Sujet Précédent Sujet Suivant

Fenêtres IE qui s'ouvrent, smart antivirus 09

Résolu/Fermé
pissdrunk Messages postés 65 Date d'inscription mardi 8 janvier 2008 Statut Membre Dernière intervention 12 août 2009 - 18 sept. 2008 à 12:12
 Utilisateur anonyme - 3 oct. 2008 à 19:20
Bonjour,

Je rencontre un problème actuellement lorsque je navigue sur le net.

En pleine navigation, de temps en temps une fenêtre Internet Explorer s'ouvre toute seule et me mène vers différents sites un peu bizarres...et notamment celui qui revient le plus souvent est un message comme quoi l'ordinateur est infecté et qu'il faut télécharger smart antivirus 2009, un truc "à la con" quoi....donc je ferme toujours cette fenêtre mais ca revient encore et encore.

J'ai lancé bitdefender à plusieurs reprises mais il ne trouve pas le problème.

Quelqu'un pourrait-il me venir en aide ?

D'avance merci à vous !

Cdt,

Guillaume
A voir également:

29 réponses

Précédent
  • 1
  • 2
Réponse 21 / 29
biouz Messages postés 103 Date d'inscription jeudi 13 décembre 2007 Statut Membre Dernière intervention 2 décembre 2010 3
22 sept. 2008 à 18:08
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 18:02:06, on 22/09/2008
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v7.00 (7.00.6001.18000)
Boot mode: Normal

Running processes:
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Windows Defender\MSASCui.exe
C:\Windows\RtHDVCpl.exe
C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe
C:\Program Files\OrangeHSS\Systray\SystrayApp.exe
C:\Program Files\Orange\AntivirusFirewall\Common\FSM32.EXE
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE
C:\Program Files\ScanSoft\OmniPageSE4\OpWareSE4.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Packard Bell\SetUpMyPC\SmpSys.exe
C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe
C:\Windows\ehome\ehtray.exe
C:\Windows\ehome\ehmsas.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\PROGRA~1\COMMON~1\France Telecom\Shared Modules\AlertModule\1\AlertModule.exe
C:\Program Files\Orange\AntivirusFirewall\FSGUI\fsguidll.exe
C:\Windows\system32\conime.exe
C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\CPSHelpRunner.exe
C:\Program Files\OrangeHSS\Launcher\Launcher.exe
C:\Program Files\OrangeHSS\connectivity\connectivitymanager.exe
C:\Program Files\OrangeHSS\connectivity\CoreCom\CoreCom.exe
C:\Program Files\OrangeHSS\connectivity\CoreCom\OraConfigRecover.exe
C:\PROGRA~1\COMMON~1\France Telecom\Shared Modules\FTCOMModule\1\FTCOMModule.exe
C:\Program Files\OrangeHSS\browser\browser.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
C:\Windows\system32\SearchFilterHost.exe

O23 - Service: RoxMediaDB9 - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe
O23 - Service: Roxio Hard Drive Watcher 9 (RoxWatch9) - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe
O23 - Service: stllssvr - MicroVision Development, Inc. - C:\Program Files\Common Files\SureThing Shared\stllssvr.exe
-1
Utilisateur anonyme
22 sept. 2008 à 18:11
bonsoir

creé ton propre topic stp
ca sera + simple por te repondre....
merci
a+
-1
Réponse 22 / 29
pissdrunk Messages postés 65 Date d'inscription mardi 8 janvier 2008 Statut Membre Dernière intervention 12 août 2009 22
23 sept. 2008 à 15:08
Salut archet9,

Suite au message 31, je ne reçois plus actuellement les messages d'erreur suite aux *.dll manquants...donc je ne peux pas te citer les noms des fichiers...et j'ai toujours le même message d'erreur lorsque j'execute ComFix...Que faire ?
-1
Utilisateur anonyme
23 sept. 2008 à 16:47
as tu essayé en mode ss echec avac reseau?
a+
-1
Réponse 23 / 29
pissdrunk Messages postés 65 Date d'inscription mardi 8 janvier 2008 Statut Membre Dernière intervention 12 août 2009 22
23 sept. 2008 à 16:48
Je vais essayer, même en activant le réseau en mode sans échec, faut il que je désactive antivirus, parefeu etc...?
-1
Réponse 24 / 29
Utilisateur anonyme
23 sept. 2008 à 16:49
oui
-1

Vous n’avez pas trouvé la réponse que vous recherchez ?

Posez votre question
Réponse 25 / 29
pissdrunk Messages postés 65 Date d'inscription mardi 8 janvier 2008 Statut Membre Dernière intervention 12 août 2009 22
23 sept. 2008 à 22:45
c'est bon, voila le log:


ComboFix 08-09-22.05 - Guiguy 2008-09-23 22:23:29.2 - NTFSx86
Microsoft® Windows Vista™ Édition Familiale Premium 6.0.6001.1.1252.1.1036.18.2000 [GMT 2:00]
Lancé depuis: C:\Users\Guiguy\Desktop\ComboFix.exe
* Un nouveau point de restauration a été créé
.

((((((((((((((((((((((((((((( Fichiers créés du 2008-08-23 au 2008-09-23 ))))))))))))))))))))))))))))))))))))
.

2008-09-23 22:27 . 2008-09-23 22:27 389,473,064 --a------ C:\Windows\MEMORY.DMP
2008-09-23 15:46 . 2008-09-23 15:46 0 --a------ C:\Windows\Irremote.ini
2008-09-23 02:16 . 2008-09-23 02:16 <REP> d-------- C:\Program Files\Raveille
2008-09-23 02:16 . 2008-09-23 02:16 <REP> d-------- C:\Program Files\Common Files\GTK
2008-09-22 16:29 . 2008-09-22 16:29 <REP> d-------- C:\ProgramData\WindowsSearch
2008-09-22 15:50 . 2008-09-22 15:50 <REP> d-------- C:\Program Files\Nero
2008-09-22 15:07 . 2008-09-22 15:07 <REP> d-------- C:\ProgramData\LightScribe
2008-09-22 09:42 . 2008-09-22 15:15 <REP> d-------- C:\Program Files\Navilog1
2008-09-22 01:38 . 2008-09-22 01:38 <REP> d-------- C:\Program Files\Smart Projects
2008-09-22 01:21 . 2008-09-22 01:21 <REP> d-------- C:\Users\Guiguy\AppData\Roaming\Canneverbe_Limited
2008-09-22 00:55 . 2008-02-28 13:26 1,414,440 --a------ C:\Windows\System32\ShellManager310E2D762.dll
2008-09-22 00:55 . 2008-02-28 13:01 774,144 --a------ C:\Windows\System32\NEROINSTAEC43759.DB
2008-09-22 00:21 . 2008-09-22 00:21 <REP> d-------- C:\Users\Guiguy\AppData\Roaming\Nero
2008-09-22 00:17 . 2008-09-23 15:47 <REP> d-------- C:\ProgramData\Nero
2008-09-22 00:17 . 2008-09-23 15:47 <REP> d-------- C:\Program Files\Common Files\Nero
2008-09-20 23:45 . 2008-09-21 00:39 <REP> d-------- C:\ProgramData\Spybot - Search & Destroy
2008-09-20 23:45 . 2008-09-20 23:46 <REP> d-------- C:\Program Files\Spybot - Search & Destroy
2008-09-20 23:33 . 2008-09-20 23:33 <REP> d-------- C:\Program Files\CCleaner
2008-09-20 19:47 . 2008-09-20 19:47 <REP> d-------- C:\ProgramData\SetSys
2008-09-20 19:28 . 2008-09-19 02:57 <REP> d-------- C:\SDFix
2008-09-19 11:54 . 2008-09-19 11:54 <REP> d-------- C:\Program Files\AC3Filter
2008-09-19 11:53 . 2008-09-19 11:55 <REP> d-------- C:\Program Files\Quick Video Converter
2008-09-19 11:53 . 2008-09-19 11:54 <REP> d-------- C:\Program Files\GPL MPEG Decoder
2008-09-19 00:37 . 2008-09-22 16:51 <REP> d-------- C:\ProgramData\yxipyjkn
2008-09-19 00:37 . 2008-09-19 00:37 <REP> d-------- C:\ProgramData\ShUtil
2008-09-18 22:25 . 2008-09-18 22:27 <REP> d-------- C:\Users\Guiguy\SmitfraudFix
2008-09-18 18:47 . 2008-09-18 18:47 <REP> d-------- C:\Users\Guiguy\AppData\Roaming\Malwarebytes
2008-09-18 18:47 . 2008-09-18 18:47 <REP> d-------- C:\ProgramData\Malwarebytes
2008-09-18 18:47 . 2008-09-18 18:47 <REP> d-------- C:\Program Files\Malwarebytes' Anti-Malware
2008-09-18 18:47 . 2008-09-10 00:04 38,528 --a------ C:\Windows\System32\drivers\mbamswissarmy.sys
2008-09-18 18:47 . 2008-09-10 00:03 17,200 --a------ C:\Windows\System32\drivers\mbam.sys
2008-09-18 14:07 . 2008-09-18 14:07 <REP> d-------- C:\Program Files\Trend Micro
2008-09-11 20:11 . 2008-09-11 20:12 <REP> d-------- C:\ProgramData\Lavasoft
2008-09-11 20:11 . 2008-09-11 20:11 <REP> d-------- C:\Program Files\Lavasoft
2008-09-11 20:10 . 2008-09-11 20:10 <REP> d-------- C:\Program Files\Common Files\Wise Installation Wizard
2008-09-11 18:20 . 2008-09-11 18:20 <REP> d-------- C:\Program Files\Apple Software Update
2008-09-11 18:19 . 2008-09-11 18:19 <REP> d----c--- C:\Windows\System32\DRVSTORE
2008-09-11 18:19 . 2008-09-11 18:19 <REP> d-------- C:\ProgramData\{3276BE95_AF08_429F_A64F_CA64CB79BCF6}
2008-09-11 18:19 . 2008-09-11 18:19 <REP> d-------- C:\Program Files\iTunes
2008-09-11 18:19 . 2008-09-11 18:19 <REP> d-------- C:\Program Files\iPod
2008-09-11 18:19 . 2008-04-17 13:12 107,368 --a------ C:\Windows\System32\GEARAspi.dll
2008-09-11 18:19 . 2008-04-17 13:12 15,464 --a------ C:\Windows\System32\drivers\GEARAspiWDM.sys
2008-09-11 18:17 . 2008-09-15 23:29 <REP> d-------- C:\Program Files\Bonjour
2008-09-11 18:16 . 2008-09-11 18:16 <REP> d-------- C:\Program Files\QuickTime
2008-09-11 18:04 . 2008-07-31 03:13 4,240,384 --a------ C:\Windows\System32\GameUXLegacyGDFs.dll
2008-09-11 18:04 . 2008-07-31 05:32 28,160 --a------ C:\Windows\System32\Apphlpdm.dll
2008-09-11 18:03 . 2008-08-02 03:01 625,152 --a------ C:\Windows\System32\drivers\dxgkrnl.sys
2008-09-11 18:03 . 2008-06-26 05:29 565,248 --a------ C:\Windows\System32\emdmgmt.dll
2008-09-11 18:03 . 2008-06-26 05:29 303,616 --a------ C:\Windows\System32\wmpeffects.dll
2008-09-11 18:03 . 2008-05-08 21:21 211,968 --a------ C:\Windows\System32\drivers\mrxsmb10.sys
2008-09-11 18:03 . 2008-05-20 04:07 148,480 --a------ C:\Windows\System32\drivers\nwifi.sys
2008-09-11 18:03 . 2008-06-26 05:29 45,056 --a------ C:\Windows\System32\dataclen.dll
2008-09-11 18:03 . 2008-08-02 05:26 36,864 --a------ C:\Windows\System32\cdd.dll
2008-09-09 22:55 . 2008-09-09 22:55 <REP> d-------- C:\ProgramData\Messenger Plus!
2008-09-09 20:40 . 2008-09-09 20:40 <REP> d-------- C:\Program Files\Messenger Plus! Live
2008-09-08 23:02 . 2008-09-14 22:05 <REP> d-------- C:\Users\Guiguy\AppData\Roaming\LimeWire
2008-09-08 23:00 . 2008-09-08 23:01 <REP> d-------- C:\Program Files\Java
2008-09-08 22:59 . 2008-09-08 22:59 <REP> d-------- C:\Program Files\Common Files\Java
2008-09-08 22:56 . 2008-09-08 22:57 <REP> d-------- C:\Program Files\LimeWire
2008-09-06 15:09 . 2008-09-06 15:09 90,112 --a------ C:\Windows\System32\QuickTimeVR.qtx
2008-09-06 15:09 . 2008-09-06 15:09 57,344 --a------ C:\Windows\System32\QuickTime.qts
2008-09-05 23:18 . 2008-09-08 22:19 <REP> d-------- C:\Users\Guiguy\AppData\Roaming\DivX
2008-09-05 23:16 . 2008-09-05 23:16 <REP> d-------- C:\Program Files\DivX
2008-09-05 23:16 . 2008-09-05 23:16 <REP> d-------- C:\Program Files\Common Files\PX Storage Engine
2008-09-05 22:16 . 2008-09-05 22:16 1,900,544 --a------ C:\Windows\System32\usbaaplrc.dll
2008-09-05 22:16 . 2008-09-05 22:16 36,864 --a------ C:\Windows\System32\drivers\usbaapl.sys
2008-09-05 19:10 . 2008-09-05 19:10 <REP> d-------- C:\Users\Guiguy\AppData\Roaming\Apple Computer
2008-09-05 19:09 . 2008-09-05 19:10 <REP> d-------- C:\ProgramData\Apple Computer
2008-09-05 19:08 . 2008-09-05 19:08 <REP> d-------- C:\ProgramData\Apple
2008-09-05 19:08 . 2008-09-11 18:16 <REP> d-------- C:\Program Files\Common Files\Apple
2008-09-05 18:41 . 2008-09-05 18:41 <REP> d-------- C:\Program Files\uTorrent
2008-09-05 18:40 . 2008-09-22 03:35 <REP> d-------- C:\Users\Guiguy\AppData\Roaming\uTorrent
2008-09-05 18:24 . 2008-07-19 07:09 1,811,656 --a------ C:\Windows\System32\wuaueng.dll
2008-09-05 18:24 . 2008-07-19 05:44 1,524,736 --a------ C:\Windows\System32\wucltux.dll
2008-09-05 18:24 . 2008-07-19 07:10 53,448 --a------ C:\Windows\System32\wuauclt.exe
2008-09-05 18:24 . 2008-07-19 07:10 45,768 --a------ C:\Windows\System32\wups2.dll
2008-09-05 18:23 . 2008-07-19 07:09 563,912 --a------ C:\Windows\System32\wuapi.dll
2008-09-05 18:23 . 2008-07-18 22:08 163,904 --a------ C:\Windows\System32\wuwebv.dll
2008-09-05 18:23 . 2008-07-19 05:44 83,456 --a------ C:\Windows\System32\wudriver.dll
2008-09-05 18:23 . 2008-07-19 07:10 36,552 --a------ C:\Windows\System32\wups.dll
2008-09-05 18:23 . 2008-07-18 20:44 31,232 --a------ C:\Windows\System32\wuapp.exe
2008-09-03 00:24 . 2008-09-05 02:13 <REP> d-------- C:\Users\Guiguy\AppData\Roaming\Camfrog
2008-09-02 22:48 . 2008-09-02 22:48 <REP> d-------- C:\Program Files\Camfrog
2008-09-02 20:39 . 2008-09-02 20:42 <REP> d--hsc--- C:\Program Files\Common Files\WindowsLiveInstaller
2008-09-02 20:38 . 2008-09-02 20:38 <REP> d-------- C:\ProgramData\WLInstaller
2008-09-02 20:38 . 2008-09-02 20:43 <REP> d-------- C:\Program Files\Windows Live
2008-09-01 19:07 . 2008-07-16 03:32 2,048 --a------ C:\Windows\System32\tzres.dll
2008-09-01 19:03 . 2008-06-26 03:45 12,240,896 --a------ C:\Windows\System32\NlsLexicons0007.dll
2008-09-01 19:03 . 2008-06-26 03:45 2,644,480 --a------ C:\Windows\System32\NlsLexicons0009.dll
2008-09-01 19:03 . 2008-06-26 05:29 801,280 --a------ C:\Windows\System32\NaturalLanguage6.dll
2008-09-01 19:00 . 2008-04-10 07:12 738,304 --a------ C:\Windows\System32\inetcomm.dll
2008-09-01 19:00 . 2008-05-08 23:59 430,080 --a------ C:\Windows\System32\vbscript.dll
2008-09-01 19:00 . 2008-05-08 23:59 180,224 --a------ C:\Windows\System32\scrobj.dll
2008-09-01 19:00 . 2008-05-08 23:59 172,032 --a------ C:\Windows\System32\scrrun.dll
2008-09-01 19:00 . 2008-05-08 23:59 155,648 --a------ C:\Windows\System32\wscript.exe
2008-09-01 19:00 . 2008-05-08 23:58 135,168 --a------ C:\Windows\System32\wshom.ocx
2008-09-01 19:00 . 2008-05-08 23:58 135,168 --a------ C:\Windows\System32\cscript.exe
2008-09-01 19:00 . 2008-05-08 23:59 90,112 --a------ C:\Windows\System32\wshext.dll
2008-09-01 16:44 . 2008-09-01 16:44 <REP> d-------- C:\Users\Guiguy\Bluetooth Software
2008-09-01 16:22 . 2008-09-01 16:22 850 --a------ C:\Windows\System32\ProductTweaks.xml
2008-09-01 16:22 . 2008-09-01 16:22 289 --a------ C:\Windows\System32\user_gensett.xml
2008-09-01 16:18 . 2008-09-01 16:18 <REP> d-------- C:\Users\Guiguy\AppData\Roaming\BitDefender
2008-09-01 16:17 . 2008-09-01 16:21 <REP> d-------- C:\ProgramData\BitDefender
2008-09-01 16:17 . 2008-09-01 16:17 <REP> d-------- C:\Program Files\BitDefender
2008-09-01 16:16 . 2008-09-01 16:17 <REP> d-------- C:\Program Files\Common Files\BitDefender
2008-09-01 13:56 . 2008-09-01 13:56 <REP> d-------- C:\Users\Guiguy\AppData\Roaming\Symantec
2008-09-01 13:56 . 2008-09-01 13:56 <REP> d-------- C:\Users\Guiguy\AppData\Roaming\ATI
2008-09-01 13:56 . 2008-09-01 13:56 <REP> d--hs---- C:\$RECYCLE.BIN
2008-09-01 13:55 . 2008-09-01 13:55 <REP> dr------- C:\Users\Guiguy\Searches
2008-09-01 13:55 . 2008-09-22 00:02 <REP> dr------- C:\Users\Guiguy\Contacts
2008-09-01 13:49 . 2008-09-05 23:16 <REP> dr------- C:\Users\Guiguy\Videos
2008-09-01 13:49 . 2008-09-03 02:13 <REP> dr------- C:\Users\Guiguy\Saved Games
2008-09-01 13:49 . 2008-09-22 16:43 <REP> dr------- C:\Users\Guiguy\Pictures
2008-09-01 13:49 . 2008-09-09 18:43 <REP> dr------- C:\Users\Guiguy\Music
2008-09-01 13:49 . 2008-09-01 13:55 <REP> dr------- C:\Users\Guiguy\Links
2008-09-01 13:49 . 2008-09-22 01:33 <REP> dr------- C:\Users\Guiguy\Downloads
2008-09-01 13:49 . 2008-09-22 01:21 <REP> dr------- C:\Users\Guiguy\Documents
2008-09-01 13:49 . 2006-11-02 14:37 <REP> d-------- C:\Users\Guiguy\AppData\Roaming\Media Center Programs
2008-09-01 13:49 . 2008-09-01 13:53 <REP> d--h----- C:\Users\Guiguy\AppData
2008-09-01 13:49 . 2008-09-22 00:20 <REP> d-------- C:\Users\Guiguy
2008-09-01 13:49 . 2008-09-23 22:28 45,056 --a------ C:\Windows\System32\acovcnt.exe
2008-09-01 13:46 . 2008-09-01 13:46 <REP> dr------- C:\Windows\System32\config\systemprofile\Contacts
2008-08-29 10:18 . 2008-08-29 10:18 87,336 --a------ C:\Windows\System32\dns-sd.exe
2008-08-29 09:53 . 2008-08-29 09:53 61,440 --a------ C:\Windows\System32\dnssd.dll

.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-09-23 12:55 --------- d-----w C:\Program Files\ASUS
2008-09-11 16:06 --------- d-----w C:\ProgramData\Microsoft Help
2008-09-02 18:59 228,672 ----a-w C:\Windows\system32\drivers\bdfsfltr.sys
2008-09-02 18:59 108,864 ----a-w C:\Windows\system32\drivers\bdfm.sys
2008-09-02 18:59 102,208 ----a-w C:\Windows\system32\drivers\bdfndisf.sys
2008-09-01 17:09 --------- d-----w C:\Program Files\Windows Mail
2008-09-01 12:04 --------- d-----w C:\Program Files\Common Files\Symantec Shared
2008-09-01 12:02 --------- d-----w C:\ProgramData\Symantec
2008-08-14 11:29 0 ----a-w C:\Windows\system32\drivers\1043_ASUSTeK_F6V.alu
2008-08-14 11:26 --------- d-----w C:\Program Files\Common Files\Adobe
2008-08-14 11:24 520,192 ----a-w C:\Windows\System32\Asus_Camera_ScreenSaver.scr
2008-08-14 11:24 47,672 ----a-w C:\Windows\AsScrProlog.exe
2008-08-14 11:24 4,814,371 ----a-w C:\Windows\ASUS Camera ScreenSaver.exe
2008-08-14 11:24 3,054,136 ----a-w C:\Windows\AsScrPro.exe
2008-08-14 11:24 281,144 ----a-w C:\Windows\ASUS Camera ScreenSaver Uninstaller.exe
2008-08-14 11:23 --------- d-----w C:\ProgramData\P4G
2008-08-14 11:23 --------- d-----w C:\Program Files\P4G
2008-08-14 11:22 --------- d--h--w C:\Program Files\InstallShield Installation Information
2008-08-14 11:22 --------- d-----w C:\ProgramData\ASUS
2008-08-14 11:21 --------- d-----w C:\Program Files\ATKGFNEX
2008-08-14 11:19 --------- d-----w C:\ProgramData\ATI
2008-08-14 11:06 --------- d-----w C:\Program Files\WIDCOMM
2008-08-14 11:05 --------- d-----w C:\Program Files\Wireless Console 2
2008-08-14 11:04 --------- d-----w C:\Program Files\ASUS Security Center
2008-08-14 11:03 --------- d-----w C:\Program Files\Fingerprint Sensor
2008-08-14 11:02 0 ---ha-w C:\Windows\system32\drivers\Msft_Kernel_SynTP_01000.Wdf
2008-08-14 11:02 --------- d-----w C:\Program Files\Synaptics
2008-08-14 11:02 --------- d-----w C:\Program Files\Multimedia Card Reader
2008-08-14 11:01 --------- d-----w C:\Program Files\Realtek
2008-08-14 11:00 319,456 ----a-w C:\Windows\DIFxAPI.dll
2008-08-14 11:00 315,392 ----a-w C:\Windows\HideWin.exe
2008-08-14 11:00 --------- d-----w C:\Program Files\Common Files\InstallShield
2008-08-14 10:59 --------- d-----w C:\Program Files\ATI Technologies
2008-08-14 10:56 --------- d-----w C:\Program Files\ATI
2008-08-14 10:48 --------- d-----w C:\Program Files\ATKOSD2
2008-08-14 10:45 --------- d-----w C:\Program Files\Intel
2008-08-14 10:23 --------- d-----w C:\Program Files\CyberLink
2008-08-14 10:23 --------- d-----w C:\Program Files\Common Files\LightScribe
2008-08-14 10:17 --------- d-----w C:\ProgramData\{623D32E9-0C62-4453-AD44-98B31F52A5E1}
2008-08-14 10:17 --------- d-----w C:\Program Files\Activation Assistant for the 2007 Microsoft Office suites
2008-08-14 10:15 --------- d-----w C:\Program Files\Microsoft Works
2008-08-14 10:14 --------- d-----w C:\Program Files\Microsoft.NET
2008-07-31 03:32 460,288 ----a-w C:\Windows\AppPatch\AcSpecfc.dll
2008-07-31 03:32 2,154,496 ----a-w C:\Windows\AppPatch\AcGenral.dll
2008-07-31 03:32 173,056 ----a-w C:\Windows\AppPatch\AcXtrnal.dll
2008-07-25 08:36 524,288 ----a-w C:\Windows\System32\DivXsm.exe
2008-07-23 16:50 3,596,288 ----a-w C:\Windows\System32\qt-dx331.dll
2008-07-23 16:48 200,704 ----a-w C:\Windows\System32\ssldivx.dll
2008-07-23 16:48 1,044,480 ----a-w C:\Windows\System32\libdivx.dll
2008-07-23 16:46 12,288 ----a-w C:\Windows\System32\DivXWMPExtType.dll
2008-07-10 10:51 10 ----a-w C:\RECOVERY.DAT
2008-06-27 04:15 827,392 ----a-w C:\Windows\System32\wininet.dll
2008-06-26 15:01 1,048,576 ---ha-r C:\F6A.BIN
2008-06-26 14:58 1,048,576 ---ha-r C:\F6V.BIN
2008-01-21 02:43 174 --sha-w C:\Program Files\desktop.ini
.

((((((((((((((((((((((((((((( snapshot@2008-09-20_ 0.14.26.25 )))))))))))))))))))))))))))))))))))))))))
.
- 2008-09-19 22:10:18 262,144 --sha-w C:\Windows\ServiceProfiles\LocalService\NTUSER.DAT
+ 2008-09-23 20:28:20 262,144 --sha-w C:\Windows\ServiceProfiles\LocalService\NTUSER.DAT
+ 2008-09-23 20:28:20 262,144 ---ha-w C:\Windows\ServiceProfiles\LocalService\ntuser.dat.LOG1
- 2008-09-19 22:10:57 262,144 --sha-w C:\Windows\ServiceProfiles\NetworkService\NTUSER.DAT
+ 2008-09-23 20:28:19 262,144 --sha-w C:\Windows\ServiceProfiles\NetworkService\NTUSER.DAT
+ 2008-09-23 20:28:19 262,144 ---ha-w C:\Windows\ServiceProfiles\NetworkService\ntuser.dat.LOG1
- 2008-09-18 23:06:52 16,384 --sha-w C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2008-09-23 13:06:05 16,384 --sha-w C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
- 2008-09-18 23:06:52 32,768 --sha-w C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
+ 2008-09-23 13:06:05 32,768 --sha-w C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
- 2008-09-18 23:06:52 16,384 --sha-w C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2008-09-23 13:06:05 16,384 --sha-w C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
- 2008-09-19 22:06:21 262,144 ----a-w C:\Windows\System32\config\systemprofile\ntuser.dat
+ 2008-09-23 20:23:13 262,144 ----a-w C:\Windows\System32\config\systemprofile\ntuser.dat
+ 2005-12-05 16:09:18 2,323,664 ----a-w C:\Windows\System32\d3dx9_28.dll
+ 2006-03-31 10:40:58 2,388,176 ----a-w C:\Windows\System32\d3dx9_30.dll
+ 2003-04-18 14:46:22 1,233,920 ----a-w C:\Windows\System32\msxml4.dll
+ 2003-04-18 14:29:26 82,432 ----a-w C:\Windows\System32\msxml4r.dll
- 2008-09-19 16:25:59 101,250 ----a-w C:\Windows\System32\perfc009.dat
+ 2008-09-22 21:11:48 101,250 ----a-w C:\Windows\System32\perfc009.dat
- 2008-09-19 16:25:59 123,556 ----a-w C:\Windows\System32\perfc00C.dat
+ 2008-09-22 21:11:48 123,556 ----a-w C:\Windows\System32\perfc00C.dat
- 2008-09-19 16:25:59 587,178 ----a-w C:\Windows\System32\perfh009.dat
+ 2008-09-22 21:11:48 587,178 ----a-w C:\Windows\System32\perfh009.dat
- 2008-09-19 16:25:59 669,566 ----a-w C:\Windows\System32\perfh00C.dat
+ 2008-09-22 21:11:48 669,566 ----a-w C:\Windows\System32\perfh00C.dat
- 2008-09-11 19:20:22 6,553,600 ----a-w C:\Windows\System32\SMI\Store\Machine\SCHEMA.DAT
+ 2008-09-21 22:28:22 6,553,600 ----a-w C:\Windows\System32\SMI\Store\Machine\SCHEMA.DAT
- 2008-09-19 16:21:14 5,368 ----a-w C:\Windows\System32\WDI\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-3419298507-388732732-1184726327-1000_UserData.bin
+ 2008-09-23 20:21:35 5,814 ----a-w C:\Windows\System32\WDI\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-3419298507-388732732-1184726327-1000_UserData.bin
- 2008-09-19 16:21:14 77,432 ----a-w C:\Windows\System32\WDI\BootPerformanceDiagnostics_SystemData.bin
+ 2008-09-23 20:21:35 79,834 ----a-w C:\Windows\System32\WDI\BootPerformanceDiagnostics_SystemData.bin
- 2008-09-19 16:21:12 39,092 ----a-w C:\Windows\System32\WDI\ShutdownPerformanceDiagnostics_SystemData.bin
+ 2008-09-23 20:21:34 41,500 ----a-w C:\Windows\System32\WDI\ShutdownPerformanceDiagnostics_SystemData.bin
- 2008-09-18 20:03:01 242,122 ----a-w C:\Windows\System32\WDI\SuspendPerformanceDiagnostics_SystemData_S3.bin
+ 2008-09-23 20:09:35 253,682 ----a-w C:\Windows\System32\WDI\SuspendPerformanceDiagnostics_SystemData_S3.bin
- 2008-09-19 21:51:12 225,954 ----a-w C:\Windows\System32\WDI\SuspendPerformanceDiagnostics_SystemData_S4.bin
+ 2008-09-23 19:32:18 250,740 ----a-w C:\Windows\System32\WDI\SuspendPerformanceDiagnostics_SystemData_S4.bin
+ 2008-09-21 22:27:52 4,819 ----a-w C:\Windows\winsxs\ManifestCache\6.0.6001.18000_001c50b5_blobs.bin
+ 2008-09-21 22:27:51 1,233,920 ----a-w C:\Windows\winsxs\x86_microsoft.msxml2_6bd6b9abf345378f_4.20.9818.0_none_b7e811947b297f6d\msxml4.dll
+ 2008-09-21 22:27:52 82,432 ----a-w C:\Windows\winsxs\x86_microsoft.msxml2r_6bd6b9abf345378f_4.1.0.0_none_3658456fda6654f6\msxml4r.dll
.
-- Instantané actualisé --
.
((((((((((((((((((((((((((((((((( Point de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"LightScribe Control Panel"="C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe" [2008-03-18 2289664]
"MsnMsgr"="C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" [2007-10-18 5724184]
"Google Update"="C:\Users\Guiguy\AppData\Local\Google\Update\GoogleUpdate.exe" [2008-09-05 133104]
"WMPNSCFG"="C:\Program Files\Windows Media Player\WMPNSCFG.exe" [2008-01-21 202240]
"ShUtil"="C:\ProgramData\ShUtil\gnklijcp.exe" [2008-09-19 94208]
"SetSys"="C:\ProgramData\SetSys\psjefgdo.exe" [2008-09-20 90112]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"HControlUser"="C:\Program Files\ASUS\ATK Hotkey\HControlUser.exe" [2008-01-12 98304]
"ATKOSD2"="C:\Program Files\ATKOSD2\ATKOSD2.exe" [2008-01-24 7766016]
"StartCCC"="C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2008-01-21 61440]
"SynTPEnh"="C:\Program Files\Synaptics\SynTP\SynTPEnh.exe" [2007-12-06 1029416]
"CognizanceTS"="C:\PROGRA~1\ASUSSE~1\ASUSSE~1\Bin\ASTSVCC.dll" [2003-12-21 17920]
"ATKMEDIA"="C:\Program Files\ASUS\ATK Media\DMEDIA.EXE" [2008-02-01 61440]
"ASUS Screen Saver Protector"="C:\Windows\AsScrPro.exe" [2008-08-14 3054136]
"ASUS Camera ScreenSaver"="C:\Windows\AsScrProlog.exe" [2008-08-14 47672]
"BitDefender Security Center"="C:\Program Files\BitDefender\BitDefender 2009\seccenter.exe" [2008-09-18 409600]
"BDAgent"="C:\Program Files\BitDefender\BitDefender 2009\bdagent.exe" [2008-09-18 716800]
"BitDefender Antiphishing Helper"="C:\Program Files\BitDefender\BitDefender 2009\IEShow.exe" [2008-09-02 69632]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe" [2008-06-10 144784]
"AppleSyncNotifier"="C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe" [2008-09-03 111936]
"RtHDVCpl"="RtHDVCpl.exe" [2008-04-17 C:\Windows\RtHDVCpl.exe]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="C:\Program Files\Windows Sidebar\sidebar.exe" [2008-01-21 1233920]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\
Bluetooth.lnk - C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe [2008-04-10 752168]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=APSHook.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"msacm.l3codecp"= l3codecp.acm
"msacm.clmp3enc"= C:\PROGRA~1\CYBERL~1\Power2Go\CLMP3Enc.ACM

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Notification Packages REG_MULTI_SZ scecli ASWLNPkg

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
--a------ 2008-01-12 07:16 39792 C:\Program Files\Adobe\Reader 8.0\Reader\reader_sl.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
--a------ 2008-09-08 23:02 289576 C:\Program Files\iTunes\iTunesHelper.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
--a------ 2008-09-06 15:09 413696 C:\Program Files\QuickTime\QTTask.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SpybotSD TeaTimer]
-rahs---- 2008-07-07 09:42 2156368 C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\DomainProfile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\FirewallRules]
"{599A11CB-A5F0-4183-AAA8-53D2823C1DC4}"= TCP:6004|C:\Program Files\Microsoft Office\Office12\outlook.exe:Microsoft Office Outlook
"{0F079C18-04FC-46B7-9369-F093C25E926B}"= C:\Program Files\Windows Live\Messenger\livecall.exe:Windows Live Messenger (Phone)
"{04AD371E-074D-45A5-8B82-23FE6206343A}"= UDP:C:\Program Files\uTorrent\uTorrent.exe:µTorrent (TCP-In)
"{3B53BD7D-7EB8-414E-8780-0D61EDF7C1F8}"= TCP:C:\Program Files\uTorrent\uTorrent.exe:µTorrent (UDP-In)
"{6BAB53FE-194F-4749-8E83-0A5B41340895}"= UDP:C:\Program Files\Bonjour\mDNSResponder.exe:Bonjour
"{F7BF7990-F36F-4E25-8AC8-6D3779F9F02B}"= TCP:C:\Program Files\Bonjour\mDNSResponder.exe:Bonjour
"{E8381CE1-94BE-488E-9077-992334BC2218}"= UDP:C:\Program Files\iTunes\iTunes.exe:iTunes
"{520708A7-6839-430C-8815-FEF78B2D55EB}"= TCP:C:\Program Files\iTunes\iTunes.exe:iTunes

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\PublicProfile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\StandardProfile]
"EnableFirewall"= 0 (0x0)

R2 ASBroker;Logon Session Broker;C:\Windows\System32\svchost.exe [2008-01-21 21504]
R2 ASChannel;Local Communication Channel;C:\Windows\System32\svchost.exe [2008-01-21 21504]
R2 BDVEDISK;BDVEDISK;C:\Program Files\BitDefender\BitDefender 2009\BDVEDISK.sys [2008-07-02 82568]
R3 atikmdag;atikmdag;C:\Windows\system32\DRIVERS\atikmdag.sys [2008-03-09 3533824]
R3 bdfm;BDFM;C:\Windows\system32\drivers\bdfm.sys [2008-09-02 108864]
R3 Bdfndisf;BitDefender Firewall NDIS Filter Service;C:\Windows\system32\DRIVERS\bdfndisf.sys [2008-09-02 102208]
R3 NETw5v32;Intel(R) Wireless WiFi Link Adapter Driver for Windows Vista 32 Bit ;C:\Windows\system32\DRIVERS\NETw5v32.sys [2008-04-28 3658752]
S3 Arrakis3;BitDefender Arrakis Server;C:\Program Files\Common Files\BitDefender\BitDefender Arrakis Server\bin\Arrakis3.exe [2008-07-17 118784]
S3 btwaudio;Bluetooth Audio Device Service;C:\Windows\system32\drivers\btwaudio.sys [2008-03-17 81960]
S3 btwavdt;Bluetooth AVDT Service;C:\Windows\system32\drivers\btwavdt.sys [2008-03-17 100392]
S3 btwl2cap;Bluetooth L2CAP Service;C:\Windows\system32\DRIVERS\btwl2cap.sys [2008-01-29 29736]
S3 btwrchid;btwrchid;C:\Windows\system32\DRIVERS\btwrchid.sys [2008-03-17 17320]
S3 yukonwlh;NDIS6.0 Miniport Driver for Marvell Yukon Ethernet Controller;C:\Windows\system32\DRIVERS\yk60x86.sys [2006-11-02 194048]
S4 ErrDev;Microsoft Hardware Error Device Driver;C:\Windows\system32\drivers\errdev.sys [2008-01-21 6656]
S4 MegaSR;MegaSR;C:\Windows\system32\drivers\megasr.sys [2008-01-21 386616]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
bthsvcs REG_MULTI_SZ BthServ
Cognizance REG_MULTI_SZ ASBroker ASChannel
bdx REG_MULTI_SZ scan

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{c575452d-8879-11dd-9a46-0022158e6509}]
\shell\AutoRun\command - F:\EmDesk.exe
\shell\EmDesk\command - F:\EmDesk.exe

[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]
"C:\Program Files\Common Files\LightScribe\LSRunOnce.exe"
.
Contenu du dossier 'Tâches planifiées'
.
- - - - ORPHELINS SUPPRIMES - - - -

HKCU-Run-vedoixbJBW - C:\ProgramData\yxipyjkn\ofmlwxqt.exe
HKLM-Run-NBKeyScan - C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe
HKLM-Explorer_Run-vedoixbJBW - C:\ProgramData\yxipyjkn\ofmlwxqt.exe


.
------- Examen supplémentaire -------
.
R0 -: HKCU-Main,Start Page = hxxp://www.google.com/
R1 -: HKCU-Internet Settings,ProxyOverride = *.local
O8 -: E&xport to Microsoft Excel - C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 -: {1009C944-97D5-44A9-9E32-DFF54F498968} - {1009C944-97D5-44A9-9E32-DFF54F498968} - C:\Program Files\ASUS Security Center\ASUS Security Protect Manager\Bin\ASWallet.dll
.

**************************************************************************

catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-09-23 22:30:35
Windows 6.0.6001 Service Pack 1 NTFS

Recherche de processus cachés ...

Recherche d'éléments en démarrage automatique cachés ...

Recherche de fichiers cachés ...

Scan terminé avec succès
Fichiers cachés: 0

**************************************************************************
.
------------------------ Autres processus actifs ------------------------
.
C:\Program Files\Common Files\BitDefender\BitDefender Update Service\livesrv.exe
C:\Program Files\BitDefender\BitDefender 2009\vsserv.exe
C:\Windows\System32\Ati2evxx.exe
C:\Windows\System32\audiodg.exe
C:\Windows\System32\Ati2evxx.exe
C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
C:\Program Files\ASUS Security Center\ASUS Security Protect Manager\Bin\asghost.exe
C:\Program Files\ASUS\ATK Hotkey\AsLdrSrv.exe
C:\Program Files\ATKGFNEX\GFNEXSrv.exe
C:\Program Files\ASUS\ATK Hotkey\MsgTranAgt.exe
C:\Program Files\ASUS\ATK Hotkey\HControl.exe
C:\Program Files\ASUS\SmartLogon\sensorsrv.exe
C:\Program Files\P4G\BatteryLife.exe
C:\Program Files\ASUS\Splendid\ACMON.exe
C:\Windows\System32\ACEngSvr.exe
C:\Program Files\ASUS\ATK Hotkey\ATKOSD.exe
C:\Program Files\ASUS\ATK Hotkey\KBFiltr.exe
C:\Program Files\ASUS\ATK Hotkey\WDC.exe
C:\Windows\System32\conime.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\Program Files\ASUS\NB Probe\SPM\spmgr.exe
C:\Windows\servicing\TrustedInstaller.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Windows\System32\wbem\unsecapp.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Windows\System32\dllhost.exe
.
**************************************************************************
.
Heure de fin: 2008-09-23 22:33:35 - La machine a redémarré
ComboFix-quarantined-files.txt 2008-09-23 20:33:24
ComboFix2.txt 2008-09-19 22:16:09

Avant-CF: 109ÿ878ÿ124ÿ544 octets libres
Après-CF: 109,974,155,264 octets libres

397 --- E O F --- 2008-09-11 16:07:34
-1
Utilisateur anonyme
24 sept. 2008 à 19:36
refait 1 nouveau scan hijack stp...
a+
-1
Réponse 26 / 29
pissdrunk Messages postés 65 Date d'inscription mardi 8 janvier 2008 Statut Membre Dernière intervention 12 août 2009 22
25 sept. 2008 à 08:25
Le voici:

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 08:24:14, on 25/09/2008
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v7.00 (7.00.6001.18000)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\ASUS\ATK Hotkey\HControlUser.exe
C:\Program Files\ATKOSD2\ATKOSD2.exe
C:\Windows\RtHDVCpl.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\ASUS\ATK Media\DMedia.exe
C:\Windows\AsScrPro.exe
C:\Program Files\BitDefender\BitDefender 2009\seccenter.exe
C:\Program Files\BitDefender\BitDefender 2009\bdagent.exe
C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Users\Guiguy\AppData\Local\Google\Update\GoogleUpdate.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\ProgramData\ShUtil\gnklijcp.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\ASUS\SmartLogon\sensorsrv.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\ASUS\ASUS Live Update\ALU.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
C:\Windows\system32\SearchFilterHost.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: ASUS Security Protect Manager - {DF21F1DB-80C6-11D3-9483-B03D0EC10000} - C:\Program Files\ASUS Security Center\ASUS Security Protect Manager\Bin\ItIEAddIn.dll
O3 - Toolbar: BitDefender Toolbar - {381FFDE8-2394-4f90-B10D-FC6124A40F8C} - C:\Program Files\BitDefender\BitDefender 2009\IEToolbar.dll
O4 - HKLM\..\Run: [HControlUser] C:\Program Files\ASUS\ATK Hotkey\HControlUser.exe
O4 - HKLM\..\Run: [ATKOSD2] "C:\Program Files\ATKOSD2\ATKOSD2.exe"
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe"
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [CognizanceTS] rundll32.exe C:\PROGRA~1\ASUSSE~1\ASUSSE~1\Bin\ASTSVCC.dll,RegisterModule
O4 - HKLM\..\Run: [ATKMEDIA] C:\Program Files\ASUS\ATK Media\DMEDIA.EXE
O4 - HKLM\..\Run: [ASUS Screen Saver Protector] C:\Windows\AsScrPro.exe
O4 - HKLM\..\Run: [ASUS Camera ScreenSaver] C:\Windows\AsScrProlog.exe
O4 - HKLM\..\Run: [BitDefender Security Center] "C:\Program Files\BitDefender\BitDefender 2009\seccenter.exe" /init
O4 - HKLM\..\Run: [BDAgent] "C:\Program Files\BitDefender\BitDefender 2009\bdagent.exe"
O4 - HKLM\..\Run: [BitDefender Antiphishing Helper] "C:\Program Files\BitDefender\BitDefender 2009\IEShow.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe
O4 - HKCU\..\Run: [LightScribe Control Panel] C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe -hidden
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [Google Update] "C:\Users\Guiguy\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKCU\..\Run: [ShUtil] C:\ProgramData\ShUtil\gnklijcp.exe
O4 - HKCU\..\Run: [SetSys] C:\ProgramData\SetSys\psjefgdo.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun (User 'Default user')
O4 - Global Startup: Bluetooth.lnk = ?
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\PROGRA~1\Java\JRE16~1.0_0\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\PROGRA~1\Java\JRE16~1.0_0\bin\ssv.dll
O9 - Extra button: ASUS Security Protect Manager e-Wallet - {1009C944-97D5-44A9-9E32-DFF54F498968} - C:\Program Files\ASUS Security Center\ASUS Security Protect Manager\Bin\ASWallet.dll
O9 - Extra 'Tools' menuitem: ASUS Security Protect Manager e-&Wallet - {1009C944-97D5-44A9-9E32-DFF54F498968} - C:\Program Files\ASUS Security Center\ASUS Security Protect Manager\Bin\ASWallet.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O13 - Gopher Prefix:
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} (Java Runtime Environment 1.6.0) - http://dl8-cdn-01.sun.com/s/ESD44/JSCDL/jdk/6u7/jinstall-6u7-windows-i586-jc.cab?e=1220907584740&h=5f4721c152dfdcb4f458c50aaa180b1d/&filename=jinstall-6u7-windows-i586-jc.cab
O20 - AppInit_DLLs: APSHook.dll
O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: BitDefender Arrakis Server (Arrakis3) - BitDefender S.R.L. https://www.bitdefender.fr/ - C:\Program Files\Common Files\BitDefender\BitDefender Arrakis Server\bin\Arrakis3.exe
O23 - Service: ASLDR Service (ASLDRService) - Unknown owner - C:\Program Files\ASUS\ATK Hotkey\ASLDRSrv.exe
O23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:\Windows\system32\Ati2evxx.exe
O23 - Service: ATKGFNEX Service (ATKGFNEXSrv) - Unknown owner - C:\Program Files\ATKGFNEX\GFNEXSrv.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: BitDefender Desktop Update Service (LIVESRV) - BitDefender SRL - C:\Program Files\Common Files\BitDefender\BitDefender Update Service\livesrv.exe
O23 - Service: PLFlash DeviceIoControl Service - Unknown owner - C:\Windows\system32\IoctlSvc.exe (file missing)
O23 - Service: spmgr - Unknown owner - C:\Program Files\ASUS\NB Probe\SPM\spmgr.exe
O23 - Service: BitDefender Virus Shield (VSSERV) - BitDefender S. R. L. - C:\Program Files\BitDefender\BitDefender 2009\vsserv.exe
-1
Utilisateur anonyme
25 sept. 2008 à 19:44
bonsoir
as tu toujorurs des problemes?
A+
-1
Réponse 27 / 29
pissdrunk Messages postés 65 Date d'inscription mardi 8 janvier 2008 Statut Membre Dernière intervention 12 août 2009 22
26 sept. 2008 à 10:14
Salut archet9,

A priori ca à l'air d'aller...je dis bien a priori...en analysant les log ca a l'air d'être ok pour toi ?

Par contre avec IE les videos ne se lancent plus alors que ca devrait ouvrir WMP... alors que tout fonctionne sur google Chrome...tu sais d'ou ca peut provenir ?

Ca doit etre un truc tout con...enfin bon, je te fais un retour si les fenêtres de spam reviennent !

Merci
-1
Utilisateur anonyme
26 sept. 2008 à 20:12
je ne connais pas google chrome...
on attend 1 peu pour voir....
ensuite il y aura des lignes a supprimer avec hijack this...
re contacte moi demain
a+
-1
Réponse 28 / 29
pissdrunk Messages postés 65 Date d'inscription mardi 8 janvier 2008 Statut Membre Dernière intervention 12 août 2009 22
30 sept. 2008 à 13:15
Salut archet9 ! Ca a l'air de fonctionner au niveau des fenetres qui s'ouvraient auparavant....

Je refais un scan hijack ?
-1
Utilisateur anonyme
30 sept. 2008 à 19:42
oui vas y on verra....
a+
-1
Réponse 29 / 29
pissdrunk Messages postés 65 Date d'inscription mardi 8 janvier 2008 Statut Membre Dernière intervention 12 août 2009 22
3 oct. 2008 à 19:03
C'est bon archet tout roule nikel maintenant dans mon pc !

Un grand merci à toi !
-1
Utilisateur anonyme
3 oct. 2008 à 19:20
tant mieux
mets le topic en RESOLU
a+
-1

Discussions similaires

Prélèvement Google Ireland Limited
jaffa1961 -
gill34051 -

32 réponses
Google Chrome "  Échec de l'analyse antivirus "
jmpower -
Coco71 -

15 réponses
Boitier TV Superboost Avis
micre13600 -
Nono84 -

38 réponses
Facture de google 380€ !
Misternet -
okapi -

61 réponses
Numéro commençant par le 09 70 : qui est-ce?
NuagedOr -
Patou -

33 réponses