Toujours problèmes pub CID

> Tous les forums > Sécurité

Statut du sujet : NON RESOLU

myriam1365

Posté le 08/08/2008 @ 14:16

Petite astucienne

9 Messages

Bonjour à tous,

Je suis nouvelle sur le forum et novice en informatique. Après différents problèmes de virus et pub CID, j'ai suivi vos conseils: pré-nettoyage du pc, défragmentation, je n'ai plus de virus d'après l'analyse mais je continue à avoir des publicités CID et mon portable est très lent surtout dans Mes Documents. Voici le rapport de hijckthis. Pourriez-vous m'aider avec un langage simple (lol) Merci d'avance. Myriam.

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 14:07:45, on 8/08/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16674)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\System32\igfxtray.exe
C:\WINDOWS\System32\hkcmd.exe
C:\Program Files\QuickTime\QTTask.exe
C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\HP\Digital Imaging\Unload\hpqcmon.exe
C:\Program Files\HP\HP Share-to-Web\hpgs2wnd.exe
C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd2.exe
C:\WINDOWS\System32\hphmon05.exe
C:\Program Files\HP\hpcoretech\hpcmpmgr.exe
C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb09.exe
C:\Program Files\HP\Digital Imaging\bin\hpotdd01.exe
C:\WINDOWS\system32\LVCOMSX.EXE
C:\Program Files\Logitech\Video\LogiTray.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\F-Secure\Common\FSM32.EXE
C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
C:\Program Files\Maxtor\OneTouch Status\maxmenumgr.exe
C:\Program Files\HP\HP Share-to-Web\hpgs2wnf.exe
C:\Program Files\Logitech\Video\FxSvr2.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\PROGRA~1\F-Secure\BackWeb\7681197\Program\SERVIC~1.EXE
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\system32\drivers\CDAC11BA.EXE
C:\Program Files\F-Secure\Anti-Virus\fsgk32st.exe
C:\Program Files\F-Secure\Anti-Virus\FSGK32.EXE
C:\Program Files\F-Secure\Anti-Virus\fssm32.exe
C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
C:\Program Files\F-Secure\BackWeb\7681197\Program\BackWeb-7681197.exe
C:\Program Files\Maxtor\Sync\SyncServices.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\F-Secure\Common\FSMA32.EXE
C:\Program Files\F-Secure\Common\FSMB32.EXE
C:\Program Files\F-Secure\Common\FCH32.EXE
C:\Program Files\F-Secure\Common\FAMEH32.EXE
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\F-Secure\Common\FNRB32.EXE
C:\Program Files\F-Secure\Common\FIH32.EXE
C:\Program Files\F-Secure\Anti-Virus\fsav32.exe
C:\Program Files\Windows Live\Messenger\usnsvc.exe
C:\DETAIL\Detail 2\EQ DET2F.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
C:\WINDOWS\system32\NOTEPAD.EXE

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.pcastuces.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://g.fr.msn.be/0SEFRBE/SAOS01?FORM=TOOLBR
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost;*.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.1.615.5858\swg.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\System32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\System32\hkcmd.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [UpdateManager] "C:\Program Files\Fichiers communs\Sonic\Update Manager\sgtray.exe" /r
O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [CamMonitor] C:\Program Files\HP\Digital Imaging\Unload\hpqcmon.exe
O4 - HKLM\..\Run: [Share-to-Web Namespace Daemon] C:\Program Files\HP\HP Share-to-Web\hpgs2wnd.exe
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [HPHUPD05] c:\Program Files\HP\{45B6180B-DCAB-4093-8EE8-6164457517F0}\hphupd05.exe
O4 - HKLM\..\Run: [HPHmon05] C:\WINDOWS\System32\hphmon05.exe
O4 - HKLM\..\Run: [Cpqset] C:\Program Files\HPQ\Default Settings\cpqset.exe
O4 - HKLM\..\Run: [HP Component Manager] "C:\Program Files\HP\hpcoretech\hpcmpmgr.exe"
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb09.exe
O4 - HKLM\..\Run: [DeviceDiscovery] C:\Program Files\HP\Digital Imaging\bin\hpotdd01.exe
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe
O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [F-Secure Manager] "C:\Program Files\F-Secure\Common\FSM32.EXE" /splash
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [mxomssmenu] "C:\Program Files\Maxtor\OneTouch Status\maxmenumgr.exe"
O4 - HKLM\..\Run: [Boob Idle Software Acid] C:\Documents and Settings\All Users\Application Data\Part Long Boob Idle\logo 16.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - HKCU\..\Run: [LogitechSoftwareUpdate] "C:\Program Files\Logitech\Video\ManifestEngine.exe" boot
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Logiciel Kodak EasyShare.lnk = C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe
O8 - Extra context menu item: Recherche sur eBay - res://C:\Program Files\eBay\eBay Toolbar2\eBayTb.dll/RCSearch.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\system32\msjava.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\system32\msjava.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O14 - IERESET.INF: START_PAGE_URL=http://www.hp.com
O15 - Trusted Zone: http://a248.e.akamai.net
O15 - Trusted Zone: http://*.bitdefender.com
O15 - Trusted Zone: *.cbc.be
O15 - Trusted Zone: http://ssl-hints.netflame.cc
O15 - Trusted Zone: http://www.pcastuces.com
O15 - Trusted Zone: http://www.secuser.com
O15 - Trusted Zone: http://*.secuser.com
O16 - DPF: Dexia netbanking - http://netbanking.dexia.be/PC//Dynamic/Shared/Applet//DexiaIIA.cab
O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab31267.cab
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://webscanner.kaspersky.fr/kavwebscan_unicode.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://by137fd.bay137.hotmail.msn.com/resources/MsnPUpld.cab
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.bitdefender.fr/scan_fr/scan8/oscan8.cab
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/2005111401/housecall.trendmicro.com/housecall/xscan53.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMessengerSetupDownloader.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://messenger.zone.msn.com/binary/ZIntro.cab56649.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O16 - DPF: {E6A3C1E2-F792-483E-9133-596215172BE9} (AcceptLang Class) - http://runonce.msn.com/setacceptlang.cab
O16 - DPF: {F04A8AE2-A59D-11D2-8792-00C04F8EF29D} (Hotmail Attachments Control) - http://by23fd.bay23.hotmail.msn.com/activex/HMAtchmt.ocx
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: F-Secure BackWeb (BackWeb Client - 7681197) - Unknown owner - C:\PROGRA~1\F-Secure\BackWeb\7681197\Program\SERVIC~1.EXE
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: C-DillaCdaC11BA - Macrovision - C:\WINDOWS\system32\drivers\CDAC11BA.EXE
O23 - Service: F-Secure BackWeb LAN Access - Unknown owner - C:\Program Files\F-Secure\BackWeb\7681197\Program\fsbwlan.exe
O23 - Service: F-Secure Gatekeeper Handler Starter - F-Secure Corp. - C:\Program Files\F-Secure\Anti-Virus\fsgk32st.exe
O23 - Service: F-Secure Network Request Broker - F-Secure Corporation - C:\Program Files\F-Secure\Common\FNRB32.EXE
O23 - Service: F-Secure Authentication Agent (FSAA) - F-Secure Corporation. All Rights Reserved. - C:\Program Files\F-Secure\Common\FSAA.EXE
O23 - Service: F-Secure Management Agent (FSMA) - F-Secure Corporation - C:\Program Files\F-Secure\Common\FSMA32.EXE
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Maxtor Service (Maxtor Sync Service) - Seagate Technology LLC - C:\Program Files\Maxtor\Sync\SyncServices.exe

--
End of file - 13151 bytes

Publicité

clbugnot

Posté le 08/08/2008 à 14:22

Maître astucien

13667 Messages

Bonjour myriam1365 et bienvenue sur PCA !

Problème pour le forum Sécurité. Clique l'icone et dans la fenêtre qui s'affiche, demande au modérateur de transférer ton sujet dans ce forum.

pcastuces

Posté le 08/08/2008 à 14:53

Equipe PC Astuces

Bonjour,

Le sujet a été déplacé par la modération dans un forum plus adéquat.

Vous pouvez continuer la discussion à la suite.

A bientôt.

no.ppp

Posté le 08/08/2008 à 15:01

Petit astucien

996 Messages

Bonjour myriam1365,

C'est toi qui a mis ces sites dans la zone de confiance ?

O15 - Trusted Zone: http://a248.e.akamai.net
O15 - Trusted Zone: http://*.bitdefender.com
O15 - Trusted Zone: *.cbc.be
O15 - Trusted Zone: http://ssl-hints.netflame.cc
O15 - Trusted Zone: http://www.pcastuces.com
O15 - Trusted Zone: http://www.secuser.com
O15 - Trusted Zone: http://*.secuser.com

Tu as effectivement encore une infection lop qui engendre donc l'apparation de pub CiD.

Désinstalle via "Ajout/Suppression de programmes" (si présents) :

Cid help
Circle Developement
Adverts
Le sponsor de MSN Plus!

Télécharge LopS&D.exe sur ton bureau (Clique-droit sur le lien > Enregister la cible du lien sous)
Désactive ton antivirus au cas où (tu pourras le réactiver après la fin du scan)
Double-clique sur lopSD pour lancer l'installation
Une fois installé, double-clique Lop S&D
Sélectionne la langue en appuyant sur la touche F, puis choisis l'option 1 (Recherche)
Si lopSD te demande de redémarrer accepte et attends la fin du scan.
Copie/colle le contenu du rapport qui se situe à la racine du DD C:\lopR.txt

myriam1365

Posté le 08/08/2008 à 15:14

Petite astucienne

9 Messages

Merci pour ta rapidité,

Je répond dans l'ordre,

- non je n'ai pas mis ces sites dans la zone confiance

-il n'y avait rien à supprimer dans ce que tu m'as dis de faire

et voici le rapport. Bien à toi. Myriam

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 14:07:45, on 8/08/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16674)
Boot mode: Normal

--
End of file - 13151 bytes

no.ppp

Posté le 08/08/2008 à 15:24

Petit astucien

996 Messages

Tu m'as remis HijackThis, ce n'était pas le rapport attendu.

myriam1365

Posté le 08/08/2008 à 15:32

Petite astucienne

9 Messages

--------------------\\ Lop S&D 4.2.2-5 XP/Vista

[ Windows XP (NT 5.1) Build 2600, Service Pack 2 ]
[ USER : MYRIAM ] [ "C:\Lop SD" ] [ Selection : 1 ]
[ ven. 08/08/2008 | 15:28:50,40 ] [ PC : PC233572011914 ]
[ MAJ : 01-08-2008 | 01:40 ]

--------------------\\ Listing des dossiers dans APPLIC~1

[13/02/2004|13:32] C:\DOCUME~1\ADMINI~1\APPLIC~1\desktop.ini
[25/10/2004|14:40] C:\DOCUME~1\ADMINI~1\APPLIC~1\Identities
[01/12/2007|19:45] C:\DOCUME~1\ADMINI~1\APPLIC~1\Microsoft

[28/10/2004|02:43] C:\DOCUME~1\ALLUSE~1\APPLIC~1\4D
[24/07/2008|13:56] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe
[30/04/2008|11:29] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple
[30/04/2008|11:34] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple Computer
[24/03/2008|10:10] C:\DOCUME~1\ALLUSE~1\APPLIC~1\BigFishGamesCache
[13/02/2004|13:32] C:\DOCUME~1\ALLUSE~1\APPLIC~1\desktop.ini
[03/11/2007|10:28] C:\DOCUME~1\ALLUSE~1\APPLIC~1\eBay
[19/09/2007|23:24] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Google
[07/08/2008|15:45] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Google Updater
[25/10/2004|06:52] C:\DOCUME~1\ALLUSE~1\APPLIC~1\hpqwmi
[25/10/2004|06:27] C:\DOCUME~1\ALLUSE~1\APPLIC~1\hpzinstall.log
[30/07/2008|10:23] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Kodak
[12/01/2006|17:38] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Macrovision
[12/07/2008|21:55] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Malwarebytes
[23/07/2008|12:31] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Maxtor
[11/02/2008|20:45] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Messenger Plus!
[29/05/2006|16:59] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft
[16/11/2007|14:02] C:\DOCUME~1\ALLUSE~1\APPLIC~1\MSN6
[23/07/2008|08:45] C:\DOCUME~1\ALLUSE~1\APPLIC~1\NOS
[04/08/2008|22:48] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Part Long Boob Idle
[16/02/2006|15:37] C:\DOCUME~1\ALLUSE~1\APPLIC~1\QuickTime
[25/10/2004|14:40] C:\DOCUME~1\ALLUSE~1\APPLIC~1\SBSI
[06/08/2008|14:54] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Spybot - Search & Destroy
[10/04/2005|17:23] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Symantec
[24/03/2008|11:47] C:\DOCUME~1\ALLUSE~1\APPLIC~1\TEMP
[22/07/2008|08:10] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WholeSecurity
[09/08/2006|09:47] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Genuine Advantage
[19/07/2007|13:39] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Live Toolbar
[12/02/2008|18:46] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WLInstaller

[13/02/2004|13:32] C:\DOCUME~1\DEFAUL~1\APPLIC~1\desktop.ini
[25/10/2004|14:40] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Identities
[01/12/2007|19:45] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft

[13/02/2004|13:32] C:\DOCUME~1\L@R3N~1\APPLIC~1\desktop.ini
[13/11/2007|14:31] C:\DOCUME~1\L@R3N~1\APPLIC~1\Dossier de t‚l‚chargement Share-to-Web
[13/11/2007|14:31] C:\DOCUME~1\L@R3N~1\APPLIC~1\eBay
[13/11/2007|14:37] C:\DOCUME~1\L@R3N~1\APPLIC~1\Google
[25/10/2004|14:40] C:\DOCUME~1\L@R3N~1\APPLIC~1\Identities
[13/11/2007|14:44] C:\DOCUME~1\L@R3N~1\APPLIC~1\Macromedia
[13/11/2007|14:58] C:\DOCUME~1\L@R3N~1\APPLIC~1\Microsoft
[13/11/2007|14:31] C:\DOCUME~1\L@R3N~1\APPLIC~1\Sonic

[17/09/2007|08:57] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft

[13/10/2006|14:12] C:\DOCUME~1\MYRIAM\APPLIC~1\Adobe
[23/12/2006|11:43] C:\DOCUME~1\MYRIAM\APPLIC~1\AdobeUM
[30/04/2008|11:37] C:\DOCUME~1\MYRIAM\APPLIC~1\Apple Computer
[05/02/2005|15:27] C:\DOCUME~1\MYRIAM\APPLIC~1\Common Files
[13/02/2004|13:32] C:\DOCUME~1\MYRIAM\APPLIC~1\desktop.ini
[25/10/2004|06:58] C:\DOCUME~1\MYRIAM\APPLIC~1\Dossier de t‚l‚chargement Share-to-Web
[03/11/2007|10:28] C:\DOCUME~1\MYRIAM\APPLIC~1\eBay
[26/01/2006|15:14] C:\DOCUME~1\MYRIAM\APPLIC~1\FotoWire
[23/12/2006|15:19] C:\DOCUME~1\MYRIAM\APPLIC~1\Google
[28/10/2004|23:11] C:\DOCUME~1\MYRIAM\APPLIC~1\Help
[05/02/2005|15:27] C:\DOCUME~1\MYRIAM\APPLIC~1\HP
[06/08/2008|17:09] C:\DOCUME~1\MYRIAM\APPLIC~1\Identities
[15/01/2007|16:11] C:\DOCUME~1\MYRIAM\APPLIC~1\InterTrust
[05/02/2005|15:28] C:\DOCUME~1\MYRIAM\APPLIC~1\InterVideo
[21/12/2005|12:23] C:\DOCUME~1\MYRIAM\APPLIC~1\Leadertech
[06/07/2006|16:01] C:\DOCUME~1\MYRIAM\APPLIC~1\Macromedia
[12/07/2008|21:55] C:\DOCUME~1\MYRIAM\APPLIC~1\Malwarebytes
[19/07/2007|13:40] C:\DOCUME~1\MYRIAM\APPLIC~1\Microsoft
[30/10/2004|14:22] C:\DOCUME~1\MYRIAM\APPLIC~1\Microsoft Web Folders
[19/08/2005|14:09] C:\DOCUME~1\MYRIAM\APPLIC~1\MSN6
[12/11/2004|17:35] C:\DOCUME~1\MYRIAM\APPLIC~1\Sonic
[25/10/2004|06:03] C:\DOCUME~1\MYRIAM\APPLIC~1\Sun
[25/10/2004|06:44] C:\DOCUME~1\MYRIAM\APPLIC~1\Symantec
[05/03/2006|12:47] C:\DOCUME~1\MYRIAM\APPLIC~1\Template
[23/11/2007|17:11] C:\DOCUME~1\MYRIAM\APPLIC~1\U3
[25/11/2006|10:34] C:\DOCUME~1\MYRIAM\APPLIC~1\WholeSecurity

[08/10/2005|15:47] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft

--------------------\\ Tâches planifiées dans C:\WINDOWS\tasks

[08/08/2008 15:00][--ah-----] C:\WINDOWS\tasks\A684CC68910B4080.job
[30/07/2008 10:18][--a------] C:\WINDOWS\tasks\EasyShare Registration Task.job
[31/07/2008 21:03][--a------] C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[08/08/2008 09:31][--ah-----] C:\WINDOWS\tasks\SA.DAT
[24/04/2003 03:00][-rah-----] C:\WINDOWS\tasks\desktop.ini

( A684CC68910B4080.job )=( c:\docume~1\bryan\applic~1\testde~1\realonlinesoap.exe )

--------------------\\ Listing des dossiers dans C:\Program Files

[23/07/2008|08:30] C:\Program Files\Adobe
[30/04/2008|11:30] C:\Program Files\Apple Software Update
[24/03/2008|10:08] C:\Program Files\bfgclient
[30/04/2008|11:33] C:\Program Files\Bonjour
[05/03/2006|12:32] C:\Program Files\BoontyGames
[05/11/2004|09:58] C:\Program Files\CBC-Online
[12/07/2008|19:25] C:\Program Files\CCleaner
[01/09/2007|19:46] C:\Program Files\Common Files
[25/10/2004|14:40] C:\Program Files\ComPlus Applications
[25/10/2004|14:40] C:\Program Files\CONEXANT
[02/11/2006|11:02] C:\Program Files\Easy Internet signup
[22/07/2008|08:41] C:\Program Files\eBay
[17/03/2007|16:33] C:\Program Files\eBooks
[13/09/2007|11:56] C:\Program Files\eMule
[30/07/2008|10:21] C:\Program Files\Fichiers communs
[19/07/2008|16:20] C:\Program Files\F-Secure
[19/09/2007|23:24] C:\Program Files\Google
[01/09/2005|11:12] C:\Program Files\Hewlett-Packard
[24/11/2004|14:54] C:\Program Files\HP
[13/09/2007|12:08] C:\Program Files\HPQ
[18/10/2007|13:38] C:\Program Files\ING
[23/07/2008|08:44] C:\Program Files\InstallShield Installation Information
[11/06/2008|18:26] C:\Program Files\Internet Explorer
[13/09/2007|11:56] C:\Program Files\InterVideo
[30/04/2008|11:34] C:\Program Files\iPod
[30/04/2008|11:34] C:\Program Files\iTunes
[22/07/2008|13:18] C:\Program Files\Java
[27/10/2004|22:02] C:\Program Files\Jvsoft
[30/07/2008|10:22] C:\Program Files\Kodak
[26/01/2006|15:14] C:\Program Files\Logitech
[06/08/2008|15:12] C:\Program Files\Malwarebytes' Anti-Malware
[23/07/2008|08:44] C:\Program Files\Maxtor
[19/01/2008|17:26] C:\Program Files\Messenger
[24/12/2007|10:53] C:\Program Files\Messenger Plus! Live
[01/03/2008|11:54] C:\Program Files\MessengerPlus! 3
[20/07/2007|18:21] C:\Program Files\Microsoft CAPICOM 2.1.0.2
[30/10/2004|14:22] C:\Program Files\microsoft frontpage
[26/06/2008|09:43] C:\Program Files\Microsoft Office
[23/04/2008|15:05] C:\Program Files\Microsoft Silverlight
[13/11/2007|14:55] C:\Program Files\Microsoft SQL Server Compact Edition
[02/06/2008|13:44] C:\Program Files\Microsoft Visual Studio .NET 2003
[19/01/2008|17:27] C:\Program Files\Microsoft Works
[19/05/2005|17:48] C:\Program Files\Movie Maker
[26/06/2008|09:42] C:\Program Files\MSECache
[19/08/2005|14:09] C:\Program Files\MSN
[25/10/2004|14:40] C:\Program Files\MSN Gaming Zone
[20/07/2008|19:10] C:\Program Files\MSXML 6.0
[19/05/2005|17:43] C:\Program Files\NetMeeting
[23/07/2008|08:45] C:\Program Files\NOS
[13/06/2007|18:33] C:\Program Files\Outlook Express
[05/08/2008|23:31] C:\Program Files\Paint Shop Pro 6
[19/01/2008|17:23] C:\Program Files\PhotoFiltre Studio
[09/11/2006|10:54] C:\Program Files\PRGR
[30/04/2008|11:32] C:\Program Files\QuickTime
[25/10/2004|06:28] C:\Program Files\Services en ligne
[12/07/2008|01:17] C:\Program Files\Spybot - Search & Destroy
[25/10/2004|06:17] C:\Program Files\Synaptics
[24/03/2008|10:09] C:\Program Files\temp01
[04/08/2008|22:48] C:\Program Files\Test dent coal
[13/07/2008|01:57] C:\Program Files\Trend Micro
[25/10/2004|14:40] C:\Program Files\Uninstall Information
[13/11/2007|14:58] C:\Program Files\Windows Live
[22/07/2008|08:45] C:\Program Files\Windows Live Toolbar
[15/09/2007|15:45] C:\Program Files\Windows Media Connect 2
[15/09/2007|15:45] C:\Program Files\Windows Media Player
[19/05/2005|17:43] C:\Program Files\Windows NT
[18/04/2005|09:42] C:\Program Files\WindowsUpdate
[29/10/2005|18:23] C:\Program Files\WinZip
[25/10/2004|14:40] C:\Program Files\xerox
[13/09/2007|11:49] C:\Program Files\Yahoo!
[24/03/2008|10:11] C:\Program Files\Zuma Deluxe

--------------------\\ Listing des dossiers dans C:\Program Files\Fichiers communs

[23/07/2008|08:32] C:\Program Files\Fichiers communs\Adobe
[30/04/2008|11:29] C:\Program Files\Fichiers communs\Apple
[02/06/2008|13:44] C:\Program Files\Fichiers communs\Crystal Decisions
[30/10/2004|14:25] C:\Program Files\Fichiers communs\Designer
[26/01/2006|15:14] C:\Program Files\Fichiers communs\FotoWire
[25/10/2004|06:24] C:\Program Files\Fichiers communs\Hewlett-Packard
[25/10/2004|06:22] C:\Program Files\Fichiers communs\HP
[25/10/2004|06:17] C:\Program Files\Fichiers communs\InstallShield
[25/10/2004|06:03] C:\Program Files\Fichiers communs\Java
[12/06/2008|15:00] C:\Program Files\Fichiers communs\JvSoft
[30/07/2008|10:21] C:\Program Files\Fichiers communs\Kodak
[26/01/2006|15:12] C:\Program Files\Fichiers communs\Logitech
[12/01/2006|17:38] C:\Program Files\Fichiers communs\Macrovision Shared
[26/06/2008|09:43] C:\Program Files\Fichiers communs\Microsoft Shared
[25/10/2004|14:40] C:\Program Files\Fichiers communs\MSSoap
[25/10/2004|14:40] C:\Program Files\Fichiers communs\ODBC
[12/06/2008|15:00] C:\Program Files\Fichiers communs\PC SOFT
[25/10/2004|14:40] C:\Program Files\Fichiers communs\Services
[25/10/2004|06:11] C:\Program Files\Fichiers communs\Sonic
[25/10/2004|14:40] C:\Program Files\Fichiers communs\SpeechEngines
[10/04/2005|17:30] C:\Program Files\Fichiers communs\Symantec Shared
[13/06/2007|18:33] C:\Program Files\Fichiers communs\System
[16/11/2007|14:02] C:\Program Files\Fichiers communs\WindowsLiveInstaller

--------------------\\ Process

( 64 Processus )

iexplore.exe ~ [1600]

--------------------\\ Recherche avec S_Lop

Aucun fichier / dossier Lop trouvé !

--------------------\\ Recherche de Fichiers / Dossiers Lop

C:\DOCUME~1\ALLUSE~1\APPLIC~1\Part Long Boob Idle
C:\DOCUME~1\ALLUSE~1\APPLIC~1\Part Long Boob Idle\logo 16.exe
C:\Program Files\Test dent coal
C:\Program Files\testde~1
C:\DOCUME~1\MYRIAM\Cookies\myriam@www.adserver5[1].txt
C:\DOCUME~1\MYRIAM\Cookies\myriam@32vegas[1].txt
C:\DOCUME~1\MYRIAM\Cookies\myriam@banner.32vegas[2].txt
C:\WINDOWS\Tasks\A684CC68910B4080.job

--------------------\\ Verification du Registre

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Boob Idle Software Acid"="C:\\Documents and Settings\\All Users\\Application Data\\Part Long Boob Idle\\logo 16.exe"

--------------------\\ Verification du fichier Hosts

Fichier Hosts PROPRE

Voici, milles excuses.

--------------------\\ Recherche de fichiers avec Catchme

catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-08-08 15:29:35
Windows 5.1.2600 Service Pack 2 NTFS
scanning hidden processes ...
scanning hidden files ...
scan completed successfully
hidden processes: 0
hidden files: 3

--------------------\\ Recherche d'autres infections

Aucune autre infection trouvée !

[F:45][D:3]-> C:\DOCUME~1\MYRIAM\LOCALS~1\Temp
[F:135][D:0]-> C:\DOCUME~1\MYRIAM\Cookies
[F:7850][D:8]-> C:\DOCUME~1\MYRIAM\LOCALS~1\TEMPOR~1\content.IE5

--------------------\\ Fin du rapport a 15:30:44,42

no.ppp

Posté le 08/08/2008 à 17:17

Petit astucien

996 Messages

Pas grave, petite erreur d'inattention

Relance HijackThis > Do a system scan only
Coche ces lignes (si présentes) :
O15 - Trusted Zone: http://a248.e.akamai.net
O15 - Trusted Zone: http://*.bitdefender.com
O15 - Trusted Zone: *.cbc.be
O15 - Trusted Zone: http://ssl-hints.netflame.cc
O15 - Trusted Zone: http://www.pcastuces.com
O15 - Trusted Zone: http://www.secuser.com
O15 - Trusted Zone: http://*.secuser.com
Clique sur Fix Checked

http://forum.pcastuces.com/hijackthis__fixer_les_elements_indesirables-f31s16.htm

Relance LopS&D
Choisis l'option 2
Copie/colle le rapport (C:\lopR.txt)

myriam1365

Posté le 08/08/2008 à 17:33

Petite astucienne

9 Messages

Je suis vraiment désolée, tu vas me prendre pour une nouille, mais j'ai pas copié/collé le rapport.

Donc j'ai relancé le truc une fois et voici le rapport, j'espère que ce n'est pas trop grave pour toi.

--------------------\\ Lop S&D 4.2.2-5 XP/Vista

[ Windows XP (NT 5.1) Build 2600, Service Pack 2 ]
[ USER : MYRIAM ] [ "C:\Lop SD" ] [ Selection : 2 ]
[ ven. 08/08/2008 | 17:26:03,99 ] [ PC : PC233572011914 ]
[ MAJ : 01-08-2008 | 01:40 ]

//////////////////////////////////////-\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\

--------------------\\ Listing des dossiers dans APPLIC~1

[13/02/2004|13:32] C:\DOCUME~1\ADMINI~1\APPLIC~1\desktop.ini
[25/10/2004|14:40] C:\DOCUME~1\ADMINI~1\APPLIC~1\Identities
[01/12/2007|19:45] C:\DOCUME~1\ADMINI~1\APPLIC~1\Microsoft

[28/10/2004|02:43] C:\DOCUME~1\ALLUSE~1\APPLIC~1\4D
[24/07/2008|13:56] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe
[30/04/2008|11:29] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple
[30/04/2008|11:34] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple Computer
[24/03/2008|10:10] C:\DOCUME~1\ALLUSE~1\APPLIC~1\BigFishGamesCache
[13/02/2004|13:32] C:\DOCUME~1\ALLUSE~1\APPLIC~1\desktop.ini
[03/11/2007|10:28] C:\DOCUME~1\ALLUSE~1\APPLIC~1\eBay
[19/09/2007|23:24] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Google
[08/08/2008|16:45] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Google Updater
[25/10/2004|06:52] C:\DOCUME~1\ALLUSE~1\APPLIC~1\hpqwmi
[25/10/2004|06:27] C:\DOCUME~1\ALLUSE~1\APPLIC~1\hpzinstall.log
[30/07/2008|10:23] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Kodak
[12/01/2006|17:38] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Macrovision
[12/07/2008|21:55] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Malwarebytes
[23/07/2008|12:31] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Maxtor
[11/02/2008|20:45] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Messenger Plus!
[29/05/2006|16:59] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft
[16/11/2007|14:02] C:\DOCUME~1\ALLUSE~1\APPLIC~1\MSN6
[23/07/2008|08:45] C:\DOCUME~1\ALLUSE~1\APPLIC~1\NOS
[16/02/2006|15:37] C:\DOCUME~1\ALLUSE~1\APPLIC~1\QuickTime
[25/10/2004|14:40] C:\DOCUME~1\ALLUSE~1\APPLIC~1\SBSI
[06/08/2008|14:54] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Spybot - Search & Destroy
[10/04/2005|17:23] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Symantec
[24/03/2008|11:47] C:\DOCUME~1\ALLUSE~1\APPLIC~1\TEMP
[22/07/2008|08:10] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WholeSecurity
[09/08/2006|09:47] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Genuine Advantage
[19/07/2007|13:39] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Live Toolbar
[12/02/2008|18:46] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WLInstaller

[13/02/2004|13:32] C:\DOCUME~1\DEFAUL~1\APPLIC~1\desktop.ini
[25/10/2004|14:40] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Identities
[01/12/2007|19:45] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft

[17/09/2007|08:57] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft

[08/10/2005|15:47] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft

--------------------\\ Tâches planifiées dans C:\WINDOWS\tasks

[30/07/2008 10:18][--a------] C:\WINDOWS\tasks\EasyShare Registration Task.job
[31/07/2008 21:03][--a------] C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[08/08/2008 09:31][--ah-----] C:\WINDOWS\tasks\SA.DAT
[24/04/2003 03:00][-rah-----] C:\WINDOWS\tasks\desktop.ini

--------------------\\ Listing des dossiers dans C:\Program Files

[23/07/2008|08:30] C:\Program Files\Adobe
[30/04/2008|11:30] C:\Program Files\Apple Software Update
[24/03/2008|10:08] C:\Program Files\bfgclient
[30/04/2008|11:33] C:\Program Files\Bonjour
[05/03/2006|12:32] C:\Program Files\BoontyGames
[05/11/2004|09:58] C:\Program Files\CBC-Online
[12/07/2008|19:25] C:\Program Files\CCleaner
[01/09/2007|19:46] C:\Program Files\Common Files
[25/10/2004|14:40] C:\Program Files\ComPlus Applications
[25/10/2004|14:40] C:\Program Files\CONEXANT
[02/11/2006|11:02] C:\Program Files\Easy Internet signup
[22/07/2008|08:41] C:\Program Files\eBay
[17/03/2007|16:33] C:\Program Files\eBooks
[13/09/2007|11:56] C:\Program Files\eMule
[30/07/2008|10:21] C:\Program Files\Fichiers communs
[19/07/2008|16:20] C:\Program Files\F-Secure
[19/09/2007|23:24] C:\Program Files\Google
[01/09/2005|11:12] C:\Program Files\Hewlett-Packard
[24/11/2004|14:54] C:\Program Files\HP
[13/09/2007|12:08] C:\Program Files\HPQ
[18/10/2007|13:38] C:\Program Files\ING
[23/07/2008|08:44] C:\Program Files\InstallShield Installation Information
[11/06/2008|18:26] C:\Program Files\Internet Explorer
[13/09/2007|11:56] C:\Program Files\InterVideo
[30/04/2008|11:34] C:\Program Files\iPod
[30/04/2008|11:34] C:\Program Files\iTunes
[22/07/2008|13:18] C:\Program Files\Java
[27/10/2004|22:02] C:\Program Files\Jvsoft
[30/07/2008|10:22] C:\Program Files\Kodak
[26/01/2006|15:14] C:\Program Files\Logitech
[06/08/2008|15:12] C:\Program Files\Malwarebytes' Anti-Malware
[23/07/2008|08:44] C:\Program Files\Maxtor
[19/01/2008|17:26] C:\Program Files\Messenger
[24/12/2007|10:53] C:\Program Files\Messenger Plus! Live
[01/03/2008|11:54] C:\Program Files\MessengerPlus! 3
[20/07/2007|18:21] C:\Program Files\Microsoft CAPICOM 2.1.0.2
[30/10/2004|14:22] C:\Program Files\microsoft frontpage
[26/06/2008|09:43] C:\Program Files\Microsoft Office
[23/04/2008|15:05] C:\Program Files\Microsoft Silverlight
[13/11/2007|14:55] C:\Program Files\Microsoft SQL Server Compact Edition
[02/06/2008|13:44] C:\Program Files\Microsoft Visual Studio .NET 2003
[19/01/2008|17:27] C:\Program Files\Microsoft Works
[19/05/2005|17:48] C:\Program Files\Movie Maker
[26/06/2008|09:42] C:\Program Files\MSECache
[19/08/2005|14:09] C:\Program Files\MSN
[25/10/2004|14:40] C:\Program Files\MSN Gaming Zone
[20/07/2008|19:10] C:\Program Files\MSXML 6.0
[19/05/2005|17:43] C:\Program Files\NetMeeting
[23/07/2008|08:45] C:\Program Files\NOS
[13/06/2007|18:33] C:\Program Files\Outlook Express
[05/08/2008|23:31] C:\Program Files\Paint Shop Pro 6
[19/01/2008|17:23] C:\Program Files\PhotoFiltre Studio
[09/11/2006|10:54] C:\Program Files\PRGR
[30/04/2008|11:32] C:\Program Files\QuickTime
[25/10/2004|06:28] C:\Program Files\Services en ligne
[12/07/2008|01:17] C:\Program Files\Spybot - Search & Destroy
[25/10/2004|06:17] C:\Program Files\Synaptics
[24/03/2008|10:09] C:\Program Files\temp01
[13/07/2008|01:57] C:\Program Files\Trend Micro
[25/10/2004|14:40] C:\Program Files\Uninstall Information
[13/11/2007|14:58] C:\Program Files\Windows Live
[22/07/2008|08:45] C:\Program Files\Windows Live Toolbar
[15/09/2007|15:45] C:\Program Files\Windows Media Connect 2
[15/09/2007|15:45] C:\Program Files\Windows Media Player
[19/05/2005|17:43] C:\Program Files\Windows NT
[18/04/2005|09:42] C:\Program Files\WindowsUpdate
[29/10/2005|18:23] C:\Program Files\WinZip
[25/10/2004|14:40] C:\Program Files\xerox
[13/09/2007|11:49] C:\Program Files\Yahoo!
[24/03/2008|10:11] C:\Program Files\Zuma Deluxe

--------------------\\ Listing des dossiers dans C:\Program Files\Fichiers communs

--------------------\\ Process

( 64 Processus )

... OK !

--------------------\\ Recherche avec S_Lop

Aucun fichier / dossier Lop trouvé !

--------------------\\ Recherche de Fichiers / Dossiers Lop

Aucun fichier / dossier Lop trouvé !

--------------------\\ Verification du Registre

..... OK !

--------------------\\ Verification du fichier Hosts

Fichier Hosts PROPRE

--------------------\\ Recherche de fichiers avec Catchme

catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-08-08 17:27:18
Windows 5.1.2600 Service Pack 2 NTFS
scanning hidden processes ...
scanning hidden files ...
scan completed successfully
hidden processes: 0
hidden files: 3

--------------------\\ Recherche d'autres infections

Aucune autre infection trouvée !

[F:46][D:5]-> C:\DOCUME~1\MYRIAM\LOCALS~1\Temp
[F:151][D:0]-> C:\DOCUME~1\MYRIAM\Cookies
[F:8846][D:12]-> C:\DOCUME~1\MYRIAM\LOCALS~1\TEMPOR~1\content.IE5

--------------------\\ Fin du rapport a 17:28:29,60

no.ppp

Posté le 08/08/2008 à 18:04

Petit astucien

996 Messages

Plus aucun fichier/dossier n'est trouvé donc c'est OK de ce côté. Mais tu aurais dû aller ici : C:\lopR.txt et copier/coller le rapport.

Désinstalle via "Ajout/Suppression de programmes" : Boonty (s'il est présent)
Démarrer > Exécuter > tape services.msc, et désactive le service : Boonty Games - BOONTY

Télécharge OTMoveIt (d'Old_Timer) sur ton Bureau.

Double-clique sur OTMoveIt.exe pour le lancer.
Copie la liste qui se trouve en rose ci-dessous et colle-la dans le cadre de gauche de OTMoveIt: Paste List of Files/Folders to be moved

C:\Program Files\Fichiers communs\BOONTY Shared
C:\Program Files\Boonty
C:\Program Files\BoontyGames
C:\DOCUME~1\ALLUSE~1\APPLIC~1\BOONTY

Clique sur MoveIt! pour lancer la suppression.
Le résultat apparaitra dans le cadre Results
Clique sur Exit pour fermer.
Poste le rapport situé dans C:\_OTMoveIt\MovedFiles
Exemple:(01282008_131348.log )

Il te sera peut-être demander de redémarrer le PC pour achever la suppression.
Si c'est le cas accepte par Yes

Poste également un nouveau rapport HijackThis.

myriam1365

Posté le 08/08/2008 à 18:32

Petite astucienne

9 Messages

File/Folder C:\Program Files\Fichiers communs\BOONTY Shared not found.
File/Folder C:\Program Files\Boonty not found.
C:\Program Files\BoontyGames\Components moved successfully.
C:\Program Files\BoontyGames moved successfully.
File/Folder C:\DOCUME~1\ALLUSE~1\APPLIC~1\BOONTY not found.
File/Folder not found.

OTMoveIt2 by OldTimer - Version 1.0.4.3 log created on 08082008_181508

Voici, le rapport. Je te remercie et j'attend de tes nouvelles demain car je m'absente. Bonne soirée à toi. Myriam

no.ppp

Posté le 08/08/2008 à 18:42

Petit astucien

996 Messages

no.ppp a écrit :

Poste également un nouveau rapport HijackThis.

Tu ne fais pas beaucoup attention ...

myriam1365

Posté le 09/08/2008 à 10:03

Petite astucienne

9 Messages

Bonjour,

Je reconnais que hier j'étais un peu débordée car j'ai un commerce. Je vais m'appliquer aujourd'hui.

Voici le rapport:

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 10:00:59, on 9/08/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16674)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\System32\igfxtray.exe
C:\WINDOWS\System32\hkcmd.exe
C:\Program Files\QuickTime\QTTask.exe
C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\HP\Digital Imaging\Unload\hpqcmon.exe
C:\Program Files\HP\HP Share-to-Web\hpgs2wnd.exe
C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd2.exe
C:\WINDOWS\System32\hphmon05.exe
C:\Program Files\HP\hpcoretech\hpcmpmgr.exe
C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb09.exe
C:\Program Files\HP\Digital Imaging\bin\hpotdd01.exe
C:\WINDOWS\system32\LVCOMSX.EXE
C:\Program Files\Logitech\Video\LogiTray.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\F-Secure\Common\FSM32.EXE
C:\Program Files\HP\HP Share-to-Web\hpgs2wnf.exe
C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
C:\Program Files\Maxtor\OneTouch Status\maxmenumgr.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Logitech\Video\FxSvr2.exe
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\PROGRA~1\F-Secure\BackWeb\7681197\Program\SERVIC~1.EXE
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\system32\drivers\CDAC11BA.EXE
C:\Program Files\F-Secure\Anti-Virus\fsgk32st.exe
C:\Program Files\F-Secure\Anti-Virus\FSGK32.EXE
C:\Program Files\F-Secure\BackWeb\7681197\Program\BackWeb-7681197.exe
C:\Program Files\F-Secure\Anti-Virus\fssm32.exe
C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
C:\Program Files\Maxtor\Sync\SyncServices.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\F-Secure\Common\FSMA32.EXE
C:\Program Files\F-Secure\Common\FSMB32.EXE
C:\Program Files\F-Secure\Common\FCH32.EXE
C:\Program Files\F-Secure\Common\FAMEH32.EXE
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\F-Secure\Common\FNRB32.EXE
C:\Program Files\F-Secure\Anti-Virus\fsav32.exe
C:\Program Files\F-Secure\Common\FIH32.EXE
C:\Program Files\Windows Live\Messenger\usnsvc.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.pcastuces.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://g.fr.msn.be/0SEFRBE/SAOS01?FORM=TOOLBR
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost;*.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.1.615.5858\swg.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\System32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\System32\hkcmd.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [UpdateManager] "C:\Program Files\Fichiers communs\Sonic\Update Manager\sgtray.exe" /r
O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [CamMonitor] C:\Program Files\HP\Digital Imaging\Unload\hpqcmon.exe
O4 - HKLM\..\Run: [Share-to-Web Namespace Daemon] C:\Program Files\HP\HP Share-to-Web\hpgs2wnd.exe
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [HPHUPD05] c:\Program Files\HP\{45B6180B-DCAB-4093-8EE8-6164457517F0}\hphupd05.exe
O4 - HKLM\..\Run: [HPHmon05] C:\WINDOWS\System32\hphmon05.exe
O4 - HKLM\..\Run: [Cpqset] C:\Program Files\HPQ\Default Settings\cpqset.exe
O4 - HKLM\..\Run: [HP Component Manager] "C:\Program Files\HP\hpcoretech\hpcmpmgr.exe"
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb09.exe
O4 - HKLM\..\Run: [DeviceDiscovery] C:\Program Files\HP\Digital Imaging\bin\hpotdd01.exe
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe
O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [F-Secure Manager] "C:\Program Files\F-Secure\Common\FSM32.EXE" /splash
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [mxomssmenu] "C:\Program Files\Maxtor\OneTouch Status\maxmenumgr.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - HKCU\..\Run: [LogitechSoftwareUpdate] "C:\Program Files\Logitech\Video\ManifestEngine.exe" boot
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Logiciel Kodak EasyShare.lnk = C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe
O8 - Extra context menu item: Recherche sur eBay - res://C:\Program Files\eBay\eBay Toolbar2\eBayTb.dll/RCSearch.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\system32\msjava.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\system32\msjava.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O14 - IERESET.INF: START_PAGE_URL=http://www.hp.com
O16 - DPF: Dexia netbanking - http://netbanking.dexia.be/PC//Dynamic/Shared/Applet//DexiaIIA.cab
O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab31267.cab
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://webscanner.kaspersky.fr/kavwebscan_unicode.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://by137fd.bay137.hotmail.msn.com/resources/MsnPUpld.cab
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.bitdefender.fr/scan_fr/scan8/oscan8.cab
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/2005111401/housecall.trendmicro.com/housecall/xscan53.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMessengerSetupDownloader.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://messenger.zone.msn.com/binary/ZIntro.cab56649.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O16 - DPF: {E6A3C1E2-F792-483E-9133-596215172BE9} (AcceptLang Class) - http://runonce.msn.com/setacceptlang.cab
O16 - DPF: {F04A8AE2-A59D-11D2-8792-00C04F8EF29D} (Hotmail Attachments Control) - http://by23fd.bay23.hotmail.msn.com/activex/HMAtchmt.ocx
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: F-Secure BackWeb (BackWeb Client - 7681197) - Unknown owner - C:\PROGRA~1\F-Secure\BackWeb\7681197\Program\SERVIC~1.EXE
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: C-DillaCdaC11BA - Macrovision - C:\WINDOWS\system32\drivers\CDAC11BA.EXE
O23 - Service: F-Secure BackWeb LAN Access - Unknown owner - C:\Program Files\F-Secure\BackWeb\7681197\Program\fsbwlan.exe
O23 - Service: F-Secure Gatekeeper Handler Starter - F-Secure Corp. - C:\Program Files\F-Secure\Anti-Virus\fsgk32st.exe
O23 - Service: F-Secure Network Request Broker - F-Secure Corporation - C:\Program Files\F-Secure\Common\FNRB32.EXE
O23 - Service: F-Secure Authentication Agent (FSAA) - F-Secure Corporation. All Rights Reserved. - C:\Program Files\F-Secure\Common\FSAA.EXE
O23 - Service: F-Secure Management Agent (FSMA) - F-Secure Corporation - C:\Program Files\F-Secure\Common\FSMA32.EXE
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Maxtor Service (Maxtor Sync Service) - Seagate Technology LLC - C:\Program Files\Maxtor\Sync\SyncServices.exe

--
End of file - 12602 bytes

no.ppp