Se connecter / S'enregistrer
Votre question

Problèmes de fenetres CID rapport HijackThis

Tags :
  • Windows
  • Sécurité
Dernière réponse : dans Sécurité et virus
5 Avril 2007 11:44:09

Bonjour,
j'ai le problèmes des fenetres de publicité intempestives CID, apres avoir arpenté le web
apparement il faurt le rapport de Hijackthis alors je vous le joins à se poste.
J'espere que quelqu'un aura le temps et la gentillesse de l'interpreter.
Merci d'avance ;-)
vincent

Logfile of Trend Micro HijackThis v2.0.0 (BETA)
Scan saved at 10:59:00, on 05/04/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Java\jre1.5.0_11\bin\jusched.exe
C:\WINDOWS\AGRSMMSG.exe
C:\Program Files\SAMSUNG\SENS Keyboard V4 Launcher\SENSKBD.EXE
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
C:\WINDOWS\system32\LVCOMSX.EXE
C:\Program Files\Logitech\Video\LogiTray.exe
C:\WINDOWS\system32\dla\tfswctrl.exe
C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.0\Apps\apdproxy.exe
C:\Program Files\Apoint2K\Apoint.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\SuperCopier2\SuperCopier2.exe
C:\Program Files\Logitech\Video\FxSvr2.exe
C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Windows Media Player\WMPNSCFG.exe
c:\progra~1\intern~1\iexplore.exe
C:\Program Files\Apoint2K\Apntex.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\OpenOffice.org1.1.4\program\soffice.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Windows Media Player\WMPNetwk.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\System32\alg.exe
C:\PROGRA~1\MOZILL~1\THUNDE~1.EXE
C:\Program Files\Maxthon\Maxthon.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Adobe\Acrobat 7.0\Reader\AcroRd32.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Documents and Settings\Adonis Concept\Bureau\HiJackThis_v2.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://g.msn.fr/0SEFRFR/SAOS01?FORM=TOOLBR
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://g.msn.fr/0SEFRFR/SAOS01?FORM=TOOLBR
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://g.msn.fr/0SEFRFR/SAOS01?FORM=TOOLBR
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla\tfswshx.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_11\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar4.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (file missing)
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar4.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.5.0_11\bin\jusched.exe"
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [SENS Keyboard V4 Launcher] "C:\Program Files\SAMSUNG\SENS Keyboard V4 Launcher\SENSKBD.EXE"
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe
O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe
O4 - HKLM\..\Run: [Microsoft Works Update Detection] C:\Program Files\Fichiers communs\Microsoft Shared\Works Shared\WkUFind.exe
O4 - HKLM\..\Run: [dla] C:\WINDOWS\system32\dla\tfswctrl.exe
O4 - HKLM\..\Run: [StorageGuard] "C:\Program Files\Fichiers communs\Sonic\Update Manager\sgtray.exe" /r
O4 - HKLM\..\Run: [Apoint] C:\Program Files\Apoint2K\Apoint.exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [UploadBurnMeowUp] C:\Documents and Settings\All Users\Application Data\Info mix upload burn\Drv clock.exe
O4 - HKLM\..\Run: [MSConfig] C:\WINDOWS\PCHealth\HelpCtr\Binaries\MSConfig.exe /auto
O4 - HKCU\..\Run: [SuperCopier2.exe] C:\Program Files\SuperCopier2\SuperCopier2.exe
O4 - HKCU\..\Run: [LogitechSoftwareUpdate] "C:\Program Files\Logitech\Video\ManifestEngine.exe" boot
O4 - HKCU\..\Run: [download store] C:\DOCUME~1\ADONIS~1\APPLIC~1\SIXTHP~1\mixnew.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [updateMgr] C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe AcRdB7_0_9
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: OpenOffice.org 1.1.4.lnk = C:\Program Files\OpenOffice.org1.1.4\program\quickstart.exe
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_11\bin\npjpi150_11.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_11\bin\npjpi150_11.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://spaces.msn.com//PhotoUpload/MsnPUpld.cab
O22 - SharedTaskScheduler: Pré-chargeur Browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Démon de cache des catégories de composant - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Service d'administration du Gestionnaire de disque logique (dmadmin) - Unknown owner - C:\WINDOWS\System32\dmadmin.exe
O23 - Service: Journal des événements (Eventlog) - Unknown owner - C:\WINDOWS\system32\services.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Service COM de gravage de CD IMAPI (ImapiService) - Unknown owner - C:\WINDOWS\system32\imapi.exe
O23 - Service: Partage de Bureau à distance NetMeeting (mnmsrvc) - Unknown owner - C:\WINDOWS\system32\mnmsrvc.exe
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Plug-and-Play (PlugPlay) - Unknown owner - C:\WINDOWS\system32\services.exe
O23 - Service: Gestionnaire de session d'aide sur le Bureau à distance (RDSessMgr) - Unknown owner - C:\WINDOWS\system32\sessmgr.exe
O23 - Service: Samsung Update Plus - Unknown owner - C:\Program Files\Samsung\Samsung Update Plus\SLUBackgroundService.exe
O23 - Service: Carte à puce (SCardSvr) - Unknown owner - C:\WINDOWS\System32\SCardSvr.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: Journaux et alertes de performance (SysmonLog) - Unknown owner - C:\WINDOWS\system32\smlogsvc.exe
O23 - Service: Cliché instantané de volume (VSS) - Unknown owner - C:\WINDOWS\System32\vssvc.exe
O23 - Service: Carte de performance WMI (WmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\wmiapsrv.exe
O23 - Service: Service Partage réseau du Lecteur Windows Media (WMPNetworkSvc) - Unknown owner - C:\Program Files\Windows Media Player\WMPNetwk.exe

--
End of file - 11187 bytes

Autres pages sur : problemes fenetres cid rapport hijackthis

5 Avril 2007 13:10:06

commence par telecharger et installer spybot et adaware qui sont gratuit ...
désactive la restauration du systeme tout du long de la manip ...
lance des scan complet de l'ordi de spybot plusieurs fois jusqu'au moment qu'il ne trouve plus rien et lance adaware pour voir si il trouve autre chose ...

l'application peu te demander de redémarrer pour pouvoir enlever certain soft ...

bonne chance
:bounce:  :bounce: 
23 Avril 2007 13:06:37

Suppretion Cid Spam Pop-up Fenêtre intempestives

tu fais demarer>panneau de configuration>ajouter et supprimer des programmes>(attend 1minutes qu'il charge) tu clic sur "Cid" qui se trouve parmis tes programmes>clique sur l'onglet supprimer/modifier = plus de probleme Cid. Et si ça recommence, tu reffais la même mannoeuvre.

Si ça recommence trop souvent, alors scan ton pc avec un antivirus online, met a jour le tiens, et verifie que tu n'ai surtout pas norton :p 
Contenus similaires
16 Mai 2007 16:01:10

salu moi g fai vaut 2 manip et sa fai rien du tou vous avez d autre astuce merci
22 Mai 2007 14:28:07

t ptet tombé sur un faut cid, ...
quelque chose de différent se cache sous cette couverture... qui sait (perso j'ai pas encore eu ce cas)
ptet que tu devrais reesayer les manip...
29 Septembre 2007 09:37:09

salut tout le monde j'a aussi ce pb de fentere intempestive spyware secure etcccc ms je n ai pas de CID ds "ajout suppression de programmes" voici le rapport hijackthis merci de m'aider !!!

Logfile of Trend Micro HijackThis v2.0.0 (BETA)
Scan saved at 09:22:38, on 29/09/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Ahead\InCD\InCDsrv.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Belkin\Logiciel Bluetooth\bin\btwdins.exe
C:\WINDOWS\system32\drivers\CDAC11BA.EXE
C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
C:\Program Files\Spyware Doctor\svcntaux.exe
C:\Program Files\Spyware Doctor\swdsvc.exe
C:\Program Files\Spyware Doctor\SDTrayApp.exe
C:\Program Files\SRS Labs\WOWXT and TSXT Driver\SRS_PostInstaller.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\LG Software\Battery Miser 2005\batterymiser.exe
C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
C:\Program Files\Ahead\InCD\InCD.exe
C:\WINDOWS\RTHDCPL.EXE
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxpers.exe
C:\WINDOWS\AGRSMMSG.exe
C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe
C:\Program Files\Samsung\Samsung Media Studio 5\SMSTray.exe
C:\Program Files\MarkAny\ContentSafer\MAAgent.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\Program Files\LG Software\IP Operator 2005\IP Operator 2005.exe
C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\LG Software\On Screen Display\Hotkey.exe
C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\SRS Labs\WOWXT and TSXT Driver\SRSTrayApp.exe
C:\Program Files\MSN Messenger\MsnMsgr.Exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Program Files\Belkin\Logiciel Bluetooth\BTTray.exe
C:\Program Files\Google\Google Updater\GoogleUpdater.exe
C:\Program Files\WinZip\WZQKPICK.EXE
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\lg_swupdate\tmcheck.exe
C:\Program Files\Adobe\Reader 8.0\Reader\AcroRd32.exe
C:\Program Files\MSN Messenger\usnsvc.exe
C:\Documents and Settings\Sonigo Raphael\Bureau\Fichiers téléchargés\HiJackThis_v2.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: (no name) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file)
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Download Manager Browser Helper Object - {19C8E43B-07B3-49CB-BFFC-6777B593E6F8} - C:\PROGRA~1\FICHIE~1\fluxDVD\DOWNLO~1\XEBDLH~1.DLL
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - C:\Program Files\MSN Apps\ST\01.03.0000.1005\en-xu\stmain.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.1.615.5858\swg.dll
O2 - BHO: MSNToolBandBHO - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\01.02.5000.1021\fr\msntb.dll
O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\01.02.5000.1021\fr\msntb.dll
O4 - HKLM\..\Run: [Raccourci vers la page des propriétés de High Definition Audio] HDAShCut.exe
O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [batterymiser] "C:\Program Files\LG Software\Battery Miser 2005\batterymiser.exe"
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [LG Intelligent Update] "C:\Program Files\lg_swupdate\autoupdate.exe" Gilautouc
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [InCD] C:\Program Files\Ahead\InCD\InCD.exe
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\Run: [igfxtray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [igfxhkcmd] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [igfxpers] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe"
O4 - HKLM\..\Run: [CanalPlayerHelper] C:\Program Files\Lecteur CANALPLAY\CanalPlayerHelper.exe
O4 - HKLM\..\Run: [SMSTray] C:\Program Files\Samsung\Samsung Media Studio 5\SMSTray.exe
O4 - HKLM\..\Run: [MAAgent] C:\Program Files\MarkAny\ContentSafer\MAAgent.exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [IPO3] "C:\Program Files\LG Software\IP Operator 2005\IP Operator 2005.exe" -aUtOsTaRtFrOmReG
O4 - HKLM\..\Run: [PCSuiteTrayApplication] C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe -startup
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [KeybdUtility] "C:\Program Files\LG Software\On Screen Display\Hotkey.exe"
O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [SDTray] "C:\Program Files\Spyware Doctor\SDTrayApp.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [SRSTrayApp] C:\Program Files\SRS Labs\WOWXT and TSXT Driver\SRSTrayApp.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: BTTray.lnk = ?
O4 - Global Startup: Outil de mise à jour Google.lnk = C:\Program Files\Google\Google Updater\GoogleUpdater.exe
O4 - Global Startup: WinZip Quick Pick.lnk = C:\Program Files\WinZip\WZQKPICK.EXE
O8 - Extra context menu item: Download all links using BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddAllLink.htm
O8 - Extra context menu item: Download all videos using BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddVideo.htm
O8 - Extra context menu item: Download link using &BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddLink.htm
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\Belkin\Logiciel Bluetooth\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-4017 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\Belkin\Logiciel Bluetooth\btsendto_ie.htm
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O15 - Trusted Zone: *.canalplay.com
O15 - Trusted Zone: *.canalplay.com (HKLM)
O15 - Trusted Zone: *.canalplusactive.com (HKLM)
O16 - DPF: {001EE746-A1F9-460E-80AD-269E088D6A01} (Infotl Control) - http://site.ebrary.com/lib/cla7/support/plugins/ebraryR...
O16 - DPF: {0F7A9297-7268-11D1-B81A-00A076C01B0A} (CPC View ax Control) - http://www.cartesianinc.com/Products/CPCViewAX/Sdk/CpcV...
O16 - DPF: {11260943-421B-11D0-8EAC-0000C07D88CF} (iPIX ActiveX Control) - http://www.ipix.com/download/ipixx.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://raphjul.spaces.live.com//PhotoUpload/MsnPUpld.ca...
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Contro...
O16 - DPF: {7FC1B346-83E6-4774-8D20-1A6B09B0E737} (Windows Live Photo Upload Control) - http://raphjul.spaces.live.com/PhotoUpload/MsnPUpld.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClie...
O16 - DPF: {91D4B4D5-E368-40AB-8F53-A37FA634B471} (Installer9Ctrl Class) - http://www.tellmemorecorporate.com/bin/tol9inst.cab
O16 - DPF: {C45B1500-7B63-47C2-AB25-C28CB46AFDEE} (od2music mediabar) - http://sib1.od2.com/common/musicmanager/installation/Mu...
O16 - DPF: {CE3409C4-9E26-4F8E-83E4-778498F9E7B4} (PB_Uploader Class) - http://www.pixdiscount.fr/clients/uploader_uni_dd_final...
O16 - DPF: {F6BF0D00-0B2A-4A75-BF7B-F385591623AF} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown....
O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~4\GOEC62~1.DLL
O22 - SharedTaskScheduler: Pré-chargeur Browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Démon de cache des catégories de composant - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Bluetooth Service (btwdins) - WIDCOMM, Inc. - C:\Program Files\Belkin\Logiciel Bluetooth\bin\btwdins.exe
O23 - Service: C-DillaCdaC11BA - C-Dilla Ltd - C:\WINDOWS\system32\drivers\CDAC11BA.EXE
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Unknown owner - C:\Program Files\Fichiers communs\Symantec Shared\ccSvcHst.exe (file missing)
O23 - Service: Service d'administration du Gestionnaire de disque logique (dmadmin) - Unknown owner - C:\WINDOWS\System32\dmadmin.exe
O23 - Service: Journal des événements (Eventlog) - Unknown owner - C:\WINDOWS\system32\services.exe
O23 - Service: GoogleDesktopManager - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Service COM de gravage de CD IMAPI (ImapiService) - Unknown owner - C:\WINDOWS\system32\imapi.exe
O23 - Service: InCD Helper (InCDsrv) - Nero AG - C:\Program Files\Ahead\InCD\InCDsrv.exe
O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Partage de Bureau à distance NetMeeting (mnmsrvc) - Unknown owner - C:\WINDOWS\system32\mnmsrvc.exe
O23 - Service: Plug-and-Play (PlugPlay) - Unknown owner - C:\WINDOWS\system32\services.exe
O23 - Service: Gestionnaire de session d'aide sur le Bureau à distance (RDSessMgr) - Unknown owner - C:\WINDOWS\system32\sessmgr.exe
O23 - Service: Prise en charge des cartes à puces (SCardDrv) - Unknown owner - C:\WINDOWS\system32\SCardSvr.exe
O23 - Service: Carte à puce (SCardSvr) - Unknown owner - C:\WINDOWS\system32\SCardSvr.exe
O23 - Service: PC Tools Auxiliary Service (sdAuxService) - Unknown owner - C:\Program Files\Spyware Doctor\svcntaux.exe
O23 - Service: PC Tools Security Service (sdCoreService) - PC Tools - C:\Program Files\Spyware Doctor\swdsvc.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: SRS PostInstaller Service (SRS_PostInstaller) - SRS Labs, Inc. - C:\Program Files\SRS Labs\WOWXT and TSXT Driver\SRS_PostInstaller.exe
O23 - Service: Journaux et alertes de performance (SysmonLog) - Unknown owner - C:\WINDOWS\system32\smlogsvc.exe
O23 - Service: Cliché instantané de volume (VSS) - Unknown owner - C:\WINDOWS\System32\vssvc.exe
O23 - Service: Carte de performance WMI (WmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\wmiapsrv.exe
O23 - Service: Service Partage réseau du Lecteur Windows Media (WMPNetworkSvc) - Unknown owner - C:\Program Files\Windows Media Player\WMPNetwk.exe

--
End of file - 15596 bytes
6 Octobre 2007 20:47:01

Bonsoir,

J'ai besoin d'aide. Je suis sous windows vista et j'ai des fenêtres intempestives ainsi qu'une pub pour un logiciel spyware-secure. J'ai essayé pas mal de logiciels pour y mettre fin mais rien n'y a fait.
Quelqu'un peut-il me filer un coup de main svp?
6 Octobre 2007 22:09:37

voici le rapport hijackthis :

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 22:01:39, on 06/10/2007
Platform: Windows Vista (WinNT 6.00.1904)
MSIE: Internet Explorer v7.00 (7.00.6000.16512)
Boot mode: Normal

Running processes:
C:\Windows\System32\smss.exe
C:\Windows\system32\csrss.exe
C:\Windows\system32\wininit.exe
C:\Windows\system32\csrss.exe
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\winlogon.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe
C:\Windows\System32\svchost.exe
C:\Windows\System32\svchost.exe
C:\Windows\System32\svchost.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\SLsvc.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\Acer\Empowering Technology\eDataSecurity\eDSService.exe
C:\Acer\Empowering Technology\eLock\Service\eLockServ.exe
C:\Acer\Empowering Technology\eNet\eNet Service.exe
C:\Program Files\Securitoo\Anti-Virus\fsgk32st.exe
C:\Program Files\Securitoo\Anti-Virus\FSGK32.EXE
C:\Program Files\Securitoo\Common\FSMA32.EXE
c:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
C:\Acer\Mobility Center\MobilityService.exe
C:\Program Files\Securitoo\Common\FSMB32.EXE
C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
C:\Windows\system32\svchost.exe
C:\Program Files\CyberLink\Shared Files\RichVideo.exe
C:\Windows\system32\svchost.exe
C:\Windows\System32\svchost.exe
C:\Windows\system32\SearchIndexer.exe
C:\Windows\system32\DRIVERS\xaudio.exe
C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe
C:\Acer\Empowering Technology\eSettings\Service\capuserv.exe
C:\Acer\Empowering Technology\ePower\ePowerSvc.exe
C:\Program Files\Securitoo\Common\FCH32.EXE
C:\Program Files\Securitoo\Common\FAMEH32.EXE
C:\Program Files\Securitoo\Anti-Virus\fsqh.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files\Securitoo\Anti-Virus\fssm32.exe
C:\Program Files\Securitoo\FSAUA\program\fsaua.exe
C:\Program Files\Securitoo\FWES\Program\fsdfwd.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Securitoo\Anti-Virus\fsav32.exe
C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe
C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
C:\Program Files\Securitoo\Common\FSM32.EXE
C:\Windows\ehome\ehtray.exe
C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Users\Gilbert\AppData\Local\Microsoft\kdzjvczm.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\ehome\ehmsas.exe
C:\Windows\system32\conime.exe
C:\Program Files\OpenOffice.org 2.2\program\soffice.exe
C:\Program Files\OpenOffice.org 2.2\program\soffice.BIN
C:\Program Files\Securitoo\FSGUI\fsguidll.exe
C:\Windows\system32\UI0Detect.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Users\Gilbert\AppData\Local\Temp\Temp1_HiJackThis.zip\HijackThis.exe
C:\Windows\system32\wbem\wmiprvse.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.orange.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://fr.fr.acer.yahoo.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.fr.acer.yahoo.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://fr.rd.yahoo.com/customize/ycomp/defaults/su/*http://fr.yahoo.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O1 - Hosts: ::1 localhost
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O2 - BHO: ShowBarObj Class - {83A2F9B1-01A2-4AA5-87D1-45B6B8505E96} - C:\Windows\system32\ActiveToolBand.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O3 - Toolbar: Acer eDataSecurity Management - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\Windows\system32\eDStoolbar.dll
O3 - Toolbar: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe"
O4 - HKLM\..\Run: [gayrcyirnb] c:\users\gilbert\appdata\local\microsoft\gayrcyirnb.exe gayrcyirnb
O4 - HKLM\..\Run: [Symantec PIF AlertEng] "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" /a /m "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\AlertEng.dll"
O4 - HKLM\..\Run: [F-Secure Manager] "C:\Program Files\Securitoo\Common\FSM32.EXE" /splash
O4 - HKLM\..\Run: [F-Secure TNB] "C:\Program Files\Securitoo\FSGUI\TNBUtil.exe" /CHECKALL /WAITFORSW
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\windows sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [kdzjvczm] c:\users\gilbert\appdata\local\microsoft\kdzjvczm.exe kdzjvczm
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU')
O4 - Startup: OpenOffice.org 2.2.lnk = C:\Program Files\OpenOffice.org 2.2\program\quickstart.exe
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O13 - Gopher Prefix:
O16 - DPF: {AB86CE53-AC9F-449F-9399-D8ABCA09EC09} (Get_ActiveX Control) - https://h17000.www1.hp.com/ewfrf-JAVA/Secure/HPGetDownl...
O16 - DPF: {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} (Zylom Games Player) - http://game04.zylom.com/activex/zylomgamesplayer.cab
O20 - AppInit_DLLs: eNetHook.dll
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft AB - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Unknown owner - c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (file missing)
O23 - Service: eDSService.exe (eDataSecurity Service) - HiTRSUT - C:\Acer\Empowering Technology\eDataSecurity\eDSService.exe
O23 - Service: eLock Service (eLockService) - Acer Inc. - C:\Acer\Empowering Technology\eLock\Service\eLockServ.exe
O23 - Service: eNet Service - Acer Inc. - C:\Acer\Empowering Technology\eNet\eNet Service.exe
O23 - Service: eRecovery Service (eRecoveryService) - Acer Inc. - C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe
O23 - Service: eSettings Service (eSettingsService) - Unknown owner - C:\Acer\Empowering Technology\eSettings\Service\capuserv.exe
O23 - Service: FSGKHS (F-Secure Gatekeeper Handler Starter) - F-Secure Corporation - C:\Program Files\Securitoo\Anti-Virus\fsgk32st.exe
O23 - Service: F-Secure Automatic Update Agent (FSAUA) - F-Secure Corporation - C:\Program Files\Securitoo\FSAUA\program\fsaua.exe
O23 - Service: F-Secure Anti-Virus Firewall Daemon (FSDFWD) - F-Secure Corporation - C:\Program Files\Securitoo\FWES\Program\fsdfwd.exe
O23 - Service: F-Secure Management Agent (FSMA) - F-Secure Corporation - C:\Program Files\Securitoo\Common\FSMA32.EXE
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - c:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: LiveUpdate Notice Service Ex (LiveUpdate Notice Ex) - Unknown owner - c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (file missing)
O23 - Service: LiveUpdate Notice Service - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
O23 - Service: MobilityService - Unknown owner - C:\Acer\Mobility Center\MobilityService.exe
O23 - Service: MOUQFJHDQSRNH - Sysinternals - www.sysinternals.com - C:\Users\Gilbert\AppData\Local\Temp\MOUQFJHDQSRNH.exe
O23 - Service: MPQSTAX - Sysinternals - www.sysinternals.com - C:\Users\Gilbert\AppData\Local\Temp\MPQSTAX.exe
O23 - Service: Planificateur LiveUpdate automatique - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
O23 - Service: Q - Sysinternals - www.sysinternals.com - C:\Users\Gilbert\AppData\Local\Temp\Q.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe
O23 - Service: ePower Service (WMIService) - acer - C:\Acer\Empowering Technology\ePower\ePowerSvc.exe
O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe

--
End of file - 10924 bytes

Ca va peut être un peu plus aider... du moins je l'espère car là j'suis un peu dans un grand moment de solitude :s
18 Novembre 2007 13:42:30

Bonjour ,

Voila moi aussi j'ai le meme probleme de page CiD qui n'arrettent pas d'apparaître, voiila le rapport de lopxpMH2

Rapport lopxpMH2 version 2.0 fait à 13:41:02,98 le 18/11/2007
C:\Documents and Settings\Kévin\Bureau\lopxpMH2

******************************************
## Répertoires Application Data

Le volume dans le lecteur C n'a pas de nom.
Le numéro de série du volume est 2B1B-1302

Répertoire de C:\Documents and Settings\Default User\Application Data

27/06/2004 00:15 <REP> .
27/06/2004 00:15 <REP> ..
16/07/2004 15:58 <REP> Adobe
16/07/2004 15:58 <REP> Identities
16/07/2004 15:58 <REP> InterTrust
27/06/2004 00:15 <REP> Microsoft
16/07/2004 15:58 <REP> Sun
27/06/2004 00:16 62 desktop.ini
1 fichier(s) 62 octets
7 Rép(s) 57 781 288 960 octets libres
Le volume dans le lecteur C n'a pas de nom.
Le numéro de série du volume est 2B1B-1302

Répertoire de C:\Documents and Settings\Default User\Local Settings\Application Data

27/06/2004 00:16 <REP> .
27/06/2004 00:16 <REP> ..
16/07/2004 15:58 <REP> {7148F0A6-6813-11D6-A77B-00B0D0142010}
16/07/2004 15:58 <REP> Microsoft
16/07/2004 15:58 1 710 060 IconCache.db
1 fichier(s) 1 710 060 octets
4 Rép(s) 57 781 288 960 octets libres
Le volume dans le lecteur C n'a pas de nom.
Le numéro de série du volume est 2B1B-1302

Répertoire de C:\Documents and Settings\All Users\Application Data

27/06/2004 00:15 <REP> .
27/06/2004 00:15 <REP> ..
11/11/2007 18:16 <REP> Adobe
19/12/2006 12:03 <REP> Ahead
21/09/2005 17:11 <REP> BOONTY
27/06/2004 00:30 <REP> CyberLink
27/09/2005 22:28 <REP> ESTsoft
03/10/2007 17:48 <REP> fssg
30/11/2006 16:41 <REP> Google
11/11/2007 18:09 <REP> Google Updater
03/03/2005 20:47 <REP> Hewlett-Packard
31/12/2005 20:16 <REP> InstallShield
01/04/2005 20:50 <REP> Macrovision
12/09/2007 19:35 <REP> Messenger Plus!
27/06/2004 00:15 <REP> Microsoft
17/10/2007 20:48 <REP> Mozilla
14/01/2005 20:52 <REP> MSN6
11/03/2007 12:57 <REP> Nero
13/09/2007 18:05 <REP> soft chic meet great
25/02/2005 18:05 <REP> Symantec
13/11/2005 12:35 <REP> Windows Genuine Advantage
11/11/2007 19:21 <REP> Yahoo! Companion
27/06/2004 00:16 62 desktop.ini
03/03/2005 20:36 1 202 hpzinstall.log
02/07/2007 21:34 0 LauncherAccess.dt
11/11/2007 19:54 4 244 xmlEE.tmp
11/11/2007 19:54 13 336 xmlEF.tmp
11/11/2007 19:54 0 xmlF0.tmp
11/11/2007 19:54 1 801 xmlF1.tmp
7 fichier(s) 20 645 octets
22 Rép(s) 57 781 288 960 octets libres
Le volume dans le lecteur C n'a pas de nom.
Le numéro de série du volume est 2B1B-1302

Répertoire de C:\Documents and Settings\NetworkService\Application Data

27/06/2004 00:24 <REP> .
27/06/2004 00:24 <REP> ..
27/06/2004 00:24 <REP> Microsoft
0 fichier(s) 0 octets
3 Rép(s) 57 781 288 960 octets libres
Le volume dans le lecteur C n'a pas de nom.
Le numéro de série du volume est 2B1B-1302

Répertoire de C:\Documents and Settings\NetworkService\Local Settings\Application Data

27/06/2004 00:24 <REP> .
27/06/2004 00:24 <REP> ..
27/06/2004 00:24 <REP> Microsoft
0 fichier(s) 0 octets
3 Rép(s) 57 781 288 960 octets libres
Le volume dans le lecteur C n'a pas de nom.
Le numéro de série du volume est 2B1B-1302

Répertoire de C:\Documents and Settings\LocalService\Application Data

27/06/2004 00:24 <REP> .
27/06/2004 00:24 <REP> ..
27/06/2004 00:24 <REP> Microsoft
0 fichier(s) 0 octets
3 Rép(s) 57 781 288 960 octets libres
Le volume dans le lecteur C n'a pas de nom.
Le numéro de série du volume est 2B1B-1302

Répertoire de C:\Documents and Settings\LocalService\Local Settings\Application Data

27/06/2004 00:24 <REP> .
27/06/2004 00:24 <REP> ..
27/06/2004 00:24 <REP> Microsoft
0 fichier(s) 0 octets
3 Rép(s) 57 781 288 960 octets libres
Le volume dans le lecteur C n'a pas de nom.
Le numéro de série du volume est 2B1B-1302

Répertoire de C:\Documents and Settings\Patrick\Application Data

16/07/2004 15:59 <REP> .
16/07/2004 15:59 <REP> ..
16/07/2004 15:59 <REP> Adobe
10/10/2005 20:32 <REP> ArcSoft
02/10/2005 20:17 <REP> ESTsoft
25/02/2005 21:26 <REP> Help
16/07/2004 15:59 <REP> Identities
16/07/2004 15:59 <REP> InterTrust
26/02/2005 18:21 <REP> Macromedia
16/07/2004 15:59 <REP> Microsoft
14/01/2005 20:52 <REP> MSN6
05/02/2006 18:53 <REP> Real
16/07/2004 15:59 <REP> Sun
25/02/2005 18:05 <REP> Symantec
30/01/2005 18:54 <REP> Template
16/07/2004 15:59 62 desktop.ini
1 fichier(s) 62 octets
15 Rép(s) 57 781 288 960 octets libres
Le volume dans le lecteur C n'a pas de nom.
Le numéro de série du volume est 2B1B-1302

Répertoire de C:\Documents and Settings\Patrick\Local Settings\Application Data

16/07/2004 15:59 <REP> .
16/07/2004 15:59 <REP> ..
16/07/2004 15:59 <REP> {7148F0A6-6813-11D6-A77B-00B0D0142010}
28/04/2005 12:21 <REP> Ahead
03/03/2005 20:55 <REP> ApplicationHistory
25/02/2005 21:26 <REP> Help
03/03/2005 20:56 <REP> HP
26/02/2005 09:41 <REP> Identities
03/03/2005 20:56 <REP> IsolatedStorage
16/07/2004 15:59 <REP> Microsoft
07/02/2005 16:02 <REP> WMTools Downloaded Files
24/04/2005 21:40 3 584 DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
03/03/2005 20:55 130 fusioncache.dat
30/01/2005 18:53 43 224 GDIPFONTCACHEV1.DAT
16/07/2004 15:59 4 323 708 IconCache.db
4 fichier(s) 4 370 646 octets
11 Rép(s) 57 781 288 960 octets libres
Le volume dans le lecteur C n'a pas de nom.
Le numéro de série du volume est 2B1B-1302

Répertoire de C:\Documents and Settings\Kévin\Application Data

14/01/2005 19:11 <REP> .
14/01/2005 19:11 <REP> ..
14/01/2005 19:11 <REP> Adobe
26/03/2006 03:33 <REP> Ahead
08/10/2005 13:01 <REP> ArcSoft
09/07/2007 14:30 <REP> ConvertTemp
28/02/2007 21:02 <REP> DeepBurner
13/12/2006 16:57 <REP> DriveCleaner 2006 Free
09/04/2006 19:17 <REP> dvdcss
27/09/2005 22:28 <REP> ESTsoft
10/02/2007 09:16 <REP> F-Secure
22/01/2006 21:26 <REP> Google
26/09/2005 12:58 <REP> Help
13/09/2007 18:04 <REP> hopemessbook
14/01/2005 19:11 <REP> Identities
14/01/2005 19:11 <REP> InterTrust
18/08/2007 19:50 <REP> ispnews
26/02/2005 12:45 <REP> Macromedia
14/01/2005 19:11 <REP> Microsoft
17/10/2007 20:49 <REP> Mozilla
28/01/2005 18:40 <REP> MSN6
04/04/2006 13:11 <REP> Nero
08/07/2007 19:12 <REP> Pegasys Inc
05/10/2007 17:39 <REP> PEX
22/01/2006 21:23 <REP> Real
02/07/2007 21:46 <REP> Samsung
14/01/2005 19:11 <REP> Sun
28/01/2006 10:24 <REP> Symantec
17/10/2007 20:49 <REP> Talkback
15/04/2006 19:09 <REP> teamspeak2
09/07/2007 14:30 <REP> Temporary
09/07/2007 14:30 <REP> TransRender
19/03/2006 19:11 <REP> vlc
25/02/2007 20:52 <REP> Vso
12/09/2007 20:46 <REP> WinRAR
14/01/2005 19:11 62 desktop.ini
25/02/2007 20:52 87 608 ezpinst.exe
28/03/2005 20:33 43 224 GDIPFONTCACHEV1.DAT
25/02/2007 20:52 1 074 pcouffin.cat
25/02/2007 20:52 1 144 pcouffin.inf
25/02/2007 20:53 33 pcouffin.log
25/02/2007 20:52 47 360 pcouffin.sys
7 fichier(s) 180 505 octets
35 Rép(s) 57 781 288 960 octets libres
Le volume dans le lecteur C n'a pas de nom.
Le numéro de série du volume est 2B1B-1302

Répertoire de C:\Documents and Settings\Kévin\Local Settings\Application Data

14/01/2005 19:11 <REP> .
14/01/2005 19:11 <REP> ..
14/01/2005 19:11 <REP> {7148F0A6-6813-11D6-A77B-00B0D0142010}
11/11/2007 18:19 <REP> Adobe
27/04/2005 22:13 <REP> Ahead
04/03/2005 18:47 <REP> ApplicationHistory
22/01/2006 21:26 <REP> Google
26/09/2005 12:58 <REP> Help
04/03/2005 18:47 <REP> HP
26/02/2005 10:11 <REP> Identities
04/03/2005 18:47 <REP> IsolatedStorage
14/01/2005 19:11 <REP> Microsoft
17/10/2007 20:49 <REP> Mozilla
13/09/2007 18:45 <REP> Steam
28/01/2005 18:44 <REP> WMTools Downloaded Files
02/02/2005 12:40 50 688 DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
04/03/2005 18:47 128 fusioncache.dat
04/03/2005 18:47 43 224 GDIPFONTCACHEV1.DAT
16/03/2006 18:02 3 964 218 IconCache.db
4 fichier(s) 4 058 258 octets
15 Rép(s) 57 781 288 960 octets libres
Le volume dans le lecteur C n'a pas de nom.
Le numéro de série du volume est 2B1B-1302

Répertoire de C:\Documents and Settings\Marie France\Application Data

14/01/2005 19:16 <REP> .
14/01/2005 19:16 <REP> ..
14/01/2005 19:16 <REP> Adobe
15/10/2005 16:48 <REP> ArcSoft
14/01/2005 19:16 <REP> Identities
14/01/2005 19:16 <REP> InterTrust
26/02/2005 18:19 <REP> Macromedia
14/01/2005 19:16 <REP> Microsoft
14/02/2006 06:51 <REP> Real
14/01/2005 19:16 <REP> Sun
14/01/2005 19:16 62 desktop.ini
1 fichier(s) 62 octets
10 Rép(s) 57 781 288 960 octets libres
Le volume dans le lecteur C n'a pas de nom.
Le numéro de série du volume est 2B1B-1302

Répertoire de C:\Documents and Settings\Marie France\Local Settings\Application Data

14/01/2005 19:16 <REP> .
14/01/2005 19:16 <REP> ..
14/01/2005 19:16 <REP> {7148F0A6-6813-11D6-A77B-00B0D0142010}
04/03/2005 18:25 <REP> ApplicationHistory
04/03/2005 18:25 <REP> HP
26/02/2005 09:45 <REP> Identities
04/03/2005 18:25 <REP> IsolatedStorage
14/01/2005 19:16 <REP> Microsoft
14/01/2005 19:22 3 584 DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
04/03/2005 18:25 135 fusioncache.dat
04/03/2005 18:25 43 224 GDIPFONTCACHEV1.DAT
14/01/2005 19:16 3 788 032 IconCache.db
4 fichier(s) 3 834 975 octets
8 Rép(s) 57 781 288 960 octets libres
Le volume dans le lecteur C n'a pas de nom.
Le numéro de série du volume est 2B1B-1302

Répertoire de C:\Documents and Settings\Propriétaire

Le volume dans le lecteur C n'a pas de nom.
Le numéro de série du volume est 2B1B-1302

Répertoire de C:\WINDOWS\system32\config\systemprofile\Application Data

27/06/2004 00:24 <REP> .
27/06/2004 00:24 <REP> ..
16/07/2004 15:58 <REP> Adobe
16/07/2004 15:58 <REP> Identities
16/07/2004 15:58 <REP> InterTrust
27/06/2004 00:24 <REP> Microsoft
16/07/2004 15:58 <REP> Sun
27/06/2004 00:24 62 desktop.ini
1 fichier(s) 62 octets
7 Rép(s) 57 781 288 960 octets libres
Le volume dans le lecteur C n'a pas de nom.
Le numéro de série du volume est 2B1B-1302

Répertoire de C:\WINDOWS\system32\config\systemprofile\Local Settings\Application Data

27/06/2004 00:24 <REP> .
27/06/2004 00:24 <REP> ..
16/07/2004 15:58 <REP> {7148F0A6-6813-11D6-A77B-00B0D0142010}
27/06/2004 00:34 <REP> Microsoft
16/07/2004 15:58 1 710 060 IconCache.db
1 fichier(s) 1 710 060 octets
4 Rép(s) 57 781 288 960 octets libres

******************************************
Recherche des taches planifiées dans C:\WINDOWS\tasks


C:\WINDOWS\Tasks\Symantec
Symantec inexploitable


C:\WINDOWS\Tasks\Norton
Norton inexploitable


C:\WINDOWS\Tasks\ACA00A8E911780E6.job
<o¸v¢Aš‹G¤Ô×ƝF Ø <
s "€!×
. 8 c : \ d o c u m e ~ 1 \ k é v i n \ a p p l i c ~ 1 \ h o p e m e ~ 1 \ O w n s F o u r L i c e n s e . e x e K é v i n 0 Ì

******************************************
## Répertoires de C:\Program Files

Le volume dans le lecteur C n'a pas de nom.
Le numéro de série du volume est 2B1B-1302

Répertoire de C:\Program Files

27/06/2004 00:16 <REP> .
27/06/2004 00:16 <REP> ..
27/06/2004 00:28 <REP> Adobe
03/02/2007 19:57 <REP> ADSL Drivers
27/04/2005 22:04 <REP> Ahead
15/03/2006 13:51 <REP> Alwil Software
08/10/2005 12:57 <REP> ArcSoft
10/03/2007 22:38 <REP> AskTBar
28/02/2007 21:02 <REP> Astonsoft
27/06/2004 00:27 <REP> AvRack
11/11/2007 19:34 <REP> AxBx
01/04/2005 20:49 <REP> BoontyGames
11/11/2007 19:12 <REP> CCleaner
27/06/2004 00:20 <REP> ComPlus Applications
26/09/2005 19:27 <REP> Control Kids
02/10/2005 20:19 <REP> Controleparental
21/09/2005 20:25 <REP> Cyanide
27/06/2004 00:30 <REP> CyberLink
20/02/2006 16:22 <REP> DesignPro
11/11/2005 12:01 <REP> directx
19/02/2006 22:53 <REP> DivX
23/01/2005 12:42 <REP> EA Games
23/01/2005 14:25 <REP> Eidos Interactive
28/03/2005 12:49 <REP> eMule
27/06/2004 00:16 <REP> Fichiers communs
08/03/2005 17:17 <REP> fnbh
11/11/2005 11:55 <REP> Fox
27/06/2004 00:27 <REP> Generic
22/01/2006 21:26 <REP> Google
03/03/2005 20:47 <REP> Hewlett-Packard
14/11/2007 15:21 <REP> hopemessbook
03/03/2005 20:37 <REP> HP
07/05/2005 16:01 <REP> Instant Access
27/06/2004 00:20 <REP> Internet Explorer
27/06/2004 00:30 <REP> Java
04/11/2006 19:24 <REP> Lavalys
16/09/2005 13:20 <REP> MailSkinner
21/09/2005 17:10 <REP> Mes Jeux Installés
27/06/2004 00:20 <REP> Messenger
17/11/2007 14:47 <REP> Messenger Plus! Live
23/01/2005 13:43 <REP> Microids
09/05/2007 21:44 <REP> Microsoft CAPICOM 2.1.0.2
27/06/2004 00:22 <REP> microsoft frontpage
05/03/2005 19:41 <REP> Microsoft Office
27/06/2004 00:56 <REP> Microsoft Works
27/06/2004 00:21 <REP> Movie Maker
17/10/2007 20:48 <REP> Mozilla Firefox
27/06/2004 00:19 <REP> MSN
06/09/2006 16:42 <REP> MSN Apps
07/10/2006 19:18 <REP> MSN Buster
27/06/2004 00:19 <REP> MSN Gaming Zone
06/09/2006 16:40 <REP> MSN Messenger
08/12/2006 20:15 <REP> MSXML 4.0
26/03/2006 03:31 <REP> Nero
27/06/2004 00:21 <REP> NetMeeting
12/02/2005 11:17 <REP> Netscape
27/06/2004 00:29 <REP> NewTech Infosystems
02/11/2007 13:11 <REP> Norton Security Scan
26/09/2006 17:21 <REP> Numericable Controle Parental
27/06/2004 00:20 <REP> Outlook Express
14/04/2005 19:17 <REP> PageCharmer Trial
31/10/2007 12:09 <REP> Panda Security
08/12/2006 20:14 <REP> Parental Filter
08/07/2007 19:04 <REP> Pegasys Inc
12/02/2005 12:58 <REP> QuickTime
22/01/2006 21:23 <REP> Real
27/06/2004 00:27 <REP> Realtek Sound Manager
19/02/2006 22:49 <REP> RM-X Player V4
19/02/2006 22:50 <REP> RM-X® Search
08/12/2006 20:14 <REP> RTE
08/10/2005 12:56 <REP> Samsung
27/06/2004 00:20 <REP> Services en ligne
11/11/2007 19:53 <REP> SiSoftware
11/10/2006 16:06 <REP> SpamBlockerUtility
30/11/2006 17:09 <REP> Steam
30/09/2006 21:01 <REP> Steam(2)
25/02/2005 20:00 <REP> Symantec
10/02/2007 09:01 <REP> Tele2
03/04/2007 20:23 <REP> Valve
19/03/2006 19:10 <REP> VideoLAN
26/09/2005 13:07 <REP> Wanadoo Jeux
08/12/2006 20:14 <REP> Warcraft III Demo
17/11/2007 14:47 <REP> Windows Live
29/01/2007 19:27 <REP> Windows Live Safety Center
17/01/2007 10:27 <REP> Windows Media Connect 2
27/06/2004 00:20 <REP> Windows Media Player
27/06/2004 00:19 <REP> Windows NT
12/09/2007 20:46 <REP> WinRAR
27/06/2004 00:22 <REP> xerox
26/03/2006 03:28 <REP> Yahoo!
10/09/2007 19:13 <REP> Zone Labs
0 fichier(s) 0 octets
91 Rép(s) 57 781 288 960 octets libres

******************************************
## Popups autorisées

* Internet Explorer

! REG.EXE VERSION 3.0

HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\New Windows\Allow
netbios-wait.com REG_SZ
www.netbios-wait.com REG_SZ
mysearchnow.com REG_SZ
www.mysearchnow.com REG_SZ
searchweb2.com REG_SZ
www.searchweb2.com REG_SZ
<SANS NOM> REG_BINARY
www.voyagermoinscher.com REG_BINARY
www.suddefrancetravel.com REG_BINARY
webmail.tele2.fr REG_BINARY
www.distrigame.com REG_BINARY
www.pierrerouge.com REG_BINARY
www.scolinfo.net REG_BINARY
tracker.affistats.com REG_BINARY
www.efashionsport.com REG_BINARY
195.149.66.108 REG_BINARY
voyage-self.partirpascher.fr REG_BINARY
*.promotionsport.com REG_BINARY
www.djib1101.com REG_BINARY
201pr.skyrock.com REG_BINARY
*.mail.live.com REG_BINARY
*.bonbizz.com REG_BINARY
www.montpellier-plus.com REG_BINARY
www.vistaprint.fr REG_BINARY
www.tele2.fr REG_BINARY
www.89.com REG_BINARY
www.eurosport.fr REG_BINARY
www.lexilogos.com REG_BINARY
ww2.affilcenter.com REG_BINARY
www.choc.fr REG_BINARY
blog.choc.fr REG_BINARY
www.entrevue-web.fr REG_BINARY
*.le-bouzin.com REG_BINARY
www.ca-languedoc.com REG_BINARY
www.soccers.fr REG_BINARY
www.jeuxvideo.fr REG_BINARY
www.jeuxvideo.com REG_BINARY
www.clubic.com REG_BINARY
www.01net.com REG_BINARY
www.cvconseils.com REG_BINARY
comment-faire-cv.comment-faire.net REG_BINARY
www.flesko.com REG_BINARY
www.trouvertravail.com REG_BINARY
www.xstarsnews.com REG_BINARY
www.football365.fr REG_BINARY
www4.jeux.com REG_BINARY
www.adobe.com REG_BINARY
iframe.mediaplazza.com REG_BINARY
*.update.microsoft.com REG_BINARY
www.educationsansfrontieres.org REG_BINARY

* Mozilla Firefox (1 autorisé 2 interdit)

---------- C:\DOCUMENTS AND SETTINGS\KVIN\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\FDZCV2XS.DEFAULT\HOSTPERM.1

******************************************
## Registre

* [HKEY_CURRENT_USER\\Software\Microsoft\Internet Explorer\Main]
Search Bar REG_SZ http://www.google.com/ie

* [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
meet great active lies REG_SZ C:\Documents and Settings\All Users\Application Data\soft chic meet great\mix ooze.exe

* [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
BITSUP REG_SZ C:\DOCUME~1\KÉVIN\APPLIC~1\HOPEME~1\film dumb.exe

******************************************
## Zones de sécurité

* HKCU Domains (4)

* P3P History (5)

******************************************
## Recherche C:\WINDOWS\*.htm, "C:\WINDOWS\*.gif"


*************** Fin du rapport ****************


Merci de m'aider au plus vite.
6 Janvier 2008 15:08:34

Bonjour,

je vous envois mon rapport hijackthis, ainsi que le rapport lopresearch

Merci beaucoup pour votre aide.

Logfile of HijackThis v1.99.1
Scan saved at 14:48:43, on 6/01/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe
C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\WINDOWS\ALCWZRD.EXE
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
C:\WINDOWS\FixCamera.exe
C:\WINDOWS\tsnp2std.exe
C:\WINDOWS\vsnp2std.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\MSN Messenger\usnsvc.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\WINDOWS\explorer.exe
C:\Documents and Settings\USER\Mes documents\hijackthis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://google.be/
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.yahoo.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar3.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar3.dll
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [Raccourci vers la page des propriétés de High Definition Audio] HDAudPropShortcut.exe
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [AlcWzrd] ALCWZRD.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.0\Apps\apdproxy.exe"
O4 - HKLM\..\Run: [ScanRegistry] C:\W
O4 - HKLM\..\Run: [FixCamera] C:\WINDOWS\FixCamera.exe
O4 - HKLM\..\Run: [tsnp2std] C:\WINDOWS\tsnp2std.exe
O4 - HKLM\..\Run: [snp2std] C:\WINDOWS\vsnp2std.exe
O4 - HKLM\..\Run: [Bat Wave Base Dale] C:\Documents and Settings\All Users\Application Data\Link Axis Bat Wave\Wipe Mapi.exe
O4 - HKLM\..\Run: [Time about bird dale] C:\Documents and Settings\All Users\Application Data\meow four dale link\tick amen htm.exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [biassoft] C:\DOCUME~1\USER\APPLIC~1\BAGSGR~1\JunkTransUp.exe
O4 - HKCU\..\Run: [AlcoholAutomount] "C:\Program Files\Alcohol Soft\Alcohol 120\axcmd.exe" /automount
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra button: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Program Files\PartyGaming\PartyPoker\RunApp.exe
O9 - Extra 'Tools' menuitem: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Program Files\PartyGaming\PartyPoker\RunApp.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx2.hotmail.com/mail/w2/pr02/resources/MSNPUpld...
O16 - DPF: {5C051655-FCD5-4969-9182-770EA5AA5565} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown....
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls...
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://messenger.zone.msn.com/binary/ZIntro.cab56649.ca...
O16 - DPF: {BD393C14-72AD-4790-A095-76522973D6B8} (CBreakshotControl Class) - http://messenger.zone.msn.com/binary/Bankshot.cab57213....
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPACl...
O16 - DPF: {CE69F98F-2AF3-4306-BAC6-A79070EDA1B4} (Zylom Loader Object) - http://eu.download.games.yahoo.com/zylom/activex/zyloml...
O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab569...
O17 - HKLM\System\CCS\Services\Tcpip\..\{94A3108E-89AD-4B74-971B-6787391AD712}: NameServer = 192.168.1.1
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: CA Personal Firewall ASEM - Unknown owner - C:\Program Files\CA\CA Internet Security Suite\CA Personal Firewall\capfasem.exe (file missing)
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: StarWind AE Service (StarWindServiceAE) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe


-------------------------------------------------------
LopResearch
----------------


----------------------------[ LopResearch v3 ]----------------------------

Version : Microsoft Windows XP [version 5.1.2600] [ OS : Windows_NT ]

Lancé depuis : C:\Documents and Settings\USER\Mes documents\hijackthis\LopResearch v3.1

Rapport crée : Le dim. 06/01/2008 à 14:54:15,96 PC : USER-FC90FEA1A3

! Faire analyser le rapport par un Helper avant intervention !

---------------------[ Listing des Applications Data ]--------------------

C:\Documents and Settings\Administrateur\Application Data\Microsoft

C:\Documents and Settings\Administrateur.USER-FC90FEA1A3\Application Data\Microsoft
C:\Documents and Settings\Administrateur.USER-FC90FEA1A3\Application Data\desktop.ini

C:\Documents and Settings\All Users\Application Data\Tick Find Close Surf
C:\Documents and Settings\All Users\Application Data\Bore Seek Intra Media
C:\Documents and Settings\All Users\Application Data\CA
C:\Documents and Settings\All Users\Application Data\Link Axis Bat Wave
C:\Documents and Settings\All Users\Application Data\meow four dale link
C:\Documents and Settings\All Users\Application Data\Microsoft
C:\Documents and Settings\All Users\Application Data\Apple
C:\Documents and Settings\All Users\Application Data\QTSBandwidthCache
C:\Documents and Settings\All Users\Application Data\Apple Computer
C:\Documents and Settings\All Users\Application Data\pixelStorm
C:\Documents and Settings\All Users\Application Data\Yahoo!
C:\Documents and Settings\All Users\Application Data\Zylom
C:\Documents and Settings\All Users\Application Data\SBT
C:\Documents and Settings\All Users\Application Data\Adobe
C:\Documents and Settings\All Users\Application Data\Avg7
C:\Documents and Settings\All Users\Application Data\Google
C:\Documents and Settings\All Users\Application Data\Symantec
C:\Documents and Settings\All Users\Application Data\hpzinstall.log
C:\Documents and Settings\All Users\Application Data\Support.com
C:\Documents and Settings\All Users\Application Data\Windows Genuine Advantage
C:\Documents and Settings\All Users\Application Data\desktop.ini
C:\Documents and Settings\All Users\Application Data\Ahead

C:\Documents and Settings\Default User\Application Data\desktop.ini
C:\Documents and Settings\Default User\Application Data\Microsoft

C:\Documents and Settings\LocalService\Application Data\Microsoft

C:\Documents and Settings\NetworkService\Application Data\Microsoft
C:\Documents and Settings\NetworkService\Application Data\Symantec

C:\Documents and Settings\USER\Application Data\bags gram base
C:\Documents and Settings\USER\Application Data\U3
C:\Documents and Settings\USER\Application Data\Microsoft
C:\Documents and Settings\USER\Application Data\Sports Interactive
C:\Documents and Settings\USER\Application Data\SecuROM
C:\Documents and Settings\USER\Application Data\GDIPFONTCACHEV1.DAT
C:\Documents and Settings\USER\Application Data\iMesh
C:\Documents and Settings\USER\Application Data\Template
C:\Documents and Settings\USER\Application Data\BitDownload
C:\Documents and Settings\USER\Application Data\Skype
C:\Documents and Settings\USER\Application Data\Ahead
C:\Documents and Settings\USER\Application Data\Help
C:\Documents and Settings\USER\Application Data\Microsoft Web Folders
C:\Documents and Settings\USER\Application Data\Leadertech
C:\Documents and Settings\USER\Application Data\Adobe
C:\Documents and Settings\USER\Application Data\AdobeUM
C:\Documents and Settings\USER\Application Data\Google
C:\Documents and Settings\USER\Application Data\Macromedia
C:\Documents and Settings\USER\Application Data\Apple Computer
C:\Documents and Settings\USER\Application Data\Hewlett-Packard
C:\Documents and Settings\USER\Application Data\wklnhst.dat
C:\Documents and Settings\USER\Application Data\Sun
C:\Documents and Settings\USER\Application Data\Symantec
C:\Documents and Settings\USER\Application Data\vlc
C:\Documents and Settings\USER\Application Data\desktop.ini
C:\Documents and Settings\USER\Application Data\Identities

----------------[ Tâches planifiées dans C:\WINDOWS\tasks ]---------------

C:\WINDOWS\tasks\AppleSoftwareUpdate.job
C:\WINDOWS\tasks\FRU Task #Hewlett-Packard#hp psc 1200 series#1153679666.job
C:\WINDOWS\tasks\SA.DAT
C:\WINDOWS\tasks\desktop.ini

--------------[ Listing des dossiers dans C:\Program Files ]--------------

C:\Program Files\Adobe
C:\Program Files\Ahead
C:\Program Files\Alcohol Soft
C:\Program Files\Alwil Software
C:\Program Files\amsn
C:\Program Files\Apple Software Update
C:\Program Files\Aspyr
C:\Program Files\ATI Technologies
C:\Program Files\bags gram base
C:\Program Files\Clavier
C:\Program Files\eMule
C:\Program Files\Fichiers communs
C:\Program Files\Gigabyte
C:\Program Files\Google
C:\Program Files\Hewlett-Packard
C:\Program Files\honestech
C:\Program Files\Intel
C:\Program Files\Internet Explorer
C:\Program Files\InterVideo
C:\Program Files\iPod
C:\Program Files\iTunes
C:\Program Files\Java
C:\Program Files\Messenger
C:\Program Files\Micro Application
C:\Program Files\Microsoft AntiSpyware
C:\Program Files\microsoft frontpage
C:\Program Files\Microsoft Office
C:\Program Files\Microsoft Visual Studio
C:\Program Files\Microsoft Works
C:\Program Files\Movie Maker
C:\Program Files\MSN
C:\Program Files\MSN Apps
C:\Program Files\MSN Gaming Zone
C:\Program Files\MSN Messenger
C:\Program Files\Multi_Media
C:\Program Files\NetMeeting
C:\Program Files\Online Services
C:\Program Files\Outlook Express
C:\Program Files\PartyGaming
C:\Program Files\Player Tool
C:\Program Files\QuickTime
C:\Program Files\Realtek
C:\Program Files\Services en ligne
C:\Program Files\Snapshot Viewer
C:\Program Files\Soldier of Fortune II - Double Helix
C:\Program Files\Square Soft, Inc
C:\Program Files\support.com
C:\Program Files\TapeTexte
C:\Program Files\Tap'Touche 3 D‚mo
C:\Program Files\THQ
C:\Program Files\Ubi Soft
C:\Program Files\VideoLAN
C:\Program Files\Windows Media Connect 2
C:\Program Files\Windows Media Player
C:\Program Files\Windows NT
C:\Program Files\WinRAR
C:\Program Files\World of Warcraft
C:\Program Files\xerox
C:\Program Files\Yahoo!

------[ Listing des dossiers dans C:\Program Files\Fichiers communs ]-----

C:\Program Files\Fichiers communs\Adobe
C:\Program Files\Fichiers communs\Ahead
C:\Program Files\Fichiers communs\Apple
C:\Program Files\Fichiers communs\Blizzard Entertainment
C:\Program Files\Fichiers communs\Designer
C:\Program Files\Fichiers communs\Hewlett-Packard
C:\Program Files\Fichiers communs\InstallShield
C:\Program Files\Fichiers communs\Java
C:\Program Files\Fichiers communs\Microsoft Shared
C:\Program Files\Fichiers communs\MSSoap
C:\Program Files\Fichiers communs\ODBC
C:\Program Files\Fichiers communs\Scanner
C:\Program Files\Fichiers communs\Services
C:\Program Files\Fichiers communs\snp2std
C:\Program Files\Fichiers communs\Softwin
C:\Program Files\Fichiers communs\SpeechEngines
C:\Program Files\Fichiers communs\System

----------------------[ Recherche dans le Registre ]----------------------

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run]

Bat Wave Base Dale REG_SZ C:\Documents and Settings\All Users\Application Data\Link Axis Bat Wave\Wipe Mapi.exe
Time about bird dale REG_SZ C:\Documents and Settings\All Users\Application Data\meow four dale link\tick amen htm.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run]

biassoft REG_SZ C:\DOCUME~1\USER\APPLIC~1\BAGSGR~1\JunkTransUp.exe

-----------------[ Recherche de Fichiers - Dossiers Lop ]-----------------

C:\Documents and Settings\All Users\Application Data\Link Axis Bat Wave
C:\Documents and Settings\All Users\Application Data\meow four dale link
C:\Documents and Settings\USER\Application Data\BAGSGR~1
C:\Program Files\BAGSGR~1
C:\WINDOWS\Prefetch\JUNKTRANSUP.EXE-37654214.pf
C:\Documents and Settings\USER\Application Data\BitDownload

--------------------[ Vérification du fichier Hosts ]---------------------

Fichier Hosts : MODIFIE

127.0.0.1 localhost
127.0.0.1 bin.errorprotector.com ## added by CiD
127.0.0.1 br.errorsafe.com ## added by CiD
127.0.0.1 br.winantivirus.com ## added by CiD
127.0.0.1 br.winfixer.com ## added by CiD
127.0.0.1 cdn.drivecleaner.com ## added by CiD
127.0.0.1 cdn.errorsafe.com ## added by CiD
127.0.0.1 cdn.winsoftware.com ## added by CiD
127.0.0.1 de.errorsafe.com ## added by CiD
127.0.0.1 de.winantivirus.com ## added by CiD
127.0.0.1 download.cdn.drivecleaner.com ## added by CiD
127.0.0.1 download.cdn.errorsafe.com ## added by CiD
127.0.0.1 download.cdn.winsoftware.com ## added by CiD
127.0.0.1 download.errorsafe.com ## added by CiD
127.0.0.1 download.systemdoctor.com ## added by CiD
127.0.0.1 download.winantispyware.com ## added by CiD
127.0.0.1 download.windrivecleaner.com ## added by CiD
127.0.0.1 download.winfixer.com ## added by CiD
127.0.0.1 drivecleaner.com ## added by CiD
127.0.0.1 dynamique.drivecleaner.com ## added by CiD
127.0.0.1 errorprotector.com ## added by CiD
127.0.0.1 errorsafe.com ## added by CiD
127.0.0.1 es.winantivirus.com ## added by CiD
127.0.0.1 fr.winantivirus.com ## added by CiD
127.0.0.1 fr.winfixer.com ## added by CiD
127.0.0.1 go.drivecleaner.com ## added by CiD
127.0.0.1 go.errorsafe.com ## added by CiD
127.0.0.1 go.winantispyware.com ## added by CiD
127.0.0.1 go.winantivirus.com ## added by CiD
127.0.0.1 hk.winantivirus.com ## added by CiD
127.0.0.1 instlog.errorsafe.com ## added by CiD
127.0.0.1 instlog.winantivirus.com ## added by CiD
127.0.0.1 instlog.winfixer.com ## added by CiD
127.0.0.1 jsp.drivecleaner.com ## added by CiD
127.0.0.1 kb.errorsafe.com ## added by CiD
127.0.0.1 kb.winantivirus.com ## added by CiD
127.0.0.1 nl.errorsafe.com ## added by CiD
127.0.0.1 se.errorsafe.com ## added by CiD
127.0.0.1 secure.drivecleaner.com ## added by CiD
127.0.0.1 secure.errorsafe.com ## added by CiD
127.0.0.1 secure.winantispam.com ## added by CiD
127.0.0.1 secure.winantispy.com ## added by CiD
127.0.0.1 secure.winantivirus.com ## added by CiD
127.0.0.1 support.winantivirus.com ## added by CiD
127.0.0.1 trial.updates.winsoftware.com ## added by CiD
127.0.0.1 ulog.winantivirus.com ## added by CiD
127.0.0.1 utils.errorsafe.com ## added by CiD
127.0.0.1 utils.winantivirus.com ## added by CiD
127.0.0.1 utils.winfixer.com ## added by CiD
127.0.0.1 winantispyware.com ## added by CiD
127.0.0.1 winantivirus.com ## added by CiD
127.0.0.1 winfixer.com ## added by CiD
127.0.0.1 winfixer2006.com ## added by CiD
127.0.0.1 winsoftware.com ## added by CiD
127.0.0.1 www.drivecleaner.com ## added by CiD
127.0.0.1 www.errorprotector.com ## added by CiD
127.0.0.1 www.errorsafe.com ## added by CiD
127.0.0.1 www.systemdoctor.com ## added by CiD
127.0.0.1 www.utils.winfixer.com ## added by CiD
127.0.0.1 www.win-anti-virus-pro.com ## added by CiD
127.0.0.1 www.win-virus-pro.com ## added by CiD
127.0.0.1 www.winantispam.com ## added by CiD
127.0.0.1 www.winantispy.com ## added by CiD
127.0.0.1 www.winantispyware.com ## added by CiD
127.0.0.1 www.winantivirus.com ## added by CiD
127.0.0.1 www.winantiviruspro.com ## added by CiD
127.0.0.1 www.windrivecleaner.com ## added by CiD
127.0.0.1 www.windrivesafe.com ## added by CiD
127.0.0.1 www.winfixer.com ## added by CiD
127.0.0.1 www.winfixer2006.com ## added by CiD
127.0.0.1 www.winsoftware.com ## added by CiD

--------------------[ Recherche d'autres infections ]---------------------


--------------------[ Fin du rapport à 14:54:27,39 ]----------------------

Bien à vous

Matt
4 Mars 2008 15:30:01

bonjour moi aussi j'ai le meme problem eet regarder:

Logfile of HijackThis v1.99.1
Scan saved at 15:21:27, on 04/03/2008
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\System32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Dell\OpenManage\Client\Iap.exe
C:\Program Files\Dell\QuickSet\NICCONFIGSVC.exe
C:\WINDOWS\System32\WLTRYSVC.EXE
C:\WINDOWS\System32\bcmwltry.exe
C:\Program Files\Apoint\Apoint.exe
C:\WINDOWS\System32\ICO.EXE
C:\WINDOWS\System32\DLA\DLACTRLW.EXE
C:\WINDOWS\System32\WLTRAY.exe
C:\Program Files\Dell\QuickSet\quickset.exe
C:\Program Files\Apoint\Apntex.exe
C:\Program Files\Broadcom\BACS\BacsTray.exe
C:\Program Files\Apoint\HidFind.exe
C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe
C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.2\Apps\apdproxy.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
C:\WINDOWS\System32\ctfmon.exe
C:\Program Files\MSN Messenger\MsnMsgr.Exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\MSN Messenger\usnsvc.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\WINDOWS\explorer.exe
C:\PROGRA~1\Mozilla Firefox\firefox.exe
C:\Program Files\QuickZip4\QuickZip.exe
C:\DOCUME~1\adjee\LOCALS~1\Temp\QZTEMP\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://g.msn.fr/0SEFRFR/SAOS01?FORM=TOOLBR
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://g.msn.fr/0SEFRFR/SAOS01?FORM=TOOLBR
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.msn.com/
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://g.msn.fr/0SEFRFR/SAOS01?FORM=TOOLBR
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O4 - HKLM\..\Run: [Apoint] C:\Program Files\Apoint\Apoint.exe
O4 - HKLM\..\Run: [PMX Daemon] ICO.EXE
O4 - HKLM\..\Run: [DLA] C:\WINDOWS\System32\DLA\DLACTRLW.EXE
O4 - HKLM\..\Run: [Broadcom Wireless Manager UI] C:\WINDOWS\System32\WLTRAY.exe
O4 - HKLM\..\Run: [Dell QuickSet] C:\Program Files\Dell\QuickSet\quickset.exe
O4 - HKLM\..\Run: [bacstray] C:\Program Files\Broadcom\BACS\\BacsTray.exe
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [Dell Mobile Broadband Card Utility] C:\Program Files\Dell\Dell Mobile Broadband\dmbcu.exe /s -noshow -AppMode
O4 - HKLM\..\Run: [ISUSPM Startup] "C:\Program Files\Fichiers communs\InstallShield\UpdateService\isuspm.exe" -startup
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.2\Apps\apdproxy.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
O4 - HKLM\..\Run: [meet great active lies] C:\Documents and Settings\All Users\Application Data\soft chic meet great\Once Play.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\ctfmon.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [Tool Bias] C:\DOCUME~1\adjee\APPLIC~1\GLOBAL~1\wma blah.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: Ouvrir dans un nouvel onglet d'arrière-plan - res://C:\Program Files\Windows Live Toolbar\Components\fr-fr\msntabres.dll.mui/229?83777148286149a1b30c15a8e730ea43
O8 - Extra context menu item: Ouvrir dans un nouvel onglet de premier plan - res://C:\Program Files\Windows Live Toolbar\Components\fr-fr\msntabres.dll.mui/230?83777148286149a1b30c15a8e730ea43
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O16 - DPF: {01A88BB1-1174-41EC-ACCB-963509EAE56B} (SysProWmi Class) - http://support.euro.dell.com/systemprofiler/SysPro.CAB
O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} - http://download.divx.com/webplayer/stage6/windows/AutoD...
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPACl...
O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} - http://messenger.zone.msn.com/binary/MineSweeper.cab569...
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\System32\Ati2evxx.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Iap - Dell Inc. - C:\Program Files\Dell\OpenManage\Client\Iap.exe
O23 - Service: NICCONFIGSVC - Dell Inc. - C:\Program Files\Dell\QuickSet\NICCONFIGSVC.exe
O23 - Service: Dell Wireless WLAN Tray Service (wltrysvc) - Unknown owner - C:\WINDOWS\System32\WLTRYSVC.EXE

9 Juillet 2008 12:08:04

Bjr, après avoir lu qq post, j'ai moi mm telechargé hijackthis et voici le rapport...Merci de m'aider à savoir g lu kil fallait téléchargé mozailla qui lui ne laisse rien passer, g télécharger spybot, ccleaner, mais sans succèe::


Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 12:01:55, on 09/07/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16674)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Windows Defender\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\WINDOWS\PixArt\PAC7311\Monitor.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\Program Files\SPAMfighter\SFAgent.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\LEXPPS.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\Magentic\bin\MgApp.exe
C:\PROGRA~1\INCRED~1\bin\IMApp.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
C:\Program Files\SPAMfighter\sfus.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\SearchIndexer.exe
C:\WINDOWS\system32\msiexec.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Outlook Express\msimn.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\WINDOWS\system32\SearchProtocolHost.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&loca...
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&lo...
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.yahoo.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = about:blank
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://fr.rd.yahoo.com/customize/ie/defaults/su/msgr8/*http://fr.search.yahoo.com
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&loca...
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: (no name) - {04c322ce-aee8-4503-8fe8-d4c823ed2d0d} - (no file)
O2 - BHO: (no name) - {0650A4A7-46BE-4B7F-8653-13B3D170D2B0} - (no file)
O2 - BHO: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: BHO Barre de Confiance - {988B07F5-7392-455A-8A1F-64935CB8B6ED} - C:\Program Files\BarreConfCMCIC\TAPBar.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: Barre de confiance - {55BDF3B0-C0A8-481A-B8A6-01CD2BE0F3FD} - C:\Program Files\BarreConfCMCIC\TAPBar.dll
O3 - Toolbar: (no name) - {4AD56E6F-7074-41EE-8A40-583C2C76EFCD} - (no file)
O3 - Toolbar: Deenero - {5ADDE6F9-B220-488D-9ADE-9C20D3A31533} - C:\Program Files\Deenero\deenero_1,0,0,9.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KBD.EXE
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [PAC7311_Monitor] C:\WINDOWS\PixArt\PAC7311\Monitor.exe
O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\FICHIE~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [1 mags 16 more] C:\Documents and Settings\All Users\Application Data\Admin Inter 1 Mags\More Hope.exe
O4 - HKLM\..\Run: [Windows Defender] "C:\Program Files\Windows Defender\MSASCui.exe" -hide
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [SPAMfighter Agent] "C:\Program Files\SPAMfighter\SFAgent.exe" update delay 60
O4 - HKCU\..\Run: [IncrediMail] C:\Program Files\IncrediMail\bin\IncMail.exe /c
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Magentic] C:\PROGRA~1\Magentic\bin\Magentic.exe /c
O4 - HKCU\..\Run: [Love Fast] C:\DOCUME~1\COMPAQ~1\APPLIC~1\FLAGRD~1\Dash One.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - .DEFAULT User Startup: Pin.lnk = C:\hp\bin\CLOAKER.EXE (User 'Default user')
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O8 - Extra context menu item: &Add animation to IncrediMail Style Box - C:\Program Files\IncrediMail\bin\resources\WebMenuImg.htm
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: Aide à la connexion - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm
O9 - Extra 'Tools' menuitem: Aide à la connexion - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm
O15 - Trusted Zone: www.cosoclicker.com
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {3A226D85-574D-4272-B73C-DBCAECF709B3} (TNSClickerb.Clicker) - http://www.consoclicker.com/TNSClickrb.CAB
O16 - DPF: {5554A026-7282-4C11-A8F1-652D0599CD02} (NMInstall Control) - http://a14.g.akamai.net/f/14/7141/1d/fr.nielsennetpanel...
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microsoftupdate/v6/V5Co...
O16 - DPF: {70A5EBDC-3EA6-464A-9FF7-084BC150C417} (TNSClickera.Clicker) - http://www.consoclicker.com/TNSClickra.CAB
O16 - DPF: {9122D757-5A4F-4768-82C5-B4171D8556A7} - http://appdirectory.messenger.msn.com/AppDirectory/P4Ap...
O16 - DPF: {A922B6AB-3B87-11D3-B3C2-0008C7DA6CB9} - https://media.pineconeresearch.com/ActiveX/downloadcont...
O16 - DPF: {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} (Zylom Games Player) - http://game11.zylom.com/activex/zylomgamesplayer.cab
O16 - DPF: {D8089245-3211-40F6-819B-9E5E92CD61A2} (FlashXControl Object) - https://signin3.valueactive.com/Register/Branding/olr33...
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: SPAMfighter Update Service - SPAMfighter ApS - C:\Program Files\SPAMfighter\sfus.exe
O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\CCPD-LC\symlcsvc.exe
O24 - Desktop Component 0: (no name) - http://membres.lycos.fr/simplementcaroline/glitter/telm...

--
End of file - 11902 bytes
a b 8 Sécurité
9 Juillet 2008 18:58:53

Ouai bon, chacun va créer son propre sujet.
Tom's guide dans le monde
  • Allemagne
  • Italie
  • Irlande
  • Royaume Uni
  • Etats Unis
Suivre Tom's Guide
Inscrivez-vous à la Newsletter
  • ajouter à twitter
  • ajouter à facebook
  • ajouter un flux RSS