Ouverture Page internet
Résolu
Bleusaille
-
Utilisateur anonyme -
Utilisateur anonyme -
Bonjour,
Depuis peu des pages internet s'ouvrent toutes seules, pas systématiquement mais presque et même lorsque je fais autre chose que surfer...
Merci de m'aider, je pose mon rapport hijackthis:
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 09:29:26, on 07/06/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal
Running processes:
E:\WINDOWS\System32\smss.exe
E:\WINDOWS\system32\winlogon.exe
E:\WINDOWS\system32\services.exe
E:\WINDOWS\system32\lsass.exe
E:\WINDOWS\System32\Ati2evxx.exe
E:\WINDOWS\system32\svchost.exe
E:\WINDOWS\System32\svchost.exe
E:\WINDOWS\system32\Ati2evxx.exe
E:\WINDOWS\Explorer.EXE
E:\WINDOWS\system32\spoolsv.exe
E:\Program Files\Fichiers communs\LogiShrd\LVMVFM\LVPrcSrv.exe
E:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
E:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
E:\Program Files\CyberLink\PowerCinema\Kernel\TV\CLCapSvc.exe
E:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
E:\Program Files\Neuf\Kit\WiFi\9wifi.exe
E:\Program Files\ASUS\ASUS Remote\RemoteControlAppl.exe
E:\Program Files\Fichiers communs\LogiShrd\LVCOMSER\LVComSer.exe
E:\Program Files\Java\jre1.6.0_05\bin\jusched.exe
E:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
E:\Program Files\ATI Technologies\ATI.ACE\CLI.EXE
E:\Program Files\ScanSoft\OmniPageSE4.0\OpwareSE4.exe
E:\Program Files\Fichiers communs\LogiShrd\LComMgr\Communications_Helper.exe
E:\Program Files\CyberLink\Shared files\RichVideo.exe
E:\Program Files\Logitech\QuickCam\Quickcam.exe
E:\Program Files\CyberLink\PowerCinema\PCMService.exe
E:\WINDOWS\System32\svchost.exe
E:\Program Files\Picasa2\PicasaMediaDetector.exe
E:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe
E:\PROGRA~1\WI1F86~1\MESSEN~1\msnmsgr.exe
E:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
E:\Program Files\Steam\Steam.exe
E:\Program Files\Google\Google Updater\GoogleUpdater.exe
E:\Program Files\CyberLink\PowerCinema\Kernel\TV\CLSched.exe
E:\Program Files\Sitecom Wireless LAN\WLANUTL.exe
E:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe
E:\Program Files\Fichiers communs\Ahead\Lib\NMIndexStoreSvr.exe
E:\Program Files\Fichiers communs\LogiShrd\LVCOMSER\LVComSer.exe
E:\Program Files\Fichiers communs\Logishrd\LQCVFX\COCIManager.exe
E:\Program Files\ATI Technologies\ATI.ACE\cli.exe
E:\Program Files\ATI Technologies\ATI.ACE\cli.exe
E:\Program Files\Mozilla Firefox\firefox.exe
C:\HiJackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://actus.sfr.fr
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = https://actus.sfr.fr
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - Default URLSearchHook is missing
O2 - BHO: (no name) - AutorunsDisabled - (no file)
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - E:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Canon Easy Web Print Helper - {68F9551E-0411-48E4-9AAF-4BC42A6A46BE} - E:\Program Files\Canon\Easy-WebPrint\EWPBrowseLoader.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - E:\Program Files\Google\GoogleToolbarNotifier\2.1.1119.1736\swg.dll
O3 - Toolbar: Easy-WebPrint - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - E:\Program Files\Canon\Easy-WebPrint\Toolband.dll
O4 - HKLM\..\Run: [JMB36X IDE Setup] E:\WINDOWS\RaidTool\xInsIDE.exe
O4 - HKLM\..\Run: [36X Raid Configurer] E:\WINDOWS\system32\xRaidSetup.exe boot
O4 - HKLM\..\Run: [CmPCIaudio] RunDll32 CMICNFG3.cpl,CMICtrlWnd
O4 - HKLM\..\Run: [ATICCC] "E:\Program Files\ATI Technologies\ATI.ACE\CLIStart.exe"
O4 - HKLM\..\Run: [Autoconfigurateur WiFi Neuf] "E:\Program Files\Neuf\Kit\WiFi\9wifi.exe"
O4 - HKLM\..\Run: [RemoteControl] E:\Program Files\ASUS\ASUS Remote\RemoteControlAppl.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "E:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] E:\Program Files\Fichiers communs\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "E:\Program Files\Java\jre1.6.0_05\bin\jusched.exe"
O4 - HKLM\..\Run: [AVG7_CC] E:\PROGRA~1\Grisoft\AVG7\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [avgnt] "E:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKLM\..\Run: [IMJPMIG8.1] "E:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [MSPY2002] E:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC
O4 - HKLM\..\Run: [PHIME2002ASync] E:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] E:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [SSBkgdUpdate] "E:\Program Files\Fichiers communs\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Embedding -boot
O4 - HKLM\..\Run: [OpwareSE4] "E:\Program Files\ScanSoft\OmniPageSE4.0\OpwareSE4.exe"
O4 - HKLM\..\Run: [LogitechCommunicationsManager] "E:\Program Files\Fichiers communs\LogiShrd\LComMgr\Communications_Helper.exe"
O4 - HKLM\..\Run: [LogitechQuickCamRibbon] "E:\Program Files\Logitech\QuickCam\Quickcam.exe" /hide
O4 - HKLM\..\Run: [PCMService] "E:\Program Files\CyberLink\PowerCinema\PCMService.exe"
O4 - HKLM\..\Run: [ScanSoft OmniPage SE 4.0-reminder] "E:\Program Files\ScanSoft\OmniPageSE4.0\Ereg\Ereg.exe" -r "E:\Documents and Settings\All Users\Application Data\ScanSoft\OmniPageSE4.0\Ereg\ereg.ini"
O4 - HKCU\..\Run: [Picasa Media Detector] E:\Program Files\Picasa2\PicasaMediaDetector.exe
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "E:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [MsnMsgr] "E:\PROGRA~1\WI1F86~1\MESSEN~1\msnmsgr.exe" /background
O4 - HKCU\..\Run: [SpybotSD TeaTimer] E:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [Steam] "E:\Program Files\Steam\Steam.exe" -silent
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] E:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\Run: [AVG7_Run] E:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] E:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] E:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] E:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O4 - Startup: MaxTV.lnk = E:\Program Files\DMV\MaxTV\MaxTV.exe
O4 - Startup: Sitecom Wireless LAN Utility.lnk = ?
O4 - Global Startup: AutorunsDisabled
O4 - Global Startup: Microsoft Office.lnk = E:\Program Files\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: Outil de mise à jour Google.lnk = E:\Program Files\Google\Google Updater\GoogleUpdater.exe
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://E:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: Easy-WebPrint Ajouter à la liste d'impressions - res://E:\Program Files\Canon\Easy-WebPrint\Toolband.dll/RC_AddToList.html
O8 - Extra context menu item: Easy-WebPrint Impression rapide - res://E:\Program Files\Canon\Easy-WebPrint\Toolband.dll/RC_HSPrint.html
O8 - Extra context menu item: Easy-WebPrint Imprimer - res://E:\Program Files\Canon\Easy-WebPrint\Toolband.dll/RC_Print.html
O8 - Extra context menu item: Easy-WebPrint Prévisualiser - res://E:\Program Files\Canon\Easy-WebPrint\Toolband.dll/RC_Preview.html
O9 - Extra button: (no name) - AutorunsDisabled - (no file)
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - E:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - E:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - E:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - E:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O20 - Winlogon Notify: cbXNeCro - cbXNeCro.dll (file missing)
O21 - SSODL: KernelRunOnce - {b56dde56-edd9-466a-938c-7f0e2233b953} - E:\WINDOWS\Resources\KernelRunOnce.dll (file missing)
O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - E:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - Avira GmbH - E:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - E:\WINDOWS\System32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - E:\WINDOWS\system32\ati2sgag.exe
O23 - Service: CyberLink Background Capture Service (CBCS) (CLCapSvc) - Unknown owner - E:\Program Files\CyberLink\PowerCinema\Kernel\TV\CLCapSvc.exe
O23 - Service: CyberLink Task Scheduler (CTS) (CLSched) - Unknown owner - E:\Program Files\CyberLink\PowerCinema\Kernel\TV\CLSched.exe
O23 - Service: Google Updater Service (gusvc) - Google - E:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: LVCOMSer - Logitech Inc. - E:\Program Files\Fichiers communs\LogiShrd\LVCOMSER\LVComSer.exe
O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - E:\Program Files\Fichiers communs\LogiShrd\LVMVFM\LVPrcSrv.exe
O23 - Service: LVSrvLauncher - Logitech Inc. - E:\Program Files\Fichiers communs\LogiShrd\SrvLnch\SrvLnch.exe
O23 - Service: NBService - Nero AG - E:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - E:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - E:\Program Files\CyberLink\Shared files\RichVideo.exe
Depuis peu des pages internet s'ouvrent toutes seules, pas systématiquement mais presque et même lorsque je fais autre chose que surfer...
Merci de m'aider, je pose mon rapport hijackthis:
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 09:29:26, on 07/06/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal
Running processes:
E:\WINDOWS\System32\smss.exe
E:\WINDOWS\system32\winlogon.exe
E:\WINDOWS\system32\services.exe
E:\WINDOWS\system32\lsass.exe
E:\WINDOWS\System32\Ati2evxx.exe
E:\WINDOWS\system32\svchost.exe
E:\WINDOWS\System32\svchost.exe
E:\WINDOWS\system32\Ati2evxx.exe
E:\WINDOWS\Explorer.EXE
E:\WINDOWS\system32\spoolsv.exe
E:\Program Files\Fichiers communs\LogiShrd\LVMVFM\LVPrcSrv.exe
E:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
E:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
E:\Program Files\CyberLink\PowerCinema\Kernel\TV\CLCapSvc.exe
E:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
E:\Program Files\Neuf\Kit\WiFi\9wifi.exe
E:\Program Files\ASUS\ASUS Remote\RemoteControlAppl.exe
E:\Program Files\Fichiers communs\LogiShrd\LVCOMSER\LVComSer.exe
E:\Program Files\Java\jre1.6.0_05\bin\jusched.exe
E:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
E:\Program Files\ATI Technologies\ATI.ACE\CLI.EXE
E:\Program Files\ScanSoft\OmniPageSE4.0\OpwareSE4.exe
E:\Program Files\Fichiers communs\LogiShrd\LComMgr\Communications_Helper.exe
E:\Program Files\CyberLink\Shared files\RichVideo.exe
E:\Program Files\Logitech\QuickCam\Quickcam.exe
E:\Program Files\CyberLink\PowerCinema\PCMService.exe
E:\WINDOWS\System32\svchost.exe
E:\Program Files\Picasa2\PicasaMediaDetector.exe
E:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe
E:\PROGRA~1\WI1F86~1\MESSEN~1\msnmsgr.exe
E:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
E:\Program Files\Steam\Steam.exe
E:\Program Files\Google\Google Updater\GoogleUpdater.exe
E:\Program Files\CyberLink\PowerCinema\Kernel\TV\CLSched.exe
E:\Program Files\Sitecom Wireless LAN\WLANUTL.exe
E:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe
E:\Program Files\Fichiers communs\Ahead\Lib\NMIndexStoreSvr.exe
E:\Program Files\Fichiers communs\LogiShrd\LVCOMSER\LVComSer.exe
E:\Program Files\Fichiers communs\Logishrd\LQCVFX\COCIManager.exe
E:\Program Files\ATI Technologies\ATI.ACE\cli.exe
E:\Program Files\ATI Technologies\ATI.ACE\cli.exe
E:\Program Files\Mozilla Firefox\firefox.exe
C:\HiJackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://actus.sfr.fr
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = https://actus.sfr.fr
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - Default URLSearchHook is missing
O2 - BHO: (no name) - AutorunsDisabled - (no file)
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - E:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Canon Easy Web Print Helper - {68F9551E-0411-48E4-9AAF-4BC42A6A46BE} - E:\Program Files\Canon\Easy-WebPrint\EWPBrowseLoader.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - E:\Program Files\Google\GoogleToolbarNotifier\2.1.1119.1736\swg.dll
O3 - Toolbar: Easy-WebPrint - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - E:\Program Files\Canon\Easy-WebPrint\Toolband.dll
O4 - HKLM\..\Run: [JMB36X IDE Setup] E:\WINDOWS\RaidTool\xInsIDE.exe
O4 - HKLM\..\Run: [36X Raid Configurer] E:\WINDOWS\system32\xRaidSetup.exe boot
O4 - HKLM\..\Run: [CmPCIaudio] RunDll32 CMICNFG3.cpl,CMICtrlWnd
O4 - HKLM\..\Run: [ATICCC] "E:\Program Files\ATI Technologies\ATI.ACE\CLIStart.exe"
O4 - HKLM\..\Run: [Autoconfigurateur WiFi Neuf] "E:\Program Files\Neuf\Kit\WiFi\9wifi.exe"
O4 - HKLM\..\Run: [RemoteControl] E:\Program Files\ASUS\ASUS Remote\RemoteControlAppl.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "E:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] E:\Program Files\Fichiers communs\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "E:\Program Files\Java\jre1.6.0_05\bin\jusched.exe"
O4 - HKLM\..\Run: [AVG7_CC] E:\PROGRA~1\Grisoft\AVG7\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [avgnt] "E:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKLM\..\Run: [IMJPMIG8.1] "E:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [MSPY2002] E:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC
O4 - HKLM\..\Run: [PHIME2002ASync] E:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] E:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [SSBkgdUpdate] "E:\Program Files\Fichiers communs\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Embedding -boot
O4 - HKLM\..\Run: [OpwareSE4] "E:\Program Files\ScanSoft\OmniPageSE4.0\OpwareSE4.exe"
O4 - HKLM\..\Run: [LogitechCommunicationsManager] "E:\Program Files\Fichiers communs\LogiShrd\LComMgr\Communications_Helper.exe"
O4 - HKLM\..\Run: [LogitechQuickCamRibbon] "E:\Program Files\Logitech\QuickCam\Quickcam.exe" /hide
O4 - HKLM\..\Run: [PCMService] "E:\Program Files\CyberLink\PowerCinema\PCMService.exe"
O4 - HKLM\..\Run: [ScanSoft OmniPage SE 4.0-reminder] "E:\Program Files\ScanSoft\OmniPageSE4.0\Ereg\Ereg.exe" -r "E:\Documents and Settings\All Users\Application Data\ScanSoft\OmniPageSE4.0\Ereg\ereg.ini"
O4 - HKCU\..\Run: [Picasa Media Detector] E:\Program Files\Picasa2\PicasaMediaDetector.exe
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "E:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [MsnMsgr] "E:\PROGRA~1\WI1F86~1\MESSEN~1\msnmsgr.exe" /background
O4 - HKCU\..\Run: [SpybotSD TeaTimer] E:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [Steam] "E:\Program Files\Steam\Steam.exe" -silent
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] E:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\Run: [AVG7_Run] E:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] E:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] E:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] E:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O4 - Startup: MaxTV.lnk = E:\Program Files\DMV\MaxTV\MaxTV.exe
O4 - Startup: Sitecom Wireless LAN Utility.lnk = ?
O4 - Global Startup: AutorunsDisabled
O4 - Global Startup: Microsoft Office.lnk = E:\Program Files\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: Outil de mise à jour Google.lnk = E:\Program Files\Google\Google Updater\GoogleUpdater.exe
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://E:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: Easy-WebPrint Ajouter à la liste d'impressions - res://E:\Program Files\Canon\Easy-WebPrint\Toolband.dll/RC_AddToList.html
O8 - Extra context menu item: Easy-WebPrint Impression rapide - res://E:\Program Files\Canon\Easy-WebPrint\Toolband.dll/RC_HSPrint.html
O8 - Extra context menu item: Easy-WebPrint Imprimer - res://E:\Program Files\Canon\Easy-WebPrint\Toolband.dll/RC_Print.html
O8 - Extra context menu item: Easy-WebPrint Prévisualiser - res://E:\Program Files\Canon\Easy-WebPrint\Toolband.dll/RC_Preview.html
O9 - Extra button: (no name) - AutorunsDisabled - (no file)
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - E:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - E:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - E:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - E:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O20 - Winlogon Notify: cbXNeCro - cbXNeCro.dll (file missing)
O21 - SSODL: KernelRunOnce - {b56dde56-edd9-466a-938c-7f0e2233b953} - E:\WINDOWS\Resources\KernelRunOnce.dll (file missing)
O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - E:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - Avira GmbH - E:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - E:\WINDOWS\System32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - E:\WINDOWS\system32\ati2sgag.exe
O23 - Service: CyberLink Background Capture Service (CBCS) (CLCapSvc) - Unknown owner - E:\Program Files\CyberLink\PowerCinema\Kernel\TV\CLCapSvc.exe
O23 - Service: CyberLink Task Scheduler (CTS) (CLSched) - Unknown owner - E:\Program Files\CyberLink\PowerCinema\Kernel\TV\CLSched.exe
O23 - Service: Google Updater Service (gusvc) - Google - E:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: LVCOMSer - Logitech Inc. - E:\Program Files\Fichiers communs\LogiShrd\LVCOMSER\LVComSer.exe
O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - E:\Program Files\Fichiers communs\LogiShrd\LVMVFM\LVPrcSrv.exe
O23 - Service: LVSrvLauncher - Logitech Inc. - E:\Program Files\Fichiers communs\LogiShrd\SrvLnch\SrvLnch.exe
O23 - Service: NBService - Nero AG - E:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - E:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - E:\Program Files\CyberLink\Shared files\RichVideo.exe
A voir également:
- Ouverture Page internet
- Page d'ouverture google - Guide
- Supprimer page word - Guide
- Comment traduire une page internet - Guide
- Gps sans internet - Guide
- Mon pc rame sur internet - Guide
1 réponse
bonjour commençe par faire 1 scan avec malwarbyte http://www.commentcamarche.net/telecharger/telecharger 34055379 malwarebyte s anti malware a l'installation tu coche mise a jour et lancer program et scan complet et tu suprime se qu'il trouve et tu poste le raport generer
Le rapport:
Malwarebytes' Anti-Malware 1.15
Version de la base de données: 837
16:04:30 07/06/2008
mbam-log-6-7-2008 (16-04-29).txt
Type de recherche: Examen complet (C:\|E:\|)
Eléments examinés: 117451
Temps écoulé: 32 minute(s), 19 second(s)
Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 4
Valeur(s) du Registre infectée(s): 1
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 0
Fichier(s) infecté(s): 2
Processus mémoire infecté(s):
(Aucun élément nuisible détecté)
Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)
Clé(s) du Registre infectée(s):
HKEY_CLASSES_ROOT\CLSID\{63ab48c9-01a8-495c-8194-a715db8a37a2} (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\Software\uninstall (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\FCOVM (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\RemoveRP (Trojan.Vundo) -> Quarantined and deleted successfully.
Valeur(s) du Registre infectée(s):
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks\{63ab48c9-01a8-495c-8194-a715db8a37a2} (Trojan.Vundo) -> Quarantined and deleted successfully.
Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)
Dossier(s) infecté(s):
(Aucun élément nuisible détecté)
Fichier(s) infecté(s):
E:\WINDOWS\system32\clkcnt.txt (Trojan.Vundo) -> Quarantined and deleted successfully.
E:\WINDOWS\system32\nvs2.inf (Adware.EGDAccess) -> Quarantined and deleted successfully.
Salut a Toute La Communautè Par Manque De Curiosité On Risque De Mourir Ignorant
E:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe
E:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
E:\Program Files\Steam\Steam.exe
E:\documents and settings\madec\local settings\application data\gmgigwcm.exe
E:\Program Files\Google\Google Updater\GoogleUpdater.exe
E:\Program Files\Fichiers communs\Ahead\Lib\NMIndexStoreSvr.exe
E:\Program Files\Sitecom Wireless LAN\WLANUTL.exe
E:\Program Files\Fichiers communs\Logishrd\LQCVFX\COCIManager.exe
E:\Program Files\ATI Technologies\ATI.ACE\cli.exe
E:\Program Files\ATI Technologies\ATI.ACE\cli.exe
E:\WINDOWS\system32\cmd.exe
E:\Program Files\Mozilla Firefox\firefox.exe
»»»»»»»»»»»»»»»»»»»»»»»» hosts
»»»»»»»»»»»»»»»»»»»»»»»» E:\
»»»»»»»»»»»»»»»»»»»»»»»» E:\WINDOWS
»»»»»»»»»»»»»»»»»»»»»»»» E:\WINDOWS\system
»»»»»»»»»»»»»»»»»»»»»»»» E:\WINDOWS\Web
»»»»»»»»»»»»»»»»»»»»»»»» E:\WINDOWS\system32
»»»»»»»»»»»»»»»»»»»»»»»» E:\WINDOWS\system32\LogFiles
»»»»»»»»»»»»»»»»»»»»»»»» E:\Documents and Settings\Madec
»»»»»»»»»»»»»»»»»»»»»»»» E:\Documents and Settings\Madec\Application Data
»»»»»»»»»»»»»»»»»»»»»»»» Menu Démarrer
»»»»»»»»»»»»»»»»»»»»»»»» E:\DOCUME~1\Madec\Favoris
»»»»»»»»»»»»»»»»»»»»»»»» Bureau
»»»»»»»»»»»»»»»»»»»»»»»» E:\Program Files
»»»»»»»»»»»»»»»»»»»»»»»» Clés corrompues
»»»»»»»»»»»»»»»»»»»»»»»» Eléments du bureau
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Desktop\Components\0]
"Source"="About:Home"
"SubscribedURL"="About:Home"
"FriendlyName"="Ma page d'accueil"
»»»»»»»»»»»»»»»»»»»»»»»» IEDFix
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!
IEDFix
Credits: Malware Analysis & Diagnostic
Code: S!Ri
»»»»»»»»»»»»»»»»»»»»»»»» VACFix
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!
VACFix
Credits: Malware Analysis & Diagnostic
Code: S!Ri
»»»»»»»»»»»»»»»»»»»»»»»» 404Fix
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!
404Fix
Credits: Malware Analysis & Diagnostic
Code: S!Ri
»»»»»»»»»»»»»»»»»»»»»»»» Sharedtaskscheduler
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!
SrchSTS.exe by S!Ri
Search SharedTaskScheduler's .dll
»»»»»»»»»»»»»»»»»»»»»»»» AppInit_DLLs
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"=""
»»»»»»»»»»»»»»»»»»»»»»»» Winlogon
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon]
"Userinit"="E:\\WINDOWS\\system32\\userinit.exe,"
"System"=""
»»»»»»»»»»»»»»»»»»»»»»»» Rustock
»»»»»»»»»»»»»»»»»»»»»»»» DNS
Description: Sitecom Wireless Network PCI-Card 100M - Miniport d'ordonnancement de paquets
DNS Server Search Order: 192.168.1.1
HKLM\SYSTEM\CCS\Services\Tcpip\..\{DAE51E46-0174-4235-B164-CB9782077017}: DhcpNameServer=192.168.1.1
HKLM\SYSTEM\CS1\Services\Tcpip\..\{DAE51E46-0174-4235-B164-CB9782077017}: DhcpNameServer=192.168.1.1
HKLM\SYSTEM\CS3\Services\Tcpip\..\{DAE51E46-0174-4235-B164-CB9782077017}: DhcpNameServer=192.168.1.1
HKLM\SYSTEM\CCS\Services\Tcpip\Parameters: DhcpNameServer=192.168.1.1
HKLM\SYSTEM\CS1\Services\Tcpip\Parameters: DhcpNameServer=192.168.1.1
HKLM\SYSTEM\CS3\Services\Tcpip\Parameters: DhcpNameServer=192.168.1.1
»»»»»»»»»»»»»»»»»»»»»»»» Recherche infection wininet.dll
»»»»»»»»»»»»»»»»»»»»»»»» Fin
Surtout des pages anti-virus qui s'ouvrent....