Bonjour je reçois des fenêtres intempestives suite au virus drive cleaner j'ai suivi les démarches, j'espère les avoir bien exécutées mais je continue à avoir des fenêtres de pub voici mes rapports merci d'avance pour votre aide --------------------------------------------------------- AVG Anti-Spyware - Rapport d'analyse --------------------------------------------------------- + Créé à: 23:32:16 16/04/2007 + Résultat de l'analyse: C:\System Volume Information\_restore{0B67A976-2754-4EF5-882D-104CC0D7B201}\RP797\A0070410.exe/cd_clint.dll -> Adware.Cydoor : Nettoyé. C:\System Volume Information\_restore{0B67A976-2754-4EF5-882D-104CC0D7B201}\RP797\A0070410.exe/cd_htm.dll -> Adware.Cydoor : Nettoyé. HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\{c95fe080-8f5d-11d2-a20b-00aa003c157a} -> Adware.Generic : Nettoyé. C:\Program Files\FreeGo\Winpcap\WinPcap4.exe -> Adware.MediaTicket : Nettoyé. C:\Program Files\WinPcap\Uninstall.exe -> Adware.MediaTicket : Nettoyé. C:\System Volume Information\_restore{0B67A976-2754-4EF5-882D-104CC0D7B201}\RP797\A0070432.exe/of_play_ins_w_2039.exe -> Adware.OnFlow : Nettoyé. C:\System Volume Information\_restore{0B67A976-2754-4EF5-882D-104CC0D7B201}\RP797\A0070433.exe/tsad.dll -> Adware.TimeSinc : Nettoyé. C:\System Volume Information\_restore{0B67A976-2754-4EF5-882D-104CC0D7B201}\RP797\A0070432.exe/tsad.dll -> Adware.TimeSink : Nettoyé. C:\System Volume Information\_restore{0B67A976-2754-4EF5-882D-104CC0D7B201}\RP797\A0070432.exe/tsadbot.exe -> Adware.TimeSink : Nettoyé. C:\System Volume Information\_restore{0B67A976-2754-4EF5-882D-104CC0D7B201}\RP797\A0070433.exe/TSAdBot.exe -> Adware.TimeSink : Nettoyé. C:\Program Files\Programme\eMule\Incoming\Emu - Emulateur - Emulator - Ps1 - Ps2 - Xbox - Dreamcast - Gba - Gameboy Advance Naruto.rar/Emulateur De Ps2 De Xbox Et Dreamcast,Ps1\emulateur de Ps2 de Xbox et Dreamcast,Ps1\xbox\Emulateur - Xbox.rar/Emulateur - Xbox\xbox_emulator.1.00.exe -> Backdoor.Emulbox : Nettoyé. C:\Program Files\Programme\eMule\Incoming\Emu - Emulateur - Emulator - Ps1 - Ps2 - Xbox - Dreamcast - Gba - Gameboy Advance Naruto.rar/Emulateur De Ps2 De Xbox Et Dreamcast,Ps1\emulateur de Ps2 de Xbox et Dreamcast,Ps1\Ps2\PS2 Emulateur pour PC.exe -> Backdoor.VB.nn : Nettoyé. Fin du rapport BitDefender Online Scanner Scan report generated at: Tue, Apr 17, 2007 - 18:52:03 Scan path: C:\; Statistics Time 01:56:37 Files 468868 Folders 5990 Boot Sectors 2 Archives 7718 Packed Files 40414 Results Identified Viruses 12 Infected Files 32 Suspect Files 0 Warnings 0 Disinfected 0 Deleted Files 44 Engines Info Virus Definitions 486517 Engine build AVCORE v1.0 (build 2397) (i386) (Feb 8 2007 14:24:08) Scan plugins 14 Archive plugins 38 Unpack plugins 6 E-mail plugins 6 System plugins 1 Scan Settings First Action Disinfect Second Action Delete Heuristics Yes Enable Warnings Yes Scanned Extensions *; Exclude Extensions Scan Emails Yes Scan Archives Yes Scan Packed Yes Scan Files Yes Scan Boot Yes Scanned File Status C:\Documents and Settings\Offspring182\Local Settings\Temp\tmp2.tmp.exe Infected with: Trojan.Agent.AMQ C:\Documents and Settings\Offspring182\Local Settings\Temp\tmp2.tmp.exe Disinfection failed C:\Documents and Settings\Offspring182\Local Settings\Temp\tmp2.tmp.exe Deleted C:\Documents and Settings\Offspring182\Local Settings\Temp\tmpD7.tmp.exe Infected with: Trojan.Agent.AMQ C:\Documents and Settings\Offspring182\Local Settings\Temp\tmpD7.tmp.exe Disinfection failed C:\Documents and Settings\Offspring182\Local Settings\Temp\tmpD7.tmp.exe Deleted C:\Documents and Settings\Offspring182\Local Settings\Temp\tmpD9.tmp.exe Infected with: Trojan.Downloader.Agent.AMM C:\Documents and Settings\Offspring182\Local Settings\Temp\tmpD9.tmp.exe Disinfection failed C:\Documents and Settings\Offspring182\Local Settings\Temp\tmpD9.tmp.exe Deleted C:\Documents and Settings\Offspring182\Local Settings\Temporary Internet Files\Content.IE5\8PQ30DEJ\smysmymr20070406[1] Infected with: Trojan.Agent.AMQ C:\Documents and Settings\Offspring182\Local Settings\Temporary Internet Files\Content.IE5\8PQ30DEJ\smysmymr20070406[1] Disinfection failed C:\Documents and Settings\Offspring182\Local Settings\Temporary Internet Files\Content.IE5\8PQ30DEJ\smysmymr20070406[1] Deleted C:\Documents and Settings\Offspring182\Local Settings\Temporary Internet Files\Content.IE5\I909M5C9\smysmymr20070406[1] Infected with: Trojan.Agent.AMQ C:\Documents and Settings\Offspring182\Local Settings\Temporary Internet Files\Content.IE5\I909M5C9\smysmymr20070406[1] Disinfection failed C:\Documents and Settings\Offspring182\Local Settings\Temporary Internet Files\Content.IE5\I909M5C9\smysmymr20070406[1] Deleted C:\Documents and Settings\Offspring182\Local Settings\Temporary Internet Files\Content.IE5\RASBFTW5\CAH88BH1.php Infected with: Trojan.Downloader.Agent.AMM C:\Documents and Settings\Offspring182\Local Settings\Temporary Internet Files\Content.IE5\RASBFTW5\CAH88BH1.php Disinfection failed C:\Documents and Settings\Offspring182\Local Settings\Temporary Internet Files\Content.IE5\RASBFTW5\CAH88BH1.php Deleted C:\Documents and Settings\Offspring182\Local Settings\Temporary Internet Files\Content.IE5\T1KDKTTR\WinAntiVirusPro2006FreeInstall_fr[1].cab=>UWA6PV_0001_N91M2107NetInstaller.exe Infected with: Trojan.Downloader.Winfixer.O C:\Documents and Settings\Offspring182\Local Settings\Temporary Internet Files\Content.IE5\T1KDKTTR\WinAntiVirusPro2006FreeInstall_fr[1].cab=>UWA6PV_0001_N91M2107NetInstaller.exe Disinfection failed C:\Documents and Settings\Offspring182\Local Settings\Temporary Internet Files\Content.IE5\T1KDKTTR\WinAntiVirusPro2006FreeInstall_fr[1].cab=>UWA6PV_0001_N91M2107NetInstaller.exe Deleted C:\Documents and Settings\Offspring182\Local Settings\Temporary Internet Files\Content.IE5\T1KDKTTR\WinAntiVirusPro2006FreeInstall_fr[1].cab Update failed C:\Program Files\Antivirus\Norton Antivirus\Quarantine\06690FD2=>(Quarantine-2) Infected with: Generic.Sdbot.BC9D7D17 C:\Program Files\Antivirus\Norton Antivirus\Quarantine\06690FD2=>(Quarantine-2) Deleted C:\Program Files\Antivirus\Norton Antivirus\Quarantine\0E973E5A.exe=>(Quarantine-2) Infected with: Backdoor.Poebot.A C:\Program Files\Antivirus\Norton Antivirus\Quarantine\0E973E5A.exe=>(Quarantine-2) Disinfection failed C:\Program Files\Antivirus\Norton Antivirus\Quarantine\0E973E5A.exe=>(Quarantine-2) Deleted C:\Program Files\Antivirus\Norton Antivirus\Quarantine\1E6A565F=>(Quarantine-2) Infected with: Backdoor.Poebot.A C:\Program Files\Antivirus\Norton Antivirus\Quarantine\1E6A565F=>(Quarantine-2) Disinfection failed C:\Program Files\Antivirus\Norton Antivirus\Quarantine\1E6A565F=>(Quarantine-2) Deleted C:\Program Files\Antivirus\Norton Antivirus\Quarantine\2B3B2A44=>(Quarantine-2) Infected with: Backdoor.Poebot.A C:\Program Files\Antivirus\Norton Antivirus\Quarantine\2B3B2A44=>(Quarantine-2) Disinfection failed C:\Program Files\Antivirus\Norton Antivirus\Quarantine\2B3B2A44=>(Quarantine-2) Deleted C:\Program Files\Antivirus\Norton Antivirus\Quarantine\343D14B2=>(Quarantine-2) Infected with: Generic.Sdbot.FBB56154 C:\Program Files\Antivirus\Norton Antivirus\Quarantine\343D14B2=>(Quarantine-2) Deleted C:\Program Files\Antivirus\Norton Antivirus\Quarantine\379142B1=>(Quarantine-2) Infected with: Backdoor.Poebot.A C:\Program Files\Antivirus\Norton Antivirus\Quarantine\379142B1=>(Quarantine-2) Disinfection failed C:\Program Files\Antivirus\Norton Antivirus\Quarantine\379142B1=>(Quarantine-2) Deleted C:\Program Files\Antivirus\Norton Antivirus\Quarantine\3FE71006.exe=>(Quarantine-2) Infected with: Generic.Sdbot.F2997CD6 C:\Program Files\Antivirus\Norton Antivirus\Quarantine\3FE71006.exe=>(Quarantine-2) Deleted C:\Program Files\Antivirus\Norton Antivirus\Quarantine\426256C9=>(Quarantine-2) Infected with: Backdoor.Poebot.A C:\Program Files\Antivirus\Norton Antivirus\Quarantine\426256C9=>(Quarantine-2) Disinfection failed C:\Program Files\Antivirus\Norton Antivirus\Quarantine\426256C9=>(Quarantine-2) Deleted C:\Program Files\Antivirus\Norton Antivirus\Quarantine\48B959CF=>(Quarantine-2) Infected with: Backdoor.Poebot.A C:\Program Files\Antivirus\Norton Antivirus\Quarantine\48B959CF=>(Quarantine-2) Disinfection failed C:\Program Files\Antivirus\Norton Antivirus\Quarantine\48B959CF=>(Quarantine-2) Deleted C:\Program Files\Antivirus\Norton Antivirus\Quarantine\553D3E0A=>(Quarantine-2) Infected with: Backdoor.Poebot.A C:\Program Files\Antivirus\Norton Antivirus\Quarantine\553D3E0A=>(Quarantine-2) Disinfection failed C:\Program Files\Antivirus\Norton Antivirus\Quarantine\553D3E0A=>(Quarantine-2) Deleted C:\Program Files\Antivirus\Norton Antivirus\Quarantine\63680657=>(Quarantine-2) Infected with: Generic.Sdbot.BC9D7D17 C:\Program Files\Antivirus\Norton Antivirus\Quarantine\63680657=>(Quarantine-2) Deleted C:\Program Files\Antivirus\Norton Antivirus\Quarantine\6D2A0DED=>(Quarantine-2) Infected with: Generic.Sdbot.129EE275 C:\Program Files\Antivirus\Norton Antivirus\Quarantine\6D2A0DED=>(Quarantine-2) Deleted C:\Program Files\Antivirus\Norton Antivirus\Quarantine\6D3161E6=>(Quarantine-2) Infected with: Generic.Sdbot.FBB56154 C:\Program Files\Antivirus\Norton Antivirus\Quarantine\6D3161E6=>(Quarantine-2) Deleted C:\RECYCLER\NPROTECT\00021522.exe=>wise0020=>(ZIP Sfx s)=>cd_htm.dll Detected with: Adware.CyDoor C:\RECYCLER\NPROTECT\00021522.exe=>wise0020=>(ZIP Sfx s)=>cd_htm.dll Disinfection failed C:\RECYCLER\NPROTECT\00021522.exe=>wise0020=>(ZIP Sfx s)=>cd_htm.dll Deleted C:\RECYCLER\NPROTECT\00021522.exe=>wise0020=>(ZIP Sfx s) Updated C:\RECYCLER\NPROTECT\00021522.exe=>wise0020 Update failed C:\RECYCLER\NPROTECT\00021730.exe=>wise0009=>(ZIP Sfx s)=>cd_htm.dll Detected with: Adware.CyDoor C:\RECYCLER\NPROTECT\00021730.exe=>wise0009=>(ZIP Sfx s)=>cd_htm.dll Disinfection failed C:\RECYCLER\NPROTECT\00021730.exe=>wise0009=>(ZIP Sfx s)=>cd_htm.dll Deleted C:\RECYCLER\NPROTECT\00021730.exe=>wise0009=>(ZIP Sfx s) Updated C:\RECYCLER\NPROTECT\00021730.exe=>wise0009 Update failed C:\RECYCLER\NPROTECT\00021730.exe=>wise0021 Infected with: Backdoor.FTP.Bmail C:\RECYCLER\NPROTECT\00021730.exe=>wise0021 Disinfection failed C:\RECYCLER\NPROTECT\00021730.exe=>wise0021 Deleted C:\RECYCLER\NPROTECT\00021730.exe Update failed C:\RECYCLER\NPROTECT\00021730.exe=>wise0053=>(ZIP Sfx s)=>cd_htm.dll Detected with: Adware.CyDoor C:\RECYCLER\NPROTECT\00021730.exe=>wise0053=>(ZIP Sfx s)=>cd_htm.dll Disinfection failed C:\RECYCLER\NPROTECT\00021730.exe=>wise0053=>(ZIP Sfx s)=>cd_htm.dll Deleted C:\RECYCLER\NPROTECT\00021730.exe=>wise0053=>(ZIP Sfx s) Updated C:\RECYCLER\NPROTECT\00021730.exe=>wise0053 Update failed C:\System Volume Information\_restore{0B67A976-2754-4EF5-882D-104CC0D7B201}\RP797\A0070297.dll Infected with: Trojan.Agent.AOM C:\System Volume Information\_restore{0B67A976-2754-4EF5-882D-104CC0D7B201}\RP797\A0070297.dll Disinfection failed C:\System Volume Information\_restore{0B67A976-2754-4EF5-882D-104CC0D7B201}\RP797\A0070297.dll Deleted C:\System Volume Information\_restore{0B67A976-2754-4EF5-882D-104CC0D7B201}\RP797\A0070456.dll Infected with: Trojan.Agent.AOM C:\System Volume Information\_restore{0B67A976-2754-4EF5-882D-104CC0D7B201}\RP797\A0070456.dll Disinfection failed C:\System Volume Information\_restore{0B67A976-2754-4EF5-882D-104CC0D7B201}\RP797\A0070456.dll Deleted C:\System Volume Information\_restore{0B67A976-2754-4EF5-882D-104CC0D7B201}\RP797\A0070459.dll Infected with: Trojan.Agent.AOM C:\System Volume Information\_restore{0B67A976-2754-4EF5-882D-104CC0D7B201}\RP797\A0070459.dll Disinfection failed C:\System Volume Information\_restore{0B67A976-2754-4EF5-882D-104CC0D7B201}\RP797\A0070459.dll Deleted C:\System Volume Information\_restore{0B67A976-2754-4EF5-882D-104CC0D7B201}\RP797\A0070492.exe=>(Quarantine-2) Infected with: Backdoor.Poebot.A C:\System Volume Information\_restore{0B67A976-2754-4EF5-882D-104CC0D7B201}\RP797\A0070492.exe=>(Quarantine-2) Disinfection failed C:\System Volume Information\_restore{0B67A976-2754-4EF5-882D-104CC0D7B201}\RP797\A0070492.exe=>(Quarantine-2) Deleted C:\System Volume Information\_restore{0B67A976-2754-4EF5-882D-104CC0D7B201}\RP797\A0070493.exe=>(Quarantine-2) Infected with: Generic.Sdbot.F2997CD6 C:\System Volume Information\_restore{0B67A976-2754-4EF5-882D-104CC0D7B201}\RP797\A0070493.exe=>(Quarantine-2) Deleted C:\WINDOWS\pmkkji.dll Infected with: Trojan.Agent.AOM C:\WINDOWS\pmkkji.dll Disinfection failed C:\WINDOWS\pmkkji.dll Delete failed C:\WINDOWS\system32\kbd394.dll Infected with: Trojan.Downloader.ConHook.AI C:\WINDOWS\system32\kbd394.dll Disinfection failed C:\WINDOWS\system32\kbd394.dll Delete failed C:\WINDOWS\xxyvsp.dll Infected with: Trojan.Agent.AOM C:\WINDOWS\xxyvsp.dll Disinfection failed C:\WINDOWS\xxyvsp.dll Delete failed Logfile of HijackThis v1.99.1 Scan saved at 18:58:12, on 17/04/2007 Platform: Windows XP SP1 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe C:\Program Files\Antivirus\Norton Internet Security\NISUM.EXE C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe C:\WINDOWS\Explorer.EXE C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe C:\Program Files\Antivirus\Norton Internet Security\ccPxySvc.exe c:\progra~1\mcafee\mcafee antispyware\massrv.exe c:\program files\mcafee.com\agent\mcdetect.exe c:\PROGRA~1\mcafee.com\agent\mctskshd.exe C:\Program Files\Antivirus\Norton Antivirus\navapsvc.exe C:\WINDOWS\System32\nvsvc32.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\WildTangent\Apps\CDA\GameDrvr.exe C:\PROGRA~1\mcafee.com\agent\mcregwiz.exe C:\PROGRA~1\mcafee.com\agent\mcagent.exe C:\progra~1\mcafee\MCAFEE~1\masalert.exe C:\PROGRA~1\Grisoft\AVG7\avgcc.exe C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe C:\Program Files\MSN Messenger\MsnMsgr.Exe C:\WINDOWS\System32\wuauclt.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Hijackthis Version Française\VERSION TRADUITE ORIGINALE.EXE R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = https://www.free.fr/search/ R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.free.fr/freebox/index.html R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.free.fr/freebox/index.html R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = ;<local> R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: (no name) - {67C55A8D-E808-4caa-9EA7-F77102DE0BB6} - C:\WINDOWS\System32\tmp18.tmp.dll O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - C:\Program Files\MSN Apps\ST\01.02.3000.1001\en-xu\stmain.dll O2 - BHO: MSNToolBandBHO - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\01.02.3000.1001\fr\msntb.dll O2 - BHO: CNavExtBho Class - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Antivirus\Norton Antivirus\NavShExt.dll O2 - BHO: (no name) - {ebdb593b-32c8-467c-8eb6-6f508b7146dd} - C:\WINDOWS\system32\kbd394.dll O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Antivirus\Norton Antivirus\NavShExt.dll O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\01.02.3000.1001\fr\msntb.dll O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx O3 - Toolbar: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKLM\..\Run: [Windows PDG] winpdg.exe O4 - HKLM\..\Run: [Microsoft Services] lssrv.exe O4 - HKLM\..\Run: [start uploading] smsss.exe O4 - HKLM\..\Run: [Start Upping] svchostes.exe O4 - HKLM\..\Run: [WildTangent CDA] "C:\Program Files\WildTangent\Apps\CDA\GameDrvr.exe" /startup "C:\Program Files\WildTangent\Apps\CDA\cdaEngine0500.dll" O4 - HKLM\..\Run: [McRegWiz] C:\PROGRA~1\mcafee.com\agent\mcregwiz.exe /autorun O4 - HKLM\..\Run: [MCAgentExe] c:\PROGRA~1\mcafee.com\agent\mcagent.exe O4 - HKLM\..\Run: [MCUpdateExe] c:\PROGRA~1\mcafee.com\agent\mcupdate.exe O4 - HKLM\..\Run: [_AntiSpyware] c:\progra~1\mcafee\MCAFEE~1\masalert.exe O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVG7\avgcc.exe /STARTUP O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized O4 - HKLM\..\Run: [BootService] rundll32.exe "C:\WINDOWS\xxyvsp.dll",realset O4 - HKLM\..\RunServices: [Windows Update] wupdate.exe O4 - HKLM\..\RunServices: [Windows PDG] winpdg.exe O4 - HKLM\..\RunServices: [Microsoft Services] lssrv.exe O4 - HKLM\..\RunServices: [start uploading] smsss.exe O4 - HKLM\..\RunServices: [Start Upping] svchostes.exe O4 - HKCU\..\Run: [start uploading] smsss.exe O4 - HKCU\..\Run: [Start Upping] svchostes.exe O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background O4 - HKCU\..\RunServices: [start uploading] smsss.exe O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe O8 - Extra context menu item: &Download with &DAP - C:\PROGRA~1\UTILIT~1\DAP\dapextie.htm O8 - Extra context menu item: Download &all with DAP - C:\PROGRA~1\UTILIT~1\DAP\dapextie2.htm O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_04\bin\npjpi150_04.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_04\bin\npjpi150_04.dll O9 - Extra button: Run DAP - {669695BC-A811-4A9D-8CDF-BA8C795F261C} - C:\PROGRA~1\UTILIT~1\DAP\DAP.EXE O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing) O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing) O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE O9 - Extra 'Tools' menuitem: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE O14 - IERESET.INF: START_PAGE_URL=https://www.free.fr/freebox/index.html O16 - DPF: {1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} - http://ak.imgfarm.com/images/nocache/funwebproducts/ei-2/SmileyCentralFWBInitialSetup1.0.0.8-2.cab O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll O16 - DPF: {4E8A3661-FB5B-4AEF-BF60-B0E9712FAE49} (Silverwire Image Uploader 3.0 Control) - http://cdiscount.htmlupload.com/upload/JavaActiveX/ImageUploader3.cab O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scan8/oscan8.cab O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab O16 - DPF: {B12213CD-4189-415D-A054-7999528459F7} (pixelStormLauncher Class) - http://aolsvc.aol.com/onlinegames/free-trial-word-travels/pixelstormlauncher.cab O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMessengerSetupDownloader.cab O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing) O20 - AppInit_DLLs: O20 - Winlogon Notify: kbd394 - C:\WINDOWS\SYSTEM32\kbd394.dll O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe O23 - Service: Symantec Password Validation Service (ccPwdSvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccPwdSvc.exe O23 - Service: Symantec Proxy Service (ccPxySvc) - Symantec Corporation - C:\Program Files\Antivirus\Norton Internet Security\ccPxySvc.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: McAfee AntiSpyware Service - McAfee, Inc. - c:\progra~1\mcafee\mcafee antispyware\massrv.exe O23 - Service: McAfee WSC Integration (McDetect.exe) - McAfee, Inc - c:\program files\mcafee.com\agent\mcdetect.exe O23 - Service: McAfee Task Scheduler (McTskshd.exe) - McAfee, Inc - c:\PROGRA~1\mcafee.com\agent\mctskshd.exe O23 - Service: McAfee SecurityCenter Update Manager (mcupdmgr.exe) - McAfee, Inc - C:\PROGRA~1\McAfee.com\Agent\mcupdmgr.exe O23 - Service: Service Norton AntiVirus Auto-Protect (navapsvc) - Symantec Corporation - C:\Program Files\Antivirus\Norton Antivirus\navapsvc.exe O23 - Service: Norton Internet Security Accounts Manager (NISUM) - Symantec Corporation - C:\Program Files\Antivirus\Norton Internet Security\NISUM.EXE O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - Unknown owner - %ProgramFiles%\WinPcap\rpcapd.exe" -d -f "%ProgramFiles%\WinPcap\rpcapd.ini (file missing) O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\FICHIE~1\SYMANT~1\SCRIPT~1\SBServ.exe O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\Security Center\SymWSC.exe

Virus drive cleaner

Réponse 21 / 25

flo

Bonjour,
voilà j'ai fait ce que tu m'as demandé.
J'ai pas eu de difficultés pour le faire, bon c'est vrai que rien n'était compliqué ^^
Suis-je complètement désinfecté?

Pour ce qui est de l'ordinateur portable, je n'ai apparament pas de cd de restauration et le pc ne démarre pas sur windows (écran bleu) et le clavier ne répond pas avant le lancement de Windows.
Que puis-je faire?
La ram peut-elle être défectueuse?
Merci

flo

Je répond du pc portable en question, je l'ai redémarré sans succès une première fois puis une deuxième fois dans la foulé et miracle de l'informatique ^^ le problème a disparu!!
Le pc démarre normalement. Allez savoir ce qui s'est passé.
Bonne soirée.

Réponse 22 / 25

Utilisateur anonyme

Ton PC me semble propre à toi de me dire si tu rencontres des problèmes.

Pour le PC portable, n'hésite pas à le démonter pour le nettoyer il est peut-être sale ;-)

A++

flo

Bonjour,
ok
c'est possible que ce soit le nettoyage, je vais lui faire un nettoyage de printemps.
Merci beaucoup pour ton aide.
A+

flo

Bonjour,
je n'ai plus de problème, seulement j'ai parfois du mal à me connecter sur internet, mais je redémarre mon ordinateur dans ce cas.
J'ai fait un scan avec avast, il m'a détecté un cheval de troie qu'il m'a supprimé (enfin j'espère).
Sinon ras.
Merci beaucoup pour ton aide.
Je colle un rapport hijackthis pour confirmation

Logfile of HijackThis v1.99.1
Scan saved at 14:04:39, on 27/04/2007
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Antivirus\Avast\aswUpdSv.exe
C:\Program Files\Antivirus\Avast\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\Program Files\Antivirus\FireWall\Kerio Sunbelt\kpf4ss.exe
c:\progra~1\mcafee\mcafee antispyware\massrv.exe
c:\program files\mcafee.com\agent\mcdetect.exe
C:\WINDOWS\Explorer.EXE
c:\PROGRA~1\mcafee.com\agent\mctskshd.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Antivirus\Avast\ashWebSv.exe
C:\Program Files\Antivirus\Avast\ashMaiSv.exe
C:\Program Files\Antivirus\FireWall\Kerio Sunbelt\kpf4gui.exe
C:\Program Files\Antivirus\FireWall\Kerio Sunbelt\kpf4gui.exe
C:\PROGRA~1\mcafee.com\agent\mcagent.exe
C:\progra~1\mcafee\MCAFEE~1\masalert.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\PROGRA~1\ANTIVI~1\Avast\ashDisp.exe
C:\WINDOWS\System32\wuauclt.exe
C:\WINDOWS\System32\svchost.exe
C:\Hijackthis Version Française\VERSION TRADUITE ORIGINALE.EXE

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = https://www.free.fr/search/
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.free.fr/freebox/index.html
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.free.fr/freebox/index.html
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - C:\Program Files\MSN Apps\ST\01.02.3000.1001\en-xu\stmain.dll
O2 - BHO: MSNToolBandBHO - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\01.02.3000.1001\fr\msntb.dll
O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\01.02.3000.1001\fr\msntb.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O4 - HKLM\..\Run: [McRegWiz] C:\PROGRA~1\McAfee.com\Agent\mcregwiz.exe /autorun
O4 - HKLM\..\Run: [MCAgentExe] c:\PROGRA~1\mcafee.com\agent\mcagent.exe
O4 - HKLM\..\Run: [MCUpdateExe] c:\PROGRA~1\mcafee.com\agent\mcupdate.exe
O4 - HKLM\..\Run: [_AntiSpyware] c:\progra~1\mcafee\MCAFEE~1\masalert.exe
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ANTIVI~1\Avast\ashDisp.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_04\bin\npjpi150_04.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_04\bin\npjpi150_04.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O9 - Extra 'Tools' menuitem: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O14 - IERESET.INF: START_PAGE_URL=https://www.free.fr/freebox/index.html
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://www.kaspersky.com/kos/eng/partner/default/kavwebscan_unicode.cab
O16 - DPF: {1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} -
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O20 - AppInit_DLLs:
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Antivirus\Avast\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Antivirus\Avast\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Antivirus\Avast\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Antivirus\Avast\ashWebSv.exe" /service (file missing)
O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Sunbelt Kerio Personal Firewall 4 (KPF4) - Sunbelt Software - C:\Program Files\Antivirus\FireWall\Kerio Sunbelt\kpf4ss.exe
O23 - Service: McAfee AntiSpyware Service - McAfee, Inc. - c:\progra~1\mcafee\mcafee antispyware\massrv.exe
O23 - Service: McAfee WSC Integration (McDetect.exe) - McAfee, Inc - c:\program files\mcafee.com\agent\mcdetect.exe
O23 - Service: McAfee Task Scheduler (McTskshd.exe) - McAfee, Inc - c:\PROGRA~1\mcafee.com\agent\mctskshd.exe
O23 - Service: McAfee SecurityCenter Update Manager (mcupdmgr.exe) - McAfee, Inc - C:\PROGRA~1\McAfee.com\Agent\mcupdmgr.exe
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - Unknown owner - %ProgramFiles%\WinPcap\rpcapd.exe" -d -f "%ProgramFiles%\WinPcap\rpcapd.ini (file missing)
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Unknown owner - C:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe (file missing)

Réponse 23 / 25

Utilisateur anonyme

Salut

Fais ceci :

¤ Relance HijackThis, choisis "do a scan only" coche la case devant les lignes ci-dessous et clic en bas sur "fix checked"

R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_04\bin\npjpi150_04.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_04\bin\npjpi150_04.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)

¤ Clic sur "démarrer", "exécuter", tape: services.msc
Cherche dans la liste les lignes ci-dessous, tu fais un clic droit dessus choisis "propriétés" et régle les sur "désactivé"

- AVG Anti-Spyware Guard
- InstallDriver Table Manager
- NVIDIA Driver Helper Service
- Remote Packet Capture Protocol v.0
- Symantec Network Drivers Service

¤ Télécharge et double clic sur ce fichier, c'est pour corriger des traces laissés par ton infection. Accepte la fusion au registre
---> http://www.mediafire.com/?5kndjznzk3z

¤ Nettoyes complétement avec CCleaner.

¤ Puis défragmente ton PC, pas avec celui de Windows ..
https://kerio.probb.fr/t17-pourquoi-et-comment-dfragmenter-le-disque-dur

Ensuite, redémarre ton PC et dis moi comment ça se passe :-)

Réponse 24 / 25

flo

Bonjour,
j'ai utilisé un des logiciels de défragmentation, auslogics, et à première vue je n'ai aucun problème à première vue, même pas de virus (avast). Pourvu que ça dure!! ^^
Merci beaucoup.
Si je dois encore faire quelque chose, tiens moi au courant.
A+

Réponse 25 / 25

jo

http://www.truc-de-ouf.net/?news=70701

Virus drive cleaner - Page 2

Newsletters