Fp.pc-on-internet.com popup

Résolu
essem Messages postés 101 Statut Membre -  
g!rly Messages postés 18462 Statut Contributeur -
Bonjour,
J'ai des popups qui s'ouvre quand je démarre firefox, fp.pc-on-internet.com, j'ai lue quelque part que c'est à cause d'un logiciel que j'ai installé, Internet game box, alors je suis pris avec ça et avg, avast et adaware ne trouve rien ... je ne sais pas comment règler ce problème si quelqu'un pouvait m'aider s.v.p.
Configuration: Windows XP
Firefox 2.0.0.10

11 réponses

  1. g!rly Messages postés 18462 Statut Contributeur 407
     
    salut

    Télécharge combofix.exe (par sUBs) sur ton Bureau.

    -> http://download.bleepingcomputer.com/sUBs/ComboFix.exe

    -> Double clique combofix.exe.
    -> Tape sur la touche 1 (Yes) pour démarrer le scan.
    -> Lorsque le scan sera complété, un rapport apparaîtra. Copie/colle ce rapport dans ta prochaine réponse.

    NOTE : Le rapport se trouve également ici : C:\Combofix.txt
    0
  2. essem Messages postés 101 Statut Membre
     
    Merci, voila le rapport

    ComboFix 07-11-19.4 - Steve Masse 2007-11-28 3:33:48.1 - NTFSx86
    Microsoft Windows XP Édition familiale 5.1.2600.2.1252.1.1036.18.549 [GMT -5:00]
    Running from: C:\Documents and Settings\Steve Masse\Bureau\ComboFix.exe
    * Created a new restore point
    .

    (((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
    .

    c:\Documents and Settings\Steve Masse\Local Settings\Application Data\sptqvafbgd.dat
    c:\documents and settings\steve masse\local settings\application data\sptqvafbgd.exe
    c:\Documents and Settings\Steve Masse\Local Settings\Application Data\sptqvafbgd_nav.dat
    C:\Documents and Settings\Steve Masse\Local Settings\Application Data\sptqvafbgd_navps.dat
    C:\WINDOWS\system32\nvs2.inf

    .
    ((((((((((((((((((((((((((((( Fichiers créés 2007-10-28 to 2007-11-28 ))))))))))))))))))))))))))))))))))))
    .

    2007-11-28 02:59 <REP> d-------- C:\Documents and Settings\Steve Masse\Application Data\Grisoft
    2007-11-28 02:59 10,872 --a------ C:\WINDOWS\system32\drivers\AvgAsCln.sys
    2007-11-28 02:46 <REP> d-------- C:\Program Files\Navilog1
    2007-11-25 16:29 <REP> d-------- C:\Program Files\Microsoft Games
    2007-11-19 18:40 <REP> d-------- C:\Program Files\Super Internet TV
    2007-11-18 20:41 <REP> d-------- C:\Program Files\Alwil Software
    2007-11-18 20:41 1,060,864 --a------ C:\WINDOWS\system32\MFC71.dll
    2007-11-18 20:41 815,480 --a------ C:\WINDOWS\system32\aswBoot.exe
    2007-11-18 20:41 380,928 --a------ C:\WINDOWS\system32\actskin4.ocx
    2007-11-18 20:41 95,608 --a------ C:\WINDOWS\system32\AVASTSS.scr
    2007-11-18 20:41 94,416 --a------ C:\WINDOWS\system32\drivers\aswmon2.sys
    2007-11-18 20:41 93,264 --a------ C:\WINDOWS\system32\drivers\aswmon.sys
    2007-11-18 20:41 42,912 --a------ C:\WINDOWS\system32\drivers\aswTdi.sys
    2007-11-18 20:41 26,624 --a------ C:\WINDOWS\system32\drivers\aavmker4.sys
    2007-11-18 20:41 23,152 --a------ C:\WINDOWS\system32\drivers\aswRdr.sys
    2007-11-13 18:35 <REP> d-------- C:\Program Files\Teamspeak2_RC2
    2007-11-13 18:35 <REP> d-------- C:\Documents and Settings\Steve Masse\Application Data\teamspeak2
    2007-11-13 18:35 34,064 --a------ C:\WINDOWS\system32\lhacm.acm
    2007-11-13 13:09 <REP> d-------- C:\Documents and Settings\LocalService\Application Data\Xfire
    2007-11-11 09:23 <REP> d-------- C:\Documents and Settings\NetworkService\Application Data\Xfire
    2007-11-11 09:16 <REP> d-------- C:\Documents and Settings\Steve Masse\Application Data\Xfire
    2007-11-11 09:15 <REP> d-------- C:\Program Files\Xfire
    2007-11-10 16:29 103,736 --a------ C:\WINDOWS\system32\PnkBstrB.exe
    2007-11-10 16:29 66,872 --a------ C:\WINDOWS\system32\PnkBstrA.exe
    2007-11-10 16:29 22,328 --a------ C:\WINDOWS\system32\drivers\PnkBstrK.sys
    2007-11-10 16:14 <REP> d-------- C:\Program Files\WarRock
    2007-11-10 13:00 <REP> d-------- C:\Documents and Settings\Steve Masse\Application Data\Uniblue
    2007-11-10 12:59 <REP> d-------- C:\Program Files\Uniblue
    2007-11-09 15:35 <REP> d-------- C:\Program Files\Ubisoft
    2007-11-09 15:35 <REP> d-------- C:\Documents and Settings\Steve Masse\Application Data\InstallShield
    2007-11-08 15:36 <REP> d-------- C:\Program Files\EA Sports
    2007-11-07 21:14 <REP> d---s---- C:\Documents and Settings\Steve Masse\UserData
    2007-11-06 09:17 356,352 --a------ C:\WINDOWS\system32\nvudisp.exe
    2007-11-06 09:17 138,893 --a------ C:\WINDOWS\system32\nvapps.xml
    2007-11-06 09:17 17,525 --a------ C:\WINDOWS\system32\nvdisp.nvu
    2007-11-06 09:16 356,352 --a------ C:\WINDOWS\system32\NVUNINST.EXE
    2007-11-06 09:14 356,352 --a------ C:\WINDOWS\system32\nvunrm.exe
    2007-11-06 09:14 100,480 --a------ C:\WINDOWS\system32\drivers\nvtcp.sys
    2007-11-06 09:14 3,632 --a------ C:\WINDOWS\system32\nvnrm.nvu
    2007-11-06 09:08 <REP> d-------- C:\Program Files\SystemRequirementsLab
    2007-11-06 09:02 135,089 --a------ C:\WINDOWS\system32\nvapps.nvb
    2007-11-06 08:36 <REP> d-------- C:\NVIDIA
    2007-11-06 08:27 <REP> d-------- C:\Documents and Settings\Steve Masse\Application Data\SystemRequirementsLab
    2007-11-06 08:17 81,768 --a------ C:\WINDOWS\system32\xinput1_3.dll
    2007-11-06 08:17 62,744 --a------ C:\WINDOWS\system32\xinput1_2.dll
    2007-11-05 08:16 <REP> d-------- C:\Program Files\DAEMON Tools
    2007-11-05 07:39 <REP> d-------- C:\Program Files\PowerISO
    2007-10-31 11:36 <REP> d-------- C:\Documents and Settings\Steve Masse\Application Data\Logitech
    2007-10-31 11:36 <REP> d-------- C:\Documents and Settings\All Users\Application Data\LogiShrd
    2007-10-31 11:35 0 --ah----- C:\WINDOWS\system32\drivers\MsftWdf_Kernel_01005_Coinstaller_Critical.Wdf
    2007-10-31 11:35 0 --ah----- C:\WINDOWS\system32\drivers\Msft_Kernel_LUsbFilt_01005.Wdf
    2007-10-31 11:35 0 --ah----- C:\WINDOWS\system32\drivers\Msft_Kernel_LMouFilt_01005.Wdf
    2007-10-31 11:34 <REP> d-------- C:\Program Files\Logitech
    2007-10-31 11:34 <REP> d-------- C:\Program Files\Fichiers communs\Logitech
    2007-10-31 11:34 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Logitech
    2007-10-31 11:34 1,419,024 --a------ C:\WINDOWS\system32\WdfCoInstaller01005.dll
    2007-10-31 11:34 163,840 --a------ C:\WINDOWS\system32\kemutb.dll
    2007-10-31 11:34 135,168 --a------ C:\WINDOWS\system32\KemUtil.dll
    2007-10-31 11:34 110,592 --a------ C:\WINDOWS\system32\KemWnd.dll
    2007-10-31 11:34 69,632 --a------ C:\WINDOWS\system32\KemXML.dll
    2007-10-31 11:34 56,080 --a------ C:\WINDOWS\KHALMNPR.Exe
    2007-10-31 11:34 36,112 --a------ C:\WINDOWS\system32\drivers\LMouFilt.Sys
    2007-10-31 11:34 34,832 --a------ C:\WINDOWS\system32\drivers\LHidFilt.Sys
    2007-10-31 11:34 28,688 --a------ C:\WINDOWS\system32\drivers\LUsbFilt.sys
    2007-10-31 11:34 20,496 --a------ C:\WINDOWS\system32\drivers\L8042Kbd.sys
    2007-10-31 08:12 <REP> d-------- C:\Program Files\Driver-Soft
    2007-10-31 08:12 1,071,088 --a------ C:\WINDOWS\system32\MSCOMCTL.OCX
    2007-10-31 08:12 662,288 --a------ C:\WINDOWS\system32\MSCOMCT2.OCX
    2007-10-31 08:12 427,864 --a------ C:\WINDOWS\system32\XceedZip.dll
    2007-10-30 08:56 <REP> d-------- C:\Program Files\inKline Global
    2007-10-29 11:08 <REP> d-------- C:\Program Files\Windows Media Connect 2

    .
    (((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
    .
    2007-11-28 07:59 --------- d-----w C:\Documents and Settings\All Users\Application Data\Grisoft
    2007-11-28 07:17 --------- d-----w C:\Documents and Settings\Steve Masse\Application Data\Azureus
    2007-11-27 13:00 --------- d-----w C:\Documents and Settings\Steve Masse\Application Data\AVG7
    2007-11-27 05:27 --------- d-----w C:\Program Files\Azureus
    2007-11-26 14:42 --------- d-----w C:\Program Files\PKR
    2007-11-25 21:28 --------- d-----w C:\Program Files\Fichiers communs\InstallShield
    2007-11-21 12:25 --------- d-----w C:\Documents and Settings\Steve Masse\Application Data\OpenOffice.org2
    2007-11-19 08:50 --------- d-----w C:\Documents and Settings\All Users\Application Data\avg7
    2007-11-15 19:07 --------- d-----w C:\Program Files\eMule
    2007-11-10 21:14 --------- d--h--w C:\Program Files\InstallShield Installation Information
    2007-11-08 20:41 107,888 ----a-w C:\WINDOWS\system32\CmdLineExt.dll
    2007-11-05 13:14 685,816 ----a-w C:\WINDOWS\system32\drivers\sptd.sys
    2007-11-01 11:19 --------- d-----w C:\Documents and Settings\All Users\Application Data\TuneUp Software
    2007-10-24 11:05 --------- d-----w C:\Program Files\Fichiers communs\Wise Installation Wizard
    2007-10-24 07:36 --------- d-----w C:\Program Files\CAPCOM
    2007-10-24 07:34 --------- d--h--r C:\Documents and Settings\Steve Masse\Application Data\SecuROM
    2007-10-23 13:29 --------- d-----w C:\Program Files\Lavasoft
    2007-10-23 13:29 --------- d-----w C:\Documents and Settings\All Users\Application Data\Lavasoft
    2007-10-23 08:10 --------- d-----w C:\Program Files\PartyGaming
    2007-10-23 01:37 --------- d-----w C:\Documents and Settings\All Users\Application Data\Azureus
    2007-10-22 04:25 --------- d-----w C:\Program Files\Java
    2007-10-22 03:59 --------- d-----w C:\Program Files\Microsoft Digital Image 2006
    2007-10-22 03:31 --------- d-----w C:\Program Files\Ahead
    2007-10-22 03:30 --------- d-----w C:\Program Files\Fichiers communs\LightScribe
    2007-10-22 03:28 --------- d-----w C:\Program Files\Fichiers communs\Nero
    2007-10-22 03:26 --------- d-----w C:\Program Files\Fichiers communs\Ahead
    2007-10-22 03:26 --------- d-----w C:\Documents and Settings\All Users\Application Data\Ahead
    2007-10-22 03:23 --------- d-----w C:\Documents and Settings\Steve Masse\Application Data\CyberLink
    2007-10-22 03:21 --------- d-----w C:\Documents and Settings\All Users\Application Data\CyberLink
    2007-10-22 03:20 --------- d-----w C:\Program Files\CyberLink
    2007-10-22 03:14 --------- d-----w C:\Program Files\OpenOffice.org 2.2
    2007-10-22 03:14 --------- d-----w C:\Program Files\Open Office
    2007-10-22 03:14 --------- d-----w C:\Program Files\Fichiers communs\Java
    2007-10-22 02:47 --------- d-----w C:\Program Files\Analog Devices
    2007-10-22 02:17 --------- d-----w C:\Program Files\Fichiers communs\Motive
    2007-10-22 02:17 --------- d-----w C:\Program Files\Common Files
    2007-10-22 02:17 --------- d-----w C:\Documents and Settings\All Users\Application Data\Motive
    2007-10-22 01:59 --------- d-----w C:\Program Files\RocketDock
    2007-10-22 01:53 --------- d-----w C:\Program Files\MSN Messenger
    2007-10-22 01:49 --------- d-----w C:\Program Files\TuneUp Utilities 2006
    2007-10-22 01:48 --------- d-----w C:\Documents and Settings\Steve Masse\Application Data\TuneUp Software
    2007-10-22 01:41 --------- d-----w C:\Documents and Settings\Steve Masse\Application Data\MSNInstaller
    2007-10-22 01:21 499,712 ----a-w C:\WINDOWS\system32\msvcp71.dll
    2007-10-22 01:21 348,160 ----a-w C:\WINDOWS\system32\msvcr71.dll
    2007-10-22 01:12 --------- d-----w C:\Documents and Settings\LocalService\Application Data\AVG7
    2007-10-22 00:21 --------- d-----w C:\Program Files\microsoft frontpage
    2007-10-22 00:19 --------- d-----w C:\Program Files\Services en ligne
    2007-10-22 00:19 --------- d-----w C:\Program Files\Fichiers communs\MSSoap
    2007-10-21 17:12 --------- d-----w C:\Program Files\Fichiers communs\SpeechEngines
    2007-10-21 17:12 --------- d-----w C:\Program Files\Fichiers communs\ODBC
    2007-09-17 06:07 81,920 ----a-w C:\WINDOWS\system32\nvwddi.dll
    2007-09-17 06:07 81,920 ----a-w C:\WINDOWS\system32\nvmctray.dll
    2007-09-17 06:07 8,491,008 ----a-w C:\WINDOWS\system32\nvcpl.dll
    2007-09-17 06:07 753,664 ----a-w C:\WINDOWS\system32\nvcplui.exe
    2007-09-17 06:07 6,746,112 ----a-w C:\WINDOWS\system32\nvoglnt.dll
    2007-09-17 06:07 6,344,704 ----a-w C:\WINDOWS\system32\nvdisps.dll
    2007-09-17 06:07 5,783,040 ----a-w C:\WINDOWS\system32\nv4_disp.dll
    2007-09-17 06:07 5,509,120 ----a-w C:\WINDOWS\system32\nvdispsr.dll
    2007-09-17 06:07 466,944 ----a-w C:\WINDOWS\system32\nvshell.dll
    2007-09-17 06:07 458,752 ----a-w C:\WINDOWS\system32\nvmccssr.dll
    2007-09-17 06:07 45,056 ----a-w C:\WINDOWS\system32\nvmccsrs.dll
    2007-09-17 06:07 442,368 ----a-w C:\WINDOWS\system32\nvappbar.exe
    2007-09-17 06:07 425,984 ----a-w C:\WINDOWS\system32\keystone.exe
    2007-09-17 06:07 364,544 ----a-w C:\WINDOWS\system32\nvapi.dll
    2007-09-17 06:07 36,864 ----a-w C:\WINDOWS\system32\nvcodins.dll
    2007-09-17 06:07 36,864 ----a-w C:\WINDOWS\system32\nvcod.dll
    2007-09-17 06:07 335,872 ----a-w C:\WINDOWS\system32\nvwrses.dll
    2007-09-17 06:07 335,872 ----a-w C:\WINDOWS\system32\nvwrsel.dll
    2007-09-17 06:07 327,680 ----a-w C:\WINDOWS\system32\nvwrsfr.dll
    2007-09-17 06:07 327,680 ----a-w C:\WINDOWS\system32\nvwrsesm.dll
    2007-09-17 06:07 327,680 ----a-w C:\WINDOWS\system32\nvrshe.dll
    2007-09-17 06:07 327,680 ----a-w C:\WINDOWS\system32\nvrsar.dll
    2007-09-17 06:07 323,584 ----a-w C:\WINDOWS\system32\nvwrspt.dll
    2007-09-17 06:07 323,584 ----a-w C:\WINDOWS\system32\nvwrsit.dll
    2007-09-17 06:07 319,488 ----a-w C:\WINDOWS\system32\nvwrsptb.dll
    2007-09-17 06:07 319,488 ----a-w C:\WINDOWS\system32\nvwrsnl.dll
    2007-09-17 06:07 315,392 ----a-w C:\WINDOWS\system32\nvwrsru.dll
    2007-09-17 06:07 315,392 ----a-w C:\WINDOWS\system32\nvwrshu.dll
    2007-09-17 06:07 311,296 ----a-w C:\WINDOWS\system32\nvwrsde.dll
    2007-09-17 06:07 307,200 ----a-w C:\WINDOWS\system32\nvexpbar.dll
    2007-09-17 06:07 303,104 ----a-w C:\WINDOWS\system32\nvwrstr.dll
    2007-09-17 06:07 303,104 ----a-w C:\WINDOWS\system32\nvwrssl.dll
    2007-09-17 06:07 303,104 ----a-w C:\WINDOWS\system32\nvwrsfi.dll
    2007-09-17 06:07 3,629,056 ----a-w C:\WINDOWS\system32\nvvitvsr.dll
    2007-09-17 06:07 3,551,232 ----a-w C:\WINDOWS\system32\nvvitvs.dll
    2007-09-17 06:07 3,334,144 ----a-w C:\WINDOWS\system32\nvgames.dll
    2007-09-17 06:07 3,166,208 ----a-w C:\WINDOWS\system32\nvgamesr.dll
    2007-09-17 06:07 299,008 ----a-w C:\WINDOWS\system32\nvwrssk.dll
    2007-09-17 06:07 299,008 ----a-w C:\WINDOWS\system32\nvwrsno.dll
    2007-09-17 06:07 294,912 ----a-w C:\WINDOWS\system32\nvwrssv.dll
    2007-09-17 06:07 294,912 ----a-w C:\WINDOWS\system32\nvwrspl.dll
    2007-09-17 06:07 294,912 ----a-w C:\WINDOWS\system32\nvwrsda.dll
    2007-09-17 06:07 290,816 ----a-w C:\WINDOWS\system32\nvwrsth.dll
    2007-09-17 06:07 286,720 ----a-w C:\WINDOWS\system32\nvwrseng.dll
    2007-09-17 06:07 286,720 ----a-w C:\WINDOWS\system32\nvwrscs.dll
    2007-09-17 06:07 286,720 ----a-w C:\WINDOWS\system32\nvnt4cpl.dll
    2007-09-17 06:07 282,624 ----a-w C:\WINDOWS\system32\nvwrsar.dll
    2007-09-17 06:07 282,624 ----a-w C:\WINDOWS\system32\nvrsfr.dll
    2007-09-17 06:07 282,624 ----a-w C:\WINDOWS\system32\nvrses.dll
    2007-09-17 06:07 282,624 ----a-w C:\WINDOWS\system32\nvrsel.dll
    .

    ((((((((((((((((((((((((((((((((( Point de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))))
    .
    .
    *Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "MsnMsgr"="C:\Program Files\MSN Messenger\MsnMsgr.exe" [2007-01-19 11:55]
    "RocketDock"="C:\Program Files\RocketDock\RocketDock.exe" [2006-08-16 06:00]
    "TuneUp MemOptimizer"="C:\Program Files\TuneUp Utilities 2006\MemOptimizer.exe" [2005-09-01 18:04]
    "Uniblue RegistryBooster 2"="C:\Program Files\Uniblue\RegistryBooster 2\RegistryBooster.exe" [2007-10-22 10:12]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "AVG7_CC"="C:\PROGRA~1\Grisoft\AVG7\avgcc.exe" [2007-10-25 07:04]
    "High Definition Audio Property Page Shortcut"="HDAShCut.exe" [2004-10-27 14:21 C:\WINDOWS\system32\HdAShCut.exe]
    "SoundMAXPnP"="C:\Program Files\Analog Devices\Core\smax4pnp.exe" [2006-01-30 17:16]
    "SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe" [2007-09-25 00:11]
    "RemoteControl"="C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe" [2005-01-12 02:01]
    "NeroFilterCheck"="C:\WINDOWS\system32\NeroCheck.exe" [2001-07-09 10:50]
    "Ad-Watch"="C:\Program Files\Lavasoft\Ad-Aware 2007\Ad-Watch2007.exe" [2007-07-06 12:12]
    "Kernel and Hardware Abstraction Layer"="KHALMNPR.EXE" [2007-04-11 14:32 C:\WINDOWS\KHALMNPR.Exe]
    "NvCplDaemon"="RUNDLL32.exe" [2004-08-05 09:00 C:\WINDOWS\system32\rundll32.exe]
    "nwiz"="nwiz.exe" [2007-09-17 01:07 C:\WINDOWS\system32\nwiz.exe]
    "NvMediaCenter"="RUNDLL32.exe" [2004-08-05 09:00 C:\WINDOWS\system32\rundll32.exe]
    "avast!"="C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe" [2007-10-25 11:20]
    "!AVG Anti-Spyware"="C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" [2007-06-11 04:25]

    [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
    "CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2004-08-05 09:00]
    "AVG7_Run"="C:\PROGRA~1\Grisoft\AVG7\avgw.exe" [2007-10-25 07:04]

    [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
    "NoUserNameInStartMenu"= 1 (0x1)

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WdfLoadGroup]
    @=""

    [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-]
    "DAEMON Tools"="C:\Program Files\DAEMON Tools\daemon.exe" -lang 1033

    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
    "nwiz"=nwiz.exe /install
    "SoundMAX"="C:\Program Files\Analog Devices\SoundMAX\Smax4.exe" /tray
    "DAEMON Tools"="C:\Program Files\DAEMON Tools\daemon.exe" -lang 1033 -noicon

    R3 AEAudioService;AEAudio Service;C:\WINDOWS\system32\drivers\AEAudio.sys
    R3 LUsbFilt;Logitech SetPoint KMDF USB Filter;C:\WINDOWS\system32\Drivers\LUsbFilt.Sys
    S3 USBSTOR;Pilote de stockage de masse USB;C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
    S3 XDva020;XDva020;\??\C:\WINDOWS\system32\XDva020.sys

    [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{a1a786c1-7ff8-11dc-8e27-806d6172696f}]
    \Shell\AutoRun\command - D:\setup.exe

    *Newly Created Service* - AVG_ANTI-SPYWARE_DRIVER
    *Newly Created Service* - AVG_ANTI-SPYWARE_GUARD
    *Newly Created Service* - CATCHME
    .
    Contenu du dossier 'Scheduled Tasks/Tâches planifiées'
    "2007-11-23 22:16:09 C:\WINDOWS\Tasks\Maintenance en 1 clic.job"
    - C:\Program Files\TuneUp Utilities 2006\SystemOptimizer.exe
    "2007-11-20 18:23:00 C:\WINDOWS\Tasks\Uniblue SpeedUpMyPC Nag.job"
    - C:\Program Files\Uniblue\SpeedUpMyPC 3\SpeedUpMyPC.exe
    "2007-11-10 18:09:23 C:\WINDOWS\Tasks\Uniblue SpeedUpMyPC.job"
    - C:\Program Files\Uniblue\SpeedUpMyPC 3\SpeedUpMyPC.exe
    .
    **************************************************************************

    catchme 0.3.1262 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
    Rootkit scan 2007-11-28 03:35:24
    Windows 5.1.2600 Service Pack 2 NTFS

    scanning hidden processes ...

    scanning hidden autostart entries ...

    scanning hidden files ...

    scan completed successfully
    hidden files: 0

    **************************************************************************
    .
    Completion time: 2007-11-28 3:35:44
    .
    --- E O F ---
    0
  3. essem Messages postés 101 Statut Membre
     
    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 03:42:24, on 2007-11-28
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\csrss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\svchost.exe
    C:\Program Files\TuneUp Utilities 2006\WinStylerThemeSvc.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\svchost.exe
    C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
    C:\Program Files\Alwil Software\Avast4\ashServ.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\PROGRA~1\Grisoft\AVG7\avgcc.exe
    C:\Program Files\Analog Devices\Core\smax4pnp.exe
    C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
    C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
    C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
    C:\Program Files\MSN Messenger\MsnMsgr.Exe
    C:\Program Files\RocketDock\RocketDock.exe
    C:\Program Files\TuneUp Utilities 2006\MemOptimizer.exe
    C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
    C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
    C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
    C:\PROGRA~1\Grisoft\AVG7\avgemc.exe
    C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
    C:\WINDOWS\system32\nvsvc32.exe
    C:\WINDOWS\system32\PnkBstrA.exe
    C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
    C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
    C:\WINDOWS\System32\alg.exe
    C:\Program Files\MSN Messenger\usnsvc.exe
    C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
    C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
    C:\Program Files\Mozilla Firefox\firefox.exe
    C:\WINDOWS\explorer.exe
    C:\Documents and Settings\Steve Masse\Bureau\HijackThis.exe
    C:\WINDOWS\system32\wbem\wmiprvse.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?redirfallthru=http%3a%2f%2fsympatico.msn.ca%2f%3fmkt%3dfr-CA
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
    O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
    O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVG7\avgcc.exe /STARTUP
    O4 - HKLM\..\Run: [High Definition Audio Property Page Shortcut] HDAShCut.exe
    O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
    O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
    O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
    O4 - HKLM\..\Run: [Ad-Watch] C:\Program Files\Lavasoft\Ad-Aware 2007\Ad-Watch2007.exe
    O4 - HKLM\..\Run: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE
    O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
    O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
    O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
    O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
    O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
    O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
    O4 - HKCU\..\Run: [RocketDock] "C:\Program Files\RocketDock\RocketDock.exe"
    O4 - HKCU\..\Run: [TuneUp MemOptimizer] "C:\Program Files\TuneUp Utilities 2006\MemOptimizer.exe" autostart
    O4 - HKCU\..\Run: [Uniblue RegistryBooster 2] C:\Program Files\Uniblue\RegistryBooster 2\RegistryBooster.exe /S
    O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
    O4 - HKUS\S-1-5-19\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'SERVICE LOCAL')
    O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
    O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
    O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
    O9 - Extra button: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Program Files\PartyGaming\PartyPoker\RunApp.exe
    O9 - Extra 'Tools' menuitem: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Program Files\PartyGaming\PartyPoker\RunApp.exe
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (file missing)
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (file missing)
    O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://messenger.zone.msn.com/binary/ZIntro.cab56649.cab
    O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
    O16 - DPF: {E6187999-9FEC-46A1-A20F-F4CA977D5643} (ZoneChess Object) - http://messenger.zone.msn.com/binary/Chess.cab57176.cab
    O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft AB - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
    O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
    O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
    O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
    O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
    O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
    O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
    O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
    O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgemc.exe
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1050\Intel 32\IDriverT.exe
    O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
    O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
    O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
    O23 - Service: TuneUp WinStyler Theme Service (TUWinStylerThemeSvc) - TuneUp Software GmbH - C:\Program Files\TuneUp Utilities 2006\WinStylerThemeSvc.exe
    0
  4. Vous n’avez pas trouvé la réponse que vous recherchez ?

    Posez votre question
  5. g!rly Messages postés 18462 Statut Contributeur 407
     
    re,

    a l´aide de hijack this coche et fix ceci :

    O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (file missing)
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (file missing)

    comment fixer :

    Tutoriel d´utilisation (video) :

    -> http://pageperso.aol.fr/balltrap34/demohijack.htm

    puis

    tu as deux antivirus = conflit

    desinstal les deux (car pas tres performant) et instal celui ci a la place:

    https://www.malekal.com/avira-free-security-antivirus-gratuit/

    pour confirmer mes dires :

    Antivir vs Avast : (avg est encore pire...)

    ->http://forum.malekal.com/ftopic3528.php

    tu n´as pas de par feu ou juste celui de windows qui ne sert a rien...

    par feu : kerio

    Kerio (pare-feu) : reste gratuit après la période d'essai en français
    ----> https://www.zebulon.fr/telechargements/securite/firewalls/kerio.html

    Regarde ce tutoriel si tu as besoin d'aide pour l'installation et la configuration de Kerio
    --> https://kerio.probb.fr/t1-tuto-pour-kerio-4-2

    Plus d'info :
    ->https://kerio.probb.fr/

    ou zone alarm plus facil a configurer mais moins performant

    http://www.kachouri.com/tuto/tuto-143-zonealarm-installation-du-firewall--pare-feu.html

    tu surf avec internet explorer 6.0 = failles de securité importantes

    fais les mises a jour windows tu y trouvra la version 7.0 d´internet explorer

    puis pourquoi ne pas surfer avec firefox beaucoup plus sur tout en gardant internet explorer 7.0 pour les mises a jour windows impossible a effectuer par firefox

    dis moi quoi

    @+
    0
  6. essem Messages postés 101 Statut Membre
     
    ok je vais essayer ça, et en passant j'ai firefox je n'utilise pas explorer il est à cause de certain site ou avec msn
    Merci!
    0
  7. g!rly Messages postés 18462 Statut Contributeur 407
     
    re,

    ok pour firefox mais mets quand meme internet explorer a jour -> tu veux la version 7.0

    une fois antivir installé fais un scan complet et poste le rapport ici stp

    http://mickael.barroux.free.fr/securite/antivir.php <- tutoriel configuration du scanner...

    @+
    0
  8. essem Messages postés 101 Statut Membre
     
    Voilà le scan de Antivir,

    AntiVir PersonalEdition Classic
    Report file date: 28 novembre 2007 04:29

    Scanning for 944573 virus strains and unwanted programs.

    Licensed to: Avira AntiVir PersonalEdition Classic
    Serial number: 0000149996-ADJIE-0001
    Platform: Windows XP
    Windows version: (Service Pack 2) [5.1.2600]
    Username: Steve Masse
    Computer name: SEANIX-4DE257E8

    Version information:
    BUILD.DAT : 270 15603 Bytes 2007-09-19 13:32:00
    AVSCAN.EXE : 7.0.6.1 290856 Bytes 2007-08-23 19:16:29
    AVSCAN.DLL : 7.0.6.0 49192 Bytes 2007-08-16 18:23:51
    LUKE.DLL : 7.0.5.3 147496 Bytes 2007-08-14 21:32:47
    LUKERES.DLL : 7.0.6.1 10280 Bytes 2007-08-21 18:35:20
    ANTIVIR0.VDF : 6.40.0.0 11030528 Bytes 2007-07-18 20:27:15
    ANTIVIR1.VDF : 7.0.0.0 1640448 Bytes 2007-09-13 20:26:55
    ANTIVIR2.VDF : 7.0.1.0 1393152 Bytes 2007-11-23 09:20:10
    ANTIVIR3.VDF : 7.0.1.15 53760 Bytes 2007-11-28 09:20:10
    AVEWIN32.DLL : 7.6.0.34 3125760 Bytes 2007-11-28 09:20:10
    AVWINLL.DLL : 1.0.0.7 14376 Bytes 2007-02-26 16:36:26
    AVPREF.DLL : 7.0.2.2 25640 Bytes 2007-07-18 13:39:17
    AVREP.DLL : 7.0.0.1 155688 Bytes 2007-04-16 19:16:24
    AVPACK32.DLL : 7.3.0.15 360488 Bytes 2007-08-03 14:46:00
    AVREG.DLL : 7.0.1.6 30760 Bytes 2007-07-18 13:17:06
    AVARKT.DLL : 1.0.0.20 278568 Bytes 2007-08-28 18:26:33
    AVEVTLOG.DLL : 7.0.0.20 86056 Bytes 2007-07-18 13:10:18
    NETNT.DLL : 7.0.0.0 7720 Bytes 2007-03-08 17:09:42
    RCIMAGE.DLL : 7.0.1.30 2342952 Bytes 2007-08-07 18:38:13
    RCTEXT.DLL : 7.0.62.0 86056 Bytes 2007-08-21 18:50:37
    SQLITE3.DLL : 3.3.17.1 339968 Bytes 2007-07-23 15:37:21

    Configuration settings for the scan:
    Jobname..........................: Manual Selection
    Configuration file...............: C:\Documents and Settings\All Users\Application Data\Avira\AntiVir PersonalEdition Classic\PROFILES\folder.avp
    Logging..........................: low
    Primary action...................: interactive
    Secondary action.................: ignore
    Scan master boot sector..........: off
    Scan boot sector.................: on
    Boot sectors.....................: C:,
    Scan memory......................: on
    Process scan.....................: on
    Scan registry....................: on
    Search for rootkits..............: on
    Scan all files...................: Intelligent file selection
    Scan archives....................: on
    Recursion depth..................: 20
    Smart extensions.................: on
    Macro heuristic..................: on
    File heuristic...................: medium

    Start of the scan: 28 novembre 2007 04:29

    Starting search for hidden objects.
    '32641' objects were checked, '0' hidden objects were found.

    The scan of running processes will be started
    Scan process 'avscan.exe' - '1' Module(s) have been scanned
    Scan process 'wuauclt.exe' - '1' Module(s) have been scanned
    Scan process 'firefox.exe' - '1' Module(s) have been scanned
    Scan process 'avcenter.exe' - '1' Module(s) have been scanned
    Scan process 'MemOptimizer.exe' - '1' Module(s) have been scanned
    Scan process 'RocketDock.exe' - '1' Module(s) have been scanned
    Scan process 'msnmsgr.exe' - '1' Module(s) have been scanned
    Scan process 'avgnt.exe' - '1' Module(s) have been scanned
    Scan process 'avgas.exe' - '1' Module(s) have been scanned
    Scan process 'Ad-Watch2007.exe' - '1' Module(s) have been scanned
    Scan process 'rundll32.exe' - '1' Module(s) have been scanned
    Scan process 'alg.exe' - '1' Module(s) have been scanned
    Scan process 'PDVDServ.exe' - '1' Module(s) have been scanned
    Scan process 'jusched.exe' - '1' Module(s) have been scanned
    Scan process 'smax4pnp.exe' - '1' Module(s) have been scanned
    Scan process 'PnkBstrA.exe' - '1' Module(s) have been scanned
    Scan process 'nvsvc32.exe' - '1' Module(s) have been scanned
    Scan process 'LSSrvc.exe' - '1' Module(s) have been scanned
    Scan process 'guard.exe' - '0' Module(s) have been scanned
    Scan process 'sched.exe' - '1' Module(s) have been scanned
    Scan process 'aawservice.exe' - '1' Module(s) have been scanned
    Scan process 'explorer.exe' - '1' Module(s) have been scanned
    Scan process 'avguard.exe' - '1' Module(s) have been scanned
    Scan process 'spoolsv.exe' - '1' Module(s) have been scanned
    Scan process 'svchost.exe' - '1' Module(s) have been scanned
    Scan process 'svchost.exe' - '1' Module(s) have been scanned
    Scan process 'svchost.exe' - '1' Module(s) have been scanned
    Scan process 'WinStylerThemeSvc.exe' - '1' Module(s) have been scanned
    Scan process 'svchost.exe' - '1' Module(s) have been scanned
    Scan process 'svchost.exe' - '1' Module(s) have been scanned
    Scan process 'lsass.exe' - '1' Module(s) have been scanned
    Scan process 'services.exe' - '1' Module(s) have been scanned
    Scan process 'winlogon.exe' - '1' Module(s) have been scanned
    Scan process 'csrss.exe' - '1' Module(s) have been scanned
    Scan process 'smss.exe' - '1' Module(s) have been scanned
    34 processes with 34 modules were scanned

    Start scanning boot sectors:
    Boot sector 'C:\'
    [NOTE] No virus was found!

    Starting to scan the registry.
    The registry was scanned ( '29' files ).

    Starting the file scan:

    Begin scan in 'C:\'
    C:\pagefile.sys
    [WARNING] The file could not be opened!
    C:\WINDOWS\system32\drivers\sptd.sys
    [WARNING] The file could not be opened!

    End of the scan: 28 novembre 2007 04:51
    Used time: 22:21 min

    The scan has been done completely.

    4427 Scanning directories
    254527 Files were scanned
    0 viruses and/or unwanted programs were found
    0 Files were classified as suspicious:
    0 files were deleted
    0 files were repaired
    0 files were moved to quarantine
    0 files were renamed
    2 Files cannot be scanned
    254527 Files not concerned
    2571 Archives were scanned
    2 Warnings
    225 Notes
    32641 Objects were scanned with rootkit scan
    0 Hidden objects were found
    0
  9. g!rly Messages postés 18462 Statut Contributeur 407
     
    ok ca m´a l´air plutot bien ;-)
    comment va ton pc maintenant?
    0
  10. essem Messages postés 101 Statut Membre
     
    Je crois que c'est règlé, les fenêtres popup ne s'ouvre plus au démarrage de Firefox.

    Un grand merci à toi, ça m'a aidé grandement.
    0
  11. g!rly Messages postés 18462 Statut Contributeur 407
     
    ok

    pour nettoyer :

    Ccleaner:

    -> Télécharge Ccleaner (n'installe pas la barre d'outil Yahoo):

    http://www.commentcamarche.net/telecharger/telechargement 168 ccleaner

    -> L´installer.

    -> Une fois installé et lancé :

    Dans la colonne de gauche, click sur :

    ->"erreurs" :

    Coches toutes les cases dans les propriétés du nettoyeur de l´onglet "windows" et "applications", puis click en bas sur "chercher des erreurs" une fois terminé, clic sur "reparer les erreurs", tu auras un message pour sauvegarder ta base de registre, tu click "oui" puis tu recommence jusqu'à ce qu'il ne trouve plus rien.

    ps : les sauvegardes que tu auras faites, pourront etre supprimées ulterieurement si tout va bien.

    ->"nettoyeur"

    quitte ton navigateur avant de le lancer, décoche la derniere case (Avancé si elle est cochée) puis click sur "lancer le nettoyage" qunand il aura terminé le scan click en bas a droite sur "lancer le nettoyage" et accepte par oui.

    -> Tutoriel en image :

    https://www.vulgarisation-informatique.com/nettoyer-windows-ccleaner.php

    -> Pour ceux qui voudraient aller plus loin en compagnie de jesses (fonctions avancés) :

    http://perso.orange.fr/jesses/Docs/Logiciels/CCleaner.htm

    et

    telecharge et instal regcleaner:

    http://www.01net.com/windows/Utilitaire/nettoyeurs_et_installeurs/fiches/4894.html

    tutorial :

    http://www.softastuces.com/tuto/maint/regcleaner/

    de rien ,-)
    0