Impossible d'ouvrir le Gestionnaire des tâches

**ImSoLost** · #1 23 décembre 2007, 17:38

Très bien, alors j'ai lu un peu et il semble qu'il existe des solutions diverses. I'm running Regula Windows Vista. Ctrl Alt Del ne fonctionne pas ... faites un clic droit ne fonctionne pas. lorsque je la recherche Taskmgr.exe qu'elle dit qu'elle a été désactivée par l'administrateur. Que puis-je faire?

**Hybr! D** · #2 23 décembre 2007, 17:41

Vista est différent de XP.

Cliquez à droite sur la barre des tâches, puis cliquez sur Gestionnaire des tâches.

**ImSoLost** · #3 23e décembre 2007, 18:11

Je clic droit dans la barre des tâches et il est grisé. Cependant, j'ai cherché un peu et j'ai trouvé un site avec un lien direct vers ma Reged et il m'a donné des avertissements puis j'ai quitté parce que je n'avais aucune idée de ce que je faisais. Ensuite, par curiosité je cheked la barre des tâches et il n'était pas grisé. J'ai redémarré mon ordinateur (pour s'assurer que ce n'était pas une chose provisoire) et pour une raison étrange quand l'écran pour connecter viendrait en place ... Il a dit appuyer sur Ctrl Alt Del connecter! Je ne comprends pas ce qui s'est passé .

**ImSoLost** · #4 23 décembre 2007, 19:11

Voici mon journal HijackThis

C: \ Windows \ system32 \ taskeng.exe
C: \ Windows \ system32 \ Dwm.exe
C: \ Windows \ Explorer.EXE
C: \ Program Files \ Synaptics \ SynTP \ SynTPEnh.exe
C: \ Program Files \ HP \ QuickPlay \ QPService.exe
C: \ Program Files \ HP \ HP Software Update \ hpwuSchd2.exe
C: \ Program Files \ Hewlett-Packard \ HP Quick Launch Buttons \ QLBCTRL.exe
C: \ Program Files \ Hewlett-Packard \ HP Wireless Assistant \ WiFiMsg.exe
C: \ Program Files \ Hewlett-Packard \ HP Wireless Assistant \ HPWAMain.exe
C: \ Program Files \ Java \ jre1.6.0 \ bin \ jusched.exe
C: \ Program Files \ Fichiers communs \ Real \ Update_OB \ realsched.exe
C: \ Program Files \ Common Files \ Symantec Shared \ ccapp.exe
C: \ Program Files \ Comcast \ Desktop Doctor \ bin \ sprtcmd.exe
C: \ Program Files \ Windows Sidebar \ sidebar.exe
C: \ Program Files \ Hewlett-Packard \ HP Advisor \ HPAdvisor.exe
C: \ WINDOWS \ System32 \ rundll32.exe
C: \ WINDOWS \ ehome \ ehtray.exe
C: \ Windows \ ehome \ ehmsas.exe
C: \ Users \ Yasmany \ Desktop \ Veoh \ VeohClient.exe
C: \ Program Files \ Google \ GoogleToolbarNotifier \ 1.2.1128.5462 \ G oogleToolbarNotifier.exe
C: \ Program Files \ Fichiers communs \ Adobe \ Updater5 \ AdobeUpdater.exe
C: \ Program Files \ HP Connections \ 6811507 \ Program \ HP Connections.exe
C: \ Windows \ system32 \ wbem \ Unsecapp.exe
C: \ PROGRA ~ 1 \ HEWLET ~ 1 \ Shared \ HPQTOA ~ 1.EXE
C: \ Program Files \ Hewlett-Packard \ HP Advisor \ SSDK04.exe
C: \ Program Files \ Internet Explorer \ ieuser.exe
C: \ Program Files \ Internet Explorer \ iexplore.exe
C: \ Program Files \ Fichiers communs \ Microsoft Shared \ Windows Live \ WLLoginProxy.exe
C: \ Windows \ system32 \ searchfilterhost.exe
C: \ Program Files \ Trend Micro \ HijackThis \ HijackThis.exe
C: \ Windows \ system32 \ Macromed \ Flash \ FlashUtil9b.exe
R0 - HKCU \ Software \ Microsoft \ Internet Explorer \ Main, Start Page = http://www.comcast.net/
R1 - HKLM \ Software \ Microsoft \ Internet Explorer \ Main, Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TY...lion&pf=laptop
R1 - HKLM \ Software \ Microsoft \ Internet Explorer \ Main, Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM \ Software \ Microsoft \ Internet Explorer \ Main, Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM \ Software \ Microsoft \ Internet Explorer \ Main, Start Page = http://www.comcast.net/
R0 - HKLM \ Software \ Microsoft \ Internet Explorer \ Search, SearchAssistant =
R0 - HKLM \ Software \ Microsoft \ Internet Explorer \ Search, CustomizeSearch =
R1 - HKCU \ Software \ Microsoft \ Internet Explorer \ Main, Window Title = Windows Internet Explorer fourni par Comcast
R1 - HKCU \ Software \ Microsoft \ Windows \ CurrentVersion \ Int ernet Settings, ProxyServer =: 0
R0 - HKCU \ Software \ Microsoft \ Internet Explorer \ Toolbar, LinksFolderName =
R3 - URLSearchHook: AOLTBSearch Class - (EA756889-2338-43DB-8F07-D1CA6FB9C90D) - C: \ Program Files \ AOL \ AIM Toolbar 5.0 \ aoltb.dll
O1 - Hosts::: 1 localhost
O2 - BHO: My Search BHO - (014DA6C1-189F-421a-88CD-07CFE51CFF10) - C: \ Program Files \ MySearch \ bar \ 1.bin \ S4BAR.DLL
O2 - BHO: Adobe PDF Reader Link Helper - (06849E9F-C8D7-4D59-B87D-784B7D6BE0B3) - C: \ Program Files \ Adobe \ Acrobat 7.0 \ ActiveX \ AcroIEHelper.dll
O2 - BHO: RealPlayer Téléchargez et Record Plugin for Internet Explorer - (3049C3E9-B461-4BC5-8870-4C09146192CA) - C: \ Program Files \ Real \ RealPlayer \ rpbrowserrecordplugin.dll
O2 - BHO: SSVHelper Class - (761497BB-D6F0-462C-B6EB-D4DAF1D92D43) - C: \ Program Files \ Java \ jre1.6.0 \ bin \ ssv.dll
O2 - BHO: AOL Toolbar Launcher - (7C554162-8CB7-45A4-B8F4-8EA1C75885F9) - C: \ Program Files \ AOL \ AIM Toolbar 5.0 \ aoltb.dll
O2 - BHO: (no name) - (7E853D72-626A-48EC-A868-BA8D5E23E045) - (no file)
O2 - BHO: Windows Live Sign-in Helper - (9030D464-4C02-4ABF-8ECC-5164760863C6) - C: \ Program Files \ Fichiers communs \ Microsoft Shared \ Windows Live \ WindowsLiveLogin.dll
O2 - BHO: BDEX System - (A8565FBC-8D53-4D4F-9BB0-CBC68A22B126) - C: \ Windows \ blopenvxdt.dll
O2 - BHO: Google Toolbar Helper - (AA58ED58-01DD-4d91-8333-CF10577473F7) - c: \ program files \ google \ googletoolbar1.dll
O2 - BHO: FastRX - (E09962E7-A39E-4F60-8003-66D57BED27B7) - C: \ Windows \ system32 \ fastRX.dll (file missing)
- O3 Toolbar: My Search Bar - (014DA6C9-189F-421a-88CD-07CFE51CFF10) - C: \ Program Files \ MySearch \ bar \ 1.bin \ S4BAR.DLL
O3 - Toolbar: Veoh Browser Plug-in - (D0943516-5076-4020-A3B5-AEFAF26AB263) - C: \ Users \ Yasmany \ Desktop \ Veoh \ Plugins \ reg \ VeohTool bar.dll
O3 - Toolbar: & Google - (2318C2B1-4965-11D4-9B18-009027A5CD4F) - c: \ program files \ google \ googletoolbar1.dll
O3 - Toolbar: AIM Toolbar - (DE9C389F-3316-41A7-809B-AA305ED9D922) - C: \ Program Files \ AOL \ AIM Toolbar 5.0 \ aoltb.dll
- O3 Toolbar: La retnsrp - (CC304A4D-FC79-4CD3-9A67-46E3AF59319D) - C: \ Windows \ retnsrp.dll
O4 - HKLM \ .. \ Run: [Windows Defender]% ProgramFiles% \ Windows Defender \ MSASCui.exe-hide
O4 - HKLM \ .. \ Run: [SynTPEnh] C: \ Program Files \ Synaptics \ SynTP \ SynTPEnh.exe
O4 - HKLM \ .. \ Run: [QPService] "C: \ Program Files \ HP \ QuickPlay \ QPService.exe"
O4 - HKLM \ .. \ Run: [HP Software Update] C: \ Program Files \ Hp \ HP Software Update \ HPWuSchd2.exe
O4 - HKLM \ .. \ Run: [QlbCtrl]% ProgramFiles% \ Hewlett-Packard \ HP Quick Launch Buttons \ QLBCTRL.exe / Start
O4 - HKLM \ .. \ Run: [HP Health Check Scheduler] C: \ Program Files \ Hewlett-Packard \ HP Health Check \ HPHC_Scheduler.exe
O4 - HKLM \ .. \ Run: [WAWifiMessage]% ProgramFiles% \ Hewlett-Packard \ HP Wireless Assistant \ WiFiMsg.exe
O4 - HKLM \ .. \ Run: [hpWirelessAssistant]% ProgramFiles% \ Hewlett-Packard \ HP Wireless Assistant \ HPWAMain.exe
O4 - HKLM \ .. \ Run: [SunJavaUpdateSched] "C: \ Program Files \ Java \ jre1.6.0 \ bin \ jusched.exe"
O4 - HKLM \ .. \ Run: [kpx] C: \ Windows \ system32 \ rundll32.exe C: \ Windows \ system32 \ fastRX.dll DllInitApp
O4 - HKLM \ .. \ Run: [NvSvc] RUNDLL32.EXE C: \ Windows \ system32 \ nvsvc.dll, nvsvcStart
O4 - HKLM \ .. \ Run: [NvCplDaemon] RUNDLL32.EXE C: \ Windows \ system32 \ NvCpl.dll, NvStartup
O4 - HKLM \ .. \ Run: [NvMediaCenter] RUNDLL32.EXE C: \ Windows \ system32 \ NvMcTray.dll, NvTaskbarInit
O4 - HKLM \ .. \ Run: [TkBellExe] "C: \ Program Files \ Fichiers communs \ Real \ Update_OB \ realsched.exe"-osboot
O4 - HKLM \ .. \ Run: [SeekmoOE] C: \ Program Files \ Seekmo \ bin \ 10.0.341.0 \ OEAddOn.exe
O4 - HKLM \ .. \ Run: [SeekmoSA] "C: \ Program Files \ Seekmo \ bin \ 10.0.341.0 \ SeekmoSA.exe"
O4 - HKLM \ .. \ Run: [QuickTime Task] "C: \ Program Files \ QuickTime \ QTTask.exe"-atboottime
O4 - HKLM \ .. \ Run: [ccApp] "C: \ Program Files \ Common Files \ Symantec Shared \ ccapp.exe"
O4 - HKLM \ .. \ Run: [Symantec PIF AlertEng] "C: \ Program Files \ Common Files \ Symantec Shared \ PIF \ (B8E1DD85-8582-4c61-B58F-2F227FCA9A08) \ PIFSvc.exe" / a / m " C: \ Program Files \ Common Files \ Symantec Shared \ PIF \ (B8E1DD85-8582-4c61-B58F-2F227FCA9A08) \ AlertEng.dll "
O4 - HKLM \ .. \ Run: [ddoctorv2] "C: \ Program Files \ Comcast \ Desktop Doctor \ bin \ sprtcmd.exe" / P ddoctorv2
O4 - HKLM \ .. \ RunOnce: [Launcher]% WINDIR% \ SMINST \ launcher.exe
O4 - HKCU \ .. \ Run: [Sidebar] C: \ Program Files \ Windows Sidebar \ sidebar.exe / autorun
O4 - HKCU \ .. \ Run: [HPAdvisor] C: \ Program Files \ Hewlett-Packard \ HP Advisor \ HPAdvisor.exe
O4 - HKCU \ .. \ Run: [Aim6] "C: \ Program Files \ AIM6 \ aim6.exe" / d locale = fr-FR ee: / / aol / imApp
O4 - HKCU \ .. \ Run: [ehTray.exe] C: \ Windows \ ehome \ ehTray.exe
O4 - HKCU \ .. \ Run: [Veoh] "C: \ Users \ Yasmany \ Desktop \ Veoh \ VeohClient.exe" / VeohHide
O4 - HKCU \ .. \ Run: [MsnMsgr] "C: \ Program Files \ MSN Messenger \ msnmsgr.exe" / background
O4 - HKCU \ .. \ Run: [swg] C: \ Program Files \ Google \ GoogleToolbarNotifier \ 1.2.1128.5462 \ G oogleToolbarNotifier.exe
O4 - HKCU \ .. \ Run: [AdobeUpdater] C: \ Program Files \ Fichiers communs \ Adobe \ Updater5 \ AdobeUpdater.exe
O4 - HKCU \ .. \ Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll, ShowWelcomeCenter
O4 - HKUS \ S-1-5-19 \ .. \ Run: [Sidebar]% ProgramFiles% \ Windows Sidebar \ Sidebar.exe / detectMem (User 'LOCAL SERVICE')
O4 - HKUS \ S-1-5-19 \ .. \ Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll, ShowWelcomeCenter (User 'LOCAL SERVICE')
O4 - HKUS \ S-1-5-20 \ .. \ Run: [Sidebar]% ProgramFiles% \ Windows Sidebar \ Sidebar.exe / detectMem (User 'NETWORK SERVICE')
O4 - Startup: LimeWire On Startup.lnk = C: \ Program Files \ LimeWire \ LimeWire.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C: \ Program Files \ Adobe \ Acrobat 7.0 \ Reader \ reader_sl.exe
O4 - Global Startup: Adobe Reader Synchronizer.lnk = C: \ Program Files \ Adobe \ Reader 8.0 \ Reader \ AdobeCollabSync.exe
O4 - Global Startup: HP Connections.lnk = C: \ Program Files \ HP Connections \ 6811507 \ Program \ HP Connections.exe
O8 - Extra du menu contextuel: & Recherche AOL Toolbar - c: \ program files \ aol \ visent la barre d'outils 5.0 \ resources \ fr-FR \ local \ search.html
O8 - Extra du menu contextuel: E & xporter vers Microsoft Excel - res: / / C: \ PROGRA ~ 1 \ MICROS ~ 3 \ Office12 \ EXCEL.EXE/3000
O9 - Extra button: (no name) - (08B0E5C0-4FCB-11CF-AAA5-00401C608501) - C: \ Program Files \ Java \ jre1.6.0 \ bin \ ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - (08B0E5C0-4FCB-11CF-AAA5-00401C608501) - C: \ Program Files \ Java \ jre1.6.0 \ bin \ ssv.dll
O9 - Extra button: Envoyer à OneNote - (2670000A-7350-4f3c-8081-5663EE0C6C49) - C: \ PROGRA ~ 1 \ MICROS ~ 3 \ Office12 \ ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S & end à OneNote - (2670000A-7350-4f3c-8081-5663EE0C6C49) - C: \ PROGRA ~ 1 \ MICROS ~ 3 \ Office12 \ ONBttnIE.dll
O9 - Extra button: AIM Toolbar - (3369AF0D-62E9-4bda-8103-B4C75499B578) - C: \ Program Files \ AOL \ AIM Toolbar 5.0 \ aoltb.dll
O9 - Extra button: Research - (92780B25-18CC-41C8-B9BE-3C9C571A8263) - C: \ PROGRA ~ 1 \ MICROS ~ 3 \ Office12 \ REFIEBAR.DLL
O13 - Gopher Prefix:
O16 - DPF: (48DD0448-9209-4F81-9F6D-D83562940134) (MySpace Uploader Control) -- http://lads.myspace.com/upload/MySpaceUploader1005.cab
O16 - DPF: (5D6F45B3-9043-443D-A792-115447494D24) (UnoCtrl Class) -- http://messenger.zone.msn.com/EN-US/.../GAME_UNO1.cab
O16 - DPF: (67DABFBF-D0AB-41FA-9C46-CC0F21721616) (DivXBrowserPlugin Object) -- http://download.divx.com/player/DivXBrowserPlugin.cab
O16 - DPF: (B8BE5E93-A60C-4D26-A2DC-220313175592) (MSN Games - Installer) -- http://messenger.zone.msn.com/binary...o.cab56649.cab
O16 - DPF: (BD393C14-72AD-4790-A095-76522973D6B8) (CBreakshotControl Class) -- http://messenger.zone.msn.com/binary...t.cab57213.cab
O16 - DPF: (C3F79A2B-B9B4-4A66-B012-3EE46475B072) (MessengerStatsClient Class) -- http://messenger.zone.msn.com/binary...t.cab56907.cab
O16 - DPF: (DA758BB1-5F89-4465-975F-8D7179A4BCF3) (WheelofFortune Object) -- http://messenger.zone.msn.com/binary/WoF.cab57176.cab
- O21 Service: leorop - (38CA8AE4-A78E-4111-8D0E-BDDF145A5040) - C: \ Windows \ leorop.dll
- O21 Service: nopzet - (9543D4D7-3E5B-4B70-BB93-83AC9865627C) - C: \ Windows \ nopzet.dll
O23 - Service: AddFiltr - Hewlett-Packard Development Company, LP - C: \ Program Files \ Hewlett-Packard \ HP Quick Launch Buttons \ AddFiltr.exe
O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C: \ Program Files \ Symantec \ LiveUpdate \ aluschedulersvc.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C: \ Program Files \ Common Files \ Symantec Shared \ CCSVCHST.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C: \ Program Files \ Common Files \ Symantec Shared \ CCSVCHST.exe
O23 - Service: CyberLink Background Capture Service (CBCS) (CLCapSvc) - Unknown owner - C: \ Program Files \ HP \ QuickPlay \ Kernel \ TV \ CLCapSvc.exe
O23 - Service: CyberLink Task Scheduler (CTS) (CLSched) - Unknown owner - C: \ Program Files \ HP \ QuickPlay \ Kernel \ TV \ CLSched.exe
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Symantec Corporation - C: \ Program Files \ Common Files \ Symantec Shared \ CCSVCHST.exe
O23 - Service: Google Updater Service (gusvc) - Google - C: \ Program Files \ Google \ Common \ Google Updater \ GoogleUpdaterService.exe
O23 - Service: HP Health Check Service - Hewlett-Packard - C: \ Program Files \ Hewlett-Packard \ HP Health Check \ hphc_service.exe
O23 - Service: hpqwmiex - Hewlett-Packard Development Company, LP - C: \ Program Files \ Hewlett-Packard \ Shared \ hpqwmiex.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C: \ Program Files \ Roxio \ Roxio MyDVD Basic v9 \ InstallShield \ Driver \ 1050 \ Intel 32 \ IDriverT.exe
O23 - Service: Symantec IS Password Validation (ISPwdSvc) - Symantec Corporation - C: \ Program Files \ Norton AntiVirus \ isPwdSvc.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C: \ Program Files \ Common Files \ LightScribe \ LSSrvc.exe
O23 - Service: LiveUpdate - Symantec Corporation - C: \ PROGRA ~ 1 \ Symantec \ LIVEUP ~ 1 \ LUCOMS ~ 1.EXE
O23 - Service: LiveUpdate Notice Service Ex (LiveUpdate Notice Ex) - Symantec Corporation - C: \ Program Files \ Common Files \ Symantec Shared \ CCSVCHST.exe
O23 - Service: LiveUpdate Notice Service - Symantec Corporation - C: \ Program Files \ Common Files \ Symantec Shared \ PIF \ (B8E1DD85-8582-4c61-B58F-2F227FCA9A08) \ PIFSvc.exe
O23 - Service: RoxMediaDB9 - Sonic Solutions - C: \ Program Files \ Common Files \ Roxio Shared \ 9.0 \ SharedCOM \ RoxMediaDB9.exe
O23 - Service: SupportSoft Sprocket Service (ddoctorv2) (sprtsvc_ddoctorv2) - SupportSoft, Inc - C: \ Program Files \ Comcast \ Desktop Doctor \ bin \ sprtsvc.exe
O23 - Service: stllssvr - MICROVISION Development, Inc - C: \ Program Files \ Common Files \ SureThing Shared \ stllssvr.exe
O23 - Service: Symantec Core LC - Unknown owner - C: \ Program Files \ Common Files \ Symantec Shared \ DPCC-LC \ symlcsvc.exe
O23 - Service: Symantec AppCore Service (SymAppCore) - Symantec Corporation - C: \ Program Files \ Common Files \ Symantec Shared \ AppCore \ AppSvc32.exe
O23 - Service: Viewpoint Manager Service - Viewpoint Corporation - C: \ Program Files \ Viewpoint \ Common \ ViewpointService.exe
O23 - Service: XAudioService - Conexant Systems, Inc - C: \ Windows \ system32 \ DRIVERS \ xaudio.exe

**howardhopkinson** · #5 31 décembre 2007, 01:33

Votre système est truffé de logiciels malveillants.

Aller ICI et suivez les instructions à la lettre.

Postez le demandé des fichiers de log.

I `ll obtenir un mod pour déplacer ce fil Retour au forum sur la sécurité. Don `t savoir pourquoi il s'est déplacé à partir de là, en premier lieu.

Regards Howard.

**ImSoLost** · #6 5 janvier 2008, 18:05

Avant de mettre en place quelque chose que je tiens à souligner que, lorsque je suis allé à exécuter l'analyse en ligne qu'il ne voulait pas me laisser ... il a dit quelque chose de ne pas avoir la permission.

Quand j'ai regardé dans mon Ajouter / Supprimer Ces matériels sont certaines des choses que j'ai trouvées un peu suspecte, ou que je ne savais rien.

MSXML 4.0 SP2
Ma barre de recherche
muvee autoProducer 5.0
Smart Video Codec v1.6

SUPERAntiSpyware log
SUPERAntiSpyware Scan Log
http://www.superantispyware.com
Généré le 01/05/2008 à 07:32 PM
Application Version: 3.9.1008
Core Rules Database Version: 3374
Trace Rules Database Version: 1369
Scan type: Complete Scan
Total Scan Time: 01:23:02
Articles scannés Mémoire: 712
Mémoire menaces détectées: 1
Registre éléments numérisés: 8254
Registre des menaces détectées: 122
Dossier documents numérisés: 60434
Dossier de menaces détectées: 12
Trojan.Net-MSV/VPS-Variant
C: \ WINDOWS \ BLOPENVXDT.DLL
C: \ WINDOWS \ BLOPENVXDT.DLL
HKLM \ Software \ Classes \ CLSID \ (A8565FBC-8D53-4D4F-9BB0-CBC68A22B126)
HKCR \ CLSID \ (A8565FBC-8D53-4D4F-9BB0-CBC68A22B126)
HKCR \ CLSID \ (A8565FBC-8D53-4D4F-9BB0-CBC68A22B126)
HKCR \ CLSID \ (A8565FBC-8D53-4D4F-9BB0-CBC68A22B126) \ InprocServer32
HKCR \ CLSID \ (A8565FBC-8D53-4D4F-9BB0-CBC68A22B126) \ InprocServer32 # ThreadingModel
HKCR \ CLSID \ (A8565FBC-8D53-4D4F-9BB0-CBC68A22B126) \ ProgID
HKCR \ CLSID \ (A8565FBC-8D53-4D4F-9BB0-CBC68A22B126) \ Programmable
HKCR \ CLSID \ (A8565FBC-8D53-4D4F-9BB0-CBC68A22B126) \ TypeLib
HKCR \ CLSID \ (A8565FBC-8D53-4D4F-9BB0-CBC68A22B126) \ VersionIndependentProgID
HKLM \ Software \ Microsoft \ Windows \ CurrentVersion \ Exp lorer \ Browser Helper Objects \ (A8565FBC-8D53-4D4F-9BB0-CBC68A22B126)
Malware.Trace
HKLM \ Software \ Classes \ CLSID \ (014DA6C1-189F-421a-88CD-07CFE51CFF10)
HKCR \ CLSID \ (014DA6C1-189F-421A-88CD-07CFE51CFF10)
HKCR \ CLSID \ (014DA6C1-189F-421A-88CD-07CFE51CFF10)
HKCR \ CLSID \ (014DA6C1-189F-421A-88CD-07CFE51CFF10) \ InprocServer32
HKCR \ CLSID \ (014DA6C1-189F-421A-88CD-07CFE51CFF10) \ InprocServer32 # ThreadingModel
HKCR \ CLSID \ (014DA6C1-189F-421A-88CD-07CFE51CFF10) \ Programmable
HKCR \ CLSID \ (014DA6C1-189F-421A-88CD-07CFE51CFF10) \ TypeLib
C: \ Program Files \ MySearch \ bar \ 1.bin \ S4BAR.DLL
HKLM \ Software \ Classes \ CLSID \ (014DA6C9-189F-421a-88CD-07CFE51CFF10)
HKCR \ CLSID \ (014DA6C9-189F-421A-88CD-07CFE51CFF10)
HKCR \ CLSID \ (014DA6C9-189F-421A-88CD-07CFE51CFF10)
HKCR \ CLSID \ (014DA6C9-189F-421A-88CD-07CFE51CFF10) \ InprocServer32
HKCR \ CLSID \ (014DA6C9-189F-421A-88CD-07CFE51CFF10) \ InprocServer32 # ThreadingModel
HKCR \ CLSID \ (014DA6C9-189F-421A-88CD-07CFE51CFF10) \ Programmable
HKCR \ CLSID \ (014DA6C9-189F-421A-88CD-07CFE51CFF10) \ TypeLib
HKLM \ Software \ Microsoft \ Windows \ CurrentVersion \ Exp lorer \ Browser Helper Objects \ (014DA6C1-189F-421a-88CD-07CFE51CFF10)
HKLM \ Software \ Microsoft \ Internet Explorer \ Toolbar # (014DA6C9-189F-421a-88CD-07CFE51CFF10)
HKCR \ TypeLib \ (014DA6C0-189F-421a-88CD-07CFE51CFF10)
HKCR \ TypeLib \ (014DA6C0-189F-421a-88CD-07CFE51CFF10) \ 1.0
HKCR \ TypeLib \ (014DA6C0-189F-421a-88CD-07CFE51CFF10) \ 1.0 \ 0
HKCR \ TypeLib \ (014DA6C0-189F-421a-88CD-07CFE51CFF10) \ 1.0 \ 0 \ win32
HKCR \ TypeLib \ (014DA6C0-189F-421a-88CD-07CFE51CFF10) \ 1.0 \ FLAGS
HKCR \ TypeLib \ (014DA6C0-189F-421a-88CD-07CFE51CFF10) \ 1.0 \ HELPDIR
HKU \ S-1-5-21-3682377349-2593316749-328379415-1000 \ Software \ Microsoft \ Internet Explorer \ Toolbar \ WebBrowser # (014DA6C9-189F-421A-88CD-07CFE51CFF10)
Unclassified.Unknown origine
HKLM \ Software \ Classes \ CLSID \ (E09962E7-A39E-4F60-8003-66D57BED27B7)
HKCR \ CLSID \ (E09962E7-A39E-4F60-8003-66D57BED27B7)
HKCR \ CLSID \ (E09962E7-A39E-4F60-8003-66D57BED27B7)
HKCR \ CLSID \ (E09962E7-A39E-4F60-8003-66D57BED27B7) \ InprocServer32
HKCR \ CLSID \ (E09962E7-A39E-4F60-8003-66D57BED27B7) \ InprocServer32 # ThreadingModel
HKCR \ CLSID \ (E09962E7-A39E-4F60-8003-66D57BED27B7) \ ProgID
HKCR \ CLSID \ (E09962E7-A39E-4F60-8003-66D57BED27B7) \ Programmable
HKCR \ CLSID \ (E09962E7-A39E-4F60-8003-66D57BED27B7) \ TypeLib
HKCR \ CLSID \ (E09962E7-A39E-4F60-8003-66D57BED27B7) \ VersionIndependentProgID
C: \ WINDOWS \ system32 \ FASTRX.DLL
HKLM \ Software \ Microsoft \ Windows \ CurrentVersion \ Exp lorer \ Browser Helper Objects \ (E09962E7-A39E-4F60-8003-66D57BED27B7)
Adware.Tracking Cookie
C: \ Users \ Yasmany \ AppData \ Roaming \ Microsoft \ Windows \ Cookies \ yasmany@ar.atwola [2]. Txt
C: \ Users \ Yasmany \ AppData \ Roaming \ Microsoft \ Windows \ Cookies \ yasmany @ atwola [1]. Txt
C: \ Users \ Yasmany \ AppData \ Roaming \ Microsoft \ Windows \ Cookies \ yasmany @ doubleclick [1]. Txt
C: \ Users \ Yasmany \ AppData \ Roaming \ Microsoft \ Windows \ Cookies \ yasmany @ adlegend [1]. Txt
C: \ Users \ Yasmany \ AppData \ Roaming \ Microsoft \ Windows \ Cookies \ yasmany @ advertising [2]. Txt
C: \ Users \ Yasmany \ AppData \ Roaming \ Microsoft \ Windows \ Cookies \ yasmany @ 2O7 [1]. Txt
C: \ Users \ Yasmany \ AppData \ Roaming \ Microsoft \ Windows \ Cookies \ yasmany @ atdmt [2]. Txt
C: \ Users \ Yasmany \ AppData \ Roaming \ Microsoft \ Windows \ Cookies \ @ yasmany Mediaplex [1]. Txt
Adware.180solutions/Seekmo
HKCR \ Seekmo.DesktopFlash
HKCR \ Seekmo.DesktopFlash \ CLSID
HKCR \ Seekmo.DesktopFlash \ CurVer
HKCR \ Seekmo.DesktopFlash.1
HKCR \ Seekmo.DesktopFlash.1 \ CLSID
HKCR \ SeekmoAX.ClientDetector
HKCR \ SeekmoAX.ClientDetector \ CLSID
HKCR \ SeekmoAX.ClientDetector \ CurVer
HKCR \ SeekmoAX.ClientDetector.1
HKCR \ SeekmoAX.ClientDetector.1 \ CLSID
HKCR \ SeekmoAX.UserProfiles
HKCR \ SeekmoAX.UserProfiles \ CLSID
HKCR \ SeekmoAX.UserProfiles \ CurVer
HKCR \ SeekmoAX.UserProfiles.1
HKCR \ SeekmoAX.UserProfiles.1 \ CLSID
HKCR \ CLSID \ (1F158A1E-A687-4A11-9679-B3AC64B86A1C)
HKCR \ CLSID \ (1F158A1E-A687-4A11-9679-B3AC64B86A1C) \ Control
HKCR \ CLSID \ (1F158A1E-A687-4A11-9679-B3AC64B86A1C) \ InprocServer32
HKCR \ CLSID \ (1F158A1E-A687-4A11-9679-B3AC64B86A1C) \ InprocServer32 # ThreadingModel
HKCR \ CLSID \ (1F158A1E-A687-4A11-9679-B3AC64B86A1C) \ MiscStatus
HKCR \ CLSID \ (1F158A1E-A687-4A11-9679-B3AC64B86A1C) \ MiscStatus \ 1
HKCR \ CLSID \ (1F158A1E-A687-4A11-9679-B3AC64B86A1C) \ ProgID
HKCR \ CLSID \ (1F158A1E-A687-4A11-9679-B3AC64B86A1C) \ Programmable
HKCR \ CLSID \ (1F158A1E-A687-4A11-9679-B3AC64B86A1C) \ ToolboxBitmap32
HKCR \ CLSID \ (1F158A1E-A687-4A11-9679-B3AC64B86A1C) \ TypeLib
HKCR \ CLSID \ (1F158A1E-A687-4A11-9679-B3AC64B86A1C) \ Version
HKCR \ CLSID \ (1F158A1E-A687-4A11-9679-B3AC64B86A1C) \ VersionIndependentProgID
HKCR \ CLSID \ (914A8F99-38E4-47ec-B875-2B0653516030)
HKCR \ CLSID \ (914A8F99-38E4-47ec-B875-2B0653516030) # AppID
HKCR \ CLSID \ (914A8F99-38E4-47ec-B875-2B0653516030) \ LocalServer32
HKCR \ CLSID \ (914A8F99-38E4-47ec-B875-2B0653516030) \ ProgID
HKCR \ CLSID \ (914A8F99-38E4-47ec-B875-2B0653516030) \ Programmable
HKCR \ CLSID \ (914A8F99-38E4-47ec-B875-2B0653516030) \ TypeLib
HKCR \ CLSID \ (914A8F99-38E4-47ec-B875-2B0653516030) \ VersionIndependentProgID
HKCR \ CLSID \ (E313F5DC-CFE7-4568-84A4-C76653547571)
HKCR \ CLSID \ (E313F5DC-CFE7-4568-84A4-C76653547571) \ InprocServer32
HKCR \ CLSID \ (E313F5DC-CFE7-4568-84A4-C76653547571) \ InprocServer32 # ThreadingModel
HKCR \ CLSID \ (E313F5DC-CFE7-4568-84A4-C76653547571) \ ProgID
HKCR \ CLSID \ (E313F5DC-CFE7-4568-84A4-C76653547571) \ Programmable
HKCR \ CLSID \ (E313F5DC-CFE7-4568-84A4-C76653547571) \ TypeLib
HKCR \ CLSID \ (E313F5DC-CFE7-4568-84A4-C76653547571) \ VersionIndependentProgID
HKCR \ TypeLib \ (995E885E-3FF5-4F66-A107-8BFB3A0F8F12)
HKCR \ TypeLib \ (995E885E-3FF5-4F66-A107-8BFB3A0F8F12) \ 1.0
HKCR \ TypeLib \ (995E885E-3FF5-4F66-A107-8BFB3A0F8F12) \ 1.0 \ 0
HKCR \ TypeLib \ (995E885E-3FF5-4F66-A107-8BFB3A0F8F12) \ 1.0 \ 0 \ win32
HKCR \ TypeLib \ (995E885E-3FF5-4F66-A107-8BFB3A0F8F12) \ 1.0 \ FLAGS
HKCR \ TypeLib \ (995E885E-3FF5-4F66-A107-8BFB3A0F8F12) \ 1.0 \ HELPDIR
HKCR \ TypeLib \ (FBB40FDF-B715-4342-ab82-244ECC66E979)
HKCR \ TypeLib \ (FBB40FDF-B715-4342-ab82-244ECC66E979) \ 1.0
HKCR \ TypeLib \ (FBB40FDF-B715-4342-ab82-244ECC66E979) \ 1.0 \ 0
HKCR \ TypeLib \ (FBB40FDF-B715-4342-ab82-244ECC66E979) \ 1.0 \ 0 \ win32
HKCR \ TypeLib \ (FBB40FDF-B715-4342-ab82-244ECC66E979) \ 1.0 \ FLAGS
HKCR \ TypeLib \ (FBB40FDF-B715-4342-ab82-244ECC66E979) \ 1.0 \ HELPDIR
HKCR \ Interface \ (BD5258AF-20AE-4BD3-B748-B2851ACA7335)
HKCR \ Interface \ (BD5258AF-20AE-4BD3-B748-B2851ACA7335) \ ProxyStubClsid
HKCR \ Interface \ (BD5258AF-20AE-4BD3-B748-B2851ACA7335) \ ProxyStubClsid32
HKCR \ Interface \ (BD5258AF-20AE-4BD3-B748-B2851ACA7335) \ TypeLib
HKCR \ Interface \ (BD5258AF-20AE-4BD3-B748-B2851ACA7335) \ TypeLib # Version
HKCR \ AppID \ SeekmoSA_df.exe
HKCR \ AppID \ SeekmoSA_df.exe # AppID
HKCR \ AppID \ (4A40E8FC-C7E4-4F57-9FA4-85DD77402897)
HKU \ S-1-5-21-3682377349-2593316749-328379415-1000 \ Software \ seekmosa
HKLM \ SOFTWARE \ Microsoft \ Windows \ CurrentVersion \ Uni nstall \ SeekmoSA
HKLM \ SOFTWARE \ Microsoft \ Windows \ CurrentVersion \ Uni nstall \ SeekmoSA # DisplayName
HKLM \ SOFTWARE \ Microsoft \ Windows \ CurrentVersion \ Uni nstall \ SeekmoSA # DisplayIcon
HKLM \ SOFTWARE \ Microsoft \ Windows \ CurrentVersion \ Uni nstall \ SeekmoSA # UninstallString
HKLM \ SOFTWARE \ Microsoft \ Windows \ CurrentVersion \ Uni nstall \ SeekmoSA # DisplayVersion
HKLM \ SOFTWARE \ Microsoft \ Windows \ CurrentVersion \ Uni nstall \ SeekmoSA # HelpLink
HKLM \ SOFTWARE \ Microsoft \ Windows \ CurrentVersion \ Uni nstall \ SeekmoSA # Editeur
HKLM \ SOFTWARE \ Microsoft \ Windows \ CurrentVersion \ Uni nstall \ SeekmoSA # URLInfoAbout
HKLM \ Software \ Microsoft \ Windows \ CurrentVersion \ Run # SeekmoOE [C: \ Program Files \ Seekmo \ bin \ 10.0.341.0 \ OEAddOn.exe]
C: \ Users \ Yasmany \ AppData \ Roaming \ Seekmo
Trojan.DNSChanger-Codec
HKCR \ VAC.Video
HKCR \ VAC.Video \ CLSID
Trojan.Net-MSV/VPS
HKCR \ MSVPS.MSVPSApp
HKCR \ MSVPS.MSVPSApp \ CLSID
HKCR \ MSVPS.MSVPSApp \ Curver
Trojan.Net-MU/Gen
HKLM \ SOFTWARE \ Microsoft \ Windows \ CurrentVersion \ Uni nstall \ WebVideo
HKLM \ SOFTWARE \ Microsoft \ Windows \ CurrentVersion \ Uni nstall \ WebVideo # DisplayName
HKLM \ SOFTWARE \ Microsoft \ Windows \ CurrentVersion \ Uni nstall \ WebVideo # UninstallString

Journal HijackThis

Logfile de Trend Micro HijackThis v2.0.2
Scan saved at 8:13:58 PM, le 12/23/2007
Plate-forme: Windows Vista (WinNT 6.00.1904)
MSIE: Internet Explorer v7.00 (7.00.6000.16575)
Boot mode: Normal
Running processes:
C: \ Windows \ system32 \ taskeng.exe
C: \ Windows \ system32 \ Dwm.exe
C: \ Windows \ Explorer.EXE
C: \ Program Files \ Synaptics \ SynTP \ SynTPEnh.exe
C: \ Program Files \ HP \ QuickPlay \ QPService.exe
C: \ Program Files \ HP \ HP Software Update \ hpwuSchd2.exe
C: \ Program Files \ Hewlett-Packard \ HP Quick Launch Buttons \ QLBCTRL.exe
C: \ Program Files \ Hewlett-Packard \ HP Wireless Assistant \ WiFiMsg.exe
C: \ Program Files \ Hewlett-Packard \ HP Wireless Assistant \ HPWAMain.exe
C: \ Program Files \ Java \ jre1.6.0 \ bin \ jusched.exe
C: \ Program Files \ Fichiers communs \ Real \ Update_OB \ realsched.exe
C: \ Program Files \ Common Files \ Symantec Shared \ ccapp.exe
C: \ Program Files \ Comcast \ Desktop Doctor \ bin \ sprtcmd.exe
C: \ Program Files \ Windows Sidebar \ sidebar.exe
C: \ Program Files \ Hewlett-Packard \ HP Advisor \ HPAdvisor.exe
C: \ WINDOWS \ System32 \ rundll32.exe
C: \ WINDOWS \ ehome \ ehtray.exe
C: \ Windows \ ehome \ ehmsas.exe
C: \ Users \ Yasmany \ Desktop \ Veoh \ VeohClient.exe
C: \ Program Files \ Google \ GoogleToolbarNotifier \ 1.2.1128.5462 \ G oogleToolbarNotifier.exe
C: \ Program Files \ Fichiers communs \ Adobe \ Updater5 \ AdobeUpdater.exe
C: \ Program Files \ HP Connections \ 6811507 \ Program \ HP Connections.exe
C: \ Windows \ system32 \ wbem \ Unsecapp.exe
C: \ PROGRA ~ 1 \ HEWLET ~ 1 \ Shared \ HPQTOA ~ 1.EXE
C: \ Program Files \ Hewlett-Packard \ HP Advisor \ SSDK04.exe
C: \ Program Files \ Internet Explorer \ ieuser.exe
C: \ Program Files \ Internet Explorer \ iexplore.exe
C: \ Program Files \ Fichiers communs \ Microsoft Shared \ Windows Live \ WLLoginProxy.exe
C: \ Windows \ system32 \ searchfilterhost.exe
C: \ Program Files \ Trend Micro \ HijackThis \ HijackThis.exe
C: \ Windows \ system32 \ Macromed \ Flash \ FlashUtil9b.exe
R0 - HKCU \ Software \ Microsoft \ Internet Explorer \ Main, Start Page = http://www.comcast.net/
R1 - HKLM \ Software \ Microsoft \ Internet Explorer \ Main, Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TY...lion&pf=laptop
R1 - HKLM \ Software \ Microsoft \ Internet Explorer \ Main, Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM \ Software \ Microsoft \ Internet Explorer \ Main, Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM \ Software \ Microsoft \ Internet Explorer \ Main, Start Page = http://www.comcast.net/
R0 - HKLM \ Software \ Microsoft \ Internet Explorer \ Search, SearchAssistant =
R0 - HKLM \ Software \ Microsoft \ Internet Explorer \ Search, CustomizeSearch =
R1 - HKCU \ Software \ Microsoft \ Internet Explorer \ Main, Window Title = Windows Internet Explorer fourni par Comcast
R1 - HKCU \ Software \ Microsoft \ Windows \ CurrentVersion \ Int ernet Settings, ProxyServer =: 0
R0 - HKCU \ Software \ Microsoft \ Internet Explorer \ Toolbar, LinksFolderName =
R3 - URLSearchHook: AOLTBSearch Class - (EA756889-2338-43DB-8F07-D1CA6FB9C90D) - C: \ Program Files \ AOL \ AIM Toolbar 5.0 \ aoltb.dll
O1 - Hosts::: 1 localhost
O2 - BHO: My Search BHO - (014DA6C1-189F-421a-88CD-07CFE51CFF10) - C: \ Program Files \ MySearch \ bar \ 1.bin \ S4BAR.DLL
O2 - BHO: Adobe PDF Reader Link Helper - (06849E9F-C8D7-4D59-B87D-784B7D6BE0B3) - C: \ Program Files \ Adobe \ Acrobat 7.0 \ ActiveX \ AcroIEHelper.dll
O2 - BHO: RealPlayer Téléchargez et Record Plugin for Internet Explorer - (3049C3E9-B461-4BC5-8870-4C09146192CA) - C: \ Program Files \ Real \ RealPlayer \ rpbrowserrecordplugin.dll
O2 - BHO: SSVHelper Class - (761497BB-D6F0-462C-B6EB-D4DAF1D92D43) - C: \ Program Files \ Java \ jre1.6.0 \ bin \ ssv.dll
O2 - BHO: AOL Toolbar Launcher - (7C554162-8CB7-45A4-B8F4-8EA1C75885F9) - C: \ Program Files \ AOL \ AIM Toolbar 5.0 \ aoltb.dll
O2 - BHO: (no name) - (7E853D72-626A-48EC-A868-BA8D5E23E045) - (no file)
O2 - BHO: Windows Live Sign-in Helper - (9030D464-4C02-4ABF-8ECC-5164760863C6) - C: \ Program Files \ Fichiers communs \ Microsoft Shared \ Windows Live \ WindowsLiveLogin.dll
O2 - BHO: BDEX System - (A8565FBC-8D53-4D4F-9BB0-CBC68A22B126) - C: \ Windows \ blopenvxdt.dll
O2 - BHO: Google Toolbar Helper - (AA58ED58-01DD-4d91-8333-CF10577473F7) - c: \ program files \ google \ googletoolbar1.dll
O2 - BHO: FastRX - (E09962E7-A39E-4F60-8003-66D57BED27B7) - C: \ Windows \ system32 \ fastRX.dll (file missing)
- O3 Toolbar: My Search Bar - (014DA6C9-189F-421a-88CD-07CFE51CFF10) - C: \ Program Files \ MySearch \ bar \ 1.bin \ S4BAR.DLL
O3 - Toolbar: Veoh Browser Plug-in - (D0943516-5076-4020-A3B5-AEFAF26AB263) - C: \ Users \ Yasmany \ Desktop \ Veoh \ Plugins \ reg \ VeohTool bar.dll
O3 - Toolbar: & Google - (2318C2B1-4965-11D4-9B18-009027A5CD4F) - c: \ program files \ google \ googletoolbar1.dll
O3 - Toolbar: AIM Toolbar - (DE9C389F-3316-41A7-809B-AA305ED9D922) - C: \ Program Files \ AOL \ AIM Toolbar 5.0 \ aoltb.dll
- O3 Toolbar: La retnsrp - (CC304A4D-FC79-4CD3-9A67-46E3AF59319D) - C: \ Windows \ retnsrp.dll
O4 - HKLM \ .. \ Run: [Windows Defender]% ProgramFiles% \ Windows Defender \ MSASCui.exe-hide
O4 - HKLM \ .. \ Run: [SynTPEnh] C: \ Program Files \ Synaptics \ SynTP \ SynTPEnh.exe
O4 - HKLM \ .. \ Run: [QPService] "C: \ Program Files \ HP \ QuickPlay \ QPService.exe"
O4 - HKLM \ .. \ Run: [HP Software Update] C: \ Program Files \ Hp \ HP Software Update \ HPWuSchd2.exe
O4 - HKLM \ .. \ Run: [QlbCtrl]% ProgramFiles% \ Hewlett-Packard \ HP Quick Launch Buttons \ QLBCTRL.exe / Start
O4 - HKLM \ .. \ Run: [HP Health Check Scheduler] C: \ Program Files \ Hewlett-Packard \ HP Health Check \ HPHC_Scheduler.exe
O4 - HKLM \ .. \ Run: [WAWifiMessage]% ProgramFiles% \ Hewlett-Packard \ HP Wireless Assistant \ WiFiMsg.exe
O4 - HKLM \ .. \ Run: [hpWirelessAssistant]% ProgramFiles% \ Hewlett-Packard \ HP Wireless Assistant \ HPWAMain.exe
O4 - HKLM \ .. \ Run: [SunJavaUpdateSched] "C: \ Program Files \ Java \ jre1.6.0 \ bin \ jusched.exe"
O4 - HKLM \ .. \ Run: [kpx] C: \ Windows \ system32 \ rundll32.exe C: \ Windows \ system32 \ fastRX.dll DllInitApp
O4 - HKLM \ .. \ Run: [NvSvc] RUNDLL32.EXE C: \ Windows \ system32 \ nvsvc.dll, nvsvcStart
O4 - HKLM \ .. \ Run: [NvCplDaemon] RUNDLL32.EXE C: \ Windows \ system32 \ NvCpl.dll, NvStartup
O4 - HKLM \ .. \ Run: [NvMediaCenter] RUNDLL32.EXE C: \ Windows \ system32 \ NvMcTray.dll, NvTaskbarInit
O4 - HKLM \ .. \ Run: [TkBellExe] "C: \ Program Files \ Fichiers communs \ Real \ Update_OB \ realsched.exe"-osboot
O4 - HKLM \ .. \ Run: [SeekmoOE] C: \ Program Files \ Seekmo \ bin \ 10.0.341.0 \ OEAddOn.exe
O4 - HKLM \ .. \ Run: [SeekmoSA] "C: \ Program Files \ Seekmo \ bin \ 10.0.341.0 \ SeekmoSA.exe"
O4 - HKLM \ .. \ Run: [QuickTime Task] "C: \ Program Files \ QuickTime \ QTTask.exe"-atboottime
O4 - HKLM \ .. \ Run: [ccApp] "C: \ Program Files \ Common Files \ Symantec Shared \ ccapp.exe"
O4 - HKLM \ .. \ Run: [Symantec PIF AlertEng] "C: \ Program Files \ Common Files \ Symantec Shared \ PIF \ (B8E1DD85-8582-4c61-B58F-2F227FCA9A08) \ PIFSvc.exe" / a / m " C: \ Program Files \ Common Files \ Symantec Shared \ PIF \ (B8E1DD85-8582-4c61-B58F-2F227FCA9A08) \ AlertEng.dll "
O4 - HKLM \ .. \ Run: [ddoctorv2] "C: \ Program Files \ Comcast \ Desktop Doctor \ bin \ sprtcmd.exe" / P ddoctorv2
O4 - HKLM \ .. \ RunOnce: [Launcher]% WINDIR% \ SMINST \ launcher.exe
O4 - HKCU \ .. \ Run: [Sidebar] C: \ Program Files \ Windows Sidebar \ sidebar.exe / autorun
O4 - HKCU \ .. \ Run: [HPAdvisor] C: \ Program Files \ Hewlett-Packard \ HP Advisor \ HPAdvisor.exe
O4 - HKCU \ .. \ Run: [Aim6] "C: \ Program Files \ AIM6 \ aim6.exe" / d locale = fr-FR ee: / / aol / imApp
O4 - HKCU \ .. \ Run: [ehTray.exe] C: \ Windows \ ehome \ ehTray.exe
O4 - HKCU \ .. \ Run: [Veoh] "C: \ Users \ Yasmany \ Desktop \ Veoh \ VeohClient.exe" / VeohHide
O4 - HKCU \ .. \ Run: [MsnMsgr] "C: \ Program Files \ MSN Messenger \ msnmsgr.exe" / background
O4 - HKCU \ .. \ Run: [swg] C: \ Program Files \ Google \ GoogleToolbarNotifier \ 1.2.1128.5462 \ G oogleToolbarNotifier.exe
O4 - HKCU \ .. \ Run: [AdobeUpdater] C: \ Program Files \ Fichiers communs \ Adobe \ Updater5 \ AdobeUpdater.exe
O4 - HKCU \ .. \ Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll, ShowWelcomeCenter
O4 - HKUS \ S-1-5-19 \ .. \ Run: [Sidebar]% ProgramFiles% \ Windows Sidebar \ Sidebar.exe / detectMem (User 'LOCAL SERVICE')
O4 - HKUS \ S-1-5-19 \ .. \ Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll, ShowWelcomeCenter (User 'LOCAL SERVICE')
O4 - HKUS \ S-1-5-20 \ .. \ Run: [Sidebar]% ProgramFiles% \ Windows Sidebar \ Sidebar.exe / detectMem (User 'NETWORK SERVICE')
O4 - Startup: LimeWire On Startup.lnk = C: \ Program Files \ LimeWire \ LimeWire.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C: \ Program Files \ Adobe \ Acrobat 7.0 \ Reader \ reader_sl.exe
O4 - Global Startup: Adobe Reader Synchronizer.lnk = C: \ Program Files \ Adobe \ Reader 8.0 \ Reader \ AdobeCollabSync.exe
O4 - Global Startup: HP Connections.lnk = C: \ Program Files \ HP Connections \ 6811507 \ Program \ HP Connections.exe
O8 - Extra du menu contextuel: & Recherche AOL Toolbar - c: \ program files \ aol \ visent la barre d'outils 5.0 \ resources \ fr-FR \ local \ search.html
O8 - Extra du menu contextuel: E & xporter vers Microsoft Excel - res: / / C: \ PROGRA ~ 1 \ MICROS ~ 3 \ Office12 \ EXCEL.EXE/3000
O9 - Extra button: (no name) - (08B0E5C0-4FCB-11CF-AAA5-00401C608501) - C: \ Program Files \ Java \ jre1.6.0 \ bin \ ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - (08B0E5C0-4FCB-11CF-AAA5-00401C608501) - C: \ Program Files \ Java \ jre1.6.0 \ bin \ ssv.dll
O9 - Extra button: Envoyer à OneNote - (2670000A-7350-4f3c-8081-5663EE0C6C49) - C: \ PROGRA ~ 1 \ MICROS ~ 3 \ Office12 \ ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S & end à OneNote - (2670000A-7350-4f3c-8081-5663EE0C6C49) - C: \ PROGRA ~ 1 \ MICROS ~ 3 \ Office12 \ ONBttnIE.dll
O9 - Extra button: AIM Toolbar - (3369AF0D-62E9-4bda-8103-B4C75499B578) - C: \ Program Files \ AOL \ AIM Toolbar 5.0 \ aoltb.dll
O9 - Extra button: Research - (92780B25-18CC-41C8-B9BE-3C9C571A8263) - C: \ PROGRA ~ 1 \ MICROS ~ 3 \ Office12 \ REFIEBAR.DLL
O13 - Gopher Prefix:
O16 - DPF: (48DD0448-9209-4F81-9F6D-D83562940134) (MySpace Uploader Control) -- http://lads.myspace.com/upload/MySpaceUploader1005.cab
O16 - DPF: (5D6F45B3-9043-443D-A792-115447494D24) (UnoCtrl Class) -- http://messenger.zone.msn.com/EN-US/.../GAME_UNO1.cab
O16 - DPF: (67DABFBF-D0AB-41FA-9C46-CC0F21721616) (DivXBrowserPlugin Object) -- http://download.divx.com/player/DivXBrowserPlugin.cab
O16 - DPF: (B8BE5E93-A60C-4D26-A2DC-220313175592) (MSN Games - Installer) -- http://messenger.zone.msn.com/binary...o.cab56649.cab
O16 - DPF: (BD393C14-72AD-4790-A095-76522973D6B8) (CBreakshotControl Class) -- http://messenger.zone.msn.com/binary...t.cab57213.cab
O16 - DPF: (C3F79A2B-B9B4-4A66-B012-3EE46475B072) (MessengerStatsClient Class) -- http://messenger.zone.msn.com/binary...t.cab56907.cab
O16 - DPF: (DA758BB1-5F89-4465-975F-8D7179A4BCF3) (WheelofFortune Object) -- http://messenger.zone.msn.com/binary/WoF.cab57176.cab
- O21 Service: leorop - (38CA8AE4-A78E-4111-8D0E-BDDF145A5040) - C: \ Windows \ leorop.dll
- O21 Service: nopzet - (9543D4D7-3E5B-4B70-BB93-83AC9865627C) - C: \ Windows \ nopzet.dll
O23 - Service: AddFiltr - Hewlett-Packard Development Company, LP - C: \ Program Files \ Hewlett-Packard \ HP Quick Launch Buttons \ AddFiltr.exe
O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C: \ Program Files \ Symantec \ LiveUpdate \ aluschedulersvc.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C: \ Program Files \ Common Files \ Symantec Shared \ CCSVCHST.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C: \ Program Files \ Common Files \ Symantec Shared \ CCSVCHST.exe
O23 - Service: CyberLink Background Capture Service (CBCS) (CLCapSvc) - Unknown owner - C: \ Program Files \ HP \ QuickPlay \ Kernel \ TV \ CLCapSvc.exe
O23 - Service: CyberLink Task Scheduler (CTS) (CLSched) - Unknown owner - C: \ Program Files \ HP \ QuickPlay \ Kernel \ TV \ CLSched.exe
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Symantec Corporation - C: \ Program Files \ Common Files \ Symantec Shared \ CCSVCHST.exe
O23 - Service: Google Updater Service (gusvc) - Google - C: \ Program Files \ Google \ Common \ Google Updater \ GoogleUpdaterService.exe
O23 - Service: HP Health Check Service - Hewlett-Packard - C: \ Program Files \ Hewlett-Packard \ HP Health Check \ hphc_service.exe
O23 - Service: hpqwmiex - Hewlett-Packard Development Company, LP - C: \ Program Files \ Hewlett-Packard \ Shared \ hpqwmiex.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C: \ Program Files \ Roxio \ Roxio MyDVD Basic v9 \ InstallShield \ Driver \ 1050 \ Intel 32 \ IDriverT.exe
O23 - Service: Symantec IS Password Validation (ISPwdSvc) - Symantec Corporation - C: \ Program Files \ Norton AntiVirus \ isPwdSvc.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C: \ Program Files \ Common Files \ LightScribe \ LSSrvc.exe
O23 - Service: LiveUpdate - Symantec Corporation - C: \ PROGRA ~ 1 \ Symantec \ LIVEUP ~ 1 \ LUCOMS ~ 1.EXE
O23 - Service: LiveUpdate Notice Service Ex (LiveUpdate Notice Ex) - Symantec Corporation - C: \ Program Files \ Common Files \ Symantec Shared \ CCSVCHST.exe
O23 - Service: LiveUpdate Notice Service - Symantec Corporation - C: \ Program Files \ Common Files \ Symantec Shared \ PIF \ (B8E1DD85-8582-4c61-B58F-2F227FCA9A08) \ PIFSvc.exe
O23 - Service: RoxMediaDB9 - Sonic Solutions - C: \ Program Files \ Common Files \ Roxio Shared \ 9.0 \ SharedCOM \ RoxMediaDB9.exe
O23 - Service: SupportSoft Sprocket Service (ddoctorv2) (sprtsvc_ddoctorv2) - SupportSoft, Inc - C: \ Program Files \ Comcast \ Desktop Doctor \ bin \ sprtsvc.exe
O23 - Service: stllssvr - MICROVISION Development, Inc - C: \ Program Files \ Common Files \ SureThing Shared \ stllssvr.exe
O23 - Service: Symantec Core LC - Unknown owner - C: \ Program Files \ Common Files \ Symantec Shared \ DPCC-LC \ symlcsvc.exe
O23 - Service: Symantec AppCore Service (SymAppCore) - Symantec Corporation - C: \ Program Files \ Common Files \ Symantec Shared \ AppCore \ AppSvc32.exe
O23 - Service: Viewpoint Manager Service - Viewpoint Corporation - C: \ Program Files \ Viewpoint \ Common \ ViewpointService.exe
O23 - Service: XAudioService - Conexant Systems, Inc - C: \ Windows \ system32 \ DRIVERS \ xaudio.exe
--
End of file - 13628 bytes

**howardhopkinson** · #7 5 janvier 2008, 19:34

Vous voudrez peut-être copier et coller ces instructions dans un fichier Bloc-notes. Ensuite vous pouvez ouvrir le fichier en mode sans échec, vous pouvez donc plus facile de suivre les instructions.

Démarrez en mode sans échec, normal, sous votre nom d'utilisateur (PAS COMPTE DE L'ADMINISTRATEUR). Voyez comment ICI.

Dans l'Explorateur Windows, activez "Afficher tous les fichiers et dossiers cachés et système, y compris". Voyez comment ICI.

Aller ajouter supprimer des programmes dans votre panneau de configuration et de désinstaller rien à voir avec (si).

MySearch
bar
Seekmo
Point de vue

Fermez le Panneau de configuration.

Cliquez sur Démarrer / Exécuter et tapez services.msc dans la zone Exécuter, puis appuyez sur la touche Entrée.

Lorsque la fenêtre apparaît, elle maximiser. Double-cliquez sur les services suivants (si) Et sélectionnez arrêter si elles sont en cours d'exécution. Définissez le type de démarrage handicapés. Cliquez sur Appliquer / OK pour chaque service, vous désactiver.

Point de vue des services

Fermez la fenêtre Services.

Ouvrez votre gestionnaire de tâches, en maintenant enfoncées les touches Ctrl et Alt en appuyant sur les touches et la touche d'effacement.

Cliquez sur l'onglet processus et à la fin de processus (si).

ViewpointService.exe
launcher.exe
SeekmoSA.exe
OEAddOn.exe

Fermez le Gestionnaire des tâches.

Run HJT sans autres programmes ouverts (sauf le bloc-notes). Cliquez sur le bouton scan. Avez-HJT fixer les éléments suivants, en plaçant de cocher la petite case à cocher (si).

O2 - BHO: My Search BHO - (014DA6C1-189F-421a-88CD-07CFE51CFF10) - C: \ Program Files \ MySearch \ bar \ 1.bin \ S4BAR.DLL

O2 - BHO: (no name) - (7E853D72-626A-48EC-A868-BA8D5E23E045) - (no file)

O2 - BHO: BDEX System - (A8565FBC-8D53-4D4F-9BB0-CBC68A22B126) - C: \ Windows \ blopenvxdt.dll

O2 - BHO: FastRX - (E09962E7-A39E-4F60-8003-66D57BED27B7) - C: \ Windows \ system32 \ fastRX.dll (file missing)

- O3 Toolbar: My Search Bar - (014DA6C9-189F-421a-88CD-07CFE51CFF10) - C: \ Program Files \ MySearch \ bar \ 1.bin \ S4BAR.DLL

- O3 Toolbar: La retnsrp - (CC304A4D-FC79-4CD3-9A67-46E3AF59319D) - C: \ Windows \ retnsrp.dll

O4 - HKLM \ .. \ Run: [kpx] C: \ Windows \ system32 \ rundll32.exe C: \ Windows \ system32 \ fastRX.dll DllInitApp

O4 - HKLM \ .. \ Run: [SeekmoOE] C: \ Program Files \ Seekmo \ bin \ 10.0.341.0 \ OEAddOn.exe

O4 - HKLM \ .. \ Run: [SeekmoSA] "C: \ Program Files \ Seekmo \ bin \ 10.0.341.0 \ SeekmoSA.exe"

O4 - HKLM \ .. \ RunOnce: [Launcher]% WINDIR% \ SMINST \ launcher.exe

- O21 Service: leorop - (38CA8AE4-A78E-4111-8D0E-BDDF145A5040) - C: \ Windows \ leorop.dll

- O21 Service: nopzet - (9543D4D7-3E5B-4B70-BB93-83AC9865627C) - C: \ Windows \ nopzet.dll

O23 - Service: Viewpoint Manager Service - Viewpoint Corporation - C: \ Program Files \ Viewpoint \ Common \ ViewpointService.exe

Cliquez sur le bouton fix vérifié.

Fermer HJT.

Localisez et supprimez le texte suivant gras fichiers et / ou dossiers (si).

C: \ Program Files \Point de vue<Supprimer l'ensemble du dossier.
C: \ Windows \nopzet.dll
C: \ Windows \leorop.dll

% WINDIR% \ cpn \launcher.exe
C: \ Program Files \Seekmo<Supprimer l'ensemble du dossier.
C: \ Windows \ system32 \fastRX.dll

C: \ Windows \retnsrp.dll
C: \ Program Files \MySearch<Supprimer l'ensemble du dossier.
C: \ Windows \blopenvxdt.dll

Redémarrage en mode normal et rehide votre OS fichiers protégés.

Télécharger combofix.exe à votre bureau. Double cliquez sur ComboFix.exe et suivez les instructions. Une fenêtre s'ouvre avec un avertissement. Tapez "1" (et Enter) pour démarrer le correctif. Une fois l'analyse terminée il ouvrira une fenêtre de texte. S'il vous plaît joindre ce journal revenir ici avec un log HJT frais. Attention - ne pas toucher à la souris / clavier jusqu'à ce que le balayage est terminé. Le balayage de désactiver temporairement votre bureau, et si l'interruption de mai quitter votre bureau handicapés. Si cela se produit, s'il vous plaît redémarrer pour restaurer le bureau.

Combofix va automatiquement enregistrer le fichier dans C: \ combofix.txt

Post le log Combofix ainsi comme un nouveau log HJT.

Regards Howard.

**ImSoLost** · #8 5 janvier 2008, 19:45

Homme que je suis un mauvais timing. Je viens de découvrir comment exécuter l'analyse en ligne. Je le tournent maintenant que nous parlons. Voulez-vous encore de moi de faire ce que tu as dit.

**howardhopkinson** · #9 5 janvier 2008, 19:47

Oubliez l'analyse en ligne pour l'instant, il suffit de suivre les instructions que je vous ai donné.

Regards Howard.

**ImSoLost** · #10 5 janvier 2008, 21:01

Lorsque j'essaie de lancer Combofix je reçois de la fenêtre bleu mais alors il dit prépare à exécuter, puis de mémoire ou de violation d'accès et puis je reçois un autre pop up disant "mise en oeuvre de Freeware de REG.EXE a cessé de travailler et cela m'oblige à fermer un terme au programme. Voulez-vous me poster le log HJT?

Je m'excuse pour tout ce mal.

Attendez une seconde, je ne sais pas comment, mais maintenant ça fonctionne, je vais le faire fonctionner.