S'abonner :  Newsletters    Magazines
Avis sur les produits Avis sur les logiciels Avis sur les jeux Actualités A propos de 01net
376 utilisateurs connectés
Forum de 01net / Sécurité / IE affiche message quand je suis sous firefox RESOLU

IE affiche message quand je suis sous firefox RESOLU

kernevez le 15 juillet 2009 à 14h39
Depuis un certain temps, quand je suis sous firefox (dernière version) des pages d'IE s'ouvrent en arrière-plan et affichent "Ce programme ne peut afficher la page Web". Firefox fonctionne bien, mais les pages IE s'accumulent au fur et à mesure de ma recherche.
Quelqu'un a une idée de la façon d'éviter ça ?
Merci d'avance !
-->Message édité par kernevez le 02/10/2009 20:04:30<--
répondre
S.Roque le 15 juillet 2009 à 15h38
[:GoLiaT:4]

ça sent l'infection ton affaire [:guix:1]

demandes à ce que ton sujet soit transferer dans la catégorie sécurité du forum :super:

-------
Je te vois![:-Personne-:2]
Venez participer au concours PCInfo-web.com ! :super:
répondre
totoftotof le 15 juillet 2009 à 15h41
kernevez, Bonjour :hurle:

je déplace dans la catégorie Sécurité
répondre
bzhatao le 15 juillet 2009 à 21h12
:hello: kernevez

Pour voir cela:
Télécharges RSIT (de random/random) sur le bureau :

- Double clique sur RSIT.exe qui est sur le bureau
- Clique sur Continue dans la fenêtre
- RSIT téléchargera HijackThis si il n’est pas présent où détecté, alors il faudra accepter la licence
- Poste le contenu de log.txt plus info.txt (réduit ds la barre de taches) à la fin de l’analyse .

Les rapports sont dans le dossier ici C:\rsit
a+







répondre
kernevez le 16 juillet 2009 à 10h17
Merci bzhatao. J'ai le log, je le poste comment ?
répondre
totoftotof le 16 juillet 2009 à 13h08
vous le postez directement dans un message
répondre
bzhatao le 16 juillet 2009 à 19h25
:hello: kernevez

Tu postes ton rapport (copies/colles) ds le cadre "REPONSE" situé sous ce message ....

a+
répondre
kernevez le 16 juillet 2009 à 23h52
Logfile of random's system information tool 1.06 (written by random/random)
Run by LE DU at 2009-07-16 10:03:02
Microsoft® Windows Vista™ Édition Familiale Premium Service Pack 1
System drive C: has 154 GB (67%) free of 231 GB
Total RAM: 2046 MB (44% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 10:03:54, on 16/07/2009
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskeng.exe
C:\Windows\Explorer.EXE
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\WINDOWS\RtHDVCpl.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
C:\Program Files\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe
C:\Program Files\AVG\AVG8\avgtray.exe
C:\WINDOWS\System32\rundll32.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Users\LE DU\Desktop\utilitaires\PureText.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Users\LE DU\AppData\Local\wooqm.exe
C:\WINDOWS\ehome\ehtray.exe
C:\Windows\ehome\ehmsas.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\MozyHome\mozystat.exe
C:\Program Files\Palm\Hotsync.exe
C:\Program Files\FSL\SuperFinder\SuperFinder.exe
C:\Program Files\WordWeb\wweb32.exe
C:\WINDOWS\System32\rundll32.exe
C:\Program Files\OrangeHSS\Launcher\Launcher.exe
C:\PROGRA~1\COMMON~1\France Telecom\Shared Modules\AlertModule\0\AlertModule.exe
C:\Program Files\OrangeHSS\systray\systrayapp.exe
C:\Program Files\OrangeHSS\connectivity\connectivitymanager.exe
C:\Program Files\OrangeHSS\connectivity\CoreCom\CoreCom.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe
C:\Program Files\OrangeHSS\connectivity\CoreCom\OraConfigRecover.exe
C:\PROGRA~1\COMMON~1\France Telecom\Shared Modules\FTCOMModule\0\FTCOMModule.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Windows\system32\rundll32.exe
C:\Program Files\Microsoft Office\Office12\WINWORD.EXE
C:\Program Files\AVG\AVG8\avgcsrvx.exe
C:\Windows\system32\taskeng.exe
C:\Users\LE DU\Desktop\RSIT.exe
C:\Program Files\trend micro\LE DU.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.ask.com/?o=101756&l=dir
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=FR_FR&c(...)
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=FR_FR&c(...)
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: (no name) - *{08C06D61-F1F3-4799-86F8-BE1A89362C85} - (no file)
R3 - URLSearchHook: AVG Security Toolbar BHO - {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files\AVG\AVG8\Toolbar\IEToolbar.dll
O1 - Hosts: ::1 localhost
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: AskBar BHO - {201f27d4-3704-41d6-89c1-aa35e39143ed} - C:\Program Files\AskBarDis\bar\bin\askBar.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: AVG Security Toolbar BHO - {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files\AVG\AVG8\Toolbar\IEToolbar.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll
O2 - BHO: Mininova-Vuze Toolbar - {d51d388b-f5dc-471a-a1ce-5e2d671091c0} - C:\Program Files\Mininova-Vuze\tbMin0.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: Mininova-Vuze Toolbar - {d51d388b-f5dc-471a-a1ce-5e2d671091c0} - C:\Program Files\Mininova-Vuze\tbMin0.dll
O3 - Toolbar: Ask Toolbar - {3041d03e-fd4b-44e0-b742-2d9b88305f98} - C:\Program Files\AskBarDis\bar\bin\askBar.dll
O3 - Toolbar: AVG Security Toolbar - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - C:\Program Files\AVG\AVG8\Toolbar\IEToolbar.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe
O4 - HKLM\..\Run: [WAWifiMessage] %ProgramFiles%\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe
O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe
O4 - HKLM\..\Run: [NvSvc] RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - HKLM\..\Run: [ORAHSSSessionManager] "C:\Program Files\OrangeHSS\SessionManager\SessionManager.exe"
O4 - HKCU\..\Run: [PureText] "C:\Users\LE DU\Desktop\utilitaires\PureText.exe"
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [wooqm] "c:\users\le du\appdata\local\wooqm.exe" wooqm
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU')
O4 - Startup: HotSync Manager.lnk = C:\Program Files\Palm\Hotsync.exe
O4 - Startup: Super Finder XT.lnk = C:\Program Files\FSL\SuperFinder\SuperFinder.exe
O4 - Startup: WordWeb.lnk = C:\Program Files\WordWeb\wweb32.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: MozyHome Status.lnk = C:\Program Files\MozyHome\mozystat.exe
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O9 - Extra button: Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O13 - Gopher Prefix:
O15 - Trusted Zone: http://*.mappy.com
O15 - Trusted Zone: http://*.orange.fr
O15 - Trusted Zone: http://rw.search.ke.voila.fr
O15 - Trusted Zone: http://orange.weborama.fr
O16 - DPF: {CF40ACC5-E1BB-4AFF-AC72-04C2F616BCA7} (get_atlcom Class) - http://wwwimages.adobe.com/www.adobe.com/products/acrobat/nos/gp.cab
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll
O20 - AppInit_DLLs: avgrsstx.dll C:\PROGRA~1\Google\GOOGLE~4\GOEC62~1.DLL
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: AVG8 E-mail Scanner (avg8emc) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgemc.exe
O23 - Service: AVG8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
O23 - Service: AVG8 Firewall (avgfws8) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgfws8.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: CyberLink Background Capture Service (CBCS) (CLCapSvc) - Unknown owner - C:\Program Files\HP\QuickPlay\Kernel\TV\CLCapSvc.exe
O23 - Service: CyberLink Task Scheduler (CTS) (CLSched) - Unknown owner - C:\Program Files\HP\QuickPlay\Kernel\TV\CLSched.exe
O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom SA - C:\PROGRA~1\COMMON~1\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe
O23 - Service: getPlus(R) Helper - NOS Microsystems Ltd. - C:\Program Files\NOS\bin\getPlus_HelperSvc.exe
O23 - Service: Google Desktop Manager 5.8.811.4345 (GoogleDesktopManager-110408-113106) - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
O23 - Service: Service Google Update (gupdate1c9c58535bc7ff0) (gupdate1c9c58535bc7ff0) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: HP Health Check Service - Hewlett-Packard - C:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe
O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: MozyHome Backup Service (mozybackup) - Mozy, Inc. - C:\Program Files\MozyHome\mozybackup.exe
O23 - Service: RoxMediaDB9 - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe
O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe
O23 - Service: Sony SCSI Helper Service - Sony Corporation - C:\Program Files\Common Files\Sony Shared\Fsk\SonySCSIHelperService.exe
O23 - Service: stllssvr - MicroVision Development, Inc. - C:\Program Files\Common Files\SureThing Shared\stllssvr.exe
O23 - Service: @%SystemRoot%\System32\TuneUpDefragService.exe,-1 (TuneUp.Defrag) - TuneUp Software - C:\Windows\System32\TuneUpDefragService.exe
O23 - Service: @%SystemRoot%\System32\TUProgSt.exe,-1 (TuneUp.ProgramStatisticsSvc) - TuneUp Software - C:\Windows\System32\TUProgSt.exe

--
End of file - 11795 bytes

======Scheduled tasks folder======

C:\Windows\tasks\Google Software Updater.job
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
C:\Windows\tasks\Maintenance en 1 clic.job
C:\Windows\tasks\User_Feed_Synchronization-{A60A039E-0E26-425A-885A-19ED4AFA033A}.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
Aide pour le lien d'Adobe PDF Reader - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2006-10-23 62080]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{201f27d4-3704-41d6-89c1-aa35e39143ed}]
AskBar BHO - C:\Program Files\AskBarDis\bar\bin\askBar.dll [2008-11-18 333192]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}]
AVG Safe Search - C:\Program Files\AVG\AVG8\avgssie.dll [2009-04-24 1107224]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{53707962-6F74-2D53-2644-206D7942484F}]
Spybot-S&D IE Protection - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll [2009-01-26 1879896]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
SSVHelper Class - C:\Program Files\Java\jre6\bin\ssv.dll [2009-03-09 320920]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A3BC75A2-1F87-4686-AA43-5347D756017C}]
AVG Security Toolbar BHO - C:\Program Files\AVG\AVG8\Toolbar\IEToolbar.dll [2009-06-14 1004800]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - c:\program files\google\googletoolbar1.dll [2007-05-18 2226048]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll [2009-04-25 668656]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{d51d388b-f5dc-471a-a1ce-5e2d671091c0}]
Mininova-Vuze Toolbar - C:\Program Files\Mininova-Vuze\tbMin0.dll [2009-03-26 1883672]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2009-03-09 35840]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - &Google - c:\program files\google\googletoolbar1.dll [2007-05-18 2226048]
{d51d388b-f5dc-471a-a1ce-5e2d671091c0} - Mininova-Vuze Toolbar - C:\Program Files\Mininova-Vuze\tbMin0.dll [2009-03-26 1883672]
{3041d03e-fd4b-44e0-b742-2d9b88305f98} - Ask Toolbar - C:\Program Files\AskBarDis\bar\bin\askBar.dll [2008-11-18 333192]
{CCC7A320-B3CA-4199-B1A6-9F516DD69829} - AVG Security Toolbar - C:\Program Files\AVG\AVG8\Toolbar\IEToolbar.dll [2009-06-14 1004800]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Windows Defender"=C:\Program Files\Windows Defender\MSASCui.exe [2008-01-19 1008184]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2007-01-13 827392]
"RtHDVCpl"=C:\Windows\RtHDVCpl.exe [2007-03-09 4390912]
"IAAnotif"=C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe [2007-02-12 174872]
"WAWifiMessage"=C:\Program Files\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe [2007-01-10 317128]
"AVG8_TRAY"=C:\PROGRA~1\AVG\AVG8\avgtray.exe [2009-06-16 1948440]
"NvSvc"=C:\Windows\system32\nvsvc.dll [2007-05-01 86016]
"NvCplDaemon"=C:\Windows\system32\NvCpl.dll [2007-05-01 8429568]
"NvMediaCenter"=C:\Windows\system32\NvMcTray.dll [2007-05-01 81920]
"Google Desktop Search"=C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe [2009-04-25 30192]
"ORAHSSSessionManager"=C:\Program Files\OrangeHSS\SessionManager\SessionManager.exe [2008-06-10 107248]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"PureText"=C:\Users\LE DU\Desktop\utilitaires\PureText.exe [2009-01-07 28672]
"SpybotSD TeaTimer"=C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe [2009-03-05 2260480]
"wooqm"=c:\users\le du\appdata\local\wooqm.exe [2009-06-16 248832]
"ehTray.exe"=C:\Windows\ehome\ehTray.exe [2008-01-19 125952]
"WMPNSCFG"=C:\Program Files\Windows Media Player\WMPNSCFG.exe [2008-01-19 202240]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
HP Digital Imaging Monitor.lnk - C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
MozyHome Status.lnk - C:\Program Files\MozyHome\mozystat.exe

C:\Users\LE DU\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
HotSync Manager.lnk - C:\Program Files\Palm\Hotsync.exe
Super Finder XT.lnk - C:\Program Files\FSL\SuperFinder\SuperFinder.exe
WordWeb.lnk - C:\Program Files\WordWeb\wweb32.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLS"="avgrsstx.dll C:\PROGRA~1\Google\GOOGLE~4\GOEC62~1.DLL"

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableUIADesktopToggle"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"C:\Program Files\OrangeHSS\Connectivity\ConnectivityManager.exe"="C:\Program Files\OrangeHSS\Connectivity\ConnectivityManager.exe:*:enabled:CSS"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{78733139-d364-11dd-8080-001b24bb1a51}]
shell\AutoRun\command - H:\LaunchU3.exe -a

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{989ab895-d34a-11dd-b663-806e6f6e6963}]
shell\AutoRun\command - E:\setup.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{f619e93a-e794-11dd-be7f-001b24bb1a51}]
shell\AutoRun\command - F:\EmDesk.exe
shell\EmDesk\command - F:\EmDesk.exe


======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 months======

2009-07-16 10:03:02 ----D---- C:\rsit
2009-07-16 10:03:02 ----D---- C:\Program Files\trend micro
2009-07-15 12:48:01 ----A---- C:\Windows\system32\t2embed.dll
2009-07-15 12:48:01 ----A---- C:\Windows\system32\fontsub.dll
2009-07-15 12:48:01 ----A---- C:\Windows\system32\atmfd.dll
2009-07-15 12:48:00 ----A---- C:\Windows\system32\dciman32.dll
2009-07-13 17:00:45 ----D---- C:\Program Files\Earth Resource Mapping
2009-07-13 11:41:52 ----D---- C:\Program Files\scp32v409
2009-07-13 11:41:04 ----D---- C:\Program Files\Common Files\Wise Installation Wizard
2009-07-07 23:31:52 ----D---- C:\Program Files\Google Hacks
2009-07-06 23:24:45 ----D---- C:\Users\LE DU\AppData\Roaming\calibre
2009-07-06 23:21:48 ----HD---- C:\Program Files\InstallJammer Registry
2009-07-06 23:21:31 ----D---- C:\Program Files\calibre
2009-06-29 21:24:45 ----D---- C:\Program Files\Securitoo
2009-06-29 21:23:48 ----A---- C:\Windows\system32\Autodial2000.dll
2009-06-29 21:23:37 ----D---- C:\Program Files\OrangeHSS
2009-06-29 21:22:30 ----D---- C:\Program Files\Common Files\France Telecom
2009-06-29 09:59:07 ----A---- C:\Windows\system32\GEARAspi.dll
2009-06-29 09:58:39 ----D---- C:\Program Files\iPod
2009-06-29 09:58:36 ----D---- C:\ProgramData\{8CD7F5AF-ECFA-4793-BF40-D8F42DBFF906}
2009-06-29 09:56:16 ----D---- C:\Program Files\Common Files\Apple
2009-06-29 09:32:11 ----D---- C:\ProgramData\Apple Computer
2009-06-23 23:27:08 ----D---- C:\Users\LE DU\AppData\Roaming\vlc
2009-06-23 23:25:51 ----D---- C:\Program Files\VideoLAN
2009-06-23 19:43:58 ----D---- C:\Windows\afreeCodecVT
2009-06-23 19:43:58 ----D---- C:\Program Files\afreeCodecVT
2009-06-18 10:22:30 ----D---- C:\ProgramData\kinoma
2009-06-18 10:22:18 ----D---- C:\Program Files\DIFX
2009-06-18 10:22:08 ----D---- C:\Program Files\Common Files\Sony Shared

======List of files/folders modified in the last 1 months======

2009-07-16 10:03:25 ----D---- C:\Windows\Temp
2009-07-16 10:03:02 ----RD---- C:\Program Files
2009-07-16 09:00:36 ----D---- C:\Windows\winsxs
2009-07-16 08:49:11 ----D---- C:\Windows\Tasks
2009-07-16 08:44:16 ----D---- C:\WINDOWS
2009-07-15 23:52:20 ----D---- C:\Windows\System32
2009-07-15 23:52:14 ----D---- C:\Windows\system32\catroot
2009-07-15 23:52:12 ----D---- C:\Program Files\Windows Mail
2009-07-15 23:50:19 ----D---- C:\Windows\Debug
2009-07-15 23:50:06 ----SHD---- C:\System Volume Information
2009-07-15 22:28:05 ----D---- C:\ProgramData\Spybot - Search & Destroy
2009-07-15 14:41:29 ----D---- C:\ProgramData\Google Updater
2009-07-15 13:16:20 ----HD---- C:\$AVG8.VAULT$
2009-07-15 12:24:10 ----D---- C:\Windows\system32\catroot2
2009-07-14 22:24:28 ----D---- C:\Program Files\Mozilla Firefox
2009-07-13 17:09:22 ----SHD---- C:\Windows\Installer
2009-07-13 17:09:22 ----HD---- C:\Config.Msi
2009-07-13 11:41:04 ----D---- C:\Program Files\Common Files
2009-07-12 07:59:57 ----D---- C:\Program Files\Google
2009-07-12 07:59:42 ----D---- C:\Program Files\Common Files\PX Storage Engine
2009-07-12 07:52:45 ----D---- C:\Program Files\Feline
2009-07-12 07:52:05 ----D---- C:\Users\LE DU\AppData\Roaming\Azureus
2009-07-10 16:24:16 ----D---- C:\Windows\system32\Tasks
2009-07-10 16:00:55 ----D---- C:\Windows\inf
2009-07-10 16:00:55 ----A---- C:\Windows\system32\PerfStringBackup.INI
2009-07-09 09:59:18 ----RSD---- C:\Windows\Fonts
2009-07-07 19:52:28 ----D---- C:\Windows\system32\WDI
2009-07-07 17:10:56 ----A---- C:\Windows\system32\mrt.exe
2009-07-02 09:58:32 ----D---- C:\Windows\system32\drivers
2009-06-30 12:11:15 ----D---- C:\Program Files\Ichtyonymie Bretonne
2009-06-29 21:26:10 ----D---- C:\Windows\Prefetch
2009-06-29 10:00:27 ----D---- C:\Users\LE DU\AppData\Roaming\Apple Computer
2009-06-29 09:59:07 ----DC---- C:\Windows\system32\DRVSTORE
2009-06-29 09:59:05 ----D---- C:\Program Files\iTunes
2009-06-29 09:58:36 ----HD---- C:\ProgramData
2009-06-29 09:32:24 ----D---- C:\Program Files\QuickTime
2009-06-28 23:08:13 ----D---- C:\Program Files\Internet Explorer
2009-06-20 00:36:36 ----D---- C:\ProgramData\AVG Security Toolbar
2009-06-18 22:52:19 ----D---- C:\Users\LE DU\AppData\Roaming\Image Zone Express
2009-06-18 22:37:45 ----D---- C:\Users\LE DU\AppData\Roaming\Printer Info Cache
2009-06-18 10:23:23 ----D---- C:\Program Files\SONY
2009-06-17 08:12:45 ----D---- C:\Windows\Microsoft.NET
2009-06-17 08:12:40 ----RSD---- C:\Windows\assembly
2009-06-17 08:04:29 ----D---- C:\Windows\ehome
2009-06-17 08:04:27 ----D---- C:\Windows\system32\migration

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 Avgfwfd;AVG network filter service; C:\Windows\system32\DRIVERS\avgfwd6x.sys [2009-04-24 23832]
R1 AvgLdx86;AVG AVI Loader Driver x86; C:\Windows\System32\Drivers\avgldx86.sys [2009-07-02 335752]
R1 AvgMfx86;AVG On-access Scanner Minifilter Driver x86; C:\Windows\System32\Drivers\avgmfx86.sys [2009-06-16 27784]
R1 AvgTdiX;AVG8 Network Redirector; C:\Windows\System32\Drivers\avgtdix.sys [2009-04-24 108552]
R1 eabfiltr;eabfiltr; C:\Windows\system32\DRIVERS\eabfiltr.sys [2006-11-30 8192]
R1 mozyFilter;mozyFilter; C:\Windows\system32\DRIVERS\mozy.sys [2008-12-04 53752]
R2 rimmptsk;rimmptsk; C:\Windows\system32\DRIVERS\rimmptsk.sys [2007-02-24 39936]
R2 rimsptsk;rimsptsk; C:\Windows\system32\DRIVERS\rimsptsk.sys [2007-01-23 42496]
R2 rismxdp;Ricoh xD-Picture Card Driver; C:\Windows\system32\DRIVERS\rixdptsk.sys [2007-01-23 37376]
R3 CmBatt;Pilote pour Batterie à méthode de contrôle ACPI Microsoft; C:\Windows\system32\DRIVERS\CmBatt.sys [2008-01-19 14208]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\Windows\system32\DRIVERS\GEARAspiWDM.sys [2009-03-19 23400]
R3 HBtnKey;HBtnKey; C:\Windows\system32\DRIVERS\cpqbttn.sys [2006-06-28 9472]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHDA.sys [2007-03-12 1747936]
R3 NETw4v32;Pilote de carte Intel(R) Wireless WiFi Link pour Windows Vista 32 bits; C:\Windows\system32\DRIVERS\NETw4v32.sys [2007-03-01 2216448]
R3 nvlddmkm;nvlddmkm; C:\Windows\system32\DRIVERS\nvlddmkm.sys [2007-05-01 7495968]
R3 RTL8169;Realtek 8169 NT Driver; C:\Windows\system32\DRIVERS\Rtlh86.sys [2007-03-05 76288]
R3 sdbus;sdbus; C:\Windows\system32\DRIVERS\sdbus.sys [2008-01-19 88576]
R3 smserial;smserial; C:\Windows\system32\DRIVERS\smserial.sys [2006-10-09 981504]
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2007-01-13 181432]
R3 usbvideo;Périphérique vidéo USB (WDM); C:\Windows\System32\Drivers\usbvideo.sys [2008-01-19 134016]
R3 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:\Windows\system32\DRIVERS\wmiacpi.sys [2008-01-19 11264]
S3 BCM43XV;Pilote de la carte réseau extensible Broadcom 802.11; C:\Windows\system32\DRIVERS\bcmwl6.sys [2006-11-02 464384]
S3 Dot4;Pilote MS IEEE-1284.4; C:\Windows\system32\DRIVERS\Dot4.sys [2008-01-19 131584]
S3 Dot4Print;Pilote de classe Imprimante pour IEEE-1284.4; C:\Windows\system32\DRIVERS\Dot4Prt.sys [2008-01-19 16384]
S3 dot4usb;MS Dot4USB Filter Dot4USB Filter; C:\Windows\system32\DRIVERS\dot4usb.sys [2008-01-19 36864]
S3 drmkaud;Filtre de décodeur DRM (Noyau Microsoft); C:\Windows\system32\drivers\drmkaud.sys [2008-01-19 5632]
S3 E100B;Pilote de carte Intel (R) PRO; C:\Windows\system32\DRIVERS\e100b325.sys [2006-11-02 163328]
S3 HdAudAddService;Pilote de fonction UAA 1.1 Microsoft pour le service High Definition Audio; C:\Windows\system32\drivers\HdAudio.sys [2006-11-02 235520]
S3 HSF_DPV;HSF_DPV; C:\Windows\system32\DRIVERS\VSTDPV3.SYS [2006-11-02 987648]
S3 HSFHWAZL;HSFHWAZL; C:\Windows\system32\DRIVERS\VSTAZL3.SYS [2006-11-02 200704]
S3 ialm;ialm; C:\Windows\system32\DRIVERS\igdkmd32.sys [2006-10-19 1380864]
S3 MSKSSRV;Proxy de service de répartition Microsoft; C:\Windows\system32\drivers\MSKSSRV.sys [2008-01-19 8192]
S3 MSPCLOCK;Proxy d'horloge de répartition Microsoft; C:\Windows\system32\drivers\MSPCLOCK.sys [2008-01-19 5888]
S3 MSPQM;Proxy de gestion de qualité de répartition Microsoft; C:\Windows\system32\drivers\MSPQM.sys [2008-01-19 5504]
S3 MSTEE;Convertisseur en T/site-à-site de répartition Microsoft; C:\Windows\system32\drivers\MSTEE.sys [2008-01-19 6016]
S3 NCHSSVAD;SoundTap Recorder; C:\Windows\system32\drivers\nchssvad.sys [2009-03-05 27136]
S3 PalmUSBD;PalmUSBD; C:\Windows\system32\drivers\PalmUSBD.sys [2007-12-04 16640]
S3 PCAMp50;PCAMp50 NDIS Protocol Driver; C:\Windows\System32\Drivers\PCAMp50.sys [2006-11-28 28224]
S3 PCASp50;PCASp50 NDIS Protocol Driver; C:\Windows\System32\Drivers\PCASp50.sys [2006-11-28 27072]
S3 usbscan;Pilote de scanneur USB; C:\Windows\system32\DRIVERS\usbscan.sys [2008-01-19 35328]
S3 winachsf;winachsf; C:\Windows\system32\DRIVERS\VSTCNXT3.SYS [2006-11-02 654336]
S3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2008-01-19 83328]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe [2009-06-05 144712]
R2 avg8emc;AVG8 E-mail Scanner; C:\PROGRA~1\AVG\AVG8\avgemc.exe [2009-07-02 907032]
R2 avg8wd;AVG8 WatchDog; C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe [2009-04-24 298776]
R2 avgfws8;AVG8 Firewall; C:\PROGRA~1\AVG\AVG8\avgfws8.exe [2009-07-02 1368952]
R2 Bonjour Service;Service Bonjour; C:\Program Files\Bonjour\mDNSResponder.exe [2008-12-12 238888]
R2 CLCapSvc;CyberLink Background Capture Service (CBCS); C:\Program Files\HP\QuickPlay\Kernel\TV\CLCapSvc.exe [2007-04-23 262243]
R2 FTRTSVC;France Telecom Routing Table Service; C:\PROGRA~1\COMMON~1\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe [2008-06-20 65536]
R2 HP Health Check Service;HP Health Check Service; C:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe [2007-03-14 62984]
R2 hpqddsvc;Service HP CUE DeviceDiscovery; C:\Windows\system32\svchost.exe [2008-01-19 21504]
R2 hpqwmiex;hpqwmiex; C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe [2006-05-02 135168]
R2 IAANTMON;Intel(R) Matrix Storage Event Monitor; C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe [2007-02-12 355096]
R2 LightScribeService;LightScribeService Direct Disc Labeling Service; C:\Program Files\Common Files\LightScribe\LSSrvc.exe [2006-12-14 61440]
R2 mozybackup;MozyHome Backup Service; C:\Program Files\MozyHome\mozybackup.exe [2009-01-30 78136]
R2 Net Driver HPZ12;Net Driver HPZ12; C:\Windows\System32\svchost.exe [2008-01-19 21504]
R2 Pml Driver HPZ12;Pml Driver HPZ12; C:\Windows\System32\svchost.exe [2008-01-19 21504]
R2 SBSDWSCService;SBSD Security Center Service; C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe [2009-01-26 1153368]
R2 TuneUp.ProgramStatisticsSvc;@%SystemRoot%\System32\TUProgSt.exe,-1; C:\Windows\System32\TUProgSt.exe [2009-05-08 604416]
R2 UxTuneUp;@%SystemRoot%\System32\uxtuneup.dll,-4096; C:\Windows\System32\svchost.exe [2008-01-19 21504]
R3 hpqcxs08;hpqcxs08; C:\Windows\system32\svchost.exe [2008-01-19 21504]
S2 CLSched;CyberLink Task Scheduler (CTS); C:\Program Files\HP\QuickPlay\Kernel\TV\CLSched.exe [2007-04-23 106593]
S2 gupdate1c9c58535bc7ff0;Service Google Update (gupdate1c9c58535bc7ff0); C:\Program Files\Google\Update\GoogleUpdate.exe [2009-04-25 133104]
S2 gusvc;Google Software Updater; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-04-25 183280]
S3 getPlus(R) Helper;getPlus(R) Helper; C:\Program Files\NOS\bin\getPlus_HelperSvc.exe [2009-03-03 33176]
S3 GoogleDesktopManager-110408-113106;Google Desktop Manager 5.8.811.4345; C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe [2009-04-25 30192]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
S3 iPod Service;Service de l’iPod; C:\Program Files\iPod\bin\iPodService.exe [2009-06-05 541992]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2008-11-04 441712]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 RoxMediaDB9;RoxMediaDB9; C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe [2007-02-12 880640]
S3 Sony SCSI Helper Service;Sony SCSI Helper Service; C:\Program Files\Common Files\Sony Shared\Fsk\SonySCSIHelperService.exe [2008-04-25 73728]
S3 stllssvr;stllssvr; C:\Program Files\Common Files\SureThing Shared\stllssvr.exe [2007-02-17 74656]
S3 TuneUp.Defrag;@%SystemRoot%\System32\TuneUpDefragService.exe,-1; C:\Windows\System32\TuneUpDefragService.exe [2009-05-08 361216]

-----------------EOF-----------------
répondre
bzhatao le 17 juillet 2009 à 20h25
:hello: kernevez

Fais ces deux manips et cela devrait déja aller bien mieux:

Impératif sous vista:
==> Désactives ton UAC:
http://www.zebulon.fr/astuces/220-desactiver-l-uac-dans-vista.html

1)
Clique sur ce lien :
http://perso.orange.fr/il.mafioso/Navifix/Navilog1.exe
Clique sur navilog1.exe pour le télécharger
Choisis Enregistrer

et enregistre-le sur ton bureau.

Ensuite double clique sur navilog1.exe pour lancer l'installation.
Une fois l'installation terminée, le fix s'exécutera automatiquement.
(Si ce n'est pas le cas, double-clique sur le raccourci Navilog1 présent sur le bureau).

Laisse-toi guider. Au menu principal, choisis 1 et valide.

Patiente jusqu'au message :
*** Analyse Terminée le ..... ***
Appuie sur une touche comme demandé, le bloc note va s'ouvrir.
Copie-colle l'intégralité dans une réponse. Referme le bloc note.
Le rapport est en outre sauvegardé à la racine du disque (C:\fixnavi.txt)
poste le rapport obtenu

2)
Télécharges TOOLBAR s&d sur ton bureau...
* Lance l'installation du programme en exécutant le fichier téléchargé.
* Double-clique maintenant sur le raccourci de Toolbar-S&D.
* Sélectionne la langue souhaitée en tapant la lettre de ton choix puis en validant avec la touche Entrée.
* Choisis maintenant l'option 2 (Supression). Patiente jusqu'à la fin de la recherche.
* Poste le rapport généré. (C:\TB.txt)

a+





-->Message édité par bzhatao le 17/07/2009 20:26:29<--
répondre
kernevez le 18 juillet 2009 à 09h11
J'ai exécuté Navilog1. Au bout de 10 mn j'ai une
alerte du bouclier résident (AVG)
inf. C\programme files\navilog1\gnc.exe
nom de la menace : Package en cours d'exécution fsg détecté à l'ouverture

on me propose
supprimer en tant qu'utilisateur avancé
ajouter aux exceptions
ignorer

Une première fois, j'ai ignoré, et le scan s'est continué sans arrêt. Au bout de 20 mn, j'ai recommencé depuis le début pour obtenir la même chose.
J'en suis là...

Merci

répondre
bzhatao le 18 juillet 2009 à 09h19
:hello: kernevez

Clic droit sur l'icone Navilog,et choisis:
"Exécuter en tant qu'administrateur"

a+
répondre
kernevez le 18 juillet 2009 à 10h54
Mon bouclier résident me dit qu'il a relevé deux infections (en fait, deux fois gnc.exe)et me propose de les nettoyer
Le scan ne 'arrête pas.
répondre
bzhatao le 18 juillet 2009 à 11h18
:hello: Kernevez

==> Certains outils de désinfection sont reconnus "A TORT"
par les antivirus comme néfastes...

==> Désactives momentanément la protection résidente d'AVG..
lance AVG et désactives la protection résidente (protection en temps réel)

==> Relances Navilog...

a+
répondre
kernevez le 18 juillet 2009 à 12h18
J'ai fait ça : navilog a tourné pendant 40 mn sans succès. J'ai donc arrête.
répondre
bzhatao le 18 juillet 2009 à 13h09
:hello: kernevez

- Laisses tomber pour le moment...

==> lances Toolbar s&d et colles le rapport stp...

a+
répondre
kernevez le 18 juillet 2009 à 13h22
C'est fait


-----------\\ ToolBar S&D 1.2.8 XP/Vista

Microsoft® Windows Vista™ Édition Familiale Premium ( v6.0.6001 ) Service Pack 1
X86-based PC ( Multiprocessor Free : Intel(R) Core(TM)2 Duo CPU T7250 @ 2.00GHz )
BIOS : Ver 1.00PARTTBL
USER : LE DU ( Administrator )
BOOT : Normal boot
Antivirus : AVG Internet Security 8.0 (Activated)
Firewall : AVG Firewall 8.0 (Activated)
C:\ (Local Disk) - NTFS - Total:225 Go (Free:146 Go)
D:\ (Local Disk) - NTFS - Total:7 Go (Free:1 Go)
E:\ (CD or DVD)

"C:\ToolBar SD" ( MAJ : 21-12-2008|20:47 )
Option : [2] ( 18/07/2009|13:18 )

[ UAC => 1 ]

-----------\\ SUPPRESSION

Supprime! - C:\Program Files\AskBarDis\bar
Supprime! - C:\Program Files\AskBarDis\unins000.dat
Supprime! - C:\Program Files\AskBarDis\unins000.exe
Supprime! - C:\Program Files\AskBarDis

-----------\\ Recherche de Fichiers / Dossiers ...


-----------\\ [..\Internet Explorer\Main]

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.ask.com/?o=101756&l=dir"
"Local Page"="C:\\Windows\\system32\\blank.htm"
"Search Page"="http://www.google.com"
"Default_Search_URL"="http://www.google.com/ie"
"Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157"
"Url"="http://go.microsoft.com/fwlink/?LinkId=75720"

[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.msn.com/"
"Default_Page_URL"="http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=FR_FR&c=73&bd=Pavilion&pf=laptop"
"Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Local Page"="C:\\Windows\\System32\\blank.htm"


--------------------\\ Recherche d'autres infections

C:\PROGRA~2\MICROS~1\Windows\STARTM~1\Programs\WebMediaPlayer
C:\PROGRA~2\MICROS~1\Windows\STARTM~1\Programs\WebMediaPlayer\Privacy Policy.url
C:\PROGRA~2\MICROS~1\Windows\STARTM~1\Programs\WebMediaPlayer\Terms and Conditions.url
C:\PROGRA~2\MICROS~1\Windows\STARTM~1\Programs\WebMediaPlayer\Website.url

C:\Users\LEDU~1\AppData\Local\wooqm.dat
C:\Users\LEDU~1\AppData\Local\wooqm.exe
C:\Users\LEDU~1\AppData\Local\wooqm_nav.dat
C:\Users\LEDU~1\AppData\Local\wooqm_navps.dat
==> EGDACCESS <==



[ UAC => 1 ]


1 - "C:\ToolBar SD\TB_1.txt" - 18/07/2009|13:17 - Option : [1]
2 - "C:\ToolBar SD\TB_2.txt" - 18/07/2009|13:20 - Option : [2]

-----------\\ Fin du rapport a 13:20:06,49


répondre
bzhatao le 18 juillet 2009 à 13h52
:hello: kernevez

Pour TOOLBAR c'est ok :super:

Concernant Navilog que tu ne peux lancer, on va procéder
différemment:

---> Télécharge OTM
(OldTimer) sur ton Bureau :
http: http://oldtimer.geekstogo.com/OTM.exe


---> Double-clique sur OTMoveIt3.exe afin de le lancer.

---> Copie (Ctrl+C) le texte suivant en gras ci-dessous :

:processes
explorer.exe

:files
C:\PROGRA~2\MICROS~1\Windows\STARTM~1\Programs\WebMediaPlayer
C:\PROGRA~2\MICROS~1\Windows\STARTM~1\Programs\WebMediaPlayer\Privacy Policy.url
C:\PROGRA~2\MICROS~1\Windows\STARTM~1\Programs\WebMediaPlayer\Terms and Conditions.url
C:\PROGRA~2\MICROS~1\Windows\STARTM~1\Programs\WebMediaPlayer\Website.url

C:\Users\LEDU~1\AppData\Local\wooqm.dat
C:\Users\LEDU~1\AppData\Local\wooqm.exe
C:\Users\LEDU~1\AppData\Local\wooqm_nav.dat
C:\Users\LEDU~1\AppData\Local\wooqm_navps.dat




:commands
[purity]
[emptytemp]
[start explorer]


---> Colle (Ctrl+V) le texte précédemment copié dans le cadre : Paste Instructions for Items to be Moved.
---> Clique maintenant sur le bouton MoveIt!
puis ferme OTMoveIt3.

Si un fichier ou dossier ne peut pas être supprimé immédiatement, le logiciel te demandera de redémarrer.
Accepte en cliquant sur YES.

---> Poste le rapport situé dans ce dossier : C:\_OTMoveIt\MovedFiles\
Le nom du rapport correspond au moment de sa création : date_heure.log

a+

-->Message édité par bzhatao le 18/07/2009 13:54:17<--
répondre
kernevez le 18 juillet 2009 à 14h17
Voici le log

All processes killed
========== PROCESSES ==========
No active process named explorer.exe was found!
========== FILES ==========
Folder move failed. C:\PROGRA~2\MICROS~1\Windows\STARTM~1\Programs\WebMediaPlayer scheduled to be moved on reboot.
File move failed. C:\PROGRA~2\MICROS~1\Windows\STARTM~1\Programs\WebMediaPlayer\Privacy Policy.url scheduled to be moved on reboot.
File move failed. C:\PROGRA~2\MICROS~1\Windows\STARTM~1\Programs\WebMediaPlayer\Terms and Conditions.url scheduled to be moved on reboot.
File move failed. C:\PROGRA~2\MICROS~1\Windows\STARTM~1\Programs\WebMediaPlayer\Website.url scheduled to be moved on reboot.
C:\Users\LEDU~1\AppData\Local\wooqm.dat moved successfully.
C:\Users\LEDU~1\AppData\Local\wooqm.exe moved successfully.
C:\Users\LEDU~1\AppData\Local\wooqm_nav.dat moved successfully.
C:\Users\LEDU~1\AppData\Local\wooqm_navps.dat moved successfully.
========== COMMANDS ==========

[EMPTYTEMP]

User: All Users

User: Default
->Temp folder emptied: 0 bytes
File delete failed. C:\Users\Default\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\desktop.ini scheduled to be deleted on reboot.
File delete failed. C:\Users\Default\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat scheduled to be deleted on reboot.
File delete failed. C:\Users\Default\AppData\Local\Microsoft\Windows\Temporary Internet Files\desktop.ini scheduled to be deleted on reboot.
->Temporary Internet Files folder emptied: 32902 bytes

User: Default User
->Temp folder emptied: 0 bytes
File delete failed. C:\Users\Default User\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\desktop.ini scheduled to be deleted on reboot.
File delete failed. C:\Users\Default User\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat scheduled to be deleted on reboot.
File delete failed. C:\Users\Default User\AppData\Local\Microsoft\Windows\Temporary Internet Files\desktop.ini scheduled to be deleted on reboot.
->Temporary Internet Files folder emptied: 32902 bytes

User: LE DU
->Temp folder emptied: 133457224 bytes
->Temporary Internet Files folder emptied: 5252293 bytes
->Java cache emptied: 26829181 bytes
->FireFox cache emptied: 97494786 bytes
->Google Chrome cache emptied: 621177 bytes
->Apple Safari cache emptied: 96250190 bytes

User: Public

File delete failed. C:\AZU25959.tmp scheduled to be deleted on reboot.
File delete failed. C:\AZU25962.tmp scheduled to be deleted on reboot.
File delete failed. C:\AZU27344.tmp scheduled to be deleted on reboot.
File delete failed. C:\AZU27345.tmp scheduled to be deleted on reboot.
File delete failed. C:\AZU27346.tmp scheduled to be deleted on reboot.
File delete failed. C:\AZU27347.tmp scheduled to be deleted on reboot.
File delete failed. C:\AZU27348.tmp scheduled to be deleted on reboot.
File delete failed. C:\AZU27349.tmp scheduled to be deleted on reboot.
File delete failed. C:\AZU27350.tmp scheduled to be deleted on reboot.
File delete failed. C:\AZU27351.tmp scheduled to be deleted on reboot.
File delete failed. C:\AZU27352.tmp scheduled to be deleted on reboot.
File delete failed. C:\AZU27353.tmp scheduled to be deleted on reboot.
File delete failed. C:\AZU38200.tmp scheduled to be deleted on reboot.
File delete failed. C:\AZU38201.tmp scheduled to be deleted on reboot.
File delete failed. C:\AZU38202.tmp scheduled to be deleted on reboot.
File delete failed. C:\AZU38203.tmp scheduled to be deleted on reboot.
File delete failed. C:\AZU38204.tmp scheduled to be deleted on reboot.
File delete failed. C:\AZU38205.tmp scheduled to be deleted on reboot.
File delete failed. C:\AZU38206.tmp scheduled to be deleted on reboot.
File delete failed. C:\AZU38207.tmp scheduled to be deleted on reboot.
File delete failed. C:\AZU52648.tmp scheduled to be deleted on reboot.
File delete failed. C:\AZU62937.tmp scheduled to be deleted on reboot.
File delete failed. C:\AZU62938.tmp scheduled to be deleted on reboot.
File delete failed. C:\AZU62939.tmp scheduled to be deleted on reboot.
File delete failed. C:\AZU62940.tmp scheduled to be deleted on reboot.
File delete failed. C:\AZU62941.tmp scheduled to be deleted on reboot.
File delete failed. C:\AZU62942.tmp scheduled to be deleted on reboot.
File delete failed. C:\AZU62943.tmp scheduled to be deleted on reboot.
File delete failed. C:\AZU62944.tmp scheduled to be deleted on reboot.
File delete failed. C:\BITB2CA.tmp scheduled to be deleted on reboot.
File delete failed. C:\BITB2DB.tmp scheduled to be deleted on reboot.
File delete failed. C:\BITB2DC.tmp scheduled to be deleted on reboot.
File delete failed. C:\BITB2EC.tmp scheduled to be deleted on reboot.
File delete failed. C:\BITB2ED.tmp scheduled to be deleted on reboot.
File delete failed. C:\BITB2EE.tmp scheduled to be deleted on reboot.
File delete failed. C:\BITB2FF.tmp scheduled to be deleted on reboot.
File delete failed. C:\BITB300.tmp scheduled to be deleted on reboot.
File delete failed. C:\BITB311.tmp scheduled to be deleted on reboot.
File delete failed. C:\BITB312.tmp scheduled to be deleted on reboot.
File delete failed. C:\BITB313.tmp scheduled to be deleted on reboot.
File delete failed. C:\BITB314.tmp scheduled to be deleted on reboot.
File delete failed. C:\BITB324.tmp scheduled to be deleted on reboot.
File delete failed. C:\BITB325.tmp scheduled to be deleted on reboot.
File delete failed. C:\BITB326.tmp scheduled to be deleted on reboot.
File delete failed. C:\BITB337.tmp scheduled to be deleted on reboot.
File delete failed. C:\BITB338.tmp scheduled to be deleted on reboot.
File delete failed. C:\BITB339.tmp scheduled to be deleted on reboot.
File delete failed. C:\BITB349.tmp scheduled to be deleted on reboot.
File delete failed. C:\BITB34A.tmp scheduled to be deleted on reboot.
File delete failed. C:\BITB35B.tmp scheduled to be deleted on reboot.
File delete failed. C:\BITB36C.tmp scheduled to be deleted on reboot.
File delete failed. C:\BITB36D.tmp scheduled to be deleted on reboot.
File delete failed. C:\BITB37D.tmp scheduled to be deleted on reboot.
File delete failed. C:\BITB37E.tmp scheduled to be deleted on reboot.
File delete failed. C:\BITB37F.tmp scheduled to be deleted on reboot.
File delete failed. C:\BITB39F.tmp scheduled to be deleted on reboot.
File delete failed. C:\BITB3A0.tmp scheduled to be deleted on reboot.
File delete failed. C:\BITB3B1.tmp scheduled to be deleted on reboot.
File delete failed. C:\BITB3B2.tmp scheduled to be deleted on reboot.
File delete failed. C:\BITB3B3.tmp scheduled to be deleted on reboot.
File delete failed. C:\BITB3C4.tmp scheduled to be deleted on reboot.
File delete failed. C:\BITB3D4.tmp scheduled to be deleted on reboot.
File delete failed. C:\BITB3E5.tmp scheduled to be deleted on reboot.
File delete failed. C:\BITCE44.tmp scheduled to be deleted on reboot.
File delete failed. C:\BITCE54.tmp scheduled to be deleted on reboot.
File delete failed. C:\BITCE55.tmp scheduled to be deleted on reboot.
File delete failed. C:\BITCE56.tmp scheduled to be deleted on reboot.
File delete failed. C:\BITCE67.tmp scheduled to be deleted on reboot.
File delete failed. C:\BITCE77.tmp scheduled to be deleted on reboot.
File delete failed. C:\BITCE88.tmp scheduled to be deleted on reboot.
File delete failed. C:\BITCEA8.tmp scheduled to be deleted on reboot.
File delete failed. C:\BITCEA9.tmp scheduled to be deleted on reboot.
File delete failed. C:\BITCEAA.tmp scheduled to be deleted on reboot.
File delete failed. C:\BITCEBB.tmp scheduled to be deleted on reboot.
File delete failed. C:\BITCECB.tmp scheduled to be deleted on reboot.
File delete failed. C:\BITCECC.tmp scheduled to be deleted on reboot.
File delete failed. C:\BITCECD.tmp scheduled to be deleted on reboot.
File delete failed. C:\BITCEEE.tmp scheduled to be deleted on reboot.
File delete failed. C:\BITCEFE.tmp scheduled to be deleted on reboot.
File delete failed. C:\BITCEFF.tmp scheduled to be deleted on reboot.
File delete failed. C:\BITCF10.tmp scheduled to be deleted on reboot.
File delete failed. C:\BITCF20.tmp scheduled to be deleted on reboot.
File delete failed. C:\BITCF41.tmp scheduled to be deleted on reboot.
File delete failed. C:\BITCF51.tmp scheduled to be deleted on reboot.
File delete failed. C:\BITCF52.tmp scheduled to be deleted on reboot.
File delete failed. C:\BITCF63.tmp scheduled to be deleted on reboot.
File delete failed. C:\BITCF64.tmp scheduled to be deleted on reboot.
File delete failed. C:\BITCF74.tmp scheduled to be deleted on reboot.
File delete failed. C:\BITCF85.tmp scheduled to be deleted on reboot.
File delete failed. C:\BITCF96.tmp scheduled to be deleted on reboot.
File delete failed. C:\BITCFC5.tmp scheduled to be deleted on reboot.
File delete failed. C:\BITCFD6.tmp scheduled to be deleted on reboot.
File delete failed. C:\BITCFD7.tmp scheduled to be deleted on reboot.
File delete failed. C:\BITCFD8.tmp scheduled to be deleted on reboot.
File delete failed. C:\BITCFE9.tmp scheduled to be deleted on reboot.
File delete failed. C:\BITCFEA.tmp scheduled to be deleted on reboot.
File delete failed. C:\BITCFFA.tmp scheduled to be deleted on reboot.
File delete failed. C:\fbc13BB.tmp scheduled to be deleted on reboot.
File delete failed. C:\fbc3B8D.tmp scheduled to be deleted on reboot.
File delete failed. C:\fbc5589.tmp scheduled to be deleted on reboot.
File delete failed. C:\fbc6C91.tmp scheduled to be deleted on reboot.
File delete failed. C:\fbc72E4.tmp scheduled to be deleted on reboot.
File delete failed. C:\fbc883C.tmp scheduled to be deleted on reboot.
File delete failed. C:\fbc947D.tmp scheduled to be deleted on reboot.
File delete failed. C:\fbcCE69.tmp scheduled to be deleted on reboot.
File delete failed. C:\fbcD9FE.tmp scheduled to be deleted on reboot.
File delete failed. C:\fbcFCAC.tmp scheduled to be deleted on reboot.
File delete failed. C:\myplaces.kml.tmp scheduled to be deleted on reboot.
File delete failed. C:\PININST.TMP scheduled to be deleted on reboot.
File delete failed. C:\temp.tmp scheduled to be deleted on reboot.
File delete failed. C:\~WRL0003.tmp scheduled to be deleted on reboot.
File delete failed. C:\~WRL1790.tmp scheduled to be deleted on reboot.
%systemdrive% .tmp files removed: 13548458 bytes
Folder delete failed. C:\Windows\msdownld.tmp scheduled to be deleted on reboot.
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
File delete failed. C:\Windows\temp\mozy-update-a2589017f25d3675cc923939b19b93bd.exe scheduled to be deleted on reboot.
Windows Temp folder emptied: 9762898 bytes
RecycleBin emptied: 470309 bytes

Total Files Cleaned = 365,97 mb


OTM by OldTimer - Version 3.0.0.5 log created on 07182009_140738
répondre
kernevez le 18 juillet 2009 à 14h21
Je voudrais te poser encore une question, si je n'exagère pas.
J'ai un petit logiciel qui fait des cartes (c'est un logiciel fabriqué par un copain). Il marchait parfaitement, mais maintenant il se plante.
Est-ce qu'une restauration du système pourrait être la solution pour le faire remarcher ?
Merci d'avance
répondre
bzhatao le 18 juillet 2009 à 14h47
:hello: kernevez

Est-ce qu'une restauration du système pourrait être la solution pour le faire remarcher ?

Si tu fais une restauration à ce stade tu réinstalleras les infections que l'on vient de virer!!!!

*********

Ya t-il eu un redémarrage apres le passage de OTmoveIt ?
Si oui OK...
Si non redémarres le pc!

*********

Fais un scan avec cet antispyware :
Telecharges Malwarebytes + tutoriel




Tu l´installes; mets le a jour...(onglet mise a jour)
Click maintenant sur l´onglet recherche et coche la case : "executer un examen rapide".
Puis click sur "rechercher".
Laisses le scanner le pc...
Si des elements on ete trouvés > click sur supprimer la selection.
si il t´es demandé de redemarrer > click sur "oui".
A la fin un rapport va s´ouvrir; sauvegarde le de maniere a le retrouver en vue de le poster sur le forum.
Copies et colles le rapport stp.

a+






répondre
kernevez le 18 juillet 2009 à 15h13
C'est fait : deux infections ! On se demande à quoi me sert AVG 8.5 !

Malwarebytes' Anti-Malware 1.39
Version de la base de données: 2457
Windows 6.0.6001 Service Pack 1

18/07/2009 15:11:01
mbam-log-2009-07-18 (15-11-01).txt

Type de recherche: Examen rapide
Eléments examinés: 154294
Temps écoulé: 9 minute(s), 24 second(s)

Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 1
Valeur(s) du Registre infectée(s): 1
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 0
Fichier(s) infecté(s): 0

Processus mémoire infecté(s):
(Aucun élément nuisible détecté)

Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)

Clé(s) du Registre infectée(s):
HKEY_CURRENT_USER\SOFTWARE\fcn (Rogue.Residue) -> Quarantined and deleted successfully.

Valeur(s) du Registre infectée(s):
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\wooqm (Trojan.Agent.H) -> Quarantined and deleted successfully.

Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)

Dossier(s) infecté(s):
(Aucun élément nuisible détecté)

Fichier(s) infecté(s):
(Aucun élément nuisible détecté)


répondre
kernevez le 18 juillet 2009 à 16h33
Si je ne peux faire de restauration, as-tu une autre suggestion afin que mon logiciel remarche ?
Merci
répondre
bzhatao le 18 juillet 2009 à 17h28
:hello: kernevez

As tu essayé de le réinstaller?

a+
-->Message édité par bzhatao le 18/07/2009 17:29:54<--
répondre
kernevez le 18 juillet 2009 à 17h37
C'est un petit truc qui ne s'installe pas.
(Arrête-moi quand tu veux, je vais commencer à être encombrant,
et d'abord mille mercis pour ton aide)

Je viens de m'apercevoir d'un drôle de truc qui est peut-être la cause de mon pb.
Je dois dans mon logiciel mettre le chemin du fond de carte, des données de lieux, et celui du fichier excel que je traite.
Quand je mets le chemin avec WIN + E (explotateur) je mets bureau/dossier/fichier
Or le logiciel m'affiche documentsnts/desktop/dossier/fichier

Et sur explorateur je vois que sous Bureau j'ai LEDU, Public et Ordinateur. Est-ce que ce ne serait pas la cause, un truc qui se mord la queue à cause des manips diverses que j'ai faites précédemment ?




kernevez a écrit :
si je ne peux faire de restauration, as-tu une autre suggestion afin que mon logiciel remarche ?
merci


répondre
bzhatao le 18 juillet 2009 à 17h52
:hello:

Ne connaissant pas ton log, tu comprendras qu'il m'est
difficile de te répondre...Si c'est un ami qui l'a conçu
renseigne toi auprès de lui!

Pour desinstaller les outils utilisés

Telecharge ToolsCleaner2--> http://pc-system.fr/TC/ToolsCleaner2.exe
-Une fois téléchargé, installe-le et lance-le
-Clique sur Recherche et laisse le scan se terminer
-Clique sur SUPPRESSION

a+
répondre
kernevez le 18 juillet 2009 à 18h32
Je retire ma question, je m'en suis tiré seul.
Merci encore !!
répondre
kernevez le 06 aout 2009 à 12h22
Pouvez-vous noter que c'est résolu ! Merci
répondre
bzhatao le 06 aout 2009 à 12h35
:hello: kernevez

Pour mettre le sujet en "RESOLU"
Remonte a ton tout premier message
clic sur < inclued picture >
Et en face du titre marque (RESOLU)

< inclued picture >

a+
répondre


PRODUITS

TÉLÉCHARGER - LOGICIELS

JEUX VIDÉOS

LOISIRS

01NET PRO

AVIS ET COMMENTAIRES

A PROPOS DE 01NET

Forum de 01net / Sécurité / IE affiche message quand je suis sous firefox RESOLU
publicité
> Nouveauté :
Panda Cloud Antivirus
Un antivirus léger, original et gratuit.

Service 01net
Newsletters 01net
abonnez vous gratuitement !
Actus
Voir le dernier numéro
Entreprise
Voir le dernier numéro
  
01Informatique
01 INFORMATIQUE
L'hebdo de référence des décideurs informatiques.
Micro Hebdo
MICRO HEBDO
L'hebdo qui vous simplifie la micro
et Internet.
L'Ordinateur Individuel
L'ORDINATEUR INDIVIDUEL
Le mensuel informatique qui vous informe et vous conseille.
Nous contacter  |  Charte de confiance  |  Voir notice légale

01net.  -  01men  -  RMC  -  BFM Radio  -  BFM TV  -  TousLesPodcasts  -  01informatique.fr  -  Association RMC-BFM
Tous droits réservés © 1999 - 2009 Internext - 01net.