Se connecter / S'enregistrer
Votre question

[résolu] Infected.WebPage.Gen : trojan ?

Tags :
  • Sécurité
Dernière réponse : dans Sécurité et virus
8 Janvier 2009 20:34:13

Bonsoir à tous !

Depuis 3 jours, lorsque j'ouvre Firefox, un message d'alerte d'Antivir s'ouvre systématiquement (image ci-dessous) :




je ne sais pas si ça a un rapport, mais ma souris fonctionne mal depuis...

c'est grave docteur ? quelqu'un peut-il m'aider ?

merci d'avance !

Autres pages sur : resolu infected webpage gen trojan

8 Janvier 2009 21:21:38

merci de m'aider !

le hijackthis :

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 21:23:22, on 08/01/2009
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.5730.0013)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe
C:\Program Files\Java\jre6\bin\jqs.exe
D:\xampplite\mysql\bin\mysqld-nt.exe
C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe
C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcIp.exe
C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcLog.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcAppFlt.exe
C:\Program Files\Canon\CAL\CALMAIN.exe
C:\WINDOWS\System32\wbem\wmiapsrv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nTrayFw.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\WINDOWS\V0410Mon.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\Program Files\Search Settings\SearchSettings.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Program Files\Creative\Creative Live! Cam\Live! Cam Manager\CTLCMgr.exe
C:\Program Files\DNA\btdna.exe
C:\Program Files\Adobe\Acrobat 5.0\Distillr\AcroTray.exe
C:\Program Files\Samsung\Digimax Viewer 2.0\STImgBrowser.exe
C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\HP\Digital Imaging\bin\hpqimzone.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files\MSN Messenger\usnsvc.exe
C:\Program Files\Macromedia\Dreamweaver 8\Dreamweaver.exe
C:\Program Files\Winamp\winamp.exe
C:\Program Files\Adobe\Adobe Photoshop CS2\Photoshop.exe
C:\DOCUME~1\Maya\LOCALS~1\Temp\Adobelm_Cleanup.0001
C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
C:\DOCUME~1\Maya\LOCALS~1\Temp\Adobelm_Cleanup.0001
C:\PROGRA~1\MOZILL~1\FIREFOX.EXE
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://r.office.microsoft.com/r/rlidOfficeUpdate?clid=1...
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: SearchSettings Class - {E312764E-7706-43F1-8DAB-FCDD2B1E416D} - C:\Program Files\Search Settings\kb127\SearchSettings.dll
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: DealioBHO Class - {6A87B991-A31F-4130-AE72-6D0C294BF082} - C:\Program Files\Dealio\kb127\Dealio.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\3.1.807.1746\swg.dll
O2 - BHO: PDFCreator Toolbar Helper - {C451C08A-EC37-45DF-AAAD-18B51AB5E837} - C:\Program Files\PDFCreator Toolbar\v3.3.0.1\PDFCreator_Toolbar.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: SearchSettings Class - {E312764E-7706-43F1-8DAB-FCDD2B1E416D} - C:\Program Files\Search Settings\kb127\SearchSettings.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: Dealio - {E67C74F4-A00A-4F2C-9FEC-FD9DC004A67F} - C:\Program Files\Dealio\kb127\Dealio.dll
O3 - Toolbar: PDFCreator Toolbar - {31CF9EBE-5755-4A1D-AC25-2834D952D9B4} - C:\Program Files\PDFCreator Toolbar\v3.3.0.1\PDFCreator_Toolbar.dll
O4 - HKLM\..\Run: [nTrayFw] C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nTrayFw.exe
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\System32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [WinampAgent] "C:\Program Files\Winamp\winampa.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [V0410Mon.exe] C:\WINDOWS\V0410Mon.exe
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKLM\..\Run: [au] C:\Program Files\Dealio\DealioAU.exe
O4 - HKLM\..\Run: [SearchSettings] C:\Program Files\Search Settings\SearchSettings.exe
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [Creative Live! Cam Manager] "C:\Program Files\Creative\Creative Live! Cam\Live! Cam Manager\CTLCMgr.exe"
O4 - HKCU\..\Run: [BitTorrent DNA] "C:\Program Files\DNA\btdna.exe"
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Startup: Widget SFR.lnk = C:\Program Files\SFRWidget\WidgetSFR.exe
O4 - Global Startup: Acrobat Assistant.lnk = C:\Program Files\Adobe\Acrobat 5.0\Distillr\AcroTray.exe
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Digimax Viewer 2.0.lnk = ?
O4 - Global Startup: DSLMON.lnk = C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe
O4 - Global Startup: Démarrage rapide du logiciel HP Image Zone.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: SATARAID5.lnk = ?
O8 - Extra context menu item: Compare Prices with &Dealio - C:\Documents and Settings\Maya\Application Data\Dealio\kb127\res\DealioSearch.html
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: Dealio - {E908B145-C847-4e85-B315-07E2E70DECF8} - C:\Program Files\Dealio\kb127\Dealio.dll
O9 - Extra 'Tools' menuitem: Dealio - {E908B145-C847-4e85-B315-07E2E70DECF8} - C:\Program Files\Dealio\kb127\Dealio.dll
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx1.hotmail.com/mail/w2/resources/MSNPUpld.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/fl...
O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} (Creative Software AutoUpdate Support Package) - http://www.creative.com/su2/CTL_V02002/ocx/15034/CTPID....
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL
O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Avira AntiVir Personal – Free Antivirus Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: Avira AntiVir Personal – Free Antivirus Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: Apache2.2 - Unknown owner - D:\02_data\01_travail_\Joomla !\Installation\xampplite\apache\bin\apache.exe (file missing)
O23 - Service: app_filter - Unknown owner - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcAppFlt.exe
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: Canon Camera Access Library 8 (CCALib8) - Canon Inc. - C:\Program Files\Canon\CAL\CALMAIN.exe
O23 - Service: Forceware Web Interface (ForcewareWebInterface) - Apache Software Foundation - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: mysql - Unknown owner - D:\xampplite\mysql\bin\mysqld-nt.exe
O23 - Service: ForceWare IP service (nSvcIp) - Unknown owner - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcIp.exe
O23 - Service: ForceWare user log service (nSvcLog) - Unknown owner - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcLog.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\System32\HPZipm12.exe

--
End of file - 12354 bytes
Contenus similaires
8 Janvier 2009 23:34:21

Re,

*Télécharge LOP S&D (merci Eric71) : http://eric.71.mespages.googlepages.com/lop.sd.exe
-Double-clique dessus pour lancer l' installation, puis sur le raccourci Lop S&D présent sur ton Bureau.
-Sélectionne la langue souhaitée et choisis l' option 1 (Recherche).
-Patiente jusqu' à la fin du scan.
-Poste le rapport généré (situé également ici : C:\lopR.txt).
9 Janvier 2009 17:53:32

Ok, le rapport LOP SD :


--------------------\\ Lop S&D 4.2.5-0 XP/Vista

Microsoft Windows XP Professionnel ( v5.1.2600 ) Service Pack 2
X86-based PC ( Uniprocessor Free : AMD Athlon(tm) 64 Processor 3500+ )
BIOS : Phoenix - Award BIOS v6.00PG
USER : Maya ( Administrator )
BOOT : Normal boot
Antivirus : Avira AntiVir PersonalEdition 8.0.1.30 (Activated)
Firewall : NVIDIA Firewall 1.0 (Not Activated)
A:\ (USB)
C:\ (Local Disk) - NTFS - Total:34 Go (Free:23 Go)
D:\ (Local Disk) - NTFS - Total:186 Go (Free:150 Go)
E:\ (Local Disk) - NTFS - Total:111 Go (Free:26 Go)
F:\ (CD or DVD) - CDFS - Total:0 Go (Free:0 Go)
I:\ (Local Disk) - FAT32 - Total:465 Go (Free:227 Go)

"C:\Lop SD" ( MAJ : 19-12-2008|23:40 )
Option : [1] ( 09/01/2009|17:51 )

--------------------\\ Listing des dossiers dans APPLIC~1

[28/12/2008|21:04] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe
[24/01/2008|20:42] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe Systems
[03/02/2008|15:39] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple
[03/02/2008|15:39] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple Computer
[22/05/2008|18:44] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Avira
[26/01/2008|09:36] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Creative
[25/01/2008|19:11] C:\DOCUME~1\ALLUSE~1\APPLIC~1\DVD Shrink
[24/01/2008|23:47] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Google
[24/01/2008|20:03] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Grisoft
[24/01/2008|19:44] C:\DOCUME~1\ALLUSE~1\APPLIC~1\HP
[27/11/2008|19:58] C:\DOCUME~1\ALLUSE~1\APPLIC~1\HP Product Assistant
[22/05/2008|18:44] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Kaspersky Lab
[27/07/2008|07:51] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Lavasoft
[24/01/2008|20:46] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Macromedia
[25/01/2008|19:17] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Messenger Plus!
[25/01/2008|18:58] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft
[26/01/2008|00:16] C:\DOCUME~1\ALLUSE~1\APPLIC~1\muvee Technologies
[24/01/2008|20:57] C:\DOCUME~1\ALLUSE~1\APPLIC~1\nView_Profiles
[24/01/2008|23:47] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Skype
[24/01/2008|19:41] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Sonic
[09/01/2009|17:43] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Spybot - Search & Destroy
[25/02/2008|10:38] C:\DOCUME~1\ALLUSE~1\APPLIC~1\TEMP
[28/12/2008|14:54] C:\DOCUME~1\ALLUSE~1\APPLIC~1\ZoomBrowser

[24/01/2008|17:28] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft

[24/01/2008|17:28] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft

[19/02/2008|12:19] C:\DOCUME~1\Maya\APPLIC~1\ACD Systems
[28/12/2008|21:04] C:\DOCUME~1\Maya\APPLIC~1\Adobe
[12/06/2008|18:29] C:\DOCUME~1\Maya\APPLIC~1\Apple Computer
[02/01/2009|17:39] C:\DOCUME~1\Maya\APPLIC~1\BitTorrent
[28/12/2008|16:13] C:\DOCUME~1\Maya\APPLIC~1\Canon
[31/01/2008|10:58] C:\DOCUME~1\Maya\APPLIC~1\Creative
[24/09/2008|18:48] C:\DOCUME~1\Maya\APPLIC~1\Dealio
[09/01/2009|17:43] C:\DOCUME~1\Maya\APPLIC~1\DNA
[25/01/2008|00:40] C:\DOCUME~1\Maya\APPLIC~1\Google
[24/01/2008|20:03] C:\DOCUME~1\Maya\APPLIC~1\Grisoft
[24/01/2008|20:03] C:\DOCUME~1\Maya\APPLIC~1\HP
[24/01/2008|17:38] C:\DOCUME~1\Maya\APPLIC~1\Identities
[26/01/2008|00:13] C:\DOCUME~1\Maya\APPLIC~1\InstallShield
[26/12/2008|13:13] C:\DOCUME~1\Maya\APPLIC~1\InterTrust
[02/02/2008|11:20] C:\DOCUME~1\Maya\APPLIC~1\ma-config.com
[24/01/2008|20:21] C:\DOCUME~1\Maya\APPLIC~1\Macromedia
[24/09/2008|20:07] C:\DOCUME~1\Maya\APPLIC~1\Microsoft
[03/07/2008|22:50] C:\DOCUME~1\Maya\APPLIC~1\Mozilla
[08/02/2008|11:38] C:\DOCUME~1\Maya\APPLIC~1\muvee Technologies
[12/02/2008|16:56] C:\DOCUME~1\Maya\APPLIC~1\Opera
[27/01/2008|09:51] C:\DOCUME~1\Maya\APPLIC~1\Real
[02/02/2008|18:34] C:\DOCUME~1\Maya\APPLIC~1\Reallusion
[14/06/2008|15:38] C:\DOCUME~1\Maya\APPLIC~1\Search Settings
[27/12/2008|20:59] C:\DOCUME~1\Maya\APPLIC~1\Skype
[27/12/2008|20:27] C:\DOCUME~1\Maya\APPLIC~1\skypePM
[24/01/2008|18:03] C:\DOCUME~1\Maya\APPLIC~1\Sun
[02/02/2008|18:34] C:\DOCUME~1\Maya\APPLIC~1\tmp
[02/09/2008|19:32] C:\DOCUME~1\Maya\APPLIC~1\vlc
[27/01/2008|23:41] C:\DOCUME~1\Maya\APPLIC~1\Winamp
[07/01/2009|23:00] C:\DOCUME~1\Maya\APPLIC~1\ZoomBrowser EX

[24/01/2008|17:28] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft

--------------------\\ Tâches planifiées dans C:\WINDOWS\tasks

[03/02/2008 15:39][--a------] C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[25/01/2008 16:00][--a------] C:\WINDOWS\tasks\HPpromotions journeysoftware.job
[25/01/2008 19:13][--ah-----] C:\WINDOWS\tasks\SA.DAT
[07/09/2002 01:00][-r-h-----] C:\WINDOWS\tasks\desktop.ini

--------------------\\ Listing des dossiers dans C:\Program Files

[25/01/2008|18:55] C:\Program Files\ACE Mega CoDecS Pack
[26/12/2008|13:14] C:\Program Files\Adobe
[11/10/2008|18:10] C:\Program Files\adslTV
[26/01/2008|11:39] C:\Program Files\Ahead
[24/01/2008|18:04] C:\Program Files\AMD
[03/02/2008|15:39] C:\Program Files\Apple Software Update
[24/01/2008|20:51] C:\Program Files\ASUSTeK
[22/05/2008|18:44] C:\Program Files\Avira
[24/01/2008|17:57] C:\Program Files\AvRack
[27/01/2008|18:57] C:\Program Files\BitTorrent
[28/02/2008|09:50] C:\Program Files\Bradbury
[28/12/2008|14:55] C:\Program Files\Canon
[07/02/2008|12:07] C:\Program Files\Color Schemer Studio
[24/01/2008|17:26] C:\Program Files\ComPlus Applications
[03/02/2008|15:40] C:\Program Files\CopyRightLeft
[03/02/2008|12:37] C:\Program Files\Creative
[14/06/2008|15:07] C:\Program Files\Dealio
[09/01/2009|17:43] C:\Program Files\DNA
[25/01/2008|19:08] C:\Program Files\DVD Shrink
[28/12/2008|14:42] C:\Program Files\Fichiers communs
[25/01/2008|01:42] C:\Program Files\FileZilla
[23/09/2008|19:32] C:\Program Files\Free
[14/06/2008|15:06] C:\Program Files\Free Audio Pack
[23/09/2008|19:33] C:\Program Files\FreeDial
[24/01/2008|23:47] C:\Program Files\Google
[24/01/2008|20:03] C:\Program Files\Grisoft
[25/08/2008|21:13] C:\Program Files\HP
[24/09/2008|18:39] C:\Program Files\InstallShield Installation Information
[25/01/2008|18:08] C:\Program Files\Internet Explorer
[08/01/2009|19:20] C:\Program Files\Java
[25/02/2008|11:49] C:\Program Files\JMBerthier
[24/01/2008|18:08] C:\Program Files\Kaspersky Lab
[27/07/2008|07:52] C:\Program Files\Lavasoft
[02/02/2008|11:07] C:\Program Files\ma-config.com
[24/01/2008|20:46] C:\Program Files\Macromedia
[24/01/2008|17:57] C:\Program Files\Marvell
[25/01/2008|19:13] C:\Program Files\Messenger
[06/12/2008|10:22] C:\Program Files\Messenger Plus! Live
[24/01/2008|17:29] C:\Program Files\microsoft frontpage
[24/01/2008|18:49] C:\Program Files\Microsoft Office
[27/09/2008|18:50] C:\Program Files\Microsoft Silverlight
[25/01/2008|17:39] C:\Program Files\Movie Maker
[09/01/2009|17:44] C:\Program Files\Mozilla Firefox
[24/01/2008|17:26] C:\Program Files\MSN Gaming Zone
[06/12/2008|10:22] C:\Program Files\MSN Messenger
[26/01/2008|00:17] C:\Program Files\muvee Technologies
[25/01/2008|17:35] C:\Program Files\NetMeeting
[24/01/2008|17:51] C:\Program Files\NVIDIA Corporation
[25/01/2008|17:35] C:\Program Files\Outlook Express
[12/10/2008|19:28] C:\Program Files\PDFCreator
[12/10/2008|19:28] C:\Program Files\PDFCreator Toolbar
[23/08/2008|20:05] C:\Program Files\Polar
[03/02/2008|15:40] C:\Program Files\QuickTime
[24/01/2008|17:57] C:\Program Files\Realtek Sound Manager
[24/09/2008|18:39] C:\Program Files\SAGEM
[03/02/2008|18:52] C:\Program Files\Samsung
[14/06/2008|15:07] C:\Program Files\Search Settings
[24/01/2008|20:08] C:\Program Files\Services en ligne
[10/10/2008|17:42] C:\Program Files\SFRWidget
[26/01/2008|00:15] C:\Program Files\SightSpeed
[24/01/2008|18:02] C:\Program Files\Silicon Image
[24/01/2008|23:47] C:\Program Files\Skype
[09/01/2009|17:42] C:\Program Files\Spybot - Search & Destroy
[24/03/2008|20:25] C:\Program Files\StuffPlug3
[08/01/2009|21:22] C:\Program Files\Trend Micro
[24/01/2008|17:38] C:\Program Files\Uninstall Information
[24/01/2008|20:58] C:\Program Files\Western Digital Technologies
[27/01/2008|23:27] C:\Program Files\Winamp
[25/01/2008|19:16] C:\Program Files\Windows Live
[25/02/2008|10:37] C:\Program Files\Windows Media Player
[25/01/2008|17:35] C:\Program Files\Windows NT
[24/01/2008|17:26] C:\Program Files\WindowsUpdate
[24/01/2008|20:36] C:\Program Files\WinRAR
[24/01/2008|17:29] C:\Program Files\xerox
[25/01/2008|19:12] C:\Program Files\xp-AntiSpy

--------------------\\ Listing des dossiers dans C:\Program Files\Fichiers communs

[28/02/2008|11:35] C:\Program Files\Fichiers communs\ACD Systems
[26/12/2008|13:14] C:\Program Files\Fichiers communs\Adobe
[24/01/2008|20:15] C:\Program Files\Fichiers communs\Adobe Systems Shared
[26/01/2008|11:39] C:\Program Files\Fichiers communs\Ahead
[28/12/2008|14:42] C:\Program Files\Fichiers communs\Canon
[26/01/2008|00:13] C:\Program Files\Fichiers communs\Creative
[24/01/2008|18:49] C:\Program Files\Fichiers communs\DESIGNER
[24/01/2008|19:37] C:\Program Files\Fichiers communs\Hewlett-Packard
[24/01/2008|19:41] C:\Program Files\Fichiers communs\HP
[24/01/2008|17:57] C:\Program Files\Fichiers communs\InstallShield
[24/01/2008|18:03] C:\Program Files\Fichiers communs\Java
[24/01/2008|20:46] C:\Program Files\Fichiers communs\Macromedia
[26/01/2008|00:17] C:\Program Files\Fichiers communs\Microsoft Shared
[24/01/2008|17:27] C:\Program Files\Fichiers communs\MSSoap
[03/02/2008|12:39] C:\Program Files\Fichiers communs\muvee Technologies
[24/01/2008|17:19] C:\Program Files\Fichiers communs\ODBC
[26/01/2008|00:14] C:\Program Files\Fichiers communs\Reallusion
[24/01/2008|17:27] C:\Program Files\Fichiers communs\Services
[24/01/2008|23:47] C:\Program Files\Fichiers communs\Skype
[24/01/2008|19:41] C:\Program Files\Fichiers communs\Sonic Shared
[24/01/2008|17:19] C:\Program Files\Fichiers communs\SpeechEngines
[25/01/2008|17:35] C:\Program Files\Fichiers communs\System
[27/07/2008|07:51] C:\Program Files\Fichiers communs\Wise Installation Wizard

--------------------\\ Process

( 59 Processes )

... OK !

--------------------\\ Recherche avec S_Lop

Aucun fichier / dossier Lop trouvé !

--------------------\\ Recherche de Fichiers / Dossiers Lop

C:\DOCUME~1\Maya\LOCALS~1\Temp\msgpl_d24f.tmp
C:\DOCUME~1\Maya\LOCALS~1\Temp\nsc253.tmp
C:\DOCUME~1\Maya\LOCALS~1\Temp\nsf104.tmp
C:\DOCUME~1\Maya\LOCALS~1\Temp\nshF5.tmp
C:\DOCUME~1\Maya\LOCALS~1\Temp\nsrF1.tmp
C:\DOCUME~1\Maya\LOCALS~1\Temp\nstE0.tmp
C:\DOCUME~1\Maya\LOCALS~1\Temp\nsu100.tmp
C:\DOCUME~1\Maya\LOCALS~1\Temp\nswE7.tmp
C:\DOCUME~1\Maya\LOCALS~1\Temp\nsxEB.tmp
C:\DOCUME~1\Maya\Cookies\maya@advertstream[1].txt
C:\DOCUME~1\Maya\Cookies\maya@advertstream[2].txt

--------------------\\ Verification du Registre

..... OK !

--------------------\\ Verification du fichier Hosts

Fichier Hosts PROPRE


--------------------\\ Recherche de fichiers avec Catchme

catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-01-09 17:52:12
Windows 5.1.2600 Service Pack 2 NTFS
scanning hidden processes ...
scanning hidden files ...
scan completed successfully
hidden processes: 0
hidden files: 0

--------------------\\ Recherche d'autres infections

--------------------\\ Cracks & Keygens ..

C:\DOCUME~1\Maya\Application Data\BitTorrent\ACDSee_v9+keygen.torrent
C:\DOCUME~1\Maya\Application Data\BitTorrent\Les.Sims.2.-.Fr.-.4CD.-.Serial.+.Crack.torrent
C:\DOCUME~1\Maya\Application Data\BitTorrent\Need.For.Speed.Most.Wanted.[ENG]PC.DVD[.ISO].[.NFO].Keygen & Crack.torrent


[F:2467][D:246]-> C:\DOCUME~1\Maya\LOCALS~1\Temp
[F:441][D:0]-> C:\DOCUME~1\Maya\Cookies
[F:24424][D:17]-> C:\DOCUME~1\Maya\LOCALS~1\TEMPOR~1\content.IE5

1 - "C:\Lop SD\LopR_1.txt" - 09/01/2009|17:54 - Option : [1]

--------------------\\ Fin du rapport a 17:54:02
10 Janvier 2009 01:47:53

Bonsoir ripley_69,

* Double-clique sur le raccourci LOP S&D et choisis l' option 3. Cela va supprimer l' infection.
* A la fin de celle-ci, une recherche sera re-lancée.
* Le bloc-note s' ouvre. Poste son contenu dans ta prochaine réponse.

A+ tard et meilleurs voeux;).
10 Janvier 2009 11:13:14

ok, merci meilleurs voeux à toi aussi pour 2009 (et plein de désinfections à faire lollll)

rapport LOP S&D :


--------------------\\ Lop S&D 4.2.5-0 XP/Vista

Microsoft Windows XP Professionnel ( v5.1.2600 ) Service Pack 2
X86-based PC ( Uniprocessor Free : AMD Athlon(tm) 64 Processor 3500+ )
BIOS : Phoenix - Award BIOS v6.00PG
USER : Maya ( Administrator )
BOOT : Normal boot
Antivirus : Avira AntiVir PersonalEdition 8.0.1.30 (Activated)
Firewall : NVIDIA Firewall 1.0 (Not Activated)
A:\ (USB)
C:\ (Local Disk) - NTFS - Total:34 Go (Free:23 Go)
D:\ (Local Disk) - NTFS - Total:186 Go (Free:150 Go)
E:\ (Local Disk) - NTFS - Total:111 Go (Free:30 Go)
F:\ (CD or DVD) - CDFS - Total:0 Go (Free:0 Go)
I:\ (Local Disk) - FAT32 - Total:465 Go (Free:228 Go)

"C:\Lop SD" ( MAJ : 19-12-2008|23:40 )
Option : [3] ( 10/01/2009|11:10 )


\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\ SUPPRESSION

Supprime! - C:\DOCUME~1\Maya\LOCALS~1\Temp\msgpl_d24f.tmp
Supprime! - C:\DOCUME~1\Maya\LOCALS~1\Temp\nsc253.tmp
Supprime! - C:\DOCUME~1\Maya\LOCALS~1\Temp\nsf104.tmp
Supprime! - C:\DOCUME~1\Maya\LOCALS~1\Temp\nshF5.tmp
Supprime! - C:\DOCUME~1\Maya\LOCALS~1\Temp\nsrF1.tmp
Supprime! - C:\DOCUME~1\Maya\LOCALS~1\Temp\nstE0.tmp
Supprime! - C:\DOCUME~1\Maya\LOCALS~1\Temp\nsu100.tmp
Supprime! - C:\DOCUME~1\Maya\LOCALS~1\Temp\nswE7.tmp
Supprime! - C:\DOCUME~1\Maya\LOCALS~1\Temp\nsxEB.tmp
Supprime! - C:\DOCUME~1\Maya\Cookies\maya@advertstream[1].txt
Supprime! - C:\DOCUME~1\Maya\Cookies\maya@advertstream[2].txt

\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\


--------------------\\ Listing des dossiers dans APPLIC~1

[28/12/2008|21:04] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe
[24/01/2008|20:42] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe Systems
[03/02/2008|15:39] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple
[03/02/2008|15:39] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple Computer
[22/05/2008|18:44] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Avira
[26/01/2008|09:36] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Creative
[25/01/2008|19:11] C:\DOCUME~1\ALLUSE~1\APPLIC~1\DVD Shrink
[24/01/2008|23:47] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Google
[24/01/2008|20:03] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Grisoft
[24/01/2008|19:44] C:\DOCUME~1\ALLUSE~1\APPLIC~1\HP
[27/11/2008|19:58] C:\DOCUME~1\ALLUSE~1\APPLIC~1\HP Product Assistant
[22/05/2008|18:44] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Kaspersky Lab
[27/07/2008|07:51] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Lavasoft
[24/01/2008|20:46] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Macromedia
[25/01/2008|19:17] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Messenger Plus!
[25/01/2008|18:58] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft
[26/01/2008|00:16] C:\DOCUME~1\ALLUSE~1\APPLIC~1\muvee Technologies
[24/01/2008|20:57] C:\DOCUME~1\ALLUSE~1\APPLIC~1\nView_Profiles
[24/01/2008|23:47] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Skype
[24/01/2008|19:41] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Sonic
[09/01/2009|17:43] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Spybot - Search & Destroy
[25/02/2008|10:38] C:\DOCUME~1\ALLUSE~1\APPLIC~1\TEMP
[28/12/2008|14:54] C:\DOCUME~1\ALLUSE~1\APPLIC~1\ZoomBrowser

[24/01/2008|17:28] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft

[24/01/2008|17:28] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft

[19/02/2008|12:19] C:\DOCUME~1\Maya\APPLIC~1\ACD Systems
[28/12/2008|21:04] C:\DOCUME~1\Maya\APPLIC~1\Adobe
[12/06/2008|18:29] C:\DOCUME~1\Maya\APPLIC~1\Apple Computer
[10/01/2009|11:09] C:\DOCUME~1\Maya\APPLIC~1\BitTorrent
[28/12/2008|16:13] C:\DOCUME~1\Maya\APPLIC~1\Canon
[31/01/2008|10:58] C:\DOCUME~1\Maya\APPLIC~1\Creative
[24/09/2008|18:48] C:\DOCUME~1\Maya\APPLIC~1\Dealio
[10/01/2009|11:02] C:\DOCUME~1\Maya\APPLIC~1\DNA
[25/01/2008|00:40] C:\DOCUME~1\Maya\APPLIC~1\Google
[24/01/2008|20:03] C:\DOCUME~1\Maya\APPLIC~1\Grisoft
[24/01/2008|20:03] C:\DOCUME~1\Maya\APPLIC~1\HP
[24/01/2008|17:38] C:\DOCUME~1\Maya\APPLIC~1\Identities
[26/01/2008|00:13] C:\DOCUME~1\Maya\APPLIC~1\InstallShield
[02/02/2008|11:20] C:\DOCUME~1\Maya\APPLIC~1\ma-config.com
[24/01/2008|20:21] C:\DOCUME~1\Maya\APPLIC~1\Macromedia
[24/09/2008|20:07] C:\DOCUME~1\Maya\APPLIC~1\Microsoft
[03/07/2008|22:50] C:\DOCUME~1\Maya\APPLIC~1\Mozilla
[08/02/2008|11:38] C:\DOCUME~1\Maya\APPLIC~1\muvee Technologies
[12/02/2008|16:56] C:\DOCUME~1\Maya\APPLIC~1\Opera
[27/01/2008|09:51] C:\DOCUME~1\Maya\APPLIC~1\Real
[02/02/2008|18:34] C:\DOCUME~1\Maya\APPLIC~1\Reallusion
[14/06/2008|15:38] C:\DOCUME~1\Maya\APPLIC~1\Search Settings
[27/12/2008|20:59] C:\DOCUME~1\Maya\APPLIC~1\Skype
[27/12/2008|20:27] C:\DOCUME~1\Maya\APPLIC~1\skypePM
[24/01/2008|18:03] C:\DOCUME~1\Maya\APPLIC~1\Sun
[02/02/2008|18:34] C:\DOCUME~1\Maya\APPLIC~1\tmp
[02/09/2008|19:32] C:\DOCUME~1\Maya\APPLIC~1\vlc
[27/01/2008|23:41] C:\DOCUME~1\Maya\APPLIC~1\Winamp
[07/01/2009|23:00] C:\DOCUME~1\Maya\APPLIC~1\ZoomBrowser EX

[24/01/2008|17:28] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft

--------------------\\ Tâches planifiées dans C:\WINDOWS\tasks

[03/02/2008 15:39][--a------] C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[25/01/2008 16:00][--a------] C:\WINDOWS\tasks\HPpromotions journeysoftware.job
[25/01/2008 19:13][--ah-----] C:\WINDOWS\tasks\SA.DAT
[07/09/2002 01:00][-r-h-----] C:\WINDOWS\tasks\desktop.ini

--------------------\\ Listing des dossiers dans C:\Program Files

[25/01/2008|18:55] C:\Program Files\ACE Mega CoDecS Pack
[26/12/2008|13:14] C:\Program Files\Adobe
[11/10/2008|18:10] C:\Program Files\adslTV
[26/01/2008|11:39] C:\Program Files\Ahead
[24/01/2008|18:04] C:\Program Files\AMD
[03/02/2008|15:39] C:\Program Files\Apple Software Update
[24/01/2008|20:51] C:\Program Files\ASUSTeK
[22/05/2008|18:44] C:\Program Files\Avira
[24/01/2008|17:57] C:\Program Files\AvRack
[27/01/2008|18:57] C:\Program Files\BitTorrent
[28/02/2008|09:50] C:\Program Files\Bradbury
[28/12/2008|14:55] C:\Program Files\Canon
[07/02/2008|12:07] C:\Program Files\Color Schemer Studio
[24/01/2008|17:26] C:\Program Files\ComPlus Applications
[03/02/2008|15:40] C:\Program Files\CopyRightLeft
[03/02/2008|12:37] C:\Program Files\Creative
[14/06/2008|15:07] C:\Program Files\Dealio
[10/01/2009|10:22] C:\Program Files\DNA
[25/01/2008|19:08] C:\Program Files\DVD Shrink
[28/12/2008|14:42] C:\Program Files\Fichiers communs
[25/01/2008|01:42] C:\Program Files\FileZilla
[23/09/2008|19:32] C:\Program Files\Free
[14/06/2008|15:06] C:\Program Files\Free Audio Pack
[23/09/2008|19:33] C:\Program Files\FreeDial
[24/01/2008|23:47] C:\Program Files\Google
[24/01/2008|20:03] C:\Program Files\Grisoft
[25/08/2008|21:13] C:\Program Files\HP
[24/09/2008|18:39] C:\Program Files\InstallShield Installation Information
[25/01/2008|18:08] C:\Program Files\Internet Explorer
[08/01/2009|19:20] C:\Program Files\Java
[25/02/2008|11:49] C:\Program Files\JMBerthier
[24/01/2008|18:08] C:\Program Files\Kaspersky Lab
[27/07/2008|07:52] C:\Program Files\Lavasoft
[02/02/2008|11:07] C:\Program Files\ma-config.com
[24/01/2008|20:46] C:\Program Files\Macromedia
[24/01/2008|17:57] C:\Program Files\Marvell
[25/01/2008|19:13] C:\Program Files\Messenger
[06/12/2008|10:22] C:\Program Files\Messenger Plus! Live
[24/01/2008|17:29] C:\Program Files\microsoft frontpage
[24/01/2008|18:49] C:\Program Files\Microsoft Office
[27/09/2008|18:50] C:\Program Files\Microsoft Silverlight
[25/01/2008|17:39] C:\Program Files\Movie Maker
[10/01/2009|10:24] C:\Program Files\Mozilla Firefox
[24/01/2008|17:26] C:\Program Files\MSN Gaming Zone
[06/12/2008|10:22] C:\Program Files\MSN Messenger
[26/01/2008|00:17] C:\Program Files\muvee Technologies
[25/01/2008|17:35] C:\Program Files\NetMeeting
[24/01/2008|17:51] C:\Program Files\NVIDIA Corporation
[25/01/2008|17:35] C:\Program Files\Outlook Express
[12/10/2008|19:28] C:\Program Files\PDFCreator
[12/10/2008|19:28] C:\Program Files\PDFCreator Toolbar
[23/08/2008|20:05] C:\Program Files\Polar
[03/02/2008|15:40] C:\Program Files\QuickTime
[24/01/2008|17:57] C:\Program Files\Realtek Sound Manager
[24/09/2008|18:39] C:\Program Files\SAGEM
[03/02/2008|18:52] C:\Program Files\Samsung
[14/06/2008|15:07] C:\Program Files\Search Settings
[24/01/2008|20:08] C:\Program Files\Services en ligne
[10/10/2008|17:42] C:\Program Files\SFRWidget
[26/01/2008|00:15] C:\Program Files\SightSpeed
[24/01/2008|18:02] C:\Program Files\Silicon Image
[24/01/2008|23:47] C:\Program Files\Skype
[09/01/2009|17:42] C:\Program Files\Spybot - Search & Destroy
[24/03/2008|20:25] C:\Program Files\StuffPlug3
[08/01/2009|21:22] C:\Program Files\Trend Micro
[24/01/2008|17:38] C:\Program Files\Uninstall Information
[24/01/2008|20:58] C:\Program Files\Western Digital Technologies
[27/01/2008|23:27] C:\Program Files\Winamp
[25/01/2008|19:16] C:\Program Files\Windows Live
[25/02/2008|10:37] C:\Program Files\Windows Media Player
[25/01/2008|17:35] C:\Program Files\Windows NT
[24/01/2008|17:26] C:\Program Files\WindowsUpdate
[24/01/2008|20:36] C:\Program Files\WinRAR
[24/01/2008|17:29] C:\Program Files\xerox
[25/01/2008|19:12] C:\Program Files\xp-AntiSpy

--------------------\\ Listing des dossiers dans C:\Program Files\Fichiers communs

[28/02/2008|11:35] C:\Program Files\Fichiers communs\ACD Systems
[09/01/2009|20:27] C:\Program Files\Fichiers communs\Adobe
[24/01/2008|20:15] C:\Program Files\Fichiers communs\Adobe Systems Shared
[26/01/2008|11:39] C:\Program Files\Fichiers communs\Ahead
[28/12/2008|14:42] C:\Program Files\Fichiers communs\Canon
[26/01/2008|00:13] C:\Program Files\Fichiers communs\Creative
[24/01/2008|18:49] C:\Program Files\Fichiers communs\DESIGNER
[24/01/2008|19:37] C:\Program Files\Fichiers communs\Hewlett-Packard
[24/01/2008|19:41] C:\Program Files\Fichiers communs\HP
[24/01/2008|17:57] C:\Program Files\Fichiers communs\InstallShield
[24/01/2008|18:03] C:\Program Files\Fichiers communs\Java
[24/01/2008|20:46] C:\Program Files\Fichiers communs\Macromedia
[26/01/2008|00:17] C:\Program Files\Fichiers communs\Microsoft Shared
[24/01/2008|17:27] C:\Program Files\Fichiers communs\MSSoap
[03/02/2008|12:39] C:\Program Files\Fichiers communs\muvee Technologies
[24/01/2008|17:19] C:\Program Files\Fichiers communs\ODBC
[26/01/2008|00:14] C:\Program Files\Fichiers communs\Reallusion
[24/01/2008|17:27] C:\Program Files\Fichiers communs\Services
[24/01/2008|23:47] C:\Program Files\Fichiers communs\Skype
[24/01/2008|19:41] C:\Program Files\Fichiers communs\Sonic Shared
[24/01/2008|17:19] C:\Program Files\Fichiers communs\SpeechEngines
[25/01/2008|17:35] C:\Program Files\Fichiers communs\System
[27/07/2008|07:51] C:\Program Files\Fichiers communs\Wise Installation Wizard

--------------------\\ Process

( 58 Processes )

... OK !

--------------------\\ Recherche avec S_Lop

Aucun fichier / dossier Lop trouvé !

--------------------\\ Recherche de Fichiers / Dossiers Lop

Aucun fichier / dossier Lop trouvé !

--------------------\\ Verification du Registre

..... OK !

--------------------\\ Verification du fichier Hosts

Fichier Hosts PROPRE


--------------------\\ Recherche de fichiers avec Catchme

catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-01-10 11:11:38
Windows 5.1.2600 Service Pack 2 NTFS
scanning hidden processes ...
scanning hidden files ...
scan completed successfully
hidden processes: 0
hidden files: 0

--------------------\\ Recherche d'autres infections

--------------------\\ Cracks & Keygens ..

C:\DOCUME~1\Maya\Application Data\BitTorrent\ACDSee_v9+keygen.torrent
C:\DOCUME~1\Maya\Application Data\BitTorrent\Les.Sims.2.-.Fr.-.4CD.-.Serial.+.Crack.torrent
C:\DOCUME~1\Maya\Application Data\BitTorrent\Need.For.Speed.Most.Wanted.[ENG]PC.DVD[.ISO].[.NFO].Keygen & Crack.torrent


[F:2459][D:238]-> C:\DOCUME~1\Maya\LOCALS~1\Temp
[F:441][D:0]-> C:\DOCUME~1\Maya\Cookies
[F:24518][D:17]-> C:\DOCUME~1\Maya\LOCALS~1\TEMPOR~1\content.IE5

1 - "C:\Lop SD\LopR_1.txt" - 09/01/2009|17:54 - Option : [1]
2 - "C:\Lop SD\LopR_2.txt" - 10/01/2009|11:13 - Option : [3]

--------------------\\ Fin du rapport a 11:13:30
10 Janvier 2009 14:57:49

ripley_69 a dit :
> --------------------\\ Cracks & Keygens ..

C:\DOCUME~1\Maya\Application Data\BitTorrent\ACDSee_v9+keygen.torrent
C:\DOCUME~1\Maya\Application Data\BitTorrent\Les.Sims.2.-.Fr.-.4CD.-.Serial.+.Crack.torrent
C:\DOCUME~1\Maya\Application Data\BitTorrent\Need.For.Speed.Most.Wanted.[ENG]PC.DVD[.ISO].[.NFO].Keygen & Crack.torrent


Bonjour ripley_69,

> :non: 

1) Télécharge :
CCleaner 2.15.815 - Slim : http://www.ccleaner.com/download/builds.aspx
Lance-le puis clique sur Options>Avancé et décoche Effacer uniquement les fichiers, du dossier Temp de Windows, plus vieux que 48 heures. Laisse-le avec ses réglages par défaut et ferme le programme pour l' instant.
Tuto : http://www.infos-du-net.com/telecharger/CCleaner,0301-1...

Malwarebytes' Anti-Malware :
http://www.besttechie.net/tools/mbam-setup.exe
Lance-le et une fois l' exécutable téléchargé, double-clique sur mbam-setup.exe, l' installation commence. Laisse-toi guider par l' assistant : Choix de la langue, acceptation de la licence, dossier par défaut... Pense à cocher la case Créer une icône sur le Bureau. Tu arrives à présent à la fin de l' installation, ferme le programme pour l' instant.

2) Redémarre en mode sans echec :
Voir à la lettre D : http://forum.pcastuces.com/sujet.asp?f=25&s=3902
Il te faudra choisir ta session habituelle, pas le compte Administrateur ou autre.
Important : A partir de l' étape 3 tu n' auras plus accès au net. Copie la suite des instructions dans un fichier texte, sur ton bureau.

3) Lance Malwarebytes' Anti-Malware :
Tuto : http://www.infos-du-net.com/forum/278396-11-tuto-malwar...

4) Lance : CCleaner
Dans le menu Nettoyeur, clique sur Analyse (laisse-le travailler, cela peut durer longtemps la 1ère fois).
Puis clique sur le bouton Lancer le nettoyage.
Fais cela plusieurs fois d' affilée et ferme CCleaner

5) Redémarre en mode normal :
Poste le rapport Malwarebytes' Anti-Malware.

A+ tard;).
11 Janvier 2009 11:22:49

salut Frederix !!

ça va ? j'ai fait tout ce que tu m'as dit et voici le rapport Malwarebytes (ccleaner a trouvé quelques trucs que j'ai nettoyé) :

Malwarebytes' Anti-Malware 1.32
Version de la base de données: 1640
Windows 5.1.2600 Service Pack 2

11/01/2009 10:55:46
mbam-log-2009-01-11 (10-55-46).txt

Type de recherche: Examen complet (C:\|D:\|E:\|I:\|)
Eléments examinés: 278743
Temps écoulé: 56 minute(s), 22 second(s)

Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 0
Valeur(s) du Registre infectée(s): 0
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 0
Fichier(s) infecté(s): 0

Processus mémoire infecté(s):
(Aucun élément nuisible détecté)

Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)

Clé(s) du Registre infectée(s):
(Aucun élément nuisible détecté)

Valeur(s) du Registre infectée(s):
(Aucun élément nuisible détecté)

Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)

Dossier(s) infecté(s):
(Aucun élément nuisible détecté)

Fichier(s) infecté(s):
(Aucun élément nuisible détecté)
11 Janvier 2009 23:01:06

rapport d'anti vir :



Avira AntiVir Personal
Report file date: dimanche 11 janvier 2009 20:51

Scanning for 1179377 virus strains and unwanted programs.

Licensed to: Avira AntiVir PersonalEdition Classic
Serial number: 0000149996-ADJIE-0001
Platform: Windows XP
Windows version: (Service Pack 2) [5.1.2600]
Boot mode: Normally booted
Username: SYSTEM
Computer name: DARKVADOR

Version information:
BUILD.DAT : 8.2.0.337 16934 Bytes 18/11/2008 13:05:00
AVSCAN.EXE : 8.1.4.10 315649 Bytes 26/11/2008 18:43:11
AVSCAN.DLL : 8.1.4.0 40705 Bytes 18/07/2008 18:15:01
LUKE.DLL : 8.1.4.5 164097 Bytes 18/07/2008 18:15:01
LUKERES.DLL : 8.1.4.0 12033 Bytes 18/07/2008 18:15:01
ANTIVIR0.VDF : 7.1.0.0 15603712 Bytes 27/10/2008 13:15:33
ANTIVIR1.VDF : 7.1.1.33 1705984 Bytes 24/12/2008 18:33:42
ANTIVIR2.VDF : 7.1.1.88 726528 Bytes 08/01/2009 18:41:10
ANTIVIR3.VDF : 7.1.1.96 100864 Bytes 10/01/2009 18:38:51
Engineversion : 8.2.0.54
AEVDF.DLL : 8.1.0.6 102772 Bytes 19/10/2008 13:56:31
AESCRIPT.DLL : 8.1.1.24 340348 Bytes 09/01/2009 18:39:03
AESCN.DLL : 8.1.1.5 123251 Bytes 07/11/2008 19:44:15
AERDL.DLL : 8.1.1.3 438645 Bytes 07/11/2008 19:44:14
AEPACK.DLL : 8.1.3.5 393588 Bytes 09/01/2009 18:39:02
AEOFFICE.DLL : 8.1.0.33 196987 Bytes 11/12/2008 18:38:55
AEHEUR.DLL : 8.1.0.78 1532280 Bytes 09/01/2009 18:39:00
AEHELP.DLL : 8.1.2.0 119159 Bytes 18/11/2008 20:06:12
AEGEN.DLL : 8.1.1.8 323956 Bytes 11/12/2008 18:38:51
AEEMU.DLL : 8.1.0.9 393588 Bytes 19/10/2008 13:56:24
AECORE.DLL : 8.1.5.2 172405 Bytes 29/11/2008 09:44:29
AEBB.DLL : 8.1.0.3 53618 Bytes 19/10/2008 13:56:22
AVWINLL.DLL : 1.0.0.12 15105 Bytes 18/07/2008 18:15:01
AVPREF.DLL : 8.0.2.0 38657 Bytes 18/07/2008 18:15:01
AVREP.DLL : 8.0.0.2 98344 Bytes 31/07/2008 17:27:56
AVREG.DLL : 8.0.0.1 33537 Bytes 18/07/2008 18:15:01
AVARKT.DLL : 1.0.0.23 307457 Bytes 12/02/2008 08:29:23
AVEVTLOG.DLL : 8.0.0.16 119041 Bytes 18/07/2008 18:15:01
SQLITE3.DLL : 3.3.17.1 339968 Bytes 22/01/2008 17:28:02
SMTPLIB.DLL : 1.2.0.23 28929 Bytes 18/07/2008 18:15:02
NETNT.DLL : 8.0.0.1 7937 Bytes 25/01/2008 12:05:10
RCIMAGE.DLL : 8.0.0.51 2371841 Bytes 18/07/2008 18:15:00
RCTEXT.DLL : 8.0.52.0 86273 Bytes 18/07/2008 18:15:00

Configuration settings for the scan:
Jobname..........................: Complete system scan
Configuration file...............: c:\program files\avira\antivir personaledition classic\sysscan.avp
Logging..........................: low
Primary action...................: interactive
Secondary action.................: ignore
Scan master boot sector..........: on
Scan boot sector.................: on
Boot sectors.....................: C:, D:, E:, I:,
Process scan.....................: on
Scan registry....................: on
Search for rootkits..............: off
Scan all files...................: Intelligent file selection
Scan archives....................: on
Recursion depth..................: 20
Smart extensions.................: on
Macro heuristic..................: on
File heuristic...................: medium

Start of the scan: dimanche 11 janvier 2009 20:51

The scan of running processes will be started
Scan process 'avscan.exe' - '1' Module(s) have been scanned
Scan process 'avcenter.exe' - '1' Module(s) have been scanned
Scan process 'drwtsn32.exe' - '1' Module(s) have been scanned
Scan process 'drwtsn32.exe' - '1' Module(s) have been scanned
Scan process 'wmiprvse.exe' - '1' Module(s) have been scanned
Scan process 'bittorrent.exe' - '1' Module(s) have been scanned
Scan process 'usnsvc.exe' - '1' Module(s) have been scanned
Scan process 'msnmsgr.exe' - '1' Module(s) have been scanned
Scan process 'hpqste08.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'hpqtra08.exe' - '1' Module(s) have been scanned
Scan process 'dslmon.exe' - '1' Module(s) have been scanned
Scan process 'btdna.exe' - '1' Module(s) have been scanned
Scan process 'GoogleToolbarNotifier.exe' - '1' Module(s) have been scanned
Scan process 'ctfmon.exe' - '1' Module(s) have been scanned
Scan process 'SearchSettings.exe' - '1' Module(s) have been scanned
Scan process 'avgnt.exe' - '1' Module(s) have been scanned
Scan process 'V0410Mon.exe' - '1' Module(s) have been scanned
Scan process 'rundll32.exe' - '1' Module(s) have been scanned
Scan process 'avgas.exe' - '1' Module(s) have been scanned
Scan process 'hpwuSchd2.exe' - '1' Module(s) have been scanned
Scan process 'jusched.exe' - '1' Module(s) have been scanned
Scan process 'SOUNDMAN.EXE' - '1' Module(s) have been scanned
Scan process 'nTrayFw.exe' - '1' Module(s) have been scanned
Scan process 'explorer.exe' - '1' Module(s) have been scanned
Scan process 'wmiapsrv.exe' - '1' Module(s) have been scanned
Scan process 'CALMAIN.exe' - '1' Module(s) have been scanned
Scan process 'nSvcAppFlt.exe' - '1' Module(s) have been scanned
Scan process 'wdfmgr.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'nvsvc32.exe' - '1' Module(s) have been scanned
Scan process 'nSvcLog.exe' - '1' Module(s) have been scanned
Scan process 'nSvcIp.exe' - '1' Module(s) have been scanned
Scan process 'Apache.exe' - '1' Module(s) have been scanned
Scan process 'mysqld-nt.exe' - '1' Module(s) have been scanned
Scan process 'jqs.exe' - '1' Module(s) have been scanned
Scan process 'Apache.exe' - '1' Module(s) have been scanned
Scan process 'guard.exe' - '1' Module(s) have been scanned
Scan process 'avguard.exe' - '1' Module(s) have been scanned
Scan process 'sched.exe' - '1' Module(s) have been scanned
Scan process 'spoolsv.exe' - '1' Module(s) have been scanned
Scan process 'aawservice.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'lsass.exe' - '1' Module(s) have been scanned
Scan process 'services.exe' - '1' Module(s) have been scanned
Scan process 'winlogon.exe' - '1' Module(s) have been scanned
Scan process 'csrss.exe' - '1' Module(s) have been scanned
Scan process 'smss.exe' - '1' Module(s) have been scanned
52 processes with 52 modules were scanned

Starting master boot sector scan:
Master boot sector HD0
[INFO] No virus was found!
Master boot sector HD1
[INFO] No virus was found!
Master boot sector HD2
[INFO] No virus was found!
Master boot sector HD3
[INFO] No virus was found!

Start scanning boot sectors:
Boot sector 'C:\'
[INFO] No virus was found!
Boot sector 'D:\'
[INFO] No virus was found!
Boot sector 'E:\'
[INFO] No virus was found!
Boot sector 'I:\'
[INFO] No virus was found!

Starting to scan the registry.
The registry was scanned ( '676' files ).


Starting the file scan:

Begin scan in 'C:\' <SYSTEM>
C:\pagefile.sys
[WARNING] The file could not be opened!
Begin scan in 'D:\' <RED>
Begin scan in 'E:\' <BLUE>
Begin scan in 'I:\' <My Book>


End of the scan: dimanche 11 janvier 2009 21:51
Used time: 59:52 Minute(s)

The scan has been done completely.

17737 Scanning directories
588219 Files were scanned
0 viruses and/or unwanted programs were found
0 Files were classified as suspicious:
0 files were deleted
0 files were repaired
0 files were moved to quarantine
0 files were renamed
1 Files cannot be scanned
588218 Files not concerned
5276 Archives were scanned
1 Warnings
0 Notes

12 Janvier 2009 00:06:20

Bonsoir ripley_69,

poste un nouveau rapport HijackThis...

As-tu encore ton souci?

A+ tard;).
12 Janvier 2009 19:54:38

salut Frederix ;o)

bein écoute, ça va, je n'ai plus le message ! c'est cool !!

je te poste le rapport HijackThis au cas où :

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 19:56:18, on 12/01/2009
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.5730.0013)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe
C:\Program Files\Java\jre6\bin\jqs.exe
D:\xampplite\mysql\bin\mysqld-nt.exe
C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe
C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcIp.exe
C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcLog.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcAppFlt.exe
C:\Program Files\Canon\CAL\CALMAIN.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\System32\wbem\wmiapsrv.exe
C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nTrayFw.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\WINDOWS\V0410Mon.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\Program Files\Search Settings\SearchSettings.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\DNA\btdna.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files\MSN Messenger\usnsvc.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Outlook Express\msimn.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://r.office.microsoft.com/r/rlidOfficeUpdate?clid=1...
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: SearchSettings Class - {E312764E-7706-43F1-8DAB-FCDD2B1E416D} - C:\Program Files\Search Settings\kb127\SearchSettings.dll
O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: DealioBHO Class - {6A87B991-A31F-4130-AE72-6D0C294BF082} - C:\Program Files\Dealio\kb127\Dealio.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\3.1.807.1746\swg.dll
O2 - BHO: PDFCreator Toolbar Helper - {C451C08A-EC37-45DF-AAAD-18B51AB5E837} - C:\Program Files\PDFCreator Toolbar\v3.3.0.1\PDFCreator_Toolbar.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: SearchSettings Class - {E312764E-7706-43F1-8DAB-FCDD2B1E416D} - C:\Program Files\Search Settings\kb127\SearchSettings.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: Dealio - {E67C74F4-A00A-4F2C-9FEC-FD9DC004A67F} - C:\Program Files\Dealio\kb127\Dealio.dll
O3 - Toolbar: PDFCreator Toolbar - {31CF9EBE-5755-4A1D-AC25-2834D952D9B4} - C:\Program Files\PDFCreator Toolbar\v3.3.0.1\PDFCreator_Toolbar.dll
O4 - HKLM\..\Run: [nTrayFw] C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nTrayFw.exe
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\System32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [V0410Mon.exe] C:\WINDOWS\V0410Mon.exe
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKLM\..\Run: [SearchSettings] C:\Program Files\Search Settings\SearchSettings.exe
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [BitTorrent DNA] "C:\Program Files\DNA\btdna.exe"
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: DSLMON.lnk = C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: SATARAID5.lnk = ?
O8 - Extra context menu item: Compare Prices with &Dealio - C:\Documents and Settings\Maya\Application Data\Dealio\kb127\res\DealioSearch.html
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: Dealio - {E908B145-C847-4e85-B315-07E2E70DECF8} - C:\Program Files\Dealio\kb127\Dealio.dll
O9 - Extra 'Tools' menuitem: Dealio - {E908B145-C847-4e85-B315-07E2E70DECF8} - C:\Program Files\Dealio\kb127\Dealio.dll
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx1.hotmail.com/mail/w2/resources/MSNPUpld.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/fl...
O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} (Creative Software AutoUpdate Support Package) - http://www.creative.com/su2/CTL_V02002/ocx/15034/CTPID....
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL
O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Avira AntiVir Personal – Free Antivirus Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: Avira AntiVir Personal – Free Antivirus Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: Apache2.2 - Unknown owner - D:\02_data\01_travail_\Joomla !\Installation\xampplite\apache\bin\apache.exe (file missing)
O23 - Service: app_filter - Unknown owner - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcAppFlt.exe
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: Canon Camera Access Library 8 (CCALib8) - Canon Inc. - C:\Program Files\Canon\CAL\CALMAIN.exe
O23 - Service: Forceware Web Interface (ForcewareWebInterface) - Apache Software Foundation - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: mysql - Unknown owner - D:\xampplite\mysql\bin\mysqld-nt.exe
O23 - Service: ForceWare IP service (nSvcIp) - Unknown owner - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcIp.exe
O23 - Service: ForceWare user log service (nSvcLog) - Unknown owner - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcLog.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\System32\HPZipm12.exe

--
End of file - 10671 bytes

tu pense que c'est bon ?
13 Janvier 2009 00:59:23

ripley_69 a dit :
> tu pense que c'est bon ?


Bonsoir ripley_69,

> Presque...

Désinstalle SearchSettings en faisant ceci : démarrer>Panneau de configuration>Ajouter ou supprimer des programmes>Supprimer puis démarrer>Poste de travail>Disque local (C:) >Program Files>Supprimer

Lance HijackThis et ferme toutes les fenêtres de programme.

Vérifie qu' il fera des sauvegardes : Dans Config, coche Make backups before fixing items (protéger les objets avant de fixer) puis clique sur le bouton Back (retour). Ensuite, clique sur le bouton Do a system scan only (scanner seulement) et coche les cases situées devant les lignes ci-dessous :

R3 - URLSearchHook: SearchSettings Class - {E312764E-7706-43F1-8DAB-FCDD2B1E416D} - C:\Program Files\Search Settings\kb127\SearchSettings.dll
O2 - BHO: SearchSettings Class - {E312764E-7706-43F1-8DAB-FCDD2B1E416D} - C:\Program Files\Search Settings\kb127\SearchSettings.dll
O4 - HKLM\..\Run: [SearchSettings] C:\Program Files\Search Settings\SearchSettings.exe

Puis clique sur Fix checked (fixer objet).

A+ tard;).



13 Janvier 2009 18:53:34

bonsoir Frederix ;o)

j'ai fait ce que tu m'as dit mais je n'ai trouvé aucune des lignes en question... est-ce que c'est normal ?
14 Janvier 2009 13:09:07

salut !!

lop sd supprimé

voici le rapport de BitDefender :

BitDefender Online Scanner

Rapport d'analyse généré à: Wed, Jan 14, 2009 - 13:07:34

Voie d'analyse: A:\;C:\;D:\;E:\;F:\;I:\;

Statistiques

Temps 00:49:31

Fichiers 208700

Directoires 17851

Secteurs de boot 0

Archives 2381

Paquets programmes 18225

Résultats

Virus identifiés 0

Fichiers infectés 0

Fichiers suspects 0

Avertissements 0

Désinfectés 0

Fichiers effacés 0

Info sur les moteurs

Définition virus 2449435

Version des moteurs

AVCORE v1.7 (build 8314.19) (i386) (Sep 29 2008 17:19:14)

Analyse des plugins 17

Archive des plugins 45

Unpack des plugins 7

E-mail plugins 6

Système plugins 4

Paramètres d'analyse

Première action Désinfecté

Seconde ActionSupprimé

Heuristique Oui

Acceptez les avertissements Oui

Extensions analysées exe;com;dll;ocx;scr;bin;dat;386;vxd;sys;wdm;cla;class;ovl;ole;hlp;
doc;dot;xls;ppt;wbk;wiz;pot;ppa;xla;xlt;vbs;vbe;mdb;rtf;htm;hta;
html;xml;xtp;php;asp;js;shs;chm;lnk;pif;prc;url;smm;pfd;msi;ini;csc;
cmd;bas;


Excludez les extensions

Analyse d'emails Oui

Analyse des Archives Oui

Analyser paquets programmes Oui

Analyse des fichiers Oui

Analyse de boot Oui

Fichier analysé

Statut

Aucun virus trouvé.
15 Janvier 2009 12:23:17

:hello: ripley_69,

il faut mettre à jour ta machine Java (sous peine de faille de sécurité) :
http://java.sun.com/javase/downloads/index.jsp
Clique sur Download Java Runtime Environment (JRE) 6u11 et dans la page suivante, coche I agree et télécharge Windows Offline Installation, Multi-language/jre-6u11-windows-i586-p.exe/15.42 MB
Tu l' installeras navigateur fermé et dans Ajout/Suppression des programmes, supprime toutes les autres versions.

De+ tu n' as pas de parefeu, il faut que tu en installes-un.

A+ tard;).
18 Janvier 2009 09:09:29

salut Frederix, ça va ? désolée pour le retard, je ne me suis pas beaucoup connectée cette semaine !

j'ai fait ce que tu m'as dit, pour le pare-feu, j'ai celui de la Freebox, ça ne suffit pas ?
18 Janvier 2009 13:46:59

ripley_69 a dit :
> ...pour le pare-feu, j'ai celui de la Freebox, ça ne suffit pas ?


Bonjour ripley_69,

> Yes...

A+ tard;).
18 Janvier 2009 19:49:51

ah... euh... ok ! merci beaucoup pour ton aide en tout cas, c'est très gentil ;o)
18 Janvier 2009 23:22:11

Bonsoir ripley_69,

si tu penses ne+ avoir de souci, ok...

* Je te conseille de défragmenter ton PC : http://www.coupdepoucepc.com/modules/news/article.php?s...
* Il est fortement recommandé d' avoir tous ses logiciels de sécurité à jour, afin d' éviter les failles par lesquelles s' engouffrent les infections.
* Tu peux supprimer tous les logiciels que nous avons utilisés (Lop S&D...) qui traitent des infections spécifiques et qui sont mis à jour régulièrement. Il est inutile de les garder sur ton PC.
* Tu peux par contre garder Malwarebytes' Anti-Malware et CCleaner.

=========================================================================

Maintenant que ton PC n' est plus infecté, désactive la Restauration du système afin de créer un point de restauration sain.

Pour désactiver ou activer la Restauration du système, vous devez ouvrir une session Administrateur sous Windows XP.

Désactivation : Clique droit sur le Poste de travail>Propriétés, onglet Restauration du système et coche la case Désactiver la Restauration du système sur tous les lecteurs
Appliquer>Ok

Activation : Suis le même chemin, décoche la case Désactiver la Restauration du système sur tous les lecteurs
Appliquer>Ok, puis redémarre l' ordinateur.

=========================================================================

Pour améliorer la sécurité de ton PC, prends quelques instants pour lire : http://forum.pcastuces.com/prevention_et_protection___c...

==========================================================================

Dénonce ton infection pour faire condamner les auteurs.
Crée un message pour faire avancer les choses sur Malware-Complaints car nous devons être les plus nombreux possibles, rends compte de ton infection :

-Voir les règles du forum : http://www.malwarecomplaints.info/viewtopic.php?t=5
-Après t' être enregistré à l' aide du bouton du haut se nommant Register
Si tu as plus de 13 ans, choisis I Agree to these terms and am over or exactly 13 years of age
Si tu as moins, clique sur I Agree to these terms and am under 13 years of age

Tu as alors sous forme de liste, un sujet par type d' infection.
Tes infections...

Si le malware que tu as eu n' apparaît pas dans la liste ou si tu ne sais pas par quoi tu étais infecté(e), crée un message dans le sujet Autres infections, conforme au règle du forum (âge, ville, département...).
Indique aussi le nom du Forum qui t' a aidé, Idn Sécurité

============================================================================

S' il te plait, note ton sujet en (Résolu)
Prudence sur Internet et parle d' Idn autour de toi!

A+ tard;).
19 Janvier 2009 20:03:44

salut Frederix !!!

oui, j'en parle, t'inquiète ;o) et je vais m'occuper de ce qu'il reste à faire sur mon pc

merci beaucoup pour ton aide si précieuse et ta patience !
Tom's guide dans le monde
  • Allemagne
  • Italie
  • Irlande
  • Royaume Uni
  • Etats Unis
Suivre Tom's Guide
Inscrivez-vous à la Newsletter
  • ajouter à twitter
  • ajouter à facebook
  • ajouter un flux RSS