Explorer redemare sans arret ke faire?
haomaru
-
hsresurection Messages postés 2 Statut Membre -
hsresurection Messages postés 2 Statut Membre -
Bonjour, ou plutot bonsoir en faite je viens de telecharger shock aero 3d pour avoir une vue 3d de mes fenetres et voila ke explorer disparait au debut au debut je me suis dit ke c surement du o redemarage nessaissaire apres l installaion mais apres le redemarage internet explorer se met a redemarer tt seul je n ai meme plus mes droits d acces administrateur on me dit ke ca ete verouille par l admin pourtant je suis le seul utilisateur de cet ordi ca commence a me stresser vu ke tout est devenu plus lent je dois tt le temps me servir des touches programees sur mon clav g lance avg 7.5 et il a trouve (trojan horse downloader .obfuskated) comment l eliminer sachant ke meme si je le fais avec avg il revient tjrs et l etat de mon ordi reste pitoyable sans occune amelioration kelk un pourrait t il m aider svp ????????
je travaille sur un p4 1.7 ;512mo de ram avec windows xp sp2 voici le log de hijack :
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 21:34:31, on 14/04/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\TGTSoft\StyleXP\StyleXPService.exe
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
C:\PROGRA~1\Grisoft\AVG7\avgemc.exe
C:\Program Files\OneStepSearch\onestep.exe
C:\WINDOWS\system32\svchost.exe
C:\PROGRA~1\SPEEDB~1\VideoAcceleratorService.exe
C:\PROGRA~1\SPEEDB~1\VideoAcceleratorEngine.exe
C:\PROGRA~1\Grisoft\AVG7\avgcc.exe
C:\WINDOWS\Mixer.exe
C:\Program Files\OneStepSearch\onestep.exe
C:\Program Files\DAP\DAP.EXE
C:\Program Files\Ringz Studio\Storm Codec\qttask.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
C:\Program Files\RocketDock\RocketDock.exe
C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe
C:\Program Files\TGTSoft\StyleXP\StyleXP.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\Program Files\Windows Media Player\wmplayer.exe
C:\Program Files\Adobe\Reader 8.0\Reader\AcroRd32.exe
C:\PROGRA~1\Grisoft\AVG7\avgwb.dat
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.update.microsoft.com/windowsupdate/v6/default.aspx
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = HS
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Favorites
R3 - URLSearchHook: (no name) - {00A6FAF6-072E-44cf-8957-5838F569A31D} - C:\Program Files\MyWebSearch\SrchAstt\1.bin\MWSSRCAS.DLL
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVG7\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [C-Media Mixer] Mixer.exe /startup
O4 - HKLM\..\Run: [StormCodec_Helper] "C:\Program Files\Ringz Studio\Storm Codec\StormSet.exe" /S /opti
O4 - HKLM\..\Run: [DownloadAccelerator] "C:\Program Files\DAP\DAP.EXE" /STARTUP
O4 - HKLM\..\Run: [BigDogPath] C:\WINDOWS\VM_STI.EXE Vimicro USB PC Camera (ZC0301PL)
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\Ringz Studio\Storm Codec\qttask.exe" -atboottime
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [RocketDock] "C:\Program Files\RocketDock\RocketDock.exe"
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [STYLEXP] C:\Program Files\TGTSoft\StyleXP\StyleXP.exe -Hide
O4 - HKLM\..\Policies\Explorer\Run: [eij0g0R3cs] C:\Documents and Settings\All Users.WINDOWS\Application Data\szcrobev\yvezslyv.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\RunOnce: [nlsf] cmd.exe /C move /Y "%SystemRoot%\System32\syssetub.dll" "%SystemRoot%\System32\syssetup.dll" (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-20\..\RunOnce: [nlsf] cmd.exe /C move /Y "%SystemRoot%\System32\syssetub.dll" "%SystemRoot%\System32\syssetup.dll" (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [nlsf] cmd.exe /C move /Y "%SystemRoot%\System32\syssetub.dll" "%SystemRoot%\System32\syssetup.dll" (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - HKUS\.DEFAULT\..\RunOnce: [nlsf] cmd.exe /C move /Y "%SystemRoot%\System32\syssetub.dll" "%SystemRoot%\System32\syssetup.dll" (User 'Default user')
O8 - Extra context menu item: &Clean Traces - C:\Program Files\DAP\Privacy Package\dapcleanerie.htm
O8 - Extra context menu item: &Download with &DAP - C:\Program Files\DAP\dapextie.htm
O8 - Extra context menu item: &Search - http://edits.mywebsearch.com/toolbaredits/menusearch.jhtml?p=ZSYYYYYYYYMA
O8 - Extra context menu item: Download &all with DAP - C:\Program Files\DAP\dapextie2.htm
O8 - Extra context menu item: Download with &FileFactory Turbo - C:\Program Files\FileFactory Turbo\Plugins\IE\FileFactoryIE.html
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Télécharger avec FlashGet - C:\PROGRA~1\FLASHGET\jc_link.htm
O8 - Extra context menu item: Télécharger tout avec FlashGet - C:\PROGRA~1\FLASHGET\jc_all.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_04\bin\npjpi150_04.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_04\bin\npjpi150_04.dll
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Page Analysis - {4FA30F6C-ABCD-3586-DCAB-40E23FB53737} - res://D:\IE Booster 2\ieb.dll/ieb2.ieb (file missing)
O9 - Extra 'Tools' menuitem: IE Booster Web Page Analyzer - {4FA30F6C-ABCD-3586-DCAB-40E23FB53737} - res://D:\IE Booster 2\ieb.dll/ieb2.ieb (file missing)
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: show/hide IEB Toolbar - {9BE4715D-8249-4f24-9ED6-3F3543A5A221} - (no file)
O9 - Extra 'Tools' menuitem: IE Booster Toolbar - {9BE4715D-8249-4f24-9ED6-3F3543A5A221} - (no file)
O9 - Extra button: HTML Detective - {E1C111F0-6DDA-4200-B93E-8CA7AFA58D86} - res://D:\IE Booster 2\ieb.dll/contextmenu.ieb (file missing)
O9 - Extra 'Tools' menuitem: IE Booster Interactive HTML Detective - {E1C111F0-6DDA-4200-B93E-8CA7AFA58D86} - res://D:\IE Booster 2\ieb.dll/contextmenu.ieb (file missing)
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O14 - IERESET.INF: START_PAGE_URL=https://www.google.com/?gws_rd=ssl
O16 - DPF: {05317530-B882-449D-9421-18D94FA3ED34} (OSInfo Control) - http://www.sis.com/ocis/OSInfo.cab
O16 - DPF: {16095503-786F-4097-AED6-5D567A26D760} (SiS_OCX Control) - http://www.sis.com/ocis/SiSAutodetectNT.cab
O16 - DPF: {1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} - http://ak.exe.imgfarm.com/images/nocache/funwebproducts/ei/SmileyCentralFWBInitialSetup1.0.0.15-3.cab
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/...
O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} (DivXBrowserPlugin Object) - http://download.divx.com/player/DivXBrowserPlugin.cab
O16 - DPF: {6A060448-60F9-11D5-A6CD-0002B31F7455} (ExentInf Class) -
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - https://www.trendmicro.com/en_us/forHome/products/housecall.html
O17 - HKLM\System\CCS\Services\Tcpip\..\{13B1FE8A-55CB-4AFB-B15B-097E0DE00303}: NameServer = 212.217.0.13 212.217.1.17
O17 - HKLM\System\CS3\Services\Tcpip\..\{13B1FE8A-55CB-4AFB-B15B-097E0DE00303}: NameServer = 212.217.0.13 212.217.1.17
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgemc.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: OneStep Search Service - OneStepSearch.net, Inc. - C:\Program Files\OneStepSearch\onestep.exe
O23 - Service: StyleXPService - Unknown owner - C:\Program Files\TGTSoft\StyleXP\StyleXPService.exe
O23 - Service: TuneUp Drive Defrag Service (TuneUp.Defrag) - TuneUp Software GmbH - C:\WINDOWS\System32\TuneUpDefragService.exe
O23 - Service: VideoAcceleratorService - Speedbit Ltd. - C:\PROGRA~1\SPEEDB~1\VideoAcceleratorService.exe
je travaille sur un p4 1.7 ;512mo de ram avec windows xp sp2 voici le log de hijack :
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 21:34:31, on 14/04/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\TGTSoft\StyleXP\StyleXPService.exe
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
C:\PROGRA~1\Grisoft\AVG7\avgemc.exe
C:\Program Files\OneStepSearch\onestep.exe
C:\WINDOWS\system32\svchost.exe
C:\PROGRA~1\SPEEDB~1\VideoAcceleratorService.exe
C:\PROGRA~1\SPEEDB~1\VideoAcceleratorEngine.exe
C:\PROGRA~1\Grisoft\AVG7\avgcc.exe
C:\WINDOWS\Mixer.exe
C:\Program Files\OneStepSearch\onestep.exe
C:\Program Files\DAP\DAP.EXE
C:\Program Files\Ringz Studio\Storm Codec\qttask.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
C:\Program Files\RocketDock\RocketDock.exe
C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe
C:\Program Files\TGTSoft\StyleXP\StyleXP.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\Program Files\Windows Media Player\wmplayer.exe
C:\Program Files\Adobe\Reader 8.0\Reader\AcroRd32.exe
C:\PROGRA~1\Grisoft\AVG7\avgwb.dat
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.update.microsoft.com/windowsupdate/v6/default.aspx
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = HS
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Favorites
R3 - URLSearchHook: (no name) - {00A6FAF6-072E-44cf-8957-5838F569A31D} - C:\Program Files\MyWebSearch\SrchAstt\1.bin\MWSSRCAS.DLL
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVG7\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [C-Media Mixer] Mixer.exe /startup
O4 - HKLM\..\Run: [StormCodec_Helper] "C:\Program Files\Ringz Studio\Storm Codec\StormSet.exe" /S /opti
O4 - HKLM\..\Run: [DownloadAccelerator] "C:\Program Files\DAP\DAP.EXE" /STARTUP
O4 - HKLM\..\Run: [BigDogPath] C:\WINDOWS\VM_STI.EXE Vimicro USB PC Camera (ZC0301PL)
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\Ringz Studio\Storm Codec\qttask.exe" -atboottime
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [RocketDock] "C:\Program Files\RocketDock\RocketDock.exe"
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [STYLEXP] C:\Program Files\TGTSoft\StyleXP\StyleXP.exe -Hide
O4 - HKLM\..\Policies\Explorer\Run: [eij0g0R3cs] C:\Documents and Settings\All Users.WINDOWS\Application Data\szcrobev\yvezslyv.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\RunOnce: [nlsf] cmd.exe /C move /Y "%SystemRoot%\System32\syssetub.dll" "%SystemRoot%\System32\syssetup.dll" (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-20\..\RunOnce: [nlsf] cmd.exe /C move /Y "%SystemRoot%\System32\syssetub.dll" "%SystemRoot%\System32\syssetup.dll" (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [nlsf] cmd.exe /C move /Y "%SystemRoot%\System32\syssetub.dll" "%SystemRoot%\System32\syssetup.dll" (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - HKUS\.DEFAULT\..\RunOnce: [nlsf] cmd.exe /C move /Y "%SystemRoot%\System32\syssetub.dll" "%SystemRoot%\System32\syssetup.dll" (User 'Default user')
O8 - Extra context menu item: &Clean Traces - C:\Program Files\DAP\Privacy Package\dapcleanerie.htm
O8 - Extra context menu item: &Download with &DAP - C:\Program Files\DAP\dapextie.htm
O8 - Extra context menu item: &Search - http://edits.mywebsearch.com/toolbaredits/menusearch.jhtml?p=ZSYYYYYYYYMA
O8 - Extra context menu item: Download &all with DAP - C:\Program Files\DAP\dapextie2.htm
O8 - Extra context menu item: Download with &FileFactory Turbo - C:\Program Files\FileFactory Turbo\Plugins\IE\FileFactoryIE.html
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Télécharger avec FlashGet - C:\PROGRA~1\FLASHGET\jc_link.htm
O8 - Extra context menu item: Télécharger tout avec FlashGet - C:\PROGRA~1\FLASHGET\jc_all.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_04\bin\npjpi150_04.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_04\bin\npjpi150_04.dll
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Page Analysis - {4FA30F6C-ABCD-3586-DCAB-40E23FB53737} - res://D:\IE Booster 2\ieb.dll/ieb2.ieb (file missing)
O9 - Extra 'Tools' menuitem: IE Booster Web Page Analyzer - {4FA30F6C-ABCD-3586-DCAB-40E23FB53737} - res://D:\IE Booster 2\ieb.dll/ieb2.ieb (file missing)
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: show/hide IEB Toolbar - {9BE4715D-8249-4f24-9ED6-3F3543A5A221} - (no file)
O9 - Extra 'Tools' menuitem: IE Booster Toolbar - {9BE4715D-8249-4f24-9ED6-3F3543A5A221} - (no file)
O9 - Extra button: HTML Detective - {E1C111F0-6DDA-4200-B93E-8CA7AFA58D86} - res://D:\IE Booster 2\ieb.dll/contextmenu.ieb (file missing)
O9 - Extra 'Tools' menuitem: IE Booster Interactive HTML Detective - {E1C111F0-6DDA-4200-B93E-8CA7AFA58D86} - res://D:\IE Booster 2\ieb.dll/contextmenu.ieb (file missing)
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O14 - IERESET.INF: START_PAGE_URL=https://www.google.com/?gws_rd=ssl
O16 - DPF: {05317530-B882-449D-9421-18D94FA3ED34} (OSInfo Control) - http://www.sis.com/ocis/OSInfo.cab
O16 - DPF: {16095503-786F-4097-AED6-5D567A26D760} (SiS_OCX Control) - http://www.sis.com/ocis/SiSAutodetectNT.cab
O16 - DPF: {1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} - http://ak.exe.imgfarm.com/images/nocache/funwebproducts/ei/SmileyCentralFWBInitialSetup1.0.0.15-3.cab
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/...
O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} (DivXBrowserPlugin Object) - http://download.divx.com/player/DivXBrowserPlugin.cab
O16 - DPF: {6A060448-60F9-11D5-A6CD-0002B31F7455} (ExentInf Class) -
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - https://www.trendmicro.com/en_us/forHome/products/housecall.html
O17 - HKLM\System\CCS\Services\Tcpip\..\{13B1FE8A-55CB-4AFB-B15B-097E0DE00303}: NameServer = 212.217.0.13 212.217.1.17
O17 - HKLM\System\CS3\Services\Tcpip\..\{13B1FE8A-55CB-4AFB-B15B-097E0DE00303}: NameServer = 212.217.0.13 212.217.1.17
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgemc.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: OneStep Search Service - OneStepSearch.net, Inc. - C:\Program Files\OneStepSearch\onestep.exe
O23 - Service: StyleXPService - Unknown owner - C:\Program Files\TGTSoft\StyleXP\StyleXPService.exe
O23 - Service: TuneUp Drive Defrag Service (TuneUp.Defrag) - TuneUp Software GmbH - C:\WINDOWS\System32\TuneUpDefragService.exe
O23 - Service: VideoAcceleratorService - Speedbit Ltd. - C:\PROGRA~1\SPEEDB~1\VideoAcceleratorService.exe
A voir également:
- Explorer redemare sans arret ke faire?
- Explorer patcher - Télécharger - Personnalisation
- Internet explorer - Guide
- Internet explorer 11 - Télécharger - Navigateurs
- Internet explorer 8 - Télécharger - Navigateurs
- Process explorer - Télécharger - Informations & Diagnostic
1 réponse
A supprimer:
C:\Program Files\OneStepSearch\onestep.exe
C:\Program Files\OneStepSearch\onestep.exe
R3 - URLSearchHook: (no name) - {00A6FAF6-072E-44cf-8957-5838F569A31D} - C:\Program Files\MyWebSearch\SrchAstt\1.bin\MWSSRCAS.DLL
O4 - HKLM\..\Policies\Explorer\Run: [eij0g0R3cs] C:\Documents and Settings\All Users.WINDOWS\Application Data\szcrobev\yvezslyv.exe
O4 - HKUS\S-1-5-19\..\RunOnce: [nlsf] cmd.exe /C move /Y "%SystemRoot%\System32\syssetub.dll" "%SystemRoot%\System32\syssetup.dll" (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\RunOnce: [nlsf] cmd.exe /C move /Y "%SystemRoot%\System32\syssetub.dll" "%SystemRoot%\System32\syssetup.dll" (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\RunOnce: [nlsf] cmd.exe /C move /Y "%SystemRoot%\System32\syssetub.dll" "%SystemRoot%\System32\syssetup.dll" (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\RunOnce: [nlsf] cmd.exe /C move /Y "%SystemRoot%\System32\syssetub.dll" "%SystemRoot%\System32\syssetup.dll" (User 'Default user')
O8 - Extra context menu item: &Search - http://edits.mywebsearch.com/toolbaredits/menusearch.jhtml?p=ZSYYYYYYYYMA
O9 - Extra button: Page Analysis - {4FA30F6C-ABCD-3586-DCAB-40E23FB53737} - res://D:\IE Booster 2\ieb.dll/ieb2.ieb (file missing)
O9 - Extra 'Tools' menuitem: IE Booster Web Page Analyzer - {4FA30F6C-ABCD-3586-DCAB-40E23FB53737} - res://D:\IE Booster 2\ieb.dll/ieb2.ieb (file missing)
O9 - Extra button: show/hide IEB Toolbar - {9BE4715D-8249-4f24-9ED6-3F3543A5A221} - (no file)
O9 - Extra 'Tools' menuitem: IE Booster Toolbar - {9BE4715D-8249-4f24-9ED6-3F3543A5A221} - (no file)
O9 - Extra button: HTML Detective - {E1C111F0-6DDA-4200-B93E-8CA7AFA58D86} - res://D:\IE Booster 2\ieb.dll/contextmenu.ieb (file missing)
O9 - Extra 'Tools' menuitem: IE Booster Interactive HTML Detective - {E1C111F0-6DDA-4200-B93E-8CA7AFA58D86} - res://D:\IE Booster 2\ieb.dll/contextmenu.ieb (file missing)
O16 - DPF: {1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} - http://ak.exe.imgfarm.com/
O23 - Service: OneStep Search Service - OneStepSearch.net, Inc. - C:\Program Files\OneStepSearch\onestep.exe
***
En complément:
Télécharge Dr.Web CureIt! ici: ftp://ftp.drweb.com/pub/drweb/cureit/cureit.exe
Redémarre ton pc en mode sans échec.
aide pour le mode sans échec
:"http://assiste.com.free.fr/... "
http://www.vista-xp.fr/forum/topic93.html
Lance Dr.Web CureIt!, accepte une analyse rapide, et répare/supprime les virus trouvés,
et effectue ensuite une analyse compléte, avec réparation/suppression des virus trouvés.
Redémarre ton pc avec ta session habituelle.
***
C:\Program Files\OneStepSearch\onestep.exe
C:\Program Files\OneStepSearch\onestep.exe
R3 - URLSearchHook: (no name) - {00A6FAF6-072E-44cf-8957-5838F569A31D} - C:\Program Files\MyWebSearch\SrchAstt\1.bin\MWSSRCAS.DLL
O4 - HKLM\..\Policies\Explorer\Run: [eij0g0R3cs] C:\Documents and Settings\All Users.WINDOWS\Application Data\szcrobev\yvezslyv.exe
O4 - HKUS\S-1-5-19\..\RunOnce: [nlsf] cmd.exe /C move /Y "%SystemRoot%\System32\syssetub.dll" "%SystemRoot%\System32\syssetup.dll" (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\RunOnce: [nlsf] cmd.exe /C move /Y "%SystemRoot%\System32\syssetub.dll" "%SystemRoot%\System32\syssetup.dll" (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\RunOnce: [nlsf] cmd.exe /C move /Y "%SystemRoot%\System32\syssetub.dll" "%SystemRoot%\System32\syssetup.dll" (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\RunOnce: [nlsf] cmd.exe /C move /Y "%SystemRoot%\System32\syssetub.dll" "%SystemRoot%\System32\syssetup.dll" (User 'Default user')
O8 - Extra context menu item: &Search - http://edits.mywebsearch.com/toolbaredits/menusearch.jhtml?p=ZSYYYYYYYYMA
O9 - Extra button: Page Analysis - {4FA30F6C-ABCD-3586-DCAB-40E23FB53737} - res://D:\IE Booster 2\ieb.dll/ieb2.ieb (file missing)
O9 - Extra 'Tools' menuitem: IE Booster Web Page Analyzer - {4FA30F6C-ABCD-3586-DCAB-40E23FB53737} - res://D:\IE Booster 2\ieb.dll/ieb2.ieb (file missing)
O9 - Extra button: show/hide IEB Toolbar - {9BE4715D-8249-4f24-9ED6-3F3543A5A221} - (no file)
O9 - Extra 'Tools' menuitem: IE Booster Toolbar - {9BE4715D-8249-4f24-9ED6-3F3543A5A221} - (no file)
O9 - Extra button: HTML Detective - {E1C111F0-6DDA-4200-B93E-8CA7AFA58D86} - res://D:\IE Booster 2\ieb.dll/contextmenu.ieb (file missing)
O9 - Extra 'Tools' menuitem: IE Booster Interactive HTML Detective - {E1C111F0-6DDA-4200-B93E-8CA7AFA58D86} - res://D:\IE Booster 2\ieb.dll/contextmenu.ieb (file missing)
O16 - DPF: {1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} - http://ak.exe.imgfarm.com/
O23 - Service: OneStep Search Service - OneStepSearch.net, Inc. - C:\Program Files\OneStepSearch\onestep.exe
***
En complément:
Télécharge Dr.Web CureIt! ici: ftp://ftp.drweb.com/pub/drweb/cureit/cureit.exe
Redémarre ton pc en mode sans échec.
aide pour le mode sans échec
:"http://assiste.com.free.fr/... "
http://www.vista-xp.fr/forum/topic93.html
Lance Dr.Web CureIt!, accepte une analyse rapide, et répare/supprime les virus trouvés,
et effectue ensuite une analyse compléte, avec réparation/suppression des virus trouvés.
Redémarre ton pc avec ta session habituelle.
***
hsresurection
Messages postés
2
Statut
Membre
merci beaucoup darkcrystal33 tt a marché a la perfection je suis vraiment tres heureux de m etre inscrit sur ce site mais je voulais te demander comment tu fais pour savoir ce ki doit etre suprime et ce ki ne doit pas l etre sur hijack ? :)
