Files secure pour les nul
ruffus25
Messages postés
22
Statut
Membre
-
Utilisateur anonyme -
Utilisateur anonyme -
Bonjour,
bon je suis nul je l avou j ai recu un avertissement de securite et ja i clique dessus et voila files secure installe sur mon ordinateur impossible de le desinstaller j ai tout essayer quelqu un peu m aider?
je me dois absolument d enlever sa cart a chaque fois que jouvre une page que ce sois internet ou document un avertissement apparait sans arret me disant de cliquer sur ok pour telecharger le logiciel qui enleveras ce trojan non identifier meme mon anti virus internet secuuriity de karpeski ne semble rien pouvoir y faire alors je solicite votre aide svp
j utilise windows vista internet explorer 7 et je suis vraiment nul et nouveau en informtique alors si vous pouviez simplifier vos reponse au maximum pour que je comprenne svp
bon je suis nul je l avou j ai recu un avertissement de securite et ja i clique dessus et voila files secure installe sur mon ordinateur impossible de le desinstaller j ai tout essayer quelqu un peu m aider?
je me dois absolument d enlever sa cart a chaque fois que jouvre une page que ce sois internet ou document un avertissement apparait sans arret me disant de cliquer sur ok pour telecharger le logiciel qui enleveras ce trojan non identifier meme mon anti virus internet secuuriity de karpeski ne semble rien pouvoir y faire alors je solicite votre aide svp
j utilise windows vista internet explorer 7 et je suis vraiment nul et nouveau en informtique alors si vous pouviez simplifier vos reponse au maximum pour que je comprenne svp
A voir également:
- Files secure pour les nul
- Tableau croisé dynamique pour les nuls - Guide
- Freewifi secure sur pc ✓ - Forum WiFi
- Usb secure - Télécharger - Sécurité
- Recover my files pc - Télécharger - Récupération de données
- Freewiifi secure sur pc ✓ - Forum Opérateurs & Réseaux mobiles
15 réponses
Bonjour
Fais ceci pour commencer et indique nous les anti-spywares que tu as.
Télécharge HijackThis :
---> http://www.trendsecure.com/portal/en-US/threat_analytics/HiJackThis.exe
Installe le dans son propre dossier :
- clic droit sur le bureau, tu choisis "nouveau dossier" puis installe-le à l'intérieur.
Fais un clic droit sur Hijackthis, choisis "renommer" puis marque ceci : abcde.exe
Double-clic sur HijackThis. Clic sur "I Accept" puis clic sur "do a system scan and save logfile"
Puis copie et colle ici le rapport qu'il va te générer.
Démo pour HijackThis si besoin :
http://pageperso.aol.fr/balltrap34/demohijack.htm
Fais ceci pour commencer et indique nous les anti-spywares que tu as.
Télécharge HijackThis :
---> http://www.trendsecure.com/portal/en-US/threat_analytics/HiJackThis.exe
Installe le dans son propre dossier :
- clic droit sur le bureau, tu choisis "nouveau dossier" puis installe-le à l'intérieur.
Fais un clic droit sur Hijackthis, choisis "renommer" puis marque ceci : abcde.exe
Double-clic sur HijackThis. Clic sur "I Accept" puis clic sur "do a system scan and save logfile"
Puis copie et colle ici le rapport qu'il va te générer.
Démo pour HijackThis si besoin :
http://pageperso.aol.fr/balltrap34/demohijack.htm
Salut!
Tu peux suivre ce tutoriel en Anglais, il te dis comment se débarrasser de FileSecure manuellement. J'te le conseil vivement, afin de savoir comment supprimé, pour la prochaine fois, un virus manuellement et ce tutoriel améliorera ton Anglais aussi.
http://www.enigmasoftware.com/support/files-secure-removal-guide/ :P
Tu peux suivre ce tutoriel en Anglais, il te dis comment se débarrasser de FileSecure manuellement. J'te le conseil vivement, afin de savoir comment supprimé, pour la prochaine fois, un virus manuellement et ce tutoriel améliorera ton Anglais aussi.
http://www.enigmasoftware.com/support/files-secure-removal-guide/ :P
malheureusement je fais ce que tu dis exepte que le premier fichier mentionner dans ton tutoriel est secure.exe pis je ne le vois absolument pas dans la liste je fais quoi
C'est ce tuto que tu dois suivre! :P
Files Secure Manual Removal Instructions
To learn the Files Secure manual removal process, read the step-by-step instructions provided on this section.
Use Caution! Please read the instructions below carefully. Manual removal of Files Secure is a delicate procedure. Proceed at your own risk.
Make sure you backup your system and close all open Internet Explorer windows before you manually remove Files Secure.
To manually remove Files Secure, follow these removal steps:
Step #1: How to Kill Files Secure files using Process Explorer.
* 1a. How to Kill Files Secure processes.
1. Download and install Process Explorer.
2. Open Process Explorer.
3. Locate the Files Secure processes listed below.
4. To kill an Files Secure process, right-click the Files Secure process and choose the option “Kill Process Tree”.
5. Kill the following Files Secure processes:
secure.exe
* 1b. How to Kill Files Secure DLL files.
1. Right-click the Explorer.exe process and choose the option “Properties”.
2. Click on the “Threads” Tab, locate and highlight the Files Secure DLL files listed below.
3. To kill Files Secure DLL files, click the “Kill” button.
4. Kill the following Files Secure DLL files:
oggview.dll
* Step #2: How to Delete Files Secure Registry Keys and Values.
1. Right-click on your Desktop > select “New” option > select “Text Document” (.txt file) option.
2. Rename the .txt file as a .reg file and call it “Delete_Registry_
Files Secure_3.8_Entities.reg”. This renamed .reg file is a command that creates a shortcut to your Windows registry and allows you to easily delete registry values.
3. Right-click and select the “Edit” option.
4. Copy and paste the Files Secure keys listed below.
5. In the menu bar, go to “File” > select “Save” > then click the “X” button to close the file.
6. Double-click on the .reg file.
7. When the message box appears saying “Are you sure you want to add the information in C:\DOCUME~1\%username%\Desktop\DELETE~1.REG to the registry?”, click the “Yes” button.
8. When the message box appears saying “Information in C:\DOCUME~1\%username%
\Desktop\DELETE~1.REG has been successfully entered into the registry.”, click the “OK” button.
9. The Files Secure registry keys have been deleted from your registry.
10. Copy and paste the following Files Secure keys:
Windows Registry Editor Version 5.00
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{90F39E5A-1C6C-4597-8B59-9AED38E88387}]
* Step #3: How to Delete Files Secure Directories.
1. To locate Files Secure directories, go to “Start” > “My Computer” > “Local Disk (C:)” > “Program Files” > “Show the contents of this folder”.
2. Search and delete the Files Secure directories listed below.
3. Right-click on the Files Secure folder and select “Delete”. option.
4. When the message box appears saying “Are you sure you want to remove the folder [FOLDERNAME] and move all its contents to the Recycle Bin?”, click the “Yes” button.
5. When the message box appears saying “Renaming, moving or deleting [FOLDERNAME] could make some programs not work. Are you sure you want to do this?”, click the “Yes” button.
6. Search and delete the following Files Secure directories:
Files-Secure
* Step #4: How to Search and Delete C:\WINDOWS\System32\oggview.dll.
1. Go back to “Local Disk (C:)” > “Windows” > “System32″ > “Show the contents of this folder”.
2. Search for oggview.dll.
3. Right-click on the oggview.dll file and select the “Delete” option.
* Step #5: How to Restore Original Default Home Page.
1. Go to “Start” > “Control Panel” > “Internet Options”.
2. Click on the General Tab > click the Use Default button under Home Page.
3. Click “Apply” and then click the “OK” button.
4. Open a Web browser to verify that your default homepage has been restored.
Step #6: How to Remove the Files Secure Icons.
1. If the Files Secure icons still remain on your Desktop, you can drag and drop them to the “Recycle Bin”.
2. Reboot your computer to make sure all changes made for the removal of Files Secure are complete. If your computer still has issues, you should scan your computer for Files Secure with a spyware scanner.
Congratulations!! You’ve completed our Files Secure manual removal tutorial.
Files Secure Manual Removal Instructions
To learn the Files Secure manual removal process, read the step-by-step instructions provided on this section.
Use Caution! Please read the instructions below carefully. Manual removal of Files Secure is a delicate procedure. Proceed at your own risk.
Make sure you backup your system and close all open Internet Explorer windows before you manually remove Files Secure.
To manually remove Files Secure, follow these removal steps:
Step #1: How to Kill Files Secure files using Process Explorer.
* 1a. How to Kill Files Secure processes.
1. Download and install Process Explorer.
2. Open Process Explorer.
3. Locate the Files Secure processes listed below.
4. To kill an Files Secure process, right-click the Files Secure process and choose the option “Kill Process Tree”.
5. Kill the following Files Secure processes:
secure.exe
* 1b. How to Kill Files Secure DLL files.
1. Right-click the Explorer.exe process and choose the option “Properties”.
2. Click on the “Threads” Tab, locate and highlight the Files Secure DLL files listed below.
3. To kill Files Secure DLL files, click the “Kill” button.
4. Kill the following Files Secure DLL files:
oggview.dll
* Step #2: How to Delete Files Secure Registry Keys and Values.
1. Right-click on your Desktop > select “New” option > select “Text Document” (.txt file) option.
2. Rename the .txt file as a .reg file and call it “Delete_Registry_
Files Secure_3.8_Entities.reg”. This renamed .reg file is a command that creates a shortcut to your Windows registry and allows you to easily delete registry values.
3. Right-click and select the “Edit” option.
4. Copy and paste the Files Secure keys listed below.
5. In the menu bar, go to “File” > select “Save” > then click the “X” button to close the file.
6. Double-click on the .reg file.
7. When the message box appears saying “Are you sure you want to add the information in C:\DOCUME~1\%username%\Desktop\DELETE~1.REG to the registry?”, click the “Yes” button.
8. When the message box appears saying “Information in C:\DOCUME~1\%username%
\Desktop\DELETE~1.REG has been successfully entered into the registry.”, click the “OK” button.
9. The Files Secure registry keys have been deleted from your registry.
10. Copy and paste the following Files Secure keys:
Windows Registry Editor Version 5.00
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{90F39E5A-1C6C-4597-8B59-9AED38E88387}]
* Step #3: How to Delete Files Secure Directories.
1. To locate Files Secure directories, go to “Start” > “My Computer” > “Local Disk (C:)” > “Program Files” > “Show the contents of this folder”.
2. Search and delete the Files Secure directories listed below.
3. Right-click on the Files Secure folder and select “Delete”. option.
4. When the message box appears saying “Are you sure you want to remove the folder [FOLDERNAME] and move all its contents to the Recycle Bin?”, click the “Yes” button.
5. When the message box appears saying “Renaming, moving or deleting [FOLDERNAME] could make some programs not work. Are you sure you want to do this?”, click the “Yes” button.
6. Search and delete the following Files Secure directories:
Files-Secure
* Step #4: How to Search and Delete C:\WINDOWS\System32\oggview.dll.
1. Go back to “Local Disk (C:)” > “Windows” > “System32″ > “Show the contents of this folder”.
2. Search for oggview.dll.
3. Right-click on the oggview.dll file and select the “Delete” option.
* Step #5: How to Restore Original Default Home Page.
1. Go to “Start” > “Control Panel” > “Internet Options”.
2. Click on the General Tab > click the Use Default button under Home Page.
3. Click “Apply” and then click the “OK” button.
4. Open a Web browser to verify that your default homepage has been restored.
Step #6: How to Remove the Files Secure Icons.
1. If the Files Secure icons still remain on your Desktop, you can drag and drop them to the “Recycle Bin”.
2. Reboot your computer to make sure all changes made for the removal of Files Secure are complete. If your computer still has issues, you should scan your computer for Files Secure with a spyware scanner.
Congratulations!! You’ve completed our Files Secure manual removal tutorial.
ces en plein celui la que j utilise mais si tu regarde le premier fichier demander a executer est secure.exe et celui ci n apparait pas dans la liste que me donne
Vous n’avez pas trouvé la réponse que vous recherchez ?
Posez votre question
désole sa ne fonctionne vraiment pas je ne reussis pas a trouver aucun fichier quelqu un peu me facilite la tache svp
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 01:00:06, on 2008-03-03
Platform: Windows Vista (WinNT 6.00.1904)
MSIE: Internet Explorer v7.00 (7.00.6000.16609)
Boot mode: Normal
Running processes:
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Windows Defender\MSASCui.exe
C:\hp\support\hpsysdrv.exe
C:\Program Files\Hewlett-Packard\On-Screen OSD Indicator\OSD.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
C:\Windows\RtHDVCpl.exe
C:\Windows\System32\mobsync.exe
C:\Program Files\HP\HP Software Update\hpwuSchd2.exe
C:\Windows\system32\schtasks.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE
C:\Windows\system32\igfxsrvc.exe
C:\Program Files\ScanSoft\OmniPageSE4\OpWareSE4.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe
C:\Windows\ehome\ehmsas.exe
C:\Program Files\BitComet\BitComet.exe
C:\hp\kbd\kbd.exe
C:\Program Files\Internet Explorer\ieuser.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\Users\Ghylaine\Desktop\bug\abcde.exe.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.sympatico.ca/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/...
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.hp.com/...
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: BitComet ClickCapture - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - C:\Program Files\BitComet\tools\BitCometBHO_1.2.1.2.dll
O2 - BHO: NCO 2.0 IE BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - (no file)
O2 - BHO: Windows Media Player - {61FEBF12-793B-4D8A-8513-D1814FE2A395} - C:\Windows\wmpdxm.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: (no name) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - (no file)
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [hpsysdrv] c:\hp\support\hpsysdrv.exe
O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KbdStub.EXE
O4 - HKLM\..\Run: [OsdMaestro] "C:\Program Files\Hewlett-Packard\On-Screen OSD Indicator\OSD.exe"
O4 - HKLM\..\Run: [IAAnotif] "C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe"
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [HP Health Check Scheduler] [ProgramFilesFolder]Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [SunJavaUpdateReg] "C:\Windows\system32\jureg.exe"
O4 - HKLM\..\Run: [HP Software Update] c:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [IgfxTray] C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [CanonSolutionMenu] C:\Program Files\Canon\SolutionMenu\CNSLMAIN.exe /logon
O4 - HKLM\..\Run: [CanonMyPrinter] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe /logon
O4 - HKLM\..\Run: [SSBkgdUpdate] "C:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Embedding -boot
O4 - HKLM\..\Run: [OpwareSE4] "C:\Program Files\ScanSoft\OmniPageSE4\OpwareSE4.exe"
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [AVP] "C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe"
O4 - HKLM\..\RunOnce: [Launcher] %WINDIR%\SMINST\launcher.exe
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [LightScribe Control Panel] C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe -hidden
O4 - HKUS\S-1-5-18\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background (User 'Default user')
O8 - Extra context menu item: &D&ownload &with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddLink.htm
O8 - Extra context menu item: &D&ownload all video with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddVideo.htm
O8 - Extra context menu item: &D&ownload all with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddAllLink.htm
O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: Add to Windows &Live Favorites - https://onedrive.live.com/?id=favorites
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra button: Statistiques d’Anti-Virus Internet - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\SCIEPlgn.dll
O9 - Extra button: BitComet - {D18A0B52-D63C-4ed0-AFC6-C1E3DC1AF43A} - res://C:\Program Files\BitComet\tools\BitCometBHO_1.2.1.2.dll/206 (file missing)
O13 - Gopher Prefix:
O16 - DPF: {BDBDE413-7B1C-4C68-A8FF-C5B2B4090876} (F-Secure Online Scanner 3.3) - https://www.f-secure.com/en/home/support
O18 - Protocol: intu-ir2007 - {52BAEC6B-9405-46F9-A131-6D50720A3CC4} - C:\Program Files\ImpotRapide 2007\ic2007pp.dll
O20 - AppInit_DLLs: C:\PROGRA~1\KASPER~1\KASPER~1.0\r3hook.dll
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: Kaspersky Anti-Virus 7.0 (AVP) - Kaspersky Lab - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe
O23 - Service: HP Health Check Service - Hewlett-Packard - c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: PIXMA Extended Survey Program (IJPLMSVC) - Unknown owner - C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE
O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - c:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe
Scan saved at 01:00:06, on 2008-03-03
Platform: Windows Vista (WinNT 6.00.1904)
MSIE: Internet Explorer v7.00 (7.00.6000.16609)
Boot mode: Normal
Running processes:
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Windows Defender\MSASCui.exe
C:\hp\support\hpsysdrv.exe
C:\Program Files\Hewlett-Packard\On-Screen OSD Indicator\OSD.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
C:\Windows\RtHDVCpl.exe
C:\Windows\System32\mobsync.exe
C:\Program Files\HP\HP Software Update\hpwuSchd2.exe
C:\Windows\system32\schtasks.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE
C:\Windows\system32\igfxsrvc.exe
C:\Program Files\ScanSoft\OmniPageSE4\OpWareSE4.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe
C:\Windows\ehome\ehmsas.exe
C:\Program Files\BitComet\BitComet.exe
C:\hp\kbd\kbd.exe
C:\Program Files\Internet Explorer\ieuser.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\Users\Ghylaine\Desktop\bug\abcde.exe.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.sympatico.ca/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/...
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.hp.com/...
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: BitComet ClickCapture - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - C:\Program Files\BitComet\tools\BitCometBHO_1.2.1.2.dll
O2 - BHO: NCO 2.0 IE BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - (no file)
O2 - BHO: Windows Media Player - {61FEBF12-793B-4D8A-8513-D1814FE2A395} - C:\Windows\wmpdxm.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: (no name) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - (no file)
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [hpsysdrv] c:\hp\support\hpsysdrv.exe
O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KbdStub.EXE
O4 - HKLM\..\Run: [OsdMaestro] "C:\Program Files\Hewlett-Packard\On-Screen OSD Indicator\OSD.exe"
O4 - HKLM\..\Run: [IAAnotif] "C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe"
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [HP Health Check Scheduler] [ProgramFilesFolder]Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [SunJavaUpdateReg] "C:\Windows\system32\jureg.exe"
O4 - HKLM\..\Run: [HP Software Update] c:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [IgfxTray] C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [CanonSolutionMenu] C:\Program Files\Canon\SolutionMenu\CNSLMAIN.exe /logon
O4 - HKLM\..\Run: [CanonMyPrinter] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe /logon
O4 - HKLM\..\Run: [SSBkgdUpdate] "C:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Embedding -boot
O4 - HKLM\..\Run: [OpwareSE4] "C:\Program Files\ScanSoft\OmniPageSE4\OpwareSE4.exe"
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [AVP] "C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe"
O4 - HKLM\..\RunOnce: [Launcher] %WINDIR%\SMINST\launcher.exe
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [LightScribe Control Panel] C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe -hidden
O4 - HKUS\S-1-5-18\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background (User 'Default user')
O8 - Extra context menu item: &D&ownload &with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddLink.htm
O8 - Extra context menu item: &D&ownload all video with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddVideo.htm
O8 - Extra context menu item: &D&ownload all with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddAllLink.htm
O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: Add to Windows &Live Favorites - https://onedrive.live.com/?id=favorites
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra button: Statistiques d’Anti-Virus Internet - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\SCIEPlgn.dll
O9 - Extra button: BitComet - {D18A0B52-D63C-4ed0-AFC6-C1E3DC1AF43A} - res://C:\Program Files\BitComet\tools\BitCometBHO_1.2.1.2.dll/206 (file missing)
O13 - Gopher Prefix:
O16 - DPF: {BDBDE413-7B1C-4C68-A8FF-C5B2B4090876} (F-Secure Online Scanner 3.3) - https://www.f-secure.com/en/home/support
O18 - Protocol: intu-ir2007 - {52BAEC6B-9405-46F9-A131-6D50720A3CC4} - C:\Program Files\ImpotRapide 2007\ic2007pp.dll
O20 - AppInit_DLLs: C:\PROGRA~1\KASPER~1\KASPER~1.0\r3hook.dll
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: Kaspersky Anti-Virus 7.0 (AVP) - Kaspersky Lab - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe
O23 - Service: HP Health Check Service - Hewlett-Packard - c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: PIXMA Extended Survey Program (IJPLMSVC) - Unknown owner - C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE
O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - c:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe
Clic sur "démarrer," Ordianteur, Disque Local (C:), entre dans le dossier Windows, puis System32 cherche et supprime : (c'est rangé par ordre alphabétique)
- jureg.exe
- oggview.dll
- wmpdxm.dll
**Si un fichier/dossier persiste lors de la suppression fait ceci:
- Redémarre ton PC. Dès l'allumage de celui-ci tapote la touche F8 (ou F5 si F8 ne fonctionne pas), à l'écran qui va apparaître choisis "mode sans echec" attends un peu..
Puis va supprimer les fichiers/dossiers, vide ta corbeille et redémarre ton PC normalement.
* Ouvre HijackThis
Clic sur "open the misc tools section"
Clic sur "open uninstall manager"
Clic sur "Save list" dans la fenêtre qui va s'ouvrir enregistre le fichier à un endroit ou tu le retrouvera facilement.
Ensuite, fais un copier du texte qui y aura dans ce fichier puis colles le ici stp
*Télécharge et installe AVG anti-spyware : mets le à jour
Tu fais un scan complet de ton système, dès qu'il a fini.
Si il te trouve des espions,supprime les. Enregistre le rapport et colle le ici stp
AVG anti-spyware : reste gratuit après la période d'essai en français
----> https://www.01net.com/telecharger/
Si tu as besoin d'aide avec Ewido(devenu AVG-antispyware) regarde ce tutoriel:
--> http://kerio.probb.fr/Chasser-les-virus-et-spywares-de-votre-systeme-f1/Tutoriel-AVG-anti-spyware-anti-spyware-t701.htm
- jureg.exe
- oggview.dll
- wmpdxm.dll
**Si un fichier/dossier persiste lors de la suppression fait ceci:
- Redémarre ton PC. Dès l'allumage de celui-ci tapote la touche F8 (ou F5 si F8 ne fonctionne pas), à l'écran qui va apparaître choisis "mode sans echec" attends un peu..
Puis va supprimer les fichiers/dossiers, vide ta corbeille et redémarre ton PC normalement.
* Ouvre HijackThis
Clic sur "open the misc tools section"
Clic sur "open uninstall manager"
Clic sur "Save list" dans la fenêtre qui va s'ouvrir enregistre le fichier à un endroit ou tu le retrouvera facilement.
Ensuite, fais un copier du texte qui y aura dans ce fichier puis colles le ici stp
*Télécharge et installe AVG anti-spyware : mets le à jour
Tu fais un scan complet de ton système, dès qu'il a fini.
Si il te trouve des espions,supprime les. Enregistre le rapport et colle le ici stp
AVG anti-spyware : reste gratuit après la période d'essai en français
----> https://www.01net.com/telecharger/
Si tu as besoin d'aide avec Ewido(devenu AVG-antispyware) regarde ce tutoriel:
--> http://kerio.probb.fr/Chasser-les-virus-et-spywares-de-votre-systeme-f1/Tutoriel-AVG-anti-spyware-anti-spyware-t701.htm
salut est ce que c normal que je vois pas oggview et que wmpdxm.ddl me demande une autorisation pour suprimer?
autre chose a l endroit ou j ai supprimer jureg.exe il y avait aussi 2 autre fichier commencant pas ju et qui avait le mem icone que jureg a cote est ce que je les supprime eu aussi ? merci de ton temp et de tes reponse
Supprime simplement ce que je t'ai indiqué. Pour la suppression -> clic droit --> supprimer --> Oui
Si ça résiste suppressions en mdoe sans échec puis suite de la manipulation en mode normal :-)
Si ça résiste suppressions en mdoe sans échec puis suite de la manipulation en mode normal :-)
j ai reussi a effacer ton jureg.exe le oggview je ne le trouve pas et le wmpdxm.dll je reussis a l effacer a une place mais pas a l autre a l autre endroit meme en mode sans echec il me demande une autorisation pour supprimer je continue le processus quand meme?
Activation Assistant for the 2007 Microsoft Office suites
Ad-Aware 2007
Adobe Flash Player ActiveX
Adobe Reader 8.1.0 - Français
Assistant de connexion Windows Live
BitComet 0.99
Canon MP Navigator EX 1.0
Canon MP210 series
Canon My Printer
Canon Utilities Easy-PhotoPrint EX
Canon Utilities Solution Menu
CyberLink DVD Suite Deluxe
DivX Codec
DivX Content Uploader
DivX Converter
DivX Player
DivX Web Player
Extension de Windows Live Toolbar (Windows Live Toolbar)
Hewlett-Packard Active Check
Hewlett-Packard Asset Agent for Health Check
HP Customer Experience Enhancements
HP Customer Feedback
HP Easy Setup - Frontend
HP On-Screen Cap/Num/Scroll Lock Indicator
HP Photosmart Essential 2.5
HP Picasso Media Center Add-In
HP Update
ImpôtRapide 2007
Intel(R) Graphics Media Accelerator Driver
Intel(R) Matrix Storage Manager
iPod for Windows 2005-10-12
iTunes
Java(TM) SE Runtime Environment 6 Update 1
Kaspersky Anti-Virus 7.0
Kaspersky Anti-Virus 7.0
LabelPrint
LightScribe System Software 1.10.16.1
LightScribeTemplateLabeler
LimeWire 4.16.6
Menus intelligents (Windows Live Toolbar)
Microsoft Office PowerPoint Viewer 2007 (French)
Microsoft Visual C++ 2005 Redistributable
Microsoft Works
Module de compatibilité pour Microsoft Office System 2007
MpcStar 2.6
MSXML 4.0 SP2 (KB936181)
MSXML 4.0 SP2 (KB941833)
muvee autoProducer 6.1
Outils de diagnostic du matériel
PIXMA Extended Survey Program
Power2Go
PowerDirector
Python 2.5
QuickTime
Realtek High Definition Audio Driver
ScanSoft OmniPage SE 4
SimonT Hockey Simulator Support Files
Soft Data Fax Modem with SmartCP
Solution de clavier multimédia amélioré
Surligneur (Windows Live Toolbar)
WeatherBug Gadget
Windows Live Favorites pour Windows Live Toolbar
Windows Live installer
Windows Live Messenger
Windows Live Toolbar
Windows Live Toolbar
Yahoo! Toolbar
voici le resultat de hijackthis uninstall list la je fais ton avg anti spyware
Ad-Aware 2007
Adobe Flash Player ActiveX
Adobe Reader 8.1.0 - Français
Assistant de connexion Windows Live
BitComet 0.99
Canon MP Navigator EX 1.0
Canon MP210 series
Canon My Printer
Canon Utilities Easy-PhotoPrint EX
Canon Utilities Solution Menu
CyberLink DVD Suite Deluxe
DivX Codec
DivX Content Uploader
DivX Converter
DivX Player
DivX Web Player
Extension de Windows Live Toolbar (Windows Live Toolbar)
Hewlett-Packard Active Check
Hewlett-Packard Asset Agent for Health Check
HP Customer Experience Enhancements
HP Customer Feedback
HP Easy Setup - Frontend
HP On-Screen Cap/Num/Scroll Lock Indicator
HP Photosmart Essential 2.5
HP Picasso Media Center Add-In
HP Update
ImpôtRapide 2007
Intel(R) Graphics Media Accelerator Driver
Intel(R) Matrix Storage Manager
iPod for Windows 2005-10-12
iTunes
Java(TM) SE Runtime Environment 6 Update 1
Kaspersky Anti-Virus 7.0
Kaspersky Anti-Virus 7.0
LabelPrint
LightScribe System Software 1.10.16.1
LightScribeTemplateLabeler
LimeWire 4.16.6
Menus intelligents (Windows Live Toolbar)
Microsoft Office PowerPoint Viewer 2007 (French)
Microsoft Visual C++ 2005 Redistributable
Microsoft Works
Module de compatibilité pour Microsoft Office System 2007
MpcStar 2.6
MSXML 4.0 SP2 (KB936181)
MSXML 4.0 SP2 (KB941833)
muvee autoProducer 6.1
Outils de diagnostic du matériel
PIXMA Extended Survey Program
Power2Go
PowerDirector
Python 2.5
QuickTime
Realtek High Definition Audio Driver
ScanSoft OmniPage SE 4
SimonT Hockey Simulator Support Files
Soft Data Fax Modem with SmartCP
Solution de clavier multimédia amélioré
Surligneur (Windows Live Toolbar)
WeatherBug Gadget
Windows Live Favorites pour Windows Live Toolbar
Windows Live installer
Windows Live Messenger
Windows Live Toolbar
Windows Live Toolbar
Yahoo! Toolbar
voici le resultat de hijackthis uninstall list la je fais ton avg anti spyware
Garde celui-ci wmpdxm.dll qui semble être lié à Vista, j'regarderais ça de plus près plus tard.
* Vas dans ajouter/supprimer des programmes et désinstalle :
- Adobe Reader 8.1.0 - Français (mets le à jour ou désinstalle le)
- Java(TM) SE Runtime Environment 6 Update 1 (obsolète)
- Windows Live Toolbar (ne garde qu'une barre d'outil fais ton choix)
- Yahoo! Toolbar (ne garde qu'une barre d'outil fais ton choix)
* On verra ce que dit le rapport AVG anti-spywares ;-)
* Vas dans ajouter/supprimer des programmes et désinstalle :
- Adobe Reader 8.1.0 - Français (mets le à jour ou désinstalle le)
- Java(TM) SE Runtime Environment 6 Update 1 (obsolète)
- Windows Live Toolbar (ne garde qu'une barre d'outil fais ton choix)
- Yahoo! Toolbar (ne garde qu'une barre d'outil fais ton choix)
* On verra ce que dit le rapport AVG anti-spywares ;-)
