Sujet Précédent Sujet Suivant

Pub intempestive IE

Résolu
alex8276 -  
 alex8276 -
Bonjour,
suite ouveture de pub sur iE je voudrait suiivre la procedure ci dessous

http://www.commentcamarche.net/forum/affich 5539408 pub intempestive sous ie vista help me svp

est ce que je peut lancer la desinfection?

merci
A voir également:

51 réponses

Précédent
Réponse 21 / 51
geoffrey5 Messages postés 14008 Statut Contributeur sécurité 10
 
ok...maintenant refais un rapport hijackthis stp
0
Réponse 22 / 51
alex8276
 
dsl je me suis trompé ,voila le bon rapport

-----------------------[ Lop S&D 4.2.1-2 XP/Vista ]---------------------

[ Windows 'Longhorn' (NT 6.0) Workstation Build 6000 ]
[ USER : alex ] [ "C:\Lop SD" ] [ Selection : 1 ]
[ 05/06/2008 | 20:27:25,00 ] [ PC : PC-DE-ALEX ]
[ MAJ : 01-06-2008 | 15:51 ]
[ UAC => 0 ]

-------------[ Listing des dossiers dans Application Data ]------------

[23/01/2008|14:53] C:\Users\alex\AppData\Roaming\Adobe\Flash Player
[17/12/2007|16:34] C:\Users\alex\AppData\Roaming\Adobe\Linguistics
[14/12/2007|18:05] C:\Users\alex\AppData\Roaming\Adobe\Acrobat

[17/12/2007|16:37] C:\Users\alex\AppData\Roaming\Bitdefender\Desktop

[08/05/2008|02:15] C:\Users\alex\AppData\Roaming\CyberLink\PowerCinema
[08/05/2008|02:15] C:\Users\alex\AppData\Roaming\CyberLink\PowerDVD

[05/06/2008|08:48] C:\Users\alex\AppData\Roaming\Google\Local Search History

[14/12/2007|18:00] C:\Users\alex\AppData\Roaming\Hewlett-Packard\HP Software UI

[08/05/2008|02:15] C:\Users\alex\AppData\Roaming\HP\QuickPlay

[14/12/2007|18:05] C:\Users\alex\AppData\Roaming\Identities\{368968C5-CC37-4BE8-830B-2CF6C3E51E89}

[13/01/2008|22:41] C:\Users\alex\AppData\Roaming\InstallShield\ISEngine12.0

[05/06/2008|08:19] C:\Users\alex\AppData\Roaming\Macromedia\Flash Player

[31/05/2008|21:59] C:\Users\alex\AppData\Roaming\Microsoft\Templates
[16/05/2008|00:58] C:\Users\alex\AppData\Roaming\Microsoft\preuve
[30/04/2008|23:14] C:\Users\alex\AppData\Roaming\Microsoft\MSN Messenger
[18/04/2008|22:27] C:\Users\alex\AppData\Roaming\Microsoft\digital locker
[15/04/2008|22:36] C:\Users\alex\AppData\Roaming\Microsoft\Excel
[14/04/2008|02:28] C:\Users\alex\AppData\Roaming\Microsoft\Windows Live Photo Gallery
[13/04/2008|01:37] C:\Users\alex\AppData\Roaming\Microsoft\PowerPoint
[11/03/2008|16:15] C:\Users\alex\AppData\Roaming\Microsoft\Word
[02/03/2008|22:50] C:\Users\alex\AppData\Roaming\Microsoft\Office
[02/03/2008|22:50] C:\Users\alex\AppData\Roaming\Microsoft\CLView
[26/02/2008|01:00] C:\Users\alex\AppData\Roaming\Microsoft\HTML Help
[12/01/2008|03:25] C:\Users\alex\AppData\Roaming\Microsoft\UProof
[12/01/2008|02:55] C:\Users\alex\AppData\Roaming\Microsoft\Proof
[12/01/2008|02:51] C:\Users\alex\AppData\Roaming\Microsoft\Document Building Blocks
[12/01/2008|02:51] C:\Users\alex\AppData\Roaming\Microsoft\AddIns
[04/01/2008|17:44] C:\Users\alex\AppData\Roaming\Microsoft\Crypto
[03/01/2008|05:51] C:\Users\alex\AppData\Roaming\Microsoft\Sticky Notes
[03/01/2008|05:50] C:\Users\alex\AppData\Roaming\Microsoft\Speech
[26/12/2007|06:51] C:\Users\alex\AppData\Roaming\Microsoft\Windows
[26/12/2007|06:22] C:\Users\alex\AppData\Roaming\Microsoft\eHome
[19/12/2007|20:32] C:\Users\alex\AppData\Roaming\Microsoft\IdentityCRL
[19/12/2007|03:34] C:\Users\alex\AppData\Roaming\Microsoft\Windows Photo Gallery
[15/12/2007|00:16] C:\Users\alex\AppData\Roaming\Microsoft\Internet Explorer
[14/12/2007|18:52] C:\Users\alex\AppData\Roaming\Microsoft\MMC
[14/12/2007|18:05] C:\Users\alex\AppData\Roaming\Microsoft\SystemCertificates
[14/12/2007|18:05] C:\Users\alex\AppData\Roaming\Microsoft\Protect
[14/12/2007|18:00] C:\Users\alex\AppData\Roaming\Microsoft\CLR Security Config
[14/12/2007|17:57] C:\Users\alex\AppData\Roaming\Microsoft\Credentials

[03/01/2008|06:25] C:\Users\alex\AppData\Roaming\muvee Technologies\UserProfiles

[18/04/2008|02:25] C:\Users\alex\AppData\Roaming\Roxio\MediaManager9
[03/01/2008|06:17] C:\Users\alex\AppData\Roaming\Roxio\Dragon
[03/01/2008|06:05] C:\Users\alex\AppData\Roaming\Roxio\DVD
[03/01/2008|06:05] C:\Users\alex\AppData\Roaming\Roxio\VideoUI9
[03/01/2008|06:05] C:\Users\alex\AppData\Roaming\Roxio\MyDVD9
[20/12/2007|13:01] C:\Users\alex\AppData\Roaming\Roxio\RoxioCentral

[21/12/2007|17:30] C:\Users\alex\AppData\Roaming\SecuROM\UserData

[17/02/2008|03:24] C:\Users\alex\AppData\Roaming\Sports Interactive\Football Manager 2008

[27/01/2008|21:58] C:\Users\alex\AppData\Roaming\TomTom\HOME

[14/01/2008|14:42] C:\Users\alex\AppData\Roaming\vlc\cache

[01/01/2008|17:33] C:\Users\alex\AppData\Roaming\Yahoo!\Companion

----------------[ Tâches planifiées dans C:\Windows\tasks ]---------------

[05/06/2008 18:10][--ah-----] C:\Windows\tasks\User_Feed_Synchronization-{C5B28D2D-9119-4D96-B239-67FD9BF27DC1}.job
[05/06/2008 20:02][--ah-----] C:\Windows\tasks\SA.DAT
[05/06/2008 20:02][--a------] C:\Windows\tasks\SCHEDLGU.TXT

------[ Listing des dossiers dans C:\ProgramData ]------

[14/02/2008|06:44] C:\ProgramData\Adobe
[14/12/2007|17:56] C:\ProgramData\Application Data
[17/12/2007|16:37] C:\ProgramData\BitDefender
[14/12/2007|17:56] C:\ProgramData\Bureau
[05/07/2007|08:38] C:\ProgramData\CyberLink
[14/12/2007|17:56] C:\ProgramData\Documents
[14/12/2007|17:56] C:\ProgramData\Favoris
[05/07/2007|08:50] C:\ProgramData\Google
[05/07/2007|09:15] C:\ProgramData\Hewlett-Packard
[08/05/2008|02:15] C:\ProgramData\HP
[30/12/2007|17:19] C:\ProgramData\hpzinstall.log
[14/12/2007|18:13] C:\ProgramData\LightScribe
[14/12/2007|17:56] C:\ProgramData\Menu D‚marrer
[06/03/2008|00:12] C:\ProgramData\Messenger Plus!
[12/01/2008|02:39] C:\ProgramData\Microsoft
[14/05/2008|21:18] C:\ProgramData\Microsoft Help
[14/12/2007|17:56] C:\ProgramData\ModŠles
[03/01/2008|06:25] C:\ProgramData\muvee Technologies
[29/03/2008|00:33] C:\ProgramData\nurbthatthat.4cufu0q
[29/03/2008|00:32] C:\ProgramData\nurbthatthat.6rokjv7
[14/05/2008|17:45] C:\ProgramData\Roxio
[20/12/2007|13:01] C:\ProgramData\Sonic
[15/12/2007|02:06] C:\ProgramData\Symantec
[18/04/2008|02:34] C:\ProgramData\TEMP
[29/03/2008|00:34] C:\ProgramData\Time File Tick.1v4kmri
[07/04/2008|21:47] C:\ProgramData\TomTom
[18/02/2008|21:40] C:\ProgramData\WLInstaller
[01/01/2008|17:34] C:\ProgramData\Yahoo! Companion

---------------[ Listing des dossiers dans C:\Program Files ]--------------

[14/02/2008|06:43] C:\Program Files\Adobe
[05/07/2007|07:40] C:\Program Files\Apoint2K
[18/02/2008|21:10] C:\Program Files\Common Files
[05/06/2008|18:46] C:\Program Files\CONEXANT
[02/11/2006|14:50] C:\Program Files\desktop.ini
[21/12/2007|17:22] C:\Program Files\EA SPORTS
[05/07/2007|08:49] C:\Program Files\EasyBits
[30/12/2007|17:46] C:\Program Files\EasyBits For Kids
[28/04/2008|20:31] C:\Program Files\epson
[14/12/2007|17:56] C:\Program Files\Fichiers communs [C:\Program Files\Common Files]
[14/12/2007|22:53] C:\Program Files\Google
[05/07/2007|09:10] C:\Program Files\Hewlett-Packard
[30/12/2007|17:19] C:\Program Files\HP
[05/07/2007|08:59] C:\Program Files\HPQ
[07/04/2008|22:23] C:\Program Files\InstallShield Installation Information
[30/04/2008|09:06] C:\Program Files\Internet Explorer
[26/05/2008|17:50] C:\Program Files\Java
[05/06/2008|20:12] C:\Program Files\Lopxp
[12/04/2008|00:00] C:\Program Files\Messenger Plus! Live
[12/01/2008|04:03] C:\Program Files\Microsoft CAPICOM 2.1.0.2
[02/11/2006|14:37] C:\Program Files\Microsoft Games
[12/01/2008|02:41] C:\Program Files\Microsoft Office
[18/02/2008|21:19] C:\Program Files\Microsoft SQL Server Compact Edition
[12/01/2008|02:41] C:\Program Files\Microsoft Visual Studio
[12/01/2008|02:34] C:\Program Files\Microsoft Visual Studio 8
[12/01/2008|02:42] C:\Program Files\Microsoft Works
[12/01/2008|02:39] C:\Program Files\Microsoft.NET
[02/11/2006|14:42] C:\Program Files\Movie Maker
[12/01/2008|02:42] C:\Program Files\MSBuild
[02/11/2006|14:37] C:\Program Files\MSN
[14/12/2007|23:33] C:\Program Files\MSXML 4.0
[05/07/2007|08:55] C:\Program Files\muvee Technologies
[05/06/2008|20:05] C:\Program Files\Navilog1
[05/07/2007|08:33] C:\Program Files\NetWaiting
[05/07/2007|08:35] C:\Program Files\Realtek
[02/11/2006|14:37] C:\Program Files\Reference Assemblies
[05/07/2007|08:16] C:\Program Files\Roxio
[05/07/2007|08:51] C:\Program Files\Services en ligne
[17/12/2007|16:36] C:\Program Files\Softwin
[17/02/2008|03:07] C:\Program Files\Sports Interactive
[25/01/2008|02:14] C:\Program Files\TomTom DesktopSuite
[07/04/2008|21:47] C:\Program Files\TomTom HOME 2
[02/11/2006|15:01] C:\Program Files\Uninstall Information
[14/01/2008|14:26] C:\Program Files\VideoLAN
[02/11/2006|14:42] C:\Program Files\Windows Calendar
[02/11/2006|14:42] C:\Program Files\Windows Collaboration
[05/07/2007|08:24] C:\Program Files\Windows Defender
[02/11/2006|14:42] C:\Program Files\Windows Journal
[28/02/2008|04:02] C:\Program Files\Windows Live
[15/12/2007|00:07] C:\Program Files\Windows Mail
[15/12/2007|00:07] C:\Program Files\Windows Media Player
[14/12/2007|17:56] C:\Program Files\Windows NT
[02/11/2006|14:42] C:\Program Files\Windows Photo Gallery
[10/01/2008|00:44] C:\Program Files\Windows Sidebar
[10/03/2008|14:18] C:\Program Files\WinRAR
[01/01/2008|17:33] C:\Program Files\Yahoo!
[17/02/2008|03:10] C:\Program Files\Zero G Registry

------[ Listing des dossiers dans C:\Program Files\Common Files ]------

[14/02/2008|06:44] C:\Program Files\Common Files\Adobe
[12/01/2008|02:41] C:\Program Files\Common Files\DESIGNER
[05/07/2007|08:47] C:\Program Files\Common Files\HP
[05/07/2007|08:57] C:\Program Files\Common Files\InstallShield
[05/07/2007|09:14] C:\Program Files\Common Files\Java
[05/07/2007|08:59] C:\Program Files\Common Files\LightScribe
[30/04/2008|08:57] C:\Program Files\Common Files\microsoft shared
[05/07/2007|08:55] C:\Program Files\Common Files\muvee Technologies
[05/07/2007|08:15] C:\Program Files\Common Files\Roxio Shared
[02/11/2006|13:18] C:\Program Files\Common Files\Services
[17/12/2007|16:36] C:\Program Files\Common Files\Softwin
[05/07/2007|08:15] C:\Program Files\Common Files\Sonic Shared
[02/11/2006|13:18] C:\Program Files\Common Files\SpeechEngines
[05/07/2007|08:16] C:\Program Files\Common Files\SureThing Shared
[15/12/2007|02:06] C:\Program Files\Common Files\Symantec Shared
[15/12/2007|00:07] C:\Program Files\Common Files\System
[18/02/2008|21:19] C:\Program Files\Common Files\WindowsLiveInstaller

---------------------------[ Process ]--------------------------

... 67

... OK !

----------------------[ Recherche avec S_Lop ]---------------------

C:\ProgramData\Time File Tick.1v4kmri

-----------------[ Recherche de Fichiers / Dossiers Lop ]-----------------

Aucun fichier / dossier Lop trouvé !

----------------------[ Verification du Registre ]----------------------

..... OK !

--------------------[ Verification du fichier Hosts ]---------------------

Fichier Hosts PROPRE

----------------[ Recherche de fichiers avec Catchme ]-----------------

catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-06-05 20:28:14
Windows 6.0.6000 NTFS
scanning hidden processes ...
scanning hidden files ...
scan completed successfully
hidden processes: 0
hidden files: 0

--------------------[ Recherche d'autres infections ]---------------------

=> C:\Users\alex\Music\musique\Ma Citer Va Cracker 2Bal 2Neg - Ma 6T Va Craker.mp3

[F:3][D:2]-> C:\Users\alex\AppData\Local\Temp
[F:81][D:1]-> C:\Users\alex\AppData\Roaming\MICROS~1\Windows\Cookies
[F:841][D:20]-> C:\Users\alex\AppData\Local\MICROS~1\Windows\TEMPOR~1\content.IE5
[F:11][D:4]-> C:\$Recycle.Bin

[ UAC => 1 ]

--------------------[ Fin du rapport a 20:29:05,22 ]----------------------
0
Réponse 23 / 51
geoffrey5 Messages postés 14008 Statut Contributeur sécurité 10
 
Télécharge sur le bureau hijackthis : http://www.trendsecure.com/portal/en-US/_download/HiJackThis.exe

-une fois installé sur le bureau, le renommer scan.exe
-Double-clic dessus
- Clic sur "Do a system scan and save the log"
- copier le rapport, le coller dans la réponse
0
Réponse 24 / 51
alex8276
 
il est en anglais et je sais pas comment il marche

Peut tu m'expliquer stp?
0

Vous n’avez pas trouvé la réponse que vous recherchez ?

Posez votre question
Réponse 25 / 51
geoffrey5 Messages postés 14008 Statut Contributeur sécurité 10
 
c est expliqué en message 23 :

-une fois installé sur le bureau, le renommer scan.exe
-Double-clic dessus
- Clic sur "Do a system scan and save the log"
- copier le rapport, le coller dans la réponse
0
Réponse 26 / 51
alex8276
 
Logfile of HijackThis v1.99.1
Scan saved at 20:42:39, on 05/06/2008
Platform: Unknown Windows (WinNT 6.00.1904)
MSIE: Internet Explorer v7.00 (7.00.6000.16643)

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\Apoint2K\Apoint.exe
C:\Program Files\HP\QuickPlay\QPService.exe
C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe
C:\Program Files\Apoint2K\ApMsgFwd.exe
C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
C:\Program Files\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe
C:\Program Files\Apoint2K\Apntex.exe
C:\Program Files\HP\HP Software Update\hpwuSchd2.exe
C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
C:\Program Files\Softwin\BitDefender10\bdmcon.exe
C:\Program Files\Softwin\BitDefender10\bdagent.exe
C:\Program Files\HP\Digital Imaging\bin\HpqSRmon.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Windows\system32\igfxsrvc.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\TomTom HOME 2\HOMERunner.exe
C:\Windows\ehome\ehmsas.exe
C:\Program Files\Hewlett-Packard\Shared\HpqToaster.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Windows\system32\conime.exe
C:\Windows\explorer.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Users\alex\Desktop\HiJackThis\scan.exe.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://fr.yahoo.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://fr.yahoo.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://fr.yahoo.com/
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O1 - Hosts: ::1 localhost
O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~3\Office12\GRA8E1~1.DLL
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [Apoint] C:\Program Files\Apoint2K\Apoint.exe
O4 - HKLM\..\Run: [QPService] "C:\Program Files\HP\QuickPlay\QPService.exe"
O4 - HKLM\..\Run: [QlbCtrl] %ProgramFiles%\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start
O4 - HKLM\..\Run: [HP Health Check Scheduler] C:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe
O4 - HKLM\..\Run: [hpWirelessAssistant] %ProgramFiles%\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
O4 - HKLM\..\Run: [WAWifiMessage] %ProgramFiles%\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
O4 - HKLM\..\Run: [BDMCon] "C:\Program Files\Softwin\BitDefender10\bdmcon.exe" /reg
O4 - HKLM\..\Run: [BDAgent] "C:\Program Files\Softwin\BitDefender10\bdagent.exe"
O4 - HKLM\..\Run: [hpqSRMon] C:\Program Files\HP\Digital Imaging\bin\hpqSRMon.exe
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [IgfxTray] C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe
O4 - HKLM\..\RunOnce: [Launcher] %WINDIR%\SMINST\launcher.exe
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter
O4 - HKCU\..\Run: [LightScribe Control Panel] C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe -hidden
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [Speech Recognition] "C:\Windows\Speech\Common\sapisvr.exe" -SpeechUX -Startup
O4 - HKCU\..\Run: [TomTomHOME.exe] "C:\Program Files\TomTom HOME 2\HOMERunner.exe"
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O10 - Unknown file in Winsock LSP: c:\windows\system32\nlaapi.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\napinsp.dll
O11 - Options group: [INTERNATIONAL] International*
O13 - Gopher Prefix:
O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} (DivXBrowserPlugin Object) - http://download.divx.com/player/DivXBrowserPlugin.cab
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~1\MICROS~3\Office12\GR99D3~1.DLL
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL
O18 - Protocol: ms-help - {314111C7-A502-11D2-BBCA-00C04F8EC294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL
O18 - Protocol: wlmailhtml - {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Program Files\Windows Live\Mail\mailcomm.dll
O18 - Filter hijack: text/xml - {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL
O20 - Winlogon Notify: igfxcui - C:\Windows\SYSTEM32\igfxdev.dll
O23 - Service: BitDefender Scan Server (bdss) - Unknown owner - C:\Program Files\Common Files\Softwin\BitDefender Scan Server\bdss.exe" /service (file missing)
O23 - Service: Com4Qlb - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4Qlb.exe
O23 - Service: @%SystemRoot%\ehome\ehstart.dll,-101 (ehstart) - Unknown owner - %windir%\system32\svchost.exe (file missing)
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: HP Health Check Service - Hewlett-Packard - C:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe
O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: BitDefender Desktop Update Service (LIVESRV) - Unknown owner - C:\Program Files\Common Files\Softwin\BitDefender Update Service\livesrv.exe" /service (file missing)
O23 - Service: @%SystemRoot%\system32\qwave.dll,-1 (QWAVE) - Unknown owner - %windir%\system32\svchost.exe (file missing)
O23 - Service: RoxMediaDB9 - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe
O23 - Service: @%SystemRoot%\system32\seclogon.dll,-7001 (seclogon) - Unknown owner - %windir%\system32\svchost.exe (file missing)
O23 - Service: stllssvr - MicroVision Development, Inc. - C:\Program Files\Common Files\SureThing Shared\stllssvr.exe
O23 - Service: BitDefender Virus Shield (VSSERV) - Unknown owner - C:\Program Files\Softwin\BitDefender10\vsserv.exe" /service (file missing)
O23 - Service: @%ProgramFiles%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - %ProgramFiles%\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe
O23 - Service: BitDefender Communicator (XCOMM) - Unknown owner - C:\Program Files\Common Files\Softwin\BitDefender Communicator\xcommsvr.exe" /service (file missing)
0
Réponse 27 / 51
geoffrey5 Messages postés 14008 Statut Contributeur sécurité 10
 
Tu n as pas téléchargé hijackthis avec le lien que je t ai mis...celui que tu as pris n est pas à jour
0
Réponse 28 / 51
alex8276
 
dsl je l'avait telechargé avant que tu me donne le bon lien, je recommence
0
Réponse 29 / 51
alex8276
 
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 20:47:47, on 05/06/2008
Platform: Windows Vista (WinNT 6.00.1904)
MSIE: Internet Explorer v7.00 (7.00.6000.16643)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\Apoint2K\Apoint.exe
C:\Program Files\HP\QuickPlay\QPService.exe
C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe
C:\Program Files\Apoint2K\ApMsgFwd.exe
C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
C:\Program Files\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe
C:\Program Files\Apoint2K\Apntex.exe
C:\Program Files\HP\HP Software Update\hpwuSchd2.exe
C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
C:\Program Files\Softwin\BitDefender10\bdmcon.exe
C:\Program Files\Softwin\BitDefender10\bdagent.exe
C:\Program Files\HP\Digital Imaging\bin\HpqSRmon.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Windows\system32\igfxsrvc.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\TomTom HOME 2\HOMERunner.exe
C:\Windows\ehome\ehmsas.exe
C:\Program Files\Hewlett-Packard\Shared\HpqToaster.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Windows\system32\conime.exe
C:\Windows\explorer.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Users\alex\Desktop\scan.exe.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://fr.yahoo.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://fr.yahoo.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://fr.yahoo.com/
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O1 - Hosts: ::1 localhost
O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~3\Office12\GRA8E1~1.DLL
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [Apoint] C:\Program Files\Apoint2K\Apoint.exe
O4 - HKLM\..\Run: [QPService] "C:\Program Files\HP\QuickPlay\QPService.exe"
O4 - HKLM\..\Run: [QlbCtrl] %ProgramFiles%\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start
O4 - HKLM\..\Run: [HP Health Check Scheduler] C:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe
O4 - HKLM\..\Run: [hpWirelessAssistant] %ProgramFiles%\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
O4 - HKLM\..\Run: [WAWifiMessage] %ProgramFiles%\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
O4 - HKLM\..\Run: [BDMCon] "C:\Program Files\Softwin\BitDefender10\bdmcon.exe" /reg
O4 - HKLM\..\Run: [BDAgent] "C:\Program Files\Softwin\BitDefender10\bdagent.exe"
O4 - HKLM\..\Run: [hpqSRMon] C:\Program Files\HP\Digital Imaging\bin\hpqSRMon.exe
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [IgfxTray] C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe
O4 - HKLM\..\RunOnce: [Launcher] %WINDIR%\SMINST\launcher.exe
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter
O4 - HKCU\..\Run: [LightScribe Control Panel] C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe -hidden
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [Speech Recognition] "C:\Windows\Speech\Common\sapisvr.exe" -SpeechUX -Startup
O4 - HKCU\..\Run: [TomTomHOME.exe] "C:\Program Files\TomTom HOME 2\HOMERunner.exe"
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU')
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O13 - Gopher Prefix:
O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} (DivXBrowserPlugin Object) - http://download.divx.com/player/DivXBrowserPlugin.cab
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~1\MICROS~3\Office12\GR99D3~1.DLL
O23 - Service: BitDefender Scan Server (bdss) - Unknown owner - C:\Program Files\Common Files\Softwin\BitDefender Scan Server\bdss.exe
O23 - Service: Com4Qlb - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4Qlb.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: HP Health Check Service - Hewlett-Packard - C:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe
O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: BitDefender Desktop Update Service (LIVESRV) - SOFTWIN S.R.L. - C:\Program Files\Common Files\Softwin\BitDefender Update Service\livesrv.exe
O23 - Service: RoxMediaDB9 - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe
O23 - Service: stllssvr - MicroVision Development, Inc. - C:\Program Files\Common Files\SureThing Shared\stllssvr.exe
O23 - Service: BitDefender Virus Shield (VSSERV) - SOFTWIN S.R.L. - C:\Program Files\Softwin\BitDefender10\vsserv.exe
O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe
O23 - Service: BitDefender Communicator (XCOMM) - SOFTWIN S.R.L - C:\Program Files\Common Files\Softwin\BitDefender Communicator\xcommsvr.exe
0
Réponse 30 / 51
geoffrey5 Messages postés 14008 Statut Contributeur sécurité 10
 
C est ok...tout à l air bon !

relance hijackthis en cliquant cette fois ci sur do a system scan only et coches ces lignes :

C:\Program Files\HP\HP Software Update\hpwuSchd2.exe

C:\Windows\System32\igfxpers.exe

R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll

O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll

O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe

O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"

O4 - HKCU\..\Run: [TomTomHOME.exe] "C:\Program Files\TomTom HOME 2\HOMERunner.exe"

et puis cliques sur fix checked.
0
Réponse 31 / 51
geoffrey5 Messages postés 14008 Statut Contributeur sécurité 10
 
je te conseille aussi d installer ces programmes ci dessous qui sont tres utiles pour le pc et lancer des scans au moins une fois par semaine :

https://www.01net.com/telecharger/windows/Securite/anti-spyware/fiches/11643.html

https://www.01net.com/telecharger/windows/Securite/anti-spyware/fiches/26157.html

https://www.01net.com/telecharger/

et si tu n as plus de problemes, tu peux mettre ton probleme résolu en haut de ton topic
0
Réponse 32 / 51
alex8276
 
voila c'est fait , a quoi correspond tout ce que j 'ai coché?

Merci de votre aide
0
Réponse 33 / 51
geoffrey5 Messages postés 14008 Statut Contributeur sécurité 10
 
ce sont des processus inutiles au démarrage de ton pc
0
Réponse 34 / 51
alex8276
 
ok Merci beaucoup!!
J'ai pas besoin de telecharger les 3 programmes si?
0
Réponse 35 / 51
geoffrey5 Messages postés 14008 Statut Contributeur sécurité 10
 
bien sure que oui !!

Ce sont des antispywares tres utiles pour désinfecter ton pc...fais une analyse avec chaques au moins une fois par semaine
0
Réponse 36 / 51
alex8276
 
ok!!bon ba meme si cest payant jevais les prendre je pense

Merci bcp
0
Réponse 37 / 51
geoffrey5 Messages postés 14008 Statut Contributeur sécurité 10
 
ils sont gratuits !!
0
Réponse 38 / 51
alex8276
 
avg antispyware est limité a 30 jours d'essai aprés je pourrait plus m'en servir si?
0
Réponse 39 / 51
geoffrey5 Messages postés 14008 Statut Contributeur sécurité 10
 
tu peux aussi le télécharger via émule ou µtorrent...je ne sais pas ce que tu utilises comme programme de téléchargement
0
Réponse 40 / 51
alex8276
 
emule !!!

sa posera pas de probleme avec mon antivirus bit defender.?
0

Discussions similaires

Ouvrir un fichier .pub sans Publisher
baissaoui -
baissaoui -

0 réponse
Ouvrir document Publisher sans Publisher
Curtis Hayes -
Curtis Hayes -

7 réponses
lire un fichier .pub
xycoco -
Valou -

38 réponses
Prélèvement Apple.com Bill
Eva_007 -
kikine -

8 réponses
Lire, afficher, exécuter un fichier *.pub sans Publisher
jeannoellaurenti -
informatique_fujitsu -

1 réponse