Se connecter / S'enregistrer
Votre question

fenetre cid intempestives..

Tags :
  • Windows genuine advantage
  • Sécurité
Dernière réponse : dans Sécurité et virus
1 Octobre 2007 22:17:44

bonjour..g beaucoup de fentre cid qui s ouvrent quand je navigue...je ne c pas de quoi ca provient....si quelqu un pouvait m aider?merci

Autres pages sur : fenetre cid intempestives

1 Octobre 2007 22:22:53

bonsoir

1

Télécharge Lop S&D.zip.
Dézippe-le sur ton Bureau uniquement.
Ouvre le dossier Lop S&D puis double-clique sur Scan.bat. Tape sur "R" puis valide en appuyant sur "Entrée".
Un rapport sera généré, poste son contenu ici.

2

Télécharge puis installe Hijackthis (Trend Micro)
Poste ensuite un rapport dans ta prochaine réponse.
AIDE : Comment utiliser Hijackthis v2.0.2
Contenus similaires
1 Octobre 2007 22:30:28

Citation :
bonjour..g beaucoup de fentre cid qui s ouvrent quand je navigue...je ne c pas de quoi ca provient....si quelqu un pouvait m aider?merci


je traduis pour Angeldark :D 

Bonjour...
J'ai beaucoup de fenêtres CID qui s'ouvrent quand je navigue... Je ne sais pas de quoi ça provient... Si un helper plein de mansuétude pouvait m'aider.
Merci
1 Octobre 2007 22:31:04


-------------------------------[ Lop S&D ]------------------------------

Version : Microsoft Windows XP [version 5.1.2600] [ OS : Windows_NT ]

Lancé depuis : "C:\Documents and Settings\julien\Bureau\Lop S&D"

Rapport crée : Le 01/10/2007 à 22:28:43,17 PC : GUILLOT-0B5D56F

! Faire analyser le rapport par un Helper avant intervention !

---------------------[ Listing des Applications Data ]--------------------

C:\Documents and Settings\All Users\Application Data\Kaspersky Lab
C:\Documents and Settings\All Users\Application Data\WinAntiVirus Pro 2006
C:\Documents and Settings\All Users\Application Data\Symantec
C:\Documents and Settings\All Users\Application Data\Apple Computer
C:\Documents and Settings\All Users\Application Data\Messenger Plus!
C:\Documents and Settings\All Users\Application Data\Microsoft
C:\Documents and Settings\All Users\Application Data\Windows Genuine Advantage
C:\Documents and Settings\All Users\Application Data\Sony Corporation
C:\Documents and Settings\All Users\Application Data\QuickTime
C:\Documents and Settings\All Users\Application Data\desktop.ini
C:\Documents and Settings\All Users\Application Data\Ahead
C:\Documents and Settings\All Users\Application Data\Adobe
C:\Documents and Settings\All Users\Application Data\SBSI

C:\Documents and Settings\All Users.WINDOWS\Application Data\Kaspersky Lab
C:\Documents and Settings\All Users.WINDOWS\Application Data\LauncherAccess.dt
C:\Documents and Settings\All Users.WINDOWS\Application Data\Move Bore Curb Tool
C:\Documents and Settings\All Users.WINDOWS\Application Data\Apple
C:\Documents and Settings\All Users.WINDOWS\Application Data\QTSBandwidthCache
C:\Documents and Settings\All Users.WINDOWS\Application Data\Mozilla
C:\Documents and Settings\All Users.WINDOWS\Application Data\Adobe
C:\Documents and Settings\All Users.WINDOWS\Application Data\Windows Genuine Advantage
C:\Documents and Settings\All Users.WINDOWS\Application Data\Apple Computer
C:\Documents and Settings\All Users.WINDOWS\Application Data\Google
C:\Documents and Settings\All Users.WINDOWS\Application Data\Microsoft
C:\Documents and Settings\All Users.WINDOWS\Application Data\Sony Corporation
C:\Documents and Settings\All Users.WINDOWS\Application Data\desktop.ini

C:\Documents and Settings\Default User\Application Data\desktop.ini
C:\Documents and Settings\Default User\Application Data\Microsoft
C:\Documents and Settings\Default User\Application Data\Identities

C:\Documents and Settings\Default User.WINDOWS\Application Data\desktop.ini
C:\Documents and Settings\Default User.WINDOWS\Application Data\Microsoft

C:\Documents and Settings\julien\Application Data\Azureus
C:\Documents and Settings\julien\Application Data\Shareaza
C:\Documents and Settings\julien\Application Data\vctooltitle
C:\Documents and Settings\julien\Application Data\Move Networks
C:\Documents and Settings\julien\Application Data\Temporary
C:\Documents and Settings\julien\Application Data\Talkback
C:\Documents and Settings\julien\Application Data\Mozilla
C:\Documents and Settings\julien\Application Data\TransRender
C:\Documents and Settings\julien\Application Data\WinRAR
C:\Documents and Settings\julien\Application Data\Microsoft
C:\Documents and Settings\julien\Application Data\ViewerApp.dat
C:\Documents and Settings\julien\Application Data\ConvertTemp
C:\Documents and Settings\julien\Application Data\Samsung
C:\Documents and Settings\julien\Application Data\Vso
C:\Documents and Settings\julien\Application Data\AdobeUM
C:\Documents and Settings\julien\Application Data\dvdcss
C:\Documents and Settings\julien\Application Data\vlc
C:\Documents and Settings\julien\Application Data\CDRusersDB.v12
C:\Documents and Settings\julien\Application Data\Apple Computer
C:\Documents and Settings\julien\Application Data\InterVideo
C:\Documents and Settings\julien\Application Data\Datalayer
C:\Documents and Settings\julien\Application Data\Nokia
C:\Documents and Settings\julien\Application Data\DeepBurner
C:\Documents and Settings\julien\Application Data\Adobe
C:\Documents and Settings\julien\Application Data\Sun
C:\Documents and Settings\julien\Application Data\Google
C:\Documents and Settings\julien\Application Data\MSNInstaller
C:\Documents and Settings\julien\Application Data\Macromedia
C:\Documents and Settings\julien\Application Data\Help
C:\Documents and Settings\julien\Application Data\desktop.ini
C:\Documents and Settings\julien\Application Data\Identities

C:\Documents and Settings\julien guillot\Application Data\Azureus
C:\Documents and Settings\julien guillot\Application Data\Shareaza
C:\Documents and Settings\julien guillot\Application Data\vctooltitle
C:\Documents and Settings\julien guillot\Application Data\Move Networks
C:\Documents and Settings\julien guillot\Application Data\Temporary
C:\Documents and Settings\julien guillot\Application Data\Talkback
C:\Documents and Settings\julien guillot\Application Data\Mozilla
C:\Documents and Settings\julien guillot\Application Data\TransRender
C:\Documents and Settings\julien guillot\Application Data\WinRAR
C:\Documents and Settings\julien guillot\Application Data\Microsoft
C:\Documents and Settings\julien guillot\Application Data\ViewerApp.dat
C:\Documents and Settings\julien guillot\Application Data\ConvertTemp
C:\Documents and Settings\julien guillot\Application Data\Samsung
C:\Documents and Settings\julien guillot\Application Data\Vso
C:\Documents and Settings\julien guillot\Application Data\AdobeUM
C:\Documents and Settings\julien guillot\Application Data\dvdcss
C:\Documents and Settings\julien guillot\Application Data\vlc
C:\Documents and Settings\julien guillot\Application Data\CDRusersDB.v12
C:\Documents and Settings\julien guillot\Application Data\Apple Computer
C:\Documents and Settings\julien guillot\Application Data\InterVideo
C:\Documents and Settings\julien guillot\Application Data\Datalayer
C:\Documents and Settings\julien guillot\Application Data\Nokia
C:\Documents and Settings\julien guillot\Application Data\DeepBurner
C:\Documents and Settings\julien guillot\Application Data\Adobe
C:\Documents and Settings\julien guillot\Application Data\Sun
C:\Documents and Settings\julien guillot\Application Data\Google
C:\Documents and Settings\julien guillot\Application Data\MSNInstaller
C:\Documents and Settings\julien guillot\Application Data\Macromedia
C:\Documents and Settings\julien guillot\Application Data\Help
C:\Documents and Settings\julien guillot\Application Data\desktop.ini
C:\Documents and Settings\julien guillot\Application Data\Identities

C:\Documents and Settings\LocalService\Application Data\NetMon
C:\Documents and Settings\LocalService\Application Data\Microsoft

C:\Documents and Settings\LocalService.AUTORITE NT\Application Data\Microsoft

C:\Documents and Settings\NetworkService\Application Data\Symantec
C:\Documents and Settings\NetworkService\Application Data\Microsoft

C:\Documents and Settings\NetworkService.AUTORITE NT\Application Data\Microsoft

----------------[ Tâches planifiées dans C:\WINDOWS\tasks ]---------------

C:\WINDOWS\tasks\AEF1AD2993365F55.job
C:\WINDOWS\tasks\AppleSoftwareUpdate.job
C:\WINDOWS\tasks\Radiohead - No Surprises.job
C:\WINDOWS\tasks\SA.DAT
C:\WINDOWS\tasks\desktop.ini

--------------[ Listing des dossiers dans C:\Program Files ]--------------

C:\Program Files\3ivx
C:\Program Files\AC3Filter
C:\Program Files\Adobe
C:\Program Files\Ahead
C:\Program Files\AMD
C:\Program Files\Astonsoft
C:\Program Files\Azureus
C:\Program Files\Common Files
C:\Program Files\delete.exe
C:\Program Files\DivX
C:\Program Files\ECI Telecom
C:\Program Files\Fichiers communs
C:\Program Files\Google
C:\Program Files\i tune
C:\Program Files\InterActual
C:\Program Files\Internet Explorer
C:\Program Files\InterVideo
C:\Program Files\Inventel
C:\Program Files\iPod
C:\Program Files\iTunes
C:\Program Files\Java
C:\Program Files\JavaSoft
C:\Program Files\Kaspersky Lab
C:\Program Files\Messager Wanadoo
C:\Program Files\Messenger
C:\Program Files\microsoft frontpage
C:\Program Files\Microsoft IntelliPoint
C:\Program Files\Microsoft IntelliPoint 5.5
C:\Program Files\Microsoft Office
C:\Program Files\Microsoft Visual Studio
C:\Program Files\Microsoft Works
C:\Program Files\Microsoft.NET
C:\Program Files\Movie Maker
C:\Program Files\Mozilla Firefox
C:\Program Files\MSN
C:\Program Files\MSN Gaming Zone
C:\Program Files\MSN Messenger
C:\Program Files\MUSK Codec Pack v5
C:\Program Files\NetMeeting
C:\Program Files\On2 Technologies
C:\Program Files\Outlook Express
C:\Program Files\PIXELA
C:\Program Files\QuickTime
C:\Program Files\QuickTime Alternative
C:\Program Files\QuickTimeInstaller.exe
C:\Program Files\Raccourcis de programmes
C:\Program Files\Samsung
C:\Program Files\SetAttrib.exe
C:\Program Files\SiS VGA Utilities V3.66
C:\Program Files\sisagp
C:\Program Files\SiSLan
C:\Program Files\Sony Corporation
C:\Program Files\Synaptics
C:\Program Files\vctooltitle
C:\Program Files\VIAudioi
C:\Program Files\VideoLAN
C:\Program Files\VSO
C:\Program Files\vso_image_resizer_setup.exe
C:\Program Files\Wanadoo
C:\Program Files\win rar.exe
C:\Program Files\Winamp
C:\Program Files\winamp524_full.exe
C:\Program Files\Windows Media Connect 2
C:\Program Files\Windows Media Player
C:\Program Files\Windows NT
C:\Program Files\WinRAR
C:\Program Files\winrar.exe
C:\Program Files\xerox
C:\Program Files\XviD
C:\Program Files\Yahoo!

------[ Listing des dossiers dans C:\Program Files\Fichiers communs ]-----

C:\Program Files\Fichiers communs\{EC55E02F-031E-1036-0615-050202050021}
C:\Program Files\Fichiers communs\Adobe
C:\Program Files\Fichiers communs\Ahead
C:\Program Files\Fichiers communs\Apple
C:\Program Files\Fichiers communs\DESIGNER
C:\Program Files\Fichiers communs\InstallShield
C:\Program Files\Fichiers communs\Java
C:\Program Files\Fichiers communs\Microsoft Shared
C:\Program Files\Fichiers communs\MSSoap
C:\Program Files\Fichiers communs\muvee Technologies
C:\Program Files\Fichiers communs\ODBC
C:\Program Files\Fichiers communs\Services
C:\Program Files\Fichiers communs\Sony Shared
C:\Program Files\Fichiers communs\SpeechEngines
C:\Program Files\Fichiers communs\Symantec Shared
C:\Program Files\Fichiers communs\System

----------------------[ Recherche dans le Registre ]----------------------

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run]

"Curb tool help dart"="C:\\Documents and Settings\\All Users.WINDOWS\\Application Data\\Move Bore Curb Tool\\skip ooze.exe"

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run]

"PokeOwns"="C:\\DOCUME~1\\julien\\APPLIC~1\\VCTOOL~1\\DELETEAMOKJUGS.exe"

-----------------[ Recherche de Fichiers - Dossiers Lop ]-----------------

C:\Documents and settings\All Users.WINDOWS\Application Data\Move Bore Curb Tool
C:\Documents and settings\julien\Application Data\VCTOOL~1
C:\Program Files\VCTOOL~1
C:\WINDOWS\tasks\AEF1AD2993365F55.job
C:\WINDOWS\tasks\AppleSoftwareUpdate.job
C:\WINDOWS\tasks\Radiohead

--------------------[ Vérification du fichier Hosts ]---------------------

Fichier Hosts : MODIFIE

127.0.0.1 localhost
127.0.0.1 bin.errorprotector.com ## added by CiD
127.0.0.1 br.errorsafe.com ## added by CiD
127.0.0.1 br.winantivirus.com ## added by CiD
127.0.0.1 br.winfixer.com ## added by CiD
127.0.0.1 cdn.drivecleaner.com ## added by CiD
127.0.0.1 cdn.errorsafe.com ## added by CiD
127.0.0.1 cdn.winsoftware.com ## added by CiD
127.0.0.1 de.errorsafe.com ## added by CiD
127.0.0.1 de.winantivirus.com ## added by CiD
127.0.0.1 download.cdn.drivecleaner.com ## added by CiD
127.0.0.1 download.cdn.errorsafe.com ## added by CiD
127.0.0.1 download.cdn.winsoftware.com ## added by CiD
127.0.0.1 download.errorsafe.com ## added by CiD
127.0.0.1 download.systemdoctor.com ## added by CiD
127.0.0.1 download.winantispyware.com ## added by CiD
127.0.0.1 download.windrivecleaner.com ## added by CiD
127.0.0.1 download.winfixer.com ## added by CiD
127.0.0.1 drivecleaner.com ## added by CiD
127.0.0.1 dynamique.drivecleaner.com ## added by CiD
127.0.0.1 errorprotector.com ## added by CiD
127.0.0.1 errorsafe.com ## added by CiD
127.0.0.1 es.winantivirus.com ## added by CiD
127.0.0.1 fr.winantivirus.com ## added by CiD
127.0.0.1 fr.winfixer.com ## added by CiD
127.0.0.1 go.drivecleaner.com ## added by CiD
127.0.0.1 go.errorsafe.com ## added by CiD
127.0.0.1 go.winantispyware.com ## added by CiD
127.0.0.1 go.winantivirus.com ## added by CiD
127.0.0.1 hk.winantivirus.com ## added by CiD
127.0.0.1 instlog.errorsafe.com ## added by CiD
127.0.0.1 instlog.winantivirus.com ## added by CiD
127.0.0.1 instlog.winfixer.com ## added by CiD
127.0.0.1 jsp.drivecleaner.com ## added by CiD
127.0.0.1 kb.errorsafe.com ## added by CiD
127.0.0.1 kb.winantivirus.com ## added by CiD
127.0.0.1 nl.errorsafe.com ## added by CiD
127.0.0.1 se.errorsafe.com ## added by CiD
127.0.0.1 secure.drivecleaner.com ## added by CiD
127.0.0.1 secure.errorsafe.com ## added by CiD
127.0.0.1 secure.winantispam.com ## added by CiD
127.0.0.1 secure.winantispy.com ## added by CiD
127.0.0.1 secure.winantivirus.com ## added by CiD
127.0.0.1 support.winantivirus.com ## added by CiD
127.0.0.1 trial.updates.winsoftware.com ## added by CiD
127.0.0.1 ulog.winantivirus.com ## added by CiD
127.0.0.1 utils.errorsafe.com ## added by CiD
127.0.0.1 utils.winantivirus.com ## added by CiD
127.0.0.1 utils.winfixer.com ## added by CiD
127.0.0.1 winantispyware.com ## added by CiD
127.0.0.1 winantivirus.com ## added by CiD
127.0.0.1 winfixer.com ## added by CiD
127.0.0.1 winfixer2006.com ## added by CiD
127.0.0.1 winsoftware.com ## added by CiD
127.0.0.1 www.drivecleaner.com ## added by CiD
127.0.0.1 www.errorprotector.com ## added by CiD
127.0.0.1 www.errorsafe.com ## added by CiD
127.0.0.1 www.systemdoctor.com ## added by CiD
127.0.0.1 www.utils.winfixer.com ## added by CiD
127.0.0.1 www.win-anti-virus-pro.com ## added by CiD
127.0.0.1 www.win-virus-pro.com ## added by CiD
127.0.0.1 www.winantispam.com ## added by CiD
127.0.0.1 www.winantispy.com ## added by CiD
127.0.0.1 www.winantispyware.com ## added by CiD
127.0.0.1 www.winantivirus.com ## added by CiD
127.0.0.1 www.winantiviruspro.com ## added by CiD
127.0.0.1 www.windrivecleaner.com ## added by CiD
127.0.0.1 www.windrivesafe.com ## added by CiD
127.0.0.1 www.winfixer.com ## added by CiD
127.0.0.1 www.winfixer2006.com ## added by CiD
127.0.0.1 www.winsoftware.com ## added by CiD

--------------------[ Recherche d'autres infections ]---------------------


--------------------[ Fin du rapport à 22:29:38,12 ]----------------------
1 Octobre 2007 22:35:54

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 22:34:07, on 01/10/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe
C:\WINDOWS\system32\slserv.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe
C:\PROGRA~1\MESSAG~1\StartMessager.exe
C:\Program Files\Winamp\winampa.exe
C:\WINDOWS\system32\Rundll32.exe
C:\WINDOWS\system32\keyhook.exe
C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Microsoft IntelliPoint\ipoint.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Program Files\Sony Corporation\Picture Package\Picture Package Menu\SonyTray.exe
C:\Program Files\Sony Corporation\Picture Package\Picture Package Applications\Residence.exe
C:\WINDOWS\system32\sistray.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\MSN Messenger\usnsvc.exe
C:\Program Files\WinRAR\WinRAR.exe
C:\WINDOWS\system32\cmd.exe
C:\WINDOWS\explorer.exe
C:\WINDOWS\NOTEPAD.EXE
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.yahoo.com/
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar3.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar3.dll
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe"
O4 - HKLM\..\Run: [MessagerStarter Wanadoo] C:\PROGRA~1\MESSAG~1\StartMessager.exe Messager Wanadoo
O4 - HKLM\..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe
O4 - HKLM\..\Run: [SiSUSBRG] C:\WINDOWS\SiSUSBrg.exe
O4 - HKLM\..\Run: [SiSPower] Rundll32.exe SiSPower.dll,ModeAgent
O4 - HKLM\..\Run: [SiS Windows KeyHook] C:\WINDOWS\system32\keyhook.exe
O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [IntelliPoint] "C:\Program Files\Microsoft IntelliPoint\ipoint.exe"
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime Alternative\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [Curb tool help dart] C:\Documents and Settings\All Users.WINDOWS\Application Data\Move Bore Curb Tool\skip ooze.exe
O4 - HKLM\..\Run: [AVP] "C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [WOOKIT] C:\PROGRA~1\Wanadoo\Shell.exe appLaunchClientZone.shl|PARAM= cnx
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [PokeOwns] C:\DOCUME~1\julien\APPLIC~1\VCTOOL~1\DELETEAMOKJUGS.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: Picture Package Menu.lnk = ?
O4 - Global Startup: Picture Package VCD Maker.lnk = ?
O4 - Global Startup: Utility Tray.lnk = C:\WINDOWS\system32\sistray.exe
O8 - Extra context menu item: Download all links using BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddAllLink.htm
O8 - Extra context menu item: Download link using &BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddLink.htm
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra button: Web Anti-Virus statistics - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\SCIEPlgn.dll
O9 - Extra button: Messager Wanadoo - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\PROGRA~1\MESSAG~1\Messager Wanadoo.exe
O9 - Extra 'Tools' menuitem: Messager Wanadoo - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\PROGRA~1\MESSAG~1\Messager Wanadoo.exe
O16 - DPF: {084DAC27-6FA3-4F55-9005-033F2F102F5C} (ITPPDiagIE Class) - http://data.jeuxclassiques.com/npwwg.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://by105fd.bay105.hotmail.msn.com/resources/MsnPUpl...
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Kaspersky Anti-Virus 7.0 (AVP) - Kaspersky Lab - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe
O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: SmartLinkService (SLService) - - C:\WINDOWS\SYSTEM32\slserv.exe
O23 - Service: Sony SCSI Helper Service - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\Fsk\SonySCSIHelperService.exe

--
End of file - 7080 bytes
1 Octobre 2007 22:45:49

ok

~Lance Hijackthis “Do a system scan only”.
Coche les lignes qui suivent si encore présentes et uniquement celles-là.

O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O4 - HKLM\..\Run: [Curb tool help dart] C:\Documents and Settings\All Users.WINDOWS\Application Data\Move Bore Curb Tool\skip ooze.exe
O4 - HKCU\..\Run: [PokeOwns] C:\DOCUME~1\julien\APPLIC~1\VCTOOL~1\DELETEAMOKJUGS.exe


Clique sur Fix checked (en bas à gauche)

Ouvre le dossier Lop S&D puis double-clique sur Scan.bat. Tape sur "S" puis valide en appuyant sur "Entrée".
[#ff0000]! Ne ferme pas la fenêtre lors de la suppression ! [/#f]
Un rapport sera généré, poste son contenu ici.

NOTE : Si ton Bureau ne réapparait pas, appuie simultanément sur Ctrl+Alt+Suppr pour ouvrir le Gestionnaire des tâches.
Rends-toi sur l'onglet "Processus". Clique en haut à gauche sur Fichier et choisis "Exécuter..."
Tape explorer.exe puis valide.

1 Octobre 2007 22:56:16


-------------------------------[ Lop S&D ]------------------------------

Version : Microsoft Windows XP [version 5.1.2600] [ OS : Windows_NT ]

Lancé depuis : "C:\Documents and Settings\julien\Bureau\Lop S&D"

Rapport crée : Le 01/10/2007 à 22:53:53,70 PC : GUILLOT-0B5D56F

! Faire analyser le rapport par un Helper avant intervention !

\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\ SUPPRESSION ///////////////////////////////

Supprimé - C:\WINDOWS\tasks\AEF1AD2993365F55.job
Supprimé - C:\WINDOWS\tasks\AppleSoftwareUpdate.job
Supprimé - C:\WINDOWS\tasks\Radiohead
Restauré - Fichier Hosts

\\\\\\\\\\\\\\\\\\\\\\\\\\\ DEUXIEME PASSAGE ///////////////////////////

Supprimé - C:\WINDOWS\tasks\Radiohead
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Copié ! - [HKLM\Software\Microsoft\Windows\CurrentVersion\Run]
Copié ! - [HKCU\Software\Microsoft\Windows\CurrentVersion\Run]

//////////////////////////////////////-\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\

---------------------[ Listing des Applications Data ]--------------------

C:\Documents and Settings\All Users\Application Data\Kaspersky Lab
C:\Documents and Settings\All Users\Application Data\WinAntiVirus Pro 2006
C:\Documents and Settings\All Users\Application Data\Symantec
C:\Documents and Settings\All Users\Application Data\Apple Computer
C:\Documents and Settings\All Users\Application Data\Messenger Plus!
C:\Documents and Settings\All Users\Application Data\Microsoft
C:\Documents and Settings\All Users\Application Data\Windows Genuine Advantage
C:\Documents and Settings\All Users\Application Data\Sony Corporation
C:\Documents and Settings\All Users\Application Data\QuickTime
C:\Documents and Settings\All Users\Application Data\desktop.ini
C:\Documents and Settings\All Users\Application Data\Ahead
C:\Documents and Settings\All Users\Application Data\Adobe
C:\Documents and Settings\All Users\Application Data\SBSI

C:\Documents and Settings\All Users.WINDOWS\Application Data\Kaspersky Lab
C:\Documents and Settings\All Users.WINDOWS\Application Data\LauncherAccess.dt
C:\Documents and Settings\All Users.WINDOWS\Application Data\Move Bore Curb Tool
C:\Documents and Settings\All Users.WINDOWS\Application Data\Apple
C:\Documents and Settings\All Users.WINDOWS\Application Data\QTSBandwidthCache
C:\Documents and Settings\All Users.WINDOWS\Application Data\Mozilla
C:\Documents and Settings\All Users.WINDOWS\Application Data\Adobe
C:\Documents and Settings\All Users.WINDOWS\Application Data\Windows Genuine Advantage
C:\Documents and Settings\All Users.WINDOWS\Application Data\Apple Computer
C:\Documents and Settings\All Users.WINDOWS\Application Data\Google
C:\Documents and Settings\All Users.WINDOWS\Application Data\Microsoft
C:\Documents and Settings\All Users.WINDOWS\Application Data\Sony Corporation
C:\Documents and Settings\All Users.WINDOWS\Application Data\desktop.ini

C:\Documents and Settings\Default User\Application Data\desktop.ini
C:\Documents and Settings\Default User\Application Data\Microsoft
C:\Documents and Settings\Default User\Application Data\Identities

C:\Documents and Settings\Default User.WINDOWS\Application Data\desktop.ini
C:\Documents and Settings\Default User.WINDOWS\Application Data\Microsoft

C:\Documents and Settings\julien\Application Data\Azureus
C:\Documents and Settings\julien\Application Data\Shareaza
C:\Documents and Settings\julien\Application Data\vctooltitle
C:\Documents and Settings\julien\Application Data\Move Networks
C:\Documents and Settings\julien\Application Data\Temporary
C:\Documents and Settings\julien\Application Data\Talkback
C:\Documents and Settings\julien\Application Data\Mozilla
C:\Documents and Settings\julien\Application Data\TransRender
C:\Documents and Settings\julien\Application Data\WinRAR
C:\Documents and Settings\julien\Application Data\Microsoft
C:\Documents and Settings\julien\Application Data\ViewerApp.dat
C:\Documents and Settings\julien\Application Data\ConvertTemp
C:\Documents and Settings\julien\Application Data\Samsung
C:\Documents and Settings\julien\Application Data\Vso
C:\Documents and Settings\julien\Application Data\AdobeUM
C:\Documents and Settings\julien\Application Data\dvdcss
C:\Documents and Settings\julien\Application Data\vlc
C:\Documents and Settings\julien\Application Data\CDRusersDB.v12
C:\Documents and Settings\julien\Application Data\Apple Computer
C:\Documents and Settings\julien\Application Data\InterVideo
C:\Documents and Settings\julien\Application Data\Datalayer
C:\Documents and Settings\julien\Application Data\Nokia
C:\Documents and Settings\julien\Application Data\DeepBurner
C:\Documents and Settings\julien\Application Data\Adobe
C:\Documents and Settings\julien\Application Data\Sun
C:\Documents and Settings\julien\Application Data\Google
C:\Documents and Settings\julien\Application Data\MSNInstaller
C:\Documents and Settings\julien\Application Data\Macromedia
C:\Documents and Settings\julien\Application Data\Help
C:\Documents and Settings\julien\Application Data\desktop.ini
C:\Documents and Settings\julien\Application Data\Identities

C:\Documents and Settings\julien guillot\Application Data\Azureus
C:\Documents and Settings\julien guillot\Application Data\Shareaza
C:\Documents and Settings\julien guillot\Application Data\vctooltitle
C:\Documents and Settings\julien guillot\Application Data\Move Networks
C:\Documents and Settings\julien guillot\Application Data\Temporary
C:\Documents and Settings\julien guillot\Application Data\Talkback
C:\Documents and Settings\julien guillot\Application Data\Mozilla
C:\Documents and Settings\julien guillot\Application Data\TransRender
C:\Documents and Settings\julien guillot\Application Data\WinRAR
C:\Documents and Settings\julien guillot\Application Data\Microsoft
C:\Documents and Settings\julien guillot\Application Data\ViewerApp.dat
C:\Documents and Settings\julien guillot\Application Data\ConvertTemp
C:\Documents and Settings\julien guillot\Application Data\Samsung
C:\Documents and Settings\julien guillot\Application Data\Vso
C:\Documents and Settings\julien guillot\Application Data\AdobeUM
C:\Documents and Settings\julien guillot\Application Data\dvdcss
C:\Documents and Settings\julien guillot\Application Data\vlc
C:\Documents and Settings\julien guillot\Application Data\CDRusersDB.v12
C:\Documents and Settings\julien guillot\Application Data\Apple Computer
C:\Documents and Settings\julien guillot\Application Data\InterVideo
C:\Documents and Settings\julien guillot\Application Data\Datalayer
C:\Documents and Settings\julien guillot\Application Data\Nokia
C:\Documents and Settings\julien guillot\Application Data\DeepBurner
C:\Documents and Settings\julien guillot\Application Data\Adobe
C:\Documents and Settings\julien guillot\Application Data\Sun
C:\Documents and Settings\julien guillot\Application Data\Google
C:\Documents and Settings\julien guillot\Application Data\MSNInstaller
C:\Documents and Settings\julien guillot\Application Data\Macromedia
C:\Documents and Settings\julien guillot\Application Data\Help
C:\Documents and Settings\julien guillot\Application Data\desktop.ini
C:\Documents and Settings\julien guillot\Application Data\Identities

C:\Documents and Settings\LocalService\Application Data\NetMon
C:\Documents and Settings\LocalService\Application Data\Microsoft

C:\Documents and Settings\LocalService.AUTORITE NT\Application Data\Microsoft

C:\Documents and Settings\NetworkService\Application Data\Symantec
C:\Documents and Settings\NetworkService\Application Data\Microsoft

C:\Documents and Settings\NetworkService.AUTORITE NT\Application Data\Microsoft

----------------[ Tâches planifiées dans C:\WINDOWS\tasks ]---------------

C:\WINDOWS\tasks\Radiohead - No Surprises.job
C:\WINDOWS\tasks\SA.DAT
C:\WINDOWS\tasks\desktop.ini

--------------[ Listing des dossiers dans C:\Program Files ]--------------

C:\Program Files\3ivx
C:\Program Files\AC3Filter
C:\Program Files\Adobe
C:\Program Files\Ahead
C:\Program Files\AMD
C:\Program Files\Astonsoft
C:\Program Files\Azureus
C:\Program Files\Common Files
C:\Program Files\delete.exe
C:\Program Files\DivX
C:\Program Files\ECI Telecom
C:\Program Files\Fichiers communs
C:\Program Files\Google
C:\Program Files\i tune
C:\Program Files\InterActual
C:\Program Files\Internet Explorer
C:\Program Files\InterVideo
C:\Program Files\Inventel
C:\Program Files\iPod
C:\Program Files\iTunes
C:\Program Files\Java
C:\Program Files\JavaSoft
C:\Program Files\Kaspersky Lab
C:\Program Files\Messager Wanadoo
C:\Program Files\Messenger
C:\Program Files\microsoft frontpage
C:\Program Files\Microsoft IntelliPoint
C:\Program Files\Microsoft IntelliPoint 5.5
C:\Program Files\Microsoft Office
C:\Program Files\Microsoft Visual Studio
C:\Program Files\Microsoft Works
C:\Program Files\Microsoft.NET
C:\Program Files\Movie Maker
C:\Program Files\Mozilla Firefox
C:\Program Files\MSN
C:\Program Files\MSN Gaming Zone
C:\Program Files\MSN Messenger
C:\Program Files\MUSK Codec Pack v5
C:\Program Files\NetMeeting
C:\Program Files\On2 Technologies
C:\Program Files\Outlook Express
C:\Program Files\PIXELA
C:\Program Files\QuickTime
C:\Program Files\QuickTime Alternative
C:\Program Files\QuickTimeInstaller.exe
C:\Program Files\Raccourcis de programmes
C:\Program Files\Samsung
C:\Program Files\SetAttrib.exe
C:\Program Files\SiS VGA Utilities V3.66
C:\Program Files\sisagp
C:\Program Files\SiSLan
C:\Program Files\Sony Corporation
C:\Program Files\Synaptics
C:\Program Files\Trend Micro
C:\Program Files\vctooltitle
C:\Program Files\VIAudioi
C:\Program Files\VideoLAN
C:\Program Files\VSO
C:\Program Files\vso_image_resizer_setup.exe
C:\Program Files\Wanadoo
C:\Program Files\win rar.exe
C:\Program Files\Winamp
C:\Program Files\winamp524_full.exe
C:\Program Files\Windows Media Connect 2
C:\Program Files\Windows Media Player
C:\Program Files\Windows NT
C:\Program Files\WinRAR
C:\Program Files\winrar.exe
C:\Program Files\xerox
C:\Program Files\XviD
C:\Program Files\Yahoo!

------[ Listing des dossiers dans C:\Program Files\Fichiers communs ]-----

C:\Program Files\Fichiers communs\{EC55E02F-031E-1036-0615-050202050021}
C:\Program Files\Fichiers communs\Adobe
C:\Program Files\Fichiers communs\Ahead
C:\Program Files\Fichiers communs\Apple
C:\Program Files\Fichiers communs\DESIGNER
C:\Program Files\Fichiers communs\InstallShield
C:\Program Files\Fichiers communs\Java
C:\Program Files\Fichiers communs\Microsoft Shared
C:\Program Files\Fichiers communs\MSSoap
C:\Program Files\Fichiers communs\muvee Technologies
C:\Program Files\Fichiers communs\ODBC
C:\Program Files\Fichiers communs\Services
C:\Program Files\Fichiers communs\Sony Shared
C:\Program Files\Fichiers communs\SpeechEngines
C:\Program Files\Fichiers communs\Symantec Shared
C:\Program Files\Fichiers communs\System

----------------------[ Recherche dans le Registre ]----------------------

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run]


[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run]


-----------------[ Recherche de Fichiers - Dossiers Lop ]-----------------

C:\WINDOWS\tasks\Radiohead

--------------------[ Vérification du fichier Hosts ]---------------------

Fichier Hosts : Propre

--------------------[ Recherche d'autres infections ]---------------------


--------------------[ Fin du rapport à 22:54:37,68 ]----------------------
1 Octobre 2007 23:03:02

~Télécharge OTMoveIt (d'OldTimer). Sauvegarde-le sur ton Bureau.


~Sélectionne TOUS les emplacements suivants :


C:\Documents and settings\All Users.WINDOWS\Application Data\Move Bore Curb Tool
C:\Documents and settings\julien\Application Data\VCTOOL~1
C:\Program Files\VCTOOL~1
C:\WINDOWS\tasks\Radiohead


---> Clique-droit puis Copier (ou Ctrl+C)
~Double-clique sur OTMoveIt.exe afin de le lancer.
fais un Clique-droit sur le cadre de gauche puis choisis Coller. (ou Ctrl+V).
~Clique maintenant sur [#ff0000]MoveIt![/#f]

!! Si un fichier ou dossier ne peut être supprimé immédiatement, le logiciel te demandera de redémarrer. Accepte en cliquant sur YES

~Poste le rapport situé dans ce dossier : C:\_OTMoveIt\MovedFiles\
Le nom du rapport est la date de sa création.
2 Octobre 2007 12:34:07

bonjour

quand tu auras fait ça, je te mets la suite:
Séléctionne l'encadré ci dessous en entier , puis clique droit , choisis Copier

Citation :
MOVE "C:\Documents and Settings\julien\Bureau\Lop S&D\BackupLop\AppleSoftwareUpdate.job" "C:\WINDOWS\tasks"
exit

Puis , menu Démarrer / Executer , tape cmd et valide par OK

fais un clique droit dans la fenêtre noire et choisis Coller
Tom's guide dans le monde
  • Allemagne
  • Italie
  • Irlande
  • Royaume Uni
  • Etats Unis
Suivre Tom's Guide
Inscrivez-vous à la Newsletter
  • ajouter à twitter
  • ajouter à facebook
  • ajouter un flux RSS