Se connecter / S'enregistrer
Votre question

Pubs CiD

Tags :
  • Internet Explorer
  • Sécurité
Dernière réponse : dans Sécurité et virus
9 Février 2008 00:36:28

Bonsoir,
Depuis quelques temps j'ai des pubs "CiD" qui s'ouvrent sous iexplorer et Mozilla .... Très gênant. Merci d'avance ;) 

Voici mon rapport HijackThis:

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 00:34:08, on 09/02/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\logiciels\Alwil Software\Avast4\aswUpdSv.exe
C:\logiciels\Alwil Software\Avast4\ashServ.exe
C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\logiciels\Winamp\winampa.exe
C:\Program Files\Fichiers communs\LogiShrd\LComMgr\Communications_Helper.exe
C:\Program Files\Logitech\QuickCam10\QuickCam10.exe
C:\LOGICI~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\WINDOWS\system32\spoolsv.exe
c:\program files\fichiers communs\logishrd\lvmvfm\LVPrcSrv.exe
C:\Program Files\Fichiers communs\LogiShrd\LComMgr\LVComSX.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\PSIService.exe
C:\WINDOWS\System32\svchost.exe
C:\logiciels\Alwil Software\Avast4\ashMaiSv.exe
C:\logiciels\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\Fichiers communs\Logishrd\LQCVFX\COCIManager.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Logiciels\eMule\emule.exe
C:\PROGRA~1\Mozilla Firefox\firefox.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Logiciels\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [WinampAgent] C:\logiciels\Winamp\winampa.exe
O4 - HKLM\..\Run: [AAWTray] C:\logiciels\Lavasoft\Ad-Aware 2007\AAWTray.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\logiciels\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\logiciels\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [LogitechCommunicationsManager] "C:\Program Files\Fichiers communs\LogiShrd\LComMgr\Communications_Helper.exe"
O4 - HKLM\..\Run: [LogitechQuickCamRibbon] "C:\Program Files\Logitech\QuickCam10\QuickCam10.exe" /hide
O4 - HKLM\..\Run: [avast!] C:\LOGICI~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [Bat Wave Base Dale] C:\Documents and Settings\All Users\Application Data\Link Axis Bat Wave\mags proxy.exe
O4 - HKLM\..\Run: [TrojanScanner] C:\logiciels\Trojan Remover\Trjscan.exe
O4 - HKCU\..\Run: [MessDvd] C:\DOCUME~1\Claire@\APPLIC~1\THIRDDOG\Gramdeaf.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: NETGEAR WPN111 Smart Wizard.lnk = ?
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx1.hotmail.com/mail/w2/pr02/resources/MSNPUpld...
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPACl...
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\logiciels\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\logiciels\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\logiciels\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\logiciels\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - c:\program files\fichiers communs\logishrd\lvmvfm\LVPrcSrv.exe
O23 - Service: LVSrvLauncher - Logitech Inc. - C:\Program Files\Fichiers communs\LogiShrd\SrvLnch\SrvLnch.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: ProtexisLicensing - Unknown owner - C:\WINDOWS\system32\PSIService.exe

--
End of file - 5485 bytes

Autres pages sur : pubs cid

a b 8 Sécurité
9 Février 2008 12:32:49

Bonjour,

Télécharge Lop S&D.exe sur ton Bureau.
  • Double-clique dessus pour lancer l'installation
  • Puis double-clique sur le raccourci Lop S&D présent sur ton Bureau
  • Séléctionne la langue souhaitée , puis choisis l'option 1 (Recherche)
  • Patiente jusqu'à la fin du scan
  • Poste le rapport généré (C:\lopR.txt)

    (Si le Bureau ne réapparait pas presse Ctrl + Alt + Suppr , Onglet Fichier , Nouvelle tâche , tape explorer.exe et valide)
    9 Février 2008 12:41:21

    répondez moi svppp
    Contenus similaires
    a b 8 Sécurité
    9 Février 2008 12:42:39

    Tu patientes le temps qu'il faut ! J'ai répondu en plus...
    On ne up pas avant une journée !
    10 Février 2008 00:16:45

    Rapport Lop S&D

    -----------------------------[ Lop S&D 2.3.1 ]---------------------------

    [ Windows XP (NT 5.1) Build 2600, Service Pack 2 ]
    [ USER : Claire@ ] [ "C:\Program Files\Lop SD" ]
    [ 10/02/2008 | 0:15:32,73 ] [ PC : CLAIRE-FKRV81ZA ]
    [ MAJ : 09-02-2008 | 14:21 ]

    -------------[ Listing des dossiers dans Application Data ]------------

    [03/02/2008|13:09] C:\DOCUME~1\ALLUSE~1\APPLIC~1\.
    [03/02/2008|13:09] C:\DOCUME~1\ALLUSE~1\APPLIC~1\..
    [21/12/2007|14:36] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe
    [09/12/2007|20:37] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple
    [09/12/2007|20:38] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple Computer
    [25/10/2007|17:33] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Corel
    [02/10/2007|21:10] C:\DOCUME~1\ALLUSE~1\APPLIC~1\desktop.ini
    [17/12/2007|23:35] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Kaspersky Lab Setup Files
    [14/01/2008|21:48] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Link Axis Bat Wave
    [25/12/2007|10:56] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Logishrd
    [25/12/2007|10:56] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Logitech
    [27/01/2008|18:57] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft
    [04/10/2007|06:55] C:\DOCUME~1\ALLUSE~1\APPLIC~1\nView_Profiles
    [03/02/2008|13:09] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Simply Super Software
    [27/10/2007|23:40] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Skype
    [06/10/2007|17:52] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Sony
    [03/02/2008|20:46] C:\DOCUME~1\ALLUSE~1\APPLIC~1\TEMP
    [20/12/2007|20:57] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WinZip

    [03/02/2008|13:09] C:\DOCUME~1\Claire@\APPLIC~1\.
    [03/02/2008|13:09] C:\DOCUME~1\Claire@\APPLIC~1\..
    [10/12/2007|00:42] C:\DOCUME~1\Claire@\APPLIC~1\Adobe
    [03/02/2008|20:39] C:\DOCUME~1\Claire@\APPLIC~1\Azureus
    [08/11/2007|22:44] C:\DOCUME~1\Claire@\APPLIC~1\Corel
    [02/10/2007|21:10] C:\DOCUME~1\Claire@\APPLIC~1\desktop.ini
    [14/12/2007|19:13] C:\DOCUME~1\Claire@\APPLIC~1\gtk-2.0
    [02/10/2007|20:38] C:\DOCUME~1\Claire@\APPLIC~1\Identities
    [07/02/2008|23:01] C:\DOCUME~1\Claire@\APPLIC~1\LimeWire
    [03/10/2007|19:42] C:\DOCUME~1\Claire@\APPLIC~1\ma-config.com
    [03/10/2007|16:12] C:\DOCUME~1\Claire@\APPLIC~1\Macromedia
    [11/01/2008|17:37] C:\DOCUME~1\Claire@\APPLIC~1\Microsoft
    [02/10/2007|21:25] C:\DOCUME~1\Claire@\APPLIC~1\Mozilla
    [06/10/2007|18:01] C:\DOCUME~1\Claire@\APPLIC~1\Publish Providers
    [27/01/2008|18:58] C:\DOCUME~1\Claire@\APPLIC~1\SecuROM
    [03/02/2008|13:09] C:\DOCUME~1\Claire@\APPLIC~1\Simply Super Software
    [06/10/2007|18:01] C:\DOCUME~1\Claire@\APPLIC~1\Sony
    [06/10/2007|17:31] C:\DOCUME~1\Claire@\APPLIC~1\Sony Setup
    [02/10/2007|22:16] C:\DOCUME~1\Claire@\APPLIC~1\Sun
    [02/10/2007|22:23] C:\DOCUME~1\Claire@\APPLIC~1\SystemRequirementsLab
    [14/01/2008|21:49] C:\DOCUME~1\Claire@\APPLIC~1\THIRDDOG
    [03/10/2007|16:33] C:\DOCUME~1\Claire@\APPLIC~1\vlc
    [04/10/2007|16:57] C:\DOCUME~1\Claire@\APPLIC~1\WinRAR

    [02/10/2007|21:10] C:\DOCUME~1\DEFAUL~1\APPLIC~1\.
    [02/10/2007|21:10] C:\DOCUME~1\DEFAUL~1\APPLIC~1\..
    [02/10/2007|21:10] C:\DOCUME~1\DEFAUL~1\APPLIC~1\desktop.ini
    [02/10/2007|20:30] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft

    [02/10/2007|20:37] C:\DOCUME~1\LOCALS~1\APPLIC~1\.
    [02/10/2007|20:37] C:\DOCUME~1\LOCALS~1\APPLIC~1\..
    [02/10/2007|20:30] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft

    [02/10/2007|20:37] C:\DOCUME~1\NETWOR~1\APPLIC~1\.
    [02/10/2007|20:37] C:\DOCUME~1\NETWOR~1\APPLIC~1\..
    [02/10/2007|20:30] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft

    ----------------[ Tâches planifiées dans C:\WINDOWS\tasks ]---------------

    [09/02/2008 10:00][--ah-----] C:\WINDOWS\tasks\B627022C960CB3F8.job [--272--]
    [31/01/2008 07:15][--a------] C:\WINDOWS\tasks\AppleSoftwareUpdate.job [--284--]
    [10/02/2008 00:07][--ah-----] C:\WINDOWS\tasks\SA.DAT [--6--]
    [30/08/2002 13:00][-r-h-----] C:\WINDOWS\tasks\desktop.ini [--65--]

    ---------------[ Listing des dossiers dans C:\Program Files ]--------------

    [30/01/2008|23:02] C:\Program Files\.
    [30/01/2008|23:02] C:\Program Files\..
    [21/12/2007|14:36] C:\Program Files\Adobe
    [09/12/2007|20:37] C:\Program Files\Apple Software Update
    [02/10/2007|20:27] C:\Program Files\ComPlus Applications
    [27/11/2007|20:47] C:\Program Files\ContextTool
    [06/12/2007|19:37] C:\Program Files\Cyanide
    [06/01/2008|00:48] C:\Program Files\Fichiers communs
    [25/12/2007|11:03] C:\Program Files\InstallShield Installation Information
    [13/12/2007|07:54] C:\Program Files\Internet Explorer
    [02/10/2007|22:05] C:\Program Files\Java
    [25/12/2007|10:56] C:\Program Files\Labtec
    [25/12/2007|10:56] C:\Program Files\Logitech
    [10/02/2008|00:15] C:\Program Files\Lop SD
    [05/10/2007|05:54] C:\Program Files\Messenger
    [02/10/2007|20:31] C:\Program Files\microsoft frontpage
    [06/10/2007|17:53] C:\Program Files\Microsoft SQL Server
    [04/10/2007|06:39] C:\Program Files\Movie Maker
    [10/02/2008|00:12] C:\Program Files\Mozilla Firefox
    [02/10/2007|20:26] C:\Program Files\MSN Gaming Zone
    [19/11/2007|11:58] C:\Program Files\MSN Messenger
    [06/10/2007|19:51] C:\Program Files\MSXML 4.0
    [04/10/2007|06:36] C:\Program Files\NetMeeting
    [05/10/2007|05:54] C:\Program Files\Outlook Express
    [02/10/2007|20:29] C:\Program Files\Services en ligne
    [14/01/2008|21:45] C:\Program Files\THIRDDOG
    [06/10/2007|17:53] C:\Program Files\Uninstall Information
    [06/10/2007|17:50] C:\Program Files\Vstplugins
    [04/10/2007|17:20] C:\Program Files\Winamp
    [24/10/2007|20:56] C:\Program Files\Windows Media Player
    [04/10/2007|06:36] C:\Program Files\Windows NT
    [03/10/2007|18:27] C:\Program Files\WindowsUpdate
    [24/10/2007|20:56] C:\Program Files\WinRAR
    [02/10/2007|20:31] C:\Program Files\xerox

    ------[ Listing des dossiers dans C:\Program Files\Fichiers communs ]------

    [06/01/2008|00:48] C:\Program Files\Fichiers communs\.
    [06/01/2008|00:48] C:\Program Files\Fichiers communs\..
    [21/12/2007|14:37] C:\Program Files\Fichiers communs\Adobe
    [06/01/2008|00:48] C:\Program Files\Fichiers communs\Blizzard Entertainment
    [02/10/2007|20:47] C:\Program Files\Fichiers communs\InstallShield
    [02/10/2007|22:04] C:\Program Files\Fichiers communs\Java
    [04/10/2007|11:04] C:\Program Files\Fichiers communs\Labtec
    [25/12/2007|11:07] C:\Program Files\Fichiers communs\LogiShrd
    [02/10/2007|20:38] C:\Program Files\Fichiers communs\Microsoft Shared
    [02/10/2007|20:28] C:\Program Files\Fichiers communs\MSSoap
    [02/10/2007|21:11] C:\Program Files\Fichiers communs\ODBC
    [02/10/2007|20:28] C:\Program Files\Fichiers communs\Services
    [02/10/2007|21:11] C:\Program Files\Fichiers communs\SpeechEngines
    [05/10/2007|05:54] C:\Program Files\Fichiers communs\System
    [16/12/2007|11:19] C:\Program Files\Fichiers communs\Wise Installation Wizard

    ----------------------[ Recherche avec S_Lop ]---------------------

    C:\DOCUME~1\Claire@\APPLIC~1\THIRDDOG
    C:\DOCUME~1\Claire@\APPLIC~1\THIRDDOG\Gramdeaf.exe
    C:\DOCUME~1\Claire@\APPLIC~1\THIRDDOG\jmlmsjdw.exe
    C:\DOCUME~1\Claire@\APPLIC~1\THIRDDOG\kmiowzwa.exe
    C:\DOCUME~1\Claire@\APPLIC~1\THIRDDOG\PLUS SAVE SITE.exe
    C:\DOCUME~1\Claire@\APPLIC~1\THIRDDOG\pzoherwr.exe
    C:\DOCUME~1\Claire@\APPLIC~1\THIRDDOG\stpbfskc.exe
    C:\DOCUME~1\Claire@\APPLIC~1\THIRDDOG\tkwaqcmb.exe
    C:\DOCUME~1\Claire@\APPLIC~1\THIRDDOG\vjtvfzgk.exe
    C:\DOCUME~1\Claire@\APPLIC~1\THIRDDOG\xnwzohjf.exe

    -----------------[ Recherche de Fichiers / Dossiers Lop ]-----------------

    C:\DOCUME~1\ALLUSE~1\APPLIC~1\Link Axis Bat Wave
    C:\DOCUME~1\ALLUSE~1\APPLIC~1\Link Axis Bat Wave\mags proxy.exe
    C:\DOCUME~1\ALLUSE~1\APPLIC~1\Link Axis Bat Wave\Mode Remote.exe
    C:\DOCUME~1\Claire@\APPLIC~1\THIRDDOG
    C:\DOCUME~1\Claire@\APPLIC~1\THIRDDOG\Gramdeaf.exe
    C:\DOCUME~1\Claire@\APPLIC~1\THIRDDOG\jmlmsjdw.exe
    C:\DOCUME~1\Claire@\APPLIC~1\THIRDDOG\kmiowzwa.exe
    C:\DOCUME~1\Claire@\APPLIC~1\THIRDDOG\PLUS SAVE SITE.exe
    C:\DOCUME~1\Claire@\APPLIC~1\THIRDDOG\pzoherwr.exe
    C:\DOCUME~1\Claire@\APPLIC~1\THIRDDOG\stpbfskc.exe
    C:\DOCUME~1\Claire@\APPLIC~1\THIRDDOG\tkwaqcmb.exe
    C:\DOCUME~1\Claire@\APPLIC~1\THIRDDOG\vjtvfzgk.exe
    C:\DOCUME~1\Claire@\APPLIC~1\THIRDDOG\xnwzohjf.exe
    C:\Program Files\THIRDDOG
    C:\WINDOWS\Tasks\B627022C960CB3F8.job

    ----------------------[ Verification du Registre ]----------------------

    [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\uninstall\junk shim build]
    "DisplayName"="CiD Help"
    "UninstallString"="C:\\DOCUME~1\\Claire@\\APPLIC~1\\THIRDDOG\\Gramdeaf.exe -uninstall"

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "MessDvd"="C:\\DOCUME~1\\Claire@\\APPLIC~1\\THIRDDOG\\Gramdeaf.exe"

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "Bat Wave Base Dale"="C:\\Documents and Settings\\All Users\\Application Data\\Link Axis Bat Wave\\mags proxy.exe"

    --------------------[ Verification du fichier Hosts ]---------------------

    Fichier Hosts MODIFIE

    127.0.0.1 bin.errorprotector.com ## added by CiD
    127.0.0.1 br.errorsafe.com ## added by CiD
    127.0.0.1 br.winantivirus.com ## added by CiD
    127.0.0.1 br.winfixer.com ## added by CiD
    127.0.0.1 cdn.drivecleaner.com ## added by CiD
    127.0.0.1 cdn.errorsafe.com ## added by CiD
    127.0.0.1 cdn.winsoftware.com ## added by CiD
    127.0.0.1 de.errorsafe.com ## added by CiD
    127.0.0.1 de.winantivirus.com ## added by CiD
    127.0.0.1 download.cdn.drivecleaner.com ## added by CiD
    127.0.0.1 download.cdn.errorsafe.com ## added by CiD
    127.0.0.1 download.cdn.winsoftware.com ## added by CiD
    127.0.0.1 download.errorsafe.com ## added by CiD
    127.0.0.1 download.systemdoctor.com ## added by CiD
    127.0.0.1 download.winantispyware.com ## added by CiD
    127.0.0.1 download.windrivecleaner.com ## added by CiD
    127.0.0.1 download.winfixer.com ## added by CiD
    127.0.0.1 drivecleaner.com ## added by CiD
    127.0.0.1 dynamique.drivecleaner.com ## added by CiD
    127.0.0.1 errorprotector.com ## added by CiD
    127.0.0.1 errorsafe.com ## added by CiD
    127.0.0.1 es.winantivirus.com ## added by CiD
    127.0.0.1 fr.winantivirus.com ## added by CiD
    127.0.0.1 fr.winfixer.com ## added by CiD
    127.0.0.1 go.drivecleaner.com ## added by CiD
    127.0.0.1 go.errorsafe.com ## added by CiD
    127.0.0.1 go.winantispyware.com ## added by CiD
    127.0.0.1 go.winantivirus.com ## added by CiD
    127.0.0.1 hk.winantivirus.com ## added by CiD
    127.0.0.1 instlog.errorsafe.com ## added by CiD
    127.0.0.1 instlog.winantivirus.com ## added by CiD
    127.0.0.1 instlog.winfixer.com ## added by CiD
    127.0.0.1 jsp.drivecleaner.com ## added by CiD
    127.0.0.1 kb.errorsafe.com ## added by CiD
    127.0.0.1 kb.winantivirus.com ## added by CiD
    127.0.0.1 nl.errorsafe.com ## added by CiD
    127.0.0.1 se.errorsafe.com ## added by CiD
    127.0.0.1 secure.drivecleaner.com ## added by CiD
    127.0.0.1 secure.errorsafe.com ## added by CiD
    127.0.0.1 secure.winantispam.com ## added by CiD
    127.0.0.1 secure.winantispy.com ## added by CiD
    127.0.0.1 secure.winantivirus.com ## added by CiD
    127.0.0.1 support.winantivirus.com ## added by CiD
    127.0.0.1 trial.updates.winsoftware.com ## added by CiD
    127.0.0.1 ulog.winantivirus.com ## added by CiD
    127.0.0.1 utils.errorsafe.com ## added by CiD
    127.0.0.1 utils.winantivirus.com ## added by CiD
    127.0.0.1 utils.winfixer.com ## added by CiD
    127.0.0.1 winantispyware.com ## added by CiD
    127.0.0.1 winantivirus.com ## added by CiD
    127.0.0.1 winfixer.com ## added by CiD
    127.0.0.1 winfixer2006.com ## added by CiD
    127.0.0.1 winsoftware.com ## added by CiD
    127.0.0.1 www.drivecleaner.com ## added by CiD
    127.0.0.1 www.errorprotector.com ## added by CiD
    127.0.0.1 www.errorsafe.com ## added by CiD
    127.0.0.1 www.systemdoctor.com ## added by CiD
    127.0.0.1 www.utils.winfixer.com ## added by CiD
    127.0.0.1 www.win-anti-virus-pro.com ## added by CiD
    127.0.0.1 www.win-virus-pro.com ## added by CiD
    127.0.0.1 www.winantispam.com ## added by CiD
    127.0.0.1 www.winantispy.com ## added by CiD
    127.0.0.1 www.winantispyware.com ## added by CiD
    127.0.0.1 www.winantivirus.com ## added by CiD
    127.0.0.1 www.winantiviruspro.com ## added by CiD
    127.0.0.1 www.windrivecleaner.com ## added by CiD
    127.0.0.1 www.windrivesafe.com ## added by CiD
    127.0.0.1 www.winfixer.com ## added by CiD
    127.0.0.1 www.winfixer2006.com ## added by CiD
    127.0.0.1 www.winsoftware.com ## added by CiD

    -> 72 ( 70 ## added by CiD )

    /!\ 1 Not 127.0.0.1 !!

    ----------------[ Recherche de fichiers avec Catchme ]-----------------

    catchme 0.3.1262 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
    Rootkit scan 2008-02-10 00:17:29
    Windows 5.1.2600 Service Pack 2 NTFS
    scanning hidden files ...
    scan completed successfully
    hidden files: 0

    --------------------[ Recherche d'autres infections ]---------------------

    Aucune autre infection trouvée !

    /!\ [Fich:69][Doss:4] C:\DOCUME~1\Claire@\LOCALS~1\Temp
    /!\ [Fich:103][Doss:0] C:\DOCUME~1\Claire@\Cookies
    /!\ [Fich:2983][Doss:5] C:\DOCUME~1\Claire@\LOCALS~1\TEMPOR~1\content.IE5

    --------------------[ Fin du rapport a 0:17:55,03 ]----------------------
    a b 8 Sécurité
    10 Février 2008 11:44:25

    Re,

    Relance Lop S&D

  • Choisis cette fois ci l'Option 2 (Suppression)
  • Ne ferme pas la fenêtre lors de la suppression !
  • Poste le rapport généré (C:\lopR.txt)

    (Si le Bureau ne réapparît pas presse Ctrl + Alt + Suppr , Onglet Fichier , Nouvelle tâche , tape explorer.exe et valide)
    10 Février 2008 12:04:53

    -----------------------------[ Lop S&D 2.3.1 ]---------------------------

    [ Windows XP (NT 5.1) Build 2600, Service Pack 2 ]
    [ USER : Claire@ ] [ "C:\Program Files\Lop SD" ]
    [ 10/02/2008 | 12:05:23,79 ] [ PC : CLAIRE-FKRV81ZA ]
    [ MAJ : 09-02-2008 | 14:21 ]

    \\\\\\\\\\\\\\\\\\\\\\\\\\\\\\ SUPPRESSION /////////////////////////////

    Echec ! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\Link Axis Bat Wave\mags proxy.exe
    Supprimé! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\Link Axis Bat Wave\Mode Remote.exe
    Supprimé! - C:\DOCUME~1\Claire@\APPLIC~1\THIRDDOG\Gramdeaf.exe
    Supprimé! - C:\DOCUME~1\Claire@\APPLIC~1\THIRDDOG\jmlmsjdw.exe
    Supprimé! - C:\DOCUME~1\Claire@\APPLIC~1\THIRDDOG\kmiowzwa.exe
    Supprimé! - C:\DOCUME~1\Claire@\APPLIC~1\THIRDDOG\PLUS SAVE SITE.exe
    Supprimé! - C:\DOCUME~1\Claire@\APPLIC~1\THIRDDOG\pzoherwr.exe
    Supprimé! - C:\DOCUME~1\Claire@\APPLIC~1\THIRDDOG\stpbfskc.exe
    Supprimé! - C:\DOCUME~1\Claire@\APPLIC~1\THIRDDOG\tkwaqcmb.exe
    Supprimé! - C:\DOCUME~1\Claire@\APPLIC~1\THIRDDOG\vjtvfzgk.exe
    Supprimé! - C:\DOCUME~1\Claire@\APPLIC~1\THIRDDOG\xnwzohjf.exe
    Supprimé! - C:\WINDOWS\Tasks\B627022C960CB3F8.job
    Echec ! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\Link Axis Bat Wave
    Supprimé! - C:\DOCUME~1\Claire@\APPLIC~1\THIRDDOG
    Supprimé! - C:\Program Files\THIRDDOG
    Restauré! - Fichier Hosts

    \\\\\\\\\\\\\\\\\\\\\\\\\\\ DEUXIEME PASSAGE ///////////////////////////

    Supprimé! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\Link Axis Bat Wave\mags proxy.exe
    Supprimé! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\Link Axis Bat Wave

    //////////////////////////////////////-\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\


    -------------[ Listing des dossiers dans Application Data ]------------

    [10/02/2008|12:06] C:\DOCUME~1\ALLUSE~1\APPLIC~1\.
    [10/02/2008|12:06] C:\DOCUME~1\ALLUSE~1\APPLIC~1\..
    [21/12/2007|14:36] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe
    [09/12/2007|20:37] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple
    [09/12/2007|20:38] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple Computer
    [25/10/2007|17:33] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Corel
    [02/10/2007|21:10] C:\DOCUME~1\ALLUSE~1\APPLIC~1\desktop.ini
    [17/12/2007|23:35] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Kaspersky Lab Setup Files
    [25/12/2007|10:56] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Logishrd
    [25/12/2007|10:56] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Logitech
    [27/01/2008|18:57] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft
    [04/10/2007|06:55] C:\DOCUME~1\ALLUSE~1\APPLIC~1\nView_Profiles
    [03/02/2008|13:09] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Simply Super Software
    [27/10/2007|23:40] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Skype
    [06/10/2007|17:52] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Sony
    [03/02/2008|20:46] C:\DOCUME~1\ALLUSE~1\APPLIC~1\TEMP
    [20/12/2007|20:57] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WinZip

    [10/02/2008|12:06] C:\DOCUME~1\Claire@\APPLIC~1\.
    [10/02/2008|12:06] C:\DOCUME~1\Claire@\APPLIC~1\..
    [10/12/2007|00:42] C:\DOCUME~1\Claire@\APPLIC~1\Adobe
    [03/02/2008|20:39] C:\DOCUME~1\Claire@\APPLIC~1\Azureus
    [08/11/2007|22:44] C:\DOCUME~1\Claire@\APPLIC~1\Corel
    [02/10/2007|21:10] C:\DOCUME~1\Claire@\APPLIC~1\desktop.ini
    [14/12/2007|19:13] C:\DOCUME~1\Claire@\APPLIC~1\gtk-2.0
    [02/10/2007|20:38] C:\DOCUME~1\Claire@\APPLIC~1\Identities
    [07/02/2008|23:01] C:\DOCUME~1\Claire@\APPLIC~1\LimeWire
    [03/10/2007|19:42] C:\DOCUME~1\Claire@\APPLIC~1\ma-config.com
    [03/10/2007|16:12] C:\DOCUME~1\Claire@\APPLIC~1\Macromedia
    [11/01/2008|17:37] C:\DOCUME~1\Claire@\APPLIC~1\Microsoft
    [02/10/2007|21:25] C:\DOCUME~1\Claire@\APPLIC~1\Mozilla
    [06/10/2007|18:01] C:\DOCUME~1\Claire@\APPLIC~1\Publish Providers
    [27/01/2008|18:58] C:\DOCUME~1\Claire@\APPLIC~1\SecuROM
    [03/02/2008|13:09] C:\DOCUME~1\Claire@\APPLIC~1\Simply Super Software
    [06/10/2007|18:01] C:\DOCUME~1\Claire@\APPLIC~1\Sony
    [06/10/2007|17:31] C:\DOCUME~1\Claire@\APPLIC~1\Sony Setup
    [02/10/2007|22:16] C:\DOCUME~1\Claire@\APPLIC~1\Sun
    [02/10/2007|22:23] C:\DOCUME~1\Claire@\APPLIC~1\SystemRequirementsLab
    [03/10/2007|16:33] C:\DOCUME~1\Claire@\APPLIC~1\vlc
    [04/10/2007|16:57] C:\DOCUME~1\Claire@\APPLIC~1\WinRAR

    [02/10/2007|21:10] C:\DOCUME~1\DEFAUL~1\APPLIC~1\.
    [02/10/2007|21:10] C:\DOCUME~1\DEFAUL~1\APPLIC~1\..
    [02/10/2007|21:10] C:\DOCUME~1\DEFAUL~1\APPLIC~1\desktop.ini
    [02/10/2007|20:30] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft

    [02/10/2007|20:37] C:\DOCUME~1\LOCALS~1\APPLIC~1\.
    [02/10/2007|20:37] C:\DOCUME~1\LOCALS~1\APPLIC~1\..
    [02/10/2007|20:30] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft

    [02/10/2007|20:37] C:\DOCUME~1\NETWOR~1\APPLIC~1\.
    [02/10/2007|20:37] C:\DOCUME~1\NETWOR~1\APPLIC~1\..
    [02/10/2007|20:30] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft

    ----------------[ Tâches planifiées dans C:\WINDOWS\tasks ]---------------

    [31/01/2008 07:15][--a------] C:\WINDOWS\tasks\AppleSoftwareUpdate.job [--284--]
    [10/02/2008 00:07][--ah-----] C:\WINDOWS\tasks\SA.DAT [--6--]
    [30/08/2002 13:00][-r-h-----] C:\WINDOWS\tasks\desktop.ini [--65--]

    ---------------[ Listing des dossiers dans C:\Program Files ]--------------

    [10/02/2008|12:06] C:\Program Files\.
    [10/02/2008|12:06] C:\Program Files\..
    [21/12/2007|14:36] C:\Program Files\Adobe
    [09/12/2007|20:37] C:\Program Files\Apple Software Update
    [02/10/2007|20:27] C:\Program Files\ComPlus Applications
    [27/11/2007|20:47] C:\Program Files\ContextTool
    [06/12/2007|19:37] C:\Program Files\Cyanide
    [06/01/2008|00:48] C:\Program Files\Fichiers communs
    [25/12/2007|11:03] C:\Program Files\InstallShield Installation Information
    [13/12/2007|07:54] C:\Program Files\Internet Explorer
    [02/10/2007|22:05] C:\Program Files\Java
    [25/12/2007|10:56] C:\Program Files\Labtec
    [25/12/2007|10:56] C:\Program Files\Logitech
    [10/02/2008|12:06] C:\Program Files\Lop SD
    [05/10/2007|05:54] C:\Program Files\Messenger
    [02/10/2007|20:31] C:\Program Files\microsoft frontpage
    [06/10/2007|17:53] C:\Program Files\Microsoft SQL Server
    [04/10/2007|06:39] C:\Program Files\Movie Maker
    [10/02/2008|12:03] C:\Program Files\Mozilla Firefox
    [02/10/2007|20:26] C:\Program Files\MSN Gaming Zone
    [19/11/2007|11:58] C:\Program Files\MSN Messenger
    [06/10/2007|19:51] C:\Program Files\MSXML 4.0
    [04/10/2007|06:36] C:\Program Files\NetMeeting
    [05/10/2007|05:54] C:\Program Files\Outlook Express
    [02/10/2007|20:29] C:\Program Files\Services en ligne
    [06/10/2007|17:53] C:\Program Files\Uninstall Information
    [06/10/2007|17:50] C:\Program Files\Vstplugins
    [04/10/2007|17:20] C:\Program Files\Winamp
    [24/10/2007|20:56] C:\Program Files\Windows Media Player
    [04/10/2007|06:36] C:\Program Files\Windows NT
    [03/10/2007|18:27] C:\Program Files\WindowsUpdate
    [24/10/2007|20:56] C:\Program Files\WinRAR
    [02/10/2007|20:31] C:\Program Files\xerox

    ------[ Listing des dossiers dans C:\Program Files\Fichiers communs ]------

    [06/01/2008|00:48] C:\Program Files\Fichiers communs\.
    [06/01/2008|00:48] C:\Program Files\Fichiers communs\..
    [21/12/2007|14:37] C:\Program Files\Fichiers communs\Adobe
    [06/01/2008|00:48] C:\Program Files\Fichiers communs\Blizzard Entertainment
    [02/10/2007|20:47] C:\Program Files\Fichiers communs\InstallShield
    [02/10/2007|22:04] C:\Program Files\Fichiers communs\Java
    [04/10/2007|11:04] C:\Program Files\Fichiers communs\Labtec
    [25/12/2007|11:07] C:\Program Files\Fichiers communs\LogiShrd
    [02/10/2007|20:38] C:\Program Files\Fichiers communs\Microsoft Shared
    [02/10/2007|20:28] C:\Program Files\Fichiers communs\MSSoap
    [02/10/2007|21:11] C:\Program Files\Fichiers communs\ODBC
    [02/10/2007|20:28] C:\Program Files\Fichiers communs\Services
    [02/10/2007|21:11] C:\Program Files\Fichiers communs\SpeechEngines
    [05/10/2007|05:54] C:\Program Files\Fichiers communs\System
    [16/12/2007|11:19] C:\Program Files\Fichiers communs\Wise Installation Wizard

    ----------------------[ Recherche avec S_Lop ]---------------------

    Aucun fichier / dossier Lop trouvé !

    -----------------[ Recherche de Fichiers / Dossiers Lop ]-----------------

    Aucun fichier / dossier Lop trouvé !

    ----------------------[ Verification du Registre ]----------------------

    ..... OK !

    --------------------[ Verification du fichier Hosts ]---------------------

    Fichier Hosts PROPRE


    ----------------[ Recherche de fichiers avec Catchme ]-----------------

    catchme 0.3.1262 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
    Rootkit scan 2008-02-10 12:07:04
    Windows 5.1.2600 Service Pack 2 NTFS
    scanning hidden files ...
    scan completed successfully
    hidden files: 0

    --------------------[ Recherche d'autres infections ]---------------------

    Aucune autre infection trouvée !

    /!\ [Fich:69][Doss:4] C:\DOCUME~1\Claire@\LOCALS~1\Temp
    /!\ [Fich:106][Doss:0] C:\DOCUME~1\Claire@\Cookies
    /!\ [Fich:3007][Doss:5] C:\DOCUME~1\Claire@\LOCALS~1\TEMPOR~1\content.IE5

    --------------------[ Fin du rapport a 12:07:17,84 ]----------------------
    a b 8 Sécurité
    10 Février 2008 12:12:07

    Reposte un rapport Hijackthis.
    10 Février 2008 12:36:47

    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 12:39:40, on 10/02/2008
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\logiciels\Alwil Software\Avast4\aswUpdSv.exe
    C:\logiciels\Alwil Software\Avast4\ashServ.exe
    C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
    C:\WINDOWS\system32\RUNDLL32.EXE
    C:\logiciels\Winamp\winampa.exe
    C:\Program Files\Fichiers communs\LogiShrd\LComMgr\Communications_Helper.exe
    C:\Program Files\Logitech\QuickCam10\QuickCam10.exe
    C:\LOGICI~1\ALWILS~1\Avast4\ashDisp.exe
    C:\Program Files\MSN Messenger\msnmsgr.exe
    C:\Program Files\Messenger\msmsgs.exe
    C:\Logiciels\NetGear\wpn111.exe
    C:\WINDOWS\system32\spoolsv.exe
    c:\program files\fichiers communs\logishrd\lvmvfm\LVPrcSrv.exe
    C:\Program Files\Fichiers communs\LogiShrd\LComMgr\LVComSX.exe
    C:\WINDOWS\system32\nvsvc32.exe
    C:\WINDOWS\system32\PSIService.exe
    C:\WINDOWS\System32\svchost.exe
    C:\logiciels\Alwil Software\Avast4\ashMaiSv.exe
    C:\logiciels\Alwil Software\Avast4\ashWebSv.exe
    C:\Program Files\Fichiers communs\Logishrd\LQCVFX\COCIManager.exe
    C:\WINDOWS\system32\wuauclt.exe
    C:\Logiciels\eMule\emule.exe
    C:\PROGRA~1\Mozilla Firefox\firefox.exe
    C:\WINDOWS\explorer.exe
    C:\Logiciels\HijackThis\HijackThis.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
    O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
    O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
    O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
    O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
    O4 - HKLM\..\Run: [WinampAgent] C:\logiciels\Winamp\winampa.exe
    O4 - HKLM\..\Run: [AAWTray] C:\logiciels\Lavasoft\Ad-Aware 2007\AAWTray.exe
    O4 - HKLM\..\Run: [QuickTime Task] "C:\logiciels\QuickTime\QTTask.exe" -atboottime
    O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\logiciels\Adobe\Reader 8.0\Reader\Reader_sl.exe"
    O4 - HKLM\..\Run: [LogitechCommunicationsManager] "C:\Program Files\Fichiers communs\LogiShrd\LComMgr\Communications_Helper.exe"
    O4 - HKLM\..\Run: [LogitechQuickCamRibbon] "C:\Program Files\Logitech\QuickCam10\QuickCam10.exe" /hide
    O4 - HKLM\..\Run: [avast!] C:\LOGICI~1\ALWILS~1\Avast4\ashDisp.exe
    O4 - HKLM\..\Run: [TrojanScanner] C:\logiciels\Trojan Remover\Trjscan.exe
    O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
    O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
    O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL')
    O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU')
    O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
    O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
    O4 - Global Startup: NETGEAR WPN111 Smart Wizard.lnk = ?
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx1.hotmail.com/mail/w2/pr02/resources/MSNPUpld...
    O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPACl...
    O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\logiciels\Alwil Software\Avast4\aswUpdSv.exe
    O23 - Service: avast! Antivirus - ALWIL Software - C:\logiciels\Alwil Software\Avast4\ashServ.exe
    O23 - Service: avast! Mail Scanner - ALWIL Software - C:\logiciels\Alwil Software\Avast4\ashMaiSv.exe
    O23 - Service: avast! Web Scanner - ALWIL Software - C:\logiciels\Alwil Software\Avast4\ashWebSv.exe
    O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - c:\program files\fichiers communs\logishrd\lvmvfm\LVPrcSrv.exe
    O23 - Service: LVSrvLauncher - Logitech Inc. - C:\Program Files\Fichiers communs\LogiShrd\SrvLnch\SrvLnch.exe
    O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
    O23 - Service: ProtexisLicensing - Unknown owner - C:\WINDOWS\system32\PSIService.exe

    --
    End of file - 5164 bytes
    10 Février 2008 13:40:02

    Avira AntiVir PersonalEdition Classic
    *************************************

    Copyright © 2007 Avira GmbH.
    All rights reserved.


    Inhalt
    ******

    0 Important information
    1 System requirements
    2 Important requirements for an installation
    3 Incompatibilities with other programs
    4 Support service
    5 Contact address


    0 Important information
    ***********************

    Users who have up to now installed an ANSI version of the Avira
    AntiVir PersonalEdition Classic software pack on a Microsoft Windows
    NT, Microsoft Windows 2000 or Microsoft Windows XP operating system,
    receive update information when attempting to update.

    When updating, please proceed as follows:

    1. Deinstall the installed version of the Avira AntiVir
    PersonalEdition Classic.
    2. Download a current software pack from the downoad section of the
    Avira AntiVir PersonalEdition Classic website
    http://www.free-av.com.
    3. Install this software pack on your computer.

    1 System requirements
    *********************

    In order for Avira AntiVir PersonalEdition Classic to run properly,
    the computer system must fulfill the following requirements:

    - Computer: Pentium or higher, at least 133 MHz

    - Operating system
    - Microsoft Windows Vista or
    - Microsoft Windows XP Home or Professional, or
    - Microsoft Windows 2000, SP 4 recommended

    Avira AntiVir PersonalEdition Classic also supports Microsoft Windows
    XP x64 Edition.

    The display of the program interfaces can differ, depending on the
    operating system used.

    - 30 MB free memory on the hard disk (more if quarantine is used)

    - Min. 100 MB temporary memory on the hard disk

    - Min. 25 MB of free main memory

    - For all installations: Internet Explorer 5.0 or higher

    - For the installation of Avira AntiVir PersonalEdition Classic:
    administrator rights

    Note
    ----

    - If there is no Internet Explorer 5.0 or higher available on your
    system, you can download it under the following address:

    http://www.microsoft.com/windows/ie/downloads/default.m...


    2 Important requirements for an installation
    ********************************************

    Ensure that the following requirements are fulfilled so that Avira
    AntiVir PersonalEdition Classic works properly on your computer:

    - System requirements fulfilled
    - No other on-access scanner (also called Guard) installed
    - Installer has administrator rights
    - Internet/Intranet connection available
    - All running programs on the computer exited


    3 Incompatibilities with other programs
    ***************************************

    Cygwin

    If the Avira AntiVir PersonalEdition Classic runs on a system where
    the product Cygwin is installed, you might encounter problems with
    updating the Avira AntiVir PersonalEdition Classic. In a worst case
    scenario you might not be able to update the Avira AntiVir
    PersonalEdition Classic at all. Background to this behavior is the
    fact that the cygwin process "cygrun.srv.exe" together with the
    Microsoft Client/Server runtime server subsystem ("csrss.exe) causes
    a complete load of the system once the update process of the Avira
    AntiVir PersonalEdition Classic is started. It is therefore strongly
    recommended to deinstall Cygwin before the Avira AntiVir
    PersonalEdition Classic is installed.


    4 Support service
    *****************

    If you have problems please try first to solve them using the
    integrated help system and the user manual (Download at:
    http://www.free-av.com). For harder problem, please feel free to
    post a message to our bulletin board at http://forum.avira.de or
    to call our Support-Hotline.

    Please also feel free to post bug reports, hints, feature requests
    and anything else related to the Avira AntiVir PersonalEdition
    Classic to this Bulletin Board.

    Please note that technical inquiries can only be anserwered via our
    Support-Forum or our Support-Hotline.


    Support-Forum
    -------------

    ...our forum is available for you at any time!

    The forum, which is subdivided into clear categories offers you the
    possibility to exchange yourself online with other users and our
    employees of the customer support. An up-to-date, electronic
    bulletin board that is coordinated by our moderators is available.
    Our experience multiplies with the experience from the users of
    AntiVir all over the world. Have a look on it without any
    obligation...

    http://forum.avira.de


    Support-Hotline
    ---------------

    Germany: 0900 10 11 333 (1,99 Euro/Min*)
    Austria: 0900 51 03 61 121 (2,16 Euro/Min*)
    Switzerland: 0900 51 03 61 (4,23 CHF/Min*)

    * Prices are subject to change.

    Mo - Fr between 10 a.m. and 7 p.m.


    5 Contact
    *********

    Avira GmbH
    Lindauer Str. 21
    D-88069 Tettnang
    Germany

    Internet: http://www.free-av.com
    a b 8 Sécurité
    10 Février 2008 14:52:27

    Tu as regardé l'aide ? :) 
    10 Février 2008 22:04:36

    Oups dsl.... Voila le bon rapport ^^ :


    AntiVir PersonalEdition Classic
    Report file date: dimanche 10 février 2008 20:54

    Scanning for 1096761 virus strains and unwanted programs.

    Licensed to: Avira AntiVir PersonalEdition Classic
    Serial number: 0000149996-ADJIE-0001
    Platform: Windows XP
    Windows version: (Service Pack 2) [5.1.2600]
    Username: Claire@
    Computer name: CLAIRE-FKRV81ZA

    Version information:
    BUILD.DAT : 270 15603 Bytes 19/09/2007 13:32:00
    AVSCAN.EXE : 7.0.6.1 290856 Bytes 23/08/2007 13:16:29
    AVSCAN.DLL : 7.0.6.0 49192 Bytes 16/08/2007 12:23:51
    LUKE.DLL : 7.0.5.3 147496 Bytes 14/08/2007 15:32:47
    LUKERES.DLL : 7.0.6.1 10280 Bytes 21/08/2007 12:35:20
    ANTIVIR0.VDF : 6.40.0.0 11030528 Bytes 18/07/2007 14:27:15
    ANTIVIR1.VDF : 7.0.1.95 3367424 Bytes 14/12/2007 12:49:40
    ANTIVIR2.VDF : 7.0.2.113 1673728 Bytes 08/02/2008 12:49:40
    ANTIVIR3.VDF : 7.0.2.114 2048 Bytes 08/02/2008 12:49:40
    AVEWIN32.DLL : 7.6.0.62 3240448 Bytes 10/02/2008 12:49:41
    AVWINLL.DLL : 1.0.0.7 14376 Bytes 26/02/2007 10:36:26
    AVPREF.DLL : 7.0.2.2 25640 Bytes 18/07/2007 07:39:17
    AVREP.DLL : 7.0.0.1 155688 Bytes 16/04/2007 13:16:24
    AVPACK32.DLL : 7.6.0.3 360488 Bytes 10/02/2008 12:49:41
    AVREG.DLL : 7.0.1.6 30760 Bytes 18/07/2007 07:17:06
    AVARKT.DLL : 1.0.0.20 278568 Bytes 28/08/2007 12:26:33
    AVEVTLOG.DLL : 7.0.0.20 86056 Bytes 18/07/2007 07:10:18
    NETNT.DLL : 7.0.0.0 7720 Bytes 08/03/2007 11:09:42
    RCIMAGE.DLL : 7.0.1.30 2342952 Bytes 07/08/2007 12:38:13
    RCTEXT.DLL : 7.0.62.0 86056 Bytes 21/08/2007 12:50:37
    SQLITE3.DLL : 3.3.17.1 339968 Bytes 23/07/2007 09:37:21

    Configuration settings for the scan:
    Jobname..........................: Local Hard Disks
    Configuration file...............: c:\program files\avira\antivir personaledition classic\alldiscs.avp
    Logging..........................: low
    Primary action...................: interactive
    Secondary action.................: ignore
    Scan master boot sector..........: off
    Scan boot sector.................: on
    Boot sectors.....................: C:,
    Scan memory......................: on
    Process scan.....................: on
    Scan registry....................: on
    Search for rootkits..............: off
    Scan all files...................: Intelligent file selection
    Scan archives....................: on
    Recursion depth..................: 20
    Smart extensions.................: on
    Macro heuristic..................: on
    File heuristic...................: medium

    Start of the scan: dimanche 10 février 2008 20:54

    The scan of running processes will be started
    Scan process 'avscan.exe' - '1' Module(s) have been scanned
    Scan process 'avcenter.exe' - '1' Module(s) have been scanned
    Scan process 'setup.exe' - '1' Module(s) have been scanned
    Scan process 'antivir_workstation_win7u_en_h.exe' - '1' Module(s) have been scanned
    Scan process 'firefox.exe' - '1' Module(s) have been scanned
    Scan process 'wuauclt.exe' - '1' Module(s) have been scanned
    Scan process 'alg.exe' - '1' Module(s) have been scanned
    Scan process 'wdfmgr.exe' - '1' Module(s) have been scanned
    Scan process 'svchost.exe' - '1' Module(s) have been scanned
    Scan process 'COCIManager.exe' - '1' Module(s) have been scanned
    Scan process 'PSIService.exe' - '1' Module(s) have been scanned
    Scan process 'nvsvc32.exe' - '1' Module(s) have been scanned
    Scan process 'sched.exe' - '1' Module(s) have been scanned
    Scan process 'LVComSX.exe' - '1' Module(s) have been scanned
    Scan process 'WPN111.exe' - '1' Module(s) have been scanned
    Scan process 'msmsgs.exe' - '1' Module(s) have been scanned
    Scan process 'msnmsgr.exe' - '1' Module(s) have been scanned
    Scan process 'avgnt.exe' - '1' Module(s) have been scanned
    Scan process 'QuickCam10.exe' - '1' Module(s) have been scanned
    Scan process 'Communications_Helper.exe' - '1' Module(s) have been scanned
    Scan process 'winampa.exe' - '1' Module(s) have been scanned
    Scan process 'rundll32.exe' - '1' Module(s) have been scanned
    Scan process 'jusched.exe' - '1' Module(s) have been scanned
    Scan process 'avguard.exe' - '1' Module(s) have been scanned
    Scan process 'LVPrcSrv.exe' - '1' Module(s) have been scanned
    Scan process 'spoolsv.exe' - '1' Module(s) have been scanned
    Scan process 'explorer.exe' - '1' Module(s) have been scanned
    Scan process 'svchost.exe' - '1' Module(s) have been scanned
    Scan process 'svchost.exe' - '1' Module(s) have been scanned
    Scan process 'svchost.exe' - '1' Module(s) have been scanned
    Scan process 'svchost.exe' - '1' Module(s) have been scanned
    Scan process 'svchost.exe' - '1' Module(s) have been scanned
    Scan process 'lsass.exe' - '1' Module(s) have been scanned
    Scan process 'services.exe' - '1' Module(s) have been scanned
    Scan process 'winlogon.exe' - '1' Module(s) have been scanned
    Scan process 'csrss.exe' - '1' Module(s) have been scanned
    Scan process 'smss.exe' - '1' Module(s) have been scanned
    37 processes with 37 modules were scanned

    Start scanning boot sectors:
    Boot sector 'C:\'
    [NOTE] No virus was found!

    Starting to scan the registry.
    The registry was scanned ( '28' files ).


    Starting the file scan:

    Begin scan in 'C:\'
    C:\pagefile.sys
    [WARNING] The file could not be opened!
    C:\Program Files\Lop SD\Backup-Lop\F\Gramdeaf.exe
    [DETECTION] Is the Trojan horse TR/Dldr.Swizzor.Gen
    [WARNING] The file was ignored!
    C:\Program Files\Lop SD\Backup-Lop\F\jmlmsjdw.exe
    [DETECTION] Is the Trojan horse TR/Obfusgen.A.5436
    [WARNING] The file was ignored!
    C:\Program Files\Lop SD\Backup-Lop\F\kmiowzwa.exe
    [DETECTION] Is the Trojan horse TR/Dldr.Swizzor.Gen
    [WARNING] The file was ignored!
    C:\Program Files\Lop SD\Backup-Lop\F\Mode Remote.exe
    [DETECTION] Is the Trojan horse TR/Inject.SP.1
    [WARNING] The file was ignored!
    C:\Program Files\Lop SD\Backup-Lop\F\PLUS SAVE SITE.exe
    [DETECTION] Is the Trojan horse TR/Dldr.Swizzor.Gen
    [WARNING] The file was ignored!
    C:\Program Files\Lop SD\Backup-Lop\F\tkwaqcmb.exe
    [DETECTION] Is the Trojan horse TR/Obfusgen.A.1367
    [WARNING] The file was ignored!
    C:\Program Files\Lop SD\Backup-Lop\F\vjtvfzgk.exe
    [DETECTION] Is the Trojan horse TR/Obfusgen.A.5436
    [WARNING] The file was ignored!
    C:\Program Files\Lop SD\Backup-Lop\F\xnwzohjf.exe
    [DETECTION] Is the Trojan horse TR/Obfusgen.A.5436
    [WARNING] The file was ignored!


    End of the scan: dimanche 10 février 2008 21:59
    Used time: 1:05:00 min

    The scan has been done completely.

    4256 Scanning directories
    195719 Files were scanned
    8 viruses and/or unwanted programs were found
    0 Files were classified as suspicious:
    0 files were deleted
    0 files were repaired
    0 files were moved to quarantine
    0 files were renamed
    1 Files cannot be scanned
    195711 Files not concerned
    2628 Archives were scanned
    9 Warnings
    1 Notes
    a b 8 Sécurité
    11 Février 2008 18:12:34

    Reposte un rapport Hijackthis.
    11 Février 2008 20:57:29

    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 20:59:37, on 11/02/2008
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\Explorer.EXE
    C:\WINDOWS\system32\spoolsv.exe
    c:\program files\fichiers communs\logishrd\lvmvfm\LVPrcSrv.exe
    C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
    C:\WINDOWS\system32\RUNDLL32.EXE
    C:\logiciels\Winamp\winampa.exe
    C:\Program Files\Fichiers communs\LogiShrd\LComMgr\Communications_Helper.exe
    C:\Program Files\Logitech\QuickCam10\QuickCam10.exe
    C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
    C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
    C:\Program Files\MSN Messenger\msnmsgr.exe
    C:\Program Files\Messenger\msmsgs.exe
    C:\Logiciels\NetGear\wpn111.exe
    C:\Program Files\Fichiers communs\LogiShrd\LComMgr\LVComSX.exe
    C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
    C:\WINDOWS\system32\nvsvc32.exe
    C:\WINDOWS\system32\PSIService.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\Fichiers communs\Logishrd\LQCVFX\COCIManager.exe
    C:\WINDOWS\system32\wuauclt.exe
    C:\PROGRA~1\Mozilla Firefox\firefox.exe
    C:\Logiciels\HijackThis\HijackThis.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
    O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
    O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
    O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
    O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
    O4 - HKLM\..\Run: [WinampAgent] C:\logiciels\Winamp\winampa.exe
    O4 - HKLM\..\Run: [AAWTray] C:\logiciels\Lavasoft\Ad-Aware 2007\AAWTray.exe
    O4 - HKLM\..\Run: [QuickTime Task] "C:\logiciels\QuickTime\QTTask.exe" -atboottime
    O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\logiciels\Adobe\Reader 8.0\Reader\Reader_sl.exe"
    O4 - HKLM\..\Run: [LogitechCommunicationsManager] "C:\Program Files\Fichiers communs\LogiShrd\LComMgr\Communications_Helper.exe"
    O4 - HKLM\..\Run: [LogitechQuickCamRibbon] "C:\Program Files\Logitech\QuickCam10\QuickCam10.exe" /hide
    O4 - HKLM\..\Run: [TrojanScanner] C:\logiciels\Trojan Remover\Trjscan.exe
    O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
    O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
    O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
    O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL')
    O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU')
    O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
    O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
    O4 - Global Startup: NETGEAR WPN111 Smart Wizard.lnk = ?
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx1.hotmail.com/mail/w2/pr02/resources/MSNPUpld...
    O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPACl...
    O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
    O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
    O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - c:\program files\fichiers communs\logishrd\lvmvfm\LVPrcSrv.exe
    O23 - Service: LVSrvLauncher - Logitech Inc. - C:\Program Files\Fichiers communs\LogiShrd\SrvLnch\SrvLnch.exe
    O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
    O23 - Service: ProtexisLicensing - Unknown owner - C:\WINDOWS\system32\PSIService.exe

    --
    End of file - 5012 bytes
    a b 8 Sécurité
    11 Février 2008 21:03:49

    C'est mieux ?
    11 Février 2008 21:29:05

    Pour le moment ca va !! Je reposterai si c'est toujours pareil !!!
    Merci de ton aide :D 
    a b 8 Sécurité
    12 Février 2008 12:16:46

    Ok, tiens moi au courant.
    12 Février 2008 21:34:00

    Apparemment plus de pubs CiD :D  !!!
    Merci pour ton aide
    Tom's guide dans le monde
    • Allemagne
    • Italie
    • Irlande
    • Royaume Uni
    • Etats Unis
    Suivre Tom's Guide
    Inscrivez-vous à la Newsletter
    • ajouter à twitter
    • ajouter à facebook
    • ajouter un flux RSS