Sujet Précédent Sujet Suivant

Pb de fenetres intempestives IE

Fermé
DOUDOU484848 Messages postés 14 Date d'inscription samedi 17 janvier 2009 Statut Membre Dernière intervention 13 mars 2009 - 13 mars 2009 à 18:25
 Utilisateur anonyme - 18 mars 2009 à 18:19
Bonjour,
Bonjour j'ai depuis hier des fenetres intempestives IE, j'utilise mozilla firefox j'ai "desinstaller" IE a partir du panneau de configuration mais ca ne change rien.
est ce que quelqu'un peut m'aider ?
Voici mon rapport hijackthis
ps: j'ai nettoyer le registre et le reste avec Ccleaner mais sans conséquences.

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 18:21:30, on 13/03/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16791)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\MsPMSPSv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\COMODO\SafeSurf\cssurf.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Creative\MediaSource\Detector\CTDetect.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpohmr08.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpoevm08.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Hewlett-Packard\Digital Imaging\Bin\hpoSTS08.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = https://actus.sfr.fr
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = https://actus.sfr.fr
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://actus.sfr.fr
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = https://actus.sfr.fr
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Winamp Toolbar BHO - {25CEE8EC-5730-41bc-8B58-22DDC8AB8C20} - C:\Program Files\Winamp Toolbar\winamptb.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.0.926.3450\swg.dll
O3 - Toolbar: Winamp Toolbar - {EBF2BA02-9094-4c5a-858B-BB198F3D8DE2} - C:\Program Files\Winamp Toolbar\winamptb.dll
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [COMODO SafeSurf] "C:\Program Files\COMODO\SafeSurf\cssurf.exe" -s
O4 - HKLM\..\Run: [Bits peak locks body] C:\Documents and Settings\All Users\Application Data\Noun Love Bits Peak\DENT PLAY.exe
O4 - HKCU\..\Run: [OM_Monitor] C:\Program Files\OLYMPUS\OLYMPUS Master\Monitor.exe -NoStart
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Creative Detector] C:\Program Files\Creative\MediaSource\Detector\CTDetect.exe /R
O4 - HKCU\..\Run: [size lite] C:\DOCUME~1\PHILIP~1\APPLIC~1\INTERO~1\Inside vga.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O4 - Startup: Event Reminder.lnk = C:\pmw\PMREMIND.EXE
O4 - Global Startup: Adobe Gamma Loader.exe.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: hp psc 1000 series.lnk = ?
O4 - Global Startup: hpoddt01.exe.lnk = ?
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O4 - Global Startup: Outil de mise à jour Google.lnk = C:\Program Files\Google\Google Updater\GoogleUpdater.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.bitdefender.fr/scan_fr/scan8/oscan8.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/default.aspx
O16 - DPF: {6E5E167B-1566-4316-B27F-0DDAB3484CF7} (Image Uploader Control) - http://www.new2.foto.com/ImageUploader4.cab
O16 - DPF: {EDFCB7CB-942C-4822-AF14-F0B687409848} (Image Uploader Control) - http://www.mypix.com/fr/fr/importer/ImageUploader4.cab
O20 - AppInit_DLLs: C:\WINDOWS\system32\guard32.dll C:\WINDOWS\system32\cssdll32.dll
O23 - Service: COMODO Internet Security Helper Service (cmdAgent) - Unknown owner - C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe (file missing)
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
End of file - 6977 bytes
A voir également:

3 réponses

Réponse 1 / 3
Utilisateur anonyme
13 mars 2009 à 18:27
Hello 

j'utilise mozilla firefox j'ai "desinstaller" IE a partir du panneau de configuration mais ca ne change rien.


Tu ne peux pas désinstaller IE ;)



Suis ce tutorial avec LOPSD (option scan ) : http://forum.telecharger.01net.com/forum/high-tech/PRODUITS/Questions-techniques/eliminez-pubs-cid-sujet_198443_1.htm

Poste moi le rapport

++
0
DOUDOU484848 Messages postés 14 Date d'inscription samedi 17 janvier 2009 Statut Membre Dernière intervention 13 mars 2009
13 mars 2009 à 18:44
Merci pour ton aide voici le rapport:


--------------------\\ Lop S&D 4.2.5-0 XP/Vista

Microsoft Windows XP Édition familiale ( v5.1.2600 ) Service Pack 3
X86-based PC ( Uniprocessor Free : Intel(R) Pentium(R) 4 CPU 2.40GHz )
BIOS : 4.06 Rev. 1.04.1495
USER : Philippe Maurin ( Administrator )
BOOT : Normal boot
A:\ (USB)
C:\ (Local Disk) - NTFS - Total:55 Go (Free:5 Go)
D:\ (CD or DVD)
E:\ (CD or DVD) - CDFS - Total:0 Go (Free:0 Go)

"C:\Lop SD" ( MAJ : 19-12-2008|23:40 )
Option : [1] ( 13/03/2009|18:37 )

--------------------\\ Listing des dossiers dans APPLIC~1


[30/08/2007|18:42] C:\DOCUME~1\ADMINI~1\APPLIC~1\Macromedia
[16/04/2008|16:38] C:\DOCUME~1\ADMINI~1\APPLIC~1\Microsoft
[16/04/2008|16:37] C:\DOCUME~1\ADMINI~1\APPLIC~1\Mozilla

[24/01/2009|17:48] C:\DOCUME~1\ALLUSE~1\APPLIC~1\{55A29068-F2CE-456C-9148-C869879E2357}
[11/07/2008|20:03] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe
[07/04/2007|00:20] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple Computer
[05/12/2007|21:16] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Azureus
[23/01/2009|12:19] C:\DOCUME~1\ALLUSE~1\APPLIC~1\comodo
[17/07/2007|10:46] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Creative
[23/01/2009|13:17] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Google
[12/03/2009|19:15] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Google Updater
[16/01/2008|20:21] C:\DOCUME~1\ALLUSE~1\APPLIC~1\InstallShield
[23/01/2009|13:15] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Lavasoft
[02/09/2007|17:41] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Line 6
[19/04/2008|23:01] C:\DOCUME~1\ALLUSE~1\APPLIC~1\MailFrontier
[23/01/2009|12:06] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Malwarebytes
[06/03/2009|22:21] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft
[13/04/2007|12:52] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft Help
[30/04/2007|16:47] C:\DOCUME~1\ALLUSE~1\APPLIC~1\MSN6
[06/08/2008|11:10] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Nero
[12/03/2009|20:47] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Noun Love Bits Peak
[09/09/2007|12:06] C:\DOCUME~1\ALLUSE~1\APPLIC~1\NVIDIA
[25/04/2007|15:29] C:\DOCUME~1\ALLUSE~1\APPLIC~1\OrbNetworks
[12/09/2007|21:12] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Skype
[21/01/2009|21:32] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Spybot - Search & Destroy
[07/11/2008|20:11] C:\DOCUME~1\ALLUSE~1\APPLIC~1\TEMP
[20/04/2008|16:48] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Trymedia
[24/01/2009|17:48] C:\DOCUME~1\ALLUSE~1\APPLIC~1\TuneUp Software
[10/10/2007|10:10] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Winamp Toolbar
[05/04/2007|17:57] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Genuine Advantage
[05/04/2007|23:13] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Live Toolbar
[22/03/2008|14:59] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WLInstaller
[24/03/2008|01:42] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Zylom


[30/08/2007|18:42] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Macromedia
[02/12/2007|03:02] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft

[06/04/2007|00:07] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft

[05/04/2007|16:37] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft

[20/06/2007|21:43] C:\DOCUME~1\PHILIP~1\APPLIC~1\ACAMPREF
[21/04/2008|17:44] C:\DOCUME~1\PHILIP~1\APPLIC~1\Adobe
[24/01/2008|22:21] C:\DOCUME~1\PHILIP~1\APPLIC~1\Apple Computer
[08/03/2009|08:20] C:\DOCUME~1\PHILIP~1\APPLIC~1\Azureus
[12/08/2007|15:10] C:\DOCUME~1\PHILIP~1\APPLIC~1\Creative
[23/01/2009|17:31] C:\DOCUME~1\PHILIP~1\APPLIC~1\dvdcss
[27/02/2008|20:40] C:\DOCUME~1\PHILIP~1\APPLIC~1\EoRezo
[08/02/2008|15:42] C:\DOCUME~1\PHILIP~1\APPLIC~1\Google
[12/05/2007|13:04] C:\DOCUME~1\PHILIP~1\APPLIC~1\gtk-2.0
[29/01/2008|20:43] C:\DOCUME~1\PHILIP~1\APPLIC~1\Help
[05/04/2007|17:13] C:\DOCUME~1\PHILIP~1\APPLIC~1\Hewlett-Packard
[30/04/2008|19:35] C:\DOCUME~1\PHILIP~1\APPLIC~1\Identities
[12/03/2009|20:47] C:\DOCUME~1\PHILIP~1\APPLIC~1\Inter Once Bone
[05/04/2007|17:30] C:\DOCUME~1\PHILIP~1\APPLIC~1\InterTrust
[24/02/2008|22:03] C:\DOCUME~1\PHILIP~1\APPLIC~1\ItsLabel
[29/07/2007|17:32] C:\DOCUME~1\PHILIP~1\APPLIC~1\Leadertech
[13/03/2009|09:54] C:\DOCUME~1\PHILIP~1\APPLIC~1\LimeWire
[02/09/2007|19:20] C:\DOCUME~1\PHILIP~1\APPLIC~1\Line 6
[21/04/2008|17:44] C:\DOCUME~1\PHILIP~1\APPLIC~1\Macromedia
[23/01/2009|12:07] C:\DOCUME~1\PHILIP~1\APPLIC~1\Malwarebytes
[15/02/2008|17:15] C:\DOCUME~1\PHILIP~1\APPLIC~1\Micro Application
[22/03/2008|18:27] C:\DOCUME~1\PHILIP~1\APPLIC~1\Microsoft
[05/04/2007|23:21] C:\DOCUME~1\PHILIP~1\APPLIC~1\Mozilla
[11/04/2008|15:58] C:\DOCUME~1\PHILIP~1\APPLIC~1\MSN6
[25/04/2007|13:51] C:\DOCUME~1\PHILIP~1\APPLIC~1\MusicIP
[03/05/2008|17:42] C:\DOCUME~1\PHILIP~1\APPLIC~1\Nero
[09/09/2007|21:31] C:\DOCUME~1\PHILIP~1\APPLIC~1\Notepad++
[15/04/2007|16:35] C:\DOCUME~1\PHILIP~1\APPLIC~1\Nvu
[17/01/2008|03:06] C:\DOCUME~1\PHILIP~1\APPLIC~1\OLYMPUS
[11/03/2009|19:01] C:\DOCUME~1\PHILIP~1\APPLIC~1\OpenOffice.org2
[21/04/2007|18:28] C:\DOCUME~1\PHILIP~1\APPLIC~1\Real
[20/04/2008|16:48] C:\DOCUME~1\PHILIP~1\APPLIC~1\SEGA
[12/01/2009|10:34] C:\DOCUME~1\PHILIP~1\APPLIC~1\skypePM
[16/02/2008|15:12] C:\DOCUME~1\PHILIP~1\APPLIC~1\Sony Ericsson
[06/04/2007|00:45] C:\DOCUME~1\PHILIP~1\APPLIC~1\Sun
[05/03/2009|17:57] C:\DOCUME~1\PHILIP~1\APPLIC~1\SystemRequirementsLab
[05/04/2007|23:21] C:\DOCUME~1\PHILIP~1\APPLIC~1\Talkback
[17/05/2008|09:55] C:\DOCUME~1\PHILIP~1\APPLIC~1\TaoUSign
[16/02/2008|15:13] C:\DOCUME~1\PHILIP~1\APPLIC~1\Teleca
[05/04/2007|23:21] C:\DOCUME~1\PHILIP~1\APPLIC~1\Thunderbird
[24/01/2009|17:48] C:\DOCUME~1\PHILIP~1\APPLIC~1\TuneUp Software
[23/01/2009|19:17] C:\DOCUME~1\PHILIP~1\APPLIC~1\vlc
[15/02/2008|19:46] C:\DOCUME~1\PHILIP~1\APPLIC~1\XCPCSync.OEM
[30/04/2008|19:35] C:\DOCUME~1\PHILIP~1\APPLIC~1\Zylom

--------------------\\ Tâches planifiées dans C:\WINDOWS\tasks

[13/03/2009 18:00][--ah-----] C:\WINDOWS\tasks\AC34EE6990CF6305.job
[12/03/2009 23:24][--a------] C:\WINDOWS\tasks\FRU Task #Hewlett-Packard#hp psc 1200 series#1175808241.job
[07/07/2007 22:30][--a------] C:\WINDOWS\tasks\FRU Task #Hewlett-Packard#hp psc 1200 series#1175789578.job
[13/03/2009 14:49][--ah-----] C:\WINDOWS\tasks\SA.DAT
[30/08/2002 13:00][-r-h-----] C:\WINDOWS\tasks\desktop.ini

( AC34EE6990CF6305.job )=( c:\docume~1\philip~1\applic~1\intero~1\Drawsafefree.exe )

--------------------\\ Listing des dossiers dans C:\Program Files

[15/02/2008|19:57] C:\Program Files\3D-WinBrick2001
[15/04/2007|19:13] C:\Program Files\7-Zip
[27/11/2007|14:55] C:\Program Files\Acro Software
[15/08/2008|07:44] C:\Program Files\Adobe
[27/01/2009|15:06] C:\Program Files\adslTV
[15/03/2008|10:05] C:\Program Files\Ahead
[30/07/2008|13:21] C:\Program Files\Alwil Software
[15/02/2008|19:31] C:\Program Files\Armagetron
[23/01/2009|12:19] C:\Program Files\AskBarDis
[03/03/2009|16:03] C:\Program Files\Azureus
[16/10/2007|00:44] C:\Program Files\Bluetooth remote
[17/01/2009|20:00] C:\Program Files\CCleaner
[02/09/2007|17:41] C:\Program Files\Common Files
[23/01/2009|12:19] C:\Program Files\COMODO
[05/04/2007|16:35] C:\Program Files\ComPlus Applications
[05/04/2007|17:52] C:\Program Files\Creative
[05/04/2007|17:28] C:\Program Files\directx
[16/02/2008|15:02] C:\Program Files\Disc2Phone
[06/02/2009|11:33] C:\Program Files\Fichiers communs
[04/06/2008|02:06] C:\Program Files\FMS
[25/02/2008|18:28] C:\Program Files\Foto.com
[24/05/2007|15:47] C:\Program Files\GIMP-2.0
[23/01/2009|13:17] C:\Program Files\Google
[27/11/2007|14:58] C:\Program Files\GPLGS
[23/01/2009|13:25] C:\Program Files\GStudio6
[01/05/2007|13:31] C:\Program Files\HardwareDetection
[05/04/2007|17:11] C:\Program Files\Hewlett-Packard
[12/03/2009|21:09] C:\Program Files\Incomplete
[07/11/2008|19:42] C:\Program Files\InstallShield Installation Information
[12/02/2009|15:38] C:\Program Files\Internet Explorer
[17/10/2007|10:41] C:\Program Files\Java
[12/03/2009|21:08] C:\Program Files\LimeWire
[23/01/2009|12:07] C:\Program Files\Malwarebytes' Anti-Malware
[14/08/2008|00:59] C:\Program Files\Messenger
[10/05/2007|02:00] C:\Program Files\Microsoft CAPICOM 2.1.0.2
[05/04/2007|23:32] C:\Program Files\microsoft frontpage
[13/04/2007|11:12] C:\Program Files\Microsoft Office
[15/03/2008|19:42] C:\Program Files\Microsoft SQL Server Compact Edition
[13/04/2007|12:36] C:\Program Files\Microsoft Visual Studio
[13/04/2007|11:19] C:\Program Files\Microsoft Visual Studio 8
[13/04/2007|11:12] C:\Program Files\Microsoft.NET
[16/01/2008|20:20] C:\Program Files\Mindscape
[06/08/2008|15:06] C:\Program Files\Movie Maker
[13/03/2009|17:27] C:\Program Files\Mozilla Firefox
[15/02/2008|20:06] C:\Program Files\Mozilla Thunderbird
[05/04/2007|21:44] C:\Program Files\MSBuild
[05/04/2007|16:34] C:\Program Files\MSN Gaming Zone
[07/01/2008|15:42] C:\Program Files\MSN Messenger
[09/09/2007|02:00] C:\Program Files\MSXML 4.0
[15/08/2007|00:36] C:\Program Files\MSXML 6.0
[29/01/2008|22:29] C:\Program Files\MTProd
[15/02/2008|19:47] C:\Program Files\NEC
[03/05/2008|17:35] C:\Program Files\Nero
[03/05/2008|17:54] C:\Program Files\NeroInstall.bak
[06/08/2008|15:03] C:\Program Files\NetMeeting
[18/01/2009|18:32] C:\Program Files\Neuf
[14/04/2007|20:35] C:\Program Files\Notepad++
[11/03/2008|23:43] C:\Program Files\Nouveau dossier
[15/04/2007|16:35] C:\Program Files\Nvu
[29/01/2008|21:59] C:\Program Files\Oak Entertainment
[17/01/2008|03:19] C:\Program Files\OLYMPUS
[29/09/2008|15:59] C:\Program Files\OpenAL
[06/04/2007|00:46] C:\Program Files\OpenOffice.org 2.2
[06/08/2008|15:03] C:\Program Files\Outlook Express
[23/01/2009|13:52] C:\Program Files\Petittestenfantin-E.pps
[17/01/2008|03:03] C:\Program Files\PIXELA
[01/07/2007|12:50] C:\Program Files\Power Tab Software
[13/04/2007|12:36] C:\Program Files\Publication Web
[07/04/2007|00:21] C:\Program Files\QuickTime
[03/06/2008|23:56] C:\Program Files\RC Heli Master
[07/04/2007|00:21] C:\Program Files\Real
[02/05/2007|18:04] C:\Program Files\Realtek AC97
[05/04/2007|21:40] C:\Program Files\Reference Assemblies
[07/11/2008|20:11] C:\Program Files\Registry Mechanic
[15/02/2008|19:31] C:\Program Files\Renegade Entertainment
[16/02/2008|00:25] C:\Program Files\ScreenshotCaptor
[05/04/2007|16:34] C:\Program Files\Services en ligne
[05/03/2009|17:58] C:\Program Files\SystemRequirementsLab
[29/01/2008|23:51] C:\Program Files\TFC
[05/04/2007|17:15] C:\Program Files\Trek 320R
[24/01/2009|18:18] C:\Program Files\Trend Micro
[13/03/2009|13:54] C:\Program Files\TuneUp Utilities 2009
[05/04/2007|16:51] C:\Program Files\Uninstall Information
[30/04/2007|16:19] C:\Program Files\VIA
[30/04/2007|11:32] C:\Program Files\VIAudioi
[10/10/2007|18:14] C:\Program Files\Vilma
[07/07/2007|21:40] C:\Program Files\WinAce
[15/02/2008|19:49] C:\Program Files\Winamp
[13/08/2007|13:26] C:\Program Files\Winamp Deskband
[17/10/2007|12:28] C:\Program Files\Winamp Profiles
[10/10/2007|10:10] C:\Program Files\Winamp Toolbar
[06/04/2007|19:23] C:\Program Files\windirstat
[16/03/2008|11:34] C:\Program Files\Windows Live
[16/03/2008|11:23] C:\Program Files\Windows Live Toolbar
[05/04/2007|21:38] C:\Program Files\Windows Media Connect 2
[06/08/2008|15:03] C:\Program Files\Windows Media Player
[06/08/2008|15:03] C:\Program Files\Windows NT
[05/04/2007|17:39] C:\Program Files\WindowsUpdate
[05/04/2007|16:38] C:\Program Files\xerox
[16/04/2008|16:17] C:\Program Files\XP TCPIP Repair
[06/08/2008|14:19] C:\Program Files\Yahoo!

--------------------\\ Listing des dossiers dans C:\Program Files\Fichiers communs

[11/07/2008|20:00] C:\Program Files\Fichiers communs\Adobe
[15/08/2007|17:45] C:\Program Files\Fichiers communs\Blizzard Entertainment
[10/06/2007|16:28] C:\Program Files\Fichiers communs\DAZ
[13/04/2007|12:36] C:\Program Files\Fichiers communs\Designer
[15/12/2007|20:24] C:\Program Files\Fichiers communs\France Telecom
[05/04/2007|23:15] C:\Program Files\Fichiers communs\GTK
[05/04/2007|17:10] C:\Program Files\Fichiers communs\Hewlett-Packard
[16/01/2008|20:21] C:\Program Files\Fichiers communs\InstallShield
[06/04/2007|00:45] C:\Program Files\Fichiers communs\Java
[15/02/2008|17:07] C:\Program Files\Fichiers communs\Micro Application Shared
[06/03/2009|22:21] C:\Program Files\Fichiers communs\Microsoft Shared
[05/04/2007|16:36] C:\Program Files\Fichiers communs\MSSoap
[06/08/2008|11:10] C:\Program Files\Fichiers communs\Nero
[14/08/2007|17:12] C:\Program Files\Fichiers communs\NSV
[05/04/2007|16:46] C:\Program Files\Fichiers communs\ODBC
[13/09/2007|22:21] C:\Program Files\Fichiers communs\Real
[05/04/2007|16:36] C:\Program Files\Fichiers communs\Services
[05/04/2007|16:46] C:\Program Files\Fichiers communs\SpeechEngines
[02/08/2008|01:34] C:\Program Files\Fichiers communs\Symantec Shared
[06/08/2008|15:03] C:\Program Files\Fichiers communs\System
[05/04/2007|17:15] C:\Program Files\Fichiers communs\Trek320R
[06/02/2009|11:33] C:\Program Files\Fichiers communs\Windows Live
[07/01/2008|15:41] C:\Program Files\Fichiers communs\WindowsLiveInstaller
[13/09/2007|22:21] C:\Program Files\Fichiers communs\xing shared

--------------------\\ Process

( 34 Processes )

IEXPLORE.EXE ~ [PID:1616]
IEXPLORE.EXE ~ [PID:1960]

--------------------\\ Recherche avec S_Lop

C:\DOCUME~1\PHILIP~1\LOCALS~1\Temp\bis54.exe
C:\DOCUME~1\PHILIP~1\APPLIC~1\INTERO~1
C:\DOCUME~1\PHILIP~1\APPLIC~1\INTERO~1\Draw safe free.exe
C:\DOCUME~1\PHILIP~1\APPLIC~1\INTERO~1\Inside vga.exe
C:\DOCUME~1\PHILIP~1\APPLIC~1\INTERO~1\uybiezrr.exe

--------------------\\ Recherche de Fichiers / Dossiers Lop

C:\DOCUME~1\ALLUSE~1\APPLIC~1\Noun Love Bits Peak
C:\DOCUME~1\ALLUSE~1\APPLIC~1\Noun Love Bits Peak\DENT PLAY.dat
C:\DOCUME~1\ALLUSE~1\APPLIC~1\Noun Love Bits Peak\DENT PLAY.exe
C:\DOCUME~1\PHILIP~1\APPLIC~1\intero~1
C:\DOCUME~1\PHILIP~1\APPLIC~1\intero~1\Draw safe free.exe
C:\DOCUME~1\PHILIP~1\APPLIC~1\intero~1\Inside vga.exe
C:\DOCUME~1\PHILIP~1\APPLIC~1\intero~1\uybiezrr.exe
C:\DOCUME~1\PHILIP~1\LOCALS~1\Temp\GalaPlayer.zip
C:\WINDOWS\Prefetch\GALAPLAYER-1.4.0.0-SETUP.EXE-0CE7B1E9.pf
C:\WINDOWS\Prefetch\GALAPLAYER.EXE-17664496.pf
C:\WINDOWS\Tasks\AC34EE6990CF6305.job

--------------------\\ Verification du Registre

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\dale curb plus]
"DisplayName"="CiD Help"
"UninstallString"="C:\\DOCUME~1\\PHILIP~1\\APPLIC~1\\INTERO~1\\Inside vga.exe -uninstall"

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"size lite"="C:\\DOCUME~1\\PHILIP~1\\APPLIC~1\\INTERO~1\\Inside vga.exe"
"size lite"="C:\\DOCUME~1\\PHILIP~1\\APPLIC~1\\INTERO~1\\Inside vga.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Bits peak locks body"="C:\\Documents and Settings\\All Users\\Application Data\\Noun Love Bits Peak\\DENT PLAY.exe"

--------------------\\ Verification du fichier Hosts

Fichier Hosts PROPRE


--------------------\\ Recherche de fichiers avec Catchme

catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-03-13 18:40:26
Windows 5.1.2600 Service Pack 3 NTFS
detected NTDLL code modification:
ZwClose
scanning hidden processes ...
scanning hidden files ...
scan completed successfully
hidden processes: 0
hidden files: 0

--------------------\\ Recherche d'autres infections

--------------------\\ Cracks & Keygens ..

C:\DOCUME~1\PHILIP~1\Mes documents\eloise\Eloise musique\zappa\1968-Cruising With Ruben & The Jets\13-Stuff Up The Cracks-mw.mp3


[F:111][D:8]-> C:\DOCUME~1\PHILIP~1\LOCALS~1\Temp
[F:13][D:0]-> C:\DOCUME~1\PHILIP~1\Cookies
[F:96][D:5]-> C:\DOCUME~1\PHILIP~1\LOCALS~1\TEMPOR~1\content.IE5

1 - "C:\Lop SD\LopR_1.txt" - 13/03/2009|18:43 - Option : [1]

--------------------\\ Fin du rapport a 18:43:21
0
Réponse 2 / 3
Utilisateur anonyme
13 mars 2009 à 18:50
Re,

Sympathique collection :)

Suit à nouveau le tutorial LOPSD mais pour l'option suppression maintenant ( poste le rapport )


PUIS :


Télécharges AD-Remover sur ton bureau :


/!\ Déconnectes toi et fermes toutes applications en cours

● Double clique sur le programme d'installation , et installe le dans son emplacement par défaut. ( C:\Program files )
● Double clique sur l'icône Ad-remover située sur ton bureau
● Au menu principal choisi l'option "A"
● Postes le rapport qui apparait à la fin .

( le rapport est sauvegardé sous C:\Ad-report(date).log )

(CTRL+A Pour tout selectionner , CTRL+C pour copier et CTRL+V pour coller )

Note :

"Process.exe", une composante de l'outil, est détecté par certains antivirus (AntiVir, Dr.Web, Kaspersky Anti-Virus) comme étant un RiskTool.
Il ne s'agit pas d'un virus, mais d'un utilitaire destiné à mettre fin à des processus.
Mis entre de mauvaises mains, cet utilitaire pourrait arrêter des logiciels de sécurité (Antivirus, Firewall...) d'où l'alerte émise par ces antivirus.



++
0
Réponse 3 / 3
Utilisateur anonyme
18 mars 2009 à 18:19
Up
0

Discussions similaires

Prélèvement Google Ireland Limited
jaffa1961 -
Minette135 -

34 réponses
Facture de google 380€ !
Misternet -
okapi -

61 réponses
Arnaque frauduleuse Ireland ltd
Mymy -
mel -

4 réponses
arnaque cb google sur mon compte bancaire
patooun -
samgunsjovirow -

1 réponse
Problème de clavier, des fenêtre s'ouvrent !!
Lyon691D -
tanteelise -

5 réponses