Se connecter / S'enregistrer
Votre question

pub cid récalcitrante

Tags :
  • Windows
  • Sécurité
Dernière réponse : dans Sécurité et virus
30 Novembre 2007 09:35:10

J'ai un problème de publicité des pages de pub cid s'ouvrent très souvent cela devient énervant, j'ai testé plusieurs programmes sans résultats.
J'ai lancé Hijackthis est voila ce que j'ai comme rapport :

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 09:30:19, on 30/11/2007
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\PROGRA~1\mcafee.com\agent\mcagent.exe
C:\Program Files\McAfee.com\VSO\mcvsshld.exe
C:\Program Files\Java\jre1.6.0\bin\jusched.exe
C:\Program Files\Fichiers communs\EPSON\EBAPI\SAgent2.exe
c:\progra~1\mcafee.com\vso\mcvsescn.exe
C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe
C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
c:\program files\mcafee.com\agent\mcdetect.exe
c:\PROGRA~1\mcafee.com\vso\mcshield.exe
C:\Apps\Powercinema\PCMService.exe
C:\Program Files\McAfee.com\VSO\oasclnt.exe
C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnf.exe
c:\PROGRA~1\mcafee.com\agent\mctskshd.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe
C:\Program Files\MessengerPlus! 3\MsgPlus.exe
C:\WINDOWS\System32\LVCOMSX.EXE
C:\PROGRA~1\McAfee.com\PERSON~1\MPFSERVICE.exe
C:\Program Files\Logitech\Video\LogiTray.exe
C:\apps\ABoard\ABoard.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\apps\ABoard\AOSD.exe
C:\PROGRA~1\BITTOR~2\BitP.exe
C:\WINDOWS\System32\RUNDLL32.EXE
C:\WINDOWS\system32\slserv.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Ensemble clavier et souris sans fil Labtec\MagicKey.exe
C:\PROGRA~1\McAfee.com\PERSON~1\MpfAgent.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Ensemble clavier et souris sans fil Labtec\MulMouse.exe
C:\Program Files\Logitech\Video\FxSvr2.exe
c:\progra~1\mcafee.com\vso\mcvsftsn.exe
C:\Program Files\Ensemble clavier et souris sans fil Labtec\OSD.EXE
C:\Program Files\eChanblard\emule.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Program Files\MSN Messenger\usnsvc.exe
C:\PROGRA~1\WinZip\winzip32.exe
C:\DOCUME~1\Pablo\LOCALS~1\Temp\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = file://C:\APPS\IE\offline\fr.htm
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.ustart.org
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://fr.mcafee.com/apps/vsh9/fr/redir.asp?affid=0-49&...
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Packard Bell
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - C:\Program Files\MSN Apps\ST\01.03.0000.1005\en-xu\stmain.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar3.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.1.615.5858\swg.dll
O2 - BHO: MSNToolBandBHO - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\MSN Toolbar\01.02.5000.1021\fr\msntb.dll
O2 - BHO: WebManager Class - {D5792AA9-D373-4039-8670-2CDAB6A71F15} - C:\Program Files\BitDownload\TorrentManager.dll
O3 - Toolbar: (no name) - {4E7BD74F-2B8D-469E-A0E8-ED6AB685FA7D} - (no file)
O3 - Toolbar: McAfee VirusScan - {BA52B914-B692-46c4-B683-905236F6F655} - c:\progra~1\mcafee.com\vso\mcvsshl.dll
O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\MSN Toolbar\01.02.5000.1021\fr\msntb.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O3 - Toolbar: ImageShack Toolbar - {6932D140-ABC4-4073-A44C-D4A541665E35} - C:\WINDOWS\ImageShackToolbar\ImageShackToolbar.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar3.dll
O3 - Toolbar: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O4 - HKLM\..\Run: [MCUpdateExe] c:\PROGRA~1\mcafee.com\agent\mcupdate.exe
O4 - HKLM\..\Run: [MCAgentExe] c:\PROGRA~1\mcafee.com\agent\mcagent.exe
O4 - HKLM\..\Run: [VSOCheckTask] "C:\PROGRA~1\McAfee.com\VSO\mcmnhdlr.exe" /checktask
O4 - HKLM\..\Run: [VirusScan Online] C:\Program Files\McAfee.com\VSO\mcvsshld.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0\bin\jusched.exe"
O4 - HKLM\..\Run: [Share-to-Web Namespace Daemon] C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [PCMService] "c:\Apps\Powercinema\PCMService.exe"
O4 - HKLM\..\Run: [OASClnt] C:\Program Files\McAfee.com\VSO\oasclnt.exe
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [MPFExe] C:\PROGRA~1\McAfee.com\PERSON~1\MpfTray.exe
O4 - HKLM\..\Run: [MessengerPlus3] "C:\Program Files\MessengerPlus! 3\MsgPlus.exe"
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\System32\LVCOMSX.EXE
O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe
O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe
O4 - HKLM\..\Run: [ACTIVBOARD] c:\apps\ABoard\ABoard.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [mobiswing] C:\PROGRA~1\BITTOR~2\BitP.exe
O4 - HKLM\..\Run: [Jugs Surf Inter Media] C:\Documents and Settings\All Users\Application Data\STORE LESS JUGS SURF\Team link.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [LogitechSoftwareUpdate] "C:\Program Files\Logitech\Video\ManifestEngine.exe" boot
O4 - HKCU\..\Run: [Steam] "c:\program files\valve\steam\steam.exe" -silent
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [Joy body] C:\DOCUME~1\Pablo\APPLIC~1\MIXBAL~1\Surf Gpl Book.exe
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Activer l'ensemble clavier et souris sans fil Labtec.lnk = C:\Program Files\Ensemble clavier et souris sans fil Labtec\MagicKey.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\microsoft office\Office\OSA9.EXE
O4 - Global Startup: Outil de mise à jour Google.lnk = C:\Program Files\Google\Google Updater\GoogleUpdater.exe
O8 - Extra context menu item: Post Image to Blog - res://C:\WINDOWS\ImageShackToolbar\ImageShackToolbar.dll/5003
O8 - Extra context menu item: Tag This Image - res://C:\WINDOWS\ImageShackToolbar\ImageShackToolbar.dll/5002
O8 - Extra context menu item: Transload Image to ImageShack - res://C:\WINDOWS\ImageShackToolbar\ImageShackToolbar.dll/5004
O8 - Extra context menu item: Upload All Images to ImageShack - res://C:\WINDOWS\ImageShackToolbar\ImageShackToolbar.dll/5000
O8 - Extra context menu item: Upload Image to ImageShack - res://C:\WINDOWS\ImageShackToolbar\ImageShackToolbar.dll/5001
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\msjava.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\msjava.dll
O9 - Extra button: @C:\WINDOWS\ImageShackToolbar\ImageShackToolbar.dll,-115 - {BB8A8834-A0A1-4d70-A21A-72FF89AA737A} - C:\WINDOWS\ImageShackToolbar\ImageShackToolbar.dll
O9 - Extra 'Tools' menuitem: ImageShack Toolbar - {BB8A8834-A0A1-4d70-A21A-72FF89AA737A} - C:\WINDOWS\ImageShackToolbar\ImageShackToolbar.dll
O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no file)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O9 - Extra 'Tools' menuitem: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O12 - Plugin for .pdf: C:\Program Files\Internet Explorer\PLUGINS\nppdf32.dll
O12 - Plugin for .wav: C:\Program Files\Internet Explorer\PLUGINS\npqtplugin2.dll
O14 - IERESET.INF: START_PAGE_URL=file://C:\APPS\IE\offline\fr.htm
O15 - Trusted Zone: http://toolbar.imageshack.us
O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab31267....
O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab312...
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} (McAfee.com Operating System Class) - http://download.mcafee.com/molbin/shared/mcinsctl/fr/4,...
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://spaces.msn.com//PhotoUpload/MsnPUpld.cab
O16 - DPF: {67A5F8DC-1A4B-4D66-9F24-A704AD929EEE} (System Requirements Lab) - http://www.nvidia.com/content/DriverDownload/srl/2.0.0....
O16 - DPF: {6932D140-ABC4-4073-A44C-D4A541665E35} (ImageShack Toolbar) - http://toolbar.imageshack.us/toolbar/ImageShackToolbar....
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClie...
O16 - DPF: {BCC0FF27-31D9-4614-A68E-C18E1ADA4389} (DwnldGroupMgr Class) - http://download.mcafee.com/molbin/shared/mcgdmgr/fr/1,0...
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPACl...
O16 - DPF: {DF780F87-FF2B-4DF8-92D0-73DB16A1543A} (PopCapLoader Object) - http://www.shockwave.com/content/bejeweled2/popcaploade...
O16 - DPF: {F6BF0D00-0B2A-4A75-BF7B-F385591623AF} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown....
O20 - AppInit_DLLs: MsgPlusLoader.dll,wbsys.dll
O23 - Service: EPSON Printer Status Agent2 (EPSONStatusAgent2) - SEIKO EPSON CORPORATION - C:\Program Files\Fichiers communs\EPSON\EBAPI\SAgent2.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: McAfee WSC Integration (McDetect.exe) - McAfee, Inc - c:\program files\mcafee.com\agent\mcdetect.exe
O23 - Service: McAfee.com McShield (McShield) - McAfee Inc. - c:\PROGRA~1\mcafee.com\vso\mcshield.exe
O23 - Service: McAfee Task Scheduler (McTskshd.exe) - McAfee, Inc - c:\PROGRA~1\mcafee.com\agent\mctskshd.exe
O23 - Service: McAfee SecurityCenter Update Manager (mcupdmgr.exe) - McAfee, Inc - C:\PROGRA~1\McAfee.com\Agent\mcupdmgr.exe
O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee Corporation - C:\PROGRA~1\McAfee.com\PERSON~1\MPFSERVICE.exe
O23 - Service: MysqlInventime - Unknown owner - c:\mysql\bin\mysqld-nt.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: SmartLinkService (SLService) - - C:\WINDOWS\SYSTEM32\slserv.exe

--
End of file - 12954 bytes

Si des personnes pouvaient me venir en aide assez vite je n'en peux plus :fou: 

Autres pages sur : pub cid recalcitrante

30 Novembre 2007 11:42:16

Salut,

Infection Lop

Télécharge Lop S&D.exe ( d’ Eric 71 & Angeldark ) sur ton bureau

  • Double-clique dessus pour lancer l'installation
  • Puis double-clique sur le raccourci Lop S&D présent sur ton bureau
  • Séléctionne la langue souhaitée , puis choisis l'Option 1 ( Recherche )
  • Patiente jusqu'à la fin du scan
  • Poste le rapport généré ( C:\lopR.txt )

    ( Si le Bureau ne réapparait pas presse Ctrl + Alt + Suppr , Onglet Fichier , Nouvelle tâche , tape explorer.exe et valide )
    30 Novembre 2007 16:10:27

    sa y est et par securité vu que tu n'es pas un habitué d'ici je ne posterais pas le rapport.

    par contre tout les envois vers les pub 'CiD' sont dans le localhost.

    la question est :comment puis-je les supprimés ?
    Contenus similaires
    Pas de réponse à votre question ? Demandez !
    30 Novembre 2007 16:25:16

    Comment ça par sécurité ?
    De plus, si tu regardais mon nombre de posts dans cette section du forum, tu verrais que je suis assez habitué.
    Si tu ne veux pas poster ce rapport, il va falloir te débrouiller tout seul et je doute que tu trouves la source de tes problèmes seul. A toi de voir.
    30 Novembre 2007 16:52:04

    arf desole non c'est une erreur.

    ------------------------------[ Lop S&D 2.0 ]----------------------------

    Microsoft Windows XP [version 5.1.2600] [ OS : Windows_NT ]

    "C:\Program Files\Lop SD"

    [ 30/11/2007 | 16:48:39,51 ] [ SN102959470009 ]


    -------------[ Listing des dossiers dans Application Data ]------------

    C:\Documents and Settings\All Users\APPLIC~1\Spybot - Search & Destroy
    C:\Documents and Settings\All Users\APPLIC~1\Google Updater
    C:\Documents and Settings\All Users\APPLIC~1\STORE LESS JUGS SURF
    C:\Documents and Settings\All Users\APPLIC~1\Yahoo! Companion
    C:\Documents and Settings\All Users\APPLIC~1\Adobe
    C:\Documents and Settings\All Users\APPLIC~1\Google
    C:\Documents and Settings\All Users\APPLIC~1\SBT
    C:\Documents and Settings\All Users\APPLIC~1\PopCap
    C:\Documents and Settings\All Users\APPLIC~1\Microsoft
    C:\Documents and Settings\All Users\APPLIC~1\Windows Genuine Advantage
    C:\Documents and Settings\All Users\APPLIC~1\QuickTime
    C:\Documents and Settings\All Users\APPLIC~1\Messenger Plus!
    C:\Documents and Settings\All Users\APPLIC~1\McAfee.com Personal Firewall
    C:\Documents and Settings\All Users\APPLIC~1\nView_Profiles
    C:\Documents and Settings\All Users\APPLIC~1\MSN6
    C:\Documents and Settings\All Users\APPLIC~1\AOL
    C:\Documents and Settings\All Users\APPLIC~1\McAfee.com
    C:\Documents and Settings\All Users\APPLIC~1\Symantec
    C:\Documents and Settings\All Users\APPLIC~1\Viewpoint
    C:\Documents and Settings\All Users\APPLIC~1\OD2
    C:\Documents and Settings\All Users\APPLIC~1\SBSI
    C:\Documents and Settings\All Users\APPLIC~1\desktop.ini

    C:\Documents and Settings\Default User\APPLIC~1\Real
    C:\Documents and Settings\Default User\APPLIC~1\Symantec
    C:\Documents and Settings\Default User\APPLIC~1\You've Got Pictures Screensaver
    C:\Documents and Settings\Default User\APPLIC~1\Microsoft
    C:\Documents and Settings\Default User\APPLIC~1\Sun
    C:\Documents and Settings\Default User\APPLIC~1\Identities
    C:\Documents and Settings\Default User\APPLIC~1\desktop.ini

    C:\Documents and Settings\LocalService\APPLIC~1\Google
    C:\Documents and Settings\LocalService\APPLIC~1\Macromedia
    C:\Documents and Settings\LocalService\APPLIC~1\McAfee.com Personal Firewall
    C:\Documents and Settings\LocalService\APPLIC~1\Microsoft

    C:\Documents and Settings\NetworkService\APPLIC~1\Microsoft

    C:\Documents and Settings\Pablo\APPLIC~1\Mix Balm Manager
    C:\Documents and Settings\Pablo\APPLIC~1\Sonic
    C:\Documents and Settings\Pablo\APPLIC~1\Leadertech
    C:\Documents and Settings\Pablo\APPLIC~1\Microsoft
    C:\Documents and Settings\Pablo\APPLIC~1\Azureus
    C:\Documents and Settings\Pablo\APPLIC~1\fltk.org
    C:\Documents and Settings\Pablo\APPLIC~1\Adobe
    C:\Documents and Settings\Pablo\APPLIC~1\AdobeUM
    C:\Documents and Settings\Pablo\APPLIC~1\Xfire
    C:\Documents and Settings\Pablo\APPLIC~1\La Bataille pour la Terre du Milieu T II
    C:\Documents and Settings\Pablo\APPLIC~1\Mes fichiers de LSDA, L'AvŠnement du Roi-sorcierT
    C:\Documents and Settings\Pablo\APPLIC~1\Skype
    C:\Documents and Settings\Pablo\APPLIC~1\vlc
    C:\Documents and Settings\Pablo\APPLIC~1\GDIPFONTCACHEV1.DAT
    C:\Documents and Settings\Pablo\APPLIC~1\Macromedia
    C:\Documents and Settings\Pablo\APPLIC~1\Media Player Classic
    C:\Documents and Settings\Pablo\APPLIC~1\Talkback
    C:\Documents and Settings\Pablo\APPLIC~1\Mozilla
    C:\Documents and Settings\Pablo\APPLIC~1\Microsoft Web Folders
    C:\Documents and Settings\Pablo\APPLIC~1\Google
    C:\Documents and Settings\Pablo\APPLIC~1\CyberLink
    C:\Documents and Settings\Pablo\APPLIC~1\Conceptworld
    C:\Documents and Settings\Pablo\APPLIC~1\FotoWire
    C:\Documents and Settings\Pablo\APPLIC~1\Dossier de t‚l‚chargement Share-to-Web
    C:\Documents and Settings\Pablo\APPLIC~1\Dossier de t‚l‚chargement Share-to-Web
    C:\Documents and Settings\Pablo\APPLIC~1\Help
    C:\Documents and Settings\Pablo\APPLIC~1\MSN6
    C:\Documents and Settings\Pablo\APPLIC~1\McAfee.com Personal Firewall
    C:\Documents and Settings\Pablo\APPLIC~1\Symantec
    C:\Documents and Settings\Pablo\APPLIC~1\You've Got Pictures Screensaver
    C:\Documents and Settings\Pablo\APPLIC~1\Sun
    C:\Documents and Settings\Pablo\APPLIC~1\Identities
    C:\Documents and Settings\Pablo\APPLIC~1\desktop.ini


    ----------------[ Tâches planifiées dans C:\WINDOWS\tasks ]---------------

    C:\WINDOWS\tasks\SA.DAT
    C:\WINDOWS\tasks\desktop.ini

    ---------------[ Listing des dossiers dans C:\Program Files ]--------------

    C:\Program Files\Adobe
    C:\Program Files\adslTV
    C:\Program Files\Ahead
    C:\Program Files\AlienGUIse
    C:\Program Files\Azureus
    C:\Program Files\BitDownload
    C:\Program Files\BitTorrent Fastest Tool
    C:\Program Files\BitTorrent++
    C:\Program Files\Black Isle
    C:\Program Files\CCleaner
    C:\Program Files\Common Files
    C:\Program Files\ComPlus Applications
    C:\Program Files\Conceptworld
    C:\Program Files\CyberLink
    C:\Program Files\Diablo II
    C:\Program Files\Diablo II2
    C:\Program Files\Diablo II3
    C:\Program Files\Dial-Messenger
    C:\Program Files\directx
    C:\Program Files\DreamCatcher
    C:\Program Files\Dynamic Toolbar
    C:\Program Files\EasyPHP1-8
    C:\Program Files\eChanblard
    C:\Program Files\eMule
    C:\Program Files\Ensemble clavier et souris sans fil Labtec
    C:\Program Files\EPSON
    C:\Program Files\fbxusb
    C:\Program Files\fdjeux
    C:\Program Files\Fichiers communs
    C:\Program Files\Fire International
    C:\Program Files\Free
    C:\Program Files\Free.fr
    C:\Program Files\Fx Audio Conveter
    C:\Program Files\Google
    C:\Program Files\GUILD WARS
    C:\Program Files\Hemera Products
    C:\Program Files\Hewlett-Packard
    C:\Program Files\Infogrames
    C:\Program Files\InterActual
    C:\Program Files\Internet Explorer
    C:\Program Files\Java
    C:\Program Files\K-Lite Codec Pack
    C:\Program Files\Learn2.com
    C:\Program Files\Logitech
    C:\Program Files\Lop SD
    C:\Program Files\Matroska Pack
    C:\Program Files\McAfee.com
    C:\Program Files\Messenger
    C:\Program Files\MessengerPlus! 3
    C:\Program Files\microsoft frontpage
    C:\Program Files\Microsoft Games
    C:\Program Files\microsoft office
    C:\Program Files\Microsoft Visual Studio
    C:\Program Files\Movie Maker
    C:\Program Files\Mozilla Firefox
    C:\Program Files\MSN
    C:\Program Files\MSN Apps
    C:\Program Files\MSN Gaming Zone
    C:\Program Files\MSN Messenger
    C:\Program Files\Msncolor
    C:\Program Files\My Music
    C:\Program Files\NetMeeting
    C:\Program Files\nomutil.txt
    C:\Program Files\Outlook Express
    C:\Program Files\pablo.txt
    C:\Program Files\Picasa2
    C:\Program Files\QuickTime
    C:\Program Files\Satsuki Decoder Pack
    C:\Program Files\Services en ligne
    C:\Program Files\Shockwave.com
    C:\Program Files\Snapshot Viewer
    C:\Program Files\Sonic
    C:\Program Files\Spybot - Search & Destroy
    C:\Program Files\SystemRequirementsLab
    C:\Program Files\THQ
    C:\Program Files\Ubisoft
    C:\Program Files\Valve
    C:\Program Files\VideoLAN
    C:\Program Files\Viewpoint
    C:\Program Files\Windows Journal Viewer
    C:\Program Files\Windows Media Player
    C:\Program Files\Windows NT
    C:\Program Files\WinRAR
    C:\Program Files\WinZip
    C:\Program Files\World of Warcraft
    C:\Program Files\xerox
    C:\Program Files\Yahoo!

    ------[ Listing des dossiers dans C:\Program Files\Fichiers communs ]------

    C:\Program Files\Fichiers communs\Adobe
    C:\Program Files\Fichiers communs\Ahead
    C:\Program Files\Fichiers communs\AOL
    C:\Program Files\Fichiers communs\Blizzard Entertainment
    C:\Program Files\Fichiers communs\Designer
    C:\Program Files\Fichiers communs\EPSON
    C:\Program Files\Fichiers communs\FotoWire
    C:\Program Files\Fichiers communs\Hewlett-Packard
    C:\Program Files\Fichiers communs\InstallShield
    C:\Program Files\Fichiers communs\Java
    C:\Program Files\Fichiers communs\Logitech
    C:\Program Files\Fichiers communs\Microsoft Shared
    C:\Program Files\Fichiers communs\MSSoap
    C:\Program Files\Fichiers communs\Nullsoft
    C:\Program Files\Fichiers communs\ODBC
    C:\Program Files\Fichiers communs\Real
    C:\Program Files\Fichiers communs\Services
    C:\Program Files\Fichiers communs\Sonic Shared
    C:\Program Files\Fichiers communs\SpeechEngines
    C:\Program Files\Fichiers communs\Stardock
    C:\Program Files\Fichiers communs\SureThing Shared
    C:\Program Files\Fichiers communs\Symantec Shared
    C:\Program Files\Fichiers communs\System
    C:\Program Files\Fichiers communs\Wise Installation Wizard

    ----------------------[ Recherche avec S_Lop ]---------------------

    C:\Documents and Settings\All Users\APPLIC~1\STORE LESS JUGS SURF\Team link.exe
    C:\Documents and Settings\All Users\APPLIC~1\STOREL~1

    -----------------[ Recherche de Fichiers / Dossiers Lop ]-----------------

    C:\Program Files\Bitdownload

    ----------------------[ Verification du Registre ]----------------------

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

    ..... OK !

    --------------------[ Verification du fichier Hosts ]---------------------

    Fichier Hosts PROPRE


    ----------------[ Recherche de fichiers avec Catchme ]-----------------

    catchme 0.3.1262 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
    Rootkit scan 2007-11-30 16:50:36
    Windows 5.1.2600 Service Pack 1 NTFS
    scanning hidden files ...
    scan completed successfully
    hidden files: 0

    --------------------[ Recherche d'autres infections ]---------------------

    Aucune autre infection trouvée !

    --------------------[ Fin du rapport a 16:51:26,78 ]----------------------
    30 Novembre 2007 16:55:51

    a la deuxieme recherche les fichiers hosts sont propre.......et je n'ai plus de pub recalcitrante !!!! trop lol !!!!!!!! je sais pas comment j'ai fais car j'ai bidouiller un peu partout . enfin bref merci.

    encore une question le logiciel que tu m'a fais installer sa sert a quoi concretement en language courant pour internet-noobie(moi) ? et sa supprime quoi quand je fais netoyage?

    merci encore
    30 Novembre 2007 18:53:13

    Tu dis que tu n'as plus de pubs ?
    Tu as fait autre chose que ce que je t'ai dit ? :p 

    Relance Lop S&D

  • Choisis cette fois ci l'Option 2 ( Suppression )
  • Ne ferme pas la fenêtre lors de la suppression !
  • Poste le rapport généré ( C:\lopR.txt )

    ( Si le Bureau ne réapparît pas presse Ctrl + Alt + Suppr , Onglet Fichier , Nouvelle tâche , tape explorer.exe et valide )
    30 Novembre 2007 20:32:56

    ------------------------------[ Lop S&D 2.0 ]----------------------------

    Microsoft Windows XP [version 5.1.2600] [ OS : Windows_NT ]

    "C:\Program Files\Lop SD"

    [ 30/11/2007 | 20:31:28,48 ] [ SN102959470009 ]

    \\\\\\\\\\\\\\\\\\\\\\\\\\\\\\ SUPPRESSION /////////////////////////////

    Echec ! - C:\Program Files\Bitdownload
    Supprimé! - C:\Documents and Settings\All Users\APPLIC~1\STOREL~1

    \\\\\\\\\\\\\\\\\\\\\\\\\\\ DEUXIEME PASSAGE ///////////////////////////

    Echec ! - C:\Program Files\Bitdownload

    //////////////////////////////////////-\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\


    -------------[ Listing des dossiers dans Application Data ]------------

    C:\Documents and Settings\All Users\APPLIC~1\Spybot - Search & Destroy
    C:\Documents and Settings\All Users\APPLIC~1\Google Updater
    C:\Documents and Settings\All Users\APPLIC~1\Yahoo! Companion
    C:\Documents and Settings\All Users\APPLIC~1\Adobe
    C:\Documents and Settings\All Users\APPLIC~1\Google
    C:\Documents and Settings\All Users\APPLIC~1\SBT
    C:\Documents and Settings\All Users\APPLIC~1\PopCap
    C:\Documents and Settings\All Users\APPLIC~1\Microsoft
    C:\Documents and Settings\All Users\APPLIC~1\Windows Genuine Advantage
    C:\Documents and Settings\All Users\APPLIC~1\QuickTime
    C:\Documents and Settings\All Users\APPLIC~1\Messenger Plus!
    C:\Documents and Settings\All Users\APPLIC~1\McAfee.com Personal Firewall
    C:\Documents and Settings\All Users\APPLIC~1\nView_Profiles
    C:\Documents and Settings\All Users\APPLIC~1\MSN6
    C:\Documents and Settings\All Users\APPLIC~1\AOL
    C:\Documents and Settings\All Users\APPLIC~1\McAfee.com
    C:\Documents and Settings\All Users\APPLIC~1\Symantec
    C:\Documents and Settings\All Users\APPLIC~1\Viewpoint
    C:\Documents and Settings\All Users\APPLIC~1\OD2
    C:\Documents and Settings\All Users\APPLIC~1\SBSI
    C:\Documents and Settings\All Users\APPLIC~1\desktop.ini

    C:\Documents and Settings\Default User\APPLIC~1\Real
    C:\Documents and Settings\Default User\APPLIC~1\Symantec
    C:\Documents and Settings\Default User\APPLIC~1\You've Got Pictures Screensaver
    C:\Documents and Settings\Default User\APPLIC~1\Microsoft
    C:\Documents and Settings\Default User\APPLIC~1\Sun
    C:\Documents and Settings\Default User\APPLIC~1\Identities
    C:\Documents and Settings\Default User\APPLIC~1\desktop.ini

    C:\Documents and Settings\LocalService\APPLIC~1\Google
    C:\Documents and Settings\LocalService\APPLIC~1\Macromedia
    C:\Documents and Settings\LocalService\APPLIC~1\McAfee.com Personal Firewall
    C:\Documents and Settings\LocalService\APPLIC~1\Microsoft

    C:\Documents and Settings\NetworkService\APPLIC~1\Microsoft

    C:\Documents and Settings\Pablo\APPLIC~1\Mix Balm Manager
    C:\Documents and Settings\Pablo\APPLIC~1\Sonic
    C:\Documents and Settings\Pablo\APPLIC~1\Leadertech
    C:\Documents and Settings\Pablo\APPLIC~1\Microsoft
    C:\Documents and Settings\Pablo\APPLIC~1\Azureus
    C:\Documents and Settings\Pablo\APPLIC~1\fltk.org
    C:\Documents and Settings\Pablo\APPLIC~1\Adobe
    C:\Documents and Settings\Pablo\APPLIC~1\AdobeUM
    C:\Documents and Settings\Pablo\APPLIC~1\Xfire
    C:\Documents and Settings\Pablo\APPLIC~1\La Bataille pour la Terre du Milieu T II
    C:\Documents and Settings\Pablo\APPLIC~1\Mes fichiers de LSDA, L'AvŠnement du Roi-sorcierT
    C:\Documents and Settings\Pablo\APPLIC~1\Skype
    C:\Documents and Settings\Pablo\APPLIC~1\vlc
    C:\Documents and Settings\Pablo\APPLIC~1\GDIPFONTCACHEV1.DAT
    C:\Documents and Settings\Pablo\APPLIC~1\Macromedia
    C:\Documents and Settings\Pablo\APPLIC~1\Media Player Classic
    C:\Documents and Settings\Pablo\APPLIC~1\Talkback
    C:\Documents and Settings\Pablo\APPLIC~1\Mozilla
    C:\Documents and Settings\Pablo\APPLIC~1\Microsoft Web Folders
    C:\Documents and Settings\Pablo\APPLIC~1\Google
    C:\Documents and Settings\Pablo\APPLIC~1\CyberLink
    C:\Documents and Settings\Pablo\APPLIC~1\Conceptworld
    C:\Documents and Settings\Pablo\APPLIC~1\FotoWire
    C:\Documents and Settings\Pablo\APPLIC~1\Dossier de t‚l‚chargement Share-to-Web
    C:\Documents and Settings\Pablo\APPLIC~1\Dossier de t‚l‚chargement Share-to-Web
    C:\Documents and Settings\Pablo\APPLIC~1\Help
    C:\Documents and Settings\Pablo\APPLIC~1\MSN6
    C:\Documents and Settings\Pablo\APPLIC~1\McAfee.com Personal Firewall
    C:\Documents and Settings\Pablo\APPLIC~1\Symantec
    C:\Documents and Settings\Pablo\APPLIC~1\You've Got Pictures Screensaver
    C:\Documents and Settings\Pablo\APPLIC~1\Sun
    C:\Documents and Settings\Pablo\APPLIC~1\Identities
    C:\Documents and Settings\Pablo\APPLIC~1\desktop.ini


    ----------------[ Tâches planifiées dans C:\WINDOWS\tasks ]---------------

    C:\WINDOWS\tasks\SA.DAT
    C:\WINDOWS\tasks\desktop.ini

    ---------------[ Listing des dossiers dans C:\Program Files ]--------------

    C:\Program Files\Adobe
    C:\Program Files\adslTV
    C:\Program Files\Ahead
    C:\Program Files\AlienGUIse
    C:\Program Files\Azureus
    C:\Program Files\BitDownload
    C:\Program Files\BitTorrent Fastest Tool
    C:\Program Files\BitTorrent++
    C:\Program Files\Black Isle
    C:\Program Files\CCleaner
    C:\Program Files\Common Files
    C:\Program Files\ComPlus Applications
    C:\Program Files\Conceptworld
    C:\Program Files\CyberLink
    C:\Program Files\Diablo II
    C:\Program Files\Diablo II2
    C:\Program Files\Diablo II3
    C:\Program Files\Dial-Messenger
    C:\Program Files\directx
    C:\Program Files\DreamCatcher
    C:\Program Files\Dynamic Toolbar
    C:\Program Files\EasyPHP1-8
    C:\Program Files\eChanblard
    C:\Program Files\eMule
    C:\Program Files\Ensemble clavier et souris sans fil Labtec
    C:\Program Files\EPSON
    C:\Program Files\fbxusb
    C:\Program Files\fdjeux
    C:\Program Files\Fichiers communs
    C:\Program Files\Fire International
    C:\Program Files\Free
    C:\Program Files\Free.fr
    C:\Program Files\Fx Audio Conveter
    C:\Program Files\Google
    C:\Program Files\GUILD WARS
    C:\Program Files\Hemera Products
    C:\Program Files\Hewlett-Packard
    C:\Program Files\Infogrames
    C:\Program Files\InterActual
    C:\Program Files\Internet Explorer
    C:\Program Files\Java
    C:\Program Files\K-Lite Codec Pack
    C:\Program Files\Learn2.com
    C:\Program Files\Logitech
    C:\Program Files\Lop SD
    C:\Program Files\Matroska Pack
    C:\Program Files\McAfee.com
    C:\Program Files\Messenger
    C:\Program Files\MessengerPlus! 3
    C:\Program Files\microsoft frontpage
    C:\Program Files\Microsoft Games
    C:\Program Files\microsoft office
    C:\Program Files\Microsoft Visual Studio
    C:\Program Files\Movie Maker
    C:\Program Files\Mozilla Firefox
    C:\Program Files\MSN
    C:\Program Files\MSN Apps
    C:\Program Files\MSN Gaming Zone
    C:\Program Files\MSN Messenger
    C:\Program Files\Msncolor
    C:\Program Files\My Music
    C:\Program Files\NetMeeting
    C:\Program Files\nomutil.txt
    C:\Program Files\Outlook Express
    C:\Program Files\pablo.txt
    C:\Program Files\Picasa2
    C:\Program Files\QuickTime
    C:\Program Files\Satsuki Decoder Pack
    C:\Program Files\Services en ligne
    C:\Program Files\Shockwave.com
    C:\Program Files\Snapshot Viewer
    C:\Program Files\Sonic
    C:\Program Files\Spybot - Search & Destroy
    C:\Program Files\SystemRequirementsLab
    C:\Program Files\THQ
    C:\Program Files\Ubisoft
    C:\Program Files\Valve
    C:\Program Files\VideoLAN
    C:\Program Files\Viewpoint
    C:\Program Files\Windows Journal Viewer
    C:\Program Files\Windows Media Player
    C:\Program Files\Windows NT
    C:\Program Files\WinRAR
    C:\Program Files\WinZip
    C:\Program Files\World of Warcraft
    C:\Program Files\xerox
    C:\Program Files\Yahoo!

    ------[ Listing des dossiers dans C:\Program Files\Fichiers communs ]------

    C:\Program Files\Fichiers communs\Adobe
    C:\Program Files\Fichiers communs\Ahead
    C:\Program Files\Fichiers communs\AOL
    C:\Program Files\Fichiers communs\Blizzard Entertainment
    C:\Program Files\Fichiers communs\Designer
    C:\Program Files\Fichiers communs\EPSON
    C:\Program Files\Fichiers communs\FotoWire
    C:\Program Files\Fichiers communs\Hewlett-Packard
    C:\Program Files\Fichiers communs\InstallShield
    C:\Program Files\Fichiers communs\Java
    C:\Program Files\Fichiers communs\Logitech
    C:\Program Files\Fichiers communs\Microsoft Shared
    C:\Program Files\Fichiers communs\MSSoap
    C:\Program Files\Fichiers communs\Nullsoft
    C:\Program Files\Fichiers communs\ODBC
    C:\Program Files\Fichiers communs\Real
    C:\Program Files\Fichiers communs\Services
    C:\Program Files\Fichiers communs\Sonic Shared
    C:\Program Files\Fichiers communs\SpeechEngines
    C:\Program Files\Fichiers communs\Stardock
    C:\Program Files\Fichiers communs\SureThing Shared
    C:\Program Files\Fichiers communs\Symantec Shared
    C:\Program Files\Fichiers communs\System
    C:\Program Files\Fichiers communs\Wise Installation Wizard

    ----------------------[ Recherche avec S_Lop ]---------------------

    Aucun fichier / dossier Lop trouvé !

    -----------------[ Recherche de Fichiers / Dossiers Lop ]-----------------

    C:\Program Files\Bitdownload

    ----------------------[ Verification du Registre ]----------------------

    ..... OK !

    --------------------[ Verification du fichier Hosts ]---------------------

    Fichier Hosts PROPRE


    ----------------[ Recherche de fichiers avec Catchme ]-----------------

    catchme 0.3.1262 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
    Rootkit scan 2007-11-30 20:32:10
    Windows 5.1.2600 Service Pack 1 NTFS
    scanning hidden files ...
    scan completed successfully
    hidden files: 0

    --------------------[ Recherche d'autres infections ]---------------------

    Aucune autre infection trouvée !

    --------------------[ Fin du rapport a 20:32:23,89 ]----------------------


    voila
    30 Novembre 2007 22:14:11

    Re,

    Télécharge OTMoveIt > Tuto <

    Sauvegarde-le sur le Bureau

    Séléctionne l'encadré ci-dessous
    C:\Program Files\Bitdownload

    Lance maintenant OTMoveIt .
    Assure toi que la case unregister dll’s and ocx’s soit cochée.
    Deux cadres apparaissent , clique droit sur le cadre de gauche , puis colle l'encadré ci desssus.
    Et clique sur Movelt !

    Si le programme te demande de redemarrer, accepte.

    Poste le rapport qui se trouve dans : C:\_OTMoveIt\MovedFiles\date de création!

    NOTE : Si tu obtiens un message comme quoi le rapport ne peut pas être créé, copie/colle ce qui apparaît dans la colonne droite de l’outil.
    1 Décembre 2007 13:39:59

    C:\Program Files\Bitdownload moved successfully.
    File/Folder not found.

    Created on 12/01/2007 13:38:43
    1 Décembre 2007 14:17:19

    Bien, c'est mieux ?

    Télécharge sur ton bureau : Clean (de Malekal) >Tuto<
    Dézippe le sur ton bureau. Double-clic sur ce dossier clean.
    Double-clic sur clean.cmd. (L’extension cmd peut ne pas apparaître) Cela va ouvrir une fenêtre noire.
    Un menu va apparaître, choisis l'option 1 puis entrée. Ensuite appuies sur une touche comme il te sera demandé et poste le rapport ici.
    Le rapport se trouve ici : C:\rapport_clean.txt

    Si tu obtiens un fichier C:\upload_moi.zip, merci de faire ceci.
    30 Janvier 2008 11:14:15

    bonlour,
    j'ai beaucoup de pages cid qui vienne sur mon pc et j'aimerai savoir si qulequ'un pourrai me donner un coup de main merci d'avance.je poste mon scan avec hijackthis:
    Scan saved at 11:04:18, on 30/01/2008
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v7.00 (7.00.5730.0013)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\System32\Ati2evxx.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
    C:\Program Files\Alwil Software\Avast4\ashServ.exe
    C:\WINDOWS\system32\Ati2evxx.exe
    C:\WINDOWS\Explorer.EXE
    C:\WINDOWS\system32\spoolsv.exe
    C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
    C:\Program Files\Creative\SBAudigy\Surround Mixer\CTSysVol.exe
    C:\WINDOWS\system32\Rundll32.exe
    C:\PROGRA~1\Wanadoo\TaskBarIcon.exe
    C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
    C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.EXE
    C:\Program Files\Internet Explorer\IEXPLORE.EXE
    C:\Program Files\Free Download Manager\FUM\fumoei.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
    C:\Program Files\MSN Pictures Displayer\MSN Pictures Displayer.exe
    C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe
    C:\WINDOWS\system32\CTsvcCDA.exe
    C:\WINDOWS\System32\FTRTSVC.exe
    C:\WINDOWS\system32\libusbd-nt.exe
    C:\Program Files\Messenger\msmsgs.exe
    C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\ATI Technologies\ATI.ACE\DualCoreCenter.exe
    C:\WINDOWS\system32\wscntfy.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\PROGRA~1\FREEDO~1\fdm.exe
    C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.crawler.com/search/dispatcher.aspx?tp=aus&qk...
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.wanadoo.fr/
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,SearchAssistant = http://www.crawler.com/search/ie.aspx?tb_id=60327
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,CustomizeSearch = http://dnl.crawler.com/support/sa_customize.aspx?TbId=6...
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.crawler.com/search/ie.aspx?tb_id=60327
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = http://dnl.crawler.com/support/sa_customize.aspx?TbId=6...
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Wanadoo
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
    R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\PROGRA~1\Wanadoo\SEARCH~1.DLL
    O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
    O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
    O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
    O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
    O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll
    O2 - BHO: FDMIECookiesBHO Class - {CC59E0F9-7E43-44FA-9FAA-8377850BF205} - C:\Program Files\Free Download Manager\iefdm2.dll
    O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
    O4 - HKLM\..\Run: [amd_dc_opt] C:\Program Files\AMD\Dual-Core Optimizer\amd_dc_opt.exe
    O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
    O4 - HKLM\..\Run: [WOOWATCH] C:\PROGRA~1\Wanadoo\Watch.exe
    O4 - HKLM\..\Run: [WOOTASKBARICON] C:\PROGRA~1\Wanadoo\GestMaj.exe TaskBarIcon.exe
    O4 - HKLM\..\Run: [CTSysVol] C:\Program Files\Creative\SBAudigy\Surround Mixer\CTSysVol.exe /r
    O4 - HKLM\..\Run: [P17Helper] Rundll32 P17.dll,P17Helper
    O4 - HKLM\..\Run: [UpdReg] C:\WINDOWS\UpdReg.EXE
    O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
    O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
    O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
    O4 - HKLM\..\Run: [CAMP SHIM EXIT HECK] C:\Documents and Settings\All Users\Application Data\That Face Camp Shim\Move Web.exe
    O4 - HKCU\..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe
    O4 - HKCU\..\Run: [WOOKIT] C:\PROGRA~1\Wanadoo\Shell.exe appLaunchClientZone.shl|DEFAULT=cnx|PARAM=
    O4 - HKCU\..\Run: [Free Download Manager] "C:\Program Files\Free Download Manager\fdm.exe" -autorun
    O4 - HKCU\..\Run: [Free Upload Manager] "C:\Program Files\Free Download Manager\fum\fum.exe" -autorun
    O4 - HKCU\..\Run: [Free Uploader Oe Integration] C:\Program Files\Free Download Manager\FUM\fumoei.exe
    O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [RegistryCleanFixMFC] C:\Program Files\RegistryCleaner\registrycleaner2008.exe
    O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL')
    O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU')
    O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
    O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
    O4 - Startup: MSN Pictures Displayer.lnk = C:\Program Files\MSN Pictures Displayer\MSN Pictures Displayer.exe
    O4 - Global Startup: DualCoreCenter.lnk = C:\Program Files\ATI Technologies\ATI.ACE\StartUpDualCoreCenter.exe
    O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
    O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
    O8 - Extra context menu item: Tout télécharger avec Free Download Manager - file://C:\Program Files\Free Download Manager\dlall.htm
    O8 - Extra context menu item: Télécharger avec Free Download Manager - file://C:\Program Files\Free Download Manager\dllink.htm
    O8 - Extra context menu item: Télécharger la sélection avec Free Download Manager - file://C:\Program Files\Free Download Manager\dlselected.htm
    O8 - Extra context menu item: Télécharger la vidéo avec Free Download Manager - file://C:\Program Files\Free Download Manager\dlfvideo.htm
    O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
    O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
    O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
    O9 - Extra button: Messager Wanadoo - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\PROGRA~1\WANADO~1\Wanadoo Messager.exe
    O9 - Extra 'Tools' menuitem: Messager Wanadoo - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\PROGRA~1\WANADO~1\Wanadoo Messager.exe
    O9 - Extra button: Upload - {FD4E2FF8-973C-4A19-89BD-8E86B3CFCFE1} - C:\Program Files\Free Download Manager\FUM\fumiebtn.dll
    O9 - Extra button: Wanadoo - {1462651F-F4BA-4C76-A001-C4284D0FE16E} - http://www.wanadoo.fr (file missing) (HKCU)
    O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
    O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.bitdefender.fr/scan_fr/scan8/oscan8.cab
    O16 - DPF: {CE3409C4-9E26-4F8E-83E4-778498F9E7B4} (PB_Uploader Class) - http://www.photoways.com/clients/uploader_v2.2.0.6.cab
    O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - https://fpdownload.macromedia.com/pub/shockwave/cabs/fl...
    O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} (Creative Software AutoUpdate Support Package) - http://www.creative.com/su2/CTL_V02002/ocx/15031/CTPID....
    O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL
    O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
    O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\System32\Ati2evxx.exe
    O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
    O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
    O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
    O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTsvcCDA.exe
    O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom - C:\WINDOWS\System32\FTRTSVC.exe
    O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
    O23 - Service: LibUsb-Win32 - Daemon, Version 0.1.10.1 (libusbd) - http://libusb-win32.sourceforge.net - C:\WINDOWS\system32\libusbd-nt.exe
    O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
    O23 - Service: TuneUp Drive Defrag Service (TuneUp.Defrag) - TuneUp Software GmbH - C:\WINDOWS\System32\TuneUpDefragService.exe

    --
    End of file - 9975 bytes
    Tom's guide dans le monde
    • Allemagne
    • Italie
    • Irlande
    • Royaume Uni
    • Etats Unis
    Suivre Tom's Guide
    Inscrivez-vous à la Newsletter
    • ajouter à twitter
    • ajouter à facebook
    • ajouter un flux RSS