CiD, Spams de pubs intempestifs..!!!

Question

Bonjour,

Marre de ces spams qui s'ouvrent lorque je jou a css et qui font tout Bugger.. 
Si vous pouvez m'en débarrasser..::: Rapport HiJackThis :::..

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 20:17:04, on 29/01/2009
Platform: Windows Vista  (WinNT 6.00.1904)
MSIE: Internet Explorer v7.00 (7.00.6000.16764)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32	askeng.exe
C:\Windows\System32undll32.exe
C:\Program Files\Hp\QuickPlay\QPService.exe
C:\Windows\System32undll32.exe
C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe
C:\Program Files\Hewlett-Packard\HP QuickTouch\HPKBDAPP.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\Hp\HP Software Update\hpwuSchd2.exe
C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
C:\Program Files\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe
C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe
C:\Program Files\Hewlett-Packard\HP Advisor\HPAdvisor.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\Steam\Steam.exe
C:\Windows\ehome\ehmsas.exe
C:\Program Files\Hewlett-Packard\Shared\HpqToaster.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Windows\system32\wuauclt.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Windows Live\Contacts\wlcomm.exe
C:\Windows\system32\conime.exe
C:\Program Files\Red Kawa\Video Converter App\VideoConverterApp.exe
C:\Program Files\Red Kawa\Video Converter App\Tools\FFmpeg\ffmpeg.exe
C:\Program Files\Internet Explorer\ieuser.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Google\Google Toolbar\GoogleToolbarUser.exe
C:\Windows\system32\Macromed\Flash\FlashUtil10a.exe
C:\Users\Matchti\Desktop\HiJackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://lelombrik.net/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://fr.yahoo.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://fr.yahoo.com/
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = 
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = 
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = 
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O1 - Hosts: ::1 localhost
O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: NCO 2.0 IE BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - (no file)
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: AOL Toolbar Launcher - {7C554162-8CB7-45A4-B8F4-8EA1C75885F9} - C:\Program Files\AOL\AOL Toolbar 5.0\aoltb.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.0.926.3450\swg.dll
O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_219B3E1547538286.dll
O3 - Toolbar: (no name) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - (no file)
O3 - Toolbar: AOL Toolbar - {DE9C389F-3316-41A7-809B-AA305ED9D922} - C:\Program Files\AOL\AOL Toolbar 5.0\aoltb.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: &Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O4 - HKLM\..\Run: [NvSvc] RUNDLL32.EXE C:\Windows\system32
vsvc.dll,nvsvcStart
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [QPService] "C:\Program Files\HP\QuickPlay\QPService.exe"
O4 - HKLM\..\Run: [QlbCtrl] %ProgramFiles%\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start
O4 - HKLM\..\Run: [OnScreenDisplay] C:\Program Files\Hewlett-Packard\HP QuickTouch\HPKBDAPP.exe
O4 - HKLM\..\Run: [UCam_Menu] "C:\Program Files\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe" "C:\Program Files\CyberLink\YouCam" update "Software\CyberLink\YouCam\1.0"
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [HP Health Check Scheduler] [ProgramFilesFolder]Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [hpWirelessAssistant] C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
O4 - HKLM\..\Run: [WAWifiMessage] C:\Program Files\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [LightScribe Control Panel] C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe -hidden
O4 - HKCU\..\Run: [HPAdvisor] C:\Program Files\Hewlett-Packard\HP Advisor\HPAdvisor.exe autoRun
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [Shareaza] "C:\Program Files\Shareaza\Shareaza.exe" -tray
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [Steam] "c:\program files\steam\steam.exe" -silent
O4 - HKCU\..\Run: [Somefox] C:\Users\Matchti\AppData\Local\Temp\video119.cfg.exe
O4 - HKCU\..\Run: [webgen] C:\ProgramData\webgen\pobknuny.exe
O4 - HKCU\..\Run: [lphcpn6j0eg32] C:\Windows\system32\lphcpn6j0eg32.exe
O4 - HKCU\..\Run: [ehOxC56OnE] C:\ProgramData\hkhadevu\huvqjmrg.exe
O4 - HKCU\..\Run: [IUpd646] C:\Users\Matchti\AppData\Local\Temp\sfsrv.exe
O4 - HKCU\..\Run: [dash cool] "C:\ProgramData\Up seek seek.k70eb2"
O4 - HKCU\..\Run: [Amok Mode Dupe Platform] "C:\ProgramData\dvd way tray.h10k2a"
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU')
O4 - Startup: OneNote 2007 - Capture d'écran et lancement.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
O8 - Extra context menu item: &Recherche AOL Toolbar - c:\program files\aol\aol toolbar 5.0esources\fr-fr\local\search.html
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\PROGRA~1\Java\JRE16~3.0_0\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\PROGRA~1\Java\JRE16~3.0_0\bin\ssv.dll
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra button: AOL Toolbar - {3369AF0D-62E9-4bda-8103-B4C75499B578} - C:\Program Files\AOL\AOL Toolbar 5.0\aoltb.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O13 - Gopher Prefix: 
O16 - DPF: {04CB5B64-5915-4629-B869-8945CEBADD21} (Module de délivrance de certificat MINEFI) - https://static.impots.gouv.fr/abos/static/securite/certdgi1.cab
O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} (Facebook Photo Uploader 5 Control) - http://upload.facebook.com/controls/2008.10.10_v5.5.8/FacebookPhotoUploader5.cab
O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} (DivXBrowserPlugin Object) - http://www.triforce.fr/plugin/DivXBrowserPlugin.cab
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Boonty Games - BOONTY - C:\Program Files\Common Files\BOONTY Shared\Service\Boonty.exe
O23 - Service: Com4Qlb - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4Qlb.exe
O23 - Service: GameConsoleService - WildTangent, Inc. - C:\Program Files\HP Games\My HP Game Console\GameConsoleService.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: HP Health Check Service - Hewlett-Packard - c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe
O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: QuickPlay Background Capture Service (QBCS) (QPCapSvc) - Unknown owner - C:\Program Files\HP\QuickPlay\Kernel\TV\QPCapSvc.exe
O23 - Service: QuickPlay Task Scheduler (QTS) (QPSched) - Unknown owner - C:\Program Files\HP\QuickPlay\Kernel\TV\QPSched.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files\Common Files\Steam\SteamService.exe
O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe

ramiré · Answer

télécharge et instale , il sera automatiquement sur la case nettoyage, fait analise une foi l'analise terminé fait supprimé et re comence l'opération jusqua se quil et plu rien http://download.piriform.com/ccsetup216.exe

green day · Answer

Bonjour

CCleaner est loin de suffire ...

    *  Télécharger Lop S&D d'Eric71 sur le bureau : https://77b4795d-a-62cb3a1a-s-sites.googlegroups.com/site/eric71mespages/LopSD.exe?attachauth=ANoY7co3ntqUavpZ3q1BG-h4pc13vqDZmhcNeEPChtsyrgAykRbhE8bZzhk979EfQD4AgwtQUHCaQ7ZQwNYMo3_0kA8htAspckDJtu2K5t6J9z6dLW4fpZyH4FpFL1tVMBZ8H-KnN7afZ5vt-WxZRpnynk-a0XmV_Y0C0q6DxGEDKie1TnPT7gFoZnoCnspzBmbW6ZzxA4fNr3oEDlbelNZON-LjF8nOmQ%3D%3D&attredirects=2
    * Double-cliquer sur le raccourci Lop S&D ainsi crée pour lancer l'installation. (Clic droit > Exécuter en tant qu'administrateur pour Vista)
    * Séléctionner la langue souhaitée, puis choisir l'option 1 (Recherche).
    * Une fois le scan terminé, enregistrez le rapport généré qui se situera par défaut sous la racine du disque : C:\lopR.txt. 

==> poste le stp

@+

ramiré · Answer

oui mes il peux enlevé pas mal de probléme,

Nat-Cole · Answer

c'est long ton truc greenday.. xxD

Nat-Cole · Answer

--------------------\  Lop S&D 4.2.5-0   XP/Vista

   Microsoft® Windows Vista™ Édition Familiale Premium  ( v6.0.6000 ) 
   X86-based PC ( Multiprocessor Free : AMD Turion(tm) 64 X2 Mobile Technology TL-60 )
   BIOS : PhoenixBIOS 4.0 Release 6.1     
   USER : Matchti ( Administrator )
   BOOT : Normal boot
   Antivirus : avast! antivirus 4.8.1229 [VPS 081102-0] 4.8.1229 (Activated)
   C:\ (Local Disk) - NTFS - Total:286 Go (Free:48 Go)
   D:\ (Local Disk) - NTFS - Total:11 Go (Free:2 Go)
   E:\ (CD or DVD) - CDFS - Total:2 Go (Free:0 Go)

   "C:\Lop SD" ( MAJ : 19-12-2008|23:40 )
   Option : [1] ( 29/01/2009|22:50 )

   [ UAC => 1 ]
 
   --------------------\  Listing des dossiers dans Local

   [16/04/2008|01:27] C:\Users\Matchti\AppData\Local\Adobe
   [12/04/2008|00:41] C:\Users\Matchti\AppData\Local\AOL
   [25/12/2008|01:31] C:\Users\Matchti\AppData\Local\Apple
   [25/12/2008|07:35] C:\Users\Matchti\AppData\Local\Apple Computer
   [11/04/2008|18:39] C:\Users\Matchti\AppData\Local\Application Data 
   [11/04/2008|18:55] C:\Users\Matchti\AppData\Local\AtStart.txt
   [29/01/2009|22:44] C:\Users\Matchti\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
   [11/04/2008|18:46] C:\Users\Matchti\AppData\Local\Downloaded Installations
   [11/04/2008|18:55] C:\Users\Matchti\AppData\Local\DSwitch.txt
   [24/08/2008|00:26] C:\Users\Matchti\AppData\Local\FnF4.txt
   [11/04/2008|18:54] C:\Users\Matchti\AppData\Local\GDIPFONTCACHEV1.DAT
   [11/01/2009|21:57] C:\Users\Matchti\AppData\Local\Google
   [11/04/2008|18:55] C:\Users\Matchti\AppData\Local\Hewlett-Packard
   [11/04/2008|18:39] C:\Users\Matchti\AppData\Local\Historique 
   [29/01/2009|15:14] C:\Users\Matchti\AppData\Local\IconCache.db
   [22/09/2008|01:36] C:\Users\Matchti\AppData\Local\Microsoft
   [12/04/2008|18:14] C:\Users\Matchti\AppData\Local\Microsoft Games
   [15/06/2008|18:45] C:\Users\Matchti\AppData\Local\Play65
   [11/04/2008|18:55] C:\Users\Matchti\AppData\Local\QSwitch.txt
   [23/06/2008|12:35] C:\Users\Matchti\AppData\Local\QuickPlay
   [12/04/2008|22:00] C:\Users\Matchti\AppData\Local\Shareaza
   [12/04/2008|10:20] C:\Users\Matchti\AppData\Local\Steam
   [29/01/2009|22:49] C:\Users\Matchti\AppData\Local\Temp
   [11/04/2008|18:39] C:\Users\Matchti\AppData\Local\Temporary Internet Files 
   [03/09/2008|21:16] C:\Users\Matchti\AppData\Local\VirtualStore
 
   --------------------\  Tâches planifiées dans C:\Windows	asks

   [29/01/2009 09:25][--ah-----] C:\Windows	asks\User_Feed_Synchronization-{D6804DA1-491E-4D52-975C-83440EE11224}.job
   [29/01/2009 19:56][--ah-----] C:\Windows	asks\User_Feed_Synchronization-{13868F10-80AD-4E65-81B6-A387F615CFD1}.job
   [29/01/2009 15:16][--ah-----] C:\Windows	asks\SA.DAT
   [29/01/2009 15:14][--a------] C:\Windows	asks\SCHEDLGU.TXT

   --------------------\  Listing des dossiers dans C:\ProgramData
   
   [24/10/2007|17:57] C:\ProgramData\{174892B1-CBE7-44F5-86FF-AB555EFD73A3}
   [25/12/2008|01:37] C:\ProgramData\{3276BE95_AF08_429F_A64F_CA64CB79BCF6}
   [23/06/2008|08:31] C:\ProgramData\Adobe
   [25/12/2008|01:30] C:\ProgramData\Apple
   [25/12/2008|01:36] C:\ProgramData\Apple Computer
   [02/11/2006|14:02] C:\ProgramData\Application Data 
   [25/03/2008|11:44] C:\ProgramData\Atheros
   [29/12/2008|19:58] C:\ProgramData\BOONTY
   [11/04/2008|18:35] C:\ProgramData\Bureau 
   [16/04/2008|07:51] C:\ProgramData\CyberLink
   [02/11/2006|14:02] C:\ProgramData\Desktop 
   [02/11/2006|14:02] C:\ProgramData\Documents 
   [05/01/2009|20:18] C:\ProgramData\dvd way tray.h10k2a
   [11/04/2008|18:47] C:\ProgramData\Electronic Arts
   [11/04/2008|18:35] C:\ProgramData\Favoris 
   [02/11/2006|14:02] C:\ProgramData\Favorites 
   [11/01/2009|17:50] C:\ProgramData\Google
   [29/01/2009|09:39] C:\ProgramData\Google Updater
   [11/04/2008|18:55] C:\ProgramData\Hewlett-Packard
   [11/09/2008|22:17] C:\ProgramData\hkhadevu
   [05/01/2009|20:18] C:\ProgramData\Hold Trust Amok Mode
   [16/04/2008|07:51] C:\ProgramData\HP
   [14/06/2008|17:34] C:\ProgramData\hpzinstall.log
   [22/01/2009|15:54] C:\ProgramData\Mealmfcdaudio
   [11/04/2008|18:35] C:\ProgramData\Menu D‚marrer 
   [13/04/2008|18:14] C:\ProgramData\Messenger Plus!
   [17/12/2008|14:20] C:\ProgramData\Microsoft
   [10/12/2008|03:09] C:\ProgramData\Microsoft Help
   [11/04/2008|18:35] C:\ProgramData\ModŠles 
   [24/10/2007|17:43] C:\ProgramData\muvee Technologies
   [11/04/2008|18:55] C:\ProgramData\NVIDIA
   [14/06/2008|14:03] C:\ProgramData\Photo Service Edition
   [03/09/2008|00:49] C:\ProgramData\Screaming Bee
   [03/09/2008|21:16] C:\ProgramData\setenmsg
   [02/11/2006|14:02] C:\ProgramData\Start Menu 
   [13/04/2008|21:09] C:\ProgramData\Symantec
   [12/04/2008|00:56] C:\ProgramData\TEMP
   [02/11/2006|14:02] C:\ProgramData\Templates 
   [23/04/2008|17:34] C:\ProgramData\Ubisoft
   [05/01/2009|20:18] C:\ProgramData\Up seek seek.5uqt8w
   [22/01/2009|16:34] C:\ProgramData\Up seek seek.k70eb2
   [05/01/2009|20:18] C:\ProgramData\Up seek seek.v5uhz
   [22/01/2009|16:12] C:\ProgramData\Up seek seek.wkb4hs
   [24/10/2007|17:20] C:\ProgramData\Viewpoint
   [07/09/2008|16:01] C:\ProgramData\webgen
   [12/04/2008|00:25] C:\ProgramData\WildTangent
   [12/05/2008|12:44] C:\ProgramData\WLInstaller
   [29/10/2008|17:15] C:\ProgramData\Yahoo! Companion

   --------------------\  Listing des dossiers dans C:\Program Files

   [24/10/2007|17:57] C:\Program Files\Activation Assistant for the 2007 Microsoft Office suites
   [28/11/2008|19:08] C:\Program Files\Adobe
   [24/10/2007|17:20] C:\Program Files\AIM6
   [18/05/2008|21:48] C:\Program Files\Alwil Software
   [11/04/2008|18:48] C:\Program Files\AOL
   [25/12/2008|01:31] C:\Program Files\Apple Software Update
   [25/03/2008|11:44] C:\Program Files\Atheros
   [25/12/2008|02:28] C:\Program Files\AviSynth 2.5
   [25/12/2008|01:34] C:\Program Files\Bonjour
   [29/12/2008|21:11] C:\Program Files\BoontyGames
   [05/01/2009|20:18] C:\Program Files\Circle Developement
   [29/12/2008|19:58] C:\Program Files\Common Files
   [25/03/2008|11:44] C:\Program Files\CONEXANT
   [25/03/2008|11:56] C:\Program Files\CyberLink
   [29/10/2008|17:15] C:\Program Files\DivX
   [26/12/2008|02:28] C:\Program Files\Electronic Arts
   [11/04/2008|18:35] C:\Program Files\Fichiers communs [C:\Program Files\Common Files]
   [30/05/2008|18:38] C:\Program Files\GameSpy Arcade
   [11/01/2009|19:03] C:\Program Files\Google
   [25/03/2008|11:52] C:\Program Files\Hewlett-Packard
   [25/03/2008|11:48] C:\Program Files\Hp
   [25/03/2008|11:59] C:\Program Files\HP Games
   [11/04/2008|18:41] C:\Program Files\HPQ
   [26/12/2008|01:48] C:\Program Files\InstallShield Installation Information
   [25/12/2008|01:34] C:\Program Files\Internet Explorer
   [25/12/2008|01:36] C:\Program Files\iPod
   [25/12/2008|01:37] C:\Program Files\iTunes
   [17/08/2008|05:42] C:\Program Files\Java
   [05/01/2009|20:19] C:\Program Files\Messenger Plus! Live
   [17/12/2008|14:30] C:\Program Files\Microsoft
   [30/05/2008|18:37] C:\Program Files\Microsoft Games
   [24/10/2007|17:56] C:\Program Files\Microsoft Office
   [17/12/2008|14:31] C:\Program Files\Microsoft Silverlight
   [25/04/2008|16:38] C:\Program Files\Microsoft SQL Server Compact Edition
   [24/10/2007|17:56] C:\Program Files\Microsoft Works
   [24/10/2007|17:56] C:\Program Files\Microsoft.NET
   [25/10/2007|01:57] C:\Program Files\Movie Maker
   [02/11/2006|13:37] C:\Program Files\MSBuild
   [02/11/2006|13:37] C:\Program Files\MSN
   [12/04/2008|21:28] C:\Program Files\MSXML 4.0
   [24/10/2007|17:43] C:\Program Files\muvee Technologies
   [25/03/2008|11:42] C:\Program Files\NetWaiting
   [14/06/2008|14:03] C:\Program Files\Photo Service Edition
   [12/04/2008|23:00] C:\Program Files\PhotoFiltre
   [04/06/2008|22:35] C:\Program Files\Play65
   [25/12/2008|01:33] C:\Program Files\QuickTime
   [25/12/2008|02:28] C:\Program Files\Red Kawa
   [02/11/2006|13:37] C:\Program Files\Reference Assemblies
   [05/09/2008|16:13] C:\Program Files\Samsung
   [25/03/2008|12:00] C:\Program Files\Services en ligne
   [12/04/2008|22:00] C:\Program Files\Shareaza
   [29/01/2009|22:03] C:\Program Files\Steam
   [17/08/2008|05:42] C:\Program Files\Sun
   [25/03/2008|11:41] C:\Program Files\Synaptics
   [08/09/2008|21:18] C:\Program Files\Teamspeak2_RC2
   [26/12/2008|01:48] C:\Program Files\Ubisoft
   [02/11/2006|14:01] C:\Program Files\Uninstall Information
   [12/04/2008|14:17] C:\Program Files\VideoLAN
   [24/10/2007|17:20] C:\Program Files\Viewpoint
   [24/10/2007|17:14] C:\Program Files\Windows Calendar
   [25/10/2007|01:57] C:\Program Files\Windows Collaboration
   [24/10/2007|17:14] C:\Program Files\Windows Defender
   [25/10/2007|01:57] C:\Program Files\Windows Journal
   [17/12/2008|14:30] C:\Program Files\Windows Live
   [17/12/2008|14:24] C:\Program Files\Windows Live SkyDrive
   [15/01/2009|03:03] C:\Program Files\Windows Mail
   [12/04/2008|21:42] C:\Program Files\Windows Media Player
   [11/04/2008|18:35] C:\Program Files\Windows NT
   [25/10/2007|01:57] C:\Program Files\Windows Photo Gallery
   [12/04/2008|21:42] C:\Program Files\Windows Sidebar
   [14/05/2008|00:25] C:\Program Files\WinRAR
   [25/03/2008|11:45] C:\Program Files\WinTV
   [29/10/2008|17:15] C:\Program Files\Yahoo!

   --------------------\  Listing des dossiers dans C:\Program Files\Common Files

   [23/06/2008|08:31] C:\Program Files\Common Files\Adobe
   [24/10/2007|17:19] C:\Program Files\Common Files\AOL
   [25/12/2008|01:36] C:\Program Files\Common Files\Apple
   [29/12/2008|19:58] C:\Program Files\Common Files\BOONTY Shared
   [24/10/2007|17:56] C:\Program Files\Common Files\DESIGNER
   [24/10/2007|18:09] C:\Program Files\Common Files\InstallShield
   [24/10/2007|18:21] C:\Program Files\Common Files\Java
   [11/04/2008|18:41] C:\Program Files\Common Files\LightScribe
   [17/12/2008|14:24] C:\Program Files\Common Files\microsoft shared
   [24/10/2007|17:43] C:\Program Files\Common Files\muvee Technologies
   [03/09/2008|00:48] C:\Program Files\Common Files\Screaming Bee
   [02/11/2006|12:18] C:\Program Files\Common Files\Services
   [02/11/2006|12:18] C:\Program Files\Common Files\SpeechEngines
   [20/01/2009|15:35] C:\Program Files\Common Files\Steam
   [13/04/2008|21:11] C:\Program Files\Common Files\Symantec Shared
   [24/10/2007|17:14] C:\Program Files\Common Files\System
   [17/12/2008|14:20] C:\Program Files\Common Files\Windows Live
   [12/04/2008|10:01] C:\Program Files\Common Files\WindowsLiveInstaller

   --------------------\  Process

   ( 82 Processes )

   iexplore.exe ~ [PID:1828]

   --------------------\  Recherche avec S_Lop

   C:\ProgramData\Up seek seek.v5uhz
   C:\ProgramData\dvd way tray.h10k2a
   C:\ProgramData\Up seek seek.5uqt8w
   C:\ProgramData\Up seek seek.k70eb2
   C:\ProgramData\Up seek seek.wkb4hs
 
   --------------------\  Recherche de Fichiers / Dossiers Lop

   C:\ProgramData\Hold Trust Amok Mode
   C:\ProgramData\Hold Trust Amok Mode\curb dumb.dat
   C:\ProgramData\Hold Trust Amok Mode\curb dumb.exe
   C:\ProgramData\Mealmfcdaudio
   C:\ProgramData\Mealmfcdaudio\esckcscz.exe
   C:\ProgramData\Mealmfcdaudio\NameObjBallProc.exe
   C:\Program Files\Circle Developement
   C:\Program Files\Circle Developement\Uninstall.exe
   C:\Users\Matchti\AppData\Roaming\MICROS~1\Windows\Cookies\matchti@advertising[2].txt
 
   --------------------\  Verification du Registre

   [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] 
   "dash cool"="\"C:\ProgramData\Up seek seek.k70eb2\""
   "Amok Mode Dupe Platform"="\"C:\ProgramData\dvd way tray.h10k2a\""

   [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

   --------------------\  Verification du fichier Hosts

   Fichier Hosts PROPRE


   --------------------\  Recherche de fichiers avec Catchme
 
   catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
   Rootkit scan 2009-01-29 22:50:48
   Windows 6.0.6000  NTFS
   scanning hidden processes ...
   scanning hidden files ...
   C:\Users\Matchti\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\5XNQ0TPE\forum-7-virus-securite[1].htm 81920 bytes
   scan completed successfully
   hidden processes: 0
   hidden files: 1
 
   --------------------\  Recherche d'autres infections

   --------------------\  Cracks & Keygens ..

   C:\Users\Matchti\AppData\Roaming\Microsoft\Windows\Cookies\Low\matchti@likecrack[1].txt
   C:\Users\Matchti\AppData\Roaming\Microsoft\Windows\Cookies\Low\matchti@media.inthecrack[1].txt


   [F:3477][D:132]-> C:\Users\Matchti\AppData\Local\Temp
   [F:1471][D:1]-> C:\Users\Matchti\AppData\Roaming\MICROS~1\Windows\Cookies
   [F:9654][D:17]-> C:\Users\Matchti\AppData\Local\MICROS~1\Windows\TEMPOR~1\content.IE5
   [F:17][D:4]-> C:\$Recycle.Bin

   1 - "C:\Lop SD\LopR_1.txt" - 29/01/2009|23:07 - Option : [1]

   --------------------\  Fin du rapport a 23:07:20
   [ UAC => 1 ]

green day · Answer

ok,

    * Relancer Lop S&D.
    * Choisir cette fois-ci l'option 2 ( Suppression )
    * /!\ Ne fermer pas la fenêtre lors de la suppression ! /!\
    * Sauvegarder le rapport généré sur le bureau, le rapport fera mention de tous les éléments infectés qui auront été supprimés.

==> poste le stp

je te donne la suite demain,@+

Nat-Cole · Answer

--------------------\  Lop S&D 4.2.5-0   XP/Vista

   Microsoft® Windows Vista™ Édition Familiale Premium  ( v6.0.6000 ) 
   X86-based PC ( Multiprocessor Free : AMD Turion(tm) 64 X2 Mobile Technology TL-60 )
   BIOS : PhoenixBIOS 4.0 Release 6.1     
   USER : Matchti ( Administrator )
   BOOT : Normal boot
   Antivirus : avast! antivirus 4.8.1229 [VPS 081102-0] 4.8.1229 (Activated)
   C:\ (Local Disk) - NTFS - Total:286 Go (Free:48 Go)
   D:\ (Local Disk) - NTFS - Total:11 Go (Free:2 Go)
   E:\ (CD or DVD) - CDFS - Total:2 Go (Free:0 Go)

   "C:\Lop SD" ( MAJ : 19-12-2008|23:40 )
   Option : [2] ( 29/01/2009|23:22 )

   [ UAC => 1 ]


   \\\\\\\\\\\\\\\ SUPPRESSION

   Supprime! - C:\ProgramData\Hold Trust Amok Mode\curb dumb.dat
   Supprime! - C:\ProgramData\Hold Trust Amok Mode\curb dumb.exe
   Supprime! - C:\ProgramData\Mealmfcdaudio\esckcscz.exe
   Supprime! - C:\ProgramData\Mealmfcdaudio\NameObjBallProc.exe
   Supprime! - C:\Program Files\Circle Developement\Uninstall.exe
   Supprime! - C:\Users\Matchti\AppData\Roaming\MICROS~1\Windows\Cookies\matchti@advertising[2].txt
   Supprime! - C:\ProgramData\Up seek seek.v5uhz
   Supprime! - C:\ProgramData\dvd way tray.h10k2a
   Supprime! - C:\ProgramData\Up seek seek.5uqt8w
   Supprime! - C:\ProgramData\Up seek seek.k70eb2
   Supprime! - C:\ProgramData\Up seek seek.wkb4hs
   Supprime! - C:\ProgramData\Hold Trust Amok Mode
   Supprime! - C:\ProgramData\Mealmfcdaudio
   Supprime! - C:\Program Files\Circle Developement
   -
   [ Fichier Hosts ] .. Restaure!
 
   \\\\\\\\\\\\\\\ 

   Supprime! - C:\Program Files\Viewpoint
   Supprime! - C:\PROGRA~2\Viewpoint
 
   \\\\\\\\\\\\\\\

 
   --------------------\  Listing des dossiers dans Local

   [16/04/2008|01:27] C:\Users\Matchti\AppData\Local\Adobe
   [12/04/2008|00:41] C:\Users\Matchti\AppData\Local\AOL
   [25/12/2008|01:31] C:\Users\Matchti\AppData\Local\Apple
   [25/12/2008|07:35] C:\Users\Matchti\AppData\Local\Apple Computer
   [11/04/2008|18:39] C:\Users\Matchti\AppData\Local\Application Data 
   [11/04/2008|18:55] C:\Users\Matchti\AppData\Local\AtStart.txt
   [29/01/2009|22:44] C:\Users\Matchti\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
   [11/04/2008|18:46] C:\Users\Matchti\AppData\Local\Downloaded Installations
   [11/04/2008|18:55] C:\Users\Matchti\AppData\Local\DSwitch.txt
   [24/08/2008|00:26] C:\Users\Matchti\AppData\Local\FnF4.txt
   [11/04/2008|18:54] C:\Users\Matchti\AppData\Local\GDIPFONTCACHEV1.DAT
   [11/01/2009|21:57] C:\Users\Matchti\AppData\Local\Google
   [11/04/2008|18:55] C:\Users\Matchti\AppData\Local\Hewlett-Packard
   [11/04/2008|18:39] C:\Users\Matchti\AppData\Local\Historique 
   [29/01/2009|15:14] C:\Users\Matchti\AppData\Local\IconCache.db
   [22/09/2008|01:36] C:\Users\Matchti\AppData\Local\Microsoft
   [12/04/2008|18:14] C:\Users\Matchti\AppData\Local\Microsoft Games
   [15/06/2008|18:45] C:\Users\Matchti\AppData\Local\Play65
   [11/04/2008|18:55] C:\Users\Matchti\AppData\Local\QSwitch.txt
   [23/06/2008|12:35] C:\Users\Matchti\AppData\Local\QuickPlay
   [12/04/2008|22:00] C:\Users\Matchti\AppData\Local\Shareaza
   [12/04/2008|10:20] C:\Users\Matchti\AppData\Local\Steam
   [29/01/2009|23:22] C:\Users\Matchti\AppData\Local\Temp
   [11/04/2008|18:39] C:\Users\Matchti\AppData\Local\Temporary Internet Files 
   [03/09/2008|21:16] C:\Users\Matchti\AppData\Local\VirtualStore
 
   --------------------\  Tâches planifiées dans C:\Windows	asks

   [29/01/2009 09:25][--ah-----] C:\Windows	asks\User_Feed_Synchronization-{D6804DA1-491E-4D52-975C-83440EE11224}.job
   [29/01/2009 19:56][--ah-----] C:\Windows	asks\User_Feed_Synchronization-{13868F10-80AD-4E65-81B6-A387F615CFD1}.job
   [29/01/2009 15:16][--ah-----] C:\Windows	asks\SA.DAT
   [29/01/2009 15:14][--a------] C:\Windows	asks\SCHEDLGU.TXT

   --------------------\  Listing des dossiers dans C:\ProgramData
   
   [24/10/2007|17:57] C:\ProgramData\{174892B1-CBE7-44F5-86FF-AB555EFD73A3}
   [25/12/2008|01:37] C:\ProgramData\{3276BE95_AF08_429F_A64F_CA64CB79BCF6}
   [23/06/2008|08:31] C:\ProgramData\Adobe
   [25/12/2008|01:30] C:\ProgramData\Apple
   [25/12/2008|01:36] C:\ProgramData\Apple Computer
   [02/11/2006|14:02] C:\ProgramData\Application Data 
   [25/03/2008|11:44] C:\ProgramData\Atheros
   [29/12/2008|19:58] C:\ProgramData\BOONTY
   [11/04/2008|18:35] C:\ProgramData\Bureau 
   [16/04/2008|07:51] C:\ProgramData\CyberLink
   [02/11/2006|14:02] C:\ProgramData\Desktop 
   [02/11/2006|14:02] C:\ProgramData\Documents 
   [11/04/2008|18:47] C:\ProgramData\Electronic Arts
   [11/04/2008|18:35] C:\ProgramData\Favoris 
   [02/11/2006|14:02] C:\ProgramData\Favorites 
   [11/01/2009|17:50] C:\ProgramData\Google
   [29/01/2009|09:39] C:\ProgramData\Google Updater
   [11/04/2008|18:55] C:\ProgramData\Hewlett-Packard
   [11/09/2008|22:17] C:\ProgramData\hkhadevu
   [16/04/2008|07:51] C:\ProgramData\HP
   [14/06/2008|17:34] C:\ProgramData\hpzinstall.log
   [11/04/2008|18:35] C:\ProgramData\Menu D‚marrer 
   [13/04/2008|18:14] C:\ProgramData\Messenger Plus!
   [17/12/2008|14:20] C:\ProgramData\Microsoft
   [10/12/2008|03:09] C:\ProgramData\Microsoft Help
   [11/04/2008|18:35] C:\ProgramData\ModŠles 
   [24/10/2007|17:43] C:\ProgramData\muvee Technologies
   [11/04/2008|18:55] C:\ProgramData\NVIDIA
   [14/06/2008|14:03] C:\ProgramData\Photo Service Edition
   [03/09/2008|00:49] C:\ProgramData\Screaming Bee
   [03/09/2008|21:16] C:\ProgramData\setenmsg
   [02/11/2006|14:02] C:\ProgramData\Start Menu 
   [13/04/2008|21:09] C:\ProgramData\Symantec
   [12/04/2008|00:56] C:\ProgramData\TEMP
   [02/11/2006|14:02] C:\ProgramData\Templates 
   [23/04/2008|17:34] C:\ProgramData\Ubisoft
   [07/09/2008|16:01] C:\ProgramData\webgen
   [12/04/2008|00:25] C:\ProgramData\WildTangent
   [12/05/2008|12:44] C:\ProgramData\WLInstaller
   [29/10/2008|17:15] C:\ProgramData\Yahoo! Companion

   --------------------\  Listing des dossiers dans C:\Program Files

   [24/10/2007|17:57] C:\Program Files\Activation Assistant for the 2007 Microsoft Office suites
   [28/11/2008|19:08] C:\Program Files\Adobe
   [24/10/2007|17:20] C:\Program Files\AIM6
   [18/05/2008|21:48] C:\Program Files\Alwil Software
   [11/04/2008|18:48] C:\Program Files\AOL
   [25/12/2008|01:31] C:\Program Files\Apple Software Update
   [25/03/2008|11:44] C:\Program Files\Atheros
   [25/12/2008|02:28] C:\Program Files\AviSynth 2.5
   [25/12/2008|01:34] C:\Program Files\Bonjour
   [29/12/2008|21:11] C:\Program Files\BoontyGames
   [29/12/2008|19:58] C:\Program Files\Common Files
   [25/03/2008|11:44] C:\Program Files\CONEXANT
   [25/03/2008|11:56] C:\Program Files\CyberLink
   [29/10/2008|17:15] C:\Program Files\DivX
   [26/12/2008|02:28] C:\Program Files\Electronic Arts
   [11/04/2008|18:35] C:\Program Files\Fichiers communs [C:\Program Files\Common Files]
   [30/05/2008|18:38] C:\Program Files\GameSpy Arcade
   [11/01/2009|19:03] C:\Program Files\Google
   [25/03/2008|11:52] C:\Program Files\Hewlett-Packard
   [25/03/2008|11:48] C:\Program Files\Hp
   [25/03/2008|11:59] C:\Program Files\HP Games
   [11/04/2008|18:41] C:\Program Files\HPQ
   [26/12/2008|01:48] C:\Program Files\InstallShield Installation Information
   [25/12/2008|01:34] C:\Program Files\Internet Explorer
   [25/12/2008|01:36] C:\Program Files\iPod
   [25/12/2008|01:37] C:\Program Files\iTunes
   [17/08/2008|05:42] C:\Program Files\Java
   [05/01/2009|20:19] C:\Program Files\Messenger Plus! Live
   [17/12/2008|14:30] C:\Program Files\Microsoft
   [30/05/2008|18:37] C:\Program Files\Microsoft Games
   [24/10/2007|17:56] C:\Program Files\Microsoft Office
   [17/12/2008|14:31] C:\Program Files\Microsoft Silverlight
   [25/04/2008|16:38] C:\Program Files\Microsoft SQL Server Compact Edition
   [24/10/2007|17:56] C:\Program Files\Microsoft Works
   [24/10/2007|17:56] C:\Program Files\Microsoft.NET
   [25/10/2007|01:57] C:\Program Files\Movie Maker
   [02/11/2006|13:37] C:\Program Files\MSBuild
   [02/11/2006|13:37] C:\Program Files\MSN
   [12/04/2008|21:28] C:\Program Files\MSXML 4.0
   [24/10/2007|17:43] C:\Program Files\muvee Technologies
   [25/03/2008|11:42] C:\Program Files\NetWaiting
   [14/06/2008|14:03] C:\Program Files\Photo Service Edition
   [12/04/2008|23:00] C:\Program Files\PhotoFiltre
   [04/06/2008|22:35] C:\Program Files\Play65
   [25/12/2008|01:33] C:\Program Files\QuickTime
   [25/12/2008|02:28] C:\Program Files\Red Kawa
   [02/11/2006|13:37] C:\Program Files\Reference Assemblies
   [05/09/2008|16:13] C:\Program Files\Samsung
   [25/03/2008|12:00] C:\Program Files\Services en ligne
   [12/04/2008|22:00] C:\Program Files\Shareaza
   [29/01/2009|22:03] C:\Program Files\Steam
   [17/08/2008|05:42] C:\Program Files\Sun
   [25/03/2008|11:41] C:\Program Files\Synaptics
   [08/09/2008|21:18] C:\Program Files\Teamspeak2_RC2
   [26/12/2008|01:48] C:\Program Files\Ubisoft
   [02/11/2006|14:01] C:\Program Files\Uninstall Information
   [12/04/2008|14:17] C:\Program Files\VideoLAN
   [24/10/2007|17:14] C:\Program Files\Windows Calendar
   [25/10/2007|01:57] C:\Program Files\Windows Collaboration
   [24/10/2007|17:14] C:\Program Files\Windows Defender
   [25/10/2007|01:57] C:\Program Files\Windows Journal
   [17/12/2008|14:30] C:\Program Files\Windows Live
   [17/12/2008|14:24] C:\Program Files\Windows Live SkyDrive
   [15/01/2009|03:03] C:\Program Files\Windows Mail
   [12/04/2008|21:42] C:\Program Files\Windows Media Player
   [11/04/2008|18:35] C:\Program Files\Windows NT
   [25/10/2007|01:57] C:\Program Files\Windows Photo Gallery
   [12/04/2008|21:42] C:\Program Files\Windows Sidebar
   [14/05/2008|00:25] C:\Program Files\WinRAR
   [25/03/2008|11:45] C:\Program Files\WinTV
   [29/10/2008|17:15] C:\Program Files\Yahoo!

   --------------------\  Listing des dossiers dans C:\Program Files\Common Files

   [23/06/2008|08:31] C:\Program Files\Common Files\Adobe
   [24/10/2007|17:19] C:\Program Files\Common Files\AOL
   [25/12/2008|01:36] C:\Program Files\Common Files\Apple
   [29/12/2008|19:58] C:\Program Files\Common Files\BOONTY Shared
   [24/10/2007|17:56] C:\Program Files\Common Files\DESIGNER
   [24/10/2007|18:09] C:\Program Files\Common Files\InstallShield
   [24/10/2007|18:21] C:\Program Files\Common Files\Java
   [11/04/2008|18:41] C:\Program Files\Common Files\LightScribe
   [17/12/2008|14:24] C:\Program Files\Common Files\microsoft shared
   [24/10/2007|17:43] C:\Program Files\Common Files\muvee Technologies
   [03/09/2008|00:48] C:\Program Files\Common Files\Screaming Bee
   [02/11/2006|12:18] C:\Program Files\Common Files\Services
   [02/11/2006|12:18] C:\Program Files\Common Files\SpeechEngines
   [20/01/2009|15:35] C:\Program Files\Common Files\Steam
   [13/04/2008|21:11] C:\Program Files\Common Files\Symantec Shared
   [24/10/2007|17:14] C:\Program Files\Common Files\System
   [17/12/2008|14:20] C:\Program Files\Common Files\Windows Live
   [12/04/2008|10:01] C:\Program Files\Common Files\WindowsLiveInstaller

   --------------------\  Process

   ( 76 Processes )

   ... OK !

   --------------------\  Recherche avec S_Lop

   Aucun fichier / dossier Lop trouvé !
 
   --------------------\  Recherche de Fichiers / Dossiers Lop

   Aucun fichier / dossier Lop trouvé ! 
 
   --------------------\  Verification du Registre
 
   ..... OK !

   --------------------\  Verification du fichier Hosts

   Fichier Hosts PROPRE


   --------------------\  Recherche de fichiers avec Catchme
 
   catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
   Rootkit scan 2009-01-29 23:22:56
   Windows 6.0.6000  NTFS
   scanning hidden processes ...
   scanning hidden files ...
   scan completed successfully
   hidden processes: 0
   hidden files: 0
 
   --------------------\  Recherche d'autres infections

   --------------------\  Cracks & Keygens ..

   C:\Users\Matchti\AppData\Roaming\Microsoft\Windows\Cookies\Low\matchti@likecrack[1].txt
   C:\Users\Matchti\AppData\Roaming\Microsoft\Windows\Cookies\Low\matchti@media.inthecrack[1].txt


   [F:3480][D:132]-> C:\Users\Matchti\AppData\Local\Temp
   [F:1470][D:1]-> C:\Users\Matchti\AppData\Roaming\MICROS~1\Windows\Cookies
   [F:9666][D:17]-> C:\Users\Matchti\AppData\Local\MICROS~1\Windows\TEMPOR~1\content.IE5
   [F:17][D:4]-> C:\$Recycle.Bin

   1 - "C:\Lop SD\LopR_1.txt" - 29/01/2009|23:07 - Option : [1]
   2 - "C:\Lop SD\LopR_2.txt" - 29/01/2009|23:39 - Option : [2]

   --------------------\  Fin du rapport a 23:39:21
   [ UAC => 1 ]

green day · Answer

Salut

Très bien !

* Télécharge Malwarebytes' Anti-Malware (MBAM) sur ton Bureau : http://www.malwarebytes.org/mbam/program/mbam-setup.exe
* Double-clique sur le fichier téléchargé pour lancer le processus d'installation.
* Dans l'onglet Mise à jour, clique sur le bouton Recherche de mise à jour : si le pare-feu demande l'autorisation à MBAM de se connecter à Internet, accepte.
* Une fois la mise à jour terminée, rends-toi dans l'onglet Recherche.
* Sélectionne Exécuter un examen complet.
* Clique sur Rechercher.
* L'analyse démarre, le scan est relativement long, c'est normal.
* Clique sur OK pour poursuivre. Si MBAM n'a rien trouvé, il te le dira aussi.
* Ferme tes navigateurs.
* Si des malwares ont été détectés, clique sur Afficher les résultats.
* Sélectionne tout (ou laisse coché) et clique sur Supprimer la sélection, MBAM va détruire les fichiers et clés de registre infectés et en mettre une copie dans la quarantaine.
* MBAM va ouvrir le Bloc-notes et y copier le rapport d'analyse. Copie-colle ce rapport dans ta prochaine réponse stp

@+

Nat-Cole · Answer

Malwarebytes' Anti-Malware 1.33
Version de la base de données: 1708
Windows 6.0.6000 

30/01/2009 19:47:46
mbam-log-2009-01-30 (19-47-46).txt

Type de recherche: Examen complet (C:\|D:\|)
Eléments examinés: 241786
Temps écoulé: 1 hour(s), 46 minute(s), 0 second(s)

Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 27
Valeur(s) du Registre infectée(s): 8
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 0
Fichier(s) infecté(s): 5

Processus mémoire infecté(s):
(Aucun élément nuisible détecté)

Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)

Clé(s) du Registre infectée(s):
HKEY_CLASSES_ROOT\CLSID\{0656a137-b161-cadd-9777-e37a75727e78} (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{0b682cc1-fb40-4006-a5dd-99edd3c9095d} (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{0e1230f8-ea50-42a9-983c-d22abc2eeb4c} (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{9dd4258a-7138-49c4-8d34-587879a5c7a4} (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{b8c0220d-763d-49a4-95f4-61dfdec66ee6} (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{c3bcc488-1ae7-11d4-ab82-0010a4ec2338} (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9dd4258a-7138-49c4-8d34-587879a5c7a4} (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{b8c0220d-763d-49a4-95f4-61dfdec66ee6} (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{c3bcc488-1ae7-11d4-ab82-0010a4ec2338} (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{000000da-0786-4633-87c6-1aa7a4429ef1} (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\dpcproxy (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\logons (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER	ypelib (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\HOL5_VXIEWER.FULL.1 (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Classes\hol5_vxiewer.full.1 (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Classes\applications\accessdiver.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\fwbd (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\HolLol (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Inet Delivery (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Inet Delivery (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\mslagent (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Invictus (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Golden Palace Casino PT (Trojan.DNSChanger) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Golden Palace Casino NEW (Trojan.DNSChanger) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SYSTEM\currentcontrolset\Services\iTunesMusic (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SYSTEM\currentcontrolset\Servicesdriv (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\mwc (Malware.Trace) -> Quarantined and deleted successfully.

Valeur(s) du Registre infectée(s):
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Toolbar\{0e1230f8-ea50-42a9-983c-d22abc2eeb4c} (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler\{0656a137-b161-cadd-9777-e37a75727e78} (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\SystemCheck2 (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\lphcpn6j0eg32 (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\IUpd646 (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\Somefox (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\Control Panel\Desktop\originalwallpaper (Hijack.Wallpaper) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\Control Panel\Desktop\convertedwallpaper (Hijack.Wallpaper) -> Quarantined and deleted successfully.

Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)

Dossier(s) infecté(s):
(Aucun élément nuisible détecté)

Fichier(s) infecté(s):
C:\ProgramData\setenmsg\pavkrclu.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Users\Matchti\AppData\Local\Temp\scan.exe (Rogue.Installer) -> Quarantined and deleted successfully.
C:\Users\Matchti\AppData\Local\Temp\c.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Users\Matchti\AppData\Local\Temp\08.php (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Users\Matchti\AppData\Local\Temp\video119.cfg (Trojan.FakeAlert) -> Quarantined and deleted successfully.

green day · Answer

Salut

Ok, poste un nouveau hijack et précise l'évolution de la situation.

++

Nat-Cole · Answer

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 12:03:27, on 31/01/2009
Platform: Windows Vista  (WinNT 6.00.1904)
MSIE: Internet Explorer v7.00 (7.00.6000.16764)
Boot mode: Normal

Running processes:
C:\Windows\system32	askeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Hp\QuickPlay\QPService.exe
C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe
C:\Program Files\Hewlett-Packard\HP QuickTouch\HPKBDAPP.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\Hp\HP Software Update\hpwuSchd2.exe
C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
C:\Program Files\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe
C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Windows\System32undll32.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe
C:\Program Files\Hewlett-Packard\HP Advisor\HPAdvisor.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\Steam\Steam.exe
C:\Windows\ehome\ehmsas.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Hewlett-Packard\Shared\HpqToaster.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Windows\system32\conime.exe
C:\Program Files\Shareaza\Shareaza.exe
C:\Windows\system32\wuauclt.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Windows Live\Contacts\wlcomm.exe
C:\Program Files\Internet Explorer\ieuser.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Google\Google Toolbar\GoogleToolbarUser.exe
C:\Users\Matchti\Desktop\HiJackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://lelombrik.net/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://fr.yahoo.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.yahoo.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = 
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = 
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = 
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: NCO 2.0 IE BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - (no file)
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: AOL Toolbar Launcher - {7C554162-8CB7-45A4-B8F4-8EA1C75885F9} - C:\Program Files\AOL\AOL Toolbar 5.0\aoltb.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.0.926.3450\swg.dll
O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_219B3E1547538286.dll
O3 - Toolbar: (no name) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - (no file)
O3 - Toolbar: AOL Toolbar - {DE9C389F-3316-41A7-809B-AA305ED9D922} - C:\Program Files\AOL\AOL Toolbar 5.0\aoltb.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: &Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O4 - HKLM\..\Run: [NvSvc] RUNDLL32.EXE C:\Windows\system32
vsvc.dll,nvsvcStart
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [QPService] "C:\Program Files\HP\QuickPlay\QPService.exe"
O4 - HKLM\..\Run: [QlbCtrl] %ProgramFiles%\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start
O4 - HKLM\..\Run: [OnScreenDisplay] C:\Program Files\Hewlett-Packard\HP QuickTouch\HPKBDAPP.exe
O4 - HKLM\..\Run: [UCam_Menu] "C:\Program Files\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe" "C:\Program Files\CyberLink\YouCam" update "Software\CyberLink\YouCam\1.0"
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [HP Health Check Scheduler] [ProgramFilesFolder]Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [hpWirelessAssistant] C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
O4 - HKLM\..\Run: [WAWifiMessage] C:\Program Files\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [LightScribe Control Panel] C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe -hidden
O4 - HKCU\..\Run: [HPAdvisor] C:\Program Files\Hewlett-Packard\HP Advisor\HPAdvisor.exe autoRun
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [Shareaza] "C:\Program Files\Shareaza\Shareaza.exe" -tray
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [Steam] "c:\program files\steam\steam.exe" -silent
O4 - HKCU\..\Run: [webgen] C:\ProgramData\webgen\pobknuny.exe
O4 - HKCU\..\Run: [ehOxC56OnE] C:\ProgramData\hkhadevu\huvqjmrg.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU')
O4 - Startup: OneNote 2007 - Capture d'écran et lancement.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
O8 - Extra context menu item: &Recherche AOL Toolbar - c:\program files\aol\aol toolbar 5.0esources\fr-fr\local\search.html
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\PROGRA~1\Java\JRE16~3.0_0\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\PROGRA~1\Java\JRE16~3.0_0\bin\ssv.dll
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra button: AOL Toolbar - {3369AF0D-62E9-4bda-8103-B4C75499B578} - C:\Program Files\AOL\AOL Toolbar 5.0\aoltb.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O13 - Gopher Prefix: 
O16 - DPF: {04CB5B64-5915-4629-B869-8945CEBADD21} (Module de délivrance de certificat MINEFI) - https://static.impots.gouv.fr/abos/static/securite/certdgi1.cab
O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} (Facebook Photo Uploader 5 Control) - http://upload.facebook.com/controls/2008.10.10_v5.5.8/FacebookPhotoUploader5.cab
O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} (DivXBrowserPlugin Object) - http://www.triforce.fr/plugin/DivXBrowserPlugin.cab
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Boonty Games - BOONTY - C:\Program Files\Common Files\BOONTY Shared\Service\Boonty.exe
O23 - Service: Com4Qlb - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4Qlb.exe
O23 - Service: GameConsoleService - WildTangent, Inc. - C:\Program Files\HP Games\My HP Game Console\GameConsoleService.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: HP Health Check Service - Hewlett-Packard - c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe
O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: QuickPlay Background Capture Service (QBCS) (QPCapSvc) - Unknown owner - C:\Program Files\HP\QuickPlay\Kernel\TV\QPCapSvc.exe
O23 - Service: QuickPlay Task Scheduler (QTS) (QPSched) - Unknown owner - C:\Program Files\HP\QuickPlay\Kernel\TV\QPSched.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files\Common Files\Steam\SteamService.exe
O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe

green day · Answer

Salut

Et comment se comporte le pc ? :)

++

Nat-Cole · Answer

Très bien merci!!

accroauC · Answer

telecharge spybot search&destroy
https://www.01net.com/telecharger/windows/Securite/anti-spyware/fiches/26157.html

green day · Answer

ok,



Scanner ensuite son PC avec un BitDefender en ligne (uniquement sous Internet Explorer) :

https://www.bitdefender.com/toolbox/

Utilisation :

* Cliquer sur "J'accepte" puis accepter également l'ActiveX bloqué par la barre anti-popup du SP2 qui clignotera en haut et l'installer.
* A l'ouverture de la page "Scanner Options", cliquer sur [click here] de "To change this and other settings, click here" puis cliquer sur le + devant Second option et cocher "Report only" puis cliquer sur [OK].
* Ensuite, cliquer sur [Start scan].
* Patienter jusqu'à la fin du scan qui peut durer assez longtemps...


Copier/coller le rapport entier sur le forum stp

@+

CiD, Spams de pubs intempestifs..!!!

15 réponses

Votre réponse

Discussions similaires

Newsletters