Probleme avec Win32:Swizzor [Trj] Fermé

Question

Bonjour,

Comme je l'ai soulignre sur la reponse que tu avais fait a une autre personne comme ui  j'ai le meme probleme avec se maudit trojan swizzor. A qui a dit qu'il fallait laisser les femme sur les pc en tt les cas c pas moi donc come tu la ecrit sur l'ancien message j'ai telechargé LOP&sd et il ma donner un rapport que je vais te mettre  dans se message apres   tu me diras se qu'il en est voila merci de l'aide que tu pourrras m'apporté.


Rapport :


   --------------------\  Lop S&D 4.2.3-4   XP/Vista

   Microsoft Windows XP Professionnel ( v5.1.2600 ) Service Pack 2
   X86-based PC ( Multiprocessor Free :               Intel(R) Pentium(R) 4 CPU 3.06GHz )
   Microsoft Windows XP Professionnel ( v5.1.2600 ) Service Pack 2
   X86-based PC ( Multiprocessor Free :               Intel(R) Pentium(R) 4 CPU 3.06GHz )
   Rev 1.00
   BOOT : Normal boot

   "C:\Lop SD" ( MAJ : 23-08-2008|10:35 )
   Option : [1] ( 23/08/2008|17:15 )
 
   --------------------\  Listing des dossiers dans APPLIC~1  

   [12/04/2008|16:14] C:\DOCUME~1\ALLUSE~1\APPLIC~1\desktop.ini
   [12/04/2008|14:47] C:\DOCUME~1\ALLUSE~1\APPLIC~1\DVD Shrink
   [12/04/2008|16:39] C:\DOCUME~1\ALLUSE~1\APPLIC~1\F-Secure
   [12/04/2008|16:38] C:\DOCUME~1\ALLUSE~1\APPLIC~1\fssg
   [12/04/2008|15:40] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Google
   [20/08/2008|17:50] C:\DOCUME~1\ALLUSE~1\APPLIC~1\LauncherAccess.dt
   [20/05/2008|18:35] C:\DOCUME~1\ALLUSE~1\APPLIC~1\ma-config.com
   [27/07/2008|21:50] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Macromedia
   [21/08/2008|19:25] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Malwarebytes
   [31/05/2008|02:18] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft
   [30/04/2008|15:27] C:\DOCUME~1\ALLUSE~1\APPLIC~1\OrbNetworks
   [23/08/2008|16:15] C:\DOCUME~1\ALLUSE~1\APPLIC~1\part dead amok eggs
   [23/08/2008|15:37] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Spybot - Search & Destroy
   [23/07/2008|20:15] C:\DOCUME~1\ALLUSE~1\APPLIC~1\TEMP
   [17/05/2008|16:26] C:\DOCUME~1\ALLUSE~1\APPLIC~1\VistaCodecs
   [12/04/2008|15:56] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Genuine Advantage
   [23/07/2008|22:52] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WLInstaller
   [11/05/2008|19:49] C:\DOCUME~1\ALLUSE~1\APPLIC~1\xml850.tmp
   [11/05/2008|19:49] C:\DOCUME~1\ALLUSE~1\APPLIC~1\xml851.tmp
   [04/05/2008|01:03] C:\DOCUME~1\ALLUSE~1\APPLIC~1\xml852.tmp
   [11/05/2008|19:49] C:\DOCUME~1\ALLUSE~1\APPLIC~1\xml853.tmp

   [12/04/2008|16:14] C:\DOCUME~1\DEFAUL~1\APPLIC~1\desktop.ini
   [12/04/2008|14:22] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft

   [12/04/2008|15:50] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft

   [12/04/2008|14:26] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft

   [12/04/2008|15:38] C:\DOCUME~1	of\APPLIC~1\Adobe
   [13/04/2008|20:31] C:\DOCUME~1	of\APPLIC~1\Ahead
   [12/04/2008|14:43] C:\DOCUME~1	of\APPLIC~1\aignes
   [16/05/2008|20:27] C:\DOCUME~1	of\APPLIC~1\DeepBurner
   [12/04/2008|16:14] C:\DOCUME~1	of\APPLIC~1\desktop.ini
   [27/05/2008|19:51] C:\DOCUME~1	of\APPLIC~1\F-Secure
   [18/05/2008|00:17] C:\DOCUME~1	of\APPLIC~1\Google
   [12/04/2008|14:43] C:\DOCUME~1	of\APPLIC~1\gtopala
   [12/04/2008|14:43] C:\DOCUME~1	of\APPLIC~1\Identities
   [29/04/2008|12:46] C:\DOCUME~1	of\APPLIC~1\InstallShield
   [12/04/2008|14:39] C:\DOCUME~1	of\APPLIC~1\Macromedia
   [21/08/2008|19:26] C:\DOCUME~1	of\APPLIC~1\Malwarebytes
   [12/04/2008|17:38] C:\DOCUME~1	of\APPLIC~1\Media Player Classic
   [23/07/2008|20:06] C:\DOCUME~1	of\APPLIC~1\Microsoft
   [12/04/2008|15:21] C:\DOCUME~1	of\APPLIC~1\Mozilla
   [23/07/2008|20:10] C:\DOCUME~1	of\APPLIC~1\Opera
   [22/04/2008|20:35] C:\DOCUME~1	of\APPLIC~1\Samsung
   [23/08/2008|16:33] C:\DOCUME~1	of\APPLIC~1\slow multi build
   [12/04/2008|14:39] C:\DOCUME~1	of\APPLIC~1\Sun
   [27/07/2008|21:30] C:\DOCUME~1	of\APPLIC~1	eamspeak2
   [22/08/2008|14:11] C:\DOCUME~1	of\APPLIC~1\uTorrent
   [12/04/2008|15:08] C:\DOCUME~1	of\APPLIC~1\vlc
   [30/04/2008|15:27] C:\DOCUME~1	of\APPLIC~1\Winamp
   [02/05/2008|00:40] C:\DOCUME~1	of\APPLIC~1\Windows Live Writer
   [12/04/2008|20:08] C:\DOCUME~1	of\APPLIC~1\WinRAR
 
   --------------------\  Tâches planifiées dans C:\WINDOWS	asks

   [23/08/2008 16:16][--ah-----] C:\WINDOWS	asks\SA.DAT
   [06/09/2002 22:59][-r-h-----] C:\WINDOWS	asks\desktop.ini

   --------------------\  Listing des dossiers dans C:\Program Files

   [23/08/2008|10:22] C:\Program Files\Alwil Software
   [30/05/2008|13:50] C:\Program Files\America's Army
   [12/04/2008|14:55] C:\Program Files\Analog Devices
   [23/08/2008|16:20] C:\Program Files\a-squared Free
   [12/04/2008|14:19] C:\Program Files\ComPlus Applications
   [11/08/2008|15:50] C:\Program Files\DEXXON
   [23/08/2008|13:54] C:\Program Files\eMule
   [11/08/2008|16:21] C:\Program Files\Fichiers communs
   [21/08/2008|22:27] C:\Program Files\GalaPlayer
   [13/05/2008|20:25] C:\Program Files\Google
   [11/08/2008|16:21] C:\Program Files\InstallShield Installation Information
   [12/04/2008|14:54] C:\Program Files\Intel
   [13/04/2008|06:14] C:\Program Files\Internet Explorer
   [12/04/2008|14:39] C:\Program Files\Java
   [12/04/2008|14:27] C:\Program Files\JEUX
   [02/05/2008|14:49] C:\Program Files\Kit ADSL
   [15/08/2008|19:05] C:\Program Files\LunaPlayer
   [23/08/2008|14:55] C:\Program Files\Malwarebytes' Anti-Malware
   [12/04/2008|15:00] C:\Program Files\Marvell
   [06/07/2008|12:51] C:\Program Files\McDonaldsFairies
   [23/07/2008|23:32] C:\Program Files\Messenger
   [12/04/2008|14:22] C:\Program Files\microsoft frontpage
   [12/04/2008|14:37] C:\Program Files\Microsoft Office
   [12/04/2008|16:13] C:\Program Files\Microsoft SQL Server Compact Edition
   [12/04/2008|14:20] C:\Program Files\Movie Maker
   [23/08/2008|10:20] C:\Program Files\Mozilla Firefox
   [12/04/2008|14:19] C:\Program Files\MSN Gaming Zone
   [12/04/2008|14:28] C:\Program Files\MSXML 4.0
   [13/04/2008|06:14] C:\Program Files\MSXML 6.0
   [12/04/2008|14:20] C:\Program Files\NetMeeting
   [21/08/2008|19:14] C:\Program Files\Opera
   [13/04/2008|06:14] C:\Program Files\Outlook Express
   [12/04/2008|16:55] C:\Program Files\Pack Securite
   [02/08/2008|19:56] C:\Program Files\Samsung
   [12/04/2008|17:15] C:\Program Files\SLD Codec Pack
   [21/08/2008|22:27] C:\Program Files\slow multi build
   [23/08/2008|15:37] C:\Program Files\Spybot - Search & Destroy
   [02/08/2008|19:57] C:\Program Files\Uninstall Information
   [12/04/2008|14:27] C:\Program Files\UTILS
   [17/08/2008|10:59] C:\Program Files\uTorrent
   [30/05/2008|21:11] C:\Program Files\VGA USB Camera
   [17/05/2008|16:27] C:\Program Files\VistaCodecPack
   [23/07/2008|22:54] C:\Program Files\Windows Live
   [06/07/2008|12:54] C:\Program Files\Windows Live Toolbar
   [12/04/2008|14:37] C:\Program Files\Windows Media Connect 2
   [12/04/2008|14:38] C:\Program Files\Windows Media Player
   [12/04/2008|14:19] C:\Program Files\Windows NT
   [12/04/2008|14:21] C:\Program Files\WindowsUpdate
   [12/04/2008|14:38] C:\Program Files\WMV9_VCM
   [12/04/2008|14:27] C:\Program Files\WSTARTUP
   [12/04/2008|14:22] C:\Program Files\xerox

   --------------------\  Listing des dossiers dans C:\Program Files\Fichiers communs

   [22/04/2008|20:27] C:\Program Files\Fichiers communs\Adobe
   [12/04/2008|17:19] C:\Program Files\Fichiers communs\Ahead
   [19/07/2008|15:35] C:\Program Files\Fichiers communs\Blizzard Entertainment
   [02/08/2008|19:56] C:\Program Files\Fichiers communs\InstallShield
   [12/04/2008|14:39] C:\Program Files\Fichiers communs\Java
   [15/08/2008|15:40] C:\Program Files\Fichiers communs\Macromedia
   [02/08/2008|19:57] C:\Program Files\Fichiers communs\Microsoft Shared
   [12/04/2008|14:20] C:\Program Files\Fichiers communs\MSSoap
   [11/08/2008|16:21] C:\Program Files\Fichiers communs\NewSoft
   [12/04/2008|16:14] C:\Program Files\Fichiers communs\ODBC
   [12/04/2008|14:20] C:\Program Files\Fichiers communs\Services
   [12/04/2008|16:14] C:\Program Files\Fichiers communs\SpeechEngines
   [13/04/2008|06:14] C:\Program Files\Fichiers communs\System
   [12/04/2008|15:37] C:\Program Files\Fichiers communs\WindowsLiveInstaller

   --------------------\  Process

   ( 56 Processus )

   ... OK !

   --------------------\  Recherche avec S_Lop

   C:\DOCUME~1	of\APPLIC~1\SLOWMU~1
 
   --------------------\  Recherche de Fichiers / Dossiers Lop

   C:\DOCUME~1\ALLUSE~1\APPLIC~1\part dead amok eggs
   C:\DOCUME~1	of\MENUDM~1\PROGRA~1\GalaPlayer
   C:\DOCUME~1	of\MENUDM~1\PROGRA~1\GalaPlayer\GalaPlayer.lnk
   C:\DOCUME~1	of\MENUDM~1\PROGRA~1\GalaPlayer\HomePage.lnk
   C:\DOCUME~1	of\MENUDM~1\PROGRA~1\GalaPlayer\Uninstall.lnk
   C:\Program Files\GalaPlayer
   C:\DOCUME~1	of\Cookies	of@advertstream[1].txt
   C:\WINDOWS\Prefetch\GALAPLAYER-1.3.0.0-SETUP.EXE-2A082E3F.pf
   C:\WINDOWS\Prefetch\GALAPLAYER.EXE-309BBCE7.pf
   C:\DOCUME~1	of\Cookies	of@sr2.livemediasrv[1].txt
   C:\DOCUME~1	of\Cookies	of@sr2.livemediasrv[2].txt
   C:\DOCUME~1	of\Cookies	of@32vegas[1].txt
   C:\DOCUME~1	of\Cookies	of@banner.32vegas[2].txt
 
   --------------------\  Verification du Registre

   [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\BoltBoneAudio]
   "DisplayName"="CiD Help"
   "UninstallString"="C:\DOCUME~1\tof\APPLIC~1\SLOWMU~1\site itch extra.exe -uninstall"

   [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] 
   "Send Find"="C:\DOCUME~1\tof\APPLIC~1\SLOWMU~1\site itch extra.exe"

   [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

   --------------------\  Verification du fichier Hosts

   Fichier Hosts PROPRE


   --------------------\  Recherche de fichiers avec Catchme
 
   catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
   Rootkit scan 2008-08-23 17:18:02
   Windows 5.1.2600 Service Pack 2 NTFS
   scanning hidden processes ...
   scanning hidden files ...
   scan completed successfully
   hidden processes: 0
   hidden files: 1
 
   --------------------\  Recherche d'autres infections

   --------------------\  Cracks & Keygens ..

   C:\DOCUME~1	of\Local Settings\Application Data\Opera\Opera\profile\bt_metadata\keygen.exe.dat


   [F:21][D:22]-> C:\DOCUME~1	of\LOCALS~1\Temp
   [F:132][D:0]-> C:\DOCUME~1	of\Cookies
   [F:1223][D:6]-> C:\DOCUME~1	of\LOCALS~1\TEMPOR~1\content.IE5

   --------------------\  Fin du rapport a 17:19:36

Destrio5 · Answer

Salut,

---> Relance Lop S&D
---> Choisis cette fois-ci l'option 2 (Suppression)
---> Ne ferme pas la fenêtre lors de la suppression !
---> Poste le rapport généré (C:\lopR.txt)

(Si le Bureau ne réapparait pas, presse Ctrl+Alt+Suppr, Onglet Fichier, Nouvelle tâche, tape explorer.exe et valide)

TOTOF20 · Answer

Me revoila Donc j'ai fait se que tu m'avais dit et voila donc le rapport :


   --------------------\  Lop S&D 4.2.3-4   XP/Vista

   Microsoft Windows XP Professionnel ( v5.1.2600 ) Service Pack 2
   X86-based PC ( Multiprocessor Free :               Intel(R) Pentium(R) 4 CPU 3.06GHz )
   Microsoft Windows XP Professionnel ( v5.1.2600 ) Service Pack 2
   X86-based PC ( Multiprocessor Free :               Intel(R) Pentium(R) 4 CPU 3.06GHz )
   Rev 1.00
   BOOT : Normal boot

   "C:\Lop SD" ( MAJ : 23-08-2008|10:35 )
   Option : [2] ( 23/08/2008|17:33 )


   \\\\\\\\\\\\\\\ SUPPRESSION

   Supprime! - C:\DOCUME~1	of\MENUDM~1\PROGRA~1\GalaPlayer\GalaPlayer.lnk
   Supprime! - C:\DOCUME~1	of\MENUDM~1\PROGRA~1\GalaPlayer\HomePage.lnk
   Supprime! - C:\DOCUME~1	of\MENUDM~1\PROGRA~1\GalaPlayer\Uninstall.lnk
   Supprime! - C:\DOCUME~1	of\Cookies	of@advertstream[1].txt
   Supprime! - C:\WINDOWS\Prefetch\GALAPLAYER-1.3.0.0-SETUP.EXE-2A082E3F.pf
   Supprime! - C:\WINDOWS\Prefetch\GALAPLAYER.EXE-309BBCE7.pf
   Supprime! - C:\DOCUME~1	of\Cookies	of@sr2.livemediasrv[1].txt
   Supprime! - C:\DOCUME~1	of\Cookies	of@sr2.livemediasrv[2].txt
   Supprime! - C:\DOCUME~1	of\Cookies	of@32vegas[1].txt
   Supprime! - C:\DOCUME~1	of\Cookies	of@banner.32vegas[2].txt
   Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\part dead amok eggs
   Supprime! - C:\DOCUME~1	of\MENUDM~1\PROGRA~1\GalaPlayer
   Supprime! - C:\Program Files\GalaPlayer
   Supprime! - C:\DOCUME~1	of\APPLIC~1\SLOWMU~1
   Supprime! - C:\Program Files\SLOWMU~1
   -
   [ Fichier Hosts ] .. Restaure!
 
   \\\\\\\\\\\\\\\ 

 
   --------------------\  Listing des dossiers dans APPLIC~1  

   [12/04/2008|16:14] C:\DOCUME~1\ALLUSE~1\APPLIC~1\desktop.ini
   [12/04/2008|14:47] C:\DOCUME~1\ALLUSE~1\APPLIC~1\DVD Shrink
   [12/04/2008|16:39] C:\DOCUME~1\ALLUSE~1\APPLIC~1\F-Secure
   [12/04/2008|16:38] C:\DOCUME~1\ALLUSE~1\APPLIC~1\fssg
   [12/04/2008|15:40] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Google
   [20/08/2008|17:50] C:\DOCUME~1\ALLUSE~1\APPLIC~1\LauncherAccess.dt
   [20/05/2008|18:35] C:\DOCUME~1\ALLUSE~1\APPLIC~1\ma-config.com
   [27/07/2008|21:50] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Macromedia
   [21/08/2008|19:25] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Malwarebytes
   [31/05/2008|02:18] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft
   [30/04/2008|15:27] C:\DOCUME~1\ALLUSE~1\APPLIC~1\OrbNetworks
   [23/08/2008|15:37] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Spybot - Search & Destroy
   [23/07/2008|20:15] C:\DOCUME~1\ALLUSE~1\APPLIC~1\TEMP
   [17/05/2008|16:26] C:\DOCUME~1\ALLUSE~1\APPLIC~1\VistaCodecs
   [12/04/2008|15:56] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Genuine Advantage
   [23/07/2008|22:52] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WLInstaller
   [11/05/2008|19:49] C:\DOCUME~1\ALLUSE~1\APPLIC~1\xml850.tmp
   [11/05/2008|19:49] C:\DOCUME~1\ALLUSE~1\APPLIC~1\xml851.tmp
   [04/05/2008|01:03] C:\DOCUME~1\ALLUSE~1\APPLIC~1\xml852.tmp
   [11/05/2008|19:49] C:\DOCUME~1\ALLUSE~1\APPLIC~1\xml853.tmp

   [12/04/2008|16:14] C:\DOCUME~1\DEFAUL~1\APPLIC~1\desktop.ini
   [12/04/2008|14:22] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft

   [12/04/2008|15:50] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft

   [12/04/2008|14:26] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft

   [12/04/2008|15:38] C:\DOCUME~1	of\APPLIC~1\Adobe
   [13/04/2008|20:31] C:\DOCUME~1	of\APPLIC~1\Ahead
   [12/04/2008|14:43] C:\DOCUME~1	of\APPLIC~1\aignes
   [16/05/2008|20:27] C:\DOCUME~1	of\APPLIC~1\DeepBurner
   [12/04/2008|16:14] C:\DOCUME~1	of\APPLIC~1\desktop.ini
   [27/05/2008|19:51] C:\DOCUME~1	of\APPLIC~1\F-Secure
   [18/05/2008|00:17] C:\DOCUME~1	of\APPLIC~1\Google
   [12/04/2008|14:43] C:\DOCUME~1	of\APPLIC~1\gtopala
   [12/04/2008|14:43] C:\DOCUME~1	of\APPLIC~1\Identities
   [29/04/2008|12:46] C:\DOCUME~1	of\APPLIC~1\InstallShield
   [12/04/2008|14:39] C:\DOCUME~1	of\APPLIC~1\Macromedia
   [21/08/2008|19:26] C:\DOCUME~1	of\APPLIC~1\Malwarebytes
   [12/04/2008|17:38] C:\DOCUME~1	of\APPLIC~1\Media Player Classic
   [23/07/2008|20:06] C:\DOCUME~1	of\APPLIC~1\Microsoft
   [12/04/2008|15:21] C:\DOCUME~1	of\APPLIC~1\Mozilla
   [23/07/2008|20:10] C:\DOCUME~1	of\APPLIC~1\Opera
   [22/04/2008|20:35] C:\DOCUME~1	of\APPLIC~1\Samsung
   [12/04/2008|14:39] C:\DOCUME~1	of\APPLIC~1\Sun
   [27/07/2008|21:30] C:\DOCUME~1	of\APPLIC~1	eamspeak2
   [22/08/2008|14:11] C:\DOCUME~1	of\APPLIC~1\uTorrent
   [12/04/2008|15:08] C:\DOCUME~1	of\APPLIC~1\vlc
   [30/04/2008|15:27] C:\DOCUME~1	of\APPLIC~1\Winamp
   [02/05/2008|00:40] C:\DOCUME~1	of\APPLIC~1\Windows Live Writer
   [12/04/2008|20:08] C:\DOCUME~1	of\APPLIC~1\WinRAR
 
   --------------------\  Tâches planifiées dans C:\WINDOWS	asks

   [23/08/2008 16:16][--ah-----] C:\WINDOWS	asks\SA.DAT
   [06/09/2002 22:59][-r-h-----] C:\WINDOWS	asks\desktop.ini

   --------------------\  Listing des dossiers dans C:\Program Files

   [23/08/2008|10:22] C:\Program Files\Alwil Software
   [30/05/2008|13:50] C:\Program Files\America's Army
   [12/04/2008|14:55] C:\Program Files\Analog Devices
   [23/08/2008|16:20] C:\Program Files\a-squared Free
   [12/04/2008|14:19] C:\Program Files\ComPlus Applications
   [11/08/2008|15:50] C:\Program Files\DEXXON
   [23/08/2008|13:54] C:\Program Files\eMule
   [11/08/2008|16:21] C:\Program Files\Fichiers communs
   [13/05/2008|20:25] C:\Program Files\Google
   [11/08/2008|16:21] C:\Program Files\InstallShield Installation Information
   [12/04/2008|14:54] C:\Program Files\Intel
   [13/04/2008|06:14] C:\Program Files\Internet Explorer
   [12/04/2008|14:39] C:\Program Files\Java
   [12/04/2008|14:27] C:\Program Files\JEUX
   [02/05/2008|14:49] C:\Program Files\Kit ADSL
   [15/08/2008|19:05] C:\Program Files\LunaPlayer
   [23/08/2008|14:55] C:\Program Files\Malwarebytes' Anti-Malware
   [12/04/2008|15:00] C:\Program Files\Marvell
   [06/07/2008|12:51] C:\Program Files\McDonaldsFairies
   [23/07/2008|23:32] C:\Program Files\Messenger
   [12/04/2008|14:22] C:\Program Files\microsoft frontpage
   [12/04/2008|14:37] C:\Program Files\Microsoft Office
   [12/04/2008|16:13] C:\Program Files\Microsoft SQL Server Compact Edition
   [12/04/2008|14:20] C:\Program Files\Movie Maker
   [23/08/2008|10:20] C:\Program Files\Mozilla Firefox
   [12/04/2008|14:19] C:\Program Files\MSN Gaming Zone
   [12/04/2008|14:28] C:\Program Files\MSXML 4.0
   [13/04/2008|06:14] C:\Program Files\MSXML 6.0
   [12/04/2008|14:20] C:\Program Files\NetMeeting
   [21/08/2008|19:14] C:\Program Files\Opera
   [13/04/2008|06:14] C:\Program Files\Outlook Express
   [12/04/2008|16:55] C:\Program Files\Pack Securite
   [02/08/2008|19:56] C:\Program Files\Samsung
   [12/04/2008|17:15] C:\Program Files\SLD Codec Pack
   [23/08/2008|15:37] C:\Program Files\Spybot - Search & Destroy
   [02/08/2008|19:57] C:\Program Files\Uninstall Information
   [12/04/2008|14:27] C:\Program Files\UTILS
   [17/08/2008|10:59] C:\Program Files\uTorrent
   [30/05/2008|21:11] C:\Program Files\VGA USB Camera
   [17/05/2008|16:27] C:\Program Files\VistaCodecPack
   [23/07/2008|22:54] C:\Program Files\Windows Live
   [06/07/2008|12:54] C:\Program Files\Windows Live Toolbar
   [12/04/2008|14:37] C:\Program Files\Windows Media Connect 2
   [12/04/2008|14:38] C:\Program Files\Windows Media Player
   [12/04/2008|14:19] C:\Program Files\Windows NT
   [12/04/2008|14:21] C:\Program Files\WindowsUpdate
   [12/04/2008|14:38] C:\Program Files\WMV9_VCM
   [12/04/2008|14:27] C:\Program Files\WSTARTUP
   [12/04/2008|14:22] C:\Program Files\xerox

   --------------------\  Listing des dossiers dans C:\Program Files\Fichiers communs

   [22/04/2008|20:27] C:\Program Files\Fichiers communs\Adobe
   [12/04/2008|17:19] C:\Program Files\Fichiers communs\Ahead
   [19/07/2008|15:35] C:\Program Files\Fichiers communs\Blizzard Entertainment
   [02/08/2008|19:56] C:\Program Files\Fichiers communs\InstallShield
   [12/04/2008|14:39] C:\Program Files\Fichiers communs\Java
   [15/08/2008|15:40] C:\Program Files\Fichiers communs\Macromedia
   [02/08/2008|19:57] C:\Program Files\Fichiers communs\Microsoft Shared
   [12/04/2008|14:20] C:\Program Files\Fichiers communs\MSSoap
   [11/08/2008|16:21] C:\Program Files\Fichiers communs\NewSoft
   [12/04/2008|16:14] C:\Program Files\Fichiers communs\ODBC
   [12/04/2008|14:20] C:\Program Files\Fichiers communs\Services
   [12/04/2008|16:14] C:\Program Files\Fichiers communs\SpeechEngines
   [13/04/2008|06:14] C:\Program Files\Fichiers communs\System
   [12/04/2008|15:37] C:\Program Files\Fichiers communs\WindowsLiveInstaller

   --------------------\  Process

   ( 56 Processus )

   ... OK !

   --------------------\  Recherche avec S_Lop

   Aucun fichier / dossier Lop trouvé !
 
   --------------------\  Recherche de Fichiers / Dossiers Lop

   Aucun fichier / dossier Lop trouvé ! 
 
   --------------------\  Verification du Registre
 
   ..... OK !

   --------------------\  Verification du fichier Hosts

   Fichier Hosts PROPRE


   --------------------\  Recherche de fichiers avec Catchme
 
   catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
   Rootkit scan 2008-08-23 17:35:53
   Windows 5.1.2600 Service Pack 2 NTFS
   scanning hidden processes ...
   scanning hidden files ...
   scan completed successfully
   hidden processes: 0
   hidden files: 1
 
   --------------------\  Recherche d'autres infections

   --------------------\  Cracks & Keygens ..

   C:\DOCUME~1	of\Local Settings\Application Data\Opera\Opera\profile\bt_metadata\keygen.exe.dat


   [F:16][D:21]-> C:\DOCUME~1	of\LOCALS~1\Temp
   [F:127][D:0]-> C:\DOCUME~1	of\Cookies
   [F:1221][D:6]-> C:\DOCUME~1	of\LOCALS~1\TEMPOR~1\content.IE5

   --------------------\  Fin du rapport a 17:37:26

Destrio5 · Answer

- Télécharge HijackThis V 2.02 (HijackThis Installer) :
http://www.trendsecure.com/portal/en-US/threat_analytics/HJTInstall.exe

- Fais un double-clic sur HJTInstall.exe afin de lancer l'installation

- Clique sur Install ensuite sur I Accept

- Clique sur Do a scan system and save log file

- Le bloc-notes s'ouvrira, fais un copier-coller de tout son contenu ici dans ta prochaine réponse.

TOTOF20 · Answer

Et me revoila donc voici le rapport : 

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 17:44:16, on 23/08/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16640)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe
C:\Program Files\Analog Devices\SoundMAX\Smax4.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\Pack Securite\Common\FSM32.EXE
C:\WINDOWS\vsnpstd3.exe
D:\Tv\Monitor.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\WINDOWS\system32\ctfmon.exe
C:\PROGRA~1\MESSEN~1\Msmsgs.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\IcoSauve.exe
D:
o ip\No-IP\DUC20.exe
C:\Program Files\Pack Securite\Anti-Virus\fsgk32st.exe
C:\Program Files\Pack Securite\Common\FSMA32.EXE
C:\Program Files\Pack Securite\Anti-Virus\FSGK32.EXE
C:\WINDOWS\system32
vsvc32.exe
C:\Program Files\Pack Securite\Common\FSMB32.EXE
C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Pack Securite\Common\FCH32.EXE
C:\Program Files\Pack Securite\Common\FAMEH32.EXE
C:\Program Files\Pack Securite\Anti-Virus\fsqh.exe
C:\Program Files\Pack Securite\FSPC\fspc.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Pack Securite\FSGUI\fsguidll.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\Pack Securite\Anti-Virus\fssm32.exe
C:\Program Files\Pack Securite\FSAUA\program\fsaua.exe
C:\Program Files\Pack Securite\FWES\Program\fsdfwd.exe
C:\Program Files\Pack Securite\FSAUA\program\fsus.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Pack Securite\Anti-Virus\fsav32.exe
C:\Program Files\a-squared Free\a2service.exe
C:\Program Files\Opera\opera.exe
H:\Teamspeak2_RC2\Teamspeak2_RC2\TeamSpeak.exe
C:\PROGRAM FILES\A-SQUARED FREE\A2FREE.EXE
C:\Program Files\Windows Live\Messenger\usnsvc.exe
C:\WINDOWS\explorer.exe
C:\WINDOWS\system32\NOTEPAD.EXE
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.fr/toolbar/ie8/sidebar.html
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www2.iesearch.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://home.neuf.fr
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://www.google.fr/search?q=%s
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\3.0.1225.9868\swg.dll
O2 - BHO: MegaIEMn - {bf00e119-21a3-4fd1-b178-3b8537e75c92} - D:\film bis\MegaIEMn.dll (file missing)
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe
O4 - HKLM\..\Run: [SoundMAX] "C:\Program Files\Analog Devices\SoundMAX\Smax4.exe" /tray
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [F-Secure Manager] "C:\Program Files\Pack Securite\Common\FSM32.EXE" /splash
O4 - HKLM\..\Run: [F-Secure TNB] "C:\Program Files\Pack Securite\FSGUI\TNBUtil.exe" /CHECKALL /WAITFORSW
O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [WinampAgent] D:\Winamp\winampa.exe
O4 - HKLM\..\Run: [snpstd3] C:\WINDOWS\vsnpstd3.exe
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [ChangeFilterMerit] D:\Tv\ChangeFilterMerit.exe
O4 - HKLM\..\Run: [Presto! PVR Monitor] D:\Tv\Monitor.exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [MSMSGS] "C:\PROGRA~1\MESSEN~1\Msmsgs.exe" /background
O4 - HKUS\S-1-5-19\..\RunOnce: [nltide1] cmd.exe /C move /Y "%SystemRoot%\System32\syssetub.dll" "%SystemRoot%\System32\syssetup.dll" (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\RunOnce: [nltide2] cmd.exe /C rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,L,,4,N (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\RunOnce: [nltide1] cmd.exe /C move /Y "%SystemRoot%\System32\syssetub.dll" "%SystemRoot%\System32\syssetup.dll" (User 'SERVICE RÉSEAU')
O4 - Startup: IcoSauve.lnk = C:\WINDOWS\system32\IcoSauve.exe
O4 - Startup: No-IP DUC.lnk = D:
o ip\No-IP\DUC20.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0\bin\ssv.dll
O9 - Extra button: Parental... - {200DB664-75B5-47c0-8B45-A44ACCF73C00} - C:\Program Files\Pack Securite\FSPC\fspcmsie.dll
O9 - Extra button: (no name) - {200DB664-75B5-47c0-8B45-A44ACCF73F01} - C:\Program Files\Pack Securite\FSPC\fspcmsie.dll
O9 - Extra 'Tools' menuitem: Parental... - {200DB664-75B5-47c0-8B45-A44ACCF73F01} - C:\Program Files\Pack Securite\FSPC\fspcmsie.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: @C:\Program Files\Messenger\Msgslang.dll,-61144 - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: @C:\Program Files\Messenger\Msgslang.dll,-61144 - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://messenger.zone.msn.com/binary/ZIntro.cab56649.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O16 - DPF: {E6187999-9FEC-46A1-A20F-F4CA977D5643} (ZoneChess Object) - http://messenger.zone.msn.com/binary/Chess.cab57176.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{E59F51B4-4EB2-4A42-AD55-04A4BE1F3257}: NameServer = 192.168.1.1
O23 - Service: a-squared Free Service (a2free) - Emsi Software GmbH - C:\Program Files\a-squared Free\a2service.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: FSGKHS (F-Secure Gatekeeper Handler Starter) - F-Secure Corporation - C:\Program Files\Pack Securite\Anti-Virus\fsgk32st.exe
O23 - Service: F-Secure Automatic Update Agent (FSAUA) - F-Secure Corporation - C:\Program Files\Pack Securite\FSAUA\program\fsaua.exe
O23 - Service: F-Secure Anti-Virus Firewall Daemon (FSDFWD) - F-Secure Corporation - C:\Program Files\Pack Securite\FWES\Program\fsdfwd.exe
O23 - Service: F-Secure Management Agent (FSMA) - F-Secure Corporation - C:\Program Files\Pack Securite\Common\FSMA32.EXE
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Ma-Config Service (maconfservice) - Unknown owner - E:\AA\maconfservice.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32
vsvc32.exe
O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe

Destrio5 · Answer

Tu as deux antivirus, ce n'est pas bien.

TOTOF20 · Answer

Lequel faut enveler ?  j'ai avast  qui est gratuit  (met d'apres mes pote qui est pas top) et aussi F-secure qui a un probleme car il me met  les définition des virus sont ancienne et j'arrive pas a faire une mise a jour (antivirus du neuf  payant)


Et je tiens a te remercié pour l'aide que tu ma fournis :)

Destrio5 · Answer

Tu ne peux pas arrêter l'abonnement ?

Totof20 · Answer

si je pense donc je garderai avast ? meme si mes pote me dise que qu'il est pas top ? ou voir si tu peux m'en proposer un meilleur et gratuit ^^ On sais jamais

Destrio5 · Answer

Désinstalle les deux antivirus et poste un nouveau rapport HijackThis.

Totof20 · Answer

Me revoila
donc voici le rapport apres c déshintallation :


Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 18:18:53, on 23/08/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16640)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe
C:\Program Files\Analog Devices\SoundMAX\Smax4.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\WINDOWS\vsnpstd3.exe
D:\Tv\Monitor.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe
C:\PROGRA~1\MESSEN~1\Msmsgs.exe
C:\WINDOWS\system32\IcoSauve.exe
D:
o ip\No-IP\DUC20.exe
C:\Program Files\a-squared Free\a2service.exe
C:\WINDOWS\system32
vsvc32.exe
C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.fr/toolbar/ie8/sidebar.html
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www2.iesearch.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://home.neuf.fr
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://www.google.fr/search?q=%s
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\3.0.1225.9868\swg.dll
O2 - BHO: MegaIEMn - {bf00e119-21a3-4fd1-b178-3b8537e75c92} - D:\film bis\MegaIEMn.dll (file missing)
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe
O4 - HKLM\..\Run: [SoundMAX] "C:\Program Files\Analog Devices\SoundMAX\Smax4.exe" /tray
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [WinampAgent] D:\Winamp\winampa.exe
O4 - HKLM\..\Run: [snpstd3] C:\WINDOWS\vsnpstd3.exe
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [ChangeFilterMerit] D:\Tv\ChangeFilterMerit.exe
O4 - HKLM\..\Run: [Presto! PVR Monitor] D:\Tv\Monitor.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [MSMSGS] "C:\PROGRA~1\MESSEN~1\Msmsgs.exe" /background
O4 - HKUS\S-1-5-19\..\RunOnce: [nltide1] cmd.exe /C move /Y "%SystemRoot%\System32\syssetub.dll" "%SystemRoot%\System32\syssetup.dll" (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\RunOnce: [nltide2] cmd.exe /C rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,L,,4,N (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\RunOnce: [nltide1] cmd.exe /C move /Y "%SystemRoot%\System32\syssetub.dll" "%SystemRoot%\System32\syssetup.dll" (User 'SERVICE RÉSEAU')
O4 - Startup: IcoSauve.lnk = C:\WINDOWS\system32\IcoSauve.exe
O4 - Startup: No-IP DUC.lnk = D:
o ip\No-IP\DUC20.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0\bin\ssv.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: @C:\Program Files\Messenger\Msgslang.dll,-61144 - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: @C:\Program Files\Messenger\Msgslang.dll,-61144 - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://messenger.zone.msn.com/binary/ZIntro.cab56649.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O16 - DPF: {E6187999-9FEC-46A1-A20F-F4CA977D5643} (ZoneChess Object) - http://messenger.zone.msn.com/binary/Chess.cab57176.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{E59F51B4-4EB2-4A42-AD55-04A4BE1F3257}: NameServer = 192.168.1.1
O23 - Service: a-squared Free Service (a2free) - Emsi Software GmbH - C:\Program Files\a-squared Free\a2service.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Ma-Config Service (maconfservice) - Unknown owner - E:\AA\maconfservice.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32
vsvc32.exe
O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe

Destrio5 · Answer

Installe Antivir :
http://dl1.avgate.net/down/windows/antivir_workstation_winu_en_h.exe

Mets-le à jour et fais un scan complet de ton disque dur :
https://www.malekal.com/avira-free-security-antivirus-gratuit/

Totof20 · Answer

ok je viens de faire se que tu ma dis.

Question c bien un anti virus ?*

Est-il efficace ?

Et mercie encore pour ton aide qui ma ete tres utile

Destrio5 · Answer

Oui, c'est un antivirus. Il est en anglais mais c'est le meilleur antivirus gratuit.

Totof20 · Answer

Mercie bien pour ton aide actuellement je fait un scan avec donc je verai bien par contre j'ai aussi spybot, Malwarebytes' Anti-Malware,  a-squared es-ce bien ?

Destrio5 · Answer

Je ne vois pas l'utilité de a-squared Free.

Totof20 · Answer

on ma dit que c'etais l'un des meilleur es-ce vrai ?

Totof20 · Answer

au faite faut desintaller lops ?

Destrio5 · Answer

Je ne peux pas te dire, je ne m'en suis jamais servi.

Destrio5 · Answer

Tu peux désinstaller Lop S&D.

Totof20 · Answer

Mercie pour toutes l'aide que tu ma fourni bonne continuation  pour la suite et  toute mes felicitation pour se forum rapide et efficace

A+ et mercie encore

Destrio5 · Answer

Mets à jour Java :
https://www.java.com/fr/download/manual.jsp

Probleme avec Win32:Swizzor [Trj]

21 réponses

Discussions similaires