Se connecter / S'enregistrer
Votre question

Problème de pubs CID intempestives. Pouvez-vous m'aider svp??

Tags :
  • Sécurité
Dernière réponse : dans Sécurité et virus
12 Janvier 2008 22:36:47

Bonsoir à tous, j'ai remarquer que je suis toucher par un problème que beaucoup de personnes rencontre. Moi aussi je suis envahi par les pubs CID qui n'arrêtent pas de s'afficher. J'ai regardé sur plusieurs autres forum apparement il faut faire un rapport avec un certain logiciel nommé Hijackthis. J'ai effectué ce rapport mais je ne sais maintemant plus quoi faire. Si vous pouviez m'aider pour enlever ces pubs sa serait vraiment sympa. Voici mon rapport (et merci d'avance):
Logfile of HijackThis v1.99.1
Scan saved at 22:38:54, on 12/01/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe
C:\Program Files\Sunbelt Software\Personal Firewall 4\kpf4ss.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Sunbelt Software\Personal Firewall 4\kpf4gui.exe
C:\WINDOWS\explorer.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\Sunbelt Software\Personal Firewall 4\kpf4gui.exe
C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
C:\Program Files\Home Cinema\PowerCinema\PCMService.exe
C:\WINDOWS\CNYHKey.exe
C:\WINDOWS\Dit.exe
C:\WINDOWS\system32\RunDll32.exe
C:\WINDOWS\mHotkey.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\Program Files\Gadwin Systems\PrintScreen\PrintScreen.exe
C:\Program Files\Creative\Sync Manager Unicode\CTSyncU.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\MSN Messenger\usnsvc.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Documents and Settings\Simon\Mes documents\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.aldi.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Wanadoo
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: (no name) - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - (no file)
F2 - REG:system.ini: Shell=explorer.exe C:\RECYCLER\econtrol_lite\services.exe
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Acrobat\ActiveX\AcroIEHelper.ocx
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - C:\Program Files\MSN Apps\ST\01.03.0000.1005\en-xu\stmain.dll
O2 - BHO: MSNToolBandBHO - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\MSN Toolbar\01.02.5000.1021\fr\msntb.dll
O2 - BHO: (no name) - {FFFFFEF0-5B30-21D4-945D-000000000000} - C:\PROGRA~1\STARDO~1\SDIEInt.dll
O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\MSN Toolbar\01.02.5000.1021\fr\msntb.dll
O3 - Toolbar: (no name) - {37B85A29-692B-4205-9CAD-2626E4993404} - (no file)
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
O4 - HKLM\..\Run: [PCMService] "C:\Program Files\Home Cinema\PowerCinema\PCMService.exe"
O4 - HKLM\..\Run: [ledpointer] CNYHKey.exe
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [Dit] Dit.exe
O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd
O4 - HKLM\..\Run: [CHotkey] mHotkey.exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [Stupid Data Dart Wave] C:\Documents and Settings\All Users\Application Data\flag ace stupid data\wipe love.exe
O4 - HKCU\..\Run: [Gadwin PrintScreen 3.1] C:\Program Files\Gadwin Systems\PrintScreen\PrintScreen.exe /nosplash
O4 - HKCU\..\Run: [TheTurtle] C:\Program Files\TheTurtle\TheTurtle.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.2.908.5008\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [MoneyAgent] "C:\Program Files\Microsoft Money\System\mnyexpr.exe"
O4 - HKCU\..\Run: [CTSyncU.exe] "C:\Program Files\Creative\Sync Manager Unicode\CTSyncU.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Pando] "C:\Program Files\Pando\Pando.exe" /Minimized
O4 - HKCU\..\Run: [Exit Noun] C:\DOCUME~1\Simon\APPLIC~1\PLANAT~1\one joy.exe
O4 - Startup: Yahoo! Widget Engine.lnk = C:\Program Files\Yahoo!\Yahoo! Widget Engine\YahooWidgetEngine.exe
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O8 - Extra context menu item: Télécharger avec Star Downloader - C:\Program Files\Star Downloader\sdie.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no file)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O14 - IERESET.INF: START_PAGE_URL=http://www.aldi.com
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986....
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.ca...
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://messenger.zone.msn.com/binary/ZIntro.cab56649.ca...
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPACl...
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Autodesk Licensing Service - Autodesk - C:\Program Files\Fichiers communs\Autodesk Shared\Service\AdskScSrv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: BlueSoleil Hid Service - Unknown owner - C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: Service de l'iPod (iPod Service) - Unknown owner - C:\Program Files\iPod\bin\iPodService.exe (file missing)
O23 - Service: Sunbelt Kerio Personal Firewall 4 (KPF4) - Sunbelt Software - C:\Program Files\Sunbelt Software\Personal Firewall 4\kpf4ss.exe
O23 - Service: SolidWorks Licensing Service - SolidWorks - C:\Program Files\Fichiers communs\SolidWorks Shared\Service\SolidWorksLicensing.exe

Autres pages sur : probleme pubs cid intempestives pouvez aider svp

12 Janvier 2008 22:41:12

Bonsoir ,

Infection Lop

Télécharge Lop S&D [:eric_71:17] < ici

Double-clique dessus pour lancer l'installation
Puis double-clique sur le raccourci Lop S&D présent sur ton bureau
Séléctionne la langue souhaitée , puis choisis l'Option 1 ( Recherche )
Patiente jusqu'à la fin du scan
Poste le rapport généré ( C:\lopR.txt )

( Si le Bureau ne réapparait pas presse Ctrl + Alt + Suppr , Onglet Fichier , Nouvelle tâche , tape explorer.exe et valide )
12 Janvier 2008 22:55:28

J'ai téléchargé et installé ton logiciel, puis j'ai fait ce que tu m'a dit mais il me dit:
Fichier introuvable
Recherche avec S_Lop ...
Fichier introuvable
Fichier introuvable

Puis il ne m'affiche plus rien et je n'ai pas de rapport que dois-je faire ???
Contenus similaires
12 Janvier 2008 23:10:57

Ah ..

Démarrer \ Executer et tu colle ça et tu valide :
"%programfiles%\Lop SD\Lop S&D"

ça devrait le lancer correctement


12 Janvier 2008 23:18:47

Ah dsl mais sa ne marche toujours pas, je ne sais pas pourquoi, sa fait la même chose que tout a l'heure
12 Janvier 2008 23:25:52


Bizarre , tu l'as bien installé ?

Séléctionne l'encadré ci dessous en entier , puis clique droit , choisis Copier
@echo off
dir /b/a/s "%programfiles%\Lop SD\">>tmp.txt
start /wait notepad tmp.txt& del tmp.txt
exit
::

Puis , menu Démarrer / Executer , tape cmd et valide par OK

fais un clique droit dans la fenêtre noire et choisis Coller
colle moi le rapport

12 Janvier 2008 23:31:49

Voila le rapport:
C:\Program Files\Lop SD\autrinf.cmd
C:\Program Files\Lop SD\Back.cmd
C:\Program Files\Lop SD\catchme.exe
C:\Program Files\Lop SD\Doss.lsd
C:\Program Files\Lop SD\KILL.cmd
C:\Program Files\Lop SD\Langues.cmd
C:\Program Files\Lop SD\Lop S&D.cmd
C:\Program Files\Lop SD\Lop S&D.lnk
C:\Program Files\Lop SD\Menu.cmd
C:\Program Files\Lop SD\paths.bat
C:\Program Files\Lop SD\Process.exe
C:\Program Files\Lop SD\RegLop.reg
C:\Program Files\Lop SD\setpath.exe
C:\Program Files\Lop SD\swreg.exe
C:\Program Files\Lop SD\S_Lop2.cmd
C:\Program Files\Lop SD\Uninstal.exe
12 Janvier 2008 23:36:28

Re ,

vas dans ce dossier :
C:\Program Files\Lop SD
double clique sur ce fichier :
Lop S&D.cmd
12 Janvier 2008 23:47:37

non dsl c'est toujours pareil...
13 Janvier 2008 12:26:49

C'est bon je l'ai fait, cette fois-ci, il y a une icone sur le bureau mais dès que je le lance, il fait comme la dernière fois: Fichier introuvable...
13 Janvier 2008 12:31:53

Je suis foutu c'est sa ?? :(  (Merci beaucoup pour ton aide)
13 Janvier 2008 19:47:42


Re ,

Télécharge ComboFix [:eric_71] < ici

Enregistre le sur ton Bureau et pas ailleurs !
Double clique combofix.exe ( le .exe peut ne pas apparaitre )
Pour démarrer , tape [1] puis valide , attend la fin du scan
il peut y avoir un Redémarrage du PC !

Copie / Colle le rapport généré ( C:\Combofix.txt )

15 Janvier 2008 13:22:15

Ok merci je vais faire sa se soir, pour le moment je ne suis pas chez moi
15 Janvier 2008 17:56:57

Voila le rapport:

ComboFix 08-01-15.4 - Simon 2008-01-15 17:32:35.1 - NTFSx86
Microsoft Windows XP Édition familiale 5.1.2600.2.1252.1.1036.18.550 [GMT 1:00]
Running from: C:\Documents and Settings\Simon\Bureau\ComboFix.exe
* Created a new restore point

WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!
.

(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\Documents and Settings\All Users\Application Data\imgpdf2.dll
C:\Program Files\myglobalsearch

.
((((((((((((((((((((((((((((( Fichiers créés 2007-12-15 to 2008-01-15 ))))))))))))))))))))))))))))))))))))
.

2008-01-15 17:30 . 2000-08-31 08:00 51,200 --a------ C:\WINDOWS\NirCmd.exe
2008-01-15 17:24 . 2008-01-15 17:24 <REP> d-------- C:\Program Files\Plan Atom Sect
2008-01-13 13:24 . 2008-01-13 13:24 <REP> d-------- C:\Documents and Settings\Simon\Application Data\Megaupload
2008-01-13 13:17 . 2008-01-13 13:17 <REP> d-------- C:\Program Files\Megaupload
2008-01-13 13:16 . 2008-01-13 13:16 <REP> d-------- C:\Documents and Settings\Simon\Application Data\InstallShield
2008-01-12 22:46 . 2008-01-12 22:46 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Messenger Plus!
2008-01-12 22:25 . 2008-01-12 22:25 <REP> d-------- C:\Program Files\Windows Live
2008-01-12 22:25 . 2008-01-12 22:25 <REP> d-------- C:\Program Files\Messenger Plus! Live
2008-01-01 16:52 . 2008-01-01 16:55 <REP> d-------- C:\Program Files\AutoCAD 2008
2008-01-01 16:52 . 2008-01-01 16:52 <REP> d-------- C:\Documents and Settings\Simon\Application Data\Autodesk
2008-01-01 16:52 . 2008-01-01 17:10 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Autodesk
2008-01-01 16:50 . 2008-01-01 16:55 <REP> d-------- C:\Program Files\Fichiers communs\Autodesk Shared
2008-01-01 16:50 . 2008-01-01 16:50 <REP> d-------- C:\Program Files\Autodesk
2007-12-30 13:09 . 2008-01-07 18:02 <REP> d-------- C:\Documents and Settings\Francoise\Application Data\Plan Atom Sect
2007-12-29 18:07 . 2007-12-29 18:07 68 --ahs---- C:\WINDOWS\system32\windzfa0.sys
2007-12-29 16:38 . 2007-12-29 16:38 <REP> d-------- C:\Program Files\NCH Software
2007-12-29 13:56 . 2008-01-15 17:25 <REP> d-------- C:\Documents and Settings\Simon\Application Data\Plan Atom Sect
2007-12-28 15:59 . 2007-12-28 16:18 <REP> d-------- C:\Documents and Settings\Simon\Application Data\SecondLife
2007-12-27 11:05 . 2008-01-15 17:25 <REP> d-------- C:\Documents and Settings\All Users\Application Data\flag ace stupid data
2007-12-27 11:04 . 2008-01-10 17:06 <REP> d-------- C:\Documents and Settings\Internet\Application Data\Plan Atom Sect

.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-01-15 16:19 13,440 ----a-w C:\WINDOWS\system32\drivers\USBCRFT.SYS
2008-01-13 12:17 --------- d--h--w C:\Program Files\InstallShield Installation Information
2008-01-12 21:25 --------- d-----w C:\Program Files\MSN Messenger
2008-01-12 20:43 --------- d-----w C:\Program Files\Sonic Foundry ACID Music
2008-01-12 20:35 --------- d-----w C:\Program Files\Jeux
2008-01-12 20:29 --------- d-----w C:\Program Files\Fichiers communs\Real
2008-01-12 20:10 --------- d-----w C:\Program Files\Fichiers communs\Adobe
2008-01-11 22:02 --------- d-----w C:\Program Files\SUPER
2008-01-11 20:23 --------- d-----w C:\Program Files\Pando
2008-01-07 20:36 --------- d-----w C:\Program Files\Microsoft Works
2008-01-04 21:41 --------- d-----w C:\Program Files\Steam
2008-01-02 18:05 --------- d-----w C:\Documents and Settings\Simon\Application Data\SolidWorks
2007-12-19 19:07 --------- d-----w C:\Program Files\Java
2007-12-05 16:36 --------- d-----w C:\Program Files\PDF PDF2Image v2.1
2007-12-04 14:56 93,264 ----a-w C:\WINDOWS\system32\drivers\aswmon.sys
2007-12-04 14:55 94,544 ----a-w C:\WINDOWS\system32\drivers\aswmon2.sys
2007-12-04 14:53 23,152 ----a-w C:\WINDOWS\system32\drivers\aswRdr.sys
2007-12-04 14:51 42,912 ----a-w C:\WINDOWS\system32\drivers\aswTdi.sys
2007-12-04 14:49 26,624 ----a-w C:\WINDOWS\system32\drivers\aavmker4.sys
2007-12-04 13:04 837,496 ----a-w C:\WINDOWS\system32\aswBoot.exe
2007-12-04 12:54 95,608 ----a-w C:\WINDOWS\system32\AVASTSS.scr
2007-11-28 19:28 --------- d-----w C:\Program Files\Picasa2
2007-11-21 18:13 --------- d-----w C:\Documents and Settings\Internet\Application Data\Creative
2007-11-09 21:28 737,280 ----a-w C:\WINDOWS\iun6002.exe
2007-11-07 09:28 728,576 ----a-w C:\WINDOWS\system32\lsasrv.dll
2007-10-29 22:43 1,293,824 ------w C:\WINDOWS\system32\quartz.dll
2007-10-25 08:28 222,720 ----a-w C:\WINDOWS\system32\wmasf.dll
2007-10-17 22:05 36,490 ----a-w C:\Documents and Settings\Simon\Application Data\wklnhst.dat
2007-10-17 17:39 15,354 ----a-w C:\Documents and Settings\Internet\Application Data\wklnhst.dat
2007-06-04 18:38 82,736 ----a-w C:\Documents and Settings\Internet\Application Data\GDIPFONTCACHEV1.DAT
2007-03-29 16:27 87,608 ----a-w C:\Documents and Settings\Simon\Application Data\ezpinst.exe
2007-03-29 16:27 47,360 ----a-w C:\Documents and Settings\Simon\Application Data\pcouffin.sys
2007-01-23 12:00 2,088 ----a-w C:\Documents and Settings\Francoise\Application Data\wklnhst.dat
2007-01-05 22:17 94,104 ----a-w C:\Documents and Settings\Simon\Application Data\GDIPFONTCACHEV1.DAT
2005-06-29 19:30 2,394 ----a-w C:\Documents and Settings\Camille\Application Data\wklnhst.dat
2006-05-03 09:06 163,328 --sh--r C:\WINDOWS\system32\flvDX.dll
2007-02-21 10:47 31,232 --sh--r C:\WINDOWS\system32\msfDX.dll
.

((((((((((((((((((((((((((((((((( Point de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
REGEDIT4
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Gadwin PrintScreen 3.1"="C:\Program Files\Gadwin Systems\PrintScreen\PrintScreen.exe" [2005-09-26 11:39 1073152]
"TheTurtle"="C:\Program Files\TheTurtle\TheTurtle.exe" [ ]
"swg"="C:\Program Files\Google\GoogleToolbarNotifier\1.2.908.5008\GoogleToolbarNotifier.exe" [ ]
"Steam"="" []
"MoneyAgent"="C:\Program Files\Microsoft Money\System\mnyexpr.exe" [2003-06-18 12:00 204800]
"CTSyncU.exe"="C:\Program Files\Creative\Sync Manager Unicode\CTSyncU.exe" [2006-06-12 13:32 700416]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-20 00:09 15360]
"Pando"="C:\Program Files\Pando\Pando.exe" [2007-10-05 12:33 5207368]
"Exit Noun"="C:\DOCUME~1\Simon\APPLIC~1\PLANAT~1\one joy.exe" [2008-01-15 17:24 473600]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe" [2007-09-25 01:11 132496]
"PCMService"="C:\Program Files\Home Cinema\PowerCinema\PCMService.exe" [2004-02-26 10:08 61440]
"ledpointer"="CNYHKey.exe" [2004-02-03 17:15 5794816 C:\WINDOWS\CNYHKey.exe]
"Dit"="Dit.exe" [2003-12-29 23:33 94208 C:\WINDOWS\Dit.exe]
"Cmaudio"="cmicnfg.cpl" [2004-01-07 15:14 2453504 C:\WINDOWS\CMICNFG.CPL]
"CHotkey"="mHotkey.exe" [2004-02-05 13:45 510464 C:\WINDOWS\mHotkey.exe]
"avast!"="C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe" [2007-12-04 14:00 79224]
"ATIPTA"="C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe" [2004-01-27 14:30 335872]
"QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [2007-04-27 08:41 282624]
"Stupid Data Dart Wave"="C:\Documents and Settings\All Users\Application Data\flag ace stupid data\view file.exe" [2008-01-15 17:25 642560]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\System32\CTFMON.EXE" [2004-08-20 00:09 15360]
"Picasa Media Detector"="C:\Program Files\Picasa2\PicasaMediaDetector.exe" [2007-10-23 22:18 443968]

R1 fwdrv;Firewall Driver;C:\WINDOWS\system32\drivers\fwdrv.sys [2005-12-15 18:13]
R1 khips;Kerio HIPS Driver;C:\WINDOWS\system32\drivers\khips.sys [2005-12-15 18:01]
R2 vcs;Vcs support;C:\WINDOWS\system32\Drivers\Vcs.sys [2002-12-10 08:11]
R3 Cap7134;MEDION (7134) WDM Video Capture;C:\WINDOWS\system32\DRIVERS\Cap7134.sys [2003-06-05 10:04]
R3 CardReaderFilter;Card Reader Filter;C:\WINDOWS\system32\Drivers\USBCRFT.SYS [2008-01-15 17:19]
R3 PhTVTune;MEDION TV-TUNER 7134 MK2/3;C:\WINDOWS\system32\DRIVERS\PhTVTune.sys [2003-06-12 07:47]
R3 UKBFLT;UKBFLT;C:\WINDOWS\system32\DRIVERS\UKBFLT.sys [2003-12-19 17:13]
R3 USBSTOR;Pilote de stockage de masse USB;C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2004-08-04 07:08]
R3 wbscr;Winbond Smartcard Reader for I/O;C:\WINDOWS\system32\drivers\wbscr.sys [2002-04-24 12:07]
S2 Ca536av;DV 3500(Video);C:\WINDOWS\system32\Drivers\Ca536av.sys [2003-09-05 12:47]
S3 BTNetFilter;Bluetooth Network Filter;C:\WINDOWS\system32\drivers\BTNetFilter.sys [2004-12-16 16:32]
S3 Intels51;Creatix V.9X DSP Data Fax Modem;C:\WINDOWS\system32\DRIVERS\ctxs51.sys [2003-05-22 19:44]
S3 LUMDriver;LUMDriver;C:\WINDOWS\system32\drivers\LUMDriver.sys [2003-07-11 14:22]
S3 o1394bul;o1394bul;C:\DOCUME~1\Simon\LOCALS~1\Temp\o1394bul.sys []
S3 PRISM_A00;PRISM 802.11g Driver;C:\WINDOWS\system32\DRIVERS\PRISMA00.sys [2004-01-16 09:31]
S3 USBCamera;DV 3500(Still);C:\WINDOWS\system32\Drivers\Bulk536.sys [2003-05-14 16:28]
S3 usbscan;Pilote de scanneur USB;C:\WINDOWS\system32\DRIVERS\usbscan.sys [2004-08-04 06:58]
S4 BBDemon;Backbone Service;"C:\Program Files\Dassault Systemes\B16\intel_a\code\bin\CATSysDemon.exe" [2005-09-06 21:11]

*Newly Created Service* - PROCEXP90
.
Contenu du dossier 'Scheduled Tasks/Tâches planifiées'
"2008-01-15 16:25:33 C:\WINDOWS\Tasks\AA5D66F5918B1B6D.job"
- c:\docume~1\simon\applic~1\planat~1\Bowsglueseek.exe
"2008-01-10 16:06:03 C:\WINDOWS\Tasks\AC4B551B9188C76B.job"
- c:\docume~1\internet\applic~1\planat~1\Bowsglueseek.exe
"2008-01-07 17:02:36 C:\WINDOWS\Tasks\AD5D336E918AA6CE.job"
- c:\docume~1\franco~1\applic~1\planat~1\Bowsglueseek.exe
"2006-05-25 18:15:02 C:\WINDOWS\Tasks\sauve.job"
- C:\Temp\sauve.bat
.
**************************************************************************

catchme 0.3.1344 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-01-15 17:44:53
Windows 5.1.2600 Service Pack 2 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
Completion time: 2008-01-15 17:46:35
ComboFix-quarantined-files.txt 2008-01-15 16:46:29
.
2008-01-08 20:52:56 --- E O F ---
15 Janvier 2008 18:36:54

Tiens, je viens de remarquer un truc, en fouillant dans mon disque dur, je viens de trouver un rapport de Lop S&P, je suis désolé mais je pensais que sa n'avait pas marché mais apparement si. Je te mets en plus le rapport de Lop S&D (encore dsl pour le temps que je te fais perdre):


-----------------------------[ Lop S&D 2.0.1 ]---------------------------

Microsoft Windows XP [version 5.1.2600] [ OS : Windows_NT ]

"C:\Program Files\Lop SD"

[ 13/01/2008 | 12:32:58.15 ] [ CARRE1 ]


-------------[ Listing des dossiers dans Application Data ]------------

C:\Documents and Settings\Admin\APPLIC~1\Microsoft
C:\Documents and Settings\Admin\APPLIC~1\Macromedia
C:\Documents and Settings\Admin\APPLIC~1\Real
C:\Documents and Settings\Admin\APPLIC~1\AdobeUM
C:\Documents and Settings\Admin\APPLIC~1\Adobe
C:\Documents and Settings\Admin\APPLIC~1\Cyberlink
C:\Documents and Settings\Admin\APPLIC~1\Ahead
C:\Documents and Settings\Admin\APPLIC~1\Help
C:\Documents and Settings\Admin\APPLIC~1\Identities
C:\Documents and Settings\Admin\APPLIC~1\desktop.ini

C:\Documents and Settings\All Users\APPLIC~1\Messenger Plus!
C:\Documents and Settings\All Users\APPLIC~1\flag ace stupid data
C:\Documents and Settings\All Users\APPLIC~1\Autodesk
C:\Documents and Settings\All Users\APPLIC~1\imgpdf2.dll
C:\Documents and Settings\All Users\APPLIC~1\DVD Shrink
C:\Documents and Settings\All Users\APPLIC~1\Google
C:\Documents and Settings\All Users\APPLIC~1\Microsoft
C:\Documents and Settings\All Users\APPLIC~1\QTSBandwidthCache
C:\Documents and Settings\All Users\APPLIC~1\DassaultSystemes
C:\Documents and Settings\All Users\APPLIC~1\Apple Computer
C:\Documents and Settings\All Users\APPLIC~1\Ulead Systems
C:\Documents and Settings\All Users\APPLIC~1\Bluetooth
C:\Documents and Settings\All Users\APPLIC~1\Windows Genuine Advantage
C:\Documents and Settings\All Users\APPLIC~1\Ubisoft
C:\Documents and Settings\All Users\APPLIC~1\Adobe Systems
C:\Documents and Settings\All Users\APPLIC~1\Adobe
C:\Documents and Settings\All Users\APPLIC~1\MSN6
C:\Documents and Settings\All Users\APPLIC~1\QuickTime
C:\Documents and Settings\All Users\APPLIC~1\NFS Underground
C:\Documents and Settings\All Users\APPLIC~1\CyberLink
C:\Documents and Settings\All Users\APPLIC~1\Spybot - Search & Destroy
C:\Documents and Settings\All Users\APPLIC~1\muvee Technologies
C:\Documents and Settings\All Users\APPLIC~1\Ahead
C:\Documents and Settings\All Users\APPLIC~1\SBSI
C:\Documents and Settings\All Users\APPLIC~1\desktop.ini


C:\Documents and Settings\Camille\APPLIC~1\VMNTOOLBAR
C:\Documents and Settings\Camille\APPLIC~1\Google
C:\Documents and Settings\Camille\APPLIC~1\Sun
C:\Documents and Settings\Camille\APPLIC~1\Microsoft
C:\Documents and Settings\Camille\APPLIC~1\EPSON
C:\Documents and Settings\Camille\APPLIC~1\wklnhst.dat
C:\Documents and Settings\Camille\APPLIC~1\Macromedia
C:\Documents and Settings\Camille\APPLIC~1\Real
C:\Documents and Settings\Camille\APPLIC~1\AdobeUM
C:\Documents and Settings\Camille\APPLIC~1\Adobe
C:\Documents and Settings\Camille\APPLIC~1\Cyberlink
C:\Documents and Settings\Camille\APPLIC~1\Ahead
C:\Documents and Settings\Camille\APPLIC~1\Help
C:\Documents and Settings\Camille\APPLIC~1\Identities
C:\Documents and Settings\Camille\APPLIC~1\desktop.ini

C:\Documents and Settings\Default User\APPLIC~1\Microsoft
C:\Documents and Settings\Default User\APPLIC~1\Macromedia
C:\Documents and Settings\Default User\APPLIC~1\Real
C:\Documents and Settings\Default User\APPLIC~1\AdobeUM
C:\Documents and Settings\Default User\APPLIC~1\Adobe
C:\Documents and Settings\Default User\APPLIC~1\Cyberlink
C:\Documents and Settings\Default User\APPLIC~1\Ahead
C:\Documents and Settings\Default User\APPLIC~1\Help
C:\Documents and Settings\Default User\APPLIC~1\Identities
C:\Documents and Settings\Default User\APPLIC~1\desktop.ini

C:\Documents and Settings\Francoise\APPLIC~1\Plan Atom Sect
C:\Documents and Settings\Francoise\APPLIC~1\VMNTOOLBAR
C:\Documents and Settings\Francoise\APPLIC~1\Sun
C:\Documents and Settings\Francoise\APPLIC~1\DassaultSystemes
C:\Documents and Settings\Francoise\APPLIC~1\Musicmatch
C:\Documents and Settings\Francoise\APPLIC~1\Microsoft
C:\Documents and Settings\Francoise\APPLIC~1\wklnhst.dat
C:\Documents and Settings\Francoise\APPLIC~1\Google
C:\Documents and Settings\Francoise\APPLIC~1\Adobe
C:\Documents and Settings\Francoise\APPLIC~1\Xfire
C:\Documents and Settings\Francoise\APPLIC~1\AdobeUM
C:\Documents and Settings\Francoise\APPLIC~1\Macromedia
C:\Documents and Settings\Francoise\APPLIC~1\Real
C:\Documents and Settings\Francoise\APPLIC~1\Cyberlink
C:\Documents and Settings\Francoise\APPLIC~1\Ahead
C:\Documents and Settings\Francoise\APPLIC~1\Help
C:\Documents and Settings\Francoise\APPLIC~1\Identities
C:\Documents and Settings\Francoise\APPLIC~1\desktop.ini

C:\Documents and Settings\Internet\APPLIC~1\Plan Atom Sect
C:\Documents and Settings\Internet\APPLIC~1\Creative
C:\Documents and Settings\Internet\APPLIC~1\VMNTOOLBAR
C:\Documents and Settings\Internet\APPLIC~1\wklnhst.dat
C:\Documents and Settings\Internet\APPLIC~1\DivX
C:\Documents and Settings\Internet\APPLIC~1\Apple Computer
C:\Documents and Settings\Internet\APPLIC~1\GDIPFONTCACHEV1.DAT
C:\Documents and Settings\Internet\APPLIC~1\MSN6
C:\Documents and Settings\Internet\APPLIC~1\DassaultSystemes
C:\Documents and Settings\Internet\APPLIC~1\Azureus
C:\Documents and Settings\Internet\APPLIC~1\Sun
C:\Documents and Settings\Internet\APPLIC~1\vlc
C:\Documents and Settings\Internet\APPLIC~1\AdobeUM
C:\Documents and Settings\Internet\APPLIC~1\Google
C:\Documents and Settings\Internet\APPLIC~1\Xfire
C:\Documents and Settings\Internet\APPLIC~1\Microsoft
C:\Documents and Settings\Internet\APPLIC~1\Adobe
C:\Documents and Settings\Internet\APPLIC~1\EPSON
C:\Documents and Settings\Internet\APPLIC~1\Macromedia
C:\Documents and Settings\Internet\APPLIC~1\Real
C:\Documents and Settings\Internet\APPLIC~1\Cyberlink
C:\Documents and Settings\Internet\APPLIC~1\Ahead
C:\Documents and Settings\Internet\APPLIC~1\Help
C:\Documents and Settings\Internet\APPLIC~1\Identities
C:\Documents and Settings\Internet\APPLIC~1\desktop.ini

C:\Documents and Settings\LocalService\APPLIC~1\Macromedia
C:\Documents and Settings\LocalService\APPLIC~1\Microsoft
C:\Documents and Settings\LocalService\APPLIC~1\X10 Commander

C:\Documents and Settings\NetworkService\APPLIC~1\Microsoft

C:\Documents and Settings\Propri‚taire\APPLIC~1\Real

C:\Documents and Settings\Simon\APPLIC~1\Real
C:\Documents and Settings\Simon\APPLIC~1\SolidWorks
C:\Documents and Settings\Simon\APPLIC~1\Plan Atom Sect
C:\Documents and Settings\Simon\APPLIC~1\Autodesk
C:\Documents and Settings\Simon\APPLIC~1\SecondLife
C:\Documents and Settings\Simon\APPLIC~1\Mozilla
C:\Documents and Settings\Simon\APPLIC~1\wklnhst.dat
C:\Documents and Settings\Simon\APPLIC~1\vmntoolbar
C:\Documents and Settings\Simon\APPLIC~1\Xfire
C:\Documents and Settings\Simon\APPLIC~1\Mp3tag
C:\Documents and Settings\Simon\APPLIC~1\Creative
C:\Documents and Settings\Simon\APPLIC~1\Settings.cfg
C:\Documents and Settings\Simon\APPLIC~1\Par d‚faut.cls
C:\Documents and Settings\Simon\APPLIC~1\Connexion FTP.ftp
C:\Documents and Settings\Simon\APPLIC~1\Dynamique
C:\Documents and Settings\Simon\APPLIC~1\Sites pr‚d‚finis
C:\Documents and Settings\Simon\APPLIC~1\Vso
C:\Documents and Settings\Simon\APPLIC~1\Apple Computer
C:\Documents and Settings\Simon\APPLIC~1\Leadertech
C:\Documents and Settings\Simon\APPLIC~1\Hamachi
C:\Documents and Settings\Simon\APPLIC~1\pcouffin.log
C:\Documents and Settings\Simon\APPLIC~1\ezpinst.exe
C:\Documents and Settings\Simon\APPLIC~1\pcouffin.cat
C:\Documents and Settings\Simon\APPLIC~1\pcouffin.sys
C:\Documents and Settings\Simon\APPLIC~1\pcouffin.inf
C:\Documents and Settings\Simon\APPLIC~1\STOIK
C:\Documents and Settings\Simon\APPLIC~1\Screenshot Sender
C:\Documents and Settings\Simon\APPLIC~1\RapidGet
C:\Documents and Settings\Simon\APPLIC~1\GDIPFONTCACHEV1.DAT
C:\Documents and Settings\Simon\APPLIC~1\DivX
C:\Documents and Settings\Simon\APPLIC~1\InstallShield Installation Information
C:\Documents and Settings\Simon\APPLIC~1\Microsoft
C:\Documents and Settings\Simon\APPLIC~1\SolidWorksNewsReader
C:\Documents and Settings\Simon\APPLIC~1\DWGeditor
C:\Documents and Settings\Simon\APPLIC~1\dvdcss
C:\Documents and Settings\Simon\APPLIC~1\teamspeak2
C:\Documents and Settings\Simon\APPLIC~1\AdobeUM
C:\Documents and Settings\Simon\APPLIC~1\FlashFXP
C:\Documents and Settings\Simon\APPLIC~1\Azureus
C:\Documents and Settings\Simon\APPLIC~1\InterTrust
C:\Documents and Settings\Simon\APPLIC~1\Thumbs.db
C:\Documents and Settings\Simon\APPLIC~1\Adobe
C:\Documents and Settings\Simon\APPLIC~1\Sun
C:\Documents and Settings\Simon\APPLIC~1\DassaultSystemes
C:\Documents and Settings\Simon\APPLIC~1\vlc
C:\Documents and Settings\Simon\APPLIC~1\Google
C:\Documents and Settings\Simon\APPLIC~1\FTP Expert Stockage.ftp
C:\Documents and Settings\Simon\APPLIC~1\Ulead Systems
C:\Documents and Settings\Simon\APPLIC~1\CDRusersDB.v12
C:\Documents and Settings\Simon\APPLIC~1\iScreensaver
C:\Documents and Settings\Simon\APPLIC~1\EPSON
C:\Documents and Settings\Simon\APPLIC~1\Macromedia
C:\Documents and Settings\Simon\APPLIC~1\Cyberlink
C:\Documents and Settings\Simon\APPLIC~1\Ahead
C:\Documents and Settings\Simon\APPLIC~1\Help
C:\Documents and Settings\Simon\APPLIC~1\Identities
C:\Documents and Settings\Simon\APPLIC~1\desktop.ini

----------------[ Tâches planifiées dans C:\WINDOWS\tasks ]---------------

[10/01/2008 17:06][--ah-----]C:\WINDOWS\tasks\AC4B551B9188C76B.job
[07/01/2008 18:02][--ah-----]C:\WINDOWS\tasks\AD5D336E918AA6CE.job
[25/05/2006 19:15][--a------]C:\WINDOWS\tasks\sauve.job
[30/08/2002 13:00][-r-h-----]C:\WINDOWS\tasks\desktop.ini
[26/05/2006 11:42][--ah-----]C:\WINDOWS\tasks\SA.DAT

---------------[ Listing des dossiers dans C:\Program Files ]--------------

C:\Program Files\Activision
C:\Program Files\Adobe
C:\Program Files\Ahead
C:\Program Files\Alcohol Soft
C:\Program Files\Alwil Software
C:\Program Files\AquaScape 3D
C:\Program Files\ashampoo
C:\Program Files\Atari
C:\Program Files\ATI Technologies
C:\Program Files\AutoCAD 2008
C:\Program Files\Autodesk
C:\Program Files\AV VCS 3.0
C:\Program Files\AviSynth 2.5
C:\Program Files\CA
C:\Program Files\C-Media 3D Audio
C:\Program Files\Common Files
C:\Program Files\Creative
C:\Program Files\Creative ZEN Vision M Series
C:\Program Files\CyberLink
C:\Program Files\Dassault Systemes
C:\Program Files\DiMAGE Viewer
C:\Program Files\DivX
C:\Program Files\D-Tools
C:\Program Files\DV 3500
C:\Program Files\DVD Shrink
C:\Program Files\DVDFab Gold
C:\Program Files\DWGeditor
C:\Program Files\EA GAMES
C:\Program Files\EPSON
C:\Program Files\Fichiers communs
C:\Program Files\Gadwin Systems
C:\Program Files\Google
C:\Program Files\Hewlett-Packard
C:\Program Files\HighMAT CD Writing Wizard
C:\Program Files\Home Cinema
C:\Program Files\INFORAD
C:\Program Files\INFORAD_DRIVERS
C:\Program Files\Intel
C:\Program Files\Intelore
C:\Program Files\InterActual
C:\Program Files\Internet Explorer
C:\Program Files\IVT Corporation
C:\Program Files\Java
C:\Program Files\JavaSoft
C:\Program Files\Jeux
C:\Program Files\Lop SD
C:\Program Files\LucasArts
C:\Program Files\Magicbit
C:\Program Files\Medion Tools
C:\Program Files\Messenger
C:\Program Files\Messenger Plus! Live
C:\Program Files\Metin2_France
C:\Program Files\Microsoft Encarta
C:\Program Files\microsoft frontpage
C:\Program Files\Microsoft FrontPage Express
C:\Program Files\Microsoft Games
C:\Program Files\Microsoft Money
C:\Program Files\Microsoft Office
C:\Program Files\Microsoft Office97
C:\Program Files\Microsoft Picture It! 9
C:\Program Files\Microsoft Visual Studio
C:\Program Files\Microsoft Works
C:\Program Files\Microsoft Works Suite 2004
C:\Program Files\Midas Interactive
C:\Program Files\Morpheus Software
C:\Program Files\Movie Maker
C:\Program Files\Mp3tag
C:\Program Files\MSN
C:\Program Files\MSN Apps
C:\Program Files\MSN Gaming Zone
C:\Program Files\MSN Messenger
C:\Program Files\MUSICMATCH
C:\Program Files\MyGlobalSearch
C:\Program Files\NCH Software
C:\Program Files\NCH Swift Sound
C:\Program Files\neodivx2006
C:\Program Files\NetMeeting
C:\Program Files\Nullsoft
C:\Program Files\OfficeUpdate11
C:\Program Files\Outlook Express
C:\Program Files\Pando
C:\Program Files\PC Inspector File Recovery
C:\Program Files\PDF PDF2Image v2.1
C:\Program Files\PestPatrol
C:\Program Files\Picasa2
C:\Program Files\PowerArchiver
C:\Program Files\Program Files
C:\Program Files\pspvideo9
C:\Program Files\QuickTime
C:\Program Files\Real
C:\Program Files\RegCleaner
C:\Program Files\SolidWorks
C:\Program Files\SolidWorks Installation Manager
C:\Program Files\Sonic Foundry ACID Music
C:\Program Files\SprayR
C:\Program Files\Spybot - Search & Destroy
C:\Program Files\Star Downloader
C:\Program Files\Steam
C:\Program Files\Storm
C:\Program Files\Sunbelt Software
C:\Program Files\SUPER
C:\Program Files\Teamspeak2_RC2
C:\Program Files\Ulead Systems
C:\Program Files\USB Wireless Keyboard Driver
C:\Program Files\VideoLAN
C:\Program Files\Viewpoint
C:\Program Files\vmntoolbar
C:\Program Files\Wanadoo
C:\Program Files\Winamp
C:\Program Files\Winbond Electronics Corp
C:\Program Files\Windows Desktop Search
C:\Program Files\Windows Journal Viewer
C:\Program Files\Windows Live
C:\Program Files\Windows Media Connect 2
C:\Program Files\Windows Media Player
C:\Program Files\Windows NT
C:\Program Files\WinRAR
C:\Program Files\xerox

------[ Listing des dossiers dans C:\Program Files\Fichiers communs ]------

C:\Program Files\Fichiers communs\Adobe
C:\Program Files\Fichiers communs\Adobe Systems Shared
C:\Program Files\Fichiers communs\Ahead
C:\Program Files\Fichiers communs\AOL
C:\Program Files\Fichiers communs\Autodesk Shared
C:\Program Files\Fichiers communs\Borland Shared
C:\Program Files\Fichiers communs\Designer
C:\Program Files\Fichiers communs\DirectX
C:\Program Files\Fichiers communs\eDrawings2007
C:\Program Files\Fichiers communs\EPSON
C:\Program Files\Fichiers communs\InstallShield
C:\Program Files\Fichiers communs\Java
C:\Program Files\Fichiers communs\Microsoft Shared
C:\Program Files\Fichiers communs\MSSoap
C:\Program Files\Fichiers communs\ODBC
C:\Program Files\Fichiers communs\Python
C:\Program Files\Fichiers communs\Real
C:\Program Files\Fichiers communs\Services
C:\Program Files\Fichiers communs\Solidworks Data
C:\Program Files\Fichiers communs\SolidWorks Shared
C:\Program Files\Fichiers communs\SpeechEngines
C:\Program Files\Fichiers communs\System

----------------------[ Recherche avec S_Lop ]---------------------

15 Janvier 2008 21:57:30


Re ,

Séléctionne l'encadré ci dessous en entier , puis clique droit , choisis Copier
Driver::
o1394bul

DirLook::
C:\Program Files\SUPER

File::
C:\DOCUME~1\Simon\LOCALS~1\Temp\o1394bul.sys
C:\WINDOWS\Tasks\AA5D66F5918B1B6D.job"
c:\docume~1\simon\applic~1\planat~1\Bowsglueseek.exe
C:\WINDOWS\Tasks\AC4B551B9188C76B.job
c:\docume~1\internet\applic~1\planat~1\Bowsglueseek.exe
C:\WINDOWS\Tasks\AD5D336E918AA6CE.job

Folder::
C:\Program Files\Plan Atom Sect
C:\Documents and Settings\Francoise\Application Data\Plan Atom Sect
C:\Documents and Settings\Simon\Application Data\Plan Atom Sect
C:\Documents and Settings\All Users\Application Data\flag ace stupid data
C:\Documents and Settings\Internet\Application Data\Plan Atom Sect

Registry::
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Exit Noun"=-
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Stupid Data Dart Wave"=-

Colle le dans le Bloc-Notes
Enregistre le sur ton Bureau et nomme le CFScript ( type fichier texte )
Fait glisser le fichier CFScript sur le fichier ComboFix.exe comme ceci :



Un menu va apparaitre , tape 1 puis valide
Laisse faire le scan et poste le rapport généré ( C:\ComboFix.txt )

------------------------------------------------------

Clique sur le menu Demarrer / Panneau de configuration / Options des dossiers / puis dans l'onglet Affichage
- coche Afficher les fichiers et dossiers cachés
- decoche Masquer les extensions des fichiers dont le type est connu
- decoche Masquer les fichiers protégés du système d'exploitation ( recommandé )
clique sur Appliquer

Fais analyser ce fichier ici : Virustotal
Clique sur , choisis Poste de travail , puis C:\
puis Windows , puis System32 , et enfin windzfa0.sys

Clique maintenant sur

il sera analysé par une plusieurs Antivirus

copie / colle le rapport

Puis la même chose avec celui-ci :
C:\Documents and Settings\Simon\Application Data\wklnhst.dat

16 Janvier 2008 20:59:13

Je crois que je j'ai un problème, le scan de Combofix a échoué et il y a eu un écran bleu avec Vidage de la mémoire physique etc...
Et maintenant quand je redémarre le pc, il me dit qu'il a une erreur serieuse. Aie Aie Aie, je n'aurai jamais du toucher à tout sa... Voila l'erreur, mais je ne sais pas en quoi elle gêne ?
http://img408.imageshack.us/img408/9573/screenshot018uw...


16 Janvier 2008 21:04:37

Sa m'inquiète vraiment, que dois-je faire svp ?
16 Janvier 2008 21:12:23


Hello ,

bizarre , tu te rapelle à quel moment le scan à bloqué ( etape ... ) ?

redémarre le PC , tapotte sur F8 jusqu'à l'apparition du menu et choisis "Dernière bonne configuration"
16 Janvier 2008 21:15:01

Re, non je ne me rappel plus de l'étape car je n'était pas devant le pc quand il a fait le scan. Je redémarre le pc comme tu me la dis a tout de suite.
16 Janvier 2008 21:32:00

C'est bon je viens de redémarrer et plus de msg d'erreur :) 
Mais le plus bizarre, c'est que je crois que je suis guéri :) 
Depuis tout à l'heure je ne vois plus de pub's CID et Iexplorer.exe dans le processus ne tourne plus continuellement
C'est plutôt bizarre non ? De plus après le scan raté avec Combofix, le fichier .txt que tu m'avais fait créer a disparu et a été remplacé par catchme.zip apparement. De plus j'ai plusieurs dossiers dans C: qui n'y étaient pas avant (un dossier Combofix avec plein de fichiers bizarres: http://img248.imageshack.us/img248/6716/screenshot028av... et aussi un dossier Qoobox contenant: http://img85.imageshack.us/img85/6683/screenshot019ef8.... )
16 Janvier 2008 21:42:37

Re , les dossiers c'est normal , ils contiennent les fichiers supprimés

Désinstalle Lop S&D ( ajout / suppression de programmes )

puis Désactive tes protections résidentes ( Antivirus , ... ) tu les réactivera après le scan

Télécharge Lop S&D [:eric_71:17] < ici ( pas la même version )

Double-clique dessus pour lancer l'installation
Puis double-clique sur le raccourci Lop S&D présent sur ton bureau
Séléctionne la langue souhaitée , puis choisis l'Option 1 ( Recherche )
Patiente jusqu'à la fin du scan
Poste le rapport généré ( C:\lopR.txt )

( Si le Bureau ne réapparait pas presse Ctrl + Alt + Suppr , Onglet Fichier , Nouvelle tâche , tape explorer.exe et valide )
16 Janvier 2008 22:17:44


-----------------------------[ Lop S&D 2.0.5 ]---------------------------

[ Microsoft Windows XP [version 5.1.2600] [ OS : Windows_NT ]

[ USER: Simon ] [ "C:\Program Files\Lop SD" ]

[ 2008-01-16 | 22:05:29.37 ] [ CARRE1 ]


-------------[ Listing des dossiers dans Application Data ]------------

[2007-10-18|18:04] C:\DOCUME~1\Admin\APPLIC~1\..
[2007-10-18|18:04] C:\DOCUME~1\Admin\APPLIC~1\.
[2007-10-18|18:04] C:\DOCUME~1\Admin\APPLIC~1\Microsoft
[2004-02-28|17:59] C:\DOCUME~1\Admin\APPLIC~1\Macromedia
[2004-02-28|17:58] C:\DOCUME~1\Admin\APPLIC~1\Real
[2004-02-28|16:52] C:\DOCUME~1\Admin\APPLIC~1\AdobeUM
[2004-02-28|16:52] C:\DOCUME~1\Admin\APPLIC~1\Adobe
[2004-02-28|16:26] C:\DOCUME~1\Admin\APPLIC~1\Cyberlink
[2004-02-28|15:48] C:\DOCUME~1\Admin\APPLIC~1\Ahead
[2004-02-27|19:06] C:\DOCUME~1\Admin\APPLIC~1\Help
[2004-02-27|18:30] C:\DOCUME~1\Admin\APPLIC~1\Identities
[2004-02-27|18:26] C:\DOCUME~1\Admin\APPLIC~1\desktop.ini

[2008-01-16|20:49] C:\DOCUME~1\ALLUSE~1\APPLIC~1\QTSBandwidthCache
[2008-01-16|20:05] C:\DOCUME~1\ALLUSE~1\APPLIC~1\..
[2008-01-16|20:05] C:\DOCUME~1\ALLUSE~1\APPLIC~1\.
[2008-01-12|22:46] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Messenger Plus!
[2008-01-01|17:10] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Autodesk
[2007-10-27|19:53] C:\DOCUME~1\ALLUSE~1\APPLIC~1\DVD Shrink
[2007-10-18|17:50] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Google
[2007-10-18|17:44] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft
[2007-08-16|09:42] C:\DOCUME~1\ALLUSE~1\APPLIC~1\DassaultSystemes
[2007-05-27|16:35] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple Computer
[2007-02-25|15:50] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Ulead Systems
[2007-01-22|21:52] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Bluetooth
[2006-09-21|19:22] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Genuine Advantage
[2006-08-11|22:43] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Ubisoft
[2006-06-04|13:48] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe Systems
[2006-06-04|12:21] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe
[2006-03-18|10:21] C:\DOCUME~1\ALLUSE~1\APPLIC~1\MSN6
[2006-02-26|16:09] C:\DOCUME~1\ALLUSE~1\APPLIC~1\QuickTime
[2005-12-31|21:50] C:\DOCUME~1\ALLUSE~1\APPLIC~1\NFS Underground
[2005-02-18|21:23] C:\DOCUME~1\ALLUSE~1\APPLIC~1\CyberLink
[2004-08-24|22:19] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Spybot - Search & Destroy
[2004-02-28|15:01] C:\DOCUME~1\ALLUSE~1\APPLIC~1\muvee Technologies
[2004-02-28|14:34] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Ahead
[2004-02-27|18:33] C:\DOCUME~1\ALLUSE~1\APPLIC~1\SBSI
[2004-02-27|18:26] C:\DOCUME~1\ALLUSE~1\APPLIC~1\desktop.ini


[2007-10-16|11:48] C:\DOCUME~1\Camille\APPLIC~1\VMNTOOLBAR
[2006-12-06|13:25] C:\DOCUME~1\Camille\APPLIC~1\Google
[2006-12-06|13:24] C:\DOCUME~1\Camille\APPLIC~1\..
[2006-12-06|13:24] C:\DOCUME~1\Camille\APPLIC~1\.
[2006-08-10|21:33] C:\DOCUME~1\Camille\APPLIC~1\Sun
[2006-02-10|15:46] C:\DOCUME~1\Camille\APPLIC~1\Microsoft
[2006-01-15|17:45] C:\DOCUME~1\Camille\APPLIC~1\EPSON
[2005-06-29|20:30] C:\DOCUME~1\Camille\APPLIC~1\wklnhst.dat
[2004-02-28|17:59] C:\DOCUME~1\Camille\APPLIC~1\Macromedia
[2004-02-28|17:58] C:\DOCUME~1\Camille\APPLIC~1\Real
[2004-02-28|16:52] C:\DOCUME~1\Camille\APPLIC~1\AdobeUM
[2004-02-28|16:52] C:\DOCUME~1\Camille\APPLIC~1\Adobe
[2004-02-28|16:26] C:\DOCUME~1\Camille\APPLIC~1\Cyberlink
[2004-02-28|15:48] C:\DOCUME~1\Camille\APPLIC~1\Ahead
[2004-02-27|19:06] C:\DOCUME~1\Camille\APPLIC~1\Help
[2004-02-27|18:30] C:\DOCUME~1\Camille\APPLIC~1\Identities
[2004-02-27|18:26] C:\DOCUME~1\Camille\APPLIC~1\desktop.ini

[2004-02-28|20:13] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft
[2004-02-28|17:59] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Macromedia
[2004-02-28|17:58] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Real
[2004-02-28|16:52] C:\DOCUME~1\DEFAUL~1\APPLIC~1\AdobeUM
[2004-02-28|16:52] C:\DOCUME~1\DEFAUL~1\APPLIC~1\..
[2004-02-28|16:52] C:\DOCUME~1\DEFAUL~1\APPLIC~1\.
[2004-02-28|16:52] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Adobe
[2004-02-28|16:26] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Cyberlink
[2004-02-28|15:48] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Ahead
[2004-02-27|19:06] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Help
[2004-02-27|18:30] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Identities
[2004-02-27|18:26] C:\DOCUME~1\DEFAUL~1\APPLIC~1\desktop.ini

[2008-01-16|20:04] C:\DOCUME~1\FRANCO~1\APPLIC~1\..
[2008-01-16|20:04] C:\DOCUME~1\FRANCO~1\APPLIC~1\.
[2007-09-29|12:58] C:\DOCUME~1\FRANCO~1\APPLIC~1\VMNTOOLBAR
[2007-08-16|10:49] C:\DOCUME~1\FRANCO~1\APPLIC~1\Sun
[2007-08-16|09:42] C:\DOCUME~1\FRANCO~1\APPLIC~1\DassaultSystemes
[2007-03-09|15:36] C:\DOCUME~1\FRANCO~1\APPLIC~1\Musicmatch
[2007-02-19|21:41] C:\DOCUME~1\FRANCO~1\APPLIC~1\Microsoft
[2007-01-23|13:00] C:\DOCUME~1\FRANCO~1\APPLIC~1\wklnhst.dat
[2006-12-17|17:37] C:\DOCUME~1\FRANCO~1\APPLIC~1\Google
[2006-03-08|19:09] C:\DOCUME~1\FRANCO~1\APPLIC~1\Adobe
[2006-03-08|18:20] C:\DOCUME~1\FRANCO~1\APPLIC~1\Xfire
[2006-03-08|17:17] C:\DOCUME~1\FRANCO~1\APPLIC~1\AdobeUM
[2004-02-28|17:59] C:\DOCUME~1\FRANCO~1\APPLIC~1\Macromedia
[2004-02-28|17:58] C:\DOCUME~1\FRANCO~1\APPLIC~1\Real
[2004-02-28|16:26] C:\DOCUME~1\FRANCO~1\APPLIC~1\Cyberlink
[2004-02-28|15:48] C:\DOCUME~1\FRANCO~1\APPLIC~1\Ahead
[2004-02-27|19:06] C:\DOCUME~1\FRANCO~1\APPLIC~1\Help
[2004-02-27|18:30] C:\DOCUME~1\FRANCO~1\APPLIC~1\Identities
[2004-02-27|18:26] C:\DOCUME~1\FRANCO~1\APPLIC~1\desktop.ini

[2008-01-16|20:04] C:\DOCUME~1\Internet\APPLIC~1\..
[2008-01-16|20:04] C:\DOCUME~1\Internet\APPLIC~1\.
[2007-11-21|19:13] C:\DOCUME~1\Internet\APPLIC~1\Creative
[2007-10-18|16:53] C:\DOCUME~1\Internet\APPLIC~1\VMNTOOLBAR
[2007-10-17|18:39] C:\DOCUME~1\Internet\APPLIC~1\wklnhst.dat
[2007-08-09|11:19] C:\DOCUME~1\Internet\APPLIC~1\DivX
[2007-07-17|13:01] C:\DOCUME~1\Internet\APPLIC~1\Apple Computer
[2007-06-04|19:38] C:\DOCUME~1\Internet\APPLIC~1\GDIPFONTCACHEV1.DAT
[2007-04-10|08:25] C:\DOCUME~1\Internet\APPLIC~1\MSN6
[2006-06-29|09:05] C:\DOCUME~1\Internet\APPLIC~1\DassaultSystemes
[2006-05-19|17:17] C:\DOCUME~1\Internet\APPLIC~1\Azureus
[2006-04-10|13:40] C:\DOCUME~1\Internet\APPLIC~1\Sun
[2006-03-28|11:09] C:\DOCUME~1\Internet\APPLIC~1\vlc
[2006-03-09|18:47] C:\DOCUME~1\Internet\APPLIC~1\AdobeUM
[2006-03-01|11:39] C:\DOCUME~1\Internet\APPLIC~1\Google
[2006-02-28|15:59] C:\DOCUME~1\Internet\APPLIC~1\Xfire
[2006-02-03|12:54] C:\DOCUME~1\Internet\APPLIC~1\Microsoft
[2005-03-15|20:03] C:\DOCUME~1\Internet\APPLIC~1\Adobe
[2005-01-14|19:02] C:\DOCUME~1\Internet\APPLIC~1\EPSON
[2004-02-28|17:59] C:\DOCUME~1\Internet\APPLIC~1\Macromedia
[2004-02-28|17:58] C:\DOCUME~1\Internet\APPLIC~1\Real
[2004-02-28|16:26] C:\DOCUME~1\Internet\APPLIC~1\Cyberlink
[2004-02-28|15:48] C:\DOCUME~1\Internet\APPLIC~1\Ahead
[2004-02-27|19:06] C:\DOCUME~1\Internet\APPLIC~1\Help
[2004-02-27|18:30] C:\DOCUME~1\Internet\APPLIC~1\Identities
[2004-02-27|18:26] C:\DOCUME~1\Internet\APPLIC~1\desktop.ini

[2006-11-18|20:11] C:\DOCUME~1\LOCALS~1\APPLIC~1\Macromedia
[2006-04-04|10:52] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft
[2004-08-17|21:38] C:\DOCUME~1\LOCALS~1\APPLIC~1\X10 Commander
[2004-02-27|18:32] C:\DOCUME~1\LOCALS~1\APPLIC~1\..
[2004-02-27|18:32] C:\DOCUME~1\LOCALS~1\APPLIC~1\.

[2004-02-27|18:32] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft
[2004-02-27|18:32] C:\DOCUME~1\NETWOR~1\APPLIC~1\..
[2004-02-27|18:32] C:\DOCUME~1\NETWOR~1\APPLIC~1\.

[2004-08-09|20:49] C:\DOCUME~1\PROPRI~1\APPLIC~1\Real
[2004-04-05|14:21] C:\DOCUME~1\PROPRI~1\APPLIC~1\..
[2004-04-05|14:21] C:\DOCUME~1\PROPRI~1\APPLIC~1\.

[2008-01-16|21:37] C:\DOCUME~1\Simon\APPLIC~1\..
[2008-01-16|21:37] C:\DOCUME~1\Simon\APPLIC~1\.
[2008-01-13|13:24] C:\DOCUME~1\Simon\APPLIC~1\Megaupload
[2008-01-12|21:29] C:\DOCUME~1\Simon\APPLIC~1\Real
[2008-01-02|19:05] C:\DOCUME~1\Simon\APPLIC~1\SolidWorks
[2008-01-01|16:52] C:\DOCUME~1\Simon\APPLIC~1\Autodesk
[2007-12-28|16:18] C:\DOCUME~1\Simon\APPLIC~1\SecondLife
[2007-12-28|16:05] C:\DOCUME~1\Simon\APPLIC~1\Mozilla
[2007-10-17|23:05] C:\DOCUME~1\Simon\APPLIC~1\wklnhst.dat
[2007-10-16|20:27] C:\DOCUME~1\Simon\APPLIC~1\vmntoolbar
[2007-08-22|22:52] C:\DOCUME~1\Simon\APPLIC~1\Xfire
[2007-07-14|22:10] C:\DOCUME~1\Simon\APPLIC~1\Mp3tag
[2007-06-15|21:05] C:\DOCUME~1\Simon\APPLIC~1\Creative
[2007-06-07|12:35] C:\DOCUME~1\Simon\APPLIC~1\Settings.cfg
[2007-06-07|12:35] C:\DOCUME~1\Simon\APPLIC~1\Par d‚faut.cls
[2007-06-07|12:35] C:\DOCUME~1\Simon\APPLIC~1\Connexion FTP.ftp
[2007-06-07|12:32] C:\DOCUME~1\Simon\APPLIC~1\Dynamique
[2007-06-07|12:32] C:\DOCUME~1\Simon\APPLIC~1\Sites pr‚d‚finis
[2007-05-31|18:57] C:\DOCUME~1\Simon\APPLIC~1\Vso
[2007-05-27|16:35] C:\DOCUME~1\Simon\APPLIC~1\Apple Computer
[2007-04-12|20:16] C:\DOCUME~1\Simon\APPLIC~1\Leadertech
[2007-04-11|13:52] C:\DOCUME~1\Simon\APPLIC~1\Hamachi
[2007-03-29|17:27] C:\DOCUME~1\Simon\APPLIC~1\pcouffin.log
[2007-03-29|17:27] C:\DOCUME~1\Simon\APPLIC~1\ezpinst.exe
[2007-03-29|17:27] C:\DOCUME~1\Simon\APPLIC~1\pcouffin.cat
[2007-03-29|17:27] C:\DOCUME~1\Simon\APPLIC~1\pcouffin.sys
[2007-03-29|17:27] C:\DOCUME~1\Simon\APPLIC~1\pcouffin.inf
[2007-03-24|15:25] C:\DOCUME~1\Simon\APPLIC~1\STOIK
[2007-03-21|16:39] C:\DOCUME~1\Simon\APPLIC~1\Screenshot Sender
[2007-02-22|16:31] C:\DOCUME~1\Simon\APPLIC~1\RapidGet
[2007-01-05|23:17] C:\DOCUME~1\Simon\APPLIC~1\GDIPFONTCACHEV1.DAT
[2006-12-27|18:12] C:\DOCUME~1\Simon\APPLIC~1\DivX
[2006-12-13|15:09] C:\DOCUME~1\Simon\APPLIC~1\InstallShield Installation Information
[2006-11-29|16:39] C:\DOCUME~1\Simon\APPLIC~1\Microsoft
[2006-11-22|16:46] C:\DOCUME~1\Simon\APPLIC~1\SolidWorksNewsReader
[2006-11-22|16:36] C:\DOCUME~1\Simon\APPLIC~1\DWGeditor
[2006-09-14|20:08] C:\DOCUME~1\Simon\APPLIC~1\dvdcss
[2006-08-17|15:22] C:\DOCUME~1\Simon\APPLIC~1\teamspeak2
[2006-08-08|15:02] C:\DOCUME~1\Simon\APPLIC~1\AdobeUM
[2006-07-27|10:51] C:\DOCUME~1\Simon\APPLIC~1\FlashFXP
[2006-06-22|10:37] C:\DOCUME~1\Simon\APPLIC~1\Azureus
[2006-06-16|21:11] C:\DOCUME~1\Simon\APPLIC~1\InterTrust
[2006-06-08|09:56] C:\DOCUME~1\Simon\APPLIC~1\Thumbs.db
[2006-06-05|13:58] C:\DOCUME~1\Simon\APPLIC~1\Adobe
[2006-04-06|17:44] C:\DOCUME~1\Simon\APPLIC~1\Sun
[2006-04-01|18:23] C:\DOCUME~1\Simon\APPLIC~1\DassaultSystemes
[2006-03-11|14:59] C:\DOCUME~1\Simon\APPLIC~1\vlc
[2005-12-31|18:19] C:\DOCUME~1\Simon\APPLIC~1\Google
[2005-07-27|15:15] C:\DOCUME~1\Simon\APPLIC~1\FTP Expert Stockage.ftp
[2005-07-01|21:29] C:\DOCUME~1\Simon\APPLIC~1\Ulead Systems
[2005-06-16|18:31] C:\DOCUME~1\Simon\APPLIC~1\CDRusersDB.v12
[2005-05-18|18:06] C:\DOCUME~1\Simon\APPLIC~1\iScreensaver
[2005-02-02|15:24] C:\DOCUME~1\Simon\APPLIC~1\EPSON
[2004-02-28|17:59] C:\DOCUME~1\Simon\APPLIC~1\Macromedia
[2004-02-28|16:26] C:\DOCUME~1\Simon\APPLIC~1\Cyberlink
[2004-02-28|15:48] C:\DOCUME~1\Simon\APPLIC~1\Ahead
[2004-02-27|19:06] C:\DOCUME~1\Simon\APPLIC~1\Help
[2004-02-27|18:30] C:\DOCUME~1\Simon\APPLIC~1\Identities
[2004-02-27|18:26] C:\DOCUME~1\Simon\APPLIC~1\desktop.ini

----------------[ Tâches planifiées dans C:\WINDOWS\tasks ]---------------

[2008-01-16 15:03][--ah-----] C:\WINDOWS\tasks\ACF67F619185F18D.job
[2006-05-25 19:15][--a------] C:\WINDOWS\tasks\sauve.job
[2002-08-30 13:00][-r-h-----] C:\WINDOWS\tasks\desktop.ini
[2006-05-26 11:42][--ah-----] C:\WINDOWS\tasks\SA.DAT

---------------[ Listing des dossiers dans C:\Program Files ]--------------

[2008-01-16|22:05] C:\Program Files\Lop SD
[2008-01-16|22:05] C:\Program Files\..
[2008-01-16|22:05] C:\Program Files\.
[2008-01-16|21:59] C:\Program Files\Adobe
[2008-01-16|21:55] C:\Program Files\Bonjour
[2008-01-16|21:39] C:\Program Files\Fichiers communs
[2008-01-13|13:17] C:\Program Files\InstallShield Installation Information
[2008-01-12|22:25] C:\Program Files\Messenger Plus! Live
[2008-01-12|22:25] C:\Program Files\Windows Live
[2008-01-12|22:25] C:\Program Files\MSN Messenger
[2008-01-12|21:43] C:\Program Files\Sonic Foundry ACID Music
[2008-01-12|21:35] C:\Program Files\Jeux
[2008-01-11|23:02] C:\Program Files\SUPER
[2008-01-11|21:23] C:\Program Files\Pando
[2008-01-07|21:36] C:\Program Files\Microsoft Works
[2008-01-04|22:41] C:\Program Files\Steam
[2008-01-01|16:55] C:\Program Files\AutoCAD 2008
[2008-01-01|16:50] C:\Program Files\Autodesk
[2007-12-29|16:38] C:\Program Files\NCH Software
[2007-12-19|20:07] C:\Program Files\Java
[2007-12-12|23:22] C:\Program Files\Internet Explorer
[2007-12-05|17:36] C:\Program Files\PDF PDF2Image v2.1
[2007-11-28|20:28] C:\Program Files\Picasa2
[2007-10-18|18:23] C:\Program Files\PestPatrol
[2007-10-18|18:11] C:\Program Files\RegCleaner
[2007-10-18|18:02] C:\Program Files\vmntoolbar
[2007-10-18|17:58] C:\Program Files\Google
[2007-10-18|17:56] C:\Program Files\LucasArts
[2007-08-23|10:45] C:\Program Files\Xfire
[2007-08-17|21:24] C:\Program Files\AV VCS 3.0
[2007-08-16|08:57] C:\Program Files\Metin2_France
[2007-08-15|21:36] C:\Program Files\PC Inspector File Recovery
[2007-08-13|12:00] C:\Program Files\Microsoft Games
[2007-07-17|22:27] C:\Program Files\Windows Media Player
[2007-07-17|22:13] C:\Program Files\Windows Media Connect 2
[2007-07-16|18:20] C:\Program Files\Alcohol Soft
[2007-07-14|21:59] C:\Program Files\Mp3tag
[2007-06-15|19:01] C:\Program Files\Creative
[2007-06-15|18:59] C:\Program Files\Creative ZEN Vision M Series
[2007-06-15|16:55] C:\Program Files\Creative Installation Information
[2007-06-14|09:54] C:\Program Files\Outlook Express
[2007-05-27|16:34] C:\Program Files\QuickTime
[2007-05-16|16:28] C:\Program Files\Activision
[2007-05-08|11:07] C:\Program Files\CA
[2007-04-12|19:58] C:\Program Files\Atari
[2007-03-31|18:38] C:\Program Files\SolidWorks
[2007-03-29|17:36] C:\Program Files\DVDFab Gold
[2007-03-25|17:47] C:\Program Files\DVD Shrink
[2007-03-25|13:49] C:\Program Files\Star Downloader
[2007-03-17|20:32] C:\Program Files\WinRAR
[2007-02-25|15:50] C:\Program Files\Ulead Systems
[2007-02-22|18:57] C:\Program Files\Winamp
[2007-02-22|18:57] C:\Program Files\Wanadoo
[2007-02-22|18:57] C:\Program Files\Sunbelt Software
[2007-02-22|18:57] C:\Program Files\Movie Maker
[2007-02-22|18:57] C:\Program Files\Morpheus Software
[2007-02-22|18:57] C:\Program Files\Microsoft Picture It! 9
[2007-02-22|18:57] C:\Program Files\Microsoft Encarta
[2007-02-22|18:57] C:\Program Files\pspvideo9
[2007-02-22|18:57] C:\Program Files\NCH Swift Sound
[2007-02-22|18:57] C:\Program Files\Messenger
[2007-02-22|18:57] C:\Program Files\DivX
[2007-01-22|21:43] C:\Program Files\IVT Corporation
[2006-11-22|16:42] C:\Program Files\Windows Desktop Search
[2006-11-22|16:36] C:\Program Files\DWGeditor
[2006-11-22|16:35] C:\Program Files\SolidWorks Installation Manager
[2006-10-25|13:36] C:\Program Files\AviSynth 2.5
[2006-10-14|08:28] C:\Program Files\ashampoo
[2006-09-21|18:39] C:\Program Files\NetMeeting
[2006-09-21|18:39] C:\Program Files\Windows NT
[2006-09-20|20:37] C:\Program Files\Intelore
[2006-08-29|16:21] C:\Program Files\DV 3500
[2006-07-25|22:43] C:\Program Files\Magicbit
[2006-06-28|20:26] C:\Program Files\INFORAD
[2006-06-28|20:26] C:\Program Files\INFORAD_DRIVERS
[2006-06-16|21:13] C:\Program Files\Hewlett-Packard
[2006-06-06|21:16] C:\Program Files\Gadwin Systems
[2006-06-06|11:49] C:\Program Files\Program Files
[2006-06-04|21:44] C:\Program Files\SprayR
[2006-05-08|14:10] C:\Program Files\neodivx2006
[2006-04-12|19:51] C:\Program Files\Teamspeak2_RC2
[2006-04-01|18:27] C:\Program Files\Microsoft Office
[2006-04-01|18:27] C:\Program Files\Dassault Systemes
[2006-03-11|14:57] C:\Program Files\VideoLAN
[2006-03-02|15:55] C:\Program Files\EA GAMES
[2006-02-26|16:07] C:\Program Files\DiMAGE Viewer
[2006-02-10|16:10] C:\Program Files\Midas Interactive
[2006-02-08|23:03] C:\Program Files\AquaScape 3D
[2006-01-25|17:19] C:\Program Files\D-Tools
[2006-01-15|18:07] C:\Program Files\EPSON
[2005-07-01|21:23] C:\Program Files\CyberLink
[2005-02-18|21:24] C:\Program Files\Home Cinema
[2004-12-09|18:09] C:\Program Files\Microsoft FrontPage Express
[2004-12-01|19:08] C:\Program Files\MSN Apps
[2004-08-28|19:29] C:\Program Files\WindowsUpdate
[2004-08-24|22:07] C:\Program Files\Spybot - Search & Destroy
[2004-08-20|12:35] C:\Program Files\Microsoft Office97
[2004-06-03|19:23] C:\Program Files\Alwil Software
[2004-05-04|20:58] C:\Program Files\Storm
[2004-04-18|13:38] C:\Program Files\JavaSoft
[2004-04-07|08:23] C:\Program Files\PowerArchiver
[2004-03-27|13:50] C:\Program Files\InterActual
[2004-02-28|17:49] C:\Program Files\Viewpoint
[2004-02-28|17:49] C:\Program Files\Nullsoft
[2004-02-28|17:49] C:\Program Files\Real
[2004-02-28|16:18] C:\Program Files\MUSICMATCH
[2004-02-28|16:16] C:\Program Files\Common Files
[2004-02-28|15:40] C:\Program Files\Medion Tools
[2004-02-28|15:25] C:\Program Files\OfficeUpdate11
[2004-02-28|15:05] C:\Program Files\Winbond Electronics Corp
[2004-02-28|14:51] C:\Program Files\Microsoft Money
[2004-02-28|14:47] C:\Program Files\Microsoft Visual Studio
[2004-02-28|14:38] C:\Program Files\Microsoft Works Suite 2004
[2004-02-28|14:35] C:\Program Files\Ahead
[2004-02-28|14:16] C:\Program Files\HighMAT CD Writing Wizard
[2004-02-28|14:11] C:\Program Files\Uninstall Information
[2004-02-27|19:13] C:\Program Files\USB Wireless Keyboard Driver
[2004-02-27|19:11] C:\Program Files\C-Media 3D Audio
[2004-02-27|19:03] C:\Program Files\ATI Technologies
[2004-02-27|18:45] C:\Program Files\Intel
[2004-02-27|18:35] C:\Program Files\Windows Journal Viewer
[2004-02-27|18:30] C:\Program Files\xerox
[2004-02-27|18:30] C:\Program Files\microsoft frontpage
[2004-02-27|18:28] C:\Program Files\MSN
[2004-02-27|18:28] C:\Program Files\MSN Gaming Zone

------[ Listing des dossiers dans C:\Program Files\Fichiers communs ]------

[2008-01-16|21:55] C:\Program Files\Fichiers communs\Adobe
[2008-01-16|21:39] C:\Program Files\Fichiers communs\..
[2008-01-16|21:39] C:\Program Files\Fichiers communs\Macrovision Shared
[2008-01-16|21:39] C:\Program Files\Fichiers communs\.
[2008-01-12|21:29] C:\Program Files\Fichiers communs\Real
[2008-01-01|16:55] C:\Program Files\Fichiers communs\Autodesk Shared
[2008-01-01|16:49] C:\Program Files\Fichiers communs\Designer
[2007-10-18|17:48] C:\Program Files\Fichiers communs\eDrawings2007
[2007-08-02|20:11] C:\Program Files\Fichiers communs\EPSON
[2007-06-14|09:54] C:\Program Files\Fichiers communs\System
[2006-11-22|16:37] C:\Program Files\Fichiers communs\SolidWorks Shared
[2006-11-22|16:25] C:\Program Files\Fichiers communs\Solidworks Data
[2006-06-28|14:08] C:\Program Files\Fichiers communs\Microsoft Shared
[2006-06-04|12:23] C:\Program Files\Fichiers communs\Adobe Systems Shared
[2006-04-06|17:41] C:\Program Files\Fichiers communs\Java
[2005-01-14|18:56] C:\Program Files\Fichiers communs\Python
[2004-09-06|18:10] C:\Program Files\Fichiers communs\DirectX
[2004-02-28|17:49] C:\Program Files\Fichiers communs\AOL
[2004-02-28|15:05] C:\Program Files\Fichiers communs\Borland Shared
[2004-02-28|15:01] C:\Program Files\Fichiers communs\InstallShield
[2004-02-28|14:34] C:\Program Files\Fichiers communs\Ahead
[2004-02-27|18:28] C:\Program Files\Fichiers communs\Services
[2004-02-27|18:28] C:\Program Files\Fichiers communs\MSSoap
[2004-02-27|18:26] C:\Program Files\Fichiers communs\ODBC
[2004-02-27|18:26] C:\Program Files\Fichiers communs\SpeechEngines

----------------------[ Recherche avec S_Lop ]---------------------

Aucun fichier / dossier Lop trouvé !

-----------------[ Recherche de Fichiers / Dossiers Lop ]-----------------

C:\WINDOWS\Tasks\ACF67F619185F18D.job

----------------------[ Verification du Registre ]----------------------

..... OK !

--------------------[ Verification du fichier Hosts ]---------------------

Fichier Hosts MODIFIE

127.0.0.1 localhost
127.0.0.1 bin.errorprotector.com ## added by CiD
127.0.0.1 br.errorsafe.com ## added by CiD
127.0.0.1 br.winantivirus.com ## added by CiD
127.0.0.1 br.winfixer.com ## added by CiD
127.0.0.1 cdn.drivecleaner.com ## added by CiD
127.0.0.1 cdn.errorsafe.com ## added by CiD
127.0.0.1 cdn.winsoftware.com ## added by CiD
127.0.0.1 de.errorsafe.com ## added by CiD
127.0.0.1 de.winantivirus.com ## added by CiD
127.0.0.1 download.cdn.drivecleaner.com ## added by CiD
127.0.0.1 download.cdn.errorsafe.com ## added by CiD
127.0.0.1 download.cdn.winsoftware.com ## added by CiD
127.0.0.1 download.errorsafe.com ## added by CiD
127.0.0.1 download.systemdoctor.com ## added by CiD
127.0.0.1 download.winantispyware.com ## added by CiD
127.0.0.1 download.windrivecleaner.com ## added by CiD
127.0.0.1 download.winfixer.com ## added by CiD
127.0.0.1 drivecleaner.com ## added by CiD
127.0.0.1 dynamique.drivecleaner.com ## added by CiD
127.0.0.1 errorprotector.com ## added by CiD
127.0.0.1 errorsafe.com ## added by CiD
127.0.0.1 es.winantivirus.com ## added by CiD
127.0.0.1 fr.winantivirus.com ## added by CiD
127.0.0.1 fr.winfixer.com ## added by CiD
127.0.0.1 go.drivecleaner.com ## added by CiD
127.0.0.1 go.errorsafe.com ## added by CiD
127.0.0.1 go.winantispyware.com ## added by CiD
127.0.0.1 go.winantivirus.com ## added by CiD
127.0.0.1 hk.winantivirus.com ## added by CiD
127.0.0.1 instlog.errorsafe.com ## added by CiD
127.0.0.1 instlog.winantivirus.com ## added by CiD
127.0.0.1 instlog.winfixer.com ## added by CiD
127.0.0.1 jsp.drivecleaner.com ## added by CiD
127.0.0.1 kb.errorsafe.com ## added by CiD
127.0.0.1 kb.winantivirus.com ## added by CiD
127.0.0.1 nl.errorsafe.com ## added by CiD
127.0.0.1 se.errorsafe.com ## added by CiD
127.0.0.1 secure.drivecleaner.com ## added by CiD
127.0.0.1 secure.errorsafe.com ## added by CiD
127.0.0.1 secure.winantispam.com ## added by CiD
127.0.0.1 secure.winantispy.com ## added by CiD
127.0.0.1 secure.winantivirus.com ## added by CiD
127.0.0.1 support.winantivirus.com ## added by CiD
127.0.0.1 trial.updates.winsoftware.com ## added by CiD
127.0.0.1 ulog.winantivirus.com ## added by CiD
127.0.0.1 utils.errorsafe.com ## added by CiD
127.0.0.1 utils.winantivirus.com ## added by CiD
127.0.0.1 utils.winfixer.com ## added by CiD
127.0.0.1 winantispyware.com ## added by CiD
127.0.0.1 winantivirus.com ## added by CiD
127.0.0.1 winfixer.com ## added by CiD
127.0.0.1 winfixer2006.com ## added by CiD
127.0.0.1 winsoftware.com ## added by CiD
127.0.0.1 www.drivecleaner.com ## added by CiD
127.0.0.1 www.errorprotector.com ## added by CiD
127.0.0.1 www.errorsafe.com ## added by CiD
127.0.0.1 www.systemdoctor.com ## added by CiD
127.0.0.1 www.utils.winfixer.com ## added by CiD
127.0.0.1 www.win-anti-virus-pro.com ## added by CiD
127.0.0.1 www.win-virus-pro.com ## added by CiD
127.0.0.1 www.winantispam.com ## added by CiD
127.0.0.1 www.winantispy.com ## added by CiD
127.0.0.1 www.winantispyware.com ## added by CiD
127.0.0.1 www.winantivirus.com ## added by CiD
127.0.0.1 www.winantiviruspro.com ## added by CiD
127.0.0.1 www.windrivecleaner.com ## added by CiD
127.0.0.1 www.windrivesafe.com ## added by CiD
127.0.0.1 www.winfixer.com ## added by CiD
127.0.0.1 www.winfixer2006.com ## added by CiD
127.0.0.1 www.winsoftware.com ## added by CiD

----------------[ Recherche de fichiers avec Catchme ]-----------------

catchme 0.3.1262 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-01-16 22:12:10
Windows 5.1.2600 Service Pack 2 NTFS
scanning hidden files ...
scan completed successfully
hidden files: 0

--------------------[ Recherche d'autres infections ]---------------------

Aucune autre infection trouvée !

/!\ [Fich:37][Doss:4] C:\DOCUME~1\Simon\LOCALS~1\Temp
/!\ [Fich:747][Doss:12] C:\DOCUME~1\Simon\LOCALS~1\TEMPOR~1\content.IE5

--------------------[ Fin du rapport a 22:12:34.64 ]----------------------
16 Janvier 2008 22:34:45

Re ,

Relance Lop S&D

Choisis cette fois ci l'Option 2 ( Suppression )
Ne ferme pas la fenêtre lors de la suppression !
Poste le rapport généré ( C:\lopR.txt )

( Si le Bureau ne réapparît pas presse Ctrl + Alt + Suppr , Onglet Fichier , Nouvelle tâche , tape explorer.exe et valide )
17 Janvier 2008 20:41:52


-----------------------------[ Lop S&D 2.0.5 ]---------------------------

[ Microsoft Windows XP [version 5.1.2600] [ OS : Windows_NT ]

[ USER: Simon ] [ "C:\Program Files\Lop SD" ]

[ 2008-01-17 | 20:23:14.50 ] [ CARRE1 ]

\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\ SUPPRESSION /////////////////////////////

Supprimé! - C:\WINDOWS\Tasks\ACF67F619185F18D.job
Restauré! - Fichier Hosts

//////////////////////////////////////-\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\


-------------[ Listing des dossiers dans Application Data ]------------

[2007-10-18|18:04] C:\DOCUME~1\Admin\APPLIC~1\..
[2007-10-18|18:04] C:\DOCUME~1\Admin\APPLIC~1\.
[2007-10-18|18:04] C:\DOCUME~1\Admin\APPLIC~1\Microsoft
[2004-02-28|17:59] C:\DOCUME~1\Admin\APPLIC~1\Macromedia
[2004-02-28|17:58] C:\DOCUME~1\Admin\APPLIC~1\Real
[2004-02-28|16:52] C:\DOCUME~1\Admin\APPLIC~1\AdobeUM
[2004-02-28|16:52] C:\DOCUME~1\Admin\APPLIC~1\Adobe
[2004-02-28|16:26] C:\DOCUME~1\Admin\APPLIC~1\Cyberlink
[2004-02-28|15:48] C:\DOCUME~1\Admin\APPLIC~1\Ahead
[2004-02-27|19:06] C:\DOCUME~1\Admin\APPLIC~1\Help
[2004-02-27|18:30] C:\DOCUME~1\Admin\APPLIC~1\Identities
[2004-02-27|18:26] C:\DOCUME~1\Admin\APPLIC~1\desktop.ini

[2008-01-16|21:56] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe
[2008-01-16|20:49] C:\DOCUME~1\ALLUSE~1\APPLIC~1\QTSBandwidthCache
[2008-01-16|20:05] C:\DOCUME~1\ALLUSE~1\APPLIC~1\..
[2008-01-16|20:05] C:\DOCUME~1\ALLUSE~1\APPLIC~1\.
[2008-01-12|22:46] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Messenger Plus!
[2008-01-01|17:10] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Autodesk
[2007-10-27|19:53] C:\DOCUME~1\ALLUSE~1\APPLIC~1\DVD Shrink
[2007-10-18|17:50] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Google
[2007-10-18|17:44] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft
[2007-08-16|09:42] C:\DOCUME~1\ALLUSE~1\APPLIC~1\DassaultSystemes
[2007-05-27|16:35] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple Computer
[2007-02-25|15:50] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Ulead Systems
[2007-01-22|21:52] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Bluetooth
[2006-09-21|19:22] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Genuine Advantage
[2006-08-11|22:43] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Ubisoft
[2006-06-04|13:48] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe Systems
[2006-03-18|10:21] C:\DOCUME~1\ALLUSE~1\APPLIC~1\MSN6
[2006-02-26|16:09] C:\DOCUME~1\ALLUSE~1\APPLIC~1\QuickTime
[2005-12-31|21:50] C:\DOCUME~1\ALLUSE~1\APPLIC~1\NFS Underground
[2005-02-18|21:23] C:\DOCUME~1\ALLUSE~1\APPLIC~1\CyberLink
[2004-08-24|22:19] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Spybot - Search & Destroy
[2004-02-28|15:01] C:\DOCUME~1\ALLUSE~1\APPLIC~1\muvee Technologies
[2004-02-28|14:34] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Ahead
[2004-02-27|18:33] C:\DOCUME~1\ALLUSE~1\APPLIC~1\SBSI
[2004-02-27|18:26] C:\DOCUME~1\ALLUSE~1\APPLIC~1\desktop.ini


[2007-10-16|11:48] C:\DOCUME~1\Camille\APPLIC~1\VMNTOOLBAR
[2006-12-06|13:25] C:\DOCUME~1\Camille\APPLIC~1\Google
[2006-12-06|13:24] C:\DOCUME~1\Camille\APPLIC~1\..
[2006-12-06|13:24] C:\DOCUME~1\Camille\APPLIC~1\.
[2006-08-10|21:33] C:\DOCUME~1\Camille\APPLIC~1\Sun
[2006-02-10|15:46] C:\DOCUME~1\Camille\APPLIC~1\Microsoft
[2006-01-15|17:45] C:\DOCUME~1\Camille\APPLIC~1\EPSON
[2005-06-29|20:30] C:\DOCUME~1\Camille\APPLIC~1\wklnhst.dat
[2004-02-28|17:59] C:\DOCUME~1\Camille\APPLIC~1\Macromedia
[2004-02-28|17:58] C:\DOCUME~1\Camille\APPLIC~1\Real
[2004-02-28|16:52] C:\DOCUME~1\Camille\APPLIC~1\AdobeUM
[2004-02-28|16:52] C:\DOCUME~1\Camille\APPLIC~1\Adobe
[2004-02-28|16:26] C:\DOCUME~1\Camille\APPLIC~1\Cyberlink
[2004-02-28|15:48] C:\DOCUME~1\Camille\APPLIC~1\Ahead
[2004-02-27|19:06] C:\DOCUME~1\Camille\APPLIC~1\Help
[2004-02-27|18:30] C:\DOCUME~1\Camille\APPLIC~1\Identities
[2004-02-27|18:26] C:\DOCUME~1\Camille\APPLIC~1\desktop.ini

[2004-02-28|20:13] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft
[2004-02-28|17:59] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Macromedia
[2004-02-28|17:58] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Real
[2004-02-28|16:52] C:\DOCUME~1\DEFAUL~1\APPLIC~1\AdobeUM
[2004-02-28|16:52] C:\DOCUME~1\DEFAUL~1\APPLIC~1\..
[2004-02-28|16:52] C:\DOCUME~1\DEFAUL~1\APPLIC~1\.
[2004-02-28|16:52] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Adobe
[2004-02-28|16:26] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Cyberlink
[2004-02-28|15:48] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Ahead
[2004-02-27|19:06] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Help
[2004-02-27|18:30] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Identities
[2004-02-27|18:26] C:\DOCUME~1\DEFAUL~1\APPLIC~1\desktop.ini

[2008-01-16|20:04] C:\DOCUME~1\FRANCO~1\APPLIC~1\..
[2008-01-16|20:04] C:\DOCUME~1\FRANCO~1\APPLIC~1\.
[2007-09-29|12:58] C:\DOCUME~1\FRANCO~1\APPLIC~1\VMNTOOLBAR
[2007-08-16|10:49] C:\DOCUME~1\FRANCO~1\APPLIC~1\Sun
[2007-08-16|09:42] C:\DOCUME~1\FRANCO~1\APPLIC~1\DassaultSystemes
[2007-03-09|15:36] C:\DOCUME~1\FRANCO~1\APPLIC~1\Musicmatch
[2007-02-19|21:41] C:\DOCUME~1\FRANCO~1\APPLIC~1\Microsoft
[2007-01-23|13:00] C:\DOCUME~1\FRANCO~1\APPLIC~1\wklnhst.dat
[2006-12-17|17:37] C:\DOCUME~1\FRANCO~1\APPLIC~1\Google
[2006-03-08|19:09] C:\DOCUME~1\FRANCO~1\APPLIC~1\Adobe
[2006-03-08|18:20] C:\DOCUME~1\FRANCO~1\APPLIC~1\Xfire
[2006-03-08|17:17] C:\DOCUME~1\FRANCO~1\APPLIC~1\AdobeUM
[2004-02-28|17:59] C:\DOCUME~1\FRANCO~1\APPLIC~1\Macromedia
[2004-02-28|17:58] C:\DOCUME~1\FRANCO~1\APPLIC~1\Real
[2004-02-28|16:26] C:\DOCUME~1\FRANCO~1\APPLIC~1\Cyberlink
[2004-02-28|15:48] C:\DOCUME~1\FRANCO~1\APPLIC~1\Ahead
[2004-02-27|19:06] C:\DOCUME~1\FRANCO~1\APPLIC~1\Help
[2004-02-27|18:30] C:\DOCUME~1\FRANCO~1\APPLIC~1\Identities
[2004-02-27|18:26] C:\DOCUME~1\FRANCO~1\APPLIC~1\desktop.ini

[2008-01-16|20:04] C:\DOCUME~1\Internet\APPLIC~1\..
[2008-01-16|20:04] C:\DOCUME~1\Internet\APPLIC~1\.
[2007-11-21|19:13] C:\DOCUME~1\Internet\APPLIC~1\Creative
[2007-10-18|16:53] C:\DOCUME~1\Internet\APPLIC~1\VMNTOOLBAR
[2007-10-17|18:39] C:\DOCUME~1\Internet\APPLIC~1\wklnhst.dat
[2007-08-09|11:19] C:\DOCUME~1\Internet\APPLIC~1\DivX
[2007-07-17|13:01] C:\DOCUME~1\Internet\APPLIC~1\Apple Computer
[2007-06-04|19:38] C:\DOCUME~1\Internet\APPLIC~1\GDIPFONTCACHEV1.DAT
[2007-04-10|08:25] C:\DOCUME~1\Internet\APPLIC~1\MSN6
[2006-06-29|09:05] C:\DOCUME~1\Internet\APPLIC~1\DassaultSystemes
[2006-05-19|17:17] C:\DOCUME~1\Internet\APPLIC~1\Azureus
[2006-04-10|13:40] C:\DOCUME~1\Internet\APPLIC~1\Sun
[2006-03-28|11:09] C:\DOCUME~1\Internet\APPLIC~1\vlc
[2006-03-09|18:47] C:\DOCUME~1\Internet\APPLIC~1\AdobeUM
[2006-03-01|11:39] C:\DOCUME~1\Internet\APPLIC~1\Google
[2006-02-28|15:59] C:\DOCUME~1\Internet\APPLIC~1\Xfire
[2006-02-03|12:54] C:\DOCUME~1\Internet\APPLIC~1\Microsoft
[2005-03-15|20:03] C:\DOCUME~1\Internet\APPLIC~1\Adobe
[2005-01-14|19:02] C:\DOCUME~1\Internet\APPLIC~1\EPSON
[2004-02-28|17:59] C:\DOCUME~1\Internet\APPLIC~1\Macromedia
[2004-02-28|17:58] C:\DOCUME~1\Internet\APPLIC~1\Real
[2004-02-28|16:26] C:\DOCUME~1\Internet\APPLIC~1\Cyberlink
[2004-02-28|15:48] C:\DOCUME~1\Internet\APPLIC~1\Ahead
[2004-02-27|19:06] C:\DOCUME~1\Internet\APPLIC~1\Help
[2004-02-27|18:30] C:\DOCUME~1\Internet\APPLIC~1\Identities
[2004-02-27|18:26] C:\DOCUME~1\Internet\APPLIC~1\desktop.ini

[2006-11-18|20:11] C:\DOCUME~1\LOCALS~1\APPLIC~1\Macromedia
[2006-04-04|10:52] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft
[2004-08-17|21:38] C:\DOCUME~1\LOCALS~1\APPLIC~1\X10 Commander
[2004-02-27|18:32] C:\DOCUME~1\LOCALS~1\APPLIC~1\..
[2004-02-27|18:32] C:\DOCUME~1\LOCALS~1\APPLIC~1\.

[2004-02-27|18:32] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft
[2004-02-27|18:32] C:\DOCUME~1\NETWOR~1\APPLIC~1\..
[2004-02-27|18:32] C:\DOCUME~1\NETWOR~1\APPLIC~1\.

[2004-08-09|20:49] C:\DOCUME~1\PROPRI~1\APPLIC~1\Real
[2004-04-05|14:21] C:\DOCUME~1\PROPRI~1\APPLIC~1\..
[2004-04-05|14:21] C:\DOCUME~1\PROPRI~1\APPLIC~1\.

[2008-01-16|21:58] C:\DOCUME~1\Simon\APPLIC~1\Adobe
[2008-01-16|21:37] C:\DOCUME~1\Simon\APPLIC~1\..
[2008-01-16|21:37] C:\DOCUME~1\Simon\APPLIC~1\.
[2008-01-13|13:24] C:\DOCUME~1\Simon\APPLIC~1\Megaupload
[2008-01-12|21:29] C:\DOCUME~1\Simon\APPLIC~1\Real
[2008-01-02|19:05] C:\DOCUME~1\Simon\APPLIC~1\SolidWorks
[2008-01-01|16:52] C:\DOCUME~1\Simon\APPLIC~1\Autodesk
[2007-12-28|16:18] C:\DOCUME~1\Simon\APPLIC~1\SecondLife
[2007-12-28|16:05] C:\DOCUME~1\Simon\APPLIC~1\Mozilla
[2007-10-17|23:05] C:\DOCUME~1\Simon\APPLIC~1\wklnhst.dat
[2007-10-16|20:27] C:\DOCUME~1\Simon\APPLIC~1\vmntoolbar
[2007-08-22|22:52] C:\DOCUME~1\Simon\APPLIC~1\Xfire
[2007-07-14|22:10] C:\DOCUME~1\Simon\APPLIC~1\Mp3tag
[2007-06-15|21:05] C:\DOCUME~1\Simon\APPLIC~1\Creative
[2007-06-07|12:35] C:\DOCUME~1\Simon\APPLIC~1\Settings.cfg
[2007-06-07|12:35] C:\DOCUME~1\Simon\APPLIC~1\Par d‚faut.cls
[2007-06-07|12:35] C:\DOCUME~1\Simon\APPLIC~1\Connexion FTP.ftp
[2007-06-07|12:32] C:\DOCUME~1\Simon\APPLIC~1\Dynamique
[2007-06-07|12:32] C:\DOCUME~1\Simon\APPLIC~1\Sites pr‚d‚finis
[2007-05-31|18:57] C:\DOCUME~1\Simon\APPLIC~1\Vso
[2007-05-27|16:35] C:\DOCUME~1\Simon\APPLIC~1\Apple Computer
[2007-04-12|20:16] C:\DOCUME~1\Simon\APPLIC~1\Leadertech
[2007-04-11|13:52] C:\DOCUME~1\Simon\APPLIC~1\Hamachi
[2007-03-29|17:27] C:\DOCUME~1\Simon\APPLIC~1\pcouffin.log
[2007-03-29|17:27] C:\DOCUME~1\Simon\APPLIC~1\ezpinst.exe
[2007-03-29|17:27] C:\DOCUME~1\Simon\APPLIC~1\pcouffin.cat
[2007-03-29|17:27] C:\DOCUME~1\Simon\APPLIC~1\pcouffin.sys
[2007-03-29|17:27] C:\DOCUME~1\Simon\APPLIC~1\pcouffin.inf
[2007-03-24|15:25] C:\DOCUME~1\Simon\APPLIC~1\STOIK
[2007-03-21|16:39] C:\DOCUME~1\Simon\APPLIC~1\Screenshot Sender
[2007-02-22|16:31] C:\DOCUME~1\Simon\APPLIC~1\RapidGet
[2007-01-05|23:17] C:\DOCUME~1\Simon\APPLIC~1\GDIPFONTCACHEV1.DAT
[2006-12-27|18:12] C:\DOCUME~1\Simon\APPLIC~1\DivX
[2006-12-13|15:09] C:\DOCUME~1\Simon\APPLIC~1\InstallShield Installation Information
[2006-11-29|16:39] C:\DOCUME~1\Simon\APPLIC~1\Microsoft
[2006-11-22|16:46] C:\DOCUME~1\Simon\APPLIC~1\SolidWorksNewsReader
[2006-11-22|16:36] C:\DOCUME~1\Simon\APPLIC~1\DWGeditor
[2006-09-14|20:08] C:\DOCUME~1\Simon\APPLIC~1\dvdcss
[2006-08-17|15:22] C:\DOCUME~1\Simon\APPLIC~1\teamspeak2
[2006-08-08|15:02] C:\DOCUME~1\Simon\APPLIC~1\AdobeUM
[2006-07-27|10:51] C:\DOCUME~1\Simon\APPLIC~1\FlashFXP
[2006-06-22|10:37] C:\DOCUME~1\Simon\APPLIC~1\Azureus
[2006-06-16|21:11] C:\DOCUME~1\Simon\APPLIC~1\InterTrust
[2006-06-08|09:56] C:\DOCUME~1\Simon\APPLIC~1\Thumbs.db
[2006-04-06|17:44] C:\DOCUME~1\Simon\APPLIC~1\Sun
[2006-04-01|18:23] C:\DOCUME~1\Simon\APPLIC~1\DassaultSystemes
[2006-03-11|14:59] C:\DOCUME~1\Simon\APPLIC~1\vlc
[2005-12-31|18:19] C:\DOCUME~1\Simon\APPLIC~1\Google
[2005-07-27|15:15] C:\DOCUME~1\Simon\APPLIC~1\FTP Expert Stockage.ftp
[2005-07-01|21:29] C:\DOCUME~1\Simon\APPLIC~1\Ulead Systems
[2005-06-16|18:31] C:\DOCUME~1\Simon\APPLIC~1\CDRusersDB.v12
[2005-05-18|18:06] C:\DOCUME~1\Simon\APPLIC~1\iScreensaver
[2005-02-02|15:24] C:\DOCUME~1\Simon\APPLIC~1\EPSON
[2004-02-28|17:59] C:\DOCUME~1\Simon\APPLIC~1\Macromedia
[2004-02-28|16:26] C:\DOCUME~1\Simon\APPLIC~1\Cyberlink
[2004-02-28|15:48] C:\DOCUME~1\Simon\APPLIC~1\Ahead
[2004-02-27|19:06] C:\DOCUME~1\Simon\APPLIC~1\Help
[2004-02-27|18:30] C:\DOCUME~1\Simon\APPLIC~1\Identities
[2004-02-27|18:26] C:\DOCUME~1\Simon\APPLIC~1\desktop.ini

----------------[ Tâches planifiées dans C:\WINDOWS\tasks ]---------------

[2006-05-25 19:15][--a------] C:\WINDOWS\tasks\sauve.job
[2002-08-30 13:00][-r-h-----] C:\WINDOWS\tasks\desktop.ini
[2006-05-26 11:42][--ah-----] C:\WINDOWS\tasks\SA.DAT

---------------[ Listing des dossiers dans C:\Program Files ]--------------

[2008-01-17|20:23] C:\Program Files\Lop SD
[2008-01-17|20:20] C:\Program Files\..
[2008-01-17|20:20] C:\Program Files\.
[2008-01-17|20:20] C:\Program Files\Dot1XCfg
[2008-01-17|20:20] C:\Program Files\Temporary
[2008-01-16|21:59] C:\Program Files\Adobe
[2008-01-16|21:55] C:\Program Files\Bonjour
[2008-01-16|21:39] C:\Program Files\Fichiers communs
[2008-01-13|13:17] C:\Program Files\InstallShield Installation Information
[2008-01-12|22:25] C:\Program Files\Messenger Plus! Live
[2008-01-12|22:25] C:\Program Files\MSN Messenger
[2008-01-12|22:25] C:\Program Files\Windows Live
[2008-01-12|21:43] C:\Program Files\Sonic Foundry ACID Music
[2008-01-12|21:35] C:\Program Files\Jeux
[2008-01-11|23:02] C:\Program Files\SUPER
[2008-01-11|21:23] C:\Program Files\Pando
[2008-01-07|21:36] C:\Program Files\Microsoft Works
[2008-01-04|22:41] C:\Program Files\Steam
[2008-01-01|16:55] C:\Program Files\AutoCAD 2008
[2008-01-01|16:50] C:\Program Files\Autodesk
[2007-12-29|16:38] C:\Program Files\NCH Software
[2007-12-19|20:07] C:\Program Files\Java
[2007-12-12|23:22] C:\Program Files\Internet Explorer
[2007-12-05|17:36] C:\Program Files\PDF PDF2Image v2.1
[2007-11-28|20:28] C:\Program Files\Picasa2
[2007-10-18|18:23] C:\Program Files\PestPatrol
[2007-10-18|18:11] C:\Program Files\RegCleaner
[2007-10-18|18:02] C:\Program Files\vmntoolbar
[2007-10-18|17:58] C:\Program Files\Google
[2007-10-18|17:56] C:\Program Files\LucasArts
[2007-08-23|10:45] C:\Program Files\Xfire
[2007-08-17|21:24] C:\Program Files\AV VCS 3.0
[2007-08-16|08:57] C:\Program Files\Metin2_France
[2007-08-15|21:36] C:\Program Files\PC Inspector File Recovery
[2007-08-13|12:00] C:\Program Files\Microsoft Games
[2007-07-17|22:27] C:\Program Files\Windows Media Player
[2007-07-17|22:13] C:\Program Files\Windows Media Connect 2
[2007-07-16|18:20] C:\Program Files\Alcohol Soft
[2007-07-14|21:59] C:\Program Files\Mp3tag
[2007-06-15|19:01] C:\Program Files\Creative
[2007-06-15|18:59] C:\Program Files\Creative ZEN Vision M Series
[2007-06-15|16:55] C:\Program Files\Creative Installation Information
[2007-06-14|09:54] C:\Program Files\Outlook Express
[2007-05-27|16:34] C:\Program Files\QuickTime
[2007-05-16|16:28] C:\Program Files\Activision
[2007-05-08|11:07] C:\Program Files\CA
[2007-04-12|19:58] C:\Program Files\Atari
[2007-03-31|18:38] C:\Program Files\SolidWorks
[2007-03-29|17:36] C:\Program Files\DVDFab Gold
[2007-03-25|17:47] C:\Program Files\DVD Shrink
[2007-03-25|13:49] C:\Program Files\Star Downloader
[2007-03-17|20:32] C:\Program Files\WinRAR
[2007-02-25|15:50] C:\Program Files\Ulead Systems
[2007-02-22|18:57] C:\Program Files\Winamp
[2007-02-22|18:57] C:\Program Files\Wanadoo
[2007-02-22|18:57] C:\Program Files\Sunbelt Software
[2007-02-22|18:57] C:\Program Files\Movie Maker
[2007-02-22|18:57] C:\Program Files\Morpheus Software
[2007-02-22|18:57] C:\Program Files\Microsoft Picture It! 9
[2007-02-22|18:57] C:\Program Files\Microsoft Encarta
[2007-02-22|18:57] C:\Program Files\pspvideo9
[2007-02-22|18:57] C:\Program Files\NCH Swift Sound
[2007-02-22|18:57] C:\Program Files\Messenger
[2007-02-22|18:57] C:\Program Files\DivX
[2007-01-22|21:43] C:\Program Files\IVT Corporation
[2006-11-22|16:42] C:\Program Files\Windows Desktop Search
[2006-11-22|16:36] C:\Program Files\DWGeditor
[2006-11-22|16:35] C:\Program Files\SolidWorks Installation Manager
[2006-10-25|13:36] C:\Program Files\AviSynth 2.5
[2006-10-14|08:28] C:\Program Files\ashampoo
[2006-09-21|18:39] C:\Program Files\NetMeeting
[2006-09-21|18:39] C:\Program Files\Windows NT
[2006-09-20|20:37] C:\Program Files\Intelore
[2006-08-29|16:21] C:\Program Files\DV 3500
[2006-07-25|22:43] C:\Program Files\Magicbit
[2006-06-28|20:26] C:\Program Files\INFORAD
[2006-06-28|20:26] C:\Program Files\INFORAD_DRIVERS
[2006-06-16|21:13] C:\Program Files\Hewlett-Packard
[2006-06-06|21:16] C:\Program Files\Gadwin Systems
[2006-06-06|11:49] C:\Program Files\Program Files
[2006-06-04|21:44] C:\Program Files\SprayR
[2006-05-08|14:10] C:\Program Files\neodivx2006
[2006-04-12|19:51] C:\Program Files\Teamspeak2_RC2
[2006-04-01|18:27] C:\Program Files\Microsoft Office
[2006-04-01|18:27] C:\Program Files\Dassault Systemes
[2006-03-11|14:57] C:\Program Files\VideoLAN
[2006-03-02|15:55] C:\Program Files\EA GAMES
[2006-02-26|16:07] C:\Program Files\DiMAGE Viewer
[2006-02-10|16:10] C:\Program Files\Midas Interactive
[2006-02-08|23:03] C:\Program Files\AquaScape 3D
[2006-01-25|17:19] C:\Program Files\D-Tools
[2006-01-15|18:07] C:\Program Files\EPSON
[2005-07-01|21:23] C:\Program Files\CyberLink
[2005-02-18|21:24] C:\Program Files\Home Cinema
[2004-12-09|18:09] C:\Program Files\Microsoft FrontPage Express
[2004-12-01|19:08] C:\Program Files\MSN Apps
[2004-08-28|19:29] C:\Program Files\WindowsUpdate
[2004-08-24|22:07] C:\Program Files\Spybot - Search & Destroy
[2004-08-20|12:35] C:\Program Files\Microsoft Office97
[2004-06-03|19:23] C:\Program Files\Alwil Software
[2004-05-04|20:58] C:\Program Files\Storm
[2004-04-18|13:38] C:\Program Files\JavaSoft
[2004-04-07|08:23] C:\Program Files\PowerArchiver
[2004-03-27|13:50] C:\Program Files\InterActual
[2004-02-28|17:49] C:\Program Files\Viewpoint
[2004-02-28|17:49] C:\Program Files\Nullsoft
[2004-02-28|17:49] C:\Program Files\Real
[2004-02-28|16:18] C:\Program Files\MUSICMATCH
[2004-02-28|16:16] C:\Program Files\Common Files
[2004-02-28|15:40] C:\Program Files\Medion Tools
[2004-02-28|15:25] C:\Program Files\OfficeUpdate11
[2004-02-28|15:05] C:\Program Files\Winbond Electronics Corp
[2004-02-28|14:51] C:\Program Files\Microsoft Money
[2004-02-28|14:47] C:\Program Files\Microsoft Visual Studio
[2004-02-28|14:38] C:\Program Files\Microsoft Works Suite 2004
[2004-02-28|14:35] C:\Program Files\Ahead
[2004-02-28|14:16] C:\Program Files\HighMAT CD Writing Wizard
[2004-02-28|14:11] C:\Program Files\Uninstall Information
[2004-02-27|19:13] C:\Program Files\USB Wireless Keyboard Driver
[2004-02-27|19:11] C:\Program Files\C-Media 3D Audio
[2004-02-27|19:03] C:\Program Files\ATI Technologies
[2004-02-27|18:45] C:\Program Files\Intel
[2004-02-27|18:35] C:\Program Files\Windows Journal Viewer
[2004-02-27|18:30] C:\Program Files\xerox
[2004-02-27|18:30] C:\Program Files\microsoft frontpage
[2004-02-27|18:28] C:\Program Files\MSN
[2004-02-27|18:28] C:\Program Files\MSN Gaming Zone

------[ Listing des dossiers dans C:\Program Files\Fichiers communs ]------

[2008-01-16|21:55] C:\Program Files\Fichiers communs\Adobe
[2008-01-16|21:39] C:\Program Files\Fichiers communs\..
[2008-01-16|21:39] C:\Program Files\Fichiers communs\Macrovision Shared
[2008-01-16|21:39] C:\Program Files\Fichiers communs\.
[2008-01-12|21:29] C:\Program Files\Fichiers communs\Real
[2008-01-01|16:55] C:\Program Files\Fichiers communs\Autodesk Shared
[2008-01-01|16:49] C:\Program Files\Fichiers communs\Designer
[2007-10-18|17:48] C:\Program Files\Fichiers communs\eDrawings2007
[2007-08-02|20:11] C:\Program Files\Fichiers communs\EPSON
[2007-06-14|09:54] C:\Program Files\Fichiers communs\System
[2006-11-22|16:37] C:\Program Files\Fichiers communs\SolidWorks Shared
[2006-11-22|16:25] C:\Program Files\Fichiers communs\Solidworks Data
[2006-06-28|14:08] C:\Program Files\Fichiers communs\Microsoft Shared
[2006-06-04|12:23] C:\Program Files\Fichiers communs\Adobe Systems Shared
[2006-04-06|17:41] C:\Program Files\Fichiers communs\Java
[2005-01-14|18:56] C:\Program Files\Fichiers communs\Python
[2004-09-06|18:10] C:\Program Files\Fichiers communs\DirectX
[2004-02-28|17:49] C:\Program Files\Fichiers communs\AOL
[2004-02-28|15:05] C:\Program Files\Fichiers communs\Borland Shared
[2004-02-28|15:01] C:\Program Files\Fichiers communs\InstallShield
[2004-02-28|14:34] C:\Program Files\Fichiers communs\Ahead
[2004-02-27|18:28] C:\Program Files\Fichiers communs\Services
[2004-02-27|18:28] C:\Program Files\Fichiers communs\MSSoap
[2004-02-27|18:26] C:\Program Files\Fichiers communs\ODBC
[2004-02-27|18:26] C:\Program Files\Fichiers communs\SpeechEngines

----------------------[ Recherche avec S_Lop ]---------------------

Aucun fichier / dossier Lop trouvé !

-----------------[ Recherche de Fichiers / Dossiers Lop ]-----------------

Aucun fichier / dossier Lop trouvé !

----------------------[ Verification du Registre ]----------------------

..... OK !

--------------------[ Verification du fichier Hosts ]---------------------

Fichier Hosts PROPRE


----------------[ Recherche de fichiers avec Catchme ]-----------------

catchme 0.3.1262 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-01-17 20:42:32
Windows 5.1.2600 Service Pack 2 NTFS
scanning hidden files ...
scan completed successfully
hidden files: 0

--------------------[ Recherche d'autres infections ]---------------------

Aucune autre infection trouvée !

/!\ [Fich:70][Doss:4] C:\DOCUME~1\Simon\LOCALS~1\Temp
/!\ [Fich:854][Doss:12] C:\DOCUME~1\Simon\LOCALS~1\TEMPOR~1\content.IE5

--------------------[ Fin du rapport a 20:42:57.96 ]----------------------
17 Janvier 2008 20:44:56

Mince j'ai de plus en plus de pb depuis que les pub's CID ont disparus.J'ai chopé un virus sur msn qui envoie a tout le monde "c'est pas toi sa?!" puis j'ai des nouvelles pubs qui s'ouvrent...
17 Janvier 2008 20:45:32

Mince j'ai de plus en plus de pb depuis que les pub's CID ont disparus.J'ai chopé un virus sur msn qui envoie a tout le monde "c'est pas toi sa?!" puis j'ai des nouvelles pubs qui s'ouvrent...
17 Janvier 2008 21:30:37


Les infections ne viennent pas toutes seules ....
Si tu visite et que tu ouvre n'importe quoi ...


Télécharge MSNFix [:eric_71:4] < ici

Double clique sur le dossier MSNFix
Puis double-clique sur MSNFix.bat
Choisis l'option R
Si une infection est détectée , presse une touche pour éxécuter le Nettoyage
Si tu obtiens un message te demandant de redémarrer l'ordinateur pour terminer le Nettoyage , Redémarre manuellement

Poste le rapport généré ( il se situe dans le dossier MSNFix )
Ce rapport se nomme Date_Heure ~~> .log
17 Janvier 2008 21:35:15

Re, c'est bon je viens de le faire. Dsl pour le virus sur msn mais c'est ma soeur qui ne fait pas toujours ce qu'on lui dit :) . Voila le rapport de MSNfix:
MSNFix 1.633

C:\Documents and Settings\Simon\Bureau\MSNFix
Fix exécuté le 2008-01-17 - 21:25:25.65 By Simon
mode normal

************************ Recherche les fichiers présents

... C:\log.txt
... C:\Documents and Settings\Simon\??????.exe
... C:\WINDOWS\17PHolmes1148.exe
... C:\WINDOWS\b???.exe
... C:\WINDOWS\b122.exe
... C:\WINDOWS\mrofinu*.exe
... C:\WINDOWS\mrofinu*.exe.tmp

************************ MSNCHK ***** /!\ beta test /!\



************************ Recherche les dossiers présents

... C:\Program Files\Temporary\
... C:\Temp\




************************ Suppression des fichiers

.. OK ... C:\log.txt
.. OK ... C:\Documents and Settings\Simon\??????.exe
.. OK ... C:\WINDOWS\17PHolmes1148.exe
.. OK ... C:\WINDOWS\b???.exe
.. OK ... C:\WINDOWS\b122.exe
/!\ ... C:\WINDOWS\mrofinu*.exe
.. OK ... C:\WINDOWS\mrofinu*.exe.tmp


************************ Suppression des dossiers

/!\ ... C:\Program Files\Temporary\
.. OK ... C:\Temp\


************************ Nettoyage du registre



Les fichiers encore présents seront supprimés au prochain redémarrage


************************ Suppression des fichiers

.. OK ... C:\WINDOWS\mrofinu*.exe



************************ Fichiers suspects

Aucun Fichier trouvé


Les fichiers et clés de registre supprimés ont été sauvegardés dans le fichier 2008-01-17_213104.10.zip


------------------------------------------------------------------------
Auteur : !aur3n7 Contact: http://changelog.fr
------------------------------------------------------------------------

--------------------------------------------- END ---------------------------------------------

17 Janvier 2008 21:37:05

Mais maintenant, il ne me reste plus qu'un seul pb (je suis chiant dsl), les pubs CID ont disparus mais maitenant ce sont des pubs Rond Stardoors.com qui s'ouvrent tout le temps. Je dois réutiliser Lop S&D ?
17 Janvier 2008 23:21:02


Tu as du installer un programme du genre Zango

reposte un HiJackThis
18 Janvier 2008 19:56:29

Logfile of HijackThis v1.99.1
Scan saved at 19:59, on 2008-01-18
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe
C:\Program Files\Sunbelt Software\Personal Firewall 4\kpf4ss.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Sunbelt Software\Personal Firewall 4\kpf4gui.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\MSN Messenger\usnsvc.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Sunbelt Software\Personal Firewall 4\kpf4gui.exe
C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
C:\Program Files\Home Cinema\PowerCinema\PCMService.exe
C:\WINDOWS\CNYHKey.exe
C:\WINDOWS\Dit.exe
C:\WINDOWS\system32\RunDll32.exe
C:\WINDOWS\mHotkey.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\Program Files\Gadwin Systems\PrintScreen\PrintScreen.exe
C:\Program Files\Creative\Sync Manager Unicode\CTSyncU.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Dot1XCfg\Dot1XCfg.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Program Files\Windows Media Player\wmplayer.exe
C:\Program Files\internet explorer\iexplore.exe
C:\Program Files\internet explorer\iexplore.exe
C:\Documents and Settings\Simon\Mes documents\Mes programmes\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.aldi.com
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: (no name) - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - (no file)
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Acrobat\ActiveX\AcroIEHelper.ocx
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - C:\Program Files\MSN Apps\ST\01.03.0000.1005\en-xu\stmain.dll
O2 - BHO: MSNToolBandBHO - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\MSN Toolbar\01.02.5000.1021\fr\msntb.dll
O2 - BHO: (no name) - {FFFFFEF0-5B30-21D4-945D-000000000000} - C:\PROGRA~1\STARDO~1\SDIEInt.dll
O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\MSN Toolbar\01.02.5000.1021\fr\msntb.dll
O3 - Toolbar: (no name) - {37B85A29-692B-4205-9CAD-2626E4993404} - (no file)
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
O4 - HKLM\..\Run: [PCMService] "C:\Program Files\Home Cinema\PowerCinema\PCMService.exe"
O4 - HKLM\..\Run: [ledpointer] CNYHKey.exe
O4 - HKLM\..\Run: [Dit] Dit.exe
O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd
O4 - HKLM\..\Run: [CHotkey] mHotkey.exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKCU\..\Run: [Gadwin PrintScreen 3.1] C:\Program Files\Gadwin Systems\PrintScreen\PrintScreen.exe /nosplash
O4 - HKCU\..\Run: [TheTurtle] C:\Program Files\TheTurtle\TheTurtle.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.2.908.5008\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [MoneyAgent] "C:\Program Files\Microsoft Money\System\mnyexpr.exe"
O4 - HKCU\..\Run: [CTSyncU.exe] "C:\Program Files\Creative\Sync Manager Unicode\CTSyncU.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Pando] "C:\Program Files\Pando\Pando.exe" /Minimized
O4 - HKCU\..\Run: [Dot1XCfg] C:\Program Files\Dot1XCfg\Dot1XCfg.exe
O4 - Startup: Yahoo! Widget Engine.lnk = C:\Program Files\Yahoo!\Yahoo! Widget Engine\YahooWidgetEngine.exe
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O8 - Extra context menu item: Liens de téléchargement avec Mega Manager... - C:\Program Files\Megaupload\Mega Manager\mm_file.htm
O8 - Extra context menu item: Télécharger avec Star Downloader - C:\Program Files\Star Downloader\sdie.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no file)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O10 - Broken Internet access because of LSP provider 'c:\program files\bonjour\mdnsnsp.dll' missing
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O14 - IERESET.INF: START_PAGE_URL=http://www.aldi.com
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986....
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.ca...
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://messenger.zone.msn.com/binary/ZIntro.cab56649.ca...
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPACl...
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Autodesk Licensing Service - Autodesk - C:\Program Files\Fichiers communs\Autodesk Shared\Service\AdskScSrv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: BlueSoleil Hid Service - Unknown owner - C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Fichiers communs\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: Service de l'iPod (iPod Service) - Unknown owner - C:\Program Files\iPod\bin\iPodService.exe (file missing)
O23 - Service: Sunbelt Kerio Personal Firewall 4 (KPF4) - Sunbelt Software - C:\Program Files\Sunbelt Software\Personal Firewall 4\kpf4ss.exe
O23 - Service: SolidWorks Licensing Service - SolidWorks - C:\Program Files\Fichiers communs\SolidWorks Shared\Service\SolidWorksLicensing.exe

18 Janvier 2008 20:04:12


Hello ,

Refais un scan Combofix
19 Janvier 2008 15:40:48

ComboFix 08-01-15.4 - Simon 2008-01-19 15:18:10.3 - NTFSx86
Microsoft Windows XP Édition familiale 5.1.2600.2.1252.1.1036.18.594 [GMT 1:00]
Running from: C:\Documents and Settings\Simon\Bureau\ComboFix.exe

WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!
.

(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\docume~1\internet\applic~1\planat~1\Bowsglueseek.exe
c:\docume~1\simon\applic~1\planat~1\Bowsglueseek.exe
C:\Documents and Settings\All Users\Application Data\flag ace stupid data\Bold creative.exe
C:\Documents and Settings\All Users\Application Data\flag ace stupid data\Iso slow.exe
C:\Documents and Settings\All Users\Application Data\flag ace stupid data\view file.exe
C:\Documents and Settings\Francoise\Application Data\Plan Atom Sect\0
C:\Documents and Settings\Francoise\Application Data\Plan Atom Sect\Bowsglueseek.exe
C:\Documents and Settings\Francoise\Application Data\Plan Atom Sect\hwsbdadm.exe
C:\Documents and Settings\Francoise\Application Data\Plan Atom Sect\one joy.exe
C:\Documents and Settings\Francoise\Application Data\Plan Atom Sect\OnlineCitySiteBalm.exe
C:\Documents and Settings\Internet\Application Data\Plan Atom Sect\0
C:\Documents and Settings\Internet\Application Data\Plan Atom Sect\Bowsglueseek.exe
C:\Documents and Settings\Internet\Application Data\Plan Atom Sect\bzbqjond.exe
C:\Documents and Settings\Internet\Application Data\Plan Atom Sect\cyhuzqzd.exe
C:\Documents and Settings\Internet\Application Data\Plan Atom Sect\itksivdx.exe
C:\Documents and Settings\Internet\Application Data\Plan Atom Sect\one joy.exe
C:\Documents and Settings\Internet\Application Data\Plan Atom Sect\OnlineCitySiteBalm.exe
C:\Documents and Settings\Simon\Application Data\Plan Atom Sect\0
C:\Documents and Settings\Simon\Application Data\Plan Atom Sect\Bowsglueseek.exe
C:\Documents and Settings\Simon\Application Data\Plan Atom Sect\one joy.exe
C:\Documents and Settings\Simon\Application Data\Plan Atom Sect\OnlineCitySiteBalm.exe
C:\Documents and Settings\Simon\Application Data\Plan Atom Sect\umjdydpl.exe
C:\Documents and Settings\Simon\Application Data\Plan Atom Sect\zqvdmqhy.exe
C:\Program Files\Temporary
C:\Program Files\Temporary\kernInst.exe
C:\WINDOWS\Tasks\AD5D336E918AA6CE.job
D:\Autorun.inf
.
---- Previous Run -------
.
c:\docume~1\internet\applic~1\planat~1\Bowsglueseek.exe
c:\docume~1\simon\applic~1\planat~1\Bowsglueseek.exe
C:\Documents and Settings\All Users\Application Data\flag ace stupid data\Bold creative.exe
C:\Documents and Settings\All Users\Application Data\flag ace stupid data\Iso slow.exe
C:\Documents and Settings\All Users\Application Data\flag ace stupid data\view file.exe
C:\Documents and Settings\Francoise\Application Data\Plan Atom Sect
C:\Documents and Settings\Francoise\Application Data\Plan Atom Sect\0
C:\Documents and Settings\Francoise\Application Data\Plan Atom Sect\Bowsglueseek.exe
C:\Documents and Settings\Francoise\Application Data\Plan Atom Sect\hwsbdadm.exe
C:\Documents and Settings\Francoise\Application Data\Plan Atom Sect\one joy.exe
C:\Documents and Settings\Francoise\Application Data\Plan Atom Sect\OnlineCitySiteBalm.exe
C:\Documents and Settings\Internet\Application Data\Plan Atom Sect
C:\Documents and Settings\Internet\Application Data\Plan Atom Sect\0
C:\Documents and Settings\Internet\Application Data\Plan Atom Sect\Bowsglueseek.exe
C:\Documents and Settings\Internet\Application Data\Plan Atom Sect\bzbqjond.exe
C:\Documents and Settings\Internet\Application Data\Plan Atom Sect\cyhuzqzd.exe
C:\Documents and Settings\Internet\Application Data\Plan Atom Sect\itksivdx.exe
C:\Documents and Settings\Internet\Application Data\Plan Atom Sect\one joy.exe
C:\Documents and Settings\Internet\Application Data\Plan Atom Sect\OnlineCitySiteBalm.exe
C:\Documents and Settings\Simon\Application Data\Plan Atom Sect
C:\Documents and Settings\Simon\Application Data\Plan Atom Sect\0
C:\Documents and Settings\Simon\Application Data\Plan Atom Sect\Bowsglueseek.exe
C:\Documents and Settings\Simon\Application Data\Plan Atom Sect\one joy.exe
C:\Documents and Settings\Simon\Application Data\Plan Atom Sect\OnlineCitySiteBalm.exe
C:\Documents and Settings\Simon\Application Data\Plan Atom Sect\umjdydpl.exe
C:\Documents and Settings\Simon\Application Data\Plan Atom Sect\zqvdmqhy.exe
C:\Program Files\Plan Atom Sect
C:\WINDOWS\Tasks\AD5D336E918AA6CE.job
D:\Autorun.inf
C:\Documents and Settings\All Users\Application Data\flag ace stupid data

.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))

.
-------\LEGACY_O1394BUL
-------\o1394bul




((((((((((((((((((((((((((((( Fichiers cr‚‚s 2007-12-19 to 2008-01-19 ))))))))))))))))))))))))))))))))))))
.

2008-01-19 00:18 . 2008-01-19 12:42 <REP> d-------- C:\Program Files\CamStudio
2008-01-18 22:19 . 2008-01-18 22:28 <REP> d-------- C:\Program Files\Fake Webcam
2008-01-17 21:40 . 2008-01-17 21:40 <REP> d-------- C:\Program Files\Windows Live
2008-01-17 21:40 . 2008-01-17 21:40 <REP> d-------- C:\Program Files\Messenger Plus! Live
2008-01-17 21:16 . 2008-01-17 21:40 <REP> d-------- C:\Program Files\MSN Messenger
2008-01-17 20:20 . 2008-01-17 20:20 <REP> d-------- C:\Program Files\Dot1XCfg
2008-01-16 22:05 . 2008-01-17 20:42 <REP> d-------- C:\Program Files\Lop SD
2008-01-16 21:39 . 2008-01-16 21:39 <REP> d-------- C:\Program Files\Fichiers communs\Macrovision Shared
2008-01-16 21:36 . 2008-01-16 21:36 50 --a------ C:\WINDOWS\MegaManager.INI
2008-01-16 20:49 . 2008-01-16 20:49 54,156 --ah----- C:\WINDOWS\QTFont.qfn
2008-01-16 20:49 . 2008-01-16 20:49 1,409 --a------ C:\WINDOWS\QTFont.for
2008-01-15 17:30 . 2000-08-31 08:00 51,200 --a------ C:\WINDOWS\NirCmd.exe
2008-01-13 13:24 . 2008-01-13 13:24 <REP> d-------- C:\Documents and Settings\Simon\Application Data\Megaupload
2008-01-12 22:46 . 2008-01-12 22:46 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Messenger Plus!
2008-01-01 16:52 . 2008-01-01 16:55 <REP> d-------- C:\Program Files\AutoCAD 2008
2008-01-01 16:52 . 2008-01-01 16:52 <REP> d-------- C:\Documents and Settings\Simon\Application Data\Autodesk
2008-01-01 16:52 . 2008-01-01 17:10 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Autodesk
2008-01-01 16:50 . 2008-01-01 16:55 <REP> d-------- C:\Program Files\Fichiers communs\Autodesk Shared
2008-01-01 16:50 . 2008-01-01 16:50 <REP> d-------- C:\Program Files\Autodesk
2007-12-29 18:07 . 2007-12-29 18:07 68 --ahs---- C:\WINDOWS\system32\windzfa0.sys
2007-12-29 16:38 . 2007-12-29 16:38 <REP> d-------- C:\Program Files\NCH Software
2007-12-28 15:59 . 2007-12-28 16:18 <REP> d-------- C:\Documents and Settings\Simon\Application Data\SecondLife

.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-01-19 14:33 13,440 ----a-w C:\WINDOWS\system32\drivers\USBCRFT.SYS
2008-01-18 21:51 --------- d-----w C:\Program Files\Steam
2008-01-17 20:13 --------- d-----w C:\Program Files\PDF PDF2Image v2.1
2008-01-16 20:55 --------- d-----w C:\Program Files\Fichiers communs\Adobe
2008-01-16 20:37 --------- d--h--w C:\Program Files\InstallShield Installation Information
2008-01-12 20:43 --------- d-----w C:\Program Files\Sonic Foundry ACID Music
2008-01-12 20:35 --------- d-----w C:\Program Files\Jeux
2008-01-12 20:29 --------- d-----w C:\Program Files\Fichiers communs\Real
2008-01-11 22:02 --------- d-----w C:\Program Files\SUPER
2008-01-11 20:23 --------- d-----w C:\Program Files\Pando
2008-01-07 20:36 --------- d-----w C:\Program Files\Microsoft Works
2008-01-02 18:05 --------- d-----w C:\Documents and Settings\Simon\Application Data\SolidWorks
2007-12-19 19:07 --------- d-----w C:\Program Files\Java
2007-12-04 14:56 93,264 ----a-w C:\WINDOWS\system32\drivers\aswmon.sys
2007-12-04 14:55 94,544 ----a-w C:\WINDOWS\system32\drivers\aswmon2.sys
2007-12-04 14:53 23,152 ----a-w C:\WINDOWS\system32\drivers\aswRdr.sys
2007-12-04 14:51 42,912 ----a-w C:\WINDOWS\system32\drivers\aswTdi.sys
2007-12-04 14:49 26,624 ----a-w C:\WINDOWS\system32\drivers\aavmker4.sys
2007-11-28 19:28 --------- d-----w C:\Program Files\Picasa2
2007-11-21 18:13 --------- d-----w C:\Documents and Settings\Internet\Application Data\Creative
2007-11-09 21:28 737,280 ----a-w C:\WINDOWS\iun6002.exe
2007-10-17 22:05 36,490 ----a-w C:\Documents and Settings\Simon\Application Data\wklnhst.dat
2007-10-17 17:39 15,354 ----a-w C:\Documents and Settings\Internet\Application Data\wklnhst.dat
2007-06-04 18:38 82,736 ----a-w C:\Documents and Settings\Internet\Application Data\GDIPFONTCACHEV1.DAT
2007-03-29 16:27 87,608 ----a-w C:\Documents and Settings\Simon\Application Data\ezpinst.exe
2007-03-29 16:27 47,360 ----a-w C:\Documents and Settings\Simon\Application Data\pcouffin.sys
2007-01-23 12:00 2,088 ----a-w C:\Documents and Settings\Francoise\Application Data\wklnhst.dat
2007-01-05 22:17 94,104 ----a-w C:\Documents and Settings\Simon\Application Data\GDIPFONTCACHEV1.DAT
2005-06-29 19:30 2,394 ----a-w C:\Documents and Settings\Camille\Application Data\wklnhst.dat
2006-05-03 09:06 163,328 --sh--r C:\WINDOWS\system32\flvDX.dll
2007-02-21 10:47 31,232 --sh--r C:\WINDOWS\system32\msfDX.dll
.

((((((((((((((((((((((((((((( snapshot@2008-01-15_17.45.36.54 )))))))))))))))))))))))))))))))))))))))))
.
- 2008-01-15 16:31:29 249,856 ----a-w C:\WINDOWS\erdnt\Hiv-backup\Users\00000001\ntuser.dat
+ 2008-01-16 18:53:43 249,856 ----a-w C:\WINDOWS\erdnt\Hiv-backup\Users\00000001\ntuser.dat
- 2008-01-15 16:31:29 8,192 ----a-w C:\WINDOWS\erdnt\Hiv-backup\Users\00000002\UsrClass.dat
+ 2008-01-16 18:53:43 8,192 ----a-w C:\WINDOWS\erdnt\Hiv-backup\Users\00000002\UsrClass.dat
- 2008-01-15 16:31:29 249,856 ----a-w C:\WINDOWS\erdnt\Hiv-backup\Users\00000003\ntuser.dat
+ 2008-01-16 18:53:43 5,578,752 ----a-w C:\WINDOWS\erdnt\Hiv-backup\Users\00000003\ntuser.dat
+ 2008-01-16 18:53:44 249,856 ----a-w C:\WINDOWS\erdnt\Hiv-backup\Users\00000004\ntuser.dat
+ 2008-01-16 18:53:44 8,192 ----a-w C:\WINDOWS\erdnt\Hiv-backup\Users\00000005\UsrClass.dat
+ 2008-01-16 18:53:44 19,701,760 ----a-w C:\WINDOWS\erdnt\Hiv-backup\Users\00000006\ntuser.dat
+ 2008-01-16 18:53:44 389,120 ----a-w C:\WINDOWS\erdnt\Hiv-backup\Users\00000007\UsrClass.dat
+ 2000-08-31 07:00:00 163,328 ----a-w C:\WINDOWS\erdnt\subs\ERDNT.EXE
- 2007-02-09 18:40:22 29,926 ----a-r C:\WINDOWS\Installer\{F6326B60-1B1D-4ABF-BFCD-7B7404F44411}\MsblIco.Exe
+ 2008-01-17 20:17:10 29,926 ----a-r C:\WINDOWS\Installer\{F6326B60-1B1D-4ABF-BFCD-7B7404F44411}\MsblIco.Exe
+ 2006-02-28 11:41:34 61,440 ----a-w C:\WINDOWS\system32\dns-sd.exe
+ 2006-02-28 11:41:22 53,248 ----a-w C:\WINDOWS\system32\dnssd.dll
- 2008-01-02 10:42:38 381,632 ----a-w C:\WINDOWS\system32\FNTCACHE.DAT
+ 2008-01-17 16:26:44 1,637,984 ----a-w C:\WINDOWS\system32\FNTCACHE.DAT
- 1998-02-10 17:32:54 77,312 ----a-w C:\WINDOWS\system32\TWAIN_32.DLL
+ 2007-04-09 16:09:44 77,312 ----a-w C:\WINDOWS\system32\TWAIN_32.DLL
- 1995-09-15 11:51:36 48,560 ----a-w C:\WINDOWS\system32\TWUNK_16.EXE
+ 2007-04-09 16:09:44 48,560 ----a-w C:\WINDOWS\system32\TWUNK_16.EXE
- 1998-08-20 08:18:08 69,632 ----a-w C:\WINDOWS\system32\TWUNK_32.EXE
+ 2007-04-09 16:09:44 69,632 ----a-w C:\WINDOWS\system32\TWUNK_32.EXE
+ 2008-01-19 14:31:13 16,384 ----atw C:\WINDOWS\Temp\Perflib_Perfdata_4f0.dat
.
((((((((((((((((((((((((((((((((( Point de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
REGEDIT4
*Note* les ‚l‚ments vides & les ‚l‚ments initiaux l‚gitimes ne sont pas list‚s

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Gadwin PrintScreen 3.1"="C:\Program Files\Gadwin Systems\PrintScreen\PrintScreen.exe" [2005-09-26 11:39 1073152]
"TheTurtle"="C:\Program Files\TheTurtle\TheTurtle.exe" [ ]
"swg"="C:\Program Files\Google\GoogleToolbarNotifier\1.2.908.5008\GoogleToolbarNotifier.exe" [ ]
"Steam"="" []
"MoneyAgent"="C:\Program Files\Microsoft Money\System\mnyexpr.exe" [2003-06-18 12:00 204800]
"CTSyncU.exe"="C:\Program Files\Creative\Sync Manager Unicode\CTSyncU.exe" [2006-06-12 13:32 700416]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-20 00:09 15360]
"Pando"="C:\Program Files\Pando\Pando.exe" [2007-10-05 12:33 5207368]
"Dot1XCfg"="C:\Program Files\Dot1XCfg\Dot1XCfg.exe" [2008-01-17 20:20 61440]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe" [2007-09-25 01:11 132496]
"PCMService"="C:\Program Files\Home Cinema\PowerCinema\PCMService.exe" [2004-02-26 10:08 61440]
"ledpointer"="CNYHKey.exe" [2004-02-03 17:15 5794816 C:\WINDOWS\CNYHKey.exe]
"Dit"="Dit.exe" [2003-12-29 23:33 94208 C:\WINDOWS\Dit.exe]
"Cmaudio"="cmicnfg.cpl" [2004-01-07 15:14 2453504 C:\WINDOWS\CMICNFG.CPL]
"CHotkey"="mHotkey.exe" [2004-02-05 13:45 510464 C:\WINDOWS\mHotkey.exe]
"avast!"="C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe" [2007-12-04 14:00 79224]
"ATIPTA"="C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe" [2004-01-27 14:30 335872]
"QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [2007-04-27 08:41 282624]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\System32\CTFMON.EXE" [2004-08-20 00:09 15360]
"Picasa Media Detector"="C:\Program Files\Picasa2\PicasaMediaDetector.exe" [2007-10-23 22:18 443968]

R1 fwdrv;Firewall Driver;C:\WINDOWS\system32\drivers\fwdrv.sys [2005-12-15 18:13]
R1 khips;Kerio HIPS Driver;C:\WINDOWS\system32\drivers\khips.sys [2005-12-15 18:01]
R2 vcs;Vcs support;C:\WINDOWS\system32\Drivers\Vcs.sys [2002-12-10 08:11]
R3 Cap7134;MEDION (7134) WDM Video Capture;C:\WINDOWS\system32\DRIVERS\Cap7134.sys [2003-06-05 10:04]
R3 CardReaderFilter;Card Reader Filter;C:\WINDOWS\system32\Drivers\USBCRFT.SYS [2008-01-19 15:33]
R3 PhTVTune;MEDION TV-TUNER 7134 MK2/3;C:\WINDOWS\system32\DRIVERS\PhTVTune.sys [2003-06-12 07:47]
R3 UKBFLT;UKBFLT;C:\WINDOWS\system32\DRIVERS\UKBFLT.sys [2003-12-19 17:13]
R3 USBSTOR;Pilote de stockage de masse USB;C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2004-08-04 07:08]
R3 wbscr;Winbond Smartcard Reader for I/O;C:\WINDOWS\system32\drivers\wbscr.sys [2002-04-24 12:07]
S2 Ca536av;DV 3500(Video);C:\WINDOWS\system32\Drivers\Ca536av.sys [2003-09-05 12:47]
S3 BTNetFilter;Bluetooth Network Filter;C:\WINDOWS\system32\drivers\BTNetFilter.sys [2004-12-16 16:32]
S3 Intels51;Creatix V.9X DSP Data Fax Modem;C:\WINDOWS\system32\DRIVERS\ctxs51.sys [2003-05-22 19:44]
S3 LUMDriver;LUMDriver;C:\WINDOWS\system32\drivers\LUMDriver.sys [2003-07-11 14:22]
S3 PRISM_A00;PRISM 802.11g Driver;C:\WINDOWS\system32\DRIVERS\PRISMA00.sys [2004-01-16 09:31]
S3 USBCamera;DV 3500(Still);C:\WINDOWS\system32\Drivers\Bulk536.sys [2003-05-14 16:28]
S3 usbscan;Pilote de scanneur USB;C:\WINDOWS\system32\DRIVERS\usbscan.sys [2004-08-04 06:58]
S4 BBDemon;Backbone Service;"C:\Program Files\Dassault Systemes\B16\intel_a\code\bin\CATSysDemon.exe" [2005-09-06 21:11]

.
Contenu du dossier 'Scheduled Tasks/Tƒches planifi‚es'
"2006-05-25 18:15:02 C:\WINDOWS\Tasks\sauve.job"
- C:\Temp\sauve.bat
.
**************************************************************************

catchme 0.3.1344 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-01-19 15:33:47
Windows 5.1.2600 Service Pack 2 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
Completion time: 2008-01-19 15:43:03 - machine was rebooted [Simon]
ComboFix-quarantined-files.txt 2008-01-19 14:42:56
ComboFix2.txt 2008-01-15 16:46:37
.
2008-01-08 20:52:56 --- E O F ---
20 Janvier 2008 12:55:17

Re ,

Reposte un HiJackThis
20 Janvier 2008 13:13:42

Logfile of HijackThis v1.99.1
Scan saved at 13:16:51, on 20/01/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe
C:\Program Files\Sunbelt Software\Personal Firewall 4\kpf4ss.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Sunbelt Software\Personal Firewall 4\kpf4gui.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\MSN Messenger\usnsvc.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Sunbelt Software\Personal Firewall 4\kpf4gui.exe
C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
C:\Program Files\Home Cinema\PowerCinema\PCMService.exe
C:\WINDOWS\CNYHKey.exe
C:\WINDOWS\Dit.exe
C:\WINDOWS\system32\RunDll32.exe
C:\WINDOWS\mHotkey.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\Program Files\Gadwin Systems\PrintScreen\PrintScreen.exe
C:\Program Files\Creative\Sync Manager Unicode\CTSyncU.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Dot1XCfg\Dot1XCfg.exe
C:\Program Files\internet explorer\iexplore.exe
C:\Program Files\internet explorer\iexplore.exe
C:\Documents and Settings\Simon\Mes documents\Mes programmes\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.aldi.com
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: (no name) - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - (no file)
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Acrobat\ActiveX\AcroIEHelper.ocx
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - C:\Program Files\MSN Apps\ST\01.03.0000.1005\en-xu\stmain.dll
O2 - BHO: MSNToolBandBHO - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\MSN Toolbar\01.02.5000.1021\fr\msntb.dll
O2 - BHO: (no name) - {FFFFFEF0-5B30-21D4-945D-000000000000} - C:\PROGRA~1\STARDO~1\SDIEInt.dll
O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\MSN Toolbar\01.02.5000.1021\fr\msntb.dll
O3 - Toolbar: (no name) - {37B85A29-692B-4205-9CAD-2626E4993404} - (no file)
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
O4 - HKLM\..\Run: [PCMService] "C:\Program Files\Home Cinema\PowerCinema\PCMService.exe"
O4 - HKLM\..\Run: [ledpointer] CNYHKey.exe
O4 - HKLM\..\Run: [Dit] Dit.exe
O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd
O4 - HKLM\..\Run: [CHotkey] mHotkey.exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKCU\..\Run: [Gadwin PrintScreen 3.1] C:\Program Files\Gadwin Systems\PrintScreen\PrintScreen.exe /nosplash
O4 - HKCU\..\Run: [TheTurtle] C:\Program Files\TheTurtle\TheTurtle.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.2.908.5008\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [MoneyAgent] "C:\Program Files\Microsoft Money\System\mnyexpr.exe"
O4 - HKCU\..\Run: [CTSyncU.exe] "C:\Program Files\Creative\Sync Manager Unicode\CTSyncU.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Pando] "C:\Program Files\Pando\Pando.exe" /Minimized
O4 - HKCU\..\Run: [Dot1XCfg] C:\Program Files\Dot1XCfg\Dot1XCfg.exe
O4 - Startup: Yahoo! Widget Engine.lnk = C:\Program Files\Yahoo!\Yahoo! Widget Engine\YahooWidgetEngine.exe
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O8 - Extra context menu item: Liens de téléchargement avec Mega Manager... - C:\Program Files\Megaupload\Mega Manager\mm_file.htm
O8 - Extra context menu item: Télécharger avec Star Downloader - C:\Program Files\Star Downloader\sdie.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no file)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O14 - IERESET.INF: START_PAGE_URL=http://www.aldi.com
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986....
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.ca...
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://messenger.zone.msn.com/binary/ZIntro.cab56649.ca...
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPACl...
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Autodesk Licensing Service - Autodesk - C:\Program Files\Fichiers communs\Autodesk Shared\Service\AdskScSrv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: BlueSoleil Hid Service - Unknown owner - C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Fichiers communs\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: Service de l'iPod (iPod Service) - Unknown owner - C:\Program Files\iPod\bin\iPodService.exe (file missing)
O23 - Service: Sunbelt Kerio Personal Firewall 4 (KPF4) - Sunbelt Software - C:\Program Files\Sunbelt Software\Personal Firewall 4\kpf4ss.exe
O23 - Service: SolidWorks Licensing Service - SolidWorks - C:\Program Files\Fichiers communs\SolidWorks Shared\Service\SolidWorksLicensing.exe

20 Janvier 2008 14:55:37


Re ,

Relance HiJackThis clique cette fois sur [do a system scan only]
coche dans les cases à gauche les lignes suivantes ( et uniquement celles-ci ) :
R3 - URLSearchHook: (no name) - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - (no file)
O3 - Toolbar: (no name) - {37B85A29-692B-4205-9CAD-2626E4993404} - (no file)

et clique sur [Fix checked] ( en bas à gauche )
A la demande de confirmation , répond Oui

----------------------------------------------

Télécharge ToolsCleaner2 [:eric_71:15] < ici

Installe le sur ton Bureau
Clique sur [Recherche] pour lancer le scan
Clique sur [Supprimer] pour nettoyer les outils utilisés
Clique sur [Quitter] , ceci va créer un rapport
Poste le rapport ( C:\TCleaner.txt )
20 Janvier 2008 16:35:55

J'ai fait ce que tu m'as dit sur Hijackthis mais dès que je lance la recherche sur ToolsCLeaners2, le programme plante et il n'y a plus de réponse...
21 Janvier 2008 16:15:27

Sinon, avec ce que j'ai fait sur Hijackthis, les pubs ont disparus non? (en tout cas je n'en ai pas revu)
22 Janvier 2008 12:51:19


Re ,

Si ToolsCleaner2 ne fonctionne pas , supprime les logiciels qu'on à installé manuellement

Puis , Fais un scan en ligne Kaspersky [:eric_71:19] < ici avec Internet Explorer !

Clique sur Demarrer Online-Scanner ( en bas à droite )
Clique sur J'accepte , si necessaire valide l'installation des ActiveX
laisse installer les Mises à jour , choisis l'analyse du Poste de travail

à la fin de l'analyse , Sauvegarde le rapport puis colle le dans ta réponse

Si tu vois ce message : La licence de Kaspersky On-line Scanner est périmée
vas dans Ajout / Suppression de programmes et désinstalle On-Line Scanner
retourne sur le site et retente le scan
Tom's guide dans le monde
  • Allemagne
  • Italie
  • Irlande
  • Royaume Uni
  • Etats Unis
Suivre Tom's Guide
Inscrivez-vous à la Newsletter
  • ajouter à twitter
  • ajouter à facebook
  • ajouter un flux RSS