Votre question

Help me please virus bisarre !

Tags :
  • Virus
  • Sécurité
Dernière réponse : dans Sécurité et virus
4 Septembre 2009 12:47:59

Bonjour!

Ne m'y connaissant pas grand chose en informatique, je suis déja passé par tom's guide pour me débarasser d'un virus et cela a bien fonctionné, aujourd'hui j'aide une amie qui a un virus mais c'est un virus spécial, par exemple lorqu'elle essaye d'ouvrir ses messages sur msn ou encore sur orange la page reste en charge et rien ne se passe, de plus des pubs reviennt sans cesse, j'aimerai m'en débarasser, alors svp si vous pouvez m'aider ça serait super simpa ! ;) 
Merci d'avance.

Autres pages sur : help please virus bisarre

4 Septembre 2009 18:59:51

Svp, ia donc personne pour m'aider, je suis venue spécialement chez elle se soir en pensant avoir eu une réponse, j'ai un peu de temps de dispo dans l'heure qui suit, si kk1 veut m'aider !
a b 8 Sécurité
4 Septembre 2009 19:14:41

Bonjour,

Je pense pas à une infection.

Télécharge Hijackthis (de Trend Micro) sur ton Bureau.

  • Double clique sur HJTInstall.exe pour lancer l'installation.
  • Clique sur Install.
  • Double clique sur le raccourci d'HijackThis qui vient d'être créé pour le lancer. (Clique droit -> lancer en tant qu'admin si sous Vista)
  • Accepte la licence en cliquant sur Yes.
  • Clique sur Do a system scan and save a logfile.
  • Poste ici le rapport généré.

    Note : Le rapport se trouve également ici : C:\Program Files\Trend Micro\Hijackthis\Hijackthis.log

    Aide : Comment utiliser HijackThis.
    Contenus similaires
    4 Septembre 2009 19:42:24

    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 19:38:30, on 04/09/2009
    Platform: Windows Vista SP1 (WinNT 6.00.1905)
    MSIE: Internet Explorer v7.00 (7.00.6001.18294)
    Boot mode: Normal

    Running processes:
    C:\Windows\System32\smss.exe
    C:\Windows\system32\csrss.exe
    C:\Windows\system32\wininit.exe
    C:\Windows\system32\csrss.exe
    C:\Windows\system32\services.exe
    C:\Windows\system32\lsass.exe
    C:\Windows\system32\lsm.exe
    C:\Windows\system32\winlogon.exe
    C:\Windows\system32\svchost.exe
    C:\Windows\system32\nvvsvc.exe
    C:\Windows\system32\svchost.exe
    C:\Windows\System32\svchost.exe
    C:\Windows\System32\svchost.exe
    C:\Windows\system32\svchost.exe
    C:\Windows\system32\SLsvc.exe
    C:\Windows\system32\svchost.exe
    C:\Windows\system32\rundll32.exe
    C:\Windows\system32\svchost.exe
    C:\Windows\System32\spoolsv.exe
    C:\Windows\system32\svchost.exe
    C:\Windows\system32\taskeng.exe
    C:\Windows\system32\Dwm.exe
    C:\Windows\Explorer.EXE
    C:\hp\support\hpsysdrv.exe
    C:\Program Files\Hewlett-Packard\On-Screen OSD Indicator\OSD.exe
    C:\Windows\RtHDVCpl.exe
    C:\Windows\vVX1000.exe
    C:\Windows\tsnp2std.exe
    C:\Windows\vsnp2std.exe
    C:\Program Files\iTunes\iTunesHelper.exe
    C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
    C:\Program Files\Java\jre6\bin\jusched.exe
    C:\Windows\System32\rundll32.exe
    C:\Program Files\HP\HP Software Update\hpwuSchd2.exe
    C:\Program Files\Windows Sidebar\sidebar.exe
    C:\Program Files\Hewlett-Packard\HP Advisor\HPAdvisor.exe
    C:\Program Files\Windows Live\Messenger\msnmsgr.exe
    C:\Windows\ehome\ehtray.exe
    C:\Program Files\Windows Media Player\wmpnscfg.exe
    C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
    C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
    c:\Program Files\Common Files\LightScribe\LSSrvc.exe
    C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
    C:\Program Files\Norton Internet Security\Engine\16.5.0.135\ccSvcHst.exe
    C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
    C:\Windows\system32\svchost.exe
    C:\Windows\system32\svchost.exe
    C:\Windows\System32\svchost.exe
    C:\Windows\system32\SearchIndexer.exe
    C:\Windows\system32\WUDFHost.exe
    C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe
    C:\Windows\ehome\ehmsas.exe
    C:\Windows\System32\mobsync.exe
    C:\Program Files\OpenOffice.org 2.3\program\soffice.exe
    C:\Program Files\Norton Internet Security\Engine\16.5.0.135\ccSvcHst.exe
    C:\Program Files\Windows Media Player\wmpnetwk.exe
    C:\Windows\system32\taskeng.exe
    C:\Program Files\OpenOffice.org 2.3\program\soffice.BIN
    C:\Program Files\iPod\bin\iPodService.exe
    C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
    C:\Windows\system32\rundll32.exe
    c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe
    C:\Windows\system32\wuauclt.exe
    C:\Program Files\Java\jre6\bin\jucheck.exe
    C:\Program Files\Windows Live\Messenger\usnsvc.exe
    C:\Program Files\Mozilla Firefox\firefox.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
    C:\Windows\system32\wbem\wmiprvse.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.plusnetwork.com
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&loca...
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&loca...
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
    O1 - Hosts: ::1 localhost
    O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
    O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O2 - BHO: Symantec NCO BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files\Norton Internet Security\Engine\16.5.0.135\coIEPlg.dll
    O2 - BHO: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files\Norton Internet Security\Engine\16.5.0.135\IPSBHO.DLL
    O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
    O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
    O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
    O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.2.4204.1700\swg.dll
    O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_B7C5AC242193BB3E.dll
    O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
    O3 - Toolbar: Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton Internet Security\Engine\16.5.0.135\coIEPlg.dll
    O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
    O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
    O4 - HKLM\..\Run: [hpsysdrv] c:\hp\support\hpsysdrv.exe
    O4 - HKLM\..\Run: [OsdMaestro] "C:\Program Files\Hewlett-Packard\On-Screen OSD Indicator\OSD.exe"
    O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
    O4 - HKLM\..\Run: [HP Health Check Scheduler] c:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe
    O4 - HKLM\..\Run: [SunJavaUpdateReg] "C:\Windows\system32\jureg.exe" -delete
    O4 - HKLM\..\Run: [VX1000] C:\Windows\vVX1000.exe
    O4 - HKLM\..\Run: [tsnp2std] C:\Windows\tsnp2std.exe
    O4 - HKLM\..\Run: [snp2std] C:\Windows\vsnp2std.exe
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
    O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
    O4 - HKLM\..\Run: [Symantec PIF AlertEng] "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" /a /m "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\AlertEng.dll"
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
    O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
    O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
    O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
    O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
    O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
    O4 - HKCU\..\Run: [HPAdvisor] C:\Program Files\Hewlett-Packard\HP Advisor\HPAdvisor.exe autoRun
    O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
    O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
    O4 - HKCU\..\Run: [cdromloud] "C:\ProgramData\borebuildbuild.9ift7"
    O4 - HKCU\..\Run: [Help Creative Meow City] "C:\ProgramData\CAMP SIGN BIRD.9cymss"
    O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
    O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
    O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL')
    O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL')
    O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU')
    O4 - Startup: OneNote 2007 - Capture d'écran et lancement.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
    O4 - Startup: OpenOffice.org 2.3.lnk = C:\Program Files\OpenOffice.org 2.3\program\quickstart.exe
    O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
    O9 - Extra button: Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
    O9 - Extra 'Tools' menuitem: &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
    O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
    O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O13 - Gopher Prefix:
    O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} (Facebook Photo Uploader 5 Control) - http://upload.facebook.com/controls/2008.10.10_v5.5.8/F...
    O18 - Protocol: symres - {AA1061FE-6C41-421F-9344-69640C9732AB} - C:\Program Files\Norton Internet Security\Engine\16.5.0.135\coIEPlg.dll
    O20 - AppInit_DLLs: C:\Windows\System32\iasads32.dll
    O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
    O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
    O23 - Service: HP Health Check Service - Hewlett-Packard - c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - c:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
    O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
    O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - c:\Program Files\Common Files\LightScribe\LSSrvc.exe
    O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
    O23 - Service: LiveUpdate Notice Service Ex (LiveUpdate Notice Ex) - Unknown owner - c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (file missing)
    O23 - Service: LiveUpdate Notice Service - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
    O23 - Service: Norton Internet Security - Symantec Corporation - C:\Program Files\Norton Internet Security\Engine\16.5.0.135\ccSvcHst.exe
    O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
    O23 - Service: Planificateur LiveUpdate automatique - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
    O23 - Service: RoxMediaDB9 - Sonic Solutions - c:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe
    O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe
    O23 - Service: stllssvr - MicroVision Development, Inc. - c:\Program Files\Common Files\SureThing Shared\stllssvr.exe

    --
    End of file - 11736 bytes
    4 Septembre 2009 20:51:04

    Et après?!
    a b 8 Sécurité
    6 Septembre 2009 21:07:29

    Re,

    Télécharge Lop S&D.exe (d’ Eric 71) sur ton Bureau.

  • Double-clique sur le raccourci Lop S&D présent sur ton bureau (Si tu es sous Vista, clique droit -> exécuter en tant qu'admin)
  • Séléctionne la langue souhaitée , puis choisis l'Option 1 (Recherche)
  • Patiente jusqu'à la fin du scan
  • Poste le rapport généré (C:\lopR.txt)
    7 Septembre 2009 19:35:16

    Angeldark est tu la je suis entrain de faire le scan si c'est possible j'aimerai retiré le virus maintenant car comme c'est pas sur mon pc, c'est plus compliqué en plusieurs fois, merci de me répondre et merci de ton aide.
    Je poste le rapport dès qu'il est fini.
    7 Septembre 2009 19:46:42


    --------------------\\ Lop S&D 4.2.5-0 XP/Vista

    Microsoft® Windows Vista™ Édition Familiale Premium ( v6.0.6001 ) Service Pack 1
    X86-based PC ( Multiprocessor Free : AMD Sempron(tm) Processor 3800+ )
    BIOS : Phoenix - AwardBIOS v6.00PG
    USER : Burnel's family ( Not Administrator ! )
    BOOT : Normal boot
    Antivirus : Norton Internet Security 16.2.0.7 (Activated)
    Firewall : Norton Internet Security 16.2.0.7 (Activated)
    C:\ (Local Disk) - NTFS - Total:141 Go (Free:84 Go)
    D:\ (Local Disk) - NTFS - Total:7 Go (Free:0 Go)
    E:\ (CD or DVD)
    F:\ (USB)
    G:\ (USB)
    H:\ (USB)
    I:\ (USB)

    "C:\Lop SD" ( MAJ : 19-12-2008|23:40 )
    Option : [1] ( 07/09/2009|19:33 )

    [ UAC => 0 ]

    --------------------\\ Listing des dossiers dans Local

    [27/04/2009|18:15] C:\Users\BURNEL~1\AppData\Local\Adobe
    [06/01/2008|16:54] C:\Users\BURNEL~1\AppData\Local\Apple
    [02/04/2008|18:40] C:\Users\BURNEL~1\AppData\Local\Apple Computer
    [05/01/2008|12:07] C:\Users\BURNEL~1\AppData\Local\Application Data
    [04/09/2008|23:03] C:\Users\BURNEL~1\AppData\Local\d3d9caps.dat
    [08/08/2009|12:11] C:\Users\BURNEL~1\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
    [23/06/2009|20:40] C:\Users\BURNEL~1\AppData\Local\GDIPFONTCACHEV1.DAT
    [05/06/2008|18:18] C:\Users\BURNEL~1\AppData\Local\gnc.exe
    [27/08/2009|19:58] C:\Users\BURNEL~1\AppData\Local\Google
    [05/01/2008|12:15] C:\Users\BURNEL~1\AppData\Local\Hewlett-Packard
    [05/01/2008|12:07] C:\Users\BURNEL~1\AppData\Local\Historique
    [15/01/2008|18:48] C:\Users\BURNEL~1\AppData\Local\HP
    [06/09/2009|22:36] C:\Users\BURNEL~1\AppData\Local\IconCache.db
    [31/08/2009|15:20] C:\Users\BURNEL~1\AppData\Local\Microsoft
    [04/03/2008|20:31] C:\Users\BURNEL~1\AppData\Local\Microsoft Games
    [24/05/2008|09:09] C:\Users\BURNEL~1\AppData\Local\Microsoft Help
    [05/01/2008|13:22] C:\Users\BURNEL~1\AppData\Local\Mozilla
    [07/11/2008|16:57] C:\Users\BURNEL~1\AppData\Local\Seven Zip
    [07/09/2009|19:33] C:\Users\BURNEL~1\AppData\Local\Temp
    [05/01/2008|12:07] C:\Users\BURNEL~1\AppData\Local\Temporary Internet Files
    [15/02/2009|14:31] C:\Users\BURNEL~1\AppData\Local\VirtualStore

    --------------------\\ Tâches planifiées dans C:\Windows\tasks

    [07/09/2009 17:37][--ah-----] C:\Windows\tasks\User_Feed_Synchronization-{FA9675CE-1F6B-4A41-9C4F-BA729101CF90}.job
    [07/09/2009 19:27][--ah-----] C:\Windows\tasks\SA.DAT
    [07/09/2009 17:46][--a------] C:\Windows\tasks\SCHEDLGU.TXT

    --------------------\\ Listing des dossiers dans C:\ProgramData

    [07/11/2008|16:58] C:\ProgramData\{B3C2C1CD-6B77-4A96-B670-F734AC2A1CBC}
    [03/12/2008|19:02] C:\ProgramData\Adobe
    [09/04/2009|21:26] C:\ProgramData\aim rect help creative
    [06/01/2008|16:52] C:\ProgramData\Apple
    [06/01/2008|16:58] C:\ProgramData\Apple Computer
    [02/11/2006|15:02] C:\ProgramData\Application Data
    [09/04/2009|14:06] C:\ProgramData\borebuildbuild.0zx99g
    [09/04/2009|11:54] C:\ProgramData\borebuildbuild.13ei4vy
    [09/04/2009|19:35] C:\ProgramData\borebuildbuild.1sk7xd5
    [09/04/2009|15:33] C:\ProgramData\borebuildbuild.3fw31
    [09/04/2009|14:49] C:\ProgramData\borebuildbuild.3vqv5
    [09/04/2009|16:16] C:\ProgramData\borebuildbuild.53x3lnk
    [09/04/2009|16:38] C:\ProgramData\borebuildbuild.8s9cln
    [09/04/2009|20:20] C:\ProgramData\borebuildbuild.98ysyx
    [09/04/2009|21:05] C:\ProgramData\borebuildbuild.9ift7
    [09/04/2009|19:57] C:\ProgramData\borebuildbuild.9rd9adj
    [09/04/2009|13:44] C:\ProgramData\borebuildbuild.a28sw
    [09/04/2009|12:38] C:\ProgramData\borebuildbuild.bar6i3
    [09/04/2009|15:55] C:\ProgramData\borebuildbuild.emk0qid
    [14/02/2009|19:26] C:\ProgramData\borebuildbuild.hgw0tu
    [09/04/2009|13:00] C:\ProgramData\borebuildbuild.jjxg9
    [09/04/2009|18:07] C:\ProgramData\borebuildbuild.noxahwy
    [14/02/2009|19:26] C:\ProgramData\borebuildbuild.ns3bei
    [09/04/2009|17:45] C:\ProgramData\borebuildbuild.p2rel
    [09/04/2009|12:16] C:\ProgramData\borebuildbuild.qrb3pg
    [09/04/2009|13:22] C:\ProgramData\borebuildbuild.vc6ls
    [09/04/2009|17:23] C:\ProgramData\borebuildbuild.w1012i
    [09/04/2009|19:13] C:\ProgramData\borebuildbuild.whmeixq
    [09/04/2009|14:28] C:\ProgramData\borebuildbuild.wpufk6
    [09/04/2009|17:01] C:\ProgramData\borebuildbuild.wy8y9
    [09/04/2009|18:51] C:\ProgramData\borebuildbuild.xd24yw
    [09/04/2009|20:42] C:\ProgramData\borebuildbuild.z9fwd
    [09/04/2009|18:29] C:\ProgramData\borebuildbuild.zmzse
    [05/01/2008|12:04] C:\ProgramData\Bureau
    [14/02/2009|19:26] C:\ProgramData\CAMP SIGN BIRD.9cymss
    [02/11/2006|15:02] C:\ProgramData\Desktop
    [02/11/2006|15:02] C:\ProgramData\Documents
    [07/02/2009|20:05] C:\ProgramData\eMule
    [05/01/2008|12:04] C:\ProgramData\Favoris
    [02/11/2006|15:02] C:\ProgramData\Favorites
    [28/02/2009|13:24] C:\ProgramData\Google
    [25/06/2009|22:22] C:\ProgramData\great hole
    [05/01/2008|12:15] C:\ProgramData\Hewlett-Packard
    [07/09/2007|01:25] C:\ProgramData\HP
    [07/09/2007|01:26] C:\ProgramData\hpzinstall.log
    [26/02/2009|14:26] C:\ProgramData\LUUnInstall.LiveUpdate
    [05/01/2008|12:04] C:\ProgramData\Menu D‚marrer
    [06/10/2008|19:07] C:\ProgramData\Messenger Plus!
    [17/03/2008|21:00] C:\ProgramData\Microsoft
    [23/06/2009|19:14] C:\ProgramData\Microsoft Help
    [05/01/2008|12:04] C:\ProgramData\ModŠles
    [07/09/2007|01:34] C:\ProgramData\muvee Technologies
    [26/02/2009|14:19] C:\ProgramData\Norton
    [26/02/2009|14:19] C:\ProgramData\NortonInstaller
    [15/02/2009|10:59] C:\ProgramData\NVIDIA
    [07/09/2007|01:40] C:\ProgramData\PC-Doctor
    [26/02/2009|14:19] C:\ProgramData\PCSettings
    [24/09/2008|09:38] C:\ProgramData\Roxio
    [09/02/2009|19:40] C:\ProgramData\Skyline
    [07/09/2007|01:26] C:\ProgramData\Sonic
    [31/08/2009|13:31] C:\ProgramData\Spybot - Search & Destroy
    [02/11/2006|15:02] C:\ProgramData\Start Menu
    [26/02/2009|14:33] C:\ProgramData\Symantec
    [26/02/2009|14:17] C:\ProgramData\Symantec Temporary Files
    [02/11/2006|15:02] C:\ProgramData\Templates
    [29/08/2009|14:50] C:\ProgramData\WindowsSearch
    [14/01/2008|18:03] C:\ProgramData\WLInstaller

    --------------------\\ Listing des dossiers dans C:\Program Files

    [07/11/2008|16:58] C:\Program Files\Activation Assistant for the 2007 Microsoft Office suites
    [03/12/2008|19:01] C:\Program Files\Adobe
    [12/08/2009|15:15] C:\Program Files\Apple Software Update
    [08/08/2009|18:52] C:\Program Files\Ask Search Assistant
    [25/06/2009|22:11] C:\Program Files\AxBx
    [11/04/2009|19:50] C:\Program Files\Circl Developement
    [26/02/2009|14:25] C:\Program Files\Common Files
    [07/09/2007|10:30] C:\Program Files\EasyBits
    [07/02/2009|20:05] C:\Program Files\eMule
    [05/01/2008|12:04] C:\Program Files\Fichiers communs [C:\Program Files\Common Files]
    [28/02/2009|13:25] C:\Program Files\Google
    [07/09/2007|01:42] C:\Program Files\Hewlett-Packard
    [09/05/2009|17:31] C:\Program Files\HP
    [15/03/2008|15:44] C:\Program Files\InstallShield Installation Information
    [30/07/2009|10:26] C:\Program Files\Internet Explorer
    [02/04/2008|11:36] C:\Program Files\iPod
    [02/04/2008|11:36] C:\Program Files\iTunes
    [29/10/2008|19:12] C:\Program Files\Java
    [29/10/2008|18:53] C:\Program Files\LimeWire
    [08/08/2009|18:52] C:\Program Files\Messenger Plus! Live
    [02/11/2006|14:37] C:\Program Files\Microsoft Games
    [10/01/2008|19:02] C:\Program Files\Microsoft Office
    [23/06/2009|19:11] C:\Program Files\Microsoft Works
    [10/01/2008|19:02] C:\Program Files\Microsoft.NET
    [17/06/2009|00:08] C:\Program Files\Movie Maker
    [07/09/2009|19:29] C:\Program Files\Mozilla Firefox
    [02/11/2006|14:37] C:\Program Files\MSBuild
    [05/01/2008|12:46] C:\Program Files\MSXML 4.0
    [07/09/2007|01:34] C:\Program Files\muvee Technologies
    [31/08/2009|16:06] C:\Program Files\Navilog1
    [26/02/2009|14:30] C:\Program Files\Norton Internet Security
    [26/02/2009|14:19] C:\Program Files\NortonInstaller
    [12/01/2008|18:43] C:\Program Files\OpenOffice.org 2.3
    [07/09/2007|01:58] C:\Program Files\PC-Doctor 5 for Windows
    [02/04/2008|11:34] C:\Program Files\QuickTime
    [09/05/2009|17:17] C:\Program Files\Realtek
    [02/11/2006|14:37] C:\Program Files\Reference Assemblies
    [07/09/2007|01:32] C:\Program Files\Roxio
    [02/04/2008|11:40] C:\Program Files\Safari
    [07/09/2007|01:44] C:\Program Files\Services en ligne
    [28/12/2008|11:47] C:\Program Files\Skyline
    [31/08/2009|13:28] C:\Program Files\Spybot - Search & Destroy
    [26/03/2009|20:29] C:\Program Files\Symantec
    [06/03/2008|19:47] C:\Program Files\Toshiba
    [04/09/2009|19:36] C:\Program Files\trend micro
    [02/11/2006|15:01] C:\Program Files\Uninstall Information
    [16/03/2008|16:08] C:\Program Files\VideoLAN
    [17/06/2009|00:08] C:\Program Files\Windows Calendar
    [17/06/2009|00:08] C:\Program Files\Windows Collaboration
    [17/06/2009|00:08] C:\Program Files\Windows Defender
    [17/06/2009|00:08] C:\Program Files\Windows Journal
    [05/01/2008|13:12] C:\Program Files\Windows Live
    [17/06/2009|00:08] C:\Program Files\Windows Mail
    [13/08/2009|18:12] C:\Program Files\Windows Media Player
    [05/01/2008|12:04] C:\Program Files\Windows NT
    [17/06/2009|00:08] C:\Program Files\Windows Photo Gallery
    [17/06/2009|00:08] C:\Program Files\Windows Sidebar

    --------------------\\ Listing des dossiers dans C:\Program Files\Common Files

    [03/12/2008|19:02] C:\Program Files\Common Files\Adobe
    [06/01/2008|16:52] C:\Program Files\Common Files\Apple
    [10/01/2008|19:02] C:\Program Files\Common Files\DESIGNER
    [07/09/2007|01:25] C:\Program Files\Common Files\HP
    [20/01/2008|20:10] C:\Program Files\Common Files\InstallShield
    [07/09/2007|01:33] C:\Program Files\Common Files\LightScribe
    [07/09/2007|01:33] C:\Program Files\Common Files\LS Getting Started
    [23/06/2009|19:12] C:\Program Files\Common Files\microsoft shared
    [07/09/2007|01:34] C:\Program Files\Common Files\muvee Technologies
    [07/09/2007|01:32] C:\Program Files\Common Files\PX Storage Engine
    [07/09/2007|01:32] C:\Program Files\Common Files\Roxio Shared
    [02/11/2006|13:18] C:\Program Files\Common Files\Services
    [15/03/2008|15:44] C:\Program Files\Common Files\snp2std
    [07/09/2007|01:32] C:\Program Files\Common Files\Sonic Shared
    [02/11/2006|13:18] C:\Program Files\Common Files\SpeechEngines
    [07/09/2007|01:27] C:\Program Files\Common Files\SureThing Shared
    [26/02/2009|14:58] C:\Program Files\Common Files\Symantec Shared
    [17/06/2009|00:08] C:\Program Files\Common Files\System
    [05/01/2008|13:11] C:\Program Files\Common Files\WindowsLiveInstaller

    --------------------\\ Process

    ( 70 Processes )

    ... OK !

    --------------------\\ Recherche avec S_Lop

    C:\ProgramData\borebuildbuild.3fw31
    C:\ProgramData\borebuildbuild.3vqv5
    C:\ProgramData\borebuildbuild.9ift7
    C:\ProgramData\borebuildbuild.a28sw
    C:\ProgramData\borebuildbuild.jjxg9
    C:\ProgramData\borebuildbuild.p2rel
    C:\ProgramData\borebuildbuild.vc6ls
    C:\ProgramData\borebuildbuild.wy8y9
    C:\ProgramData\borebuildbuild.z9fwd
    C:\ProgramData\borebuildbuild.zmzse
    C:\ProgramData\borebuildbuild.0zx99g
    C:\ProgramData\borebuildbuild.8s9cln
    C:\ProgramData\borebuildbuild.98ysyx
    C:\ProgramData\borebuildbuild.bar6i3
    C:\ProgramData\borebuildbuild.hgw0tu
    C:\ProgramData\borebuildbuild.ns3bei
    C:\ProgramData\borebuildbuild.qrb3pg
    C:\ProgramData\borebuildbuild.w1012i
    C:\ProgramData\borebuildbuild.wpufk6
    C:\ProgramData\borebuildbuild.xd24yw
    C:\ProgramData\CAMP SIGN BIRD.9cymss
    C:\ProgramData\borebuildbuild.13ei4vy
    C:\ProgramData\borebuildbuild.1sk7xd5
    C:\ProgramData\borebuildbuild.53x3lnk
    C:\ProgramData\borebuildbuild.9rd9adj
    C:\ProgramData\borebuildbuild.emk0qid
    C:\ProgramData\borebuildbuild.noxahwy
    C:\ProgramData\borebuildbuild.whmeixq

    --------------------\\ Recherche de Fichiers / Dossiers Lop

    C:\ProgramData\aim rect help creative
    C:\ProgramData\aim rect help creative\long phone.dat
    C:\Users\BURNEL~1\AppData\Roaming\MICROS~1\Windows\Cookies\burnel's_family@advertising[2].txt

    --------------------\\ Verification du Registre

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "cdromloud"="\"C:\\ProgramData\\borebuildbuild.9ift7\""
    "Help Creative Meow City"="\"C:\\ProgramData\\CAMP SIGN BIRD.9cymss\""

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

    --------------------\\ Verification du fichier Hosts

    Fichier Hosts PROPRE


    --------------------\\ Recherche de fichiers avec Catchme

    catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
    Rootkit scan 2009-09-07 19:37:50
    Windows 6.0.6001 Service Pack 1 NTFS
    scanning hidden processes ...
    scanning hidden files ...
    scan completed successfully
    hidden processes: 0
    hidden files: 1374

    --------------------\\ Recherche d'autres infections


    Aucune autre infection trouvée !

    [F:207][D:10]-> C:\Users\BURNEL~1\AppData\Local\Temp
    [F:384][D:1]-> C:\Users\BURNEL~1\AppData\Roaming\MICROS~1\Windows\Cookies
    [F:2430][D:12]-> C:\Users\BURNEL~1\AppData\Local\MICROS~1\Windows\TEMPOR~1\content.IE5
    [F:40][D:6]-> C:\$Recycle.Bin

    1 - "C:\Lop SD\LopR_1.txt" - 07/09/2009|19:45 - Option : [1]

    --------------------\\ Fin du rapport a 19:45:15
    [ UAC => 1 ]

    7 Septembre 2009 20:23:06

    Svp quelqu'un pour m'aider??
    7 Septembre 2009 20:36:18

    :(  please!
    a b 8 Sécurité
    7 Septembre 2009 21:15:35

    Patience, je suis en cours hein.

    Relance Lop S&D.

  • Choisis cette fois ci l'Option 2 (Suppression)
    [#ff0000]! Ne ferme pas la fenêtre lors de la suppression ! [/#f]
  • Poste le rapport généré (C:\lopR.txt)
    7 Septembre 2009 22:55:48

    Depuis 1h j'essayai de me connecter à internet :s le virus m'empèche la connexion! je te post le rapport dès qu'il est terminé.
    Merci
    7 Septembre 2009 23:10:21


    --------------------\\ Lop S&D 4.2.5-0 XP/Vista

    Microsoft® Windows Vista™ Édition Familiale Premium ( v6.0.6001 ) Service Pack 1
    X86-based PC ( Multiprocessor Free : AMD Sempron(tm) Processor 3800+ )
    BIOS : Phoenix - AwardBIOS v6.00PG
    USER : Burnel's family ( Not Administrator ! )
    BOOT : Normal boot
    Antivirus : Norton Internet Security 16.2.0.7 (Activated)
    Firewall : Norton Internet Security 16.2.0.7 (Activated)
    C:\ (Local Disk) - NTFS - Total:141 Go (Free:84 Go)
    D:\ (Local Disk) - NTFS - Total:7 Go (Free:0 Go)
    E:\ (CD or DVD)
    F:\ (USB)
    G:\ (USB)
    H:\ (USB)
    I:\ (USB)

    "C:\Lop SD" ( MAJ : 19-12-2008|23:40 )
    Option : [2] ( 07/09/2009|22:58 )

    [ UAC => 1 ]


    \\\\\\\\\\\\\\\\\\\\\\\\\\\\\\ SUPPRESSION

    Supprime! - C:\ProgramData\aim rect help creative\long phone.dat
    Supprime! - C:\Users\BURNEL~1\AppData\Roaming\MICROS~1\Windows\Cookies\burnel's_family@advertising[2].txt
    Supprime! - C:\ProgramData\borebuildbuild.3fw31
    Supprime! - C:\ProgramData\borebuildbuild.3vqv5
    Supprime! - C:\ProgramData\borebuildbuild.9ift7
    Supprime! - C:\ProgramData\borebuildbuild.a28sw
    Supprime! - C:\ProgramData\borebuildbuild.jjxg9
    Supprime! - C:\ProgramData\borebuildbuild.p2rel
    Supprime! - C:\ProgramData\borebuildbuild.vc6ls
    Supprime! - C:\ProgramData\borebuildbuild.wy8y9
    Supprime! - C:\ProgramData\borebuildbuild.z9fwd
    Supprime! - C:\ProgramData\borebuildbuild.zmzse
    Supprime! - C:\ProgramData\borebuildbuild.0zx99g
    Supprime! - C:\ProgramData\borebuildbuild.8s9cln
    Supprime! - C:\ProgramData\borebuildbuild.98ysyx
    Supprime! - C:\ProgramData\borebuildbuild.bar6i3
    Supprime! - C:\ProgramData\borebuildbuild.hgw0tu
    Supprime! - C:\ProgramData\borebuildbuild.ns3bei
    Supprime! - C:\ProgramData\borebuildbuild.qrb3pg
    Supprime! - C:\ProgramData\borebuildbuild.w1012i
    Supprime! - C:\ProgramData\borebuildbuild.wpufk6
    Supprime! - C:\ProgramData\borebuildbuild.xd24yw
    Supprime! - C:\ProgramData\CAMP SIGN BIRD.9cymss
    Supprime! - C:\ProgramData\borebuildbuild.13ei4vy
    Supprime! - C:\ProgramData\borebuildbuild.1sk7xd5
    Supprime! - C:\ProgramData\borebuildbuild.53x3lnk
    Supprime! - C:\ProgramData\borebuildbuild.9rd9adj
    Supprime! - C:\ProgramData\borebuildbuild.emk0qid
    Supprime! - C:\ProgramData\borebuildbuild.noxahwy
    Supprime! - C:\ProgramData\borebuildbuild.whmeixq
    Supprime! - C:\ProgramData\aim rect help creative
    -
    [ Fichier Hosts ] .. Restaure!

    \\\\\\\\\\\\\\\\\\\\\\\\\\\\\\


    --------------------\\ Listing des dossiers dans Local

    [27/04/2009|18:15] C:\Users\BURNEL~1\AppData\Local\Adobe
    [06/01/2008|16:54] C:\Users\BURNEL~1\AppData\Local\Apple
    [02/04/2008|18:40] C:\Users\BURNEL~1\AppData\Local\Apple Computer
    [05/01/2008|12:07] C:\Users\BURNEL~1\AppData\Local\Application Data
    [04/09/2008|23:03] C:\Users\BURNEL~1\AppData\Local\d3d9caps.dat
    [08/08/2009|12:11] C:\Users\BURNEL~1\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
    [23/06/2009|20:40] C:\Users\BURNEL~1\AppData\Local\GDIPFONTCACHEV1.DAT
    [05/06/2008|18:18] C:\Users\BURNEL~1\AppData\Local\gnc.exe
    [27/08/2009|19:58] C:\Users\BURNEL~1\AppData\Local\Google
    [05/01/2008|12:15] C:\Users\BURNEL~1\AppData\Local\Hewlett-Packard
    [05/01/2008|12:07] C:\Users\BURNEL~1\AppData\Local\Historique
    [15/01/2008|18:48] C:\Users\BURNEL~1\AppData\Local\HP
    [06/09/2009|22:36] C:\Users\BURNEL~1\AppData\Local\IconCache.db
    [31/08/2009|15:20] C:\Users\BURNEL~1\AppData\Local\Microsoft
    [04/03/2008|20:31] C:\Users\BURNEL~1\AppData\Local\Microsoft Games
    [24/05/2008|09:09] C:\Users\BURNEL~1\AppData\Local\Microsoft Help
    [05/01/2008|13:22] C:\Users\BURNEL~1\AppData\Local\Mozilla
    [07/11/2008|16:57] C:\Users\BURNEL~1\AppData\Local\Seven Zip
    [07/09/2009|22:59] C:\Users\BURNEL~1\AppData\Local\Temp
    [05/01/2008|12:07] C:\Users\BURNEL~1\AppData\Local\Temporary Internet Files
    [15/02/2009|14:31] C:\Users\BURNEL~1\AppData\Local\VirtualStore

    --------------------\\ Tâches planifiées dans C:\Windows\tasks

    [07/09/2009 22:20][--ah-----] C:\Windows\tasks\User_Feed_Synchronization-{FA9675CE-1F6B-4A41-9C4F-BA729101CF90}.job
    [07/09/2009 22:17][--ah-----] C:\Windows\tasks\SA.DAT
    [07/09/2009 17:46][--a------] C:\Windows\tasks\SCHEDLGU.TXT

    --------------------\\ Listing des dossiers dans C:\ProgramData

    [07/11/2008|16:58] C:\ProgramData\{B3C2C1CD-6B77-4A96-B670-F734AC2A1CBC}
    [03/12/2008|19:02] C:\ProgramData\Adobe
    [06/01/2008|16:52] C:\ProgramData\Apple
    [06/01/2008|16:58] C:\ProgramData\Apple Computer
    [02/11/2006|15:02] C:\ProgramData\Application Data
    [05/01/2008|12:04] C:\ProgramData\Bureau
    [02/11/2006|15:02] C:\ProgramData\Desktop
    [02/11/2006|15:02] C:\ProgramData\Documents
    [07/02/2009|20:05] C:\ProgramData\eMule
    [05/01/2008|12:04] C:\ProgramData\Favoris
    [02/11/2006|15:02] C:\ProgramData\Favorites
    [28/02/2009|13:24] C:\ProgramData\Google
    [25/06/2009|22:22] C:\ProgramData\great hole
    [05/01/2008|12:15] C:\ProgramData\Hewlett-Packard
    [07/09/2007|01:25] C:\ProgramData\HP
    [07/09/2007|01:26] C:\ProgramData\hpzinstall.log
    [26/02/2009|14:26] C:\ProgramData\LUUnInstall.LiveUpdate
    [05/01/2008|12:04] C:\ProgramData\Menu D‚marrer
    [06/10/2008|19:07] C:\ProgramData\Messenger Plus!
    [17/03/2008|21:00] C:\ProgramData\Microsoft
    [23/06/2009|19:14] C:\ProgramData\Microsoft Help
    [05/01/2008|12:04] C:\ProgramData\ModŠles
    [07/09/2007|01:34] C:\ProgramData\muvee Technologies
    [26/02/2009|14:19] C:\ProgramData\Norton
    [26/02/2009|14:19] C:\ProgramData\NortonInstaller
    [15/02/2009|10:59] C:\ProgramData\NVIDIA
    [07/09/2007|01:40] C:\ProgramData\PC-Doctor
    [26/02/2009|14:19] C:\ProgramData\PCSettings
    [24/09/2008|09:38] C:\ProgramData\Roxio
    [09/02/2009|19:40] C:\ProgramData\Skyline
    [07/09/2007|01:26] C:\ProgramData\Sonic
    [31/08/2009|13:31] C:\ProgramData\Spybot - Search & Destroy
    [02/11/2006|15:02] C:\ProgramData\Start Menu
    [26/02/2009|14:33] C:\ProgramData\Symantec
    [26/02/2009|14:17] C:\ProgramData\Symantec Temporary Files
    [02/11/2006|15:02] C:\ProgramData\Templates
    [29/08/2009|14:50] C:\ProgramData\WindowsSearch
    [14/01/2008|18:03] C:\ProgramData\WLInstaller

    --------------------\\ Listing des dossiers dans C:\Program Files

    [07/11/2008|16:58] C:\Program Files\Activation Assistant for the 2007 Microsoft Office suites
    [03/12/2008|19:01] C:\Program Files\Adobe
    [12/08/2009|15:15] C:\Program Files\Apple Software Update
    [08/08/2009|18:52] C:\Program Files\Ask Search Assistant
    [25/06/2009|22:11] C:\Program Files\AxBx
    [11/04/2009|19:50] C:\Program Files\Circl Developement
    [26/02/2009|14:25] C:\Program Files\Common Files
    [07/09/2007|10:30] C:\Program Files\EasyBits
    [07/02/2009|20:05] C:\Program Files\eMule
    [05/01/2008|12:04] C:\Program Files\Fichiers communs [C:\Program Files\Common Files]
    [28/02/2009|13:25] C:\Program Files\Google
    [07/09/2007|01:42] C:\Program Files\Hewlett-Packard
    [09/05/2009|17:31] C:\Program Files\HP
    [15/03/2008|15:44] C:\Program Files\InstallShield Installation Information
    [30/07/2009|10:26] C:\Program Files\Internet Explorer
    [02/04/2008|11:36] C:\Program Files\iPod
    [02/04/2008|11:36] C:\Program Files\iTunes
    [29/10/2008|19:12] C:\Program Files\Java
    [29/10/2008|18:53] C:\Program Files\LimeWire
    [08/08/2009|18:52] C:\Program Files\Messenger Plus! Live
    [02/11/2006|14:37] C:\Program Files\Microsoft Games
    [10/01/2008|19:02] C:\Program Files\Microsoft Office
    [23/06/2009|19:11] C:\Program Files\Microsoft Works
    [10/01/2008|19:02] C:\Program Files\Microsoft.NET
    [17/06/2009|00:08] C:\Program Files\Movie Maker
    [07/09/2009|22:15] C:\Program Files\Mozilla Firefox
    [02/11/2006|14:37] C:\Program Files\MSBuild
    [05/01/2008|12:46] C:\Program Files\MSXML 4.0
    [07/09/2007|01:34] C:\Program Files\muvee Technologies
    [31/08/2009|16:06] C:\Program Files\Navilog1
    [26/02/2009|14:30] C:\Program Files\Norton Internet Security
    [26/02/2009|14:19] C:\Program Files\NortonInstaller
    [12/01/2008|18:43] C:\Program Files\OpenOffice.org 2.3
    [07/09/2007|01:58] C:\Program Files\PC-Doctor 5 for Windows
    [02/04/2008|11:34] C:\Program Files\QuickTime
    [09/05/2009|17:17] C:\Program Files\Realtek
    [02/11/2006|14:37] C:\Program Files\Reference Assemblies
    [07/09/2007|01:32] C:\Program Files\Roxio
    [02/04/2008|11:40] C:\Program Files\Safari
    [07/09/2007|01:44] C:\Program Files\Services en ligne
    [28/12/2008|11:47] C:\Program Files\Skyline
    [31/08/2009|13:28] C:\Program Files\Spybot - Search & Destroy
    [26/03/2009|20:29] C:\Program Files\Symantec
    [06/03/2008|19:47] C:\Program Files\Toshiba
    [04/09/2009|19:36] C:\Program Files\trend micro
    [02/11/2006|15:01] C:\Program Files\Uninstall Information
    [16/03/2008|16:08] C:\Program Files\VideoLAN
    [17/06/2009|00:08] C:\Program Files\Windows Calendar
    [17/06/2009|00:08] C:\Program Files\Windows Collaboration
    [17/06/2009|00:08] C:\Program Files\Windows Defender
    [17/06/2009|00:08] C:\Program Files\Windows Journal
    [05/01/2008|13:12] C:\Program Files\Windows Live
    [17/06/2009|00:08] C:\Program Files\Windows Mail
    [13/08/2009|18:12] C:\Program Files\Windows Media Player
    [05/01/2008|12:04] C:\Program Files\Windows NT
    [17/06/2009|00:08] C:\Program Files\Windows Photo Gallery
    [17/06/2009|00:08] C:\Program Files\Windows Sidebar

    --------------------\\ Listing des dossiers dans C:\Program Files\Common Files

    [03/12/2008|19:02] C:\Program Files\Common Files\Adobe
    [06/01/2008|16:52] C:\Program Files\Common Files\Apple
    [10/01/2008|19:02] C:\Program Files\Common Files\DESIGNER
    [07/09/2007|01:25] C:\Program Files\Common Files\HP
    [20/01/2008|20:10] C:\Program Files\Common Files\InstallShield
    [07/09/2007|01:33] C:\Program Files\Common Files\LightScribe
    [07/09/2007|01:33] C:\Program Files\Common Files\LS Getting Started
    [23/06/2009|19:12] C:\Program Files\Common Files\microsoft shared
    [07/09/2007|01:34] C:\Program Files\Common Files\muvee Technologies
    [07/09/2007|01:32] C:\Program Files\Common Files\PX Storage Engine
    [07/09/2007|01:32] C:\Program Files\Common Files\Roxio Shared
    [02/11/2006|13:18] C:\Program Files\Common Files\Services
    [15/03/2008|15:44] C:\Program Files\Common Files\snp2std
    [07/09/2007|01:32] C:\Program Files\Common Files\Sonic Shared
    [02/11/2006|13:18] C:\Program Files\Common Files\SpeechEngines
    [07/09/2007|01:27] C:\Program Files\Common Files\SureThing Shared
    [26/02/2009|14:58] C:\Program Files\Common Files\Symantec Shared
    [17/06/2009|00:08] C:\Program Files\Common Files\System
    [05/01/2008|13:11] C:\Program Files\Common Files\WindowsLiveInstaller

    --------------------\\ Process

    ( 69 Processes )

    ... OK !

    --------------------\\ Recherche avec S_Lop

    Aucun fichier / dossier Lop trouvé !

    --------------------\\ Recherche de Fichiers / Dossiers Lop

    Aucun fichier / dossier Lop trouvé !

    --------------------\\ Verification du Registre

    ..... OK !

    --------------------\\ Verification du fichier Hosts

    Fichier Hosts PROPRE


    --------------------\\ Recherche de fichiers avec Catchme

    catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
    Rootkit scan 2009-09-07 23:04:15
    Windows 6.0.6001 Service Pack 1 NTFS
    scanning hidden processes ...
    scanning hidden files ...
    scan completed successfully
    hidden processes: 0
    hidden files: 1374

    --------------------\\ Recherche d'autres infections


    Aucune autre infection trouvée !

    [F:209][D:13]-> C:\Users\BURNEL~1\AppData\Local\Temp
    [F:386][D:1]-> C:\Users\BURNEL~1\AppData\Roaming\MICROS~1\Windows\Cookies
    [F:2430][D:12]-> C:\Users\BURNEL~1\AppData\Local\MICROS~1\Windows\TEMPOR~1\content.IE5
    [F:40][D:6]-> C:\$Recycle.Bin

    1 - "C:\Lop SD\LopR_1.txt" - 07/09/2009|19:45 - Option : [1]
    2 - "C:\Lop SD\LopR_2.txt" - 07/09/2009|23:09 - Option : [2]

    --------------------\\ Fin du rapport a 23:09:45
    [ UAC => 1 ]

    a b 8 Sécurité
    8 Septembre 2009 21:17:12

    Reposte un rapport Hijackthis.
    10 Septembre 2009 17:54:58

    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 19:38:30, on 04/09/2009
    Platform: Windows Vista SP1 (WinNT 6.00.1905)
    MSIE: Internet Explorer v7.00 (7.00.6001.18294)
    Boot mode: Normal

    Running processes:
    C:\Windows\System32\smss.exe
    C:\Windows\system32\csrss.exe
    C:\Windows\system32\wininit.exe
    C:\Windows\system32\csrss.exe
    C:\Windows\system32\services.exe
    C:\Windows\system32\lsass.exe
    C:\Windows\system32\lsm.exe
    C:\Windows\system32\winlogon.exe
    C:\Windows\system32\svchost.exe
    C:\Windows\system32\nvvsvc.exe
    C:\Windows\system32\svchost.exe
    C:\Windows\System32\svchost.exe
    C:\Windows\System32\svchost.exe
    C:\Windows\system32\svchost.exe
    C:\Windows\system32\SLsvc.exe
    C:\Windows\system32\svchost.exe
    C:\Windows\system32\rundll32.exe
    C:\Windows\system32\svchost.exe
    C:\Windows\System32\spoolsv.exe
    C:\Windows\system32\svchost.exe
    C:\Windows\system32\taskeng.exe
    C:\Windows\system32\Dwm.exe
    C:\Windows\Explorer.EXE
    C:\hp\support\hpsysdrv.exe
    C:\Program Files\Hewlett-Packard\On-Screen OSD Indicator\OSD.exe
    C:\Windows\RtHDVCpl.exe
    C:\Windows\vVX1000.exe
    C:\Windows\tsnp2std.exe
    C:\Windows\vsnp2std.exe
    C:\Program Files\iTunes\iTunesHelper.exe
    C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
    C:\Program Files\Java\jre6\bin\jusched.exe
    C:\Windows\System32\rundll32.exe
    C:\Program Files\HP\HP Software Update\hpwuSchd2.exe
    C:\Program Files\Windows Sidebar\sidebar.exe
    C:\Program Files\Hewlett-Packard\HP Advisor\HPAdvisor.exe
    C:\Program Files\Windows Live\Messenger\msnmsgr.exe
    C:\Windows\ehome\ehtray.exe
    C:\Program Files\Windows Media Player\wmpnscfg.exe
    C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
    C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
    c:\Program Files\Common Files\LightScribe\LSSrvc.exe
    C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
    C:\Program Files\Norton Internet Security\Engine\16.5.0.135\ccSvcHst.exe
    C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
    C:\Windows\system32\svchost.exe
    C:\Windows\system32\svchost.exe
    C:\Windows\System32\svchost.exe
    C:\Windows\system32\SearchIndexer.exe
    C:\Windows\system32\WUDFHost.exe
    C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe
    C:\Windows\ehome\ehmsas.exe
    C:\Windows\System32\mobsync.exe
    C:\Program Files\OpenOffice.org 2.3\program\soffice.exe
    C:\Program Files\Norton Internet Security\Engine\16.5.0.135\ccSvcHst.exe
    C:\Program Files\Windows Media Player\wmpnetwk.exe
    C:\Windows\system32\taskeng.exe
    C:\Program Files\OpenOffice.org 2.3\program\soffice.BIN
    C:\Program Files\iPod\bin\iPodService.exe
    C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
    C:\Windows\system32\rundll32.exe
    c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe
    C:\Windows\system32\wuauclt.exe
    C:\Program Files\Java\jre6\bin\jucheck.exe
    C:\Program Files\Windows Live\Messenger\usnsvc.exe
    C:\Program Files\Mozilla Firefox\firefox.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
    C:\Windows\system32\wbem\wmiprvse.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.plusnetwork.com
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&loca...
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&loca...
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
    O1 - Hosts: ::1 localhost
    O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
    O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O2 - BHO: Symantec NCO BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files\Norton Internet Security\Engine\16.5.0.135\coIEPlg.dll
    O2 - BHO: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files\Norton Internet Security\Engine\16.5.0.135\IPSBHO.DLL
    O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
    O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
    O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
    O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.2.4204.1700\swg.dll
    O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_B7C5AC242193BB3E.dll
    O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
    O3 - Toolbar: Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton Internet Security\Engine\16.5.0.135\coIEPlg.dll
    O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
    O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
    O4 - HKLM\..\Run: [hpsysdrv] c:\hp\support\hpsysdrv.exe
    O4 - HKLM\..\Run: [OsdMaestro] "C:\Program Files\Hewlett-Packard\On-Screen OSD Indicator\OSD.exe"
    O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
    O4 - HKLM\..\Run: [HP Health Check Scheduler] c:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe
    O4 - HKLM\..\Run: [SunJavaUpdateReg] "C:\Windows\system32\jureg.exe" -delete
    O4 - HKLM\..\Run: [VX1000] C:\Windows\vVX1000.exe
    O4 - HKLM\..\Run: [tsnp2std] C:\Windows\tsnp2std.exe
    O4 - HKLM\..\Run: [snp2std] C:\Windows\vsnp2std.exe
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
    O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
    O4 - HKLM\..\Run: [Symantec PIF AlertEng] "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" /a /m "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\AlertEng.dll"
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
    O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
    O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
    O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
    O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
    O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
    O4 - HKCU\..\Run: [HPAdvisor] C:\Program Files\Hewlett-Packard\HP Advisor\HPAdvisor.exe autoRun
    O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
    O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
    O4 - HKCU\..\Run: [cdromloud] "C:\ProgramData\borebuildbuild.9ift7"
    O4 - HKCU\..\Run: [Help Creative Meow City] "C:\ProgramData\CAMP SIGN BIRD.9cymss"
    O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
    O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
    O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL')
    O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL')
    O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU')
    O4 - Startup: OneNote 2007 - Capture d'écran et lancement.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
    O4 - Startup: OpenOffice.org 2.3.lnk = C:\Program Files\OpenOffice.org 2.3\program\quickstart.exe
    O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
    O9 - Extra button: Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
    O9 - Extra 'Tools' menuitem: &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
    O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
    O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O13 - Gopher Prefix:
    O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} (Facebook Photo Uploader 5 Control) - http://upload.facebook.com/controls/2008.10.10_v5.5.8/F...
    O18 - Protocol: symres - {AA1061FE-6C41-421F-9344-69640C9732AB} - C:\Program Files\Norton Internet Security\Engine\16.5.0.135\coIEPlg.dll
    O20 - AppInit_DLLs: C:\Windows\System32\iasads32.dll
    O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
    O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
    O23 - Service: HP Health Check Service - Hewlett-Packard - c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - c:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
    O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
    O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - c:\Program Files\Common Files\LightScribe\LSSrvc.exe
    O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
    O23 - Service: LiveUpdate Notice Service Ex (LiveUpdate Notice Ex) - Unknown owner - c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (file missing)
    O23 - Service: LiveUpdate Notice Service - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
    O23 - Service: Norton Internet Security - Symantec Corporation - C:\Program Files\Norton Internet Security\Engine\16.5.0.135\ccSvcHst.exe
    O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
    O23 - Service: Planificateur LiveUpdate automatique - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
    O23 - Service: RoxMediaDB9 - Sonic Solutions - c:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe
    O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe
    O23 - Service: stllssvr - MicroVision Development, Inc. - c:\Program Files\Common Files\SureThing Shared\stllssvr.exe

    --
    End of file - 11736 bytes
    10 Septembre 2009 17:55:48

    Voilà, je viens de poster un autre rapport HijackThis.
    11 Septembre 2009 10:19:29

    Le virus persiste toujours et attaque de plus en plus l'ordianteur.
    a b 8 Sécurité
    11 Septembre 2009 19:16:25

    Re,

    Refais un scan LopS&D option 1.

    &

    Télécharge MalwareByte's Anti-Malware sur ton Bureau.

  • Installe-le en double-cliquant sur le fichier Download_mbam-setup.exe.
  • Exécute maintenant MalwareByte's Anti-Malware. Si cela n'est pas déjà fait, sélectionne "Exécuter un examen complet".
  • Afin de lancer la recherche, clic sur"Rechercher".
  • Une fois le scan terminé, une fenêtre s'ouvre, clic sur OK. Deux possibilités s'offrent à toi :

    ~ Si le programme n'a rien trouvé, appuie sur OK. Un rapport va apparaître, ferme-le.
    ~~ Si des infections sont présentes, clic sur "Afficher les résultats" puis sur "Supprimer la sélection". Enregistre le rapport sur ton Bureau.
    ~~~~ Fais redémarrer ton ordinateur normalement et poste le rapport dans ta prochaine réponse.

    REMARQUE : Si MalwareByte's Anti-Malware a besoin de redémarrer pour terminer la suppression, accepte en cliquant sur Ok.[/#f]

    Note : Si tu ne parviens à télécharger MBAM à part de MajorGeeks, tu peux le télécharger ici!

    [#FF0000]Aide
    :
  • Comment utiliser MBAM.
  • Comment faire démarrer son ordinateur en mode sans échec.
    12 Septembre 2009 20:28:39

    Le scan LopS&D ne fonctionne pas

    13 Septembre 2009 16:06:43

    C'est le rapport Malware





    Malwarebytes' Anti-Malware 1.41
    Version de la base de données: 2785
    Windows 6.0.6001 Service Pack 1

    13/09/2009 16:05:53
    mbam-log-2009-09-13 (16-05-53).txt

    Type de recherche: Examen complet (C:\|D:\|E:\|F:\|G:\|H:\|I:\|)
    Eléments examinés: 255981
    Temps écoulé: 2 hour(s), 37 minute(s), 41 second(s)

    Processus mémoire infecté(s): 0
    Module(s) mémoire infecté(s): 0
    Clé(s) du Registre infectée(s): 1
    Valeur(s) du Registre infectée(s): 1
    Elément(s) de données du Registre infecté(s): 0
    Dossier(s) infecté(s): 1
    Fichier(s) infecté(s): 44

    Processus mémoire infecté(s):
    (Aucun élément nuisible détecté)

    Module(s) mémoire infecté(s):
    (Aucun élément nuisible détecté)

    Clé(s) du Registre infectée(s):
    HKEY_CURRENT_USER\SOFTWARE\fcn (Rogue.Residue) -> Quarantined and deleted successfully.

    Valeur(s) du Registre infectée(s):
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\sunjavaupdatesched (Trojan.Agent) -> Quarantined and deleted successfully.

    Elément(s) de données du Registre infecté(s):
    (Aucun élément nuisible détecté)

    Dossier(s) infecté(s):
    C:\Windows\System32\LocalService (Worm.Archive) -> Quarantined and deleted successfully.

    Fichier(s) infecté(s):
    C:\Users\Burnel's family\AppData\Local\Temp\29CD.tmp (Trojan.Dropper) -> Quarantined and deleted successfully.
    C:\Users\Burnel's family\AppData\Local\Temp\29DD.tmp (Trojan.Dropper) -> Quarantined and deleted successfully.
    C:\Users\Burnel's family\AppData\Local\Temp\43A4.tmp (Trojan.Dropper) -> Quarantined and deleted successfully.
    C:\Users\Burnel's family\AppData\Local\Temp\4827.tmp (Trojan.Dropper) -> Quarantined and deleted successfully.
    C:\Users\Burnel's family\AppData\Local\Temp\49C0.tmp (Trojan.Dropper) -> Quarantined and deleted successfully.
    C:\Users\Burnel's family\AppData\Local\Temp\4D0.tmp (Trojan.Dropper) -> Quarantined and deleted successfully.
    C:\Users\Burnel's family\AppData\Local\Temp\54F3.tmp (Trojan.Dropper) -> Quarantined and deleted successfully.
    C:\Users\Burnel's family\AppData\Local\Temp\5781.tmp (Trojan.Dropper) -> Quarantined and deleted successfully.
    C:\Users\Burnel's family\AppData\Local\Temp\59F1.tmp (Trojan.Dropper) -> Quarantined and deleted successfully.
    C:\Users\Burnel's family\AppData\Local\Temp\5BA.tmp (Trojan.Dropper) -> Quarantined and deleted successfully.
    C:\Users\Burnel's family\AppData\Local\Temp\5E93.tmp (Trojan.Dropper) -> Quarantined and deleted successfully.
    C:\Users\Burnel's family\AppData\Local\Temp\6160.tmp (Trojan.Dropper) -> Quarantined and deleted successfully.
    C:\Users\Burnel's family\AppData\Local\Temp\7A01.tmp (Trojan.Dropper) -> Quarantined and deleted successfully.
    C:\Users\Burnel's family\AppData\Local\Temp\7E0D.tmp (Trojan.Dropper) -> Quarantined and deleted successfully.
    C:\Users\Burnel's family\AppData\Local\Temp\7EDF.tmp (Trojan.Dropper) -> Quarantined and deleted successfully.
    C:\Users\Burnel's family\AppData\Local\Temp\8259.tmp (Trojan.Dropper) -> Quarantined and deleted successfully.
    C:\Users\Burnel's family\AppData\Local\Temp\9D38.tmp (Trojan.Dropper) -> Quarantined and deleted successfully.
    C:\Users\Burnel's family\AppData\Local\Temp\A9C9.tmp (Trojan.Dropper) -> Quarantined and deleted successfully.
    C:\Users\Burnel's family\AppData\Local\Temp\C024.tmp (Trojan.Dropper) -> Quarantined and deleted successfully.
    C:\Users\Burnel's family\AppData\Local\Temp\D5C8.tmp (Trojan.Dropper) -> Quarantined and deleted successfully.
    C:\Users\Burnel's family\AppData\Local\Temp\D6ED.tmp (Trojan.Dropper) -> Quarantined and deleted successfully.
    C:\Users\Burnel's family\AppData\Local\Temp\D9E4.tmp (Trojan.Dropper) -> Quarantined and deleted successfully.
    C:\Users\Burnel's family\AppData\Local\Temp\EEB1.tmp (Trojan.Dropper) -> Quarantined and deleted successfully.
    C:\Users\Yon Dos\AppData\Local\Temp\7BA7.tmp (Trojan.Dropper) -> Quarantined and deleted successfully.
    C:\Windows\System32\558E.tmp (Worm.P2P) -> Quarantined and deleted successfully.
    C:\Windows\System32\LocalService\277.crack.zip (Worm.Archive) -> Quarantined and deleted successfully.
    C:\Windows\System32\LocalService\277.crack.zip.kwd (Worm.Archive) -> Quarantined and deleted successfully.
    C:\Windows\System32\LocalService\278.keygen.zip (Worm.Archive) -> Quarantined and deleted successfully.
    C:\Windows\System32\LocalService\278.keygen.zip.kwd (Worm.Archive) -> Quarantined and deleted successfully.
    C:\Windows\System32\LocalService\279.serial.zip (Worm.Archive) -> Quarantined and deleted successfully.
    C:\Windows\System32\LocalService\279.serial.zip.kwd (Worm.Archive) -> Quarantined and deleted successfully.
    C:\Windows\System32\LocalService\280.setup.zip (Worm.Archive) -> Quarantined and deleted successfully.
    C:\Windows\System32\LocalService\280.setup.zip.kwd (Worm.Archive) -> Quarantined and deleted successfully.
    C:\Windows\System32\LocalService\281.music.au (Worm.Archive) -> Quarantined and deleted successfully.
    C:\Windows\System32\LocalService\281.music.au.kwd (Worm.Archive) -> Quarantined and deleted successfully.
    C:\Windows\System32\LocalService\282.music2.au (Worm.Archive) -> Quarantined and deleted successfully.
    C:\Windows\System32\LocalService\282.music2.au.kwd (Worm.Archive) -> Quarantined and deleted successfully.
    C:\Windows\System32\LocalService\283.music3.au (Worm.Archive) -> Quarantined and deleted successfully.
    C:\Windows\System32\LocalService\283.music3.au.kwd (Worm.Archive) -> Quarantined and deleted successfully.
    C:\Windows\System32\LocalService\284.music4.au (Worm.Archive) -> Quarantined and deleted successfully.
    C:\Windows\System32\LocalService\284.music4.au.kwd (Worm.Archive) -> Quarantined and deleted successfully.
    C:\Windows\System32\GroupPolicy000.dat (Malware.Trace) -> Quarantined and deleted successfully.
    C:\Windows\GnuHashes.ini (Malware.Trace) -> Quarantined and deleted successfully.
    C:\Program Files\Java\jre6\bin\jusched.exe (Trojan.Agent) -> Delete on reboot.
    13 Septembre 2009 16:45:06

    Le log vient de marcher finalement, je sais pas si c'est grave si je les fait avant le rapport Malware.

    --------------------\\ Lop S&D 4.2.5-0 XP/Vista

    Microsoft® Windows Vista™ Édition Familiale Premium ( v6.0.6001 ) Service Pack 1
    X86-based PC ( Multiprocessor Free : AMD Sempron(tm) Processor 3800+ )
    BIOS : Phoenix - AwardBIOS v6.00PG
    USER : Burnel's family ( Not Administrator ! )
    BOOT : Normal boot
    Antivirus : Norton Internet Security 16.2.0.7 (Activated)
    Firewall : Norton Internet Security 16.2.0.7 (Activated)
    C:\ (Local Disk) - NTFS - Total:141 Go (Free:85 Go)
    D:\ (Local Disk) - NTFS - Total:7 Go (Free:0 Go)
    E:\ (CD or DVD)
    F:\ (USB)
    G:\ (USB)
    H:\ (USB)
    I:\ (USB)

    "C:\Lop SD" ( MAJ : 19-12-2008|23:40 )
    Option : [1] ( 13/09/2009|16:26 )

    [ UAC => 1 ]

    --------------------\\ Listing des dossiers dans Local

    [27/04/2009|18:15] C:\Users\BURNEL~1\AppData\Local\Adobe
    [06/01/2008|16:54] C:\Users\BURNEL~1\AppData\Local\Apple
    [02/04/2008|18:40] C:\Users\BURNEL~1\AppData\Local\Apple Computer
    [05/01/2008|12:07] C:\Users\BURNEL~1\AppData\Local\Application Data
    [04/09/2008|23:03] C:\Users\BURNEL~1\AppData\Local\d3d9caps.dat
    [08/08/2009|12:11] C:\Users\BURNEL~1\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
    [23/06/2009|20:40] C:\Users\BURNEL~1\AppData\Local\GDIPFONTCACHEV1.DAT
    [05/06/2008|18:18] C:\Users\BURNEL~1\AppData\Local\gnc.exe
    [10/09/2009|18:16] C:\Users\BURNEL~1\AppData\Local\Google
    [05/01/2008|12:15] C:\Users\BURNEL~1\AppData\Local\Hewlett-Packard
    [05/01/2008|12:07] C:\Users\BURNEL~1\AppData\Local\Historique
    [15/01/2008|18:48] C:\Users\BURNEL~1\AppData\Local\HP
    [13/09/2009|16:07] C:\Users\BURNEL~1\AppData\Local\IconCache.db
    [31/08/2009|15:20] C:\Users\BURNEL~1\AppData\Local\Microsoft
    [04/03/2008|20:31] C:\Users\BURNEL~1\AppData\Local\Microsoft Games
    [24/05/2008|09:09] C:\Users\BURNEL~1\AppData\Local\Microsoft Help
    [05/01/2008|13:22] C:\Users\BURNEL~1\AppData\Local\Mozilla
    [07/11/2008|16:57] C:\Users\BURNEL~1\AppData\Local\Seven Zip
    [13/09/2009|16:25] C:\Users\BURNEL~1\AppData\Local\Temp
    [05/01/2008|12:07] C:\Users\BURNEL~1\AppData\Local\Temporary Internet Files
    [15/02/2009|14:31] C:\Users\BURNEL~1\AppData\Local\VirtualStore

    --------------------\\ Tâches planifiées dans C:\Windows\tasks

    [13/09/2009 15:12][--ah-----] C:\Windows\tasks\User_Feed_Synchronization-{FA9675CE-1F6B-4A41-9C4F-BA729101CF90}.job
    [13/09/2009 16:10][--ah-----] C:\Windows\tasks\SA.DAT
    [13/09/2009 16:08][--a------] C:\Windows\tasks\SCHEDLGU.TXT

    --------------------\\ Listing des dossiers dans C:\ProgramData

    [07/11/2008|16:58] C:\ProgramData\{B3C2C1CD-6B77-4A96-B670-F734AC2A1CBC}
    [03/12/2008|19:02] C:\ProgramData\Adobe
    [06/01/2008|16:52] C:\ProgramData\Apple
    [06/01/2008|16:58] C:\ProgramData\Apple Computer
    [02/11/2006|15:02] C:\ProgramData\Application Data
    [05/01/2008|12:04] C:\ProgramData\Bureau
    [02/11/2006|15:02] C:\ProgramData\Desktop
    [02/11/2006|15:02] C:\ProgramData\Documents
    [07/02/2009|20:05] C:\ProgramData\eMule
    [05/01/2008|12:04] C:\ProgramData\Favoris
    [02/11/2006|15:02] C:\ProgramData\Favorites
    [10/09/2009|18:16] C:\ProgramData\Google
    [25/06/2009|22:22] C:\ProgramData\great hole
    [05/01/2008|12:15] C:\ProgramData\Hewlett-Packard
    [07/09/2007|01:25] C:\ProgramData\HP
    [07/09/2007|01:26] C:\ProgramData\hpzinstall.log
    [26/02/2009|14:26] C:\ProgramData\LUUnInstall.LiveUpdate
    [12/09/2009|20:33] C:\ProgramData\Malwarebytes
    [05/01/2008|12:04] C:\ProgramData\Menu D‚marrer
    [06/10/2008|19:07] C:\ProgramData\Messenger Plus!
    [17/03/2008|21:00] C:\ProgramData\Microsoft
    [23/06/2009|19:14] C:\ProgramData\Microsoft Help
    [05/01/2008|12:04] C:\ProgramData\ModŠles
    [07/09/2007|01:34] C:\ProgramData\muvee Technologies
    [26/02/2009|14:19] C:\ProgramData\Norton
    [26/02/2009|14:19] C:\ProgramData\NortonInstaller
    [15/02/2009|10:59] C:\ProgramData\NVIDIA
    [07/09/2007|01:40] C:\ProgramData\PC-Doctor
    [26/02/2009|14:19] C:\ProgramData\PCSettings
    [24/09/2008|09:38] C:\ProgramData\Roxio
    [09/02/2009|19:40] C:\ProgramData\Skyline
    [07/09/2007|01:26] C:\ProgramData\Sonic
    [31/08/2009|13:31] C:\ProgramData\Spybot - Search & Destroy
    [02/11/2006|15:02] C:\ProgramData\Start Menu
    [26/02/2009|14:33] C:\ProgramData\Symantec
    [26/02/2009|14:17] C:\ProgramData\Symantec Temporary Files
    [02/11/2006|15:02] C:\ProgramData\Templates
    [29/08/2009|14:50] C:\ProgramData\WindowsSearch
    [14/01/2008|18:03] C:\ProgramData\WLInstaller

    --------------------\\ Listing des dossiers dans C:\Program Files

    [07/11/2008|16:58] C:\Program Files\Activation Assistant for the 2007 Microsoft Office suites
    [03/12/2008|19:01] C:\Program Files\Adobe
    [12/08/2009|15:15] C:\Program Files\Apple Software Update
    [11/04/2009|19:50] C:\Program Files\Circl Developement
    [26/02/2009|14:25] C:\Program Files\Common Files
    [07/09/2007|10:30] C:\Program Files\EasyBits
    [07/02/2009|20:05] C:\Program Files\eMule
    [05/01/2008|12:04] C:\Program Files\Fichiers communs [C:\Program Files\Common Files]
    [07/09/2007|01:42] C:\Program Files\Hewlett-Packard
    [09/05/2009|17:31] C:\Program Files\HP
    [15/03/2008|15:44] C:\Program Files\InstallShield Installation Information
    [30/07/2009|10:26] C:\Program Files\Internet Explorer
    [02/04/2008|11:36] C:\Program Files\iPod
    [02/04/2008|11:36] C:\Program Files\iTunes
    [29/10/2008|19:12] C:\Program Files\Java
    [29/10/2008|18:53] C:\Program Files\LimeWire
    [12/09/2009|20:33] C:\Program Files\Malwarebytes' Anti-Malware
    [08/08/2009|18:52] C:\Program Files\Messenger Plus! Live
    [02/11/2006|14:37] C:\Program Files\Microsoft Games
    [10/01/2008|19:02] C:\Program Files\Microsoft Office
    [23/06/2009|19:11] C:\Program Files\Microsoft Works
    [10/01/2008|19:02] C:\Program Files\Microsoft.NET
    [17/06/2009|00:08] C:\Program Files\Movie Maker
    [07/09/2009|22:15] C:\Program Files\Mozilla Firefox
    [02/11/2006|14:37] C:\Program Files\MSBuild
    [05/01/2008|12:46] C:\Program Files\MSXML 4.0
    [07/09/2007|01:34] C:\Program Files\muvee Technologies
    [31/08/2009|16:06] C:\Program Files\Navilog1
    [26/02/2009|14:30] C:\Program Files\Norton Internet Security
    [26/02/2009|14:19] C:\Program Files\NortonInstaller
    [12/01/2008|18:43] C:\Program Files\OpenOffice.org 2.3
    [07/09/2007|01:58] C:\Program Files\PC-Doctor 5 for Windows
    [02/04/2008|11:34] C:\Program Files\QuickTime
    [09/05/2009|17:17] C:\Program Files\Realtek
    [02/11/2006|14:37] C:\Program Files\Reference Assemblies
    [07/09/2007|01:32] C:\Program Files\Roxio
    [02/04/2008|11:40] C:\Program Files\Safari
    [07/09/2007|01:44] C:\Program Files\Services en ligne
    [28/12/2008|11:47] C:\Program Files\Skyline
    [31/08/2009|13:28] C:\Program Files\Spybot - Search & Destroy
    [11/09/2009|09:45] C:\Program Files\Symantec
    [06/03/2008|19:47] C:\Program Files\Toshiba
    [04/09/2009|19:36] C:\Program Files\trend micro
    [02/11/2006|15:01] C:\Program Files\Uninstall Information
    [16/03/2008|16:08] C:\Program Files\VideoLAN
    [17/06/2009|00:08] C:\Program Files\Windows Calendar
    [17/06/2009|00:08] C:\Program Files\Windows Collaboration
    [17/06/2009|00:08] C:\Program Files\Windows Defender
    [17/06/2009|00:08] C:\Program Files\Windows Journal
    [05/01/2008|13:12] C:\Program Files\Windows Live
    [17/06/2009|00:08] C:\Program Files\Windows Mail
    [13/08/2009|18:12] C:\Program Files\Windows Media Player
    [05/01/2008|12:04] C:\Program Files\Windows NT
    [17/06/2009|00:08] C:\Program Files\Windows Photo Gallery
    [17/06/2009|00:08] C:\Program Files\Windows Sidebar

    --------------------\\ Listing des dossiers dans C:\Program Files\Common Files

    [03/12/2008|19:02] C:\Program Files\Common Files\Adobe
    [06/01/2008|16:52] C:\Program Files\Common Files\Apple
    [10/01/2008|19:02] C:\Program Files\Common Files\DESIGNER
    [07/09/2007|01:25] C:\Program Files\Common Files\HP
    [20/01/2008|20:10] C:\Program Files\Common Files\InstallShield
    [07/09/2007|01:33] C:\Program Files\Common Files\LightScribe
    [07/09/2007|01:33] C:\Program Files\Common Files\LS Getting Started
    [23/06/2009|19:12] C:\Program Files\Common Files\microsoft shared
    [07/09/2007|01:34] C:\Program Files\Common Files\muvee Technologies
    [07/09/2007|01:32] C:\Program Files\Common Files\PX Storage Engine
    [07/09/2007|01:32] C:\Program Files\Common Files\Roxio Shared
    [02/11/2006|13:18] C:\Program Files\Common Files\Services
    [15/03/2008|15:44] C:\Program Files\Common Files\snp2std
    [07/09/2007|01:32] C:\Program Files\Common Files\Sonic Shared
    [02/11/2006|13:18] C:\Program Files\Common Files\SpeechEngines
    [07/09/2007|01:27] C:\Program Files\Common Files\SureThing Shared
    [26/02/2009|14:58] C:\Program Files\Common Files\Symantec Shared
    [17/06/2009|00:08] C:\Program Files\Common Files\System
    [05/01/2008|13:11] C:\Program Files\Common Files\WindowsLiveInstaller

    --------------------\\ Process

    ( 72 Processes )

    ... OK !

    --------------------\\ Recherche avec S_Lop

    Aucun fichier / dossier Lop trouvé !

    --------------------\\ Recherche de Fichiers / Dossiers Lop

    Aucun fichier / dossier Lop trouvé !

    --------------------\\ Verification du Registre

    ..... OK !

    --------------------\\ Verification du fichier Hosts

    Fichier Hosts PROPRE


    --------------------\\ Recherche de fichiers avec Catchme

    catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
    Rootkit scan 2009-09-13 16:26:36
    Windows 6.0.6001 Service Pack 1 NTFS
    scanning hidden processes ...
    scanning hidden files ...
    scan completed successfully
    hidden processes: 0
    hidden files: 1374

    --------------------\\ Recherche d'autres infections


    Aucune autre infection trouvée !

    [F:214][D:14]-> C:\Users\BURNEL~1\AppData\Local\Temp
    [F:401][D:1]-> C:\Users\BURNEL~1\AppData\Roaming\MICROS~1\Windows\Cookies
    [F:162][D:12]-> C:\Users\BURNEL~1\AppData\Local\MICROS~1\Windows\TEMPOR~1\content.IE5
    [F:40][D:6]-> C:\$Recycle.Bin

    1 - "C:\Lop SD\LopR_1.txt" - 07/09/2009|19:45 - Option : [1]
    2 - "C:\Lop SD\LopR_2.txt" - 07/09/2009|23:09 - Option : [2]
    3 - "C:\Lop SD\LopR_3.txt" - 12/09/2009|23:15 - Option : [1]
    4 - "C:\Lop SD\LopR_4.txt" - 13/09/2009|16:29 - Option : [1]

    --------------------\\ Fin du rapport a 16:29:07
    [ UAC => 1 ]

    a b 8 Sécurité
    13 Septembre 2009 19:23:59

    Pour poster un rapport Hijackthis, il faut faire clic droit/exécuter en tant qu'admin pour le lancer.
    13 Septembre 2009 20:58:58

    Je pense qu'il n'y a plus de virus non?!!


    Malwarebytes' Anti-Malware 1.41
    Version de la base de données: 2785
    Windows 6.0.6001 Service Pack 1

    13/09/2009 20:54:17
    mbam-log-2009-09-13 (20-54-17).txt

    Type de recherche: Examen complet (C:\|D:\|E:\|F:\|G:\|H:\|I:\|)
    Eléments examinés: 255121
    Temps écoulé: 2 hour(s), 3 minute(s), 30 second(s)

    Processus mémoire infecté(s): 0
    Module(s) mémoire infecté(s): 0
    Clé(s) du Registre infectée(s): 0
    Valeur(s) du Registre infectée(s): 0
    Elément(s) de données du Registre infecté(s): 0
    Dossier(s) infecté(s): 0
    Fichier(s) infecté(s): 0

    Processus mémoire infecté(s):
    (Aucun élément nuisible détecté)

    Module(s) mémoire infecté(s):
    (Aucun élément nuisible détecté)

    Clé(s) du Registre infectée(s):
    (Aucun élément nuisible détecté)

    Valeur(s) du Registre infectée(s):
    (Aucun élément nuisible détecté)

    Elément(s) de données du Registre infecté(s):
    (Aucun élément nuisible détecté)

    Dossier(s) infecté(s):
    (Aucun élément nuisible détecté)

    Fichier(s) infecté(s):
    (Aucun élément nuisible détecté)
    13 Septembre 2009 21:01:20

    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 21:00:06, on 13/09/2009
    Platform: Windows Vista SP1 (WinNT 6.00.1905)
    MSIE: Internet Explorer v7.00 (7.00.6001.18294)
    Boot mode: Normal

    Running processes:
    C:\Program Files\Norton Internet Security\Engine\16.7.2.11\ccSvcHst.exe
    C:\Windows\system32\taskeng.exe
    C:\Windows\system32\Dwm.exe
    C:\Windows\Explorer.EXE
    C:\hp\support\hpsysdrv.exe
    C:\Program Files\Hewlett-Packard\On-Screen OSD Indicator\OSD.exe
    C:\Windows\RtHDVCpl.exe
    C:\Windows\system32\wuauclt.exe
    C:\Windows\vVX1000.exe
    C:\Windows\tsnp2std.exe
    C:\Windows\vsnp2std.exe
    C:\Program Files\iTunes\iTunesHelper.exe
    C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
    C:\Windows\System32\rundll32.exe
    C:\Program Files\HP\HP Software Update\hpwuSchd2.exe
    C:\Program Files\Windows Sidebar\sidebar.exe
    C:\Program Files\Hewlett-Packard\HP Advisor\HPAdvisor.exe
    C:\Program Files\Windows Live\Messenger\msnmsgr.exe
    C:\Windows\ehome\ehtray.exe
    C:\Program Files\Windows Media Player\wmpnscfg.exe
    C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
    C:\Windows\ehome\ehmsas.exe
    C:\Program Files\OpenOffice.org 2.3\program\soffice.exe
    C:\Program Files\Windows Sidebar\sidebar.exe
    C:\Program Files\OpenOffice.org 2.3\program\soffice.BIN
    C:\Windows\system32\conime.exe
    C:\Windows\system32\taskeng.exe
    C:\Program Files\trend micro\HijackThis\HijackThis.exe
    C:\Program Files\Mozilla Firefox\firefox.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.searchslate.com/wp.ashx?ref=home&id=152
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&loca...
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&loca...
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
    O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
    O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O2 - BHO: Symantec NCO BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files\Norton Internet Security\Engine\16.7.2.11\coIEPlg.dll
    O2 - BHO: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files\Norton Internet Security\Engine\16.7.2.11\IPSBHO.DLL
    O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
    O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
    O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
    O3 - Toolbar: Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton Internet Security\Engine\16.7.2.11\coIEPlg.dll
    O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
    O4 - HKLM\..\Run: [hpsysdrv] c:\hp\support\hpsysdrv.exe
    O4 - HKLM\..\Run: [OsdMaestro] "C:\Program Files\Hewlett-Packard\On-Screen OSD Indicator\OSD.exe"
    O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
    O4 - HKLM\..\Run: [HP Health Check Scheduler] c:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe
    O4 - HKLM\..\Run: [SunJavaUpdateReg] "C:\Windows\system32\jureg.exe" -delete
    O4 - HKLM\..\Run: [VX1000] C:\Windows\vVX1000.exe
    O4 - HKLM\..\Run: [tsnp2std] C:\Windows\tsnp2std.exe
    O4 - HKLM\..\Run: [snp2std] C:\Windows\vsnp2std.exe
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
    O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
    O4 - HKLM\..\Run: [Symantec PIF AlertEng] "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" /a /m "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\AlertEng.dll"
    O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
    O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
    O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
    O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
    O4 - HKLM\..\Run: [Malwarebytes Anti-Malware (reboot)] "C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscript
    O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
    O4 - HKCU\..\Run: [HPAdvisor] C:\Program Files\Hewlett-Packard\HP Advisor\HPAdvisor.exe autoRun
    O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
    O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
    O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
    O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL')
    O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL')
    O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU')
    O4 - Startup: OneNote 2007 - Capture d'écran et lancement.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
    O4 - Startup: OpenOffice.org 2.3.lnk = C:\Program Files\OpenOffice.org 2.3\program\quickstart.exe
    O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
    O9 - Extra button: Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
    O9 - Extra 'Tools' menuitem: &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
    O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
    O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O13 - Gopher Prefix:
    O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} (Facebook Photo Uploader 5 Control) - http://upload.facebook.com/controls/2008.10.10_v5.5.8/F...
    O18 - Protocol: symres - {AA1061FE-6C41-421F-9344-69640C9732AB} - C:\Program Files\Norton Internet Security\Engine\16.7.2.11\coIEPlg.dll
    O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
    O23 - Service: HP Health Check Service - Hewlett-Packard - c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - c:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
    O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
    O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - c:\Program Files\Common Files\LightScribe\LSSrvc.exe
    O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
    O23 - Service: LiveUpdate Notice Service Ex (LiveUpdate Notice Ex) - Unknown owner - c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (file missing)
    O23 - Service: LiveUpdate Notice Service - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
    O23 - Service: Norton Internet Security - Symantec Corporation - C:\Program Files\Norton Internet Security\Engine\16.7.2.11\ccSvcHst.exe
    O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
    O23 - Service: Planificateur LiveUpdate automatique - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
    O23 - Service: RoxMediaDB9 - Sonic Solutions - c:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe
    O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe
    O23 - Service: stllssvr - MicroVision Development, Inc. - c:\Program Files\Common Files\SureThing Shared\stllssvr.exe

    --
    End of file - 9043 bytes








    Voilà le rapport Hijackthis, ya t'il encore des virus ou pas?
    a b 8 Sécurité
    14 Septembre 2009 21:53:24

    Tu as encore des pubs ? Sur tous les sites ?
    a b 8 Sécurité
    18 Septembre 2009 19:21:32

    Des questions ? :) 
    18 Septembre 2009 20:51:57

    Pas pour le moment merci de ton aide.
    a b 8 Sécurité
    20 Septembre 2009 22:30:03

    Bon surf ;) 
    Tom's guide dans le monde
    • Allemagne
    • Italie
    • Irlande
    • Royaume Uni
    • Etats Unis
    Suivre Tom's Guide
    Inscrivez-vous à la Newsletter
    • ajouter à twitter
    • ajouter à facebook
    • ajouter un flux RSS