laptitelys Posté(e) 12 avril 2008 Share Posté(e) 12 avril 2008 Bonjour, J'ai depuis quelques temps des pages publicitaires qui s'affichent lorsque j'ouvre une page Internet. Utilisant Internet explorer j'ai téléchargé moxilla firefox croyant que cela resoudrait mon problème. Persistant toujours j'ai cherché sur ce forum une réponse a mon problème et conseillait de passer en mode sans échec en aillant préalablement activer l'affichage des dossiers cachés. Je suis donc passé en mode sans échec apres cela et j'ai lancé un scan avec mon antivirus qui est avast, avec Spybot et Adware. J'ai supprimé ce qu'ils ont trouvé c'est a dire des cookies principalement et pas de virus. Puis j'ai éteins mon ordi et repassé en mode normal. J'ai alors scanné ac Ccleaner et Cleanup ce qui a supprimé normalement les fichier indésirables et dangereux. Mais je doute de l'efficacité de ces logiciel car a chaque scan ils retrouvent les même problèmes. Bref ceci n'est pas mon problème majeur puisque apres cela les fenêtre de pub s'affichent toujours. Je ne suis pas tres callée en informatique et je ne sais plus quoi faire. Je me suis laissée entendre que la solution pourrait être un formatage mais cela ne m'enchante guère car comme je l'ai dit plus haut je ne connait pas grand chose en informatique. Si quelqu'un a rencontré le même problème, je serais ravie qu'il me fasse part de la solution si possible avec les manoeuvre a faire en détail. Merci d'avance car c'est très embetant et j'ai peur pour la santé de mon ordinateur. Pour info, j'ai un ordinateur portable avec Windows vista. Configuration: Windows Vista Firefox 2.0 Citer Lien vers le commentaire Partager sur d’autres sites More sharing options...
Axtrane Posté(e) 12 avril 2008 Share Posté(e) 12 avril 2008 J'ai rencontré le problème mais pas encore trouvé comment le résoudre (pas sur les miens :D), surtout quand ca se produit a la fois sur Firefox et sur IE, d'autant que tu as déjà bien procédé concernant les logiciels de nettoyage. Commence par vider tes fichiers "temporary internet" (on sait jamais). Maintenant sous Vista je sais pas ce que ca donne, que dit Windows Defender ? (faudrait ptetre qu'il serve celui la). Ccleaner en général ca marche pas trop mal, Cleanup je connais pas. Peut être un petit scan avec Hijack this en nous collant le rapport ici ? Citer Lien vers le commentaire Partager sur d’autres sites More sharing options...
laptitelys Posté(e) 12 avril 2008 Auteur Share Posté(e) 12 avril 2008 Voici le rapport maint mis il y a aussi extra Deckard's System Scanner v20071014.68 Run by Charlene on 2008-04-12 18:26:35 Computer is in Normal Mode. -------------------------------------------------------------------------------- -- Last 5 Restore Point(s) -- 6: 2008-04-12 12:46:29 UTC - RP208 - Point de contrôle planifié 5: 2008-04-11 18:01:39 UTC - RP207 - Windows Update 4: 2008-04-10 21:45:10 UTC - RP206 - Opération de restauration 3: 2008-04-10 21:20:33 UTC - RP205 - Opération de restauration 2: 2008-04-10 21:10:21 UTC - RP204 - Opération de restauration -- First Restore Point -- 1: 2008-04-10 18:01:23 UTC - RP203 - Windows Update Backed up registry hives. Performed disk cleanup. Total Physical Memory: 1023 MiB (1024 MiB recommended). -- HijackThis (run as Charlene.exe) -------------------------------------------- Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 18:28:04, on 12/04/2008 Platform: Windows Vista (WinNT 6.00.1904) MSIE: Internet Explorer v7.00 (7.00.6000.16643) Boot mode: Normal Running processes: C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Windows\system32\taskeng.exe C:\Program Files\Windows Defender\MSASCui.exe C:\Windows\System32\rundll32.exe C:\Windows\System32\rundll32.exe C:\Windows\RtHDVCpl.exe C:\Program Files\System Control Manager\MGSysCtrl.exe C:\Program Files\Alwil Software\Avast4\ashDisp.exe C:\Program Files\Synaptics\SynTP\SynTPEnh.exe C:\Program Files\Windows Sidebar\sidebar.exe C:\Program Files\Windows Live\Messenger\msnmsgr.exe C:\Windows\ehome\ehtray.exe C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe C:\Program Files\Windows Media Player\wmpnscfg.exe C:\Users\Charlene\AppData\Local\ewpaktv.exe C:\Program Files\OpenOffice.org 2.4\program\soffice.exe C:\Windows\ehome\ehmsas.exe C:\Program Files\OpenOffice.org 2.4\program\soffice.BIN C:\Windows\system32\taskeng.exe C:\Users\Charlene\Desktop\dss.exe C:\Windows\system32\conime.exe C:\Windows\system32\SearchFilterHost.exe C:\PROGRA~1\TRENDM~1\HIJACK~1\Charlene.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.cegetel.net/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.msi.com.tw R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = O1 - Hosts: ::1 localhost O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_04\bin\ssv.dll O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file) O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide O4 - HKLM\..\Run: [NvSvc] RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe O4 - HKLM\..\Run: [MGSysCtrl] C:\Program Files\System Control Manager\MGSysCtrl.exe O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe O4 - HKLM\..\Run: [synTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_04\bin\jusched.exe" O4 - HKLM\..\Run: [NeroCheck] C:\Windows\system32\NeroCheck.exe O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" O4 - HKCU\..\Run: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe O4 - HKCU\..\Run: [spybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe O4 - HKCU\..\Run: [ewpaktv] c:\users\charlene\appdata\local\ewpaktv.exe ewpaktv O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU') O4 - Startup: OpenOffice.org 2.4.lnk = C:\Program Files\OpenOffice.org 2.4\program\quickstart.exe O4 - Global Startup: E_SPSU01.lnk = C:\Windows\System32\spool\drivers\w32x86\3\E_SPSU01.EXE O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_04\bin\ssv.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_04\bin\ssv.dll O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O13 - Gopher Prefix: O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} (QuickTime Object) - http://appldnld.apple.com.edgesuite.net/co...ex/qtplugin.cab O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shoc...ash/swflash.cab O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe O23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) - Agere Systems - C:\Windows\system32\agrsmsvc.exe O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe O23 - Service: SCM Driver Daemon (NishService) - Unknown owner - C:\Program Files\System Control Manager\edd.exe O23 - Service: O2Micro Flash Memory Card Service (o2flash) - O2Micro International - C:\Program Files\O2Micro\o2flash.exe O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe -- End of file - 6750 bytes -- File Associations ----------------------------------------------------------- All associations okay. -- Drivers: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled --------------------- R3 MGHwCtrl - \??\c:\windows\system32\drivers\mghwctrl.sys S1 Tosrfcom (Bluetooth RFCOMM from TOSHIBA) - c:\windows\system32\drivers\tosrfcom.sys <Not Verified; TOSHIBA Corporation; Bluetooth RFCOMM Driver> S3 toshidpt (TOSHIBA Bluetooth HID port driver) - c:\windows\system32\drivers\toshidpt.sys <Not Verified; TOSHIBA Corporation.; TOSHIBA Bluetooth HID Mini Port Driver> S3 tosporte (Bluetooth Port Driver from Toshiba) - c:\windows\system32\drivers\tosporte.sys <Not Verified; TOSHIBA Corporation; TOSHIBA Bluetooth Port Emulation Driver> S3 Tosrfbd (Bluetooth RFBUS from TOSHIBA) - c:\windows\system32\drivers\tosrfbd.sys <Not Verified; TOSHIBA CORPORATION; Bluetooth BUS Driver(WindowsXP,Windows2000)> S3 Tosrfhid (Bluetooth RFHID from TOSHIBA) - c:\windows\system32\drivers\tosrfhid.sys <Not Verified; TOSHIBA Corporation.; Bluetooth HID Driver from TOSHIBA> S3 TosRfSnd (Bluetooth Audio Device (WDM) from TOSHIBA) - c:\windows\system32\drivers\tosrfsnd.sys <Not Verified; TOSHIBA Corporation; Bluetooth Audio Driver> S3 Tosrfusb (Bluetooth USB Controller) - c:\windows\system32\drivers\tosrfusb.sys <Not Verified; TOSHIBA CORPORATION; Bluetooth USB Miniport Driver(Windows2000,WindowsXP)> -- Services: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled -------------------- R2 NishService (SCM Driver Daemon) - c:\program files\system control manager\edd.exe R2 o2flash (O2Micro Flash Memory Card Service) - "c:\program files\o2micro\o2flash.exe" <Not Verified; O2Micro International; O2 MS1/MP1 Service> R2 RichVideo (Cyberlink RichVideo Service(CRVS)) - "c:\program files\cyberlink\shared files\richvideo.exe" <Not Verified; ; RichVideo Module> S3 WLSetupSvc (Windows Live Setup Service) - "c:\program files\windows live\installer\wlsetupsvc.exe" <Not Verified; Microsoft Corporation; Windows Live installer> -- Device Manager: Disabled ---------------------------------------------------- No disabled devices found. -- Scheduled Tasks ------------------------------------------------------------- 2008-04-12 14:33:29 424 --ah----- C:\Windows\Tasks\User_Feed_Synchronization-{4DFE8B6E-14CB-43F2-8912-2DE4F615F3A7}.job 2008-04-10 00:25:13 246 --a------ C:\Windows\Tasks\Spybot - Search & Destroy - Scheduled Task.job 2008-04-08 18:00:00 412 --a------ C:\Windows\Tasks\Pareto UNS.job -- Files created between 2008-03-12 and 2008-04-12 ----------------------------- 2008-04-12 18:27:47 0 d-------- C:\Program Files\Trend Micro 2008-04-12 17:26:11 0 d-------- C:\Program Files\Panda Security 2008-04-09 13:42:02 0 d-------- C:\Program Files\Lavasoft 2008-04-09 13:42:00 0 d-------- C:\Users\All Users\Lavasoft 2008-04-09 13:41:18 0 d-------- C:\Users\All Users\Spybot - Search & Destroy 2008-04-09 13:40:46 0 d-------- C:\Program Files\Common Files\Wise Installation Wizard 2008-04-09 11:58:40 0 d-------- C:\Users\All Users\Google 2008-04-08 22:07:57 0 --a------ C:\Windows\nsreg.dat 2008-04-08 13:24:59 0 d-------- C:\Users\All Users\ParetoLogic Anti-Spyware 2008-04-07 20:02:03 0 d-------- C:\Program Files\CCleaner 2008-04-07 13:31:15 0 d-------- C:\Program Files\OpenOffice.org 2.4 -- Find3M Report --------------------------------------------------------------- 2008-04-12 11:31:26 0 d-------- C:\Users\Charlene\AppData\Roaming\OpenOffice.org2 2008-04-12 11:30:31 13166 --a------ C:\Users\Charlene\AppData\Roaming\nvModes.001 2008-04-12 00:08:20 12 --a------ C:\Windows\bthservsdp.dat 2008-04-11 20:41:59 0 d-------- C:\Users\Charlene\AppData\Roaming\LimeWire 2008-04-11 14:27:16 15082 --a------ C:\Windows\system32\perfh00C.dat 2008-04-11 14:27:16 5084 --a------ C:\Windows\system32\perfc00C.dat 2008-04-10 23:48:28 0 d-------- C:\Program Files\Common Files 2008-04-09 12:58:59 0 d-------- C:\Program Files\Windows Mail 2008-04-08 22:08:29 0 d-------- C:\Users\Charlene\AppData\Roaming\Talkback 2008-04-08 22:07:37 0 d-------- C:\Users\Charlene\AppData\Roaming\Mozilla 2008-04-08 17:55:59 13166 --a------ C:\Users\Charlene\AppData\Roaming\nvModes.dat 2008-04-08 13:40:47 0 d-------- C:\Program Files\WinRAR 3.61 Multi 2008-04-08 13:40:47 0 d-------- C:\Program Files\Windows Sidebar 2008-04-08 13:40:47 0 d-------- C:\Program Files\Windows Photo Gallery 2008-04-08 13:40:47 0 d-------- C:\Program Files\Windows Live Safety Center 2008-04-08 13:40:47 0 d-------- C:\Program Files\Windows Journal 2008-04-08 13:40:47 0 d-------- C:\Program Files\Windows Defender 2008-04-08 13:40:47 0 d-------- C:\Program Files\Windows Collaboration 2008-04-08 13:40:47 0 d-------- C:\Program Files\Windows Calendar 2008-04-08 13:40:47 0 d-------- C:\Program Files\System Control Manager 2008-04-08 13:40:47 0 d-------- C:\Program Files\QuickTime 2008-04-08 13:40:47 0 d-------- C:\Program Files\O2Micro 2008-04-08 13:40:47 0 d-------- C:\Program Files\Movie Maker 2008-04-08 13:40:47 0 d-------- C:\Program Files\LimeWire 2008-04-07 13:30:57 0 d-------- C:\Program Files\OpenOffice.org 2.3 2008-04-07 13:26:40 0 d-------- C:\Program Files\Java 2008-02-27 23:34:49 0 d-------- C:\Program Files\Windows Live 2008-02-19 13:17:35 0 d-------- C:\Program Files\Common Files\Adobe 2008-02-01 12:17:40 587264 --a------ C:\Windows\WLXPGSS.SCR <Not Verified; Microsoft Corporation; Galerie de photos Windows Live> -- Registry Dump --------------------------------------------------------------- *Note* empty entries & legit default entries are not shown [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Windows Defender"="C:\Program Files\Windows Defender\MSASCui.exe" [04/06/2007 09:23] "NvSvc"="C:\Windows\system32\nvsvc.dll" [28/04/2007 13:05] "NvCplDaemon"="C:\Windows\system32\NvCpl.dll" [28/04/2007 13:05] "NvMediaCenter"="C:\Windows\system32\NvMcTray.dll" [28/04/2007 13:05] "RtHDVCpl"="RtHDVCpl.exe" [10/04/2007 10:01 C:\Windows\RtHDVCpl.exe] "MGSysCtrl"="C:\Program Files\System Control Manager\MGSysCtrl.exe" [19/04/2007 14:24] "avast!"="C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe" [06/09/2007 13:06] "SynTPEnh"="C:\Program Files\Synaptics\SynTP\SynTPEnh.exe" [13/05/2006 18:36] "SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_04\bin\jusched.exe" [14/12/2007 03:42] "NeroCheck"="C:\Windows\system32\NeroCheck.exe" [09/07/2001 03:50] "Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [11/01/2008 23:16] [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="C:\Program Files\Windows Sidebar\sidebar.exe" [09/01/2008 16:08] "MsnMsgr"="C:\Program Files\Windows Live\Messenger\MsnMsgr.exe" [18/10/2007 12:34] "ehTray.exe"="C:\Windows\ehome\ehTray.exe" [02/11/2006 14:35] "SpybotSD TeaTimer"="C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe" [28/01/2008 11:43] "ewpaktv"="c:\users\charlene\appdata\local\ewpaktv.exe" [11/04/2008 11:32] "WMPNSCFG"="C:\Program Files\Windows Media Player\WMPNSCFG.exe" [02/11/2006 14:36] C:\Users\Charlene\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ OpenOffice.org 2.4.lnk - C:\Program Files\OpenOffice.org 2.4\program\quickstart.exe [21/01/2008 15:41:28] C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\ E_SPSU01.lnk - C:\Windows\System32\spool\drivers\w32x86\3\E_SPSU01.EXE [10/02/2008 18:32:51] [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "ConsentPromptBehaviorAdmin"=2 (0x2) [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\aawservice] @="Service" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AppInfo] @="Service" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\KeyIso] @="Service" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\NTDS] @="Service" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ProfSvc] @="Service" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sacsvr] @="Service" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SWPRV] @="Service" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TabletInputService] @="Service" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TBS] @="Service" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TrustedInstaller] @="Service" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\VDS] @="Service" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\volmgr.sys] @="Driver" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\volmgrx.sys] @="Driver" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{533C5B84-EC70-11D2-9505-00C04F79DEAF}] @="Volume shadow copy" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{6BDD1FC1-810F-11D0-BEC7-08002BE2092F}] @="IEEE 1394 Bus host controllers" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{D48179BE-EC20-11D1-B6B8-00C04FA372A7}] @="SBP2 IEEE 1394 Devices" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{D94EE5D8-D189-4994-83D2-F68D7D41B0E6}] @="SecurityDevices" [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost] LocalSystemNetworkRestricted hidserv UxSms WdiSystemHost Netman trkwks AudioEndpointBuilder WUDFSvc irmon sysmain IPBusEnum dot3svc PcaSvc EMDMgmt TabletInputService wlansvc WPDBusEnum bthsvcs BthServ [HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\>{22d6f312-b0f6-11d0-94ab-0080c74c7e95}] C:\Windows\system32\unregmp2.exe /ShowWMP [HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{6BF52A52-394A-11d3-B153-00C04F79FAA6}] %SystemRoot%\system32\unregmp2.exe /FirstLogon /Shortcuts /RegBrowsers /ResetMUI -- Hosts ----------------------------------------------------------------------- 127.0.0.1 www.007guard.com 127.0.0.1 007guard.com 127.0.0.1 008i.com 127.0.0.1 www.008k.com 127.0.0.1 008k.com 127.0.0.1 www.00hq.com 127.0.0.1 00hq.com 127.0.0.1 010402.com 127.0.0.1 www.032439.com 127.0.0.1 032439.com 8120 more entries in hosts file. -- End of Deckard's System Scanner: finished at 2008-04-12 18:29:17 ------------ Citer Lien vers le commentaire Partager sur d’autres sites More sharing options...
Axtrane Posté(e) 12 avril 2008 Share Posté(e) 12 avril 2008 Dans la mesure ou c'est vista, je ne connais pas tous les processus, en rouge ce qu'il faut supprimer, en orange ce que je ne connais pas mais que je trouve louche. Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 18:28:04, on 12/04/2008 Platform: Windows Vista (WinNT 6.00.1904) MSIE: Internet Explorer v7.00 (7.00.6000.16643) Boot mode: Normal Running processes: C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Windows\system32\taskeng.exe C:\Program Files\Windows Defender\MSASCui.exe C:\Windows\System32\rundll32.exe C:\Windows\System32\rundll32.exe C:\Windows\RtHDVCpl.exe C:\Program Files\System Control Manager\MGSysCtrl.exe C:\Program Files\Alwil Software\Avast4\ashDisp.exe C:\Program Files\Synaptics\SynTP\SynTPEnh.exe C:\Program Files\Windows Sidebar\sidebar.exe C:\Program Files\Windows Live\Messenger\msnmsgr.exe C:\Windows\ehome\ehtray.exe C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe C:\Program Files\Windows Media Player\wmpnscfg.exe C:\Users\Charlene\AppData\Local\ewpaktv.exe <-- a verifier, mais très douteux C:\Program Files\OpenOffice.org 2.4\program\soffice.exe C:\Windows\ehome\ehmsas.exe C:\Program Files\OpenOffice.org 2.4\program\soffice.BIN C:\Windows\system32\taskeng.exe C:\Users\Charlene\Desktop\dss.exe <-- sur le bureau ?? C:\Windows\system32\conime.exe <-- si tu n'as pas le langage asiatique installé, c'est douteux. C:\Windows\system32\SearchFilterHost.exe C:\PROGRA~1\TRENDM~1\HIJACK~1\Charlene.exe <-- si tu sais ce que c'est tant mieux, sinon c'est déjà supprimé par ton antivirus mais pas éliminé pour de bon. R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.cegetel.net/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.msi.com.tw R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = O1 - Hosts: ::1 localhost O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_04\bin\ssv.dll O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file) O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide O4 - HKLM\..\Run: [NvSvc] RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe O4 - HKLM\..\Run: [MGSysCtrl] C:\Program Files\System Control Manager\MGSysCtrl.exe O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe O4 - HKLM\..\Run: [synTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_04\bin\jusched.exe" O4 - HKLM\..\Run: [NeroCheck] C:\Windows\system32\NeroCheck.exe O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" O4 - HKCU\..\Run: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe O4 - HKCU\..\Run: [spybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe O4 - HKCU\..\Run: [ewpaktv] c:\users\charlene\appdata\local\ewpaktv.exe ewpaktv O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU') O4 - Startup: OpenOffice.org 2.4.lnk = C:\Program Files\OpenOffice.org 2.4\program\quickstart.exe O4 - Global Startup: E_SPSU01.lnk = C:\Windows\System32\spool\drivers\w32x86\3\E_SPSU01.EXE O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_04\bin\ssv.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_04\bin\ssv.dll O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O13 - Gopher Prefix: O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} (QuickTime Object) - http://appldnld.apple.com.edgesuite.net/co...ex/qtplugin.cab O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shoc...ash/swflash.cab O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe O23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) - Agere Systems - C:\Windows\system32\agrsmsvc.exe O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe O23 - Service: SCM Driver Daemon (NishService) - Unknown owner - C:\Program Files\System Control Manager\edd.exe O23 - Service: O2Micro Flash Memory Card Service (o2flash) - O2Micro International - C:\Program Files\O2Micro\o2flash.exe O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe Pas mieux dans l'immédiat, je me méfie des trucs qui se lancent sous Vista, quand je sais pas ...... Citer Lien vers le commentaire Partager sur d’autres sites More sharing options...
Messages recommandés
Rejoindre la conversation
Vous pouvez publier maintenant et vous inscrire plus tard. Si vous avez un compte, connectez-vous maintenant pour publier avec votre compte.