Se connecter / S'enregistrer
Votre question

Pub intempestives + ramage de lordi !

Tags :
  • Sécurité
Dernière réponse : dans Sécurité et virus
Anonyme
4 Juin 2008 09:07:49

Bonjour ! Je voudrais qu'on m'aide un peu parce que j'en peux plus !
Je rame de trop depuis quelque temps avec ces pub ... Et quand j'éteind mon pc il y a un message d'erreur " terminer maintenant " alors je sais pas comment le faire disparaitre !Je sais pas si c'est un virus , il me faudrait un nettoyage de l'ordi enfaite sans effacé son contenu ..
Eh bien voila jspr que l'on va m'aider merci d'avance ..
A bientot
++

Autres pages sur : pub intempestives ramage lordi

Anonyme
4 Juin 2008 11:11:12

Voici le rapport " HijackThis " aprés cela je sais pas quoi faire..
Mercii de me guider a bientot .




Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 11:32, on 2008-06-04
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16640)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\Wanadoo\TaskbarIcon.exe
C:\PROGRA~1\Wanadoo\CnxMon.exe
C:\Program Files\Thomson\SpeedTouch USB\Dragdiag.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\WINDOWS\system32\RUNDLL32.EXE
C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb10.exe
C:\WINDOWS\System32\LVCOMSX.EXE
C:\Program Files\Logitech\Video\LogiTray.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\WINDOWS\AGRSMMSG.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\MSN Messenger\MsnMsgr.Exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\Program Files\TomTom HOME 2\HOMERunner.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Sunbelt Software\Personal Firewall\kpf4ss.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\WINDOWS\System32\nvsvc32.exe
C:\Program Files\Logitech\Video\FxSvr2.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\Sunbelt Software\Personal Firewall\kpf4gui.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Sunbelt Software\Personal Firewall\kpf4gui.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\MSN Messenger\usnsvc.exe
C:\Program Files\iTunes\iTunes.exe
C:\Program Files\LimeWire\LimeWire.exe
C:\WINDOWS\system32\RUNDLL32.exe
C:\WINDOWS\system32\RUNDLL32.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/ig?sourceid=navclient&hl=fr&ie=UTF...
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\PROGRA~1\Wanadoo\SEARCH~1.DLL
R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Easy Gif Animator Toolbar Helper - {96372AB6-15EB-4316-B497-71C741BC548C} - C:\Program Files\Easy Gif Animator Extension\v3.3.0.0\EasyGifAnimator_Toolbar.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.1.1119.1736\swg.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: Easy Gif Animator Toolbar - {35065594-9169-4A34-B167-FC4865038E53} - C:\Program Files\Easy Gif Animator Extension\v3.3.0.0\EasyGifAnimator_Toolbar.dll
O3 - Toolbar: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O4 - HKLM\..\Run: [WOOWATCH] C:\PROGRA~1\Wanadoo\Watch.exe
O4 - HKLM\..\Run: [WOOTASKBARICON] C:\PROGRA~1\Wanadoo\TaskbarIcon.exe
O4 - HKLM\..\Run: [WooCnxMon] C:\PROGRA~1\Wanadoo\CnxMon.exe
O4 - HKLM\..\Run: [SpeedTouch USB Diagnostics] "C:\Program Files\Thomson\SpeedTouch USB\Dragdiag.exe" /icon
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\System32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb10.exe
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\System32\LVCOMSX.EXE
O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe
O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKLM\..\Run: [ante cast ooze tray] C:\Documents and Settings\All Users\Application Data\Bin Wait Ante Cast\ace love.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
O4 - HKLM\..\Run: [UserFaultCheck] %systemroot%\system32\dumprep 0 -u
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [Ante Global] C:\DOCUME~1\angelo\APPLIC~1\TEAMGP~1\Extra Poke Tick.exe
O4 - HKCU\..\Run: [TomTomHOME.exe] "C:\Program Files\TomTom HOME 2\HOMERunner.exe"
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.ca...
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPACl...
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Sunbelt Kerio Personal Firewall 4 (KPF4) - Sunbelt Software - C:\Program Files\Sunbelt Software\Personal Firewall\kpf4ss.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe

--
End of file - 10053 bytes
4 Juin 2008 17:24:44

Bonjour,

Télécharge Lop S&D.exe (d’ Eric 71 & Angeldark) sur ton bureau.

  • Double-clique dessus pour lancer l'installation
  • Puis double-clique sur le raccourci Lop S&D présent sur ton bureau (Si tu es sous Vista, clique droit -> exécuter en tant qu'admin)
  • Séléctionne la langue souhaitée , puis choisis l'Option 1 (Recherche)
  • Patiente jusqu'à la fin du scan
  • Poste le rapport généré (C:\lopR.txt)

    Si ton bureau ne réapparait pas, fais CTRL+ALT+SUPP pour ouvrir le gestionnaire de tâches.
    Puis rends-toi à l'onglet "processus". Clique en haut à gauche sur fichiers et choisis "Nouvelle tâche (exécuter)"
    Tapes explorer et valide. Cela te fera apparaitre ton bureau
    Contenus similaires
    Pas de réponse à votre question ? Demandez !
    Anonyme
    4 Juin 2008 19:05:18

    Voici le rapport :



    -----------------------[ Lop S&D 4.2.1-2 XP/Vista ]---------------------

    [ Windows XP (NT 5.1) Build 2600, Service Pack 2 ]
    [ USER : angelo ] [ "C:\Lop SD" ] [ Selection : 1 ]
    [ 2008-06-04 | 18:58:55.12 ] [ PC : DANGELO-AT1WLIR ]
    [ MAJ : 01-06-2008 | 15:51 ]

    -------------[ Listing des dossiers dans Application Data ]------------

    [2008-06-01|10:41] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe
    [2008-05-20|17:58] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple
    [2007-07-20|20:43] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple Computer
    [2008-05-01|10:57] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Bin Wait Ante Cast
    [2007-04-01|18:08] C:\DOCUME~1\ALLUSE~1\APPLIC~1\desktop.ini
    [2008-01-07|21:11] C:\DOCUME~1\ALLUSE~1\APPLIC~1\ESET
    [2007-07-22|11:15] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Google
    [2008-02-16|19:50] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Grisoft
    [2008-06-03|21:13] C:\DOCUME~1\ALLUSE~1\APPLIC~1\LauncherAccess.dt
    [2007-07-25|01:09] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Messenger Plus!
    [2007-08-31|23:29] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft
    [2007-04-30|14:38] C:\DOCUME~1\ALLUSE~1\APPLIC~1\MSN6
    [2007-09-12|18:49] C:\DOCUME~1\ALLUSE~1\APPLIC~1\nView_Profiles
    [2007-07-21|10:11] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Genuine Advantage
    [2007-07-20|18:58] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Live Toolbar
    [2008-01-29|20:25] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WLInstaller
    [2008-01-08|20:18] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Yahoo! Companion

    [2008-05-17|20:15] C:\DOCUME~1\angelo\APPLIC~1\Adobe
    [2007-09-10|18:25] C:\DOCUME~1\angelo\APPLIC~1\AdobeUM
    [2007-08-20|18:42] C:\DOCUME~1\angelo\APPLIC~1\Anuman Interactive
    [2007-08-15|16:28] C:\DOCUME~1\angelo\APPLIC~1\Apple Computer
    [2007-04-01|18:08] C:\DOCUME~1\angelo\APPLIC~1\desktop.ini
    [2007-12-05|13:32] C:\DOCUME~1\angelo\APPLIC~1\DivX
    [2007-12-19|22:08] C:\DOCUME~1\angelo\APPLIC~1\GetRightToGo
    [2008-02-17|17:04] C:\DOCUME~1\angelo\APPLIC~1\Google
    [2008-02-16|19:50] C:\DOCUME~1\angelo\APPLIC~1\Grisoft
    [2007-04-02|18:17] C:\DOCUME~1\angelo\APPLIC~1\Help
    [2007-04-01|17:25] C:\DOCUME~1\angelo\APPLIC~1\Identities
    [2007-09-11|07:58] C:\DOCUME~1\angelo\APPLIC~1\Leadertech
    [2008-06-04|08:47] C:\DOCUME~1\angelo\APPLIC~1\LimeWire
    [2007-07-20|18:10] C:\DOCUME~1\angelo\APPLIC~1\Macromedia
    [2007-12-23|11:10] C:\DOCUME~1\angelo\APPLIC~1\Media Player Classic
    [2008-01-07|19:38] C:\DOCUME~1\angelo\APPLIC~1\Microsoft
    [2008-05-11|10:50] C:\DOCUME~1\angelo\APPLIC~1\Mozilla
    [2007-04-30|14:38] C:\DOCUME~1\angelo\APPLIC~1\MSN6
    [2007-10-06|22:55] C:\DOCUME~1\angelo\APPLIC~1\Samsung
    [2008-02-05|09:07] C:\DOCUME~1\angelo\APPLIC~1\Sun
    [2008-05-01|10:57] C:\DOCUME~1\angelo\APPLIC~1\Team Gpl Logo
    [2008-05-11|10:50] C:\DOCUME~1\angelo\APPLIC~1\TomTom

    [2007-04-01|18:08] C:\DOCUME~1\DEFAUL~1\APPLIC~1\desktop.ini
    [2007-04-01|17:17] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft

    [2007-04-01|17:20] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft

    [2007-04-01|17:20] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft

    ----------------[ Tâches planifiées dans C:\WINDOWS\tasks ]---------------

    [2008-06-04 18:00][--ah-----] C:\WINDOWS\tasks\A04ECC40918549E8.job
    [2008-06-04 14:50][--a------] C:\WINDOWS\tasks\AppleSoftwareUpdate.job
    [2008-06-04 18:45][--a------] C:\WINDOWS\tasks\V‚rifier les mises … jour de Windows Live Toolbar.job
    [2008-06-04 06:55][--ah-----] C:\WINDOWS\tasks\SA.DAT
    [2002-08-30 14:00][-r-h-----] C:\WINDOWS\tasks\desktop.ini

    A04ECC40918549E8.job <--> c:\docume~1\angelo\applic~1\teamgp~1\Signbashdumb.exe

    ---------------[ Listing des dossiers dans C:\Program Files ]--------------

    [2008-06-01|10:41] C:\Program Files\Adobe
    [2007-07-20|20:21] C:\Program Files\Alwil Software
    [2007-08-20|18:21] C:\Program Files\Anuman Interactive
    [2008-05-20|17:58] C:\Program Files\Apple Software Update
    [2008-02-17|11:11] C:\Program Files\Axis Communications
    [2008-01-08|18:59] C:\Program Files\CCleaner
    [2008-03-28|21:11] C:\Program Files\Circle Developement
    [2007-04-01|17:16] C:\Program Files\ComPlus Applications
    [2007-07-20|20:13] C:\Program Files\directx
    [2007-12-23|11:09] C:\Program Files\DivX
    [2007-12-28|14:28] C:\Program Files\Easy Gif Animator Extension
    [2008-06-01|20:18] C:\Program Files\eMule
    [2008-01-07|21:11] C:\Program Files\ESET
    [2008-01-29|20:19] C:\Program Files\Fichiers communs
    [2008-02-17|17:04] C:\Program Files\Google
    [2008-02-16|19:50] C:\Program Files\Grisoft
    [2007-09-16|16:16] C:\Program Files\InstallShield Installation Information
    [2008-04-09|21:19] C:\Program Files\Internet Explorer
    [2007-07-20|20:43] C:\Program Files\iPod
    [2007-07-20|20:43] C:\Program Files\iTunes
    [2008-03-30|07:58] C:\Program Files\Java
    [2007-12-23|11:09] C:\Program Files\K-Lite Codec Pack
    [2008-06-01|16:27] C:\Program Files\LimeWire
    [2007-07-20|20:13] C:\Program Files\Logitech
    [2008-01-16|23:00] C:\Program Files\Messenger
    [2008-03-28|21:11] C:\Program Files\Messenger Plus! Live
    [2007-07-22|11:10] C:\Program Files\Microsoft CAPICOM 2.1.0.2
    [2007-04-01|17:18] C:\Program Files\microsoft frontpage
    [2008-01-15|12:51] C:\Program Files\Movie Maker
    [2007-04-01|17:15] C:\Program Files\MSN
    [2007-04-01|17:15] C:\Program Files\MSN Gaming Zone
    [2008-01-29|20:37] C:\Program Files\MSN Messenger
    [2008-01-16|22:58] C:\Program Files\MSXML 4.0
    [2008-01-15|12:49] C:\Program Files\NetMeeting
    [2008-01-16|23:00] C:\Program Files\Outlook Express
    [2007-07-20|20:43] C:\Program Files\QuickTime
    [2008-01-29|19:11] C:\Program Files\Recovery for Excel
    [2007-04-01|17:40] C:\Program Files\S3Inc
    [2007-09-16|16:12] C:\Program Files\Samsung
    [2007-04-01|17:17] C:\Program Files\Services en ligne
    [2008-02-22|17:15] C:\Program Files\Sunbelt Software
    [2008-05-01|10:56] C:\Program Files\Team Gpl Logo
    [2007-04-02|18:11] C:\Program Files\Thomson
    [2008-05-11|10:50] C:\Program Files\TomTom HOME 2
    [2008-06-04|11:31] C:\Program Files\Trend Micro
    [2007-04-01|17:25] C:\Program Files\Uninstall Information
    [2007-10-04|17:55] C:\Program Files\Wanadoo
    [2008-01-29|20:22] C:\Program Files\Windows Live
    [2007-12-01|08:49] C:\Program Files\Windows Live Toolbar
    [2008-01-22|11:59] C:\Program Files\Windows Media Connect 2
    [2008-01-22|11:59] C:\Program Files\Windows Media Player
    [2008-01-15|12:49] C:\Program Files\Windows NT
    [2007-07-20|18:58] C:\Program Files\WindowsUpdate
    [2007-04-01|17:18] C:\Program Files\xerox
    [2008-01-08|18:59] C:\Program Files\Yahoo!

    ------[ Listing des dossiers dans C:\Program Files\Fichiers communs ]------

    [2008-06-01|10:41] C:\Program Files\Fichiers communs\Adobe
    [2007-04-03|19:24] C:\Program Files\Fichiers communs\FDEUnInstaller.exe
    [2007-04-11|17:16] C:\Program Files\Fichiers communs\InstallShield
    [2007-11-18|09:32] C:\Program Files\Fichiers communs\Java
    [2007-07-20|20:13] C:\Program Files\Fichiers communs\Logitech
    [2008-01-29|20:36] C:\Program Files\Fichiers communs\Microsoft Shared
    [2007-04-01|17:16] C:\Program Files\Fichiers communs\MSSoap
    [2007-04-01|18:08] C:\Program Files\Fichiers communs\ODBC
    [2007-04-01|17:16] C:\Program Files\Fichiers communs\Services
    [2007-04-01|18:08] C:\Program Files\Fichiers communs\SpeechEngines
    [2008-01-16|23:00] C:\Program Files\Fichiers communs\System
    [2007-09-10|19:46] C:\Program Files\Fichiers communs\Vbox
    [2008-01-29|20:19] C:\Program Files\Fichiers communs\WindowsLiveInstaller

    ---------------------------[ Process ]--------------------------

    ... 56

    iexplore.exe ~ [1568]
    iexplore.exe ~ [1660]
    iexplore.exe ~ [212]
    iexplore.exe ~ [596]

    ----------------------[ Recherche avec S_Lop ]---------------------

    Aucun fichier / dossier Lop trouvé !

    -----------------[ Recherche de Fichiers / Dossiers Lop ]-----------------

    C:\DOCUME~1\ALLUSE~1\APPLIC~1\Bin Wait Ante Cast
    C:\DOCUME~1\ALLUSE~1\APPLIC~1\Bin Wait Ante Cast\ace love.exe
    C:\DOCUME~1\angelo\APPLIC~1\teamgp~1
    C:\DOCUME~1\angelo\APPLIC~1\teamgp~1\cniapmpj.exe
    C:\DOCUME~1\angelo\APPLIC~1\teamgp~1\dipfgjfb.exe
    C:\DOCUME~1\angelo\APPLIC~1\teamgp~1\dwbldmek.exe
    C:\DOCUME~1\angelo\APPLIC~1\teamgp~1\eibbanly.exe
    C:\DOCUME~1\angelo\APPLIC~1\teamgp~1\Extra Poke Tick.exe
    C:\DOCUME~1\angelo\APPLIC~1\teamgp~1\mlmgivnn.exe
    C:\DOCUME~1\angelo\APPLIC~1\teamgp~1\namedupe64sixth.exe
    C:\DOCUME~1\angelo\APPLIC~1\teamgp~1\rijynweo.exe
    C:\DOCUME~1\angelo\APPLIC~1\teamgp~1\Signbashdumb.exe
    C:\DOCUME~1\angelo\APPLIC~1\teamgp~1\sxkgiqzl.exe
    C:\Program Files\teamgp~1
    C:\Program Files\Circle Developement
    C:\Program Files\Circle Developement\Uninstall.exe
    C:\WINDOWS\Prefetch\SIGNBASHDUMB.EXE-22523FFE.pf
    C:\DOCUME~1\angelo\Cookies\angelo@www.adserver5[1].txt
    C:\DOCUME~1\angelo\Cookies\angelo@adin.bigpoint[2].txt
    C:\DOCUME~1\angelo\Cookies\angelo@bigpoint[2].txt
    C:\DOCUME~1\angelo\Cookies\angelo@fr1.seafight.bigpoint[2].txt
    C:\DOCUME~1\angelo\Cookies\angelo@banner.casinoking[2].txt
    C:\DOCUME~1\angelo\Cookies\angelo@casinoking[2].txt
    C:\DOCUME~1\angelo\Cookies\angelo@banner.cotedazurpalace[2].txt
    C:\DOCUME~1\angelo\Cookies\angelo@cotedazurpalace[2].txt
    C:\DOCUME~1\angelo\Cookies\angelo@adopt.euroclick[1].txt
    C:\DOCUME~1\angelo\Cookies\angelo@adopt.euroclick[2].txt
    C:\DOCUME~1\angelo\Cookies\angelo@partygaming.122.2o7[1].txt
    C:\DOCUME~1\angelo\Cookies\angelo@partypoker[2].txt
    C:\DOCUME~1\angelo\Cookies\angelo@fr1.seafight.bigpoint[2].txt
    C:\DOCUME~1\angelo\Cookies\angelo@32vegas[2].txt
    C:\DOCUME~1\angelo\Cookies\angelo@banner.32vegas[2].txt
    C:\DOCUME~1\angelo\Cookies\angelo@vegasred[1].txt
    C:\DOCUME~1\angelo\Cookies\angelo@2xmoinscher[1].txt
    C:\DOCUME~1\angelo\Cookies\angelo@cc.2xmoinscher[1].txt
    C:\DOCUME~1\angelo\Cookies\angelo@www.2xmoinscher[2].txt
    C:\WINDOWS\Tasks\A04ECC40918549E8.job

    ----------------------[ Verification du Registre ]----------------------

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "Ante Global"="C:\\DOCUME~1\\angelo\\APPLIC~1\\TEAMGP~1\\Extra Poke Tick.exe"

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "ante cast ooze tray"="C:\\Documents and Settings\\All Users\\Application Data\\Bin Wait Ante Cast\\ace love.exe"

    --------------------[ Verification du fichier Hosts ]---------------------

    Fichier Hosts MODIFIE

    127.0.0.1 bin.errorprotector.com ## added by CiD
    127.0.0.1 br.errorsafe.com ## added by CiD
    127.0.0.1 br.winantivirus.com ## added by CiD
    127.0.0.1 br.winfixer.com ## added by CiD
    127.0.0.1 cdn.drivecleaner.com ## added by CiD
    127.0.0.1 cdn.errorsafe.com ## added by CiD
    127.0.0.1 cdn.winsoftware.com ## added by CiD
    127.0.0.1 de.errorsafe.com ## added by CiD
    127.0.0.1 de.winantivirus.com ## added by CiD
    127.0.0.1 download.cdn.drivecleaner.com ## added by CiD
    127.0.0.1 download.cdn.errorsafe.com ## added by CiD
    127.0.0.1 download.cdn.winsoftware.com ## added by CiD
    127.0.0.1 download.errorsafe.com ## added by CiD
    127.0.0.1 download.systemdoctor.com ## added by CiD
    127.0.0.1 download.winantispyware.com ## added by CiD
    127.0.0.1 download.windrivecleaner.com ## added by CiD
    127.0.0.1 download.winfixer.com ## added by CiD
    127.0.0.1 drivecleaner.com ## added by CiD
    127.0.0.1 dynamique.drivecleaner.com ## added by CiD
    127.0.0.1 errorprotector.com ## added by CiD
    127.0.0.1 errorsafe.com ## added by CiD
    127.0.0.1 es.winantivirus.com ## added by CiD
    127.0.0.1 fr.winantivirus.com ## added by CiD
    127.0.0.1 fr.winfixer.com ## added by CiD
    127.0.0.1 go.drivecleaner.com ## added by CiD
    127.0.0.1 go.errorsafe.com ## added by CiD
    127.0.0.1 go.winantispyware.com ## added by CiD
    127.0.0.1 go.winantivirus.com ## added by CiD
    127.0.0.1 hk.winantivirus.com ## added by CiD
    127.0.0.1 instlog.errorsafe.com ## added by CiD
    127.0.0.1 instlog.winantivirus.com ## added by CiD
    127.0.0.1 instlog.winfixer.com ## added by CiD
    127.0.0.1 jsp.drivecleaner.com ## added by CiD
    127.0.0.1 kb.errorsafe.com ## added by CiD
    127.0.0.1 kb.winantivirus.com ## added by CiD
    127.0.0.1 nl.errorsafe.com ## added by CiD
    127.0.0.1 se.errorsafe.com ## added by CiD
    127.0.0.1 secure.drivecleaner.com ## added by CiD
    127.0.0.1 secure.errorsafe.com ## added by CiD
    127.0.0.1 secure.winantispam.com ## added by CiD
    127.0.0.1 secure.winantispy.com ## added by CiD
    127.0.0.1 secure.winantivirus.com ## added by CiD
    127.0.0.1 support.winantivirus.com ## added by CiD
    127.0.0.1 trial.updates.winsoftware.com ## added by CiD
    127.0.0.1 ulog.winantivirus.com ## added by CiD
    127.0.0.1 utils.errorsafe.com ## added by CiD
    127.0.0.1 utils.winantivirus.com ## added by CiD
    127.0.0.1 utils.winfixer.com ## added by CiD
    127.0.0.1 winantispyware.com ## added by CiD
    127.0.0.1 winantivirus.com ## added by CiD
    127.0.0.1 winfixer.com ## added by CiD
    127.0.0.1 winfixer2006.com ## added by CiD
    127.0.0.1 winsoftware.com ## added by CiD
    127.0.0.1 www.drivecleaner.com ## added by CiD
    127.0.0.1 www.errorprotector.com ## added by CiD
    127.0.0.1 www.errorsafe.com ## added by CiD
    127.0.0.1 www.systemdoctor.com ## added by CiD
    127.0.0.1 www.utils.winfixer.com ## added by CiD
    127.0.0.1 www.win-anti-virus-pro.com ## added by CiD
    127.0.0.1 www.win-virus-pro.com ## added by CiD
    127.0.0.1 www.winantispam.com ## added by CiD
    127.0.0.1 www.winantispy.com ## added by CiD
    127.0.0.1 www.winantispyware.com ## added by CiD
    127.0.0.1 www.winantivirus.com ## added by CiD
    127.0.0.1 www.winantiviruspro.com ## added by CiD
    127.0.0.1 www.windrivecleaner.com ## added by CiD
    127.0.0.1 www.windrivesafe.com ## added by CiD
    127.0.0.1 www.winfixer.com ## added by CiD
    127.0.0.1 www.winfixer2006.com ## added by CiD
    127.0.0.1 www.winsoftware.com ## added by CiD

    -> 71 ( 70 ## added by CiD )

    ----------------[ Recherche de fichiers avec Catchme ]-----------------

    catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
    Rootkit scan 2008-06-04 19:02:49
    Windows 5.1.2600 Service Pack 2 NTFS
    scanning hidden processes ...
    scanning hidden files ...
    scan completed successfully
    hidden processes: 0
    hidden files: 0

    --------------------[ Recherche d'autres infections ]---------------------


    Aucune autre infection trouvée !

    [F:1254][D:7]-> C:\DOCUME~1\angelo\LOCALS~1\Temp
    [F:792][D:0]-> C:\DOCUME~1\angelo\Cookies
    [F:16154][D:23]-> C:\DOCUME~1\angelo\LOCALS~1\TEMPOR~1\content.IE5

    --------------------[ Fin du rapport a 19:04:26.65 ]----------------------
    4 Juin 2008 19:41:11

    Re,

    Relance Lop S&D

  • Choisis cette fois ci l'Option 3 (Suppression - Hosts)
  • Ne ferme pas la fenêtre lors de la suppression !
  • Poste le rapport généré (C:\lopR.txt)

    Si ton bureau ne réapparait pas, fais CTRL+ALT+SUPP pour ouvrir le gestionnaire de tâches.
    Puis rends-toi à l'onglet "processus". Clique en haut à gauche sur fichiers et choisis "Nouvelle tâche (exécuter)"
    Tapes explorer et valide. Cela te fera apparaitre ton bureau
    Anonyme
    4 Juin 2008 19:53:25

    Voila le rapport :
    Ah ouii en faisant cela j'ai eu un virus qui est apparu .. donc voila :s je sais pas si c'est a cause de sa ..


    -----------------------[ Lop S&D 4.2.1-2 XP/Vista ]---------------------

    [ Windows XP (NT 5.1) Build 2600, Service Pack 2 ]
    [ USER : angelo ] [ "C:\Lop SD" ] [ Selection : 3 ]
    [ 2008-06-04 | 19:43:07.84 ] [ PC : DANGELO-AT1WLIR ]
    [ MAJ : 01-06-2008 | 15:51 ]


    \\\\\\\\\\\\\\\\\\\\\\\\\\\\\\ SUPPRESSION /////////////////////////////

    Supprimé! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\Bin Wait Ante Cast\ace love.exe
    Supprimé! - C:\DOCUME~1\angelo\APPLIC~1\teamgp~1\cniapmpj.exe
    Supprimé! - C:\DOCUME~1\angelo\APPLIC~1\teamgp~1\dipfgjfb.exe
    Supprimé! - C:\DOCUME~1\angelo\APPLIC~1\teamgp~1\dwbldmek.exe
    Supprimé! - C:\DOCUME~1\angelo\APPLIC~1\teamgp~1\eibbanly.exe
    Supprimé! - C:\DOCUME~1\angelo\APPLIC~1\teamgp~1\Extra Poke Tick.exe
    Supprimé! - C:\DOCUME~1\angelo\APPLIC~1\teamgp~1\mlmgivnn.exe
    Supprimé! - C:\DOCUME~1\angelo\APPLIC~1\teamgp~1\namedupe64sixth.exe
    Supprimé! - C:\DOCUME~1\angelo\APPLIC~1\teamgp~1\rijynweo.exe
    Supprimé! - C:\DOCUME~1\angelo\APPLIC~1\teamgp~1\Signbashdumb.exe
    Supprimé! - C:\DOCUME~1\angelo\APPLIC~1\teamgp~1\sxkgiqzl.exe
    Supprimé! - C:\Program Files\Circle Developement\Uninstall.exe
    Supprimé! - C:\WINDOWS\Prefetch\SIGNBASHDUMB.EXE-22523FFE.pf
    Supprimé! - C:\DOCUME~1\angelo\Cookies\angelo@www.adserver5[1].txt
    Supprimé! - C:\DOCUME~1\angelo\Cookies\angelo@adin.bigpoint[2].txt
    Supprimé! - C:\DOCUME~1\angelo\Cookies\angelo@bigpoint[2].txt
    Supprimé! - C:\DOCUME~1\angelo\Cookies\angelo@fr1.seafight.bigpoint[2].txt
    Supprimé! - C:\DOCUME~1\angelo\Cookies\angelo@banner.casinoking[2].txt
    Supprimé! - C:\DOCUME~1\angelo\Cookies\angelo@casinoking[2].txt
    Supprimé! - C:\DOCUME~1\angelo\Cookies\angelo@banner.cotedazurpalace[2].txt
    Supprimé! - C:\DOCUME~1\angelo\Cookies\angelo@cotedazurpalace[2].txt
    Supprimé! - C:\DOCUME~1\angelo\Cookies\angelo@adopt.euroclick[1].txt
    Supprimé! - C:\DOCUME~1\angelo\Cookies\angelo@adopt.euroclick[2].txt
    Supprimé! - C:\DOCUME~1\angelo\Cookies\angelo@partygaming.122.2o7[1].txt
    Supprimé! - C:\DOCUME~1\angelo\Cookies\angelo@32vegas[2].txt
    Supprimé! - C:\DOCUME~1\angelo\Cookies\angelo@banner.32vegas[2].txt
    Supprimé! - C:\DOCUME~1\angelo\Cookies\angelo@vegasred[1].txt
    Supprimé! - C:\DOCUME~1\angelo\Cookies\angelo@2xmoinscher[1].txt
    Supprimé! - C:\DOCUME~1\angelo\Cookies\angelo@cc.2xmoinscher[1].txt
    Supprimé! - C:\DOCUME~1\angelo\Cookies\angelo@www.2xmoinscher[2].txt
    Supprimé! - C:\WINDOWS\Tasks\A04ECC40918549E8.job
    Supprimé! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\Bin Wait Ante Cast
    Supprimé! - C:\DOCUME~1\angelo\APPLIC~1\teamgp~1
    Supprimé! - C:\Program Files\teamgp~1
    Supprimé! - C:\Program Files\Circle Developement

    //////////////////////////////////////-\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\


    -------------[ Listing des dossiers dans Application Data ]------------

    [2008-06-01|10:41] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe
    [2008-05-20|17:58] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple
    [2007-07-20|20:43] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple Computer
    [2007-04-01|18:08] C:\DOCUME~1\ALLUSE~1\APPLIC~1\desktop.ini
    [2008-01-07|21:11] C:\DOCUME~1\ALLUSE~1\APPLIC~1\ESET
    [2007-07-22|11:15] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Google
    [2008-02-16|19:50] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Grisoft
    [2008-06-03|21:13] C:\DOCUME~1\ALLUSE~1\APPLIC~1\LauncherAccess.dt
    [2007-07-25|01:09] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Messenger Plus!
    [2007-08-31|23:29] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft
    [2007-04-30|14:38] C:\DOCUME~1\ALLUSE~1\APPLIC~1\MSN6
    [2007-09-12|18:49] C:\DOCUME~1\ALLUSE~1\APPLIC~1\nView_Profiles
    [2007-07-21|10:11] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Genuine Advantage
    [2007-07-20|18:58] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Live Toolbar
    [2008-01-29|20:25] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WLInstaller
    [2008-01-08|20:18] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Yahoo! Companion

    [2008-05-17|20:15] C:\DOCUME~1\angelo\APPLIC~1\Adobe
    [2007-09-10|18:25] C:\DOCUME~1\angelo\APPLIC~1\AdobeUM
    [2007-08-20|18:42] C:\DOCUME~1\angelo\APPLIC~1\Anuman Interactive
    [2007-08-15|16:28] C:\DOCUME~1\angelo\APPLIC~1\Apple Computer
    [2007-04-01|18:08] C:\DOCUME~1\angelo\APPLIC~1\desktop.ini
    [2007-12-05|13:32] C:\DOCUME~1\angelo\APPLIC~1\DivX
    [2007-12-19|22:08] C:\DOCUME~1\angelo\APPLIC~1\GetRightToGo
    [2008-02-17|17:04] C:\DOCUME~1\angelo\APPLIC~1\Google
    [2008-02-16|19:50] C:\DOCUME~1\angelo\APPLIC~1\Grisoft
    [2007-04-02|18:17] C:\DOCUME~1\angelo\APPLIC~1\Help
    [2007-04-01|17:25] C:\DOCUME~1\angelo\APPLIC~1\Identities
    [2007-09-11|07:58] C:\DOCUME~1\angelo\APPLIC~1\Leadertech
    [2008-06-04|08:47] C:\DOCUME~1\angelo\APPLIC~1\LimeWire
    [2007-07-20|18:10] C:\DOCUME~1\angelo\APPLIC~1\Macromedia
    [2007-12-23|11:10] C:\DOCUME~1\angelo\APPLIC~1\Media Player Classic
    [2008-01-07|19:38] C:\DOCUME~1\angelo\APPLIC~1\Microsoft
    [2008-05-11|10:50] C:\DOCUME~1\angelo\APPLIC~1\Mozilla
    [2007-04-30|14:38] C:\DOCUME~1\angelo\APPLIC~1\MSN6
    [2007-10-06|22:55] C:\DOCUME~1\angelo\APPLIC~1\Samsung
    [2008-02-05|09:07] C:\DOCUME~1\angelo\APPLIC~1\Sun
    [2008-05-11|10:50] C:\DOCUME~1\angelo\APPLIC~1\TomTom

    [2007-04-01|18:08] C:\DOCUME~1\DEFAUL~1\APPLIC~1\desktop.ini
    [2007-04-01|17:17] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft

    [2007-04-01|17:20] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft

    [2007-04-01|17:20] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft

    ----------------[ Tâches planifiées dans C:\WINDOWS\tasks ]---------------

    [2008-06-04 14:50][--a------] C:\WINDOWS\tasks\AppleSoftwareUpdate.job
    [2008-06-04 18:45][--a------] C:\WINDOWS\tasks\V‚rifier les mises … jour de Windows Live Toolbar.job
    [2008-06-04 06:55][--ah-----] C:\WINDOWS\tasks\SA.DAT
    [2002-08-30 14:00][-r-h-----] C:\WINDOWS\tasks\desktop.ini

    ---------------[ Listing des dossiers dans C:\Program Files ]--------------

    [2008-06-01|10:41] C:\Program Files\Adobe
    [2007-07-20|20:21] C:\Program Files\Alwil Software
    [2007-08-20|18:21] C:\Program Files\Anuman Interactive
    [2008-05-20|17:58] C:\Program Files\Apple Software Update
    [2008-02-17|11:11] C:\Program Files\Axis Communications
    [2008-01-08|18:59] C:\Program Files\CCleaner
    [2007-04-01|17:16] C:\Program Files\ComPlus Applications
    [2007-07-20|20:13] C:\Program Files\directx
    [2007-12-23|11:09] C:\Program Files\DivX
    [2007-12-28|14:28] C:\Program Files\Easy Gif Animator Extension
    [2008-06-01|20:18] C:\Program Files\eMule
    [2008-01-07|21:11] C:\Program Files\ESET
    [2008-01-29|20:19] C:\Program Files\Fichiers communs
    [2008-02-17|17:04] C:\Program Files\Google
    [2008-02-16|19:50] C:\Program Files\Grisoft
    [2007-09-16|16:16] C:\Program Files\InstallShield Installation Information
    [2008-04-09|21:19] C:\Program Files\Internet Explorer
    [2007-07-20|20:43] C:\Program Files\iPod
    [2007-07-20|20:43] C:\Program Files\iTunes
    [2008-03-30|07:58] C:\Program Files\Java
    [2007-12-23|11:09] C:\Program Files\K-Lite Codec Pack
    [2008-06-01|16:27] C:\Program Files\LimeWire
    [2007-07-20|20:13] C:\Program Files\Logitech
    [2008-01-16|23:00] C:\Program Files\Messenger
    [2008-03-28|21:11] C:\Program Files\Messenger Plus! Live
    [2007-07-22|11:10] C:\Program Files\Microsoft CAPICOM 2.1.0.2
    [2007-04-01|17:18] C:\Program Files\microsoft frontpage
    [2008-01-15|12:51] C:\Program Files\Movie Maker
    [2007-04-01|17:15] C:\Program Files\MSN
    [2007-04-01|17:15] C:\Program Files\MSN Gaming Zone
    [2008-01-29|20:37] C:\Program Files\MSN Messenger
    [2008-01-16|22:58] C:\Program Files\MSXML 4.0
    [2008-01-15|12:49] C:\Program Files\NetMeeting
    [2008-01-16|23:00] C:\Program Files\Outlook Express
    [2007-07-20|20:43] C:\Program Files\QuickTime
    [2008-01-29|19:11] C:\Program Files\Recovery for Excel
    [2007-04-01|17:40] C:\Program Files\S3Inc
    [2007-09-16|16:12] C:\Program Files\Samsung
    [2007-04-01|17:17] C:\Program Files\Services en ligne
    [2008-02-22|17:15] C:\Program Files\Sunbelt Software
    [2007-04-02|18:11] C:\Program Files\Thomson
    [2008-05-11|10:50] C:\Program Files\TomTom HOME 2
    [2008-06-04|11:31] C:\Program Files\Trend Micro
    [2007-04-01|17:25] C:\Program Files\Uninstall Information
    [2007-10-04|17:55] C:\Program Files\Wanadoo
    [2008-01-29|20:22] C:\Program Files\Windows Live
    [2007-12-01|08:49] C:\Program Files\Windows Live Toolbar
    [2008-01-22|11:59] C:\Program Files\Windows Media Connect 2
    [2008-01-22|11:59] C:\Program Files\Windows Media Player
    [2008-01-15|12:49] C:\Program Files\Windows NT
    [2007-07-20|18:58] C:\Program Files\WindowsUpdate
    [2007-04-01|17:18] C:\Program Files\xerox
    [2008-01-08|18:59] C:\Program Files\Yahoo!

    ------[ Listing des dossiers dans C:\Program Files\Fichiers communs ]------

    [2008-06-01|10:41] C:\Program Files\Fichiers communs\Adobe
    [2007-04-03|19:24] C:\Program Files\Fichiers communs\FDEUnInstaller.exe
    [2007-04-11|17:16] C:\Program Files\Fichiers communs\InstallShield
    [2007-11-18|09:32] C:\Program Files\Fichiers communs\Java
    [2007-07-20|20:13] C:\Program Files\Fichiers communs\Logitech
    [2008-01-29|20:36] C:\Program Files\Fichiers communs\Microsoft Shared
    [2007-04-01|17:16] C:\Program Files\Fichiers communs\MSSoap
    [2007-04-01|18:08] C:\Program Files\Fichiers communs\ODBC
    [2007-04-01|17:16] C:\Program Files\Fichiers communs\Services
    [2007-04-01|18:08] C:\Program Files\Fichiers communs\SpeechEngines
    [2008-01-16|23:00] C:\Program Files\Fichiers communs\System
    [2007-09-10|19:46] C:\Program Files\Fichiers communs\Vbox
    [2008-01-29|20:19] C:\Program Files\Fichiers communs\WindowsLiveInstaller

    ---------------------------[ Process ]--------------------------

    ... 52

    ... OK !

    ----------------------[ Recherche avec S_Lop ]---------------------

    Aucun fichier / dossier Lop trouvé !

    -----------------[ Recherche de Fichiers / Dossiers Lop ]-----------------

    C:\DOCUME~1\angelo\Cookies\angelo@partypoker[1].txt

    ----------------------[ Verification du Registre ]----------------------

    ..... OK !

    --------------------[ Verification du fichier Hosts ]---------------------

    Fichier Hosts MODIFIE

    127.0.0.1 bin.errorprotector.com ## added by CiD
    127.0.0.1 br.errorsafe.com ## added by CiD
    127.0.0.1 br.winantivirus.com ## added by CiD
    127.0.0.1 br.winfixer.com ## added by CiD
    127.0.0.1 cdn.drivecleaner.com ## added by CiD
    127.0.0.1 cdn.errorsafe.com ## added by CiD
    127.0.0.1 cdn.winsoftware.com ## added by CiD
    127.0.0.1 de.errorsafe.com ## added by CiD
    127.0.0.1 de.winantivirus.com ## added by CiD
    127.0.0.1 download.cdn.drivecleaner.com ## added by CiD
    127.0.0.1 download.cdn.errorsafe.com ## added by CiD
    127.0.0.1 download.cdn.winsoftware.com ## added by CiD
    127.0.0.1 download.errorsafe.com ## added by CiD
    127.0.0.1 download.systemdoctor.com ## added by CiD
    127.0.0.1 download.winantispyware.com ## added by CiD
    127.0.0.1 download.windrivecleaner.com ## added by CiD
    127.0.0.1 download.winfixer.com ## added by CiD
    127.0.0.1 drivecleaner.com ## added by CiD
    127.0.0.1 dynamique.drivecleaner.com ## added by CiD
    127.0.0.1 errorprotector.com ## added by CiD
    127.0.0.1 errorsafe.com ## added by CiD
    127.0.0.1 es.winantivirus.com ## added by CiD
    127.0.0.1 fr.winantivirus.com ## added by CiD
    127.0.0.1 fr.winfixer.com ## added by CiD
    127.0.0.1 go.drivecleaner.com ## added by CiD
    127.0.0.1 go.errorsafe.com ## added by CiD
    127.0.0.1 go.winantispyware.com ## added by CiD
    127.0.0.1 go.winantivirus.com ## added by CiD
    127.0.0.1 hk.winantivirus.com ## added by CiD
    127.0.0.1 instlog.errorsafe.com ## added by CiD
    127.0.0.1 instlog.winantivirus.com ## added by CiD
    127.0.0.1 instlog.winfixer.com ## added by CiD
    127.0.0.1 jsp.drivecleaner.com ## added by CiD
    127.0.0.1 kb.errorsafe.com ## added by CiD
    127.0.0.1 kb.winantivirus.com ## added by CiD
    127.0.0.1 nl.errorsafe.com ## added by CiD
    127.0.0.1 se.errorsafe.com ## added by CiD
    127.0.0.1 secure.drivecleaner.com ## added by CiD
    127.0.0.1 secure.errorsafe.com ## added by CiD
    127.0.0.1 secure.winantispam.com ## added by CiD
    127.0.0.1 secure.winantispy.com ## added by CiD
    127.0.0.1 secure.winantivirus.com ## added by CiD
    127.0.0.1 support.winantivirus.com ## added by CiD
    127.0.0.1 trial.updates.winsoftware.com ## added by CiD
    127.0.0.1 ulog.winantivirus.com ## added by CiD
    127.0.0.1 utils.errorsafe.com ## added by CiD
    127.0.0.1 utils.winantivirus.com ## added by CiD
    127.0.0.1 utils.winfixer.com ## added by CiD
    127.0.0.1 winantispyware.com ## added by CiD
    127.0.0.1 winantivirus.com ## added by CiD
    127.0.0.1 winfixer.com ## added by CiD
    127.0.0.1 winfixer2006.com ## added by CiD
    127.0.0.1 winsoftware.com ## added by CiD
    127.0.0.1 www.drivecleaner.com ## added by CiD
    127.0.0.1 www.errorprotector.com ## added by CiD
    127.0.0.1 www.errorsafe.com ## added by CiD
    127.0.0.1 www.systemdoctor.com ## added by CiD
    127.0.0.1 www.utils.winfixer.com ## added by CiD
    127.0.0.1 www.win-anti-virus-pro.com ## added by CiD
    127.0.0.1 www.win-virus-pro.com ## added by CiD
    127.0.0.1 www.winantispam.com ## added by CiD
    127.0.0.1 www.winantispy.com ## added by CiD
    127.0.0.1 www.winantispyware.com ## added by CiD
    127.0.0.1 www.winantivirus.com ## added by CiD
    127.0.0.1 www.winantiviruspro.com ## added by CiD
    127.0.0.1 www.windrivecleaner.com ## added by CiD
    127.0.0.1 www.windrivesafe.com ## added by CiD
    127.0.0.1 www.winfixer.com ## added by CiD
    127.0.0.1 www.winfixer2006.com ## added by CiD
    127.0.0.1 www.winsoftware.com ## added by CiD

    -> 71 ( 70 ## added by CiD )

    ----------------[ Recherche de fichiers avec Catchme ]-----------------

    catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
    Rootkit scan 2008-06-04 19:47:29
    Windows 5.1.2600 Service Pack 2 NTFS
    scanning hidden processes ...
    scanning hidden files ...
    scan completed successfully
    hidden processes: 0
    hidden files: 0

    --------------------[ Recherche d'autres infections ]---------------------


    Aucune autre infection trouvée !

    [F:1263][D:7]-> C:\DOCUME~1\angelo\LOCALS~1\Temp
    [F:780][D:0]-> C:\DOCUME~1\angelo\Cookies
    [F:14606][D:23]-> C:\DOCUME~1\angelo\LOCALS~1\TEMPOR~1\content.IE5

    --------------------[ Fin du rapport a 19:49:22.70 ]----------------------
    4 Juin 2008 20:00:41

    Bien, poste un nouveau rapport HijackThis.
    Anonyme
    4 Juin 2008 20:04:40

    Voila:

    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 20:04, on 2008-06-04
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v7.00 (7.00.6000.16640)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
    C:\Program Files\Alwil Software\Avast4\ashServ.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\PROGRA~1\Wanadoo\TaskbarIcon.exe
    C:\PROGRA~1\Wanadoo\CnxMon.exe
    C:\Program Files\Thomson\SpeedTouch USB\Dragdiag.exe
    C:\WINDOWS\SOUNDMAN.EXE
    C:\WINDOWS\system32\RUNDLL32.EXE
    C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb10.exe
    C:\WINDOWS\System32\LVCOMSX.EXE
    C:\Program Files\Logitech\Video\LogiTray.exe
    C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
    C:\Program Files\iTunes\iTunesHelper.exe
    C:\WINDOWS\AGRSMMSG.exe
    C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
    C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\MSN Messenger\MsnMsgr.Exe
    C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
    C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
    C:\Program Files\TomTom HOME 2\HOMERunner.exe
    C:\Program Files\Sunbelt Software\Personal Firewall\kpf4ss.exe
    C:\WINDOWS\System32\nvsvc32.exe
    C:\Program Files\Logitech\Video\FxSvr2.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
    C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
    C:\Program Files\Sunbelt Software\Personal Firewall\kpf4gui.exe
    C:\Program Files\iPod\bin\iPodService.exe
    C:\Program Files\Sunbelt Software\Personal Firewall\kpf4gui.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\MSN Messenger\usnsvc.exe
    C:\Program Files\iTunes\iTunes.exe
    C:\Program Files\LimeWire\LimeWire.exe
    C:\WINDOWS\system32\RUNDLL32.exe
    C:\WINDOWS\system32\RUNDLL32.exe
    C:\WINDOWS\explorer.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/ig?sourceid=navclient&hl=fr&ie=UTF...
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
    R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\PROGRA~1\Wanadoo\SEARCH~1.DLL
    R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
    O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
    O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
    O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: Easy Gif Animator Toolbar Helper - {96372AB6-15EB-4316-B497-71C741BC548C} - C:\Program Files\Easy Gif Animator Extension\v3.3.0.0\EasyGifAnimator_Toolbar.dll
    O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
    O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.1.1119.1736\swg.dll
    O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
    O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
    O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
    O3 - Toolbar: Easy Gif Animator Toolbar - {35065594-9169-4A34-B167-FC4865038E53} - C:\Program Files\Easy Gif Animator Extension\v3.3.0.0\EasyGifAnimator_Toolbar.dll
    O3 - Toolbar: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
    O4 - HKLM\..\Run: [WOOWATCH] C:\PROGRA~1\Wanadoo\Watch.exe
    O4 - HKLM\..\Run: [WOOTASKBARICON] C:\PROGRA~1\Wanadoo\TaskbarIcon.exe
    O4 - HKLM\..\Run: [WooCnxMon] C:\PROGRA~1\Wanadoo\CnxMon.exe
    O4 - HKLM\..\Run: [SpeedTouch USB Diagnostics] "C:\Program Files\Thomson\SpeedTouch USB\Dragdiag.exe" /icon
    O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
    O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
    O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\System32\NvMcTray.dll,NvTaskbarInit
    O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
    O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb10.exe
    O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\System32\LVCOMSX.EXE
    O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe
    O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe
    O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
    O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
    O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
    O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
    O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
    O4 - HKLM\..\Run: [UserFaultCheck] %systemroot%\system32\dumprep 0 -u
    O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
    O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
    O4 - HKCU\..\Run: [TomTomHOME.exe] "C:\Program Files\TomTom HOME 2\HOMERunner.exe"
    O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL')
    O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU')
    O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
    O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
    O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
    O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
    O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
    O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
    O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.ca...
    O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPACl...
    O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
    O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
    O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
    O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
    O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
    O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
    O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
    O23 - Service: Sunbelt Kerio Personal Firewall 4 (KPF4) - Sunbelt Software - C:\Program Files\Sunbelt Software\Personal Firewall\kpf4ss.exe
    O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe

    --
    End of file - 9657 bytes
    4 Juin 2008 20:24:14

    Re,

    Télécharge Clean (de Malekal) sur ton Bureau.

  • Dézippe le sur ton Bureau. Double-clic sur le dossier Clean qui vient d'apparaître.
  • Double-clic sur Clean.cmd. (L’extension cmd peut ne pas apparaître) Cela va ouvrir une fenêtre noire.
  • Un menu va apparaître, choisis l'option 1 puis entrée. Ensuite appuies sur une touche comme il te sera demandé.
  • Poste le rapport qui se trouve ici : C:\rapport_clean.txt

    Si tu obtiens un fichier C:\upload_moi.zip, merci de faire ceci.

    Aide : Comment utiliser Clean.

    *******

    Désinstalle via Ajout/Suppression de Programmes (si présents) :
  • Avast!

    Télécharge et exécute : http://www.avast.com/eng/avast-uninstall-utility.html

    Télécharge Ccleaner sur ton Bureau.

  • Clique sur "download the latest version"
  • Installe-le en laissant seulement les options suivantes cochées :
    - Ajouter un raccourci sur le Bureau
    - Contrôler automatiquement les mises à jour de CCleaner
  • Lance le Nettoyage
  • Clique sur Chercher des erreurs et sauvegarde si tu le souhaites.

    Aide : Comment utiliser CCleaner.

    ***************

    Télécharge AntiVir sur ton Bureau.

  • Double clique sur l'exécutable téléchargé pour lancer l'installation.
  • A la fin de l'installation, clique sur Finish.
  • Ouvre Antivir, assure-toi qu’il soit bien à jour !
  • Dans l'onglet Local Protection, choisis Scanner.
  • Active la recherche de rootkits via le + de rootkit search, puis dans manual selection, coche tout (tes partitions de disque dur).
  • Clique sur la loupe du milieu pour lancer le scan en tant qu'Administrateur.
  • Poste moi le rapport généré : Pour cela, clique sur l'onglet Overview, puis choisis Reports, tu trouveras son rapport..

    Note : Pour une éradication des menaces plus efficace, lance le scan en mode sans échec.

    Pourquoi changer ? Avast vs Antivir.

    Aide : Comment installer et utiliser AntiVir.
    Anonyme
    4 Juin 2008 20:29:56

    Comment utiliser Clean sa marche pas et je sais pas comment faire .. :s
    Anonyme
    4 Juin 2008 20:35:09

    c'est j'ai réussit a faire débuter la recherche je laisse travailler Clean et je suis t'es autre information :)  mercii bcp
    Anonyme
    4 Juin 2008 21:58:27

    voila mon rapport :




    Avira AntiVir Personal
    Report file date: 2008-06-04 21:10

    Scanning for 1165085 virus strains and unwanted programs.

    Licensed to: Avira AntiVir PersonalEdition Classic
    Serial number: 0000149996-ADJIE-0001
    Platform: Windows XP
    Windows version: (Service Pack 2) [5.1.2600]
    Boot mode: Normally booted
    Username: angelo
    Computer name: DANGELO-AT1WLIR

    Version information:
    BUILD.DAT : 8.1.00.295 16479 Bytes 2008-04-09 16:24:00
    AVSCAN.EXE : 8.1.2.12 311553 Bytes 2008-03-18 09:02:56
    AVSCAN.DLL : 8.1.1.0 53505 Bytes 2008-02-07 08:43:37
    LUKE.DLL : 8.1.2.9 151809 Bytes 2008-02-28 08:41:23
    LUKERES.DLL : 8.1.2.1 12033 Bytes 2008-02-21 08:28:40
    ANTIVIR0.VDF : 6.40.0.0 11030528 Bytes 2007-07-18 10:33:34
    ANTIVIR1.VDF : 7.0.3.2 5447168 Bytes 2008-03-07 13:08:58
    ANTIVIR2.VDF : 7.0.3.62 337408 Bytes 2008-03-21 19:12:34
    ANTIVIR3.VDF : 7.0.3.68 57856 Bytes 2008-03-25 08:27:50
    Engineversion : 8.1.0.28
    AEVDF.DLL : 8.1.0.5 102772 Bytes 2008-02-25 09:58:21
    AESCRIPT.DLL : 8.1.0.19 229754 Bytes 2008-04-07 15:34:44
    AESCN.DLL : 8.1.0.12 115060 Bytes 2008-04-07 15:34:44
    AERDL.DLL : 8.1.0.19 418164 Bytes 2008-04-07 15:34:44
    AEPACK.DLL : 8.1.1.0 364918 Bytes 2008-03-18 11:20:42
    AEOFFICE.DLL : 8.1.0.15 192889 Bytes 2008-04-07 15:34:44
    AEHEUR.DLL : 8.1.0.15 1147253 Bytes 2008-04-07 15:34:44
    AEHELP.DLL : 8.1.0.11 115061 Bytes 2008-04-07 15:34:43
    AEGEN.DLL : 8.1.0.15 299379 Bytes 2008-04-07 15:34:43
    AEEMU.DLL : 8.1.0.5 430450 Bytes 2008-04-07 15:34:43
    AECORE.DLL : 8.1.0.25 168309 Bytes 2008-04-08 09:58:32
    AVWINLL.DLL : 1.0.0.7 14593 Bytes 2008-01-23 17:07:53
    AVPREF.DLL : 8.0.0.1 25857 Bytes 2008-02-18 10:37:50
    AVREP.DLL : 7.0.0.1 155688 Bytes 2007-04-16 13:26:47
    AVREG.DLL : 8.0.0.0 30977 Bytes 2008-01-23 17:07:49
    AVARKT.DLL : 1.0.0.23 307457 Bytes 2008-02-12 08:29:23
    AVEVTLOG.DLL : 8.0.0.11 114945 Bytes 2008-02-28 08:31:31
    SQLITE3.DLL : 3.3.17.1 339968 Bytes 2008-01-22 17:28:02
    SMTPLIB.DLL : 1.2.0.19 28929 Bytes 2008-01-23 17:08:39
    NETNT.DLL : 8.0.0.1 7937 Bytes 2008-01-25 12:05:10
    RCIMAGE.DLL : 8.0.0.35 2371841 Bytes 2008-03-10 14:37:25
    RCTEXT.DLL : 8.0.32.0 86273 Bytes 2008-03-06 12:02:11

    Configuration settings for the scan:
    Jobname..........................: Manual Selection
    Configuration file...............: C:\Documents and Settings\All Users\Application Data\Avira\AntiVir PersonalEdition Classic\PROFILES\folder.avp
    Logging..........................: low
    Primary action...................: interactive
    Secondary action.................: ignore
    Scan master boot sector..........: on
    Scan boot sector.................: on
    Boot sectors.....................: C:, D:, E:, F:, G:, H:, I:,
    Scan memory......................: on
    Process scan.....................: on
    Scan registry....................: on
    Search for rootkits..............: off
    Scan all files...................: Intelligent file selection
    Scan archives....................: on
    Recursion depth..................: 20
    Smart extensions.................: on
    Macro heuristic..................: on
    File heuristic...................: medium

    Start of the scan: 2008-06-04 21:10

    The scan of running processes will be started
    Scan process 'avscan.exe' - '1' Module(s) have been scanned
    Scan process 'avcenter.exe' - '1' Module(s) have been scanned
    Scan process 'avgnt.exe' - '1' Module(s) have been scanned
    Scan process 'avguard.exe' - '1' Module(s) have been scanned
    Scan process 'sched.exe' - '1' Module(s) have been scanned
    Scan process 'wscntfy.exe' - '1' Module(s) have been scanned
    Scan process 'iexplore.exe' - '1' Module(s) have been scanned
    Scan process 'explorer.exe' - '1' Module(s) have been scanned
    Scan process 'rundll32.exe' - '1' Module(s) have been scanned
    Scan process 'rundll32.exe' - '1' Module(s) have been scanned
    Scan process 'LimeWire.exe' - '1' Module(s) have been scanned
    Scan process 'usnsvc.exe' - '1' Module(s) have been scanned
    Scan process 'svchost.exe' - '1' Module(s) have been scanned
    Scan process 'kpf4gui.exe' - '1' Module(s) have been scanned
    Scan process 'iPodService.exe' - '1' Module(s) have been scanned
    Scan process 'alg.exe' - '1' Module(s) have been scanned
    Scan process 'kpf4gui.exe' - '1' Module(s) have been scanned
    Scan process 'svchost.exe' - '1' Module(s) have been scanned
    Scan process 'FxSvr2.exe' - '1' Module(s) have been scanned
    Scan process 'nvsvc32.exe' - '1' Module(s) have been scanned
    Scan process 'kpf4ss.exe' - '1' Module(s) have been scanned
    Scan process 'HOMERunner.exe' - '1' Module(s) have been scanned
    Scan process 'guard.exe' - '1' Module(s) have been scanned
    Scan process 'GoogleToolbarNotifier.exe' - '1' Module(s) have been scanned
    Scan process 'msnmsgr.exe' - '1' Module(s) have been scanned
    Scan process 'ctfmon.exe' - '1' Module(s) have been scanned
    Scan process 'jusched.exe' - '1' Module(s) have been scanned
    Scan process 'avgas.exe' - '1' Module(s) have been scanned
    Scan process 'AGRSMMSG.exe' - '1' Module(s) have been scanned
    Scan process 'iTunesHelper.exe' - '1' Module(s) have been scanned
    Scan process 'LogiTray.exe' - '1' Module(s) have been scanned
    Scan process 'LVCOMSX.EXE' - '1' Module(s) have been scanned
    Scan process 'hpztsb10.exe' - '1' Module(s) have been scanned
    Scan process 'rundll32.exe' - '1' Module(s) have been scanned
    Scan process 'SOUNDMAN.EXE' - '1' Module(s) have been scanned
    Scan process 'dragdiag.exe' - '1' Module(s) have been scanned
    Scan process 'CnxMon.exe' - '1' Module(s) have been scanned
    Scan process 'TaskBarIcon.exe' - '1' Module(s) have been scanned
    Scan process 'spoolsv.exe' - '1' Module(s) have been scanned
    Scan process 'svchost.exe' - '1' Module(s) have been scanned
    Scan process 'svchost.exe' - '1' Module(s) have been scanned
    Scan process 'svchost.exe' - '1' Module(s) have been scanned
    Scan process 'svchost.exe' - '1' Module(s) have been scanned
    Scan process 'svchost.exe' - '1' Module(s) have been scanned
    Scan process 'lsass.exe' - '1' Module(s) have been scanned
    Scan process 'services.exe' - '1' Module(s) have been scanned
    Scan process 'winlogon.exe' - '1' Module(s) have been scanned
    Scan process 'csrss.exe' - '1' Module(s) have been scanned
    Scan process 'smss.exe' - '1' Module(s) have been scanned
    49 processes with 49 modules were scanned

    Starting master boot sector scan:
    Master boot sector HD0
    [INFO] No virus was found!
    Master boot sector HD1
    [INFO] No virus was found!
    [WARNING] Le périphérique n'est pas prêt.
    Master boot sector HD2
    [INFO] No virus was found!
    [WARNING] Le périphérique n'est pas prêt.
    Master boot sector HD3
    [INFO] No virus was found!
    [WARNING] Le périphérique n'est pas prêt.
    Master boot sector HD4
    [INFO] No virus was found!
    [WARNING] Le périphérique n'est pas prêt.

    Start scanning boot sectors:
    Boot sector 'C:\'
    [INFO] No virus was found!
    Boot sector 'F:\'
    [INFO] In the drive 'F:\' no data medium is inserted!
    Boot sector 'G:\'
    [INFO] In the drive 'G:\' no data medium is inserted!
    Boot sector 'H:\'
    [INFO] In the drive 'H:\' no data medium is inserted!
    Boot sector 'I:\'
    [INFO] In the drive 'I:\' no data medium is inserted!

    Starting to scan the registry.
    The registry was scanned ( '38' files ).


    Starting the file scan:

    Begin scan in 'C:\'
    C:\pagefile.sys
    [WARNING] The file could not be opened!
    C:\Lop SD\Backup-Lop\F\cniapmpj.exe
    [DETECTION] Is the Trojan horse TR/Dldr.Swizzor.Gen
    [NOTE] The file was moved to '48afede5.qua'!
    C:\Lop SD\Backup-Lop\F\dipfgjfb.exe
    [DETECTION] Is the Trojan horse TR/Dldr.Swizzor.Gen
    [NOTE] The file was moved to '48b6ede3.qua'!
    C:\Lop SD\Backup-Lop\F\dwbldmek.exe
    [DETECTION] Is the Trojan horse TR/Dldr.Swizzor.Gen
    [NOTE] The file was moved to '48a8edf3.qua'!
    C:\Lop SD\Backup-Lop\F\mlmgivnn.exe
    [DETECTION] Is the Trojan horse TR/Dldr.Swizzor.Gen
    [NOTE] The file was moved to '48b3edea.qua'!
    C:\Lop SD\Backup-Lop\F\rijynweo.exe
    [DETECTION] Is the Trojan horse TR/Dldr.Swizzor.Gen
    [NOTE] The file was deleted!
    Begin scan in 'D:\'
    Search path D:\ could not be opened!
    Le périphérique n'est pas prêt.

    Begin scan in 'E:\'
    Search path E:\ could not be opened!
    Le périphérique n'est pas prêt.

    Begin scan in 'F:\'
    Search path F:\ could not be opened!
    Le périphérique n'est pas prêt.

    Begin scan in 'G:\'
    Search path G:\ could not be opened!
    Le périphérique n'est pas prêt.

    Begin scan in 'H:\'
    Search path H:\ could not be opened!
    Le périphérique n'est pas prêt.

    Begin scan in 'I:\'
    Search path I:\ could not be opened!
    Le périphérique n'est pas prêt.



    End of the scan: 2008-06-04 21:52
    Used time: 42:37 min

    The scan has been done completely.

    4970 Scanning directories
    196941 Files were scanned
    5 viruses and/or unwanted programs were found
    0 Files were classified as suspicious:
    1 files were deleted
    0 files were repaired
    4 files were moved to quarantine
    0 files were renamed
    1 Files cannot be scanned
    196936 Files not concerned
    1530 Archives were scanned
    5 Warnings
    5 Notes

    5 Juin 2008 07:05:39

    Re,

    Poste le rapport Clean_txt =)
    Anonyme
    5 Juin 2008 07:23:17

    Re , le rapport Clean_txt je sais pas si il a été sauvegarder , et puis je trouve pas Clean cmd il me faudrait une petite explication pour l'utiliser merci d'avance .
    A se soir .
    5 Juin 2008 18:47:49

    Re,

    Tu as dézippé l'archive Clean ?
    Ensuite ouvre le dossier qui vient d'apparaître, double clique sur clean.cmd (.CMD peut ne pas apparaître !)

    A la fin du rapport, après avoir appuyé plusieurs fois sur les touches jusqu'à disparition de la fenêtre DOS (après que la page internet s'ouvre), le rapport apparaîtra .. Sinon, il est dans C:\
    Anonyme
    5 Juin 2008 19:16:38

    Je n'arrive pas a envoyer le rapport de Clean ! comment faire ? tu as a pas msn sa irais plus vite envoi un message privé.
    5 Juin 2008 19:40:40

    Tu postes le contenu du rapport qui se trouve ici :
    C:\rapport_clean.txt
    Anonyme
    5 Juin 2008 19:43:02

    Voila ce que j'ai ... je pense pas que se soit cela .


    2008-06-05 a 19:10:08.98

    *** Recherche des fichiers dans C:

    *** Recherche des fichiers dans C:\WINDOWS\

    *** Recherche des fichiers dans C:\WINDOWS\system32

    *** Recherche des fichiers dans C:\Program Files
    5 Juin 2008 19:48:12

    Poste un nouveau rapport HijackTHis ;) 
    Anonyme
    5 Juin 2008 19:49:24

    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 19:49, on 2008-06-05
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v7.00 (7.00.6000.16640)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\Explorer.EXE
    C:\WINDOWS\system32\spoolsv.exe
    C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
    C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
    C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
    C:\WINDOWS\System32\nvsvc32.exe
    C:\WINDOWS\System32\svchost.exe
    C:\PROGRA~1\Wanadoo\TaskbarIcon.exe
    C:\PROGRA~1\Wanadoo\CnxMon.exe
    C:\Program Files\Thomson\SpeedTouch USB\Dragdiag.exe
    C:\WINDOWS\SOUNDMAN.EXE
    C:\WINDOWS\system32\RUNDLL32.EXE
    C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb10.exe
    C:\WINDOWS\System32\LVCOMSX.EXE
    C:\Program Files\Logitech\Video\LogiTray.exe
    C:\Program Files\iTunes\iTunesHelper.exe
    C:\WINDOWS\AGRSMMSG.exe
    C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
    C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
    C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\MSN Messenger\MsnMsgr.Exe
    C:\Program Files\Logitech\Video\FxSvr2.exe
    C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
    C:\Program Files\TomTom HOME 2\HOMERunner.exe
    C:\WINDOWS\system32\wscntfy.exe
    C:\Program Files\iPod\bin\iPodService.exe
    C:\Program Files\MSN Messenger\usnsvc.exe
    C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\Program Files\iTunes\iTunes.exe
    C:\WINDOWS\system32\wuauclt.exe
    C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/ig?sourceid=navclient&hl=fr&ie=UTF...
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
    R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\PROGRA~1\Wanadoo\SEARCH~1.DLL
    R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
    O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
    O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
    O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: Easy Gif Animator Toolbar Helper - {96372AB6-15EB-4316-B497-71C741BC548C} - C:\Program Files\Easy Gif Animator Extension\v3.3.0.0\EasyGifAnimator_Toolbar.dll
    O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
    O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.1.1119.1736\swg.dll
    O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
    O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
    O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
    O3 - Toolbar: Easy Gif Animator Toolbar - {35065594-9169-4A34-B167-FC4865038E53} - C:\Program Files\Easy Gif Animator Extension\v3.3.0.0\EasyGifAnimator_Toolbar.dll
    O3 - Toolbar: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
    O4 - HKLM\..\Run: [WOOWATCH] C:\PROGRA~1\Wanadoo\Watch.exe
    O4 - HKLM\..\Run: [WOOTASKBARICON] C:\PROGRA~1\Wanadoo\TaskbarIcon.exe
    O4 - HKLM\..\Run: [WooCnxMon] C:\PROGRA~1\Wanadoo\CnxMon.exe
    O4 - HKLM\..\Run: [SpeedTouch USB Diagnostics] "C:\Program Files\Thomson\SpeedTouch USB\Dragdiag.exe" /icon
    O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
    O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
    O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\System32\NvMcTray.dll,NvTaskbarInit
    O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
    O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb10.exe
    O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\System32\LVCOMSX.EXE
    O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe
    O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
    O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
    O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
    O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
    O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
    O4 - HKLM\..\Run: [UserFaultCheck] %systemroot%\system32\dumprep 0 -u
    O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
    O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
    O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
    O4 - HKCU\..\Run: [TomTomHOME.exe] "C:\Program Files\TomTom HOME 2\HOMERunner.exe"
    O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL')
    O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU')
    O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
    O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
    O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
    O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
    O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
    O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
    O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.ca...
    O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPACl...
    O23 - Service: Avira AntiVir Personal – Free Antivirus Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
    O23 - Service: Avira AntiVir Personal – Free Antivirus Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
    O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
    O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
    O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
    O23 - Service: Sunbelt Kerio Personal Firewall 4 (KPF4) - Sunbelt Software - C:\Program Files\Sunbelt Software\Personal Firewall\kpf4ss.exe
    O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe

    --
    End of file - 9324 bytes
    6 Juin 2008 07:03:12

    Re,

    Relance HijackThis (clique droit -> lancer en tant qu'adminstrateur sous Vista), do a system scan only, coche ces lignes (si toujours présentes) :

    O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\System32\LVCOMSX.EXE
    O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe
    O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
    O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
    O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
    O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
    O4 - HKLM\..\Run: [UserFaultCheck] %systemroot%\system32\dumprep 0 -u
    O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
    O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe

    Ferme toutes les applications en cours (particulièrement ton navigateur Internet).
    Puis Fix Checked !

    *********

    Télécharge ToolsCleaner2 (de A.Rothstein)

  • Installe le sur ton Bureau.
  • Clique sur Recherche pour lancer le scan.
  • Clique sur Supprimer pour nettoyer les outils utilisés.
  • Clique sur Quitter.
  • Poste ce rapport ~>C:\TCleaner.txt<~

  • Garde Ccleaner, Avg (ou MBAM) et AntiVir si nous les avons installés..
  • Désactive-réactive la restauration système.
  • Rapporte ton infection sur Malware Complaints >Tuto<
  • Ton(tes) infection(s) : LOP.
  • Si tu ne la trouves pas dans la liste, poste dans Autres infections,

  • Mets ton ordi correctement à jour >ici<
  • Si ce n'est pas fait, assure-toi que les Mises à jour Automatiques Windows soient activées !

    Puis regarde ces dossiers :

    - Sécurité/Prévention
    - Conséquences de la multi-protection
    - Toolbars : Inutilité et ralentissements

    Bonne journée/soirée :) 
    Anonyme
    6 Juin 2008 07:23:10

    Voila le rapport ! Eh merci pour tout !!


    -->- Recherche:

    C:\SDFIX: trouvé !
    C:\Lop SD: trouvé !
    C:\Documents and Settings\All Users\Menu Démarrer\Programmes\HijackThis: trouvé !
    C:\Documents and Settings\All Users\Menu Démarrer\Programmes\HijackThis\HijackThis.lnk: trouvé !
    C:\Documents and Settings\angelo\Bureau\HijackThis.lnk: trouvé !
    C:\Documents and Settings\angelo\Bureau\Lop S&D.lnk: trouvé !
    C:\Documents and Settings\angelo\Bureau\Clean.zip: trouvé !
    C:\Documents and Settings\angelo\Bureau\clean\clean\tar.exe: trouvé !
    C:\Documents and Settings\angelo\Bureau\clean\clean\remove.reg: trouvé !
    C:\Documents and Settings\angelo\Bureau\clean\clean\pskill.exe: trouvé !
    C:\Documents and Settings\angelo\Bureau\clean\clean\LFiles.exe: trouvé !
    C:\Documents and Settings\angelo\Bureau\clean\clean\gzip.exe: trouvé !
    C:\Documents and Settings\angelo\Bureau\clean\clean\delsiri.cmd: trouvé !
    C:\Documents and Settings\angelo\Bureau\clean\clean\delr.cmd: trouvé !
    C:\Documents and Settings\angelo\Bureau\clean\clean\del3.cmd: trouvé !
    C:\Documents and Settings\angelo\Bureau\clean\clean\del2.cmd: trouvé !
    C:\Documents and Settings\angelo\Bureau\clean\clean\clean.cmd: trouvé !
    C:\Documents and Settings\angelo\Bureau\clean\clean\cherche.cmd: trouvé !
    C:\Documents and Settings\angelo\Menu Démarrer\Programmes\Lop S&D: trouvé !
    C:\Documents and Settings\angelo\Mes documents\LopSD.exe: trouvé !
    C:\Documents and Settings\angelo\Mes documents\Clean.zip: trouvé !
    C:\Lop SD\Lop S&D.lnk: trouvé !
    C:\Program Files\Trend Micro\HijackThis: trouvé !
    C:\Program Files\Trend Micro\HijackThis\HijackThis.exe: trouvé !

    ---------------------------------
    -->- Suppression:

    C:\Documents and Settings\All Users\Menu Démarrer\Programmes\HijackThis\HijackThis.lnk: supprimé !
    C:\Documents and Settings\angelo\Bureau\HijackThis.lnk: supprimé !
    C:\Documents and Settings\angelo\Bureau\Lop S&D.lnk: supprimé !
    C:\Documents and Settings\angelo\Bureau\Clean.zip: supprimé !
    C:\Documents and Settings\angelo\Bureau\clean\clean\tar.exe: supprimé !
    C:\Documents and Settings\angelo\Bureau\clean\clean\remove.reg: supprimé !
    C:\Documents and Settings\angelo\Bureau\clean\clean\pskill.exe: supprimé !
    C:\Documents and Settings\angelo\Bureau\clean\clean\LFiles.exe: supprimé !
    C:\Documents and Settings\angelo\Bureau\clean\clean\gzip.exe: supprimé !
    C:\Documents and Settings\angelo\Bureau\clean\clean\delsiri.cmd: supprimé !
    C:\Documents and Settings\angelo\Bureau\clean\clean\delr.cmd: supprimé !
    C:\Documents and Settings\angelo\Bureau\clean\clean\del3.cmd: supprimé !
    C:\Documents and Settings\angelo\Bureau\clean\clean\del2.cmd: supprimé !
    C:\Documents and Settings\angelo\Bureau\clean\clean\clean.cmd: supprimé !
    C:\Documents and Settings\angelo\Bureau\clean\clean\cherche.cmd: supprimé !
    C:\Documents and Settings\angelo\Mes documents\LopSD.exe: supprimé !
    C:\Documents and Settings\angelo\Mes documents\Clean.zip: supprimé !
    C:\Lop SD\Lop S&D.lnk: supprimé !
    C:\Program Files\Trend Micro\HijackThis\HijackThis.exe: supprimé !
    C:\SDFIX: supprimé !
    C:\Lop SD: supprimé !
    C:\Documents and Settings\All Users\Menu Démarrer\Programmes\HijackThis: supprimé !
    C:\Documents and Settings\angelo\Menu Démarrer\Programmes\Lop S&D: supprimé !
    C:\Program Files\Trend Micro\HijackThis: supprimé !
    6 Juin 2008 17:37:54

    C'est clean ++
    Tom's guide dans le monde
    • Allemagne
    • Italie
    • Irlande
    • Royaume Uni
    • Etats Unis
    Suivre Tom's Guide
    Inscrivez-vous à la Newsletter
    • ajouter à twitter
    • ajouter à facebook
    • ajouter un flux RSS