affichage de pop up et connexion internet instable.

kroooo · le 22 novembre 2007

Bonjour tout le monde,

Voila donc comme je l'ai déjà précisé, mon pc est un ordinateur japonnais donc j'espère que cela ne pause pas trop de problème sur les compatibilités des outils de désinfection.

Description du problème :

Depuis quelques temps, je reçois régulièrement des pops up m’incitant à me rendre sur des sites peu honnêtes.. Ma connexion Internet n’est pas très stable, je me fais souvent déconnecté. Dernièrement, mon pc c'est éteint et rallumé tout seul.

Voila les problèmes rencontrés.

je vous joins le rapport hijackthis :

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 13:16:41, on 2007/11/22

Platform: Windows Vista (WinNT 6.00.1904)

MSIE: Internet Explorer v7.00 (7.00.6000.16546)

Boot mode: Normal

Running processes:

C:\Windows\system32\taskeng.exe

C:\Windows\system32\Dwm.exe

C:\Windows\Explorer.EXE

C:\Program Files\Windows Defender\MSASCui.exe

C:\Program Files\NECMFK\necmfk.exe

C:\PROGRA~1\COMMON~1\MICROS~1\IME12\IMEJP\IMJPCMNT.EXE

C:\Windows\RtHDVCpl.exe

C:\Program Files\Apoint2K\Apoint.exe

C:\Program Files\Common Files\Symantec Shared\ccApp.exe

C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe

C:\Program Files\Common Files\Logitech\LComMgr\Communications_Helper.exe

C:\Program Files\Logitech\QuickCam10\QuickCam10.exe

C:\Program Files\iTunes\iTunesHelper.exe

C:\Program Files\MSN Messenger\msnmsgr.exe

C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe

C:\Program Files\Veoh Networks\Veoh\VeohClient.exe

C:\Windows\system32\wbem\unsecapp.exe

C:\Program Files\Apoint2K\HidFind.exe

C:\Program Files\Apoint2K\Apntex.exe

C:\Program Files\Common Files\Logitech\LComMgr\LVComSX.exe

C:\Program Files\Logitech\QuickCam10\COCIManager.exe

C:\Program Files\ATI Technologies\ATI.ACE\CLI.EXE

C:\Program Files\ATI Technologies\ATI.ACE\CLI.exe

C:\Program Files\Internet Explorer\ieuser.exe

C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLLoginProxy.exe

C:\Windows\system32\Macromed\Flash\FlashUtil9d.exe

C:\Users\Caroline\AppData\Local\Temp\Temp1_HiJackThis.zip\HijackThis.exe

C:\Program Files\Internet Explorer\iexplore.exe

C:\Hijackthis\HiJackThis\HijackThis.exe

O1 - Hosts: ::1 localhost

O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll

O2 - BHO: Media Holding Enterprises, LLC - {0D39A900-0F3A-4C29-A254-3E65244FDC34} - C:\Program Files\ContextTool\ContextTool-2.dll

O2 - BHO: (no name) - {1E8A6170-7264-4D0F-BEAE-D42A53123C75} - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\1.5\NppBho.dll

O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll

O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)

O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll

O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll

O2 - BHO: &BIGLOBEƒc?[ƒ‹ƒo?[ - {F998C683-89D8-47FA-8C55-3E2CA27D7581} - C:\Program Files\BIGLOBE\ToolBar\biglobe.dll

O3 - Toolbar: &BIGLOBEƒc?[ƒ‹ƒo?[ - {F998C683-89D8-47FA-8C55-3E2CA27D7581} - C:\Program Files\BIGLOBE\ToolBar\biglobe.dll

O3 - Toolbar: Norton ƒc?[ƒ‹ƒo?[‚Ì•\Ž¦ - {90222687-F593-4738-B738-FBEE9C7B26DF} - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\1.5\UIBHO.dll

O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll

O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll

O3 - Toolbar: Veoh Browser Plug-in - {D0943516-5076-4020-A3B5-AEFAF26AB263} - C:\Program Files\Veoh Networks\Veoh\Plugins\reg\VeohToolbar.dll

O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide

O4 - HKLM\..\Run: [NECMFK] C:\Program Files\necmfk\necmfk.exe

O4 - HKLM\..\Run: [ATICCC] "C:\Program Files\ATI Technologies\ATI.ACE\CLIStart.exe"

O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe

O4 - HKLM\..\Run: [Apoint] C:\Program Files\Apoint2K\Apoint.exe

O4 - HKLM\..\Run: [iME JPN 2007 Migration] C:\PROGRA~1\COMMON~1\MICROS~1\IME12\IMEJP\IMJPKLMG.EXE /Preload

O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"

O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe"

O4 - HKLM\..\Run: [LogitechCommunicationsManager] "C:\Program Files\Common Files\Logitech\LComMgr\Communications_Helper.exe"

O4 - HKLM\..\Run: [LogitechQuickCamRibbon] "C:\Program Files\Logitech\QuickCam10\QuickCam10.exe" /hide

O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"

O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime

O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"

O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background

O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe

O4 - HKCU\..\Run: [Veoh] "C:\Program Files\Veoh Networks\Veoh\VeohClient.exe" /VeohHide

O4 - Global Startup: NETGEAR WG111v2 Smart Wizard..lnk = C:\Program Files\Common Files\VistaRunApp.exe

O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm

O8 - Extra context menu item: Microsoft Excel ‚ÉƒGƒNƒXƒ|?[ƒg(&X) - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000

O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL

O13 - Gopher Prefix:

O15 - ESC Trusted Zone: http://*.update.microsoft.com

O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} (DivXBrowserPlugin Object) - http://download.divx.com/player/DivXBrowserPlugin.cab

O16 - DPF: {CF40ACC5-E1BB-4AFF-AC72-04C2F616BCA7} (get_atlcom Class) - http://www.adobe.com/products/acrobat/nos/gp.cab

O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shoc...ash/swflash.cab

O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe

O23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:\Windows\system32\Ati2evxx.exe

O23 - Service: ccEvtMgr - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe

O23 - Service: ccSetMgr - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe

O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe

O23 - Service: COM Host (comHost) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\VAScanner\comHost.exe

O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe

O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe

O23 - Service: iPod ƒT?[ƒrƒX (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe

O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE

O23 - Service: Logitech Process Monitor (LVPrcSrv) - Logitech Inc. - c:\program files\common files\logitech\lvmvfm\LVPrcSrv.exe

O23 - Service: LVSrvLauncher - Logitech Inc. - C:\Program Files\Common Files\Logitech\SrvLnch\SrvLnch.exe

O23 - Service: NT Meter - Unknown owner - C:\Windows\System32\NTMETER.EXE

O23 - Service: ReadSector (ReadSctService) - Unknown owner - C:\Smdata\READSCTSERVICE.EXE

O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe

--

End of file - 7592 bytes

Voila, si vous avez besoin de renseignement complémentaire, dites-le.

Merci par avance.

A plus,

Zonk · le 22 novembre 2007

Bienvenue sur le forum

Normalement on commence par cela

http://forum.zebulon.fr/index.php?showtopic=83986

dans le lien ,tu auras un lien pour télécharger Antivir.....

favorise celui-ci

http://www.free-av.com/

(il semble que le fichier sur Zeb est périmé...à moins que tout soit corriger)

...tu devras aller en mode sans échec.......tu devras désactiver ton Norton quand tu seras avec Antivir.....

ensuite ,tu devras choisir entre les deux.......si parfois ton Norton est périmé ou que ta licence est sur le point de finir et que tu ne veux pas le renouveller,alors avise nous....on te guidera pour supprimer Norton.....ne fait pas ça sans nous aviser...il doit être désinstaller proprement!

...en mode sans échec,parfois l'ordi est très lent à démarrer/fermer...soit patient.......et l'affichage sera altéré....ça reviendra suite à un redémarrage en mode normal.....

http://www.libellules.ch/tuto_antivir.php

http://tutopat.hostonet.org/viewtopic.php?t=2417

@+

kroooo · le 22 novembre 2007

Bonsoir zonk,

Merci de m'avoir répondu.

petit topo de la situation :

Vista n'a pas voulu démarrer en mode sans echec... je ne sais pas pourquoi mais je n'ai pas réussi. J'ai donc installer Antivir et scanné en mode normal apres avoir désactiver temporairement la protection résidente de Norton. Puis j'ai désinstallé Antivir.

j'ai vidé la corbeille après le scan et j'ai également désactivé la restauration system.

Voici les rapport apres manipulation.

Le rapport d'Antivir ( j'ai fais delete comme choix. ) :

AntiVir PersonalEdition Classic
Report file date: 2007年11月22日 18:47

Scanning for 940014 virus strains and unwanted programs.

Licensed to: Avira AntiVir PersonalEdition Classic

Serial number: 0000149996-ADJIE-0001

Platform: Windows Vista

Windows version: (plain) [6.0.6000]

Username: SYSTEM

Computer name: CAROLINE-PC

Version information:

BUILD.DAT : 270 15603 Bytes 2007/09/19 13:32:00

AVSCAN.EXE : 7.0.6.1 290856 Bytes 2007/08/23 13:16:29

AVSCAN.DLL : 7.0.6.0 49192 Bytes 2007/08/16 12:23:51

LUKE.DLL : 7.0.5.3 147496 Bytes 2007/08/14 15:32:47

LUKERES.DLL : 7.0.6.1 10280 Bytes 2007/08/21 12:35:20

ANTIVIR0.VDF : 6.40.0.0 11030528 Bytes 2007/07/18 14:27:15

ANTIVIR1.VDF : 7.0.0.0 1640448 Bytes 2007/09/13 14:26:55

ANTIVIR2.VDF : 7.0.0.198 1206272 Bytes 2007/11/11 17:12:51

ANTIVIR3.VDF : 7.0.0.249 201216 Bytes 2007/11/22 17:12:51

AVEWIN32.DLL : 7.6.0.34 3125760 Bytes 2007/11/22 17:12:52

AVWINLL.DLL : 1.0.0.7 14376 Bytes 2007/02/26 10:36:26

AVPREF.DLL : 7.0.2.2 25640 Bytes 2007/07/18 07:39:17

AVREP.DLL : 7.0.0.1 155688 Bytes 2007/04/16 13:16:24

AVPACK32.DLL : 7.3.0.15 360488 Bytes 2007/08/03 08:46:00

AVREG.DLL : 7.0.1.6 30760 Bytes 2007/07/18 07:17:06

AVARKT.DLL : 1.0.0.20 278568 Bytes 2007/08/28 12:26:33

AVEVTLOG.DLL : 7.0.0.20 86056 Bytes 2007/07/18 07:10:18

NETNT.DLL : 7.0.0.0 7720 Bytes 2007/03/08 11:09:42

RCIMAGE.DLL : 7.0.1.30 2342952 Bytes 2007/08/07 12:38:13

RCTEXT.DLL : 7.0.62.0 86056 Bytes 2007/08/21 12:50:37

SQLITE3.DLL : 3.3.17.1 339968 Bytes 2007/07/23 09:37:21

Configuration settings for the scan:

Jobname..........................: Complete system scan

Configuration file...............: c:\program files\avira\antivir personaledition classic\sysscan.avp

Logging..........................: low

Primary action...................: interactive

Secondary action.................: ignore

Scan master boot sector..........: off

Scan boot sector.................: on

Boot sectors.....................: D:,

Scan memory......................: on

Process scan.....................: on

Scan registry....................: on

Search for rootkits..............: off

Scan all files...................: Intelligent file selection

Scan archives....................: on

Recursion depth..................: 20

Smart extensions.................: on

Macro heuristic..................: on

File heuristic...................: medium

Start of the scan: 2007年11月22日 18:47

The scan of running processes will be started

Scan process 'IMJPCMNT.EXE' - '1' Module(s) have been scanned

Scan process 'avscan.exe' - '1' Module(s) have been scanned

Scan process 'avscan.exe' - '1' Module(s) have been scanned

Scan process 'avcenter.exe' - '1' Module(s) have been scanned

Scan process 'CLI.exe' - '1' Module(s) have been scanned

Scan process 'CLI.exe' - '1' Module(s) have been scanned

Scan process 'IMJPCMNT.EXE' - '1' Module(s) have been scanned

Scan process 'COCIManager.exe' - '1' Module(s) have been scanned

Scan process 'iPodService.exe' - '1' Module(s) have been scanned

Scan process 'LVComSX.exe' - '1' Module(s) have been scanned

Scan process 'symlcsvc.exe' - '1' Module(s) have been scanned

Scan process 'conime.exe' - '1' Module(s) have been scanned

Scan process 'ApntEx.exe' - '1' Module(s) have been scanned

Scan process 'HidFind.exe' - '1' Module(s) have been scanned

Scan process 'WG111v2.exe' - '1' Module(s) have been scanned

Scan process 'WmiPrvSE.exe' - '1' Module(s) have been scanned

Scan process 'unsecapp.exe' - '1' Module(s) have been scanned

Scan process 'ApMsgFwd.exe' - '1' Module(s) have been scanned

Scan process 'IMJPCMNT.EXE' - '1' Module(s) have been scanned

Scan process 'VeohClient.exe' - '1' Module(s) have been scanned

Scan process 'GoogleToolbarNotifier.exe' - '1' Module(s) have been scanned

Scan process 'msnmsgr.exe' - '1' Module(s) have been scanned

Scan process 'avgnt.exe' - '1' Module(s) have been scanned

Scan process 'iTunesHelper.exe' - '1' Module(s) have been scanned

Scan process 'QuickCam10.exe' - '1' Module(s) have been scanned

Scan process 'Communications_Helper.exe' - '1' Module(s) have been scanned

Scan process 'jusched.exe' - '1' Module(s) have been scanned

Scan process 'ccApp.exe' - '1' Module(s) have been scanned

Scan process 'Apoint.exe' - '1' Module(s) have been scanned

Scan process 'RtHDVCpl.exe' - '1' Module(s) have been scanned

Scan process 'IMJPCMNT.EXE' - '1' Module(s) have been scanned

Scan process 'necmfk.exe' - '1' Module(s) have been scanned

Scan process 'MSASCui.exe' - '1' Module(s) have been scanned

Scan process 'explorer.exe' - '1' Module(s) have been scanned

Scan process 'dwm.exe' - '1' Module(s) have been scanned

Scan process 'taskeng.exe' - '1' Module(s) have been scanned

Scan process 'TrustedInstaller.exe' - '1' Module(s) have been scanned

Scan process 'taskeng.exe' - '1' Module(s) have been scanned

Scan process 'SearchIndexer.exe' - '1' Module(s) have been scanned

Scan process 'svchost.exe' - '1' Module(s) have been scanned

Scan process 'svchost.exe' - '1' Module(s) have been scanned

Scan process 'READSCTSERVICE.EXE' - '1' Module(s) have been scanned

Scan process 'svchost.exe' - '1' Module(s) have been scanned

Scan process 'NTMETER.EXE' - '1' Module(s) have been scanned

Scan process 'AppleMobileDeviceService.exe' - '1' Module(s) have been scanned

Scan process 'sched.exe' - '1' Module(s) have been scanned

Scan process 'svchost.exe' - '1' Module(s) have been scanned

Scan process 'avguard.exe' - '1' Module(s) have been scanned

Scan process 'spoolsv.exe' - '1' Module(s) have been scanned

Scan process 'ccSvcHst.exe' - '1' Module(s) have been scanned

Scan process 'svchost.exe' - '1' Module(s) have been scanned

Scan process 'Ati2evxx.exe' - '1' Module(s) have been scanned

Scan process 'svchost.exe' - '1' Module(s) have been scanned

Scan process 'SLsvc.exe' - '1' Module(s) have been scanned

Scan process 'audiodg.exe' - '0' Module(s) have been scanned

Scan process 'svchost.exe' - '1' Module(s) have been scanned

Scan process 'LVPrcSrv.exe' - '1' Module(s) have been scanned

Scan process 'svchost.exe' - '1' Module(s) have been scanned

Scan process 'svchost.exe' - '1' Module(s) have been scanned

Scan process 'Ati2evxx.exe' - '1' Module(s) have been scanned

Scan process 'svchost.exe' - '1' Module(s) have been scanned

Scan process 'svchost.exe' - '1' Module(s) have been scanned

Scan process 'svchost.exe' - '1' Module(s) have been scanned

Scan process 'lsm.exe' - '1' Module(s) have been scanned

Scan process 'lsass.exe' - '1' Module(s) have been scanned

Scan process 'services.exe' - '1' Module(s) have been scanned

Scan process 'winlogon.exe' - '1' Module(s) have been scanned

Scan process 'csrss.exe' - '1' Module(s) have been scanned

Scan process 'wininit.exe' - '1' Module(s) have been scanned

Scan process 'csrss.exe' - '1' Module(s) have been scanned

Scan process 'smss.exe' - '1' Module(s) have been scanned

70 processes with 70 modules were scanned

Start scanning boot sectors:

Boot sector 'C:\'

[NOTE] No virus was found!

Boot sector 'D:\'

[NOTE] No virus was found!

Starting to scan the registry.

The registry was scanned ( '11' files ).

Starting the file scan:

Begin scan in 'C:\'

C:\hiberfil.sys

[WARNING] The file could not be opened!

C:\pagefile.sys

[WARNING] The file could not be opened!

C:\$Recycle.Bin\S-1-5-21-1207166047-4094845786-2978813631-1000\$R6RTLBZ.wma

[DETECTION] Is the Trojan horse TR/Wimad.A.Gen

[iNFO] The file was deleted!

C:\Program Files\Club-Internet\Assistance\OutilsCI\uninstall.exe

[DETECTION] Is the Trojan horse TR/Dldr.Zlob.ZQN

[iNFO] The file was deleted!

C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcrst.dll

[WARNING] The file could not be opened!

Begin scan in 'D:\'

End of the scan: 2007年11月22日 19:54

Used time: 1:06:58 min

The scan has been done completely.

11358 Scanning directories

177689 Files were scanned

2 viruses and/or unwanted programs were found

0 Files were classified as suspicious:

2 files were deleted

0 files were repaired

0 files were moved to quarantine

0 files were renamed

3 Files cannot be scanned

177687 Files not concerned

1566 Archives were scanned

3 Warnings

0 Notes

Puis un nouveau rapport hijackthis après avoir effectué le scan Antivir :

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 20:11:13, on 2007/11/22

Platform: Windows Vista (WinNT 6.00.1904)

MSIE: Internet Explorer v7.00 (7.00.6000.16546)

Boot mode: Normal

Running processes:

C:\Windows\system32\taskeng.exe

C:\Windows\system32\Dwm.exe

C:\Windows\Explorer.EXE

C:\Program Files\Windows Defender\MSASCui.exe

C:\Program Files\NECMFK\necmfk.exe

C:\Windows\RtHDVCpl.exe

C:\Program Files\Apoint2K\Apoint.exe

C:\Program Files\Common Files\Symantec Shared\ccApp.exe

C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe

C:\Program Files\Common Files\Logitech\LComMgr\Communications_Helper.exe

C:\Program Files\Logitech\QuickCam10\QuickCam10.exe

C:\Program Files\iTunes\iTunesHelper.exe

C:\Program Files\MSN Messenger\msnmsgr.exe

C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe

C:\Program Files\Veoh Networks\Veoh\VeohClient.exe

C:\PROGRA~1\COMMON~1\MICROS~1\IME12\IMEJP\IMJPCMNT.EXE

C:\Windows\system32\wbem\unsecapp.exe

C:\Program Files\Apoint2K\HidFind.exe

C:\Program Files\Apoint2K\Apntex.exe

C:\Windows\system32\conime.exe

C:\Program Files\Common Files\Logitech\LComMgr\LVComSX.exe

C:\Program Files\Logitech\QuickCam10\COCIManager.exe

C:\Program Files\ATI Technologies\ATI.ACE\CLI.EXE

C:\Program Files\ATI Technologies\ATI.ACE\CLI.exe

C:\Program Files\iTunes\iTunes.exe

C:\Hijackthis\HiJackThis\HijackThis.exe

O1 - Hosts: ::1 localhost

O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll

O2 - BHO: Media Holding Enterprises, LLC - {0D39A900-0F3A-4C29-A254-3E65244FDC34} - C:\Program Files\ContextTool\ContextTool-2.dll

O2 - BHO: (no name) - {1E8A6170-7264-4D0F-BEAE-D42A53123C75} - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\1.5\NppBho.dll

O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll

O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)

O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll

O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll

O2 - BHO: &BIGLOBEƒc?[ƒ‹ƒo?[ - {F998C683-89D8-47FA-8C55-3E2CA27D7581} - C:\Program Files\BIGLOBE\ToolBar\biglobe.dll

O3 - Toolbar: &BIGLOBEƒc?[ƒ‹ƒo?[ - {F998C683-89D8-47FA-8C55-3E2CA27D7581} - C:\Program Files\BIGLOBE\ToolBar\biglobe.dll

O3 - Toolbar: Norton ƒc?[ƒ‹ƒo?[‚Ì•\Ž¦ - {90222687-F593-4738-B738-FBEE9C7B26DF} - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\1.5\UIBHO.dll

O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll

O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll

O3 - Toolbar: Veoh Browser Plug-in - {D0943516-5076-4020-A3B5-AEFAF26AB263} - C:\Program Files\Veoh Networks\Veoh\Plugins\reg\VeohToolbar.dll

O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide

O4 - HKLM\..\Run: [NECMFK] C:\Program Files\necmfk\necmfk.exe

O4 - HKLM\..\Run: [ATICCC] "C:\Program Files\ATI Technologies\ATI.ACE\CLIStart.exe"

O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe

O4 - HKLM\..\Run: [Apoint] C:\Program Files\Apoint2K\Apoint.exe

O4 - HKLM\..\Run: [iME JPN 2007 Migration] C:\PROGRA~1\COMMON~1\MICROS~1\IME12\IMEJP\IMJPKLMG.EXE /Preload

O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"

O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe"

O4 - HKLM\..\Run: [LogitechCommunicationsManager] "C:\Program Files\Common Files\Logitech\LComMgr\Communications_Helper.exe"

O4 - HKLM\..\Run: [LogitechQuickCamRibbon] "C:\Program Files\Logitech\QuickCam10\QuickCam10.exe" /hide

O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"

O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime

O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"

O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background

O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe

O4 - HKCU\..\Run: [Veoh] "C:\Program Files\Veoh Networks\Veoh\VeohClient.exe" /VeohHide

O4 - Global Startup: NETGEAR WG111v2 Smart Wizard..lnk = C:\Program Files\Common Files\VistaRunApp.exe

O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm

O8 - Extra context menu item: Microsoft Excel ‚ÉƒGƒNƒXƒ|?[ƒg(&X) - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000

O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL

O13 - Gopher Prefix:

O15 - ESC Trusted Zone: http://*.update.microsoft.com

O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} (DivXBrowserPlugin Object) - http://download.divx.com/player/DivXBrowserPlugin.cab

O16 - DPF: {CF40ACC5-E1BB-4AFF-AC72-04C2F616BCA7} (get_atlcom Class) - http://www.adobe.com/products/acrobat/nos/gp.cab

O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shoc...ash/swflash.cab

O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe

O23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:\Windows\system32\Ati2evxx.exe

O23 - Service: ccEvtMgr - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe

O23 - Service: ccSetMgr - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe

O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe

O23 - Service: COM Host (comHost) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\VAScanner\comHost.exe

O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe

O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe

O23 - Service: iPod ƒT?[ƒrƒX (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe

O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE

O23 - Service: Logitech Process Monitor (LVPrcSrv) - Logitech Inc. - c:\program files\common files\logitech\lvmvfm\LVPrcSrv.exe

O23 - Service: LVSrvLauncher - Logitech Inc. - C:\Program Files\Common Files\Logitech\SrvLnch\SrvLnch.exe

O23 - Service: NT Meter - Unknown owner - C:\Windows\System32\NTMETER.EXE

O23 - Service: ReadSector (ReadSctService) - Unknown owner - C:\Smdata\READSCTSERVICE.EXE

O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe

--

End of file - 7360 bytes

Merci

A plus,

Zonk · le 22 novembre 2007

Le petit scan de Antivir à sembler très fructueux!

mais il me semble voir encore de la peste..en autre ceci :

O2 - BHO: Media Holding Enterprises, LLC - {0D39A900-0F3A-4C29-A254-3E65244FDC34} - C:\Program Files\ContextTool\ContextTool-2.dll

...pour t'aider à aller en mode sans échec dans le futur:

http://www.forum-vista.net/astuces_vista/9...ions.htm#astuce

si parfois tu veux l'essayer avec tes outils (soit patiente....parfois très long à démarrer /fermer....l'affichage sera altéré....ca reviendra en mode normal)

ca va prendre du renfort....et je crois qu'il est déjà là

@+

Modifié le 22 novembre 2007 par Zonk

kroooo · le 22 novembre 2007

re-bonsoir

Je fix la ligne seulement ou je désinstalle le programme ContextTool ?

dois je désinstaller en mode sans echec?

A plus,

Modifié le 22 novembre 2007 par kroooo

Zonk · le 22 novembre 2007

re-bonsoir

Je fix la ligne seulement ou je désinstalle le programme ContextTool ?

dois je désinstaller en mode sans echec?

A plus,

Ne va pas trop rapidement......je ne suis pas LA référence pour te dire quoi supprimer......

ContextTool?? tu connais??c'est un programme légitime???

..........avant de bouger ,attend le renfort...j'ai vu des pros se montrer le bout du nez..mais ils sont partis.....ca devrait revenir

@+

Modifié le 22 novembre 2007 par Zonk

kroooo · le 22 novembre 2007

Okay j'attends donc

Non je ne connais pas ce programme... Et si ligitime tu entends je l'ai moi même installé alors non...

Modifié le 22 novembre 2007 par kroooo

Zonk · le 22 novembre 2007

Okay j'attends donc

Légitime ou pas ??

kroooo · le 22 novembre 2007

Dsl j'ai édité pendant que tu répondais..

Zonk · le 22 novembre 2007

Dsl j'ai édité pendant que tu répondais..

Désolé moi aussi...j'aurais dû retourner jeter un oeil...

@+ et attendons....

Connexion

Pas encore inscrit ?

affichage de pop up et connexion internet instable.

Messages recommandés

kroooo

Zonk

kroooo

Zonk

kroooo

Zonk

kroooo

Zonk

kroooo

Zonk

Rejoindre la conversation

En ligne récemment 0 membre est en ligne

Zebulon

Outils en ligne

Naviguer