Istari

J'ai eu un paquet de cochonnerie en un clic de trop, sans protection..... j'ai réussi à faire un gros ménage; mon ordinateur était plein (popup régulier au "idle") j'ai commencé avec Ad-aware: il commence son scan et "pouf" il se ferme tout seul. Spybot, lui en a trouvé plein (genre beaucoup!): mais il restait "Look2Me" et autres que je ne me souviens plus. j'ai ensuite fait toutes sortes de "SCAN" de compagnie connue et j'ai opté pour Spy Sweeper. mais, j'ai toujours une cochonerie ..... car Spy Sweeper m'averti à chaque démarage qu'il vient de bloquer MEDIA.TOP-BANNERS.COM Si je regarde le "View session log" de Spy Sweeper, il me sort un listing des blocage régulier (au 30 à 60 minutes) qu'il effectue sur MEDIA.TOP-BANNERS.COM voir le lien si-dessou pour voir une image du "View session log". http://pages.infinit.net/istari/MEDIA.TOP-BANNERS.COM.jpg j'ai fait une recherche, mais j'n'ai rien trouvé. Donc me voici ici.... -ANTIVIR- AntiVir PersonalEdition Classic Report file date: 26 juillet 2006 18:54 Scanning for 397237 virus strains and unwanted programs. Licensed to: AntiVir PersonalEdition Classic Serial number: 0000149996-WURGE-0001 Platform: Windows XP Windows version: (Service Pack 2) [5.1.2600] Username: Istari Computer name: MAISON-ISTARI Version informations: AVSCAN.EXE : 7.0.0.42 557096 2006-07-26 22:42:13 AVSCAN.DLL : 7.0.0.42 53288 2006-07-26 22:42:13 LUKE.DLL : 7.0.0.42 118824 2006-07-26 22:42:13 LUKERES.DLL : 7.0.0.42 25640 2006-07-26 22:42:13 ANTIVIR0.VDF : 6.35.0.1 7371264 2006-07-26 22:42:13 ANTIVIR1.VDF : 6.35.0.4 2048 2006-07-26 22:42:13 ANTIVIR2.VDF : 6.35.0.5 2048 2006-07-26 22:42:13 ANTIVIR3.VDF : 6.35.0.6 2048 2006-07-26 22:42:13 AVEWIN32.DLL : 7.1.0.10 1511936 2006-07-26 22:42:13 AVPREF.DLL : 7.0.0.1 49192 2006-07-26 22:42:13 AVREP.DLL : 6.35.0.1 643112 2006-07-26 22:42:13 AVRPBASE.DLL : 7.0.0.0 2162728 2006-07-26 22:42:13 AVPACK32.DLL : 7.1.0.1 335912 2006-07-26 22:42:13 AVREG.DLL : 6.31.0.90 27688 2006-07-26 22:42:13 NETNT.DLL : 6.32.0.0 6696 2006-07-26 22:42:13 NETNW.DLL : 6.32.0.0 9768 2006-07-26 22:42:13 RCIMAGE.DLL : 7.0.0.71 1642536 2006-07-26 22:42:16 RCTEXT.DLL : 7.0.0.75 77864 2006-07-26 22:42:16 Configuration settings for the scan: Jobname: '%s'.................: Windows System Directory Configuration file............: C:\Program Files\AntiVir PersonalEdition Classic\sysdir.avp Boot sectors..................: C Scan memory...................: 1 Process scan..................: 1 Scan all files................: 2 Scan archives.................: 1 Recursion depth...............: 20 Smart extensions..............: 1 Macro heuristic...............: 1 File heuristic................: -1 Primary action................: 1 Secondary action..............: 0 Start of the scan: 26 juillet 2006 18:54 The scan over running processes will be started 15 Processes was scanned Start scanning boot sectors: Boot sector 'C:\' [NOTE] No virus was found! Starting to scan the registry. The registry was scanned ( 10 files ). Starting the file scan: C:\WINDOWS\system32\config\system.LOG [WARNING] The file could not be opened! C:\WINDOWS\system32\config\software.LOG [WARNING] The file could not be opened! C:\WINDOWS\system32\config\default.LOG [WARNING] The file could not be opened! C:\WINDOWS\system32\config\SECURITY [WARNING] The file could not be opened! C:\WINDOWS\system32\config\SAM [WARNING] The file could not be opened! C:\WINDOWS\system32\config\SAM.LOG [WARNING] The file could not be opened! C:\WINDOWS\system32\config\SECURITY.LOG [WARNING] The file could not be opened! C:\WINDOWS\system32\config\SYSTEM [WARNING] The file could not be opened! C:\WINDOWS\system32\config\SOFTWARE [WARNING] The file could not be opened! C:\WINDOWS\system32\config\DEFAULT [WARNING] The file could not be opened! C:\WINDOWS\system32\drivers\sptd9629.sys [WARNING] The file could not be opened! C:\WINDOWS\system32\drivers\sptd.sys [WARNING] The file could not be opened! C:\WINDOWS\system32\drivers\dtscsi.sys [WARNING] The file could not be opened! C:\WINDOWS\system32\drivers\atapi.sys [WARNING] The file could not be opened! End of the scan: 26 juillet 2006 18:56 Used time: 02:05 min The scan has been done completely. 233 Scanning directories 5441 Files were scanned 0 viruses and/or unwanted programs was found 0 files were deleted 0 files were repaired 0 files were moved to quarantine 0 files were renamed 8 Archives were scanned 14 Warnings 0 Notes -HIJACKTHIS- Logfile of HijackThis v1.99.1 Scan saved at 19:03:30, on 2006-07-26 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Saitek\Software\ProfilerU.exe C:\Program Files\Saitek\Software\SaiMfd.exe C:\WINDOWS\SOUNDMAN.EXE I:\Program Files\DAEMON Tools\daemon.exe C:\Program Files\ATI Technologies\ATI.ACE\cli.exe C:\Program Files\Webroot\Spy Sweeper\SpySweeperUI.exe C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe C:\Program Files\Webroot\Spy Sweeper\SSU.EXE C:\Program Files\ATI Technologies\ATI.ACE\cli.exe C:\WINDOWS\System32\svchost.exe I:\New Download\Anti-Spyware\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.ca/ R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www..google.com F2 - REG:system.ini: UserInit=userinit.exe O4 - HKLM\..\Run: [Profiler] "C:\Program Files\Saitek\Software\ProfilerU.exe" O4 - HKLM\..\Run: [saiMfd] "C:\Program Files\Saitek\Software\SaiMfd.exe" O4 - HKLM\..\Run: [soundMan] SOUNDMAN.EXE O4 - HKLM\..\Run: [DAEMON Tools] "I:\Program Files\DAEMON Tools\daemon.exe" -lang 1033 O4 - HKLM\..\Run: [ATICCC] "C:\Program Files\ATI Technologies\ATI.ACE\cli.exe" runtime -Delay O4 - HKLM\..\Run: [spySweeper] "C:\Program Files\Webroot\Spy Sweeper\SpySweeperUI.exe" /startintray O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present O9 - Extra button: ICQ 4.1 - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Program Files\ICQLite\ICQLite.exe O9 - Extra 'Tools' menuitem: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Program Files\ICQLite\ICQLite.exe O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: Sandra Data Service (SandraDataSrv) - SiSoftware - C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2005.SR3\RpcDataSrv.exe O23 - Service: Sandra Service (SandraTheSrv) - SiSoftware - C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2005.SR3\RpcSandraSrv.exe O23 - Service: Moteur Webroot Spy Sweeper (WebrootSpySweeperService) - Webroot Software, Inc. - C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe