Sujet Précédent Sujet Suivant

Fenêtre publicitaire

Résolu
pier.quincamp Messages postés 41 Statut Membre -  
 Utilisateur anonyme -
Bonjour,
Sur windows XP, ayant placé au niveau haut le blocage des fenêtres publicitaires, je continue toujours à en recevoir. ce qui ralentit à chaque fois le travail sur ordi. Qui a la solution pour stopper ce phénomène? Est ce dû à un virus?
Merci à tous ceux qui m'aideront.
A voir également:

16 réponses

Réponse 1 / 16
Utilisateur anonyme
 
Salut ,

Télécharge HijackThis ici :

-> Fais un clic droit sur un des liens et choisi enregistrer la cible sous .... le bureau
-> http://www.trendsecure.com/portal/en-US/_download/HJTInstall.exe
-> ftp://ftp.commentcamarche.com/download/HJTInstall.exe

-> Fais un double-clic sur HJTInstall.exe afin de lancer l'installation

-> Clique sur Install ensuite sur I Accept

-> Clique sur Do a scan system and save log file

-> Le bloc-notes s'ouvrira, fais un copier-coller de tout son contenu ici dans ta prochaine réponse
1
pier.quincamp Messages postés 41 Statut Membre 1
 
Bonjour et merci de ton intervention rapide.
Voici le résultat de l'analyse.

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 11:12:00, on 16/08/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16674)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Fichiers communs\LogiShrd\LVMVFM\LVPrcSrv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Fichiers communs\LogiShrd\LVCOMSER\LVComSer.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\System32\alg.exe
C:\Program Files\Fichiers communs\LogiShrd\LVCOMSER\LVComSer.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\Program Files\MSN Messenger\MsnMsgr.Exe
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
C:\Program Files\Orange HSS\Orange Desktop Search\OrangeDesktopSearch.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\PROGRA~1\Magentic\bin\MgApp.exe
C:\WINDOWS\DvzCommon\DvzMsgr.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\SAGEM Wi-Fi USB 802.11g\WLANUTL.exe
C:\Program Files\Palm\HOTSYNC.EXE
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Enigma Software Group\SpyHunter\SpyHunter3.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\WINDOWS\system32\wbem\wmiprvse.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = www.orange.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,First Home Page = https://support.microsoft.com/en-US/topic/internet-explorer-downloads-d49e1f0d-571c-9a7b-d97e-be248806ca70
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://192.168.1.1/ServicesAcces.html
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar3.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll
O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar3.dll
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [SpyHunter Security Suite] C:\Program Files\Enigma Software Group\SpyHunter\SpyHunter3.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [fsc-reminder.exe] C:\WINDOWS\reminder\fsc-reminder.exe 2454015 14
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - HKCU\..\Run: [Orange Desktop Search] "C:\Program Files\Orange HSS\Orange Desktop Search\OrangeDesktopSearch.exe" /tray
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [updateMgr] "C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe" AcRdB7_0_7 -reboot 1
O4 - HKCU\..\Run: [Magentic] C:\PROGRA~1\Magentic\bin\Magentic.exe /c
O4 - HKCU\..\Run: [clock cast] C:\DOCUME~1\BERNAR~1\APPLIC~1\SAVESC~1\CdromFree.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - S-1-5-18 Startup: HotSync Manager.lnk = C:\Program Files\Palm\HOTSYNC.EXE (User 'SYSTEM')
O4 - S-1-5-18 Startup: PowerReg Scheduler.exe (User 'SYSTEM')
O4 - .DEFAULT Startup: HotSync Manager.lnk = C:\Program Files\Palm\HOTSYNC.EXE (User 'Default user')
O4 - .DEFAULT Startup: PowerReg Scheduler.exe (User 'Default user')
O4 - Startup: HotSync Manager.lnk = C:\Program Files\Palm\HOTSYNC.EXE
O4 - Startup: PowerReg Scheduler.exe
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Dataviz Messenger.lnk = C:\WINDOWS\DvzCommon\DvzMsgr.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - Global Startup: Sagem - Utilitaire réseau pour Clé USB Wi-Fi 802.11g.lnk = ?
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\npjpi160_05.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\npjpi160_05.dll
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no file)
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab31267.cab
O16 - DPF: {87AF076E-D86D-4E87-ADDD-F05804E1F150} (VirginMega.DMFacade.Interface) - http://www.virginmega.fr/DownloadManager/Release/Prod/DownMan.cab
O16 - DPF: {88764F69-3831-4EC1-B40B-FF21D8381345} (AdVerifierADPCtrl Class) - https://static.impots.gouv.fr/tdir/static/adpform/AdSignerADP-1.1.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Fichiers communs\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: LVCOMSer - Logitech Inc. - C:\Program Files\Fichiers communs\LogiShrd\LVCOMSER\LVComSer.exe
O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - C:\Program Files\Fichiers communs\LogiShrd\LVMVFM\LVPrcSrv.exe
O23 - Service: LVSrvLauncher - Logitech Inc. - C:\Program Files\Fichiers communs\LogiShrd\SrvLnch\SrvLnch.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
0
pier.quincamp Messages postés 41 Statut Membre 1
 
Bonjour et merci de ton intervention rapide.
Voici le résultat de l'analyse.

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 11:12:00, on 16/08/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16674)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Fichiers communs\LogiShrd\LVMVFM\LVPrcSrv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Fichiers communs\LogiShrd\LVCOMSER\LVComSer.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\System32\alg.exe
C:\Program Files\Fichiers communs\LogiShrd\LVCOMSER\LVComSer.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\Program Files\MSN Messenger\MsnMsgr.Exe
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
C:\Program Files\Orange HSS\Orange Desktop Search\OrangeDesktopSearch.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\PROGRA~1\Magentic\bin\MgApp.exe
C:\WINDOWS\DvzCommon\DvzMsgr.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\SAGEM Wi-Fi USB 802.11g\WLANUTL.exe
C:\Program Files\Palm\HOTSYNC.EXE
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Enigma Software Group\SpyHunter\SpyHunter3.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\WINDOWS\system32\wbem\wmiprvse.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = www.orange.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,First Home Page = https://support.microsoft.com/en-US/topic/internet-explorer-downloads-d49e1f0d-571c-9a7b-d97e-be248806ca70
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://192.168.1.1/ServicesAcces.html
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar3.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll
O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar3.dll
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [SpyHunter Security Suite] C:\Program Files\Enigma Software Group\SpyHunter\SpyHunter3.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [fsc-reminder.exe] C:\WINDOWS\reminder\fsc-reminder.exe 2454015 14
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - HKCU\..\Run: [Orange Desktop Search] "C:\Program Files\Orange HSS\Orange Desktop Search\OrangeDesktopSearch.exe" /tray
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [updateMgr] "C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe" AcRdB7_0_7 -reboot 1
O4 - HKCU\..\Run: [Magentic] C:\PROGRA~1\Magentic\bin\Magentic.exe /c
O4 - HKCU\..\Run: [clock cast] C:\DOCUME~1\BERNAR~1\APPLIC~1\SAVESC~1\CdromFree.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - S-1-5-18 Startup: HotSync Manager.lnk = C:\Program Files\Palm\HOTSYNC.EXE (User 'SYSTEM')
O4 - S-1-5-18 Startup: PowerReg Scheduler.exe (User 'SYSTEM')
O4 - .DEFAULT Startup: HotSync Manager.lnk = C:\Program Files\Palm\HOTSYNC.EXE (User 'Default user')
O4 - .DEFAULT Startup: PowerReg Scheduler.exe (User 'Default user')
O4 - Startup: HotSync Manager.lnk = C:\Program Files\Palm\HOTSYNC.EXE
O4 - Startup: PowerReg Scheduler.exe
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Dataviz Messenger.lnk = C:\WINDOWS\DvzCommon\DvzMsgr.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - Global Startup: Sagem - Utilitaire réseau pour Clé USB Wi-Fi 802.11g.lnk = ?
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\npjpi160_05.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\npjpi160_05.dll
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no file)
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab31267.cab
O16 - DPF: {87AF076E-D86D-4E87-ADDD-F05804E1F150} (VirginMega.DMFacade.Interface) - http://www.virginmega.fr/DownloadManager/Release/Prod/DownMan.cab
O16 - DPF: {88764F69-3831-4EC1-B40B-FF21D8381345} (AdVerifierADPCtrl Class) - https://static.impots.gouv.fr/tdir/static/adpform/AdSignerADP-1.1.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Fichiers communs\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: LVCOMSer - Logitech Inc. - C:\Program Files\Fichiers communs\LogiShrd\LVCOMSER\LVComSer.exe
O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - C:\Program Files\Fichiers communs\LogiShrd\LVMVFM\LVPrcSrv.exe
O23 - Service: LVSrvLauncher - Logitech Inc. - C:\Program Files\Fichiers communs\LogiShrd\SrvLnch\SrvLnch.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
0
Réponse 2 / 16
Utilisateur anonyme
 
télécharge Lop S&D.exe sur ton Bureau.https://77b4795d-a-62cb3a1a-s-sites.googlegroups.com/site/eric71mespages/LopSD.exe?attachauth=ANoY7co3ntqUavpZ3q1BG-h4pc13vqDZmhcNeEPChtsyrgAykRbhE8bZzhk979EfQD4AgwtQUHCaQ7ZQwNYMo3_0kA8htAspckDJtu2K5t6J9z6dLW4fpZyH4FpFL1tVMBZ8H-KnN7afZ5vt-WxZRpnynk-a0XmV_Y0C0q6DxGEDKie1TnPT7gFoZnoCnspzBmbW6ZzxA4fNr3oEDlbelNZON-LjF8nOmQ%3D%3D&attredirects=2

* Double-clique dessus pour lancer l'installation
* Puis double-clique sur le raccourci Lop S&D présent sur ton Bureau
* Séléctionne la langue souhaitée , puis choisis l'option 1 (Recherche)
* Patiente jusqu'à la fin du scan
* Poste le rapport généré (C:\lopR.txt)

Tutorial ( aide ) : http://bibou0007.com/outils-specifiques-f78/tuto-lop-sd-t956.htm

0
pier.quincamp Messages postés 41 Statut Membre 1
 
Merci de ton intervention.
Voici le résultat de l'analyse.

--------------------\\ Lop S&D 4.2.2-9 XP/Vista

[ Windows XP (NT 5.1) Build 2600, Service Pack 2 ]
[ USER : bernard gueffier ] [ "C:\Lop SD" ] [ Selection : 1 ]
[ 16/08/2008 | 11:21:46 ] [ PC : BERNARD (Proc:x86) ]
[ MAJ : 13-08-2008 | 21:02 ]

--------------------\\ Listing des dossiers dans APPLIC~1

[05/07/2008|16:34] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe
[29/03/2006|11:07] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Ahead
[16/01/2008|19:49] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple Computer
[29/03/2006|12:21] C:\DOCUME~1\ALLUSE~1\APPLIC~1\desktop.ini
[19/07/2008|13:10] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Downloaded Installations
[01/04/2008|13:58] C:\DOCUME~1\ALLUSE~1\APPLIC~1\FLEXnet
[07/10/2006|00:26] C:\DOCUME~1\ALLUSE~1\APPLIC~1\GARMIN
[19/12/2006|19:19] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Google
[16/08/2008|10:04] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Jump Poll Poke Mp3
[01/02/2008|15:32] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Logishrd
[08/02/2007|19:27] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Logitech
[08/02/2007|19:27] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Logitech(2)
[08/02/2007|19:26] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Logitech(3)
[03/10/2007|11:49] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft
[06/10/2006|17:56] C:\DOCUME~1\ALLUSE~1\APPLIC~1\MSScanAppDataDir
[13/05/2007|12:07] C:\DOCUME~1\ALLUSE~1\APPLIC~1\muvee Technologies
[21/05/2008|23:12] C:\DOCUME~1\ALLUSE~1\APPLIC~1\PicturesToExe
[20/12/2006|22:02] C:\DOCUME~1\ALLUSE~1\APPLIC~1\QuickTime
[29/03/2006|11:00] C:\DOCUME~1\ALLUSE~1\APPLIC~1\SBSI
[14/08/2008|17:34] C:\DOCUME~1\ALLUSE~1\APPLIC~1\SoftLand Ltd
[09/08/2007|18:26] C:\DOCUME~1\ALLUSE~1\APPLIC~1\SystemDoctor Free
[23/08/2007|10:52] C:\DOCUME~1\ALLUSE~1\APPLIC~1\TEMP
[06/10/2006|16:46] C:\DOCUME~1\ALLUSE~1\APPLIC~1\UDL
[07/10/2006|00:42] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Ulead Systems
[11/12/2006|20:32] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Genuine Advantage
[10/10/2006|21:26] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Live Toolbar
[24/04/2008|10:02] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WinZip

[19/01/2008|13:17] C:\DOCUME~1\BERNAR~1\APPLIC~1\AccurateRip
[19/07/2008|10:31] C:\DOCUME~1\BERNAR~1\APPLIC~1\Adobe
[13/08/2007|12:11] C:\DOCUME~1\BERNAR~1\APPLIC~1\AdobeUM
[25/07/2007|15:55] C:\DOCUME~1\BERNAR~1\APPLIC~1\Ahead
[13/04/2007|17:23] C:\DOCUME~1\BERNAR~1\APPLIC~1\Anuman Interactive
[01/06/2008|19:22] C:\DOCUME~1\BERNAR~1\APPLIC~1\Apple Computer
[19/12/2006|20:20] C:\DOCUME~1\BERNAR~1\APPLIC~1\Arcsoft
[20/01/2008|17:48] C:\DOCUME~1\BERNAR~1\APPLIC~1\dBpoweramp
[29/03/2006|12:21] C:\DOCUME~1\BERNAR~1\APPLIC~1\desktop.ini
[09/10/2006|13:40] C:\DOCUME~1\BERNAR~1\APPLIC~1\DivX
[19/10/2006|18:24] C:\DOCUME~1\BERNAR~1\APPLIC~1\EPSON
[31/01/2007|08:38] C:\DOCUME~1\BERNAR~1\APPLIC~1\Google
[27/04/2008|22:50] C:\DOCUME~1\BERNAR~1\APPLIC~1\gtk-2.0
[23/08/2007|11:41] C:\DOCUME~1\BERNAR~1\APPLIC~1\Help
[29/03/2006|10:28] C:\DOCUME~1\BERNAR~1\APPLIC~1\Identities
[15/09/2007|09:43] C:\DOCUME~1\BERNAR~1\APPLIC~1\InterTrust
[19/12/2006|00:18] C:\DOCUME~1\BERNAR~1\APPLIC~1\InterVideo
[25/04/2008|11:35] C:\DOCUME~1\BERNAR~1\APPLIC~1\Jasc
[06/10/2006|17:33] C:\DOCUME~1\BERNAR~1\APPLIC~1\Leadertech
[06/10/2006|15:13] C:\DOCUME~1\BERNAR~1\APPLIC~1\Macromedia
[22/01/2007|23:55] C:\DOCUME~1\BERNAR~1\APPLIC~1\Media Player Classic
[19/04/2008|18:15] C:\DOCUME~1\BERNAR~1\APPLIC~1\Microsoft
[08/10/2006|19:28] C:\DOCUME~1\BERNAR~1\APPLIC~1\Mozilla
[07/10/2006|00:49] C:\DOCUME~1\BERNAR~1\APPLIC~1\MSNInstaller
[05/05/2007|10:11] C:\DOCUME~1\BERNAR~1\APPLIC~1\muvee Technologies
[31/03/2008|20:54] C:\DOCUME~1\BERNAR~1\APPLIC~1\Orph‚e D‚veloppement
[18/01/2008|23:46] C:\DOCUME~1\BERNAR~1\APPLIC~1\PPTminimizer
[16/01/2008|23:26] C:\DOCUME~1\BERNAR~1\APPLIC~1\QuickZip45.ini
[14/08/2008|09:45] C:\DOCUME~1\BERNAR~1\APPLIC~1\Real
[16/08/2008|10:04] C:\DOCUME~1\BERNAR~1\APPLIC~1\Save scr pure
[24/05/2007|09:30] C:\DOCUME~1\BERNAR~1\APPLIC~1\Smart Panel
[26/12/2007|10:38] C:\DOCUME~1\BERNAR~1\APPLIC~1\SPAMfighter
[25/12/2006|19:34] C:\DOCUME~1\BERNAR~1\APPLIC~1\Sun
[09/08/2007|18:37] C:\DOCUME~1\BERNAR~1\APPLIC~1\SystemDoctor Free
[02/11/2006|19:57] C:\DOCUME~1\BERNAR~1\APPLIC~1\Ulead Systems
[11/12/2006|11:45] C:\DOCUME~1\BERNAR~1\APPLIC~1\vlc
[16/01/2007|11:38] C:\DOCUME~1\BERNAR~1\APPLIC~1\wklnhst.dat

[29/03/2006|12:21] C:\DOCUME~1\DEFAUL~1\APPLIC~1\desktop.ini
[29/03/2006|10:28] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Identities
[29/03/2006|11:18] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft

[11/12/2006|20:33] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft

[29/03/2006|10:28] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft

--------------------\\ Tâches planifiées dans C:\WINDOWS\tasks

[16/08/2008 11:00][--ah-----] C:\WINDOWS\tasks\AF117C3A918AEE4E.job
[16/08/2008 10:06][--ah-----] C:\WINDOWS\tasks\SA.DAT
[05/08/2004 14:00][-r-h-----] C:\WINDOWS\tasks\desktop.ini

( AF117C3A918AEE4E.job )=( c:\docume~1\bernar~1\applic~1\savesc~1\AudioMetaIdol.exe )

--------------------\\ Listing des dossiers dans C:\Program Files

[27/03/2008|12:52] C:\Program Files\7-Zip
[05/07/2008|16:33] C:\Program Files\Adobe
[29/03/2006|11:07] C:\Program Files\Ahead
[15/09/2007|09:43] C:\Program Files\Alsyd
[06/10/2006|15:18] C:\Program Files\Alwil Software
[13/04/2007|16:46] C:\Program Files\Anuman Interactive
[03/11/2006|20:11] C:\Program Files\ArcSoft
[20/07/2007|23:10] C:\Program Files\Audacity
[22/08/2007|11:04] C:\Program Files\AudioCDMagic
[26/05/2007|08:29] C:\Program Files\Autofr
[22/08/2007|11:44] C:\Program Files\AXEL
[08/10/2007|19:22] C:\Program Files\Babylon
[01/04/2008|13:50] C:\Program Files\Bonjour
[03/11/2006|20:17] C:\Program Files\Canon
[08/06/2008|18:28] C:\Program Files\CDex_170b2
[29/03/2006|10:25] C:\Program Files\ComPlus Applications
[26/04/2008|09:12] C:\Program Files\Corel
[07/10/2006|00:38] C:\Program Files\directx
[16/08/2008|09:59] C:\Program Files\DivX
[27/07/2008|11:31] C:\Program Files\Documents To Go
[23/08/2007|10:52] C:\Program Files\Easy CD-DA Extractor 10
[12/08/2008|19:42] C:\Program Files\eChanblard
[20/12/2006|19:53] C:\Program Files\eMule
[16/08/2008|10:20] C:\Program Files\Enigma Software Group
[06/10/2006|16:47] C:\Program Files\EPSON
[01/08/2008|21:30] C:\Program Files\Fichiers communs
[07/10/2006|00:26] C:\Program Files\Garmin
[24/04/2008|08:35] C:\Program Files\GIMP-2.0
[01/02/2007|10:53] C:\Program Files\Google
[29/12/2007|17:05] C:\Program Files\HP PhotoSmart Printers
[19/01/2008|13:17] C:\Program Files\Illustrate
[10/02/2008|11:26] C:\Program Files\IncrediMail
[21/05/2008|23:15] C:\Program Files\InstallShield Installation Information
[16/08/2008|10:04] C:\Program Files\Internet Explorer
[29/03/2006|11:09] C:\Program Files\InterVideo
[25/04/2008|11:34] C:\Program Files\Jasc Software Inc
[21/03/2008|09:38] C:\Program Files\Java
[24/02/2007|11:40] C:\Program Files\LimeWire
[06/07/2007|18:05] C:\Program Files\LitexMedia
[17/01/2008|11:37] C:\Program Files\LM Version-2.5-F
[01/02/2008|15:24] C:\Program Files\Logitech
[17/08/2007|08:27] C:\Program Files\Magentic
[08/02/2007|19:25] C:\Program Files\Media Player Classic
[10/10/2006|21:55] C:\Program Files\Messenger
[16/01/2008|19:47] C:\Program Files\Micro Application
[10/05/2007|08:02] C:\Program Files\Microsoft CAPICOM 2.1.0.2
[08/02/2007|12:26] C:\Program Files\microsoft frontpage
[18/01/2008|19:21] C:\Program Files\Microsoft Office
[23/12/2007|05:23] C:\Program Files\Microsoft Picture It! 2002
[08/02/2007|19:24] C:\Program Files\Microsoft Visual Studio
[16/08/2008|10:04] C:\Program Files\Microsoft Works
[08/02/2007|19:27] C:\Program Files\Microsoft.NET
[31/03/2008|20:53] C:\Program Files\Mindscape
[29/03/2006|10:25] C:\Program Files\Movie Maker
[08/10/2006|19:28] C:\Program Files\Mozilla Firefox
[02/08/2008|11:02] C:\Program Files\MSECache
[07/10/2006|00:48] C:\Program Files\MSN
[29/03/2006|10:24] C:\Program Files\MSN Gaming Zone
[03/10/2007|11:50] C:\Program Files\MSN Messenger
[15/10/2006|03:00] C:\Program Files\MSXML 4.0
[26/05/2007|08:31] C:\Program Files\muvee Technologies
[29/03/2006|10:25] C:\Program Files\NetMeeting
[29/03/2006|10:24] C:\Program Files\Online Services
[04/12/2006|17:55] C:\Program Files\Orange HSS
[14/06/2007|08:52] C:\Program Files\Outlook Express
[25/04/2008|22:17] C:\Program Files\Paint Shop Pro 5
[01/08/2008|21:40] C:\Program Files\Palm
[28/03/2008|16:27] C:\Program Files\PhotoFiltre
[26/04/2008|09:32] C:\Program Files\PhotoFiltre Studio
[25/01/2008|10:21] C:\Program Files\Picasa2
[01/07/2007|11:26] C:\Program Files\Pinnacle
[18/01/2008|23:46] C:\Program Files\PPTminimizer
[16/01/2008|19:50] C:\Program Files\QuickTime
[16/01/2008|23:23] C:\Program Files\QuickZip4
[06/10/2006|15:00] C:\Program Files\Raccourcis de programmes
[01/08/2008|21:31] C:\Program Files\Real
[06/10/2006|15:06] C:\Program Files\SAGEM
[06/10/2006|15:07] C:\Program Files\SAGEM Wi-Fi USB 802.11g
[16/08/2008|10:04] C:\Program Files\Save scr pure
[29/03/2006|10:25] C:\Program Files\Services en ligne
[06/10/2006|16:43] C:\Program Files\Smart Panel
[01/05/2008|17:59] C:\Program Files\Sqirlz Morph
[01/05/2008|18:08] C:\Program Files\Sqirlz Water Reflections
[14/08/2007|09:54] C:\Program Files\SystemDoctor Free
[19/07/2008|13:16] C:\Program Files\TF1Vision
[16/08/2008|11:11] C:\Program Files\Trend Micro
[07/10/2006|00:43] C:\Program Files\Ulead Systems
[29/03/2006|10:28] C:\Program Files\Uninstall Information
[10/10/2006|22:52] C:\Program Files\VGA USB Camera
[29/03/2008|10:27] C:\Program Files\ViaMichelin
[11/12/2006|11:43] C:\Program Files\VideoLAN
[19/07/2008|13:10] C:\Program Files\VirginMega
[23/08/2007|11:22] C:\Program Files\Winamp
[10/10/2006|21:57] C:\Program Files\Windows Live Toolbar
[11/12/2006|20:14] C:\Program Files\Windows Media Connect 2
[19/07/2008|13:17] C:\Program Files\Windows Media Player
[29/03/2006|10:24] C:\Program Files\Windows NT
[29/03/2006|10:25] C:\Program Files\WindowsUpdate
[18/01/2008|18:24] C:\Program Files\WinRAR
[28/04/2008|08:36] C:\Program Files\WinZip
[29/03/2006|10:26] C:\Program Files\xerox
[10/10/2006|21:56] C:\Program Files\Yahoo!

--------------------\\ Listing des dossiers dans C:\Program Files\Fichiers communs

[05/07/2008|16:34] C:\Program Files\Fichiers communs\Adobe
[29/03/2006|11:06] C:\Program Files\Fichiers communs\Ahead
[08/02/2007|19:24] C:\Program Files\Fichiers communs\DESIGNER
[20/12/2006|22:02] C:\Program Files\Fichiers communs\Fellowes
[06/10/2006|17:28] C:\Program Files\Fichiers communs\InstallShield
[25/12/2006|19:32] C:\Program Files\Fichiers communs\Java
[01/02/2008|15:28] C:\Program Files\Fichiers communs\LogiShrd
[01/02/2008|15:25] C:\Program Files\Fichiers communs\Logitech
[01/04/2008|08:05] C:\Program Files\Fichiers communs\Macrovision Shared
[08/04/2008|13:58] C:\Program Files\Fichiers communs\Microsoft Shared
[29/03/2006|10:25] C:\Program Files\Fichiers communs\MSSoap
[21/05/2008|23:14] C:\Program Files\Fichiers communs\muvee Technologies
[29/03/2006|12:21] C:\Program Files\Fichiers communs\ODBC
[01/08/2008|21:30] C:\Program Files\Fichiers communs\Real
[29/03/2006|10:25] C:\Program Files\Fichiers communs\Services
[29/03/2006|12:21] C:\Program Files\Fichiers communs\SpeechEngines
[14/06/2007|08:52] C:\Program Files\Fichiers communs\System
[14/08/2007|09:54] C:\Program Files\Fichiers communs\SystemDoctor
[07/10/2006|00:41] C:\Program Files\Fichiers communs\Ulead Systems
[01/08/2008|21:30] C:\Program Files\Fichiers communs\xing shared

--------------------\\ Process

( 42 Processus )

iexplore.exe ~ [PID:2912] ~ [Threads:4]
iexplore.exe ~ [PID:3056] ~ [Threads:15]
iexplore.exe ~ [PID:3556] ~ [Threads:23]

--------------------\\ Recherche avec S_Lop

C:\DOCUME~1\BERNAR~1\LOCALS~1\Temp\bis9F.exe
C:\DOCUME~1\BERNAR~1\APPLIC~1\SAVESC~1
C:\DOCUME~1\BERNAR~1\APPLIC~1\SAVESC~1\AudioMetaIdol.exe
C:\DOCUME~1\BERNAR~1\APPLIC~1\SAVESC~1\bzfwokqg.exe
C:\DOCUME~1\BERNAR~1\APPLIC~1\SAVESC~1\CdromFree.exe

--------------------\\ Recherche de Fichiers / Dossiers Lop

C:\DOCUME~1\ALLUSE~1\APPLIC~1\Jump Poll Poke Mp3
C:\DOCUME~1\ALLUSE~1\APPLIC~1\Jump Poll Poke Mp3\jugs upload.exe
C:\DOCUME~1\BERNAR~1\APPLIC~1\savesc~1
C:\DOCUME~1\BERNAR~1\APPLIC~1\savesc~1\AudioMetaIdol.exe
C:\DOCUME~1\BERNAR~1\APPLIC~1\savesc~1\bzfwokqg.exe
C:\DOCUME~1\BERNAR~1\APPLIC~1\savesc~1\CdromFree.exe
C:\Program Files\savesc~1
C:\DOCUME~1\BERNAR~1\LOCALS~1\Temp\NetPumper.zip
C:\DOCUME~1\BERNAR~1\Cookies\bernard_gueffier@advertising[1].txt
C:\DOCUME~1\BERNAR~1\Cookies\bernard_gueffier@adopt.euroclick[1].txt
C:\WINDOWS\Tasks\AF117C3A918AEE4E.job

--------------------\\ Verification du Registre

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\show hole link]
"DisplayName"="CiD Help"
"UninstallString"="C:\\DOCUME~1\\BERNAR~1\\APPLIC~1\\SAVESC~1\\CdromFree.exe -uninstall"

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"clock cast"="C:\\DOCUME~1\\BERNAR~1\\APPLIC~1\\SAVESC~1\\CdromFree.exe"
"clock cast"="C:\\DOCUME~1\\BERNAR~1\\APPLIC~1\\SAVESC~1\\CdromFree.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

--------------------\\ Verification du fichier Hosts

Fichier Hosts PROPRE


--------------------\\ Recherche de fichiers avec Catchme

catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-08-16 11:23:54
Windows 5.1.2600 Service Pack 2 NTFS
scanning hidden processes ...
scanning hidden files ...
scan completed successfully
hidden processes: 0
hidden files: 1292

--------------------\\ Recherche d'autres infections

--------------------\\ Possible ROGUE ..

C:\DOCUME~1\ALLUSE~1\APPLIC~1\Antivirus 2008 XP
C:\DOCUME~1\ALLUSE~1\APPLIC~1\SystemDoctor Free
C:\DOCUME~1\BERNAR~1\APPLIC~1\SystemDoctor Free
C:\PROGRA~1\FICHIE~1\SystemDoctor
C:\PROGRA~1\SystemDoctor Free


Aucune autre infection trouvée !

[F:1056][D:282]-> C:\DOCUME~1\BERNAR~1\LOCALS~1\Temp
[F:80][D:0]-> C:\DOCUME~1\BERNAR~1\Cookies
[F:1429][D:6]-> C:\DOCUME~1\BERNAR~1\LOCALS~1\TEMPOR~1\content.IE5

--------------------\\ Fin du rapport a 11:26:11,27
0
Réponse 3 / 16
wezen Messages postés 87 Statut Membre 13
 
Slt, non c'est pas un virus, tu pourras retirer ça avec un logiciel de protection comme spybot ou spyware terminator que tu trouveras en téléchargement sur ce site.
0
Réponse 4 / 16
Utilisateur anonyme
 
infection lop ici :

O4 - HKCU\..\Run: [clock cast] C:\DOCUME~1\BERNAR~1\APPLIC~1\SAVESC~1\CdromFree.exe

d ou les pubs CID
0

Vous n’avez pas trouvé la réponse que vous recherchez ?

Posez votre question
Réponse 5 / 16
Utilisateur anonyme
 
télécharge OTMoveIt http://download.bleepingcomputer.com/oldtimer/OTMoveIt2.exe (de Old_Timer) sur ton Bureau.
double-clique sur OTMoveIt.exe pour le lancer.
Assure toi que la case Unregister Dll's and Ocx's soit bien cochée
copie la liste qui se trouve en gras ci-dessous,
et colle-la dans le cadre de gauche de OTMoveIt :Paste List of Files/Folders to be moved.

C:\DOCUME~1\ALLUSE~1\APPLIC~1\Antivirus 2008 XP
C:\DOCUME~1\ALLUSE~1\APPLIC~1\SystemDoctor Free
C:\DOCUME~1\BERNAR~1\APPLIC~1\SystemDoctor Free
C:\PROGRA~1\FICHIE~1\SystemDoctor
C:\PROGRA~1\SystemDoctor Free

clique sur MoveIt! pour lancer la suppression.
le résultat apparaitra dans le cadre "Results".
clique sur Exit pour fermer.
poste le rapport situé dans C:\_OTMoveIt\MovedFiles.

il te sera peut-être demander de redémarrer le pc pour achever la suppression.si c'est le cas accepte par Yes.

ensuite :

Relance Lop S&D

* Choisis cette fois ci l'Option 2 (Suppression)
* Ne ferme pas la fenêtre lors de la suppression !
* Poste le rapport généré (C:\lopR.txt)

0
pier.quincamp Messages postés 41 Statut Membre 1
 
Voici le rapport de OTmovelt
que dois je faire ensuite?

File/Folder C:\DOCUME~1\ALLUSE~1\APPLIC~1\Antivirus 2008 XP not found.
C:\DOCUME~1\ALLUSE~1\APPLIC~1\SystemDoctor Free\Data moved successfully.
C:\DOCUME~1\ALLUSE~1\APPLIC~1\SystemDoctor Free moved successfully.
C:\DOCUME~1\BERNAR~1\APPLIC~1\SystemDoctor Free\Logs moved successfully.
C:\DOCUME~1\BERNAR~1\APPLIC~1\SystemDoctor Free moved successfully.
C:\PROGRA~1\FICHIE~1\SystemDoctor moved successfully.
C:\PROGRA~1\SystemDoctor Free moved successfully.

OTMoveIt2 by OldTimer - Version 1.0.4.3 log created on 08162008_114137
0
Réponse 6 / 16
Utilisateur anonyme
 
Relance Lop S&D

* Choisis cette fois ci l'Option 2 (Suppression)
* Ne ferme pas la fenêtre lors de la suppression !
* Poste le rapport généré (C:\lopR.txt)
0
pier.quincamp Messages postés 41 Statut Membre 1
 
Résultat analyseLOP

--------------------\\ Lop S&D 4.2.2-9 XP/Vista

[ Windows XP (NT 5.1) Build 2600, Service Pack 2 ]
[ USER : bernard gueffier ] [ "C:\Lop SD" ] [ Selection : 2 ]
[ 16/08/2008 | 11:50:12 ] [ PC : BERNARD (Proc:x86) ]
[ MAJ : 13-08-2008 | 21:02 ]


\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\ SUPPRESSION

Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\Jump Poll Poke Mp3\jugs upload.exe
Supprime! - C:\DOCUME~1\BERNAR~1\APPLIC~1\savesc~1\AudioMetaIdol.exe
Supprime! - C:\DOCUME~1\BERNAR~1\APPLIC~1\savesc~1\bzfwokqg.exe
Supprime! - C:\DOCUME~1\BERNAR~1\APPLIC~1\savesc~1\CdromFree.exe
Supprime! - C:\DOCUME~1\BERNAR~1\LOCALS~1\Temp\NetPumper.zip
Supprime! - C:\DOCUME~1\BERNAR~1\Cookies\bernard_gueffier@adopt.euroclick[1].txt
Supprime! - C:\WINDOWS\Tasks\AF117C3A918AEE4E.job
Supprime! - C:\DOCUME~1\BERNAR~1\LOCALS~1\Temp\bis9F.exe
Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\Jump Poll Poke Mp3
Supprime! - C:\DOCUME~1\BERNAR~1\APPLIC~1\savesc~1
Supprime! - C:\Program Files\savesc~1

\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\


--------------------\\ Listing des dossiers dans APPLIC~1

[05/07/2008|16:34] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe
[29/03/2006|11:07] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Ahead
[16/01/2008|19:49] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple Computer
[29/03/2006|12:21] C:\DOCUME~1\ALLUSE~1\APPLIC~1\desktop.ini
[19/07/2008|13:10] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Downloaded Installations
[01/04/2008|13:58] C:\DOCUME~1\ALLUSE~1\APPLIC~1\FLEXnet
[07/10/2006|00:26] C:\DOCUME~1\ALLUSE~1\APPLIC~1\GARMIN
[19/12/2006|19:19] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Google
[01/02/2008|15:32] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Logishrd
[08/02/2007|19:27] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Logitech
[08/02/2007|19:27] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Logitech(2)
[08/02/2007|19:26] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Logitech(3)
[03/10/2007|11:49] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft
[06/10/2006|17:56] C:\DOCUME~1\ALLUSE~1\APPLIC~1\MSScanAppDataDir
[13/05/2007|12:07] C:\DOCUME~1\ALLUSE~1\APPLIC~1\muvee Technologies
[21/05/2008|23:12] C:\DOCUME~1\ALLUSE~1\APPLIC~1\PicturesToExe
[20/12/2006|22:02] C:\DOCUME~1\ALLUSE~1\APPLIC~1\QuickTime
[29/03/2006|11:00] C:\DOCUME~1\ALLUSE~1\APPLIC~1\SBSI
[14/08/2008|17:34] C:\DOCUME~1\ALLUSE~1\APPLIC~1\SoftLand Ltd
[23/08/2007|10:52] C:\DOCUME~1\ALLUSE~1\APPLIC~1\TEMP
[06/10/2006|16:46] C:\DOCUME~1\ALLUSE~1\APPLIC~1\UDL
[07/10/2006|00:42] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Ulead Systems
[11/12/2006|20:32] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Genuine Advantage
[10/10/2006|21:26] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Live Toolbar
[24/04/2008|10:02] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WinZip

[19/01/2008|13:17] C:\DOCUME~1\BERNAR~1\APPLIC~1\AccurateRip
[19/07/2008|10:31] C:\DOCUME~1\BERNAR~1\APPLIC~1\Adobe
[13/08/2007|12:11] C:\DOCUME~1\BERNAR~1\APPLIC~1\AdobeUM
[25/07/2007|15:55] C:\DOCUME~1\BERNAR~1\APPLIC~1\Ahead
[13/04/2007|17:23] C:\DOCUME~1\BERNAR~1\APPLIC~1\Anuman Interactive
[01/06/2008|19:22] C:\DOCUME~1\BERNAR~1\APPLIC~1\Apple Computer
[19/12/2006|20:20] C:\DOCUME~1\BERNAR~1\APPLIC~1\Arcsoft
[20/01/2008|17:48] C:\DOCUME~1\BERNAR~1\APPLIC~1\dBpoweramp
[29/03/2006|12:21] C:\DOCUME~1\BERNAR~1\APPLIC~1\desktop.ini
[09/10/2006|13:40] C:\DOCUME~1\BERNAR~1\APPLIC~1\DivX
[19/10/2006|18:24] C:\DOCUME~1\BERNAR~1\APPLIC~1\EPSON
[31/01/2007|08:38] C:\DOCUME~1\BERNAR~1\APPLIC~1\Google
[27/04/2008|22:50] C:\DOCUME~1\BERNAR~1\APPLIC~1\gtk-2.0
[23/08/2007|11:41] C:\DOCUME~1\BERNAR~1\APPLIC~1\Help
[29/03/2006|10:28] C:\DOCUME~1\BERNAR~1\APPLIC~1\Identities
[15/09/2007|09:43] C:\DOCUME~1\BERNAR~1\APPLIC~1\InterTrust
[19/12/2006|00:18] C:\DOCUME~1\BERNAR~1\APPLIC~1\InterVideo
[25/04/2008|11:35] C:\DOCUME~1\BERNAR~1\APPLIC~1\Jasc
[06/10/2006|17:33] C:\DOCUME~1\BERNAR~1\APPLIC~1\Leadertech
[06/10/2006|15:13] C:\DOCUME~1\BERNAR~1\APPLIC~1\Macromedia
[22/01/2007|23:55] C:\DOCUME~1\BERNAR~1\APPLIC~1\Media Player Classic
[19/04/2008|18:15] C:\DOCUME~1\BERNAR~1\APPLIC~1\Microsoft
[08/10/2006|19:28] C:\DOCUME~1\BERNAR~1\APPLIC~1\Mozilla
[07/10/2006|00:49] C:\DOCUME~1\BERNAR~1\APPLIC~1\MSNInstaller
[05/05/2007|10:11] C:\DOCUME~1\BERNAR~1\APPLIC~1\muvee Technologies
[31/03/2008|20:54] C:\DOCUME~1\BERNAR~1\APPLIC~1\Orph‚e D‚veloppement
[18/01/2008|23:46] C:\DOCUME~1\BERNAR~1\APPLIC~1\PPTminimizer
[16/01/2008|23:26] C:\DOCUME~1\BERNAR~1\APPLIC~1\QuickZip45.ini
[14/08/2008|09:45] C:\DOCUME~1\BERNAR~1\APPLIC~1\Real
[24/05/2007|09:30] C:\DOCUME~1\BERNAR~1\APPLIC~1\Smart Panel
[26/12/2007|10:38] C:\DOCUME~1\BERNAR~1\APPLIC~1\SPAMfighter
[25/12/2006|19:34] C:\DOCUME~1\BERNAR~1\APPLIC~1\Sun
[02/11/2006|19:57] C:\DOCUME~1\BERNAR~1\APPLIC~1\Ulead Systems
[11/12/2006|11:45] C:\DOCUME~1\BERNAR~1\APPLIC~1\vlc
[16/01/2007|11:38] C:\DOCUME~1\BERNAR~1\APPLIC~1\wklnhst.dat

[29/03/2006|12:21] C:\DOCUME~1\DEFAUL~1\APPLIC~1\desktop.ini
[29/03/2006|10:28] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Identities
[29/03/2006|11:18] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft

[11/12/2006|20:33] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft

[29/03/2006|10:28] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft

--------------------\\ Tâches planifiées dans C:\WINDOWS\tasks

[16/08/2008 10:06][--ah-----] C:\WINDOWS\tasks\SA.DAT
[05/08/2004 14:00][-r-h-----] C:\WINDOWS\tasks\desktop.ini

--------------------\\ Listing des dossiers dans C:\Program Files

[27/03/2008|12:52] C:\Program Files\7-Zip
[05/07/2008|16:33] C:\Program Files\Adobe
[29/03/2006|11:07] C:\Program Files\Ahead
[15/09/2007|09:43] C:\Program Files\Alsyd
[06/10/2006|15:18] C:\Program Files\Alwil Software
[13/04/2007|16:46] C:\Program Files\Anuman Interactive
[03/11/2006|20:11] C:\Program Files\ArcSoft
[20/07/2007|23:10] C:\Program Files\Audacity
[22/08/2007|11:04] C:\Program Files\AudioCDMagic
[26/05/2007|08:29] C:\Program Files\Autofr
[22/08/2007|11:44] C:\Program Files\AXEL
[08/10/2007|19:22] C:\Program Files\Babylon
[01/04/2008|13:50] C:\Program Files\Bonjour
[03/11/2006|20:17] C:\Program Files\Canon
[08/06/2008|18:28] C:\Program Files\CDex_170b2
[29/03/2006|10:25] C:\Program Files\ComPlus Applications
[26/04/2008|09:12] C:\Program Files\Corel
[07/10/2006|00:38] C:\Program Files\directx
[16/08/2008|09:59] C:\Program Files\DivX
[27/07/2008|11:31] C:\Program Files\Documents To Go
[23/08/2007|10:52] C:\Program Files\Easy CD-DA Extractor 10
[12/08/2008|19:42] C:\Program Files\eChanblard
[20/12/2006|19:53] C:\Program Files\eMule
[16/08/2008|10:20] C:\Program Files\Enigma Software Group
[06/10/2006|16:47] C:\Program Files\EPSON
[16/08/2008|11:41] C:\Program Files\Fichiers communs
[07/10/2006|00:26] C:\Program Files\Garmin
[24/04/2008|08:35] C:\Program Files\GIMP-2.0
[01/02/2007|10:53] C:\Program Files\Google
[29/12/2007|17:05] C:\Program Files\HP PhotoSmart Printers
[19/01/2008|13:17] C:\Program Files\Illustrate
[10/02/2008|11:26] C:\Program Files\IncrediMail
[21/05/2008|23:15] C:\Program Files\InstallShield Installation Information
[16/08/2008|10:04] C:\Program Files\Internet Explorer
[29/03/2006|11:09] C:\Program Files\InterVideo
[25/04/2008|11:34] C:\Program Files\Jasc Software Inc
[21/03/2008|09:38] C:\Program Files\Java
[24/02/2007|11:40] C:\Program Files\LimeWire
[06/07/2007|18:05] C:\Program Files\LitexMedia
[17/01/2008|11:37] C:\Program Files\LM Version-2.5-F
[01/02/2008|15:24] C:\Program Files\Logitech
[17/08/2007|08:27] C:\Program Files\Magentic
[08/02/2007|19:25] C:\Program Files\Media Player Classic
[10/10/2006|21:55] C:\Program Files\Messenger
[16/01/2008|19:47] C:\Program Files\Micro Application
[10/05/2007|08:02] C:\Program Files\Microsoft CAPICOM 2.1.0.2
[08/02/2007|12:26] C:\Program Files\microsoft frontpage
[18/01/2008|19:21] C:\Program Files\Microsoft Office
[23/12/2007|05:23] C:\Program Files\Microsoft Picture It! 2002
[08/02/2007|19:24] C:\Program Files\Microsoft Visual Studio
[16/08/2008|10:04] C:\Program Files\Microsoft Works
[08/02/2007|19:27] C:\Program Files\Microsoft.NET
[31/03/2008|20:53] C:\Program Files\Mindscape
[29/03/2006|10:25] C:\Program Files\Movie Maker
[08/10/2006|19:28] C:\Program Files\Mozilla Firefox
[02/08/2008|11:02] C:\Program Files\MSECache
[07/10/2006|00:48] C:\Program Files\MSN
[29/03/2006|10:24] C:\Program Files\MSN Gaming Zone
[03/10/2007|11:50] C:\Program Files\MSN Messenger
[15/10/2006|03:00] C:\Program Files\MSXML 4.0
[26/05/2007|08:31] C:\Program Files\muvee Technologies
[29/03/2006|10:25] C:\Program Files\NetMeeting
[29/03/2006|10:24] C:\Program Files\Online Services
[04/12/2006|17:55] C:\Program Files\Orange HSS
[14/06/2007|08:52] C:\Program Files\Outlook Express
[25/04/2008|22:17] C:\Program Files\Paint Shop Pro 5
[01/08/2008|21:40] C:\Program Files\Palm
[28/03/2008|16:27] C:\Program Files\PhotoFiltre
[26/04/2008|09:32] C:\Program Files\PhotoFiltre Studio
[25/01/2008|10:21] C:\Program Files\Picasa2
[01/07/2007|11:26] C:\Program Files\Pinnacle
[18/01/2008|23:46] C:\Program Files\PPTminimizer
[16/01/2008|19:50] C:\Program Files\QuickTime
[16/01/2008|23:23] C:\Program Files\QuickZip4
[06/10/2006|15:00] C:\Program Files\Raccourcis de programmes
[01/08/2008|21:31] C:\Program Files\Real
[06/10/2006|15:06] C:\Program Files\SAGEM
[06/10/2006|15:07] C:\Program Files\SAGEM Wi-Fi USB 802.11g
[29/03/2006|10:25] C:\Program Files\Services en ligne
[06/10/2006|16:43] C:\Program Files\Smart Panel
[01/05/2008|17:59] C:\Program Files\Sqirlz Morph
[01/05/2008|18:08] C:\Program Files\Sqirlz Water Reflections
[19/07/2008|13:16] C:\Program Files\TF1Vision
[16/08/2008|11:11] C:\Program Files\Trend Micro
[07/10/2006|00:43] C:\Program Files\Ulead Systems
[29/03/2006|10:28] C:\Program Files\Uninstall Information
[10/10/2006|22:52] C:\Program Files\VGA USB Camera
[29/03/2008|10:27] C:\Program Files\ViaMichelin
[11/12/2006|11:43] C:\Program Files\VideoLAN
[19/07/2008|13:10] C:\Program Files\VirginMega
[23/08/2007|11:22] C:\Program Files\Winamp
[10/10/2006|21:57] C:\Program Files\Windows Live Toolbar
[11/12/2006|20:14] C:\Program Files\Windows Media Connect 2
[19/07/2008|13:17] C:\Program Files\Windows Media Player
[29/03/2006|10:24] C:\Program Files\Windows NT
[29/03/2006|10:25] C:\Program Files\WindowsUpdate
[18/01/2008|18:24] C:\Program Files\WinRAR
[28/04/2008|08:36] C:\Program Files\WinZip
[29/03/2006|10:26] C:\Program Files\xerox
[10/10/2006|21:56] C:\Program Files\Yahoo!

--------------------\\ Listing des dossiers dans C:\Program Files\Fichiers communs

[05/07/2008|16:34] C:\Program Files\Fichiers communs\Adobe
[29/03/2006|11:06] C:\Program Files\Fichiers communs\Ahead
[08/02/2007|19:24] C:\Program Files\Fichiers communs\DESIGNER
[20/12/2006|22:02] C:\Program Files\Fichiers communs\Fellowes
[06/10/2006|17:28] C:\Program Files\Fichiers communs\InstallShield
[25/12/2006|19:32] C:\Program Files\Fichiers communs\Java
[01/02/2008|15:28] C:\Program Files\Fichiers communs\LogiShrd
[01/02/2008|15:25] C:\Program Files\Fichiers communs\Logitech
[01/04/2008|08:05] C:\Program Files\Fichiers communs\Macrovision Shared
[08/04/2008|13:58] C:\Program Files\Fichiers communs\Microsoft Shared
[29/03/2006|10:25] C:\Program Files\Fichiers communs\MSSoap
[21/05/2008|23:14] C:\Program Files\Fichiers communs\muvee Technologies
[29/03/2006|12:21] C:\Program Files\Fichiers communs\ODBC
[01/08/2008|21:30] C:\Program Files\Fichiers communs\Real
[29/03/2006|10:25] C:\Program Files\Fichiers communs\Services
[29/03/2006|12:21] C:\Program Files\Fichiers communs\SpeechEngines
[14/06/2007|08:52] C:\Program Files\Fichiers communs\System
[07/10/2006|00:41] C:\Program Files\Fichiers communs\Ulead Systems
[01/08/2008|21:30] C:\Program Files\Fichiers communs\xing shared

--------------------\\ Process

( 38 Processus )

... OK !

--------------------\\ Recherche avec S_Lop

Aucun fichier / dossier Lop trouvé !

--------------------\\ Recherche de Fichiers / Dossiers Lop

C:\DOCUME~1\BERNAR~1\Cookies\bernard_gueffier@advertising[2].txt
C:\DOCUME~1\BERNAR~1\Cookies\bernard_gueffier@partypoker[1].txt

--------------------\\ Verification du Registre

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\show hole link]
"DisplayName"="CiD Help"
"UninstallString"="C:\\DOCUME~1\\BERNAR~1\\APPLIC~1\\SAVESC~1\\CdromFree.exe -uninstall"

--------------------\\ Verification du fichier Hosts

Fichier Hosts PROPRE


--------------------\\ Recherche de fichiers avec Catchme

catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-08-16 11:51:59
Windows 5.1.2600 Service Pack 2 NTFS
scanning hidden processes ...
scanning hidden files ...
scan completed successfully
hidden processes: 0
hidden files: 1292

--------------------\\ Recherche d'autres infections

--------------------\\ Possible ROGUE ..

C:\DOCUME~1\ALLUSE~1\APPLIC~1\Antivirus 2008 XP


Aucune autre infection trouvée !

[F:1053][D:282]-> C:\DOCUME~1\BERNAR~1\LOCALS~1\Temp
[F:88][D:0]-> C:\DOCUME~1\BERNAR~1\Cookies
[F:1814][D:6]-> C:\DOCUME~1\BERNAR~1\LOCALS~1\TEMPOR~1\content.IE5

--------------------\\ Fin du rapport a 11:53:58,31
0
Réponse 7 / 16
Utilisateur anonyme
 
va dans panneau de configuration, ajout et suppression de programmes

verifie la presence de CID Help , si present désinstal le

Télécharge ceci: (by Moe) :
http://sosvirus.changelog.fr/Green_day/Lopxpsetup.exe

Double clic sur Lopxpsetup.exe pour lancer l'installation
Au menu, choisir l'option 1
Patienter jusqu'à que l'on demande d'appuyer sur une touche, appuyer !
Une rapport sera alors crée, à copie/colle en entier sur le forum.
0
pier.quincamp Messages postés 41 Statut Membre 1
 
Il ne se passe rien lorsque je double clique sur Lopxpsetup.exe
0
Réponse 8 / 16
Utilisateur anonyme
 
dans ce cas recommence cette opération, stp

Relance Lop S&D

* Choisis cette fois ci l'Option 2 (Suppression)
* Ne ferme pas la fenêtre lors de la suppression !
* Poste le rapport généré (C:\lopR.txt)
0
pier.quincamp Messages postés 41 Statut Membre 1
 
voici le nouveau rapport

--------------------\\ Lop S&D 4.2.2-9 XP/Vista

[ Windows XP (NT 5.1) Build 2600, Service Pack 2 ]
[ USER : bernard gueffier ] [ "C:\Lop SD" ] [ Selection : 2 ]
[ 16/08/2008 | 12:13:34 ] [ PC : BERNARD (Proc:x86) ]
[ MAJ : 13-08-2008 | 21:02 ]


\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\ SUPPRESSION

Supprime! - C:\DOCUME~1\BERNAR~1\Cookies\bernard_gueffier@advertising[2].txt
Supprime! - C:\DOCUME~1\BERNAR~1\Cookies\bernard_gueffier@partypoker[1].txt

\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\


--------------------\\ Listing des dossiers dans APPLIC~1

[05/07/2008|16:34] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe
[29/03/2006|11:07] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Ahead
[16/01/2008|19:49] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple Computer
[29/03/2006|12:21] C:\DOCUME~1\ALLUSE~1\APPLIC~1\desktop.ini
[19/07/2008|13:10] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Downloaded Installations
[01/04/2008|13:58] C:\DOCUME~1\ALLUSE~1\APPLIC~1\FLEXnet
[07/10/2006|00:26] C:\DOCUME~1\ALLUSE~1\APPLIC~1\GARMIN
[19/12/2006|19:19] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Google
[01/02/2008|15:32] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Logishrd
[08/02/2007|19:27] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Logitech
[08/02/2007|19:27] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Logitech(2)
[08/02/2007|19:26] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Logitech(3)
[03/10/2007|11:49] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft
[06/10/2006|17:56] C:\DOCUME~1\ALLUSE~1\APPLIC~1\MSScanAppDataDir
[13/05/2007|12:07] C:\DOCUME~1\ALLUSE~1\APPLIC~1\muvee Technologies
[21/05/2008|23:12] C:\DOCUME~1\ALLUSE~1\APPLIC~1\PicturesToExe
[20/12/2006|22:02] C:\DOCUME~1\ALLUSE~1\APPLIC~1\QuickTime
[29/03/2006|11:00] C:\DOCUME~1\ALLUSE~1\APPLIC~1\SBSI
[14/08/2008|17:34] C:\DOCUME~1\ALLUSE~1\APPLIC~1\SoftLand Ltd
[23/08/2007|10:52] C:\DOCUME~1\ALLUSE~1\APPLIC~1\TEMP
[06/10/2006|16:46] C:\DOCUME~1\ALLUSE~1\APPLIC~1\UDL
[07/10/2006|00:42] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Ulead Systems
[11/12/2006|20:32] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Genuine Advantage
[10/10/2006|21:26] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Live Toolbar
[24/04/2008|10:02] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WinZip

[19/01/2008|13:17] C:\DOCUME~1\BERNAR~1\APPLIC~1\AccurateRip
[19/07/2008|10:31] C:\DOCUME~1\BERNAR~1\APPLIC~1\Adobe
[13/08/2007|12:11] C:\DOCUME~1\BERNAR~1\APPLIC~1\AdobeUM
[25/07/2007|15:55] C:\DOCUME~1\BERNAR~1\APPLIC~1\Ahead
[13/04/2007|17:23] C:\DOCUME~1\BERNAR~1\APPLIC~1\Anuman Interactive
[01/06/2008|19:22] C:\DOCUME~1\BERNAR~1\APPLIC~1\Apple Computer
[19/12/2006|20:20] C:\DOCUME~1\BERNAR~1\APPLIC~1\Arcsoft
[20/01/2008|17:48] C:\DOCUME~1\BERNAR~1\APPLIC~1\dBpoweramp
[29/03/2006|12:21] C:\DOCUME~1\BERNAR~1\APPLIC~1\desktop.ini
[09/10/2006|13:40] C:\DOCUME~1\BERNAR~1\APPLIC~1\DivX
[19/10/2006|18:24] C:\DOCUME~1\BERNAR~1\APPLIC~1\EPSON
[31/01/2007|08:38] C:\DOCUME~1\BERNAR~1\APPLIC~1\Google
[27/04/2008|22:50] C:\DOCUME~1\BERNAR~1\APPLIC~1\gtk-2.0
[23/08/2007|11:41] C:\DOCUME~1\BERNAR~1\APPLIC~1\Help
[29/03/2006|10:28] C:\DOCUME~1\BERNAR~1\APPLIC~1\Identities
[15/09/2007|09:43] C:\DOCUME~1\BERNAR~1\APPLIC~1\InterTrust
[19/12/2006|00:18] C:\DOCUME~1\BERNAR~1\APPLIC~1\InterVideo
[25/04/2008|11:35] C:\DOCUME~1\BERNAR~1\APPLIC~1\Jasc
[06/10/2006|17:33] C:\DOCUME~1\BERNAR~1\APPLIC~1\Leadertech
[06/10/2006|15:13] C:\DOCUME~1\BERNAR~1\APPLIC~1\Macromedia
[22/01/2007|23:55] C:\DOCUME~1\BERNAR~1\APPLIC~1\Media Player Classic
[19/04/2008|18:15] C:\DOCUME~1\BERNAR~1\APPLIC~1\Microsoft
[08/10/2006|19:28] C:\DOCUME~1\BERNAR~1\APPLIC~1\Mozilla
[07/10/2006|00:49] C:\DOCUME~1\BERNAR~1\APPLIC~1\MSNInstaller
[05/05/2007|10:11] C:\DOCUME~1\BERNAR~1\APPLIC~1\muvee Technologies
[31/03/2008|20:54] C:\DOCUME~1\BERNAR~1\APPLIC~1\Orph‚e D‚veloppement
[18/01/2008|23:46] C:\DOCUME~1\BERNAR~1\APPLIC~1\PPTminimizer
[16/01/2008|23:26] C:\DOCUME~1\BERNAR~1\APPLIC~1\QuickZip45.ini
[14/08/2008|09:45] C:\DOCUME~1\BERNAR~1\APPLIC~1\Real
[24/05/2007|09:30] C:\DOCUME~1\BERNAR~1\APPLIC~1\Smart Panel
[26/12/2007|10:38] C:\DOCUME~1\BERNAR~1\APPLIC~1\SPAMfighter
[25/12/2006|19:34] C:\DOCUME~1\BERNAR~1\APPLIC~1\Sun
[02/11/2006|19:57] C:\DOCUME~1\BERNAR~1\APPLIC~1\Ulead Systems
[11/12/2006|11:45] C:\DOCUME~1\BERNAR~1\APPLIC~1\vlc
[16/01/2007|11:38] C:\DOCUME~1\BERNAR~1\APPLIC~1\wklnhst.dat

[29/03/2006|12:21] C:\DOCUME~1\DEFAUL~1\APPLIC~1\desktop.ini
[29/03/2006|10:28] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Identities
[29/03/2006|11:18] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft

[11/12/2006|20:33] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft

[29/03/2006|10:28] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft

--------------------\\ Tâches planifiées dans C:\WINDOWS\tasks

[16/08/2008 10:06][--ah-----] C:\WINDOWS\tasks\SA.DAT
[05/08/2004 14:00][-r-h-----] C:\WINDOWS\tasks\desktop.ini

--------------------\\ Listing des dossiers dans C:\Program Files

[27/03/2008|12:52] C:\Program Files\7-Zip
[05/07/2008|16:33] C:\Program Files\Adobe
[29/03/2006|11:07] C:\Program Files\Ahead
[15/09/2007|09:43] C:\Program Files\Alsyd
[06/10/2006|15:18] C:\Program Files\Alwil Software
[13/04/2007|16:46] C:\Program Files\Anuman Interactive
[03/11/2006|20:11] C:\Program Files\ArcSoft
[20/07/2007|23:10] C:\Program Files\Audacity
[22/08/2007|11:04] C:\Program Files\AudioCDMagic
[26/05/2007|08:29] C:\Program Files\Autofr
[22/08/2007|11:44] C:\Program Files\AXEL
[08/10/2007|19:22] C:\Program Files\Babylon
[01/04/2008|13:50] C:\Program Files\Bonjour
[03/11/2006|20:17] C:\Program Files\Canon
[08/06/2008|18:28] C:\Program Files\CDex_170b2
[29/03/2006|10:25] C:\Program Files\ComPlus Applications
[26/04/2008|09:12] C:\Program Files\Corel
[07/10/2006|00:38] C:\Program Files\directx
[16/08/2008|09:59] C:\Program Files\DivX
[27/07/2008|11:31] C:\Program Files\Documents To Go
[23/08/2007|10:52] C:\Program Files\Easy CD-DA Extractor 10
[12/08/2008|19:42] C:\Program Files\eChanblard
[20/12/2006|19:53] C:\Program Files\eMule
[16/08/2008|10:20] C:\Program Files\Enigma Software Group
[06/10/2006|16:47] C:\Program Files\EPSON
[16/08/2008|11:41] C:\Program Files\Fichiers communs
[07/10/2006|00:26] C:\Program Files\Garmin
[24/04/2008|08:35] C:\Program Files\GIMP-2.0
[01/02/2007|10:53] C:\Program Files\Google
[29/12/2007|17:05] C:\Program Files\HP PhotoSmart Printers
[19/01/2008|13:17] C:\Program Files\Illustrate
[10/02/2008|11:26] C:\Program Files\IncrediMail
[21/05/2008|23:15] C:\Program Files\InstallShield Installation Information
[16/08/2008|10:04] C:\Program Files\Internet Explorer
[29/03/2006|11:09] C:\Program Files\InterVideo
[25/04/2008|11:34] C:\Program Files\Jasc Software Inc
[21/03/2008|09:38] C:\Program Files\Java
[24/02/2007|11:40] C:\Program Files\LimeWire
[06/07/2007|18:05] C:\Program Files\LitexMedia
[17/01/2008|11:37] C:\Program Files\LM Version-2.5-F
[01/02/2008|15:24] C:\Program Files\Logitech
[16/08/2008|12:02] C:\Program Files\Lopxp
[17/08/2007|08:27] C:\Program Files\Magentic
[08/02/2007|19:25] C:\Program Files\Media Player Classic
[10/10/2006|21:55] C:\Program Files\Messenger
[16/01/2008|19:47] C:\Program Files\Micro Application
[10/05/2007|08:02] C:\Program Files\Microsoft CAPICOM 2.1.0.2
[08/02/2007|12:26] C:\Program Files\microsoft frontpage
[18/01/2008|19:21] C:\Program Files\Microsoft Office
[23/12/2007|05:23] C:\Program Files\Microsoft Picture It! 2002
[08/02/2007|19:24] C:\Program Files\Microsoft Visual Studio
[16/08/2008|10:04] C:\Program Files\Microsoft Works
[08/02/2007|19:27] C:\Program Files\Microsoft.NET
[31/03/2008|20:53] C:\Program Files\Mindscape
[29/03/2006|10:25] C:\Program Files\Movie Maker
[08/10/2006|19:28] C:\Program Files\Mozilla Firefox
[02/08/2008|11:02] C:\Program Files\MSECache
[07/10/2006|00:48] C:\Program Files\MSN
[29/03/2006|10:24] C:\Program Files\MSN Gaming Zone
[03/10/2007|11:50] C:\Program Files\MSN Messenger
[15/10/2006|03:00] C:\Program Files\MSXML 4.0
[26/05/2007|08:31] C:\Program Files\muvee Technologies
[29/03/2006|10:25] C:\Program Files\NetMeeting
[29/03/2006|10:24] C:\Program Files\Online Services
[04/12/2006|17:55] C:\Program Files\Orange HSS
[14/06/2007|08:52] C:\Program Files\Outlook Express
[25/04/2008|22:17] C:\Program Files\Paint Shop Pro 5
[01/08/2008|21:40] C:\Program Files\Palm
[28/03/2008|16:27] C:\Program Files\PhotoFiltre
[26/04/2008|09:32] C:\Program Files\PhotoFiltre Studio
[25/01/2008|10:21] C:\Program Files\Picasa2
[01/07/2007|11:26] C:\Program Files\Pinnacle
[18/01/2008|23:46] C:\Program Files\PPTminimizer
[16/01/2008|19:50] C:\Program Files\QuickTime
[16/01/2008|23:23] C:\Program Files\QuickZip4
[06/10/2006|15:00] C:\Program Files\Raccourcis de programmes
[01/08/2008|21:31] C:\Program Files\Real
[06/10/2006|15:06] C:\Program Files\SAGEM
[06/10/2006|15:07] C:\Program Files\SAGEM Wi-Fi USB 802.11g
[29/03/2006|10:25] C:\Program Files\Services en ligne
[06/10/2006|16:43] C:\Program Files\Smart Panel
[01/05/2008|17:59] C:\Program Files\Sqirlz Morph
[01/05/2008|18:08] C:\Program Files\Sqirlz Water Reflections
[19/07/2008|13:16] C:\Program Files\TF1Vision
[16/08/2008|11:11] C:\Program Files\Trend Micro
[07/10/2006|00:43] C:\Program Files\Ulead Systems
[29/03/2006|10:28] C:\Program Files\Uninstall Information
[10/10/2006|22:52] C:\Program Files\VGA USB Camera
[29/03/2008|10:27] C:\Program Files\ViaMichelin
[11/12/2006|11:43] C:\Program Files\VideoLAN
[19/07/2008|13:10] C:\Program Files\VirginMega
[23/08/2007|11:22] C:\Program Files\Winamp
[10/10/2006|21:57] C:\Program Files\Windows Live Toolbar
[11/12/2006|20:14] C:\Program Files\Windows Media Connect 2
[19/07/2008|13:17] C:\Program Files\Windows Media Player
[29/03/2006|10:24] C:\Program Files\Windows NT
[29/03/2006|10:25] C:\Program Files\WindowsUpdate
[18/01/2008|18:24] C:\Program Files\WinRAR
[28/04/2008|08:36] C:\Program Files\WinZip
[29/03/2006|10:26] C:\Program Files\xerox
[10/10/2006|21:56] C:\Program Files\Yahoo!

--------------------\\ Listing des dossiers dans C:\Program Files\Fichiers communs

[05/07/2008|16:34] C:\Program Files\Fichiers communs\Adobe
[29/03/2006|11:06] C:\Program Files\Fichiers communs\Ahead
[08/02/2007|19:24] C:\Program Files\Fichiers communs\DESIGNER
[20/12/2006|22:02] C:\Program Files\Fichiers communs\Fellowes
[06/10/2006|17:28] C:\Program Files\Fichiers communs\InstallShield
[25/12/2006|19:32] C:\Program Files\Fichiers communs\Java
[01/02/2008|15:28] C:\Program Files\Fichiers communs\LogiShrd
[01/02/2008|15:25] C:\Program Files\Fichiers communs\Logitech
[01/04/2008|08:05] C:\Program Files\Fichiers communs\Macrovision Shared
[08/04/2008|13:58] C:\Program Files\Fichiers communs\Microsoft Shared
[29/03/2006|10:25] C:\Program Files\Fichiers communs\MSSoap
[21/05/2008|23:14] C:\Program Files\Fichiers communs\muvee Technologies
[29/03/2006|12:21] C:\Program Files\Fichiers communs\ODBC
[01/08/2008|21:30] C:\Program Files\Fichiers communs\Real
[29/03/2006|10:25] C:\Program Files\Fichiers communs\Services
[29/03/2006|12:21] C:\Program Files\Fichiers communs\SpeechEngines
[14/06/2007|08:52] C:\Program Files\Fichiers communs\System
[07/10/2006|00:41] C:\Program Files\Fichiers communs\Ulead Systems
[01/08/2008|21:30] C:\Program Files\Fichiers communs\xing shared

--------------------\\ Process

( 38 Processus )

... OK !

--------------------\\ Recherche avec S_Lop

Aucun fichier / dossier Lop trouvé !

--------------------\\ Recherche de Fichiers / Dossiers Lop

Aucun fichier / dossier Lop trouvé !

--------------------\\ Verification du Registre

..... OK !

--------------------\\ Verification du fichier Hosts

Fichier Hosts PROPRE


--------------------\\ Recherche de fichiers avec Catchme

catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-08-16 12:15:18
Windows 5.1.2600 Service Pack 2 NTFS
scanning hidden processes ...
scanning hidden files ...
scan completed successfully
hidden processes: 0
hidden files: 1292

--------------------\\ Recherche d'autres infections

--------------------\\ Possible ROGUE ..

C:\DOCUME~1\ALLUSE~1\APPLIC~1\Antivirus 2008 XP


Aucune autre infection trouvée !

[F:1053][D:282]-> C:\DOCUME~1\BERNAR~1\LOCALS~1\Temp
[F:87][D:0]-> C:\DOCUME~1\BERNAR~1\Cookies
[F:1863][D:6]-> C:\DOCUME~1\BERNAR~1\LOCALS~1\TEMPOR~1\content.IE5

--------------------\\ Fin du rapport a 12:17:06,03
0
Réponse 9 / 16
Utilisateur anonyme
 
ok cette fosi c est bon !! (il restait des traces dans le registre)

on continue :

Telecharge malwarebytes

-> http://www.malwarebytes.org/mbam/program/mbam-setup.exe

Tu l´instale; le programme va se mettre automatiquement a jour.

Une fois a jour, le programme va se lancer; click sur l´onglet parametre, et coche la case : "Arreter internet explorer pendant la suppression".

Click maintenant sur l´onglet recherche et coche la case : "executer un examen complet".

Puis click sur "rechercher".

Laisse le scanner le pc...

Si des elements on ete trouvés > click sur supprimer la selection.

si il t´es demandé de redemarrer > click sur "yes".

A la fin un rapport va s´ouvrir; sauvegarde le de maniere a le retrouver en vu de le poster sur le forum.
Copie et colle le rapport stp.

PS : les rapport sont aussi rangé dans l onglet rapport/log
0
pier.quincamp Messages postés 41 Statut Membre 1
 
Désolé, cela a pris beaucoup de temps.
j'ai supprimé les dossiers infectés ( 19 ) et voici le rapport.

Malwarebytes' Anti-Malware 1.24
Version de la base de données: 1056
Windows 5.1.2600 Service Pack 2

13:25:28 16/08/2008
mbam-log-8-16-2008 (13-25-28).txt

Type de recherche: Examen complet (C:\|)
Eléments examinés: 149391
Temps écoulé: 47 minute(s), 2 second(s)

Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 0
Valeur(s) du Registre infectée(s): 0
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 4
Fichier(s) infecté(s): 15

Processus mémoire infecté(s):
(Aucun élément nuisible détecté)

Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)

Clé(s) du Registre infectée(s):
(Aucun élément nuisible détecté)

Valeur(s) du Registre infectée(s):
(Aucun élément nuisible détecté)

Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)

Dossier(s) infecté(s):
C:\Documents and Settings\All Users\Application Data\SoftLand Ltd (Rogue.XPAntivirus) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Application Data\SoftLand Ltd\Antivirus 2008 XP (Rogue.XPAntivirus) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Application Data\SoftLand Ltd\Antivirus 2008 XP\BASE (Rogue.XPAntivirus) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Application Data\SoftLand Ltd\Antivirus 2008 XP\LOG (Rogue.XPAntivirus) -> Quarantined and deleted successfully.

Fichier(s) infecté(s):
C:\Documents and Settings\bernard gueffier\Local Settings\Temp\_addon.exe (Trojan.Clicker) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{AD5EAC60-F9F4-4028-A77A-0F22BE024918}\RP932\A0100872.exe (Malware.Trace) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{AD5EAC60-F9F4-4028-A77A-0F22BE024918}\RP932\A0100874.dll (Trojan.Clicker) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{AD5EAC60-F9F4-4028-A77A-0F22BE024918}\RP933\A0101646.exe (Malware.Trace) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{AD5EAC60-F9F4-4028-A77A-0F22BE024918}\RP933\A0101648.dll (Trojan.Clicker) -> Quarantined and deleted successfully.
C:\Program Files\eChanblard\EvID4226Patch.exe (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Application Data\SoftLand Ltd\Antivirus 2008 XP\BASE\vbase.tmp (Rogue.XPAntivirus) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Application Data\SoftLand Ltd\Antivirus 2008 XP\LOG\20080814173437437.log (Rogue.XPAntivirus) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Application Data\SoftLand Ltd\Antivirus 2008 XP\LOG\20080814173607390.log (Rogue.XPAntivirus) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Application Data\SoftLand Ltd\Antivirus 2008 XP\LOG\20080814205702859.log (Rogue.XPAntivirus) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Application Data\SoftLand Ltd\Antivirus 2008 XP\LOG\20080815115505109.log (Rogue.XPAntivirus) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Application Data\SoftLand Ltd\Antivirus 2008 XP\LOG\20080815120317265.log (Rogue.XPAntivirus) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Application Data\SoftLand Ltd\Antivirus 2008 XP\LOG\20080815184211187.log (Rogue.XPAntivirus) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Application Data\SoftLand Ltd\Antivirus 2008 XP\LOG\20080816090919062.log (Rogue.XPAntivirus) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Application Data\SoftLand Ltd\Antivirus 2008 XP\LOG\20080816100135703.log (Rogue.XPAntivirus) -> Quarantined and deleted successfully.
0
Réponse 10 / 16
Utilisateur anonyme
 
réouvre malewarebyte
va sur quarantaine
supprime tout

refai sun scan hijackthis, post le rapport et on termine
0
pier.quincamp Messages postés 41 Statut Membre 1
 
Voici le dernier rapport:

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 13:43:17, on 16/08/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16674)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Fichiers communs\LogiShrd\LVMVFM\LVPrcSrv.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Fichiers communs\LogiShrd\LVCOMSER\LVComSer.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\System32\alg.exe
C:\Program Files\Fichiers communs\LogiShrd\LVCOMSER\LVComSer.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\Program Files\MSN Messenger\MsnMsgr.Exe
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
C:\Program Files\Orange HSS\Orange Desktop Search\OrangeDesktopSearch.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\PROGRA~1\Magentic\bin\MgApp.exe
C:\WINDOWS\DvzCommon\DvzMsgr.exe
C:\Program Files\SAGEM Wi-Fi USB 802.11g\WLANUTL.exe
C:\Program Files\Palm\HOTSYNC.EXE
C:\Program Files\Enigma Software Group\SpyHunter\SpyHunter3.exe
C:\WINDOWS\explorer.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Microsoft Office\OFFICE11\WINWORD.EXE
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = www.orange.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,First Home Page = https://support.microsoft.com/en-US/topic/internet-explorer-downloads-d49e1f0d-571c-9a7b-d97e-be248806ca70
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://192.168.1.1/ServicesAcces.html
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar3.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll
O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar3.dll
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [SpyHunter Security Suite] C:\Program Files\Enigma Software Group\SpyHunter\SpyHunter3.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [fsc-reminder.exe] C:\WINDOWS\reminder\fsc-reminder.exe 2454015 14
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - HKCU\..\Run: [Orange Desktop Search] "C:\Program Files\Orange HSS\Orange Desktop Search\OrangeDesktopSearch.exe" /tray
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [updateMgr] "C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe" AcRdB7_0_7 -reboot 1
O4 - HKCU\..\Run: [Magentic] C:\PROGRA~1\Magentic\bin\Magentic.exe /c
O4 - HKCU\..\Run: [clock cast] C:\DOCUME~1\BERNAR~1\APPLIC~1\SAVESC~1\CdromFree.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - S-1-5-18 Startup: HotSync Manager.lnk = C:\Program Files\Palm\HOTSYNC.EXE (User 'SYSTEM')
O4 - S-1-5-18 Startup: PowerReg Scheduler.exe (User 'SYSTEM')
O4 - .DEFAULT Startup: HotSync Manager.lnk = C:\Program Files\Palm\HOTSYNC.EXE (User 'Default user')
O4 - .DEFAULT Startup: PowerReg Scheduler.exe (User 'Default user')
O4 - Startup: HotSync Manager.lnk = C:\Program Files\Palm\HOTSYNC.EXE
O4 - Startup: PowerReg Scheduler.exe
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Dataviz Messenger.lnk = C:\WINDOWS\DvzCommon\DvzMsgr.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - Global Startup: Sagem - Utilitaire réseau pour Clé USB Wi-Fi 802.11g.lnk = ?
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\npjpi160_05.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\npjpi160_05.dll
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no file)
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab31267.cab
O16 - DPF: {87AF076E-D86D-4E87-ADDD-F05804E1F150} (VirginMega.DMFacade.Interface) - http://www.virginmega.fr/DownloadManager/Release/Prod/DownMan.cab
O16 - DPF: {88764F69-3831-4EC1-B40B-FF21D8381345} (AdVerifierADPCtrl Class) - https://static.impots.gouv.fr/tdir/static/adpform/AdSignerADP-1.1.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Fichiers communs\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: LVCOMSer - Logitech Inc. - C:\Program Files\Fichiers communs\LogiShrd\LVCOMSER\LVComSer.exe
O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - C:\Program Files\Fichiers communs\LogiShrd\LVMVFM\LVPrcSrv.exe
O23 - Service: LVSrvLauncher - Logitech Inc. - C:\Program Files\Fichiers communs\LogiShrd\SrvLnch\SrvLnch.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
0
pier.quincamp Messages postés 41 Statut Membre 1
 
voici le ernier rapport

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 13:43:17, on 16/08/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16674)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Fichiers communs\LogiShrd\LVMVFM\LVPrcSrv.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Fichiers communs\LogiShrd\LVCOMSER\LVComSer.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\System32\alg.exe
C:\Program Files\Fichiers communs\LogiShrd\LVCOMSER\LVComSer.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\Program Files\MSN Messenger\MsnMsgr.Exe
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
C:\Program Files\Orange HSS\Orange Desktop Search\OrangeDesktopSearch.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\PROGRA~1\Magentic\bin\MgApp.exe
C:\WINDOWS\DvzCommon\DvzMsgr.exe
C:\Program Files\SAGEM Wi-Fi USB 802.11g\WLANUTL.exe
C:\Program Files\Palm\HOTSYNC.EXE
C:\Program Files\Enigma Software Group\SpyHunter\SpyHunter3.exe
C:\WINDOWS\explorer.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Microsoft Office\OFFICE11\WINWORD.EXE
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = www.orange.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,First Home Page = https://support.microsoft.com/en-US/topic/internet-explorer-downloads-d49e1f0d-571c-9a7b-d97e-be248806ca70
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://192.168.1.1/ServicesAcces.html
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar3.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll
O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar3.dll
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [SpyHunter Security Suite] C:\Program Files\Enigma Software Group\SpyHunter\SpyHunter3.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [fsc-reminder.exe] C:\WINDOWS\reminder\fsc-reminder.exe 2454015 14
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - HKCU\..\Run: [Orange Desktop Search] "C:\Program Files\Orange HSS\Orange Desktop Search\OrangeDesktopSearch.exe" /tray
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [updateMgr] "C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe" AcRdB7_0_7 -reboot 1
O4 - HKCU\..\Run: [Magentic] C:\PROGRA~1\Magentic\bin\Magentic.exe /c
O4 - HKCU\..\Run: [clock cast] C:\DOCUME~1\BERNAR~1\APPLIC~1\SAVESC~1\CdromFree.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - S-1-5-18 Startup: HotSync Manager.lnk = C:\Program Files\Palm\HOTSYNC.EXE (User 'SYSTEM')
O4 - S-1-5-18 Startup: PowerReg Scheduler.exe (User 'SYSTEM')
O4 - .DEFAULT Startup: HotSync Manager.lnk = C:\Program Files\Palm\HOTSYNC.EXE (User 'Default user')
O4 - .DEFAULT Startup: PowerReg Scheduler.exe (User 'Default user')
O4 - Startup: HotSync Manager.lnk = C:\Program Files\Palm\HOTSYNC.EXE
O4 - Startup: PowerReg Scheduler.exe
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Dataviz Messenger.lnk = C:\WINDOWS\DvzCommon\DvzMsgr.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - Global Startup: Sagem - Utilitaire réseau pour Clé USB Wi-Fi 802.11g.lnk = ?
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\npjpi160_05.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\npjpi160_05.dll
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no file)
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab31267.cab
O16 - DPF: {87AF076E-D86D-4E87-ADDD-F05804E1F150} (VirginMega.DMFacade.Interface) - http://www.virginmega.fr/DownloadManager/Release/Prod/DownMan.cab
O16 - DPF: {88764F69-3831-4EC1-B40B-FF21D8381345} (AdVerifierADPCtrl Class) - https://static.impots.gouv.fr/tdir/static/adpform/AdSignerADP-1.1.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Fichiers communs\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: LVCOMSer - Logitech Inc. - C:\Program Files\Fichiers communs\LogiShrd\LVCOMSER\LVComSer.exe
O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - C:\Program Files\Fichiers communs\LogiShrd\LVMVFM\LVPrcSrv.exe
O23 - Service: LVSrvLauncher - Logitech Inc. - C:\Program Files\Fichiers communs\LogiShrd\SrvLnch\SrvLnch.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
0
Réponse 11 / 16
Utilisateur anonyme
 
télécharge OTMoveIt http://download.bleepingcomputer.com/oldtimer/OTMoveIt2.exe (de Old_Timer) sur ton Bureau.
double-clique sur OTMoveIt.exe pour le lancer.
Assure toi que la case Unregister Dll's and Ocx's soit bien cochée
copie la liste qui se trouve en gras ci-dessous,
et colle-la dans le cadre de gauche de OTMoveIt :Paste List of Files/Folders to be moved.

C:\DOCUME~1\BERNAR~1\APPLIC~1\SAVESC~1\CdromFree.exe
C:\DOCUME~1\BERNAR~1\APPLIC~1\SAVESC~1\

clique sur MoveIt! pour lancer la suppression.
le résultat apparaitra dans le cadre "Results".
clique sur Exit pour fermer.
poste le rapport situé dans C:\_OTMoveIt\MovedFiles.

il te sera peut-être demander de redémarrer le pc pour achever la suppression.si c'est le cas accepte par Yes.
0
pier.quincamp Messages postés 41 Statut Membre 1
 
Voici le dernier rapport, pas de proposition pour redémarrer.

File/Folder C:\DOCUME~1\BERNAR~1\APPLIC~1\SAVESC~1\CdromFree.exe not found.
Folder C:\DOCUME~1\BERNAR~1\APPLIC~1\SAVESC~1\ not found.

OTMoveIt2 by OldTimer - Version 1.0.4.3 log created on 08162008_135143
0
Réponse 12 / 16
Utilisateur anonyme
 
réouvre hijackthis
fais scan only
coches ces lignes :

O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)

O4 - HKCU\..\Run: [clock cast] C:\DOCUME~1\BERNAR~1\APPLIC~1\SAVESC~1\CdromFree.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')

O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab31267.cab
O16 - DPF: {87AF076E-D86D-4E87-ADDD-F05804E1F150} (VirginMega.DMFacade.Interface) - http://www.virginmega.fr/DownloadManager/Release/Prod/DownMan.cab
O16 - DPF: {88764F69-3831-4EC1-B40B-FF21D8381345} (AdVerifierADPCtrl Class) - https://static.impots.gouv.fr/tdir/static/adpform/AdSignerADP-1.1.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab

tu les coches et tu clic sur fix checked

ensuite désinstal java car pas a jours et telecharge et instal cette version :

https://sdlc-esd.oracle.com/ESD44/JSCDL/jdk/6u7/jre-6u7-windows-i586-p-s.exe?GroupName=JSC&FilePath=/ESD44/JSCDL/jdk/6u7/jre-6u7-windows-i586-p-s.exe&BHost=javadl.sun.com&File=jre-6u7-windows-i586-p-s.exe&AuthParam=1580978146_46494a57fbc0e7c89e79cfb72e28cd3a&ext=.exe

ensuite :

regarde ceci concernant avast :

antivir vs avast :

-> http://forum.malekal.com/ftopic3528.php

alors je te conseille de le desinstaller et d´installer antivir a la place

Telecharge et instales l'antivirus Antivir Personal Edition Classic :

->https://www.01net.com/telecharger/windows/Securite/antivirus-antitrojan/fiches/13198.html

tuto : https://www.malekal.com/avira-free-security-antivirus-gratuit/
tuto : http://www.swl1f.net/viewtopic.php?f=14&t=59

Pour désinstaller Avast telecharge cet outil

https://www.avast.com/fr-fr/uninstall-utility

ensuite :

-> Télécharge Ccleaner (n'installe pas la barre d'outil Yahoo):

http://download.piriform.com/ccsetup210.exe

https://www.01net.com/telecharger/windows/Utilitaire/nettoyeurs_et_installeurs/fiches/32599.html

-> Tuto : https://www.malekal.com/tutoriel-ccleaner/

-> Pour ceux qui voudraient aller plus loin en compagnie de jesses (fonctions avancés) :

http://perso.orange.fr/jesses/Docs/Logiciels/CCleaner.htm

ensuite :

* pour supprimer les outils/fix utilisés :

Télécharge ToolsCleaner sur ton bureau.
-->
ftp://ftp.commentcamarche.com/download/ToolsCleaner2.exe
http://www.commentcamarche.net/telecharger/telecharger 34055291 toolscleaner
http://pc-system.fr/

# Clique sur Recherche et laisse le scan agir ...
# Clique sur Suppression pour finaliser.
# Tu peux, si tu le souhaites, te servir des Options facultatives.
# Clique sur Quitter pour obtenir le rapport.
# Poste le rapport (TCleaner.txt) qui se trouve à la racine de ton disque dur (C:\).

et fais ceci :

Désactive et réactive ta restauration system

Tuto xp : http://service1.symantec.com/support/inter/tsgeninfointl.Nsf/fr_docid/20020830101856924
0
pier.quincamp Messages postés 41 Statut Membre 1
 
losque je clique sur Fix checked, cela m'ouvre une fenêtre:
"fix 9 selected items? this will permanently delete and/or repair what you .
oui non
Lequel j'appuie.

je ne suis pas allé plus loin.
0
Réponse 13 / 16
Utilisateur anonyme
 
appuis sur oui
0
Réponse 14 / 16
pier.quincamp
 
rapport TCcleaner

-->- Recherche:

C:\Lop SD: trouvé !
C:\_OtMoveIt: trouvé !
C:\Documents and Settings\All Users\Menu Démarrer\Programmes\HijackThis: trouvé !
C:\Documents and Settings\All Users\Menu Démarrer\Programmes\HijackThis\HijackThis.lnk: trouvé !
C:\Documents and Settings\bernard gueffier\Bureau\HijackThis.lnk: trouvé !
C:\Documents and Settings\bernard gueffier\Bureau\Lop S&D.lnk: trouvé !
C:\Documents and Settings\bernard gueffier\Bureau\LopSD.exe: trouvé !
C:\Documents and Settings\bernard gueffier\Bureau\OtMoveIt2.exe: trouvé !
C:\Documents and Settings\bernard gueffier\Bureau\lopxpsetup.exe: trouvé !
C:\Documents and Settings\bernard gueffier\Bureau\lopxp.lnk: trouvé !
C:\Documents and Settings\bernard gueffier\Menu Démarrer\Programmes\Lop S&D: trouvé !
C:\Documents and Settings\bernard gueffier\Mes documents\HJTInstall.exe: trouvé !
C:\Documents and Settings\bernard gueffier\Mes documents\lopxpsetup.exe: trouvé !
C:\Documents and Settings\bernard gueffier\Mes documents\Mes fichiers reçus\HJTInstall.exe: trouvé !
C:\Lop SD\Lop S&D.lnk: trouvé !
C:\Program Files\lopxp: trouvé !
C:\Program Files\Trend Micro\HijackThis: trouvé !
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe: trouvé !

---------------------------------
-->- Suppression:

C:\Documents and Settings\All Users\Menu Démarrer\Programmes\HijackThis\HijackThis.lnk: supprimé !
C:\Documents and Settings\bernard gueffier\Bureau\HijackThis.lnk: supprimé !
C:\Documents and Settings\bernard gueffier\Bureau\Lop S&D.lnk: supprimé !
C:\Documents and Settings\bernard gueffier\Bureau\LopSD.exe: supprimé !
C:\Documents and Settings\bernard gueffier\Bureau\OtMoveIt2.exe: supprimé !
C:\Documents and Settings\bernard gueffier\Bureau\lopxpsetup.exe: supprimé !
C:\Documents and Settings\bernard gueffier\Bureau\lopxp.lnk: supprimé !
C:\Documents and Settings\bernard gueffier\Mes documents\HJTInstall.exe: supprimé !
C:\Documents and Settings\bernard gueffier\Mes documents\lopxpsetup.exe: supprimé !
C:\Documents and Settings\bernard gueffier\Mes documents\Mes fichiers reçus\HJTInstall.exe: supprimé !
C:\Lop SD\Lop S&D.lnk: supprimé !
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe: supprimé !
C:\Lop SD: ERREUR DE SUPPRESSION !!
C:\_OtMoveIt: supprimé !
C:\Documents and Settings\All Users\Menu Démarrer\Programmes\HijackThis: supprimé !
C:\Documents and Settings\bernard gueffier\Menu Démarrer\Programmes\Lop S&D: supprimé !
C:\Program Files\lopxp: supprimé !
C:\Program Files\Trend Micro\HijackThis: supprimé !

Corbeille vidée!
Fichiers temporaires nettoyés !
0
Réponse 15 / 16
Utilisateur anonyme
 
si tu n as pas d autres soucis change le statut du sujet en resolu stp

http://www.commentcamarche.net/faq/sujet 11365 marquer un fil de discussion comme etant resolu
0
pier.quincamp
 
Merci de ton intervention. Je suis vraiment satisfait du résultat. C'est incroyable et un grand plaisir de savoir qu'il existe des gens comme vous pour nous sortir de certains pétrains informatiques.
Merci vraiment
0
pier.quincamp
 
je suis un peu perdu, mais je ne vois pas ou je dois cocher pour exprimer que mon problème est résolu.
Désolé de te déranger.
0
Réponse 16 / 16
Utilisateur anonyme
 
en haut sur ta premiere question

http://www.commentcamarche.net/faq/sujet 11365 marquer un fil de discussion comme etant resolu
0

Discussions similaires

Caler une adresse au niveau de la fenêtre d'une enveloppe
®omain -
kent -

15 réponses
Compte publicitaire instagram désactivé
Kira_1245 -
piquesous -

2 réponses
iCloud affichage fenêtres intempestives. Réglages impossible.
jemlabd -
jemlabd -

9 réponses
Conhost.exe
ThaBestGamer -
bazfile -

3 réponses
Bande de pub sur ma TV TCL
michal1940 -
MPMP10 -

2 réponses