redirection recherches google

Question

Bonjour à tous,

Mes recherches google sont redirigées vers d'autres sites ou alors elles sont tout simplement interrompues. Il faut parfois que je rafraichisse plusieurs fois une page avant qu'elle ne se charge en entier.

Je remercie d'avance toute personne qui pourrait m'aider.

Voici mon rapport HijackThis:

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 13:38:25, on 07/12/2008
Platform: Windows XP SP3, v.5512 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.20772)
Boot mode: Normal

Running processes:
D:\WINDOWS\System32\smss.exe
D:\WINDOWS\system32\winlogon.exe
D:\WINDOWS\system32\services.exe
D:\WINDOWS\system32\lsass.exe
D:\WINDOWS\system32\svchost.exe
D:\WINDOWS\System32\svchost.exe
D:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
D:\Program Files\Bonjour\mDNSResponder.exe
D:\Program Files\Cisco VPN Client\cvpnd.exe
D:\Program Files\Java\jre6\bin\jqs.exe
D:\WINDOWS\system32
vsvc32.exe
D:\WINDOWS\system32\HPZipm12.exe
D:\Program Files	inyproxy	inyproxy.exe
D:\Program Files\SigmaTel\C-Major Audio\WDM\STacSV.exe
D:\WINDOWS\system32\svchost.exe
D:\Program Files\Fichiers communs\BitDefender\BitDefender Communicator\xcommsvr.exe
D:\Program Files\Fichiers communs\BitDefender\BitDefender Update Service\livesrv.exe
D:\Program Files\BitDefender\vsserv.exe
D:\WINDOWS\System32\svchost.exe
D:\WINDOWS\Explorer.EXE
D:\WINDOWS\stsystra.exe
D:\WINDOWS\OEM02Mon.exe
D:\WINDOWS\system32\RUNDLL32.EXE
D:\Program Files\BitDefender\bdagent.exe
D:\Program Files\DellTPad\Apoint.exe
D:\Program Files\Java\jre6\bin\jusched.exe
D:\Program Files\DellTPad\ApMsgFwd.exe
D:\Program Files\DellTPad\HidFind.exe
D:\Program Files\DellTPad\Apntex.exe
D:\Program Files\Logitech\SetPoint\SetPoint.exe
D:\Program Files\Fichiers communs\Logishrd\KHAL2\KHALMNPR.EXE
D:\Program Files\Mozilla Firefox\firefox.exe
D:\Program Files\Windows Live\Messenger\msnmsgr.exe
D:\Program Files\Trend Micro\HijackThis\HijackThis.exe
D:\Program Files\Notepad++
otepad++.exe
D:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = http=127.0.0.1:9090
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local;<local>
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Favoris
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - D:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - D:\PROGRA~1\Spybot\SDHelper.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - D:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - D:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - D:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: BitDefender Toolbar - {381FFDE8-2394-4f90-B10D-FC6124A40F8C} - D:\Program Files\BitDefender\IEToolbar.dll
O4 - HKLM\..\Run: [SigmatelSysTrayApp] stsystra.exe
O4 - HKLM\..\Run: [OSSelectorReinstall] D:\Program Files\Fichiers communs\Acronis\Partition Suite\oss_reinstall.exe
O4 - HKLM\..\Run: [OEM02Mon.exe] D:\WINDOWS\OEM02Mon.exe
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE D:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE D:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM\..\Run: [BDAgent] "D:\Program Files\BitDefender\bdagent.exe"
O4 - HKLM\..\Run: [Apoint] D:\Program Files\DellTPad\Apoint.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "D:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "D:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKCU\..\Run: [DAEMON Tools Lite] "D:\Program Files\DAEMON Tools Lite\daemon.exe" -autorun
O4 - Global Startup: Cisco Systems VPN Client.lnk = D:\Program Files\Cisco VPN Client\vpngui.exe
O4 - Global Startup: Logitech SetPoint.lnk = D:\Program Files\Logitech\SetPoint\SetPoint.exe
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://D:\PROGRA~1\MICROS~1\Office12\EXCEL.EXE/3000
O9 - Extra button: Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - D:\PROGRA~1\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - D:\PROGRA~1\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - D:\PROGRA~1\MICROS~4\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - D:\PROGRA~1\MICROS~4\INetRepl.dll
O9 - Extra 'Tools' menuitem: Créer un Favori de l'appareil mobile... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - D:\PROGRA~1\MICROS~4\INetRepl.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - D:\PROGRA~1\MICROS~1\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - D:\PROGRA~1\Spybot\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - D:\PROGRA~1\Spybot\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - D:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - D:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx1.hotmail.com/mail/w3/resources/MSNPUpld.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/flashplayer/current/swflash.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{7F70F2F3-A439-4FAB-BC7D-81E7A7CF6E71}: NameServer = 212.27.54.252,212.27.53.252
O23 - Service: Apple Mobile Device - Apple Inc. - D:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - D:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Cisco Systems, Inc. VPN Service (CVPND) - Cisco Systems, Inc. - D:\Program Files\Cisco VPN Client\cvpnd.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - D:\Program Files\Fichiers communs\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: getPlus(R) Helper - NOS Microsystems Ltd. - D:\Program Files\NOS\bin\getPlus_HelperSvc.exe
O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - D:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - D:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech, Inc. - D:\Program Files\Fichiers communs\Logishrd\Bluetooth\LBTServ.exe
O23 - Service: BitDefender Desktop Update Service (LIVESRV) - BitDefender SRL - D:\Program Files\Fichiers communs\BitDefender\BitDefender Update Service\livesrv.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - D:\WINDOWS\system32
vsvc32.exe
O23 - Service: Pml Driver HPZ12 - HP - D:\WINDOWS\system32\HPZipm12.exe
O23 - Service: Pml Driver HPZ12 (Pml Driver HPZ12)  - Unknown owner - D:\Program Files	inyproxy	inyproxy.exe
O23 - Service: SigmaTel Audio Service (STacSV) - SigmaTel, Inc. - D:\Program Files\SigmaTel\C-Major Audio\WDM\STacSV.exe
O23 - Service: BitDefender Virus Shield (VSSERV) - BitDefender S.R.L. - D:\Program Files\BitDefender\vsserv.exe
O23 - Service: BitDefender Communicator (XCOMM) - BitDefender - D:\Program Files\Fichiers communs\BitDefender\BitDefender Communicator\xcommsvr.exe

benurrr · Answer

1/ telecharger : 

http://siri.urz.free.fr/Fix/SmitfraudFix.php 


2/ double clique sur smitfraudfix. puis sélectionne 1 et appuyer sur entrée afin de créer le rapport des infection présentes

Process.exe est détecté par certains antivirus (AntiVir, Dr.Web, Kaspersky Anti-Virus) comme étant un RiskTool. 
Il ne s'agit pas d'un virus, mais d'un utilitaire destiné à mettre fin à des processus. 
Mis entre de mauvaises mains, cet utilitaire pourrait arrêter des logiciels de sécurité (Antivirus, Firewall...)

Maeliss22 · Answer

Tout d'abord merci.
J'ai essayé d'envoyer à plusieurs reprises le rapport mais cela n'a pas fonctionné. Peut-être parce qu'il est trop long.
Je n'ai pas eu de question "Corriger le fichier infecté ?".

Maeliss22 · Answer

SmitFraudFix v2.381

Rapport fait à 23:21:59,53, 07/12/2008
Executé à partir de D:\Documents and Settings\Diane.VIRUS\Bureau\SmitfraudFix
OS: Console - Windows Trust 2.5 (5.1.2600) - Windows_NT
Le type du système de fichiers est NTFS
Fix executé en mode sans echec

»»»»»»»»»»»»»»»»»»»»»»»» SharedTaskScheduler Avant SmitFraudFix
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

SrchSTS.exe by S!Ri
Search SharedTaskScheduler's .dll

»»»»»»»»»»»»»»»»»»»»»»»» Arret des processus


»»»»»»»»»»»»»»»»»»»»»»»» VACFix

VACFix
Credits: Malware Analysis & Diagnostic
Code: S!Ri


»»»»»»»»»»»»»»»»»»»»»»»» Winsock2 Fix

S!Ri's WS2Fix: LSP not Found.


»»»»»»»»»»»»»»»»»»»»»»»» Generic Renos Fix

GenericRenosFix by S!Ri


»»»»»»»»»»»»»»»»»»»»»»»» Suppression des fichiers infectés


»»»»»»»»»»»»»»»»»»»»»»»» IEDFix

IEDFix
Credits: Malware Analysis & Diagnostic
Code: S!Ri



»»»»»»»»»»»»»»»»»»»»»»»» 404Fix

404Fix
Credits: Malware Analysis & Diagnostic
Code: S!Ri


»»»»»»»»»»»»»»»»»»»»»»»» RK


»»»»»»»»»»»»»»»»»»»»»»»» DNS

HKLM\SYSTEM\CCS\Services\Tcpip\..\{7F70F2F3-A439-4FAB-BC7D-81E7A7CF6E71}: NameServer=212.27.54.252,212.27.53.252
HKLM\SYSTEM\CCS\Services\Tcpip\..\{E86E85CC-390E-408A-8FEC-40F31E1F35E5}: DhcpNameServer=212.27.40.241 212.27.40.240
HKLM\SYSTEM\CS1\Services\Tcpip\..\{7F70F2F3-A439-4FAB-BC7D-81E7A7CF6E71}: NameServer=212.27.54.252,212.27.53.252
HKLM\SYSTEM\CS1\Services\Tcpip\..\{E86E85CC-390E-408A-8FEC-40F31E1F35E5}: DhcpNameServer=212.27.40.241 212.27.40.240
HKLM\SYSTEM\CS3\Services\Tcpip\..\{7F70F2F3-A439-4FAB-BC7D-81E7A7CF6E71}: NameServer=212.27.54.252,212.27.53.252
HKLM\SYSTEM\CS3\Services\Tcpip\..\{E86E85CC-390E-408A-8FEC-40F31E1F35E5}: DhcpNameServer=212.27.40.241 212.27.40.240
HKLM\SYSTEM\CCS\Services\Tcpip\Parameters: DhcpNameServer=212.27.40.241 212.27.40.240
HKLM\SYSTEM\CS1\Services\Tcpip\Parameters: DhcpNameServer=212.27.40.241 212.27.40.240
HKLM\SYSTEM\CS3\Services\Tcpip\Parameters: DhcpNameServer=212.27.40.241 212.27.40.240


»»»»»»»»»»»»»»»»»»»»»»»» Suppression Fichiers Temporaires


»»»»»»»»»»»»»»»»»»»»»»»» Winlogon.System
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon]
"System"=""


»»»»»»»»»»»»»»»»»»»»»»»» Nettoyage du registre
 
Nettoyage terminé. 
 
»»»»»»»»»»»»»»»»»»»»»»»» SharedTaskScheduler Après SmitFraudFix
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

SrchSTS.exe by S!Ri
Search SharedTaskScheduler's .dll


»»»»»»»»»»»»»»»»»»»»»»»» Fin

Maeliss22 · Answer

Lorsque je double clique sur RunThis.bat, la fenêtre d'invite de commande s'ouvre puis se ferme immédiatement après.

Maeliss22 · Answer

ça refait la même chose :s

Maeliss22 · Answer

oui, j'avais essayé en mode sans échec.

Maeliss22 · Answer

Rien d'infecté n'a été trouvé. Je vais faire tourner le test en mode sans échec

Malwarebytes' Anti-Malware 1.31
Version de la base de données: 1475
Windows 5.1.2600 Service Pack 3, v.5512

08/12/2008 19:38:27
mbam-log-2008-12-08 (19-38-27).txt

Type de recherche: Examen complet (C:\|D:\|)
Eléments examinés: 153301
Temps écoulé: 51 minute(s), 47 second(s)

Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 0
Valeur(s) du Registre infectée(s): 0
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 0
Fichier(s) infecté(s): 0

Maeliss22 · Answer

Il en est de même pour le scan en mode sans échec.

Maeliss22 · Answer

Encore merci. Voilà le rapport:


   --------------------\  Lop S&D 4.2.4-9c   XP/Vista

   Microsoft Windows XP Professionnel ( v5.1.2600 ) Service Pack 3, v.5512
   X86-based PC ( Multiprocessor Free : Processeur Intel Pentium III Xeon )
   BIOS : Phoenix ROM BIOS PLUS Version 1.10 A07
   USER : Diane ( Administrator )
   BOOT : Normal boot
   C:\ (Local Disk) - NTFS - Total:9 Go (Free:5 Go)
   D:\ (Local Disk) - NTFS - Total:251 Go (Free:200 Go)
   E:\ (CD or DVD)
   F:\ (CD or DVD)

   "D:\Lop SD" ( MAJ : 01-11-2008|16:30 )
   Option : [1] ( 08/12/2008|22:52 )
 
   --------------------\  Listing des dossiers dans APPLIC~1

   [31/10/2008|22:19] D:\DOCUME~1\ALLUSE~1\APPLIC~1\{3276BE95_AF08_429F_A64F_CA64CB79BCF6}
   [06/12/2008|21:32] D:\DOCUME~1\ALLUSE~1\APPLIC~1\{B46E1EF5-0B37-4DB4-A4E2-9F2B41036185}
   [24/06/2008|19:47] D:\DOCUME~1\ALLUSE~1\APPLIC~1\Acronis
   [05/08/2008|17:24] D:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe
   [31/10/2008|22:18] D:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple
   [31/10/2008|22:19] D:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple Computer
   [24/06/2008|18:07] D:\DOCUME~1\ALLUSE~1\APPLIC~1\BitDefender
   [24/08/2008|15:38] D:\DOCUME~1\ALLUSE~1\APPLIC~1\EPSON
   [29/06/2008|21:39] D:\DOCUME~1\ALLUSE~1\APPLIC~1\eXPert PDF 5
   [24/06/2008|22:19] D:\DOCUME~1\ALLUSE~1\APPLIC~1\FLEXnet
   [29/09/2008|21:22] D:\DOCUME~1\ALLUSE~1\APPLIC~1\HP
   [15/07/2008|01:36] D:\DOCUME~1\ALLUSE~1\APPLIC~1\LogiShrd
   [15/07/2008|01:42] D:\DOCUME~1\ALLUSE~1\APPLIC~1\Logitech
   [08/12/2008|18:41] D:\DOCUME~1\ALLUSE~1\APPLIC~1\Malwarebytes
   [02/07/2008|11:31] D:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft
   [11/11/2008|13:57] D:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft Help
   [28/10/2008|17:24] D:\DOCUME~1\ALLUSE~1\APPLIC~1\MiKTeX
   [04/09/2008|18:09] D:\DOCUME~1\ALLUSE~1\APPLIC~1\NOS
   [24/06/2008|17:48] D:\DOCUME~1\ALLUSE~1\APPLIC~1
View_Profiles
   [17/07/2008|15:04] D:\DOCUME~1\ALLUSE~1\APPLIC~1\Office Genuine Advantage
   [04/10/2008|22:12] D:\DOCUME~1\ALLUSE~1\APPLIC~1\River Past G5
   [07/12/2008|05:57] D:\DOCUME~1\ALLUSE~1\APPLIC~1\Spybot - Search & Destroy
   [07/12/2008|05:18] D:\DOCUME~1\ALLUSE~1\APPLIC~1\TEMP
   [12/10/2008|14:52] D:\DOCUME~1\ALLUSE~1\APPLIC~1\Tiger Install
   [24/06/2008|17:51] D:\DOCUME~1\ALLUSE~1\APPLIC~1\UIB
   [12/10/2008|14:40] D:\DOCUME~1\ALLUSE~1\APPLIC~1\Video Converter Studio
   [24/06/2008|21:13] D:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Genuine Advantage

   [24/06/2008|17:18] D:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft


   [07/12/2008|18:46] D:\DOCUME~1\DIANE~1.VI~\APPLIC~1\Adobe
   [04/10/2008|21:45] D:\DOCUME~1\DIANE~1.VI~\APPLIC~1\ALLCapture
   [13/10/2008|17:23] D:\DOCUME~1\DIANE~1.VI~\APPLIC~1\Any Video Converter
   [31/10/2008|22:19] D:\DOCUME~1\DIANE~1.VI~\APPLIC~1\Apple Computer
   [11/08/2008|09:16] D:\DOCUME~1\DIANE~1.VI~\APPLIC~1\BitDefender
   [05/12/2008|16:41] D:\DOCUME~1\DIANE~1.VI~\APPLIC~1\Blender Foundation
   [11/08/2008|09:40] D:\DOCUME~1\DIANE~1.VI~\APPLIC~1\codeblocks
   [28/08/2008|23:17] D:\DOCUME~1\DIANE~1.VI~\APPLIC~1\DAEMON Tools
   [11/08/2008|09:40] D:\DOCUME~1\DIANE~1.VI~\APPLIC~1\DivX
   [08/10/2008|22:15] D:\DOCUME~1\DIANE~1.VI~\APPLIC~1\dvdcss
   [23/10/2008|11:14] D:\DOCUME~1\DIANE~1.VI~\APPLIC~1\eXPert PDF Editor
   [07/12/2008|21:53] D:\DOCUME~1\DIANE~1.VI~\APPLIC~1\FileZilla
   [11/08/2008|09:40] D:\DOCUME~1\DIANE~1.VI~\APPLIC~1\Google
   [02/10/2008|08:52] D:\DOCUME~1\DIANE~1.VI~\APPLIC~1\HP
   [11/08/2008|09:40] D:\DOCUME~1\DIANE~1.VI~\APPLIC~1\Identities
   [13/11/2008|07:50] D:\DOCUME~1\DIANE~1.VI~\APPLIC~1\Image Zone Express
   [11/08/2008|09:40] D:\DOCUME~1\DIANE~1.VI~\APPLIC~1\InstallShield
   [11/08/2008|09:40] D:\DOCUME~1\DIANE~1.VI~\APPLIC~1\Leadertech
   [11/08/2008|09:16] D:\DOCUME~1\DIANE~1.VI~\APPLIC~1\Logitech
   [11/08/2008|09:30] D:\DOCUME~1\DIANE~1.VI~\APPLIC~1\Macromedia
   [08/12/2008|18:42] D:\DOCUME~1\DIANE~1.VI~\APPLIC~1\Malwarebytes
   [31/10/2008|22:38] D:\DOCUME~1\DIANE~1.VI~\APPLIC~1\Microsoft
   [11/08/2008|09:28] D:\DOCUME~1\DIANE~1.VI~\APPLIC~1\Mozilla
   [21/08/2008|15:37] D:\DOCUME~1\DIANE~1.VI~\APPLIC~1\Notepad++
   [03/12/2008|22:51] D:\DOCUME~1\DIANE~1.VI~\APPLIC~1\OpenOffice.org
   [04/10/2008|22:09] D:\DOCUME~1\DIANE~1.VI~\APPLIC~1\River Past G5
   [11/08/2008|09:42] D:\DOCUME~1\DIANE~1.VI~\APPLIC~1\Sun
   [11/08/2008|09:42] D:\DOCUME~1\DIANE~1.VI~\APPLIC~1\vlc
   [12/10/2008|14:46] D:\DOCUME~1\DIANE~1.VI~\APPLIC~1\WinAVI
   [19/08/2008|17:31] D:\DOCUME~1\DIANE~1.VI~\APPLIC~1\WinRAR
   [18/08/2008|21:49] D:\DOCUME~1\DIANE~1.VI~\APPLIC~1\xm1

   [24/06/2008|17:18] D:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft

   [24/06/2008|17:18] D:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft
   [01/11/2008|02:03] D:\DOCUME~1\NETWOR~1\APPLIC~1\Mozilla

 
   --------------------\  Tâches planifiées dans D:\WINDOWS	asks

   [13/11/2008 15:13][--a------] D:\WINDOWS	asks\GoogleUpdateTaskUser.job
   [24/06/2008 17:29][--ah-----] D:\WINDOWS	asks\SA.DAT
   [14/04/2008 13:00][-r-h-----] D:\WINDOWS	asks\desktop.ini

   --------------------\  Listing des dossiers dans D:\Program Files

   [03/07/2008|14:45] D:\Program Files\Acro Software
   [24/06/2008|19:39] D:\Program Files\Acronis
   [13/09/2008|17:10] D:\Program Files\adagide
   [05/08/2008|17:24] D:\Program Files\Adobe
   [13/10/2008|17:23] D:\Program Files\Any Video Converter
   [31/10/2008|22:19] D:\Program Files\Apple Software Update
   [18/07/2008|18:07] D:\Program Files\Architecte Studio Expert 2005
   [18/07/2008|12:46] D:\Program Files\Audacity
   [08/12/2008|22:42] D:\Program Files\BitDefender
   [05/12/2008|16:41] D:\Program Files\Blender
   [31/10/2008|22:19] D:\Program Files\Bonjour
   [13/09/2008|17:07] D:\Program Files\Cain
   [24/06/2008|17:27] D:\Program Files\CCleaner
   [05/12/2008|21:00] D:\Program Files\Cisco VPN Client
   [03/08/2008|21:48] D:\Program Files\CodeBlocks
   [24/06/2008|17:16] D:\Program Files\ComPlus Applications
   [29/08/2008|13:06] D:\Program Files\DAEMON Tools Lite
   [30/08/2008|14:57] D:\Program Files\DAEMON Tools Toolbar
   [24/06/2008|18:01] D:\Program Files\DellTPad
   [24/06/2008|18:03] D:\Program Files\DIFX
   [07/12/2008|05:52] D:\Program Files\DivX
   [27/11/2008|18:41] D:\Program Files\EasyPHP
   [28/10/2008|13:20] D:\Program Files\Fichiers communs
   [31/10/2008|18:00] D:\Program Files\FileSubmit
   [26/08/2008|13:38] D:\Program Files\FileZilla
   [24/06/2008|17:51] D:\Program Files\Fingerprint Reader Suite
   [06/10/2008|23:30] D:\Program Files\ghostscript
   [13/09/2008|17:00] D:\Program Files\GNAT
   [09/08/2008|16:09] D:\Program Files\Google
   [29/09/2008|21:18] D:\Program Files\Hewlett-Packard
   [29/09/2008|21:21] D:\Program Files\HP
   [25/09/2008|13:33] D:\Program Files\InstallShield Installation Information
   [24/06/2008|17:40] D:\Program Files\Intel
   [09/10/2008|16:45] D:\Program Files\Internet Explorer
   [31/10/2008|22:19] D:\Program Files\iPod
   [31/10/2008|22:19] D:\Program Files\iTunes
   [06/12/2008|21:29] D:\Program Files\iXi Tools
   [27/11/2008|17:20] D:\Program Files\Java
   [28/10/2008|17:37] D:\Program Files\LEd
   [15/07/2008|01:39] D:\Program Files\Logitech
   [08/12/2008|18:42] D:\Program Files\Malwarebytes' Anti-Malware
   [24/06/2008|17:53] D:\Program Files\Marvell
   [12/10/2008|14:52] D:\Program Files\MediaCoder
   [13/10/2008|17:07] D:\Program Files\Micro Application
   [06/08/2008|14:05] D:\Program Files\Microsoft ActiveSync
   [24/06/2008|18:22] D:\Program Files\Microsoft Office
   [24/06/2008|18:22] D:\Program Files\Microsoft Visual Studio
   [24/06/2008|18:22] D:\Program Files\Microsoft Works
   [24/06/2008|18:22] D:\Program Files\Microsoft.NET
   [18/08/2008|21:06] D:\Program Files\MikTek
   [28/10/2008|17:23] D:\Program Files\MiKTeX 2.7
   [09/10/2008|15:18] D:\Program Files\Movie Maker
   [08/12/2008|22:43] D:\Program Files\Mozilla Firefox
   [17/07/2008|15:05] D:\Program Files\MSECache
   [04/09/2008|18:09] D:\Program Files\NOS
   [07/09/2008|12:10] D:\Program Files\Notepad++
   [03/12/2008|08:04] D:\Program Files\OpenOffice
   [03/12/2008|08:08] D:\Program Files\OpenOffice.org 3
   [24/06/2008|17:17] D:\Program Files\Outlook Express
   [24/06/2008|17:15] D:\Program Files\Paint.NET
   [04/07/2008|13:10] D:\Program Files\PDF Editeur
   [23/10/2008|11:19] D:\Program Files\PDFCreator
   [30/06/2008|11:40] D:\Program Files\PDFTransformer
   [09/10/2008|16:45] D:\Program Files\QuickTime
   [28/08/2008|12:38] D:\Program Files\RealGrain Plug-in
   [31/10/2008|18:01] D:\Program Files\RelevantKnowledge
   [06/08/2008|14:04] D:\Program Files\Ressources Windows Mobile
   [04/10/2008|23:41] D:\Program Files\Screen Capture Master
   [24/06/2008|17:50] D:\Program Files\SigmaTel
   [07/12/2008|05:00] D:\Program Files\Spybot
   [28/08/2008|23:46] D:\Program Files\Starcraft
   [18/08/2008|16:08] D:\Program Files\Texmaker
   [25/06/2008|08:38] D:\Program Files\TGTSoft
   [04/12/2008|15:26] D:\Program Files	inyproxy
   [07/12/2008|05:35] D:\Program Files\Trend Micro
   [03/08/2008|16:30] D:\Program Files\Tropico
   [11/10/2008|14:08] D:\Program Files\Ultralingua
   [24/06/2008|17:21] D:\Program Files\Uninstall Information
   [01/09/2008|18:35] D:\Program Files\Unlocker
   [24/06/2008|17:27] D:\Program Files\Virtual CDRom
   [24/06/2008|22:36] D:\Program Files\VLC
   [04/10/2008|21:47] D:\Program Files\Webcam Video Capture
   [24/06/2008|17:27] D:\Program Files\Windows Live
   [24/06/2008|17:18] D:\Program Files\Windows Media Player
   [24/06/2008|17:16] D:\Program Files\Windows Trust
   [24/06/2008|17:27] D:\Program Files\WinRAR
   [04/10/2008|22:09] D:\Program Files\WMV9_VCM
   [24/06/2008|17:21] D:\Program Files\WTInstaller

   --------------------\  Listing des dossiers dans D:\Program Files\Fichiers communs

   [24/06/2008|19:40] D:\Program Files\Fichiers communs\Acronis
   [03/08/2008|11:24] D:\Program Files\Fichiers communs\Adobe
   [31/10/2008|22:18] D:\Program Files\Fichiers communs\Apple
   [24/06/2008|18:07] D:\Program Files\Fichiers communs\BitDefender
   [24/06/2008|18:22] D:\Program Files\Fichiers communs\DESIGNER
   [25/09/2008|13:33] D:\Program Files\Fichiers communs\Deterministic Networks
   [29/09/2008|21:18] D:\Program Files\Fichiers communs\Hewlett-Packard
   [29/09/2008|21:21] D:\Program Files\Fichiers communs\HP
   [03/08/2008|16:26] D:\Program Files\Fichiers communs\InstallShield
   [24/06/2008|17:27] D:\Program Files\Fichiers communs\Java
   [15/07/2008|01:42] D:\Program Files\Fichiers communs\Logishrd
   [24/06/2008|22:01] D:\Program Files\Fichiers communs\Macrovision Shared
   [06/08/2008|17:06] D:\Program Files\Fichiers communs\Microsoft Shared
   [24/06/2008|17:17] D:\Program Files\Fichiers communs\MSSoap
   [24/06/2008|19:11] D:\Program Files\Fichiers communs\ODBC
   [24/06/2008|17:17] D:\Program Files\Fichiers communs\Services
   [28/10/2008|15:53] D:\Program Files\Fichiers communs\Stardock
   [24/06/2008|18:20] D:\Program Files\Fichiers communs\System

   --------------------\  Process

   ( 42 Processes )

   ... OK !

   --------------------\  Recherche avec S_Lop

   Aucun fichier / dossier Lop trouvé !
 
   --------------------\  Recherche de Fichiers / Dossiers Lop

   Aucun fichier / dossier Lop trouvé ! 
 
   --------------------\  Verification du Registre
 
   ..... OK !

   --------------------\  Verification du fichier Hosts

   Fichier Hosts PROPRE


   --------------------\  Recherche de fichiers avec Catchme
 
   catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
   Rootkit scan 2008-12-08 22:53:30
   Windows 5.1.2600 Service Pack 3, v.5512 NTFS
   scanning hidden processes ...
   scanning hidden files ...
   scan completed successfully
   hidden processes: 0
   hidden files: 0
 
   --------------------\  Recherche d'autres infections

   --------------------\  KoobFace !

   D:\Program Files\TinyProxy
   D:\Program Files\TinyProxy	inyproxy.exe



   [F:85][D:8]-> D:\DOCUME~1\DIANE~1.VI~\LOCALS~1\Temp
   [F:8][D:0]-> D:\DOCUME~1\DIANE~1.VI~\Cookies
   [F:60][D:4]-> D:\DOCUME~1\DIANE~1.VI~\LOCALS~1\TEMPOR~1\content.IE5

   1 - "D:\Lop SD\LopR_1.txt" - 08/12/2008|22:54 - Option : [1]

   --------------------\  Fin du rapport a 22:54:07

Maeliss22 · Answer

Je n'arrive plus à me connecter via Firefox: "Connexion au serveur proxy refusée". Mais ça marche sous IE.

ComboFix 08-12-07.03 - Diane 2008-12-08 23:19:05.1 - NTFSx86
Microsoft Windows XP Professionnel 5.1.2600.3.1252.1.1036.18.3146 [GMT 1:00]
Lancé depuis: d:\documents and settings\Diane.VIRUS\Bureau\ComboFix.exe
* Resident AV is active

[COLOR=RED][B]AVERTISSEMENT - LA CONSOLE DE RÉCUPÉRATION N'EST PAS INSTALLÉE SUR CETTE MACHINE !![/B][/COLOR]
.

(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.

d:\program files\TinyProxy
d:\program files\tinyproxy\tinyproxy.exe
d:\windows\system32\tmp.reg
d:\windows\system32\unrar.exe

.
((((((((((((((((((((((((((((((((((((((( Pilotes/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.

-------\Legacy_NPF
-------\Legacy_PML_DRIVER_HPZ12_(PML_DRIVER_HPZ12)_
-------\Service_Pml Driver HPZ12 (Pml Driver HPZ12)

((((((((((((((((((((((((((((( Fichiers créés du 2008-11-08 au 2008-12-08 ))))))))))))))))))))))))))))))))))))
.

2008-12-08 23:21 . 2008-12-08 23:21 <REP> d-------- d:\windows\system32\xircom
2008-12-08 23:21 . 2008-12-08 23:21 <REP> d-------- d:\windows\system32\restore
2008-12-08 23:21 . 2008-12-08 23:21 <REP> d-------- d:\windows\system32\oobe
2008-12-08 23:21 . 2008-12-08 23:21 <REP> d-------- d:\windows\srchasst
2008-12-08 23:21 . 2008-12-08 23:21 <REP> d-------- d:\windows\msagent
2008-12-08 23:21 . 2008-12-08 23:21 <REP> d-------- d:\program files\microsoft frontpage
2008-12-08 22:52 . 2008-12-08 22:54 <REP> d-------- D:\Lop SD
2008-12-08 18:42 . 2008-12-08 18:42 <REP> d-------- d:\documents and settings\Diane.VIRUS\Application Data\Malwarebytes
2008-12-08 18:42 . 2008-12-03 19:52 15,504 --a------ d:\windows\system32\drivers\mbam.sys
2008-12-08 18:41 . 2008-12-08 18:42 <REP> d-------- d:\program files\Malwarebytes' Anti-Malware
2008-12-08 18:41 . 2008-12-08 18:41 <REP> d-------- d:\documents and settings\All Users\Application Data\Malwarebytes
2008-12-08 18:41 . 2008-12-03 19:52 38,496 --a------ d:\windows\system32\drivers\mbamswissarmy.sys
2008-12-08 17:56 . 2008-11-06 02:03 <REP> d-------- D:\SDFix
2008-12-07 05:35 . 2008-12-07 05:35 <REP> d-------- d:\program files\Trend Micro
2008-12-06 21:29 . 2008-12-06 21:29 <REP> d-------- d:\program files\iXi Tools
2008-12-06 21:27 . 2008-12-06 21:32 <REP> d--h-c--- d:\documents and settings\All Users\Application Data\{B46E1EF5-0B37-4DB4-A4E2-9F2B41036185}
2008-12-06 21:04 . 2008-12-07 05:18 <REP> d-a------ d:\documents and settings\All Users\Application Data\TEMP
2008-12-06 18:39 . 2008-12-07 05:00 <REP> d-------- d:\program files\Spybot
2008-12-06 18:39 . 2008-12-07 05:57 <REP> d-------- d:\documents and settings\All Users\Application Data\Spybot - Search & Destroy
2008-12-05 16:41 . 2008-12-05 16:41 <REP> d-------- d:\program files\Blender
2008-12-05 16:41 . 2008-12-05 16:41 <REP> d-------- d:\documents and settings\Diane.VIRUS\Application Data\Blender Foundation
2008-12-03 22:51 . 2008-12-03 22:51 <REP> d-------- d:\documents and settings\Diane.VIRUS\Application Data\OpenOffice.org
2008-12-03 08:08 . 2008-12-03 08:08 <REP> d-------- d:\program files\OpenOffice.org 3
2008-12-03 08:04 . 2008-12-03 08:04 <REP> d-------- d:\program files\OpenOffice
2008-11-27 17:20 . 2008-11-27 17:20 410,976 --a------ d:\windows\system32\deploytk.dll
2008-11-23 18:27 . 2008-11-23 18:27 30,202 --a------ d:\windows\Run32A50.mch
2008-11-23 15:19 . 2008-11-23 15:19 <REP> d-------- d:\windows\A5W_DATA
2008-11-23 15:19 . 2008-11-23 15:19 35 --a------ d:\windows\A5W.INI
2008-11-13 07:50 . 2008-11-13 07:50 <REP> d-------- d:\documents and settings\Diane.VIRUS\Application Data\Image Zone Express
2008-11-13 07:50 . 2008-11-13 07:50 156 --a------ d:\windows\Twunk001.MTX
2008-11-13 07:50 . 2008-11-13 07:50 2 --a------ d:\windows\Twain001.Mtx
2008-11-13 07:50 . 2008-11-13 07:50 0 --a------ d:\windows\Twunk002.MTX
2008-11-11 16:52 . 2003-05-22 16:31 55,808 --a------ d:\windows\system32\lfpsd13n.dll
2008-11-11 16:51 . 2004-05-14 16:53 462,848 --a------ d:\windows\system32\ltkrn13n.dll
2008-11-11 16:51 . 2004-05-14 16:53 450,560 --a------ d:\windows\system32\ltimg13n.dll
2008-11-11 16:51 . 2004-05-14 16:53 401,408 --a------ d:\windows\system32\lfcmp13n.dll
2008-11-11 16:51 . 2004-05-14 16:53 299,008 --a------ d:\windows\system32\ltdis13n.dll
2008-11-11 16:51 . 2004-01-12 02:09 206,336 --a------ d:\windows\system32\ltefx13n.dll
2008-11-11 16:51 . 2004-05-14 16:53 163,840 --a------ d:\windows\system32\ltfil13n.dll
2008-11-11 16:51 . 2003-11-04 15:10 69,632 --a------ d:\windows\system32\lfgif13n.dll
2008-11-11 16:51 . 2004-05-14 16:53 57,344 --a------ d:\windows\system32\lfbmp13n.dll

.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-12-08 22:20 81,984 ----a-w d:\windows\system32\bdod.bin
2008-12-08 22:20 --------- d-----w d:\program files\BitDefender
2008-12-07 20:53 --------- d-----w d:\documents and settings\Diane.VIRUS\Application Data\FileZilla
2008-12-07 04:52 --------- d-----w d:\program files\DivX
2008-12-05 20:00 --------- d-----w d:\program files\Cisco VPN Client
2008-11-27 17:41 --------- d-----r d:\program files\EasyPHP
2008-11-27 16:20 --------- d-----w d:\program files\Java
2008-11-11 12:57 --------- d-----w d:\documents and settings\All Users\Application Data\Microsoft Help
2008-10-31 21:19 --------- d-----w d:\program files\iTunes
2008-10-31 21:19 --------- d-----w d:\program files\iPod
2008-10-31 21:19 --------- d-----w d:\program files\Bonjour
2008-10-31 21:19 --------- d-----w d:\program files\Apple Software Update
2008-10-31 21:19 --------- d-----w d:\documents and settings\Diane.VIRUS\Application Data\Apple Computer
2008-10-31 21:19 --------- d-----w d:\documents and settings\All Users\Application Data\Apple Computer
2008-10-31 21:19 --------- d-----w d:\documents and settings\All Users\Application Data\{3276BE95_AF08_429F_A64F_CA64CB79BCF6}
2008-10-31 21:18 --------- d-----w d:\program files\Fichiers communs\Apple
2008-10-31 21:18 --------- d-----w d:\documents and settings\All Users\Application Data\Apple
2008-10-31 19:17 50,242 ----a-w d:\windows\BricoPackUninst.cmd
2008-10-31 19:17 3,076 ----a-w d:\windows\BricoPackFoldersDelete.cmd
2008-10-31 19:17 219,648 ----a-w d:\windows\system32\uxtheme.dll
2008-10-31 17:01 --------- d-----w d:\program files\RelevantKnowledge
2008-10-31 17:00 --------- d-----w d:\program files\FileSubmit
2008-10-28 16:37 --------- d-----w d:\program files\LEd
2008-10-28 16:24 --------- d-----w d:\documents and settings\All Users\Application Data\MiKTeX
2008-10-28 16:23 --------- d-----w d:\program files\MiKTeX 2.7
2008-10-28 14:53 --------- d-----w d:\program files\Fichiers communs\Stardock
2008-10-27 21:36 65,536 ----a-w d:\windows\DUMP3865.tmp
2008-10-27 20:36 65,536 ----a-w d:\windows\DUMP38e2.tmp
2008-10-23 10:19 --------- d-----w d:\program files\PDFCreator
2008-10-23 10:14 --------- d-----w d:\documents and settings\Diane.VIRUS\Application Data\eXPert PDF Editor
2008-10-13 16:23 --------- d-----w d:\program files\Any Video Converter
2008-10-13 16:23 --------- d-----w d:\documents and settings\Diane.VIRUS\Application Data\Any Video Converter
2008-10-13 16:07 --------- d-----w d:\program files\Micro Application
2008-10-12 13:52 --------- d-----w d:\program files\MediaCoder
2008-10-12 13:52 --------- d-----w d:\documents and settings\All Users\Application Data\Tiger Install
2008-10-12 13:46 --------- d-----w d:\documents and settings\Diane.VIRUS\Application Data\WinAVI
2008-10-12 13:40 --------- d-----w d:\documents and settings\All Users\Application Data\Video Converter Studio
2008-10-12 12:04 65,536 ----a-w d:\windows\DUMP39cc.tmp
2008-10-11 13:08 --------- d-----w d:\program files\Ultralingua
2008-10-09 15:45 --------- d-----w d:\program files\QuickTime
2008-10-08 21:15 --------- d-----w d:\documents and settings\Diane.VIRUS\Application Data\dvdcss
2008-08-04 10:56 96 --sha-w d:\program files\desktop.ini
2008-05-13 00:16 48,128 --sha-w d:\windows\BricoPacks\SysFiles\186_wmplayer.exe
2008-06-24 18:10 16,384 --sha-w d:\windows\system32\config\systemprofile\Cookies\index.dat
2008-06-24 18:10 16,384 --sha-w d:\windows\system32\config\systemprofile\Local Settings\Historique\History.IE5\index.dat
2008-06-24 18:10 32,768 --sha-w d:\windows\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\index.dat
.

------- Sigcheck -------

2008-05-13 01:16 594944 26f18b04421e291b898cb8e3e5890234 d:\windows\system32\user32.dll

2008-05-11 00:25 827392 5a0093f59b505c008ed0cee615563c72 d:\windows\system32\Wininet.dll

2008-05-13 01:16 361344 68f06fe0021b01e670af37b8c5964fdf d:\windows\system32\drivers\tcpip.sys

2008-05-13 01:19 2165760 3bbf338db2d43e8e5b2e9fc4a89a982c d:\windows\system32\ntkrnlpa.exe

2008-05-13 01:16 2287104 881377cc96baf0e037a481fd5ac8772f d:\windows\system32\ntoskrnl.exe

2008-05-13 01:15 1411584 e06fa4ad565fb4c83c30dde766ffaf1b d:\windows\explorer.exe

2008-05-13 01:15 25600 0d17d896b613f169f7041e020e09d21c d:\windows\system32\ctfmon.exe
.
((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
REGEDIT4

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\UEAFOverlay]
@="{F2F31467-B1AC-4df0-AE79-FD5FA085E22B}"
[HKEY_CLASSES_ROOT\CLSID\{F2F31467-B1AC-4df0-AE79-FD5FA085E22B}]
2007-04-16 22:13 721408 --a------ d:\program files\Fingerprint Reader Suite\farchns.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\UEAFOverlayOpen]
@="{A3E208F7-0E3A-4182-A7A6-B169D5D691AA}"
[HKEY_CLASSES_ROOT\CLSID\{A3E208F7-0E3A-4182-A7A6-B169D5D691AA}]
2007-04-16 22:13 721408 --a------ d:\program files\Fingerprint Reader Suite\farchns.dll

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite"="d:\program files\DAEMON Tools Lite\daemon.exe" [2008-07-17 490952]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"OSSelectorReinstall"="d:\program files\Fichiers communs\Acronis\Partition Suite\oss_reinstall.exe" [2006-05-31 1281425]
"OEM02Mon.exe"="d:\windows\OEM02Mon.exe" [2007-05-10 36864]
"NvMediaCenter"="d:\windows\system32\NvMcTray.dll" [2007-04-17 81920]
"NvCplDaemon"="d:\windows\system32\NvCpl.dll" [2007-04-17 8437760]
"BDAgent"="d:\program files\BitDefender\bdagent.exe" [2008-09-16 368640]
"Apoint"="d:\program files\DellTPad\Apoint.exe" [2007-07-02 159744]
"Adobe Reader Speed Launcher"="d:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2008-06-12 34672]
"SunJavaUpdateSched"="d:\program files\Java\jre6\bin\jusched.exe" [2008-11-27 136600]
"SigmatelSysTrayApp"="stsystra.exe" [2007-02-19 d:\windows\stsystra.exe]
"nwiz"="nwiz.exe" [2007-04-17 d:\windows\system32\nwiz.exe]
"Kernel and Hardware Abstraction Layer"="KHALMNPR.EXE" [2008-02-29 d:\windows\KHALMNPR.Exe]

d:\documents and settings\All Users\Menu D‚marrer\Programmes\D‚marrage\
Cisco Systems VPN Client.lnk - d:\program files\Cisco VPN Client\vpngui.exe [2008-09-25 1544984]
Logitech SetPoint.lnk - d:\program files\Logitech\SetPoint\SetPoint.exe [2008-10-13 805392]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"SynchronousMachineGroupPolicy"= 0 (0x0)
"SynchronousUserGroupPolicy"= 0 (0x0)

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]
"NoResolveTrack"= 1 (0x1)
"HideRunAsVerb"= 1 (0x1)
"NoNetConnectDisconnect"= 1 (0x1)

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"NoSMHelp"= 1 (0x1)
"NoResolveTrack"= 1 (0x1)
"NoSMBalloonTip"= 1 (0x1)
"NoSMConfigurePrograms"= 1 (0x1)
"NoStrCmpLogical"= 0 (0x0)
"NoWelcomeScreen"= 1 (0x1)

[HKEY_USERS\.default\software\microsoft\windows\currentversion\policies\explorer]
"NoSMHelp"= 1 (0x1)
"ForceClassicControlPanel"= 1 (0x1)
"NoResolveTrack"= 1 (0x1)
"NoSMBalloonTip"= 1 (0x1)
"NoSMConfigurePrograms"= 1 (0x1)
"NoStrCmpLogical"= 0 (0x0)
"NoWelcomeScreen"= 1 (0x1)

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\LBTWlgn]
2008-05-02 01:42 72208 d:\program files\Fichiers communs\Logishrd\Bluetooth\LBTWLgn.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\psfus]
2007-04-16 22:04 86528 d:\windows\system32\psqlpwd.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"vidc.XVID"= xvid.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\keygen.exe]
"Debugger"=StripMyRights.exe /D /L C

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Notification Packages REG_MULTI_SZ scecli psqlpwd

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WdfLoadGroup]
@=""

[HKLM\~\startupfolder\D:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^HP Digital Imaging Monitor.lnk]
path=d:\documents and settings\All Users\Menu Démarrer\Programmes\Démarrage\HP Digital Imaging Monitor.lnk
backup=d:\windows\pss\HP Digital Imaging Monitor.lnkCommon Startup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update]
--a----t- 2008-10-10 16:26 133104 d:\documents and settings\Diane.VIRUS\Local Settings\Application Data\Google\Update\GoogleUpdate.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\H/PC Connection Agent]
--a------ 2006-11-13 13:07 1289000 d:\program files\Microsoft ActiveSync\wcescomm.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Software Update]
--a------ 2006-02-19 01:41 49152 d:\program files\HP\HP Software Update\hpwuSchd2.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
--a------ 2008-10-01 18:57 289576 d:\program files\iTunes\iTunesHelper.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PSQLLauncher]
--a------ 2007-04-16 21:50 49168 d:\program files\Fingerprint Reader Suite\launcher.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
--a------ 2008-09-06 14:09 413696 d:\program files\QuickTime\QTTask.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SpybotSD TeaTimer]
-rahs---- 2008-09-16 12:16 1833296 d:\program files\Spybot\TeaTimer.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"Keenfinder Service"=2 (0x2)
"Spooler"=2 (0x2)

[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusDisableNotify"="0x00000000"
"UpdatesDisableNotify"="0x00000000"

R1 Ext2fs;Ext2fs;d:\windows\system32\DRIVERS\ext2fs.sys [2006-10-23 132736]
R1 IfsDrives;IfsDrives;d:\windows\system32\DRIVERS\IfsDrives.sys [2004-09-25 4608]
R3 Bdfndisf;BitDefender Firewall NDIS Filter Service;d:\windows\system32\DRIVERS\bdfndisf.sys [2007-07-30 86792]
R3 OEM02Afx;Provides a software interface to control audio effects of OEM002 camera.;\??\d:\windows\system32\Drivers\OEM02Afx.sys [2008-06-24 141376]
R3 OEM02Dev;Creative Camera OEM002 Driver;d:\windows\system32\DRIVERS\OEM02Dev.sys [2008-06-24 235520]
R3 OEM02Vfx;Creative Camera OEM002 Video VFX Driver;d:\windows\system32\DRIVERS\OEM02Vfx.sys [2008-06-24 7424]
S3 getPlus(R) Helper;getPlus(R) Helper;d:\program files\NOS\bin\getPlus_HelperSvc.exe [2008-09-04 33752]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
bdx REG_MULTI_SZ scan

[COLOR=RED]NETSVCS REQUIRES REPAIRS - current entries shown[/COLOR]
6to4
AppMgmt
AudioSrv
Browser
CryptSvc
DMServer
DHCP
EventSystem
FastUserSwitchingCompatibility
HidServ
Ias
Iprip
Irmon
LanmanServer
LanmanWorkstation
Netman
Nla
Ntmssvc
NWCWorkstation
Nwsapagent
Rasauto
Rasman
Remoteaccess
Schedule
Seclogon
SENS
Sharedaccess
Tapisrv
Themes
W32Time
WZCSVC
Wmi
WmdmPmSp
winmgmt
xmlprov
napagent
hkmsvc
BITS
ShellHWDetection
WmdmPmSN

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs

*Newly Created Service* - BROWSER
.
Contenu du dossier 'Tâches planifiées'

2008-11-13 d:\windows\Tasks\GoogleUpdateTaskUser.job
- d:\documents and settings\Diane.VIRUS\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2008-10-10 16:26]
.
- - - - ORPHELINS SUPPRIMES - - - -

MSConfigStartUp-Easy PDF Creator - d:\program files\Easy PDF Creator\EasyPDFCreator.exe
MSConfigStartUp-RegistryCleanerPro - d:\program files\iXi Tools\Registry Cleaner Pro\RegistryCleanerPro.exe
MSConfigStartUp-Veoh - d:\program files\Veoh\VeohClient.exe

.
------- Examen supplémentaire -------
.
uInternet Settings,ProxyOverride = *.local;<local>
IE: E&xporter vers Microsoft Excel - d:\progra~1\MICROS~1\Office12\EXCEL.EXE/3000
TCP: {7F70F2F3-A439-4FAB-BC7D-81E7A7CF6E71} = 212.27.54.252,212.27.53.252
FireFox -: Profile - d:\documents and settings\Diane.VIRUS\Application Data\Mozilla\Firefox\Profiles\zxhg3ono.default\
FireFox -: prefs.js - STARTUP.HOMEPAGE - hxxp://www.google.fr
FF -: plugin - d:\documents and settings\Diane.VIRUS\Application Data\Mozilla\Firefox\Profiles\zxhg3ono.default\extensions\{CF40ACC5-E1BB-4aff-AC72-04C2F616BCA7}\plugins\np_gp.dll
FF -: plugin - d:\documents and settings\Diane.VIRUS\Local Settings\Application Data\Google\Update\1.2.131.27\npGoogleOneClick6.dll
FF -: plugin - d:\program files\iTunes\Mozilla Plugins\npitunes.dll
FF -: plugin - d:\program files\Java\jre6\bin\new_plugin\npdeploytk.dll
FF -: plugin - d:\program files\Java\jre6\bin\new_plugin\npjp2.dll
FF -: plugin - d:\program files\Mozilla Firefox\plugins\np_gp.dll
FF -: plugin - d:\program files\Mozilla Firefox\plugins\npdeploytk.dll
FF -: plugin - d:\program files\Mozilla Firefox\plugins\npOGAPlugin.dll
.

**************************************************************************

catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-12-08 23:22:02
Windows 5.1.2600 Service Pack 3, v.5512 NTFS

Recherche de processus cachés ...

Recherche d'éléments en démarrage automatique cachés ...

Recherche de fichiers cachés ...

Scan terminé avec succès
Fichiers cachés: 0

**************************************************************************

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\bdfsfltr]
"ImagePath"=hex:73,00,79,00,73,00,74,00,65,00,6d,00,33,00,32,00,5c,00,44,00,52,\

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\bdfsfltr]
"ImagePath"=hex:73,00,79,00,73,00,74,00,65,00,6d,00,33,00,32,00,5c,00,44,00,52,\
.
--------------------- DLLs chargées dans les processus actifs ---------------------

- - - - - - - > 'winlogon.exe'(336)
d:\windows\system32\SETUPAPI.dll
d:\program files\fichiers communs\logishrd\bluetooth\LBTWlgn.dll
d:\windows\system32\psqlpwd.dll
d:\program files\fichiers communs\logishrd\bluetooth\LBTServ.dll
d:\program files\Fingerprint Reader Suite\homefus2.dll
d:\program files\Fingerprint Reader Suite\infra.dll
d:\program files\Fingerprint Reader Suite\homepass.dll
d:\program files\Fingerprint Reader Suite\bio.dll
d:\program files\Fingerprint Reader Suite\remote.dll
d:\program files\Fingerprint Reader Suite\crypto.dll
d:\windows\system32\COMRes.dll

- - - - - - - > 'lsass.exe'(812)
d:\windows\system32\setupapi.dll
d:\windows\system32\scecli.dll
d:\windows\system32\psqlpwd.dll
d:\program files\Fingerprint Reader Suite\homefus2.dll
d:\program files\Fingerprint Reader Suite\infra.dll
.
------------------------ Autres processus actifs ------------------------
.
d:\program files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
d:\program files\Bonjour\mDNSResponder.exe
d:\program files\Cisco VPN Client\cvpnd.exe
d:\program files\Java\jre6\bin\jqs.exe
d:\windows\system32\nvsvc32.exe
d:\windows\system32\HPZipm12.exe
d:\program files\SigmaTel\C-Major Audio\WDM\stacsv.exe
d:\program files\Fichiers communs\BitDefender\BitDefender Communicator\xcommsvr.exe
d:\program files\Fichiers communs\BitDefender\BitDefender Update Service\livesrv.exe
d:\program files\BitDefender\vsserv.exe
d:\windows\system32\rundll32.exe
d:\program files\DellTPad\ApMsgFwd.exe
d:\program files\DellTPad\hidfind.exe
d:\program files\DellTPad\ApntEx.exe
d:\program files\Fichiers communs\Logishrd\KHAL2\KHALMNPR.exe
.
**************************************************************************
.
Heure de fin: 2008-12-08 23:24:29 - La machine a redémarré
ComboFix-quarantined-files.txt 2008-12-08 22:24:25

Avant-CF: 214 774 161 408 octets libres
Après-CF: 214,697,480,192 octets libres

346

Maeliss22 · Answer

Merci pour l'aide.
Il semblerait que je n'ai plus de problème avec Mozilla et Google Chrome. Toujours pas de connexion du côté de Mozilla.

Maeliss22 · Answer

J'ai remis le proxy en automatique sous Firefox, donc ça fonctionne à nouveau. 
Tout semble toujours fonctionner. Je te remercie beaucoup du temps que tu m'as consacré.
Tu me diras s'il faut encore faire quelques scans.

Maeliss22 · Answer

Voilà:

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 11:53:57, on 09/12/2008
Platform: Windows XP SP3, v.5512 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.20772)
Boot mode: Normal

Running processes:
D:\WINDOWS\System32\smss.exe
D:\WINDOWS\system32\winlogon.exe
D:\WINDOWS\system32\services.exe
D:\WINDOWS\system32\lsass.exe
D:\WINDOWS\system32\svchost.exe
D:\WINDOWS\System32\svchost.exe
D:\WINDOWS\Explorer.EXE
D:\WINDOWS\stsystra.exe
D:\WINDOWS\OEM02Mon.exe
D:\WINDOWS\system32\RUNDLL32.EXE
D:\Program Files\BitDefender\bdagent.exe
D:\Program Files\DellTPad\Apoint.exe
D:\Program Files\Java\jre6\bin\jusched.exe
D:\Program Files\DellTPad\ApMsgFwd.exe
D:\Program Files\DellTPad\HidFind.exe
D:\Program Files\DellTPad\Apntex.exe
D:\Program Files\Logitech\SetPoint\SetPoint.exe
D:\Program Files\Fichiers communs\Logishrd\KHAL2\KHALMNPR.EXE
D:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
D:\Program Files\Bonjour\mDNSResponder.exe
D:\Program Files\Cisco VPN Client\cvpnd.exe
D:\Program Files\Java\jre6\bin\jqs.exe
D:\WINDOWS\system32
vsvc32.exe
D:\WINDOWS\system32\HPZipm12.exe
D:\Program Files\SigmaTel\C-Major Audio\WDM\STacSV.exe
D:\WINDOWS\system32\svchost.exe
D:\Program Files\Fichiers communs\BitDefender\BitDefender Communicator\xcommsvr.exe
D:\Program Files\Fichiers communs\BitDefender\BitDefender Update Service\livesrv.exe
D:\Program Files\BitDefender\vsserv.exe
D:\WINDOWS\System32\svchost.exe
D:\Program Files\Microsoft Office\Office12\WINWORD.EXE
D:\Program Files\Cisco VPN Client\vpngui.exe
D:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local;<local>
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Favoris
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - D:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - D:\PROGRA~1\Spybot\SDHelper.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - D:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - D:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - D:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: BitDefender Toolbar - {381FFDE8-2394-4f90-B10D-FC6124A40F8C} - D:\Program Files\BitDefender\IEToolbar.dll
O4 - HKLM\..\Run: [SigmatelSysTrayApp] stsystra.exe
O4 - HKLM\..\Run: [OSSelectorReinstall] D:\Program Files\Fichiers communs\Acronis\Partition Suite\oss_reinstall.exe
O4 - HKLM\..\Run: [OEM02Mon.exe] D:\WINDOWS\OEM02Mon.exe
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE D:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE D:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM\..\Run: [BDAgent] "D:\Program Files\BitDefender\bdagent.exe"
O4 - HKLM\..\Run: [Apoint] D:\Program Files\DellTPad\Apoint.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "D:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "D:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKCU\..\Run: [DAEMON Tools Lite] "D:\Program Files\DAEMON Tools Lite\daemon.exe" -autorun
O4 - Global Startup: Cisco Systems VPN Client.lnk = D:\Program Files\Cisco VPN Client\vpngui.exe
O4 - Global Startup: Logitech SetPoint.lnk = D:\Program Files\Logitech\SetPoint\SetPoint.exe
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://D:\PROGRA~1\MICROS~1\Office12\EXCEL.EXE/3000
O9 - Extra button: Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - D:\PROGRA~1\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - D:\PROGRA~1\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - D:\PROGRA~1\MICROS~4\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - D:\PROGRA~1\MICROS~4\INetRepl.dll
O9 - Extra 'Tools' menuitem: Créer un Favori de l'appareil mobile... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - D:\PROGRA~1\MICROS~4\INetRepl.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - D:\PROGRA~1\MICROS~1\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - D:\PROGRA~1\Spybot\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - D:\PROGRA~1\Spybot\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - D:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - D:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/flashplayer/current/swflash.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{7F70F2F3-A439-4FAB-BC7D-81E7A7CF6E71}: NameServer = 212.27.54.252,212.27.53.252
O17 - HKLM\System\CCS\Services\Tcpip\..\{EC79A2D3-BB75-4DA0-894A-84B6E97243DE}: NameServer = 129.88.30.10,129.88.32.24
O23 - Service: Apple Mobile Device - Apple Inc. - D:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - D:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Cisco Systems, Inc. VPN Service (CVPND) - Cisco Systems, Inc. - D:\Program Files\Cisco VPN Client\cvpnd.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - D:\Program Files\Fichiers communs\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: getPlus(R) Helper - NOS Microsystems Ltd. - D:\Program Files\NOS\bin\getPlus_HelperSvc.exe
O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - D:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - D:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech, Inc. - D:\Program Files\Fichiers communs\Logishrd\Bluetooth\LBTServ.exe
O23 - Service: BitDefender Desktop Update Service (LIVESRV) - BitDefender SRL - D:\Program Files\Fichiers communs\BitDefender\BitDefender Update Service\livesrv.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - D:\WINDOWS\system32
vsvc32.exe
O23 - Service: Pml Driver HPZ12 - HP - D:\WINDOWS\system32\HPZipm12.exe
O23 - Service: SigmaTel Audio Service (STacSV) - SigmaTel, Inc. - D:\Program Files\SigmaTel\C-Major Audio\WDM\STacSV.exe
O23 - Service: BitDefender Virus Shield (VSSERV) - BitDefender S.R.L. - D:\Program Files\BitDefender\vsserv.exe
O23 - Service: BitDefender Communicator (XCOMM) - BitDefender - D:\Program Files\Fichiers communs\BitDefender\BitDefender Communicator\xcommsvr.exe

Maeliss22 · Answer

[ Rapport ToolsCleaner version 2.2.7 (par A.Rothstein & dj QUIOU) ]

-->- Recherche: 

D:\Combofix.txt: trouvé !
D:\lopR.txt: trouvé !
D:\SDFIX: trouvé !
D:\Lop SD: trouvé !
D:\Qoobox: trouvé !
D:\Documents and Settings\All Users\Menu Démarrer\Programmes\Utilitaire\Sécurité & Protection\HijackThis: trouvé !
D:\Documents and Settings\All Users\Menu Démarrer\Programmes\Utilitaire\Sécurité & Protection\HijackThis\HijackThis.lnk: trouvé !
D:\Documents and Settings\All Users\Menu Démarrer\Programmes\Utilitaire\Windows Trust\Registre\HijackThis.lnk: trouvé !
D:\Documents and Settings\Diane.VIRUS\Mes documents\hijackthis.log: trouvé !
D:\Documents and Settings\Diane.VIRUS\Mes documents\Sécu\SdFix.exe: trouvé !
D:\Documents and Settings\Diane.VIRUS\Mes documents\Sécu\LopSD.exe: trouvé !
D:\Documents and Settings\Diane.VIRUS\Mes documents\Sécu\ComboFix.exe: trouvé !
D:\Documents and Settings\Diane.VIRUS\Mes documents\Sécu\SmitFraudFix.exe: trouvé !
D:\Documents and Settings\Diane.VIRUS\Mes documents\Sécu\hijackthis.log: trouvé !
D:\Documents and Settings\Diane.VIRUS\Mes documents\Sécu\SmitFraudfix: trouvé !
D:\Program Files\Mozilla Firefox\SmitFraudfix: trouvé !
D:\Program Files\Trend Micro\HijackThis: trouvé !
D:\Program Files\Trend Micro\HijackThis\HijackThis.exe: trouvé !
D:\WINDOWS\NIRCMD.exe: trouvé !

---------------------------------
-->- Suppression: 

D:\Documents and Settings\All Users\Menu Démarrer\Programmes\Utilitaire\Sécurité & Protection\HijackThis\HijackThis.lnk: supprimé !
D:\Documents and Settings\All Users\Menu Démarrer\Programmes\Utilitaire\Windows Trust\Registre\HijackThis.lnk: supprimé !
D:\Documents and Settings\Diane.VIRUS\Mes documents\Sécu\SdFix.exe: supprimé !
D:\Documents and Settings\Diane.VIRUS\Mes documents\Sécu\LopSD.exe: supprimé !
D:\Documents and Settings\Diane.VIRUS\Mes documents\Sécu\ComboFix.exe: ERREUR DE SUPPRESSION !!
D:\Documents and Settings\Diane.VIRUS\Mes documents\Sécu\SmitFraudFix.exe: supprimé !
D:\Program Files\Trend Micro\HijackThis\HijackThis.exe: supprimé !
D:\Combofix.txt: supprimé !
D:\lopR.txt: supprimé !
D:\Documents and Settings\Diane.VIRUS\Mes documents\hijackthis.log: supprimé !
D:\Documents and Settings\Diane.VIRUS\Mes documents\Sécu\hijackthis.log: supprimé !
D:\WINDOWS\NIRCMD.exe: supprimé !
D:\SDFIX: supprimé !
D:\Lop SD: supprimé !
D:\Qoobox: supprimé !
D:\Documents and Settings\All Users\Menu Démarrer\Programmes\Utilitaire\Sécurité & Protection\HijackThis: supprimé !
D:\Documents and Settings\Diane.VIRUS\Mes documents\Sécu\SmitFraudfix: supprimé !
D:\Program Files\Mozilla Firefox\SmitFraudfix: supprimé !
D:\Program Files\Trend Micro\HijackThis: supprimé !

Maeliss22 · Answer

Salut,

Désolée pour le délai le réponse.
J'ai fait ce que tu m'as demandé. Il y a t-il d'autres choses à faire?
Est-ce que tu sais ce qui était à l'origine du problème.
Je te remercie.

benurrr · Answer

bonjour

comment est ton pc ?

tu avait plusieurs infection comme tu a put le constater avec les rapport de suppression

de smitfraudfix et combofix ; lopsd

Maeliss22 · Answer

je vois rien d'inhabituel sur mon PC. Je n'ai plus les problèmes du début.
Sais-tu comment j'ai attrapé ces infections?

benurrr · Answer

salut

comment tu as attrapé cette infection.

certain site a notre insu leur merde et aussi 
On attrape ces merde via justement des bannières de publicités sur des pages Webs ou en installant certains logiciels comme : 
* BitDownload 
* BitGrabber 
* BitRoll 
* MessengerPlus! 3 sous le nom de sponsors 
* Messenger Plus! Live sous le nom de sponsors 
* NetPumper 
* TorrentQ 
* Torrent101 

je te bon surf

Maeliss22 · Answer

Ok merci encore!
Par contre, j'ai l'impression que mon PC est plus lent qu'avant. Un programme qui effectue des calculs mets plus de temps que d'habitude. Il y a t'il un moyen de vérifier si les perfs sont normales?

Redirection recherches google

19 réponses

Votre réponse

Newsletters