Des fenetres intempestives....Help !!

Des fenetres intempestives....Help !! - Virus/Spywares - Windows & Software

Marsh Posté le 16-01-2009 à 20:19:03    

Bonjour,  
 
Voila...j'ai des fenetres internet intempestives qui s'ouvrent....  
 
Hijackthis me dit ceci, et j'aimerai savoir ce qui cloche....  
 
Merci a tous !!!!  
 
 
 
Logfile of Trend Micro HijackThis v2.0.2  
Scan saved at 20:36:18, on 15/01/2009  
Platform: Windows XP SP3 (WinNT 5.01.2600)  
MSIE: Internet Explorer v7.00 (7.00.6000.16762)  
Boot mode: Normal  
 
Running processes:  
C:\WINDOWS\System32\smss.exe  
C:\WINDOWS\system32\winlogon.exe  
C:\WINDOWS\system32\services.exe  
C:\WINDOWS\system32\lsass.exe  
C:\WINDOWS\system32\svchost.exe  
C:\WINDOWS\System32\svchost.exe  
C:\WINDOWS\system32\ZoneLabs\vsmon.exe  
C:\WINDOWS\Explorer.EXE  
C:\WINDOWS\system32\spoolsv.exe  
C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe  
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe  
C:\Program Files\AVG Anti-Spyware 7.5\guard.exe  
C:\Program Files\CDBurnerXP\NMSAccessU.exe  
C:\WINDOWS\system32\nvsvc32.exe  
C:\WINDOWS\system32\PnkBstrA.exe  
C:\WINDOWS\system32\PnkBstrB.exe  
C:\WINDOWS\system32\svchost.exe  
C:\WINDOWS\system32\RUNDLL32.EXE  
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe  
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe  
C:\WINDOWS\RTHDCPL.EXE  
C:\Program Files\DAEMON Tools\daemon.exe  
C:\Program Files\ASUS\SmartDoctor\SmartDoctor.exe  
C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe  
C:\WINDOWS\system32\ctfmon.exe  
C:\Program Files\Messenger\msmsgs.exe  
C:\Program Files\Windows Live\Messenger\usnsvc.exe  
C:\WINDOWS\system32\taskmgr.exe  
C:\Program Files\Internet Explorer\iexplore.exe  
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe  
 
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/ig?hl=fr&source=iglk  
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157  
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896  
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896  
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157  
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens  
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - D:\Program Files\Acrobat reader\ActiveX\AcroIEHelper.dll  
O2 - BHO: BitComet ClickCapture - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - C:\Program Files\BitComet\tools\BitCometBHO_1.2.2.28.dll  
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)  
O2 - BHO: BHO Barre de Confiance - {988B07F5-7392-455A-8A1F-64935CB8B6ED} - C:\Program Files\BarreConfCMCIC\TAPBar.dll  
O3 - Toolbar: Barre de confiance - {55BDF3B0-C0A8-481A-B8A6-01CD2BE0F3FD} - C:\Program Files\BarreConfCMCIC\TAPBar.dll  
O4 - HKLM\..\Run: [JMB36X IDE Setup] C:\WINDOWS\RaidTool\xInsIDE.exe  
O4 - HKLM\..\Run: [36X Raid Configurer] C:\WINDOWS\system32\xRaidSetup.exe boot  
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup  
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install  
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit  
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min  
O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"  
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE  
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE  
O4 - HKLM\..\Run: [DAEMON Tools] "C:\Program Files\DAEMON Tools\daemon.exe" -lang 1033  
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime  
O4 - HKCU\..\Run: [ASUS SmartDoctor] C:\Program Files\ASUS\SmartDoctor\SmartDoctor.exe  /start  
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background  
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe  
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background  
O4 - HKCU\..\Run: [gyeocwu] "c:\documents and settings\anneval00\local settings\application data\gyeocwu.exe" gyeocwu  
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')  
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')  
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')  
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')  
O4 - Global Startup: Adobe Reader Speed Launch.lnk = D:\Program Files\Acrobat reader\Reader\reader_sl.exe  
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000  
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll  
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll  
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL  
O9 - Extra button: BitComet - {D18A0B52-D63C-4ed0-AFC6-C1E3DC1AF43A} - res://C:\Program Files\BitComet\tools\BitCometBHO_1.2.2.28.dll/206 (file missing)  
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe  
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe  
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe  
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe  
O16 - DPF: {5D637FAD-E202-48D1-8F18-5B9C459BD1E3} (Image Uploader Control) - http://copainsdavant.linternaute.c [...] oader5.cab  
O16 - DPF: {88764F69-3831-4EC1-B40B-FF21D8381345} (AdVerifierADPCtrl Class) - https://static.impots.gouv.fr/tdir/ [...] DP-1.1.cab  
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/ [...] wflash.cab  
O17 - HKLM\System\CCS\Services\Tcpip\..\{95DBE08F-BE75-4846-BC72-0D91386278D9}: NameServer = 212.27.53.252,212.27.54.252  
O23 - Service: Avira AntiVir Personal – Free Antivirus Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe  
O23 - Service: Avira AntiVir Personal – Free Antivirus Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe  
O23 - Service: Application Driver Auto Removal Service (01) (appdrvrem01) - Protection Technology - C:\WINDOWS\System32\appdrvrem01.exe  
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\AVG Anti-Spyware 7.5\guard.exe  
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe  
O23 - Service: NMSAccessU - Unknown owner - C:\Program Files\CDBurnerXP\NMSAccessU.exe  
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe  
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe  
O23 - Service: PnkBstrB - Unknown owner - C:\WINDOWS\system32\PnkBstrB.exe  
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe  
 
--  
End of file - 7451 bytes

Reply

Marsh Posté le 16-01-2009 à 20:19:03   

Reply

Marsh Posté le 17-01-2009 à 09:51:39    

Personne pour m'aider ??? ;)

Reply

Marsh Posté le 18-01-2009 à 12:38:53    

Bahhhhhh Tjs personne pour m'aider ????? :(

Reply

Marsh Posté le 18-01-2009 à 12:41:25    

Pas de logs HiJackThis sur ce forum.
Voir règlement.
---
Analyse ici :
>> http://hijackthis.de/fr


---------------
Décentralisons Internet-Bépo-Troll Bingo - "Pour adoucir le mélange, pressez trois quartiers d’orange !"
Reply

Sujets relatifs:

Leave a Replay

Make sure you enter the(*)required information where indicate.HTML code is not allowed