Votre question

[Résolue] Problème pop-up

Tags :
  • Sécurité
Dernière réponse : dans Sécurité et virus
12 Avril 2008 10:59:42

Bonjour à tous

Quand je "surf" sur internet, deja au demarage, quelques fenêtres "non-désiré" s'ouvre genre : PKR online, Conforama... Et ces fenêtres, leurs noms commencent TOUTES par 'CID'.

Donc je les ferme, je navigue sur internet... Et il y en a encore! J'ai donc installé un programme anti-pop-up mais il ne change rien.

Merci de me donner l'adresse d'un bon programme pour stopper tout sa :) 

Autres pages sur : resolue probleme pop

12 Avril 2008 11:41:49

Hello ,

Désactive tes protections résidentes ( Antivirus , ... ) tu les réactivera après le scan

Télécharge Lop S&D [:eric_71:22] < ici

Double-clique dessus pour lancer l'installation
Puis double-clique sur le raccourci Lop S&D présent sur ton bureau
Séléctionne la langue souhaitée , puis choisis l'Option 1 ( Recherche )
Patiente jusqu'à la fin du scan
Poste le rapport généré ( C:\lopR.txt )

( Si le Bureau ne réapparaît pas presse Ctrl + Alt + Suppr , Onglet Fichier , Nouvelle tâche , tape explorer.exe et valide )

12 Avril 2008 12:00:48

J'ai fait tout ce que tu as dit et maintenant plus aucun pop-up ne va s'ouvrir maintenant?

Bon au cas ou si tu as besoin du rapport :


-----------------------[ Lop S&D 4.1.0-9 XP/Vista ]---------------------

[ Windows XP (NT 5.1) Build 2600, Service Pack 2 ]
[ USER : nadine gil ] [ "C:\Lop SD" ]
[ 12/04/2008 | 11:49:43,50 ] [ PC : ACER-3DDD0F9C53 ]
[ MAJ : 08-04-2008 | 23:37 ]

-------------[ Listing des dossiers dans Application Data ]------------

[28/06/2006|06:33] C:\DOCUME~1\ADMINI~1\APPLIC~1\.
[28/06/2006|06:33] C:\DOCUME~1\ADMINI~1\APPLIC~1\..
[27/01/2005|14:45] C:\DOCUME~1\ADMINI~1\APPLIC~1\desktop.ini
[28/06/2006|06:33] C:\DOCUME~1\ADMINI~1\APPLIC~1\Identities
[28/06/2006|06:33] C:\DOCUME~1\ADMINI~1\APPLIC~1\Microsoft
[27/01/2005|14:22] C:\DOCUME~1\ADMINI~1\APPLIC~1\Symantec

[24/03/2008|17:07] C:\DOCUME~1\ALLUSE~1\APPLIC~1\.
[24/03/2008|17:07] C:\DOCUME~1\ALLUSE~1\APPLIC~1\..
[23/03/2008|01:52] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe
[20/10/2006|18:57] C:\DOCUME~1\ALLUSE~1\APPLIC~1\BOONTY
[09/11/2006|09:12] C:\DOCUME~1\ALLUSE~1\APPLIC~1\CyberLink
[27/01/2005|14:45] C:\DOCUME~1\ALLUSE~1\APPLIC~1\desktop.ini
[04/04/2008|23:28] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Google
[02/11/2006|12:09] C:\DOCUME~1\ALLUSE~1\APPLIC~1\HP
[13/08/2007|09:58] C:\DOCUME~1\ALLUSE~1\APPLIC~1\hpzinstall.log
[28/02/2008|18:15] C:\DOCUME~1\ALLUSE~1\APPLIC~1\InstallShield
[04/11/2006|15:04] C:\DOCUME~1\ALLUSE~1\APPLIC~1\JollyBear
[14/02/2008|22:38] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Joy coal mpeg heck
[20/10/2006|19:10] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Macrovision
[26/10/2007|23:08] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Messenger Plus!
[08/03/2008|18:55] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft
[21/10/2006|15:54] C:\DOCUME~1\ALLUSE~1\APPLIC~1\PlayFirst
[23/10/2006|21:30] C:\DOCUME~1\ALLUSE~1\APPLIC~1\QuickTime
[02/11/2006|12:08] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Sonic
[03/01/2007|11:52] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Symantec
[19/07/2007|22:23] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Trymedia
[05/12/2006|18:18] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Genuine Advantage
[10/02/2007|14:57] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Live Toolbar
[27/03/2008|18:11] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WLInstaller
[08/11/2006|22:52] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Yahoo!
[24/03/2008|17:07] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Yahoo! Companion

[05/01/2008|23:26] C:\DOCUME~1\clement\APPLIC~1\.
[05/01/2008|23:26] C:\DOCUME~1\clement\APPLIC~1\..
[28/12/2007|23:08] C:\DOCUME~1\clement\APPLIC~1\Adobe
[27/01/2005|14:45] C:\DOCUME~1\clement\APPLIC~1\desktop.ini
[21/01/2007|11:28] C:\DOCUME~1\clement\APPLIC~1\Google
[09/10/2006|21:08] C:\DOCUME~1\clement\APPLIC~1\Help
[28/06/2006|06:33] C:\DOCUME~1\clement\APPLIC~1\Identities
[05/01/2008|23:20] C:\DOCUME~1\clement\APPLIC~1\Microsoft
[03/02/2008|02:39] C:\DOCUME~1\clement\APPLIC~1\ONCEMOVE
[27/01/2005|14:22] C:\DOCUME~1\clement\APPLIC~1\Symantec

[28/06/2006|06:33] C:\DOCUME~1\DEFAUL~1\APPLIC~1\.
[28/06/2006|06:33] C:\DOCUME~1\DEFAUL~1\APPLIC~1\..
[27/01/2005|14:45] C:\DOCUME~1\DEFAUL~1\APPLIC~1\desktop.ini
[28/06/2006|06:33] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Identities
[28/06/2006|06:33] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft
[27/01/2005|14:22] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Symantec

[11/12/2006|18:43] C:\DOCUME~1\LOCALS~1\APPLIC~1\.
[11/12/2006|18:43] C:\DOCUME~1\LOCALS~1\APPLIC~1\..
[28/06/2006|06:34] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft
[11/12/2006|18:43] C:\DOCUME~1\LOCALS~1\APPLIC~1\Symantec

[23/03/2008|15:12] C:\DOCUME~1\NADINE~1\APPLIC~1\.
[23/03/2008|15:12] C:\DOCUME~1\NADINE~1\APPLIC~1\..
[18/12/2007|18:10] C:\DOCUME~1\NADINE~1\APPLIC~1\Adobe
[30/12/2006|19:36] C:\DOCUME~1\NADINE~1\APPLIC~1\AdobeUM
[24/11/2006|22:19] C:\DOCUME~1\NADINE~1\APPLIC~1\CyberLink
[27/01/2005|14:45] C:\DOCUME~1\NADINE~1\APPLIC~1\desktop.ini
[04/04/2008|23:28] C:\DOCUME~1\NADINE~1\APPLIC~1\Google
[11/04/2008|22:43] C:\DOCUME~1\NADINE~1\APPLIC~1\Hamachi
[09/10/2006|20:57] C:\DOCUME~1\NADINE~1\APPLIC~1\Help
[03/12/2006|21:05] C:\DOCUME~1\NADINE~1\APPLIC~1\HelpFilesUpdatePatch_HELPFILEREPLACE.log
[03/12/2006|21:05] C:\DOCUME~1\NADINE~1\APPLIC~1\HelpFilesUpdatePatch_PRINTHELPWRAPPER.log
[15/01/2008|18:20] C:\DOCUME~1\NADINE~1\APPLIC~1\hidires
[02/11/2006|12:37] C:\DOCUME~1\NADINE~1\APPLIC~1\HP
[03/12/2006|21:08] C:\DOCUME~1\NADINE~1\APPLIC~1\HPSU_48BitScanUpdate.log
[28/06/2006|06:33] C:\DOCUME~1\NADINE~1\APPLIC~1\Identities
[26/10/2007|19:13] C:\DOCUME~1\NADINE~1\APPLIC~1\InstallShield
[06/10/2007|21:22] C:\DOCUME~1\NADINE~1\APPLIC~1\InterTrust
[10/04/2008|19:43] C:\DOCUME~1\NADINE~1\APPLIC~1\LimeWire
[10/10/2006|20:31] C:\DOCUME~1\NADINE~1\APPLIC~1\Macromedia
[24/03/2008|13:51] C:\DOCUME~1\NADINE~1\APPLIC~1\Microsoft
[23/10/2006|22:11] C:\DOCUME~1\NADINE~1\APPLIC~1\OLYMPUS
[27/02/2008|13:56] C:\DOCUME~1\NADINE~1\APPLIC~1\ONCEMOVE
[12/04/2008|10:40] C:\DOCUME~1\NADINE~1\APPLIC~1\OpenOffice.org2
[03/12/2006|21:11] C:\DOCUME~1\NADINE~1\APPLIC~1\PatchUpdate_HP_CounterReport_Update_HPSU.log
[03/12/2006|21:05] C:\DOCUME~1\NADINE~1\APPLIC~1\PatchUpdate_InstantShareJPG.log
[03/12/2006|21:05] C:\DOCUME~1\NADINE~1\APPLIC~1\PatchUpdate_IZClosingDiscError.log
[21/10/2006|19:45] C:\DOCUME~1\NADINE~1\APPLIC~1\PlayFirst
[23/03/2008|15:12] C:\DOCUME~1\NADINE~1\APPLIC~1\PnkBstrK.sys
[21/10/2006|15:26] C:\DOCUME~1\NADINE~1\APPLIC~1\SecuROM
[08/01/2007|14:48] C:\DOCUME~1\NADINE~1\APPLIC~1\Sun
[10/10/2006|22:10] C:\DOCUME~1\NADINE~1\APPLIC~1\Symantec
[21/10/2006|15:36] C:\DOCUME~1\NADINE~1\APPLIC~1\UNBALANCE
[03/12/2006|20:21] C:\DOCUME~1\NADINE~1\APPLIC~1\Update_HP_RedboxHprblog_HPSU.log
[15/10/2006|19:15] C:\DOCUME~1\NADINE~1\APPLIC~1\vlc
[23/05/2007|10:08] C:\DOCUME~1\NADINE~1\APPLIC~1\WinAntiSpyware 2006
[28/02/2008|17:22] C:\DOCUME~1\NADINE~1\APPLIC~1\WinRAR

[04/10/2007|18:02] C:\DOCUME~1\NETWOR~1\APPLIC~1\.
[04/10/2007|18:02] C:\DOCUME~1\NETWOR~1\APPLIC~1\..
[28/06/2006|06:34] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft
[28/12/2007|17:53] C:\DOCUME~1\NETWOR~1\APPLIC~1\ONCEMOVE
[04/10/2007|18:02] C:\DOCUME~1\NETWOR~1\APPLIC~1\Xfire

----------------[ Tâches planifiées dans C:\WINDOWS\tasks ]---------------

[12/04/2008 11:00][--ah-----] C:\WINDOWS\tasks\ACA0A93F906B5CCF.job
[12/04/2008 10:31][--ah-----] C:\WINDOWS\tasks\SA.DAT
[10/08/2004 22:00][-r-h-----] C:\WINDOWS\tasks\desktop.ini

---------------[ Listing des dossiers dans C:\Program Files ]--------------

[11/04/2008|18:23] C:\Program Files\.
[11/04/2008|18:23] C:\Program Files\..
[23/03/2008|15:02] C:\Program Files\Activision
[23/03/2008|01:52] C:\Program Files\Adobe
[11/08/2007|17:35] C:\Program Files\AGEIA Technologies
[03/01/2007|11:57] C:\Program Files\Alwil Software
[28/06/2006|06:34] C:\Program Files\AMD
[25/11/2007|20:10] C:\Program Files\Arcanity
[24/03/2008|13:51] C:\Program Files\ATI
[24/03/2008|13:51] C:\Program Files\ATI Technologies
[28/06/2006|06:34] C:\Program Files\AvRack
[29/03/2008|19:40] C:\Program Files\CamStudio
[24/01/2008|16:47] C:\Program Files\Common Files
[27/01/2005|13:50] C:\Program Files\ComPlus Applications
[11/03/2008|17:00] C:\Program Files\Controle Parental
[27/01/2005|14:21] C:\Program Files\CyberLink
[02/11/2006|15:53] C:\Program Files\directx
[28/12/2007|11:23] C:\Program Files\easyrencontre
[27/03/2008|21:50] C:\Program Files\eMule
[23/03/2008|14:03] C:\Program Files\Fichiers communs
[28/06/2006|06:35] C:\Program Files\FrenchOtto
[27/01/2005|14:09] C:\Program Files\GemMasterFrench
[04/04/2008|23:28] C:\Program Files\Google
[06/08/2007|14:18] C:\Program Files\Gpotato
[28/02/2008|18:12] C:\Program Files\Gpotato.eu
[07/03/2008|23:43] C:\Program Files\Hamachi
[02/11/2006|12:05] C:\Program Files\Hewlett-Packard
[02/11/2006|12:09] C:\Program Files\HP
[11/04/2008|03:07] C:\Program Files\Incomplete
[10/12/2007|20:18] C:\Program Files\IncrediMail
[11/04/2008|18:23] C:\Program Files\InstallShield Installation Information
[11/04/2008|03:08] C:\Program Files\Internet Explorer
[27/02/2008|13:05] C:\Program Files\Inventel
[26/03/2008|21:13] C:\Program Files\Java
[10/04/2008|19:43] C:\Program Files\LimeWire
[31/10/2007|17:55] C:\Program Files\Ludiclub
[07/08/2007|15:18] C:\Program Files\MAIET
[28/06/2006|06:35] C:\Program Files\Messenger
[29/03/2008|13:19] C:\Program Files\Messenger Plus! Live
[09/05/2007|19:25] C:\Program Files\Microsoft CAPICOM 2.1.0.2
[28/06/2006|06:35] C:\Program Files\microsoft frontpage
[18/01/2008|18:58] C:\Program Files\Microsoft Office
[19/11/2007|20:46] C:\Program Files\Microsoft SQL Server Compact Edition
[28/06/2006|06:35] C:\Program Files\Movie Maker
[18/01/2008|18:58] C:\Program Files\MSECache
[21/11/2006|22:15] C:\Program Files\MSN
[28/06/2006|06:35] C:\Program Files\MSN Gaming Zone
[19/11/2006|02:31] C:\Program Files\MSXML 4.0
[18/11/2007|16:48] C:\Program Files\Multi_Media_France
[21/09/2007|19:10] C:\Program Files\MultiMedia France Toolbar
[28/06/2006|06:35] C:\Program Files\NetMeeting
[28/06/2006|06:35] C:\Program Files\NewTech Infosystems
[23/10/2006|21:55] C:\Program Files\OLYMPUS
[14/02/2008|22:37] C:\Program Files\ONCEMOVE
[28/06/2006|06:35] C:\Program Files\Online Services
[21/03/2008|17:59] C:\Program Files\OpenOffice.org 2.3
[08/03/2008|18:22] C:\Program Files\Orange
[11/04/2008|18:29] C:\Program Files\Orange HSS
[12/08/2007|23:18] C:\Program Files\Outlook Express
[23/10/2006|21:54] C:\Program Files\PIXELA
[29/03/2008|20:01] C:\Program Files\RADVideo
[28/06/2006|06:35] C:\Program Files\Realtek AC97
[27/01/2005|14:04] C:\Program Files\Realtek Sound Manager
[11/04/2008|18:23] C:\Program Files\SAGEM
[11/04/2008|18:23] C:\Program Files\SAGEM WiFi manager
[11/04/2008|18:19] C:\Program Files\Securitoo
[28/06/2006|06:35] C:\Program Files\Services en ligne
[08/03/2008|16:51] C:\Program Files\SMC
[12/04/2008|10:40] C:\Program Files\Steam
[04/01/2008|21:21] C:\Program Files\Ubisoft
[27/01/2005|14:04] C:\Program Files\Uninstall Information
[15/10/2006|19:05] C:\Program Files\VideoLAN
[03/04/2008|08:05] C:\Program Files\Virgin Interactive
[29/03/2008|19:48] C:\Program Files\Visicom Media
[19/03/2008|16:07] C:\Program Files\WarRock
[08/03/2008|18:56] C:\Program Files\Windows Live
[15/01/2008|17:49] C:\Program Files\Windows Live Safety Center
[13/10/2007|14:01] C:\Program Files\Windows Media Connect 2
[20/02/2008|17:42] C:\Program Files\Windows Media Player
[28/06/2006|06:35] C:\Program Files\Windows NT
[28/06/2006|06:35] C:\Program Files\Windows Plus
[27/01/2005|13:51] C:\Program Files\WindowsUpdate
[23/03/2008|02:13] C:\Program Files\WinRAR
[28/06/2006|06:35] C:\Program Files\xerox
[24/03/2008|14:56] C:\Program Files\Yahoo!

------[ Listing des dossiers dans C:\Program Files\Fichiers communs ]------

[23/03/2008|14:03] C:\Program Files\Fichiers communs\.
[23/03/2008|14:03] C:\Program Files\Fichiers communs\..
[23/03/2008|01:52] C:\Program Files\Fichiers communs\Adobe
[20/10/2006|18:57] C:\Program Files\Fichiers communs\BOONTY Shared
[27/02/2008|20:31] C:\Program Files\Fichiers communs\France Telecom
[02/11/2006|12:03] C:\Program Files\Fichiers communs\Hewlett-Packard
[02/11/2006|12:07] C:\Program Files\Fichiers communs\HP
[28/02/2008|18:12] C:\Program Files\Fichiers communs\InstallShield
[09/10/2006|19:34] C:\Program Files\Fichiers communs\Java
[21/10/2006|18:26] C:\Program Files\Fichiers communs\Macrovision Shared
[24/03/2008|13:50] C:\Program Files\Fichiers communs\Microsoft Shared
[28/06/2006|06:34] C:\Program Files\Fichiers communs\MSSoap
[28/06/2006|06:34] C:\Program Files\Fichiers communs\muvee Technologies
[27/01/2005|14:20] C:\Program Files\Fichiers communs\NewTech Infosystems
[28/06/2006|06:34] C:\Program Files\Fichiers communs\ODBC
[28/06/2006|06:34] C:\Program Files\Fichiers communs\Services
[02/11/2006|12:08] C:\Program Files\Fichiers communs\Sonic Shared
[28/06/2006|06:34] C:\Program Files\Fichiers communs\SpeechEngines
[12/08/2007|23:18] C:\Program Files\Fichiers communs\System
[19/11/2007|20:40] C:\Program Files\Fichiers communs\WindowsLiveInstaller
[11/08/2007|17:34] C:\Program Files\Fichiers communs\Wise Installation Wizard

----------------------[ Recherche avec S_Lop ]---------------------

Aucun fichier / dossier Lop trouvé !

-----------------[ Recherche de Fichiers / Dossiers Lop ]-----------------

C:\DOCUME~1\ALLUSE~1\APPLIC~1\Joy coal mpeg heck
C:\DOCUME~1\ALLUSE~1\APPLIC~1\Joy coal mpeg heck\Deaf Balm.exe
C:\Program Files\Multi_Media_France
C:\Program Files\Multi_Media_France\INSTALL.LOG
C:\Program Files\Multi_Media_France\tbMul0.dll
C:\Program Files\Multi_Media_France\tbMul1.dll
C:\Program Files\Multi_Media_France\tbMult.dll
C:\Program Files\Multi_Media_France\toolbar.cfg
C:\Program Files\Multi_Media_France\UNWISE.EXE
C:\Program Files\Multi_Media_France\UNWISE.INI
C:\Program Files\MultiMedia France Toolbar
C:\Program Files\MultiMedia France Toolbar\INSTALL.LOG
C:\Program Files\MultiMedia France Toolbar\MultiMedia - Installer.exe
C:\Program Files\MultiMedia France Toolbar\Multi_Media_France.exe
C:\Program Files\MultiMedia France Toolbar\UNWISE.EXE
C:\WINDOWS\Tasks\ACA0A93F906B5CCF.job

----------------------[ Verification du Registre ]----------------------

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"mpeg heck log link"="C:\\Documents and Settings\\All Users\\Application Data\\Joy coal mpeg heck\\Deaf Balm.exe"

--------------------[ Verification du fichier Hosts ]---------------------

Fichier Hosts PROPRE


----------------[ Recherche de fichiers avec Catchme ]-----------------

catchme 0.3.1262 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-04-12 11:50:12
Windows 5.1.2600 Service Pack 2 NTFS
scanning hidden processes ...
scanning hidden files ...
scan completed successfully
hidden processes: 0
hidden files: 0

--------------------[ Recherche d'autres infections ]---------------------

C:\WINDOWS\pack.epk
! EGDACCESS !

C:\DOCUME~1\NADINE~1\APPLIC~1\hidires*\hidires
C:\WINDOWS\exefld
! BAGLE Possible !


/!\ [Fich:2331][Doss:339] C:\DOCUME~1\NADINE~1\LOCALS~1\Temp
/!\ [Fich:142][Doss:0] C:\DOCUME~1\NADINE~1\Cookies
/!\ [Fich:5381][Doss:8] C:\DOCUME~1\NADINE~1\LOCALS~1\TEMPOR~1\content.IE5

--------------------[ Fin du rapport a 11:51:08,31 ]----------------------



Voila tout :) 
Contenus similaires
12 Avril 2008 12:05:30

Citation :
J'ai fait tout ce que tu as dit et maintenant plus aucun pop-up ne va s'ouvrir maintenant?

Vu comme tu es infecté ( Egdaccess , Lop , Bagle !! ... ) c'est pas terminé ..

Relance Lop S&D

Choisis cette fois ci l'Option 2 ( Suppression )
Ne ferme pas la fenêtre lors de la suppression !
Poste le rapport généré ( C:\lopR.txt )

( Si le Bureau ne réapparaît pas presse Ctrl + Alt + Suppr , Onglet Fichier , Nouvelle tâche , tape explorer.exe et valide )

12 Avril 2008 12:25:02

C'est fait... Je te fait voir le rapport :


-----------------------[ Lop S&D 4.1.0-9 XP/Vista ]---------------------

[ Windows XP (NT 5.1) Build 2600, Service Pack 2 ]
[ USER : nadine gil ] [ "C:\Lop SD" ]
[ 12/04/2008 | 12:20:07,15 ] [ PC : ACER-3DDD0F9C53 ]
[ MAJ : 08-04-2008 | 23:37 ]

\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\ SUPPRESSION /////////////////////////////

Supprimé! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\Joy coal mpeg heck\Deaf Balm.exe
Supprimé! - C:\Program Files\Multi_Media_France\INSTALL.LOG
Supprimé! - C:\Program Files\Multi_Media_France\tbMul0.dll
Supprimé! - C:\Program Files\Multi_Media_France\tbMul1.dll
Supprimé! - C:\Program Files\Multi_Media_France\tbMult.dll
Supprimé! - C:\Program Files\Multi_Media_France\toolbar.cfg
Supprimé! - C:\Program Files\Multi_Media_France\UNWISE.EXE
Supprimé! - C:\Program Files\Multi_Media_France\UNWISE.INI
Supprimé! - C:\Program Files\MultiMedia France Toolbar\INSTALL.LOG
Supprimé! - C:\Program Files\MultiMedia France Toolbar\MultiMedia - Installer.exe
Supprimé! - C:\Program Files\MultiMedia France Toolbar\Multi_Media_France.exe
Supprimé! - C:\Program Files\MultiMedia France Toolbar\UNWISE.EXE
Supprimé! - C:\WINDOWS\Tasks\ACA0A93F906B5CCF.job
Supprimé! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\Joy coal mpeg heck
Supprimé! - C:\Program Files\Multi_Media_France
Supprimé! - C:\Program Files\MultiMedia France Toolbar

//////////////////////////////////////-\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\


-------------[ Listing des dossiers dans Application Data ]------------

[28/06/2006|06:33] C:\DOCUME~1\ADMINI~1\APPLIC~1\.
[28/06/2006|06:33] C:\DOCUME~1\ADMINI~1\APPLIC~1\..
[27/01/2005|14:45] C:\DOCUME~1\ADMINI~1\APPLIC~1\desktop.ini
[28/06/2006|06:33] C:\DOCUME~1\ADMINI~1\APPLIC~1\Identities
[28/06/2006|06:33] C:\DOCUME~1\ADMINI~1\APPLIC~1\Microsoft
[27/01/2005|14:22] C:\DOCUME~1\ADMINI~1\APPLIC~1\Symantec

[12/04/2008|12:20] C:\DOCUME~1\ALLUSE~1\APPLIC~1\.
[12/04/2008|12:20] C:\DOCUME~1\ALLUSE~1\APPLIC~1\..
[23/03/2008|01:52] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe
[20/10/2006|18:57] C:\DOCUME~1\ALLUSE~1\APPLIC~1\BOONTY
[09/11/2006|09:12] C:\DOCUME~1\ALLUSE~1\APPLIC~1\CyberLink
[27/01/2005|14:45] C:\DOCUME~1\ALLUSE~1\APPLIC~1\desktop.ini
[12/04/2008|12:04] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Google
[02/11/2006|12:09] C:\DOCUME~1\ALLUSE~1\APPLIC~1\HP
[13/08/2007|09:58] C:\DOCUME~1\ALLUSE~1\APPLIC~1\hpzinstall.log
[28/02/2008|18:15] C:\DOCUME~1\ALLUSE~1\APPLIC~1\InstallShield
[04/11/2006|15:04] C:\DOCUME~1\ALLUSE~1\APPLIC~1\JollyBear
[20/10/2006|19:10] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Macrovision
[26/10/2007|23:08] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Messenger Plus!
[08/03/2008|18:55] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft
[21/10/2006|15:54] C:\DOCUME~1\ALLUSE~1\APPLIC~1\PlayFirst
[23/10/2006|21:30] C:\DOCUME~1\ALLUSE~1\APPLIC~1\QuickTime
[02/11/2006|12:08] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Sonic
[03/01/2007|11:52] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Symantec
[19/07/2007|22:23] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Trymedia
[05/12/2006|18:18] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Genuine Advantage
[10/02/2007|14:57] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Live Toolbar
[27/03/2008|18:11] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WLInstaller
[08/11/2006|22:52] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Yahoo!
[24/03/2008|17:07] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Yahoo! Companion

[05/01/2008|23:26] C:\DOCUME~1\clement\APPLIC~1\.
[05/01/2008|23:26] C:\DOCUME~1\clement\APPLIC~1\..
[28/12/2007|23:08] C:\DOCUME~1\clement\APPLIC~1\Adobe
[27/01/2005|14:45] C:\DOCUME~1\clement\APPLIC~1\desktop.ini
[21/01/2007|11:28] C:\DOCUME~1\clement\APPLIC~1\Google
[09/10/2006|21:08] C:\DOCUME~1\clement\APPLIC~1\Help
[28/06/2006|06:33] C:\DOCUME~1\clement\APPLIC~1\Identities
[05/01/2008|23:20] C:\DOCUME~1\clement\APPLIC~1\Microsoft
[03/02/2008|02:39] C:\DOCUME~1\clement\APPLIC~1\ONCEMOVE
[27/01/2005|14:22] C:\DOCUME~1\clement\APPLIC~1\Symantec

[28/06/2006|06:33] C:\DOCUME~1\DEFAUL~1\APPLIC~1\.
[28/06/2006|06:33] C:\DOCUME~1\DEFAUL~1\APPLIC~1\..
[27/01/2005|14:45] C:\DOCUME~1\DEFAUL~1\APPLIC~1\desktop.ini
[28/06/2006|06:33] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Identities
[28/06/2006|06:33] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft
[27/01/2005|14:22] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Symantec

[11/12/2006|18:43] C:\DOCUME~1\LOCALS~1\APPLIC~1\.
[11/12/2006|18:43] C:\DOCUME~1\LOCALS~1\APPLIC~1\..
[28/06/2006|06:34] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft
[11/12/2006|18:43] C:\DOCUME~1\LOCALS~1\APPLIC~1\Symantec

[12/04/2008|12:11] C:\DOCUME~1\NADINE~1\APPLIC~1\.
[12/04/2008|12:11] C:\DOCUME~1\NADINE~1\APPLIC~1\..
[18/12/2007|18:10] C:\DOCUME~1\NADINE~1\APPLIC~1\Adobe
[30/12/2006|19:36] C:\DOCUME~1\NADINE~1\APPLIC~1\AdobeUM
[24/11/2006|22:19] C:\DOCUME~1\NADINE~1\APPLIC~1\CyberLink
[27/01/2005|14:45] C:\DOCUME~1\NADINE~1\APPLIC~1\desktop.ini
[04/04/2008|23:28] C:\DOCUME~1\NADINE~1\APPLIC~1\Google
[11/04/2008|22:43] C:\DOCUME~1\NADINE~1\APPLIC~1\Hamachi
[09/10/2006|20:57] C:\DOCUME~1\NADINE~1\APPLIC~1\Help
[03/12/2006|21:05] C:\DOCUME~1\NADINE~1\APPLIC~1\HelpFilesUpdatePatch_HELPFILEREPLACE.log
[03/12/2006|21:05] C:\DOCUME~1\NADINE~1\APPLIC~1\HelpFilesUpdatePatch_PRINTHELPWRAPPER.log
[15/01/2008|18:20] C:\DOCUME~1\NADINE~1\APPLIC~1\hidires
[02/11/2006|12:37] C:\DOCUME~1\NADINE~1\APPLIC~1\HP
[03/12/2006|21:08] C:\DOCUME~1\NADINE~1\APPLIC~1\HPSU_48BitScanUpdate.log
[28/06/2006|06:33] C:\DOCUME~1\NADINE~1\APPLIC~1\Identities
[06/10/2007|21:22] C:\DOCUME~1\NADINE~1\APPLIC~1\InterTrust
[10/04/2008|19:43] C:\DOCUME~1\NADINE~1\APPLIC~1\LimeWire
[10/10/2006|20:31] C:\DOCUME~1\NADINE~1\APPLIC~1\Macromedia
[12/04/2008|12:09] C:\DOCUME~1\NADINE~1\APPLIC~1\Microsoft
[23/10/2006|22:11] C:\DOCUME~1\NADINE~1\APPLIC~1\OLYMPUS
[27/02/2008|13:56] C:\DOCUME~1\NADINE~1\APPLIC~1\ONCEMOVE
[12/04/2008|10:40] C:\DOCUME~1\NADINE~1\APPLIC~1\OpenOffice.org2
[03/12/2006|21:11] C:\DOCUME~1\NADINE~1\APPLIC~1\PatchUpdate_HP_CounterReport_Update_HPSU.log
[03/12/2006|21:05] C:\DOCUME~1\NADINE~1\APPLIC~1\PatchUpdate_InstantShareJPG.log
[03/12/2006|21:05] C:\DOCUME~1\NADINE~1\APPLIC~1\PatchUpdate_IZClosingDiscError.log
[21/10/2006|19:45] C:\DOCUME~1\NADINE~1\APPLIC~1\PlayFirst
[23/03/2008|15:12] C:\DOCUME~1\NADINE~1\APPLIC~1\PnkBstrK.sys
[21/10/2006|15:26] C:\DOCUME~1\NADINE~1\APPLIC~1\SecuROM
[08/01/2007|14:48] C:\DOCUME~1\NADINE~1\APPLIC~1\Sun
[10/10/2006|22:10] C:\DOCUME~1\NADINE~1\APPLIC~1\Symantec
[21/10/2006|15:36] C:\DOCUME~1\NADINE~1\APPLIC~1\UNBALANCE
[03/12/2006|20:21] C:\DOCUME~1\NADINE~1\APPLIC~1\Update_HP_RedboxHprblog_HPSU.log
[15/10/2006|19:15] C:\DOCUME~1\NADINE~1\APPLIC~1\vlc
[23/05/2007|10:08] C:\DOCUME~1\NADINE~1\APPLIC~1\WinAntiSpyware 2006
[28/02/2008|17:22] C:\DOCUME~1\NADINE~1\APPLIC~1\WinRAR

[04/10/2007|18:02] C:\DOCUME~1\NETWOR~1\APPLIC~1\.
[04/10/2007|18:02] C:\DOCUME~1\NETWOR~1\APPLIC~1\..
[28/06/2006|06:34] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft
[28/12/2007|17:53] C:\DOCUME~1\NETWOR~1\APPLIC~1\ONCEMOVE
[04/10/2007|18:02] C:\DOCUME~1\NETWOR~1\APPLIC~1\Xfire

----------------[ Tâches planifiées dans C:\WINDOWS\tasks ]---------------

[12/04/2008 10:31][--ah-----] C:\WINDOWS\tasks\SA.DAT
[10/08/2004 22:00][-r-h-----] C:\WINDOWS\tasks\desktop.ini

---------------[ Listing des dossiers dans C:\Program Files ]--------------

[12/04/2008|12:20] C:\Program Files\.
[12/04/2008|12:20] C:\Program Files\..
[23/03/2008|15:02] C:\Program Files\Activision
[23/03/2008|01:52] C:\Program Files\Adobe
[11/08/2007|17:35] C:\Program Files\AGEIA Technologies
[03/01/2007|11:57] C:\Program Files\Alwil Software
[28/06/2006|06:34] C:\Program Files\AMD
[25/11/2007|20:10] C:\Program Files\Arcanity
[24/03/2008|13:51] C:\Program Files\ATI
[24/03/2008|13:51] C:\Program Files\ATI Technologies
[28/06/2006|06:34] C:\Program Files\AvRack
[29/03/2008|19:40] C:\Program Files\CamStudio
[24/01/2008|16:47] C:\Program Files\Common Files
[27/01/2005|13:50] C:\Program Files\ComPlus Applications
[11/03/2008|17:00] C:\Program Files\Controle Parental
[12/04/2008|12:08] C:\Program Files\CyberLink
[02/11/2006|15:53] C:\Program Files\directx
[28/12/2007|11:23] C:\Program Files\easyrencontre
[27/03/2008|21:50] C:\Program Files\eMule
[23/03/2008|14:03] C:\Program Files\Fichiers communs
[28/06/2006|06:35] C:\Program Files\FrenchOtto
[27/01/2005|14:09] C:\Program Files\GemMasterFrench
[12/04/2008|12:04] C:\Program Files\Google
[06/08/2007|14:18] C:\Program Files\Gpotato
[28/02/2008|18:12] C:\Program Files\Gpotato.eu
[07/03/2008|23:43] C:\Program Files\Hamachi
[02/11/2006|12:05] C:\Program Files\Hewlett-Packard
[02/11/2006|12:09] C:\Program Files\HP
[11/04/2008|03:07] C:\Program Files\Incomplete
[10/12/2007|20:18] C:\Program Files\IncrediMail
[12/04/2008|12:10] C:\Program Files\InstallShield Installation Information
[11/04/2008|03:08] C:\Program Files\Internet Explorer
[27/02/2008|13:05] C:\Program Files\Inventel
[26/03/2008|21:13] C:\Program Files\Java
[10/04/2008|19:43] C:\Program Files\LimeWire
[31/10/2007|17:55] C:\Program Files\Ludiclub
[07/08/2007|15:18] C:\Program Files\MAIET
[28/06/2006|06:35] C:\Program Files\Messenger
[29/03/2008|13:19] C:\Program Files\Messenger Plus! Live
[09/05/2007|19:25] C:\Program Files\Microsoft CAPICOM 2.1.0.2
[28/06/2006|06:35] C:\Program Files\microsoft frontpage
[18/01/2008|18:58] C:\Program Files\Microsoft Office
[19/11/2007|20:46] C:\Program Files\Microsoft SQL Server Compact Edition
[28/06/2006|06:35] C:\Program Files\Movie Maker
[18/01/2008|18:58] C:\Program Files\MSECache
[21/11/2006|22:15] C:\Program Files\MSN
[28/06/2006|06:35] C:\Program Files\MSN Gaming Zone
[19/11/2006|02:31] C:\Program Files\MSXML 4.0
[28/06/2006|06:35] C:\Program Files\NetMeeting
[28/06/2006|06:35] C:\Program Files\NewTech Infosystems
[23/10/2006|21:55] C:\Program Files\OLYMPUS
[14/02/2008|22:37] C:\Program Files\ONCEMOVE
[28/06/2006|06:35] C:\Program Files\Online Services
[12/04/2008|12:07] C:\Program Files\OpenOffice.org 2.3
[08/03/2008|18:22] C:\Program Files\Orange
[11/04/2008|18:29] C:\Program Files\Orange HSS
[12/08/2007|23:18] C:\Program Files\Outlook Express
[23/10/2006|21:54] C:\Program Files\PIXELA
[29/03/2008|20:01] C:\Program Files\RADVideo
[28/06/2006|06:35] C:\Program Files\Realtek AC97
[27/01/2005|14:04] C:\Program Files\Realtek Sound Manager
[11/04/2008|18:23] C:\Program Files\SAGEM
[11/04/2008|18:23] C:\Program Files\SAGEM WiFi manager
[11/04/2008|18:19] C:\Program Files\Securitoo
[28/06/2006|06:35] C:\Program Files\Services en ligne
[08/03/2008|16:51] C:\Program Files\SMC
[12/04/2008|12:08] C:\Program Files\Steam
[04/01/2008|21:21] C:\Program Files\Ubisoft
[27/01/2005|14:04] C:\Program Files\Uninstall Information
[15/10/2006|19:05] C:\Program Files\VideoLAN
[03/04/2008|08:05] C:\Program Files\Virgin Interactive
[29/03/2008|19:48] C:\Program Files\Visicom Media
[12/04/2008|12:10] C:\Program Files\WarRock
[08/03/2008|18:56] C:\Program Files\Windows Live
[15/01/2008|17:49] C:\Program Files\Windows Live Safety Center
[13/10/2007|14:01] C:\Program Files\Windows Media Connect 2
[20/02/2008|17:42] C:\Program Files\Windows Media Player
[28/06/2006|06:35] C:\Program Files\Windows NT
[28/06/2006|06:35] C:\Program Files\Windows Plus
[27/01/2005|13:51] C:\Program Files\WindowsUpdate
[23/03/2008|02:13] C:\Program Files\WinRAR
[28/06/2006|06:35] C:\Program Files\xerox
[24/03/2008|14:56] C:\Program Files\Yahoo!

------[ Listing des dossiers dans C:\Program Files\Fichiers communs ]------

[23/03/2008|14:03] C:\Program Files\Fichiers communs\.
[23/03/2008|14:03] C:\Program Files\Fichiers communs\..
[23/03/2008|01:52] C:\Program Files\Fichiers communs\Adobe
[20/10/2006|18:57] C:\Program Files\Fichiers communs\BOONTY Shared
[27/02/2008|20:31] C:\Program Files\Fichiers communs\France Telecom
[02/11/2006|12:03] C:\Program Files\Fichiers communs\Hewlett-Packard
[02/11/2006|12:07] C:\Program Files\Fichiers communs\HP
[28/02/2008|18:12] C:\Program Files\Fichiers communs\InstallShield
[09/10/2006|19:34] C:\Program Files\Fichiers communs\Java
[21/10/2006|18:26] C:\Program Files\Fichiers communs\Macrovision Shared
[24/03/2008|13:50] C:\Program Files\Fichiers communs\Microsoft Shared
[28/06/2006|06:34] C:\Program Files\Fichiers communs\MSSoap
[28/06/2006|06:34] C:\Program Files\Fichiers communs\muvee Technologies
[27/01/2005|14:20] C:\Program Files\Fichiers communs\NewTech Infosystems
[28/06/2006|06:34] C:\Program Files\Fichiers communs\ODBC
[28/06/2006|06:34] C:\Program Files\Fichiers communs\Services
[02/11/2006|12:08] C:\Program Files\Fichiers communs\Sonic Shared
[28/06/2006|06:34] C:\Program Files\Fichiers communs\SpeechEngines
[12/08/2007|23:18] C:\Program Files\Fichiers communs\System
[19/11/2007|20:40] C:\Program Files\Fichiers communs\WindowsLiveInstaller
[11/08/2007|17:34] C:\Program Files\Fichiers communs\Wise Installation Wizard

----------------------[ Recherche avec S_Lop ]---------------------

Aucun fichier / dossier Lop trouvé !

-----------------[ Recherche de Fichiers / Dossiers Lop ]-----------------

Aucun fichier / dossier Lop trouvé !

----------------------[ Verification du Registre ]----------------------

..... OK !

--------------------[ Verification du fichier Hosts ]---------------------

Fichier Hosts PROPRE


----------------[ Recherche de fichiers avec Catchme ]-----------------

catchme 0.3.1262 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-04-12 12:20:38
Windows 5.1.2600 Service Pack 2 NTFS
scanning hidden processes ...
scanning hidden files ...
scan completed successfully
hidden processes: 0
hidden files: 0

--------------------[ Recherche d'autres infections ]---------------------

C:\WINDOWS\pack.epk
! EGDACCESS !

C:\DOCUME~1\NADINE~1\APPLIC~1\hidires*\hidires
C:\WINDOWS\exefld
! BAGLE Possible !


/!\ [Fich:2345][Doss:339] C:\DOCUME~1\NADINE~1\LOCALS~1\Temp
/!\ [Fich:148][Doss:0] C:\DOCUME~1\NADINE~1\Cookies
/!\ [Fich:5607][Doss:8] C:\DOCUME~1\NADINE~1\LOCALS~1\TEMPOR~1\content.IE5

--------------------[ Fin du rapport a 12:21:36,62 ]----------------------


Voila en esperant en finir avec ses sales fenêtres... :pfff: 
12 Avril 2008 13:08:30

Oki , on continue

Télécharge Navilog1 [:eric_71:16] < ici

enregistre le sur ton Bureau
double clic sur Navilog1.exe ( le .exe peut ne pas apparaitre )
Il s’éxécutera automatiquement
(Si ce n'est pas le cas, double clique sur le raccourci présent sur le Bureau)
suis les invites et choisis l'option 1 puis valide

n'utilise pas les options 2,3 ou 4
attend jusqu'a " analyse terminé le ........... "
appuie sur une touche comme demandé

Copie / Colle le rapport généré ( C:\fixnavi.txt )

12 Avril 2008 13:39:57

Voila tout est fait et maintenant? :pt1cable: 

Je te donne le rapport :

Search Navipromo version 3.5.3 began on 12/04/2008 at 13:30:09,90

!!! Warning, this report may include legitimate files/programs !!!
!!! Post this report on the forum you are being helped !!!
!!! Don't continue with removal unless instructed by an authorized helper !!!
Fix running from C:\Program Files\navilog1
Actual User Account : "nadine gil"

Updated on 09.04.2008 at 20h00 by IL-MAFIOSO


Microsoft Windows XP [version 5.1.2600]
Version Internet Explorer : 7.0.5730.11
Filesystem type : NTFS

Done in normal mode

*** Searching for installed Software ***




*** Search folders in C:\WINDOWS ***



*** Search folders in C:\Program Files ***



*** Search folders in C:\DOCUME~1\ALLUSE~1\APPLIC~1 ***




*** Search folders in "C:\Documents and Settings\nadine gil\applic~1" ***



*** Search folders in "C:\Documents and Settings\nadine gil\locals~1\applic~1" ***



*** Search folders in "C:\Documents and Settings\nadine gil\menudm~1\progra~1" ***


*** Search folders in C:\DOCUME~1\ALLUSE~1\MENUDM~1\PROGRA~1 ***


*** Search with Catchme-rootkit/stealth malware detector by gmer ***
for more info : http://www.gmer.net

No file found



*** Search with GenericNaviSearch ***
!!! Possibility of legitimate files in the result !!!
!!! Must always be checked before manually deleting !!!

* Scan in C:\WINDOWS\system32 *

* Scan in "C:\Documents and Settings\nadine gil\locals~1\applic~1" *

* Scan in "C:\DOCUME~1\ADMINI~1\locals~1\applic~1" *

* Scan in "C:\DOCUME~1\clement\locals~1\applic~1" *



*** Search files ***


C:\WINDOWS\pack.epk found !


*** Search specific Registry keys ***


*** Complementary Search ***
(Search specific files)

1)Search new Instant Access files :


2)Heuristic Search :

* In C:\WINDOWS\system32 :


* In "C:\Documents and Settings\nadine gil\locals~1\applic~1" :


* In "C:\DOCUME~1\ADMINI~1\locals~1\applic~1" :


* In "C:\DOCUME~1\clement\locals~1\applic~1" :


3)Certificates Search :

Egroup certificate not found !
Electronic-Group certificate not found !
OOO-Favorit certificate not found !
Sunny-Day-Design-Ltd certificate not found !

4)Search known files :



*** Search completed on 12/04/2008 at 13:34:57,23 ***
12 Avril 2008 14:07:25

Ok , il n'y à qu'un fichier

C:\WINDOWS\pack.epk <- supprime ce fichier

---------------------------------------------------------

Télécharge MalwareBytes' Anti-Malwares [:eric_71:21] < ici

Double clique sur Download_mbam-setup.exe pour lancer l'installation
Autorise le téléchargement des mises à jour !

Redémarre en mode sans echec ( > Mode Sans Echec < )

Double clique sur le raccourci Malwarebytes présent sur ton bureau
Coche Exécuter un examen complet , puis clique sur [Rechercher]
A la fin du scan , clique sur [Afficher les resultats]
Si objets infectés sont trouvés , clique sur [Supprimer la sélection]

Poste le rapport ( il se trouve aussi dans l'onglet Rapports/Logs )

13 Avril 2008 13:34:23

Merci et maintenant c'est bon tout est fait? Et aussi je devrais le refaire sa de temps en temps? Et voila le rapport

Malwarebytes' Anti-Malware 1.11
Version de la base de données: 616

Type de recherche: Examen complet (C:\|D:\|E:\|F:\|G:\|H:\|I:\|)
Eléments examinés: 161763
Temps écoulé: 28 minute(s), 39 second(s)

Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 2
Valeur(s) du Registre infectée(s): 4
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 2
Fichier(s) infecté(s): 2

Processus mémoire infecté(s):
(Aucun élément nuisible détecté)

Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)

Clé(s) du Registre infectée(s):
HKEY_CURRENT_USER\Software\Trymedia Systems (Adware.Trymedia) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\WinAntiSpyware 2006 Scanner (Rogue.WinAntiSpyware) -> Quarantined and deleted successfully.

Valeur(s) du Registre infectée(s):
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\New Windows\Allow\host-domain-lookup.com (Malware.Trace) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\New Windows\Allow\mysearchnow.com (Malware.Trace) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\New Windows\Allow\www.host-domain-lookup.com (Malware.Trace) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\New Windows\Allow\www.mysearchnow.com (Malware.Trace) -> Quarantined and deleted successfully.

Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)

Dossier(s) infecté(s):
C:\Documents and Settings\nadine gil\Application Data\WinAntiSpyware 2006 (Rogue.WinAntiSpyware) -> Quarantined and deleted successfully.
C:\Documents and Settings\nadine gil\Application Data\WinAntiSpyware 2006\Logs (Rogue.WinAntiSpyware) -> Quarantined and deleted successfully.

Fichier(s) infecté(s):
C:\WINDOWS\system32\KCMDNIns.exe (Trojan.Inject) -> Quarantined and deleted successfully.
C:\Documents and Settings\nadine gil\Application Data\WinAntiSpyware 2006\Logs\update.log (Rogue.WinAntiSpyware) -> Quarantined and deleted successfully.


Voila tout :pt1cable: 
14 Avril 2008 20:49:58

Re ,

il y à des restes de Bagle , tellement d'infections qu'on va sortir l'artillerie

Désactive tes protections résidentes ( Antivirus , ... ) tu les réactivera après le scan

Télécharge ComboFix [:eric_71] < ici

Enregistre le sur ton Bureau et pas ailleurs !
Double clique combofix.exe ( le .exe peut ne pas apparaitre )
Pour démarrer , tape [1] puis valide , attend la fin du scan
il peut y avoir un Redémarrage du PC !

Copie / Colle le rapport généré ( C:\Combofix.txt )

15 Avril 2008 12:38:16

C'est fait, tout fait je te poste le rapport :

Les autres programmes (malwarebytes, Lop S&D ) je peux les supprimer?

ComboFix 08-04-14.2 - nadine gil 2008-04-15 12:27:54.1 - NTFSx86
Microsoft Windows XP Professionnel 5.1.2600.2.1252.1.1036.18.588 [GMT 2:00]
Endroit: C:\Documents and Settings\nadine gil\Bureau\ComboFix.exe
* Création d'un nouveau point de restauration

AVERTISSEMENT - LA CONSOLE DE RÉCUPÉRATION N'EST PAS INSTALLÉE SUR CETTE MACHINE !!
.

(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\Documents and Settings\nadine gil\Application Data\hidires
C:\WINDOWS\exefld
C:\WINDOWS\exefld\416718.exe
C:\WINDOWS\exefld\4249234.exe
C:\WINDOWS\pack.epk

.
((((((((((((((((((((((((((((( Fichiers créés 2008-03-15 to 2008-04-15 ))))))))))))))))))))))))))))))))))))
.

2008-04-12 18:40 . 2008-04-12 18:40 <REP> d-------- C:\Program Files\Malwarebytes' Anti-Malware
2008-04-12 18:40 . 2008-04-12 18:40 <REP> d-------- C:\Documents and Settings\nadine gil\Application Data\Malwarebytes
2008-04-12 18:40 . 2008-04-12 18:40 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Malwarebytes
2008-04-12 13:28 . 2008-04-12 13:35 <REP> d-------- C:\Program Files\Navilog1
2008-04-12 11:48 . 2008-04-12 12:21 <REP> d-------- C:\Lop SD
2008-04-11 18:23 . 2008-04-11 18:23 <REP> d-------- C:\Program Files\SAGEM WiFi manager
2008-04-11 18:23 . 2006-01-19 10:56 29,184 --a------ C:\WINDOWS\system32\drivers\BRGSp50a64.sys
2008-04-11 18:23 . 2006-01-19 10:56 20,608 --a------ C:\WINDOWS\system32\drivers\BRGSp50.sys
2008-04-11 18:23 . 2006-01-19 10:56 17,664 --a------ C:\WINDOWS\system32\drivers\ZDPSp50.sys
2008-04-11 18:21 . 2006-01-09 11:26 261,632 --a------ C:\WINDOWS\system32\drivers\WlanUZXP.sys
2008-04-11 18:21 . 2006-01-09 11:26 31,744 --a------ C:\WINDOWS\system32\drivers\ZDPSp50a64.sys
2008-04-11 18:19 . 2008-04-11 18:19 <REP> d-------- C:\Program Files\Securitoo
2008-04-11 03:00 . 2008-04-11 03:02 1,374 --a------ C:\WINDOWS\imsins.BAK
2008-04-10 18:37 . 2008-04-11 18:29 <REP> d-------- C:\Program Files\Orange HSS
2008-04-10 18:37 . 2007-07-31 14:57 65,536 --a------ C:\WINDOWS\system32\Autodial2000.dll
2008-04-10 16:51 . 2007-01-10 10:14 450,560 --a------ C:\WINDOWS\system32\drivers\WlanBZXP.sys
2008-04-10 16:50 . 2005-06-17 10:26 114,688 --a------ C:\WINDOWS\system32\WLANUTL.dll
2008-04-05 22:18 . 2008-04-05 22:19 <REP> d-------- C:\command and conquer 1
2008-04-03 08:05 . 2008-04-03 08:05 <REP> d-------- C:\Program Files\Virgin Interactive
2008-04-01 12:19 . 2008-03-29 19:31 75,856 --a------ C:\WINDOWS\system32\drivers\aswSP.sys
2008-04-01 12:19 . 2008-03-29 19:35 20,560 --a------ C:\WINDOWS\system32\drivers\aswFsBlk.sys
2008-03-30 10:06 . 2008-04-02 18:31 754 --a------ C:\WINDOWS\WORDPAD.INI
2008-03-29 19:48 . 2008-03-29 19:48 <REP> d-------- C:\Program Files\Visicom Media
2008-03-29 19:42 . 2008-03-29 20:01 <REP> d-------- C:\Program Files\RADVideo
2008-03-29 19:40 . 2008-03-29 19:40 <REP> d-------- C:\Program Files\CamStudio
2008-03-26 21:13 . 2008-02-22 03:33 69,632 --a------ C:\WINDOWS\system32\javacpl.cpl
2008-03-26 21:02 . 2008-03-27 21:50 <REP> d-------- C:\Program Files\eMule
2008-03-24 17:07 . 2008-03-24 17:07 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Yahoo! Companion
2008-03-24 14:56 . 2008-03-24 14:56 <REP> d-------- C:\Program Files\Yahoo!
2008-03-24 14:32 . 2008-03-24 14:32 0 --a------ C:\WINDOWS\ativpsrm.bin
2008-03-24 13:51 . 2008-03-24 13:51 <REP> d-------- C:\Program Files\ATI
2008-03-24 13:49 . 2008-03-24 13:51 <REP> d-------- C:\Program Files\ATI Technologies
2008-03-24 13:21 . 2008-03-24 13:21 <REP> d-------- C:\WINDOWS\Downloaded Installations
2008-03-24 13:20 . 2008-02-25 22:05 593,920 --------- C:\WINDOWS\system32\ati2sgag.exe
2008-03-24 12:13 . 2008-03-24 12:33 10 --a------ C:\WINDOWS\WININIT.INI
2008-03-23 15:11 . 2008-03-23 15:11 319 --a------ C:\WINDOWS\game.ini
2008-03-23 15:02 . 2008-03-23 15:02 <REP> d-------- C:\Program Files\Activision
2008-03-23 14:10 . 2008-04-15 12:18 <REP> d-------- C:\Program Files\Incomplete
2008-03-23 14:09 . 2008-04-14 20:29 <REP> d-------- C:\Program Files\LimeWire
2008-03-23 14:09 . 2008-03-23 14:09 <REP> d-------- C:\Documents and Settings\nadine gil\Incomplete
2008-03-23 14:09 . 2008-04-14 20:29 <REP> d-------- C:\Documents and Settings\nadine gil\Application Data\LimeWire
2008-03-22 19:30 . 2007-05-16 17:45 3,497,832 --a------ C:\WINDOWS\system32\d3dx9_34.dll
2008-03-22 19:30 . 2007-03-12 17:42 3,495,784 --a------ C:\WINDOWS\system32\d3dx9_33.dll
2008-03-22 19:30 . 2007-05-16 17:45 1,124,720 --a------ C:\WINDOWS\system32\D3DCompiler_34.dll
2008-03-22 19:30 . 2007-03-12 17:42 1,123,696 --a------ C:\WINDOWS\system32\D3DCompiler_33.dll
2008-03-22 19:30 . 2007-05-16 17:45 443,752 --a------ C:\WINDOWS\system32\d3dx10_34.dll
2008-03-22 19:30 . 2007-03-15 17:57 443,752 --a------ C:\WINDOWS\system32\d3dx10_33.dll
2008-03-22 19:30 . 2007-05-31 20:30 266,088 --a------ C:\WINDOWS\system32\xactengine2_8.dll
2008-03-22 19:30 . 2007-04-04 19:55 261,480 --a------ C:\WINDOWS\system32\xactengine2_7.dll
2008-03-22 19:30 . 2007-01-24 16:27 255,848 --a------ C:\WINDOWS\system32\xactengine2_6.dll
2008-03-22 19:30 . 2007-05-31 20:29 18,280 --a------ C:\WINDOWS\system32\x3daudio1_2.dll
2008-03-22 19:29 . 2008-03-23 15:12 22,328 --a------ C:\Documents and Settings\nadine gil\Application Data\PnkBstrK.sys
2008-03-22 19:17 . 2008-03-22 19:17 <REP> d--hs---- C:\WINDOWS\ftpcache
2008-03-21 18:14 . 2008-04-12 12:06 <REP> d-------- C:\Documents and Settings\nadine gil\Application Data\OpenOffice.org2
2008-03-21 17:59 . 2008-04-12 12:07 <REP> d-------- C:\Program Files\OpenOffice.org 2.3
2008-03-17 18:46 . 2008-04-03 00:41 766 --a------ C:\WINDOWS\OS_SHP_BUILDER0.ico
2008-03-17 18:26 . 2008-03-17 18:27 783 --a------ C:\WINDOWS\Gfact.ini
2008-03-17 18:26 . 2008-03-17 18:26 27 --a------ C:\WINDOWS\gdx.ini

.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-04-14 18:32 --------- d-----w C:\Documents and Settings\nadine gil\Application Data\Hamachi
2008-04-14 13:04 22,328 ----a-w C:\WINDOWS\system32\drivers\PnkBstrK.sys
2008-04-14 13:03 107,832 ----a-w C:\WINDOWS\system32\PnkBstrB.exe
2008-04-14 10:17 --------- d--h--w C:\Program Files\InstallShield Installation Information
2008-04-14 10:06 --------- d-----w C:\Program Files\Hamachi
2008-04-12 10:10 --------- d-----w C:\Program Files\WarRock
2008-04-12 10:08 --------- d-----w C:\Program Files\Steam
2008-04-12 10:08 --------- d-----w C:\Program Files\CyberLink
2008-04-12 10:04 --------- d-----w C:\Program Files\Google
2008-04-11 16:23 --------- d-----w C:\Program Files\SAGEM
2008-03-29 17:45 1,146,232 ----a-w C:\WINDOWS\system32\aswBoot.exe
2008-03-29 17:35 94,544 ----a-w C:\WINDOWS\system32\drivers\aswmon2.sys
2008-03-29 17:29 23,152 ----a-w C:\WINDOWS\system32\drivers\aswRdr.sys
2008-03-29 17:27 42,912 ----a-w C:\WINDOWS\system32\drivers\aswTdi.sys
2008-03-29 17:26 26,944 ----a-w C:\WINDOWS\system32\drivers\aavmker4.sys
2008-03-29 17:23 95,608 ----a-w C:\WINDOWS\system32\AVASTSS.scr
2008-03-29 11:19 --------- d-----w C:\Program Files\Messenger Plus! Live
2008-03-27 16:11 --------- d-----w C:\Documents and Settings\All Users\Application Data\WLInstaller
2008-03-26 19:13 --------- d-----w C:\Program Files\Java
2008-03-23 13:31 66,872 ----a-w C:\WINDOWS\system32\PnkBstrA.exe
2008-03-22 23:52 --------- d-----w C:\Program Files\Fichiers communs\Adobe
2008-03-20 08:09 1,845,376 ----a-w C:\WINDOWS\system32\win32k.sys
2008-03-20 08:09 1,845,376 ----a-w C:\WINDOWS\system32\dllcache\win32k.sys
2008-03-11 15:00 --------- d-----w C:\Program Files\Controle Parental
2008-03-08 16:56 --------- d-----w C:\Program Files\Windows Live
2008-03-08 16:22 --------- d-----w C:\Program Files\Orange
2008-03-07 21:42 25,280 ----a-w C:\WINDOWS\system32\drivers\hamachi.sys
2008-03-01 16:28 3,591,680 ----a-w C:\WINDOWS\system32\dllcache\mshtml.dll
2008-02-29 08:57 625,664 ----a-w C:\WINDOWS\system32\dllcache\iexplore.exe
2008-02-29 08:56 70,656 ----a-w C:\WINDOWS\system32\dllcache\ie4uinit.exe
2008-02-28 16:15 --------- d-----w C:\Documents and Settings\All Users\Application Data\InstallShield
2008-02-28 16:12 --------- d-----w C:\Program Files\Gpotato.eu
2008-02-28 16:12 --------- d-----w C:\Program Files\Fichiers communs\InstallShield
2008-02-27 18:31 --------- d-----w C:\Program Files\Fichiers communs\France Telecom
2008-02-27 11:56 --------- d-----w C:\Documents and Settings\nadine gil\Application Data\ONCEMOVE
2008-02-27 11:05 --------- d-----w C:\Program Files\Inventel
2008-02-26 05:51 2,863,616 ----a-w C:\WINDOWS\system32\drivers\ati2mtag.sys
2008-02-26 05:51 2,863,616 ----a-w C:\WINDOWS\system32\dllcache\ati2mtag.sys
2008-02-26 03:12 372,736 ----a-w C:\WINDOWS\system32\ATIDEMGX.dll
2008-02-26 03:10 307,200 ----a-w C:\WINDOWS\system32\atiiiexx.dll
2008-02-26 03:10 299,520 ----a-w C:\WINDOWS\system32\ati2dvag.dll
2008-02-26 03:02 172,032 ----a-w C:\WINDOWS\system32\atipdlxx.dll
2008-02-26 03:02 126,976 ----a-w C:\WINDOWS\system32\Oemdspif.dll
2008-02-26 03:01 43,520 ----a-w C:\WINDOWS\system32\ati2edxx.dll
2008-02-26 03:01 26,112 ----a-w C:\WINDOWS\system32\Ati2mdxx.exe
2008-02-26 03:01 126,976 ----a-w C:\WINDOWS\system32\ati2evxx.dll
2008-02-26 03:00 520,192 ----a-w C:\WINDOWS\system32\ati2evxx.exe
2008-02-26 02:59 9,797,632 ----a-w C:\WINDOWS\system32\atioglx2.dll
2008-02-26 02:58 53,248 ----a-w C:\WINDOWS\system32\ATIDDC.DLL
2008-02-26 02:49 3,176,480 ----a-w C:\WINDOWS\system32\ati3duag.dll
2008-02-26 02:41 1,755,264 ----a-w C:\WINDOWS\system32\ativvaxx.dll
2008-02-26 02:29 46,080 ----a-w C:\WINDOWS\system32\amdpcom32.dll
2008-02-26 02:25 393,216 ----a-w C:\WINDOWS\system32\atikvmag.dll
2008-02-26 02:23 17,408 ----a-w C:\WINDOWS\system32\atitvo32.dll
2008-02-26 02:22 49,152 ----a-w C:\WINDOWS\system32\drivers\ati2erec.dll
2008-02-26 02:21 5,439,488 ----a-w C:\WINDOWS\system32\atioglxx.dll
2008-02-26 02:19 167,936 ----a-w C:\WINDOWS\system32\atiok3x2.dll
2008-02-26 02:16 520,192 ----a-w C:\WINDOWS\system32\ati2cqag.dll
2008-02-22 10:00 13,824 ------w C:\WINDOWS\system32\dllcache\ieudinit.exe
2008-02-20 06:51 282,624 ----a-w C:\WINDOWS\system32\gdi32.dll
2008-02-20 06:51 282,624 ----a-w C:\WINDOWS\system32\dllcache\gdi32.dll
2008-02-20 05:35 45,568 ----a-w C:\WINDOWS\system32\dnsrslvr.dll
2008-02-20 05:35 45,568 ----a-w C:\WINDOWS\system32\dllcache\dnsrslvr.dll
2008-02-20 05:35 148,992 ----a-w C:\WINDOWS\system32\dllcache\dnsapi.dll
2008-02-15 05:44 161,792 ----a-w C:\WINDOWS\system32\dllcache\ieakui.dll
2008-02-01 10:17 587,264 ----a-w C:\WINDOWS\WLXPGSS.SCR
2005-05-11 22:36 12,288 ----a-w C:\WINDOWS\Fonts\RandFont.dll
.

((((((((((((((((((((((((((((((((( Point de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
REGEDIT4
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-10 22:00 15360]
"OM_Monitor"="C:\Program Files\OLYMPUS\OLYMPUS Master\Monitor.exe" [2005-11-29 19:19 57344]
"Sixth comp"="C:\DOCUME~1\NADINE~1\APPLIC~1\ONCEMOVE\About Mfcd.exe" [2008-02-14 22:37 432640]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ehTray"="C:\WINDOWS\ehome\ehtray.exe" [2005-08-05 14:34 64512]
"LaunchApp"="Alaunch" []
"SoundMan"="SOUNDMAN.EXE" [2005-09-22 18:42 90112 C:\WINDOWS\soundman.exe]
"ntiMUI"="c:\Program Files\NewTech Infosystems\NTI CD & DVD-Maker 7\ntiMUI.exe" [2005-05-11 19:15 45056]
"IMJPMIG8.1"="C:\WINDOWS\IME\imjp8_1\IMJPMIG.exe" [2004-08-10 22:00 208952]
"MSPY2002"="C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe" [2004-08-10 22:00 59392]
"PHIME2002ASync"="C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.exe" [2004-08-10 22:00 455168]
"PHIME2002A"="C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.exe" [2004-08-10 22:00 455168]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe" [2008-02-22 05:25 144784]
"eRecoveryService"="C:\Acer\Empowering Technology\eRecovery\Monitor.exe" [2005-11-16 17:00 397312]
"OM_Monitor"="C:\Program Files\OLYMPUS\OLYMPUS Master\FirstStart.exe" [2005-11-29 19:19 40960]
"HP Software Update"="C:\Program Files\HP\HP Software Update\HPWuSchd2.exe" [2005-05-12 00:12 49152]
"avast!"="C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe" [2008-03-29 19:37 79224]
"adiras"="adiras.exe" []
"Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-01-11 23:16 39792]
"StartCCC"="C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2008-01-21 13:17 61440]
"ATICustomerCare"="C:\Program Files\ATI\ATICustomerCare\ATICustomerCare.exe" [2007-10-04 19:38 307200]
"ORAHSSSessionManager"="C:\Program Files\Orange HSS\SessionManager\SessionManager.exe" [2007-07-24 19:03 102400]
"SystrayORAHSS"="C:\Program Files\Orange HSS\Systray\SystrayApp.exe" [2007-07-24 19:55 94208]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2004-08-10 22:00 15360]

C:\Documents and Settings\All Users\Menu D‚marrer\Programmes\D‚marrage\
D‚marrage rapide du logiciel HP Image Zone.lnk - C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe [2005-05-12 01:49:24 73728]
HP Digital Imaging Monitor.lnk - C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe [2005-05-12 00:23:26 282624]
Utilitaire r‚seau pour SAGEM Wi-Fi 11g USB adapter.lnk - C:\Program Files\SAGEM WiFi manager\WLANUTL.exe [2008-04-11 18:23:29 860160]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"InstallVisualStyle"= C:\WINDOWS\Resources\Themes\Royale\Royale.msstyles
"InstallTheme"= C:\WINDOWS\Resources\Themes\Royale.theme

[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusDisableNotify"=dword:00000001
"AntiVirusOverride"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"C:\\Program Files\\Messenger\\msmsgs.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqste08.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpofxm08.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hposfx08.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hposid01.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqscnvw.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqkygrp.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqCopy.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpfccopy.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpzwiz01.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\Unload\\HpqPhUnl.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpoews01.exe"=
"C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"C:\\Program Files\\Windows Live\\Messenger\\livecall.exe"=
"C:\\Program Files\\IncrediMail\\bin\\ImpCnt.exe"=
"C:\\Program Files\\Virgin Interactive\\Original War\\OwarFull.DLL"=
"C:\\Program Files\\Hamachi\\hamachi.exe"=
"C:\\Program Files\\Virgin Interactive\\Original War\\OwarLite.DLL"=
"C:\\WINDOWS\\system32\\PnkBstrA.exe"=
"C:\\WINDOWS\\system32\\PnkBstrB.exe"=
"C:\\Program Files\\Activision\\Call of Duty 4 - Modern Warfare\\iw3mp.exe"=
"C:\\Program Files\\LimeWire\\LimeWire.exe"=
"C:\\Program Files\\Orange HSS\\Connectivity\\ConnectivityManager.exe"=

R1 aswSP;avast! Self Protection;C:\WINDOWS\system32\drivers\aswSP.sys [2008-03-29 19:31]
R2 aswFsBlk;aswFsBlk;C:\WINDOWS\system32\DRIVERS\aswFsBlk.sys [2008-03-29 19:35]
R2 int15.sys;int15.sys;C:\Acer\Empowering Technology\eRecovery\int15.sys [2005-01-13 14:46]
R3 LVHybrid;LVHybrid service;C:\WINDOWS\system32\DRIVERS\LVHybrid.sys [2005-06-21 12:13]
R3 SG760_XP;SAGEM 802.11g XG760 1211 Driver;C:\WINDOWS\system32\DRIVERS\WlanUZXP.sys [2006-01-09 11:26]
S2 IKANLOADER2;General Purpose USB Driver (e4ldr.sys);C:\WINDOWS\system32\Drivers\e4ldr.sys [2006-03-02 19:25]
S3 Boonty Games;Boonty Games;"C:\Program Files\Fichiers communs\BOONTY Shared\Service\Boonty.exe" [2006-10-20 18:57]
S3 e4usbaw;USB ADSL2 WAN Adapter;C:\WINDOWS\system32\DRIVERS\e4usbaw.sys [2006-05-04 18:50]
S3 ZD1211BU(SMC);802.11g Wireless USB2.0 Adapter Driver(SMC);C:\WINDOWS\system32\DRIVERS\zd1211Bu.sys [2006-08-24 14:44]
S3 ZDCndis5;ZDCndis5 Protocol Driver;C:\WINDOWS\system32\ZDCndis5.SYS []

*Newly Created Service* - INT15.SYS
.
**************************************************************************

catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-04-15 12:29:42
Windows 5.1.2600 Service Pack 2 NTFS

Balayage processus cachés ...

Balayage caché autostart entries ...

Balayage des fichiers cachés ...

Scan terminé avec succès
Les fichiers cachés: 7

**************************************************************************
.
Temps d'accomplissement: 2008-04-15 12:33:57
ComboFix-quarantined-files.txt 2008-04-15 10:33:55

Pre-Run: 79,131,017,216 octets libres
Post-Run: 78,973,353,984 octets libres
.
2008-04-11 01:02:34 --- E O F ---


Voila en esperant que sa soit fini :pt1cable: 
15 Avril 2008 22:30:54

Re ,

Reposte un HiJackThis

16 Avril 2008 00:19:46

Je suis pas très doué ^^'

C'est quoi ton prog???

Merci :) 
18 Avril 2008 22:02:01

Ok voila le rapport :

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 21:58:52, on 18/04/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16640)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\drivers\CDAC11BA.EXE
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\PROGRA~1\FICHIE~1\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\system32\dllhost.exe
C:\WINDOWS\ehome\ehtray.exe
C:\WINDOWS\eHome\ehmsas.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe
C:\Acer\Empowering Technology\eRecovery\Monitor.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Orange HSS\Systray\SystrayApp.exe
C:\WINDOWS\system32\ctfmon.exe
C:\PROGRA~1\FICHIE~1\France Telecom\Shared Modules\AlertModule\0\AlertModule.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\HP\Digital Imaging\bin\hpqimzone.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\WINDOWS\system32\NOTEPAD.EXE
C:\WINDOWS\system32\wscntfy.exe
C:\Documents and Settings\nadine gil\Local Settings\Temporary Internet Files\Content.IE5\OSOB7C3Y\HiJackThis[1].exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.msn.com/
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://g.msn.fr/0SEFRFR/SAOS01?FORM=TOOLBR
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\Program Files\Orange HSS\SearchURLHook\SearchPageURL.dll
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O3 - Toolbar: Multi Media France Toolbar - {7009fcd4-05be-44f4-9583-93fe419ab7b0} - C:\Program Files\Multi_Media_France\tbMul0.dll (file missing)
O3 - Toolbar: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe
O4 - HKLM\..\Run: [LaunchApp] Alaunch
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [ntiMUI] c:\Program Files\NewTech Infosystems\NTI CD & DVD-Maker 7\ntiMUI.exe
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe"
O4 - HKLM\..\Run: [eRecoveryService] C:\Acer\Empowering Technology\eRecovery\Monitor.exe
O4 - HKLM\..\Run: [OM_Monitor] C:\Program Files\OLYMPUS\OLYMPUS Master\FirstStart.exe
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [adiras] adiras.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe"
O4 - HKLM\..\Run: [ATICustomerCare] "C:\Program Files\ATI\ATICustomerCare\ATICustomerCare.exe"
O4 - HKLM\..\Run: [ORAHSSSessionManager] C:\Program Files\Orange HSS\SessionManager\SessionManager.exe
O4 - HKLM\..\Run: [SystrayORAHSS] "C:\Program Files\Orange HSS\Systray\SystrayApp.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [OM_Monitor] C:\Program Files\OLYMPUS\OLYMPUS Master\Monitor.exe -NoStart
O4 - HKCU\..\Run: [Sixth comp] C:\DOCUME~1\NADINE~1\APPLIC~1\ONCEMOVE\About Mfcd.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Démarrage rapide du logiciel HP Image Zone.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Utilitaire réseau pour SAGEM Wi-Fi 11g USB adapter.lnk = ?
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: Orange - {1462651F-F4BA-4C76-A001-C4284D0FE16E} - http://www.orange.fr (file missing) (HKCU)
O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll
O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab312...
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.ca...
O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} (Windows Live Safety Center Base Module) - http://cdn.scan.onecare.live.com/resource/download/scan...
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClie...
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPACl...
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/fl...
O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab569...
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Boonty Games - BOONTY - C:\Program Files\Fichiers communs\BOONTY Shared\Service\Boonty.exe
O23 - Service: C-DillaCdaC11BA - Macrovision - C:\WINDOWS\system32\drivers\CDAC11BA.EXE
O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom SA - C:\PROGRA~1\FICHIE~1\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe

--
End of file - 9089 bytes


Et cette fois si merci de répondre : JE PEUX DESINSTALLER TOUT LES AUTRES PROGRAMMES QUE TU M'AS DEMANDE D'INSTALLEE???

Merci :lol: 
20 Avril 2008 09:58:20

Re ,

Citation :
Et cette fois si merci de répondre : JE PEUX DESINSTALLER TOUT LES AUTRES PROGRAMMES QUE TU M'AS DEMANDE D'INSTALLEE???

Du calme , c'est pas terminé ...

Relance HiJackThis clique cette fois sur [do a system scan only]
coche dans les cases à gauche les lignes suivantes ( et uniquement celles-ci ) :
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://g.msn.fr/0SEFRFR/SAOS01?FORM=TOOLBR
O3 - Toolbar: Multi Media France Toolbar - {7009fcd4-05be-44f4-9583-93fe419ab7b0} - C:\Program Files\Multi_Media_France\tbMul0.dll (file missing)
O3 - Toolbar: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll => Yahoo Companion!
O4 - HKCU\..\Run: [Sixth comp] C:\DOCUME~1\NADINE~1\APPLIC~1\ONCEMOVE\About Mfcd.exe
O9 - Extra button: Orange - {1462651F-F4BA-4C76-A001-C4284D0FE16E} - http://www.orange.fr (file missing) (HKCU)

et clique sur [Fix checked] ( en bas à gauche )
A la demande de confirmation , répond Oui

-----------------------------------------------------------

C:\DOCUME~1\NADINE~1\APPLIC~1\ONCEMOVE <- Supprime ce dossier

-----------------------------------------------------------

Tu as toujours des problèmes ?

20 Avril 2008 11:52:35

Bien deja, je n'ai plus aucun problème de pop-up, ou de fenêtres non désirée, ni d'autre problème à part.

Ce que tu ( vous? :D  ) as fait, c'est supprimer tout les virus de mon ordinateur?

Par contre, il y a un dossier qui est apparu sur mon bureau : il s'appelle "backups". Sa vient de ce que tu m'as dit de faire ou non?

En tout cas merci beaucoup pour ton aide :) 
20 Avril 2008 21:36:36

Re ,
Citation :
Ce que tu ( vous? :D  ) as fait, c'est supprimer tout les virus de mon ordinateur?

1) tu :) 
2) oui
Citation :
Par contre, il y a un dossier qui est apparu sur mon bureau : il s'appelle "backups". Sa vient de ce que tu m'as dit de faire ou non?

Oui , tu peux le supprimer

et on va aussi supprimer les outils téléchargés :

Télécharge ToolsCleaner2 [:eric_71:15] < ici

Installe le sur ton Bureau
Clique sur [Recherche] pour lancer le scan
Clique sur [Supprimer] pour nettoyer les outils utilisés
Clique sur [Quitter] , ceci va créer un rapport
Poste le rapport ( C:\TCleaner.txt )
21 Avril 2008 13:37:07

Merci, en fait, le programme que tu viens de me donner est en quelque sorte "liée" à ce que tu m'as donnée précedemment?

Et voila le rapport :

-->- Recherche:

C:\Lop SD: trouvé !
C:\Qoobox: trouvé !
C:\Documents and Settings\All Users\Bureau\Navilog1.lnk: trouvé !
C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Navilog1: trouvé !
C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Navilog1\Navilog1.lnk: trouvé !
C:\Documents and Settings\nadine gil\Bureau\Lop S&D.lnk: trouvé !
C:\Documents and Settings\nadine gil\Bureau\ComboFix.exe: trouvé !
C:\Documents and Settings\nadine gil\Bureau\HijackThis.exe: trouvé !
C:\Documents and Settings\nadine gil\Menu Démarrer\Programmes\Lop S&D: trouvé !
C:\Lop SD\Lop S&D.lnk: trouvé !
C:\Program Files\Navilog1: trouvé !
C:\Program Files\Navilog1\Navilog1.bat: trouvé !

---------------------------------
-->- Suppression:

C:\Documents and Settings\All Users\Bureau\Navilog1.lnk: supprimé !
C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Navilog1\Navilog1.lnk: supprimé !
C:\Documents and Settings\nadine gil\Bureau\Lop S&D.lnk: supprimé !
C:\Documents and Settings\nadine gil\Bureau\ComboFix.exe: supprimé !
C:\Documents and Settings\nadine gil\Bureau\HijackThis.exe: supprimé !
C:\Lop SD\Lop S&D.lnk: supprimé !
C:\Program Files\Navilog1\Navilog1.bat: supprimé !
C:\Lop SD: supprimé !
C:\Qoobox: supprimé !
C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Navilog1: supprimé !
C:\Documents and Settings\nadine gil\Menu Démarrer\Programmes\Lop S&D: supprimé !
C:\Program Files\Navilog1: supprimé !
21 Avril 2008 18:44:08

Re ,

Citation :
Merci, en fait, le programme que tu viens de me donner est en quelque sorte "liée" à ce que tu m'as donnée précedemment?

Il sert à supprimer tous les autres tools ( ça évite de les chercher un par un pour les supprimer ;)  )

C'est tout bon , je te conseille de remplacer Avast! par Antivir ,
Regarde ici : Antivirus : Lequel choisir ? Comment fonctionne-t-il ?

-----------------------------------------------------

Clique, dans ton premier message, sur le bouton "Editer"
Ajoute [Résolu] au titre
Clique ensuite sur "Valider votre message"



Bonne continuation :) 



Tom's guide dans le monde
  • Allemagne
  • Italie
  • Irlande
  • Royaume Uni
  • Etats Unis
Suivre Tom's Guide
Inscrivez-vous à la Newsletter
  • ajouter à twitter
  • ajouter à facebook
  • ajouter un flux RSS