Bonjour,
J'ai un problème d'affichage intempestif de fenêtres de pub dans IE.
Des fenêtres de pub s'ouvrent dans de nouvelles fenêtres IE lorsque je navigue.
Les adresses de ces fenêtres commencent toutes par un tilde (~)...
J'ai passé AdAware, Spybot, ccCleaner, Ewido, SpyWeeper, etc... mais rien n'y fait...
Je sèche complètement.
Voici mon log HJT :
Logfile of HijackThis v1.99.1
Scan saved at 09:50:18, on 02/06/2006
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\LANDesk\Shared Files\residentagent.exe
C:\Program Files\Symantec AntiVirus\DefWatch.exe
C:\Program Files\ewido anti-malware\ewidoctrl.exe
C:\Program Files\Hummingbird\Connectivity\9.00\Exceed\HumDisplayServer.exe
C:\LDCLIENT\LOCALSCH.EXE
C:\WINDOWS\system32\cba\pds.exe
C:\LDCLIENT\QIPCLNT.EXE
C:\LDClient\tmcsvc.exe
c:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\Symantec AntiVirus\SavRoam.exe
C:\Program Files\Webroot\Spy Sweeper\WRSSSDK.exe
C:\Program Files\Symantec AntiVirus\Rtvscan.exe
C:\Program Files\UPHClean\uphclean.exe
C:\LDClient\wuser32.exe
C:\WINDOWS\System32\MsgSys.EXE
C:\LDCLIENT\SOFTMON.EXE
C:\WINDOWS\Explorer.EXE
C:\PROGRA~1\SYMANT~1\VPTray.exe
C:\Program Files\Java\j2re1.4.2_04\bin\jusched.exe
C:\Program Files\Microsoft IntelliPoint\point32.exe
C:\Program Files\Microsoft Office\OFFICE11\OUTLOOK.EXE
C:\Program Files\Microsoft Office\OFFICE11\WINWORD.EXE
C:\WINDOWS\system32\proquota.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\HijackThis.exe
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = 127.0.0.1;*.dfei.cdc.fr;*.dfci.cdc.fr;*.dabfi.cdc.fr;*.serv.cdc.fr;*.gis.cdc.fr;*.dmce.cdc.fr;158.156.152.125;*.hld.net;*.rservices.com;*.ap.cdc.fr;*.gec.cm.net;<local>
F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\userinit.exe,,C:\LDCLIENT\SOFTMON.EXE
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - c:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O4 - HKLM\..\Run: [VTTimer] VTTimer.exe
O4 - HKLM\..\Run: [vptray] C:\PROGRA~1\SYMANT~1\VPTray.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\j2re1.4.2_04\bin\jusched.exe
O4 - HKLM\..\Run: [IntelliPoint] "C:\Program Files\Microsoft IntelliPoint\point32.exe"
O4 - Startup: Démarrer Microsoft Office Outlook.lnk = C:\Program Files\Microsoft Office\OFFICE11\OUTLOOK.EXE
O4 - Global Startup: Scanner d'inventaire.LNK = C:\LDClient\LDISCN32.EXE
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O8 - Extra context menu item: E&xport to Microsoft Excel - res://c:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2_04\bin\npjpi142_04.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2_04\bin\npjpi142_04.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O15 - Trusted Zone: www.web2hosts.com
O15 - Trusted Zone: www.web2hosts.com
O15 - Trusted Zone: www.web2hosts.com (HKLM)
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {205E7068-6D03-4566-AD06-A146B592FBA5} (Loader Class v2) - http://testdirectorv8.ap.cdc.fr/TDBIN/Spider80.ocx
O16 - DPF: {F2713666-686B-4243-9B4F-84DB6A6B8F28} (Projet1.UserControl1) -
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: Domain = ap.cdc.fr
O17 - HKLM\Software\..\Telephony: DomainName = ap.cdc.fr
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: Domain = ap.cdc.fr
O17 - HKLM\System\CS2\Services\Tcpip\Parameters: Domain = ap.cdc.fr
O20 - Winlogon Notify: NavLogon - C:\WINDOWS\System32\NavLogon.dll
O20 - Winlogon Notify: WRNotifier - C:\WINDOWS\SYSTEM32\WRLogonNTF.dll
O23 - Service: LANDesk(R) Management Agent (CBA8) - LANDesk(R) Development, Ltd - C:\Program Files\LANDesk\Shared Files\residentagent.exe
O23 - Service: Symantec AntiVirus Definition Watcher (DefWatch) - Symantec Corporation - C:\Program Files\Symantec AntiVirus\DefWatch.exe
O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido anti-malware\ewidoctrl.exe
O23 - Service: Hummingbird Exceed Display Management (HumDisplayServer) - Hummingbird Ltd. - C:\Program Files\Hummingbird\Connectivity\9.00\Exceed\HumDisplayServer.exe
O23 - Service: Intel Local Scheduler Service - LANDesk Software Ltd. - C:\LDCLIENT\LOCALSCH.EXE
O23 - Service: Intel PDS - Intel® Corporation - C:\WINDOWS\system32\cba\pds.exe
O23 - Service: Intel QIP Client Service - LANDesk Software Ltd. - C:\LDCLIENT\QIPCLNT.EXE
O23 - Service: Intel Targeted Multicast - LANDesk Software Ltd. - C:\LDClient\tmcsvc.exe
O23 - Service: OracleOraHome92ClientCache - Unknown owner - C:\oracle\ora92\bin\ONRSD.EXE
O23 - Service: SAVRoam (SavRoam) - symantec - C:\Program Files\Symantec AntiVirus\SavRoam.exe
O23 - Service: Webroot Spy Sweeper Engine (svcWRSSSDK) - Webroot Software, Inc. - C:\Program Files\Webroot\Spy Sweeper\WRSSSDK.exe
O23 - Service: Symantec AntiVirus - Symantec Corporation - C:\Program Files\Symantec AntiVirus\Rtvscan.exe
O23 - Service: Service de contrôle distant Intel (Wuser32) - LANDesk Software Ltd. - C:\LDClient\wuser32.exe
Merci,
Cyril.
Message édité par watch20 le 02-06-2006 à 11:42:29