Sujet Précédent Sujet Suivant

CiD encore et toujours

Résolu
Sardine78 Messages postés 8 Statut Membre -  
green day Messages postés 26722 Statut Modérateur, Contributeur sécurité -
Bonjour,
Depuis quelques jours, suite à l'instal de Messenger + je me bats avec des fenêtres Cid
Voici mon rapport Hijackthis si quelqu'un peut prendre le temps de me dépatouiller... Ce serait top
Merci d'avance
Logfile of HijackThis v1.99.1
Scan saved at 11:51:45, on 31/12/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16574)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Windows Defender\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\ccProxy.exe
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\Program Files\Symantec Client Security\Symantec Client Firewall\ISSVC.exe
C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\RTHDCPL.EXE
C:\WINDOWS\vsnpstd2.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\PROGRA~1\SYMANT~1\SYMANT~2\VPTray.exe
C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe
C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\OLITEC\Moniteur WiFi OLITEC\Moniteur WiFi OLITEC.exe
C:\Program Files\Windows Desktop Search\WindowsSearch.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\Program Files\Symantec Client Security\Symantec AntiVirus\DefWatch.exe
C:\WINDOWS\system32\slserv.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Symantec Client Security\Symantec AntiVirus\Rtvscan.exe
C:\Program Files\Symantec Client Security\Symantec Client Firewall\SymSPort.exe
C:\WINDOWS\system32\SearchIndexer.exe
C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\HP\Digital Imaging\Product Assistant\bin\hprblog.exe
C:\Program Files\Windows Live\Messenger\usnsvc.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\WINDOWS\system32\taskmgr.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\WinRAR\WinRAR.exe
C:\DOCUME~1\Sandrina\LOCALS~1\Temp\Rar$EX00.016\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [SkyTel] SkyTel.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [SNPSTD2] C:\WINDOWS\vsnpstd2.exe
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [vptray] C:\PROGRA~1\SYMANT~1\SYMANT~2\VPTray.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [ISUSPM Startup] "C:\Program Files\Common Files\InstallShield\UpdateService\isuspm.exe" -startup
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [Windows Defender] "C:\Program Files\Windows Defender\MSASCui.exe" -hide
O4 - HKLM\..\Run: [ROAD ITCH AMOK PING] C:\Documents and Settings\All Users\Application Data\Long slow road itch\Dale Face.exe
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [newaim] C:\DOCUME~1\Sandrina\APPLIC~1\PLANTH~1\Proxy Amok.exe
O4 - HKCU\..\Run: [AdobeUpdater] C:\Program Files\Common Files\Adobe\Updater5\AdobeUpdater.exe
O4 - Startup: MRU-Blaster Scheduler.lnk = C:\Program Files\MRU-Blaster\scheduler.exe
O4 - Startup: MRU-Blaster Silent Clean.lnk = C:\Program Files\MRU-Blaster\mrublaster.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Moniteur WiFi OLITEC.exe.lnk = ?
O4 - Global Startup: Windows Desktop Search.lnk = C:\Program Files\Windows Desktop Search\WindowsSearch.exe
O8 - Extra context menu item: Add to Windows &Live Favorites - https://onedrive.live.com/?id=favorites
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: PokerStars - {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - C:\Program Files\PokerStars\PokerStarsUpdate.exe
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O11 - Options group: [INTERNATIONAL] International*
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx1.hotmail.com/mail/w2/pr02/resources/MSNPUpld.cab
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.cab
O16 - DPF: {7FC1B346-83E6-4774-8D20-1A6B09B0E737} (Windows Live Photo Upload Control) - http://gregdepaname.spaces.live.com/PhotoUpload/MsnPUpld.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{04A699E6-4011-417B-BFD1-95E8B53AC3A9}: NameServer = 85.255.114.74,85.255.112.132
O17 - HKLM\System\CCS\Services\Tcpip\..\{DBC88CBC-E3C3-4E25-995B-9E509D66D90A}: NameServer = 85.255.114.74,85.255.112.132
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: NameServer = 85.255.114.74 85.255.112.132
O17 - HKLM\System\CS1\Services\Tcpip\..\{04A699E6-4011-417B-BFD1-95E8B53AC3A9}: NameServer = 85.255.114.74,85.255.112.132
O17 - HKLM\System\CS2\Services\Tcpip\Parameters: NameServer = 85.255.114.74 85.255.112.132
O17 - HKLM\System\CS2\Services\Tcpip\..\{04A699E6-4011-417B-BFD1-95E8B53AC3A9}: NameServer = 85.255.114.74,85.255.112.132
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: NameServer = 85.255.114.74 85.255.112.132
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: wlmailhtml - {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Program Files\Windows Live\Mail\mailcomm.dll
O20 - Winlogon Notify: NavLogon - C:\WINDOWS\system32\NavLogon.dll
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft AB - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Network Proxy (ccProxy) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccProxy.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
O23 - Service: Symantec AntiVirus Definition Watcher (DefWatch) - Symantec Corporation - C:\Program Files\Symantec Client Security\Symantec AntiVirus\DefWatch.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: IS Service (ISSVC) - Symantec Corporation - C:\Program Files\Symantec Client Security\Symantec Client Firewall\ISSVC.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: SAVRoam (SavRoam) - symantec - C:\Program Files\Symantec Client Security\Symantec AntiVirus\SavRoam.exe
O23 - Service: SmartLinkService (SLService) - Smart Link - C:\WINDOWS\SYSTEM32\slserv.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
O23 - Service: Symantec AntiVirus - Symantec Corporation - C:\Program Files\Symantec Client Security\Symantec AntiVirus\Rtvscan.exe
O23 - Service: Symantec SecurePort (SymSecurePort) - Symantec Corporation - C:\Program Files\Symantec Client Security\Symantec Client Firewall\SymSPort.exe
O23 - Service: Windows Live Setup Service (WLSetupSvc) - Unknown owner - C:\Program Files\Windows Live\installer\WLSetupSvc.exe

15 réponses

Réponse 1 / 15
Pi_Xi Messages postés 2274 Statut Membre 149
 
Bonjour,

suis ces instructions: http://www.commentcamarche.net/faq/sujet 5996 comment bloquer les fenetres cid

++
1
Réponse 2 / 15
green day Messages postés 26722 Statut Modérateur, Contributeur sécurité 2 163
 
Salut

plusieurs infections !

# Télécharger FixWareout sur le bureau : http://downloads.subratam.org/Fixwareout.exe
# Lancer le fix : cliquer sur Next, puis Install, s’assurer que l’option Run fixit est activée puis cliquer sur Finish.
# Il sera demandé ensuite de redémarrer l’ordinateur : redémarrer le.
# Si le système met un peu plus de temps au démarrage, c'est normal.
# Le contenu du rapport qui s'affichera à l'écran sera enregistrai dans un fichier nommé report.txt, poste le stp

avec un nouveau hijack

@+

1
Réponse 3 / 15
ben15 Messages postés 464 Statut Membre 12
 
Tu as instalé le spoonsor avec msn + ?
0
Réponse 4 / 15
Sardine78 Messages postés 8 Statut Membre
 
Malheureusement oui j'ai désinstallé aussi mais cela n'a pas suffit
0

Vous n’avez pas trouvé la réponse que vous recherchez ?

Posez votre question
Réponse 5 / 15
Sardine78 Messages postés 8 Statut Membre
 
Voilà
Logfile of HijackThis v1.99.1
Scan saved at 12:34:16, on 31/12/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16574)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Windows Defender\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\ccProxy.exe
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\Program Files\Symantec Client Security\Symantec Client Firewall\ISSVC.exe
C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\RTHDCPL.EXE
C:\WINDOWS\vsnpstd2.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\PROGRA~1\SYMANT~1\SYMANT~2\VPTray.exe
C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe
C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\OLITEC\Moniteur WiFi OLITEC\Moniteur WiFi OLITEC.exe
C:\Program Files\Windows Desktop Search\WindowsSearch.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\Program Files\Symantec Client Security\Symantec AntiVirus\DefWatch.exe
C:\WINDOWS\system32\slserv.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Symantec Client Security\Symantec AntiVirus\Rtvscan.exe
C:\Program Files\Symantec Client Security\Symantec Client Firewall\SymSPort.exe
C:\WINDOWS\system32\SearchIndexer.exe
C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\HP\Digital Imaging\Product Assistant\bin\hprblog.exe
C:\Program Files\Windows Live\Messenger\usnsvc.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\WINDOWS\system32\taskmgr.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\WINDOWS\notepad.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\WinRAR\WinRAR.exe
C:\DOCUME~1\Sandrina\LOCALS~1\Temp\Rar$EX00.422\HijackThis.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [SkyTel] SkyTel.EXE
O4 - HKLM\..\Run: [SNPSTD2] C:\WINDOWS\vsnpstd2.exe
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [vptray] C:\PROGRA~1\SYMANT~1\SYMANT~2\VPTray.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [ISUSPM Startup] "C:\Program Files\Common Files\InstallShield\UpdateService\isuspm.exe" -startup
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [Windows Defender] "C:\Program Files\Windows Defender\MSASCui.exe" -hide
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [AdobeUpdater] C:\Program Files\Common Files\Adobe\Updater5\AdobeUpdater.exe
O4 - Startup: MRU-Blaster Scheduler.lnk = C:\Program Files\MRU-Blaster\scheduler.exe
O4 - Startup: MRU-Blaster Silent Clean.lnk = C:\Program Files\MRU-Blaster\mrublaster.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Moniteur WiFi OLITEC.exe.lnk = ?
O4 - Global Startup: Windows Desktop Search.lnk = C:\Program Files\Windows Desktop Search\WindowsSearch.exe
O8 - Extra context menu item: Add to Windows &Live Favorites - https://onedrive.live.com/?id=favorites
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: PokerStars - {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - C:\Program Files\PokerStars\PokerStarsUpdate.exe
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O11 - Options group: [INTERNATIONAL] International*
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx1.hotmail.com/mail/w2/pr02/resources/MSNPUpld.cab
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.cab
O16 - DPF: {7FC1B346-83E6-4774-8D20-1A6B09B0E737} (Windows Live Photo Upload Control) - http://gregdepaname.spaces.live.com/PhotoUpload/MsnPUpld.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: wlmailhtml - {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Program Files\Windows Live\Mail\mailcomm.dll
O20 - Winlogon Notify: NavLogon - C:\WINDOWS\system32\NavLogon.dll
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft AB - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Network Proxy (ccProxy) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccProxy.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
O23 - Service: Symantec AntiVirus Definition Watcher (DefWatch) - Symantec Corporation - C:\Program Files\Symantec Client Security\Symantec AntiVirus\DefWatch.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: IS Service (ISSVC) - Symantec Corporation - C:\Program Files\Symantec Client Security\Symantec Client Firewall\ISSVC.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: SAVRoam (SavRoam) - symantec - C:\Program Files\Symantec Client Security\Symantec AntiVirus\SavRoam.exe
O23 - Service: SmartLinkService (SLService) - Smart Link - C:\WINDOWS\SYSTEM32\slserv.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
O23 - Service: Symantec AntiVirus - Symantec Corporation - C:\Program Files\Symantec Client Security\Symantec AntiVirus\Rtvscan.exe
O23 - Service: Symantec SecurePort (SymSecurePort) - Symantec Corporation - C:\Program Files\Symantec Client Security\Symantec Client Firewall\SymSPort.exe
O23 - Service: Windows Live Setup Service (WLSetupSvc) - Unknown owner - C:\Program Files\Windows Live\installer\WLSetupSvc.exe
0
Réponse 6 / 15
Sardine78 Messages postés 8 Statut Membre
 
Merci Pi_Xi pour ce lien que j'ai déjà testé mais pas suffisant pour mon problème
0
Réponse 7 / 15
Sardine78 Messages postés 8 Statut Membre
 
Voici les 2 rapports :

Username "Sandrina" - 31/12/2007 12:44:32 [Fixwareout edited 9/01/2007]

~~~~~ Prerun check
HKLM\SOFTWARE\~\Winlogon\ "System"="kdyek.exe"

HKEY_LOCAL_MACHINE\system\currentcontrolset\services\tcpip\parameters\interfaces\{B41F7214-30D2-4816-8CC5-82679E4E68E3}
"DhcpNameServer"="85.255.114.74,85.255.112.132" <Value cleared.
HKEY_LOCAL_MACHINE\system\currentcontrolset\services\tcpip\parameters\interfaces\{DBC88CBC-E3C3-4E25-995B-9E509D66D90A}
"DhcpNameServer"="85.255.114.74,85.255.112.132" <Value cleared.

Successfully flushed the DNS Resolver Cache.

System was rebooted successfully.

~~~~~ Postrun check
HKLM\SOFTWARE\~\Winlogon\ "system"=""
....
....
~~~~~ Misc files.
....
~~~~~ Checking for older varients.
....

~~~~~ Current runs (hklm hkcu "run" Keys Only)
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RTHDCPL"="RTHDCPL.EXE"
"SkyTel"="SkyTel.EXE"
"SNPSTD2"="C:\\WINDOWS\\vsnpstd2.exe"
"HP Software Update"="C:\\Program Files\\HP\\HP Software Update\\HPWuSchd2.exe"
"Adobe Reader Speed Launcher"="\"C:\\Program Files\\Adobe\\Reader 8.0\\Reader\\Reader_sl.exe\""
"ccApp"="\"C:\\Program Files\\Common Files\\Symantec Shared\\ccApp.exe\""
"vptray"="C:\\PROGRA~1\\SYMANT~1\\SYMANT~2\\VPTray.exe"
"NeroFilterCheck"="C:\\Program Files\\Common Files\\Ahead\\Lib\\NeroCheck.exe"
"ISUSPM Startup"="\"C:\\Program Files\\Common Files\\InstallShield\\UpdateService\\isuspm.exe\" -startup"
"ISUSScheduler"="\"C:\\Program Files\\Common Files\\InstallShield\\UpdateService\\issch.exe\" -start"
"iTunesHelper"="\"C:\\Program Files\\iTunes\\iTunesHelper.exe\""
"Windows Defender"="\"C:\\Program Files\\Windows Defender\\MSASCui.exe\" -hide"
"!AVG Anti-Spyware"="\"C:\\Program Files\\Grisoft\\AVG Anti-Spyware 7.5\\avgas.exe\" /minimized"
"QuickTime Task"="\"C:\\Program Files\\QuickTime\\qttask.exe\" -atboottime"

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\\WINDOWS\\system32\\ctfmon.exe"
"msnmsgr"="\"C:\\Program Files\\Windows Live\\Messenger\\MsnMsgr.Exe\" /background"
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="\"C:\\Program Files\\Common Files\\Ahead\\Lib\\NMBgMonitor.exe\""
"swg"="C:\\Program Files\\Google\\GoogleToolbarNotifier\\GoogleToolbarNotifier.exe"
"AdobeUpdater"="C:\\Program Files\\Common Files\\Adobe\\Updater5\\AdobeUpdater.exe"
"newaim"="C:\\DOCUME~1\\Sandrina\\APPLIC~1\\PLANTH~1\\Proxy Amok.exe"
....
Hosts file was reset, If you use a custom hosts file please replace it...
~~~~~ End report ~~~~~

Logfile of HijackThis v1.99.1
Scan saved at 12:54:33, on 31/12/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16574)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Windows Defender\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\ccProxy.exe
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\Program Files\Symantec Client Security\Symantec Client Firewall\ISSVC.exe
C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\Program Files\Symantec Client Security\Symantec AntiVirus\DefWatch.exe
C:\WINDOWS\system32\slserv.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Symantec Client Security\Symantec AntiVirus\Rtvscan.exe
C:\Program Files\Symantec Client Security\Symantec Client Firewall\SymSPort.exe
C:\WINDOWS\system32\SearchIndexer.exe
C:\WINDOWS\system32\notepad.exe
C:\WINDOWS\RTHDCPL.EXE
C:\WINDOWS\vsnpstd2.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\PROGRA~1\SYMANT~1\SYMANT~2\VPTray.exe
C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe
C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\OLITEC\Moniteur WiFi OLITEC\Moniteur WiFi OLITEC.exe
C:\Program Files\Windows Desktop Search\WindowsSearch.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\system32\SearchProtocolHost.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files\HP\Digital Imaging\Product Assistant\bin\hprblog.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\Program Files\WinRAR\WinRAR.exe
C:\DOCUME~1\Sandrina\LOCALS~1\Temp\Rar$EX00.657\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [SkyTel] SkyTel.EXE
O4 - HKLM\..\Run: [SNPSTD2] C:\WINDOWS\vsnpstd2.exe
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [vptray] C:\PROGRA~1\SYMANT~1\SYMANT~2\VPTray.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [ISUSPM Startup] "C:\Program Files\Common Files\InstallShield\UpdateService\isuspm.exe" -startup
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [Windows Defender] "C:\Program Files\Windows Defender\MSASCui.exe" -hide
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [AdobeUpdater] C:\Program Files\Common Files\Adobe\Updater5\AdobeUpdater.exe
O4 - HKCU\..\Run: [newaim] C:\DOCUME~1\Sandrina\APPLIC~1\PLANTH~1\Proxy Amok.exe
O4 - Startup: MRU-Blaster Scheduler.lnk = C:\Program Files\MRU-Blaster\scheduler.exe
O4 - Startup: MRU-Blaster Silent Clean.lnk = C:\Program Files\MRU-Blaster\mrublaster.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Moniteur WiFi OLITEC.exe.lnk = ?
O4 - Global Startup: Windows Desktop Search.lnk = C:\Program Files\Windows Desktop Search\WindowsSearch.exe
O8 - Extra context menu item: Add to Windows &Live Favorites - https://onedrive.live.com/?id=favorites
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: PokerStars - {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - C:\Program Files\PokerStars\PokerStarsUpdate.exe
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O11 - Options group: [INTERNATIONAL] International*
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx1.hotmail.com/mail/w2/pr02/resources/MSNPUpld.cab
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.cab
O16 - DPF: {7FC1B346-83E6-4774-8D20-1A6B09B0E737} (Windows Live Photo Upload Control) - http://gregdepaname.spaces.live.com/PhotoUpload/MsnPUpld.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: wlmailhtml - {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Program Files\Windows Live\Mail\mailcomm.dll
O20 - Winlogon Notify: NavLogon - C:\WINDOWS\system32\NavLogon.dll
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft AB - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Network Proxy (ccProxy) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccProxy.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
O23 - Service: Symantec AntiVirus Definition Watcher (DefWatch) - Symantec Corporation - C:\Program Files\Symantec Client Security\Symantec AntiVirus\DefWatch.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: IS Service (ISSVC) - Symantec Corporation - C:\Program Files\Symantec Client Security\Symantec Client Firewall\ISSVC.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: SAVRoam (SavRoam) - symantec - C:\Program Files\Symantec Client Security\Symantec AntiVirus\SavRoam.exe
O23 - Service: SmartLinkService (SLService) - Smart Link - C:\WINDOWS\SYSTEM32\slserv.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
O23 - Service: Symantec AntiVirus - Symantec Corporation - C:\Program Files\Symantec Client Security\Symantec AntiVirus\Rtvscan.exe
O23 - Service: Symantec SecurePort (SymSecurePort) - Symantec Corporation - C:\Program Files\Symantec Client Security\Symantec Client Firewall\SymSPort.exe
O23 - Service: Windows Live Setup Service (WLSetupSvc) - Unknown owner - C:\Program Files\Windows Live\installer\WLSetupSvc.exe
0
Réponse 8 / 15
green day Messages postés 26722 Statut Modérateur, Contributeur sécurité 2 163
 
Bonjour à tous

Relax marie ;-)

Télécharge ceci: (by Moe) :

https://www.cjoint.com/?mFqYzUdxhw

Double clic sur Lopxpsetup.exe pour lancer l'installation
Au menu, choisir l'option 1
Patienter jusqu'à que l'on demande d'appuyer sur une touche, appuyer !
Une rapport sera alors crée, à copie/colle en entier sur le forum.

@+
0
Réponse 9 / 15
Sardine78 Messages postés 8 Statut Membre
 
Bonjour et Bonne année à tous
Voici le rapport généré 
Rapport Lopxp fait le 01/01/2008 à 13:48:59
Exécuté dans : C:\Program Files\Lopxp


Liste des processus actifs :

PID : 656 C:\WINDOWS\System32\smss.exe
PID : 712 C:\WINDOWS\system32\csrss.exe
PID : 740 C:\WINDOWS\system32\winlogon.exe
PID : 784 C:\WINDOWS\system32\services.exe
PID : 796 C:\WINDOWS\system32\lsass.exe
PID : 968 C:\WINDOWS\system32\Ati2evxx.exe
PID : 984 C:\WINDOWS\system32\svchost.exe
PID : 1064 C:\WINDOWS\system32\svchost.exe
PID : 1160 C:\Program Files\Windows Defender\MsMpEng.exe
PID : 1200 C:\WINDOWS\System32\svchost.exe
PID : 1252 C:\WINDOWS\system32\svchost.exe
PID : 1376 C:\WINDOWS\system32\svchost.exe
PID : 1504 C:\Program Files\Common Files\Symantec Shared\ccProxy.exe
PID : 1544 C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
PID : 1556 C:\Program Files\Symantec Client Security\Symantec Client Firewall\ISSVC.exe
PID : 1568 C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
PID : 1648 C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
PID : 1928 C:\WINDOWS\system32\Ati2evxx.exe
PID : 2016 C:\WINDOWS\Explorer.EXE
PID : 204 C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
PID : 328 C:\WINDOWS\system32\spoolsv.exe
PID : 512 C:\WINDOWS\RTHDCPL.EXE
PID : 528 C:\WINDOWS\vsnpstd2.exe
PID : 532 C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
PID : 396 C:\Program Files\Common Files\Symantec Shared\ccApp.exe
PID : 600 C:\PROGRA~1\SYMANT~1\SYMANT~2\VPTray.exe
PID : 688 C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
PID : 700 C:\Program Files\iTunes\iTunesHelper.exe
PID : 112 C:\Program Files\Windows Defender\MSASCui.exe
PID : 928 C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
PID : 1108 C:\WINDOWS\system32\ctfmon.exe
PID : 1140 C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe
PID : 1260 C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe
PID : 1312 C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
PID : 1948 C:\Program Files\Internet Explorer\IEXPLORE.EXE
PID : 1980 C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
PID : 2160 C:\Program Files\OLITEC\Moniteur WiFi OLITEC\Moniteur WiFi OLITEC.exe
PID : 2272 C:\Program Files\Internet Explorer\IEXPLORE.EXE
PID : 2296 C:\Program Files\Windows Desktop Search\WindowsSearch.exe
PID : 2732 C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
PID : 3628 C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
PID : 3660 C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
PID : 3688 C:\Program Files\Symantec Client Security\Symantec AntiVirus\DefWatch.exe
PID : 3764 C:\WINDOWS\system32\slserv.exe
PID : 3832 C:\WINDOWS\system32\svchost.exe
PID : 3868 C:\Program Files\Symantec Client Security\Symantec AntiVirus\Rtvscan.exe
PID : 4032 C:\Program Files\Symantec Client Security\Symantec Client Firewall\SymSPort.exe
PID : 4080 C:\WINDOWS\system32\wdfmgr.exe
PID : 1892 C:\WINDOWS\system32\SearchIndexer.exe
PID : 2584 C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
PID : 3172 C:\Program Files\iPod\bin\iPodService.exe
PID : 1336 C:\WINDOWS\System32\alg.exe
PID : 2444 C:\Program Files\HP\Digital Imaging\Product Assistant\bin\hprblog.exe
PID : 3160 C:\WINDOWS\system32\wuauclt.exe
PID : 1480 C:\Program Files\Windows Live\Messenger\usnsvc.exe
PID : 5388 C:\Program Files\Internet Explorer\iexplore.exe
PID : 5548 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLLoginProxy.exe
PID : 5644 C:\Program Files\Internet Explorer\IEXPLORE.EXE
PID : 3740 C:\WINDOWS\system32\SearchProtocolHost.exe
PID : 5980 C:\WINDOWS\system32\SearchFilterHost.exe
PID : 5364 C:\WINDOWS\system32\cmd.exe
PID : 5904 C:\Program Files\Lopxp\tools\pv.exe

___________________________________________________________________________

[Tâches planifiées]


C:\WINDOWS\tasks\AppleSoftwareUpdate.job 

Cr : 14/12/2007 à 18:58
Mo : 26/12/2007 à 12:50
Fichier exécuté => C:\Program Files\Apple Software Update\SoftwareUpdate.exe -task

C:\WINDOWS\tasks\B0DCE924938B9300.job 

Cr : 23/12/2007 à 17:37
Mo : 01/01/2008 à 13:00
Fichier exécuté => c:\docume~1\sandrina\applic~1\planth~1\settings program creative.exe 

C:\WINDOWS\tasks\MP Scheduled Scan.job 

Cr : 22/12/2007 à 19:14
Mo : 01/01/2008 à 13:19
Fichier exécuté => C:\Program Files\Windows Defender\MpCmdRun.exe Scan -RestrictPrivileges

C:\WINDOWS\tasks\Symantec NetDetect.job 

Cr : 05/09/2007 à 19:09
Mo : 05/09/2007 à 19:09
Fichier exécuté => C:\Program Files\Symantec\LiveUpdate\NDETECT.EXE  -disabled


___________________________________________________________________________

[Listing des dossiers Application Data]


cr: Date Création | mo: Date Modification -=- Nom Court (8.3) -= Nom Long 


+- C:\Documents and Settings\Administrator\Application Data

cr: 02/09/2007 21:11:44 | mo: 01/09/2007 17:24:25 -=- MICROS~1 --= Microsoft


+- C:\Documents and Settings\Administrator\Local Settings\Application Data

cr: 02/09/2007 21:11:44 | mo: 01/09/2007 17:24:25 -=- MICROS~1 --= Microsoft


+- C:\Documents and Settings\All Users\Application Data

cr: 03/09/2007 17:25:42 | mo: 03/09/2007 17:25:57 -=- Adobe -----= Adobe
cr: 05/09/2007 23:06:57 | mo: 05/09/2007 23:06:57 -=- Ahead -----= Ahead
cr: 14/12/2007 18:57:57 | mo: 14/12/2007 18:57:57 -=- Apple -----= Apple
cr: 02/09/2007 00:13:05 | mo: 14/12/2007 18:59:27 -=- APPLEC~1 --= Apple Computer
cr: 01/09/2007 23:59:15 | mo: 07/10/2007 12:02:47 -=- Google ----= Google
cr: 27/12/2007 10:06:47 | mo: 27/12/2007 10:06:47 -=- Grisoft ---= Grisoft
cr: 03/09/2007 17:08:54 | mo: 03/09/2007 17:08:54 -=- HP --------= HP
cr: 01/09/2007 17:38:57 | mo: 01/09/2007 17:38:57 -=- INSTAL~1 --= InstallShield
cr: 25/12/2007 20:58:57 | mo: 25/12/2007 20:58:57 -=- Lavasoft --= Lavasoft
cr: 23/12/2007 17:36:56 | mo: 23/12/2007 17:36:56 -=- LONGSL~1 --= Long slow road itch
cr: 01/09/2007 19:07:02 | mo: 22/12/2007 19:11:36 -=- MICROS~1 --= Microsoft
cr: 05/09/2007 23:05:23 | mo: 05/09/2007 23:05:23 -=- Nero ------= Nero
cr: 14/12/2007 17:01:14 | mo: 14/12/2007 17:01:24 -=- Skype -----= Skype
cr: 31/12/2007 12:25:51 | mo: 31/12/2007 12:33:40 -=- SPYWAR~1 --= Spyware Terminator
cr: 05/09/2007 19:03:50 | mo: 05/09/2007 19:04:03 -=- Symantec --= Symantec
cr: 01/09/2007 18:04:38 | mo: 01/09/2007 18:04:38 -=- WINDOW~1 --= Windows Genuine Advantage
cr: 11/09/2007 18:48:37 | mo: 11/09/2007 18:48:37 -=- WINDOW~2 --= Windows Live Toolbar
cr: 24/09/2007 17:56:16 | mo: 24/09/2007 17:56:16 -=- WLINST~1 --= WLInstaller
cr: 14/12/2007 17:16:38 | mo: 14/12/2007 17:16:38 -=- ezsid.dat


+- C:\Documents and Settings\Guest\Application Data

cr: 18/09/2007 21:00:30 | mo: 18/09/2007 21:00:30 -=- IDENTI~1 --= Identities
cr: 18/09/2007 21:00:10 | mo: 18/09/2007 21:00:11 -=- MICROS~1 --= Microsoft


+- C:\Documents and Settings\Guest\Local Settings\Application Data

cr: 18/09/2007 21:00:40 | mo: 18/09/2007 21:00:40 -=- Ahead -----= Ahead
cr: 18/09/2007 21:00:10 | mo: 18/09/2007 21:00:35 -=- MICROS~1 --= Microsoft
cr: 18/09/2007 21:00:39 | mo: 18/09/2007 21:00:39 -=- Symantec --= Symantec


+- C:\Documents and Settings\Sandrina\Application Data

cr: 03/09/2007 17:26:58 | mo: 03/09/2007 17:27:14 -=- Adobe -----= Adobe
cr: 05/09/2007 23:39:53 | mo: 05/09/2007 23:40:10 -=- Ahead -----= Ahead
cr: 02/09/2007 00:14:25 | mo: 02/09/2007 00:14:25 -=- APPLEC~1 --= Apple Computer
cr: 07/10/2007 13:06:08 | mo: 07/10/2007 13:06:08 -=- Google ----= Google
cr: 27/12/2007 10:06:56 | mo: 27/12/2007 10:06:56 -=- Grisoft ---= Grisoft
cr: 10/09/2007 17:35:02 | mo: 27/10/2007 11:39:32 -=- HP --------= HP
cr: 01/09/2007 17:34:33 | mo: 01/09/2007 17:34:33 -=- IDENTI~1 --= Identities
cr: 11/10/2007 23:28:42 | mo: 27/10/2007 11:54:16 -=- IMAGEZ~1 --= Image Zone Express
cr: 02/09/2007 16:19:50 | mo: 02/09/2007 16:19:50 -=- MACROM~1 --= Macromedia
cr: 01/09/2007 17:34:15 | mo: 27/10/2007 11:47:07 -=- MICROS~1 --= Microsoft
cr: 01/09/2007 23:57:31 | mo: 01/09/2007 23:57:32 -=- Mozilla ---= Mozilla
cr: 23/12/2007 17:36:40 | mo: 23/12/2007 17:37:05 -=- PLANTH~1 --= Plan thunk bone
cr: 14/12/2007 17:01:43 | mo: 15/12/2007 02:57:28 -=- Skype -----= Skype
cr: 14/12/2007 17:16:38 | mo: 14/12/2007 17:16:38 -=- skypePM ---= skypePM
cr: 31/12/2007 12:25:51 | mo: 31/12/2007 12:32:55 -=- SPYWAR~1 --= Spyware Terminator
cr: 25/09/2007 05:26:48 | mo: 25/09/2007 05:26:48 -=- WINDOW~1 --= Windows Desktop Search
cr: 19/10/2007 04:13:11 | mo: 19/10/2007 04:13:11 -=- WinRAR ----= WinRAR


+- C:\Documents and Settings\Sandrina\Local Settings\Application Data

cr: 03/09/2007 17:25:57 | mo: 03/09/2007 17:27:17 -=- Adobe -----= Adobe
cr: 05/09/2007 23:39:28 | mo: 14/12/2007 19:14:36 -=- Ahead -----= Ahead
cr: 14/12/2007 18:58:20 | mo: 14/12/2007 18:58:20 -=- Apple -----= Apple
cr: 02/09/2007 00:14:25 | mo: 02/09/2007 00:14:25 -=- APPLEC~1 --= Apple Computer
cr: 01/09/2007 23:59:15 | mo: 01/09/2007 23:59:15 -=- Google ----= Google
cr: 25/09/2007 05:26:49 | mo: 25/09/2007 05:26:49 -=- IDENTI~1 --= Identities
cr: 01/09/2007 17:34:15 | mo: 22/12/2007 19:12:28 -=- MICROS~1 --= Microsoft
cr: 01/09/2007 23:57:32 | mo: 01/09/2007 23:57:32 -=- Mozilla ---= Mozilla
cr: 25/12/2007 19:52:51 | mo: 25/12/2007 19:52:51 -=- PCHealth --= PCHealth
cr: 05/09/2007 19:10:46 | mo: 05/09/2007 19:10:46 -=- Symantec --= Symantec
cr: 01/09/2007 17:42:24 | mo: 27/09/2007 17:31:10 -=- GDIPFONTCACHEV1.DAT


___________________________________________________________________________

[Listing du dossier Program Files]

+- C:\Program Files

cr: 25/12/2007 21:43:33 | mo: 27/12/2007 10:18:16 -=- A-SQUA~1 --= a-squared Free
cr: 03/09/2007 17:25:31 | mo: 03/09/2007 17:25:32 -=- Adobe -----= Adobe
cr: 02/09/2007 09:30:17 | mo: 05/09/2007 22:59:39 -=- Ahead -----= Ahead
cr: 14/12/2007 18:58:17 | mo: 14/12/2007 18:58:18 -=- APPLES~1 --= Apple Software Update
cr: 01/09/2007 19:24:34 | mo: 01/09/2007 19:25:40 -=- ATITEC~1 --= ATI Technologies
cr: 27/12/2007 10:02:27 | mo: 27/12/2007 10:02:27 -=- CCleaner --= CCleaner
cr: 01/09/2007 19:09:29 | mo: 25/12/2007 20:58:12 -=- COMMON~1 --= Common Files
cr: 01/09/2007 17:21:22 | mo: 01/09/2007 17:21:22 -=- COMPLU~1 --= ComPlus Applications
cr: 07/10/2007 12:02:43 | mo: 07/10/2007 12:02:48 -=- Google ----= Google
cr: 27/12/2007 10:06:46 | mo: 27/12/2007 10:06:46 -=- Grisoft ---= Grisoft
cr: 03/09/2007 17:07:49 | mo: 03/09/2007 17:07:49 -=- HEWLET~1 --= Hewlett-Packard
cr: 03/09/2007 17:05:35 | mo: 03/09/2007 17:08:54 -=- HP --------= HP
cr: 01/09/2007 17:38:27 | mo: 02/09/2007 00:14:27 -=- INSTAL~1 --= InstallShield Installation Information
cr: 01/09/2007 18:47:59 | mo: 01/09/2007 18:47:59 -=- Intel -----= Intel
cr: 01/09/2007 17:21:51 | mo: 13/12/2007 01:49:30 -=- INTERN~1 --= Internet Explorer
cr: 14/12/2007 19:01:32 | mo: 14/12/2007 19:01:32 -=- iPod ------= iPod
cr: 14/12/2007 19:01:20 | mo: 14/12/2007 19:01:40 -=- iTunes ----= iTunes
cr: 01/09/2007 19:44:45 | mo: 01/09/2007 19:44:45 -=- KYE -------= KYE
cr: 25/12/2007 20:58:58 | mo: 25/12/2007 20:58:58 -=- Lavasoft --= Lavasoft
cr: 01/01/2008 13:48:46 | mo: 01/01/2008 13:49:00 -=- Lopxp -----= Lopxp
cr: 01/09/2007 17:21:04 | mo: 01/09/2007 18:18:15 -=- MESSEN~1 --= Messenger
cr: 03/09/2007 16:48:38 | mo: 03/09/2007 16:48:38 -=- MICROS~3 --= Microsoft ActiveSync
cr: 12/09/2007 22:21:36 | mo: 12/09/2007 22:21:37 -=- MICROS~1.2 --= Microsoft CAPICOM 2.1.0.2
cr: 01/09/2007 17:24:51 | mo: 01/09/2007 17:24:51 -=- MICROS~1 --= microsoft frontpage
cr: 03/09/2007 16:45:31 | mo: 03/09/2007 16:47:00 -=- MICROS~2 --= Microsoft Office
cr: 24/09/2007 18:02:09 | mo: 24/09/2007 18:02:09 -=- MICROS~4 --= Microsoft SQL Server Compact Edition
cr: 03/09/2007 16:48:58 | mo: 03/09/2007 16:48:58 -=- MICROS~1.NET --= Microsoft.NET
cr: 01/09/2007 17:22:16 | mo: 01/09/2007 17:22:19 -=- MOVIEM~1 --= Movie Maker
cr: 01/09/2007 23:57:26 | mo: 25/09/2007 18:28:18 -=- MOZILL~1 --= Mozilla Firefox
cr: 01/09/2007 17:20:26 | mo: 01/09/2007 17:20:26 -=- MSN -------= MSN
cr: 01/09/2007 17:21:00 | mo: 01/09/2007 17:21:00 -=- MSNGAM~1 --= MSN Gaming Zone
cr: 02/09/2007 16:27:46 | mo: 24/09/2007 18:00:34 -=- MSNMES~1 --= MSN Messenger
cr: 05/09/2007 02:00:37 | mo: 05/09/2007 02:00:37 -=- MSXML4~1.0 --= MSXML 4.0
cr: 05/09/2007 23:05:23 | mo: 05/09/2007 23:05:23 -=- Nero ------= Nero
cr: 01/09/2007 17:22:05 | mo: 01/09/2007 17:22:33 -=- NETMEE~1 --= NetMeeting
cr: 01/09/2007 17:38:28 | mo: 01/09/2007 17:38:28 -=- OLITEC ----= OLITEC
cr: 01/09/2007 17:21:11 | mo: 01/09/2007 17:21:11 -=- ONLINE~1 --= Online Services
cr: 01/09/2007 17:22:02 | mo: 01/09/2007 18:36:22 -=- OUTLOO~1 --= Outlook Express
cr: 23/12/2007 17:36:40 | mo: 23/12/2007 17:36:40 -=- PLANTH~1 --= Plan thunk bone
cr: 02/09/2007 00:02:25 | mo: 01/01/2008 01:47:26 -=- POKERS~1 --= PokerStars
cr: 27/12/2007 20:40:24 | mo: 27/12/2007 20:40:54 -=- QUICKT~1 --= QuickTime
cr: 01/09/2007 18:51:54 | mo: 01/09/2007 18:52:30 -=- Realtek ---= Realtek
cr: 14/12/2007 17:01:23 | mo: 14/12/2007 17:01:25 -=- Skype -----= Skype
cr: 31/12/2007 12:25:48 | mo: 31/12/2007 12:33:40 -=- SPYWAR~1 --= Spyware Terminator
cr: 05/09/2007 19:04:02 | mo: 05/09/2007 19:04:46 -=- Symantec --= Symantec
cr: 05/09/2007 19:03:50 | mo: 05/09/2007 19:03:50 -=- SYMANT~1 --= Symantec Client Security
cr: 01/09/2007 17:34:31 | mo: 01/09/2007 17:34:31 -=- UNINST~1 --= Uninstall Information
cr: 22/12/2007 19:11:36 | mo: 22/12/2007 19:11:36 -=- WIFD1F~1 --= Windows Defender
cr: 24/09/2007 18:03:07 | mo: 24/09/2007 18:03:08 -=- WI459E~1 --= Windows Desktop Search
cr: 24/09/2007 17:56:23 | mo: 30/11/2007 12:42:58 -=- WI1F86~1 --= Windows Live
cr: 11/09/2007 18:48:18 | mo: 24/09/2007 17:20:48 -=- WINDOW~4 --= Windows Live Toolbar
cr: 01/09/2007 17:21:10 | mo: 05/09/2007 23:05:01 -=- WINDOW~2 --= Windows Media Player
cr: 01/09/2007 17:20:24 | mo: 01/09/2007 17:20:52 -=- WINDOW~1 --= Windows NT
cr: 01/09/2007 17:23:18 | mo: 01/09/2007 17:23:18 -=- WINDOW~3 --= WindowsUpdate
cr: 02/09/2007 00:09:34 | mo: 02/09/2007 00:09:38 -=- WinRAR ----= WinRAR
cr: 01/09/2007 17:24:51 | mo: 01/09/2007 17:24:51 -=- xerox -----= xerox


___________________________________________________________________________

[Recherche programmes connus, liés à CiD]




___________________________________________________________________________

[Clés registre de démarrage]


[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
   newaim	REG_SZ         	C:\DOCUME~1\Sandrina\APPLIC~1\PLANTH~1\Proxy Amok.exe


___________________________________________________________________________

[Popups autorisés]


[-] Internet Explorer :

*.goodbookmark.com
www.castorama.fr
host-domain-lookup.com
www.host-domain-lookup.com
mysearchnow.com
www.mysearchnow.com

[-] Mozilla Firefox

host	popup	1	offres.renault.fr

[-] Suite Mozilla / SeaMonkey


___________________________________________________________________________

[Suggestion nettoyage registre] 


REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"newaim"=-

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\New Windows\Allow]
"mysearchnow.com"=-
"www.mysearchnow.com"=-


- Fin du rapport -
0
Réponse 10 / 15
green day Messages postés 26722 Statut Modérateur, Contributeur sécurité 2 163
 
Salut et bonne et heureuse année ! :-)

télécharge OTMoveIt http://download.bleepingcomputer.com/oldtimer/OTMoveIt.exe (de Old_Timer) sur ton Bureau.
double-clique sur OTMoveIt.exe pour le lancer.
copie la liste qui se trouve en ci-dessous,
et colle-la dans le cadre de gauche de OTMoveIt :Paste List of Files/Folders to be moved.

C:\DOCUME~1\Sandrina\APPLIC~1\PLANTH~1\Proxy Amok.exe
c:\docume~1\sandrina\applic~1\planth~1\settings program creative.exe
C:\Documents and Settings\All Users\Application Data\Long slow road itch
C:\Documents and Settings\Sandrina\Application Data\Plan thunk bone
C:\Program Files\Plan thunk bone
C:\WINDOWS\tasks\B0DCE924938B9300.job

clique sur MoveIt! pour lancer la suppression.
le résultat apparaitra dans le cadre "Results".
clique sur Exit pour fermer.
poste le rapport situé dans C:\_OTMoveIt\MovedFiles.

il te sera peut-être demander de redémarrer le pc pour achever la suppression.si c'est le cas accepte par Yes.

ensuite poste un nouveau hijack stp

@+
0
Réponse 11 / 15
Sardine78 Messages postés 8 Statut Membre
 
Voici le rapport Old Timer :

C:\DOCUME~1\Sandrina\APPLIC~1\PLANTH~1\Proxy Amok.exe moved successfully.
c:\docume~1\sandrina\applic~1\planth~1\settings program creative.exe moved successfully.
Folder cleanup failed. C:\Documents and Settings\All Users\Application Data\Long slow road itch scheduled to be deleted on reboot.
C:\Documents and Settings\Sandrina\Application Data\Plan thunk bone moved successfully.
C:\Program Files\Plan thunk bone moved successfully.
C:\WINDOWS\tasks\B0DCE924938B9300.job moved successfully.

Created on 01/01/2008 18:39:42

Et voici HijackThis :
Logfile of HijackThis v1.99.1
Scan saved at 18:50:45, on 01/01/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16574)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Windows Defender\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\ccProxy.exe
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\Program Files\Symantec Client Security\Symantec Client Firewall\ISSVC.exe
C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\RTHDCPL.EXE
C:\WINDOWS\vsnpstd2.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\PROGRA~1\SYMANT~1\SYMANT~2\VPTray.exe
C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe
C:\Program Files\Symantec Client Security\Symantec AntiVirus\DefWatch.exe
C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe
C:\WINDOWS\system32\slserv.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Symantec Client Security\Symantec AntiVirus\Rtvscan.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Symantec Client Security\Symantec Client Firewall\SymSPort.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\OLITEC\Moniteur WiFi OLITEC\Moniteur WiFi OLITEC.exe
C:\Program Files\Windows Desktop Search\WindowsSearch.exe
C:\WINDOWS\system32\SearchIndexer.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
C:\Program Files\HP\Digital Imaging\Product Assistant\bin\hprblog.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Windows Live\Messenger\usnsvc.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\Program Files\WinRAR\WinRAR.exe
C:\DOCUME~1\Sandrina\LOCALS~1\Temp\Rar$EX00.047\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [SkyTel] SkyTel.EXE
O4 - HKLM\..\Run: [SNPSTD2] C:\WINDOWS\vsnpstd2.exe
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [vptray] C:\PROGRA~1\SYMANT~1\SYMANT~2\VPTray.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [ISUSPM Startup] "C:\Program Files\Common Files\InstallShield\UpdateService\isuspm.exe" -startup
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [Windows Defender] "C:\Program Files\Windows Defender\MSASCui.exe" -hide
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [AdobeUpdater] C:\Program Files\Common Files\Adobe\Updater5\AdobeUpdater.exe
O4 - HKCU\..\Run: [newaim] C:\DOCUME~1\Sandrina\APPLIC~1\PLANTH~1\Proxy Amok.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Moniteur WiFi OLITEC.exe.lnk = ?
O4 - Global Startup: Windows Desktop Search.lnk = C:\Program Files\Windows Desktop Search\WindowsSearch.exe
O8 - Extra context menu item: Add to Windows &Live Favorites - https://onedrive.live.com/?id=favorites
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: PokerStars - {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - C:\Program Files\PokerStars\PokerStarsUpdate.exe
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O11 - Options group: [INTERNATIONAL] International*
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx1.hotmail.com/mail/w2/pr02/resources/MSNPUpld.cab
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.cab
O16 - DPF: {7FC1B346-83E6-4774-8D20-1A6B09B0E737} (Windows Live Photo Upload Control) - http://gregdepaname.spaces.live.com/PhotoUpload/MsnPUpld.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: wlmailhtml - {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Program Files\Windows Live\Mail\mailcomm.dll
O20 - Winlogon Notify: NavLogon - C:\WINDOWS\system32\NavLogon.dll
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft AB - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Network Proxy (ccProxy) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccProxy.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
O23 - Service: Symantec AntiVirus Definition Watcher (DefWatch) - Symantec Corporation - C:\Program Files\Symantec Client Security\Symantec AntiVirus\DefWatch.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: IS Service (ISSVC) - Symantec Corporation - C:\Program Files\Symantec Client Security\Symantec Client Firewall\ISSVC.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: SAVRoam (SavRoam) - symantec - C:\Program Files\Symantec Client Security\Symantec AntiVirus\SavRoam.exe
O23 - Service: SmartLinkService (SLService) - Smart Link - C:\WINDOWS\SYSTEM32\slserv.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
O23 - Service: Symantec AntiVirus - Symantec Corporation - C:\Program Files\Symantec Client Security\Symantec AntiVirus\Rtvscan.exe
O23 - Service: Symantec SecurePort (SymSecurePort) - Symantec Corporation - C:\Program Files\Symantec Client Security\Symantec Client Firewall\SymSPort.exe
O23 - Service: Windows Live Setup Service (WLSetupSvc) - Unknown owner - C:\Program Files\Windows Live\installer\WLSetupSvc.exe
0
Réponse 12 / 15
green day Messages postés 26722 Statut Modérateur, Contributeur sécurité 2 163
 
ok, où en sont les pubs ??

@+
0
Réponse 13 / 15
Sardine78 Messages postés 8 Statut Membre
 
il me semble bien que je ne suis plus harcelée
0
Réponse 14 / 15
green day Messages postés 26722 Statut Modérateur, Contributeur sécurité 2 163
 
ok, mais ce n'est pas encore tout à fait fini ! ;-)

fais ce qui est indiqué ici stp :

http://www.commentcamarche.net/faq/sujet 3174 virus methode preliminaire de desinfection version fr

++
0
Réponse 15 / 15
Utilisateur anonyme
 
salut

d'apres le rapport tu as 10 virus coche les lignes:

O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE

O4 - HKLM\..\Run: [ROAD ITCH AMOK PING] C:\Documents and Settings\All Users\Application Data\Long slow road itch\Dale Face.exe

O4 - HKCU\..\Run: [newaim] C:\DOCUME~1\Sandrina\APPLIC~1\PLANTH~1\Proxy Amok.exe

O17 - HKLM\System\CCS\Services\Tcpip\..\{04A699E6-4011-417B-BFD1-95E8B53AC3A9}: NameServer = 85.255.114.74,85.255.112.132

O17 - HKLM\System\CCS\Services\Tcpip\..\{DBC88CBC-E3C3-4E25-995B-9E509D66D90A}: NameServer = 85.255.114.74,85.255.112.132

O17 - HKLM\System\CS1\Services\Tcpip\Parameters: NameServer = 85.255.114.74 85.255.112.132

O17 - HKLM\System\CS1\Services\Tcpip\..\{04A699E6-4011-417B-BFD1-95E8B53AC3A9}: NameServer = 85.255.114.74,85.255.112.132

O17 - HKLM\System\CS2\Services\Tcpip\Parameters: NameServer = 85.255.114.74 85.255.112.132

O17 - HKLM\System\CS2\Services\Tcpip\..\{04A699E6-4011-417B-BFD1-95E8B53AC3A9}: NameServer = 85.255.114.74,85.255.112.132

O17 - HKLM\System\CCS\Services\Tcpip\Parameters: NameServer = 85.255.114.74 85.255.112.132

puis clic sur fixcheked puis telecharge spyware terminator puis mes le a jour puis fait un scan et supprimme tous se qui trouve et recolle moi un log hijackthis
-1
^^Marie^^ Messages postés 126523 Date d'inscription   Statut Membre Dernière intervention   3 279
 
Salut

POUR INFO

Il y a des Fix spécifiques pour supprimer une infection Fixwareout

Cela ne sert à rien ce que tu fais

A++

0
Pi_Xi Messages postés 2274 Statut Membre 149
 
Salut Jessy et les autres,

pour compléter la remarque de ^^Marie^^, l'infection FixWareOut est repérable sur les clés 17, tu remarqueras qu'elles ont disparues après avoir utilisé l'outil.
0

Discussions similaires

Encore les CiD
doudoudim -
doudoudim -

18 réponses
appel intrusif sur Skype
FAMATHELY -
Utilisateur anonyme -

3 réponses
CiD
Bahia -
espion3004 -

1 réponse
comment donner les droits sur fichier partage
ch'ti du 57 -
fil1958 -

2 réponses
Problème CiD
Djemalounet -
Djemalounet -

104 réponses