Sujet Précédent Sujet Suivant

Toujours des fenêtres de pubs :@

Fermé
fanny - 26 sept. 2008 à 13:55
Destrio5 Messages postés 85985 Date d'inscription dimanche 11 juillet 2010 Statut Modérateur Dernière intervention 17 février 2023 - 1 oct. 2008 à 16:28
Bonjour,

Comment virer les fenêtres de pub qui se ramène toujours sur mon pc svp ? :@ ça m'en met partout depuis 10 minutes alors que j'avais rien avant ;-(

thanks
A voir également:

27 réponses

  • 1
  • 2
Réponse 1 / 27
Destrio5 Messages postés 85985 Date d'inscription dimanche 11 juillet 2010 Statut Modérateur Dernière intervention 17 février 2023 10 291
26 sept. 2008 à 14:07
Salut,

- Télécharge HijackThis V 2.02 (HijackThis Installer) :
http://www.trendsecure.com/portal/en-US/threat_analytics/HJTInstall.exe

- Fais un double-clic sur HJTInstall.exe afin de lancer l'installation

- Clique sur Install ensuite sur I Accept

- Clique sur Do a scan system and save log file

- Le bloc-notes s'ouvrira, fais un copier-coller de tout son contenu ici dans ta prochaine réponse.
0
Réponse 2 / 27
fanny
26 sept. 2008 à 14:25
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 14:23:40, on 26/09/2008
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\System32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\System32\svchost.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Wanadoo\EspaceWanadoo.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\Wanadoo\ComComp.exe
C:\Program Files\Wanadoo\Watch.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.orange.fr/portail
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.01net.com/telecharger/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,CustomizeSearch = http://dnl.crawler.com/support/sa_customize.aspx?TbId=66006
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://home.sweetim.com/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Wanadoo
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\PROGRA~1\Wanadoo\SEARCH~1.DLL
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [meet great active lies] C:\Documents and Settings\All Users\Application Data\soft chic meet great\Curb Exit.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [BITSUP] C:\DOCUME~1\_FANNY~1\APPLIC~1\HOPEME~1\film dumb.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messager Wanadoo - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\PROGRA~1\WANADO~1\Wanadoo Messager.exe
O9 - Extra 'Tools' menuitem: Messager Wanadoo - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\PROGRA~1\WANADO~1\Wanadoo Messager.exe
O9 - Extra button: Wanadoo - {1462651F-F4BA-4C76-A001-C4284D0FE16E} - https://www.orange.fr/portail (file missing) (HKCU)
O14 - IERESET.INF: START_PAGE_URL=https://www.01net.com/telecharger/
O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} (QuickTime Object) -
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx1.hotmail.com/mail/w2/resources/MSNPUpld.cab
O16 - DPF: {5C051655-FCD5-4969-9182-770EA5AA5565} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown.cab56986.cab
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://messenger.zone.msn.com/binary/ZIntro.cab56649.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {DB7BF79A-FC51-4B5A-92BC-A65731174380} (InstantAction Game Launcher) - http://ww38.instantaction.com/download/iaplayer.cab
O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab56986.cab
O16 - DPF: {F8C5C0F1-D884-43EB-A5A0-9E1C4A102FA8} -
O17 - HKLM\System\CCS\Services\Tcpip\..\{86E414E2-3289-43CB-AC80-967CD8D9FE9A}: NameServer = 80.10.246.1 81.253.149.2
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\System32\Ati2evxx.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: F-Secure Windows Security Center Legacy Detection Service (Fswsclds) - Unknown owner - C:\Program Files\Securitoo\av_fw\fswsclds.exe (file missing)
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\System32\HPZipm12.exe
0
Réponse 3 / 27
Destrio5 Messages postés 85985 Date d'inscription dimanche 11 juillet 2010 Statut Modérateur Dernière intervention 17 février 2023 10 291
26 sept. 2008 à 14:27
C'est une infection Lop/Swizzor.

---> Télécharge Lop S&D sur ton Bureau
https://77b4795d-a-62cb3a1a-s-sites.googlegroups.com/site/eric71mespages/LopSD.exe?attachauth=ANoY7co3ntqUavpZ3q1BG-h4pc13vqDZmhcNeEPChtsyrgAykRbhE8bZzhk979EfQD4AgwtQUHCaQ7ZQwNYMo3_0kA8htAspckDJtu2K5t6J9z6dLW4fpZyH4FpFL1tVMBZ8H-KnN7afZ5vt-WxZRpnynk-a0XmV_Y0C0q6DxGEDKie1TnPT7gFoZnoCnspzBmbW6ZzxA4fNr3oEDlbelNZON-LjF8nOmQ%3D%3D&attredirects=2
---> Double-clique dessus pour lancer l'installation
---> Puis double-clique sur le raccourci Lop S&D présent sur ton Bureau
---> Séléctionne la langue souhaitée, puis choisis l'option 1 (Recherche)
---> Patiente jusqu'à la fin du scan
---> Poste le rapport généré (C:\lopR.txt)
0
Réponse 4 / 27
fanny
26 sept. 2008 à 14:30
# Rapport Lopxp fait le 26/09/2008 à 14:28:02
# Exécuté dans : C:\Program Files\Lopxp
# Version 3.10 - Maj du 11/04/2008

Killing 'iexplore.exe'
"C:\Program Files\Internet Explorer\iexplore.exe" (3116)
"C:\Program Files\Internet Explorer\iexplore.exe" (3308)

========== Listing des dossiers Application Data

+- C:\Documents and Settings\All Users\Application Data

2007-08-26 à 11:39:58 - Microsoft
2007-08-26 à 11:52:36 - CyberLink
2007-08-26 à 17:59:50 - MSN6
2007-08-26 à 18:27:46 - SBT
2007-08-27 à 19:00:28 - Windows Live Toolbar
2007-08-28 à 21:42:24 - Google
2007-08-30 à 20:32:56 - DVD X Studios
2007-09-14 à 19:06:54 - Messenger Plus!
2007-09-26 à 18:40:56 - Adobe
2007-10-14 à 23:53:16 - AOL Downloads
2007-10-14 à 23:59:36 - Viewpoint
2007-10-14 à 23:59:44 - AOL
2007-10-14 à 23:59:46 - AOL OCP
2008-05-19 à 12:38:10 - Skype
2008-06-24 à 13:52:14 - Spybot - Search & Destroy
2008-09-18 à 14:40:50 - SweetIM
2008-09-18 à 18:29:04 - Windows Genuine Advantage
2008-09-20 à 20:19:36 - WLInstaller
2008-09-23 à 09:38:10 - Malwarebytes
2008-09-23 à 21:11:50 - Downloaded Installations
2008-09-26 à 11:36:10 - soft chic meet great

+- C:\Documents and Settings\Alexandre\Application Data

2007-08-26 à 11:48:54 - Identities
2007-08-26 à 11:50:16 - InterTrust
2007-08-26 à 11:50:16 - Adobe
2007-08-26 à 11:53:08 - Sun
2007-08-26 à 11:39:58 - Microsoft
2007-08-28 à 10:35:10 - Macromedia
2007-08-29 à 10:09:56 - Google
2007-08-30 à 11:55:14 - Hewlett-Packard
2007-09-01 à 10:15:52 - Mozilla
2007-09-28 à 15:18:34 - WinRAR
2008-06-04 à 17:33:08 - Help
2008-08-18 à 15:01:40 - LimeWire
2008-09-08 à 17:29:34 - vlc
2008-09-10 à 15:32:58 - Viewpoint

+- C:\Documents and Settings\Alexandre\Local Settings\Application Data

2007-08-26 à 11:47:38 - Microsoft
2007-08-26 à 11:52:58 - {7148F0A6-6813-11D6-A77B-00B0D0142010}
2007-08-29 à 10:09:56 - Google
2007-09-01 à 10:15:52 - Mozilla
2007-11-07 à 12:42:56 - Identities
2008-06-04 à 17:33:08 - Help

========== Listing du dossier Program Files

+- C:\Program Files

2007-08-26 à 11:40:22 - Fichiers communs
2007-08-26 à 11:43:02 - Windows NT
2007-08-26 à 11:43:02 - MSN
2007-08-26 à 11:43:08 - MSN Gaming Zone
2007-08-26 à 11:43:10 - Messenger
2007-08-26 à 11:43:14 - Windows Media Player
2007-08-26 à 11:43:14 - Services en ligne
2007-08-26 à 11:43:14 - WindowsUpdate
2007-08-26 à 11:43:40 - ComPlus Applications
2007-08-26 à 11:43:58 - Internet Explorer
2007-08-26 à 11:43:58 - Outlook Express
2007-08-26 à 11:43:58 - NetMeeting
2007-08-26 à 11:44:00 - Movie Maker
2007-08-26 à 11:45:16 - microsoft frontpage
2007-08-26 à 11:45:16 - xerox
2007-08-26 à 11:48:52 - Uninstall Information
2007-08-26 à 11:49:24 - InstallShield Installation Information
2007-08-26 à 11:49:24 - AvRack
2007-08-26 à 11:49:26 - Realtek Sound Manager
2007-08-26 à 11:49:56 - Generic
2007-08-26 à 11:50:16 - Adobe
2007-08-26 à 11:51:42 - NewTech Infosystems
2007-08-26 à 11:52:34 - CyberLink
2007-08-26 à 11:52:58 - Java
2007-08-26 à 17:05:10 - Wanadoo
2007-08-26 à 17:05:36 - Wanadoo Messager
2007-08-26 à 17:06:02 - Thomson
2008-09-24 à 22:12:34 - Lavalys
2008-05-04 à 20:46:48 - MSN Reaper
2007-08-26 à 18:16:54 - Hewlett-Packard
2008-05-11 à 18:40:20 - CCleaner
2007-08-26 à 18:22:44 - Microsoft Office
2008-05-11 à 18:40:26 - Yahoo!
2007-08-26 à 18:27:46 - Snapshot Viewer
2008-08-09 à 21:27:22 - Sun
2007-08-27 à 19:00:00 - MSN Messenger
2007-08-27 à 19:00:26 - Windows Live Toolbar
2007-08-27 à 19:00:48 - WinRAR
2008-06-24 à 13:50:46 - Blender Foundation
2008-08-16 à 13:26:16 - WordBiz
2007-08-27 à 19:03:22 - eMule
2008-08-17 à 20:16:54 - LimeWire
2007-08-27 à 19:40:36 - Google
2007-08-29 à 19:54:10 - EA GAMES
2008-06-24 à 13:52:14 - Spybot - Search & Destroy
2008-09-08 à 14:24:08 - VideoLAN
2008-09-18 à 15:16:08 - Trend Micro
2008-09-18 à 15:41:48 - Lopxp
2007-08-31 à 10:13:46 - Mozilla Firefox
2008-09-23 à 09:38:08 - Malwarebytes' Anti-Malware
2008-09-23 à 21:10:40 - Windows Media Connect 2
2008-09-24 à 22:14:10 - Winamp
2008-09-25 à 17:44:18 - Sony Ericsson
2008-09-26 à 11:35:18 - Circle Developement
2008-09-26 à 11:35:46 - hopemessbook
2007-09-14 à 23:34:56 - QuickTime
2007-09-25 à 20:46:40 - Alwil Software
2007-10-14 à 23:59:34 - Viewpoint
2007-11-09 à 20:19:00 - UxTheme Multipatcher Fr
2008-02-01 à 14:57:40 - Stardock
2008-02-25 à 19:22:00 - Messenger Plus! Live
2008-02-25 à 19:22:00 - Windows Live
2008-03-03 à 15:17:24 - XnView
2008-03-03 à 23:28:30 - PhotoFiltre

========== Tâches planifiées

Check Updates for Windows Live Toolbar.job: C:\Program Files\Windows Live Toolbar\MSNTBUP.EXE
FRU Task #Hewlett-Packard#hp psc 1200 series#1188474788.job: C:\Program Files\Hewlett-Packard\Digital Imaging\Bin\hpqfrucl.exe -I "#Hewlett-Packard#hp psc 1200 series#1188474788"

========== Clés registre

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"meet great active lies"="C:\Documents and Settings\All Users\Application Data\soft chic meet great\Curb Exit.exe"

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"BITSUP"="C:\DOCUME~1\_FANNY~1\APPLIC~1\HOPEME~1\film dumb.exe"


========== Bloqueur popups Internet Explorer

Blocage des popups non géré par cette version du navigateur.

========== Suggestion ( /!\ Nécessite une interprétation.) ==========

C:\Program Files\Circle Developement

+- Registre:

REGEDIT4

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"meet great active lies"=-

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"BITSUP"=-




- Fin du rapport -
0

Vous n’avez pas trouvé la réponse que vous recherchez ?

Posez votre question
Réponse 5 / 27
Destrio5 Messages postés 85985 Date d'inscription dimanche 11 juillet 2010 Statut Modérateur Dernière intervention 17 février 2023 10 291
26 sept. 2008 à 14:32
Je n'ai pas demandé ce rapport.
0
Réponse 6 / 27
fanny
26 sept. 2008 à 14:33
lol désolé j'ai eu que ça ôO
0
Réponse 7 / 27
Destrio5 Messages postés 85985 Date d'inscription dimanche 11 juillet 2010 Statut Modérateur Dernière intervention 17 février 2023 10 291
26 sept. 2008 à 14:35
Suis ma procédure.
0
Réponse 8 / 27
fanny
26 sept. 2008 à 14:38
ah merde j'ai ouvert le mauvais programme :s quand j'ouvre lopsd j'ai des "impossible de trouver..."
0
Réponse 9 / 27
fanny
26 sept. 2008 à 14:43
voilà c'est ça ?


--------------------\\ Lop S&D 4.2.4-4 XP/Vista


"C:\Lop SD" ( MAJ : 19-09-2008|22:20 )
Option : [1] ( 26/09/2008|14:37 )

--------------------\\ Listing des dossiers dans APPLIC~1

[26/08/2007|13:50] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Adobe
[26/08/2007|13:48] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Identities
[26/08/2007|13:50] C:\DOCUME~1\DEFAUL~1\APPLIC~1\InterTrust
[26/08/2007|13:39] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft
[26/08/2007|13:53] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Sun

[26/09/2007|20:40] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe
[15/10/2007|01:59] C:\DOCUME~1\ALLUSE~1\APPLIC~1\AOL
[15/10/2007|01:53] C:\DOCUME~1\ALLUSE~1\APPLIC~1\AOL Downloads
[15/10/2007|01:59] C:\DOCUME~1\ALLUSE~1\APPLIC~1\AOL OCP
[26/08/2007|13:52] C:\DOCUME~1\ALLUSE~1\APPLIC~1\CyberLink
[23/09/2008|23:11] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Downloaded Installations
[30/08/2007|22:32] C:\DOCUME~1\ALLUSE~1\APPLIC~1\DVD X Studios
[28/08/2007|23:42] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Google
[23/09/2008|11:38] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Malwarebytes
[14/09/2007|21:06] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Messenger Plus!
[26/08/2007|13:39] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft
[26/08/2007|19:59] C:\DOCUME~1\ALLUSE~1\APPLIC~1\MSN6
[26/08/2007|20:27] C:\DOCUME~1\ALLUSE~1\APPLIC~1\SBT
[19/05/2008|14:38] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Skype
[26/09/2008|13:36] C:\DOCUME~1\ALLUSE~1\APPLIC~1\soft chic meet great
[24/06/2008|15:52] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Spybot - Search & Destroy
[18/09/2008|16:40] C:\DOCUME~1\ALLUSE~1\APPLIC~1\SweetIM
[15/10/2007|01:59] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Viewpoint
[18/09/2008|20:29] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Genuine Advantage
[27/08/2007|21:00] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Live Toolbar
[20/09/2008|22:19] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WLInstaller

[26/08/2007|13:39] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft

[26/08/2007|13:39] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft

[26/08/2007|13:50] C:\DOCUME~1\ALEXAN~1\APPLIC~1\Adobe
[29/08/2007|12:09] C:\DOCUME~1\ALEXAN~1\APPLIC~1\Google
[04/06/2008|19:33] C:\DOCUME~1\ALEXAN~1\APPLIC~1\Help
[30/08/2007|13:55] C:\DOCUME~1\ALEXAN~1\APPLIC~1\Hewlett-Packard
[26/08/2007|13:48] C:\DOCUME~1\ALEXAN~1\APPLIC~1\Identities
[26/08/2007|13:50] C:\DOCUME~1\ALEXAN~1\APPLIC~1\InterTrust
[18/08/2008|17:01] C:\DOCUME~1\ALEXAN~1\APPLIC~1\LimeWire
[28/08/2007|12:35] C:\DOCUME~1\ALEXAN~1\APPLIC~1\Macromedia
[26/08/2007|13:39] C:\DOCUME~1\ALEXAN~1\APPLIC~1\Microsoft
[01/09/2007|12:15] C:\DOCUME~1\ALEXAN~1\APPLIC~1\Mozilla
[26/08/2007|13:53] C:\DOCUME~1\ALEXAN~1\APPLIC~1\Sun
[10/09/2008|17:32] C:\DOCUME~1\ALEXAN~1\APPLIC~1\Viewpoint
[08/09/2008|19:29] C:\DOCUME~1\ALEXAN~1\APPLIC~1\vlc
[28/09/2007|17:18] C:\DOCUME~1\ALEXAN~1\APPLIC~1\WinRAR


--------------------\\ Tâches planifiées dans C:\WINDOWS\tasks

[26/09/2008 13:55][--a------] C:\WINDOWS\tasks\FRU Task #Hewlett-Packard#hp psc 1200 series#1188474788.job
[26/09/2008 14:25][--a------] C:\WINDOWS\tasks\Check Updates for Windows Live Toolbar.job
[26/09/2008 13:32][--ah-----] C:\WINDOWS\tasks\SA.DAT
[28/08/2001 20:00][-r-h-----] C:\WINDOWS\tasks\desktop.ini

--------------------\\ Listing des dossiers dans C:\Program Files

[26/08/2007|13:50] C:\Program Files\Adobe
[25/09/2007|22:46] C:\Program Files\Alwil Software
[26/08/2007|13:49] C:\Program Files\AvRack
[24/06/2008|15:50] C:\Program Files\Blender Foundation
[11/05/2008|20:40] C:\Program Files\CCleaner
[26/09/2008|13:35] C:\Program Files\Circle Developement
[26/08/2007|13:43] C:\Program Files\ComPlus Applications
[26/08/2007|13:52] C:\Program Files\CyberLink
[29/08/2007|21:54] C:\Program Files\EA GAMES
[27/08/2007|21:03] C:\Program Files\eMule
[26/08/2007|13:40] C:\Program Files\Fichiers communs
[26/08/2007|13:49] C:\Program Files\Generic
[27/08/2007|21:40] C:\Program Files\Google
[26/08/2007|20:16] C:\Program Files\Hewlett-Packard
[26/09/2008|13:35] C:\Program Files\hopemessbook
[26/08/2007|13:49] C:\Program Files\InstallShield Installation Information
[26/08/2007|13:43] C:\Program Files\Internet Explorer
[26/08/2007|13:52] C:\Program Files\Java
[25/09/2008|00:12] C:\Program Files\Lavalys
[17/08/2008|22:16] C:\Program Files\LimeWire
[18/09/2008|17:41] C:\Program Files\Lopxp
[23/09/2008|11:38] C:\Program Files\Malwarebytes' Anti-Malware
[26/08/2007|13:43] C:\Program Files\Messenger
[25/02/2008|21:22] C:\Program Files\Messenger Plus! Live
[26/08/2007|13:45] C:\Program Files\microsoft frontpage
[26/08/2007|20:22] C:\Program Files\Microsoft Office
[26/08/2007|13:44] C:\Program Files\Movie Maker
[31/08/2007|12:13] C:\Program Files\Mozilla Firefox
[26/08/2007|13:43] C:\Program Files\MSN
[26/08/2007|13:43] C:\Program Files\MSN Gaming Zone
[27/08/2007|21:00] C:\Program Files\MSN Messenger
[04/05/2008|22:46] C:\Program Files\MSN Reaper
[26/08/2007|13:43] C:\Program Files\NetMeeting
[26/08/2007|13:51] C:\Program Files\NewTech Infosystems
[26/08/2007|13:43] C:\Program Files\Outlook Express
[04/03/2008|01:28] C:\Program Files\PhotoFiltre
[15/09/2007|01:34] C:\Program Files\QuickTime
[26/08/2007|13:49] C:\Program Files\Realtek Sound Manager
[26/08/2007|13:43] C:\Program Files\Services en ligne
[26/08/2007|20:27] C:\Program Files\Snapshot Viewer
[25/09/2008|19:44] C:\Program Files\Sony Ericsson
[24/06/2008|15:52] C:\Program Files\Spybot - Search & Destroy
[01/02/2008|16:57] C:\Program Files\Stardock
[09/08/2008|23:27] C:\Program Files\Sun
[26/08/2007|19:06] C:\Program Files\Thomson
[18/09/2008|17:16] C:\Program Files\Trend Micro
[26/08/2007|13:48] C:\Program Files\Uninstall Information
[09/11/2007|22:19] C:\Program Files\UxTheme Multipatcher Fr
[08/09/2008|16:24] C:\Program Files\VideoLAN
[15/10/2007|01:59] C:\Program Files\Viewpoint
[26/08/2007|19:05] C:\Program Files\Wanadoo
[26/08/2007|19:05] C:\Program Files\Wanadoo Messager
[25/09/2008|00:14] C:\Program Files\Winamp
[25/02/2008|21:22] C:\Program Files\Windows Live
[27/08/2007|21:00] C:\Program Files\Windows Live Toolbar
[23/09/2008|23:10] C:\Program Files\Windows Media Connect 2
[26/08/2007|13:43] C:\Program Files\Windows Media Player
[26/08/2007|13:43] C:\Program Files\Windows NT
[26/08/2007|13:43] C:\Program Files\WindowsUpdate
[27/08/2007|21:00] C:\Program Files\WinRAR
[16/08/2008|15:26] C:\Program Files\WordBiz
[26/08/2007|13:45] C:\Program Files\xerox
[03/03/2008|17:17] C:\Program Files\XnView
[11/05/2008|20:40] C:\Program Files\Yahoo!

--------------------\\ Listing des dossiers dans C:\Program Files\Fichiers communs

[26/08/2007|13:50] C:\Program Files\Fichiers communs\Adobe
[26/08/2007|20:24] C:\Program Files\Fichiers communs\Designer
[26/08/2007|20:17] C:\Program Files\Fichiers communs\Hewlett-Packard
[26/08/2007|13:49] C:\Program Files\Fichiers communs\InstallShield
[26/08/2007|13:52] C:\Program Files\Fichiers communs\Java
[26/08/2007|13:40] C:\Program Files\Fichiers communs\Microsoft Shared
[26/08/2007|13:44] C:\Program Files\Fichiers communs\MSSoap
[26/08/2007|13:40] C:\Program Files\Fichiers communs\ODBC
[26/08/2007|13:44] C:\Program Files\Fichiers communs\Services
[26/08/2007|13:40] C:\Program Files\Fichiers communs\SpeechEngines
[26/08/2007|13:43] C:\Program Files\Fichiers communs\System
[20/09/2008|22:19] C:\Program Files\Fichiers communs\WindowsLiveInstaller

--------------------\\ Process

( 29 Processes )

... OK !

--------------------\\ Recherche avec S_Lop

C:\DOCUME~1\_FANNY~1\LOCALS~1\Temp\bis4.exe

--------------------\\ Recherche de Fichiers / Dossiers Lop

C:\DOCUME~1\_FANNY~1\APPLIC~1\hopemessbook
C:\DOCUME~1\_FANNY~1\APPLIC~1\hopemessbook\film dumb.exe
C:\DOCUME~1\_FANNY~1\APPLIC~1\hopemessbook\wtwpriyi.exe
C:\DOCUME~1\_FANNY~1\APPLIC~1\hopemessbook\Software bone dupe funk.exe
C:\Program Files\hopemessbook
C:\DOCUME~1\ALLUSE~1\APPLIC~1\soft chic meet great
C:\DOCUME~1\ALLUSE~1\APPLIC~1\soft chic meet great\Curb Exit.exe
C:\Program Files\Circle Developement
C:\Program Files\Circle Developement\Uninstall.exe
C:\DOCUME~1\_FANNY~1\Cookies\• fanny •@32vegas[1].txt
C:\DOCUME~1\_FANNY~1\Cookies\• fanny •@banner.32vegas[2].txt

--------------------\\ Verification du Registre

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"meet great active lies"="C:\\Documents and Settings\\All Users\\Application Data\\soft chic meet great\\Curb Exit.exe"

--------------------\\ Verification du fichier Hosts

Fichier Hosts MODIFIE

127.0.0.1 bin.errorprotector.com ## added by CiD
127.0.0.1 br.errorsafe.com ## added by CiD
127.0.0.1 br.winantivirus.com ## added by CiD
127.0.0.1 br.winfixer.com ## added by CiD
127.0.0.1 cdn.drivecleaner.com ## added by CiD
127.0.0.1 cdn.errorsafe.com ## added by CiD
127.0.0.1 cdn.winsoftware.com ## added by CiD
127.0.0.1 de.errorsafe.com ## added by CiD
127.0.0.1 de.winantivirus.com ## added by CiD
127.0.0.1 download.cdn.drivecleaner.com ## added by CiD
127.0.0.1 download.cdn.errorsafe.com ## added by CiD
127.0.0.1 download.cdn.winsoftware.com ## added by CiD
127.0.0.1 download.errorsafe.com ## added by CiD
127.0.0.1 download.systemdoctor.com ## added by CiD
127.0.0.1 download.winantispyware.com ## added by CiD
127.0.0.1 download.windrivecleaner.com ## added by CiD
127.0.0.1 download.winfixer.com ## added by CiD
127.0.0.1 drivecleaner.com ## added by CiD
127.0.0.1 dynamique.drivecleaner.com ## added by CiD
127.0.0.1 errorprotector.com ## added by CiD
127.0.0.1 errorsafe.com ## added by CiD
127.0.0.1 es.winantivirus.com ## added by CiD
127.0.0.1 fr.winantivirus.com ## added by CiD
127.0.0.1 fr.winfixer.com ## added by CiD
127.0.0.1 go.drivecleaner.com ## added by CiD
127.0.0.1 go.errorsafe.com ## added by CiD
127.0.0.1 go.winantispyware.com ## added by CiD
127.0.0.1 go.winantivirus.com ## added by CiD
127.0.0.1 hk.winantivirus.com ## added by CiD
127.0.0.1 instlog.errorsafe.com ## added by CiD
127.0.0.1 instlog.winantivirus.com ## added by CiD
127.0.0.1 instlog.winfixer.com ## added by CiD
127.0.0.1 jsp.drivecleaner.com ## added by CiD
127.0.0.1 kb.errorsafe.com ## added by CiD
127.0.0.1 kb.winantivirus.com ## added by CiD
127.0.0.1 nl.errorsafe.com ## added by CiD
127.0.0.1 se.errorsafe.com ## added by CiD
127.0.0.1 secure.drivecleaner.com ## added by CiD
127.0.0.1 secure.errorsafe.com ## added by CiD
127.0.0.1 secure.winantispam.com ## added by CiD
127.0.0.1 secure.winantispy.com ## added by CiD
127.0.0.1 secure.winantivirus.com ## added by CiD
127.0.0.1 support.winantivirus.com ## added by CiD
127.0.0.1 trial.updates.winsoftware.com ## added by CiD
127.0.0.1 ulog.winantivirus.com ## added by CiD
127.0.0.1 utils.errorsafe.com ## added by CiD
127.0.0.1 utils.winantivirus.com ## added by CiD
127.0.0.1 utils.winfixer.com ## added by CiD
127.0.0.1 winantispyware.com ## added by CiD
127.0.0.1 winantivirus.com ## added by CiD
127.0.0.1 winfixer.com ## added by CiD
127.0.0.1 winfixer2006.com ## added by CiD
127.0.0.1 winsoftware.com ## added by CiD
127.0.0.1 [i]ww/iw.drivecleaner.com ## added by CiD
127.0.0.1 [i]ww/iw.errorprotector.com ## added by CiD
127.0.0.1 [i]ww/iw.errorsafe.com ## added by CiD
127.0.0.1 [i]ww/iw.systemdoctor.com ## added by CiD
127.0.0.1 [i]ww/iw.utils.winfixer.com ## added by CiD
127.0.0.1 [i]ww/iw.win-anti-virus-pro.com ## added by CiD
127.0.0.1 [i]ww/iw.win-virus-pro.com ## added by CiD
127.0.0.1 [i]ww/iw.winantispam.com ## added by CiD
127.0.0.1 [i]ww/iw.winantispy.com ## added by CiD
127.0.0.1 [i]ww/iw.winantispyware.com ## added by CiD
127.0.0.1 [i]ww/iw.winantivirus.com ## added by CiD
127.0.0.1 [i]ww/iw.winantiviruspro.com ## added by CiD
127.0.0.1 [i]ww/iw.windrivecleaner.com ## added by CiD
127.0.0.1 [i]ww/iw.windrivesafe.com ## added by CiD
127.0.0.1 [i]ww/iw.winfixer.com ## added by CiD
127.0.0.1 [i]ww/iw.winfixer2006.com ## added by CiD
127.0.0.1 [i]ww/iw.winsoftware.com ## added by CiD

-> 8694 [ 70 ## added by CiD ]

--------------------\\ Recherche de fichiers avec Catchme

catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-09-26 14:39:43
Windows 5.1.2600 Service Pack 3 FAT NTAPI
scanning hidden processes ...
scanning hidden files ...
scan completed successfully
hidden processes: 0
hidden files: 0

--------------------\\ Recherche d'autres infections


Aucune autre infection trouvée !

[F:12][D:5]-> C:\DOCUME~1\_FANNY~1\LOCALS~1\Temp
[F:10][D:0]-> C:\DOCUME~1\_FANNY~1\Cookies
[F:222][D:4]-> C:\DOCUME~1\_FANNY~1\LOCALS~1\TEMPOR~1\content.IE5
[F:8][D:0]-> C:\Recycled

1 - "C:\Lop SD\LopR_1.txt" - 26/09/2008|14:40 - Option : [1]

--------------------\\ Fin du rapport a 14:40:39
0
Réponse 10 / 27
Destrio5 Messages postés 85985 Date d'inscription dimanche 11 juillet 2010 Statut Modérateur Dernière intervention 17 février 2023 10 291
26 sept. 2008 à 14:44
Le scan se fait ?
0
Réponse 11 / 27
fanny
26 sept. 2008 à 14:46
c'est pas encore ça ? :(
0
Réponse 12 / 27
Destrio5 Messages postés 85985 Date d'inscription dimanche 11 juillet 2010 Statut Modérateur Dernière intervention 17 février 2023 10 291
26 sept. 2008 à 14:46
Je n'avais pas vu le rapport.

---> Relance Lop S&D
---> Choisis cette fois-ci l'option 2 (Suppression)
---> Ne ferme pas la fenêtre lors de la suppression !
---> Poste le rapport généré (C:\lopR.txt)
0
Réponse 13 / 27
fanny
26 sept. 2008 à 14:51
ouki, voilou..


--------------------\\ Lop S&D 4.2.4-4 XP/Vista


"C:\Lop SD" ( MAJ : 19-09-2008|22:20 )
Option : [2] ( 26/09/2008|14:47 )


\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\ SUPPRESSION

Supprime! - C:\DOCUME~1\_FANNY~1\APPLIC~1\hopemessbook\film dumb.exe
Supprime! - C:\DOCUME~1\_FANNY~1\APPLIC~1\hopemessbook\wtwpriyi.exe
Supprime! - C:\DOCUME~1\_FANNY~1\APPLIC~1\hopemessbook\Software bone dupe funk.exe
Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\soft chic meet great\Curb Exit.exe
Supprime! - C:\Program Files\Circle Developement\Uninstall.exe
Supprime! - C:\DOCUME~1\_FANNY~1\Cookies\• fanny •@32vegas[1].txt
Supprime! - C:\DOCUME~1\_FANNY~1\Cookies\• fanny •@banner.32vegas[2].txt
Supprime! - C:\DOCUME~1\_FANNY~1\LOCALS~1\Temp\bis4.exe
Supprime! - C:\DOCUME~1\_FANNY~1\APPLIC~1\hopemessbook
Supprime! - C:\Program Files\hopemessbook
Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\soft chic meet great
Supprime! - C:\Program Files\Circle Developement
-
[ Fichier Hosts ] .. Restaure!

\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\

Supprime! - C:\Program Files\Viewpoint
Supprime! - C:\DOCUME~1\_FANNY~1\APPLIC~1\Viewpoint
Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\Viewpoint

\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\


--------------------\\ Listing des dossiers dans APPLIC~1

[26/08/2007|13:50] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Adobe
[26/08/2007|13:48] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Identities
[26/08/2007|13:50] C:\DOCUME~1\DEFAUL~1\APPLIC~1\InterTrust
[26/08/2007|13:39] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft
[26/08/2007|13:53] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Sun

[26/09/2007|20:40] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe
[15/10/2007|01:59] C:\DOCUME~1\ALLUSE~1\APPLIC~1\AOL
[15/10/2007|01:53] C:\DOCUME~1\ALLUSE~1\APPLIC~1\AOL Downloads
[15/10/2007|01:59] C:\DOCUME~1\ALLUSE~1\APPLIC~1\AOL OCP
[26/08/2007|13:52] C:\DOCUME~1\ALLUSE~1\APPLIC~1\CyberLink
[23/09/2008|23:11] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Downloaded Installations
[30/08/2007|22:32] C:\DOCUME~1\ALLUSE~1\APPLIC~1\DVD X Studios
[28/08/2007|23:42] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Google
[23/09/2008|11:38] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Malwarebytes
[14/09/2007|21:06] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Messenger Plus!
[26/08/2007|13:39] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft
[26/08/2007|19:59] C:\DOCUME~1\ALLUSE~1\APPLIC~1\MSN6
[26/08/2007|20:27] C:\DOCUME~1\ALLUSE~1\APPLIC~1\SBT
[19/05/2008|14:38] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Skype
[24/06/2008|15:52] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Spybot - Search & Destroy
[18/09/2008|16:40] C:\DOCUME~1\ALLUSE~1\APPLIC~1\SweetIM
[18/09/2008|20:29] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Genuine Advantage
[27/08/2007|21:00] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Live Toolbar
[20/09/2008|22:19] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WLInstaller

[26/08/2007|13:39] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft

[26/08/2007|13:39] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft


[26/08/2007|13:50] C:\DOCUME~1\ALEXAN~1\APPLIC~1\Adobe
[29/08/2007|12:09] C:\DOCUME~1\ALEXAN~1\APPLIC~1\Google
[04/06/2008|19:33] C:\DOCUME~1\ALEXAN~1\APPLIC~1\Help
[30/08/2007|13:55] C:\DOCUME~1\ALEXAN~1\APPLIC~1\Hewlett-Packard
[26/08/2007|13:48] C:\DOCUME~1\ALEXAN~1\APPLIC~1\Identities
[26/08/2007|13:50] C:\DOCUME~1\ALEXAN~1\APPLIC~1\InterTrust
[18/08/2008|17:01] C:\DOCUME~1\ALEXAN~1\APPLIC~1\LimeWire
[28/08/2007|12:35] C:\DOCUME~1\ALEXAN~1\APPLIC~1\Macromedia
[26/08/2007|13:39] C:\DOCUME~1\ALEXAN~1\APPLIC~1\Microsoft
[01/09/2007|12:15] C:\DOCUME~1\ALEXAN~1\APPLIC~1\Mozilla
[26/08/2007|13:53] C:\DOCUME~1\ALEXAN~1\APPLIC~1\Sun
[10/09/2008|17:32] C:\DOCUME~1\ALEXAN~1\APPLIC~1\Viewpoint
[08/09/2008|19:29] C:\DOCUME~1\ALEXAN~1\APPLIC~1\vlc
[28/09/2007|17:18] C:\DOCUME~1\ALEXAN~1\APPLIC~1\WinRAR


--------------------\\ Tâches planifiées dans C:\WINDOWS\tasks

[26/09/2008 13:55][--a------] C:\WINDOWS\tasks\FRU Task #Hewlett-Packard#hp psc 1200 series#1188474788.job
[26/09/2008 14:25][--a------] C:\WINDOWS\tasks\Check Updates for Windows Live Toolbar.job
[26/09/2008 13:32][--ah-----] C:\WINDOWS\tasks\SA.DAT
[28/08/2001 20:00][-r-h-----] C:\WINDOWS\tasks\desktop.ini

--------------------\\ Listing des dossiers dans C:\Program Files

[26/08/2007|13:50] C:\Program Files\Adobe
[25/09/2007|22:46] C:\Program Files\Alwil Software
[26/08/2007|13:49] C:\Program Files\AvRack
[24/06/2008|15:50] C:\Program Files\Blender Foundation
[11/05/2008|20:40] C:\Program Files\CCleaner
[26/08/2007|13:43] C:\Program Files\ComPlus Applications
[26/08/2007|13:52] C:\Program Files\CyberLink
[29/08/2007|21:54] C:\Program Files\EA GAMES
[27/08/2007|21:03] C:\Program Files\eMule
[26/08/2007|13:40] C:\Program Files\Fichiers communs
[26/08/2007|13:49] C:\Program Files\Generic
[27/08/2007|21:40] C:\Program Files\Google
[26/08/2007|20:16] C:\Program Files\Hewlett-Packard
[26/08/2007|13:49] C:\Program Files\InstallShield Installation Information
[26/08/2007|13:43] C:\Program Files\Internet Explorer
[26/08/2007|13:52] C:\Program Files\Java
[25/09/2008|00:12] C:\Program Files\Lavalys
[17/08/2008|22:16] C:\Program Files\LimeWire
[18/09/2008|17:41] C:\Program Files\Lopxp
[23/09/2008|11:38] C:\Program Files\Malwarebytes' Anti-Malware
[26/08/2007|13:43] C:\Program Files\Messenger
[25/02/2008|21:22] C:\Program Files\Messenger Plus! Live
[26/08/2007|13:45] C:\Program Files\microsoft frontpage
[26/08/2007|20:22] C:\Program Files\Microsoft Office
[26/08/2007|13:44] C:\Program Files\Movie Maker
[31/08/2007|12:13] C:\Program Files\Mozilla Firefox
[26/08/2007|13:43] C:\Program Files\MSN
[26/08/2007|13:43] C:\Program Files\MSN Gaming Zone
[27/08/2007|21:00] C:\Program Files\MSN Messenger
[04/05/2008|22:46] C:\Program Files\MSN Reaper
[26/08/2007|13:43] C:\Program Files\NetMeeting
[26/08/2007|13:51] C:\Program Files\NewTech Infosystems
[26/08/2007|13:43] C:\Program Files\Outlook Express
[04/03/2008|01:28] C:\Program Files\PhotoFiltre
[15/09/2007|01:34] C:\Program Files\QuickTime
[26/08/2007|13:49] C:\Program Files\Realtek Sound Manager
[26/08/2007|13:43] C:\Program Files\Services en ligne
[26/08/2007|20:27] C:\Program Files\Snapshot Viewer
[25/09/2008|19:44] C:\Program Files\Sony Ericsson
[24/06/2008|15:52] C:\Program Files\Spybot - Search & Destroy
[01/02/2008|16:57] C:\Program Files\Stardock
[09/08/2008|23:27] C:\Program Files\Sun
[26/08/2007|19:06] C:\Program Files\Thomson
[18/09/2008|17:16] C:\Program Files\Trend Micro
[26/08/2007|13:48] C:\Program Files\Uninstall Information
[09/11/2007|22:19] C:\Program Files\UxTheme Multipatcher Fr
[08/09/2008|16:24] C:\Program Files\VideoLAN
[26/08/2007|19:05] C:\Program Files\Wanadoo
[26/08/2007|19:05] C:\Program Files\Wanadoo Messager
[25/09/2008|00:14] C:\Program Files\Winamp
[25/02/2008|21:22] C:\Program Files\Windows Live
[27/08/2007|21:00] C:\Program Files\Windows Live Toolbar
[23/09/2008|23:10] C:\Program Files\Windows Media Connect 2
[26/08/2007|13:43] C:\Program Files\Windows Media Player
[26/08/2007|13:43] C:\Program Files\Windows NT
[26/08/2007|13:43] C:\Program Files\WindowsUpdate
[27/08/2007|21:00] C:\Program Files\WinRAR
[16/08/2008|15:26] C:\Program Files\WordBiz
[26/08/2007|13:45] C:\Program Files\xerox
[03/03/2008|17:17] C:\Program Files\XnView
[11/05/2008|20:40] C:\Program Files\Yahoo!

--------------------\\ Listing des dossiers dans C:\Program Files\Fichiers communs

[26/08/2007|13:50] C:\Program Files\Fichiers communs\Adobe
[26/08/2007|20:24] C:\Program Files\Fichiers communs\Designer
[26/08/2007|20:17] C:\Program Files\Fichiers communs\Hewlett-Packard
[26/08/2007|13:49] C:\Program Files\Fichiers communs\InstallShield
[26/08/2007|13:52] C:\Program Files\Fichiers communs\Java
[26/08/2007|13:40] C:\Program Files\Fichiers communs\Microsoft Shared
[26/08/2007|13:44] C:\Program Files\Fichiers communs\MSSoap
[26/08/2007|13:40] C:\Program Files\Fichiers communs\ODBC
[26/08/2007|13:44] C:\Program Files\Fichiers communs\Services
[26/08/2007|13:40] C:\Program Files\Fichiers communs\SpeechEngines
[26/08/2007|13:43] C:\Program Files\Fichiers communs\System
[20/09/2008|22:19] C:\Program Files\Fichiers communs\WindowsLiveInstaller

--------------------\\ Process

( 29 Processes )

... OK !

--------------------\\ Recherche avec S_Lop

Aucun fichier / dossier Lop trouvé !

--------------------\\ Recherche de Fichiers / Dossiers Lop

Aucun fichier / dossier Lop trouvé !

--------------------\\ Verification du Registre

..... OK !

--------------------\\ Verification du fichier Hosts

Fichier Hosts PROPRE


--------------------\\ Recherche de fichiers avec Catchme

catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-09-26 14:49:09
Windows 5.1.2600 Service Pack 3 FAT NTAPI
scanning hidden processes ...
scanning hidden files ...
scan completed successfully
hidden processes: 0
hidden files: 0

--------------------\\ Recherche d'autres infections


Aucune autre infection trouvée !

[F:12][D:5]-> C:\DOCUME~1\_FANNY~1\LOCALS~1\Temp
[F:8][D:0]-> C:\DOCUME~1\_FANNY~1\Cookies
[F:222][D:4]-> C:\DOCUME~1\_FANNY~1\LOCALS~1\TEMPOR~1\content.IE5
[F:8][D:0]-> C:\Recycled

1 - "C:\Lop SD\LopR_1.txt" - 26/09/2008|14:40 - Option : [1]
2 - "C:\Lop SD\LopR_2.txt" - 26/09/2008|14:49 - Option : [2]

--------------------\\ Fin du rapport a 14:49:59
0
Réponse 14 / 27
Destrio5 Messages postés 85985 Date d'inscription dimanche 11 juillet 2010 Statut Modérateur Dernière intervention 17 février 2023 10 291
26 sept. 2008 à 14:54
---> Tu peux supprimer Lopxp et Lop S&D

---> Poste un nouveau rapport HijackThis
0
Réponse 15 / 27
fanny
26 sept. 2008 à 14:56
ah.. ? il faut les supprimer lopxp et lop s&d ? ..

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 14:55:08, on 26/09/2008
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\System32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\System32\svchost.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Wanadoo\EspaceWanadoo.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\Wanadoo\ComComp.exe
C:\Program Files\Wanadoo\Watch.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.orange.fr/portail
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.01net.com/telecharger/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,CustomizeSearch = http://dnl.crawler.com/support/sa_customize.aspx?TbId=66006
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://home.sweetim.com/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Wanadoo
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\PROGRA~1\Wanadoo\SEARCH~1.DLL
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [BITSUP] C:\DOCUME~1\_FANNY~1\APPLIC~1\HOPEME~1\film dumb.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messager Wanadoo - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\PROGRA~1\WANADO~1\Wanadoo Messager.exe
O9 - Extra 'Tools' menuitem: Messager Wanadoo - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\PROGRA~1\WANADO~1\Wanadoo Messager.exe
O9 - Extra button: Wanadoo - {1462651F-F4BA-4C76-A001-C4284D0FE16E} - https://www.orange.fr/portail (file missing) (HKCU)
O14 - IERESET.INF: START_PAGE_URL=https://www.01net.com/telecharger/
O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} (QuickTime Object) -
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx1.hotmail.com/mail/w2/resources/MSNPUpld.cab
O16 - DPF: {5C051655-FCD5-4969-9182-770EA5AA5565} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown.cab56986.cab
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://messenger.zone.msn.com/binary/ZIntro.cab56649.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {DB7BF79A-FC51-4B5A-92BC-A65731174380} (InstantAction Game Launcher) - http://ww38.instantaction.com/download/iaplayer.cab
O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab56986.cab
O16 - DPF: {F8C5C0F1-D884-43EB-A5A0-9E1C4A102FA8} -
O17 - HKLM\System\CCS\Services\Tcpip\..\{86E414E2-3289-43CB-AC80-967CD8D9FE9A}: NameServer = 80.10.246.1 81.253.149.2
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\System32\Ati2evxx.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: F-Secure Windows Security Center Legacy Detection Service (Fswsclds) - Unknown owner - C:\Program Files\Securitoo\av_fw\fswsclds.exe (file missing)
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\System32\HPZipm12.exe
0
Réponse 16 / 27
Destrio5 Messages postés 85985 Date d'inscription dimanche 11 juillet 2010 Statut Modérateur Dernière intervention 17 février 2023 10 291
26 sept. 2008 à 14:58
"ah.. ? il faut les supprimer lopxp et lop s&d ? .."
---> On n'en a plus l'utilité.

---> Mets à jour Internet Explorer :
http://www.microsoft.com/downloads/details.aspx?FamilyId=9AE91EBE-3385-447C-8A30-081805B2F90B&displaylang=fr

---> Télécharge CCleaner (N'installe pas la Yahoo Toolbar) :
https://www.ccleaner.com/ccleaner/download

---> Lance-le. Va dans "Options" puis "Avancé", tu décoches la case "Effacer uniquement les fichiers etc...". Tu vas dans "Nettoyeur", tu fais "Analyse". Une fois terminé, tu lances le nettoyage. Puis tu vas dans "Registre", tu fais "Chercher des erreurs". Une fois terminé, tu répares toutes les erreurs sans sauvegarder la base de registre.

---> Poste un nouveau rapport HijackThis
0
Réponse 17 / 27
fanny
26 sept. 2008 à 15:04
Bah ouais mais si j'le laisse dans mon pc ça fait rien j'veux dire :o internet explorer j'y arrive pas ça marche jamais, donc comme j'men sert pas j'cherche plu à l'faire ˆˆ


Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 15:03:20, on 26/09/2008
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\System32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\System32\svchost.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Wanadoo\EspaceWanadoo.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\Wanadoo\ComComp.exe
C:\Program Files\Wanadoo\Watch.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.orange.fr/portail
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.01net.com/telecharger/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,CustomizeSearch = http://dnl.crawler.com/support/sa_customize.aspx?TbId=66006
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://home.sweetim.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Wanadoo
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\PROGRA~1\Wanadoo\SEARCH~1.DLL
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messager Wanadoo - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\PROGRA~1\WANADO~1\Wanadoo Messager.exe
O9 - Extra 'Tools' menuitem: Messager Wanadoo - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\PROGRA~1\WANADO~1\Wanadoo Messager.exe
O9 - Extra button: Wanadoo - {1462651F-F4BA-4C76-A001-C4284D0FE16E} - https://www.orange.fr/portail (file missing) (HKCU)
O14 - IERESET.INF: START_PAGE_URL=http://www.01net.com/telecharger/
O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} (QuickTime Object) -
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx1.hotmail.com/mail/w2/resources/MSNPUpld.cab
O16 - DPF: {5C051655-FCD5-4969-9182-770EA5AA5565} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown.cab56986.cab
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://messenger.zone.msn.com/binary/ZIntro.cab56649.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {DB7BF79A-FC51-4B5A-92BC-A65731174380} (InstantAction Game Launcher) - http://ww38.instantaction.com/download/iaplayer.cab
O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab56986.cab
O16 - DPF: {F8C5C0F1-D884-43EB-A5A0-9E1C4A102FA8} -
O17 - HKLM\System\CCS\Services\Tcpip\..\{86E414E2-3289-43CB-AC80-967CD8D9FE9A}: NameServer = 80.10.246.1 81.253.149.2
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\System32\Ati2evxx.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: F-Secure Windows Security Center Legacy Detection Service (Fswsclds) - Unknown owner - C:\Program Files\Securitoo\av_fw\fswsclds.exe (file missing)
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\System32\HPZipm12.exe
0
Réponse 18 / 27
Destrio5 Messages postés 85985 Date d'inscription dimanche 11 juillet 2010 Statut Modérateur Dernière intervention 17 février 2023 10 291
26 sept. 2008 à 15:06
Ok, pour finir :

---> Désinstalle HijackThis

---> Il est nécessaire de désactiver puis réactiver la restauration système pour la purger :
http://www.infos-du-net.com/forum/272480-11-desactiver-activer-restauration-systeme

---> Je te conseille de créer un point de restauration que tu pourras utiliser plus tard si tu as un problème :
https://www.vulgarisation-informatique.com/creer-point-restauration.php

---> Je te conseille également de remplacer Avast par Antivir

---> Fais un scan rapide avec MBAM, supprime tout ce qu'il trouve et poste le rapport :
http://www.download.com/Malwarebytes-Anti-Malware/3000-8022_4-10804572.htm
0
Réponse 19 / 27
fanny
26 sept. 2008 à 15:09
En fait, le problème c'est que j'ai fais n'importe quoi dans mon pc il y a quelques jours et quand je vais sur "restaurer le système" j'ai le droit à une page.. blanche.. avec rien dessus :s
0
Réponse 20 / 27
fanny
26 sept. 2008 à 15:10
mais je peux faire le scan quand même sans aucun risque ou vaut mieux pas ?
0

Discussions similaires

Problème de clavier, des fenêtre s'ouvrent !!
Lyon691D -
tanteelise -

5 réponses
p0robleme outlook
ghis2000 -
Panth33ra -

1 réponse
apparation intempestives de pub type site de rencontre et photo dans le même ton
Crokino -
Crokino -

6 réponses
Conhost.exe
ThaBestGamer -
Malekal_morte- -

1 réponse
Mon pc ouvre des fenetres tout seul
ilvyans -
bugiuglg -

25 réponses