Bonjour, mon compagnon avait telechargé un fichier sur emule et en l'ouvrant l'anti virus a detecté un "virus" sur coup on l'a supprimé mais depuis des pages publicitaires s'affichent sans meme etre sur le net... j'ai fais un scan avc mon anti virus (avast) et jai telechargé un spyware qui a detecté 81 fichiers 'infectés' que jai supprimé mais toujours rien la pubs apparaissent qd meme (casino, achat VIP...). Comment faire?? Merci

Pub qui s'affiche sans meme etre sur le net!

Réponse 1 / 37

lesane662 Messages postés 1564 Statut Membre 149

JK85surtout n'écoute pas cet imbécile de Hitman zone

depuis hier il ne me lâche pas et il donne des conseils pourri au gens , c'est un imposteur incompétent

JK85

Ok, je suis toujours la!
;)

Réponse 2 / 37

lesane662 Messages postés 1564 Statut Membre 149

Salut

je sais pas si je pourrai regler ton probleme mais on peut toujours essayer .

Télécharge GenProc

Exécute le , puis post le rapport ainsi généré (sous vista éxécute le en tant qu'administrateur)

JK85

Qd j'essaye de le telecharger ça me met : ce telechargement a eté bloqué par votre politique de zone de securité, je fais comment???

Réponse 3 / 37

lesane662 Messages postés 1564 Statut Membre 149

Salut ,

Télécharge Hijackthis

Installe le sur ton bureau

Une fois installé lance le en cliquant sur l'icone qui est apparu après l'installation

Une fois hijackthis lancé clic sur "Do a system scan and save the logfile"

Post le rapport ainsi généré dans ta prochaine réponse

JK85

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 12:41:12, on 15/06/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
C:\Program Files\Intel\Wireless\Bin\WLKeeper.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\ehome\ehtray.exe
C:\WINDOWS\stsystra.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe
C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe
C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe
C:\Program Files\Creative\Mixer\CTSVolFE.exe
C:\WINDOWS\system32\dla\tfswctrl.exe
C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
C:\Program Files\Fichiers communs\Creative Labs Shared\Service\CreativeLicensing.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\Program Files\Dell Network Assistant\hnm_svc.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktopIndex.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktopDisplay.exe
C:\Program Files\ScanSoft\OmniPageSE2.0\OpwareSE2.exe
C:\Program Files\Dell\QuickSet\NICCONFIGSVC.exe
C:\WINDOWS\VM_STI.EXE
C:\Program Files\DAEMON Tools\daemon.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Dell Support\DSAgnt.exe
C:\Program Files\Cegetel\C-BOX\Wizard\QuickAccess.exe
C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexStoreSvr.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Dell Network Assistant\ezi_hnm2.exe
C:\Program Files\Digital Line Detect\DLG.exe
C:\PROGRA~1\WIDCOMM\BLUETO~1\BTSTAC~1.EXE
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\system32\dllhost.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\WINDOWS\eHome\ehmsas.exe
C:\PROGRA~1\Intel\Wireless\Bin\Dot1XCfg.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Windows Live\Toolbar\wltuser.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Windows Live\Contacts\wlcomm.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = https://actus.sfr.fr
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = https://actus.sfr.fr
R1 - HKLM\Software\Microsoft\Internet Explorer\Search,Default_Page_URL = www.google.fr/ig/dell?hl=fr&client=dell-row&channel=fr&ibd=0061005
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = https://www.bing.com/?FORM=TOOLBR&cc=fr&toHttps=1&redig=4527FFF1C12746FC9EDB535C75E80ECC
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: (no name) - {BC4FFE41-DE9F-46fa-B455-AAD49B9F9938} - (no file)
R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll (file missing)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla\tfswshx.dll
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.1.1119.1736\swg.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: Easy-WebPrint - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:\Program Files\Canon\Easy-WebPrint\Toolband.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe
O4 - HKLM\..\Run: [SigmatelSysTrayApp] stsystra.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [ATICCC] "C:\Program Files\ATI Technologies\ATI.ACE\cli.exe" runtime -Delay
O4 - HKLM\..\Run: [IntelZeroConfig] "C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe"
O4 - HKLM\..\Run: [IntelWireless] "C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe" /tf Intel PROSet/Wireless
O4 - HKLM\..\Run: [DVDLauncher] "C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe"
O4 - HKLM\..\Run: [CTSVolFE.exe] "C:\Program Files\Creative\Mixer\CTSVolFE.exe" /r
O4 - HKLM\..\Run: [dla] C:\WINDOWS\system32\dla\tfswctrl.exe
O4 - HKLM\..\Run: [ISUSPM Startup] "C:\Program Files\Fichiers communs\InstallShield\UpdateService\isuspm.exe" -startup
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [MSKDetectorExe] C:\Program Files\McAfee\SpamKiller\MSKDetct.exe /uninstall
O4 - HKLM\..\Run: [OpwareSE2] "C:\Program Files\ScanSoft\OmniPageSE2.0\OpwareSE2.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Fichiers communs\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [BigDogPath] C:\WINDOWS\VM_STI.EXE Philips SPC 200NC PC Camera
O4 - HKLM\..\Run: [DAEMON Tools] "C:\Program Files\DAEMON Tools\daemon.exe" -lang 1033
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [Army browse cdrom vga] C:\Documents and Settings\All Users\Application Data\Mfcd upload army browse\One ford.exe
O4 - HKLM\..\Run: [Ad-Watch] C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [DellSupport] "C:\Program Files\Dell Support\DSAgnt.exe" /startup
O4 - HKCU\..\Run: [Configuration de la C-BOX] C:\Program Files\Cegetel\C-BOX\Wizard\QuickAccess.exe
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [kamsoft] C:\WINDOWS\system32\ckvo.exe
O4 - HKCU\..\Run: [grim phone] C:\DOCUME~1\Zinz\APPLIC~1\PROGRA~1\ModeFlagVga.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: BTTray.lnk = ?
O4 - Global Startup: Dell Network Assistant.lnk = ?
O4 - Global Startup: Digital Line Detect.lnk = ?
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: TrayMin200.exe.lnk = C:\Program Files\Philips\SPC 200NC PC Camera\TrayMin200.exe
O8 - Extra context menu item: Add to Windows &Live Favorites - https://onedrive.live.com/?id=favorites
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Easy-WebPrint Ajouter à la liste d'impressions - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_AddToList.html
O8 - Extra context menu item: Easy-WebPrint Impression rapide - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_HSPrint.html
O8 - Extra context menu item: Easy-WebPrint Imprimer - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_Print.html
O8 - Extra context menu item: Easy-WebPrint Prévisualiser - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_Preview.html
O8 - Extra context menu item: Envoyer au périphérique &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} (Facebook Photo Uploader 5) - http://upload.facebook.com/controls/FacebookPhotoUploader5.cab
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} - http://download.mcafee.com/molbin/shared/mcinsctl/4,0,0,101/mcinsctl.cab
O16 - DPF: {5C051655-FCD5-4969-9182-770EA5AA5565} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown.cab56986.cab
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://messenger.zone.msn.com/binary/ZIntro.cab56649.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{66A456DE-861C-470A-BDB2-155E8673462F}: NameServer = 192.168.1.1
O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL
O20 - Winlogon Notify: GoToAssist - C:\Program Files\Citrix\GoToAssist\480\G2AWinLogon.dll
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
O23 - Service: Creative Labs Licensing Service - Creative Labs - C:\Program Files\Fichiers communs\Creative Labs Shared\Service\CreativeLicensing.exe
O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
O23 - Service: GoToAssist - Citrix Online, a division of Citrix Systems, Inc. - C:\Program Files\Citrix\GoToAssist\480\g2aservice.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Advanced Networking Service (hnmsvc) - SingleClick Systems - C:\Program Files\Dell Network Assistant\hnm_svc.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Lavasoft Ad-Aware Service - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NICCONFIGSVC - Dell Inc. - C:\Program Files\Dell\QuickSet\NICCONFIGSVC.exe
O23 - Service: nProtect GameGuard Service (npggsvc) - Unknown owner - C:\WINDOWS\system32\GameMon.des.exe (file missing)
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
O23 - Service: Intel(R) PROSet/Wireless Service (S24EventMonitor) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
O23 - Service: Intel(R) PROSet/Wireless SSO Service (WLANKEEPER) - Intel(R) Corporation - C:\Program Files\Intel\Wireless\Bin\WLKeeper.exe

JK85 > JK85

Je sais pas si c'est une indication ou pas mais qd les pages publicitaire s'ouvrent c'est marqué "CiD": casino ou bouygues...

Réponse 4 / 37

lesane662 Messages postés 1564 Statut Membre 149

maintenant télécharge ToolBar S&D

!! Déconnectes toi et fermes toute tes applications en cours le temps de la manipulation !!

* double-cliques sur l'.exe pour lancer l'installe et laisses toi guider ...Sous Vista : clic droit -> Exécuter en tant qu'administrateur.

* Une fois fait, cliques sur le raccourci créé sur ton bureau pour lancer l'outil .

* Choisis l'option 1 ( « recherche ») et tapes « entrée » .

* Une fois le scan finit, un rapport va apparaître, copie/colles l'intégralité de son contenu dans ta prochaine réponse ...

(Le rapport est en outre sauvegardé ici -> C:\TB.txt )

Réponse 5 / 37

lesane662 Messages postés 1564 Statut Membre 149

Je sais pas si c'est une indication ou pas mais qd les pages publicitaire s'ouvrent c'est marqué "CiD": casino ou bouygues...

Oui tu as été infecté par Lop.com d'ou les pages intitulé CID

Réponse 6 / 37

JK85

lesane662 : parcontre je ne suis pas sous vista c pas grave?

Réponse 7 / 37

lesane662 Messages postés 1564 Statut Membre 149

Oui je sais tu es sous XP mais c'est pas grave

JK85

-----------\\ ToolBar S&D 1.2.8 XP/Vista

Microsoft Windows XP Professionnel ( v5.1.2600 ) Service Pack 3
X86-based PC ( Multiprocessor Free : Intel(R) Core(TM)2 CPU T7200 @ 2.00GHz )
BIOS : Phoenix ROM BIOS PLUS Version 1.10 A12
USER : Zinz ( Administrator )
BOOT : Normal boot
Antivirus : avast! antivirus 4.8.1229 [VPS 081031-1] 4.8.1229 (Activated)
C:\ (Local Disk) - NTFS - Total:79 Go (Free:37 Go)
D:\ (Local Disk) - NTFS - Total:26 Go (Free:26 Go)
E:\ (CD or DVD)
G:\ (CD or DVD)
H:\ (CD or DVD)

"C:\ToolBar SD" ( MAJ : 21-12-2008|20:47 )
Option : [1] ( 15/06/2009|13:08 )

-----------\\ Recherche de Fichiers / Dossiers ...

-----------\\ [..\Internet Explorer\Main]

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Local Page"="C:\\WINDOWS\\system32\\blank.htm"
"Start Page"="https://www.google.fr/?gws_rd=ssl"
"Search Page"="https://actus.sfr.fr"
"Default_Page_URL"="https://www.msn.com/fr-fr/?ocid=iehp"

[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Default_Page_URL"="https://www.msn.com/fr-fr/?ocid=iehp"
"Default_Search_URL"="https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF"
"Search Page"="https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF"
"Local Page"="C:\\WINDOWS\\system32\\blank.htm"
"Start Page"="https://www.msn.com/fr-fr/?ocid=iehp"
"Home_Page"="https://www.dell.com/fr-fr?c=fr&l=fr&s=gen&redirect=1"
"Help_Page"="http://support.euro.dell.com/segment.asp?country=FR&language=FR"

--------------------\\ Recherche d'autres infections

--------------------\\ Cracks & Keygens ..

C:\DOCUME~1\Zinz\Local Settings\Temp\Rar$EX00.328\crack
C:\DOCUME~1\Zinz\Local Settings\Temp\Rar$EX00.328\crack\patch.exe
C:\DOCUME~1\Zinz\Local Settings\Temporary Internet Files\Content.IE5\9Y4ST0FG\pizza-crack[1].png
C:\DOCUME~1\Zinz\Local Settings\Temporary Internet Files\Content.IE5\N97TYEXV\Tomb+Raider+anniversary+crack.rar.torrent[1].htm
C:\DOCUME~1\Zinz\Recent\Crack.lnk
C:\DOCUME~1\Zinz\Recent\Tomb Raider Anniversary (PC) v1.0 Crack no DVD (multilenguaje) Por Pirata of Spain.lnk
C:\DOCUME~1\Zinz\Recent\Tomb Raider Anniversary v1.0 Crack no DVD (multilenguaje) Por Pirata of Spain.lnk
C:\DOCUME~1\Zinz\Recent\[PC GAME NoCD] Tomb Raider Anniversary Crack Fr Eng Ita Spa Ger Certified ok NoDVD.lnk
C:\DOCUME~1\Zinz\Recent\[Pc Game Tools] - Tomb Raider Anniversary v1.0 Crack-HATRED.lnk

1 - "C:\ToolBar SD\TB_1.txt" - 15/06/2009|13:09 - Option : [1]

-----------\\ Fin du rapport a 13:09:31,31

Réponse 8 / 37

lesane662 Messages postés 1564 Statut Membre 149

je te donne un conseil : évite de télécharger des crack (pour tomb raider lol) c'est dangereux pour ton pc .

télécharge Lop S&D

* Faire l'installation
* Fermer toutes les applications
* Le lancer par un double-clic sur le raccourci qui est sur le bureau

* Taper F pour français , puis presser entrée
* Taper 1
* Presser Entrée
* Le PC va redémarrer

* Note= si l'antivirus annonce une infection dans TEMP , l'ignorer
* Attendre l'apparition du rapport
* Copier le rapport et le coller dans la réponse

* le rapport se trouve aussi à C:\lopR

JK85

parcontre mon PC ne s'est pas eteint le rapport est apparu après la recherche!

--------------------\\ Lop S&D 4.2.5-0 XP/Vista

Microsoft Windows XP Professionnel ( v5.1.2600 ) Service Pack 3
X86-based PC ( Multiprocessor Free : Intel(R) Core(TM)2 CPU T7200 @ 2.00GHz )
BIOS : Phoenix ROM BIOS PLUS Version 1.10 A12
USER : Zinz ( Administrator )
BOOT : Normal boot
Antivirus : avast! antivirus 4.8.1229 [VPS 081031-1] 4.8.1229 (Activated)
C:\ (Local Disk) - NTFS - Total:79 Go (Free:37 Go)
D:\ (Local Disk) - NTFS - Total:26 Go (Free:26 Go)
E:\ (CD or DVD)
G:\ (CD or DVD)
H:\ (CD or DVD)

"C:\Lop SD" ( MAJ : 19-12-2008|23:40 )
Option : [1] ( 15/06/2009|13:23 )

--------------------\\ Listing des dossiers dans APPLIC~1

[05/10/2006|19:36] C:\DOCUME~1\ADMINI~1\APPLIC~1\ATI
[05/10/2006|19:30] C:\DOCUME~1\ADMINI~1\APPLIC~1\Corel
[05/10/2006|19:37] C:\DOCUME~1\ADMINI~1\APPLIC~1\GTek
[01/09/2005|07:25] C:\DOCUME~1\ADMINI~1\APPLIC~1\Identities
[05/10/2006|19:25] C:\DOCUME~1\ADMINI~1\APPLIC~1\Intel
[05/10/2006|19:23] C:\DOCUME~1\ADMINI~1\APPLIC~1\Microsoft
[05/10/2006|19:33] C:\DOCUME~1\ADMINI~1\APPLIC~1\Symantec

[15/06/2009|11:44] C:\DOCUME~1\ALLUSE~1\APPLIC~1\{83C91755-2546-441D-AC40-9A6B4B860800}
[19/05/2008|18:10] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe
[05/07/2008|11:20] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple Computer
[03/06/2007|19:18] C:\DOCUME~1\ALLUSE~1\APPLIC~1\CanonBJ
[06/12/2007|12:59] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Citrix
[18/04/2007|12:01] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Creative Labs
[01/07/2007|20:42] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Google
[05/10/2006|19:37] C:\DOCUME~1\ALLUSE~1\APPLIC~1\GTek
[05/10/2006|19:29] C:\DOCUME~1\ALLUSE~1\APPLIC~1\InstallShield
[05/10/2006|19:25] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Intel
[02/11/2008|16:53] C:\DOCUME~1\ALLUSE~1\APPLIC~1\KONAMI
[15/06/2009|11:46] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Lavasoft
[05/10/2006|19:32] C:\DOCUME~1\ALLUSE~1\APPLIC~1\McAfee
[05/10/2006|19:32] C:\DOCUME~1\ALLUSE~1\APPLIC~1\McAfee.com
[06/02/2007|14:48] C:\DOCUME~1\ALLUSE~1\APPLIC~1\McAfee.com Personal Firewall
[14/06/2009|22:56] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Mfcd upload army browse
[28/05/2009|07:00] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft
[26/09/2007|20:43] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Nero
[29/11/2006|14:53] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Otto
[24/05/2008|13:34] C:\DOCUME~1\ALLUSE~1\APPLIC~1\phenomedia
[14/03/2007|14:04] C:\DOCUME~1\ALLUSE~1\APPLIC~1\SingleClick Systems
[11/06/2007|19:02] C:\DOCUME~1\ALLUSE~1\APPLIC~1\SSScanAppDataDir
[11/06/2007|19:02] C:\DOCUME~1\ALLUSE~1\APPLIC~1\SSScanWizard
[30/03/2007|13:09] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Symantec
[15/06/2009|12:11] C:\DOCUME~1\ALLUSE~1\APPLIC~1\TEMP
[17/01/2007|21:58] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Genuine Advantage
[09/02/2007|19:31] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Live Toolbar
[20/04/2008|21:34] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WLInstaller
[06/12/2007|13:16] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Yahoo! Companion

[05/10/2006|19:36] C:\DOCUME~1\DEFAUL~1\APPLIC~1\ATI
[05/10/2006|19:30] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Corel
[05/10/2006|19:37] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Gtek
[01/09/2005|07:25] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Identities
[05/10/2006|19:25] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Intel
[05/10/2006|19:23] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft
[05/10/2006|19:33] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Symantec

[11/10/2006|22:26] C:\DOCUME~1\LOCALS~1\APPLIC~1\McAfee.com Personal Firewall
[01/09/2005|07:05] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft
[03/02/2007|00:31] C:\DOCUME~1\LOCALS~1\APPLIC~1\Sun

[01/09/2005|07:05] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft

[24/02/2008|12:58] C:\DOCUME~1\Zinz\APPLIC~1\Adobe
[19/05/2008|18:08] C:\DOCUME~1\Zinz\APPLIC~1\AdobeUM
[26/09/2007|20:52] C:\DOCUME~1\Zinz\APPLIC~1\Ahead
[11/06/2007|19:08] C:\DOCUME~1\Zinz\APPLIC~1\ArcSoft
[05/10/2006|19:36] C:\DOCUME~1\Zinz\APPLIC~1\ATI
[06/06/2009|22:36] C:\DOCUME~1\Zinz\APPLIC~1\Canon
[05/10/2006|19:30] C:\DOCUME~1\Zinz\APPLIC~1\Corel
[15/10/2006|12:10] C:\DOCUME~1\Zinz\APPLIC~1\Corel Photo Album
[24/12/2006|16:04] C:\DOCUME~1\Zinz\APPLIC~1\CyberLink
[18/12/2006|17:52] C:\DOCUME~1\Zinz\APPLIC~1\DivX
[10/03/2009|12:45] C:\DOCUME~1\Zinz\APPLIC~1\dvdcss
[19/04/2008|14:04] C:\DOCUME~1\Zinz\APPLIC~1\Google
[05/10/2006|19:37] C:\DOCUME~1\Zinz\APPLIC~1\Gtek
[01/09/2005|07:25] C:\DOCUME~1\Zinz\APPLIC~1\Identities
[05/10/2006|19:25] C:\DOCUME~1\Zinz\APPLIC~1\Intel
[16/10/2006|13:14] C:\DOCUME~1\Zinz\APPLIC~1\Leadertech
[15/11/2006|21:07] C:\DOCUME~1\Zinz\APPLIC~1\Macromedia
[11/10/2006|20:39] C:\DOCUME~1\Zinz\APPLIC~1\McAfee.com Personal Firewall
[27/03/2009|01:16] C:\DOCUME~1\Zinz\APPLIC~1\Microsoft
[10/01/2007|21:21] C:\DOCUME~1\Zinz\APPLIC~1\MSNInstaller
[29/11/2006|14:53] C:\DOCUME~1\Zinz\APPLIC~1\Otto
[14/06/2009|22:56] C:\DOCUME~1\Zinz\APPLIC~1\program htm
[11/06/2007|19:02] C:\DOCUME~1\Zinz\APPLIC~1\ScanSoft
[12/05/2009|19:39] C:\DOCUME~1\Zinz\APPLIC~1\SecuROM
[16/10/2006|13:14] C:\DOCUME~1\Zinz\APPLIC~1\Sonic
[14/01/2007|19:42] C:\DOCUME~1\Zinz\APPLIC~1\Sun
[05/10/2006|19:33] C:\DOCUME~1\Zinz\APPLIC~1\Symantec
[11/10/2006|21:18] C:\DOCUME~1\Zinz\APPLIC~1\Template
[10/03/2009|12:45] C:\DOCUME~1\Zinz\APPLIC~1\vlc
[20/04/2008|21:49] C:\DOCUME~1\Zinz\APPLIC~1\Windows Live Writer
[26/09/2007|15:13] C:\DOCUME~1\Zinz\APPLIC~1\WinRAR

--------------------\\ Tâches planifiées dans C:\WINDOWS\tasks

[15/06/2009 11:47][--a------] C:\WINDOWS\tasks\Ad-Aware Update (Weekly).job
[15/06/2009 13:00][--ah-----] C:\WINDOWS\tasks\BD7C859C969B3468.job
[15/06/2009 12:11][--ah-----] C:\WINDOWS\tasks\SA.DAT
[10/08/2004 13:00][-r-h-----] C:\WINDOWS\tasks\desktop.ini

( BD7C859C969B3468.job )=( c:\docume~1\zinz\applic~1\progra~1\Jumptheheck.exe )

--------------------\\ Listing des dossiers dans C:\Program Files

[05/10/2006|19:27] C:\Program Files\Adobe
[19/02/2007|19:02] C:\Program Files\Alwil Software
[11/06/2007|19:00] C:\Program Files\ArcSoft
[05/10/2006|19:24] C:\Program Files\ATI Technologies
[28/07/2008|21:46] C:\Program Files\BAE
[05/10/2006|19:24] C:\Program Files\Broadcom
[11/06/2007|18:48] C:\Program Files\Canon
[06/12/2007|13:12] C:\Program Files\CCleaner
[15/11/2006|21:05] C:\Program Files\Cegetel
[06/12/2007|12:58] C:\Program Files\Citrix
[02/03/2009|23:49] C:\Program Files\Common Files
[01/09/2005|07:13] C:\Program Files\ComPlus Applications
[05/10/2006|19:21] C:\Program Files\CONEXANT
[30/03/2007|13:15] C:\Program Files\Corel
[05/10/2006|19:29] C:\Program Files\Corel Corporation
[05/10/2006|19:27] C:\Program Files\Creative
[05/10/2006|19:26] C:\Program Files\CyberLink
[03/11/2008|18:43] C:\Program Files\DAEMON Tools
[05/10/2006|19:23] C:\Program Files\Dell
[03/11/2007|12:30] C:\Program Files\Dell Network Assistant
[05/10/2006|19:37] C:\Program Files\Dell Support
[05/10/2006|19:25] C:\Program Files\Digital Line Detect
[26/01/2009|23:30] C:\Program Files\DivX
[03/03/2009|23:03] C:\Program Files\eMule
[27/03/2009|00:45] C:\Program Files\Fichiers communs
[17/11/2008|21:53] C:\Program Files\FrenchOtto
[17/11/2008|21:53] C:\Program Files\GemMasterFrench
[08/05/2008|16:08] C:\Program Files\Google
[13/02/2008|12:53] C:\Program Files\INFORAD
[13/02/2008|12:53] C:\Program Files\INFORAD_DRIVERS
[24/05/2008|13:33] C:\Program Files\InstallShield Installation Information
[05/10/2006|19:25] C:\Program Files\Intel
[05/10/2006|19:25] C:\Program Files\Intel, Inc
[12/06/2009|17:29] C:\Program Files\Internet Explorer
[07/04/2009|21:24] C:\Program Files\Java
[02/11/2008|16:49] C:\Program Files\KONAMI
[15/06/2009|11:43] C:\Program Files\Lavasoft
[30/08/2008|12:41] C:\Program Files\Macrogaming
[05/10/2006|19:32] C:\Program Files\McAfee
[17/11/2008|21:53] C:\Program Files\Messenger
[27/03/2009|00:59] C:\Program Files\Microsoft
[11/05/2007|14:34] C:\Program Files\Microsoft CAPICOM 2.1.0.2
[01/09/2005|07:18] C:\Program Files\microsoft frontpage
[13/11/2006|12:53] C:\Program Files\Microsoft Office
[27/03/2009|01:08] C:\Program Files\Microsoft Office Outlook Connector
[07/04/2009|21:13] C:\Program Files\Microsoft Silverlight
[20/04/2008|21:46] C:\Program Files\Microsoft SQL Server Compact Edition
[27/03/2009|01:03] C:\Program Files\Microsoft Sync Framework
[12/06/2009|17:28] C:\Program Files\Microsoft Works
[13/11/2006|12:51] C:\Program Files\Microsoft.NET
[12/12/2008|20:39] C:\Program Files\Modem Helper
[19/09/2008|18:37] C:\Program Files\Movie Maker
[08/11/2006|02:42] C:\Program Files\MSN
[01/09/2005|07:12] C:\Program Files\MSN Gaming Zone
[14/01/2007|19:27] C:\Program Files\MSXML 4.0
[26/09/2007|20:43] C:\Program Files\Nero
[19/09/2008|18:34] C:\Program Files\NetMeeting
[14/06/2009|22:56] C:\Program Files\NetPumper
[17/11/2008|21:53] C:\Program Files\NetWaiting
[06/06/2008|21:47] C:\Program Files\Neuf
[01/09/2005|07:13] C:\Program Files\Online Services
[19/09/2008|18:34] C:\Program Files\Outlook Express
[09/02/2007|19:20] C:\Program Files\Philips
[14/06/2009|22:55] C:\Program Files\program htm
[15/11/2006|21:05] C:\Program Files\SAGEM
[11/06/2007|19:01] C:\Program Files\ScanSoft
[01/09/2005|07:15] C:\Program Files\Services en ligne
[05/10/2006|19:21] C:\Program Files\Sigmatel
[05/10/2006|19:28] C:\Program Files\Sonic
[14/09/2008|10:06] C:\Program Files\Sun
[05/10/2006|19:33] C:\Program Files\Symantec
[05/10/2006|19:23] C:\Program Files\Synaptics
[05/10/2006|19:29] C:\Program Files\Tiscali
[14/06/2009|23:20] C:\Program Files\Tomb raider
[15/06/2009|12:40] C:\Program Files\Trend Micro
[26/11/2007|19:47] C:\Program Files\Ubisoft
[01/09/2005|07:25] C:\Program Files\Uninstall Information
[10/03/2009|12:40] C:\Program Files\VideoLAN
[05/10/2006|19:29] C:\Program Files\Wanadoo Europe
[15/02/2008|13:46] C:\Program Files\Western Digital Technologies
[05/10/2006|19:26] C:\Program Files\WIDCOMM
[27/03/2009|01:08] C:\Program Files\Windows Live
[20/04/2008|21:45] C:\Program Files\Windows Live Favorites
[27/03/2009|00:59] C:\Program Files\Windows Live SkyDrive
[27/03/2009|01:10] C:\Program Files\Windows Live Toolbar
[17/11/2008|21:53] C:\Program Files\Windows Media Connect 2
[25/03/2007|19:59] C:\Program Files\Windows Media Player
[19/09/2008|18:34] C:\Program Files\Windows NT
[01/09/2005|07:12] C:\Program Files\Windows Plus
[01/09/2005|07:15] C:\Program Files\WindowsUpdate
[26/09/2007|15:12] C:\Program Files\WinRAR
[01/09/2005|07:18] C:\Program Files\xerox
[06/12/2007|13:12] C:\Program Files\Yahoo!

--------------------\\ Listing des dossiers dans C:\Program Files\Fichiers communs

[19/05/2008|18:10] C:\Program Files\Fichiers communs\Adobe
[26/09/2007|20:44] C:\Program Files\Fichiers communs\Ahead
[17/04/2007|13:52] C:\Program Files\Fichiers communs\Creative Labs Shared
[13/11/2006|12:53] C:\Program Files\Fichiers communs\DESIGNER
[05/10/2006|19:29] C:\Program Files\Fichiers communs\InstallShield
[05/10/2006|19:17] C:\Program Files\Fichiers communs\Java
[05/03/2009|18:04] C:\Program Files\Fichiers communs\Microsoft Shared
[01/09/2005|07:15] C:\Program Files\Fichiers communs\MSSoap
[01/09/2005|07:08] C:\Program Files\Fichiers communs\ODBC
[11/06/2007|19:02] C:\Program Files\Fichiers communs\ScanSoft Shared
[01/09/2005|07:15] C:\Program Files\Fichiers communs\Services
[16/09/2007|18:59] C:\Program Files\Fichiers communs\Sonic Shared
[01/09/2005|07:08] C:\Program Files\Fichiers communs\SpeechEngines
[30/03/2007|13:17] C:\Program Files\Fichiers communs\Symantec Shared
[27/03/2009|01:08] C:\Program Files\Fichiers communs\System
[05/10/2006|19:28] C:\Program Files\Fichiers communs\TiVo Shared
[27/03/2009|00:45] C:\Program Files\Fichiers communs\Windows Live
[20/04/2008|21:39] C:\Program Files\Fichiers communs\WindowsLiveInstaller

--------------------\\ Process

( 82 Processes )

IEXPLORE.EXE ~ [PID:2796]
IEXPLORE.EXE ~ [PID:2844]

--------------------\\ Recherche avec S_Lop

C:\DOCUME~1\Zinz\LOCALS~1\Temp\bis48.exe
C:\DOCUME~1\Zinz\APPLIC~1\PROGRA~1
C:\DOCUME~1\Zinz\APPLIC~1\PROGRA~1\Jump the heck.exe
C:\DOCUME~1\Zinz\APPLIC~1\PROGRA~1\ModeFlagVga.exe
C:\DOCUME~1\Zinz\APPLIC~1\PROGRA~1\qndjshio.exe

--------------------\\ Recherche de Fichiers / Dossiers Lop

C:\DOCUME~1\ALLUSE~1\APPLIC~1\Mfcd upload army browse
C:\DOCUME~1\ALLUSE~1\APPLIC~1\Mfcd upload army browse\One ford.dat
C:\DOCUME~1\ALLUSE~1\APPLIC~1\Mfcd upload army browse\One ford.exe
C:\DOCUME~1\Zinz\APPLIC~1\progra~1
C:\DOCUME~1\Zinz\APPLIC~1\progra~1\Jump the heck.exe
C:\DOCUME~1\Zinz\APPLIC~1\progra~1\ModeFlagVga.exe
C:\DOCUME~1\Zinz\APPLIC~1\progra~1\qndjshio.exe
C:\Program Files\progra~1
C:\DOCUME~1\Zinz\LOCALS~1\Temp\NetPumper-1.50-setup.exe
C:\DOCUME~1\Zinz\LOCALS~1\Temp\NetPumper.zip
C:\DOCUME~1\Zinz\LOCALS~1\Temp\NetPumperAutoInstaller.exe
C:\DOCUME~1\Zinz\LOCALS~1\Temp\minime.exe
C:\DOCUME~1\Zinz\LOCALS~1\Temp\HtmlControl.dll
C:\Program Files\NetPumper
C:\DOCUME~1\Zinz\Cookies\zinz@advertstream[2].txt
C:\DOCUME~1\Zinz\Cookies\zinz@advertising[1].txt
C:\DOCUME~1\Zinz\Cookies\zinz@banner.cotedazurpalace[2].txt
C:\DOCUME~1\Zinz\Cookies\zinz@cotedazurpalace[2].txt
C:\DOCUME~1\Zinz\Cookies\zinz@www.cotedazurpalace[2].txt
C:\DOCUME~1\Zinz\Cookies\zinz@2xmoinscher[2].txt
C:\DOCUME~1\Zinz\Cookies\zinz@www.2xmoinscher[2].txt
C:\WINDOWS\Tasks\BD7C859C969B3468.job

--------------------\\ Verification du Registre

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Dead Dvd View]
"DisplayName"="CiD Help"
"UninstallString"="C:\\DOCUME~1\\Zinz\\APPLIC~1\\PROGRA~1\\ModeFlagVga.exe -uninstall"

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"grim phone"="C:\\DOCUME~1\\Zinz\\APPLIC~1\\PROGRA~1\\ModeFlagVga.exe"
"grim phone"="C:\\DOCUME~1\\Zinz\\APPLIC~1\\PROGRA~1\\ModeFlagVga.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"avast!"="C:\\PROGRA~1\\ALWILS~1\\Avast4\\ashDisp.exe"
"Army browse cdrom vga"="C:\\Documents and Settings\\All Users\\Application Data\\Mfcd upload army browse\\One ford.exe"
"avast!"="C:\\PROGRA~1\\ALWILS~1\\Avast4\\ashDisp.exe"

--------------------\\ Verification du fichier Hosts

Fichier Hosts MODIFIE

127.0.0.1 bin.errorprotector.com ## added by CiD
127.0.0.1 br.errorsafe.com ## added by CiD
127.0.0.1 br.winantivirus.com ## added by CiD
127.0.0.1 br.winfixer.com ## added by CiD
127.0.0.1 cdn.drivecleaner.com ## added by CiD
127.0.0.1 cdn.errorsafe.com ## added by CiD
127.0.0.1 cdn.winsoftware.com ## added by CiD
127.0.0.1 de.errorsafe.com ## added by CiD
127.0.0.1 de.winantivirus.com ## added by CiD
127.0.0.1 download.cdn.drivecleaner.com ## added by CiD
127.0.0.1 download.cdn.errorsafe.com ## added by CiD
127.0.0.1 download.cdn.winsoftware.com ## added by CiD
127.0.0.1 download.errorsafe.com ## added by CiD
127.0.0.1 download.systemdoctor.com ## added by CiD
127.0.0.1 download.winantispyware.com ## added by CiD
127.0.0.1 download.windrivecleaner.com ## added by CiD
127.0.0.1 download.winfixer.com ## added by CiD
127.0.0.1 drivecleaner.com ## added by CiD
127.0.0.1 dynamique.drivecleaner.com ## added by CiD
127.0.0.1 errorprotector.com ## added by CiD
127.0.0.1 errorsafe.com ## added by CiD
127.0.0.1 es.winantivirus.com ## added by CiD
127.0.0.1 fr.winantivirus.com ## added by CiD
127.0.0.1 fr.winfixer.com ## added by CiD
127.0.0.1 go.drivecleaner.com ## added by CiD
127.0.0.1 go.errorsafe.com ## added by CiD
127.0.0.1 go.winantispyware.com ## added by CiD
127.0.0.1 go.winantivirus.com ## added by CiD
127.0.0.1 hk.winantivirus.com ## added by CiD
127.0.0.1 instlog.errorsafe.com ## added by CiD
127.0.0.1 instlog.winantivirus.com ## added by CiD
127.0.0.1 instlog.winfixer.com ## added by CiD
127.0.0.1 jsp.drivecleaner.com ## added by CiD
127.0.0.1 kb.errorsafe.com ## added by CiD
127.0.0.1 kb.winantivirus.com ## added by CiD
127.0.0.1 nl.errorsafe.com ## added by CiD
127.0.0.1 se.errorsafe.com ## added by CiD
127.0.0.1 secure.drivecleaner.com ## added by CiD
127.0.0.1 secure.errorsafe.com ## added by CiD
127.0.0.1 secure.winantispam.com ## added by CiD
127.0.0.1 secure.winantispy.com ## added by CiD
127.0.0.1 secure.winantivirus.com ## added by CiD
127.0.0.1 support.winantivirus.com ## added by CiD
127.0.0.1 trial.updates.winsoftware.com ## added by CiD
127.0.0.1 ulog.winantivirus.com ## added by CiD
127.0.0.1 utils.errorsafe.com ## added by CiD
127.0.0.1 utils.winantivirus.com ## added by CiD
127.0.0.1 utils.winfixer.com ## added by CiD
127.0.0.1 winantispyware.com ## added by CiD
127.0.0.1 winantivirus.com ## added by CiD
127.0.0.1 winfixer.com ## added by CiD
127.0.0.1 winfixer2006.com ## added by CiD
127.0.0.1 winsoftware.com ## added by CiD
127.0.0.1 [i]ww/iw.drivecleaner.com ## added by CiD
127.0.0.1 [i]ww/iw.errorprotector.com ## added by CiD
127.0.0.1 [i]ww/iw.errorsafe.com ## added by CiD
127.0.0.1 [i]ww/iw.systemdoctor.com ## added by CiD
127.0.0.1 [i]ww/iw.utils.winfixer.com ## added by CiD
127.0.0.1 [i]ww/iw.win-anti-virus-pro.com ## added by CiD
127.0.0.1 [i]ww/iw.win-virus-pro.com ## added by CiD
127.0.0.1 [i]ww/iw.winantispam.com ## added by CiD
127.0.0.1 [i]ww/iw.winantispy.com ## added by CiD
127.0.0.1 [i]ww/iw.winantispyware.com ## added by CiD
127.0.0.1 [i]ww/iw.winantivirus.com ## added by CiD
127.0.0.1 [i]ww/iw.winantiviruspro.com ## added by CiD
127.0.0.1 [i]ww/iw.windrivecleaner.com ## added by CiD
127.0.0.1 [i]ww/iw.windrivesafe.com ## added by CiD
127.0.0.1 [i]ww/iw.winfixer.com ## added by CiD
127.0.0.1 [i]ww/iw.winfixer2006.com ## added by CiD
127.0.0.1 [i]ww/iw.winsoftware.com ## added by CiD

-> 72 [ 70 ## added by CiD ]

--------------------\\ Recherche de fichiers avec Catchme

catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-06-15 13:24:06
Windows 5.1.2600 Service Pack 3 NTFS
scanning hidden processes ...
scanning hidden files ...
scan completed successfully
hidden processes: 0
hidden files: 2

--------------------\\ Recherche d'autres infections

--------------------\\ Cracks & Keygens ..

C:\DOCUME~1\Zinz\Local Settings\Temp\Rar$EX00.328\crack
C:\DOCUME~1\Zinz\Local Settings\Temp\Rar$EX00.328\crack\patch.exe
C:\DOCUME~1\Zinz\Local Settings\Temporary Internet Files\Content.IE5\9Y4ST0FG\pizza-crack[1].png
C:\DOCUME~1\Zinz\Local Settings\Temporary Internet Files\Content.IE5\N97TYEXV\Tomb+Raider+anniversary+crack.rar.torrent[1].htm
C:\DOCUME~1\Zinz\Recent\Crack.lnk
C:\DOCUME~1\Zinz\Recent\Tomb Raider Anniversary (PC) v1.0 Crack no DVD (multilenguaje) Por Pirata of Spain.lnk
C:\DOCUME~1\Zinz\Recent\Tomb Raider Anniversary v1.0 Crack no DVD (multilenguaje) Por Pirata of Spain.lnk
C:\DOCUME~1\Zinz\Recent\[PC GAME NoCD] Tomb Raider Anniversary Crack Fr Eng Ita Spa Ger Certified ok NoDVD.lnk
C:\DOCUME~1\Zinz\Recent\[Pc Game Tools] - Tomb Raider Anniversary v1.0 Crack-HATRED.lnk

[F:314][D:23]-> C:\DOCUME~1\Zinz\LOCALS~1\Temp
[F:552][D:0]-> C:\DOCUME~1\Zinz\Cookies
[F:20663][D:39]-> C:\DOCUME~1\Zinz\LOCALS~1\TEMPOR~1\content.IE5

1 - "C:\Lop SD\LopR_1.txt" - 15/06/2009|13:25 - Option : [1]

--------------------\\ Fin du rapport a 13:25:04

Réponse 9 / 37

lesane662 Messages postés 1564 Statut Membre 149

Ok bon maintenant

* Relance Lop S&D

* Choisis cette fois-ci l'option 2 (Suppression)

* Ne ferme pas la fenêtre lors de la suppression !

* Poste le rapport généré (C:\lopR.txt)

* (Si le Bureau ne réapparait pas, presse Ctrl+Alt+Suppr, Onglet Fichier, Nouvelle tâche, tape explorer.exe et valide)

JK85

--------------------\\ Lop S&D 4.2.5-0 XP/Vista

Microsoft Windows XP Professionnel ( v5.1.2600 ) Service Pack 3
X86-based PC ( Multiprocessor Free : Intel(R) Core(TM)2 CPU T7200 @ 2.00GHz )
BIOS : Phoenix ROM BIOS PLUS Version 1.10 A12
USER : Zinz ( Administrator )
BOOT : Normal boot
Antivirus : avast! antivirus 4.8.1229 [VPS 081031-1] 4.8.1229 (Activated)
C:\ (Local Disk) - NTFS - Total:79 Go (Free:37 Go)
D:\ (Local Disk) - NTFS - Total:26 Go (Free:26 Go)
E:\ (CD or DVD)
G:\ (CD or DVD)
H:\ (CD or DVD)

"C:\Lop SD" ( MAJ : 19-12-2008|23:40 )
Option : [2] ( 15/06/2009|13:33 )

\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\ SUPPRESSION

Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\Mfcd upload army browse\One ford.dat
Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\Mfcd upload army browse\One ford.exe
Supprime! - C:\DOCUME~1\Zinz\APPLIC~1\progra~1\Jump the heck.exe
Supprime! - C:\DOCUME~1\Zinz\APPLIC~1\progra~1\ModeFlagVga.exe
Supprime! - C:\DOCUME~1\Zinz\APPLIC~1\progra~1\qndjshio.exe
Supprime! - C:\DOCUME~1\Zinz\LOCALS~1\Temp\NetPumper-1.50-setup.exe
Supprime! - C:\DOCUME~1\Zinz\LOCALS~1\Temp\NetPumper.zip
Supprime! - C:\DOCUME~1\Zinz\LOCALS~1\Temp\NetPumperAutoInstaller.exe
Supprime! - C:\DOCUME~1\Zinz\LOCALS~1\Temp\minime.exe
Supprime! - C:\DOCUME~1\Zinz\LOCALS~1\Temp\HtmlControl.dll
Supprime! - C:\DOCUME~1\Zinz\Cookies\zinz@advertstream[2].txt
Supprime! - C:\DOCUME~1\Zinz\Cookies\zinz@advertising[1].txt
Supprime! - C:\DOCUME~1\Zinz\Cookies\zinz@banner.cotedazurpalace[2].txt
Supprime! - C:\DOCUME~1\Zinz\Cookies\zinz@cotedazurpalace[2].txt
Supprime! - C:\DOCUME~1\Zinz\Cookies\zinz@www.cotedazurpalace[2].txt
Supprime! - C:\DOCUME~1\Zinz\Cookies\zinz@2xmoinscher[2].txt
Supprime! - C:\DOCUME~1\Zinz\Cookies\zinz@www.2xmoinscher[2].txt
Supprime! - C:\WINDOWS\Tasks\BD7C859C969B3468.job
Supprime! - C:\DOCUME~1\Zinz\LOCALS~1\Temp\bis48.exe
Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\Mfcd upload army browse
Supprime! - C:\DOCUME~1\Zinz\APPLIC~1\progra~1
Supprime! - C:\Program Files\progra~1
Supprime! - C:\Program Files\NetPumper
-
[ Fichier Hosts ] .. Restaure!

\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\

--------------------\\ Listing des dossiers dans APPLIC~1

[05/10/2006|19:36] C:\DOCUME~1\ADMINI~1\APPLIC~1\ATI
[05/10/2006|19:30] C:\DOCUME~1\ADMINI~1\APPLIC~1\Corel
[05/10/2006|19:37] C:\DOCUME~1\ADMINI~1\APPLIC~1\GTek
[01/09/2005|07:25] C:\DOCUME~1\ADMINI~1\APPLIC~1\Identities
[05/10/2006|19:25] C:\DOCUME~1\ADMINI~1\APPLIC~1\Intel
[05/10/2006|19:23] C:\DOCUME~1\ADMINI~1\APPLIC~1\Microsoft
[05/10/2006|19:33] C:\DOCUME~1\ADMINI~1\APPLIC~1\Symantec

[15/06/2009|11:44] C:\DOCUME~1\ALLUSE~1\APPLIC~1\{83C91755-2546-441D-AC40-9A6B4B860800}
[19/05/2008|18:10] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe
[05/07/2008|11:20] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple Computer
[03/06/2007|19:18] C:\DOCUME~1\ALLUSE~1\APPLIC~1\CanonBJ
[06/12/2007|12:59] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Citrix
[18/04/2007|12:01] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Creative Labs
[01/07/2007|20:42] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Google
[05/10/2006|19:37] C:\DOCUME~1\ALLUSE~1\APPLIC~1\GTek
[05/10/2006|19:29] C:\DOCUME~1\ALLUSE~1\APPLIC~1\InstallShield
[05/10/2006|19:25] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Intel
[02/11/2008|16:53] C:\DOCUME~1\ALLUSE~1\APPLIC~1\KONAMI
[15/06/2009|11:46] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Lavasoft
[05/10/2006|19:32] C:\DOCUME~1\ALLUSE~1\APPLIC~1\McAfee
[05/10/2006|19:32] C:\DOCUME~1\ALLUSE~1\APPLIC~1\McAfee.com
[06/02/2007|14:48] C:\DOCUME~1\ALLUSE~1\APPLIC~1\McAfee.com Personal Firewall
[28/05/2009|07:00] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft
[26/09/2007|20:43] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Nero
[29/11/2006|14:53] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Otto
[24/05/2008|13:34] C:\DOCUME~1\ALLUSE~1\APPLIC~1\phenomedia
[14/03/2007|14:04] C:\DOCUME~1\ALLUSE~1\APPLIC~1\SingleClick Systems
[11/06/2007|19:02] C:\DOCUME~1\ALLUSE~1\APPLIC~1\SSScanAppDataDir
[11/06/2007|19:02] C:\DOCUME~1\ALLUSE~1\APPLIC~1\SSScanWizard
[30/03/2007|13:09] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Symantec
[15/06/2009|12:11] C:\DOCUME~1\ALLUSE~1\APPLIC~1\TEMP
[17/01/2007|21:58] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Genuine Advantage
[09/02/2007|19:31] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Live Toolbar
[20/04/2008|21:34] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WLInstaller
[06/12/2007|13:16] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Yahoo! Companion

[05/10/2006|19:36] C:\DOCUME~1\DEFAUL~1\APPLIC~1\ATI
[05/10/2006|19:30] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Corel
[05/10/2006|19:37] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Gtek
[01/09/2005|07:25] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Identities
[05/10/2006|19:25] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Intel
[05/10/2006|19:23] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft
[05/10/2006|19:33] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Symantec

[11/10/2006|22:26] C:\DOCUME~1\LOCALS~1\APPLIC~1\McAfee.com Personal Firewall
[01/09/2005|07:05] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft
[03/02/2007|00:31] C:\DOCUME~1\LOCALS~1\APPLIC~1\Sun

[01/09/2005|07:05] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft

[24/02/2008|12:58] C:\DOCUME~1\Zinz\APPLIC~1\Adobe
[19/05/2008|18:08] C:\DOCUME~1\Zinz\APPLIC~1\AdobeUM
[26/09/2007|20:52] C:\DOCUME~1\Zinz\APPLIC~1\Ahead
[11/06/2007|19:08] C:\DOCUME~1\Zinz\APPLIC~1\ArcSoft
[05/10/2006|19:36] C:\DOCUME~1\Zinz\APPLIC~1\ATI
[06/06/2009|22:36] C:\DOCUME~1\Zinz\APPLIC~1\Canon
[05/10/2006|19:30] C:\DOCUME~1\Zinz\APPLIC~1\Corel
[15/10/2006|12:10] C:\DOCUME~1\Zinz\APPLIC~1\Corel Photo Album
[24/12/2006|16:04] C:\DOCUME~1\Zinz\APPLIC~1\CyberLink
[18/12/2006|17:52] C:\DOCUME~1\Zinz\APPLIC~1\DivX
[10/03/2009|12:45] C:\DOCUME~1\Zinz\APPLIC~1\dvdcss
[19/04/2008|14:04] C:\DOCUME~1\Zinz\APPLIC~1\Google
[05/10/2006|19:37] C:\DOCUME~1\Zinz\APPLIC~1\Gtek
[01/09/2005|07:25] C:\DOCUME~1\Zinz\APPLIC~1\Identities
[05/10/2006|19:25] C:\DOCUME~1\Zinz\APPLIC~1\Intel
[16/10/2006|13:14] C:\DOCUME~1\Zinz\APPLIC~1\Leadertech
[15/11/2006|21:07] C:\DOCUME~1\Zinz\APPLIC~1\Macromedia
[11/10/2006|20:39] C:\DOCUME~1\Zinz\APPLIC~1\McAfee.com Personal Firewall
[27/03/2009|01:16] C:\DOCUME~1\Zinz\APPLIC~1\Microsoft
[10/01/2007|21:21] C:\DOCUME~1\Zinz\APPLIC~1\MSNInstaller
[29/11/2006|14:53] C:\DOCUME~1\Zinz\APPLIC~1\Otto
[11/06/2007|19:02] C:\DOCUME~1\Zinz\APPLIC~1\ScanSoft
[12/05/2009|19:39] C:\DOCUME~1\Zinz\APPLIC~1\SecuROM
[16/10/2006|13:14] C:\DOCUME~1\Zinz\APPLIC~1\Sonic
[14/01/2007|19:42] C:\DOCUME~1\Zinz\APPLIC~1\Sun
[05/10/2006|19:33] C:\DOCUME~1\Zinz\APPLIC~1\Symantec
[11/10/2006|21:18] C:\DOCUME~1\Zinz\APPLIC~1\Template
[10/03/2009|12:45] C:\DOCUME~1\Zinz\APPLIC~1\vlc
[20/04/2008|21:49] C:\DOCUME~1\Zinz\APPLIC~1\Windows Live Writer
[26/09/2007|15:13] C:\DOCUME~1\Zinz\APPLIC~1\WinRAR

--------------------\\ Tâches planifiées dans C:\WINDOWS\tasks

[15/06/2009 11:47][--a------] C:\WINDOWS\tasks\Ad-Aware Update (Weekly).job
[15/06/2009 12:11][--ah-----] C:\WINDOWS\tasks\SA.DAT
[10/08/2004 13:00][-r-h-----] C:\WINDOWS\tasks\desktop.ini

--------------------\\ Listing des dossiers dans C:\Program Files

[05/10/2006|19:27] C:\Program Files\Adobe
[19/02/2007|19:02] C:\Program Files\Alwil Software
[11/06/2007|19:00] C:\Program Files\ArcSoft
[05/10/2006|19:24] C:\Program Files\ATI Technologies
[28/07/2008|21:46] C:\Program Files\BAE
[05/10/2006|19:24] C:\Program Files\Broadcom
[11/06/2007|18:48] C:\Program Files\Canon
[06/12/2007|13:12] C:\Program Files\CCleaner
[15/11/2006|21:05] C:\Program Files\Cegetel
[06/12/2007|12:58] C:\Program Files\Citrix
[02/03/2009|23:49] C:\Program Files\Common Files
[01/09/2005|07:13] C:\Program Files\ComPlus Applications
[05/10/2006|19:21] C:\Program Files\CONEXANT
[30/03/2007|13:15] C:\Program Files\Corel
[05/10/2006|19:29] C:\Program Files\Corel Corporation
[05/10/2006|19:27] C:\Program Files\Creative
[05/10/2006|19:26] C:\Program Files\CyberLink
[03/11/2008|18:43] C:\Program Files\DAEMON Tools
[05/10/2006|19:23] C:\Program Files\Dell
[03/11/2007|12:30] C:\Program Files\Dell Network Assistant
[05/10/2006|19:37] C:\Program Files\Dell Support
[05/10/2006|19:25] C:\Program Files\Digital Line Detect
[26/01/2009|23:30] C:\Program Files\DivX
[03/03/2009|23:03] C:\Program Files\eMule
[27/03/2009|00:45] C:\Program Files\Fichiers communs
[17/11/2008|21:53] C:\Program Files\FrenchOtto
[17/11/2008|21:53] C:\Program Files\GemMasterFrench
[08/05/2008|16:08] C:\Program Files\Google
[13/02/2008|12:53] C:\Program Files\INFORAD
[13/02/2008|12:53] C:\Program Files\INFORAD_DRIVERS
[24/05/2008|13:33] C:\Program Files\InstallShield Installation Information
[05/10/2006|19:25] C:\Program Files\Intel
[05/10/2006|19:25] C:\Program Files\Intel, Inc
[12/06/2009|17:29] C:\Program Files\Internet Explorer
[07/04/2009|21:24] C:\Program Files\Java
[02/11/2008|16:49] C:\Program Files\KONAMI
[15/06/2009|11:43] C:\Program Files\Lavasoft
[30/08/2008|12:41] C:\Program Files\Macrogaming
[05/10/2006|19:32] C:\Program Files\McAfee
[17/11/2008|21:53] C:\Program Files\Messenger
[27/03/2009|00:59] C:\Program Files\Microsoft
[11/05/2007|14:34] C:\Program Files\Microsoft CAPICOM 2.1.0.2
[01/09/2005|07:18] C:\Program Files\microsoft frontpage
[13/11/2006|12:53] C:\Program Files\Microsoft Office
[27/03/2009|01:08] C:\Program Files\Microsoft Office Outlook Connector
[07/04/2009|21:13] C:\Program Files\Microsoft Silverlight
[20/04/2008|21:46] C:\Program Files\Microsoft SQL Server Compact Edition
[27/03/2009|01:03] C:\Program Files\Microsoft Sync Framework
[12/06/2009|17:28] C:\Program Files\Microsoft Works
[13/11/2006|12:51] C:\Program Files\Microsoft.NET
[12/12/2008|20:39] C:\Program Files\Modem Helper
[19/09/2008|18:37] C:\Program Files\Movie Maker
[08/11/2006|02:42] C:\Program Files\MSN
[01/09/2005|07:12] C:\Program Files\MSN Gaming Zone
[14/01/2007|19:27] C:\Program Files\MSXML 4.0
[26/09/2007|20:43] C:\Program Files\Nero
[19/09/2008|18:34] C:\Program Files\NetMeeting
[17/11/2008|21:53] C:\Program Files\NetWaiting
[06/06/2008|21:47] C:\Program Files\Neuf
[01/09/2005|07:13] C:\Program Files\Online Services
[19/09/2008|18:34] C:\Program Files\Outlook Express
[09/02/2007|19:20] C:\Program Files\Philips
[15/11/2006|21:05] C:\Program Files\SAGEM
[11/06/2007|19:01] C:\Program Files\ScanSoft
[01/09/2005|07:15] C:\Program Files\Services en ligne
[05/10/2006|19:21] C:\Program Files\Sigmatel
[05/10/2006|19:28] C:\Program Files\Sonic
[14/09/2008|10:06] C:\Program Files\Sun
[05/10/2006|19:33] C:\Program Files\Symantec
[05/10/2006|19:23] C:\Program Files\Synaptics
[05/10/2006|19:29] C:\Program Files\Tiscali
[14/06/2009|23:20] C:\Program Files\Tomb raider
[15/06/2009|12:40] C:\Program Files\Trend Micro
[26/11/2007|19:47] C:\Program Files\Ubisoft
[01/09/2005|07:25] C:\Program Files\Uninstall Information
[10/03/2009|12:40] C:\Program Files\VideoLAN
[05/10/2006|19:29] C:\Program Files\Wanadoo Europe
[15/02/2008|13:46] C:\Program Files\Western Digital Technologies
[05/10/2006|19:26] C:\Program Files\WIDCOMM
[27/03/2009|01:08] C:\Program Files\Windows Live
[20/04/2008|21:45] C:\Program Files\Windows Live Favorites
[27/03/2009|00:59] C:\Program Files\Windows Live SkyDrive
[27/03/2009|01:10] C:\Program Files\Windows Live Toolbar
[17/11/2008|21:53] C:\Program Files\Windows Media Connect 2
[25/03/2007|19:59] C:\Program Files\Windows Media Player
[19/09/2008|18:34] C:\Program Files\Windows NT
[01/09/2005|07:12] C:\Program Files\Windows Plus
[01/09/2005|07:15] C:\Program Files\WindowsUpdate
[26/09/2007|15:12] C:\Program Files\WinRAR
[01/09/2005|07:18] C:\Program Files\xerox
[06/12/2007|13:12] C:\Program Files\Yahoo!

--------------------\\ Listing des dossiers dans C:\Program Files\Fichiers communs

[19/05/2008|18:10] C:\Program Files\Fichiers communs\Adobe
[26/09/2007|20:44] C:\Program Files\Fichiers communs\Ahead
[17/04/2007|13:52] C:\Program Files\Fichiers communs\Creative Labs Shared
[13/11/2006|12:53] C:\Program Files\Fichiers communs\DESIGNER
[05/10/2006|19:29] C:\Program Files\Fichiers communs\InstallShield
[05/10/2006|19:17] C:\Program Files\Fichiers communs\Java
[05/03/2009|18:04] C:\Program Files\Fichiers communs\Microsoft Shared
[01/09/2005|07:15] C:\Program Files\Fichiers communs\MSSoap
[01/09/2005|07:08] C:\Program Files\Fichiers communs\ODBC
[11/06/2007|19:02] C:\Program Files\Fichiers communs\ScanSoft Shared
[01/09/2005|07:15] C:\Program Files\Fichiers communs\Services
[16/09/2007|18:59] C:\Program Files\Fichiers communs\Sonic Shared
[01/09/2005|07:08] C:\Program Files\Fichiers communs\SpeechEngines
[30/03/2007|13:17] C:\Program Files\Fichiers communs\Symantec Shared
[27/03/2009|01:08] C:\Program Files\Fichiers communs\System
[05/10/2006|19:28] C:\Program Files\Fichiers communs\TiVo Shared
[27/03/2009|00:45] C:\Program Files\Fichiers communs\Windows Live
[20/04/2008|21:39] C:\Program Files\Fichiers communs\WindowsLiveInstaller

--------------------\\ Process

( 80 Processes )

... OK !

--------------------\\ Recherche avec S_Lop

Aucun fichier / dossier Lop trouvé !

--------------------\\ Recherche de Fichiers / Dossiers Lop

Aucun fichier / dossier Lop trouvé !

--------------------\\ Verification du Registre

..... OK !

--------------------\\ Verification du fichier Hosts

Fichier Hosts PROPRE

--------------------\\ Recherche de fichiers avec Catchme

catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-06-15 13:34:58
Windows 5.1.2600 Service Pack 3 NTFS
scanning hidden processes ...
scanning hidden files ...
scan completed successfully
hidden processes: 0
hidden files: 2

--------------------\\ Recherche d'autres infections

--------------------\\ Cracks & Keygens ..

C:\DOCUME~1\Zinz\Local Settings\Temp\Rar$EX00.328\crack
C:\DOCUME~1\Zinz\Local Settings\Temp\Rar$EX00.328\crack\patch.exe
C:\DOCUME~1\Zinz\Local Settings\Temporary Internet Files\Content.IE5\9Y4ST0FG\pizza-crack[1].png
C:\DOCUME~1\Zinz\Local Settings\Temporary Internet Files\Content.IE5\N97TYEXV\Tomb+Raider+anniversary+crack.rar.torrent[1].htm
C:\DOCUME~1\Zinz\Recent\Crack.lnk
C:\DOCUME~1\Zinz\Recent\Tomb Raider Anniversary (PC) v1.0 Crack no DVD (multilenguaje) Por Pirata of Spain.lnk
C:\DOCUME~1\Zinz\Recent\Tomb Raider Anniversary v1.0 Crack no DVD (multilenguaje) Por Pirata of Spain.lnk
C:\DOCUME~1\Zinz\Recent\[PC GAME NoCD] Tomb Raider Anniversary Crack Fr Eng Ita Spa Ger Certified ok NoDVD.lnk
C:\DOCUME~1\Zinz\Recent\[Pc Game Tools] - Tomb Raider Anniversary v1.0 Crack-HATRED.lnk

[F:309][D:23]-> C:\DOCUME~1\Zinz\LOCALS~1\Temp
[F:546][D:0]-> C:\DOCUME~1\Zinz\Cookies
[F:20709][D:39]-> C:\DOCUME~1\Zinz\LOCALS~1\TEMPOR~1\content.IE5

1 - "C:\Lop SD\LopR_1.txt" - 15/06/2009|13:25 - Option : [1]
2 - "C:\Lop SD\LopR_2.txt" - 15/06/2009|13:35 - Option : [2]

--------------------\\ Fin du rapport a 13:35:55

Réponse 10 / 37

lesane662 Messages postés 1564 Statut Membre 149

Ok alors maintenant

télécharge CCleaner

ensuite installe le sur ton bureau puis démmare le , tu clic sur analyse et une fois fais clic sur "lancer le nettoyage" (répète la procédure 1 fois de + )

après , toujours dans Ccleaner , tu clic sur "registre" puis sur "chercher des erreurs" et pour finir clic sur "réparer les erreurs selectionné" (répète ce procédé jusqu'à qu'il n'y ai plus d'erreurs, 2 ou 3 fois suffisent généralement)

redémarre ton pc après ça

après refait un scan avec hijackthis et post le rapport

JK85

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 14:00:32, on 15/06/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
C:\Program Files\Intel\Wireless\Bin\WLKeeper.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
C:\Program Files\Fichiers communs\Creative Labs Shared\Service\CreativeLicensing.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\Program Files\Dell Network Assistant\hnm_svc.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Dell\QuickSet\NICCONFIGSVC.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\ehome\ehtray.exe
C:\WINDOWS\stsystra.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe
C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe
C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe
C:\Program Files\Creative\Mixer\CTSVolFE.exe
C:\WINDOWS\system32\dla\tfswctrl.exe
C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\ScanSoft\OmniPageSE2.0\OpwareSE2.exe
C:\WINDOWS\VM_STI.EXE
C:\Program Files\Google\Google Desktop Search\GoogleDesktopIndex.exe
C:\Program Files\DAEMON Tools\daemon.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktopDisplay.exe
C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Dell Support\DSAgnt.exe
C:\Program Files\Cegetel\C-BOX\Wizard\QuickAccess.exe
C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexStoreSvr.exe
C:\Program Files\Dell Network Assistant\ezi_hnm2.exe
C:\Program Files\Digital Line Detect\DLG.exe
C:\PROGRA~1\WIDCOMM\BLUETO~1\BTSTAC~1.EXE
C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\system32\dllhost.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\PROGRA~1\Intel\Wireless\Bin\Dot1XCfg.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\eHome\ehmsas.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Windows Live\Toolbar\wltuser.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = https://actus.sfr.fr
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = https://actus.sfr.fr
R1 - HKLM\Software\Microsoft\Internet Explorer\Search,Default_Page_URL = www.google.fr/ig/dell?hl=fr&client=dell-row&channel=fr&ibd=0061005
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = https://www.bing.com/?FORM=TOOLBR&cc=fr&toHttps=1&redig=4527FFF1C12746FC9EDB535C75E80ECC
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: (no name) - {BC4FFE41-DE9F-46fa-B455-AAD49B9F9938} - (no file)
R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll (file missing)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla\tfswshx.dll
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.1.1119.1736\swg.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: Easy-WebPrint - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:\Program Files\Canon\Easy-WebPrint\Toolband.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe
O4 - HKLM\..\Run: [SigmatelSysTrayApp] stsystra.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [ATICCC] "C:\Program Files\ATI Technologies\ATI.ACE\cli.exe" runtime -Delay
O4 - HKLM\..\Run: [IntelZeroConfig] "C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe"
O4 - HKLM\..\Run: [IntelWireless] "C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe" /tf Intel PROSet/Wireless
O4 - HKLM\..\Run: [DVDLauncher] "C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe"
O4 - HKLM\..\Run: [CTSVolFE.exe] "C:\Program Files\Creative\Mixer\CTSVolFE.exe" /r
O4 - HKLM\..\Run: [dla] C:\WINDOWS\system32\dla\tfswctrl.exe
O4 - HKLM\..\Run: [ISUSPM Startup] "C:\Program Files\Fichiers communs\InstallShield\UpdateService\isuspm.exe" -startup
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [MSKDetectorExe] C:\Program Files\McAfee\SpamKiller\MSKDetct.exe /uninstall
O4 - HKLM\..\Run: [OpwareSE2] "C:\Program Files\ScanSoft\OmniPageSE2.0\OpwareSE2.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Fichiers communs\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [BigDogPath] C:\WINDOWS\VM_STI.EXE Philips SPC 200NC PC Camera
O4 - HKLM\..\Run: [DAEMON Tools] "C:\Program Files\DAEMON Tools\daemon.exe" -lang 1033
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [Ad-Watch] C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [DellSupport] "C:\Program Files\Dell Support\DSAgnt.exe" /startup
O4 - HKCU\..\Run: [Configuration de la C-BOX] C:\Program Files\Cegetel\C-BOX\Wizard\QuickAccess.exe
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe"
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: BTTray.lnk = ?
O4 - Global Startup: Dell Network Assistant.lnk = ?
O4 - Global Startup: Digital Line Detect.lnk = ?
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: TrayMin200.exe.lnk = C:\Program Files\Philips\SPC 200NC PC Camera\TrayMin200.exe
O8 - Extra context menu item: Add to Windows &Live Favorites - https://onedrive.live.com/?id=favorites
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Easy-WebPrint Ajouter à la liste d'impressions - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_AddToList.html
O8 - Extra context menu item: Easy-WebPrint Impression rapide - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_HSPrint.html
O8 - Extra context menu item: Easy-WebPrint Imprimer - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_Print.html
O8 - Extra context menu item: Easy-WebPrint Prévisualiser - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_Preview.html
O8 - Extra context menu item: Envoyer au périphérique &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} (Facebook Photo Uploader 5) - http://upload.facebook.com/controls/FacebookPhotoUploader5.cab
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} - http://download.mcafee.com/molbin/shared/mcinsctl/4,0,0,101/mcinsctl.cab
O16 - DPF: {5C051655-FCD5-4969-9182-770EA5AA5565} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown.cab56986.cab
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://messenger.zone.msn.com/binary/ZIntro.cab56649.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{66A456DE-861C-470A-BDB2-155E8673462F}: NameServer = 192.168.1.1
O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL
O20 - Winlogon Notify: GoToAssist - C:\Program Files\Citrix\GoToAssist\480\G2AWinLogon.dll
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
O23 - Service: Creative Labs Licensing Service - Creative Labs - C:\Program Files\Fichiers communs\Creative Labs Shared\Service\CreativeLicensing.exe
O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
O23 - Service: GoToAssist - Citrix Online, a division of Citrix Systems, Inc. - C:\Program Files\Citrix\GoToAssist\480\g2aservice.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Advanced Networking Service (hnmsvc) - SingleClick Systems - C:\Program Files\Dell Network Assistant\hnm_svc.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Lavasoft Ad-Aware Service - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NICCONFIGSVC - Dell Inc. - C:\Program Files\Dell\QuickSet\NICCONFIGSVC.exe
O23 - Service: nProtect GameGuard Service (npggsvc) - Unknown owner - C:\WINDOWS\system32\GameMon.des.exe (file missing)
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
O23 - Service: Intel(R) PROSet/Wireless Service (S24EventMonitor) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
O23 - Service: Intel(R) PROSet/Wireless SSO Service (WLANKEEPER) - Intel(R) Corporation - C:\Program Files\Intel\Wireless\Bin\WLKeeper.exe

Réponse 11 / 37

lesane662 Messages postés 1564 Statut Membre 149

Ok relance hijackthis mais cette fois clic sur "Do a system scan only"

et coche la case en face de ces lignes :

R3 - URLSearchHook: (no name) - {BC4FFE41-DE9F-46fa-B455-AAD49B9F9938} - (no file)

R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll

O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)

O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe

O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')

Puis clic sur "Fix checxked" puis redemùarre ton pc

ensuite télécharge Malwarebytes' Anti-Malware (logiciel a garder et faire un scan rapide de temps en temps)

* Double clique sur le fichier téléchargé pour lancer le processus d'installation.
* Dans l'onglet "Mise à jour", clique sur le bouton "Recherche de mise à jour": si le pare-feu demande l'autorisation à MBAM de se connecter, accepte.
* Une fois la mise à jour terminée, rends-toi dans l'onglet "Recherche".
* Sélectionne "Exécuter un examen rapide"
* Clique sur "Rechercher"
* L'analyse démarre, le scan est relativement court.
* A la fin de l'analyse, un message s'affiche :

L'examen s'est terminé normalement. Clique sur 'Afficher les résultats' pour afficher tous les objets trouvés.

Clique sur "Ok" pour poursuivre. Si MBAM n'a rien trouvé, il te le dira aussi.
* Si des malwares ont été détectés, clique sur Afficher les résultats.
Sélectionne tout (ou laisse coché) et clique sur Supprimer la sélection, MBAM va détruire les fichiers et clés de registre et en mettre une copie dans la quarantaine.
* MBAM va ouvrir le Bloc-notes et y copier le rapport d'analyse. Copie-colle ce rapport et poste-le dans ta prochaine réponse.

NB : Si MBAM te demande à redémarrer, fais-le.

JK85

Malwarebytes' Anti-Malware 1.37
Version de la base de données: 2282
Windows 5.1.2600 Service Pack 3

15/06/2009 14:24:43
mbam-log-2009-06-15 (14-24-43).txt

Type de recherche: Examen rapide
Eléments examinés: 92916
Temps écoulé: 3 minute(s), 47 second(s)

Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 0
Valeur(s) du Registre infectée(s): 0
Elément(s) de données du Registre infecté(s): 1
Dossier(s) infecté(s): 0
Fichier(s) infecté(s): 3

Processus mémoire infecté(s):
(Aucun élément nuisible détecté)

Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)

Clé(s) du Registre infectée(s):
(Aucun élément nuisible détecté)

Valeur(s) du Registre infectée(s):
(Aucun élément nuisible détecté)

Elément(s) de données du Registre infecté(s):
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL\CheckedValue (Hijack.System.Hidden) -> Bad: (0) Good: (1) -> Quarantined and deleted successfully.

Dossier(s) infecté(s):
(Aucun élément nuisible détecté)

Fichier(s) infecté(s):
C:\WINDOWS\system32\ckvo0.dll (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\ckvo1.dll (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\ckvo2.dll (Spyware.OnlineGames) -> Quarantined and deleted successfully.

Réponse 12 / 37

lesane662 Messages postés 1564 Statut Membre 149

Repasse un coup Ccleaner et dis moi si ton pc va mieux !

JK85

Parfait, plus de pubs!!
Je te remercie pour ton aide!

Réponse 13 / 37

lesane662 Messages postés 1564 Statut Membre 149

Attend il faut que tu supprime les point de restauration systeme et que tu en créer un nouveau (sain)

pour cela :

# aller dans le panneau de configuration
# aller dans "système"
# Aller dans l'onglet "restauration du système"
# Choisir "désactiver la restauration"ce qui a pour effet de supprimer tous les points de restauration

Ensuite redémarre ton pc puis refait la même manip. mais cette fois réactive la restauration système

Ceci est nécessaire car il se pourrai que l'infection se soit logé dans un ou plusieurs point de restauration , donc au cas ou tu devrais restaurer ton système pour cause divers l'infection pourrai se réinstaller

JK85

C'est fait!!
Merci!!!
:)

Réponse 14 / 37

lesane662 Messages postés 1564 Statut Membre 149

De rien mais attend ne soit pas si presser lol !

il faut virer certain logiciel que je t'ai fait télécharger

Pour cela télécharge Toolcleaner2

exécute le clic sur recherche et ensuite supprime ce qu'il a trouvé

PS : Avast n'est plus ce qu'il était donc je te suggère de le virer et d'installer à la place Avira Antivir

JK85

lol! Désolé!!
Merci en tout cas!

Une derniere petite chose, j'ai mon PC qui n'arrete pas de s'eteindre tout seul, tu ne sais pas d'ou ça peu venir????? merci d'avance

Réponse 15 / 37

lesane662 Messages postés 1564 Statut Membre 149

il s'éteint tout seul ? c'est un nouveau problème ça ?

tu peux reposter un log hijackthis s'te plait !!

JK85

C'est pas le meme pc!
Je fais comment pr le log, je n'ais plus le fichier il a eté supprimé avc le reste.

Réponse 16 / 37

lesane662 Messages postés 1564 Statut Membre 149

Ah OK on a soigné un PC et tu en as un 2eme qui est malade c'est ça ?

pas de problème pour le log télécharge Hijackthis <<<<<En cliquant ici>>>>>

Réponse 17 / 37

JK85

Oui c'est ça!! J'ai pas de chnace avc les PC!!

Le log tu le veux avc "Do a system scan and save the logfile" ou l'autre??

Réponse 18 / 37

lesane662 Messages postés 1564 Statut Membre 149

Celui ou il te donne un rapport txt "Do a system scan and save the logfile"

JK85

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 22:14:14, on 15/06/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
C:\Program Files\Intel\Wireless\Bin\WLKeeper.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
C:\Program Files\Fichiers communs\Creative Labs Shared\Service\CreativeLicensing.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\Program Files\Dell Network Assistant\hnm_svc.exe
C:\WINDOWS\ehome\ehtray.exe
C:\WINDOWS\stsystra.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe
C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe
C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe
C:\Program Files\Creative\Mixer\CTSVolFE.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\WINDOWS\system32\dla\tfswctrl.exe
C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\ScanSoft\OmniPageSE2.0\OpwareSE2.exe
C:\Program Files\Dell\QuickSet\NICCONFIGSVC.exe
C:\WINDOWS\VM_STI.EXE
C:\Program Files\DAEMON Tools\daemon.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktopIndex.exe
C:\Program Files\Dell Support\DSAgnt.exe
C:\Program Files\Cegetel\C-BOX\Wizard\QuickAccess.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktopDisplay.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexStoreSvr.exe
C:\Program Files\Dell Network Assistant\ezi_hnm2.exe
C:\Program Files\Digital Line Detect\DLG.exe
C:\WINDOWS\system32\svchost.exe
C:\PROGRA~1\WIDCOMM\BLUETO~1\BTSTAC~1.EXE
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\system32\dllhost.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\WINDOWS\eHome\ehmsas.exe
C:\PROGRA~1\Intel\Wireless\Bin\Dot1XCfg.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Program Files\eMule\emule.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Windows Live\Toolbar\wltuser.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Windows Live\Contacts\wlcomm.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = https://actus.sfr.fr
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = https://actus.sfr.fr
R1 - HKLM\Software\Microsoft\Internet Explorer\Search,Default_Page_URL = www.google.fr/ig/dell?hl=fr&client=dell-row&channel=fr&ibd=0061005
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = https://www.bing.com/?FORM=TOOLBR&cc=fr&toHttps=1&redig=4527FFF1C12746FC9EDB535C75E80ECC
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll (file missing)
O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla\tfswshx.dll
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.1.1119.1736\swg.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: Easy-WebPrint - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:\Program Files\Canon\Easy-WebPrint\Toolband.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe
O4 - HKLM\..\Run: [SigmatelSysTrayApp] stsystra.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [ATICCC] "C:\Program Files\ATI Technologies\ATI.ACE\cli.exe" runtime -Delay
O4 - HKLM\..\Run: [IntelZeroConfig] "C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe"
O4 - HKLM\..\Run: [IntelWireless] "C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe" /tf Intel PROSet/Wireless
O4 - HKLM\..\Run: [DVDLauncher] "C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe"
O4 - HKLM\..\Run: [CTSVolFE.exe] "C:\Program Files\Creative\Mixer\CTSVolFE.exe" /r
O4 - HKLM\..\Run: [dla] C:\WINDOWS\system32\dla\tfswctrl.exe
O4 - HKLM\..\Run: [ISUSPM Startup] "C:\Program Files\Fichiers communs\InstallShield\UpdateService\isuspm.exe" -startup
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [MSKDetectorExe] C:\Program Files\McAfee\SpamKiller\MSKDetct.exe /uninstall
O4 - HKLM\..\Run: [OpwareSE2] "C:\Program Files\ScanSoft\OmniPageSE2.0\OpwareSE2.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Fichiers communs\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [BigDogPath] C:\WINDOWS\VM_STI.EXE Philips SPC 200NC PC Camera
O4 - HKLM\..\Run: [DAEMON Tools] "C:\Program Files\DAEMON Tools\daemon.exe" -lang 1033
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKCU\..\Run: [DellSupport] "C:\Program Files\Dell Support\DSAgnt.exe" /startup
O4 - HKCU\..\Run: [Configuration de la C-BOX] C:\Program Files\Cegetel\C-BOX\Wizard\QuickAccess.exe
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - Global Startup: BTTray.lnk = ?
O4 - Global Startup: Dell Network Assistant.lnk = ?
O4 - Global Startup: Digital Line Detect.lnk = ?
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: TrayMin200.exe.lnk = C:\Program Files\Philips\SPC 200NC PC Camera\TrayMin200.exe
O8 - Extra context menu item: Add to Windows &Live Favorites - https://onedrive.live.com/?id=favorites
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Easy-WebPrint Ajouter à la liste d'impressions - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_AddToList.html
O8 - Extra context menu item: Easy-WebPrint Impression rapide - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_HSPrint.html
O8 - Extra context menu item: Easy-WebPrint Imprimer - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_Print.html
O8 - Extra context menu item: Easy-WebPrint Prévisualiser - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_Preview.html
O8 - Extra context menu item: Envoyer au périphérique &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} (Facebook Photo Uploader 5) - http://upload.facebook.com/controls/FacebookPhotoUploader5.cab
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} - http://download.mcafee.com/molbin/shared/mcinsctl/4,0,0,101/mcinsctl.cab
O16 - DPF: {5C051655-FCD5-4969-9182-770EA5AA5565} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown.cab56986.cab
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://messenger.zone.msn.com/binary/ZIntro.cab56649.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{66A456DE-861C-470A-BDB2-155E8673462F}: NameServer = 192.168.1.1
O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL
O20 - Winlogon Notify: GoToAssist - C:\Program Files\Citrix\GoToAssist\480\G2AWinLogon.dll
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
O23 - Service: Creative Labs Licensing Service - Creative Labs - C:\Program Files\Fichiers communs\Creative Labs Shared\Service\CreativeLicensing.exe
O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
O23 - Service: GoToAssist - Citrix Online, a division of Citrix Systems, Inc. - C:\Program Files\Citrix\GoToAssist\480\g2aservice.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Advanced Networking Service (hnmsvc) - SingleClick Systems - C:\Program Files\Dell Network Assistant\hnm_svc.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NICCONFIGSVC - Dell Inc. - C:\Program Files\Dell\QuickSet\NICCONFIGSVC.exe
O23 - Service: nProtect GameGuard Service (npggsvc) - Unknown owner - C:\WINDOWS\system32\GameMon.des.exe (file missing)
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
O23 - Service: Intel(R) PROSet/Wireless Service (S24EventMonitor) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
O23 - Service: Intel(R) PROSet/Wireless SSO Service (WLANKEEPER) - Intel(R) Corporation - C:\Program Files\Intel\Wireless\Bin\WLKeeper.exe

Réponse 19 / 37

lesane662 Messages postés 1564 Statut Membre 149

Si ça ne te dérange pas on continuera un peu plus tard car là j'ai quelques bricole à faire !!!

JK85

Meme demain, pas de probleme!!
Encore merci!
Bye

JK85 > JK85

Salut,

J'aimerais savoir si tu pourrais arranger mon probleme de centrale qui s'eteind toute seule, je sais pas si c'est a cause d'un virus, d'une surchauffe ou autre. Merci

Réponse 20 / 37

lesane662 Messages postés 1564 Statut Membre 149

ça doit être ton pare feu qui bloque le téléchargement donc règle ton pare feu pour qu'il laisse passer GenProc

Tu as quoi comme parefeu ?

JK85

J'ai le pare feu de windows je l'ai desactivé mais il ne veux tjr pas que je telecharge le fichié..

Pub qui s'affiche sans meme etre sur le net!

37 réponses

Votre réponse

Discussions similaires