Sujet Précédent Sujet Suivant

Demande d'aide: infection Win32:TratBHO [Trj]

Résolu
bozol Messages postés 20 Statut Membre -  
ep44 Messages postés 7432 Statut Contributeur -
Bonjour,
Si qlq un peut me dire quoi faire, j'ai Avast qui me trouve TratBHO depuis 3 jours...
Je suis sous vista familial premium

HijackThis commence le scan sur une erreur
"For some reason your system denied write access to the Host file.
[...]
Find the lines HijackThis reports and delete them.
Save the file as "hosts." (whith quotes) and reboot."

En fait le fichier host ne contient rien à propos de HijackThis...

Ensuite :

"An unexpected error has occured at procedure:
mod_Main_checkother1item()
Error #75 - Erreur dans le chemin d'accès
[...]"

Puis quand même un rapport :

Logfile of HijackThis v1.99.1
Scan saved at 21:49:45, on 01/02/2008
Platform: Unknown Windows (WinNT 6.00.1904)
MSIE: Internet Explorer v7.00 (7.00.6000.16575)

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskeng.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Windows\System32\rundll32.exe
C:\Windows\RtHDVCpl.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
C:\Program Files\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe
C:\Program Files\Alwil Software\Avast4\ashDisp.exe
C:\Program Files\Synaptics\SynTP\SynTPStart.exe
C:\Windows\mrofinu1044.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\Hewlett-Packard\Shared\HpqToaster.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Windows\system32\NOTEPAD.EXE
C:\Users\Mat\Desktop\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?pc=mssh&form=msshhp&ocid=onepro&homepage=http%3a%2f%2fwww.daemon-search.com%2fstartpage

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr?cobrand=hp-notebook.msn.com&ocid=HPDHP&pc=HPNTDF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr?cobrand=hp-notebook.msn.com&ocid=HPDHP&pc=HPNTDF
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O4 - HKLM\..\Run: [NvSvc] RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe
O4 - HKLM\..\Run: [HP Health Check Scheduler] C:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe
O4 - HKLM\..\Run: [hpWirelessAssistant] %ProgramFiles%\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
O4 - HKLM\..\Run: [WAWifiMessage] %ProgramFiles%\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [SynTPStart] C:\Program Files\Synaptics\SynTP\SynTPStart.exe
O4 - HKLM\..\Run: [MSServer] rundll32.exe C:\Windows\system32\awtssts.dll,#1
O4 - HKLM\..\Run: [runner1] C:\Windows\mrofinu1044.exe 61A847B5BBF72813329F3C466188719AB689201522886B092CBD44BD8689220221DD3257
O4 - HKLM\..\RunOnce: [Launcher] %WINDIR%\SMINST\launcher.exe
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [MSServer] rundll32.exe C:\Users\Mat\AppData\Local\Temp\fccdd.dll,#1
O4 - HKCU\..\Run: [cmds] rundll32.exe C:\Users\Mat\AppData\Local\Temp\fcyvw.dll,c
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0\bin\ssv.dll
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra button: Livre de reliures HP - {58ECB495-38F0-49cb-A538-10282ABF65E7} - C:\Program Files\HP\Smart Web Printing\hpswp_extensions.dll
O9 - Extra button: Sélection intelligente HP - {700259D7-1666-479a-93B1-3250410481E8} - C:\Program Files\HP\Smart Web Printing\hpswp_extensions.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O10 - Unknown file in Winsock LSP: c:\windows\system32\nlaapi.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\napinsp.dll
O11 - Options group: [INTERNATIONAL] International*
O13 - Gopher Prefix:
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~1\MICROS~3\Office12\GR99D3~1.DLL
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: ms-help - {314111C7-A502-11D2-BBCA-00C04F8EC294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Filter hijack: text/xml - {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: CyberLink Background Capture Service (CBCS) (CLCapSvc) - Unknown owner - C:\Program Files\HP\QuickPlay\Kernel\TV\CLCapSvc.exe
O23 - Service: CyberLink Task Scheduler (CTS) (CLSched) - Unknown owner - C:\Program Files\HP\QuickPlay\Kernel\TV\CLSched.exe
O23 - Service: Com4Qlb - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4Qlb.exe
O23 - Service: @%SystemRoot%\ehome\ehstart.dll,-101 (ehstart) - Unknown owner - %windir%\system32\svchost.exe (file missing)
O23 - Service: HP Health Check Service - Hewlett-Packard - C:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe
O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: SQL Server (SQLEXPRESS) (MSSQL$SQLEXPRESS) - Unknown owner - c:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe" -sSQLEXPRESS (file missing)
O23 - Service: @%SystemRoot%\system32\qwave.dll,-1 (QWAVE) - Unknown owner - %windir%\system32\svchost.exe (file missing)
O23 - Service: RoxMediaDB9 - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe
O23 - Service: @%SystemRoot%\system32\seclogon.dll,-7001 (seclogon) - Unknown owner - %windir%\system32\svchost.exe (file missing)
O23 - Service: stllssvr - MicroVision Development, Inc. - C:\Program Files\Common Files\SureThing Shared\stllssvr.exe
O23 - Service: @%ProgramFiles%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - %ProgramFiles%\Windows Media Player\wmpnetwk.exe (file missing)



J'ai essayé de virer les lignes nefastes ou inconnues selon l'analyseur en ligne du site HijackThis... elle reviennent aussitot...

Je m'en remets a vos conseils... sinon formatage ! :)

36 réponses

Précédent
  • 1
  • 2
Réponse 21 / 36
bozol Messages postés 20 Statut Membre
 
désolé...
Ca marche ! Je scan avec bitdefender et te poste les 2 rapports...
Merci a toi
0
Réponse 22 / 36
ep44 Messages postés 7432 Statut Contributeur 3
 
ok
@+ ;-)
0
Réponse 23 / 36
bozol Messages postés 20 Statut Membre
 
bonjour

le rapport bitdefender :

BitDefender Online Scanner
Scan report generated at: Tue, Feb 05, 2008 - 00:43:03
Scan path: C:\;D:\;E:\;F:\;
Statistics
Time 01:13:20
Files 390706
Folders 15339
Boot Sectors 3
Archives 25531
Packed Files 27674

Results
Identified Viruses 2
Infected Files 2
Suspect Files 4
Warnings 0
Disinfected 0
Deleted Files 6

Engines Info
Virus Definitions 978908
Engine build AVCORE v1.0 (build 2422) (i386) (Sep 25 2007 08:26:36)
Scan plugins 16
Archive plugins 41
Unpack plugins 7
E-mail plugins 6
System plugins 5

Scan Settings
First Action Disinfect
Second Action Delete
Heuristics Yes
Enable Warnings Yes
Scanned Extensions *;
Exclude Extensions
Scan Emails Yes
Scan Archives Yes
Scan Packed Yes
Scan Files Yes
Scan Boot Yes

Scanned File Status
C:\Users\Mat\Documents\MATEO\Perso\Copie de Mails Outlook Express\Perso.dbx=>(message 927)=>[Subject: TR: key changer][Date: Thu, 28 Oct 2004 14:31:35 +0200]=>(MIME part)=>WindowsXP Product Key Viewer.exe Detected with: Application.Crack.Stylexp.B
C:\Users\Mat\Documents\MATEO\Perso\Copie de Mails Outlook Express\Perso.dbx=>(message 927)=>[Subject: TR: key changer][Date: Thu, 28 Oct 2004 14:31:35 +0200]=>(MIME part)=>WindowsXP Product Key Viewer.exe Deleted
C:\Users\Mat\Documents\MATEO\Perso\Copie de Mails Outlook Express\Perso.dbx=>(message 927)=>[Subject: TR: key changer][Date: Thu, 28 Oct 2004 14:31:35 +0200]=>(MIME part) Updated
C:\Users\Mat\Documents\MATEO\Perso\Copie de Mails Outlook Express\Perso.dbx=>(message 927) Updated
C:\Users\Mat\Documents\MATEO\Perso\Copie de Mails Outlook Express\Perso.dbx Update failed
C:\Users\Mat\Documents\MATEO\Perso\DDMAXTOR\Perso\Archives Mails\Disk E 2001 en gros.ace=>Perso.dbx=>(message 1204)=>[Subject: =?iso-8859-1?Q?Cr=E9maill=E8re_+_destr][Date: Fri, 6 Oct 2000 16:46:48 +0200]=>(MIME part)=>STRESSRE.EXE Detected with: Application.Joke.Stressrelief.B
C:\Users\Mat\Documents\MATEO\Perso\DDMAXTOR\Perso\Archives Mails\Disk E 2001 en gros.ace=>Perso.dbx=>(message 1204)=>[Subject: =?iso-8859-1?Q?Cr=E9maill=E8re_+_destr][Date: Fri, 6 Oct 2000 16:46:48 +0200]=>(MIME part)=>STRESSRE.EXE Deleted
C:\Users\Mat\Documents\MATEO\Perso\DDMAXTOR\Perso\Archives Mails\Disk E 2001 en gros.ace=>Perso.dbx=>(message 1204)=>[Subject: =?iso-8859-1?Q?Cr=E9maill=E8re_+_destr][Date: Fri, 6 Oct 2000 16:46:48 +0200]=>(MIME part) Updated
C:\Users\Mat\Documents\MATEO\Perso\DDMAXTOR\Perso\Archives Mails\Disk E 2001 en gros.ace=>Perso.dbx=>(message 1204) Updated
C:\Users\Mat\Documents\MATEO\Perso\DDMAXTOR\Perso\Archives Mails\Disk E 2001 en gros.ace=>Perso.dbx Update failed
C:\Users\Mat\Documents\MATEO\Perso\DDMAXTOR\Perso\Archives Mails\Mail taff jusqu au 23 08 2002.ace=>Perso.dbx=>(message 652)=>[Subject: Re: Let's be friends][Date: Tue, 11 Jun 2002 11:19:24 +0200]=>(MIME part)=>(message body) Suspected of: Exploit.Iframe.Vulnerability
C:\Users\Mat\Documents\MATEO\Perso\DDMAXTOR\Perso\Archives Mails\Mail taff jusqu au 23 08 2002.ace=>Perso.dbx=>(message 652)=>[Subject: Re: Let's be friends][Date: Tue, 11 Jun 2002 11:19:24 +0200]=>(MIME part)=>(message body) Disinfection failed
C:\Users\Mat\Documents\MATEO\Perso\DDMAXTOR\Perso\Archives Mails\Mail taff jusqu au 23 08 2002.ace=>Perso.dbx=>(message 652)=>[Subject: Re: Let's be friends][Date: Tue, 11 Jun 2002 11:19:24 +0200]=>(MIME part)=>(message body) Deleted
C:\Users\Mat\Documents\MATEO\Perso\DDMAXTOR\Perso\Archives Mails\Mail taff jusqu au 23 08 2002.ace=>Perso.dbx=>(message 652)=>[Subject: Re: Let's be friends][Date: Tue, 11 Jun 2002 11:19:24 +0200]=>(MIME part) Updated
C:\Users\Mat\Documents\MATEO\Perso\DDMAXTOR\Perso\Archives Mails\Mail taff jusqu au 23 08 2002.ace=>Perso.dbx=>(message 652) Updated
C:\Users\Mat\Documents\MATEO\Perso\DDMAXTOR\Perso\Archives Mails\Mail taff jusqu au 23 08 2002.ace=>Perso.dbx Update failed
C:\Users\Mat\Documents\MATEO\Perso\DDMAXTOR\Perso\Archives Mails\Mail taff jusqu au 23 08 2002.ace=>?l?ments envoy?s.dbx=>(message 552)=>[Subject: Re: Let's be friends][Date: Tue, 11 Jun 2002 11:42:19 +0200]=>(MIME part)=>(message body)=>(IFRAME) Suspected of: Exploit.Iframe.Vulnerability
C:\Users\Mat\Documents\MATEO\Perso\DDMAXTOR\Perso\Archives Mails\Mail taff jusqu au 23 08 2002.ace=>?l?ments envoy?s.dbx=>(message 552)=>[Subject: Re: Let's be friends][Date: Tue, 11 Jun 2002 11:42:19 +0200]=>(MIME part)=>(message body)=>(IFRAME) Disinfection failed
C:\Users\Mat\Documents\MATEO\Perso\DDMAXTOR\Perso\Archives Mails\Mail taff jusqu au 23 08 2002.ace=>?l?ments envoy?s.dbx=>(message 552)=>[Subject: Re: Let's be friends][Date: Tue, 11 Jun 2002 11:42:19 +0200]=>(MIME part)=>(message body)=>(IFRAME) Deleted
C:\Users\Mat\Documents\MATEO\Perso\DDMAXTOR\Perso\Archives Mails\Mail taff jusqu au 23 08 2002.ace=>?l?ments envoy?s.dbx=>(message 552)=>[Subject: Re: Let's be friends][Date: Tue, 11 Jun 2002 11:42:19 +0200]=>(MIME part)=>(message body) Updated
C:\Users\Mat\Documents\MATEO\Perso\DDMAXTOR\Perso\Archives Mails\Mail taff jusqu au 23 08 2002.ace=>?l?ments envoy?s.dbx=>(message 552)=>[Subject: Re: Let's be friends][Date: Tue, 11 Jun 2002 11:42:19 +0200]=>(MIME part) Updated
C:\Users\Mat\Documents\MATEO\Perso\DDMAXTOR\Perso\Archives Mails\Mail taff jusqu au 23 08 2002.ace=>?l?ments envoy?s.dbx=>(message 552) Updated
C:\Users\Mat\Documents\MATEO\Perso\DDMAXTOR\Perso\Archives Mails\Mail taff jusqu au 23 08 2002.ace=>?l?ments envoy?s.dbx Update failed
C:\Users\Mat\Documents\MATEO\Perso\DDMAXTOR\Perso\Archives Mails\Mail taff jusqu au 23 08 2002.ace=>?l?ments envoy?s.dbx=>(message 556)=>[Subject: Re: Let's be friends][Date: Mon, 10 Jun 2002 18:02:47 +0200]=>(MIME part)=>(message body) Suspected of: Exploit.Iframe.Vulnerability
C:\Users\Mat\Documents\MATEO\Perso\DDMAXTOR\Perso\Archives Mails\Mail taff jusqu au 23 08 2002.ace=>?l?ments envoy?s.dbx=>(message 556)=>[Subject: Re: Let's be friends][Date: Mon, 10 Jun 2002 18:02:47 +0200]=>(MIME part)=>(message body) Disinfection failed
C:\Users\Mat\Documents\MATEO\Perso\DDMAXTOR\Perso\Archives Mails\Mail taff jusqu au 23 08 2002.ace=>?l?ments envoy?s.dbx=>(message 556)=>[Subject: Re: Let's be friends][Date: Mon, 10 Jun 2002 18:02:47 +0200]=>(MIME part)=>(message body) Deleted
C:\Users\Mat\Documents\MATEO\Perso\DDMAXTOR\Perso\Archives Mails\Mail taff jusqu au 23 08 2002.ace=>?l?ments envoy?s.dbx=>(message 556)=>[Subject: Re: Let's be friends][Date: Mon, 10 Jun 2002 18:02:47 +0200]=>(MIME part) Updated
C:\Users\Mat\Documents\MATEO\Perso\DDMAXTOR\Perso\Archives Mails\Mail taff jusqu au 23 08 2002.ace=>?l?ments envoy?s.dbx=>(message 556) Updated
C:\Users\Mat\Documents\MATEO\Perso\DDMAXTOR\Perso\Archives Mails\Mail taff jusqu au 23 08 2002.ace=>?l?ments envoy?s.dbx Update failed
C:\Users\Mat\Documents\MATEO\Perso\DDMAXTOR\Perso\Archives Mails\Mail taff jusqu au 23 08 2002.ace=>?l?ments envoy?s.dbx=>(message 734)=>[Subject: Re: A WinXP patch][Date: Tue, 30 Apr 2002 09:48:52 +0200]=>(MIME part)=>(message body) Suspected of: Exploit.Iframe.Vulnerability
C:\Users\Mat\Documents\MATEO\Perso\DDMAXTOR\Perso\Archives Mails\Mail taff jusqu au 23 08 2002.ace=>?l?ments envoy?s.dbx=>(message 734)=>[Subject: Re: A WinXP patch][Date: Tue, 30 Apr 2002 09:48:52 +0200]=>(MIME part)=>(message body) Disinfection failed
C:\Users\Mat\Documents\MATEO\Perso\DDMAXTOR\Perso\Archives Mails\Mail taff jusqu au 23 08 2002.ace=>?l?ments envoy?s.dbx=>(message 734)=>[Subject: Re: A WinXP patch][Date: Tue, 30 Apr 2002 09:48:52 +0200]=>(MIME part)=>(message body) Deleted
C:\Users\Mat\Documents\MATEO\Perso\DDMAXTOR\Perso\Archives Mails\Mail taff jusqu au 23 08 2002.ace=>?l?ments envoy?s.dbx=>(message 734)=>[Subject: Re: A WinXP patch][Date: Tue, 30 Apr 2002 09:48:52 +0200]=>(MIME part) Updated
C:\Users\Mat\Documents\MATEO\Perso\DDMAXTOR\Perso\Archives Mails\Mail taff jusqu au 23 08 2002.ace=>?l?ments envoy?s.dbx=>(message 734) Updated
C:\Users\Mat\Documents\MATEO\Perso\DDMAXTOR\Perso\Archives Mails\Mail taff jusqu au 23 08 2002.ace=>?l?ments envoy?s.dbx Update failed
0
Réponse 24 / 36
bozol Messages postés 20 Statut Membre
 
Et le Hijackthis
Pour info les virus trouvés par bitdefender sont dans des archives de mail que je ne reactive plus depuis au moins 5 ans... je les avais donc sur ma précédente machine sans soucis...

Logfile of HijackThis v1.99.1
Scan saved at 07:26:34, on 05/02/2008
Platform: Unknown Windows (WinNT 6.00.1904)
MSIE: Internet Explorer v7.00 (7.00.6000.16575)

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskeng.exe
C:\WINDOWS\System32\rundll32.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\WINDOWS\System32\rundll32.exe
C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
C:\Program Files\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe
C:\Program Files\Java\jre1.6.0\bin\jusched.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Hewlett-Packard\Shared\HpqToaster.exe
C:\Users\Mat\Desktop\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/webhp?gws_rd=ssl
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr?cobrand=hp-notebook.msn.com&ocid=HPDHP&pc=HPNTDF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr?cobrand=hp-notebook.msn.com&ocid=HPDHP&pc=HPNTDF
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {1E8A6170-7264-4D0F-BEAE-D42A53123C75} - c:\Program Files\Common Files\Symantec Shared\coShared\Browser\1.5\NppBho.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~3\Office12\GRA8E1~1.DLL
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O3 - Toolbar: Show Norton Toolbar - {90222687-F593-4738-B738-FBEE9C7B26DF} - c:\Program Files\Common Files\Symantec Shared\coShared\Browser\1.5\UIBHO.dll
O4 - HKLM\..\Run: [NvSvc] RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [SMSERIAL] C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [ccApp] "c:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [hpWirelessAssistant] %ProgramFiles%\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
O4 - HKLM\..\Run: [WAWifiMessage] %ProgramFiles%\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0\bin\jusched.exe"
O4 - HKLM\..\Run: [Symantec PIF AlertEng] "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" /a /m "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\AlertEng.dll"
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKLM\..\Run: [PWRISOVM.EXE] C:\Program Files\PowerISO\PWRISOVM.EXE
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0\bin\ssv.dll
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O10 - Unknown file in Winsock LSP: c:\windows\system32\nlaapi.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\napinsp.dll
O11 - Options group: [INTERNATIONAL] International*
O13 - Gopher Prefix:
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scan8/oscan8.cab
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~1\MICROS~3\Office12\GR99D3~1.DLL
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: ms-help - {314111C7-A502-11D2-BBCA-00C04F8EC294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Filter hijack: text/xml - {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Unknown owner - c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe" /h ccCommon (file missing)
O23 - Service: Symantec Settings Manager (ccSetMgr) - Unknown owner - c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe" /h ccCommon (file missing)
O23 - Service: CyberLink Background Capture Service (CBCS) (CLCapSvc) - Unknown owner - C:\Program Files\HP\QuickPlay\Kernel\TV\CLCapSvc.exe
O23 - Service: CyberLink Task Scheduler (CTS) (CLSched) - Unknown owner - C:\Program Files\HP\QuickPlay\Kernel\TV\CLSched.exe
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Unknown owner - c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe" /h cltCommon (file missing)
O23 - Service: Com4Qlb - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4Qlb.exe
O23 - Service: COM Host (comHost) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\VAScanner\comHost.exe
O23 - Service: @%SystemRoot%\ehome\ehstart.dll,-101 (ehstart) - Unknown owner - %windir%\system32\svchost.exe (file missing)
O23 - Service: HP Health Check Service - Hewlett-Packard - C:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe
O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: Symantec IS Password Validation (ISPwdSvc) - Symantec Corporation - c:\Program Files\Norton Internet Security\isPwdSvc.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: LiveUpdate Notice Service Ex (LiveUpdate Notice Ex) - Unknown owner - c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe" /h ccCommon (file missing)
O23 - Service: LiveUpdate Notice Service - Unknown owner - C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" /m "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PifEng.dll (file missing)
O23 - Service: Planificateur LiveUpdate automatique - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
O23 - Service: @%SystemRoot%\system32\qwave.dll,-1 (QWAVE) - Unknown owner - %windir%\system32\svchost.exe (file missing)
O23 - Service: RoxMediaDB9 - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe
O23 - Service: @%SystemRoot%\system32\seclogon.dll,-7001 (seclogon) - Unknown owner - %windir%\system32\svchost.exe (file missing)
O23 - Service: stllssvr - MicroVision Development, Inc. - C:\Program Files\Common Files\SureThing Shared\stllssvr.exe
O23 - Service: Symantec Core LC - Unknown owner - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
O23 - Service: Symantec AppCore Service (SymAppCore) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\AppCore\AppSvc32.exe
O23 - Service: @%ProgramFiles%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - %ProgramFiles%\Windows Media Player\wmpnetwk.exe (file missing)



bonne journée
0

Vous n’avez pas trouvé la réponse que vous recherchez ?

Posez votre question
Réponse 25 / 36
ep44 Messages postés 7432 Statut Contributeur 3
 
Bonsoir

as tu ressayé les autres
@+
0
Réponse 26 / 36
bozol Messages postés 20 Statut Membre
 
Bjr,
j'ai passé LSPFix sur les 2 dll que tu m'indiquais

Voilà le rapport HijackThis

Logfile of HijackThis v1.99.1
Scan saved at 23:02:27, on 05/02/2008
Platform: Unknown Windows (WinNT 6.00.1904)
MSIE: Internet Explorer v7.00 (7.00.6000.16575)

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskeng.exe
C:\WINDOWS\System32\rundll32.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\WINDOWS\System32\rundll32.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
C:\Program Files\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe
C:\Program Files\Java\jre1.6.0\bin\jusched.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\Program Files\PowerISO\PWRISOVM.EXE
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Hewlett-Packard\Shared\HpqToaster.exe
C:\Windows\System32\wsqmcons.exe
C:\Windows\system32\wuauclt.exe
C:\Users\Mat\Desktop\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/webhp?gws_rd=ssl
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr?cobrand=hp-notebook.msn.com&ocid=HPDHP&pc=HPNTDF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr?cobrand=hp-notebook.msn.com&ocid=HPDHP&pc=HPNTDF
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {1E8A6170-7264-4D0F-BEAE-D42A53123C75} - c:\Program Files\Common Files\Symantec Shared\coShared\Browser\1.5\NppBho.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~3\Office12\GRA8E1~1.DLL
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O3 - Toolbar: Show Norton Toolbar - {90222687-F593-4738-B738-FBEE9C7B26DF} - c:\Program Files\Common Files\Symantec Shared\coShared\Browser\1.5\UIBHO.dll
O4 - HKLM\..\Run: [NvSvc] RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [SMSERIAL] C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [ccApp] "c:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [hpWirelessAssistant] %ProgramFiles%\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
O4 - HKLM\..\Run: [WAWifiMessage] %ProgramFiles%\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0\bin\jusched.exe"
O4 - HKLM\..\Run: [Symantec PIF AlertEng] "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" /a /m "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\AlertEng.dll"
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKLM\..\Run: [PWRISOVM.EXE] C:\Program Files\PowerISO\PWRISOVM.EXE
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0\bin\ssv.dll
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O11 - Options group: [INTERNATIONAL] International*
O13 - Gopher Prefix:
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scan8/oscan8.cab
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~1\MICROS~3\Office12\GR99D3~1.DLL
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: ms-help - {314111C7-A502-11D2-BBCA-00C04F8EC294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Filter hijack: text/xml - {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Unknown owner - c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe" /h ccCommon (file missing)
O23 - Service: Symantec Settings Manager (ccSetMgr) - Unknown owner - c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe" /h ccCommon (file missing)
O23 - Service: CyberLink Background Capture Service (CBCS) (CLCapSvc) - Unknown owner - C:\Program Files\HP\QuickPlay\Kernel\TV\CLCapSvc.exe
O23 - Service: CyberLink Task Scheduler (CTS) (CLSched) - Unknown owner - C:\Program Files\HP\QuickPlay\Kernel\TV\CLSched.exe
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Unknown owner - c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe" /h cltCommon (file missing)
O23 - Service: Com4Qlb - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4Qlb.exe
O23 - Service: COM Host (comHost) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\VAScanner\comHost.exe
O23 - Service: @%SystemRoot%\ehome\ehstart.dll,-101 (ehstart) - Unknown owner - %windir%\system32\svchost.exe (file missing)
O23 - Service: HP Health Check Service - Hewlett-Packard - C:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe
O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: Symantec IS Password Validation (ISPwdSvc) - Symantec Corporation - c:\Program Files\Norton Internet Security\isPwdSvc.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: LiveUpdate Notice Service Ex (LiveUpdate Notice Ex) - Unknown owner - c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe" /h ccCommon (file missing)
O23 - Service: LiveUpdate Notice Service - Unknown owner - C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" /m "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PifEng.dll (file missing)
O23 - Service: Planificateur LiveUpdate automatique - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
O23 - Service: @%SystemRoot%\system32\qwave.dll,-1 (QWAVE) - Unknown owner - %windir%\system32\svchost.exe (file missing)
O23 - Service: RoxMediaDB9 - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe
O23 - Service: @%SystemRoot%\system32\seclogon.dll,-7001 (seclogon) - Unknown owner - %windir%\system32\svchost.exe (file missing)
O23 - Service: stllssvr - MicroVision Development, Inc. - C:\Program Files\Common Files\SureThing Shared\stllssvr.exe
O23 - Service: Symantec Core LC - Unknown owner - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
O23 - Service: Symantec AppCore Service (SymAppCore) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\AppCore\AppSvc32.exe
O23 - Service: @%ProgramFiles%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - %ProgramFiles%\Windows Media Player\wmpnetwk.exe (file missing)



Merci pour ton aide :-)
0
Réponse 27 / 36
ep44 Messages postés 7432 Statut Contributeur 3
 
ok pour ça parfait maintenant pour essaye ceci
Télécharge sur ton bureau RHosts (Merci à S!ri) disponible ici,
http://siri.urz.free.fr/Softs/RHosts.exe
Double-clique sur Rhosts.exe et clique sur "restaurer".
@+
0
Réponse 28 / 36
bozol Messages postés 20 Statut Membre
 
Slt,

J'essaye Rhost ce soir ou demain

Merci encore.

A+
0
Réponse 29 / 36
bozol Messages postés 20 Statut Membre
 
Il marche pas pour Vista Rhost...

Tu vois autre chose à faire ? sinon la machine marche bien moi ca me convient. Reste à ce que ca m'arrive plus :-)

A +
0
Réponse 30 / 36
ep44 Messages postés 7432 Statut Contributeur 3
 
ok relance hijack et coche ceci
O1 - Hosts: ::1 localhost
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
ensuite clic sur fix checked

pour finir et pour vérif si tu veut bien on va faire un scan en ligne

avec bitdefender et colle le rapport

https://www.bitdefender.com/toolbox/

un tuto
http://pageperso.aol.fr/rginformatique/mapage/defender.htm
@+
0
Réponse 31 / 36
bozol Messages postés 20 Statut Membre
 
Voici :

BitDefender Online Scanner

Scan report generated at: Wed, Feb 06, 2008 - 23:32:18

Scan path: C:\;D:\;E:\;F:\;

Statistics

Time

01:12:37

Files

391007

Folders

15355

Boot Sectors

3

Archives

25552

Packed Files

27691

Results

Identified Viruses

2

Infected Files

2

Suspect Files

4

Warnings

0

Disinfected

0

Deleted Files

6

Engines Info

Virus Definitions

979410

Engine build

AVCORE v1.0 (build 2422) (i386) (Sep 25 2007 08:26:36)

Scan plugins

16

Archive plugins

41

Unpack plugins

7

E-mail plugins

6

System plugins

5

Scan Settings

First Action

Disinfect

Second Action

Delete

Heuristics

Yes

Enable Warnings

Yes

Scanned Extensions

*;

Exclude Extensions

Scan Emails

Yes

Scan Archives

Yes

Scan Packed

Yes

Scan Files

Yes

Scan Boot

Yes

Scanned File

Status

C:\Users\Mat\Documents\MATEO\Perso\Copie de Mails Outlook Express\Perso.dbx=>(message 927)=>[Subject: TR: key changer][Date: Thu, 28 Oct 2004 14:31:35 +0200]=>(MIME part)=>WindowsXP Product Key Viewer.exe

Detected with: Application.Crack.Stylexp.B

C:\Users\Mat\Documents\MATEO\Perso\Copie de Mails Outlook Express\Perso.dbx=>(message 927)=>[Subject: TR: key changer][Date: Thu, 28 Oct 2004 14:31:35 +0200]=>(MIME part)=>WindowsXP Product Key Viewer.exe

Deleted

C:\Users\Mat\Documents\MATEO\Perso\Copie de Mails Outlook Express\Perso.dbx=>(message 927)=>[Subject: TR: key changer][Date: Thu, 28 Oct 2004 14:31:35 +0200]=>(MIME part)

Updated

C:\Users\Mat\Documents\MATEO\Perso\Copie de Mails Outlook Express\Perso.dbx=>(message 927)

Updated

C:\Users\Mat\Documents\MATEO\Perso\Copie de Mails Outlook Express\Perso.dbx

Update failed

C:\Users\Mat\Documents\MATEO\Perso\DDMAXTOR\Perso\Archives Mails\Disk E 2001 en gros.ace=>Perso.dbx=>(message 1204)=>[Subject: =?iso-8859-1?Q?Cr=E9maill=E8re_+_destr][Date: Fri, 6 Oct 2000 16:46:48 +0200]=>(MIME part)=>STRESSRE.EXE

Detected with: Application.Joke.Stressrelief.B

C:\Users\Mat\Documents\MATEO\Perso\DDMAXTOR\Perso\Archives Mails\Disk E 2001 en gros.ace=>Perso.dbx=>(message 1204)=>[Subject: =?iso-8859-1?Q?Cr=E9maill=E8re_+_destr][Date: Fri, 6 Oct 2000 16:46:48 +0200]=>(MIME part)=>STRESSRE.EXE

Deleted

C:\Users\Mat\Documents\MATEO\Perso\DDMAXTOR\Perso\Archives Mails\Disk E 2001 en gros.ace=>Perso.dbx=>(message 1204)=>[Subject: =?iso-8859-1?Q?Cr=E9maill=E8re_+_destr][Date: Fri, 6 Oct 2000 16:46:48 +0200]=>(MIME part)

Updated

C:\Users\Mat\Documents\MATEO\Perso\DDMAXTOR\Perso\Archives Mails\Disk E 2001 en gros.ace=>Perso.dbx=>(message 1204)

Updated

C:\Users\Mat\Documents\MATEO\Perso\DDMAXTOR\Perso\Archives Mails\Disk E 2001 en gros.ace=>Perso.dbx

Update failed

C:\Users\Mat\Documents\MATEO\Perso\DDMAXTOR\Perso\Archives Mails\Mail taff jusqu au 23 08 2002.ace=>Perso.dbx=>(message 652)=>[Subject: Re: Let's be friends][Date: Tue, 11 Jun 2002 11:19:24 +0200]=>(MIME part)=>(message body)

Suspected of: Exploit.Iframe.Vulnerability

C:\Users\Mat\Documents\MATEO\Perso\DDMAXTOR\Perso\Archives Mails\Mail taff jusqu au 23 08 2002.ace=>Perso.dbx=>(message 652)=>[Subject: Re: Let's be friends][Date: Tue, 11 Jun 2002 11:19:24 +0200]=>(MIME part)=>(message body)

Disinfection failed

C:\Users\Mat\Documents\MATEO\Perso\DDMAXTOR\Perso\Archives Mails\Mail taff jusqu au 23 08 2002.ace=>Perso.dbx=>(message 652)=>[Subject: Re: Let's be friends][Date: Tue, 11 Jun 2002 11:19:24 +0200]=>(MIME part)=>(message body)

Deleted

C:\Users\Mat\Documents\MATEO\Perso\DDMAXTOR\Perso\Archives Mails\Mail taff jusqu au 23 08 2002.ace=>Perso.dbx=>(message 652)=>[Subject: Re: Let's be friends][Date: Tue, 11 Jun 2002 11:19:24 +0200]=>(MIME part)

Updated

C:\Users\Mat\Documents\MATEO\Perso\DDMAXTOR\Perso\Archives Mails\Mail taff jusqu au 23 08 2002.ace=>Perso.dbx=>(message 652)

Updated

C:\Users\Mat\Documents\MATEO\Perso\DDMAXTOR\Perso\Archives Mails\Mail taff jusqu au 23 08 2002.ace=>Perso.dbx

Update failed

C:\Users\Mat\Documents\MATEO\Perso\DDMAXTOR\Perso\Archives Mails\Mail taff jusqu au 23 08 2002.ace=>?l?ments envoy?s.dbx=>(message 552)=>[Subject: Re: Let's be friends][Date: Tue, 11 Jun 2002 11:42:19 +0200]=>(MIME part)=>(message body)=>(IFRAME)

Suspected of: Exploit.Iframe.Vulnerability

C:\Users\Mat\Documents\MATEO\Perso\DDMAXTOR\Perso\Archives Mails\Mail taff jusqu au 23 08 2002.ace=>?l?ments envoy?s.dbx=>(message 552)=>[Subject: Re: Let's be friends][Date: Tue, 11 Jun 2002 11:42:19 +0200]=>(MIME part)=>(message body)=>(IFRAME)

Disinfection failed

C:\Users\Mat\Documents\MATEO\Perso\DDMAXTOR\Perso\Archives Mails\Mail taff jusqu au 23 08 2002.ace=>?l?ments envoy?s.dbx=>(message 552)=>[Subject: Re: Let's be friends][Date: Tue, 11 Jun 2002 11:42:19 +0200]=>(MIME part)=>(message body)=>(IFRAME)

Deleted

C:\Users\Mat\Documents\MATEO\Perso\DDMAXTOR\Perso\Archives Mails\Mail taff jusqu au 23 08 2002.ace=>?l?ments envoy?s.dbx=>(message 552)=>[Subject: Re: Let's be friends][Date: Tue, 11 Jun 2002 11:42:19 +0200]=>(MIME part)=>(message body)

Updated

C:\Users\Mat\Documents\MATEO\Perso\DDMAXTOR\Perso\Archives Mails\Mail taff jusqu au 23 08 2002.ace=>?l?ments envoy?s.dbx=>(message 552)=>[Subject: Re: Let's be friends][Date: Tue, 11 Jun 2002 11:42:19 +0200]=>(MIME part)

Updated

C:\Users\Mat\Documents\MATEO\Perso\DDMAXTOR\Perso\Archives Mails\Mail taff jusqu au 23 08 2002.ace=>?l?ments envoy?s.dbx=>(message 552)

Updated

C:\Users\Mat\Documents\MATEO\Perso\DDMAXTOR\Perso\Archives Mails\Mail taff jusqu au 23 08 2002.ace=>?l?ments envoy?s.dbx

Update failed

C:\Users\Mat\Documents\MATEO\Perso\DDMAXTOR\Perso\Archives Mails\Mail taff jusqu au 23 08 2002.ace=>?l?ments envoy?s.dbx=>(message 556)=>[Subject: Re: Let's be friends][Date: Mon, 10 Jun 2002 18:02:47 +0200]=>(MIME part)=>(message body)

Suspected of: Exploit.Iframe.Vulnerability

C:\Users\Mat\Documents\MATEO\Perso\DDMAXTOR\Perso\Archives Mails\Mail taff jusqu au 23 08 2002.ace=>?l?ments envoy?s.dbx=>(message 556)=>[Subject: Re: Let's be friends][Date: Mon, 10 Jun 2002 18:02:47 +0200]=>(MIME part)=>(message body)

Disinfection failed

C:\Users\Mat\Documents\MATEO\Perso\DDMAXTOR\Perso\Archives Mails\Mail taff jusqu au 23 08 2002.ace=>?l?ments envoy?s.dbx=>(message 556)=>[Subject: Re: Let's be friends][Date: Mon, 10 Jun 2002 18:02:47 +0200]=>(MIME part)=>(message body)

Deleted

C:\Users\Mat\Documents\MATEO\Perso\DDMAXTOR\Perso\Archives Mails\Mail taff jusqu au 23 08 2002.ace=>?l?ments envoy?s.dbx=>(message 556)=>[Subject: Re: Let's be friends][Date: Mon, 10 Jun 2002 18:02:47 +0200]=>(MIME part)

Updated

C:\Users\Mat\Documents\MATEO\Perso\DDMAXTOR\Perso\Archives Mails\Mail taff jusqu au 23 08 2002.ace=>?l?ments envoy?s.dbx=>(message 556)

Updated

C:\Users\Mat\Documents\MATEO\Perso\DDMAXTOR\Perso\Archives Mails\Mail taff jusqu au 23 08 2002.ace=>?l?ments envoy?s.dbx

Update failed

C:\Users\Mat\Documents\MATEO\Perso\DDMAXTOR\Perso\Archives Mails\Mail taff jusqu au 23 08 2002.ace=>?l?ments envoy?s.dbx=>(message 734)=>[Subject: Re: A WinXP patch][Date: Tue, 30 Apr 2002 09:48:52 +0200]=>(MIME part)=>(message body)

Suspected of: Exploit.Iframe.Vulnerability

C:\Users\Mat\Documents\MATEO\Perso\DDMAXTOR\Perso\Archives Mails\Mail taff jusqu au 23 08 2002.ace=>?l?ments envoy?s.dbx=>(message 734)=>[Subject: Re: A WinXP patch][Date: Tue, 30 Apr 2002 09:48:52 +0200]=>(MIME part)=>(message body)

Disinfection failed

C:\Users\Mat\Documents\MATEO\Perso\DDMAXTOR\Perso\Archives Mails\Mail taff jusqu au 23 08 2002.ace=>?l?ments envoy?s.dbx=>(message 734)=>[Subject: Re: A WinXP patch][Date: Tue, 30 Apr 2002 09:48:52 +0200]=>(MIME part)=>(message body)

Deleted

C:\Users\Mat\Documents\MATEO\Perso\DDMAXTOR\Perso\Archives Mails\Mail taff jusqu au 23 08 2002.ace=>?l?ments envoy?s.dbx=>(message 734)=>[Subject: Re: A WinXP patch][Date: Tue, 30 Apr 2002 09:48:52 +0200]=>(MIME part)

Updated

C:\Users\Mat\Documents\MATEO\Perso\DDMAXTOR\Perso\Archives Mails\Mail taff jusqu au 23 08 2002.ace=>?l?ments envoy?s.dbx=>(message 734)

Updated

C:\Users\Mat\Documents\MATEO\Perso\DDMAXTOR\Perso\Archives Mails\Mail taff jusqu au 23 08 2002.ace=>?l?ments envoy?s.dbx

Update failed

0
Réponse 32 / 36
ep44 Messages postés 7432 Statut Contributeur 3
 
Bonsoir refais hijack pour vérif stp
@+
0
Réponse 33 / 36
bozol Messages postés 20 Statut Membre
 
Voici :-)

Logfile of HijackThis v1.99.1
Scan saved at 22:21:01, on 07/02/2008
Platform: Unknown Windows (WinNT 6.00.1904)
MSIE: Internet Explorer v7.00 (7.00.6000.16575)

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskeng.exe
C:\WINDOWS\System32\rundll32.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\WINDOWS\System32\rundll32.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
C:\Program Files\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe
C:\Program Files\Java\jre1.6.0\bin\jusched.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Hewlett-Packard\Shared\HpqToaster.exe
C:\Program Files\uTorrent\uTorrent.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Users\Mat\Desktop\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/webhp?gws_rd=ssl
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/...
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.hp.com/...
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {1E8A6170-7264-4D0F-BEAE-D42A53123C75} - c:\Program Files\Common Files\Symantec Shared\coShared\Browser\1.5\NppBho.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~3\Office12\GRA8E1~1.DLL
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0\bin\ssv.dll
O3 - Toolbar: Show Norton Toolbar - {90222687-F593-4738-B738-FBEE9C7B26DF} - c:\Program Files\Common Files\Symantec Shared\coShared\Browser\1.5\UIBHO.dll
O4 - HKLM\..\Run: [NvSvc] RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [SMSERIAL] C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [ccApp] "c:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [hpWirelessAssistant] %ProgramFiles%\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
O4 - HKLM\..\Run: [WAWifiMessage] %ProgramFiles%\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0\bin\jusched.exe"
O4 - HKLM\..\Run: [Symantec PIF AlertEng] "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" /a /m "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\AlertEng.dll"
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0\bin\ssv.dll
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O11 - Options group: [INTERNATIONAL] International*
O13 - Gopher Prefix:
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scan8/oscan8.cab
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~1\MICROS~3\Office12\GR99D3~1.DLL
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: ms-help - {314111C7-A502-11D2-BBCA-00C04F8EC294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Filter hijack: text/xml - {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Unknown owner - c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe" /h ccCommon (file missing)
O23 - Service: Symantec Settings Manager (ccSetMgr) - Unknown owner - c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe" /h ccCommon (file missing)
O23 - Service: CyberLink Background Capture Service (CBCS) (CLCapSvc) - Unknown owner - C:\Program Files\HP\QuickPlay\Kernel\TV\CLCapSvc.exe
O23 - Service: CyberLink Task Scheduler (CTS) (CLSched) - Unknown owner - C:\Program Files\HP\QuickPlay\Kernel\TV\CLSched.exe
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Unknown owner - c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe" /h cltCommon (file missing)
O23 - Service: Com4Qlb - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4Qlb.exe
O23 - Service: COM Host (comHost) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\VAScanner\comHost.exe
O23 - Service: @%SystemRoot%\ehome\ehstart.dll,-101 (ehstart) - Unknown owner - %windir%\system32\svchost.exe (file missing)
O23 - Service: HP Health Check Service - Hewlett-Packard - C:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe
O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: Symantec IS Password Validation (ISPwdSvc) - Symantec Corporation - c:\Program Files\Norton Internet Security\isPwdSvc.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: LiveUpdate Notice Service Ex (LiveUpdate Notice Ex) - Unknown owner - c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe" /h ccCommon (file missing)
O23 - Service: LiveUpdate Notice Service - Unknown owner - C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" /m "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PifEng.dll (file missing)
O23 - Service: Planificateur LiveUpdate automatique - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
O23 - Service: @%SystemRoot%\system32\qwave.dll,-1 (QWAVE) - Unknown owner - %windir%\system32\svchost.exe (file missing)
O23 - Service: RoxMediaDB9 - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe
O23 - Service: @%SystemRoot%\system32\seclogon.dll,-7001 (seclogon) - Unknown owner - %windir%\system32\svchost.exe (file missing)
O23 - Service: stllssvr - MicroVision Development, Inc. - C:\Program Files\Common Files\SureThing Shared\stllssvr.exe
O23 - Service: Symantec Core LC - Unknown owner - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
O23 - Service: Symantec AppCore Service (SymAppCore) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\AppCore\AppSvc32.exe
O23 - Service: @%ProgramFiles%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - %ProgramFiles%\Windows Media Player\wmpnetwk.exe (file missing)

0
Réponse 34 / 36
ep44 Messages postés 7432 Statut Contributeur 3
 
ok trés bien si pus de soucis
Tu peux supprimer tous les logiciels que nous avons utilisés
va dans ajout/suppression de programes et dans programmes files
pour vérifier

ensuite fait ceci (IMPORTANT)

=démarrer
=panneau de configuration
=système
=onglet Restauration système
=coche la case (Désactiver la restauration système)
=redémarre l'ordinateur
=réactive la ensuite
0
Réponse 35 / 36
bozol Messages postés 20 Statut Membre
 
OK

Merci à toi !

A +
0
Réponse 36 / 36
ep44 Messages postés 7432 Statut Contributeur 3
 
;-)
0