Fenêtres publicitaires intempestives

Salut Séb08.
J'ai réussi à effectuer toute ton explication.
Alors voici :

- le rapport de BFU

BFU v1.00.9
Windows XP SP2 (WinNT 5.01.2600 SP2)
Script started at 06:49:25, on 26/01/2007

Option Delete files to Recycle Bin: Yes
Failed: RegDelValue HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\RunServices|M­C (key not found)
Failed: RegDelValue HKCU\software\microsoft\windows\currentversion\wintrust\trus­t providers\software publishing\trust database\0|ELECTRONIC GROUP (key not found)
Failed: DllUnregister C:\WINDOWS\system32\MSWBM32.DLL|1 (file not found)
Failed: DllUnregister C:\Program Files\MailSkinner\OESkinner.dll|1 (file not found)
Failed: FolderDelete C:\Program Files\dialpass (folder not found)
Failed: FolderDelete C:\Program Files\eghtmldialer (folder not found)
Failed: FolderDelete C:\Program Files\egroup (folder not found)
Failed: FolderDelete C:\Program Files\Instant Access (folder not found)
Failed: FolderDelete C:\Program Files\MailSkinner (folder not found)
Failed: FolderDelete C:\Program Files\InternetGameBox (folder not found)
Failed: FolderDelete C:\Program Files\GoRecord2 (folder not found)
Failed: FolderDelete C:\Program Files\GoAstro (folder not found)
Failed: FolderDelete C:\Program Files\SudoPlanet (folder not found)
Failed: FolderDelete C:\Program Files\WebMediaPlayer (folder not found)
Failed: FolderDelete C:\Program Files\MessengerSkinner (folder not found)
Failed: DllUnregister C:\WINDOWS\mslagent\2_mslagent.dll|1 (file not found)
Failed: DllUnregister C:\WINDOWS\navmpc\2_navmpc.dll|1 (file not found)
Failed: FolderDelete C:\WINDOWS\mslagent (folder not found)
Failed: FolderDelete C:\WINDOWS\navmpc (folder not found)
Failed: FolderDelete C:\WINDOWS\msskinner (folder not found)
Failed: FolderDelete C:\WINDOWS\wintrim (folder not found)
Failed: FolderDelete C:\WINDOWS\wincomp (folder not found)
Failed: FolderDelete C:\WINDOWS\winmgts (folder not found)
Failed: FolderDelete C:\WINDOWS\simcss (folder not found)
Failed: FolderDelete C:\WINDOWS\mc (folder not found)
Failed: FileDelete C:\DOCUME~1\CDRIC~1\LOCALS~1\Temp\hpodvd09.log (operation failed)
Failed: FileDelete C:\DOCUME~1\CDRIC~1\LOCALS~1\Temp\~DF4D4A.tmp (operation failed)
Failed: FileDelete C:\DOCUME~1\CDRIC~1\LOCALS~1\Temp\~DF4DBB.tmp (operation failed)
Failed: FileDelete C:\DOCUME~1\CDRIC~1\LOCALS~1\Temp\~DF832C.tmp (operation failed)
Failed: FileDelete C:\DOCUME~1\CDRIC~1\LOCALS~1\Temp\~DFE5BD.tmp (operation failed)
Script completed.

- le nouveau rapport de blacklight (après avoir supprimé les 4 fedccbafpo et refait un Scan)

01/26/07 07:18:35 [Info]: BlackLight Engine 1.0.55 initialized
01/26/07 07:18:35 [Info]: OS: 5.1 build 2600 (Service Pack 2)
01/26/07 07:18:35 [Note]: 7019 4
01/26/07 07:18:35 [Note]: 7005 0
01/26/07 07:18:37 [Note]: 7006 0
01/26/07 07:18:37 [Note]: 7011 1260
01/26/07 07:18:37 [Note]: 7026 0
01/26/07 07:18:37 [Note]: 7026 0
01/26/07 07:18:38 [Note]: FSRAW library version 1.7.1021
01/26/07 07:25:19 [Note]: 2000 1012
01/26/07 07:25:37 [Note]: 7007 0

Y'a-t-il d'autres opérations à effectuer pour supprimer les fenêtres publicitaires intempestives ?
Merci pour les renseignements que tu m'as donné, c'est très sympa de ta part et ça permet de se former à l'informatique.

Content d'avoir pu t'aider jlouis11 .

Bonne initiative que de se servir d'un post et de suivre les indications au lieu de demander .

Félicitation ! ;-)

Bon surf.
Tout est bon dans l'sanglier !  :o)                         ­         
                                                            ­  *****Have a good day*****

seb08,
je te joins ci-dessous le rapport de bitdefender de ce jour, dis moi si je dois faire d'autres manips concernant les virus trouvés :
BitDefender Online Scanner



Scan report generated at: Fri, May 18, 2007 - 12:36:43





Scan path: A:\;C:\;D:\;E:\;F:\;G:\;J:\;







Statistics

Time
01:09:35

Files
312329

Folders
5118

Boot Sectors
3

Archives
1811

Packed Files
53405




Results

Identified Viruses
7

Infected Files
9

Suspect Files
0

Warnings
0

Disinfected
0

Deleted Files
9




Engines Info

Virus Definitions
506929

Engine build
AVCORE v1.0 (build 2397) (i386) (Feb 8 2007 14:24:08)

Scan plugins
14

Archive plugins
38

Unpack plugins
6

E-mail plugins
6

System plugins
1




Scan Settings

First Action
Disinfect

Second Action
Delete

Heuristics
Yes

Enable Warnings
Yes

Scanned Extensions
*;

Exclude Extensions


Scan Emails
Yes

Scan Archives
Yes

Scan Packed
Yes

Scan Files
Yes

Scan Boot
Yes




Scanned File
Status

C:\MemoryWatcher_b.exe
Infected with: Trojan.Sandbox.A

C:\MemoryWatcher_b.exe
Disinfection failed

C:\MemoryWatcher_b.exe
Deleted

C:\Program Files\simaquarium\setup_incredifind_simaquarium_with_track.e­xe=>(NSIS o)=>zlib_nsis0001
Infected with: Trojan.Downloader.Keenval.K

C:\Program Files\simaquarium\setup_incredifind_simaquarium_with_track.e­xe=>(NSIS o)=>zlib_nsis0001
Disinfection failed

C:\Program Files\simaquarium\setup_incredifind_simaquarium_with_track.e­xe=>(NSIS o)=>zlib_nsis0001
Deleted

C:\Program Files\simaquarium\setup_incredifind_simaquarium_with_track.e­xe=>(NSIS o)
Update failed

C:\Program Files\simaquarium\setup_incredifind_simaquarium_with_track.e­xe=>(NSIS o)=>zlib_nsis0002
Infected with: Trojan.Downloader.Keenval.C

C:\Program Files\simaquarium\setup_incredifind_simaquarium_with_track.e­xe=>(NSIS o)=>zlib_nsis0002
Disinfection failed

C:\Program Files\simaquarium\setup_incredifind_simaquarium_with_track.e­xe=>(NSIS o)=>zlib_nsis0002
Deleted

C:\Program Files\simaquarium\setup_incredifind_simaquarium_with_track.e­xe=>(NSIS o)
Update failed

C:\Program Files\simaquarium\setup_powersearch_simaquarium_with_track.e­xe=>(NSIS o)=>zlib_nsis0001
Infected with: Trojan.Keenvalad.E

C:\Program Files\simaquarium\setup_powersearch_simaquarium_with_track.e­xe=>(NSIS o)=>zlib_nsis0001
Disinfection failed

C:\Program Files\simaquarium\setup_powersearch_simaquarium_with_track.e­xe=>(NSIS o)=>zlib_nsis0001
Deleted

C:\Program Files\simaquarium\setup_powersearch_simaquarium_with_track.e­xe=>(NSIS o)
Update failed

C:\Program Files\simaquarium\setup_powersearch_simaquarium_with_track.e­xe=>(NSIS o)=>zlib_nsis0002
Infected with: Trojan.Downloader.Keenval.C

C:\Program Files\simaquarium\setup_powersearch_simaquarium_with_track.e­xe=>(NSIS o)=>zlib_nsis0002
Disinfection failed

C:\Program Files\simaquarium\setup_powersearch_simaquarium_with_track.e­xe=>(NSIS o)=>zlib_nsis0002
Deleted

C:\Program Files\simaquarium\setup_powersearch_simaquarium_with_track.e­xe=>(NSIS o)
Update failed

C:\System Volume Information\_restore{FECAA943-C5C1-4060-8A5E-33E924F0E09D}\R­P1104\A0363341.exe
Infected with: Trojan.Sandbox.A

C:\System Volume Information\_restore{FECAA943-C5C1-4060-8A5E-33E924F0E09D}\R­P1104\A0363341.exe
Disinfection failed

C:\System Volume Information\_restore{FECAA943-C5C1-4060-8A5E-33E924F0E09D}\R­P1104\A0363341.exe
Deleted

C:\WINDOWS\fixit.exe=>(NSIS o)=>zlib_nsis0002
Infected with: Trojan.Maddle.B.DLL

C:\WINDOWS\fixit.exe=>(NSIS o)=>zlib_nsis0002
Disinfection failed

C:\WINDOWS\fixit.exe=>(NSIS o)=>zlib_nsis0002
Deleted

C:\WINDOWS\fixit.exe=>(NSIS o)
Update failed

C:\WINDOWS\fixit.exe=>(NSIS o)=>zlib_nsis0003
Infected with: Trojan.Spy.Middadle.A

C:\WINDOWS\fixit.exe=>(NSIS o)=>zlib_nsis0003
Disinfection failed

C:\WINDOWS\fixit.exe=>(NSIS o)=>zlib_nsis0003
Deleted

C:\WINDOWS\fixit.exe=>(NSIS o)
Update failed

C:\WINDOWS\fixit.exe=>(NSIS o)=>zlib_nsis0004
Infected with: Trojan.Maddle.B

C:\WINDOWS\fixit.exe=>(NSIS o)=>zlib_nsis0004
Disinfection failed

C:\WINDOWS\fixit.exe=>(NSIS o)=>zlib_nsis0004
Deleted

C:\WINDOWS\fixit.exe=>(NSIS o)
Update failed

merci encore de ton aide

Bah vire ces fichiers (si encore présents ):

C:\Program Files\simaquarium
C:\WINDOWS\fixit.exe

Ta resto système est ou était infectée ... donc fait cette manip pour effacer tous les point présents :

Désactive ta restauration système (uniquement si tu es sous XP):
Clic droit sur poste de travail puis,
propriété, tu cliques sur onglet restauration système
tu coches la case « désactiver la restauration » et applique.

Puis,

¤Réactive ta restauration système (uniquement si tu es sous XP):
Clic droit sur poste de travail puis,
propriété, tu cliques sur onglet restauration système
tu décoches la case « désactiver la restauration » et applique.

http://www.libellules.ch/desactiver_restauration.php

vide ta corbeille.


et refait un scan avec ce log

* AVG AS

AVG anti spyware
avg antispywarelMet le a jour avant de lancer le scan.
Tuto :
http://www.kachouri.com/tuto/tuto-161-avg-anti-spyware-75-po­ur-votre-securite.html

->Relance AVG AS -> "Analyse" ->"Paramètres"

Sous la question "Comment réagir ?" :

-> clique sur "Actions recommandées" et choisis "Quarantaines"
-> Re-clique sur l'onglet "Analyse" puis réalise une "Analyse complète du système"

Si un fichier est infecté en fin d'analyse

->Clique sur "Appliquer toutes les actions "

->Clique sur "Enregistrer le rapport" puis sur "Enregistrer le rapport sous".

->Enregistre ce fichier texte sur ton bureau ensuite colle le rapport ici


a+


Tout est bon dans l'sanglier !  :o)                         ­         
                                                            ­  *****Have a good day*****