Posez votre question Format imprimable Liste des forums Aidez-les Statistiques Rechercher Charte Forum Virus-Sécurité

Problème de fenêtre publicitaire..

Dernière réponse le 13 oct 2008 à 19:42:37 Zougoulou, le 13 oct 2008 à 01:21:41

Signaler ce message aux modérateurs

Bonjour,

J'ai des fenêtre publicitaire qui s'active régulièrement dès que je lance internet explorer j'ai beau scanner l'ordinateur avec Antivir et a-squarred anti malware rien ne change. En plus de cela ma connection ralenti ou se déconnecte de manière aléatoire maintenant. Qu'est ce que je dois faire?

J'ai scanné mon ordinateur avec a-squarred anti malware et voilà le rapport:

Version - a-squared Anti-Malware 4.0
Dernière mise à jour : 12/10/2008 21:32:14

Paramètres des balayages :

Éléments : Mémoire, Traces, Cookies, C:\, D:\, F:\
Balaye dans les archives : Marche
Analyse heuristique : Marche
Balaye dans les ADS : Marche

Début du balayage : 12/10/2008 21:32:24

D:\Documents and Settings\krys\Application Data\Mozilla\Firefox\Profiles\db6wrksz.default\cookies.txt:39 Objets détectés : Trace.TrackingCookie.go.com!A2
D:\Documents and Settings\krys\Application Data\Mozilla\Firefox\Profiles\db6wrksz.default\cookies.txt:102 Objets détectés : Trace.TrackingCookie.tracking.publicidees.com!A2
D:\Documents and Settings\krys\Application Data\find flaw media\Defy Phone Wave Setup.exe Objets détectés : Virus.Trojan.Win32.Obfuscated!IK
D:\Documents and Settings\krys\Application Data\find flaw media\file heck.exe Objets détectés : Virus.Win32.Swizzor!IK
D:\Program Files\MessengerPlus! 3\MsgPlus.exe Objets détectés : Generic.Win32.Malware.MessengerPlus!IK
F:\Program Files\MessengerPlus! 3\MsgPlus.exe Objets détectés : Generic.Win32.Malware.MessengerPlus!IK

Analysé

Fichiers : 76755
Traces : 588407
Cookies : 268
Processus : 37

Objets trouvés

Fichiers : 4
Traces : 0
Cookies : 2
Processus : 0
Clés de Registre : 0

Fin du balayage : 12/10/2008 23:26:15
Temps du balayage : 1:53:51

J'ai ensuite effectué un scan avec antivir et voici le rapport:

Avira AntiVir Personal
Report file date: dimanche 12 octobre 2008 22:58

Scanning for 1677110 virus strains and unwanted programs.

Licensed to: Avira AntiVir PersonalEdition Classic
Serial number: 0000149996-ADJIE-0001
Platform: Windows XP
Windows version: (Service Pack 2) [5.1.2600]
Boot mode: Normally booted
Username: SYSTEM
Computer name: PNX

Version information:
BUILD.DAT : 8.1.0.331 16934 Bytes 12/08/2008 11:46:00
AVSCAN.EXE : 8.1.4.7 315649 Bytes 26/06/2008 08:57:53
AVSCAN.DLL : 8.1.4.0 40705 Bytes 26/05/2008 07:56:40
LUKE.DLL : 8.1.4.5 164097 Bytes 12/06/2008 12:44:19
LUKERES.DLL : 8.1.4.0 12033 Bytes 26/05/2008 07:58:52
ANTIVIR0.VDF : 6.40.0.0 11030528 Bytes 18/07/2007 10:33:34
ANTIVIR1.VDF : 7.0.5.1 8182784 Bytes 24/06/2008 13:54:15
ANTIVIR2.VDF : 7.0.7.12 4066816 Bytes 08/10/2008 21:08:48
ANTIVIR3.VDF : 7.0.7.28 120320 Bytes 11/10/2008 21:05:18
Engineversion : 8.1.1.35
AEVDF.DLL : 8.1.0.5 102772 Bytes 09/07/2008 08:46:50
AESCRIPT.DLL : 8.1.0.76 319867 Bytes 18/09/2008 19:04:41
AESCN.DLL : 8.1.0.23 119156 Bytes 23/08/2008 16:44:36
AERDL.DLL : 8.1.1.2 438644 Bytes 18/09/2008 19:04:40
AEPACK.DLL : 8.1.2.3 364918 Bytes 24/09/2008 19:04:07
AEOFFICE.DLL : 8.1.0.25 196986 Bytes 18/09/2008 19:04:38
AEHEUR.DLL : 8.1.0.59 1438071 Bytes 18/09/2008 19:04:36
AEHELP.DLL : 8.1.0.15 115063 Bytes 09/07/2008 08:46:50
AEGEN.DLL : 8.1.0.36 315764 Bytes 23/08/2008 16:44:27
AEEMU.DLL : 8.1.0.7 430452 Bytes 23/08/2008 16:44:24
AECORE.DLL : 8.1.1.11 172406 Bytes 04/09/2008 16:43:49
AEBB.DLL : 8.1.0.1 53617 Bytes 24/04/2008 08:50:42
AVWINLL.DLL : 1.0.0.12 15105 Bytes 09/07/2008 08:40:05
AVPREF.DLL : 8.0.2.0 38657 Bytes 16/05/2008 09:28:01
AVREP.DLL : 8.0.0.2 98344 Bytes 23/08/2008 16:44:20
AVREG.DLL : 8.0.0.1 33537 Bytes 09/05/2008 11:26:40
AVARKT.DLL : 1.0.0.23 307457 Bytes 12/02/2008 08:29:23
AVEVTLOG.DLL : 8.0.0.16 119041 Bytes 12/06/2008 12:27:49
SQLITE3.DLL : 3.3.17.1 339968 Bytes 22/01/2008 17:28:02
SMTPLIB.DLL : 1.2.0.23 28929 Bytes 12/06/2008 12:49:40
NETNT.DLL : 8.0.0.1 7937 Bytes 25/01/2008 12:05:10
RCIMAGE.DLL : 8.0.0.51 2371841 Bytes 12/06/2008 13:48:07
RCTEXT.DLL : 8.0.52.0 86273 Bytes 27/06/2008 13:34:37

Configuration settings for the scan:
Jobname..........................: Complete system scan
Configuration file...............: d:\program files\avira\antivir personaledition classic\sysscan.avp
Logging..........................: low
Primary action...................: interactive
Secondary action.................: ignore
Scan master boot sector..........: on
Scan boot sector.................: on
Boot sectors.....................: C:, D:, F:,
Process scan.....................: on
Scan registry....................: on
Search for rootkits..............: off
Scan all files...................: Intelligent file selection
Scan archives....................: on
Recursion depth..................: 20
Smart extensions.................: on
Macro heuristic..................: on
File heuristic...................: medium

Start of the scan: dimanche 12 octobre 2008 22:58

The scan of running processes will be started
Scan process 'avscan.exe' - '1' Module(s) have been scanned
Scan process 'avcenter.exe' - '1' Module(s) have been scanned
Scan process 'rundll32.exe' - '1' Module(s) have been scanned
Scan process 'WLLoginProxy.exe' - '1' Module(s) have been scanned
Scan process 'SpybotSD.exe' - '1' Module(s) have been scanned
Scan process 'GoogleToolbarNotifier.exe' - '1' Module(s) have been scanned
Scan process 'a2scan.exe' - '1' Module(s) have been scanned
Scan process 'firefox.exe' - '1' Module(s) have been scanned
Scan process 'usnsvc.exe' - '1' Module(s) have been scanned
Scan process 'iexplore.exe' - '1' Module(s) have been scanned
Scan process 'Belkinwcui.exe' - '1' Module(s) have been scanned
Scan process 'iexplore.exe' - '1' Module(s) have been scanned
Scan process 'msnmsgr.exe' - '1' Module(s) have been scanned
Scan process 'bittorrent.exe' - '1' Module(s) have been scanned
Scan process 'TeaTimer.exe' - '1' Module(s) have been scanned
Scan process 'LClock.exe' - '1' Module(s) have been scanned
Scan process 'ctfmon.exe' - '1' Module(s) have been scanned
Scan process 'a2guard.exe' - '1' Module(s) have been scanned
Scan process 'pspVideo9.exe' - '1' Module(s) have been scanned
Scan process 'rundll32.exe' - '1' Module(s) have been scanned
Scan process 'avgnt.exe' - '1' Module(s) have been scanned
Scan process 'zlclient.exe' - '0' Module(s) have been scanned
Scan process 'daemon.exe' - '1' Module(s) have been scanned
Scan process 'alg.exe' - '1' Module(s) have been scanned
Scan process 'explorer.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'nvsvc32.exe' - '1' Module(s) have been scanned
Scan process 'NMSAccessU.exe' - '1' Module(s) have been scanned
Scan process 'avguard.exe' - '1' Module(s) have been scanned
Scan process 'a2service.exe' - '1' Module(s) have been scanned
Scan process 'sched.exe' - '1' Module(s) have been scanned
Scan process 'spoolsv.exe' - '1' Module(s) have been scanned
Scan process 'vsmon.exe' - '0' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'lsass.exe' - '1' Module(s) have been scanned
Scan process 'services.exe' - '1' Module(s) have been scanned
Scan process 'winlogon.exe' - '1' Module(s) have been scanned
Scan process 'csrss.exe' - '1' Module(s) have been scanned
Scan process 'smss.exe' - '1' Module(s) have been scanned
41 processes with 41 modules were scanned

Starting master boot sector scan:
Master boot sector HD0
[INFO] No virus was found!
Master boot sector HD1
[INFO] No virus was found!
Master boot sector HD2
[INFO] No virus was found!
[WARNING] System error [21]: Le périphérique n'est pas prêt.

Start scanning boot sectors:
Boot sector 'C:\'
[INFO] No virus was found!
Boot sector 'D:\'
[INFO] No virus was found!
Boot sector 'F:\'
[INFO] No virus was found!

Starting to scan the registry.
The registry was scanned ( '53' files ).

Starting the file scan:

Begin scan in 'C:\' <krys>
Begin scan in 'D:\'
D:\pagefile.sys
[WARNING] The file could not be opened!
Begin scan in 'F:\'

End of the scan: dimanche 12 octobre 2008 23:37
Used time: 38:18 Minute(s)

The scan has been done completely.

4797 Scanning directories
194672 Files were scanned
0 viruses and/or unwanted programs were found
0 Files were classified as suspicious:
0 files were deleted
0 files were repaired
0 files were moved to quarantine
0 files were renamed
1 Files cannot be scanned
194671 Files not concerned
1560 Archives were scanned
2 Warnings
0 Notes

Puis j'ai terminé par un scan avec hijackthis dont voici le rapport:

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 01:21:13, on 13/10/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 SP2 (7.00.5730.0013)
Boot mode: Normal

Running processes:
D:\WINDOWS\System32\smss.exe
D:\WINDOWS\system32\csrss.exe
D:\WINDOWS\system32\winlogon.exe
D:\WINDOWS\system32\services.exe
D:\WINDOWS\system32\lsass.exe
D:\WINDOWS\system32\svchost.exe
D:\WINDOWS\system32\svchost.exe
D:\WINDOWS\System32\svchost.exe
D:\WINDOWS\system32\svchost.exe
D:\WINDOWS\system32\svchost.exe
D:\WINDOWS\system32\ZoneLabs\vsmon.exe
D:\WINDOWS\system32\spoolsv.exe
D:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
D:\Program Files\a-squared Anti-Malware\a2service.exe
D:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
D:\Program Files\CDBurnerXP\NMSAccessU.exe
D:\WINDOWS\system32\nvsvc32.exe
D:\WINDOWS\system32\svchost.exe
D:\WINDOWS\Explorer.EXE
D:\WINDOWS\System32\alg.exe
D:\Program Files\D-Tools\daemon.exe
D:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
D:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
D:\WINDOWS\system32\RUNDLL32.EXE
D:\Program Files\pspvideo9\pspVideo9.exe
D:\Program Files\a-squared Anti-Malware\a2guard.exe
D:\WINDOWS\system32\ctfmon.exe
D:\WINDOWS\lclock.exe
D:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
D:\Program Files\BitTorrent\bittorrent.exe
D:\Program Files\MSN Messenger\msnmsgr.exe
D:\Program Files\Internet Explorer\IEXPLORE.EXE
D:\Program Files\Belkin\USB F5D7050\Wireless Utility\Belkinwcui.exe
D:\Program Files\Internet Explorer\IEXPLORE.EXE
D:\Program Files\MSN Messenger\usnsvc.exe
D:\Program Files\Mozilla Firefox\firefox.exe
D:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
D:\Documents and Settings\krys\Bureau\HiJackThis.exe
D:\WINDOWS\system32\wbem\wmiprvse.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://xtremeweb.free.fr
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://go.microsoft.com/fwlink/?LinkId=33171&LegitCheckError=3
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Favoris
R3 - URLSearchHook: IsoBuster Toolbar - {266fcdca-7bb3-4da7-b3bf-f845dea2ebd6} - D:\Program Files\IsoBuster\tbIsoB.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - D:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: IsoBuster Toolbar - {266fcdca-7bb3-4da7-b3bf-f845dea2ebd6} - D:\Program Files\IsoBuster\tbIsoB.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - D:\PROGRA~1\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - D:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: IeCatch2 Class - {A5366673-E8CA-11D3-9CD9-0090271D075B} - D:\PROGRA~1\FlashGet\jccatch.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - d:\program files\google\googletoolbar1.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - D:\Program Files\Google\GoogleToolbarNotifier\3.1.807.1746\swg.dll
O2 - BHO: FlashFXP Helper for Internet Explorer - {E5A1691B-D188-4419-AD02-90002030B8EE} - D:\PROGRA~1\FlashFXP\IEFlash.dll
O3 - Toolbar: FlashGet Bar - {E0E899AB-F487-11D5-8D29-0050BA6940E3} - D:\PROGRA~1\FlashGet\fgiebar.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - d:\program files\google\googletoolbar1.dll
O3 - Toolbar: IsoBuster Toolbar - {266fcdca-7bb3-4da7-b3bf-f845dea2ebd6} - D:\Program Files\IsoBuster\tbIsoB.dll
O4 - HKLM\..\Run: [DAEMON Tools-1033] "D:\Program Files\D-Tools\daemon.exe" -lang 1033
O4 - HKLM\..\Run: [Zone Labs Client] "D:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKLM\..\Run: [avgnt] "D:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE D:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE D:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [PSPVideo9] D:\Program Files\pspvideo9\pspVideo9.exe -t
O4 - HKLM\..\Run: [QuickTime Task] "D:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [a-squared] "D:\Program Files\a-squared Anti-Malware\a2guard.exe"
O4 - HKLM\..\RunOnce: [NoIE4StubProcessing] D:\WINDOWS\system32\reg.exe DELETE "HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components" /v "NoIE4StubProcessing" /f
O4 - HKCU\..\Run: [CTFMON.EXE] D:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [LClock] lclock.exe
O4 - HKCU\..\Run: [Skype] "D:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [swg] D:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [MessengerPlus3] "D:\Program Files\MessengerPlus! 3\MsgPlus.exe" /WinStart
O4 - HKCU\..\Run: [SpybotSD TeaTimer] D:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [BitTorrent] "D:\Program Files\BitTorrent\bittorrent.exe" --force_start_minimized
O4 - HKCU\..\Run: [msnmsgr] "D:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [Comp One] D:\DOCUME~1\krys\Application Data\find flaw media\file heck.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] D:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\Run: [LClock] lclock.exe (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\Run: [MSMSGS] "D:\Program Files\Messenger\msmsgs.exe" /background (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\Run: [Skype] "D:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\RunOnce: [MPlayer2_FixUp] D:\WINDOWS\inf\unregmp2.exe /Fixups (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] D:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-20\..\RunOnce: [MPlayer2_FixUp] D:\WINDOWS\inf\unregmp2.exe /Fixups (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] D:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [MPlayer2_FixUp] D:\WINDOWS\inf\unregmp2.exe /Fixups (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] D:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - HKUS\.DEFAULT\..\RunOnce: [MPlayer2_FixUp] D:\WINDOWS\inf\unregmp2.exe /Fixups (User 'Default user')
O4 - Global Startup: Belkin Wireless USB Utility.lnk = D:\Program Files\Belkin\USB F5D7050\Wireless Utility\Belkinwcui.exe
O4 - Global Startup: Microsoft Office.lnk = D:\Program Files\Microsoft Office\Office\OSA9.EXE
O8 - Extra context menu item: Télécharger avec FlashGet - D:\PROGRA~1\FlashGet\jc_link.htm
O8 - Extra context menu item: Télécharger tout avec FlashGet - D:\PROGRA~1\FlashGet\jc_all.htm
O9 - Extra button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - D:\PROGRA~1\FlashGet\flashget.exe
O9 - Extra 'Tools' menuitem: &FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - D:\PROGRA~1\FlashGet\flashget.exe
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - D:\PROGRA~1\Spybot - Search & Destroy\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - D:\PROGRA~1\Spybot - Search & Destroy\SDHelper.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - D:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - D:\Program Files\Messenger\msmsgs.exe
O12 - Plugin for .spop: D:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - D:\PROGRA~1\FICHIE~1\Skype\Skype4COM.dll
O23 - Service: a-squared Anti-Malware Service (a2AntiMalware) - Emsi Software GmbH - D:\Program Files\a-squared Anti-Malware\a2service.exe
O23 - Service: Adobe LM Service - Unknown owner - D:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Avira AntiVir Personal - Free Antivirus Scheduler (AntiVirScheduler) - Avira GmbH - D:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: Avira AntiVir Personal - Free Antivirus Guard (AntiVirService) - Avira GmbH - D:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: Ares Chatroom server (AresChatServer) - Ares Development Group - C:\Program Files\Ares\chatServer.exe
O23 - Service: Google Updater Service (gusvc) - Google - D:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - D:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: NMSAccessU - Unknown owner - D:\Program Files\CDBurnerXP\NMSAccessU.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - D:\WINDOWS\system32\nvsvc32.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - D:\WINDOWS\system32\ZoneLabs\vsmon.exe
End of file - 9418 bytes

Configuration: Windows XP
Firefox 2.0.0.17

Meilleures réponses pour « Problème de fenêtre publicitaire.. » dans :

Fenetre publicitaire intempestive (Résolu) Voir

Fenêtres publicitaires intempestives (Résolu) Voir

Fenêtre publicitaire s'ouvre tout seul (Résolu) Voir

[Popups] Ouverture de fenêtres internet publicitaires (pop-up) Voir

Bloquer les fenêtres CiD ? Voir

Fenetres publicitaire comment les arreter Voir

Fenetres publicitaires intempestives ? Voir

Comment éliminer les fenêtres publicitaires Voir

Posez votre question Répondre

Destrio5, le 13 oct 2008 à 01:29:51

Salut,

---> Télécharge Lop S&D sur ton Bureau
http://eric.71.mespages.googlepages.com/LopSD.exe
---> Double-clique dessus pour lancer l'installation
---> Puis double-clique sur le raccourci Lop S&D présent sur ton Bureau
---> Séléctionne la langue souhaitée, puis choisis l'option 1 (Recherche)
---> Patiente jusqu'à la fin du scan
---> Poste le rapport généré (C:\lopR.txt)

Répondre à Destrio5

zougoulou, le 13 oct 2008 à 17:56:13

Bonjour voici le rapport de LopSD:

--------------------\\ Lop S&D 4.2.4-3 XP/Vista

Microsoft Windows XP Professionnel ( v5.1.2600 ) Service Pack 2
X86-based PC ( Uniprocessor Free : AMD Athlon(tm) 64 Processor 3500+ )
BIOS : Phoenix - AwardBIOS v6.00PG
USER : krys ( Administrator )
BOOT : Normal boot
Antivirus : Avira AntiVir PersonalEdition 8.0.1.27 (Activated)
Firewall : ZoneAlarm Firewall 6.5.737.000 (Activated)
C:\ (Local Disk) - NTFS - Total : 149 Go Free : 3 Go
D:\ (Local Disk) - NTFS - Total : 117 Go Free : 83 Go
E:\ (CD or DVD)
F:\ (Local Disk) - NTFS - Total : 115 Go Free : 113 Go
G:\ (CD or DVD)
I:\ (USB)
J:\ (USB) - FAT32 - Total : 3904 Mo Free : 0 Go

"D:\Lop SD" ( MAJ : 14-09-2008|22:40 )
Option : [1] ( 13/10/2008|17:50 )

--------------------\\ Listing des dossiers dans Application Data

[23/08/2008|15:15] D:\DOCUME~1\Administrateur\Application Data\Identities
[23/08/2008|15:15] D:\DOCUME~1\Administrateur\Application Data\Microsoft
[23/08/2008|15:08] D:\DOCUME~1\Administrateur\Application Data\Mozilla
[23/08/2008|15:15] D:\DOCUME~1\Administrateur\Application Data\Skype

[15/09/2008|20:48] D:\DOCUME~1\ALLUSE~1\Application Data\Apple
[15/09/2008|20:46] D:\DOCUME~1\ALLUSE~1\Application Data\Apple Computer
[23/08/2008|18:42] D:\DOCUME~1\ALLUSE~1\Application Data\Avira
[01/10/2008|00:06] D:\DOCUME~1\ALLUSE~1\Application Data\Book Slow Axis Web
[23/08/2008|17:30] D:\DOCUME~1\ALLUSE~1\Application Data\Google
[13/09/2008|17:39] D:\DOCUME~1\ALLUSE~1\Application Data\Macrovision
[06/10/2008|21:04] D:\DOCUME~1\ALLUSE~1\Application Data\Malwarebytes
[16/09/2008|10:28] D:\DOCUME~1\ALLUSE~1\Application Data\Messenger Plus!
[11/10/2008|17:56] D:\DOCUME~1\ALLUSE~1\Application Data\Microsoft
[23/08/2008|17:04] D:\DOCUME~1\ALLUSE~1\Application Data\SBT
[23/08/2008|16:50] D:\DOCUME~1\ALLUSE~1\Application Data\Skype
[24/08/2008|04:51] D:\DOCUME~1\ALLUSE~1\Application Data\Spybot - Search & Destroy
[23/08/2008|17:54] D:\DOCUME~1\ALLUSE~1\Application Data\Windows Genuine Advantage

[25/09/2008|18:10] D:\DOCUME~1\Dani\Application Data\Microsoft
[06/10/2008|20:10] D:\DOCUME~1\Dani\Application Data\Mozilla
[06/10/2008|18:43] D:\DOCUME~1\Dani\Application Data\Skype

[23/08/2008|15:10] D:\DOCUME~1\DEFAUL~1\Application Data\Microsoft
[23/08/2008|15:08] D:\DOCUME~1\DEFAUL~1\Application Data\Mozilla

[25/09/2008|20:52] D:\DOCUME~1\Invit‚\Application Data\Identities
[25/09/2008|18:21] D:\DOCUME~1\Invit‚\Application Data\Microsoft
[23/08/2008|15:08] D:\DOCUME~1\Invit‚\Application Data\Mozilla
[25/09/2008|20:53] D:\DOCUME~1\Invit‚\Application Data\Skype

[13/09/2008|18:00] D:\DOCUME~1\krys\Application Data\Adobe
[06/09/2008|22:58] D:\DOCUME~1\krys\Application Data\Apple Computer
[10/10/2008|17:08] D:\DOCUME~1\krys\Application Data\BitTorrent
[24/08/2008|05:25] D:\DOCUME~1\krys\Application Data\Canneverbe_Limited
[13/10/2008|01:18] D:\DOCUME~1\krys\Application Data\find flaw media
[30/08/2008|15:26] D:\DOCUME~1\krys\Application Data\Google
[14/09/2008|17:12] D:\DOCUME~1\krys\Application Data\HP
[23/08/2008|16:50] D:\DOCUME~1\krys\Application Data\Identities
[23/08/2008|18:26] D:\DOCUME~1\krys\Application Data\InterTrust
[11/10/2008|17:57] D:\DOCUME~1\krys\Application Data\Leadertech
[23/08/2008|18:31] D:\DOCUME~1\krys\Application Data\Macromedia
[06/10/2008|21:04] D:\DOCUME~1\krys\Application Data\Malwarebytes
[27/08/2008|08:45] D:\DOCUME~1\krys\Application Data\Media Player Classic
[27/09/2008|18:28] D:\DOCUME~1\krys\Application Data\Microsoft
[23/08/2008|16:56] D:\DOCUME~1\krys\Application Data\Microsoft Web Folders
[23/08/2008|18:25] D:\DOCUME~1\krys\Application Data\Mozilla
[30/08/2008|16:15] D:\DOCUME~1\krys\Application Data\Real
[10/10/2008|01:23] D:\DOCUME~1\krys\Application Data\Skype
[13/10/2008|17:20] D:\DOCUME~1\krys\Application Data\skypePM

[23/08/2008|15:15] D:\DOCUME~1\LocalService\Application Data\Microsoft

[23/08/2008|15:15] D:\DOCUME~1\NetworkService\Application Data\Microsoft

--------------------\\ Tâches planifiées dans D:\WINDOWS\tasks

[10/10/2008 20:52][--a------] D:\WINDOWS\tasks\AppleSoftwareUpdate.job
[13/10/2008 17:19][--ah-----] D:\WINDOWS\tasks\SA.DAT
[28/08/2001 19:00][-r-h-----] D:\WINDOWS\tasks\desktop.ini

--------------------\\ Listing des dossiers dans D:\Program Files

[13/09/2008|17:38] D:\Program Files\Adobe
[30/08/2008|16:01] D:\Program Files\aod
[15/09/2008|20:48] D:\Program Files\Apple Software Update
[13/10/2008|13:09] D:\Program Files\a-squared Anti-Malware
[23/08/2008|18:42] D:\Program Files\Avira
[05/09/2008|00:30] D:\Program Files\AviSynth 2.5
[23/08/2008|18:38] D:\Program Files\Belkin
[23/08/2008|18:10] D:\Program Files\BitTorrent
[23/08/2008|14:57] D:\Program Files\BitTorrent++
[23/08/2008|17:37] D:\Program Files\CCleaner
[24/08/2008|05:25] D:\Program Files\CDBurnerXP
[07/09/2008|04:45] D:\Program Files\CDRWIN
[23/08/2008|14:50] D:\Program Files\ComPlus Applications
[07/09/2008|04:33] D:\Program Files\Conduit
[23/08/2008|15:07] D:\Program Files\D-Tools
[11/10/2008|17:48] D:\Program Files\EA Sports
[11/10/2008|01:30] D:\Program Files\eMule
[15/09/2008|20:46] D:\Program Files\Fichiers communs
[01/10/2008|00:06] D:\Program Files\find flaw media
[23/08/2008|15:01] D:\Program Files\FlashFXP
[23/08/2008|15:07] D:\Program Files\FlashGet
[23/08/2008|18:10] D:\Program Files\FLV Player
[23/08/2008|17:30] D:\Program Files\Google
[13/09/2008|17:38] D:\Program Files\InstallShield Installation Information
[13/10/2008|01:33] D:\Program Files\Internet Explorer
[09/09/2008|01:47] D:\Program Files\K-Lite Codec Pack
[07/09/2008|04:53] D:\Program Files\MagicISO
[10/10/2008|10:30] D:\Program Files\Malwarebytes' Anti-Malware
[23/08/2008|14:50] D:\Program Files\Messenger
[15/09/2008|21:34] D:\Program Files\Messenger Plus! Live
[23/08/2008|15:08] D:\Program Files\MessengerPlus! 3
[23/08/2008|17:03] D:\Program Files\Microsoft FrontPage
[23/08/2008|17:16] D:\Program Files\Microsoft Office
[23/08/2008|16:58] D:\Program Files\Microsoft Visual Studio
[13/10/2008|17:33] D:\Program Files\Mozilla Firefox
[15/09/2008|21:34] D:\Program Files\MSN Messenger
[03/10/2008|20:50] D:\Program Files\Navilog1
[23/08/2008|14:51] D:\Program Files\NetMeeting
[23/08/2008|14:51] D:\Program Files\Outlook Express
[05/09/2008|00:30] D:\Program Files\pspvideo9
[15/09/2008|20:46] D:\Program Files\QuickTime
[30/08/2008|16:01] D:\Program Files\Real
[23/08/2008|14:51] D:\Program Files\Services en ligne
[23/08/2008|17:30] D:\Program Files\Skype
[23/08/2008|17:04] D:\Program Files\Snapshot Viewer
[03/10/2008|20:44] D:\Program Files\Spybot - Search & Destroy
[23/08/2008|18:15] D:\Program Files\TeaTimer (Spybot - Search & Destroy)
[16/09/2008|13:29] D:\Program Files\Trend Micro
[23/08/2008|15:15] D:\Program Files\Uninstall Information
[23/08/2008|17:53] D:\Program Files\Winamp
[15/09/2008|21:34] D:\Program Files\Windows Live
[23/08/2008|15:10] D:\Program Files\Windows Media Player
[23/08/2008|14:50] D:\Program Files\Windows NT
[23/08/2008|14:51] D:\Program Files\WindowsUpdate
[23/08/2008|15:09] D:\Program Files\WinRAR
[28/08/2008|21:44] D:\Program Files\Xvid
[23/08/2008|17:41] D:\Program Files\Zone Labs

--------------------\\ Listing des dossiers dans D:\Program Files\Fichiers communs

[13/09/2008|17:39] D:\Program Files\Fichiers communs\Adobe
[13/09/2008|17:39] D:\Program Files\Fichiers communs\Adobe Systems Shared
[15/09/2008|20:46] D:\Program Files\Fichiers communs\Apple
[23/08/2008|16:58] D:\Program Files\Fichiers communs\Designer
[13/09/2008|17:36] D:\Program Files\Fichiers communs\InstallShield
[11/10/2008|17:46] D:\Program Files\Fichiers communs\Microsoft Shared
[23/08/2008|14:51] D:\Program Files\Fichiers communs\MSSoap
[23/08/2008|16:43] D:\Program Files\Fichiers communs\ODBC
[30/08/2008|16:15] D:\Program Files\Fichiers communs\Real
[23/08/2008|14:51] D:\Program Files\Fichiers communs\Services
[23/08/2008|17:30] D:\Program Files\Fichiers communs\Skype
[23/08/2008|17:04] D:\Program Files\Fichiers communs\System

--------------------\\ Process

( 43 Processes )

IEXPLORE.EXE ~ [PID:732]

--------------------\\ Recherche avec S_Lop

Aucun fichier / dossier Lop trouvé !

--------------------\\ Recherche de Fichiers / Dossiers Lop

D:\DOCUME~1\ALLUSE~1\Application Data\Book Slow Axis Web
D:\DOCUME~1\ALLUSE~1\Application Data\Book Slow Axis Web\File start.exe
D:\DOCUME~1\krys\Cookies\krys@www.adserver5[1].txt
D:\DOCUME~1\krys\Cookies\krys@bigpoint[1].txt
D:\DOCUME~1\krys\Cookies\krys@fr.xblaster.bigpoint[1].txt
D:\DOCUME~1\krys\Cookies\krys@fr.xblaster.bigpoint[2].txt
D:\DOCUME~1\krys\Cookies\krys@fr.xblaster.bigpoint[3].txt
D:\DOCUME~1\krys\Cookies\krys@fr.xblaster.bigpoint[4].txt
D:\DOCUME~1\krys\Cookies\krys@banner.cotedazurpalace[2].txt
D:\DOCUME~1\krys\Cookies\krys@cotedazurpalace[1].txt
D:\DOCUME~1\krys\Cookies\krys@cotedazurpalace[2].txt
D:\DOCUME~1\krys\Cookies\krys@adopt.euroclick[2].txt

--------------------\\ Verification du Registre

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

..... OK !

--------------------\\ Verification du fichier Hosts

Fichier Hosts PROPRE

--------------------\\ Recherche de fichiers avec Catchme

catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-10-13 17:54:09
Windows 5.1.2600 Service Pack 2 NTFS
scanning hidden processes ...
scanning hidden files ...
scan completed successfully
hidden processes: 0
hidden files: 0

--------------------\\ Recherche d'autres infections

--------------------\\ Cracks & Keygens ..

D:\DOCUME~1\krys\Application Data\Microsoft\Office\R‚cents\keygen.doc.lnk
D:\DOCUME~1\krys\Favoris\Cracks - Serials
D:\DOCUME~1\krys\Favoris\Cracks - Serials\Astalavista.box.sk.url
D:\DOCUME~1\krys\Mes documents\BitTorrent Downloads\[PSP] Fifa 2009 [EUR][TMasGames.com]\Crack
D:\DOCUME~1\krys\Mes documents\BitTorrent Downloads\[PSP] Fifa 2009 [EUR][TMasGames.com]\keygen.doc
D:\DOCUME~1\krys\Mes documents\BitTorrent Downloads\[PSP] Fifa 2009 [EUR][TMasGames.com]\Crack\FIFA09.exe

[F:154][D:0]-> D:\DOCUME~1\krys\Cookies

1 - "D:\Lop SD\LopR_1.txt" - 16/09/2008|14:12 - Option : [1]
2 - "D:\Lop SD\LopR_2.txt" - 16/09/2008|14:26 - Option : [2]
3 - "D:\Lop SD\LopR_3.txt" - 13/10/2008|17:56 - Option : [1]

--------------------\\ Fin du rapport a 17:56:17

Répondre à zougoulou

Destrio5, le 13 oct 2008 à 18:07:58

---> Relance Lop S&D
---> Choisis cette fois-ci l'option 2 (Suppression)
---> Ne ferme pas la fenêtre lors de la suppression !
---> Poste le rapport généré (C:\lopR.txt)

Répondre à Destrio5

zougoulou, le 13 oct 2008 à 18:17:23

--------------------\\ Lop S&D 4.2.4-3 XP/Vista

Microsoft Windows XP Professionnel ( v5.1.2600 ) Service Pack 2
X86-based PC ( Uniprocessor Free : AMD Athlon(tm) 64 Processor 3500+ )
BIOS : Phoenix - AwardBIOS v6.00PG
USER : krys ( Administrator )
BOOT : Normal boot
Antivirus : Avira AntiVir PersonalEdition 8.0.1.27 (Activated)
Firewall : ZoneAlarm Firewall 6.5.737.000 (Activated)
C:\ (Local Disk) - NTFS - Total : 149 Go Free : 3 Go
D:\ (Local Disk) - NTFS - Total : 117 Go Free : 83 Go
E:\ (CD or DVD)
F:\ (Local Disk) - NTFS - Total : 115 Go Free : 113 Go
G:\ (CD or DVD)
I:\ (USB)

"D:\Lop SD" ( MAJ : 14-09-2008|22:40 )
Option : [2] ( 13/10/2008|18:11 )

\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\ SUPPRESSION

Supprime! - D:\DOCUME~1\ALLUSE~1\Application Data\Book Slow Axis Web\File start.exe
Supprime! - D:\DOCUME~1\krys\Cookies\krys@www.adserver5[1].txt
Supprime! - D:\DOCUME~1\krys\Cookies\krys@bigpoint[1].txt
Supprime! - D:\DOCUME~1\krys\Cookies\krys@fr.xblaster.bigpoint[1].txt
Supprime! - D:\DOCUME~1\krys\Cookies\krys@fr.xblaster.bigpoint[2].txt
Supprime! - D:\DOCUME~1\krys\Cookies\krys@fr.xblaster.bigpoint[3].txt
Supprime! - D:\DOCUME~1\krys\Cookies\krys@fr.xblaster.bigpoint[4].txt
Supprime! - D:\DOCUME~1\krys\Cookies\krys@banner.cotedazurpalace[2].txt
Supprime! - D:\DOCUME~1\krys\Cookies\krys@cotedazurpalace[1].txt
Supprime! - D:\DOCUME~1\krys\Cookies\krys@cotedazurpalace[2].txt
Supprime! - D:\DOCUME~1\krys\Cookies\krys@adopt.euroclick[2].txt
Supprime! - D:\DOCUME~1\ALLUSE~1\Application Data\Book Slow Axis Web
-
[ Fichier Hosts ] .. Restaure!

\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\

--------------------\\ Listing des dossiers dans Application Data

[23/08/2008|15:15] D:\DOCUME~1\Administrateur\Application Data\Identities
[23/08/2008|15:15] D:\DOCUME~1\Administrateur\Application Data\Microsoft
[23/08/2008|15:08] D:\DOCUME~1\Administrateur\Application Data\Mozilla
[23/08/2008|15:15] D:\DOCUME~1\Administrateur\Application Data\Skype

[15/09/2008|20:48] D:\DOCUME~1\ALLUSE~1\Application Data\Apple
[15/09/2008|20:46] D:\DOCUME~1\ALLUSE~1\Application Data\Apple Computer
[23/08/2008|18:42] D:\DOCUME~1\ALLUSE~1\Application Data\Avira
[23/08/2008|17:30] D:\DOCUME~1\ALLUSE~1\Application Data\Google
[13/09/2008|17:39] D:\DOCUME~1\ALLUSE~1\Application Data\Macrovision
[06/10/2008|21:04] D:\DOCUME~1\ALLUSE~1\Application Data\Malwarebytes
[16/09/2008|10:28] D:\DOCUME~1\ALLUSE~1\Application Data\Messenger Plus!
[11/10/2008|17:56] D:\DOCUME~1\ALLUSE~1\Application Data\Microsoft
[23/08/2008|17:04] D:\DOCUME~1\ALLUSE~1\Application Data\SBT
[23/08/2008|16:50] D:\DOCUME~1\ALLUSE~1\Application Data\Skype
[24/08/2008|04:51] D:\DOCUME~1\ALLUSE~1\Application Data\Spybot - Search & Destroy
[23/08/2008|17:54] D:\DOCUME~1\ALLUSE~1\Application Data\Windows Genuine Advantage

[25/09/2008|18:10] D:\DOCUME~1\Dani\Application Data\Microsoft
[06/10/2008|20:10] D:\DOCUME~1\Dani\Application Data\Mozilla
[06/10/2008|18:43] D:\DOCUME~1\Dani\Application Data\Skype

[23/08/2008|15:10] D:\DOCUME~1\DEFAUL~1\Application Data\Microsoft
[23/08/2008|15:08] D:\DOCUME~1\DEFAUL~1\Application Data\Mozilla

[25/09/2008|20:52] D:\DOCUME~1\Invit‚\Application Data\Identities
[25/09/2008|18:21] D:\DOCUME~1\Invit‚\Application Data\Microsoft
[23/08/2008|15:08] D:\DOCUME~1\Invit‚\Application Data\Mozilla
[25/09/2008|20:53] D:\DOCUME~1\Invit‚\Application Data\Skype

[13/09/2008|18:00] D:\DOCUME~1\krys\Application Data\Adobe
[06/09/2008|22:58] D:\DOCUME~1\krys\Application Data\Apple Computer
[13/10/2008|18:05] D:\DOCUME~1\krys\Application Data\BitTorrent
[24/08/2008|05:25] D:\DOCUME~1\krys\Application Data\Canneverbe_Limited
[13/10/2008|01:18] D:\DOCUME~1\krys\Application Data\find flaw media
[30/08/2008|15:26] D:\DOCUME~1\krys\Application Data\Google
[14/09/2008|17:12] D:\DOCUME~1\krys\Application Data\HP
[23/08/2008|16:50] D:\DOCUME~1\krys\Application Data\Identities
[23/08/2008|18:26] D:\DOCUME~1\krys\Application Data\InterTrust
[11/10/2008|17:57] D:\DOCUME~1\krys\Application Data\Leadertech
[23/08/2008|18:31] D:\DOCUME~1\krys\Application Data\Macromedia
[06/10/2008|21:04] D:\DOCUME~1\krys\Application Data\Malwarebytes
[27/08/2008|08:45] D:\DOCUME~1\krys\Application Data\Media Player Classic
[27/09/2008|18:28] D:\DOCUME~1\krys\Application Data\Microsoft
[23/08/2008|16:56] D:\DOCUME~1\krys\Application Data\Microsoft Web Folders
[23/08/2008|18:25] D:\DOCUME~1\krys\Application Data\Mozilla
[30/08/2008|16:15] D:\DOCUME~1\krys\Application Data\Real
[10/10/2008|01:23] D:\DOCUME~1\krys\Application Data\Skype
[13/10/2008|17:20] D:\DOCUME~1\krys\Application Data\skypePM

[23/08/2008|15:15] D:\DOCUME~1\LocalService\Application Data\Microsoft

[23/08/2008|15:15] D:\DOCUME~1\NetworkService\Application Data\Microsoft

--------------------\\ Tâches planifiées dans D:\WINDOWS\tasks

[10/10/2008 20:52][--a------] D:\WINDOWS\tasks\AppleSoftwareUpdate.job
[13/10/2008 17:19][--ah-----] D:\WINDOWS\tasks\SA.DAT
[28/08/2001 19:00][-r-h-----] D:\WINDOWS\tasks\desktop.ini

--------------------\\ Listing des dossiers dans D:\Program Files

[13/09/2008|17:38] D:\Program Files\Adobe
[30/08/2008|16:01] D:\Program Files\aod
[15/09/2008|20:48] D:\Program Files\Apple Software Update
[13/10/2008|13:09] D:\Program Files\a-squared Anti-Malware
[23/08/2008|18:42] D:\Program Files\Avira
[05/09/2008|00:30] D:\Program Files\AviSynth 2.5
[23/08/2008|18:38] D:\Program Files\Belkin
[23/08/2008|18:10] D:\Program Files\BitTorrent
[23/08/2008|14:57] D:\Program Files\BitTorrent++
[23/08/2008|17:37] D:\Program Files\CCleaner
[24/08/2008|05:25] D:\Program Files\CDBurnerXP
[07/09/2008|04:45] D:\Program Files\CDRWIN
[23/08/2008|14:50] D:\Program Files\ComPlus Applications
[07/09/2008|04:33] D:\Program Files\Conduit
[23/08/2008|15:07] D:\Program Files\D-Tools
[11/10/2008|17:48] D:\Program Files\EA Sports
[11/10/2008|01:30] D:\Program Files\eMule
[15/09/2008|20:46] D:\Program Files\Fichiers communs
[01/10/2008|00:06] D:\Program Files\find flaw media
[23/08/2008|15:01] D:\Program Files\FlashFXP
[23/08/2008|15:07] D:\Program Files\FlashGet
[23/08/2008|18:10] D:\Program Files\FLV Player
[23/08/2008|17:30] D:\Program Files\Google
[13/09/2008|17:38] D:\Program Files\InstallShield Installation Information
[13/10/2008|01:33] D:\Program Files\Internet Explorer
[09/09/2008|01:47] D:\Program Files\K-Lite Codec Pack
[07/09/2008|04:53] D:\Program Files\MagicISO
[10/10/2008|10:30] D:\Program Files\Malwarebytes' Anti-Malware
[23/08/2008|14:50] D:\Program Files\Messenger
[15/09/2008|21:34] D:\Program Files\Messenger Plus! Live
[23/08/2008|15:08] D:\Program Files\MessengerPlus! 3
[23/08/2008|17:03] D:\Program Files\Microsoft FrontPage
[23/08/2008|17:16] D:\Program Files\Microsoft Office
[23/08/2008|16:58] D:\Program Files\Microsoft Visual Studio
[13/10/2008|17:33] D:\Program Files\Mozilla Firefox
[15/09/2008|21:34] D:\Program Files\MSN Messenger
[03/10/2008|20:50] D:\Program Files\Navilog1
[23/08/2008|14:51] D:\Program Files\NetMeeting
[23/08/2008|14:51] D:\Program Files\Outlook Express
[05/09/2008|00:30] D:\Program Files\pspvideo9
[15/09/2008|20:46] D:\Program Files\QuickTime
[30/08/2008|16:01] D:\Program Files\Real
[23/08/2008|14:51] D:\Program Files\Services en ligne
[23/08/2008|17:30] D:\Program Files\Skype
[23/08/2008|17:04] D:\Program Files\Snapshot Viewer
[03/10/2008|20:44] D:\Program Files\Spybot - Search & Destroy
[23/08/2008|18:15] D:\Program Files\TeaTimer (Spybot - Search & Destroy)
[16/09/2008|13:29] D:\Program Files\Trend Micro
[23/08/2008|15:15] D:\Program Files\Uninstall Information
[23/08/2008|17:53] D:\Program Files\Winamp
[15/09/2008|21:34] D:\Program Files\Windows Live
[23/08/2008|15:10] D:\Program Files\Windows Media Player
[23/08/2008|14:50] D:\Program Files\Windows NT
[23/08/2008|14:51] D:\Program Files\WindowsUpdate
[23/08/2008|15:09] D:\Program Files\WinRAR
[28/08/2008|21:44] D:\Program Files\Xvid
[23/08/2008|17:41] D:\Program Files\Zone Labs

--------------------\\ Listing des dossiers dans D:\Program Files\Fichiers communs

[13/09/2008|17:39] D:\Program Files\Fichiers communs\Adobe
[13/09/2008|17:39] D:\Program Files\Fichiers communs\Adobe Systems Shared
[15/09/2008|20:46] D:\Program Files\Fichiers communs\Apple
[23/08/2008|16:58] D:\Program Files\Fichiers communs\Designer
[13/09/2008|17:36] D:\Program Files\Fichiers communs\InstallShield
[11/10/2008|17:46] D:\Program Files\Fichiers communs\Microsoft Shared
[23/08/2008|14:51] D:\Program Files\Fichiers communs\MSSoap
[23/08/2008|16:43] D:\Program Files\Fichiers communs\ODBC
[30/08/2008|16:15] D:\Program Files\Fichiers communs\Real
[23/08/2008|14:51] D:\Program Files\Fichiers communs\Services
[23/08/2008|17:30] D:\Program Files\Fichiers communs\Skype
[23/08/2008|17:04] D:\Program Files\Fichiers communs\System

--------------------\\ Process

( 41 Processes )

... OK !

--------------------\\ Recherche avec S_Lop

Aucun fichier / dossier Lop trouvé !

--------------------\\ Recherche de Fichiers / Dossiers Lop

Aucun fichier / dossier Lop trouvé !

--------------------\\ Verification du Registre

..... OK !

--------------------\\ Verification du fichier Hosts

Fichier Hosts PROPRE

--------------------\\ Recherche de fichiers avec Catchme

catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-10-13 18:16:49
Windows 5.1.2600 Service Pack 2 NTFS
scanning hidden processes ...
scanning hidden files ...
scan completed successfully
hidden processes: 0
hidden files: 0

--------------------\\ Recherche d'autres infections

--------------------\\ Cracks & Keygens ..

D:\DOCUME~1\krys\Application Data\Microsoft\Office\R‚cents\keygen.doc.lnk
D:\DOCUME~1\krys\Favoris\Cracks - Serials
D:\DOCUME~1\krys\Favoris\Cracks - Serials\Astalavista.box.sk.url
D:\DOCUME~1\krys\Mes documents\BitTorrent Downloads\[PSP] Fifa 2009 [EUR][TMasGames.com]\Crack
D:\DOCUME~1\krys\Mes documents\BitTorrent Downloads\[PSP] Fifa 2009 [EUR][TMasGames.com]\keygen.doc
D:\DOCUME~1\krys\Mes documents\BitTorrent Downloads\[PSP] Fifa 2009 [EUR][TMasGames.com]\Crack\FIFA09.exe

[F:142][D:0]-> D:\DOCUME~1\krys\Cookies

1 - "D:\Lop SD\LopR_1.txt" - 16/09/2008|14:12 - Option : [1]
2 - "D:\Lop SD\LopR_2.txt" - 16/09/2008|14:26 - Option : [2]
3 - "D:\Lop SD\LopR_3.txt" - 13/10/2008|17:56 - Option : [1]
4 - "D:\Lop SD\LopR_4.txt" - 13/10/2008|18:18 - Option : [2]

--------------------\\ Fin du rapport a 18:18:18

Répondre à zougoulou

Destrio5, le 13 oct 2008 à 18:30:36

"D:\DOCUME~1\krys\Application Data\Microsoft\Office\R‚cents\keygen.doc.lnk
D:\DOCUME~1\krys\Favoris\Cracks - Serials
D:\DOCUME~1\krys\Favoris\Cracks - Serials\Astalavista.box.sk.url
D:\DOCUME~1\krys\Mes documents\BitTorrent Downloads\[PSP] Fifa 2009 [EUR][TMasGames.com]\Crack
D:\DOCUME~1\krys\Mes documents\BitTorrent Downloads\[PSP] Fifa 2009 [EUR][TMasGames.com]\keygen.doc
D:\DOCUME~1\krys\Mes documents\BitTorrent Downloads\[PSP] Fifa 2009 [EUR][TMasGames.com]\Crack\FIFA09.exe"
---> Tu devrais faire le tri pour le bien de ton PC.

---> Supprime Lop S&D et le dossier Lop S&D situé dans C:\

---> Télécharge OTMoveIt2 à partir du lien ci-dessous :
http://download.bleepingcomputer.com/oldtimer/OTMoveIt2.exe

---> Enregistre le fichier sur le Bureau.

---> Double-clique sur le fichier OTMoveIt2.exe pour lancer l'outil.
Assure-toi que la case Unregister Dll's and Ocx's soit bien cochée.

---> Copie l'intégralité du texte ci-dessous et colle-le dans la fenêtre intitulée Paste List Of Files/Folders to Move.

D:\DOCUME~1\krys\Application Data\find flaw media\
D:\Program Files\find flaw media\

---> Clique sur MoveIt! pour lancer la suppression.
Lorsqu'un résultat apparaît dans le cadre Results, clique sur Exit.

Note : Si un fichier ou dossier ne peut pas être supprimé immédiatement, le logiciel te demandera de redémarrer. Accepte en cliquant sur YES.

---> Poste le rapport de OTMoveIt qui se trouve dans C:\_OTMoveIt\MovedFiles.

Répondre à Destrio5

zougoulou, le 13 oct 2008 à 18:40:51

Bonjour,

excusez moi mais j'ai cliqué sur le lien et a-squarred a reconnu le lien comme étant un trojan j'ai cherché le logiciel sur google mais je n'ai trouvé aucun site où telecharger OTMoveIt2 .

Répondre à zougoulou

Destrio5, le 13 oct 2008 à 18:51:07

OTMoveIt2 n'est pas un troyen donc désactive a-squared.

Répondre à Destrio5

zougoulou, le 13 oct 2008 à 18:56:09

Voici le rapport:

D:\DOCUME~1\krys\Application Data\find flaw media moved successfully.
D:\Program Files\find flaw media moved successfully.
File/Folder not found.

OTMoveIt2 by OldTimer - Version 1.0.4.3 log created on 10132008_185630

Répondre à zougoulou

Destrio5, le 13 oct 2008 à 19:07:55

- Télécharge HijackThis v2.0.2 (HijackThis Installer) :
http://www.trendsecure.com/portal/en-US/threat_analytics/HJTInstall.exe

- Fais un double-clic sur HJTInstall.exe afin de lancer l'installation.

- Clique sur Install ensuite sur I Accept.

- Clique sur Do a system scan and save a logfile.

- Le bloc-notes s'ouvrira, fais un copier-coller de tout son contenu ici dans ton prochain message.

Répondre à Destrio5

zougoulou, le 13 oct 2008 à 19:11:55

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 19:13:32, on 13/10/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.5730.0013)
Boot mode: Normal

Running processes:
D:\WINDOWS\System32\smss.exe
D:\WINDOWS\system32\csrss.exe
D:\WINDOWS\system32\winlogon.exe
D:\WINDOWS\system32\services.exe
D:\WINDOWS\system32\lsass.exe
D:\WINDOWS\system32\svchost.exe
D:\WINDOWS\system32\svchost.exe
D:\WINDOWS\System32\svchost.exe
D:\WINDOWS\system32\svchost.exe
D:\WINDOWS\system32\svchost.exe
D:\WINDOWS\system32\ZoneLabs\vsmon.exe
D:\WINDOWS\system32\spoolsv.exe
D:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
D:\Program Files\a-squared Anti-Malware\a2service.exe
D:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
D:\Program Files\CDBurnerXP\NMSAccessU.exe
D:\WINDOWS\system32\nvsvc32.exe
D:\WINDOWS\system32\svchost.exe
D:\WINDOWS\System32\alg.exe
D:\WINDOWS\Explorer.EXE
D:\Program Files\D-Tools\daemon.exe
D:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
D:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
D:\WINDOWS\system32\RUNDLL32.EXE
D:\Program Files\pspvideo9\pspVideo9.exe
D:\Program Files\a-squared Anti-Malware\a2guard.exe
D:\WINDOWS\system32\ctfmon.exe
D:\WINDOWS\lclock.exe
D:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
D:\Program Files\BitTorrent\bittorrent.exe
D:\Program Files\MSN Messenger\msnmsgr.exe
D:\Program Files\Belkin\USB F5D7050\Wireless Utility\Belkinwcui.exe
D:\Program Files\MSN Messenger\usnsvc.exe
D:\Program Files\Mozilla Firefox\firefox.exe
D:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
D:\Program Files\Internet Explorer\IEXPLORE.EXE
D:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe
D:\Program Files\Trend Micro\HijackThis\HijackThis.exe
D:\WINDOWS\system32\wbem\wmiprvse.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://xtremeweb.free.fr
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://go.microsoft.com/fwlink/?LinkId=33171&LegitCheckError=3
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Favoris
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - D:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - D:\PROGRA~1\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - D:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: IeCatch2 Class - {A5366673-E8CA-11D3-9CD9-0090271D075B} - D:\PROGRA~1\FlashGet\jccatch.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - d:\program files\google\googletoolbar1.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - D:\Program Files\Google\GoogleToolbarNotifier\3.1.807.1746\swg.dll
O2 - BHO: FlashFXP Helper for Internet Explorer - {E5A1691B-D188-4419-AD02-90002030B8EE} - D:\PROGRA~1\FlashFXP\IEFlash.dll
O3 - Toolbar: FlashGet Bar - {E0E899AB-F487-11D5-8D29-0050BA6940E3} - D:\PROGRA~1\FlashGet\fgiebar.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - d:\program files\google\googletoolbar1.dll
O4 - HKLM\..\Run: [DAEMON Tools-1033] "D:\Program Files\D-Tools\daemon.exe" -lang 1033
O4 - HKLM\..\Run: [Zone Labs Client] "D:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKLM\..\Run: [avgnt] "D:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE D:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE D:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [PSPVideo9] D:\Program Files\pspvideo9\pspVideo9.exe -t
O4 - HKLM\..\Run: [QuickTime Task] "D:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [a-squared] "D:\Program Files\a-squared Anti-Malware\a2guard.exe"
O4 - HKLM\..\RunOnce: [NoIE4StubProcessing] D:\WINDOWS\system32\reg.exe DELETE "HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components" /v "NoIE4StubProcessing" /f
O4 - HKCU\..\Run: [CTFMON.EXE] D:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [LClock] lclock.exe
O4 - HKCU\..\Run: [Skype] "D:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [swg] D:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [MessengerPlus3] "D:\Program Files\MessengerPlus! 3\MsgPlus.exe" /WinStart
O4 - HKCU\..\Run: [SpybotSD TeaTimer] D:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [BitTorrent] "D:\Program Files\BitTorrent\bittorrent.exe" --force_start_minimized
O4 - HKCU\..\Run: [msnmsgr] "D:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [Comp One] D:\DOCUME~1\krys\Application Data\find flaw media\file heck.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] D:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\Run: [LClock] lclock.exe (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\Run: [MSMSGS] "D:\Program Files\Messenger\msmsgs.exe" /background (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\Run: [Skype] "D:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\RunOnce: [MPlayer2_FixUp] D:\WINDOWS\inf\unregmp2.exe /Fixups (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] D:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-20\..\RunOnce: [MPlayer2_FixUp] D:\WINDOWS\inf\unregmp2.exe /Fixups (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] D:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [MPlayer2_FixUp] D:\WINDOWS\inf\unregmp2.exe /Fixups (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] D:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - HKUS\.DEFAULT\..\RunOnce: [MPlayer2_FixUp] D:\WINDOWS\inf\unregmp2.exe /Fixups (User 'Default user')
O4 - Global Startup: Belkin Wireless USB Utility.lnk = D:\Program Files\Belkin\USB F5D7050\Wireless Utility\Belkinwcui.exe
O4 - Global Startup: Microsoft Office.lnk = D:\Program Files\Microsoft Office\Office\OSA9.EXE
O8 - Extra context menu item: Télécharger avec FlashGet - D:\PROGRA~1\FlashGet\jc_link.htm
O8 - Extra context menu item: Télécharger tout avec FlashGet - D:\PROGRA~1\FlashGet\jc_all.htm
O9 - Extra button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - D:\PROGRA~1\FlashGet\flashget.exe
O9 - Extra 'Tools' menuitem: &FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - D:\PROGRA~1\FlashGet\flashget.exe
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - D:\PROGRA~1\Spybot - Search & Destroy\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - D:\PROGRA~1\Spybot - Search & Destroy\SDHelper.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - D:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - D:\Program Files\Messenger\msmsgs.exe
O12 - Plugin for .spop: D:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/...
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - D:\PROGRA~1\FICHIE~1\Skype\Skype4COM.dll
O23 - Service: a-squared Anti-Malware Service (a2AntiMalware) - Emsi Software GmbH - D:\Program Files\a-squared Anti-Malware\a2service.exe
O23 - Service: Adobe LM Service - Unknown owner - D:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Avira AntiVir Personal - Free Antivirus Scheduler (AntiVirScheduler) - Avira GmbH - D:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: Avira AntiVir Personal - Free Antivirus Guard (AntiVirService) - Avira GmbH - D:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: Ares Chatroom server (AresChatServer) - Ares Development Group - C:\Program Files\Ares\chatServer.exe
O23 - Service: Google Updater Service (gusvc) - Google - D:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - D:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: NMSAccessU - Unknown owner - D:\Program Files\CDBurnerXP\NMSAccessU.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - D:\WINDOWS\system32\nvsvc32.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - D:\WINDOWS\system32\ZoneLabs\vsmon.exe
End of file - 9629 bytes

Répondre à zougoulou

Destrio5, le 13 oct 2008 à 19:20:42

---> Relance HijackThis et choisis Do a system scan only

---> Coche les cases qui sont devant les lignes suivantes :

O4 - HKLM\..\Run: [QuickTime Task] "D:\Program Files\QuickTime\qttask.exe" -atboottime

O4 - HKCU\..\Run: [Comp One] D:\DOCUME~1\krys\Application Data\find flaw media\file heck.exe

---> Clique en bas sur Fix checked. Mets oui si HijackThis te demande quelque chose.

---> Redémarre ton PC et poste un nouveau rapport HijackThis.

Répondre à Destrio5

zougoulou, le 13 oct 2008 à 19:26:57

Voici le rapport:

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 19:26:39, on 13/10/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.5730.0013)
Boot mode: Normal

Running processes:
D:\WINDOWS\System32\smss.exe
D:\WINDOWS\system32\csrss.exe
D:\WINDOWS\system32\winlogon.exe
D:\WINDOWS\system32\services.exe
D:\WINDOWS\system32\lsass.exe
D:\WINDOWS\system32\svchost.exe
D:\WINDOWS\system32\svchost.exe
D:\WINDOWS\System32\svchost.exe
D:\WINDOWS\system32\svchost.exe
D:\WINDOWS\system32\svchost.exe
D:\WINDOWS\system32\ZoneLabs\vsmon.exe
D:\WINDOWS\system32\spoolsv.exe
D:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
D:\Program Files\a-squared Anti-Malware\a2service.exe
D:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
D:\Program Files\CDBurnerXP\NMSAccessU.exe
D:\WINDOWS\system32\nvsvc32.exe
D:\WINDOWS\system32\svchost.exe
D:\WINDOWS\System32\alg.exe
D:\WINDOWS\Explorer.EXE
D:\Program Files\D-Tools\daemon.exe
D:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
D:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
D:\WINDOWS\system32\RUNDLL32.EXE
D:\Program Files\pspvideo9\pspVideo9.exe
D:\Program Files\a-squared Anti-Malware\a2guard.exe
D:\WINDOWS\system32\ctfmon.exe
D:\WINDOWS\lclock.exe
D:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
D:\Program Files\BitTorrent\bittorrent.exe
D:\Program Files\MSN Messenger\msnmsgr.exe
D:\Program Files\Belkin\USB F5D7050\Wireless Utility\Belkinwcui.exe
D:\Program Files\MSN Messenger\usnsvc.exe
D:\Program Files\Mozilla Firefox\firefox.exe
D:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
D:\Program Files\Trend Micro\HijackThis\HijackThis.exe
D:\WINDOWS\system32\wbem\wmiprvse.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://xtremeweb.free.fr
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://go.microsoft.com/fwlink/?LinkId=33171&LegitCheckError=3
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Favoris
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - D:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - D:\PROGRA~1\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - D:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: IeCatch2 Class - {A5366673-E8CA-11D3-9CD9-0090271D075B} - D:\PROGRA~1\FlashGet\jccatch.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - d:\program files\google\googletoolbar1.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - D:\Program Files\Google\GoogleToolbarNotifier\3.1.807.1746\swg.dll
O2 - BHO: FlashFXP Helper for Internet Explorer - {E5A1691B-D188-4419-AD02-90002030B8EE} - D:\PROGRA~1\FlashFXP\IEFlash.dll
O3 - Toolbar: FlashGet Bar - {E0E899AB-F487-11D5-8D29-0050BA6940E3} - D:\PROGRA~1\FlashGet\fgiebar.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - d:\program files\google\googletoolbar1.dll
O4 - HKLM\..\Run: [DAEMON Tools-1033] "D:\Program Files\D-Tools\daemon.exe" -lang 1033
O4 - HKLM\..\Run: [Zone Labs Client] "D:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKLM\..\Run: [avgnt] "D:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE D:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE D:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [PSPVideo9] D:\Program Files\pspvideo9\pspVideo9.exe -t
O4 - HKLM\..\Run: [a-squared] "D:\Program Files\a-squared Anti-Malware\a2guard.exe"
O4 - HKLM\..\RunOnce: [NoIE4StubProcessing] D:\WINDOWS\system32\reg.exe DELETE "HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components" /v "NoIE4StubProcessing" /f
O4 - HKCU\..\Run: [CTFMON.EXE] D:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [LClock] lclock.exe
O4 - HKCU\..\Run: [Skype] "D:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [swg] D:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [MessengerPlus3] "D:\Program Files\MessengerPlus! 3\MsgPlus.exe" /WinStart
O4 - HKCU\..\Run: [SpybotSD TeaTimer] D:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [BitTorrent] "D:\Program Files\BitTorrent\bittorrent.exe" --force_start_minimized
O4 - HKCU\..\Run: [msnmsgr] "D:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] D:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\Run: [LClock] lclock.exe (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\Run: [MSMSGS] "D:\Program Files\Messenger\msmsgs.exe" /background (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\Run: [Skype] "D:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\RunOnce: [MPlayer2_FixUp] D:\WINDOWS\inf\unregmp2.exe /Fixups (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] D:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-20\..\RunOnce: [MPlayer2_FixUp] D:\WINDOWS\inf\unregmp2.exe /Fixups (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] D:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [MPlayer2_FixUp] D:\WINDOWS\inf\unregmp2.exe /Fixups (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] D:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - HKUS\.DEFAULT\..\RunOnce: [MPlayer2_FixUp] D:\WINDOWS\inf\unregmp2.exe /Fixups (User 'Default user')
O4 - Global Startup: Belkin Wireless USB Utility.lnk = D:\Program Files\Belkin\USB F5D7050\Wireless Utility\Belkinwcui.exe
O4 - Global Startup: Microsoft Office.lnk = D:\Program Files\Microsoft Office\Office\OSA9.EXE
O8 - Extra context menu item: Télécharger avec FlashGet - D:\PROGRA~1\FlashGet\jc_link.htm
O8 - Extra context menu item: Télécharger tout avec FlashGet - D:\PROGRA~1\FlashGet\jc_all.htm
O9 - Extra button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - D:\PROGRA~1\FlashGet\flashget.exe
O9 - Extra 'Tools' menuitem: &FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - D:\PROGRA~1\FlashGet\flashget.exe
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - D:\PROGRA~1\Spybot - Search & Destroy\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - D:\PROGRA~1\Spybot - Search & Destroy\SDHelper.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - D:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - D:\Program Files\Messenger\msmsgs.exe
O12 - Plugin for .spop: D:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/...
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - D:\PROGRA~1\FICHIE~1\Skype\Skype4COM.dll
O23 - Service: a-squared Anti-Malware Service (a2AntiMalware) - Emsi Software GmbH - D:\Program Files\a-squared Anti-Malware\a2service.exe
O23 - Service: Adobe LM Service - Unknown owner - D:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Avira AntiVir Personal - Free Antivirus Scheduler (AntiVirScheduler) - Avira GmbH - D:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: Avira AntiVir Personal - Free Antivirus Guard (AntiVirService) - Avira GmbH - D:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: Ares Chatroom server (AresChatServer) - Ares Development Group - C:\Program Files\Ares\chatServer.exe
O23 - Service: Google Updater Service (gusvc) - Google - D:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - D:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: NMSAccessU - Unknown owner - D:\Program Files\CDBurnerXP\NMSAccessU.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - D:\WINDOWS\system32\nvsvc32.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - D:\WINDOWS\system32\ZoneLabs\vsmon.exe
End of file - 9316 bytes

Répondre à zougoulou

Destrio5, le 13 oct 2008 à 19:36:17

---> Désinstalle HijackThis.

---> Supprime OTMoveIt2 et le dossier _OTMoveIt situé dans D:\

As-tu encore des problèmes ?

Répondre à Destrio5

zougoulou, le 13 oct 2008 à 19:39:01

Je te remercie je n'en ai plus. Merci encore!!!

Répondre à zougoulou

Destrio5, le 13 oct 2008 à 19:42:37

Pour finir :

---> Télécharge Tools Cleaner sur ton bureau.
http://www.commentcamarche.net/telecharger/telecharger 34055291 toolscleaner
Clique sur Recherche et laisse le scan agir.
Clique sur Suppression pour finaliser.
Tu peux, si tu le souhaites, te servir des Options facultatives.
Clique sur Quitter pour obtenir le rapport.
Poste le rapport (TCleaner.txt) qui se trouve à la racine de ton disque dur (C:\).

---> Télécharge CCleaner (N'installe pas la Yahoo Toolbar) :
http://www.ccleaner.com/download/downloading

---> Lance-le. Va dans "Options" puis "Avancé", tu décoches la case "Effacer uniquement les fichiers etc...". Tu vas dans "Nettoyeur", tu fais "Analyse". Une fois terminé, tu lances le nettoyage. Puis tu vas dans "Registre", tu fais "Chercher des erreurs". Une fois terminé, tu répares toutes les erreurs sans sauvegarder la base de registre.

---> Il est nécessaire de désactiver puis réactiver la restauration système pour la purger :
http://www.infos-du-net.com/forum/272480-11-desactiver-activer-restauration-systeme

---> Je te conseille de créer un point de restauration que tu pourras utiliser plus tard si tu as un problème :
http://www.vulgarisation-informatique.com/creer-point-restauration.php

---> Mets à jour Windows

Répondre à Destrio5

Posez votre question Répondre