Se connecter / S'enregistrer
Votre question

Probleme: Pub Pop-up exaspérant [résolu]

Tags :
  • Sécurité
Dernière réponse : dans Sécurité et virus
3 Juin 2011 15:41:45

Bonjour à tous,


Depuis quelques semaines, ma navigation internet est constamment pertubée par l'ouverture de publicité intempestive.
J'ai parcouru le forum, et je vois que ce problème est très récurrent.

Alors j'ai suivi les étapes souvent redemandées aux utilisateurs, les voici:

Ad-Remover:
http://www.sendspace.com/file/5691iw

OTL
http://www.sendspace.com/file/9pqhbt
http://www.sendspace.com/file/5f5be9

Malwarebytes Anti-Malware n'a détecté aucun problème.

SecurityCheck:

Results of screen317's Security Check version 0.99.12
Windows 7 (UAC is enabled)
Internet Explorer 8
``````````````````````````````
Antivirus/Firewall Check:

WMI entry may not exist for antivirus; attempting automatic update.
```````````````````````````````
Anti-malware/Other Utilities Check:

MVPS Hosts File
Malwarebytes' Anti-Malware
Adobe Flash Player 10.3.181.14
Adobe Reader X (10.0.1) - Français
Mozilla Firefox (x86 fr..)
````````````````````````````````
Process Check:
objlist.exe by Laurent

Malwarebytes' Anti-Malware mbamservice.exe
Malwarebytes' Anti-Malware mbamgui.exe
Malwarebytes' Anti-Malware mbam.exe
``````````End of Log````````````




Merci à tous pour votre aide!

Autres pages sur : probleme pub pop exasperant resolu

3 Juin 2011 21:30:48

Bonsoir

1

/!\ Déconnecte-toi, désactive ton anti-virus et ferme toutes applications en cours /!\

  • Double-clique sur AD-R situé sur ton Bureau pour le lancer.
    (Sous Vista/Seven, il faut cliquer droit sur AD-R et choisir Exécuter en tant qu'administrateur)
  • Choisis la langue F pour français.
  • Au menu principal, choisis l'option Nettoyer.

    /!\ Laisse travailler l'outil /!\

  • Poste le rapport qui apparaît à la fin (C:\Ad-Report-CLEAN.log).
    /!\ Pense à réactiver ton antivirus /!\

    2


    Télécharge DDS et sauvegarde-le sur ton bureau.
  • Désactive tout script bloquant, tels qu'un antivirus, un logiciel comme ad-block, noscript etc.
  • Double-clique sur dds.scr pour lancer l'outil.
  • Une fois le scan fini, un document texte, DDS.txt, va s'ouvrir .
  • Clique Oui à la prochaine invite Optional Scan.
  • Sauvegarde les deux rapports sur ton bureau et poste-moi uniquement le DDS.txt.
    5 Juin 2011 11:14:57


    Bonjour,

    Mon ordinateur ne semble plus afficher la publicité depuis, mais je poste cependant ce que vous me suggérer de faire, on n'est jamais sur de rien.

    ========================================

    **** Google Chrome Version [11.0.696.71] ****


    -- C:\Users\Anvin\AppData\Local\Google\Chrome\User Data\Default --
    Preferences - default_search_provider: "Google" (Activé: true) (?)
    Preferences - homepage: hxxp://www.google.com
    Preferences - homepage_is_newtabpage: true
    Plugin - Chrome NaCl (Activé: false) (C:\Users\Anvin\AppData\Local\Google\Chrome\Application\11.0.696.71\ppGoogleNaClPluginChrome.dll)
    Plugin - Windows Live\u0099 Photo Gallery (Activé: true) (C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll)
    Plugin - "Silverlight" (Activé: true)
    Plugin - "Chrome NaCl" (Activé: false)
    Plugin - "Windows Live\u0099 Photo Gallery" (Activé: true)

    ========================================

    **** Internet Explorer Version [9.0.8112.16421] ****

    HKCU_Main|Default_Page_URL - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnh...
    HKCU_Main|Default_Search_URL - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
    HKCU_Main|Search bar - hxxp://go.microsoft.com/fwlink/?linkid=54896
    HKCU_Main|Start Page - hxxp://fr.msn.com/
    HKLM_Main|Default_Page_URL - hxxp://go.microsoft.com/fwlink/?LinkId=54896
    HKLM_Main|Default_Search_URL - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
    HKLM_Main|Search bar - hxxp://search.msn.com/spbasic.htm
    HKLM_Main|Search Page - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
    HKLM_Main|Start Page - hxxp://fr.msn.com/
    HKCU_URLSearchHooks|{a65e491f-a436-4952-b49a-b24ed99a0f67} (x)
    HKLM_ElevationPolicy\{07d873dc-b9b9-44f5-af0b-fb59fa54fb7a} - C:\Windows\SysWOW64\wpcer.exe (x)
    HKLM_ElevationPolicy\{0a402d70-1f10-4ae7-bec9-286a98240695} - C:\Windows\SysWOW64\winfxdocobj.exe (x)
    HKLM_ElevationPolicy\{6A7C9604-8A57-4B28-821B-BDEDF0E04788} - C:\Program Files\Microsoft Office\Office14\winproj.exe (x)
    HKLM_ElevationPolicy\{70f641fd-9ffc-4d5b-a4dc-962af4ed7999} - C:\Program Files (x86)\Internet Explorer\iedw.exe (x)
    HKLM_ElevationPolicy\{A6E2003F-95C5-4591-BA9A-0093080FDB5C} - C:\Program Files (x86)\Common Files\Oberon Media\OberonBroker\1.0.0.63\OberonBroker.exe (?)
    HKLM_ElevationPolicy\{B43A0C1E-B63F-4691-B68F-CD807A45DA01} - C:\Windows\system32\TSWbPrxy.exe (x)
    BHO\{b070d3e3-fec0-47d9-8e8a-99d4eeb3d3b0} - "FlashGetBHO" (C:\Users\Anvin\AppData\Roaming\FlashGetBHO\FlashGetBHO3.dll)
    BHO\{C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - "Google Dictionary Compression sdch" () (x)

    ========================================

    C:\Program Files (x86)\Ad-Remover\Quarantine: 0 Fichier(s)
    C:\Program Files (x86)\Ad-Remover\Backup: 16 Fichier(s)

    C:\Ad-Report-CLEAN[1].txt - 05/06/2011 10:57:44 (4314 Octet(s))
    C:\Ad-Report-CLEAN[2].txt - 05/06/2011 11:01:27 (3645 Octet(s))
    C:\Ad-Report-SCAN[1].txt - 03/06/2011 14:50:33 (7590 Octet(s))

    Fin à: 11:02:27, 05/06/2011

    ============== E.O.F ==============


    DDS
    http://www.sendspace.com/file/insg11


    Merci beaucoup pour votre aide et votre spontanéité!
    Contenus similaires
    5 Juin 2011 22:51:24

    Bonsoir
    sendspace ne marche pas ce soir. :/ 
    tu peux poster ton rapport directement sur le forum?
    merci.
    6 Juin 2011 10:07:27

    .
    DDS (Ver_2011-06-03.01) - NTFSAMD64
    Internet Explorer: 9.0.8112.16421
    Run by Anvin at 11:06:52 on 2011-06-05
    Microsoft Windows 7 Édition Familiale Premium 6.1.7600.0.1252.33.1036.18.3764.2175 [GMT 2:00]
    .
    AV: ESET Smart Security 4.2 *Disabled/Updated* {77DEAFED-8149-104B-25A1-21771CA47CD1}
    SP: ESET Smart Security 4.2 *Disabled/Updated* {CCBF4E09-A773-1FC5-1F11-1A056723366C}
    SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
    FW: Pare-feu personnel d'ESET *Enabled* {4FE52EC8-CB26-1113-0EFE-8842E2773BAA}
    .
    ============== Running Processes ===============
    .
    C:\Windows\system32\wininit.exe
    C:\Windows\system32\lsm.exe
    C:\Windows\system32\svchost.exe -k DcomLaunch
    C:\Windows\system32\svchost.exe -k RPCSS
    C:\Windows\system32\atiesrxx.exe
    C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
    C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
    C:\Windows\system32\svchost.exe -k netsvcs
    C:\Windows\system32\svchost.exe -k LocalService
    C:\Windows\system32\atieclxx.exe
    C:\Windows\system32\svchost.exe -k NetworkService
    C:\Windows\system32\WLANExt.exe
    C:\Windows\system32\conhost.exe
    C:\Windows\system32\taskeng.exe
    C:\Windows\System32\spoolsv.exe
    C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
    C:\Program Files (x86)\Launch Manager\dsiwmis.exe
    C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe
    C:\Program Files\Acer\Acer PowerSmart Manager\ePowerSvc.exe
    C:\Program Files (x86)\Acer\Registration\GREGsvc.exe
    C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
    C:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe
    C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe
    C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe
    C:\Program Files (x86)\Cyberlink\Shared files\RichVideo.exe
    C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
    C:\Windows\system32\svchost.exe -k imgsvc
    C:\Program Files (x86)\TuneUp Utilities 2011\TuneUpUtilitiesService64.exe
    C:\Program Files\Acer\Acer Updater\UpdaterService.exe
    C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
    C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
    C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
    C:\Windows\system32\taskhost.exe
    C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
    C:\Windows\system32\Dwm.exe
    C:\Program Files (x86)\TuneUp Utilities 2011\TuneUpUtilitiesApp64.exe
    C:\Windows\Explorer.EXE
    C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
    C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
    C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
    C:\Windows\System32\igfxtray.exe
    C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
    C:\Program Files\ESET\ESET Smart Security\egui.exe
    C:\Program Files\Windows Sidebar\sidebar.exe
    C:\Users\Anvin\AppData\Roaming\Dropbox\bin\Dropbox.exe
    C:\Program Files (x86)\Launch Manager\LManager.exe
    C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
    C:\Program Files (x86)\Launch Manager\MMDx64Fx.exe
    C:\Program Files (x86)\Launch Manager\LMworker.exe
    C:\Windows\system32\wbem\unsecapp.exe
    C:\Windows\system32\wbem\wmiprvse.exe
    C:\Program Files\Acer\Acer PowerSmart Manager\ePowerTray.exe
    C:\Program Files\Acer\Acer PowerSmart Manager\ePowerEvent.exe
    C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
    C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
    C:\Windows\system32\sppsvc.exe
    C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
    C:\Windows\System32\svchost.exe -k secsvcs
    C:\Program Files\Windows Media Player\wmpnetwk.exe
    C:\Windows\System32\svchost.exe -k LocalServicePeerNet
    C:\Windows\system32\DllHost.exe
    C:\Program Files (x86)\Mozilla Firefox\firefox.exe
    C:\Windows\system32\wbem\wmiprvse.exe
    C:\Windows\system32\DllHost.exe
    C:\Windows\system32\DllHost.exe
    C:\Windows\SysWOW64\cmd.exe
    C:\Windows\system32\conhost.exe
    C:\Windows\SysWOW64\cscript.exe
    .
    ============== Pseudo HJT Report ===============
    .
    uWindow Title =
    uURLSearchHooks: H - No File
    mWinlogon: Userinit=userinit.exe
    BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
    BHO: Groove GFS Browser Helper: {72853161-30c5-4d22-b7f9-0bbc1d38a37e} - C:\PROGRA~2\MICROS~3\Office14\GROOVEEX.DLL
    BHO: Programme d'aide de l'Assistant de connexion Windows Live ID: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
    BHO: FlashGetBHO: {b070d3e3-fec0-47d9-8e8a-99d4eeb3d3b0} - C:\Users\Anvin\AppData\Roaming\FlashGetBHO\FlashGetBHO3.dll
    BHO: Office Document Cache Handler: {b4f3a835-0e21-4959-ba22-42b3008e02ff} - C:\PROGRA~2\MICROS~3\Office14\URLREDIR.DLL
    BHO: Google Dictionary Compression sdch: {c84d72fe-e17d-4195-bb24-76c02e2e7c4e} - Google Dictionary Compression sdch
    TB: Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
    uRun: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
    mRun: [LManager] C:\Program Files (x86)\Launch Manager\LManager.exe
    mRun: [Malwarebytes' Anti-Malware] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray
    StartupFolder: C:\Users\Anvin\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\Dropbox.lnk - C:\Users\Anvin\AppData\Roaming\Dropbox\bin\Dropbox.exe
    mPolicies-explorer: NoActiveDesktop = 1 (0x1)
    mPolicies-explorer: NoActiveDesktopChanges = 1 (0x1)
    mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5)
    mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)
    mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
    IE: ????3??
    IE: ????3??????
    IE: Download all by FlashGet3 - C:\Users\Anvin\AppData\Roaming\FlashGetBHO\GetAllUrl.htm
    IE: Download by FlashGet3 - C:\Users\Anvin\AppData\Roaming\FlashGetBHO\GetUrl.htm
    IE: E&xporter vers Microsoft Excel - C:\PROGRA~1\MICROS~2\Office14\EXCEL.EXE/3000
    IE: Google Sidewiki... - C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_6CE5017F567343CA.dll/cmsidewiki.html
    IE: ????3?? - C:\Users\Anvin\AppData\Roaming\FlashGetBHO\GetUrl.htm
    IE: ????3?????? - C:\Users\Anvin\AppData\Roaming\FlashGetBHO\GetAllUrl.htm
    IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
    TCP: DhcpNameServer = 212.27.40.241 212.27.40.240
    TCP: Interfaces\{47AA9BE7-82D4-4D7B-9C23-EAAA3234A9F6} : DhcpNameServer = 10.1.0.1
    TCP: Interfaces\{77A19877-A0D4-4C5B-928C-68BDE226BF49} : DhcpNameServer = 212.27.40.241 212.27.40.240
    TCP: Interfaces\{77A19877-A0D4-4C5B-928C-68BDE226BF49}\3425F45535D2A45535D224144564D2544555449414E445 : DhcpNameServer = 10.36.100.4
    TCP: Interfaces\{77A19877-A0D4-4C5B-928C-68BDE226BF49}\6427565675966696 : DhcpNameServer = 212.27.40.241 212.27.40.242
    TCP: Interfaces\{DFEE2242-366F-42A9-B3DE-C4273AB1F84C} : DhcpNameServer = 172.16.0.98 172.16.0.26 194.167.143.2
    Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL
    Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
    SEH: Groove GFS Stub Execution Hook: {b5a7f190-dda6-4420-b3ba-52453494e6cd} - C:\PROGRA~2\MICROS~3\Office14\GROOVEEX.DLL
    IFEO: perfectdisk.exe - "C:\Program Files (x86)\TuneUp Utilities 2011\TUAutoReactivator64.exe"
    {18DF081C-E8AD-4283-A596-FA578C2EBDC3}
    {72853161-30C5-4D22-B7F9-0BBC1D38A37E}
    {9030D464-4C02-4ABF-8ECC-5164760863C6}
    {AA58ED58-01DD-4d91-8333-CF10577473F7}
    {b070d3e3-fec0-47d9-8e8a-99d4eeb3d3b0}
    {B4F3A835-0E21-4959-BA22-42B3008E02FF}
    {C84D72FE-E17D-4195-BB24-76C02E2E7C4E}
    {2318C2B1-4965-11d4-9B18-009027A5CD4F}
    mRun-x64: [LManager] C:\Program Files (x86)\Launch Manager\LManager.exe
    mRun-x64: [Malwarebytes' Anti-Malware] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray
    SEH-X64: {B5A7F190-DDA6-4420-B3BA-52453494E6CD}: Groove GFS Stub Execution Hook
    IFEO-X64: perfectdisk.exe - "C:\Program Files (x86)\TuneUp Utilities 2011\TUAutoReactivator64.exe"
    Hosts: 127.0.0.1 www.spywareinfo.com
    .
    ================= FIREFOX ===================
    .
    FF - ProfilePath - C:\Users\Anvin\AppData\Roaming\Mozilla\Firefox\Profiles\3oqpq7xj.default\
    FF - prefs.js: browser.startup.homepage - google.fr
    FF - prefs.js: network.proxy.type - 0
    FF - plugin: C:\PROGRA~2\MICROS~3\Office14\NPAUTHZ.DLL
    FF - plugin: C:\PROGRA~2\MICROS~3\Office14\NPSPWRAP.DLL
    FF - plugin: C:\Program Files (x86)\Google\Update\1.2.183.39\npGoogleOneClick8.dll
    FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\4.0.60310.0\npctrlui.dll
    FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
    FF - plugin: C:\Users\Anvin\AppData\Local\Google\Update\1.3.21.57\npGoogleUpdate3.dll
    FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll
    .
    ============= SERVICES / DRIVERS ===============
    .
    R0 Lbd;Lbd;C:\Windows\system32\DRIVERS\Lbd.sys --> C:\Windows\system32\DRIVERS\Lbd.sys [?]
    R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;C:\Windows\system32\DRIVERS\dtsoftbus01.sys --> C:\Windows\system32\DRIVERS\dtsoftbus01.sys [?]
    R1 mwlPSDFilter;mwlPSDFilter;C:\Windows\system32\DRIVERS\mwlPSDFilter.sys --> C:\Windows\system32\DRIVERS\mwlPSDFilter.sys [?]
    R1 mwlPSDNServ;mwlPSDNServ;C:\Windows\system32\DRIVERS\mwlPSDNServ.sys --> C:\Windows\system32\DRIVERS\mwlPSDNServ.sys [?]
    R1 mwlPSDVDisk;mwlPSDVDisk;C:\Windows\system32\DRIVERS\mwlPSDVDisk.sys --> C:\Windows\system32\DRIVERS\mwlPSDVDisk.sys [?]
    R1 vwififlt;Virtual WiFi Filter Driver;C:\Windows\system32\DRIVERS\vwififlt.sys --> C:\Windows\system32\DRIVERS\vwififlt.sys [?]
    R2 AMD External Events Utility;AMD External Events Utility;C:\Windows\system32\atiesrxx.exe --> C:\Windows\system32\atiesrxx.exe [?]
    R2 DsiWMIService;Dritek WMI Service;C:\Program Files (x86)\Launch Manager\dsiwmis.exe [2010-1-14 325200]
    R2 eamonm;eamonm;C:\Windows\system32\DRIVERS\eamonm.sys --> C:\Windows\system32\DRIVERS\eamonm.sys [?]
    R2 ekrn;ESET Service;C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe [2011-1-12 810144]
    R2 epfwwfp;epfwwfp;C:\Windows\system32\DRIVERS\epfwwfp.sys --> C:\Windows\system32\DRIVERS\epfwwfp.sys [?]
    R2 ePowerSvc;Acer ePower Service;C:\Program Files\Acer\Acer PowerSmart Manager\ePowerSvc.exe [2010-6-1 820768]
    R2 GREGService;GREGService;C:\Program Files (x86)\Acer\Registration\GREGsvc.exe [2010-1-8 23584]
    R2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2010-5-13 13336]
    R2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2011-6-3 366640]
    R2 NTI IScheduleSvc;NTI IScheduleSvc;C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe [2010-3-9 250368]
    R2 NTISchedulerSvc;NTI Backup Now 5 Scheduler Service;C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe [2009-11-6 144640]
    R2 TuneUp.UtilitiesSvc;TuneUp Utilities Service;C:\Program Files (x86)\TuneUp Utilities 2011\TuneUpUtilitiesService64.exe [2011-5-20 2026304]
    R2 UNS;Intel(R) Management & Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2010-6-1 2314240]
    R2 Updater Service;Updater Service;C:\Program Files\Acer\Acer Updater\UpdaterService.exe [2010-5-14 243232]
    R3 amdkmdag;amdkmdag;C:\Windows\system32\DRIVERS\atipmdag.sys --> C:\Windows\system32\DRIVERS\atipmdag.sys [?]
    R3 amdkmdap;amdkmdap;C:\Windows\system32\DRIVERS\atikmpag.sys --> C:\Windows\system32\DRIVERS\atikmpag.sys [?]
    R3 HECIx64;Intel(R) Management Engine Interface;C:\Windows\system32\DRIVERS\HECIx64.sys --> C:\Windows\system32\DRIVERS\HECIx64.sys [?]
    R3 Impcd;Impcd;C:\Windows\system32\DRIVERS\Impcd.sys --> C:\Windows\system32\DRIVERS\Impcd.sys [?]
    R3 intelkmd;intelkmd;C:\Windows\system32\DRIVERS\igdpmd64.sys --> C:\Windows\system32\DRIVERS\igdpmd64.sys [?]
    R3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller;C:\Windows\system32\DRIVERS\L1C62x64.sys --> C:\Windows\system32\DRIVERS\L1C62x64.sys [?]
    R3 MBAMProtector;MBAMProtector;\??\C:\Windows\system32\drivers\mbam.sys --> C:\Windows\system32\drivers\mbam.sys [?]
    R3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv;C:\Program Files (x86)\TuneUp Utilities 2011\TuneUpUtilitiesDriver64.sys [2011-4-26 11856]
    S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
    S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
    S2 gupdate;Service Google Update (gupdate);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-3-28 135664]
    S3 AmUStor;AM USB Stroage Driver;C:\Windows\system32\drivers\AmUStor.SYS --> C:\Windows\system32\drivers\AmUStor.SYS [?]
    S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service;C:\Program Files\Microsoft Office\Office14\GROOVE.EXE [2010-3-25 51456888]
    S3 MWLService;MyWinLocker Service;C:\Program Files (x86)\EgisTec MyWinLocker\x86\MWLService.exe [2010-4-17 305520]
    S3 NTIBackupSvc;NTI Backup Now 5 Backup Service;C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe [2009-11-6 50432]
    S3 ose64;Office 64 Source Engine;C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-1-9 174440]
    S3 osppsvc;Office Software Protection Platform;C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-1-9 4925184]
    S3 VBoxUSB;VirtualBox USB;C:\Windows\system32\Drivers\VBoxUSB.sys --> C:\Windows\system32\Drivers\VBoxUSB.sys [?]
    S3 WatAdminSvc;Service Windows Activation Technologies;C:\Windows\system32\Wat\WatAdminSvc.exe --> C:\Windows\system32\Wat\WatAdminSvc.exe [?]
    S4 MSSQLServerADHelper100;Service SQL Active Directory Helper;C:\Program Files\Microsoft SQL Server\100\Shared\sqladhlp.exe [2009-7-21 61976]
    S4 RsFx0103;RsFx0103 Driver;C:\Windows\system32\DRIVERS\RsFx0103.sys --> C:\Windows\system32\DRIVERS\RsFx0103.sys [?]
    S4 SQLAgent$SQLEXPRESS;Agent SQL Server (SQLEXPRESS);C:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE [2009-3-30 427880]
    .
    =============== Created Last 30 ================
    .
    2011-06-04 09:27:04 34624 ----a-w- C:\Windows\System32\TURegOpt.exe
    2011-06-04 09:27:02 36160 ----a-w- C:\Windows\System32\uxtuneup.dll
    2011-06-04 09:27:02 29504 ----a-w- C:\Windows\SysWow64\uxtuneup.dll
    2011-06-04 09:27:02 25920 ----a-w- C:\Windows\System32\authuitu.dll
    2011-06-04 09:27:01 21312 ----a-w- C:\Windows\SysWow64\authuitu.dll
    2011-06-04 09:19:21 -------- d-----w- C:\Program Files (x86)\TuneUp Utilities 2011
    2011-06-04 08:27:46 -------- d-----w- C:\Users\Anvin\AppData\Local\{65DCFF1D-334C-4E6C-8B3E-353291DC2816}
    2011-06-03 13:00:39 -------- d-----w- C:\Users\Anvin\AppData\Roaming\Malwarebytes
    2011-06-03 13:00:34 39984 ----a-w- C:\Windows\SysWow64\drivers\mbamswissarmy.sys
    2011-06-03 13:00:34 -------- d-----w- C:\ProgramData\Malwarebytes
    2011-06-03 13:00:30 25912 ----a-w- C:\Windows\System32\drivers\mbam.sys
    2011-06-03 13:00:30 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware
    2011-06-03 12:50:25 -------- d-----w- C:\Program Files (x86)\Ad-Remover
    2011-06-03 12:43:54 8718160 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{5EDCE11E-F421-4139-B3A2-A9D5BC0BAFC2}\mpengine.dll
    2011-06-03 12:33:37 -------- d-----w- C:\Users\Anvin\AppData\Local\{B661250B-C1D0-4A05-A5BA-728517600A58}
    2011-06-01 21:33:49 -------- d-----w- C:\Users\Anvin\AppData\Local\{A8640FFB-9E7E-4A73-B659-AA0B8F87D839}
    2011-06-01 09:33:14 -------- d-----w- C:\Users\Anvin\AppData\Local\{1100BEF2-C6F7-447D-8A03-659E0F74C7B8}
    2011-05-31 21:31:24 -------- d-----w- C:\Users\Anvin\AppData\Local\{EA3A4A75-A490-4B67-B128-D5BE3B56E28F}
    2011-05-31 09:30:47 -------- d-----w- C:\Users\Anvin\AppData\Local\{E1F3EFC2-BF0D-4033-96AE-05D1C25564DE}
    2011-05-30 21:30:29 -------- d-----w- C:\Users\Anvin\AppData\Local\{32EA2F3E-E851-4AA0-AC5B-DDA3B565BC67}
    2011-05-30 09:29:56 -------- d-----w- C:\Users\Anvin\AppData\Local\{2D5FB70B-0465-44AC-A4CC-9920546DB15E}
    2011-05-29 09:29:42 -------- d-----w- C:\Users\Anvin\AppData\Local\{94B8CDF5-0EEF-4C5F-8BF4-0D85588F3A3B}
    2011-05-28 23:01:11 -------- d-----w- C:\Users\Anvin\AppData\Local\{83B667C9-9FFB-42FE-9E1F-CC404ABD4D58}
    2011-05-28 16:10:13 -------- d-----w- C:\Users\Anvin\AppData\Local\{3EACAFAD-6855-48A7-BF45-46BAA85F3D60}
    2011-05-28 08:33:29 -------- d-----w- C:\Users\Anvin\AppData\Local\{EC9C4792-E099-4C75-AA85-DE1BABF186AA}
    2011-05-27 07:43:22 -------- d-----w- C:\Users\Anvin\AppData\Local\{86B52CEC-1E81-4AA6-817B-D63E96022CC4}
    2011-05-27 05:43:41 -------- d-----w- C:\Users\Anvin\AppData\Local\{DFED1B57-7CD9-4822-9B63-56A02D21A5FC}
    2011-05-26 09:10:14 -------- d-----w- C:\Users\Anvin\AppData\Local\{011F6851-86BF-4A48-99AD-CA10037B472C}
    2011-05-25 18:31:21 -------- d-----w- C:\Users\Anvin\AppData\Local\{D9466548-804C-472A-9F7A-B5CF9916B1DF}
    2011-05-25 11:22:37 27008 ----a-w- C:\Windows\System32\drivers\Diskdump.sys
    2011-05-25 09:40:20 -------- d-----w- C:\Program Files (x86)\pgfplots
    2011-05-25 09:33:14 -------- d-----w- C:\Users\Anvin\AppData\Roaming\xm1
    2011-05-25 09:31:36 -------- d-----w- C:\Users\Anvin\AppData\Roaming\MiKTeX
    2011-05-25 09:31:31 -------- d-----w- C:\Users\Anvin\AppData\Local\MiKTeX
    2011-05-25 09:27:46 -------- d-----w- C:\ProgramData\MiKTeX
    2011-05-25 09:23:02 -------- d-----w- C:\Program Files (x86)\MiKTeX 2.9
    2011-05-25 09:15:01 -------- d-----w- C:\Program Files (x86)\Texmaker
    2011-05-25 08:23:51 -------- d-----w- C:\Users\Anvin\AppData\Local\{93752E8F-324F-44D9-8D46-268E0BE63ABA}
    2011-05-25 06:19:15 -------- d-----w- C:\Users\Anvin\AppData\Local\{B7A48F27-C2F4-495C-8EC6-3E19BEA83559}
    2011-05-24 09:03:40 -------- d-----w- C:\Users\Anvin\AppData\Local\{FF102298-5052-4976-8542-C4545373D111}
    2011-05-23 08:26:32 -------- d-----w- C:\Users\Anvin\AppData\Local\{A3C95D88-DE33-465D-BA05-591341A45C75}
    2011-05-22 14:22:38 -------- d-----w- C:\Users\Anvin\AppData\Local\{2C06A8FC-5E8A-4DEF-A6F2-D0C5C3849D53}
    2011-05-22 08:56:55 -------- d-----w- C:\Users\Anvin\AppData\Local\{99BD2E07-3860-4DDD-9643-FC670D85B456}
    2011-05-22 00:20:32 -------- d-----w- C:\Users\Anvin\AppData\Local\{05586D4A-B8E7-4C1A-A89C-A52F533666E2}
    2011-05-21 09:11:48 -------- d-----w- C:\Users\Anvin\AppData\Local\{ED911C6C-EEB3-4AE1-83BF-1792074F7055}
    2011-05-20 20:30:59 -------- d-----w- C:\Users\Anvin\AppData\Local\{12010D6E-97C5-4E8E-8F56-117A031A1800}
    2011-05-20 12:26:30 -------- d-----w- C:\Users\Anvin\AppData\Roaming\Liteon
    2011-05-20 08:26:36 -------- d-----w- C:\Users\Anvin\AppData\Local\{F4ADCD40-2907-4D73-AB53-E5623DEA1511}
    2011-05-19 08:17:39 -------- d-----w- C:\Users\Anvin\AppData\Local\{15F3BE0A-07A8-4FD6-862C-312DA1AB4E04}
    2011-05-18 09:36:48 -------- d-----w- C:\Users\Anvin\AppData\Local\{0B0EC558-A439-4F3E-B34E-FCC06381D932}
    2011-05-17 11:01:39 -------- d-----w- C:\Users\Anvin\AppData\Local\{76471166-43FF-4314-8132-CB02D3BD1A67}
    2011-05-16 20:33:46 -------- d-----w- C:\Users\Anvin\AppData\Local\{A79CF36E-AFD8-40CA-84BE-193731B537E1}
    2011-05-16 08:35:59 142336 ----a-w- C:\Windows\System32\poqexec.exe
    2011-05-16 08:35:59 123904 ----a-w- C:\Windows\SysWow64\poqexec.exe
    2011-05-16 08:30:25 -------- d-----w- C:\Users\Anvin\AppData\Local\{861C7274-CF17-4EA7-A003-DE177BF71DB6}
    2011-05-16 08:27:55 69152 ----a-w- C:\Windows\System32\drivers\Lbd.sys
    2011-05-16 08:27:53 49752 ----a-w- C:\Windows\System32\drivers\SBREDrv.sys
    2011-05-16 08:27:01 -------- d-----w- C:\Users\Anvin\AppData\Local\Sunbelt Software
    2011-05-16 08:23:49 -------- d-----w- C:\Program Files (x86)\Lavasoft
    2011-05-16 08:10:41 -------- d-----w- C:\Program Files (x86)\VideoLAN
    2011-05-16 07:58:55 -------- d-----w- C:\Program Files\CCleaner
    2011-05-16 07:51:58 -------- d-----w- C:\ProgramData\Spybot - Search & Destroy
    2011-05-16 07:51:58 -------- d-----w- C:\Program Files (x86)\Spybot - Search & Destroy
    2011-05-16 07:41:51 -------- d-----w- C:\Users\Anvin\AppData\Local\{120BEA23-7D02-42D1-882E-D01010331B8D}
    2011-05-15 15:44:01 -------- d-----w- C:\Users\Anvin\AppData\Local\{489D6944-B3DB-460F-9EF1-25C933360F93}
    2011-05-15 10:30:19 404640 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
    2011-05-15 01:13:47 -------- d-----w- C:\Users\Anvin\AppData\Local\{21382081-A26C-4FC2-B6C9-C1D5423EB93E}
    2011-05-14 17:15:49 -------- d-----w- C:\Users\Anvin\AppData\Local\{854BE4EF-26CF-42EA-B84E-0A65B447F5AC}
    2011-05-14 09:16:36 -------- d-----w- C:\Users\Anvin\AppData\Local\{93DA425E-20EC-494A-BC3B-38927E053D49}
    2011-05-13 22:29:58 -------- d-----w- C:\Users\Anvin\AppData\Local\{BE0448C1-9E21-430E-BCAC-74A7C607ED18}
    2011-05-13 14:59:10 -------- d-----w- C:\Users\Anvin\AppData\Local\{A37216B7-F330-4E12-9913-ED4BF0604B68}
    2011-05-13 11:31:08 -------- d-----w- C:\Users\Anvin\AppData\Local\{DBF01617-8C56-427F-8EB1-8F567CFA8272}
    2011-05-12 06:48:38 -------- d-----w- C:\Users\Anvin\AppData\Local\{C4EE541B-08A0-47DB-AD25-BCCEF8C5B535}
    2011-05-11 22:09:26 5509504 ----a-w- C:\Windows\System32\ntoskrnl.exe
    2011-05-11 22:09:22 3957632 ----a-w- C:\Windows\SysWow64\ntkrnlpa.exe
    2011-05-11 22:09:22 3901824 ----a-w- C:\Windows\SysWow64\ntoskrnl.exe
    2011-05-11 22:07:55 52224 ----a-w- C:\Windows\System32\drivers\usbehci.sys
    2011-05-11 22:07:55 324608 ----a-w- C:\Windows\System32\drivers\usbport.sys
    2011-05-11 22:07:54 99328 ----a-w- C:\Windows\System32\drivers\usbccgp.sys
    2011-05-11 22:07:54 7936 ----a-w- C:\Windows\System32\drivers\usbd.sys
    2011-05-11 22:07:54 343040 ----a-w- C:\Windows\System32\drivers\usbhub.sys
    2011-05-11 22:07:54 30720 ----a-w- C:\Windows\System32\drivers\usbuhci.sys
    2011-05-11 22:07:54 25600 ----a-w- C:\Windows\System32\drivers\usbohci.sys
    2011-05-11 21:56:39 -------- d-----w- C:\Users\Anvin\AppData\Local\{F4EDE727-8DF5-482B-8505-60D6F51AFDB5}
    2011-05-11 06:10:34 -------- d-----w- C:\Users\Anvin\AppData\Local\{BFB69EF4-7CEA-45AD-A20F-2D101AE8F544}
    2011-05-11 00:17:07 -------- d-----w- C:\Users\Anvin\AppData\Local\{0240F6B5-A1A8-4C2F-A3A1-FFF3145FFCDE}
    2011-05-09 23:59:18 -------- d-----w- C:\Users\Anvin\AppData\Local\{F03735B0-59AB-4BF0-9E01-5E5030DB9F5F}
    2011-05-09 08:12:28 -------- d-----w- C:\Users\Anvin\AppData\Local\{BB7C660B-B610-4075-82D1-6037478E3718}
    2011-05-08 08:47:07 -------- d-----w- C:\Users\Anvin\AppData\Local\{5FCCA5F0-EF65-45A7-99EC-18179F251CE5}
    2011-05-07 22:27:12 -------- d-----w- C:\Users\Anvin\AppData\Local\{411C4F8B-2BCF-4F83-8408-6D67781433AE}
    2011-05-07 11:31:33 -------- d-----w- C:\Users\Anvin\AppData\Local\{BF56484C-DA3A-4CC5-A518-114A189FBA2A}
    2011-05-07 10:03:15 -------- d-----w- C:\Users\Anvin\AppData\Local\{FF5D8588-1A68-409E-A078-9925B8AE4111}
    2011-05-07 08:12:49 -------- d-----w- C:\Users\Anvin\AppData\Local\{7292327A-E459-4C91-8485-55B94B654A1F}
    .
    ==================== Find3M ====================
    .
    2011-04-09 16:55:44 15453336 ----a-w- C:\Windows\SysWow64\xlive.dll
    2011-04-09 16:55:42 13642904 ----a-w- C:\Windows\SysWow64\xlivefnt.dll
    2011-03-28 09:13:31 254528 ----a-w- C:\Windows\System32\drivers\dtsoftbus01.sys
    2011-03-12 12:03:46 662528 ----a-w- C:\Windows\System32\XpsPrint.dll
    2011-03-12 11:31:58 442880 ----a-w- C:\Windows\SysWow64\XpsPrint.dll
    2011-03-11 06:23:13 187264 ----a-w- C:\Windows\System32\drivers\storport.sys
    2011-03-11 06:23:06 166272 ----a-w- C:\Windows\System32\drivers\nvstor.sys
    2011-03-11 06:23:06 1657216 ----a-w- C:\Windows\System32\drivers\ntfs.sys
    2011-03-11 06:23:06 148352 ----a-w- C:\Windows\System32\drivers\nvraid.sys
    2011-03-11 06:23:00 410496 ----a-w- C:\Windows\System32\drivers\iaStorV.sys
    2011-03-11 06:22:41 107904 ----a-w- C:\Windows\System32\drivers\amdsata.sys
    2011-03-11 06:22:40 27008 ----a-w- C:\Windows\System32\drivers\amdxata.sys
    2011-03-11 06:19:26 1395712 ----a-w- C:\Windows\System32\mfc42.dll
    2011-03-11 06:19:26 1359872 ----a-w- C:\Windows\System32\mfc42u.dll
    2011-03-11 06:18:20 2566144 ----a-w- C:\Windows\System32\esent.dll
    2011-03-11 06:15:54 96768 ----a-w- C:\Windows\System32\fsutil.exe
    2011-03-11 05:40:24 1164288 ----a-w- C:\Windows\SysWow64\mfc42u.dll
    2011-03-11 05:40:24 1137664 ----a-w- C:\Windows\SysWow64\mfc42.dll
    2011-03-11 05:39:35 1686016 ----a-w- C:\Windows\SysWow64\esent.dll
    2011-03-11 05:37:34 74240 ----a-w- C:\Windows\SysWow64\fsutil.exe
    2011-03-08 06:14:30 976896 ----a-w- C:\Windows\System32\inetcomm.dll
    2011-03-08 05:38:13 740864 ----a-w- C:\Windows\SysWow64\inetcomm.dll
    .
    ============= FINISH: 11:07:49,87 ===============
    6 Juin 2011 21:43:50

    Bonsoir


    Supprime/Désinstalle tous les programmes utilisés pour la désinfection.
    (mais garde Malwarebytes' Anti-Malware pour faire des scan réguliers (en n'omettant pas de le mettre à jour)

    Merci de consulter ce dossier (en pdf) pour en connaître davantage sur les risques du Net.



    Si tu trouves ce document intéressant, n'hésite pas à le transmettre à tes contacts.

    Si tu en as assez d'être assailli de publicités durant ta navigation, installe Firefox sécurisé avec les extensions noscript et AdBlock Plus.

    Lire aussi:
  • Antispyware gratuit : ça sert à rien!


    ~Clique, sur ton premier message, sur le bouton "Editer" et marque [résolu] dans le titre.

    Clique ensuite sur "Valider votre message"

    Si ton nom de session correspond à ton véritable nom, tu as la possibilité de le changer en éditant tes posts.

    :hello: 

    +++
    7 Juin 2011 11:13:47

    Merci pour tout! :) 
    8 Juin 2011 10:06:08

    de rien
    Bon surf
    :hello: 
    Tom's guide dans le monde
    • Allemagne
    • Italie
    • Irlande
    • Royaume Uni
    • Etats Unis
    Suivre Tom's Guide
    Inscrivez-vous à la Newsletter
    • ajouter à twitter
    • ajouter à facebook
    • ajouter un flux RSS