies.txt -> TrackingCookie.Smartadserver : Nettoyé.
C:\Documents and Settings\Annick\Cookies\annick@smartadserver[1].txt -> TrackingCookie.Smartadserver : Nettoyé.
:mozilla.304:C:\Documents and Settings\Annick\Application Data\Mozilla\Firefox\Profiles\9301bqoe.default\cookies.txt -> TrackingCookie.Statcounter : Nettoyé.
C:\Documents and Settings\Annick\Cookies\annick@statcounter[2].txt -> TrackingCookie.Statcounter : Nettoyé.
:mozilla.19:C:\Documents and Settings\Annick\Application Data\Mozilla\Firefox\Profiles\9301bqoe.default\cookies.txt -> TrackingCookie.Tradedoubler : Nettoyé.
:mozilla.20:C:\Documents and Settings\Annick\Application Data\Mozilla\Firefox\Profiles\9301bqoe.default\cookies.txt -> TrackingCookie.Tradedoubler : Nettoyé.
C:\Documents and Settings\Annick\Cookies\annick@tradedoubler[1].txt -> TrackingCookie.Tradedoubler : Nettoyé.
:mozilla.119:C:\Documents and Settings\Annick\Application Data\Mozilla\Firefox\Profiles\9301bqoe.default\cookies.txt -> TrackingCookie.Weborama : Nettoyé.
:mozilla.120:C:\Documents and Settings\Annick\Application Data\Mozilla\Firefox\Profiles\9301bqoe.default\cookies.txt -> TrackingCookie.Weborama : Nettoyé.
C:\Documents and Settings\Annick\Cookies\annick@weborama[2].txt -> TrackingCookie.Weborama : Nettoyé.
:mozilla.282:C:\Documents and Settings\Annick\Application Data\Mozilla\Firefox\Profiles\9301bqoe.default\cookies.txt -> TrackingCookie.Webtrends : Nettoyé.
C:\Documents and Settings\Annick\Cookies\annick@m.webtrends[2].txt -> TrackingCookie.Webtrends : Nettoyé.
C:\Documents and Settings\Annick\Cookies\annick@statse.webtrendslive[1].txt -> TrackingCookie.Webtrendslive : Nettoyé.
:mozilla.298:C:\Documents and Settings\Annick\Application Data\Mozilla\Firefox\Profiles\9301bqoe.default\cookies.txt -> TrackingCookie.Yieldmanager : Nettoyé.
C:\Documents and Settings\Annick\Cookies\annick@ad.yieldmanager[1].txt -> TrackingCookie.Yieldmanager : Nettoyé.
C:\Documents and Settings\Annick\Cookies\annick@c5.zedo[1].txt -> TrackingCookie.Zedo : Nettoyé.
C:\Documents and Settings\Annick\Cookies\annick@zedo[1].txt -> TrackingCookie.Zedo : Nettoyé.
C:\System Volume Information\_restore{757AAA3C-E45E-418E-8BFD-BF2DCE196114}\RP372\A0014395.exe -> Trojan.Fakealert.fb : Nettoyé.
C:\qoobox\Quarantine\C\Program Files\DriveCleaner Free\udc6cw.exe.vir -> Trojan.Fakealert.fb : Nettoyé.
C:\System Volume Information\_restore{757AAA3C-E45E-418E-8BFD-BF2DCE196114}\RP372\A0014401.dll -> Trojan.Small : Nettoyé.
C:\System Volume Information\_restore{757AAA3C-E45E-418E-8BFD-BF2DCE196114}\RP372\A0014424.dll -> Trojan.Small : Nettoyé.
C:\qoobox\Quarantine\catchme2007-12-28_101714.95.zip/cnprovh.dll -> Trojan.Small : Nettoyé.

Fin du rapport
0
Réponse 11 / 19
ep44 Messages postés 7432 Statut Contributeur 3
 
as tu passé regcleaner
et il faut aussi le scan de bitdefender
@+
0
Réponse 12 / 19
lerab52 Messages postés 17 Statut Membre
 
merci pour l aide je suis en train de faire le scan bit defender
je postezrai les resultats ce soir car je dois partir merci encore
0
Réponse 13 / 19
ep44 Messages postés 7432 Statut Contributeur 3
 
ok
@+ ;-)
0
Réponse 14 / 19
lerab52 Messages postés 17 Statut Membre
 
mince j ai zappé l export de bitdefender
y avais un virus mais il a tet supprimé

nouvel hijackthis

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 18:57:29, on 28/12/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16574)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
C:\Program Files\Sunbelt Software\Personal Firewall\kpf4ss.exe
C:\WINDOWS\system32\IoctlSvc.exe
C:\WINDOWS\System32\HPZipm12.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\Sunbelt Software\Personal Firewall\kpf4gui.exe
C:\Program Files\Sunbelt Software\Personal Firewall\kpf4gui.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\HP\hpcoretech\hpcmpmgr.exe
C:\Program Files\USB 2.0 Flash Drive Utility\PLBkMon.exe
C:\WINDOWS\system32\HotfixQ0306270.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\HP\Digital Imaging\bin\hpqgalry.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Program Files\MSN Messenger\usnsvc.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\Annick\Bureau\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = https://www.bing.com/?FORM=TOOLBR&cc=fr&toHttps=1&redig=4527FFF1C12746FC9EDB535C75E80ECC
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (file missing)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.1.615.5858\swg.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\System32\\NeroCheck.exe
O4 - HKLM\..\Run: [HP Component Manager] "C:\Program Files\HP\hpcoretech\hpcmpmgr.exe"
O4 - HKLM\..\Run: [TSE_PLUtil] C:\Program Files\USB 2.0 Flash Drive Utility\PLBkMon.exe
O4 - HKLM\..\Run: [PLFFAP] C:\WINDOWS\system32\HotfixQ0306270.exe
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - HKLM\..\Run: [TomTomHOME.exe] "C:\Program Files\TomTom HOME\TomTomHOME.exe" -s
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [ieup] C:\Program Files\ieup\inetsvr.exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [IncrediMail] C:\Program Files\IncrediMail\bin\IncMail.exe /c
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Démarrage rapide du logiciel HP Image Zone.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: LUMIX Simple Viewer.lnk = ?
O4 - Global Startup: Outil de mise à jour Google.lnk = C:\Program Files\Google\Google Updater\GoogleUpdater.exe
O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: Add to Windows &Live Favorites - https://onedrive.live.com/?id=favorites
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll
O16 - DPF: {5C051655-FCD5-4969-9182-770EA5AA5565} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown.cab56986.cab
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.bitdefender.fr/scan_fr/scan8/oscan8.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/...
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/...
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~3\GOEC62~1.DLL
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Sunbelt Kerio Personal Firewall 4 (KPF4) - Sunbelt Software - C:\Program Files\Sunbelt Software\Personal Firewall\kpf4ss.exe
O23 - Service: PLFlash DeviceIoControl Service - Prolific Technology Inc. - C:\WINDOWS\system32\IoctlSvc.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\System32\HPZipm12.exe
0
Réponse 15 / 19
ep44 Messages postés 7432 Statut Contributeur 3
 
il reste une chose qui me chagrine
connait tu ceci
C:\WINDOWS\system32\HotfixQ0306270.exe
0
Réponse 16 / 19
lerab52 Messages postés 17 Statut Membre
 
non je ne connais pas
il est dans ajout suppression de programme mais je ne peux pas l enlever
0
Réponse 17 / 19
ep44 Messages postés 7432 Statut Contributeur 3
 
je n'ai rien trouvé d'infectieux sur son sujet

as tu encore des soucis ?

@+
0
Réponse 18 / 19
lerab52 Messages postés 17 Statut Membre
 
bonjour voici le resultat d un rapport hijackthis
d un copain si vous pouvez m aider
merci bien

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 18:52:12, on 11/01/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16574)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\ehome\ehtray.exe
C:\WINDOWS\stsystra.exe
C:\Program Files\Dell\Media Experience\DMXLauncher.exe
C:\WINDOWS\system32\Rundll32.exe
C:\WINDOWS\System32\DLA\DLACTRLW.EXE
C:\Program Files\SlySoft\AnyDVD\AnyDVD.exe
C:\DOCUME~1\Samuel\LOCALS~1\Temp\clclean.0001
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\VM305_STI.EXE
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Creative\MediaSource\Detector\CTDetect.exe
C:\Program Files\MSN Messenger\MsnMsgr.Exe
C:\Program Files\Free Download Manager\fdm.exe
C:\PROGRA~1\PANICW~1\POP-UP~1\PSFree.exe
C:\Program Files\MSI\BToes Logiciel Bluetooth\BTTray.exe
C:\Program Files\Last.fm\LastFMHelper.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\MSI\BToes Logiciel Bluetooth\bin\btwdins.exe
C:\WINDOWS\system32\CTsvcCDA.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\Fichiers communs\Creative Labs Shared\Service\CreativeLicensing.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\system32\dllhost.exe
C:\WINDOWS\eHome\ehmsas.exe
C:\Program Files\MSN Messenger\usnsvc.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.dell.com/fr-fr
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = https://www.bing.com/?FORM=TOOLBR&cc=fr&toHttps=1&redig=4527FFF1C12746FC9EDB535C75E80ECC
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?FORM=TOOLBR&cc=fr&toHttps=1&redig=4527FFF1C12746FC9EDB535C75E80ECC
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.ustart.org
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = https://www.bing.com/?FORM=TOOLBR&cc=fr&toHttps=1&redig=4527FFF1C12746FC9EDB535C75E80ECC
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: My Search BHO - {014DA6C1-189F-421a-88CD-07CFE51CFF10} - C:\Program Files\MySearch\bar\1.bin\S4BAR.DLL
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\System32\DLA\DLASHX_W.DLL
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O2 - BHO: FDMIECookiesBHO Class - {CC59E0F9-7E43-44FA-9FAA-8377850BF205} - C:\Program Files\Free Download Manager\iefdmcks.dll
O3 - Toolbar: Easy-WebPrint - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:\Program Files\Canon\Easy-WebPrint\Toolband.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: My Search Bar - {014DA6C9-189F-421a-88CD-07CFE51CFF10} - C:\Program Files\MySearch\bar\1.bin\S4BAR.DLL
O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe
O4 - HKLM\..\Run: [SigmatelSysTrayApp] stsystra.exe
O4 - HKLM\..\Run: [ATIPTA] "C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe"
O4 - HKLM\..\Run: [DMXLauncher] C:\Program Files\Dell\Media Experience\DMXLauncher.exe
O4 - HKLM\..\Run: [CTSysVol] C:\Program Files\Creative\SBAudigy\Surround Mixer\CTSysVol.exe /r
O4 - HKLM\..\Run: [MBMon] Rundll32 CTMBHA.DLL,MBMon
O4 - HKLM\..\Run: [UpdReg] C:\WINDOWS\UpdReg.EXE
O4 - HKLM\..\Run: [ISUSPM Startup] "C:\Program Files\Fichiers communs\InstallShield\UpdateService\isuspm.exe" -startup
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [DLA] C:\WINDOWS\System32\DLA\DLACTRLW.EXE
O4 - HKLM\..\Run: [AnyDVD] C:\Program Files\SlySoft\AnyDVD\AnyDVD.exe
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\Run: [BigDog305] C:\WINDOWS\VM305_STI.EXE VIMICRO USB PC Camera (ZC0305)
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [MSKDetectorExe] C:\Program Files\McAfee\SpamKiller\MSKDetct.exe /uninstall
O4 - HKLM\..\Run: [Easy-PrintToolBox] C:\Program Files\Canon\Easy-PrintToolBox\BJPSMAIN.EXE /logon
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [PinnacleDriverCheck] C:\WINDOWS\system32\PSDrvCheck.exe -CheckReg
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [Spyware-Secure] C:\Program Files\Spyware-Secure\Spyware-Secure_trial.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [SetDefaultMIDI] MIDIDef.exe
O4 - HKCU\..\Run: [Creative Detector] "C:\Program Files\Creative\MediaSource\Detector\CTDetect.exe" /R
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [Free Download Manager] C:\Program Files\Free Download Manager\fdm.exe -autorun
O4 - HKCU\..\Run: [Lyad] C:\Program Files\Lyad Messenger\lyad_messenger.exe autostart
O4 - HKCU\..\Run: [PopUpStopperFreeEdition] "C:\PROGRA~1\PANICW~1\POP-UP~1\PSFree.exe"
O4 - HKCU\..\Run: [Arovax AntiSpyware] C:\Program Files\Arovax AntiSpyware\arovaxantispyware.exe /s
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: Last.fm Helper.lnk = C:\Program Files\Last.fm\LastFMHelper.exe
O4 - Global Startup: BTTray.lnk = ?
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O4 - Global Startup: Picture Package Menu.lnk = ?
O4 - Global Startup: Picture Package VCD Maker.lnk = ?
O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: Add to Windows &Live Favorites - https://onedrive.live.com/?id=favorites
O8 - Extra context menu item: Download all with Free Download Manager - file://C:\Program Files\Free Download Manager\dlall.htm
O8 - Extra context menu item: Download selected with Free Download Manager - file://C:\Program Files\Free Download Manager\dlselected.htm
O8 - Extra context menu item: Download with Free Download Manager - file://C:\Program Files\Free Download Manager\dllink.htm
O8 - Extra context menu item: Easy-WebPrint Ajouter à la liste d'impressions - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_AddToList.html
O8 - Extra context menu item: Easy-WebPrint Impression rapide - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_HSPrint.html
O8 - Extra context menu item: Easy-WebPrint Imprimer - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_Print.html
O8 - Extra context menu item: Easy-WebPrint Prévisualiser - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_Preview.html
O8 - Extra context menu item: Envoyer à &Bluetooth - C:\Program Files\MSI\BToes Logiciel Bluetooth\btsendto_ie_ctx.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2_03\bin\npjpi142_03.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2_03\bin\npjpi142_03.dll
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\MSI\BToes Logiciel Bluetooth\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-4017 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\MSI\BToes Logiciel Bluetooth\btsendto_ie.htm
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {266B9238-31A5-4B53-9039-272FE846DF9D} (DiameterTransfer Control) - http://www.sis.com/download/SISTransfer.cab
O16 - DPF: {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} - http://download.mcafee.com/molbin/shared/mcinsctl/4,0,0,101/mcinsctl.cab
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\MSI\BToes Logiciel Bluetooth\bin\btwdins.exe
O23 - Service: Creative Labs Licensing Service - Creative Labs - C:\Program Files\Fichiers communs\Creative Labs Shared\Service\CreativeLicensing.exe
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTsvcCDA.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Intel NCS NetService (NetSvc) - Intel(R) Corporation - C:\Program Files\Intel\PROSetWired\NCS\Sync\NetSvc.exe
0
Réponse 19 / 19
ep44 Messages postés 7432 Statut Contributeur 3
 
Bonsoir lerab52

avant d'entamer le sujet de ton ami
il faudrait finir le tient

pour celui de ton ami je te conseil de créer un nouveau sujet
merci

pour ton sujet
il serait bien que tu me dise si tu as encore des soucis
car il reste des choses à faire pour finaliser ton sujet
@+
0

Discussions similaires

Ouvrir un fichier .pub sans Publisher
baissaoui -
baissaoui -

0 réponse
Ouvrir document Publisher sans Publisher
Curtis Hayes -
Curtis Hayes -

7 réponses
lire un fichier .pub
xycoco -
Valou -

38 réponses
Lire, afficher, exécuter un fichier *.pub sans Publisher
jeannoellaurenti -
informatique_fujitsu -

1 réponse
Recherche nom acteur Pub
Visu -
Lorenzo -

4 réponses