Fenetre Cid Pub assez casse tête

Résolu
kalash Messages postés 68 Statut Membre -  
 Utilisateur anonyme -
Bonjour,

Mon pc se comporte bizarrement et des fenetres de pub s'ouvrent assez souvent

Merci
Configuration: Windows XP
Firefox 2.0.0.16

12 réponses

  1.
    kalash Messages postés 68 Statut Membre 1
     
    Merci pour ton aide :

    Voila le rapport

    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 17:32:36, on 11/08/2008
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v7.00 (7.00.6000.16674)
    Boot mode: Normal

    Running processes:
    C:\windows\System32\smss.exe
    C:\windows\system32\winlogon.exe
    C:\windows\system32\services.exe
    C:\windows\system32\lsass.exe
    C:\windows\system32\svchost.exe
    C:\windows\System32\svchost.exe
    C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
    C:\windows\Explorer.EXE
    C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
    C:\windows\system32\spoolsv.exe
    C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
    C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
    C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
    C:\windows\eHome\ehRecvr.exe
    C:\windows\eHome\ehSched.exe
    C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
    C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
    C:\windows\system32\svchost.exe
    C:\Program Files\Toshiba\TOSHIBA Applet\TAPPSRV.exe
    C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe
    C:\WINDOWS\system32\dllhost.exe
    C:\WINDOWS\ehome\ehtray.exe
    C:\windows\system32\rundll32.exe
    C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
    C:\windows\system32\rundll32.exe
    C:\windows\AGRSMMSG.exe
    C:\Program Files\Toshiba\Toshiba Applet\thotkey.exe
    C:\windows\system32\TPSMain.exe
    C:\Program Files\TOSHIBA\ConfigFree\NDSTray.exe
    C:\Program Files\TOSHIBA\Tvs\TvsTray.exe
    C:\WINDOWS\eHome\ehmsas.exe
    C:\Program Files\TOSHIBA\Commandes TOSHIBA\TFncKy.exe
    C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe
    C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe
    C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
    C:\Program Files\Neuf\Kit\WiFi\9wifi.exe
    C:\Program Files\Synaptics\SynTP\Toshiba.exe
    C:\Program Files\DAEMON Tools\daemon.exe
    C:\Program Files\TOSHIBA\TOSCDSPD\toscdspd.exe
    C:\windows\system32\ctfmon.exe
    C:\windows\system32\TPSBattM.exe
    C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe
    C:\Program Files\Internet Explorer\IEXPLORE.EXE
    C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe
    C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexStoreSvr.exe
    C:\Program Files\Intel\Wireless\Bin\Dot1XCfg.exe
    C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe
    C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
    C:\Program Files\Windows Live\Messenger\usnsvc.exe
    C:\Program Files\Internet Explorer\IEXPLORE.EXE
    C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe
    C:\Program Files\Mozilla Firefox\firefox.exe
    C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = https://actus.sfr.fr
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?FORM=TOOLBR&cc=fr&toHttps=1&redig=4527FFF1C12746FC9EDB535C75E80ECC
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.ionos.fr/
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
    R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = https://www.bing.com/?FORM=TOOLBR&cc=fr&toHttps=1&redig=4527FFF1C12746FC9EDB535C75E80ECC
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
    O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
    O2 - BHO: dsWebAllowBHO Class - {2F85D76C-0569-466F-A488-493E6BD0E955} - C:\Program Files\Windows Desktop Search\dsWebAllow.dll
    O2 - BHO: NetAnts.IE.Monitor - {57E91B41-F40A-11D1-B792-444553540000} - C:\Program Files\NetAnts\AntAPI.dll
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
    O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe
    O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
    O4 - HKLM\..\Run: [nwiz] nwiz.exe /installquiet /keeploaded /nodetect
    O4 - HKLM\..\Run: [NVRotateSysTray] rundll32.exe C:\WINDOWS\system32\nvsysrot.dll,Enable
    O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
    O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
    O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
    O4 - HKLM\..\Run: [THotkey] C:\Program Files\Toshiba\Toshiba Applet\thotkey.exe
    O4 - HKLM\..\Run: [TPSMain] TPSMain.exe
    O4 - HKLM\..\Run: [NDSTray.exe] NDSTray.exe
    O4 - HKLM\..\Run: [Tvs] C:\Program Files\TOSHIBA\Tvs\TvsTray.exe
    O4 - HKLM\..\Run: [TFncKy] TFncKy.exe
    O4 - HKLM\..\Run: [IntelZeroConfig] "C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe"
    O4 - HKLM\..\Run: [IntelWireless] "C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe" /tf Intel PROSet/Wireless
    O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Fichiers communs\Ahead\Lib\NeroCheck.exe
    O4 - HKLM\..\Run: [NvMediaCenter] RunDLL32.exe NvMCTray.dll,NvTaskbarInit
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
    O4 - HKLM\..\Run: [CFSServ.exe] CFSServ.exe -NoClient
    O4 - HKLM\..\Run: [Autoconfigurateur WiFi Neuf] "C:\Program Files\Neuf\Kit\WiFi\9wifi.exe"
    O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
    O4 - HKLM\..\Run: [DAEMON Tools] "C:\Program Files\DAEMON Tools\daemon.exe" -lang 1033
    O4 - HKLM\..\Run: [Comp about extra bin] C:\Documents and Settings\All Users\Application Data\Roam Program Comp About\body keep.exe
    O4 - HKCU\..\Run: [TOSCDSPD] C:\Program Files\TOSHIBA\TOSCDSPD\toscdspd.exe
    O4 - HKCU\..\Run: [ctfmon.exe] C:\windows\system32\ctfmon.exe
    O4 - HKCU\..\Run: [updateMgr] "C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe" AcRdB7_0_8
    O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe"
    O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
    O4 - HKCU\..\Run: [EPSON Stylus DX8400 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATICEE.EXE /FU "C:\WINDOWS\TEMP\E_S120.tmp" /EF "HKCU"
    O4 - HKCU\..\Run: [AlcoholAutomount] "C:\Program Files\Alcohol Soft\Alcohol 120\axcmd.exe" /automount
    O4 - HKCU\..\Run: [second dart] C:\DOCUME~1\kalash91\APPLIC~1\FASTHI~1\SpamFlap.exe
    O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
    O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
    O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
    O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
    O8 - Extra context menu item: &Download by NetAnts - C:\PROGRA~1\NetAnts\NAGet.htm
    O8 - Extra context menu item: Download &All by NetAnts - C:\PROGRA~1\NetAnts\NAGetAll.htm
    O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
    O9 - Extra button: NetAnts - {57E91B47-F40A-11D1-B792-444553540000} - C:\PROGRA~1\NetAnts\NetAnts.exe
    O9 - Extra 'Tools' menuitem: &NetAnts - {57E91B47-F40A-11D1-B792-444553540000} - C:\PROGRA~1\NetAnts\NetAnts.exe
    O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\windows\bdoscandel.exe
    O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\windows\bdoscandel.exe
    O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
    O9 - Extra button: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Program Files\PartyPoker\PartyPoker.exe (file missing)
    O9 - Extra 'Tools' menuitem: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Program Files\PartyPoker\PartyPoker.exe (file missing)
    O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\windows\Network Diagnostic\xpnetdiag.exe
    O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\windows\Network Diagnostic\xpnetdiag.exe
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx2.hotmail.com/mail/w2/resources/MSNPUpld.cab
    O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.bitdefender.fr/scan_fr/scan8/oscan8.cab
    O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
    O16 - DPF: {D8089245-3211-40F6-819B-9E5E92CD61A2} (FlashXControl Object) - https://mppv2flash3.valueactive.com/UniBet/FlashAX.cab
    O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
    O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
    O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
    O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\windows\system32\Ati2evxx.exe
    O23 - Service: ConfigFree Service (CFSvcs) - TOSHIBA CORPORATION - C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
    O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
    O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
    O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe
    O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\windows\system32\nvsvc32.exe
    O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
    O23 - Service: Intel(R) PROSet/Wireless Service (S24EventMonitor) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
    O23 - Service: StarWind AE Service (StarWindServiceAE) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
    O23 - Service: TOSHIBA Application Service (TAPPSRV) - TOSHIBA Corp. - C:\Program Files\Toshiba\TOSHIBA Applet\TAPPSRV.exe
    O23 - Service: X10 Device Network Service (x10nets) - X10 - C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe
    1
  2. Utilisateur anonyme
     
    Salut ,

    Télécharge HijackThis ici :

    -> http://www.trendsecure.com/portal/en-US/_download/HJTInstall.exe

    -> Fais un double-clic sur HJTInstall.exe afin de lancer l'installation

    -> Clique sur Install ensuite sur I Accept

    -> Clique sur Do a scan system and save log file

    -> Le bloc-notes s'ouvrira, fais un copier-coller de tout son contenu ici dans ta prochaine réponse
    0
  3. Utilisateur anonyme
     
    télécharge Lop S&D.exe sur ton Bureau.https://77b4795d-a-62cb3a1a-s-sites.googlegroups.com/site/eric71mespages/LopSD.exe?attachauth=ANoY7co3ntqUavpZ3q1BG-h4pc13vqDZmhcNeEPChtsyrgAykRbhE8bZzhk979EfQD4AgwtQUHCaQ7ZQwNYMo3_0kA8htAspckDJtu2K5t6J9z6dLW4fpZyH4FpFL1tVMBZ8H-KnN7afZ5vt-WxZRpnynk-a0XmV_Y0C0q6DxGEDKie1TnPT7gFoZnoCnspzBmbW6ZzxA4fNr3oEDlbelNZON-LjF8nOmQ%3D%3D&attredirects=2

    * Double-clique dessus pour lancer l'installation
    * Puis double-clique sur le raccourci Lop S&D présent sur ton Bureau
    * Séléctionne la langue souhaitée , puis choisis l'option 1 (Recherche)
    * Patiente jusqu'à la fin du scan
    * Poste le rapport généré (C:\lopR.txt)

    Tutorial ( aide ) : http://bibou0007.com/outils-specifiques-f78/tuto-lop-sd-t956.htm
    0
  4. kalash Messages postés 68 Statut Membre 1
     
    --------------------\\ Lop S&D 4.2.2-6 XP/Vista

    [ Windows XP (NT 5.1) Build 2600, Service Pack 2 ]
    [ USER : kalash91 ] [ "C:\Lop SD" ] [ Selection : 1 ]
    [ 11/08/2008 | 17:44:08,48 ] [ PC : KALASH ]
    [ MAJ : 09-08-2008 | 21:15 ]

    --------------------\\ Listing des dossiers dans APPLIC~1

    [27/09/2006|23:37] C:\DOCUME~1\ADMINI~1\APPLIC~1\Adobe
    [22/09/2006|15:12] C:\DOCUME~1\ADMINI~1\APPLIC~1\ATI
    [15/09/2006|16:31] C:\DOCUME~1\ADMINI~1\APPLIC~1\desktop.ini
    [27/09/2006|23:37] C:\DOCUME~1\ADMINI~1\APPLIC~1\Identities
    [05/03/2007|09:45] C:\DOCUME~1\ADMINI~1\APPLIC~1\Intel
    [27/09/2006|23:37] C:\DOCUME~1\ADMINI~1\APPLIC~1\Microsoft
    [27/09/2006|23:37] C:\DOCUME~1\ADMINI~1\APPLIC~1\Sonic
    [27/09/2006|23:37] C:\DOCUME~1\ADMINI~1\APPLIC~1\toshiba
    [27/09/2006|23:37] C:\DOCUME~1\ADMINI~1\APPLIC~1\Windows Desktop Search

    [28/04/2008|00:28] C:\DOCUME~1\ALLUSE~1\APPLIC~1\118300.34
    [05/08/2007|09:52] C:\DOCUME~1\ALLUSE~1\APPLIC~1\addr_file.html
    [11/11/2007|13:17] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe
    [28/03/2007|19:16] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe Systems
    [13/05/2008|23:10] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple Computer
    [30/04/2008|18:02] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Avira
    [15/09/2006|16:31] C:\DOCUME~1\ALLUSE~1\APPLIC~1\desktop.ini
    [03/09/2007|20:16] C:\DOCUME~1\ALLUSE~1\APPLIC~1\DVD Shrink
    [27/02/2008|23:14] C:\DOCUME~1\ALLUSE~1\APPLIC~1\EPSON
    [30/06/2007|15:42] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Google
    [05/08/2007|17:42] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Grisoft
    [05/03/2007|09:44] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Intel
    [01/05/2008|17:15] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Kodak
    [31/07/2008|02:21] C:\DOCUME~1\ALLUSE~1\APPLIC~1\LauncherAccess.dt
    [05/08/2007|01:55] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Lavasoft
    [08/03/2007|19:03] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Macromedia
    [01/07/2008|23:18] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Messenger Plus!
    [29/04/2008|12:10] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft
    [26/07/2008|00:05] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft Help
    [25/03/2007|23:08] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Nero
    [25/05/2007|18:39] C:\DOCUME~1\ALLUSE~1\APPLIC~1\nView_Profiles
    [01/07/2008|22:56] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Roam Program Comp About
    [03/12/2007|20:14] C:\DOCUME~1\ALLUSE~1\APPLIC~1\SimCity Societies
    [29/04/2008|12:11] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Spybot - Search & Destroy
    [05/03/2007|10:02] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Symantec
    [01/05/2008|17:12] C:\DOCUME~1\ALLUSE~1\APPLIC~1\TEMP
    [27/02/2008|23:19] C:\DOCUME~1\ALLUSE~1\APPLIC~1\UDL
    [02/04/2007|16:28] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Genuine Advantage
    [24/12/2007|13:48] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WLInstaller

    [27/09/2006|23:37] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Adobe
    [22/09/2006|15:12] C:\DOCUME~1\DEFAUL~1\APPLIC~1\ATI
    [15/09/2006|16:31] C:\DOCUME~1\DEFAUL~1\APPLIC~1\desktop.ini
    [27/09/2006|23:37] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Identities
    [05/03/2007|09:45] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Intel
    [27/09/2006|23:37] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft
    [27/09/2006|23:37] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Sonic
    [27/09/2006|23:37] C:\DOCUME~1\DEFAUL~1\APPLIC~1\toshiba
    [27/09/2006|23:37] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Windows Desktop Search

    [23/12/2007|19:00] C:\DOCUME~1\kalash91\APPLIC~1\1&1
    [28/04/2008|15:58] C:\DOCUME~1\kalash91\APPLIC~1\Adobe
    [20/03/2007|20:14] C:\DOCUME~1\kalash91\APPLIC~1\AdobeUM
    [26/04/2007|19:23] C:\DOCUME~1\kalash91\APPLIC~1\Ahead
    [01/02/2008|16:57] C:\DOCUME~1\kalash91\APPLIC~1\AlauxSoft
    [22/09/2006|15:12] C:\DOCUME~1\kalash91\APPLIC~1\ATI
    [29/12/2007|18:35] C:\DOCUME~1\kalash91\APPLIC~1\Canon
    [09/09/2007|18:26] C:\DOCUME~1\kalash91\APPLIC~1\Crystal FTP
    [15/09/2006|16:31] C:\DOCUME~1\kalash91\APPLIC~1\desktop.ini
    [02/07/2007|01:28] C:\DOCUME~1\kalash91\APPLIC~1\Disney Interactive Studios
    [19/07/2007|13:33] C:\DOCUME~1\kalash91\APPLIC~1\dvdcss
    [27/02/2008|23:32] C:\DOCUME~1\kalash91\APPLIC~1\EPSON
    [07/07/2008|18:02] C:\DOCUME~1\kalash91\APPLIC~1\fast hide wma
    [09/12/2007|19:42] C:\DOCUME~1\kalash91\APPLIC~1\Gearbox Software
    [15/02/2008|22:36] C:\DOCUME~1\kalash91\APPLIC~1\GetRight
    [06/03/2008|21:35] C:\DOCUME~1\kalash91\APPLIC~1\GetRightToGo
    [25/03/2008|14:07] C:\DOCUME~1\kalash91\APPLIC~1\G-Force Prefs (WindowsMediaPlayer).txt
    [09/04/2007|21:29] C:\DOCUME~1\kalash91\APPLIC~1\GlobalSCAPE
    [26/05/2008|01:05] C:\DOCUME~1\kalash91\APPLIC~1\GrabIt
    [08/03/2007|18:04] C:\DOCUME~1\kalash91\APPLIC~1\Help
    [27/09/2006|23:37] C:\DOCUME~1\kalash91\APPLIC~1\Identities
    [09/03/2008|15:37] C:\DOCUME~1\kalash91\APPLIC~1\Imperium Romanum
    [27/02/2008|23:14] C:\DOCUME~1\kalash91\APPLIC~1\InstallShield
    [05/03/2007|09:45] C:\DOCUME~1\kalash91\APPLIC~1\Intel
    [05/03/2007|09:52] C:\DOCUME~1\kalash91\APPLIC~1\InterVideo
    [29/04/2008|12:10] C:\DOCUME~1\kalash91\APPLIC~1\Lavasoft
    [08/03/2007|19:45] C:\DOCUME~1\kalash91\APPLIC~1\Macromedia
    [09/12/2007|01:01] C:\DOCUME~1\kalash91\APPLIC~1\Microgaming
    [27/04/2008|21:25] C:\DOCUME~1\kalash91\APPLIC~1\Microsoft
    [05/03/2007|11:28] C:\DOCUME~1\kalash91\APPLIC~1\Mozilla
    [05/03/2007|10:56] C:\DOCUME~1\kalash91\APPLIC~1\MSNInstaller
    [27/05/2008|17:43] C:\DOCUME~1\kalash91\APPLIC~1\Newsbin
    [30/11/2007|14:00] C:\DOCUME~1\kalash91\APPLIC~1\Nvu
    [28/03/2007|23:04] C:\DOCUME~1\kalash91\APPLIC~1\Opera
    [11/03/2007|00:50] C:\DOCUME~1\kalash91\APPLIC~1\Real
    [28/07/2008|13:16] C:\DOCUME~1\kalash91\APPLIC~1\Samsung
    [21/06/2007|18:47] C:\DOCUME~1\kalash91\APPLIC~1\SecuROM
    [27/09/2006|23:37] C:\DOCUME~1\kalash91\APPLIC~1\Sonic
    [18/03/2007|18:45] C:\DOCUME~1\kalash91\APPLIC~1\Sports Interactive
    [16/03/2007|18:56] C:\DOCUME~1\kalash91\APPLIC~1\Sun
    [27/09/2006|23:37] C:\DOCUME~1\kalash91\APPLIC~1\toshiba
    [30/06/2007|20:30] C:\DOCUME~1\kalash91\APPLIC~1\UseNeXT
    [26/05/2008|06:52] C:\DOCUME~1\kalash91\APPLIC~1\uTorrent
    [27/09/2006|23:37] C:\DOCUME~1\kalash91\APPLIC~1\Windows Desktop Search

    [05/03/2007|09:45] C:\DOCUME~1\LOCALS~1\APPLIC~1\Intel
    [08/05/2008|12:24] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft
    [27/09/2006|23:41] C:\DOCUME~1\LOCALS~1\APPLIC~1\X10 Commander

    [05/03/2007|09:45] C:\DOCUME~1\NETWOR~1\APPLIC~1\Intel
    [27/09/2006|23:41] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft

    --------------------\\ Tâches planifiées dans C:\windows\tasks

    [03/08/2008 11:00][--ah-----] C:\windows\tasks\A995CF01937E4AD1.job
    [11/08/2008 17:14][--ah-----] C:\windows\tasks\SA.DAT
    [10/08/2004 14:00][-r-h-----] C:\windows\tasks\desktop.ini

    ( A995CF01937E4AD1.job )=( c:\docume~1\kalash91\applic~1\fasthi~1\Acidtrustjump.exe )

    --------------------\\ Listing des dossiers dans C:\Program Files

    [05/03/2007|18:40] C:\Program Files\ACE Mega CoDecS Pack
    [25/05/2008|20:03] C:\Program Files\Activision
    [28/04/2008|15:58] C:\Program Files\Adobe
    [07/02/2008|00:42] C:\Program Files\AGEIA Technologies
    [08/05/2008|15:27] C:\Program Files\Alcohol Soft
    [30/04/2008|18:02] C:\Program Files\Avira
    [29/04/2008|16:32] C:\Program Files\Canon
    [28/04/2008|15:47] C:\Program Files\CCleaner
    [01/07/2008|22:55] C:\Program Files\Circle Developement
    [27/09/2006|23:49] C:\Program Files\Common Files
    [15/09/2006|14:36] C:\Program Files\ComPlus Applications
    [18/11/2007|11:47] C:\Program Files\Creative
    [01/08/2007|19:45] C:\Program Files\DAEMON Tools
    [31/12/2007|17:57] C:\Program Files\DivX
    [26/07/2008|16:42] C:\Program Files\eMule
    [28/04/2008|15:59] C:\Program Files\epson
    [01/07/2008|22:55] C:\Program Files\fast hide wma
    [28/04/2008|17:06] C:\Program Files\Fichiers communs
    [25/05/2008|16:06] C:\Program Files\GrabIt
    [27/07/2008|13:22] C:\Program Files\InstallShield Installation Information
    [05/03/2007|09:44] C:\Program Files\Intel
    [01/07/2008|02:17] C:\Program Files\Internet Explorer
    [26/07/2008|12:50] C:\Program Files\Java
    [27/09/2006|23:52] C:\Program Files\ltmoh
    [27/09/2006|23:52] C:\Program Files\Messenger
    [01/07/2008|22:55] C:\Program Files\Messenger Plus! Live
    [31/12/2007|05:42] C:\Program Files\Microsoft CAPICOM 2.1.0.2
    [27/09/2006|23:52] C:\Program Files\microsoft frontpage
    [01/04/2007|22:26] C:\Program Files\Microsoft Office
    [01/04/2007|22:26] C:\Program Files\Microsoft Visual Studio
    [01/04/2007|22:20] C:\Program Files\Microsoft Visual Studio 8
    [01/04/2007|22:27] C:\Program Files\Microsoft Works
    [01/04/2007|22:24] C:\Program Files\Microsoft.NET
    [27/09/2006|23:52] C:\Program Files\Movie Maker
    [11/08/2008|17:36] C:\Program Files\Mozilla Firefox
    [20/03/2007|21:26] C:\Program Files\MSN
    [27/09/2006|23:52] C:\Program Files\MSN Gaming Zone
    [05/03/2007|23:32] C:\Program Files\MSXML 4.0
    [25/03/2007|23:08] C:\Program Files\Nero
    [19/05/2008|18:14] C:\Program Files\NetAnts
    [27/09/2006|23:52] C:\Program Files\NetMeeting
    [18/11/2007|18:15] C:\Program Files\Neuf
    [29/07/2008|19:03] C:\Program Files\NRJ
    [06/05/2008|21:06] C:\Program Files\OpenAL
    [24/06/2007|10:04] C:\Program Files\Outlook Express
    [26/05/2008|01:00] C:\Program Files\QuickPar
    [27/09/2006|23:53] C:\Program Files\Realtek
    [27/07/2008|13:19] C:\Program Files\Samsung
    [27/09/2006|23:53] C:\Program Files\Services en ligne
    [19/05/2008|15:45] C:\Program Files\Sierra
    [19/05/2008|18:51] C:\Program Files\sixteen tons entertainment
    [26/07/2008|12:50] C:\Program Files\Sun
    [27/09/2006|23:54] C:\Program Files\Synaptics
    [29/04/2008|12:13] C:\Program Files\Toshiba
    [11/08/2008|17:32] C:\Program Files\Trend Micro
    [15/09/2006|15:50] C:\Program Files\Uninstall Information
    [25/05/2008|21:18] C:\Program Files\uTorrent
    [06/03/2008|22:42] C:\Program Files\VirtualDJ
    [08/03/2007|18:13] C:\Program Files\WinAce
    [27/09/2006|23:55] C:\Program Files\Windows Desktop Search
    [29/04/2008|12:15] C:\Program Files\Windows Live
    [14/05/2008|21:08] C:\Program Files\Windows Live Safety Center
    [29/07/2008|19:09] C:\Program Files\Windows Media Components
    [06/05/2008|18:00] C:\Program Files\Windows Media Connect 2
    [06/05/2008|18:00] C:\Program Files\Windows Media Player
    [27/09/2006|23:55] C:\Program Files\Windows NT
    [27/09/2006|23:55] C:\Program Files\Windows Plus
    [15/09/2006|14:39] C:\Program Files\WindowsUpdate
    [11/05/2008|20:07] C:\Program Files\WinISO
    [27/09/2006|23:55] C:\Program Files\X10 Hardware
    [27/09/2006|23:55] C:\Program Files\xerox

    --------------------\\ Listing des dossiers dans C:\Program Files\Fichiers communs

    [28/04/2008|15:58] C:\Program Files\Fichiers communs\Adobe
    [28/03/2007|18:52] C:\Program Files\Fichiers communs\Adobe Systems Shared
    [25/03/2007|23:11] C:\Program Files\Fichiers communs\Ahead
    [01/04/2007|22:26] C:\Program Files\Fichiers communs\DESIGNER
    [12/05/2007|14:13] C:\Program Files\Fichiers communs\FDEUnInstaller.exe
    [27/02/2008|23:21] C:\Program Files\Fichiers communs\InstallShield
    [27/09/2006|23:49] C:\Program Files\Fichiers communs\Java
    [30/12/2007|18:03] C:\Program Files\Fichiers communs\Labtec
    [01/02/2008|17:06] C:\Program Files\Fichiers communs\LogiShrd
    [24/12/2007|13:50] C:\Program Files\Fichiers communs\Microsoft Shared
    [27/09/2006|23:50] C:\Program Files\Fichiers communs\MSSoap
    [27/09/2006|23:50] C:\Program Files\Fichiers communs\ODBC
    [27/09/2006|23:50] C:\Program Files\Fichiers communs\Services
    [27/09/2006|23:50] C:\Program Files\Fichiers communs\SpeechEngines
    [05/03/2007|10:02] C:\Program Files\Fichiers communs\Symantec Shared
    [24/06/2007|10:04] C:\Program Files\Fichiers communs\System
    [24/12/2007|13:50] C:\Program Files\Fichiers communs\WindowsLiveInstaller
    [07/02/2008|00:42] C:\Program Files\Fichiers communs\Wise Installation Wizard

    --------------------\\ Process

    ( 62 Processus )

    iexplore.exe ~ [3000]
    iexplore.exe ~ [2756]

    --------------------\\ Recherche avec S_Lop

    C:\DOCUME~1\kalash91\LOCALS~1\Temp\bis7F.exe

    --------------------\\ Recherche de Fichiers / Dossiers Lop

    C:\DOCUME~1\ALLUSE~1\APPLIC~1\Roam Program Comp About
    C:\DOCUME~1\ALLUSE~1\APPLIC~1\Roam Program Comp About\body keep.exe
    C:\DOCUME~1\kalash91\APPLIC~1\fasthi~1
    C:\DOCUME~1\kalash91\APPLIC~1\fasthi~1\Dupe peak hole time.exe
    C:\DOCUME~1\kalash91\APPLIC~1\fasthi~1\dxrvfluz.exe
    C:\DOCUME~1\kalash91\APPLIC~1\fasthi~1\SpamFlap.exe
    C:\Program Files\fasthi~1
    C:\Program Files\Circle Developement
    C:\Program Files\Circle Developement\Uninstall.exe
    C:\windows\Tasks\A995CF01937E4AD1.job

    --------------------\\ Verification du Registre

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "second dart"="C:\\DOCUME~1\\kalash91\\APPLIC~1\\FASTHI~1\\SpamFlap.exe"

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "Comp about extra bin"="C:\\Documents and Settings\\All Users\\Application Data\\Roam Program Comp About\\body keep.exe"

    --------------------\\ Verification du fichier Hosts

    Fichier Hosts PROPRE

    --------------------\\ Recherche de fichiers avec Catchme

    catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
    Rootkit scan 2008-08-11 17:45:17
    Windows 5.1.2600 Service Pack 2 NTFS
    scanning hidden processes ...
    scanning hidden files ...
    scan completed successfully
    hidden processes: 0
    hidden files: 164

    --------------------\\ Recherche d'autres infections

    --------------------\\ Cracks & Keygens ..

    => C:\DOCUME~1\kalash91\Bureau\Emergency 4 crack no cd
    => C:\DOCUME~1\kalash91\Bureau\Emergency 4 crack no cd\Em4.exe
    => C:\DOCUME~1\kalash91\Bureau\Emergency 4 crack no cd\unleashed.nfo

    [F:1571][D:5]-> C:\DOCUME~1\kalash91\LOCALS~1\Temp
    [F:18][D:0]-> C:\DOCUME~1\kalash91\Cookies
    [F:171][D:4]-> C:\DOCUME~1\kalash91\LOCALS~1\TEMPOR~1\content.IE5

    --------------------\\ Fin du rapport a 17:46:32,89
    0

  5. Vous n’avez pas trouvé la réponse que vous recherchez ?

    Posez votre question
  6. Utilisateur anonyme
     
    télécharge OTMoveIt http://download.bleepingcomputer.com/oldtimer/OTMoveIt2.exe (de Old_Timer) sur ton Bureau.
    double-clique sur OTMoveIt.exe pour le lancer.
    Assure toi que la case Unregister Dll's and Ocx's soit bien cochée
    copie la liste qui se trouve en gras ci-dessous,
    et colle-la dans le cadre de gauche de OTMoveIt :Paste List of Files/Folders to be moved.

    C:\DOCUME~1\kalash91\Bureau\Emergency 4 crack no cd
    C:\DOCUME~1\kalash91\Bureau\Emergency 4 crack no cd\Em4.exe
    C:\DOCUME~1\kalash91\Bureau\Emergency 4 crack no cd\unleashed.nfo

    clique sur MoveIt! pour lancer la suppression.
    le résultat apparaitra dans le cadre "Results".
    clique sur Exit pour fermer.
    poste le rapport situé dans C:\_OTMoveIt\MovedFiles.

    il te sera peut-être demander de redémarrer le pc pour achever la suppression.si c'est le cas accepte par Yes.

    ensuite :

    Relance Lop S&D

    * Choisis cette fois ci l'Option 2 (Suppression)
    * Ne ferme pas la fenêtre lors de la suppression !
    * Poste le rapport généré (C:\lopR.txt)
    0
  7. kalash Messages postés 68 Statut Membre 1
     
    C:\DOCUME~1\kalash91\Bureau\Emergency 4 crack no cd moved successfully.
    File/Folder C:\DOCUME~1\kalash91\Bureau\Emergency 4 crack no cd\Em4.exe not found.
    File/Folder C:\DOCUME~1\kalash91\Bureau\Emergency 4 crack no cd\unleashed.nfo not found.

    OTMoveIt2 by OldTimer - Version 1.0.4.3 log created on 08112008_175712
    0
  8. kalash Messages postés 68 Statut Membre 1
     
    --------------------\\ Lop S&D 4.2.2-6 XP/Vista

    [ Windows XP (NT 5.1) Build 2600, Service Pack 2 ]
    [ USER : kalash91 ] [ "C:\Lop SD" ] [ Selection : 2 ]
    [ 11/08/2008 | 17:58:23,71 ] [ PC : KALASH ]
    [ MAJ : 09-08-2008 | 21:15 ]

    \\\\\\\\\\\\\\\\\\\\\\\\\\\\\\ SUPPRESSION /////////////////////////////

    Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\Roam Program Comp About\body keep.exe
    Supprime! - C:\DOCUME~1\kalash91\APPLIC~1\fasthi~1\Dupe peak hole time.exe
    Supprime! - C:\DOCUME~1\kalash91\APPLIC~1\fasthi~1\dxrvfluz.exe
    Supprime! - C:\DOCUME~1\kalash91\APPLIC~1\fasthi~1\SpamFlap.exe
    Supprime! - C:\Program Files\Circle Developement\Uninstall.exe
    Supprime! - C:\windows\Tasks\A995CF01937E4AD1.job
    Supprime! - C:\DOCUME~1\kalash91\LOCALS~1\Temp\bis7F.exe
    Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\Roam Program Comp About
    Supprime! - C:\DOCUME~1\kalash91\APPLIC~1\fasthi~1
    Supprime! - C:\Program Files\fasthi~1
    Supprime! - C:\Program Files\Circle Developement

    //////////////////////////////////////-\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\

    --------------------\\ Listing des dossiers dans APPLIC~1

    [27/09/2006|23:37] C:\DOCUME~1\ADMINI~1\APPLIC~1\Adobe
    [22/09/2006|15:12] C:\DOCUME~1\ADMINI~1\APPLIC~1\ATI
    [15/09/2006|16:31] C:\DOCUME~1\ADMINI~1\APPLIC~1\desktop.ini
    [27/09/2006|23:37] C:\DOCUME~1\ADMINI~1\APPLIC~1\Identities
    [05/03/2007|09:45] C:\DOCUME~1\ADMINI~1\APPLIC~1\Intel
    [27/09/2006|23:37] C:\DOCUME~1\ADMINI~1\APPLIC~1\Microsoft
    [27/09/2006|23:37] C:\DOCUME~1\ADMINI~1\APPLIC~1\Sonic
    [27/09/2006|23:37] C:\DOCUME~1\ADMINI~1\APPLIC~1\toshiba
    [27/09/2006|23:37] C:\DOCUME~1\ADMINI~1\APPLIC~1\Windows Desktop Search

    [28/04/2008|00:28] C:\DOCUME~1\ALLUSE~1\APPLIC~1\118300.34
    [05/08/2007|09:52] C:\DOCUME~1\ALLUSE~1\APPLIC~1\addr_file.html
    [11/11/2007|13:17] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe
    [28/03/2007|19:16] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe Systems
    [13/05/2008|23:10] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple Computer
    [30/04/2008|18:02] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Avira
    [15/09/2006|16:31] C:\DOCUME~1\ALLUSE~1\APPLIC~1\desktop.ini
    [03/09/2007|20:16] C:\DOCUME~1\ALLUSE~1\APPLIC~1\DVD Shrink
    [27/02/2008|23:14] C:\DOCUME~1\ALLUSE~1\APPLIC~1\EPSON
    [30/06/2007|15:42] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Google
    [05/08/2007|17:42] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Grisoft
    [05/03/2007|09:44] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Intel
    [01/05/2008|17:15] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Kodak
    [31/07/2008|02:21] C:\DOCUME~1\ALLUSE~1\APPLIC~1\LauncherAccess.dt
    [05/08/2007|01:55] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Lavasoft
    [08/03/2007|19:03] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Macromedia
    [01/07/2008|23:18] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Messenger Plus!
    [29/04/2008|12:10] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft
    [26/07/2008|00:05] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft Help
    [25/03/2007|23:08] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Nero
    [25/05/2007|18:39] C:\DOCUME~1\ALLUSE~1\APPLIC~1\nView_Profiles
    [03/12/2007|20:14] C:\DOCUME~1\ALLUSE~1\APPLIC~1\SimCity Societies
    [29/04/2008|12:11] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Spybot - Search & Destroy
    [05/03/2007|10:02] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Symantec
    [01/05/2008|17:12] C:\DOCUME~1\ALLUSE~1\APPLIC~1\TEMP
    [27/02/2008|23:19] C:\DOCUME~1\ALLUSE~1\APPLIC~1\UDL
    [02/04/2007|16:28] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Genuine Advantage
    [24/12/2007|13:48] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WLInstaller

    [27/09/2006|23:37] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Adobe
    [22/09/2006|15:12] C:\DOCUME~1\DEFAUL~1\APPLIC~1\ATI
    [15/09/2006|16:31] C:\DOCUME~1\DEFAUL~1\APPLIC~1\desktop.ini
    [27/09/2006|23:37] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Identities
    [05/03/2007|09:45] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Intel
    [27/09/2006|23:37] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft
    [27/09/2006|23:37] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Sonic
    [27/09/2006|23:37] C:\DOCUME~1\DEFAUL~1\APPLIC~1\toshiba
    [27/09/2006|23:37] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Windows Desktop Search

    [23/12/2007|19:00] C:\DOCUME~1\kalash91\APPLIC~1\1&1
    [28/04/2008|15:58] C:\DOCUME~1\kalash91\APPLIC~1\Adobe
    [20/03/2007|20:14] C:\DOCUME~1\kalash91\APPLIC~1\AdobeUM
    [26/04/2007|19:23] C:\DOCUME~1\kalash91\APPLIC~1\Ahead
    [01/02/2008|16:57] C:\DOCUME~1\kalash91\APPLIC~1\AlauxSoft
    [22/09/2006|15:12] C:\DOCUME~1\kalash91\APPLIC~1\ATI
    [29/12/2007|18:35] C:\DOCUME~1\kalash91\APPLIC~1\Canon
    [09/09/2007|18:26] C:\DOCUME~1\kalash91\APPLIC~1\Crystal FTP
    [15/09/2006|16:31] C:\DOCUME~1\kalash91\APPLIC~1\desktop.ini
    [02/07/2007|01:28] C:\DOCUME~1\kalash91\APPLIC~1\Disney Interactive Studios
    [19/07/2007|13:33] C:\DOCUME~1\kalash91\APPLIC~1\dvdcss
    [27/02/2008|23:32] C:\DOCUME~1\kalash91\APPLIC~1\EPSON
    [09/12/2007|19:42] C:\DOCUME~1\kalash91\APPLIC~1\Gearbox Software
    [15/02/2008|22:36] C:\DOCUME~1\kalash91\APPLIC~1\GetRight
    [06/03/2008|21:35] C:\DOCUME~1\kalash91\APPLIC~1\GetRightToGo
    [25/03/2008|14:07] C:\DOCUME~1\kalash91\APPLIC~1\G-Force Prefs (WindowsMediaPlayer).txt
    [09/04/2007|21:29] C:\DOCUME~1\kalash91\APPLIC~1\GlobalSCAPE
    [26/05/2008|01:05] C:\DOCUME~1\kalash91\APPLIC~1\GrabIt
    [08/03/2007|18:04] C:\DOCUME~1\kalash91\APPLIC~1\Help
    [27/09/2006|23:37] C:\DOCUME~1\kalash91\APPLIC~1\Identities
    [09/03/2008|15:37] C:\DOCUME~1\kalash91\APPLIC~1\Imperium Romanum
    [27/02/2008|23:14] C:\DOCUME~1\kalash91\APPLIC~1\InstallShield
    [05/03/2007|09:45] C:\DOCUME~1\kalash91\APPLIC~1\Intel
    [05/03/2007|09:52] C:\DOCUME~1\kalash91\APPLIC~1\InterVideo
    [29/04/2008|12:10] C:\DOCUME~1\kalash91\APPLIC~1\Lavasoft
    [08/03/2007|19:45] C:\DOCUME~1\kalash91\APPLIC~1\Macromedia
    [09/12/2007|01:01] C:\DOCUME~1\kalash91\APPLIC~1\Microgaming
    [27/04/2008|21:25] C:\DOCUME~1\kalash91\APPLIC~1\Microsoft
    [05/03/2007|11:28] C:\DOCUME~1\kalash91\APPLIC~1\Mozilla
    [05/03/2007|10:56] C:\DOCUME~1\kalash91\APPLIC~1\MSNInstaller
    [27/05/2008|17:43] C:\DOCUME~1\kalash91\APPLIC~1\Newsbin
    [30/11/2007|14:00] C:\DOCUME~1\kalash91\APPLIC~1\Nvu
    [28/03/2007|23:04] C:\DOCUME~1\kalash91\APPLIC~1\Opera
    [11/03/2007|00:50] C:\DOCUME~1\kalash91\APPLIC~1\Real
    [28/07/2008|13:16] C:\DOCUME~1\kalash91\APPLIC~1\Samsung
    [21/06/2007|18:47] C:\DOCUME~1\kalash91\APPLIC~1\SecuROM
    [27/09/2006|23:37] C:\DOCUME~1\kalash91\APPLIC~1\Sonic
    [18/03/2007|18:45] C:\DOCUME~1\kalash91\APPLIC~1\Sports Interactive
    [16/03/2007|18:56] C:\DOCUME~1\kalash91\APPLIC~1\Sun
    [27/09/2006|23:37] C:\DOCUME~1\kalash91\APPLIC~1\toshiba
    [30/06/2007|20:30] C:\DOCUME~1\kalash91\APPLIC~1\UseNeXT
    [26/05/2008|06:52] C:\DOCUME~1\kalash91\APPLIC~1\uTorrent
    [27/09/2006|23:37] C:\DOCUME~1\kalash91\APPLIC~1\Windows Desktop Search

    [05/03/2007|09:45] C:\DOCUME~1\LOCALS~1\APPLIC~1\Intel
    [08/05/2008|12:24] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft
    [27/09/2006|23:41] C:\DOCUME~1\LOCALS~1\APPLIC~1\X10 Commander

    [05/03/2007|09:45] C:\DOCUME~1\NETWOR~1\APPLIC~1\Intel
    [27/09/2006|23:41] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft

    --------------------\\ Tâches planifiées dans C:\windows\tasks

    [11/08/2008 17:14][--ah-----] C:\windows\tasks\SA.DAT
    [10/08/2004 14:00][-r-h-----] C:\windows\tasks\desktop.ini

    --------------------\\ Listing des dossiers dans C:\Program Files

    [05/03/2007|18:40] C:\Program Files\ACE Mega CoDecS Pack
    [25/05/2008|20:03] C:\Program Files\Activision
    [28/04/2008|15:58] C:\Program Files\Adobe
    [07/02/2008|00:42] C:\Program Files\AGEIA Technologies
    [08/05/2008|15:27] C:\Program Files\Alcohol Soft
    [30/04/2008|18:02] C:\Program Files\Avira
    [29/04/2008|16:32] C:\Program Files\Canon
    [28/04/2008|15:47] C:\Program Files\CCleaner
    [27/09/2006|23:49] C:\Program Files\Common Files
    [15/09/2006|14:36] C:\Program Files\ComPlus Applications
    [18/11/2007|11:47] C:\Program Files\Creative
    [01/08/2007|19:45] C:\Program Files\DAEMON Tools
    [31/12/2007|17:57] C:\Program Files\DivX
    [26/07/2008|16:42] C:\Program Files\eMule
    [28/04/2008|15:59] C:\Program Files\epson
    [28/04/2008|17:06] C:\Program Files\Fichiers communs
    [25/05/2008|16:06] C:\Program Files\GrabIt
    [27/07/2008|13:22] C:\Program Files\InstallShield Installation Information
    [05/03/2007|09:44] C:\Program Files\Intel
    [01/07/2008|02:17] C:\Program Files\Internet Explorer
    [26/07/2008|12:50] C:\Program Files\Java
    [27/09/2006|23:52] C:\Program Files\ltmoh
    [27/09/2006|23:52] C:\Program Files\Messenger
    [01/07/2008|22:55] C:\Program Files\Messenger Plus! Live
    [31/12/2007|05:42] C:\Program Files\Microsoft CAPICOM 2.1.0.2
    [27/09/2006|23:52] C:\Program Files\microsoft frontpage
    [01/04/2007|22:26] C:\Program Files\Microsoft Office
    [01/04/2007|22:26] C:\Program Files\Microsoft Visual Studio
    [01/04/2007|22:20] C:\Program Files\Microsoft Visual Studio 8
    [01/04/2007|22:27] C:\Program Files\Microsoft Works
    [01/04/2007|22:24] C:\Program Files\Microsoft.NET
    [27/09/2006|23:52] C:\Program Files\Movie Maker
    [11/08/2008|17:36] C:\Program Files\Mozilla Firefox
    [20/03/2007|21:26] C:\Program Files\MSN
    [27/09/2006|23:52] C:\Program Files\MSN Gaming Zone
    [05/03/2007|23:32] C:\Program Files\MSXML 4.0
    [25/03/2007|23:08] C:\Program Files\Nero
    [19/05/2008|18:14] C:\Program Files\NetAnts
    [27/09/2006|23:52] C:\Program Files\NetMeeting
    [18/11/2007|18:15] C:\Program Files\Neuf
    [29/07/2008|19:03] C:\Program Files\NRJ
    [06/05/2008|21:06] C:\Program Files\OpenAL
    [24/06/2007|10:04] C:\Program Files\Outlook Express
    [26/05/2008|01:00] C:\Program Files\QuickPar
    [27/09/2006|23:53] C:\Program Files\Realtek
    [27/07/2008|13:19] C:\Program Files\Samsung
    [27/09/2006|23:53] C:\Program Files\Services en ligne
    [19/05/2008|15:45] C:\Program Files\Sierra
    [19/05/2008|18:51] C:\Program Files\sixteen tons entertainment
    [26/07/2008|12:50] C:\Program Files\Sun
    [27/09/2006|23:54] C:\Program Files\Synaptics
    [29/04/2008|12:13] C:\Program Files\Toshiba
    [11/08/2008|17:32] C:\Program Files\Trend Micro
    [15/09/2006|15:50] C:\Program Files\Uninstall Information
    [25/05/2008|21:18] C:\Program Files\uTorrent
    [06/03/2008|22:42] C:\Program Files\VirtualDJ
    [08/03/2007|18:13] C:\Program Files\WinAce
    [27/09/2006|23:55] C:\Program Files\Windows Desktop Search
    [29/04/2008|12:15] C:\Program Files\Windows Live
    [14/05/2008|21:08] C:\Program Files\Windows Live Safety Center
    [29/07/2008|19:09] C:\Program Files\Windows Media Components
    [06/05/2008|18:00] C:\Program Files\Windows Media Connect 2
    [06/05/2008|18:00] C:\Program Files\Windows Media Player
    [27/09/2006|23:55] C:\Program Files\Windows NT
    [27/09/2006|23:55] C:\Program Files\Windows Plus
    [15/09/2006|14:39] C:\Program Files\WindowsUpdate
    [11/05/2008|20:07] C:\Program Files\WinISO
    [27/09/2006|23:55] C:\Program Files\X10 Hardware
    [27/09/2006|23:55] C:\Program Files\xerox

    --------------------\\ Listing des dossiers dans C:\Program Files\Fichiers communs

    [28/04/2008|15:58] C:\Program Files\Fichiers communs\Adobe
    [28/03/2007|18:52] C:\Program Files\Fichiers communs\Adobe Systems Shared
    [25/03/2007|23:11] C:\Program Files\Fichiers communs\Ahead
    [01/04/2007|22:26] C:\Program Files\Fichiers communs\DESIGNER
    [12/05/2007|14:13] C:\Program Files\Fichiers communs\FDEUnInstaller.exe
    [27/02/2008|23:21] C:\Program Files\Fichiers communs\InstallShield
    [27/09/2006|23:49] C:\Program Files\Fichiers communs\Java
    [30/12/2007|18:03] C:\Program Files\Fichiers communs\Labtec
    [01/02/2008|17:06] C:\Program Files\Fichiers communs\LogiShrd
    [24/12/2007|13:50] C:\Program Files\Fichiers communs\Microsoft Shared
    [27/09/2006|23:50] C:\Program Files\Fichiers communs\MSSoap
    [27/09/2006|23:50] C:\Program Files\Fichiers communs\ODBC
    [27/09/2006|23:50] C:\Program Files\Fichiers communs\Services
    [27/09/2006|23:50] C:\Program Files\Fichiers communs\SpeechEngines
    [05/03/2007|10:02] C:\Program Files\Fichiers communs\Symantec Shared
    [24/06/2007|10:04] C:\Program Files\Fichiers communs\System
    [24/12/2007|13:50] C:\Program Files\Fichiers communs\WindowsLiveInstaller
    [07/02/2008|00:42] C:\Program Files\Fichiers communs\Wise Installation Wizard

    --------------------\\ Process

    ( 60 Processus )

    ... OK !

    --------------------\\ Recherche avec S_Lop

    Aucun fichier / dossier Lop trouvé !

    --------------------\\ Recherche de Fichiers / Dossiers Lop

    C:\DOCUME~1\kalash91\Cookies\kalash91@adopt.euroclick[2].txt
    C:\DOCUME~1\kalash91\Cookies\kalash91@pacificpoker[1].txt

    --------------------\\ Verification du Registre

    ..... OK !

    --------------------\\ Verification du fichier Hosts

    Fichier Hosts PROPRE

    --------------------\\ Recherche de fichiers avec Catchme

    catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
    Rootkit scan 2008-08-11 18:01:46
    Windows 5.1.2600 Service Pack 2 NTFS
    scanning hidden processes ...
    scanning hidden files ...
    scan completed successfully
    hidden processes: 0
    hidden files: 164

    --------------------\\ Recherche d'autres infections

    Aucune autre infection trouvée !

    [F:1570][D:6]-> C:\DOCUME~1\kalash91\LOCALS~1\Temp
    [F:21][D:0]-> C:\DOCUME~1\kalash91\Cookies
    [F:234][D:4]-> C:\DOCUME~1\kalash91\LOCALS~1\TEMPOR~1\content.IE5

    --------------------\\ Fin du rapport a 18:03:01,70
    0
  9. Utilisateur anonyme
     
    Telecharge malwarebytes

    -> http://www.malwarebytes.org/mbam/program/mbam-setup.exe

    Tu l´instale; le programme va se mettre automatiquement a jour.

    Une fois a jour, le programme va se lancer; click sur l´onglet parametre, et coche la case : "Arreter internet explorer pendant la suppression".

    Click maintenant sur l´onglet recherche et coche la case : "executer un examen complet".

    Puis click sur "rechercher".

    Laisse le scanner le pc...

    Si des elements on ete trouvés > click sur supprimer la selection.

    si il t´es demandé de redemarrer > click sur "yes".

    A la fin un rapport va s´ouvrir; sauvegarde le de maniere a le retrouver en vu de le poster sur le forum.

    Copie et colle le rapport stp.

    PS : les rapport sont aussi rangé dans l onglet rapport/log
    0
  10. kalash Messages postés 68 Statut Membre 1
     
    Malwarebytes' Anti-Malware 1.24
    Version de la base de données: 1040
    Windows 5.1.2600 Service Pack 2

    19:41:41 11/08/2008
    mbam-log-8-11-2008 (19-41-41).txt

    Type de recherche: Examen complet (C:\|)
    Eléments examinés: 123846
    Temps écoulé: 1 hour(s), 5 minute(s), 35 second(s)

    Processus mémoire infecté(s): 0
    Module(s) mémoire infecté(s): 0
    Clé(s) du Registre infectée(s): 2
    Valeur(s) du Registre infectée(s): 0
    Elément(s) de données du Registre infecté(s): 0
    Dossier(s) infecté(s): 0
    Fichier(s) infecté(s): 0

    Processus mémoire infecté(s):
    (Aucun élément nuisible détecté)

    Module(s) mémoire infecté(s):
    (Aucun élément nuisible détecté)

    Clé(s) du Registre infectée(s):
    HKEY_CURRENT_USER\SOFTWARE\Casino Tropez (Adware.Casino) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Casino Tropez (Adware.Casino) -> Quarantined and deleted successfully.

    Valeur(s) du Registre infectée(s):
    (Aucun élément nuisible détecté)

    Elément(s) de données du Registre infecté(s):
    (Aucun élément nuisible détecté)

    Dossier(s) infecté(s):
    (Aucun élément nuisible détecté)

    Fichier(s) infecté(s):
    (Aucun élément nuisible détecté)
    0
  11. Utilisateur anonyme
     
    Comment va le pc ??

    réouvre malewarebyte
    va sur quarantaine
    supprime tout

    refais un scan hijackthis et post le rapport et on termine
    0
  12. kalash Messages postés 68 Statut Membre 1
     
    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 19:49:58, on 11/08/2008
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v7.00 (7.00.6000.16674)
    Boot mode: Normal

    Running processes:
    C:\windows\System32\smss.exe
    C:\windows\system32\winlogon.exe
    C:\windows\system32\services.exe
    C:\windows\system32\lsass.exe
    C:\windows\system32\svchost.exe
    C:\windows\System32\svchost.exe
    C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
    C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
    C:\windows\system32\spoolsv.exe
    C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
    C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
    C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
    C:\windows\eHome\ehRecvr.exe
    C:\windows\eHome\ehSched.exe
    C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
    C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
    C:\windows\system32\svchost.exe
    C:\Program Files\Toshiba\TOSHIBA Applet\TAPPSRV.exe
    C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe
    C:\WINDOWS\system32\dllhost.exe
    C:\WINDOWS\ehome\ehtray.exe
    C:\windows\system32\rundll32.exe
    C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
    C:\windows\system32\rundll32.exe
    C:\windows\AGRSMMSG.exe
    C:\Program Files\Toshiba\Toshiba Applet\thotkey.exe
    C:\windows\system32\TPSMain.exe
    C:\Program Files\TOSHIBA\ConfigFree\NDSTray.exe
    C:\Program Files\TOSHIBA\Tvs\TvsTray.exe
    C:\WINDOWS\eHome\ehmsas.exe
    C:\Program Files\TOSHIBA\Commandes TOSHIBA\TFncKy.exe
    C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe
    C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe
    C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
    C:\Program Files\Neuf\Kit\WiFi\9wifi.exe
    C:\Program Files\Synaptics\SynTP\Toshiba.exe
    C:\Program Files\DAEMON Tools\daemon.exe
    C:\Program Files\TOSHIBA\TOSCDSPD\toscdspd.exe
    C:\windows\system32\ctfmon.exe
    C:\windows\system32\TPSBattM.exe
    C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe
    C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe
    C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexStoreSvr.exe
    C:\Program Files\Intel\Wireless\Bin\Dot1XCfg.exe
    C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe
    C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
    C:\Program Files\Windows Live\Messenger\usnsvc.exe
    C:\Program Files\Mozilla Firefox\firefox.exe
    C:\windows\explorer.exe
    C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = https://actus.sfr.fr
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?FORM=TOOLBR&cc=fr&toHttps=1&redig=4527FFF1C12746FC9EDB535C75E80ECC
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.ionos.fr/
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
    R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = https://www.bing.com/?FORM=TOOLBR&cc=fr&toHttps=1&redig=4527FFF1C12746FC9EDB535C75E80ECC
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
    O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
    O2 - BHO: dsWebAllowBHO Class - {2F85D76C-0569-466F-A488-493E6BD0E955} - C:\Program Files\Windows Desktop Search\dsWebAllow.dll
    O2 - BHO: NetAnts.IE.Monitor - {57E91B41-F40A-11D1-B792-444553540000} - C:\Program Files\NetAnts\AntAPI.dll
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
    O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe
    O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
    O4 - HKLM\..\Run: [nwiz] nwiz.exe /installquiet /keeploaded /nodetect
    O4 - HKLM\..\Run: [NVRotateSysTray] rundll32.exe C:\WINDOWS\system32\nvsysrot.dll,Enable
    O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
    O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
    O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
    O4 - HKLM\..\Run: [THotkey] C:\Program Files\Toshiba\Toshiba Applet\thotkey.exe
    O4 - HKLM\..\Run: [TPSMain] TPSMain.exe
    O4 - HKLM\..\Run: [NDSTray.exe] NDSTray.exe
    O4 - HKLM\..\Run: [Tvs] C:\Program Files\TOSHIBA\Tvs\TvsTray.exe
    O4 - HKLM\..\Run: [TFncKy] TFncKy.exe
    O4 - HKLM\..\Run: [IntelZeroConfig] "C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe"
    O4 - HKLM\..\Run: [IntelWireless] "C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe" /tf Intel PROSet/Wireless
    O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Fichiers communs\Ahead\Lib\NeroCheck.exe
    O4 - HKLM\..\Run: [NvMediaCenter] RunDLL32.exe NvMCTray.dll,NvTaskbarInit
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
    O4 - HKLM\..\Run: [CFSServ.exe] CFSServ.exe -NoClient
    O4 - HKLM\..\Run: [Autoconfigurateur WiFi Neuf] "C:\Program Files\Neuf\Kit\WiFi\9wifi.exe"
    O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
    O4 - HKLM\..\Run: [DAEMON Tools] "C:\Program Files\DAEMON Tools\daemon.exe" -lang 1033
    O4 - HKCU\..\Run: [TOSCDSPD] C:\Program Files\TOSHIBA\TOSCDSPD\toscdspd.exe
    O4 - HKCU\..\Run: [ctfmon.exe] C:\windows\system32\ctfmon.exe
    O4 - HKCU\..\Run: [updateMgr] "C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe" AcRdB7_0_8
    O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe"
    O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
    O4 - HKCU\..\Run: [EPSON Stylus DX8400 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATICEE.EXE /FU "C:\WINDOWS\TEMP\E_S120.tmp" /EF "HKCU"
    O4 - HKCU\..\Run: [AlcoholAutomount] "C:\Program Files\Alcohol Soft\Alcohol 120\axcmd.exe" /automount
    O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
    O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
    O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
    O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
    O8 - Extra context menu item: &Download by NetAnts - C:\PROGRA~1\NetAnts\NAGet.htm
    O8 - Extra context menu item: Download &All by NetAnts - C:\PROGRA~1\NetAnts\NAGetAll.htm
    O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
    O9 - Extra button: NetAnts - {57E91B47-F40A-11D1-B792-444553540000} - C:\PROGRA~1\NetAnts\NetAnts.exe
    O9 - Extra 'Tools' menuitem: &NetAnts - {57E91B47-F40A-11D1-B792-444553540000} - C:\PROGRA~1\NetAnts\NetAnts.exe
    O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\windows\bdoscandel.exe
    O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\windows\bdoscandel.exe
    O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
    O9 - Extra button: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Program Files\PartyPoker\PartyPoker.exe (file missing)
    O9 - Extra 'Tools' menuitem: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Program Files\PartyPoker\PartyPoker.exe (file missing)
    O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\windows\Network Diagnostic\xpnetdiag.exe
    O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\windows\Network Diagnostic\xpnetdiag.exe
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx2.hotmail.com/mail/w2/resources/MSNPUpld.cab
    O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.bitdefender.fr/scan_fr/scan8/oscan8.cab
    O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
    O16 - DPF: {D8089245-3211-40F6-819B-9E5E92CD61A2} (FlashXControl Object) - https://mppv2flash3.valueactive.com/UniBet/FlashAX.cab
    O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
    O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
    O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
    O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\windows\system32\Ati2evxx.exe
    O23 - Service: ConfigFree Service (CFSvcs) - TOSHIBA CORPORATION - C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
    O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
    O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
    O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe
    O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\windows\system32\nvsvc32.exe
    O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
    O23 - Service: Intel(R) PROSet/Wireless Service (S24EventMonitor) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
    O23 - Service: StarWind AE Service (StarWindServiceAE) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
    O23 - Service: TOSHIBA Application Service (TAPPSRV) - TOSHIBA Corp. - C:\Program Files\Toshiba\TOSHIBA Applet\TAPPSRV.exe
    O23 - Service: X10 Device Network Service (x10nets) - X10 - C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe
    0
  13. Utilisateur anonyme
     
    réouvre hijackthis
    fais scan only
    coches ces lignes :

    O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
    O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
    O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
    O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')

    O9 - Extra button: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Program Files\PartyPoker\PartyPoker.exe (file missing)
    O9 - Extra 'Tools' menuitem: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Program Files\PartyPoker\PartyPoker.exe (file missing)

    O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx2.hotmail.com/mail/w2/resources/MSNPUpld.cab
    O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.bitdefender.fr/scan_fr/scan8/oscan8.cab
    O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
    O16 - DPF: {D8089245-3211-40F6-819B-9E5E92CD61A2} (FlashXControl Object) - https://mppv2flash3.valueactive.com/UniBet/FlashAX.cab

    tu les coches et tu clic sur fix checked

    ensuite :

    -> Télécharge Ccleaner (n'installe pas la barre d'outil Yahoo):

    http://download.piriform.com/ccsetup210.exe

    https://www.01net.com/telecharger/windows/Utilitaire/nettoyeurs_et_installeurs/fiches/32599.html

    -> Tuto : https://www.malekal.com/tutoriel-ccleaner/

    ensuite :

    * pour supprimer les outils/fix utilisés :

    Télécharge ToolsCleaner sur ton bureau.
    -->
    ftp://ftp.commentcamarche.com/download/ToolsCleaner2.exe
    http://www.commentcamarche.net/telecharger/telecharger 34055291 toolscleaner
    http://pc-system.fr/

    # Clique sur Recherche et laisse le scan agir ...
    # Clique sur Suppression pour finaliser.
    # Tu peux, si tu le souhaites, te servir des Options facultatives.
    # Clique sur Quitter pour obtenir le rapport.
    # Poste le rapport (TCleaner.txt) qui se trouve à la racine de ton disque dur (C:\).

    et fais ceci :

    Désactive et réactive ta restauration system

    Tuto xp : http://service1.symantec.com/support/inter/tsgeninfointl.Nsf/fr_docid/20020830101856924

    0

Discussions similaires

Ouvrir un fichier .pub sans Publisher
baissaoui -
baissaoui -

0 réponse
Mon écran de télé est cassé
Ugor1999 -
Utilisateur anonyme -

6 réponses
Ouvrir document Publisher sans Publisher
Curtis Hayes -
Curtis Hayes -

7 réponses
Lire, afficher, exécuter un fichier *.pub sans Publisher
jeannoellaurenti -
informatique_fujitsu -

1 réponse
Changer la couleur de fond d'un en-tête
Adamantine -
Karine -

5 réponses