Se connecter / S'enregistrer
Votre question

help j'ai sans arret des fenetres qui s'ouvrent avec entête CID

Tags :
  • Sécurité
Dernière réponse : dans Sécurité et virus
7 Juin 2008 10:49:30

salut, :hello: 

alors je pense que c'est un virus, j'ai sans arret des pubs avec toujours la meme entete qui est CID et c'est souvent des pubs de jeu, casino ....
merci de m'aider car c'est vraiment enervant d'avoir ce genre de pub toute la journée :cry:  :cry:  :cry: 

Autres pages sur : help arret fenetres ouvrent entete cid

a b 8 Sécurité
7 Juin 2008 12:59:33

Bonjour,

Télécharge Lop S&D.exe ([#ff0000]Eric_71[/#f]) sur ton Bureau.
  • Lance l'installation du programme en exécutant le fichier téléchargé.
  • Double-clique maintenant sur le raccourci de LopS&D.
  • Sélectionne la langue souhaitée en tapant la lettre de ton choix puis en validant avec la touche Entrée.
  • Choisis maintenant l'option 1 (Recherche). Patiente jusqu'à la fin de la recherche.
  • Poste le rapport généré (C:\lopR.txt*)

    (Si le Bureau ne réapparait pas presse Ctrl + Alt + Suppr , Onglet Fichier , Nouvelle tâche , tape explorer.exe et valide)
    * le nom de la partition peut changer
    8 Juin 2008 22:41:30


    voici le rapport avec lop


    -----------------------[ Lop S&D 4.2.1-3 XP/Vista ]---------------------

    [ Windows XP (NT 5.1) Build 2600, Service Pack 2 ]
    [ USER : gg ] [ "C:\Lop SD" ] [ Selection : 1 ]
    [ 2008-06-08 | 22:32:44.53 ] [ PC : ACER-D18848DB56 ]
    [ MAJ : 07-06-2008 | 22:15 ]

    -------------[ Listing des dossiers dans Application Data ]------------

    [2004-10-15|11:51] C:\DOCUME~1\DEFAUL~1\APPLIC~1\desktop.ini
    [2004-10-15|12:05] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Identities
    [2004-10-15|11:51] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft

    [2008-03-08|19:12] C:\DOCUME~1\ALLUSE~1\APPLIC~1\.zreglib
    [2007-02-01|08:55] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe
    [2006-10-07|22:18] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Ahead
    [2007-01-28|23:46] C:\DOCUME~1\ALLUSE~1\APPLIC~1\BOONTY
    [2008-03-25|14:05] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Cast ping base frag
    [2006-09-27|14:53] C:\DOCUME~1\ALLUSE~1\APPLIC~1\CyberLink
    [2004-10-15|11:51] C:\DOCUME~1\ALLUSE~1\APPLIC~1\desktop.ini
    [2006-10-05|23:23] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Google
    [2007-07-29|23:56] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Google Updater
    [2007-09-05|14:05] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Grisoft
    [2007-08-23|00:07] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Icon Constructor 3
    [2007-10-16|11:29] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Kaspersky Lab
    [2007-10-11|15:24] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Kaspersky Lab Setup Files
    [2007-10-09|10:35] C:\DOCUME~1\ALLUSE~1\APPLIC~1\LauncherAccess.dt
    [2007-02-13|22:38] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Macrovision
    [2007-08-25|14:57] C:\DOCUME~1\ALLUSE~1\APPLIC~1\McAfee
    [2007-01-04|14:13] C:\DOCUME~1\ALLUSE~1\APPLIC~1\McAfee.com
    [2008-03-25|21:07] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Messenger Plus!
    [2004-10-15|11:51] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft
    [2007-10-09|11:50] C:\DOCUME~1\ALLUSE~1\APPLIC~1\NCH Swift Sound
    [2007-10-29|18:38] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Nero
    [2007-08-27|15:44] C:\DOCUME~1\ALLUSE~1\APPLIC~1\NtiDvdCopy
    [2006-09-30|16:45] C:\DOCUME~1\ALLUSE~1\APPLIC~1\nView_Profiles
    [2007-05-08|18:15] C:\DOCUME~1\ALLUSE~1\APPLIC~1\QuickTime
    [2007-08-25|10:02] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Spybot - Search & Destroy
    [2006-08-24|13:26] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Symantec
    [2007-12-03|10:29] C:\DOCUME~1\ALLUSE~1\APPLIC~1\TEMP
    [2006-12-11|08:56] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Genuine Advantage
    [2006-10-18|21:11] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Zylom

    [2004-10-15|11:51] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft

    [2007-01-11|21:30] C:\DOCUME~1\LOCALS~1\APPLIC~1\Google
    [2004-10-15|11:51] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft

    [2006-10-05|23:25] C:\DOCUME~1\gg\APPLIC~1\Adobe
    [2006-10-09|19:09] C:\DOCUME~1\gg\APPLIC~1\AdobeUM
    [2006-10-07|22:25] C:\DOCUME~1\gg\APPLIC~1\Ahead
    [2007-07-18|23:17] C:\DOCUME~1\gg\APPLIC~1\ConvertTemp
    [2006-09-30|18:25] C:\DOCUME~1\gg\APPLIC~1\CyberLink
    [2007-10-24|18:09] C:\DOCUME~1\gg\APPLIC~1\Delivery
    [2004-10-15|11:51] C:\DOCUME~1\gg\APPLIC~1\desktop.ini
    [2007-12-02|10:49] C:\DOCUME~1\gg\APPLIC~1\DMCache
    [2008-03-25|14:05] C:\DOCUME~1\gg\APPLIC~1\flagliessetup
    [2007-02-13|23:03] C:\DOCUME~1\gg\APPLIC~1\funkitron
    [2006-10-05|23:23] C:\DOCUME~1\gg\APPLIC~1\Google
    [2006-10-07|00:57] C:\DOCUME~1\gg\APPLIC~1\Help
    [2004-10-15|12:05] C:\DOCUME~1\gg\APPLIC~1\Identities
    [2007-12-26|19:16] C:\DOCUME~1\gg\APPLIC~1\InstallShield
    [2008-03-08|23:12] C:\DOCUME~1\gg\APPLIC~1\InterTrust
    [2007-09-07|08:29] C:\DOCUME~1\gg\APPLIC~1\Leadertech
    [2006-09-27|14:52] C:\DOCUME~1\gg\APPLIC~1\Macromedia
    [2004-10-15|11:51] C:\DOCUME~1\gg\APPLIC~1\Microsoft
    [2006-10-09|22:54] C:\DOCUME~1\gg\APPLIC~1\Microsoft Web Folders
    [2006-10-11|18:04] C:\DOCUME~1\gg\APPLIC~1\MobileAction
    [2007-09-10|13:24] C:\DOCUME~1\gg\APPLIC~1\Mozilla
    [2006-10-09|22:20] C:\DOCUME~1\gg\APPLIC~1\MSNInstaller
    [2007-10-09|11:50] C:\DOCUME~1\gg\APPLIC~1\NCH Swift Sound
    [2007-10-10|18:26] C:\DOCUME~1\gg\APPLIC~1\NetAppel
    [2007-07-18|23:17] C:\DOCUME~1\gg\APPLIC~1\Samsung
    [2007-09-06|08:49] C:\DOCUME~1\gg\APPLIC~1\Shareaza
    [2008-05-02|09:57] C:\DOCUME~1\gg\APPLIC~1\stickies
    [2007-06-20|15:45] C:\DOCUME~1\gg\APPLIC~1\Sun
    [2007-07-18|23:17] C:\DOCUME~1\gg\APPLIC~1\Temporary
    [2007-09-10|13:24] C:\DOCUME~1\gg\APPLIC~1\Thunderbird
    [2007-07-18|23:17] C:\DOCUME~1\gg\APPLIC~1\TransRender
    [2007-10-25|08:52] C:\DOCUME~1\gg\APPLIC~1\Uniblue
    [2008-04-14|22:00] C:\DOCUME~1\gg\APPLIC~1\uTorrent
    [2006-10-05|23:09] C:\DOCUME~1\gg\APPLIC~1\vlc
    [2007-10-10|13:07] C:\DOCUME~1\gg\APPLIC~1\WinRAR
    [2006-10-06|15:02] C:\DOCUME~1\gg\APPLIC~1\XnView

    ----------------[ Tâches planifiées dans C:\WINDOWS\tasks ]---------------

    [2008-06-08 22:03][--ah-----] C:\WINDOWS\tasks\A61F3CB8908CAFE8.job
    [2008-06-08 20:57][--ah-----] C:\WINDOWS\tasks\SA.DAT
    [2004-08-05 05:00][-r-h-----] C:\WINDOWS\tasks\desktop.ini

    A61F3CB8908CAFE8.job <--> c:\docume~1\gg\applic~1\flagli~1\DumbFlawIdle.exe

    ---------------[ Listing des dossiers dans C:\Program Files ]--------------

    [2007-10-12|22:07] C:\Program Files\@Last Software
    [2008-05-26|21:30] C:\Program Files\3D Screen Creator
    [2006-09-27|14:52] C:\Program Files\Acer
    [2006-08-24|13:19] C:\Program Files\Acer Inc
    [2006-08-24|13:19] C:\Program Files\Adobe
    [2006-10-07|22:18] C:\Program Files\Ahead
    [2007-09-06|22:33] C:\Program Files\Alwil Software
    [2008-02-02|12:01] C:\Program Files\AVConverter
    [2008-02-02|12:10] C:\Program Files\AVIConverter
    [2004-10-15|11:59] C:\Program Files\AviSynth 2.5
    [2007-11-04|18:48] C:\Program Files\Axon Data
    [2007-10-12|23:15] C:\Program Files\Boonty
    [2007-05-08|15:18] C:\Program Files\Cadsoft
    [2006-11-03|14:29] C:\Program Files\Canon
    [2007-10-25|17:14] C:\Program Files\CCleaner
    [2008-03-25|14:04] C:\Program Files\Circle Developement
    [2007-10-09|11:44] C:\Program Files\Coding Workshop Ringtone Converter
    [2006-11-27|22:14] C:\Program Files\ColiPoste
    [2004-10-15|11:58] C:\Program Files\ComPlus Applications
    [2006-08-24|13:13] C:\Program Files\CONEXANT
    [2008-05-14|17:53] C:\Program Files\Cuisine Astuce
    [2006-09-27|14:52] C:\Program Files\CyberLink
    [2006-08-24|13:09] C:\Program Files\DIFX
    [2007-09-09|10:10] C:\Program Files\DivX
    [2008-03-20|08:40] C:\Program Files\Easy Bead
    [2007-06-15|19:20] C:\Program Files\Eurobarre
    [2004-10-15|11:52] C:\Program Files\Fichiers communs
    [2008-03-25|14:05] C:\Program Files\flagliessetup
    [2007-12-03|17:18] C:\Program Files\FlashGet
    [2007-12-03|14:10] C:\Program Files\Free Download Manager
    [2006-10-05|23:23] C:\Program Files\Google
    [2007-10-16|10:05] C:\Program Files\Grisoft
    [2006-10-11|13:40] C:\Program Files\Hewlett-Packard
    [2006-10-11|13:41] C:\Program Files\hp deskjet 3420 series
    [2007-10-13|09:40] C:\Program Files\IKEA HomePlanner
    [2008-01-22|11:03] C:\Program Files\IMG-TXT 5
    [2006-08-24|13:12] C:\Program Files\InstallShield Installation Information
    [2004-10-15|11:58] C:\Program Files\Internet Explorer
    [2006-10-06|04:11] C:\Program Files\Inventel
    [2006-10-07|00:50] C:\Program Files\Java
    [2006-09-27|14:56] C:\Program Files\Launch Manager
    [2008-04-10|14:41] C:\Program Files\Le loto facile
    [2007-10-29|13:13] C:\Program Files\LiveUpdate
    [2008-04-10|14:34] C:\Program Files\Loto
    [2008-01-24|11:27] C:\Program Files\MediaCoder
    [2004-10-15|11:57] C:\Program Files\Messenger
    [2008-03-25|14:04] C:\Program Files\Messenger Plus! Live
    [2004-10-15|12:01] C:\Program Files\microsoft frontpage
    [2006-10-09|23:46] C:\Program Files\Microsoft Money 2005
    [2006-10-06|15:16] C:\Program Files\Microsoft Office
    [2004-10-15|11:58] C:\Program Files\Movie Maker
    [2007-10-17|10:36] C:\Program Files\Mozilla Firefox
    [2008-01-24|10:26] C:\Program Files\MP3 Player Utilities 3.5.02
    [2008-01-24|12:36] C:\Program Files\MP3 Player Utilities 3.57
    [2008-01-24|12:47] C:\Program Files\MP3 Player Utilities 3.68
    [2004-10-15|11:57] C:\Program Files\MSN
    [2004-10-15|11:57] C:\Program Files\MSN Gaming Zone
    [2007-08-27|11:53] C:\Program Files\MSN Messenger
    [2006-11-16|08:47] C:\Program Files\MSXML 4.0
    [2008-01-24|14:17] C:\Program Files\MyMPxPlayer.org
    [2007-10-10|13:37] C:\Program Files\Navilog1
    [2007-10-09|11:49] C:\Program Files\NCH Software
    [2007-10-29|18:38] C:\Program Files\Nero
    [2004-10-15|11:58] C:\Program Files\NetMeeting
    [2006-08-24|13:17] C:\Program Files\NewTech Infosystems
    [2004-10-15|11:57] C:\Program Files\Online Services
    [2006-10-17|17:32] C:\Program Files\OpiStat
    [2007-12-26|19:30] C:\Program Files\Orange
    [2004-10-15|11:58] C:\Program Files\Outlook Express
    [2008-05-26|21:35] C:\Program Files\POST-NET
    [2006-10-11|14:02] C:\Program Files\printFIT
    [2007-05-08|18:15] C:\Program Files\QuickTime
    [2006-08-24|13:12] C:\Program Files\Realtek
    [2008-01-06|14:30] C:\Program Files\ROUTE 66
    [2007-12-26|19:16] C:\Program Files\SAGEM
    [2007-07-18|22:59] C:\Program Files\Samsung
    [2006-10-06|04:09] C:\Program Files\Securitoo
    [2004-10-15|11:59] C:\Program Files\Services en ligne
    [2008-05-26|13:47] C:\Program Files\settings.dat
    [2006-10-05|22:56] C:\Program Files\Shareaza
    [2008-01-17|18:39] C:\Program Files\Shareaza Applications
    [2008-03-08|19:06] C:\Program Files\SlySoft
    [2007-10-16|15:08] C:\Program Files\Spybot - Search & Destroy
    [2007-11-28|14:17] C:\Program Files\Star Downloader
    [2008-05-02|09:57] C:\Program Files\Stickies
    [2008-01-31|09:40] C:\Program Files\Studio-Scrap
    [2006-08-24|13:26] C:\Program Files\Symantec
    [2006-08-24|13:14] C:\Program Files\Synaptics
    [2007-09-10|13:26] C:\Program Files\UserZoom
    [2008-04-14|22:01] C:\Program Files\uTorrent
    [2006-10-05|23:09] C:\Program Files\VideoLAN
    [2007-09-07|10:01] C:\Program Files\Virtools
    [2007-05-03|16:51] C:\Program Files\Virtools Web Player 3.5
    [2008-01-25|13:46] C:\Program Files\VirtualDub
    [2006-10-07|00:48] C:\Program Files\Wanadoo
    [2006-10-07|00:49] C:\Program Files\Wanadoo Messager
    [2007-10-09|17:54] C:\Program Files\WinAble
    [2008-01-24|10:42] C:\Program Files\WinAVI MP4 Converter
    [2008-03-25|14:04] C:\Program Files\Windows Live
    [2006-12-21|23:08] C:\Program Files\Windows Media Connect 2
    [2004-10-15|11:57] C:\Program Files\Windows Media Player
    [2004-10-15|11:57] C:\Program Files\Windows NT
    [2008-01-16|16:55] C:\Program Files\WinKey
    [2006-12-28|19:05] C:\Program Files\WinRAR
    [2004-10-15|12:01] C:\Program Files\xerox
    [2006-10-06|14:59] C:\Program Files\XnView
    [2007-08-23|00:16] C:\Program Files\xp-smart

    ------[ Listing des dossiers dans C:\Program Files\Fichiers communs ]------

    [2006-08-24|13:19] C:\Program Files\Fichiers communs\Adobe
    [2007-10-29|18:38] C:\Program Files\Fichiers communs\Ahead
    [2007-01-28|23:46] C:\Program Files\Fichiers communs\BOONTY Shared
    [2006-10-09|22:45] C:\Program Files\Fichiers communs\Borland Shared
    [2006-10-09|22:56] C:\Program Files\Fichiers communs\Designer
    [2006-11-19|16:12] C:\Program Files\Fichiers communs\FDEUnInstaller.exe
    [2007-12-26|19:28] C:\Program Files\Fichiers communs\France Telecom
    [2006-08-24|13:10] C:\Program Files\Fichiers communs\InstallShield
    [2007-06-20|15:43] C:\Program Files\Fichiers communs\Java
    [2006-08-24|13:18] C:\Program Files\Fichiers communs\LightScribe
    [2007-02-13|22:38] C:\Program Files\Fichiers communs\Macrovision Shared
    [2004-10-15|11:52] C:\Program Files\Fichiers communs\Microsoft Shared
    [2004-10-15|11:58] C:\Program Files\Fichiers communs\MSSoap
    [2006-08-24|13:18] C:\Program Files\Fichiers communs\muvee Technologies
    [2006-08-24|13:17] C:\Program Files\Fichiers communs\NewTech Infosystems
    [2004-10-15|11:52] C:\Program Files\Fichiers communs\ODBC
    [2004-10-15|11:58] C:\Program Files\Fichiers communs\Services
    [2004-10-15|11:52] C:\Program Files\Fichiers communs\SpeechEngines
    [2006-08-24|13:26] C:\Program Files\Fichiers communs\Symantec Shared
    [2004-10-15|11:58] C:\Program Files\Fichiers communs\System

    ---------------------------[ Process ]--------------------------

    ... 55

    iexplore.exe ~ [688]

    ----------------------[ Recherche avec S_Lop ]---------------------

    Aucun fichier / dossier Lop trouvé !

    -----------------[ Recherche de Fichiers / Dossiers Lop ]-----------------

    C:\DOCUME~1\ALLUSE~1\APPLIC~1\Cast ping base frag
    C:\DOCUME~1\ALLUSE~1\APPLIC~1\Cast ping base frag\Dale Amen.exe
    C:\DOCUME~1\gg\APPLIC~1\flagli~1
    C:\DOCUME~1\gg\APPLIC~1\flagli~1\gpeqjbal.exe
    C:\DOCUME~1\gg\APPLIC~1\flagli~1\Team Okay Beep Rect.exe
    C:\DOCUME~1\gg\APPLIC~1\flagli~1\Dumb Flaw Idle.exe
    C:\Program Files\flagli~1
    C:\Program Files\Circle Developement
    C:\Program Files\Circle Developement\Uninstall.exe
    C:\WINDOWS\Prefetch\DALE AMEN.EXE-28A59C77.pf
    C:\WINDOWS\Prefetch\DUMB FLAW IDLE.EXE-2EA3EB06.pf
    C:\DOCUME~1\gg\Cookies\gg@www.adserver5[1].txt
    C:\DOCUME~1\gg\Cookies\gg@adin.bigpoint[2].txt
    C:\DOCUME~1\gg\Cookies\gg@bigpoint[2].txt
    C:\DOCUME~1\gg\Cookies\gg@fr1.seafight.bigpoint[2].txt
    C:\DOCUME~1\gg\Cookies\gg@adopt.euroclick[2].txt
    C:\DOCUME~1\gg\Cookies\gg@pacificpoker[2].txt
    C:\DOCUME~1\gg\Cookies\gg@partygaming.122.2o7[1].txt
    C:\DOCUME~1\gg\Cookies\gg@partypoker[1].txt
    C:\DOCUME~1\gg\Cookies\gg@fr1.seafight.bigpoint[2].txt
    C:\DOCUME~1\gg\Cookies\gg@banner.32vegas[2].txt
    C:\DOCUME~1\gg\Cookies\gg@32vegas[1].txt
    C:\DOCUME~1\gg\Cookies\gg@www.2xmoinscher[1].txt
    C:\DOCUME~1\gg\Cookies\gg@www.spartoo[1].txt
    C:\WINDOWS\Tasks\A61F3CB8908CAFE8.job

    ----------------------[ Verification du Registre ]----------------------

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "Base frag grid bows"="C:\\Documents and Settings\\All Users\\Application Data\\Cast ping base frag\\Dale Amen.exe"

    --------------------[ Verification du fichier Hosts ]---------------------

    Fichier Hosts MODIFIE

    127.0.0.1 bin.errorprotector.com ## added by CiD
    127.0.0.1 br.errorsafe.com ## added by CiD
    127.0.0.1 br.winantivirus.com ## added by CiD
    127.0.0.1 br.winfixer.com ## added by CiD
    127.0.0.1 cdn.drivecleaner.com ## added by CiD
    127.0.0.1 cdn.errorsafe.com ## added by CiD
    127.0.0.1 cdn.winsoftware.com ## added by CiD
    127.0.0.1 de.errorsafe.com ## added by CiD
    127.0.0.1 de.winantivirus.com ## added by CiD
    127.0.0.1 download.cdn.drivecleaner.com ## added by CiD
    127.0.0.1 download.cdn.errorsafe.com ## added by CiD
    127.0.0.1 download.cdn.winsoftware.com ## added by CiD
    127.0.0.1 download.errorsafe.com ## added by CiD
    127.0.0.1 download.systemdoctor.com ## added by CiD
    127.0.0.1 download.winantispyware.com ## added by CiD
    127.0.0.1 download.windrivecleaner.com ## added by CiD
    127.0.0.1 download.winfixer.com ## added by CiD
    127.0.0.1 drivecleaner.com ## added by CiD
    127.0.0.1 dynamique.drivecleaner.com ## added by CiD
    127.0.0.1 errorprotector.com ## added by CiD
    127.0.0.1 errorsafe.com ## added by CiD
    127.0.0.1 es.winantivirus.com ## added by CiD
    127.0.0.1 fr.winantivirus.com ## added by CiD
    127.0.0.1 fr.winfixer.com ## added by CiD
    127.0.0.1 go.drivecleaner.com ## added by CiD
    127.0.0.1 go.errorsafe.com ## added by CiD
    127.0.0.1 go.winantispyware.com ## added by CiD
    127.0.0.1 go.winantivirus.com ## added by CiD
    127.0.0.1 hk.winantivirus.com ## added by CiD
    127.0.0.1 instlog.errorsafe.com ## added by CiD
    127.0.0.1 instlog.winantivirus.com ## added by CiD
    127.0.0.1 instlog.winfixer.com ## added by CiD
    127.0.0.1 jsp.drivecleaner.com ## added by CiD
    127.0.0.1 kb.errorsafe.com ## added by CiD
    127.0.0.1 kb.winantivirus.com ## added by CiD
    127.0.0.1 nl.errorsafe.com ## added by CiD
    127.0.0.1 se.errorsafe.com ## added by CiD
    127.0.0.1 secure.drivecleaner.com ## added by CiD
    127.0.0.1 secure.errorsafe.com ## added by CiD
    127.0.0.1 secure.winantispam.com ## added by CiD
    127.0.0.1 secure.winantispy.com ## added by CiD
    127.0.0.1 secure.winantivirus.com ## added by CiD
    127.0.0.1 support.winantivirus.com ## added by CiD
    127.0.0.1 trial.updates.winsoftware.com ## added by CiD
    127.0.0.1 ulog.winantivirus.com ## added by CiD
    127.0.0.1 utils.errorsafe.com ## added by CiD
    127.0.0.1 utils.winantivirus.com ## added by CiD
    127.0.0.1 utils.winfixer.com ## added by CiD
    127.0.0.1 winantispyware.com ## added by CiD
    127.0.0.1 winantivirus.com ## added by CiD
    127.0.0.1 winfixer.com ## added by CiD
    127.0.0.1 winfixer2006.com ## added by CiD
    127.0.0.1 winsoftware.com ## added by CiD
    127.0.0.1 www.drivecleaner.com ## added by CiD
    127.0.0.1 www.errorprotector.com ## added by CiD
    127.0.0.1 www.errorsafe.com ## added by CiD
    127.0.0.1 www.systemdoctor.com ## added by CiD
    127.0.0.1 www.utils.winfixer.com ## added by CiD
    127.0.0.1 www.win-anti-virus-pro.com ## added by CiD
    127.0.0.1 www.win-virus-pro.com ## added by CiD
    127.0.0.1 www.winantispam.com ## added by CiD
    127.0.0.1 www.winantispy.com ## added by CiD
    127.0.0.1 www.winantispyware.com ## added by CiD
    127.0.0.1 www.winantivirus.com ## added by CiD
    127.0.0.1 www.winantiviruspro.com ## added by CiD
    127.0.0.1 www.windrivecleaner.com ## added by CiD
    127.0.0.1 www.windrivesafe.com ## added by CiD
    127.0.0.1 www.winfixer.com ## added by CiD
    127.0.0.1 www.winfixer2006.com ## added by CiD
    127.0.0.1 www.winsoftware.com ## added by CiD

    -> 72 ( 70 ## added by CiD )

    /!\ 1 Not 127.0.0.1 !!

    ----------------[ Recherche de fichiers avec Catchme ]-----------------

    catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
    Rootkit scan 2008-06-08 22:33:51
    Windows 5.1.2600 Service Pack 2 FAT NTAPI
    scanning hidden processes ...
    scanning hidden files ...
    scan completed successfully
    hidden processes: 0
    hidden files: 0

    --------------------[ Recherche d'autres infections ]---------------------


    Aucune autre infection trouvée !

    [F:646][D:86]-> C:\DOCUME~1\gg\LOCALS~1\Temp
    [F:72][D:0]-> C:\DOCUME~1\gg\Cookies
    [F:2285][D:7]-> C:\DOCUME~1\gg\LOCALS~1\TEMPOR~1\content.IE5
    [F:10][D:0]-> C:\Recycled

    --------------------[ Fin du rapport a 22:34:07.51 ]----------------------
    Contenus similaires
    a b 8 Sécurité
    9 Juin 2008 13:54:18

    Re,

    Relance Lop S&D en double-cliquant sur le raccourci. Tape sur "2" puis valide en appuyant sur "Entrée".
    [#ff0000]! Ne ferme pas la fenêtre lors de la suppression ! [/#f]
    Un rapport sera généré, poste son contenu ici.

    NOTE : Si ton Bureau ne réapparait pas, appuie simultanément sur Ctrl+Alt+Suppr pour ouvrir le Gestionnaire des tâches.
    Rends-toi sur l'onglet "Processus". Clique en haut à gauche sur Fichier et choisis "Exécuter..."
    Tape explorer puis valide.
    9 Juin 2008 18:02:39

    re, voici le nouveau rapport




    -----------------------[ Lop S&D 4.2.1-3 XP/Vista ]---------------------

    [ Windows XP (NT 5.1) Build 2600, Service Pack 2 ]
    [ USER : gg ] [ "C:\Lop SD" ] [ Selection : 2 ]
    [ 2008-06-09 | 16:03:23.40 ] [ PC : ACER-D18848DB56 ]
    [ MAJ : 07-06-2008 | 22:15 ]


    \\\\\\\\\\\\\\\\\\\\\\\\\\\\\\ SUPPRESSION /////////////////////////////

    Supprimé! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\Cast ping base frag\Dale Amen.exe
    Supprimé! - C:\DOCUME~1\gg\APPLIC~1\flagli~1\gpeqjbal.exe
    Supprimé! - C:\DOCUME~1\gg\APPLIC~1\flagli~1\Team Okay Beep Rect.exe
    Supprimé! - C:\DOCUME~1\gg\APPLIC~1\flagli~1\Dumb Flaw Idle.exe
    Supprimé! - C:\Program Files\Circle Developement\Uninstall.exe
    Supprimé! - C:\WINDOWS\Prefetch\DALE AMEN.EXE-28A59C77.pf
    Supprimé! - C:\WINDOWS\Prefetch\DUMB FLAW IDLE.EXE-2EA3EB06.pf
    Supprimé! - C:\DOCUME~1\gg\Cookies\gg@www.adserver5[1].txt
    Supprimé! - C:\DOCUME~1\gg\Cookies\gg@adin.bigpoint[2].txt
    Supprimé! - C:\DOCUME~1\gg\Cookies\gg@bigpoint[2].txt
    Supprimé! - C:\DOCUME~1\gg\Cookies\gg@fr1.seafight.bigpoint[2].txt
    Supprimé! - C:\DOCUME~1\gg\Cookies\gg@pacificpoker[2].txt
    Supprimé! - C:\DOCUME~1\gg\Cookies\gg@partygaming.122.2o7[1].txt
    Supprimé! - C:\DOCUME~1\gg\Cookies\gg@partypoker[1].txt
    Supprimé! - C:\DOCUME~1\gg\Cookies\gg@banner.32vegas[2].txt
    Supprimé! - C:\DOCUME~1\gg\Cookies\gg@32vegas[1].txt
    Supprimé! - C:\DOCUME~1\gg\Cookies\gg@www.2xmoinscher[1].txt
    Supprimé! - C:\DOCUME~1\gg\Cookies\gg@www.spartoo[1].txt
    Supprimé! - C:\WINDOWS\Tasks\A61F3CB8908CAFE8.job
    Supprimé! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\Cast ping base frag
    Supprimé! - C:\DOCUME~1\gg\APPLIC~1\flagli~1
    Supprimé! - C:\Program Files\flagli~1
    Supprimé! - C:\Program Files\Circle Developement
    Restauré! - Fichier Hosts

    //////////////////////////////////////-\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\


    -------------[ Listing des dossiers dans Application Data ]------------

    [2004-10-15|11:51] C:\DOCUME~1\DEFAUL~1\APPLIC~1\desktop.ini
    [2004-10-15|12:05] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Identities
    [2004-10-15|11:51] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft

    [2008-03-08|19:12] C:\DOCUME~1\ALLUSE~1\APPLIC~1\.zreglib
    [2007-02-01|08:55] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe
    [2006-10-07|22:18] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Ahead
    [2007-01-28|23:46] C:\DOCUME~1\ALLUSE~1\APPLIC~1\BOONTY
    [2006-09-27|14:53] C:\DOCUME~1\ALLUSE~1\APPLIC~1\CyberLink
    [2004-10-15|11:51] C:\DOCUME~1\ALLUSE~1\APPLIC~1\desktop.ini
    [2006-10-05|23:23] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Google
    [2007-07-29|23:56] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Google Updater
    [2007-09-05|14:05] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Grisoft
    [2007-08-23|00:07] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Icon Constructor 3
    [2007-10-16|11:29] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Kaspersky Lab
    [2007-10-11|15:24] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Kaspersky Lab Setup Files
    [2007-10-09|10:35] C:\DOCUME~1\ALLUSE~1\APPLIC~1\LauncherAccess.dt
    [2007-02-13|22:38] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Macrovision
    [2007-08-25|14:57] C:\DOCUME~1\ALLUSE~1\APPLIC~1\McAfee
    [2007-01-04|14:13] C:\DOCUME~1\ALLUSE~1\APPLIC~1\McAfee.com
    [2008-03-25|21:07] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Messenger Plus!
    [2004-10-15|11:51] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft
    [2007-10-09|11:50] C:\DOCUME~1\ALLUSE~1\APPLIC~1\NCH Swift Sound
    [2007-10-29|18:38] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Nero
    [2007-08-27|15:44] C:\DOCUME~1\ALLUSE~1\APPLIC~1\NtiDvdCopy
    [2006-09-30|16:45] C:\DOCUME~1\ALLUSE~1\APPLIC~1\nView_Profiles
    [2007-05-08|18:15] C:\DOCUME~1\ALLUSE~1\APPLIC~1\QuickTime
    [2007-08-25|10:02] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Spybot - Search & Destroy
    [2006-08-24|13:26] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Symantec
    [2007-12-03|10:29] C:\DOCUME~1\ALLUSE~1\APPLIC~1\TEMP
    [2006-12-11|08:56] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Genuine Advantage
    [2006-10-18|21:11] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Zylom

    [2004-10-15|11:51] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft

    [2007-01-11|21:30] C:\DOCUME~1\LOCALS~1\APPLIC~1\Google
    [2004-10-15|11:51] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft

    [2006-10-05|23:25] C:\DOCUME~1\gg\APPLIC~1\Adobe
    [2006-10-09|19:09] C:\DOCUME~1\gg\APPLIC~1\AdobeUM
    [2006-10-07|22:25] C:\DOCUME~1\gg\APPLIC~1\Ahead
    [2007-07-18|23:17] C:\DOCUME~1\gg\APPLIC~1\ConvertTemp
    [2006-09-30|18:25] C:\DOCUME~1\gg\APPLIC~1\CyberLink
    [2007-10-24|18:09] C:\DOCUME~1\gg\APPLIC~1\Delivery
    [2004-10-15|11:51] C:\DOCUME~1\gg\APPLIC~1\desktop.ini
    [2007-12-02|10:49] C:\DOCUME~1\gg\APPLIC~1\DMCache
    [2007-02-13|23:03] C:\DOCUME~1\gg\APPLIC~1\funkitron
    [2006-10-05|23:23] C:\DOCUME~1\gg\APPLIC~1\Google
    [2006-10-07|00:57] C:\DOCUME~1\gg\APPLIC~1\Help
    [2004-10-15|12:05] C:\DOCUME~1\gg\APPLIC~1\Identities
    [2007-12-26|19:16] C:\DOCUME~1\gg\APPLIC~1\InstallShield
    [2008-03-08|23:12] C:\DOCUME~1\gg\APPLIC~1\InterTrust
    [2007-09-07|08:29] C:\DOCUME~1\gg\APPLIC~1\Leadertech
    [2006-09-27|14:52] C:\DOCUME~1\gg\APPLIC~1\Macromedia
    [2004-10-15|11:51] C:\DOCUME~1\gg\APPLIC~1\Microsoft
    [2006-10-09|22:54] C:\DOCUME~1\gg\APPLIC~1\Microsoft Web Folders
    [2006-10-11|18:04] C:\DOCUME~1\gg\APPLIC~1\MobileAction
    [2007-09-10|13:24] C:\DOCUME~1\gg\APPLIC~1\Mozilla
    [2006-10-09|22:20] C:\DOCUME~1\gg\APPLIC~1\MSNInstaller
    [2007-10-09|11:50] C:\DOCUME~1\gg\APPLIC~1\NCH Swift Sound
    [2007-10-10|18:26] C:\DOCUME~1\gg\APPLIC~1\NetAppel
    [2007-07-18|23:17] C:\DOCUME~1\gg\APPLIC~1\Samsung
    [2007-09-06|08:49] C:\DOCUME~1\gg\APPLIC~1\Shareaza
    [2008-05-02|09:57] C:\DOCUME~1\gg\APPLIC~1\stickies
    [2007-06-20|15:45] C:\DOCUME~1\gg\APPLIC~1\Sun
    [2007-07-18|23:17] C:\DOCUME~1\gg\APPLIC~1\Temporary
    [2007-09-10|13:24] C:\DOCUME~1\gg\APPLIC~1\Thunderbird
    [2007-07-18|23:17] C:\DOCUME~1\gg\APPLIC~1\TransRender
    [2007-10-25|08:52] C:\DOCUME~1\gg\APPLIC~1\Uniblue
    [2008-04-14|22:00] C:\DOCUME~1\gg\APPLIC~1\uTorrent
    [2006-10-05|23:09] C:\DOCUME~1\gg\APPLIC~1\vlc
    [2007-10-10|13:07] C:\DOCUME~1\gg\APPLIC~1\WinRAR
    [2006-10-06|15:02] C:\DOCUME~1\gg\APPLIC~1\XnView

    ----------------[ Tâches planifiées dans C:\WINDOWS\tasks ]---------------

    [2008-06-09 08:44][--ah-----] C:\WINDOWS\tasks\SA.DAT
    [2004-08-05 05:00][-r-h-----] C:\WINDOWS\tasks\desktop.ini

    ---------------[ Listing des dossiers dans C:\Program Files ]--------------

    [2007-10-12|22:07] C:\Program Files\@Last Software
    [2008-05-26|21:30] C:\Program Files\3D Screen Creator
    [2006-09-27|14:52] C:\Program Files\Acer
    [2006-08-24|13:19] C:\Program Files\Acer Inc
    [2006-08-24|13:19] C:\Program Files\Adobe
    [2006-10-07|22:18] C:\Program Files\Ahead
    [2007-09-06|22:33] C:\Program Files\Alwil Software
    [2008-02-02|12:01] C:\Program Files\AVConverter
    [2008-02-02|12:10] C:\Program Files\AVIConverter
    [2004-10-15|11:59] C:\Program Files\AviSynth 2.5
    [2007-11-04|18:48] C:\Program Files\Axon Data
    [2007-10-12|23:15] C:\Program Files\Boonty
    [2007-05-08|15:18] C:\Program Files\Cadsoft
    [2006-11-03|14:29] C:\Program Files\Canon
    [2007-10-25|17:14] C:\Program Files\CCleaner
    [2007-10-09|11:44] C:\Program Files\Coding Workshop Ringtone Converter
    [2006-11-27|22:14] C:\Program Files\ColiPoste
    [2004-10-15|11:58] C:\Program Files\ComPlus Applications
    [2006-08-24|13:13] C:\Program Files\CONEXANT
    [2008-05-14|17:53] C:\Program Files\Cuisine Astuce
    [2006-09-27|14:52] C:\Program Files\CyberLink
    [2006-08-24|13:09] C:\Program Files\DIFX
    [2007-09-09|10:10] C:\Program Files\DivX
    [2008-03-20|08:40] C:\Program Files\Easy Bead
    [2007-06-15|19:20] C:\Program Files\Eurobarre
    [2004-10-15|11:52] C:\Program Files\Fichiers communs
    [2007-12-03|17:18] C:\Program Files\FlashGet
    [2007-12-03|14:10] C:\Program Files\Free Download Manager
    [2006-10-05|23:23] C:\Program Files\Google
    [2007-10-16|10:05] C:\Program Files\Grisoft
    [2006-10-11|13:40] C:\Program Files\Hewlett-Packard
    [2006-10-11|13:41] C:\Program Files\hp deskjet 3420 series
    [2007-10-13|09:40] C:\Program Files\IKEA HomePlanner
    [2008-01-22|11:03] C:\Program Files\IMG-TXT 5
    [2006-08-24|13:12] C:\Program Files\InstallShield Installation Information
    [2004-10-15|11:58] C:\Program Files\Internet Explorer
    [2006-10-06|04:11] C:\Program Files\Inventel
    [2006-10-07|00:50] C:\Program Files\Java
    [2006-09-27|14:56] C:\Program Files\Launch Manager
    [2008-04-10|14:41] C:\Program Files\Le loto facile
    [2007-10-29|13:13] C:\Program Files\LiveUpdate
    [2008-04-10|14:34] C:\Program Files\Loto
    [2008-01-24|11:27] C:\Program Files\MediaCoder
    [2004-10-15|11:57] C:\Program Files\Messenger
    [2008-03-25|14:04] C:\Program Files\Messenger Plus! Live
    [2004-10-15|12:01] C:\Program Files\microsoft frontpage
    [2006-10-09|23:46] C:\Program Files\Microsoft Money 2005
    [2006-10-06|15:16] C:\Program Files\Microsoft Office
    [2004-10-15|11:58] C:\Program Files\Movie Maker
    [2007-10-17|10:36] C:\Program Files\Mozilla Firefox
    [2008-01-24|10:26] C:\Program Files\MP3 Player Utilities 3.5.02
    [2008-01-24|12:36] C:\Program Files\MP3 Player Utilities 3.57
    [2008-01-24|12:47] C:\Program Files\MP3 Player Utilities 3.68
    [2004-10-15|11:57] C:\Program Files\MSN
    [2004-10-15|11:57] C:\Program Files\MSN Gaming Zone
    [2007-08-27|11:53] C:\Program Files\MSN Messenger
    [2006-11-16|08:47] C:\Program Files\MSXML 4.0
    [2008-01-24|14:17] C:\Program Files\MyMPxPlayer.org
    [2007-10-10|13:37] C:\Program Files\Navilog1
    [2007-10-09|11:49] C:\Program Files\NCH Software
    [2007-10-29|18:38] C:\Program Files\Nero
    [2004-10-15|11:58] C:\Program Files\NetMeeting
    [2006-08-24|13:17] C:\Program Files\NewTech Infosystems
    [2004-10-15|11:57] C:\Program Files\Online Services
    [2006-10-17|17:32] C:\Program Files\OpiStat
    [2007-12-26|19:30] C:\Program Files\Orange
    [2004-10-15|11:58] C:\Program Files\Outlook Express
    [2008-05-26|21:35] C:\Program Files\POST-NET
    [2006-10-11|14:02] C:\Program Files\printFIT
    [2007-05-08|18:15] C:\Program Files\QuickTime
    [2006-08-24|13:12] C:\Program Files\Realtek
    [2008-01-06|14:30] C:\Program Files\ROUTE 66
    [2007-12-26|19:16] C:\Program Files\SAGEM
    [2007-07-18|22:59] C:\Program Files\Samsung
    [2006-10-06|04:09] C:\Program Files\Securitoo
    [2004-10-15|11:59] C:\Program Files\Services en ligne
    [2008-05-26|13:47] C:\Program Files\settings.dat
    [2006-10-05|22:56] C:\Program Files\Shareaza
    [2008-01-17|18:39] C:\Program Files\Shareaza Applications
    [2008-03-08|19:06] C:\Program Files\SlySoft
    [2007-10-16|15:08] C:\Program Files\Spybot - Search & Destroy
    [2007-11-28|14:17] C:\Program Files\Star Downloader
    [2008-05-02|09:57] C:\Program Files\Stickies
    [2008-01-31|09:40] C:\Program Files\Studio-Scrap
    [2006-08-24|13:26] C:\Program Files\Symantec
    [2006-08-24|13:14] C:\Program Files\Synaptics
    [2007-09-10|13:26] C:\Program Files\UserZoom
    [2008-04-14|22:01] C:\Program Files\uTorrent
    [2006-10-05|23:09] C:\Program Files\VideoLAN
    [2007-09-07|10:01] C:\Program Files\Virtools
    [2007-05-03|16:51] C:\Program Files\Virtools Web Player 3.5
    [2008-01-25|13:46] C:\Program Files\VirtualDub
    [2006-10-07|00:48] C:\Program Files\Wanadoo
    [2006-10-07|00:49] C:\Program Files\Wanadoo Messager
    [2007-10-09|17:54] C:\Program Files\WinAble
    [2008-01-24|10:42] C:\Program Files\WinAVI MP4 Converter
    [2008-03-25|14:04] C:\Program Files\Windows Live
    [2006-12-21|23:08] C:\Program Files\Windows Media Connect 2
    [2004-10-15|11:57] C:\Program Files\Windows Media Player
    [2004-10-15|11:57] C:\Program Files\Windows NT
    [2008-01-16|16:55] C:\Program Files\WinKey
    [2006-12-28|19:05] C:\Program Files\WinRAR
    [2004-10-15|12:01] C:\Program Files\xerox
    [2006-10-06|14:59] C:\Program Files\XnView
    [2007-08-23|00:16] C:\Program Files\xp-smart

    ------[ Listing des dossiers dans C:\Program Files\Fichiers communs ]------

    [2006-08-24|13:19] C:\Program Files\Fichiers communs\Adobe
    [2007-10-29|18:38] C:\Program Files\Fichiers communs\Ahead
    [2007-01-28|23:46] C:\Program Files\Fichiers communs\BOONTY Shared
    [2006-10-09|22:45] C:\Program Files\Fichiers communs\Borland Shared
    [2006-10-09|22:56] C:\Program Files\Fichiers communs\Designer
    [2006-11-19|16:12] C:\Program Files\Fichiers communs\FDEUnInstaller.exe
    [2007-12-26|19:28] C:\Program Files\Fichiers communs\France Telecom
    [2006-08-24|13:10] C:\Program Files\Fichiers communs\InstallShield
    [2007-06-20|15:43] C:\Program Files\Fichiers communs\Java
    [2006-08-24|13:18] C:\Program Files\Fichiers communs\LightScribe
    [2007-02-13|22:38] C:\Program Files\Fichiers communs\Macrovision Shared
    [2004-10-15|11:52] C:\Program Files\Fichiers communs\Microsoft Shared
    [2004-10-15|11:58] C:\Program Files\Fichiers communs\MSSoap
    [2006-08-24|13:18] C:\Program Files\Fichiers communs\muvee Technologies
    [2006-08-24|13:17] C:\Program Files\Fichiers communs\NewTech Infosystems
    [2004-10-15|11:52] C:\Program Files\Fichiers communs\ODBC
    [2004-10-15|11:58] C:\Program Files\Fichiers communs\Services
    [2004-10-15|11:52] C:\Program Files\Fichiers communs\SpeechEngines
    [2006-08-24|13:26] C:\Program Files\Fichiers communs\Symantec Shared
    [2004-10-15|11:58] C:\Program Files\Fichiers communs\System

    ---------------------------[ Process ]--------------------------

    ... 55

    ... OK !

    ----------------------[ Recherche avec S_Lop ]---------------------

    Aucun fichier / dossier Lop trouvé !

    -----------------[ Recherche de Fichiers / Dossiers Lop ]-----------------

    C:\DOCUME~1\gg\Cookies\gg@banner.cotedazurpalace[2].txt
    C:\DOCUME~1\gg\Cookies\gg@cotedazurpalace[2].txt
    C:\DOCUME~1\gg\Cookies\gg@adopt.euroclick[1].txt

    ----------------------[ Verification du Registre ]----------------------

    ..... OK !

    --------------------[ Verification du fichier Hosts ]---------------------

    Fichier Hosts PROPRE


    ----------------[ Recherche de fichiers avec Catchme ]-----------------

    catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
    Rootkit scan 2008-06-09 16:04:38
    Windows 5.1.2600 Service Pack 2 FAT NTAPI
    scanning hidden processes ...
    scanning hidden files ...
    scan completed successfully
    hidden processes: 0
    hidden files: 0

    --------------------[ Recherche d'autres infections ]---------------------


    Aucune autre infection trouvée !

    [F:655][D:87]-> C:\DOCUME~1\gg\LOCALS~1\Temp
    [F:76][D:0]-> C:\DOCUME~1\gg\Cookies
    [F:2656][D:7]-> C:\DOCUME~1\gg\LOCALS~1\TEMPOR~1\content.IE5
    [F:10][D:0]-> C:\Recycled

    --------------------[ Fin du rapport a 16:04:55.14 ]----------------------
    9 Juin 2008 22:16:48

    voici le rapport hijackthis




    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 22:15, on 2008-06-09
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
    C:\Program Files\Alwil Software\Avast4\ashServ.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\Acer\Empowering Technology\ePower\ePower_DMC.exe
    C:\WINDOWS\system32\rundll32.exe
    C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
    C:\PROGRA~1\LAUNCH~1\LManager.exe
    C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
    C:\Program Files\QuickTime\qttask.exe
    C:\Acer\Empowering Technology\ePerformance\MemCheck.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
    C:\Program Files\MSN Messenger\MsnMsgr.Exe
    C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
    C:\CreativesFiles\Shareaza.exe
    C:\WINDOWS\system32\drivers\CDAC11BA.EXE
    C:\Program Files\Acer\Acer Arcade\Kernel\TV\CLCapSvc.exe
    C:\Acer\Empowering Technology\Acer.Empowering.Framework.Launcher.exe
    C:\Program Files\Eurobarre\eb.exe
    C:\Program Files\POST-NET\Post-Net.exe
    C:\Program Files\Acer\Acer Arcade\Kernel\CLML_NTService\CLMLServer.exe
    C:\Program Files\Acer\Acer Arcade\Kernel\CLML_NTService\CLMLService.exe
    C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
    C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
    C:\Acer\Empowering Technology\eLock\LockServ.exe
    C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
    C:\Program Files\CyberLink\Shared Files\RichVideo.exe
    C:\WINDOWS\system32\svchost.exe
    C:\Program Files\Acer\Acer Arcade\Kernel\TV\CLSched.exe
    C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
    C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
    C:\WINDOWS\system32\wbem\unsecapp.exe
    C:\WINDOWS\system32\wbem\wmiapsrv.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\MSN Messenger\livecall.exe
    C:\PROGRA~1\MOZILL~1\FIREFOX.EXE
    C:\WINDOWS\explorer.exe
    C:\Documents and Settings\gg\Bureau\HiJackThis.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://descargar.traducegratis.com/index.php?rvs=hompag
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
    O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
    O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
    O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar3.dll
    O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.1.615.5858\swg.dll
    O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar3.dll
    O4 - HKLM\..\Run: [ePower_DMC] C:\Acer\Empowering Technology\ePower\ePower_DMC.exe
    O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
    O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
    O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
    O4 - HKLM\..\Run: [LManager] C:\PROGRA~1\LAUNCH~1\LManager.exe
    O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
    O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Fichiers communs\Ahead\Lib\NeroCheck.exe
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
    O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
    O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
    O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
    O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
    O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe"
    O4 - HKCU\..\Run: [Shareaza] "C:\CreativesFiles\Shareaza.exe" -tray
    O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
    O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
    O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
    O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
    O4 - Startup: Eurobarre.lnk = C:\Program Files\Eurobarre\eb.exe
    O4 - Startup: Post-Net.lnk = C:\Program Files\POST-NET\Post-Net.exe
    O4 - Global Startup: Acer Empowering Technology.lnk = ?
    O4 - Global Startup: E-Compagnon.lnk = C:\Program Files\ColiPoste\e-COMO\e-COMO.exe
    O8 - Extra context menu item: MediaManager tool grab multimedia file - C:\Program Files\MP3 Player Utilities 4.00\MediaManager\grab.html
    O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O16 - DPF: {6E5E167B-1566-4316-B27F-0DDAB3484CF7} (Image Uploader Control) - http://www.fotodiscount.com/aurigma/ImageUploader4.cab
    O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPACl...
    O16 - DPF: {D27CDB6E-AE6D-11CF-9600-000000000000} - http://fpdownload2.macromedia.com/get/shockwave/cabs/fl...
    O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab569...
    O23 - Service: Memory Check Service (AcerMemUsageCheckService) - Acer Inc. - C:\Acer\Empowering Technology\ePerformance\MemCheck.exe
    O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
    O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
    O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
    O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
    O23 - Service: Boonty Games - BOONTY - C:\Program Files\Fichiers communs\BOONTY Shared\Service\Boonty.exe
    O23 - Service: C-DillaCdaC11BA - Macrovision - C:\WINDOWS\system32\drivers\CDAC11BA.EXE
    O23 - Service: CyberLink Background Capture Service (CBCS) (CLCapSvc) - Unknown owner - C:\Program Files\Acer\Acer Arcade\Kernel\TV\CLCapSvc.exe
    O23 - Service: CyberLink Task Scheduler (CTS) (CLSched) - Unknown owner - C:\Program Files\Acer\Acer Arcade\Kernel\TV\CLSched.exe
    O23 - Service: CyberLink Media Library Service - Cyberlink - C:\Program Files\Acer\Acer Arcade\Kernel\CLML_NTService\CLMLServer.exe
    O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1150\Intel 32\IDriverT.exe
    O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
    O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
    O23 - Service: LockServ - Unknown owner - C:\Acer\Empowering Technology\eLock\LockServ.exe
    O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
    O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
    O23 - Service: Planificateur LiveUpdate automatique - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
    O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe

    --
    End of file - 8866 bytes
    10 Juin 2008 21:21:20

    re,

    voici le rapport avec antivir




    AntiVir PersonalEdition Classic
    Report file date: 2008-06-10 20:31

    Scanning for 835736 virus strains and unwanted programs.

    Licensed to: Avira AntiVir PersonalEdition Classic
    Serial number: 0000149996-ADJIE-0001
    Platform: Windows XP
    Windows version: (Service Pack 2) [5.1.2600]
    Username: SYSTEM
    Computer name: ACER-D18848DB56

    Version information:
    BUILD.DAT : 270 15603 Bytes 2007-09-19 13:32:00
    AVSCAN.EXE : 7.0.6.1 290856 Bytes 2007-08-23 12:16:30
    AVSCAN.DLL : 7.0.6.0 49192 Bytes 2007-08-16 11:23:52
    LUKE.DLL : 7.0.5.3 147496 Bytes 2007-08-14 14:32:48
    LUKERES.DLL : 7.0.6.1 10280 Bytes 2007-08-21 11:35:22
    ANTIVIR0.VDF : 6.40.0.0 11030528 Bytes 2007-07-18 13:27:16
    ANTIVIR1.VDF : 7.0.0.0 1640448 Bytes 2007-09-13 13:26:56
    ANTIVIR2.VDF : 7.0.0.1 2048 Bytes 2007-09-13 13:27:04
    ANTIVIR3.VDF : 7.0.0.2 2048 Bytes 2007-09-13 13:27:14
    AVEWIN32.DLL : 7.6.0.15 2806272 Bytes 2007-09-17 16:43:56
    AVWINLL.DLL : 1.0.0.7 14376 Bytes 2007-02-26 09:36:28
    AVPREF.DLL : 7.0.2.2 25640 Bytes 2007-07-18 06:39:18
    AVREP.DLL : 7.0.0.1 155688 Bytes 2007-04-16 12:16:24
    AVPACK32.DLL : 7.3.0.15 360488 Bytes 2007-08-03 07:46:02
    AVREG.DLL : 7.0.1.6 30760 Bytes 2007-07-18 06:17:08
    AVARKT.DLL : 1.0.0.20 278568 Bytes 2007-08-28 11:26:34
    AVEVTLOG.DLL : 7.0.0.20 86056 Bytes 2007-07-18 06:10:20
    NETNT.DLL : 7.0.0.0 7720 Bytes 2007-03-08 10:09:44
    RCIMAGE.DLL : 7.0.1.30 2342952 Bytes 2007-08-07 11:38:14
    RCTEXT.DLL : 7.0.62.0 86056 Bytes 2007-08-21 11:50:38
    SQLITE3.DLL : 3.3.17.1 339968 Bytes 2007-07-23 08:37:22

    Configuration settings for the scan:
    Jobname..........................: Complete system scan
    Configuration file...............: c:\program files\avira\antivir personaledition classic\sysscan.avp
    Logging..........................: low
    Primary action...................: interactive
    Secondary action.................: ignore
    Scan master boot sector..........: off
    Scan boot sector.................: on
    Boot sectors.....................: D:,
    Scan memory......................: on
    Process scan.....................: on
    Scan registry....................: on
    Search for rootkits..............: off
    Scan all files...................: Intelligent file selection
    Scan archives....................: on
    Recursion depth..................: 20
    Smart extensions.................: on
    Macro heuristic..................: on
    File heuristic...................: medium

    Start of the scan: 2008-06-10 20:31

    The scan of running processes will be started
    Scan process 'avscan.exe' - '1' Module(s) have been scanned
    Scan process 'wuauclt.exe' - '1' Module(s) have been scanned
    Scan process 'LIVECALL.EXE' - '1' Module(s) have been scanned
    Scan process 'SVCHOST.EXE' - '1' Module(s) have been scanned
    Scan process 'wmiapsrv.exe' - '1' Module(s) have been scanned
    Scan process 'unsecapp.exe' - '1' Module(s) have been scanned
    Scan process 'wmiprvse.exe' - '1' Module(s) have been scanned
    Scan process 'wmiprvse.exe' - '1' Module(s) have been scanned
    Scan process 'alg.exe' - '1' Module(s) have been scanned
    Scan process 'CLSched.exe' - '1' Module(s) have been scanned
    Scan process 'SVCHOST.EXE' - '1' Module(s) have been scanned
    Scan process 'RichVideo.exe' - '1' Module(s) have been scanned
    Scan process 'AluSchedulerSvc.exe' - '1' Module(s) have been scanned
    Scan process 'nvsvc32.exe' - '1' Module(s) have been scanned
    Scan process 'LockServ.exe' - '1' Module(s) have been scanned
    Scan process 'LSSrvc.exe' - '1' Module(s) have been scanned
    Scan process 'Post-Net.exe' - '1' Module(s) have been scanned
    Scan process 'eb.exe' - '1' Module(s) have been scanned
    Scan process 'GoogleUpdaterService.exe' - '1' Module(s) have been scanned
    Scan process 'e-COMO.exe' - '1' Module(s) have been scanned
    Scan process 'CLMLService.exe' - '1' Module(s) have been scanned
    Scan process 'Acer.Empowering.Framework.Launcher.exe' - '1' Module(s) have been scanned
    Scan process 'CLMLServer.exe' - '1' Module(s) have been scanned
    Scan process 'Shareaza.exe' - '1' Module(s) have been scanned
    Scan process 'TeaTimer.exe' - '1' Module(s) have been scanned
    Scan process 'msnmsgr.exe' - '1' Module(s) have been scanned
    Scan process 'CLCapSvc.exe' - '1' Module(s) have been scanned
    Scan process 'CDAC11BA.EXE' - '1' Module(s) have been scanned
    Scan process 'SVCHOST.EXE' - '1' Module(s) have been scanned
    Scan process 'GoogleToolbarNotifier.exe' - '1' Module(s) have been scanned
    Scan process 'ctfmon.exe' - '1' Module(s) have been scanned
    Scan process 'avgnt.exe' - '1' Module(s) have been scanned
    Scan process 'reader_sl.exe' - '1' Module(s) have been scanned
    Scan process 'qttask.exe' - '1' Module(s) have been scanned
    Scan process 'SynTPEnh.exe' - '1' Module(s) have been scanned
    Scan process 'LManager.exe' - '1' Module(s) have been scanned
    Scan process 'RUNDLL32.EXE' - '1' Module(s) have been scanned
    Scan process 'ePower_DMC.exe' - '1' Module(s) have been scanned
    Scan process 'sched.exe' - '1' Module(s) have been scanned
    Scan process 'MemCheck.exe' - '1' Module(s) have been scanned
    Scan process 'EXPLORER.EXE' - '1' Module(s) have been scanned
    Scan process 'avguard.exe' - '1' Module(s) have been scanned
    Scan process 'spoolsv.exe' - '1' Module(s) have been scanned
    Scan process 'SVCHOST.EXE' - '1' Module(s) have been scanned
    Scan process 'SVCHOST.EXE' - '1' Module(s) have been scanned
    Scan process 'SVCHOST.EXE' - '1' Module(s) have been scanned
    Scan process 'SVCHOST.EXE' - '1' Module(s) have been scanned
    Scan process 'SVCHOST.EXE' - '1' Module(s) have been scanned
    Scan process 'LSASS.EXE' - '1' Module(s) have been scanned
    Scan process 'SERVICES.EXE' - '1' Module(s) have been scanned
    Scan process 'winlogon.exe' - '1' Module(s) have been scanned
    Scan process 'csrss.exe' - '1' Module(s) have been scanned
    Scan process 'smss.exe' - '1' Module(s) have been scanned
    53 processes with 53 modules were scanned

    Start scanning boot sectors:
    Boot sector 'C:\'
    [NOTE] No virus was found!
    Boot sector 'D:\'
    [NOTE] No virus was found!

    Starting to scan the registry.
    The registry was scanned ( '27' files ).


    Starting the file scan:

    Begin scan in 'C:\' <ACER>
    C:\hiberfil.sys
    [WARNING] The file could not be opened!
    C:\pagefile.sys
    [WARNING] The file could not be opened!
    Begin scan in 'D:\' <ACERDATA>


    End of the scan: 2008-06-10 20:57
    Used time: 25:56 min

    The scan has been done completely.

    5026 Scanning directories
    204541 Files were scanned
    0 viruses and/or unwanted programs were found
    0 Files were classified as suspicious:
    0 files were deleted
    0 files were repaired
    0 files were moved to quarantine
    0 files were renamed
    2 Files cannot be scanned
    204541 Files not concerned
    8646 Archives were scanned
    2 Warnings
    53 Notes

    a b 8 Sécurité
    10 Juin 2008 21:22:13

    Reposte un rapport Hijackthis.
    10 Juin 2008 23:29:11

    re


    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 23:28, on 2008-06-10
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
    C:\WINDOWS\Explorer.EXE
    C:\Acer\Empowering Technology\ePerformance\MemCheck.exe
    C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
    C:\Acer\Empowering Technology\ePower\ePower_DMC.exe
    C:\WINDOWS\system32\rundll32.exe
    C:\PROGRA~1\LAUNCH~1\LManager.exe
    C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
    C:\Program Files\QuickTime\qttask.exe
    C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
    C:\WINDOWS\system32\drivers\CDAC11BA.EXE
    C:\Program Files\Acer\Acer Arcade\Kernel\TV\CLCapSvc.exe
    C:\Program Files\MSN Messenger\MsnMsgr.Exe
    C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
    C:\Program Files\Acer\Acer Arcade\Kernel\CLML_NTService\CLMLServer.exe
    C:\Acer\Empowering Technology\Acer.Empowering.Framework.Launcher.exe
    C:\Program Files\Acer\Acer Arcade\Kernel\CLML_NTService\CLMLService.exe
    C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
    C:\Program Files\Eurobarre\eb.exe
    C:\Program Files\POST-NET\Post-Net.exe
    C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
    C:\Acer\Empowering Technology\eLock\LockServ.exe
    C:\WINDOWS\system32\nvsvc32.exe
    C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
    C:\Program Files\CyberLink\Shared Files\RichVideo.exe
    C:\WINDOWS\system32\svchost.exe
    C:\Program Files\Acer\Acer Arcade\Kernel\TV\CLSched.exe
    C:\WINDOWS\system32\wbem\unsecapp.exe
    C:\WINDOWS\system32\wbem\wmiapsrv.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\MSN Messenger\livecall.exe
    C:\Program Files\Avira\AntiVir PersonalEdition Classic\avscan.exe
    C:\WINDOWS\system32\notepad.exe
    C:\PROGRA~1\MOZILL~1\FIREFOX.EXE
    C:\Documents and Settings\gg\Bureau\HiJackThis.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://descargar.traducegratis.com/index.php?rvs=hompag
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
    O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
    O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
    O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar3.dll
    O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.1.615.5858\swg.dll
    O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar3.dll
    O4 - HKLM\..\Run: [ePower_DMC] C:\Acer\Empowering Technology\ePower\ePower_DMC.exe
    O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
    O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
    O4 - HKLM\..\Run: [LManager] C:\PROGRA~1\LAUNCH~1\LManager.exe
    O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
    O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Fichiers communs\Ahead\Lib\NeroCheck.exe
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
    O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
    O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
    O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
    O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
    O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
    O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe"
    O4 - HKCU\..\Run: [Shareaza] "C:\CreativesFiles\Shareaza.exe" -tray
    O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
    O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
    O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
    O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
    O4 - Startup: Eurobarre.lnk = C:\Program Files\Eurobarre\eb.exe
    O4 - Startup: Post-Net.lnk = C:\Program Files\POST-NET\Post-Net.exe
    O4 - Global Startup: Acer Empowering Technology.lnk = ?
    O4 - Global Startup: E-Compagnon.lnk = C:\Program Files\ColiPoste\e-COMO\e-COMO.exe
    O8 - Extra context menu item: MediaManager tool grab multimedia file - C:\Program Files\MP3 Player Utilities 4.00\MediaManager\grab.html
    O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O16 - DPF: {6E5E167B-1566-4316-B27F-0DDAB3484CF7} (Image Uploader Control) - http://www.fotodiscount.com/aurigma/ImageUploader4.cab
    O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPACl...
    O16 - DPF: {D27CDB6E-AE6D-11CF-9600-000000000000} - http://fpdownload2.macromedia.com/get/shockwave/cabs/fl...
    O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab569...
    O23 - Service: Memory Check Service (AcerMemUsageCheckService) - Acer Inc. - C:\Acer\Empowering Technology\ePerformance\MemCheck.exe
    O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
    O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
    O23 - Service: Boonty Games - BOONTY - C:\Program Files\Fichiers communs\BOONTY Shared\Service\Boonty.exe
    O23 - Service: C-DillaCdaC11BA - Macrovision - C:\WINDOWS\system32\drivers\CDAC11BA.EXE
    O23 - Service: CyberLink Background Capture Service (CBCS) (CLCapSvc) - Unknown owner - C:\Program Files\Acer\Acer Arcade\Kernel\TV\CLCapSvc.exe
    O23 - Service: CyberLink Task Scheduler (CTS) (CLSched) - Unknown owner - C:\Program Files\Acer\Acer Arcade\Kernel\TV\CLSched.exe
    O23 - Service: CyberLink Media Library Service - Cyberlink - C:\Program Files\Acer\Acer Arcade\Kernel\CLML_NTService\CLMLServer.exe
    O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1150\Intel 32\IDriverT.exe
    O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
    O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
    O23 - Service: LockServ - Unknown owner - C:\Acer\Empowering Technology\eLock\LockServ.exe
    O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
    O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
    O23 - Service: Planificateur LiveUpdate automatique - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
    O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe

    --
    End of file - 8813 bytes
    a b 8 Sécurité
    11 Juin 2008 12:28:59

    Encore des soucis ?
    11 Juin 2008 16:20:13

    oui toujours des pub intempestive
    a b 8 Sécurité
    11 Juin 2008 16:23:37

    Tu en as sur tous les sites ?
    11 Juin 2008 18:03:10

    he bien toute la journée j'ai des fenetres qui apparaissent lorsque je navigue
    a b 8 Sécurité
    11 Juin 2008 18:46:09

    Toujours des pubs CID ?
    a b 8 Sécurité
    11 Juin 2008 19:26:33

    Je vois pas d'où viennent ces pubs :/ 

    Télécharge Gmer.
    Dézippe le dans un dossier ou sur ton bureau.

    Déconnecte toi d'Internet puis et ferme tous les programmes.
    Double-clique sur Gmer.exe.

    IMPORTANT: Si une alerte de ton antivirus apparaît pour le fichier gmer.sys ou gmer.exe, laisse le s'executer.

    Clique sur l'onglet rootkit.
    A droite, coche Files et Services.
    Clique maintenant sur Scan.

    Lorsque le scan est terminé, clique sur Copy.

    Ouvre le Bloc-notes puis clique sur le Menu Edition / Coller.
    Le rapport doit alors apparaître.
    Enregistre le fichier sur ton bureau et copie/colle le contenu ici.
    11 Juin 2008 20:44:06

    voici le rapport gmer



    GMER 1.0.14.14536 - http://www.gmer.net
    Rootkit scan 2008-06-11 20:42:36
    Windows 5.1.2600 Service Pack 2


    ---- Files - GMER 1.0.14 ----

    File C:\Documents and Settings\gg\Local Settings\Temp\KIT4.tmp\Installation\Core\Launcher\Launcher\Launcher\Launcher\Launcher\Launcher\Launcher\Launcher\Launcher\Launcher\Launcher\Launcher\Launcher\Launcher\Launcher\Launcher\Launcher\Launcher\Uninstall\KillSuite\UninstallShortcuts.shl
    File C:\Documents and Settings\gg\Local Settings\Temp\KIT4.tmp\Installation\Core\Launcher\Launcher\Launcher\Launcher\Launcher\Launcher\Launcher\Launcher\Launcher\Launcher\Launcher\Launcher\Launcher\Launcher\Launcher\Launcher\Launcher\Launcher\Uninstall\KillSuite\UninstallKillSuite.shl
    File C:\Documents and Settings\gg\Local Settings\Temp\KIT4.tmp\Installation\Core\Launcher\Launcher\Launcher\Launcher\Launcher\Launcher\Launcher\Launcher\Launcher\Launcher\Launcher\Launcher\Launcher\Launcher\Launcher\Launcher\Launcher\Launcher\Uninstall\FTCOMModule\UninstallShortcuts.shl
    File C:\Documents and Settings\gg\Local Settings\Temp\KIT4.tmp\Installation\Core\Launcher\Launcher\Launcher\Launcher\Launcher\Launcher\Launcher\Launcher\Launcher\Launcher\Launcher\Launcher\Launcher\Launcher\Launcher\Launcher\Launcher\Launcher\Uninstall\AlertModule\UninstallShortcuts.shl
    File C:\Documents and Settings\gg\Local Settings\Temp\KIT4.tmp\Installation\Core\Launcher\Launcher\Launcher\Launcher\Launcher\Launcher\Launcher\Launcher\Launcher\Launcher\Launcher\Launcher\Launcher\Launcher\Launcher\Launcher\Launcher\Launcher\Uninstall\PTPCommunication\Environment.ini
    File C:\Documents and Settings\gg\Local Settings\Temp\KIT4.tmp\Installation\Core\Launcher\Launcher\Launcher\Launcher\Launcher\Launcher\Launcher\Launcher\Launcher\Launcher\Launcher\Launcher\Launcher\Launcher\Launcher\Launcher\Launcher\Launcher\Uninstall\PTPCommunication\MainUninstall.shl
    File C:\Documents and Settings\gg\Local Settings\Temp\KIT4.tmp\Installation\Core\Launcher\Launcher\Launcher\Launcher\Launcher\Launcher\Launcher\Launcher\Launcher\Launcher\Launcher\Launcher\Launcher\Launcher\Launcher\Launcher\Launcher\Launcher\Uninstall\PTPCommunication\MainInstall.log
    File C:\Documents and Settings\gg\Local Settings\Temp\KIT4.tmp\Installation\Core\Launcher\Launcher\Launcher\Launcher\Launcher\Launcher\Launcher\Launcher\Launcher\Launcher\Launcher\Launcher\Launcher\Launcher\Launcher\Launcher\Launcher\Launcher\Uninstall\FTServiceProvider\AutoDetect.dll
    File C:\Documents and Settings\gg\Local Settings\Temp\KIT4.tmp\Installation\Core\Launcher\Launcher\Launcher\Launcher\Launcher\Launcher\Launcher\Launcher\Launcher\Launcher\Launcher\Launcher\Launcher\Launcher\Launcher\Launcher\Launcher\Launcher\Uninstall\FTServiceProvider\Environment.ini
    File C:\Documents and Settings\gg\Local Settings\Temp\KIT4.tmp\Installation\Core\Launcher\Launcher\Launcher\Launcher\Launcher\Launcher\Launcher\Launcher\Launcher\Launcher\Launcher\Launcher\Launcher\Launcher\Launcher\Launcher\Launcher\Launcher\Uninstall\FTServiceProvider\MainInstall.log
    File C:\Documents and Settings\gg\Local Settings\Temp\KIT4.tmp\Installation\Core\Launcher\Launcher\Launcher\Launcher\Launcher\Launcher\Launcher\Launcher\Launcher\Launcher\Launcher\Launcher\Launcher\Launcher\Launcher\Launcher\Launcher\Launcher\Launcher\Skin\Default\main
    File C:\Documents and Settings\gg\Local Settings\Temp\KIT4.tmp\Installation\Core\Launcher\Launcher\Launcher\Launcher\Launcher\Launcher\Launcher\Launcher\Launcher\Launcher\Launcher\Launcher\Launcher\Launcher\Launcher\Launcher\Launcher\Launcher\Launcher\Skin\Default\main\ResourceStyle.dll
    File C:\Documents and Settings\gg\Local Settings\Temp\KIT4.tmp\Installation\Core\Launcher\Launcher\Launcher\Launcher\Launcher\Launcher\Launcher\Launcher\Launcher\Launcher\Launcher\Launcher\Launcher\Launcher\Launcher\Launcher\Launcher\Launcher\Launcher\Uninstall\KillSuite
    File C:\Documents and Settings\gg\Local Settings\Temp\KIT4.tmp\Installation\Core\Launcher\Launcher\Launcher\Launcher\Launcher\Launcher\Launcher\Launcher\Launcher\Launcher\Launcher\Launcher\Launcher\Launcher\Launcher\Launcher\Launcher\Launcher\Launcher\Uninstall\KillSuite\AutoDetect.dll
    File C:\Documents and Settings\gg\Local Settings\Temp\KIT4.tmp\Installation\Core\Launcher\Launcher\Launcher\Launcher\Launcher\Launcher\Launcher\Launcher\Launcher\Launcher\Launcher\Launcher\Launcher\Launcher\Launcher\Launcher\Launcher\Launcher\Launcher\Uninstall\KillSuite\Environment.ini
    File C:\Documents and Settings\gg\Local Settings\Temp\KIT4.tmp\Installation\Core\Launcher\Launcher\Launcher\Launcher\Launcher\Launcher\Launcher\Launcher\Launcher\Launcher\Launcher\Launcher\Launcher\Launcher\Launcher\Launcher\Launcher\Launcher\Launcher\Uninstall\KillSuite\MainInstall.log
    File C:\Documents and Settings\gg\Local Settings\Temp\KIT4.tmp\Installation\Core\Launcher\Launcher\Launcher\Launcher\Launcher\Launcher\Launcher\Launcher\Launcher\Launcher\Launcher\Launcher\Launcher\Launcher\Launcher\Launcher\Launcher\Launcher\Launcher\Uninstall\FTRTSVC
    File C:\Documents and Settings\gg\Local Settings\Temp\KIT4.tmp\Installation\Core\Launcher\Launcher\Launcher\Launcher\Launcher\Launcher\Launcher\Launcher\Launcher\Launcher\Launcher\Launcher\Launcher\Launcher\Launcher\Launcher\Launcher\Launcher\Launcher\Uninstall\FTRTSVC\Environment.ini
    File C:\Documents and Settings\gg\Local Settings\Temp\KIT4.tmp\Installation\Core\Launcher\Launcher\Launcher\Launcher\Launcher\Launcher\Launcher\Launcher\Launcher\Launcher\Launcher\Launcher\Launcher\Launcher\Launcher\Launcher\Launcher\Launcher\Launcher\Uninstall\FTRTSVC\MainUninstall.shl
    File C:\Documents and Settings\gg\Local Settings\Temp\KIT4.tmp\Installation\Core\Launcher\Launcher\Launcher\Launcher\Launcher\Launcher\Launcher\Launcher\Launcher\Launcher\Launcher\Launcher\Launcher\Launcher\Launcher\Launcher\Launcher\Launcher\Launcher\Uninstall\FTRTSVC\MainInstall.log
    File C:\Documents and Settings\gg\Local Settings\Temp\KIT4.tmp\Installation\Core\Launcher\Launcher\Launcher\Launcher\Launcher\Launcher\Launcher\Launcher\Launcher\Launcher\Launcher\Launcher\Launcher\Launcher\Launcher\Launcher\Launcher\Launcher\Launcher\Uninstall\FTCOMModule
    File C:\Documents and Settings\gg\Local Settings\Temp\KIT4.tmp\Installation\Core\Launcher\Launcher\Launcher\Launcher\Launcher\Launcher\Launcher\Launcher\Launcher\Launcher\Launcher\Launcher\Launcher\Launcher\Launcher\Launcher\Launcher\Launcher\Launcher\Uninstall\FTCOMModule\ShellDll.dll
    File C:\Documents and Settings\gg\Local Settings\Temp\KIT4.tmp\Installation\Core\Launcher\Launcher\Launcher\Launcher\Launcher\Launcher\Launcher\Launcher\Launcher\Launcher\Launcher\Launcher\Launcher\Launcher\Launcher\Launcher\Launcher\Launcher\Launcher\Uninstall\AlertModule
    File C:\Documents and Settings\gg\Local Settings\Temp\KIT4.tmp\Installation\Core\Launcher\Launcher\Launcher\Launcher\Launcher\Launcher\Launcher\Launcher\Launcher\Launcher\Launcher\Launcher\Launcher\Launcher\Launcher\Launcher\Launcher\Launcher\Launcher\Uninstall\AlertModule\ShellDll.dll
    File C:\Documents and Settings\gg\Local Settings\Temp\KIT4.tmp\Installation\Core\Launcher\Launcher\Launcher\Launcher\Launcher\Launcher\Launcher\Launcher\Launcher\Launcher\Launcher\Launcher\Launcher\Launcher\Launcher\Launcher\Launcher\Launcher\Launcher\Uninstall\Autodial
    File C:\Documents and Settings\gg\Local Settings\Temp\KIT4.tmp\Installation\Core\Launcher\Launcher\Launcher\Launcher\Launcher\Launcher\Launcher\Launcher\Launcher\Launcher\Launcher\Launcher\Launcher\Launcher\Launcher\Launcher\Launcher\Launcher\Launcher\Uninstall\Autodial\AutoDetect.dll
    File C:\Documents and Settings\gg\Local Settings\Temp\KIT4.tmp\Installation\Core\Launcher\Launcher\Launcher\Launcher\Launcher\Launcher\Launcher\Launcher\Launcher\Launcher\Launcher\Launcher\Launcher\Launcher\Launcher\Launcher\Launcher\Launcher\Launcher\Uninstall\Autodial\Environment.ini
    File C:\Documents and Settings\gg\Local Settings\Temp\KIT4.tmp\Installation\Core\Launcher\Launcher\Launcher\Launcher\Launcher\Launcher\Launcher\Launcher\Launcher\Launcher\Launcher\Launcher\Launcher\Launcher\Launcher\Launcher\Launcher\Launcher\Launcher\Uninstall\Autodial\MainInstall.log
    File C:\Documents and Settings\gg\Local Settings\Temp\KIT4.tmp\Installation\Core\Launcher\Launcher\Launcher\Launcher\Launcher\Launcher\Launcher\Launcher\Launcher\Launcher\Launcher\Launcher\Launcher\Launcher\Launcher\Launcher\Launcher\Launcher\Launcher\Launcher\0\Uninstall
    File C:\Documents and Settings\gg\Local Settings\Temp\KIT4.tmp\Installation\Core\Launcher\Launcher\Launcher\Launcher\Launcher\Launcher\Launcher\Launcher\Launcher\Launcher\Launcher\Launcher\Launcher\Launcher\Launcher\Launcher\Launcher\Launcher\Launcher\Launcher\0\Uninstall\ShellDll.dll
    File C:\Documents and Settings\gg\Local Settings\Temp\KIT4.tmp\Installation\Core\Launcher\Launcher\Launcher\Launcher\Launcher\Launcher\Launcher\Launcher\Launcher\Launcher\Launcher\Launcher\Launcher\Launcher\Launcher\Launcher\Launcher\Launcher\Launcher\Launcher\0\Uninstall\Autodetect.dll
    File C:\Documents and Settings\gg\Local Settings\Temp\KIT4.tmp\Installation\Core\Launcher\Launcher\Launcher\Launcher\Launcher\Launcher\Launcher\Launcher\Launcher\Launcher\Launcher\Launcher\Launcher\Launcher\Launcher\Launcher\Launcher\Launcher\Launcher\Launcher\1\Uninstall
    File C:\Documents and Settings\gg\Local Settings\Temp\KIT4.tmp\Installation\Core\Launcher\Launcher\Launcher\Launcher\Launcher\Launcher\Launcher\Launcher\Launcher\Launcher\Launcher\Launcher\Launcher\Launcher\Launcher\Launcher\Launcher\Launcher\Launcher\Launcher\1\Uninstall\ShellDll.dll
    File C:\Documents and Settings\gg\Local Settings\Temp\KIT4.tmp\Installation\Core\Launcher\Launcher\Launcher\Launcher\Launcher\Launcher\Launcher\Launcher\Launcher\Launcher\Launcher\Launcher\Launcher\Launcher\Launcher\Launcher\Launcher\Launcher\Launcher\Launcher\1\Uninstall\Autodetect.dll
    File C:\Documents and Settings\gg\Local Settings\Temp\KIT4.tmp\Installation\Core\Launcher\Launcher\Launcher\Launcher\Launcher\Launcher\Launcher\Launcher\Launcher\Launcher\Launcher\Launcher\Launcher\Launcher\Launcher\Launcher\Launcher\Launcher\Launcher\Launcher\2\Uninstall
    File C:\Documents and Settings\gg\Local Settings\Temp\KIT4.tmp\Installation\Core\Launcher\Launcher\Launcher\Launcher\Launcher\Launcher\Launcher\Launcher\Launcher\Launcher\Launcher\Launcher\Launcher\Launcher\Launcher\Launcher\Launcher\Launcher\Launcher\Launcher\2\Uninstall\ShellDll.dll
    File C:\Documents and Settings\gg\Local Settings\Temp\KIT4.tmp\Installation\Core\Launcher\Launcher\Launcher\Launcher\Launcher\Launcher\Launcher\Launcher\Launcher\Launcher\Launcher\Launcher\Launcher\Launcher\Launcher\Launcher\Launcher\Launcher\Launcher\Launcher\2\Uninstall\Autodetect.dll
    File C:\Documents and Settings\gg\Local Settings\Temp\KIT4.tmp\Installation\Core\Launcher\Launcher\Launcher\Launcher\Launcher\Launcher\Launcher\Launcher\Launcher\Launcher\Launcher\Launcher\Launcher\Launcher\Launcher\Launcher\Launcher\Launcher\Launcher\Launcher\3\Uninstall
    File C:\Documents and Settings\gg\Local Settings\Temp\KIT4.tmp\Installation\Core\Launcher\Launcher\Launcher\Launcher\Launcher\Launcher\Launcher\Launcher\Launcher\Launcher\Launcher\Launcher\Launcher\Launcher\Launcher\Launcher\Launcher\Launcher\Launcher\Launcher\3\Uninstall\ShellDll.dll
    File C:\Documents and Settings\gg\Local Settings\Temp\KIT4.tmp\Installation\Core\Launcher\Launcher\Launcher\Launcher\Launcher\Launcher\Launcher\Launcher\Launcher\Launcher\Launcher\Launcher\Launcher\Launcher\Launcher\Launcher\Launcher\Launcher\Launcher\Launcher\3\Uninstall\Autodetect.dll
    File C:\Documents and Settings\gg\Local Settings\Temp\KIT4.tmp\Installation\Core\Launcher\Launcher\Launcher\Launcher\Launcher\Launcher\Launcher\Launcher\Launcher\Launcher\Launcher\Launcher\Launcher\Launcher\Launcher\Launcher\Launcher\Launcher\Launcher\Launcher\4\Uninstall
    File C:\Documents and Settings\gg\Local Settings\Temp\KIT4.tmp\Installation\Core\Launcher\Launcher\Launcher\Launcher\Launcher\Launcher\Launcher\Launcher\Launcher\Launcher\Launcher\Launcher\Launcher\Launcher\Launcher\Launcher\Launcher\Launcher\Launcher\Launcher\4\Uninstall\ShellDll.dll
    File C:\Documents and Settings\gg\Local Settings\Temp\KIT4.tmp\Installation\Core\Launcher\Launcher\Launcher\Launcher\Launcher\Launcher\Launcher\Launcher\Launcher\Launcher\Launcher\Launcher\Launcher\Launcher\Launcher\Launcher\Launcher\Launcher\Launcher\Launcher\4\Uninstall\Autodetect.dll
    File C:\Documents and Settings\gg\Local Settings\Temp\KIT4.tmp\Installation\Core\Launcher\Launcher\Launcher\Launcher\Launcher\Launcher\Launcher\Launcher\Launcher\Launcher\Launcher\Launcher\Launcher\Launcher\Launcher\Launcher\Launcher\Launcher\Launcher\Launcher\5\Uninstall
    File C:\Documents and Settings\gg\Local Settings\Temp\KIT4.tmp\Installation\Core\Launcher\Launcher\Launcher\Launcher\Launcher\Launcher\Launcher\Launcher\Launcher\Launcher\Launcher\Launcher\Launcher\Launcher\Launcher\Launcher\Launcher\Launcher\Launcher\Launcher\5\Uninstall\ShellDll.dll
    File C:\Documents and Settings\gg\Local Settings\Temp\KIT4.tmp\Installation\Core\Launcher\Launcher\Launcher\Launcher\Launcher\Launcher\Launcher\Launcher\Launcher\Launcher\Launcher\Launcher\Launcher\Launcher\Launcher\Launcher\Launcher\Launcher\Launcher\Launcher\5\Uninstall\Autodetect.dll

    ---- EOF - GMER 1.0.14 ----
    a b 8 Sécurité
    11 Juin 2008 21:23:31

    Tu peux uploader ce dossier C:\Program Files\POST-NET ?
    (voir la liste des tuto pour une aide)
    a b 8 Sécurité
    12 Juin 2008 13:37:57

    Merci, je te tiens au courant :) 
    a b 8 Sécurité
    12 Juin 2008 19:07:42

    Tu as un programme permettant d'envoyer des post-it sur ton réseau. Tu ne prends pas ces post--it pour des popups ?
    12 Juin 2008 19:47:50

    non, j'ai bien des post it mais j'ai toujours ces pubs
    a b 8 Sécurité
    13 Juin 2008 11:46:59

    Tu as désinstallé Messenger Plus ?
    a b 8 Sécurité
    13 Juin 2008 15:35:48

    Fais le, il y a l'origine de l'infection.
    14 Juin 2008 17:39:09

    c'est bon je l'ai désinstallé. Et ensuite, que dois-je faire ?
    a b 8 Sécurité
    15 Juin 2008 12:37:05

    Reposte un rapport Hijackthis.
    18 Juin 2008 10:47:39

    voici le rapport hijackthis



    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 10:46, on 2008-06-18
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
    C:\WINDOWS\Explorer.EXE
    C:\Acer\Empowering Technology\ePower\ePower_DMC.exe
    C:\WINDOWS\system32\rundll32.exe
    C:\PROGRA~1\LAUNCH~1\LManager.exe
    C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
    C:\Program Files\QuickTime\qttask.exe
    C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
    C:\Acer\Empowering Technology\ePerformance\MemCheck.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
    C:\Program Files\MSN Messenger\MsnMsgr.Exe
    C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
    C:\CreativesFiles\Shareaza.exe
    C:\Acer\Empowering Technology\Acer.Empowering.Framework.Launcher.exe
    C:\Program Files\Eurobarre\eb.exe
    C:\Program Files\POST-NET\Post-Net.exe
    C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
    C:\WINDOWS\system32\drivers\CDAC11BA.EXE
    C:\Program Files\Acer\Acer Arcade\Kernel\TV\CLCapSvc.exe
    C:\Program Files\Acer\Acer Arcade\Kernel\CLML_NTService\CLMLServer.exe
    C:\Program Files\Acer\Acer Arcade\Kernel\CLML_NTService\CLMLService.exe
    C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
    C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
    C:\Acer\Empowering Technology\eLock\LockServ.exe
    C:\WINDOWS\system32\nvsvc32.exe
    C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
    C:\Program Files\CyberLink\Shared Files\RichVideo.exe
    C:\WINDOWS\system32\svchost.exe
    C:\Program Files\Acer\Acer Arcade\Kernel\TV\CLSched.exe
    C:\WINDOWS\system32\wbem\unsecapp.exe
    C:\WINDOWS\system32\wbem\wmiapsrv.exe
    C:\PROGRA~1\MOZILL~1\FIREFOX.EXE
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\wuauclt.exe
    C:\Program Files\MSN Messenger\livecall.exe
    C:\Documents and Settings\gg\Bureau\HiJackThis.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://descargar.traducegratis.com/index.php?rvs=hompag
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
    O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
    O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
    O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar3.dll
    O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.1.615.5858\swg.dll
    O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar3.dll
    O4 - HKLM\..\Run: [ePower_DMC] C:\Acer\Empowering Technology\ePower\ePower_DMC.exe
    O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
    O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
    O4 - HKLM\..\Run: [LManager] C:\PROGRA~1\LAUNCH~1\LManager.exe
    O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
    O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Fichiers communs\Ahead\Lib\NeroCheck.exe
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
    O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
    O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
    O4 - HKLM\..\Run: [OM2_Monitor] "C:\Program Files\OLYMPUS\OLYMPUS Master 2\FirstStart.exe" /OM
    O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
    O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
    O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
    O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe"
    O4 - HKCU\..\Run: [Shareaza] "C:\CreativesFiles\Shareaza.exe" -tray
    O4 - HKCU\..\Run: [OM2_Monitor] "C:\Program Files\OLYMPUS\OLYMPUS Master 2\MMonitor.exe" -NoStart
    O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
    O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
    O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
    O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
    O4 - Startup: Eurobarre.lnk = C:\Program Files\Eurobarre\eb.exe
    O4 - Startup: Post-Net.lnk = C:\Program Files\POST-NET\Post-Net.exe
    O4 - Global Startup: Acer Empowering Technology.lnk = ?
    O4 - Global Startup: E-Compagnon.lnk = C:\Program Files\ColiPoste\e-COMO\e-COMO.exe
    O8 - Extra context menu item: MediaManager tool grab multimedia file - C:\Program Files\MP3 Player Utilities 4.00\MediaManager\grab.html
    O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O16 - DPF: {6E5E167B-1566-4316-B27F-0DDAB3484CF7} (Image Uploader Control) - http://www.fotodiscount.com/aurigma/ImageUploader4.cab
    O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPACl...
    O16 - DPF: {D27CDB6E-AE6D-11CF-9600-000000000000} - http://fpdownload2.macromedia.com/get/shockwave/cabs/fl...
    O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab569...
    O23 - Service: Memory Check Service (AcerMemUsageCheckService) - Acer Inc. - C:\Acer\Empowering Technology\ePerformance\MemCheck.exe
    O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
    O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
    O23 - Service: Boonty Games - BOONTY - C:\Program Files\Fichiers communs\BOONTY Shared\Service\Boonty.exe
    O23 - Service: C-DillaCdaC11BA - Macrovision - C:\WINDOWS\system32\drivers\CDAC11BA.EXE
    O23 - Service: CyberLink Background Capture Service (CBCS) (CLCapSvc) - Unknown owner - C:\Program Files\Acer\Acer Arcade\Kernel\TV\CLCapSvc.exe
    O23 - Service: CyberLink Task Scheduler (CTS) (CLSched) - Unknown owner - C:\Program Files\Acer\Acer Arcade\Kernel\TV\CLSched.exe
    O23 - Service: CyberLink Media Library Service - Cyberlink - C:\Program Files\Acer\Acer Arcade\Kernel\CLML_NTService\CLMLServer.exe
    O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1150\Intel 32\IDriverT.exe
    O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
    O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
    O23 - Service: LockServ - Unknown owner - C:\Acer\Empowering Technology\eLock\LockServ.exe
    O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
    O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
    O23 - Service: Planificateur LiveUpdate automatique - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
    O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe

    --
    End of file - 8973 bytes
    a b 8 Sécurité
    18 Juin 2008 12:46:23

    C'est mieux ?
    Tom's guide dans le monde
    • Allemagne
    • Italie
    • Irlande
    • Royaume Uni
    • Etats Unis
    Suivre Tom's Guide
    Inscrivez-vous à la Newsletter
    • ajouter à twitter
    • ajouter à facebook
    • ajouter un flux RSS