Votre question

Fenêtre de CiD intempestive

Tags :
  • Internet Explorer
  • Sécurité
Dernière réponse : dans Sécurité et virus
25 Janvier 2008 10:55:03

Bonjour,

je m'adresse à vous aujourd'hui car je suis envahie par les fenêtre cid, et le souci c'est que je ne connais rien sur les ordinateurs, j'ai besoin d'aide, je n'arrive pas à me débrouiller seule. Je vous remercie par avance de m'aider. Je crois qu'il faut vous envoyer un rapport hitjackthis

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 10:32:33, on 25/01/2008
Platform: Windows Vista (WinNT 6.00.1904)
MSIE: Internet Explorer v7.00 (7.00.6000.16575)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskeng.exe
C:\Windows\Explorer.EXE
C:\Program Files\Windows Defender\MSASCui.exe
C:\hp\support\hpsysdrv.exe
C:\Program Files\Hewlett-Packard\On-Screen OSD Indicator\OSD.exe
C:\Windows\RtHDVCpl.exe
C:\Program Files\CyberLink\PowerCinema\PCMService.exe
C:\Program Files\HP\HP Software Update\hpwuSchd2.exe
C:\Program Files\Controle Parental\bin\OPTGui.exe
C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\Program Files\TomTom HOME 2\HOMERunner.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Orange\Player Orange\Orange Player.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\SAGEM WiFi manager\WLANUTL.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\PROGRA~1\INCRED~1\bin\IMApp.exe
C:\Program Files\Orange\GLOBAL\Mnu\IGOMNU.EXE
C:\Program Files\Internet Explorer\IEUser.exe
C:\hp\kbd\kbd.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Users\SCHMIT~1\AppData\Local\Temp\OnlineScanner\Anti-Virus\OnlineScanner.exe
C:\Users\SCHMIT~1\AppData\Local\Temp\OnlineScanner\Anti-Virus\fssm32.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\DllHost.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://mystart.incredimail.com/french/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&loca...
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&loca...
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [hpsysdrv] c:\hp\support\hpsysdrv.exe
O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KbdStub.EXE
O4 - HKLM\..\Run: [OsdMaestro] "C:\Program Files\Hewlett-Packard\On-Screen OSD Indicator\OSD.exe"
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [PCMService] "C:\Program Files\CyberLink\PowerCinema\PCMService.exe"
O4 - HKLM\..\Run: [DPService] "C:\Program Files\HP\DVDPlay\DPService.exe"
O4 - HKLM\..\Run: [HP Software Update] c:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [OPTENET_GUI] C:\PROGRA~1\CONTRO~1\bin\optgui.exe
O4 - HKLM\..\Run: [Symantec PIF AlertEng] "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" /a /m "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\AlertEng.dll"
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKLM\..\Run: [zzz_ImInstaller_Magentic] C:\Users\schmitt olivier\AppData\Local\Temp\ImInstaller\Magentic\magentic_install[1].exe -startup -product Magentic -skip_dialog language
O4 - HKLM\..\Run: [TomTomHOME.exe] "C:\Program Files\TomTom HOME 2\HOMERunner.exe" -s
O4 - HKLM\..\Run: [NvSvc] RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\RunOnce: [Launcher] %WINDIR%\SMINST\launcher.exe
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [OrangePlayer] C:\Program Files\Orange\Player Orange\Orange Player.exe /systray
O4 - HKCU\..\Run: [ISUSPM Startup] C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\isuspm.exe -startup
O4 - HKCU\..\Run: [IncrediMail] C:\PROGRA~1\INCRED~1\bin\IncMail.exe /c
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [Acid Tool] "C:\ProgramData\Jump great great.z2qdtyo"
O4 - HKCU\..\Run: [Itch ford four knob] "C:\ProgramData\roam bore burn.kckw5x9"
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU')
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Utilitaire réseau pour SAGEM Wi-Fi 11g USB adapter.lnk = ?
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\Windows\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\Windows\bdoscandel.exe
O13 - Gopher Prefix:
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.bitdefender.fr/scan_fr/scan8/oscan8.cab
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/2005111401/housecall...
O16 - DPF: {A4069847-C342-48E2-9257-01A24E5C78EA} (F-Secure Online Scanner 3.2) - http://support.f-secure.com/ols3beta/fscax.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/fl...
O17 - HKLM\System\CCS\Services\Tcpip\..\{CD74F626-082B-4751-9D76-0314EDBBF39E}: NameServer = 192.168.1.1
O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: CyberLink Background Capture Service (CBCS) (CLCapSvc) - Unknown owner - C:\Program Files\CyberLink\PowerCinema\Kernel\TV\CLCapSvc.exe
O23 - Service: CyberLink Task Scheduler (CTS) (CLSched) - Unknown owner - C:\Program Files\CyberLink\PowerCinema\Kernel\TV\CLSched.exe
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Unknown owner - c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (file missing)
O23 - Service: CyberLink Media Library Service - Cyberlink - C:\Program Files\CyberLink\PowerCinema\Kernel\CLML_NTService\CLMLServer.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - c:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - c:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: LiveUpdate Notice Service Ex (LiveUpdate Notice Ex) - Unknown owner - c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (file missing)
O23 - Service: LiveUpdate Notice Service - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
O23 - Service: Orange Contrôle Parental (OPTENET_FILTER) - Orange - C:\Program Files\Controle Parental\bin\optproxy.exe
O23 - Service: Planificateur LiveUpdate automatique - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
O23 - Service: RoxMediaDB9 - Sonic Solutions - c:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe
O23 - Service: stllssvr - MicroVision Development, Inc. - c:\Program Files\Common Files\SureThing Shared\stllssvr.exe

--
End of file - 9431 bytes


Merci encore

Autres pages sur : fenetre cid intempestive

27 Janvier 2008 15:30:21

bonjour, je viens de faire tout ce que vous me dites et ça me marque "accès refusé", et mon antivirus antivir trouve des trojans pendant que la recherche se faisait, j'en ai supprimé mais je pense que j'en ai encore. Donc je n'ai pas pu faire ce que vous m'avez dit, le scan est refusé.
Aidez-moi, s'il vous plait. Merci.
Contenus similaires
a b 8 Sécurité
27 Janvier 2008 19:20:09

Re,

a- désactive ton antivirus
b- lance le .cmd en faisant clic droit / exécuter en tant...
C'est mieux ?
28 Janvier 2008 09:44:37

Bonjour,
ça ne marche toujours pas, ça me marque "impossible d'ouvrir le fichier c:/lopR.txt. Voulez-vous créer un nouveau fichier ?" . En fait c'est pareil qu'avec l'antivirus. Il dit toujours "accès refusé" et le bloc notes est vide. Merci.
28 Janvier 2008 09:57:06

J'ai oublié de vous dire que j'ai windows vista, ça change peut être tout.
28 Janvier 2008 13:49:16


rebonjour,
Ce matin j'ai fait un scan de antivir et un antivirus en ligne de f-secure online. Et depuis je n'ai plus ces CID qui apparaissent , je n'y comprends rien. merci beaucoup.Par contre je trouve que mon ordinateur est un peu lent, peut etre que ca vient de vista?pouvez vous me répondre?
encore merci merci
a b 8 Sécurité
28 Janvier 2008 17:58:10

Tu peux reposter un rapport Hijackthis ?
29 Janvier 2008 13:14:20

bonjour

voici le rapport

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 10:32:33, on 25/01/2008
Platform: Windows Vista (WinNT 6.00.1904)
MSIE: Internet Explorer v7.00 (7.00.6000.16575)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskeng.exe
C:\Windows\Explorer.EXE
C:\Program Files\Windows Defender\MSASCui.exe
C:\hp\support\hpsysdrv.exe
C:\Program Files\Hewlett-Packard\On-Screen OSD Indicator\OSD.exe
C:\Windows\RtHDVCpl.exe
C:\Program Files\CyberLink\PowerCinema\PCMService.exe
C:\Program Files\HP\HP Software Update\hpwuSchd2.exe
C:\Program Files\Controle Parental\bin\OPTGui.exe
C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\Program Files\TomTom HOME 2\HOMERunner.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Orange\Player Orange\Orange Player.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\SAGEM WiFi manager\WLANUTL.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\PROGRA~1\INCRED~1\bin\IMApp.exe
C:\Program Files\Orange\GLOBAL\Mnu\IGOMNU.EXE
C:\Program Files\Internet Explorer\IEUser.exe
C:\hp\kbd\kbd.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Users\SCHMIT~1\AppData\Local\Temp\OnlineScanner\Anti-Virus\OnlineScanner.exe
C:\Users\SCHMIT~1\AppData\Local\Temp\OnlineScanner\Anti-Virus\fssm32.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\DllHost.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://mystart.incredimail.com/french/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&loca...
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&loca...
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [hpsysdrv] c:\hp\support\hpsysdrv.exe
O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KbdStub.EXE
O4 - HKLM\..\Run: [OsdMaestro] "C:\Program Files\Hewlett-Packard\On-Screen OSD Indicator\OSD.exe"
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [PCMService] "C:\Program Files\CyberLink\PowerCinema\PCMService.exe"
O4 - HKLM\..\Run: [DPService] "C:\Program Files\HP\DVDPlay\DPService.exe"
O4 - HKLM\..\Run: [HP Software Update] c:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [OPTENET_GUI] C:\PROGRA~1\CONTRO~1\bin\optgui.exe
O4 - HKLM\..\Run: [Symantec PIF AlertEng] "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" /a /m "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\AlertEng.dll"
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKLM\..\Run: [zzz_ImInstaller_Magentic] C:\Users\schmitt olivier\AppData\Local\Temp\ImInstaller\Magentic\magentic_install[1].exe -startup -product Magentic -skip_dialog language
O4 - HKLM\..\Run: [TomTomHOME.exe] "C:\Program Files\TomTom HOME 2\HOMERunner.exe" -s
O4 - HKLM\..\Run: [NvSvc] RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\RunOnce: [Launcher] %WINDIR%\SMINST\launcher.exe
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [OrangePlayer] C:\Program Files\Orange\Player Orange\Orange Player.exe /systray
O4 - HKCU\..\Run: [ISUSPM Startup] C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\isuspm.exe -startup
O4 - HKCU\..\Run: [IncrediMail] C:\PROGRA~1\INCRED~1\bin\IncMail.exe /c
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [Acid Tool] "C:\ProgramData\Jump great great.z2qdtyo"
O4 - HKCU\..\Run: [Itch ford four knob] "C:\ProgramData\roam bore burn.kckw5x9"
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU')
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Utilitaire réseau pour SAGEM Wi-Fi 11g USB adapter.lnk = ?
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\Windows\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\Windows\bdoscandel.exe
O13 - Gopher Prefix:
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.bitdefender.fr/scan_fr/scan8/oscan8.cab
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/2005111401/housecall...
O16 - DPF: {A4069847-C342-48E2-9257-01A24E5C78EA} (F-Secure Online Scanner 3.2) - http://support.f-secure.com/ols3beta/fscax.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/fl...
O17 - HKLM\System\CCS\Services\Tcpip\..\{CD74F626-082B-4751-9D76-0314EDBBF39E}: NameServer = 192.168.1.1
O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: CyberLink Background Capture Service (CBCS) (CLCapSvc) - Unknown owner - C:\Program Files\CyberLink\PowerCinema\Kernel\TV\CLCapSvc.exe
O23 - Service: CyberLink Task Scheduler (CTS) (CLSched) - Unknown owner - C:\Program Files\CyberLink\PowerCinema\Kernel\TV\CLSched.exe
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Unknown owner - c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (file missing)
O23 - Service: CyberLink Media Library Service - Cyberlink - C:\Program Files\CyberLink\PowerCinema\Kernel\CLML_NTService\CLMLServer.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - c:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - c:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: LiveUpdate Notice Service Ex (LiveUpdate Notice Ex) - Unknown owner - c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (file missing)
O23 - Service: LiveUpdate Notice Service - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
O23 - Service: Orange Contrôle Parental (OPTENET_FILTER) - Orange - C:\Program Files\Controle Parental\bin\optproxy.exe
O23 - Service: Planificateur LiveUpdate automatique - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
O23 - Service: RoxMediaDB9 - Sonic Solutions - c:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe
O23 - Service: stllssvr - MicroVision Development, Inc. - c:\Program Files\Common Files\SureThing Shared\stllssvr.exe

--
End of file - 9431 bytes

merci
a b 8 Sécurité
29 Janvier 2008 18:00:33

Re,

Fix les lignes dans le cadre ci-dessous avec Hijackthis : AIDE EN IMAGES

O4 - HKCU\..\Run: [Acid Tool] "C:\ProgramData\Jump great great.z2qdtyo"
O4 - HKCU\..\Run: [Itch ford four knob] "C:\ProgramData\roam bore burn.kckw5x9"
30 Janvier 2008 13:44:47

bonjour
j'ai fait aide en image et j'ai trouvé les 2 phrases suivantes qui ne correspondent pas aux votre, les voici

04-HKCU\..\Run[AcidTool]"C:\programData\Jumpgreatgreat.mfdh77k"
04-HKCU\..\Run:[Itchfordfourknob]"C:\ProgramData\PingGreatProgram.ikiqbq

S'agit de ces 2 phrases dont vous parliez?
merci
a b 8 Sécurité
30 Janvier 2008 14:19:04

Oui.
31 Janvier 2008 08:35:42

Bonjour
ca y est j'ai fait ce que vous m'avez dit. Supprimer ces 2 phrases.
merci beaucoup pour votre aide.
merci
a b 8 Sécurité
31 Janvier 2008 18:18:35

Reposte un rapport Hijackthis.
31 Janvier 2008 18:21:17

Bonjour,
voici mon rapport:

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 10:32:33, on 25/01/2008
Platform: Windows Vista (WinNT 6.00.1904)
MSIE: Internet Explorer v7.00 (7.00.6000.16575)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskeng.exe
C:\Windows\Explorer.EXE
C:\Program Files\Windows Defender\MSASCui.exe
C:\hp\support\hpsysdrv.exe
C:\Program Files\Hewlett-Packard\On-Screen OSD Indicator\OSD.exe
C:\Windows\RtHDVCpl.exe
C:\Program Files\CyberLink\PowerCinema\PCMService.exe
C:\Program Files\HP\HP Software Update\hpwuSchd2.exe
C:\Program Files\Controle Parental\bin\OPTGui.exe
C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\Program Files\TomTom HOME 2\HOMERunner.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Orange\Player Orange\Orange Player.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\SAGEM WiFi manager\WLANUTL.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\PROGRA~1\INCRED~1\bin\IMApp.exe
C:\Program Files\Orange\GLOBAL\Mnu\IGOMNU.EXE
C:\Program Files\Internet Explorer\IEUser.exe
C:\hp\kbd\kbd.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Users\SCHMIT~1\AppData\Local\Temp\OnlineScanner\Anti-Virus\OnlineScanner.exe
C:\Users\SCHMIT~1\AppData\Local\Temp\OnlineScanner\Anti-Virus\fssm32.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\DllHost.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://mystart.incredimail.com/french/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&loca...
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&loca...
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [hpsysdrv] c:\hp\support\hpsysdrv.exe
O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KbdStub.EXE
O4 - HKLM\..\Run: [OsdMaestro] "C:\Program Files\Hewlett-Packard\On-Screen OSD Indicator\OSD.exe"
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [PCMService] "C:\Program Files\CyberLink\PowerCinema\PCMService.exe"
O4 - HKLM\..\Run: [DPService] "C:\Program Files\HP\DVDPlay\DPService.exe"
O4 - HKLM\..\Run: [HP Software Update] c:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [OPTENET_GUI] C:\PROGRA~1\CONTRO~1\bin\optgui.exe
O4 - HKLM\..\Run: [Symantec PIF AlertEng] "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" /a /m "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\AlertEng.dll"
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKLM\..\Run: [zzz_ImInstaller_Magentic] C:\Users\schmitt olivier\AppData\Local\Temp\ImInstaller\Magentic\magentic_install[1].exe -startup -product Magentic -skip_dialog language
O4 - HKLM\..\Run: [TomTomHOME.exe] "C:\Program Files\TomTom HOME 2\HOMERunner.exe" -s
O4 - HKLM\..\Run: [NvSvc] RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\RunOnce: [Launcher] %WINDIR%\SMINST\launcher.exe
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [OrangePlayer] C:\Program Files\Orange\Player Orange\Orange Player.exe /systray
O4 - HKCU\..\Run: [ISUSPM Startup] C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\isuspm.exe -startup
O4 - HKCU\..\Run: [IncrediMail] C:\PROGRA~1\INCRED~1\bin\IncMail.exe /c
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [Acid Tool] "C:\ProgramData\Jump great great.z2qdtyo"
O4 - HKCU\..\Run: [Itch ford four knob] "C:\ProgramData\roam bore burn.kckw5x9"
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU')
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Utilitaire réseau pour SAGEM Wi-Fi 11g USB adapter.lnk = ?
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\Windows\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\Windows\bdoscandel.exe
O13 - Gopher Prefix:
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.bitdefender.fr/scan_fr/scan8/oscan8.cab
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/2005111401/housecall...
O16 - DPF: {A4069847-C342-48E2-9257-01A24E5C78EA} (F-Secure Online Scanner 3.2) - http://support.f-secure.com/ols3beta/fscax.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/fl...
O17 - HKLM\System\CCS\Services\Tcpip\..\{CD74F626-082B-4751-9D76-0314EDBBF39E}: NameServer = 192.168.1.1
O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: CyberLink Background Capture Service (CBCS) (CLCapSvc) - Unknown owner - C:\Program Files\CyberLink\PowerCinema\Kernel\TV\CLCapSvc.exe
O23 - Service: CyberLink Task Scheduler (CTS) (CLSched) - Unknown owner - C:\Program Files\CyberLink\PowerCinema\Kernel\TV\CLSched.exe
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Unknown owner - c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (file missing)
O23 - Service: CyberLink Media Library Service - Cyberlink - C:\Program Files\CyberLink\PowerCinema\Kernel\CLML_NTService\CLMLServer.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - c:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - c:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: LiveUpdate Notice Service Ex (LiveUpdate Notice Ex) - Unknown owner - c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (file missing)
O23 - Service: LiveUpdate Notice Service - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
O23 - Service: Orange Contrôle Parental (OPTENET_FILTER) - Orange - C:\Program Files\Controle Parental\bin\optproxy.exe
O23 - Service: Planificateur LiveUpdate automatique - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
O23 - Service: RoxMediaDB9 - Sonic Solutions - c:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe
O23 - Service: stllssvr - MicroVision Development, Inc. - c:\Program Files\Common Files\SureThing Shared\stllssvr.exe

--
End of file - 9431 bytes
merci.
1 Février 2008 14:18:51

BONJOUR,
J' ai désactivé l'UAC, mais en cliquant sur le lien que vous m'avez donné, je retombe sur notre conversation;
Que dois je faire ?
merci.
a b 8 Sécurité
1 Février 2008 14:20:20

Hah c'est normal, faut faire :

Télécharge : http://eric.71.mespages.googlepages.com/LopSDV.zip
Dézippe le sur ton bureau , ouvre le dossier Lop SD
double clique sur Lop S&D.cmd ( le .cmd peut ne pas apparaitre )
laisse faire le scan et poste le rapport
1 Février 2008 17:54:26

BONJOUR,
VOICI MON RAPPORT

-----------------------------[ Lop S&D V01 ]---------------------------

Microsoft Windows [version 6.0.6000] [ OS : Windows_NT ]

"C:\Users\schmitt olivier\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0V7HD4FO"

[ 01/02/2008 | 17:52:08,33 ] [ PC-DE-SCHMITT ]


-------------[ ]------------

C:\Users\schmitt olivier\AppData\Roaming\Adobe\Acrobat
C:\Users\schmitt olivier\AppData\Roaming\Adobe\ESD
C:\Users\schmitt olivier\AppData\Roaming\Adobe\Flash Player
C:\Users\schmitt olivier\AppData\Roaming\CyberLink\PowerCinema
C:\Users\schmitt olivier\AppData\Roaming\CyberLink\PowerDVD
C:\Users\schmitt olivier\AppData\Roaming\Google\Local Search History
C:\Users\schmitt olivier\AppData\Roaming\Hewlett-Packard\HP Software UI
C:\Users\schmitt olivier\AppData\Roaming\Identities\{23301D2A-5BAB-4447-A3D2-492E96C3824F}
C:\Users\schmitt olivier\AppData\Roaming\InstallShield\ISEngine12.0
C:\Users\schmitt olivier\AppData\Roaming\Macromedia\Flash Player
C:\Users\schmitt olivier\AppData\Roaming\Player Orange\Data
C:\Users\schmitt olivier\AppData\Roaming\Player Orange\Player Orange.log
C:\Users\schmitt olivier\AppData\Roaming\Player Orange\RentedDataBase.bak
C:\Users\schmitt olivier\AppData\Roaming\Player Orange\RentedDataBase.xml
C:\Users\schmitt olivier\AppData\Roaming\Player Orange\settings.dll
C:\Users\schmitt olivier\AppData\Roaming\Player Orange\Temp
C:\Users\schmitt olivier\AppData\Roaming\Real\Msg
C:\Users\schmitt olivier\AppData\Roaming\Real\RealMediaSDK
C:\Users\schmitt olivier\AppData\Roaming\Real\RealPlayer
C:\Users\schmitt olivier\AppData\Roaming\Real\rnadmin
C:\Users\schmitt olivier\AppData\Roaming\Roxio\Dragon
C:\Users\schmitt olivier\AppData\Roaming\Roxio\MediaManager9
C:\Users\schmitt olivier\AppData\Roaming\Roxio\MyDVD9
C:\Users\schmitt olivier\AppData\Roaming\Roxio\PlasmaLog.txt
C:\Users\schmitt olivier\AppData\Roaming\Roxio\RoxioCentral
C:\Users\schmitt olivier\AppData\Roaming\Roxio\RoxioCentral33
C:\Users\schmitt olivier\AppData\Roaming\Roxio\VideoUI9
C:\Users\schmitt olivier\AppData\Roaming\Shareaza\Collections
C:\Users\schmitt olivier\AppData\Roaming\Shareaza\Data
C:\Users\schmitt olivier\AppData\Roaming\Shareaza\Torrents
C:\Users\schmitt olivier\AppData\Roaming\Template\Normal.wpt
C:\Users\schmitt olivier\AppData\Roaming\TomTom\HOME
C:\Users\schmitt olivier\AppData\Roaming\UserTile.png\UserTile.png
C:\Users\schmitt olivier\AppData\Roaming\wklnhst.dat\wklnhst.dat

----------------[ ]---------------

C:\Windows\tasks\User_Feed_Synchronization-{4C23A0C7-5813-48E5-BF16-18A045D2C747}.job
C:\Windows\tasks\SA.DAT
C:\Windows\tasks\SCHEDLGU.TXT

------[ ]------

C:\ProgramData\addr_file.html
C:\ProgramData\Adobe
C:\ProgramData\Application Data
C:\ProgramData\Avira
C:\ProgramData\Bureau
C:\ProgramData\CanonBJ
C:\ProgramData\CyberLink
C:\ProgramData\Desktop
C:\ProgramData\Documents
C:\ProgramData\eMule
C:\ProgramData\Favoris
C:\ProgramData\Favorites
C:\ProgramData\fssg
C:\ProgramData\Google
C:\ProgramData\Hewlett-Packard
C:\ProgramData\InstallShield
C:\ProgramData\Jump great great.6vuemy
C:\ProgramData\Jump great great.aannb1q
C:\ProgramData\Jump great great.bvn0hz
C:\ProgramData\Jump great great.mfdh77k
C:\ProgramData\Menu D‚marrer
C:\ProgramData\Messenger Plus!
C:\ProgramData\Microsoft
C:\ProgramData\ModŠles
C:\ProgramData\Mp3 Shim
C:\ProgramData\ntuser.pol
C:\ProgramData\NVIDIA
C:\ProgramData\Ping Great Program.lkiqbq
C:\ProgramData\Roxio
C:\ProgramData\Sonic
C:\ProgramData\Start Menu
C:\ProgramData\Symantec
C:\ProgramData\Templates
C:\ProgramData\third lies itch ford
C:\ProgramData\TomTom
C:\ProgramData\WLInstaller

---------------[ ]--------------

C:\Program Files\Adobe
C:\Program Files\Alwil Software
C:\Program Files\Avira
C:\Program Files\CanonBJ
C:\Program Files\Circle Developement
C:\Program Files\Common Files
C:\Program Files\Controle Parental
C:\Program Files\CyberLink
C:\Program Files\desktop.ini
C:\Program Files\EA GAMES
C:\Program Files\Eidos
C:\Program Files\Fichiers communs
C:\Program Files\GameSpy Arcade
C:\Program Files\Google
C:\Program Files\Hewlett-Packard
C:\Program Files\HP
C:\Program Files\IncrediMail
C:\Program Files\InstallShield Installation Information
C:\Program Files\Internet Explorer
C:\Program Files\Messenger Plus! Live
C:\Program Files\Microsoft Games
C:\Program Files\Microsoft Office
C:\Program Files\Microsoft Works
C:\Program Files\Movie Maker
C:\Program Files\MSBuild
C:\Program Files\MSN
C:\Program Files\MSN Messenger
C:\Program Files\MSXML 4.0
C:\Program Files\Orange
C:\Program Files\PC-Doctor 5 for Windows
C:\Program Files\Real
C:\Program Files\Realtek
C:\Program Files\Reference Assemblies
C:\Program Files\Roxio
C:\Program Files\SAGEM
C:\Program Files\SAGEM WiFi manager
C:\Program Files\Services en ligne
C:\Program Files\Shareaza
C:\Program Files\Strategy First
C:\Program Files\THQ
C:\Program Files\TomTom DesktopSuite
C:\Program Files\TomTom HOME 2
C:\Program Files\Trend Micro
C:\Program Files\UBISOFT
C:\Program Files\Uninstall Information
C:\Program Files\Windows Calendar
C:\Program Files\Windows Collaboration
C:\Program Files\Windows Defender
C:\Program Files\Windows Live
C:\Program Files\Windows Mail
C:\Program Files\Windows Media Player
C:\Program Files\Windows NT
C:\Program Files\Windows Photo Gallery
C:\Program Files\Windows Sidebar
C:\Program Files\WinRAR

---------------[ C:\Program Files\Common Files ]--------------

C:\Program Files\Common Files\Adobe
C:\Program Files\Common Files\InstallShield
C:\Program Files\Common Files\LightScribe
C:\Program Files\Common Files\LS Getting Started
C:\Program Files\Common Files\microsoft shared
C:\Program Files\Common Files\Real
C:\Program Files\Common Files\Roxio Shared
C:\Program Files\Common Files\Services
C:\Program Files\Common Files\Sonic Shared
C:\Program Files\Common Files\SpeechEngines
C:\Program Files\Common Files\SureThing Shared
C:\Program Files\Common Files\SWF Studio
C:\Program Files\Common Files\Symantec Shared
C:\Program Files\Common Files\System
C:\Program Files\Common Files\WindowsLiveInstaller
C:\Program Files\Common Files\xing shared

----------------------[ ]---------------------

Commande ECHO d‚sactiv‚e.

-----------------[ ]-----------------

Commande ECHO d‚sactiv‚e.

----------------------[ ]----------------------

..... OK !

--------------------[ ]---------------------

Commande ECHO d‚sactiv‚e.

127.0.0.1 localhost
::1 localhost

----------------[ ]-----------------


--------------------[ ]---------------------


--------------------[ 17:52:09,97 ]----------------------



merci.
a b 8 Sécurité
1 Février 2008 18:38:10

Tu peux recommencer en faisant clic droit/exécuter en tant qu'administrateur
1 Février 2008 20:49:17

Re,
voici mon 2eme rapport, j'ai fait ce que vous m'avez demandé.


-----------------------------[ Lop S&D V01 ]---------------------------

Microsoft Windows [version 6.0.6000] [ OS : Windows_NT ]

"C:\Users\schmitt olivier\Contacts\Desktop\Lop SD"

[ 01/02/2008 | 20:46:35,52 ] [ PC-DE-SCHMITT ]


-------------[ Listing des dossiers dans Application Data ]------------

C:\Users\SCHMIT~1\AppData\Roaming\Adobe\Acrobat
C:\Users\SCHMIT~1\AppData\Roaming\Adobe\ESD
C:\Users\SCHMIT~1\AppData\Roaming\Adobe\Flash Player
C:\Users\SCHMIT~1\AppData\Roaming\CyberLink\PowerCinema
C:\Users\SCHMIT~1\AppData\Roaming\CyberLink\PowerDVD
C:\Users\SCHMIT~1\AppData\Roaming\Google\Local Search History
C:\Users\SCHMIT~1\AppData\Roaming\Hewlett-Packard\HP Software UI
C:\Users\SCHMIT~1\AppData\Roaming\Identities\{23301D2A-5BAB-4447-A3D2-492E96C3824F}
C:\Users\SCHMIT~1\AppData\Roaming\InstallShield\ISEngine12.0
C:\Users\SCHMIT~1\AppData\Roaming\Macromedia\Flash Player
C:\Users\SCHMIT~1\AppData\Roaming\Player Orange\Data
C:\Users\SCHMIT~1\AppData\Roaming\Player Orange\Player Orange.log
C:\Users\SCHMIT~1\AppData\Roaming\Player Orange\RentedDataBase.bak
C:\Users\SCHMIT~1\AppData\Roaming\Player Orange\RentedDataBase.xml
C:\Users\SCHMIT~1\AppData\Roaming\Player Orange\settings.dll
C:\Users\SCHMIT~1\AppData\Roaming\Player Orange\Temp
C:\Users\SCHMIT~1\AppData\Roaming\Real\Msg
C:\Users\SCHMIT~1\AppData\Roaming\Real\RealMediaSDK
C:\Users\SCHMIT~1\AppData\Roaming\Real\RealPlayer
C:\Users\SCHMIT~1\AppData\Roaming\Real\rnadmin
C:\Users\SCHMIT~1\AppData\Roaming\Roxio\Dragon
C:\Users\SCHMIT~1\AppData\Roaming\Roxio\MediaManager9
C:\Users\SCHMIT~1\AppData\Roaming\Roxio\MyDVD9
C:\Users\SCHMIT~1\AppData\Roaming\Roxio\PlasmaLog.txt
C:\Users\SCHMIT~1\AppData\Roaming\Roxio\RoxioCentral
C:\Users\SCHMIT~1\AppData\Roaming\Roxio\RoxioCentral33
C:\Users\SCHMIT~1\AppData\Roaming\Roxio\VideoUI9
C:\Users\SCHMIT~1\AppData\Roaming\Shareaza\Collections
C:\Users\SCHMIT~1\AppData\Roaming\Shareaza\Data
C:\Users\SCHMIT~1\AppData\Roaming\Shareaza\Torrents
C:\Users\SCHMIT~1\AppData\Roaming\Template\Normal.wpt
C:\Users\SCHMIT~1\AppData\Roaming\TomTom\HOME
C:\Users\SCHMIT~1\AppData\Roaming\UserTile.png\UserTile.png
C:\Users\SCHMIT~1\AppData\Roaming\wklnhst.dat\wklnhst.dat

----------------[ Tâches planifiées dans C:\Windows\tasks ]---------------

C:\Windows\tasks\User_Feed_Synchronization-{4C23A0C7-5813-48E5-BF16-18A045D2C747}.job
C:\Windows\tasks\SA.DAT
C:\Windows\tasks\SCHEDLGU.TXT

------[ Listing des dossiers dans C:\ProgramData ]------

C:\ProgramData\addr_file.html
C:\ProgramData\Adobe
C:\ProgramData\Application Data
C:\ProgramData\Avira
C:\ProgramData\Bureau
C:\ProgramData\CanonBJ
C:\ProgramData\CyberLink
C:\ProgramData\Desktop
C:\ProgramData\Documents
C:\ProgramData\eMule
C:\ProgramData\Favoris
C:\ProgramData\Favorites
C:\ProgramData\fssg
C:\ProgramData\Google
C:\ProgramData\Hewlett-Packard
C:\ProgramData\InstallShield
C:\ProgramData\Jump great great.6vuemy
C:\ProgramData\Jump great great.aannb1q
C:\ProgramData\Jump great great.bvn0hz
C:\ProgramData\Jump great great.mfdh77k
C:\ProgramData\Menu D‚marrer
C:\ProgramData\Messenger Plus!
C:\ProgramData\Microsoft
C:\ProgramData\ModŠles
C:\ProgramData\Mp3 Shim
C:\ProgramData\ntuser.pol
C:\ProgramData\NVIDIA
C:\ProgramData\Ping Great Program.lkiqbq
C:\ProgramData\Roxio
C:\ProgramData\Sonic
C:\ProgramData\Start Menu
C:\ProgramData\Symantec
C:\ProgramData\Templates
C:\ProgramData\third lies itch ford
C:\ProgramData\TomTom
C:\ProgramData\WLInstaller

---------------[ Listing des dossiers dans C:\Program Files ]--------------

C:\Program Files\Adobe
C:\Program Files\Alwil Software
C:\Program Files\Avira
C:\Program Files\CanonBJ
C:\Program Files\Circle Developement
C:\Program Files\Common Files
C:\Program Files\Controle Parental
C:\Program Files\CyberLink
C:\Program Files\desktop.ini
C:\Program Files\EA GAMES
C:\Program Files\Eidos
C:\Program Files\Fichiers communs
C:\Program Files\GameSpy Arcade
C:\Program Files\Google
C:\Program Files\Hewlett-Packard
C:\Program Files\HP
C:\Program Files\IncrediMail
C:\Program Files\InstallShield Installation Information
C:\Program Files\Internet Explorer
C:\Program Files\Messenger Plus! Live
C:\Program Files\Microsoft Games
C:\Program Files\Microsoft Office
C:\Program Files\Microsoft Works
C:\Program Files\Movie Maker
C:\Program Files\MSBuild
C:\Program Files\MSN
C:\Program Files\MSN Messenger
C:\Program Files\MSXML 4.0
C:\Program Files\Orange
C:\Program Files\PC-Doctor 5 for Windows
C:\Program Files\Real
C:\Program Files\Realtek
C:\Program Files\Reference Assemblies
C:\Program Files\Roxio
C:\Program Files\SAGEM
C:\Program Files\SAGEM WiFi manager
C:\Program Files\Services en ligne
C:\Program Files\Shareaza
C:\Program Files\Strategy First
C:\Program Files\THQ
C:\Program Files\TomTom DesktopSuite
C:\Program Files\TomTom HOME 2
C:\Program Files\Trend Micro
C:\Program Files\UBISOFT
C:\Program Files\Uninstall Information
C:\Program Files\Windows Calendar
C:\Program Files\Windows Collaboration
C:\Program Files\Windows Defender
C:\Program Files\Windows Live
C:\Program Files\Windows Mail
C:\Program Files\Windows Media Player
C:\Program Files\Windows NT
C:\Program Files\Windows Photo Gallery
C:\Program Files\Windows Sidebar
C:\Program Files\WinRAR

---------------[ C:\Program Files\Common Files ]--------------

C:\Program Files\Common Files\Adobe
C:\Program Files\Common Files\InstallShield
C:\Program Files\Common Files\LightScribe
C:\Program Files\Common Files\LS Getting Started
C:\Program Files\Common Files\microsoft shared
C:\Program Files\Common Files\Real
C:\Program Files\Common Files\Roxio Shared
C:\Program Files\Common Files\Services
C:\Program Files\Common Files\Sonic Shared
C:\Program Files\Common Files\SpeechEngines
C:\Program Files\Common Files\SureThing Shared
C:\Program Files\Common Files\SWF Studio
C:\Program Files\Common Files\Symantec Shared
C:\Program Files\Common Files\System
C:\Program Files\Common Files\WindowsLiveInstaller
C:\Program Files\Common Files\xing shared

----------------------[ Recherche avec S_Lop ]---------------------

C:\ProgramData\Jump great great.6vuemy
C:\ProgramData\Jump great great.aannb1q
C:\ProgramData\Jump great great.bvn0hz
C:\ProgramData\Jump great great.mfdh77k

-----------------[ Recherche de Fichiers / Dossiers Lop ]-----------------

Aucun fichier / dossier Lop trouvé !

----------------------[ Verification du Registre ]----------------------

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

..... OK !

--------------------[ Verification du fichier Hosts ]---------------------

Fichier Hosts MODIFIE

127.0.0.1 localhost
::1 localhost

----------------[ Recherche de fichiers avec Catchme ]-----------------

catchme 0.3.1262 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-02-01 20:47:09
Windows 6.0.6000 NTFS
scanning hidden files ...
scan completed successfully
hidden files: 0

--------------------[ Recherche d'autres infections ]---------------------

Aucune autre infection trouvée !

--------------------[ Fin du rapport a 20:47:16,53 ]----------------------
Merci.
a b 8 Sécurité
2 Février 2008 12:25:50

Passe l'option deux maintenant.
2 Février 2008 18:37:13

BONJOUR,
voici mon nouveau rapport

-----------------------------[ Lop S&D V01 ]---------------------------

Microsoft Windows [version 6.0.6000] [ OS : Windows_NT ]

"C:\Users\schmitt olivier\Contacts\Desktop\Lop SD"

[ 02/02/2008 | 18:31:17,38 ] [ PC-DE-SCHMITT ]

\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\ SUPPRESSION /////////////////////////////

Supprimé! - C:\ProgramData\Jump great great.6vuemy
Supprimé! - C:\ProgramData\Jump great great.aannb1q
Supprimé! - C:\ProgramData\Jump great great.bvn0hz
Supprimé! - C:\ProgramData\Jump great great.mfdh77k
Restauré! - Fichier Hosts

//////////////////////////////////////-\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\


-------------[ Listing des dossiers dans Application Data ]------------

C:\Users\SCHMIT~1\AppData\Roaming\Adobe\Acrobat
C:\Users\SCHMIT~1\AppData\Roaming\Adobe\ESD
C:\Users\SCHMIT~1\AppData\Roaming\Adobe\Flash Player
C:\Users\SCHMIT~1\AppData\Roaming\CyberLink\PowerCinema
C:\Users\SCHMIT~1\AppData\Roaming\CyberLink\PowerDVD
C:\Users\SCHMIT~1\AppData\Roaming\Google\Local Search History
C:\Users\SCHMIT~1\AppData\Roaming\Hewlett-Packard\HP Software UI
C:\Users\SCHMIT~1\AppData\Roaming\Identities\{23301D2A-5BAB-4447-A3D2-492E96C3824F}
C:\Users\SCHMIT~1\AppData\Roaming\InstallShield\ISEngine12.0
C:\Users\SCHMIT~1\AppData\Roaming\Macromedia\Flash Player
C:\Users\SCHMIT~1\AppData\Roaming\Player Orange\Data
C:\Users\SCHMIT~1\AppData\Roaming\Player Orange\Player Orange.log
C:\Users\SCHMIT~1\AppData\Roaming\Player Orange\RentedDataBase.bak
C:\Users\SCHMIT~1\AppData\Roaming\Player Orange\RentedDataBase.xml
C:\Users\SCHMIT~1\AppData\Roaming\Player Orange\settings.dll
C:\Users\SCHMIT~1\AppData\Roaming\Player Orange\Temp
C:\Users\SCHMIT~1\AppData\Roaming\Real\Msg
C:\Users\SCHMIT~1\AppData\Roaming\Real\RealMediaSDK
C:\Users\SCHMIT~1\AppData\Roaming\Real\RealPlayer
C:\Users\SCHMIT~1\AppData\Roaming\Real\rnadmin
C:\Users\SCHMIT~1\AppData\Roaming\Roxio\Dragon
C:\Users\SCHMIT~1\AppData\Roaming\Roxio\MediaManager9
C:\Users\SCHMIT~1\AppData\Roaming\Roxio\MyDVD9
C:\Users\SCHMIT~1\AppData\Roaming\Roxio\PlasmaLog.txt
C:\Users\SCHMIT~1\AppData\Roaming\Roxio\RoxioCentral
C:\Users\SCHMIT~1\AppData\Roaming\Roxio\RoxioCentral33
C:\Users\SCHMIT~1\AppData\Roaming\Roxio\VideoUI9
C:\Users\SCHMIT~1\AppData\Roaming\Shareaza\Collections
C:\Users\SCHMIT~1\AppData\Roaming\Shareaza\Data
C:\Users\SCHMIT~1\AppData\Roaming\Shareaza\Torrents
C:\Users\SCHMIT~1\AppData\Roaming\Template\Normal.wpt
C:\Users\SCHMIT~1\AppData\Roaming\TomTom\HOME
C:\Users\SCHMIT~1\AppData\Roaming\UserTile.png\UserTile.png
C:\Users\SCHMIT~1\AppData\Roaming\wklnhst.dat\wklnhst.dat

----------------[ Tâches planifiées dans C:\Windows\tasks ]---------------

C:\Windows\tasks\User_Feed_Synchronization-{4C23A0C7-5813-48E5-BF16-18A045D2C747}.job
C:\Windows\tasks\SA.DAT
C:\Windows\tasks\SCHEDLGU.TXT

------[ Listing des dossiers dans C:\ProgramData ]------

C:\ProgramData\addr_file.html
C:\ProgramData\Adobe
C:\ProgramData\Application Data
C:\ProgramData\Avira
C:\ProgramData\Bureau
C:\ProgramData\CanonBJ
C:\ProgramData\CyberLink
C:\ProgramData\Desktop
C:\ProgramData\Documents
C:\ProgramData\eMule
C:\ProgramData\Favoris
C:\ProgramData\Favorites
C:\ProgramData\fssg
C:\ProgramData\Google
C:\ProgramData\Hewlett-Packard
C:\ProgramData\InstallShield
C:\ProgramData\Menu D‚marrer
C:\ProgramData\Messenger Plus!
C:\ProgramData\Microsoft
C:\ProgramData\ModŠles
C:\ProgramData\Mp3 Shim
C:\ProgramData\ntuser.pol
C:\ProgramData\NVIDIA
C:\ProgramData\Ping Great Program.lkiqbq
C:\ProgramData\Roxio
C:\ProgramData\Sonic
C:\ProgramData\Start Menu
C:\ProgramData\Symantec
C:\ProgramData\Templates
C:\ProgramData\third lies itch ford
C:\ProgramData\TomTom
C:\ProgramData\WLInstaller

---------------[ Listing des dossiers dans C:\Program Files ]--------------

C:\Program Files\Adobe
C:\Program Files\Alwil Software
C:\Program Files\Avira
C:\Program Files\CanonBJ
C:\Program Files\Circle Developement
C:\Program Files\Common Files
C:\Program Files\Controle Parental
C:\Program Files\CyberLink
C:\Program Files\desktop.ini
C:\Program Files\EA GAMES
C:\Program Files\Eidos
C:\Program Files\Fichiers communs
C:\Program Files\GameSpy Arcade
C:\Program Files\Google
C:\Program Files\Hewlett-Packard
C:\Program Files\HP
C:\Program Files\IncrediMail
C:\Program Files\InstallShield Installation Information
C:\Program Files\Internet Explorer
C:\Program Files\Messenger Plus! Live
C:\Program Files\Microsoft Games
C:\Program Files\Microsoft Office
C:\Program Files\Microsoft Works
C:\Program Files\Movie Maker
C:\Program Files\MSBuild
C:\Program Files\MSN
C:\Program Files\MSN Messenger
C:\Program Files\MSXML 4.0
C:\Program Files\Orange
C:\Program Files\PC-Doctor 5 for Windows
C:\Program Files\Real
C:\Program Files\Realtek
C:\Program Files\Reference Assemblies
C:\Program Files\Roxio
C:\Program Files\SAGEM
C:\Program Files\SAGEM WiFi manager
C:\Program Files\Services en ligne
C:\Program Files\Shareaza
C:\Program Files\Strategy First
C:\Program Files\THQ
C:\Program Files\TomTom DesktopSuite
C:\Program Files\TomTom HOME 2
C:\Program Files\Trend Micro
C:\Program Files\UBISOFT
C:\Program Files\Uninstall Information
C:\Program Files\Windows Calendar
C:\Program Files\Windows Collaboration
C:\Program Files\Windows Defender
C:\Program Files\Windows Live
C:\Program Files\Windows Mail
C:\Program Files\Windows Media Player
C:\Program Files\Windows NT
C:\Program Files\Windows Photo Gallery
C:\Program Files\Windows Sidebar
C:\Program Files\WinRAR

---------------[ C:\Program Files\Common Files ]--------------

C:\Program Files\Common Files\Adobe
C:\Program Files\Common Files\InstallShield
C:\Program Files\Common Files\LightScribe
C:\Program Files\Common Files\LS Getting Started
C:\Program Files\Common Files\microsoft shared
C:\Program Files\Common Files\Real
C:\Program Files\Common Files\Roxio Shared
C:\Program Files\Common Files\Services
C:\Program Files\Common Files\Sonic Shared
C:\Program Files\Common Files\SpeechEngines
C:\Program Files\Common Files\SureThing Shared
C:\Program Files\Common Files\SWF Studio
C:\Program Files\Common Files\Symantec Shared
C:\Program Files\Common Files\System
C:\Program Files\Common Files\WindowsLiveInstaller
C:\Program Files\Common Files\xing shared

----------------------[ Recherche avec S_Lop ]---------------------

Aucun fichier / dossier Lop trouvé !

-----------------[ Recherche de Fichiers / Dossiers Lop ]-----------------

Aucun fichier / dossier Lop trouvé !

----------------------[ Verification du Registre ]----------------------

..... OK !

--------------------[ Verification du fichier Hosts ]---------------------

Fichier Hosts PROPRE


----------------[ Recherche de fichiers avec Catchme ]-----------------

catchme 0.3.1262 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-02-02 18:34:10
Windows 6.0.6000 NTFS
scanning hidden files ...
scan completed successfully
hidden files: 0

--------------------[ Recherche d'autres infections ]---------------------

Aucune autre infection trouvée !

--------------------[ Fin du rapport a 18:34:18,86 ]----------------------
merci
a b 8 Sécurité
2 Février 2008 19:09:10

C'est mieux ?
2 Février 2008 20:22:12

bon soir,
oui c'est mieux et merci beaucoup
merci pour votre patience.
a b 8 Sécurité
3 Février 2008 12:50:16

Bon surf ;) 
3 Février 2008 12:58:20

Bonjour,
merci encore pour votre aide .
Juste une dernière question : faut il que je réactive l'UAC ?
MERCI
a b 8 Sécurité
3 Février 2008 19:05:54

Comme tu veux.
4 Février 2008 08:26:21

Bonjour,
je ne pense pas que je vais le réactivé.
Encore merci pour ton aide .
Merci, merci.
a b 8 Sécurité
4 Février 2008 18:38:27

Bon surf.
Tom's guide dans le monde
  • Allemagne
  • Italie
  • Irlande
  • Royaume Uni
  • Etats Unis
Suivre Tom's Guide
Inscrivez-vous à la Newsletter
  • ajouter à twitter
  • ajouter à facebook
  • ajouter un flux RSS