pouvez vous m'aider SVP ? [résolu]

bonjour,


Poste un log Hijackthis et telecharge le ci-dessous si tu ne la pas:
http://www.infos-du-net.com/telecharger/HijackThis,0301...

Mets le sur ton bureau et lance le puis clique sur "Do a system scan and a logfile" et copie/colle le rapport ici

si tu a besoin d'aide : http://www.malekal.com/tutorial_HijackThis.html

merci pour ta réponse, voici le rapport (j'espere que je ne me suis pas trompée)
Logfile of HijackThis v1.99.1
Scan saved at 12:26:37, on 05/11/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\msmapi32.exe
C:\WINDOWS\system32\LVCOMSX.EXE
C:\Program Files\Logitech\Video\LogiTray.exe
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\MessengerPlus! 3\MsgPlus.exe
C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
C:\PROGRA~1\NUMERI~1\MONASS~1\SMARTB~1\MotiveSB.exe
C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mmtask.exe
C:\WINDOWS\system32\adirss.exe
C:\PROGRA~1\Grisoft\AVG7\avgcc.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Google\GoogleToolbarNotifier\1.0.720.3640\GoogleToolbarNotifier.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpohmr08.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe
c:\Program Files\Numericable\Mon Assistant Internet\bin\mad.exe
c:\Program Files\Numericable\Mon Assistant Internet\bin\mpbtn.exe
C:\Program Files\Logitech\Video\FxSvr2.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpoevm08.exe
C:\PROGRA~1\Motive\ASSTCO~1\MOTIVE~1.EXE
C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
C:\PROGRA~1\Grisoft\AVG7\avgemc.exe
C:\Program Files\Logitech\MouseWare\system\em_exec.exe
C:\WINDOWS\system32\drivers\CDAC11BA.EXE
C:\WINDOWS\system32\svchost.exe
C:\PROGRA~1\Grisoft\AVG7\avgfwsrv.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\Bin\hpoSTS08.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Program Files\Spybot - Search & Destroy\SpybotSD.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Documents and Settings\aude-emelyne\Mes documents\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.numericable.fr
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://us.rd.yahoo.com/customize/ycomp/defaults/su/*http://www.yahoo.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Internet Explorer par NUMERICABLE
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = 127.0.0.1;;localhost;<local>
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: (no name) - {00110011-4b0b-44d5-9718-90c88817369b} - (no file)
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: (no name) - {086ae192-23a6-48d6-96ec-715f53797e85} - (no file)
O2 - BHO: (no name) - {11904ce8-632a-4856-a7cc-00b33fe71bd8} - (no file)
O2 - BHO: (no name) - {150fa160-130d-451f-b863-b655061432ba} - (no file)
O2 - BHO: (no name) - {15ACE85C-0BB1-42d1-9E32-07EB0506675A} - (no file)
O2 - BHO: (no name) - {17da0c9e-4a27-4ac5-bb75-5d24b8cdb972} - (no file)
O2 - BHO: (no name) - {1b68470c-2def-493b-8a4a-8e2d81be4ea5} - (no file)
O2 - BHO: (no name) - {1c4da27d-4d52-4465-a089-98e01bb725ca} - (no file)
O2 - BHO: (no name) - {1f48aa48-c53a-4e21-85e7-ac7cc6b5ffb1} - (no file)
O2 - BHO: (no name) - {1f48aa48-c53a-4e21-85e7-ac7cc6b5ffb2} - (no file)
O2 - BHO: (no name) - {202a961f-23ae-42b1-9505-ffe3c818d717} - (no file)
O2 - BHO: (no name) - {2d38a51a-23c9-48a1-a33c-48675aa2b494} - (no file)
O2 - BHO: (no name) - {2e246fae-8420-11d9-870d-000c2917de7f} - (no file)
O2 - BHO: (no name) - {2e9caff6-30c7-4208-8807-e79d4ec6f806} - (no file)
O2 - BHO: (no name) - {479fd0cf-5be9-4c63-8cda-b6d371c67bd5} - (no file)
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: (no name) - {5753791b-f607-48ca-814e-91c14d081f9e} - (no file)
O2 - BHO: (no name) - {7070a8f9-08a4-ca47-0ab0-1eb9e4ee1f3b} - (no file)
O2 - BHO: (no name) - {746455fe-d059-47e7-af0e-140e03f5a447} - (no file)
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O2 - BHO: (no name) - {7a7e6d97-b492-4884-9abb-c31281dcc4f2} - (no file)
O2 - BHO: (no name) - {860c2f6b-ca82-4282-9187-beccbb66f0af} - (no file)
O2 - BHO: (no name) - {87185e78-a61b-4db3-965a-3235bbd7a622} - (no file)
O2 - BHO: (no name) - {8dc8f96d-34f7-1501-a2a4-631341aa3ac1} - (no file)
O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - C:\Program Files\MSN Apps\ST\01.03.0000.1005\en-xu\stmain.dll
O2 - BHO: (no name) - {9c5875b8-93f3-429d-ff34-660b206d897a} - (no file)
O2 - BHO: (no name) - {a2595f37-48d0-46a1-9b51-478591a97764} - (no file)
O2 - BHO: (no name) - {a6f42cad-2559-48df-af30-89e480af5dfa} - (no file)
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: (no name) - {b212d577-05b7-4963-911e-4a8588160dfa} - (no file)
O2 - BHO: ASGP32.ASGP - {BB89F547-37EC-4920-880C-9D553B1C788C} - C:\WINDOWS\system32\asgp32.dll
O2 - BHO: MSNToolBandBHO - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\MSN Toolbar\01.02.5000.1021\fr\msntb.dll
O2 - BHO: (no name) - {CA0E28FA-1AFD-4C21-A8DC-70EB5BE2F076} - (no file)
O2 - BHO: (no name) - {cf021f40-3e14-23a5-cba2-717765721306} - (no file)
O2 - BHO: (no name) - {d1ac752e-883f-4ed8-8828-b618c3a72152} - (no file)
O2 - BHO: (no name) - {e2b2b5a1-b48c-4886-a318-723916a01024} - (no file)
O2 - BHO: (no name) - {e2ddf680-9905-4dee-8c64-0a5de7fe133c} - (no file)
O2 - BHO: (no name) - {e3eebbe8-9cab-4c76-b26a-747e25ebb4c6} - (no file)
O2 - BHO: (no name) - {e6d5237d-a6c7-4c83-a67f-f9f15586fa62} - (no file)
O2 - BHO: (no name) - {e7afff2a-1b57-49c7-bf6b-e5123394c970} - (no file)
O2 - BHO: (no name) - {fcaddc14-bd46-408a-9842-cdbe1c6d37eb} - (no file)
O2 - BHO: (no name) - {fd9bc004-8331-4457-b830-4759ff704c22} - (no file)
O2 - BHO: (no name) - {fe2d25c1-c1db-4b5e-9390-af1cb5302f32} - (no file)
O2 - BHO: (no name) - {ff1bf4c7-4e08-4a28-a43f-9d60a9f7a880} - (no file)
O2 - BHO: (no name) - {FFFFFFFF-FFFF-FFFF-FFFF-FFFFFFFFFFFF} - (no file)
O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\MSN Toolbar\01.02.5000.1021\fr\msntb.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O4 - HKLM\..\Run: [Logitech Utility] Logi_MwX.Exe
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe
O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [MessengerPlus3] "C:\Program Files\MessengerPlus! 3\MsgPlus.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
O4 - HKLM\..\Run: [BearShare] "C:\Program Files\BearShare\BearShare.exe" /pause
O4 - HKLM\..\Run: [Motive SmartBridge] C:\PROGRA~1\NUMERI~1\MONASS~1\SMARTB~1\MotiveSB.exe
O4 - HKLM\..\Run: [mmtask] "C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mmtask.exe"
O4 - HKLM\..\Run: [adir] C:\WINDOWS\system32\adirss.exe
O4 - HKLM\..\Run: [UpdateService] C:\WINDOWS\system32\wservice.exe
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVG7\avgcc.exe /STARTUP
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [LogitechSoftwareUpdate] "C:\Program Files\Logitech\Video\ManifestEngine.exe" boot
O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - HKCU\..\Run: [Error Safe] "C:\Program Files\Error Safe Free\ers.exe" /min
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.0.720.3640\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [UpdateService] C:\WINDOWS\system32\wservice.exe
O4 - Global Startup: hp psc 1000 series.lnk = ?
O4 - Global Startup: hpoddt01.exe.lnk = ?
O4 - Global Startup: Mon Assistant Internet.lnk = C:\Program Files\Numericable\Mon Assistant Internet\bin\matcli.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: c:\windows\system32\avgfwafu.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\avgfwafu.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\avgfwafu.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\avgfwafu.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\avgfwafu.dll
O16 - DPF: {106E49CF-797A-11D2-81A2-00E02C015623} (AlternaTIFF ActiveX) - http://www.alternatiff.com/install/00/alttiff.cab
O16 - DPF: {1CD4E2DC-2DA0-4154-8723-38CB04FB6A58} - http://scripts.dlv4.com/binaries/egaccess4/egaccess4_10...
O16 - DPF: {2B323CD9-50E3-11D3-9466-00A0C9700498} (Yahoo! Audio Conferencing) - http://us.chat1.yimg.com/us.yimg.com/i/chat/applet/v45/...
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/2005111401/housecall...
O16 - DPF: {7D1E9C49-BD6A-11D3-87A8-009027A35D73} (Yahoo! Audio UI1) - http://chat.yahoo.com/cab/yacsui.cab
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O20 - AppInit_DLLs: MsgPlusLoader.dll
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgemc.exe
O23 - Service: AVG Firewall (AVGFwSrv) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgfwsrv.exe
O23 - Service: Boonty Games - BOONTY - C:\Program Files\Fichiers communs\BOONTY Shared\Service\Boonty.exe
O23 - Service: C-DillaCdaC11BA - Macrovision - C:\WINDOWS\system32\drivers\CDAC11BA.EXE
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe

Re,


Ferme toutes les fenêtres (sauf Hijackthis)
et les logiciels de protection (antivirus...)

- Lance Hijackthis ->Do a system scan only
->Coche les lignes ci-dessous :

O2 - BHO: (no name) - {00110011-4b0b-44d5-9718-90c88817369b} - (no file)

O2 - BHO: (no name) - {086ae192-23a6-48d6-96ec-715f53797e85} - (no file)
O2 - BHO: (no name) - {11904ce8-632a-4856-a7cc-00b33fe71bd8} - (no file)
O2 - BHO: (no name) - {150fa160-130d-451f-b863-b655061432ba} - (no file)
O2 - BHO: (no name) - {15ACE85C-0BB1-42d1-9E32-07EB0506675A} - (no file)
O2 - BHO: (no name) - {17da0c9e-4a27-4ac5-bb75-5d24b8cdb972} - (no file)
O2 - BHO: (no name) - {1b68470c-2def-493b-8a4a-8e2d81be4ea5} - (no file)
O2 - BHO: (no name) - {1c4da27d-4d52-4465-a089-98e01bb725ca} - (no file)
O2 - BHO: (no name) - {1f48aa48-c53a-4e21-85e7-ac7cc6b5ffb1} - (no file)
O2 - BHO: (no name) - {1f48aa48-c53a-4e21-85e7-ac7cc6b5ffb2} - (no file)
O2 - BHO: (no name) - {202a961f-23ae-42b1-9505-ffe3c818d717} - (no file)
O2 - BHO: (no name) - {2d38a51a-23c9-48a1-a33c-48675aa2b494} - (no file)
O2 - BHO: (no name) - {2e246fae-8420-11d9-870d-000c2917de7f} - (no file)
O2 - BHO: (no name) - {2e9caff6-30c7-4208-8807-e79d4ec6f806} - (no file)
O2 - BHO: (no name) - {479fd0cf-5be9-4c63-8cda-b6d371c67bd5} - (no file)
O2 - BHO: (no name) - {5753791b-f607-48ca-814e-91c14d081f9e} - (no file)
O2 - BHO: (no name) - {7070a8f9-08a4-ca47-0ab0-1eb9e4ee1f3b} - (no file)
O2 - BHO: (no name) - {746455fe-d059-47e7-af0e-140e03f5a447} - (no file)
O2 - BHO: (no name) - {860c2f6b-ca82-4282-9187-beccbb66f0af} - (no file)
O2 - BHO: (no name) - {87185e78-a61b-4db3-965a-3235bbd7a622} - (no file)
O2 - BHO: (no name) - {8dc8f96d-34f7-1501-a2a4-631341aa3ac1} - (no file)
O2 - BHO: (no name) - {CA0E28FA-1AFD-4C21-A8DC-70EB5BE2F076} - (no file)
O2 - BHO: (no name) - {cf021f40-3e14-23a5-cba2-717765721306} - (no file)
O2 - BHO: (no name) - {d1ac752e-883f-4ed8-8828-b618c3a72152} - (no file)
O2 - BHO: (no name) - {e2b2b5a1-b48c-4886-a318-723916a01024} - (no file)
O2 - BHO: (no name) - {e2ddf680-9905-4dee-8c64-0a5de7fe133c} - (no file)
O2 - BHO: (no name) - {e3eebbe8-9cab-4c76-b26a-747e25ebb4c6} - (no file)
O2 - BHO: (no name) - {e6d5237d-a6c7-4c83-a67f-f9f15586fa62} - (no file)
O2 - BHO: (no name) - {e7afff2a-1b57-49c7-bf6b-e5123394c970} - (no file)
O2 - BHO: (no name) - {fcaddc14-bd46-408a-9842-cdbe1c6d37eb} - (no file)
O2 - BHO: (no name) - {fd9bc004-8331-4457-b830-4759ff704c22} - (no file)
O2 - BHO: (no name) - {fe2d25c1-c1db-4b5e-9390-af1cb5302f32} - (no file)
O2 - BHO: (no name) - {ff1bf4c7-4e08-4a28-a43f-9d60a9f7a880} - (no file)
O2 - BHO: (no name) - {FFFFFFFF-FFFF-FFFF-FFFF-FFFFFFFFFFFF} - (no file)

Puis,CCleaner.
http://www.filehippo.com/download_ccleaner.html


Lance Ccleaner,
clique sur la touche "Analyse", puis sur le bouton "Lancer le nettoyage".
A la fin du nettoyage clique sur le bouton "Erreurs" et repare les erreurs.

merci pour ta réponse, je le fais de ce pas  

Je n'arrive pas à télécharger c cleaner, je ne trouve pas le lien où cliquer...

EDIT : j'ai trouvé ccleaner je suis en train de le faire
Angeldark : je fais également tes manip, cela me demande un peu de temps  

Bonjour,

Il manque des infections non traitées.

Télécharge Smitfraudfix
Dézippe-le sur le Bureau.
Ouvre le dossier SmitfraudFix et lance SmitfraudFix(.cmd)
Choisis l'Option 1 (Recherche)
Poste le premier rapport ici.

NOTE :
process.exe est détecté par certains antivirus (AntiVir, Dr.Web, Kaspersky Anti-Virus) comme étant un RiskTool. Il ne s'agit pas d'un virus, mais d'un utilitaire destiné à mettre fin à des processus. Mis entre de mauvaises mains, cet utilitaire pourrait arrêter des logiciels de sécurité (Antivirus, Firewall...) d'où l'alerte émise par ces antivirus.

Télécharge SDFix (créé par AndyManchesta) et sauvegarde le sur ton Bureau.
Double clique sur SDFix.exe et choisis Install pour l'extraire sur le Bureau.

Redémarre en mode sans échec

Ouvre le dossier SDFix qui vient d'être créé sur le Bureau et double clique sur RunThis.bat pour lancer le script.

Appuie sur Y pour commencer le processus de nettoyage.

Il va supprimer les services et les entrées du Registre de certains trojans trouvés puis te demandera d'appuyer sur une touche pour redémarrer.

Appuie sur une touche pour redémarrer le PC.

Ton système sera plus long pour redémarrer qu'à l'accoutumée car l'outil va continuer à s'exécuter et supprimer des fichiers.

Après le chargement du Bureau, l'outil terminera son travail et affichera Finished.

Appuie sur une touche pour finir l'exécution du script et charger les icônes de ton Bureau.

Les icônes du Bureau affichées, le rapport SDFix s'ouvrira à l'écran et s'enregistrera aussi dans le dossier SDFix sous le nom Report.txt.

Enfin, copie/colle le contenu du fichier Report.txt dans ta prochaine réponse sur le forum, avec un nouveau log Hijackthis !

Trybalman : j'ai effectué les opérations, mais antispyweb.net revient toujours (là il vient de m'ouvrir 5 pages en meme temps)  

Je vais maintenant effectuer les opérations de angeldark, enfin si je peux combiner tout ca ensemble  

Voici le 1er rapport de smitfraudfix avec l'option 1

SmitFraudFix v2.119

Rapport fait à 14:32:47,81, 05/11/2006
Executé à partir de C:\Documents and Settings\aude-emelyne\Bureau\SmitfraudFix\SmitfraudFix
OS: Microsoft Windows XP [version 5.1.2600] - Windows_NT
Fix executé en mode normal

»»»»»»»»»»»»»»»»»»»»»»»» C:\


»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS

C:\WINDOWS\accesss.exe PRESENT !
C:\WINDOWS\astctl32.ocx PRESENT !
C:\WINDOWS\avpcc.dll PRESENT !
C:\WINDOWS\clrssn.exe PRESENT !
C:\WINDOWS\cpan.dll PRESENT !
C:\WINDOWS\dialup.exe PRESENT !
C:\WINDOWS\inetdctr.dll PRESENT !
C:\WINDOWS\mtwirl32.dll PRESENT !
C:\WINDOWS\notepad32.exe PRESENT !
C:\WINDOWS\olehelp.exe PRESENT !
C:\WINDOWS\runwin32.exe PRESENT !
C:\WINDOWS\spp3.dll PRESENT !
C:\WINDOWS\systeem.exe PRESENT !
C:\WINDOWS\systemcritical.exe PRESENT !
C:\WINDOWS\time.exe PRESENT !
C:\WINDOWS\users32.exe PRESENT !
C:\WINDOWS\waol.exe PRESENT !
C:\WINDOWS\win32e.exe PRESENT !
C:\WINDOWS\win64.exe PRESENT !
C:\WINDOWS\winajbm.dll PRESENT !
C:\WINDOWS\window.exe PRESENT !
C:\WINDOWS\wininet32.exe PRESENT !
C:\WINDOWS\winmgnt.exe PRESENT !
C:\WINDOWS\x.exe PRESENT !
C:\WINDOWS\xplugin.dll PRESENT !
C:\WINDOWS\xxxvideo.hta PRESENT !
C:\WINDOWS\y.exe PRESENT !

»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system


»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\Web


»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system32

C:\WINDOWS\system32\ace16win.dll PRESENT !
C:\WINDOWS\system32\anti_troj.exe PRESENT !
C:\WINDOWS\system32\dload.exe PRESENT !
C:\WINDOWS\system32\iewd.exe PRESENT !
C:\WINDOWS\system32\kernels64.exe PRESENT !
C:\WINDOWS\system32\lfd.dat PRESENT !
C:\WINDOWS\system32\mpsegment.exe PRESENT !
C:\WINDOWS\system32\msmapi32.exe PRESENT !
C:\WINDOWS\system32\msmsn.exe PRESENT !
C:\WINDOWS\system32\msvol.tlb PRESENT !
C:\WINDOWS\system32\ncompat.tlb PRESENT !
C:\WINDOWS\system32\netstat2.exe PRESENT !
C:\WINDOWS\system32\oiso.bin PRESENT !
C:\WINDOWS\system32\ot.ico PRESENT !
C:\WINDOWS\system32\pcf.pdf PRESENT !
C:\WINDOWS\system32\perfont.exe PRESENT !
C:\WINDOWS\system32\performent202.dll PRESENT !
C:\WINDOWS\system32\POPCORN72.EXE PRESENT !
C:\WINDOWS\system32\proqlaim.exe PRESENT !
C:\WINDOWS\system32\ts.ico PRESENT !
C:\WINDOWS\system32\vxgamet?.exe PRESENT !
C:\WINDOWS\system32\vxh8jkdq?.exe PRESENT !
C:\WINDOWS\system32\win32hp.dll PRESENT !
C:\WINDOWS\system32\winmuse.exe PRESENT !

»»»»»»»»»»»»»»»»»»»»»»»» C:\Documents and Settings\aude-emelyne


»»»»»»»»»»»»»»»»»»»»»»»» C:\Documents and Settings\aude-emelyne\Application Data


»»»»»»»»»»»»»»»»»»»»»»»» Menu Démarrer


»»»»»»»»»»»»»»»»»»»»»»»» C:\DOCUME~1\AUDE-E~1\Favoris


»»»»»»»»»»»»»»»»»»»»»»»» Bureau


»»»»»»»»»»»»»»»»»»»»»»»» C:\Program Files


»»»»»»»»»»»»»»»»»»»»»»»» Clés corrompues


»»»»»»»»»»»»»»»»»»»»»»»» Eléments du bureau

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Desktop\Components\0]
"Source"="About:Home"
"SubscribedURL"="About:Home"
"FriendlyName"="Ma page d'accueil"


»»»»»»»»»»»»»»»»»»»»»»»» Sharedtaskscheduler
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

SrchSTS.exe by S!Ri
Search SharedTaskScheduler's .dll


»»»»»»»»»»»»»»»»»»»»»»»» AppInit_DLLs
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"="MsgPlusLoader.dll"


»»»»»»»»»»»»»»»»»»»»»»»» pe386-msguard-lzx32


»»»»»»»»»»»»»»»»»»»»»»»» Recherche infection wininet.dll


»»»»»»»»»»»»»»»»»»»»»»»» Fin

ouai fais ce qu'il ta dit il est tro fort c'est lui qui ma apris ce que je sais aujourd'hui^^.

Re,

Après avoir passé SDFix tu feras ceci :

Redémarre en mode sans échec

Relance SmitfraudFix et choisis cette fois l’Option 2 et réponds oui à la ou les questions
Sauvegarde puis poste le rapport.

Voici le rapport final :

SmitFraudFix v2.119

Rapport fait à 14:46:50,59, 05/11/2006
Executé à partir de C:\Documents and Settings\aude-emelyne\Bureau\SmitfraudFix\SmitfraudFix
OS: Microsoft Windows XP [version 5.1.2600] - Windows_NT
Fix executé en mode normal

»»»»»»»»»»»»»»»»»»»»»»»» Avant SmitFraudFix
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

SrchSTS.exe by S!Ri
Search SharedTaskScheduler's .dll

»»»»»»»»»»»»»»»»»»»»»»»» Arret des processus


»»»»»»»»»»»»»»»»»»»»»»»» Generic Renos Fix

GenericRenosFix by S!Ri


»»»»»»»»»»»»»»»»»»»»»»»» Suppression des fichiers infectés

C:\WINDOWS\accesss.exe supprimé
C:\WINDOWS\astctl32.ocx supprimé
C:\WINDOWS\avpcc.dll supprimé
C:\WINDOWS\clrssn.exe supprimé
C:\WINDOWS\cpan.dll supprimé
C:\WINDOWS\dialup.exe supprimé
C:\WINDOWS\inetdctr.dll supprimé
C:\WINDOWS\mtwirl32.dll supprimé
C:\WINDOWS\notepad32.exe supprimé
C:\WINDOWS\olehelp.exe supprimé
C:\WINDOWS\runwin32.exe supprimé
C:\WINDOWS\spp3.dll supprimé
C:\WINDOWS\systeem.exe supprimé
C:\WINDOWS\systemcritical.exe supprimé
C:\WINDOWS\time.exe supprimé
C:\WINDOWS\users32.exe supprimé
C:\WINDOWS\waol.exe supprimé
C:\WINDOWS\win32e.exe supprimé
C:\WINDOWS\win64.exe supprimé
C:\WINDOWS\winajbm.dll supprimé
C:\WINDOWS\window.exe supprimé
C:\WINDOWS\wininet32.exe supprimé
C:\WINDOWS\winmgnt.exe supprimé
C:\WINDOWS\x.exe supprimé
C:\WINDOWS\xplugin.dll supprimé
C:\WINDOWS\xxxvideo.hta supprimé
C:\WINDOWS\y.exe supprimé
C:\WINDOWS\system32\ace16win.dll supprimé
C:\WINDOWS\system32\anti_troj.exe supprimé
C:\WINDOWS\system32\dload.exe supprimé
C:\WINDOWS\system32\iewd.exe supprimé
C:\WINDOWS\system32\kernels64.exe supprimé
C:\WINDOWS\system32\lfd.dat supprimé
C:\WINDOWS\system32\mpsegment.exe supprimé
C:\WINDOWS\system32\msmapi32.exe supprimé
C:\WINDOWS\system32\msmsn.exe supprimé
C:\WINDOWS\system32\msvol.tlb supprimé
C:\WINDOWS\system32\ncompat.tlb supprimé
C:\WINDOWS\system32\netstat2.exe supprimé
C:\WINDOWS\system32\oiso.bin supprimé
C:\WINDOWS\system32\ot.ico supprimé
C:\WINDOWS\system32\pcf.pdf supprimé
C:\WINDOWS\system32\perfont.exe supprimé
C:\WINDOWS\system32\performent202.dll supprimé
C:\WINDOWS\system32\POPCORN72.EXE supprimé
C:\WINDOWS\system32\proqlaim.exe supprimé
C:\WINDOWS\system32\ts.ico supprimé
C:\WINDOWS\system32\vxgamet?.exe supprimé
C:\WINDOWS\system32\vxh8jkdq?.exe supprimé
C:\WINDOWS\system32\win32hp.dll supprimé
C:\WINDOWS\system32\winmuse.exe supprimé

»»»»»»»»»»»»»»»»»»»»»»»» Suppression Fichiers Temporaires


»»»»»»»»»»»»»»»»»»»»»»»» Nettoyage du registre

Nettoyage terminé.

»»»»»»»»»»»»»»»»»»»»»»»» Après SmitFraudFix
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

SrchSTS.exe by S!Ri
Search SharedTaskScheduler's .dll


»»»»»»»»»»»»»»»»»»»»»»»» Fin

Passe à SDFix maintenant.

je n'arrive pas à utiliser SDFix, quand j'essaie d'appuyer sur une touche (entrée ou Y), la fenêtre disparait et rien ne se passe...?  

Ok.
Reposte un rapport Hijackthis.

le revoici, désolé pour le retard

Logfile of HijackThis v1.99.1
Scan saved at 22:24:19, on 05/11/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\LVCOMSX.EXE
C:\Program Files\Logitech\Video\LogiTray.exe
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\MessengerPlus! 3\MsgPlus.exe
C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
C:\PROGRA~1\NUMERI~1\MONASS~1\SMARTB~1\MotiveSB.exe
C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mmtask.exe
C:\WINDOWS\system32\adirss.exe
C:\PROGRA~1\Grisoft\AVG7\avgcc.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Google\GoogleToolbarNotifier\1.0.720.3640\GoogleToolbarNotifier.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe
C:\Program Files\Logitech\MouseWare\system\em_exec.exe
c:\Program Files\Numericable\Mon Assistant Internet\bin\mad.exe
c:\Program Files\Numericable\Mon Assistant Internet\bin\mpbtn.exe
C:\PROGRA~1\Motive\ASSTCO~1\MOTIVE~1.EXE
C:\Program Files\Logitech\Video\FxSvr2.exe
C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
C:\PROGRA~1\Grisoft\AVG7\avgemc.exe
C:\WINDOWS\system32\drivers\CDAC11BA.EXE
C:\WINDOWS\system32\svchost.exe
C:\PROGRA~1\Grisoft\AVG7\avgfwsrv.exe
C:\WINDOWS\system32\winlogon.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Documents and Settings\aude-emelyne\Local Settings\Temporary Internet Files\Content.IE5\UPERGH0J\HijackThis[1].exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Internet Explorer par NUMERICABLE
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = 127.0.0.1;;localhost;<local>
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - C:\Program Files\MSN Apps\ST\01.03.0000.1005\en-xu\stmain.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: ASGP32.ASGP - {BB89F547-37EC-4920-880C-9D553B1C788C} - C:\WINDOWS\system32\asgp32.dll
O2 - BHO: MSNToolBandBHO - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\MSN Toolbar\01.02.5000.1021\fr\msntb.dll
O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\MSN Toolbar\01.02.5000.1021\fr\msntb.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O4 - HKLM\..\Run: [Logitech Utility] Logi_MwX.Exe
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe
O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [MessengerPlus3] "C:\Program Files\MessengerPlus! 3\MsgPlus.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
O4 - HKLM\..\Run: [Motive SmartBridge] C:\PROGRA~1\NUMERI~1\MONASS~1\SMARTB~1\MotiveSB.exe
O4 - HKLM\..\Run: [mmtask] "C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mmtask.exe"
O4 - HKLM\..\Run: [adir] C:\WINDOWS\system32\adirss.exe
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVG7\avgcc.exe /STARTUP
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [LogitechSoftwareUpdate] "C:\Program Files\Logitech\Video\ManifestEngine.exe" boot
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.0.720.3640\GoogleToolbarNotifier.exe
O4 - Global Startup: hp psc 1000 series.lnk = ?
O4 - Global Startup: hpoddt01.exe.lnk = ?
O4 - Global Startup: Mon Assistant Internet.lnk = C:\Program Files\Numericable\Mon Assistant Internet\bin\matcli.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: c:\windows\system32\avgfwafu.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\avgfwafu.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\avgfwafu.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\avgfwafu.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\avgfwafu.dll
O16 - DPF: {1CD4E2DC-2DA0-4154-8723-38CB04FB6A58} - http://scripts.dlv4.com/binaries/egaccess4/egaccess4_10...
O16 - DPF: {2B323CD9-50E3-11D3-9466-00A0C9700498} (Yahoo! Audio Conferencing) - http://us.chat1.yimg.com/us.yimg.com/i/chat/applet/v45/...
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/2005111401/housecall...
O16 - DPF: {7D1E9C49-BD6A-11D3-87A8-009027A35D73} (Yahoo! Audio UI1) - http://chat.yahoo.com/cab/yacsui.cab
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O20 - AppInit_DLLs: MsgPlusLoader.dll
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgemc.exe
O23 - Service: AVG Firewall (AVGFwSrv) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgfwsrv.exe
O23 - Service: Boonty Games - BOONTY - C:\Program Files\Fichiers communs\BOONTY Shared\Service\Boonty.exe
O23 - Service: C-DillaCdaC11BA - Macrovision - C:\WINDOWS\system32\drivers\CDAC11BA.EXE
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe


Voila, je vais aller me coucher, je me reconnecterai du boulot demain vers midi
En vous remerciant vraiment beaucoup  
Benga

Bonjour,

On continue.

Télécharge puis installe AVG Anti-Spyware (AVG AS)
Une fois AVG AS lancé, clique sur "Mise à jour"
Ferme le programme.
AIDE : Tuto de Malekal

Redémarre en mode sans échec

Relance AVG AS puis choisis l'onglet "Analyse"
Puis l'onglet "Paramètres"
Sous la question "Comment réagir ?", clique sur "Actions recommandées" et choisis "Quarantaine"
Re-clique sur l'onglet "Analyse" puis réalise une "Analyse complète du système"

/!\ Si un fichier est infecté en fin d'analyse /!\
Clique sur "Appliquer toutes les actions "

Clique sur "Enregistrer le rapport" puis sur "Enregistrer le rapport sous"
Enregistre ce fichier texte sur ton bureau.

Redémarre normalement
Copie/Colle le rapport ici.

je le fais de ce pas  
EDIT : pour le moment, 176 objets infectés et ca continue...  

Voici le rapport :
AVG Anti-Spyware - Rapport d'analyse
---------------------------------------------------------

+ Créé à: 14:51:55 06/11/2006

+ Résultat de l'analyse:



C:\System Volume Information\_restore{830AFB6F-7ED7-41BC-8308-DE1FC256F08B}\RP22\A0157379.exe -> Adware.180Solutions : Nettoyé et sauvegardé (mise en quarantaine).
HKU\S-1-5-21-1547161642-1390067357-682003330-1004\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{7070A8F9-08A4-CA47-0AB0-1EB9E4EE1F3B} -> Adware.CoolWebSearch : Nettoyé et sauvegardé (mise en quarantaine).
HKU\S-1-5-21-1547161642-1390067357-682003330-1004\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{479FD0CF-5BE9-4C63-8CDA-B6D371C67BD5} -> Adware.Generic : Nettoyé et sauvegardé (mise en quarantaine).
HKU\S-1-5-21-1547161642-1390067357-682003330-1004\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{5929CD6E-2062-44A4-B2C5-2C7E78FBAB38} -> Adware.Generic : Nettoyé et sauvegardé (mise en quarantaine).
HKU\S-1-5-21-1547161642-1390067357-682003330-1004\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{860C2F6B-CA82-4282-9187-BECCBB66F0AF} -> Adware.Generic : Nettoyé et sauvegardé (mise en quarantaine).
HKU\S-1-5-21-1547161642-1390067357-682003330-1004\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{9C5875B8-93F3-429D-FF34-660B206D897A} -> Adware.Generic : Nettoyé et sauvegardé (mise en quarantaine).
HKU\S-1-5-21-1547161642-1390067357-682003330-1004\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{A2595F37-48D0-46A1-9B51-478591A97764} -> Adware.Generic : Nettoyé et sauvegardé (mise en quarantaine).
HKU\S-1-5-21-1547161642-1390067357-682003330-1004\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{FE2D25C1-C1DB-4B5E-9390-AF1CB5302F32} -> Adware.Generic : Nettoyé et sauvegardé (mise en quarantaine).
HKU\S-1-5-21-1547161642-1390067357-682003330-1004\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{7A7E6D97-B492-4884-9ABB-C31281DCC4F2} -> Adware.VipSearcher : Nettoyé et sauvegardé (mise en quarantaine).
C:\System Volume Information\_restore{830AFB6F-7ED7-41BC-8308-DE1FC256F08B}\RP24\A0157721.dll -> Adware.Zango : Nettoyé et sauvegardé (mise en quarantaine).
C:\WINDOWS\system32\EGACCESS.dll -> Dialer.EgroupDial.w : Nettoyé et sauvegardé (mise en quarantaine).
C:\WINDOWS\system32\egaccess4_1062.dll -> Dialer.EgroupDial.w : Nettoyé et sauvegardé (mise en quarantaine).
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Instant Access -> Dialer.Generic : Nettoyé et sauvegardé (mise en quarantaine).
HKU\S-1-5-21-1547161642-1390067357-682003330-1004\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{1B68470C-2DEF-493B-8A4A-8E2D81BE4EA5} -> Downloader.Delf : Nettoyé et sauvegardé (mise en quarantaine).
HKU\S-1-5-21-1547161642-1390067357-682003330-1004\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{15ACE85C-0BB1-42D1-9E32-07EB0506675A} -> Downloader.Small.nl : Nettoyé et sauvegardé (mise en quarantaine).
C:\System Volume Information\_restore{830AFB6F-7ED7-41BC-8308-DE1FC256F08B}\RP25\A0195522.exe -> Proxy.Lager.dw : Nettoyé et sauvegardé (mise en quarantaine).
C:\Documents and Settings\Jérémy\Cookies\jérémy@247realmedia[1].txt -> TrackingCookie.247realmedia : Nettoyé.
C:\Documents and Settings\Standard\Cookies\standard@247realmedia[1].txt -> TrackingCookie.247realmedia : Nettoyé.
C:\Documents and Settings\Jérémy\Cookies\jérémy@112.2o7[2].txt -> TrackingCookie.2o7 : Nettoyé.
C:\Documents and Settings\Jérémy\Cookies\jérémy@2o7[2].txt -> TrackingCookie.2o7 : Nettoyé.
C:\Documents and Settings\Standard\Cookies\standard@112.2o7[2].txt -> TrackingCookie.2o7 : Nettoyé.
C:\Documents and Settings\Standard\Cookies\standard@2o7[1].txt -> TrackingCookie.2o7 : Nettoyé.
C:\Documents and Settings\aude-emelyne\Cookies\aude-emelyne@msnportal.112.2o7[1].txt -> TrackingCookie.2o7 : Nettoyé.
C:\Documents and Settings\jeremy\Local Settings\Temp\Cookies\jeremy@2o7[1].txt -> TrackingCookie.2o7 : Nettoyé.
C:\Documents and Settings\jeremy\Local Settings\Temp\Cookies\jeremy@msnaccountservices.112.2o7[1].txt -> TrackingCookie.2o7 : Nettoyé.
C:\Documents and Settings\jeremy\Local Settings\Temp\Cookies\jeremy@msninvite.112.2o7[1].txt -> TrackingCookie.2o7 : Nettoyé.
C:\Documents and Settings\jeremy\Local Settings\Temp\Cookies\jeremy@msnportal.112.2o7[1].txt -> TrackingCookie.2o7 : Nettoyé.
C:\Documents and Settings\jeremy\Local Settings\Temp\Cookies\jeremy@partygaming.122.2o7[1].txt -> TrackingCookie.2o7 : Nettoyé.
C:\Documents and Settings\Jérémy\Cookies\jérémy@ads.addynamix[2].txt -> TrackingCookie.Addynamix : Nettoyé.
C:\Documents and Settings\Standard\Cookies\standard@ads.addynamix[1].txt -> TrackingCookie.Addynamix : Nettoyé.
C:\Documents and Settings\Jérémy\Cookies\jérémy@rotator.adjuggler[1].txt -> TrackingCookie.Adjuggler : Nettoyé.
C:\Documents and Settings\Standard\Cookies\standard@rotator.adjuggler[1].txt -> TrackingCookie.Adjuggler : Nettoyé.
C:\Documents and Settings\Jérémy\Cookies\jérémy@ad.admarketplace[1].txt -> TrackingCookie.Admarketplace : Nettoyé.
C:\Documents and Settings\Standard\Cookies\standard@ad.admarketplace[1].txt -> TrackingCookie.Admarketplace : Nettoyé.
C:\Documents and Settings\Jérémy\Cookies\jérémy@z1.adserver[1].txt -> TrackingCookie.Adserver : Nettoyé.
C:\Documents and Settings\Standard\Cookies\standard@z1.adserver[1].txt -> TrackingCookie.Adserver : Nettoyé.
C:\Documents and Settings\Jérémy\Cookies\jérémy@adtech[2].txt -> TrackingCookie.Adtech : Nettoyé.
C:\Documents and Settings\Standard\Cookies\standard@adtech[2].txt -> TrackingCookie.Adtech : Nettoyé.
C:\Documents and Settings\aude-emelyne\Cookies\aude-emelyne@adtech[2].txt -> TrackingCookie.Adtech : Nettoyé.
C:\Documents and Settings\jeremy\Local Settings\Temp\Cookies\jeremy@adtech[2].txt -> TrackingCookie.Adtech : Nettoyé.
C:\Documents and Settings\Jérémy\Cookies\jérémy@advertising[2].txt -> TrackingCookie.Advertising : Nettoyé.
C:\Documents and Settings\Jérémy\Cookies\jérémy@servedby.advertising[1].txt -> TrackingCookie.Advertising : Nettoyé.
C:\Documents and Settings\Standard\Cookies\standard@advertising[1].txt -> TrackingCookie.Advertising : Nettoyé.
C:\Documents and Settings\Standard\Cookies\standard@servedby.advertising[1].txt -> TrackingCookie.Advertising : Nettoyé.
C:\Documents and Settings\Jérémy\Cookies\jérémy@atdmt[2].txt -> TrackingCookie.Atdmt : Nettoyé.
C:\Documents and Settings\Standard\Cookies\standard@atdmt[2].txt -> TrackingCookie.Atdmt : Nettoyé.
C:\Documents and Settings\Jérémy\Cookies\jérémy@bfast[1].txt -> TrackingCookie.Bfast : Nettoyé.
C:\Documents and Settings\Standard\Cookies\standard@bfast[2].txt -> TrackingCookie.Bfast : Nettoyé.
C:\Documents and Settings\Jérémy\Cookies\jérémy@bluestreak[2].txt -> TrackingCookie.Bluestreak : Nettoyé.
C:\Documents and Settings\Jérémy\Cookies\jérémy@iv2.bluestreak[1].txt -> TrackingCookie.Bluestreak : Nettoyé.
C:\Documents and Settings\Standard\Cookies\standard@bluestreak[1].txt -> TrackingCookie.Bluestreak : Nettoyé.
C:\Documents and Settings\Standard\Cookies\standard@iv2.bluestreak[1].txt -> TrackingCookie.Bluestreak : Nettoyé.
C:\Documents and Settings\jeremy\Local Settings\Temp\Cookies\jeremy@bluestreak[2].txt -> TrackingCookie.Bluestreak : Nettoyé.
C:\Documents and Settings\jeremy\Cookies\jeremy@burstnet[2].txt -> TrackingCookie.Burstnet : Nettoyé.
C:\Documents and Settings\Jérémy\Cookies\jérémy@casalemedia[1].txt -> TrackingCookie.Casalemedia : Nettoyé.
C:\Documents and Settings\Standard\Cookies\standard@casalemedia[1].txt -> TrackingCookie.Casalemedia : Nettoyé.
C:\Documents and Settings\Jérémy\Cookies\jérémy@casinopays[1].txt -> TrackingCookie.Casinopays : Nettoyé.
C:\Documents and Settings\Jérémy\Cookies\jérémy@crbanner.casinopays[2].txt -> TrackingCookie.Casinopays : Nettoyé.
C:\Documents and Settings\Standard\Cookies\standard@casinopays[2].txt -> TrackingCookie.Casinopays : Nettoyé.
C:\Documents and Settings\Standard\Cookies\standard@crbanner.casinopays[2].txt -> TrackingCookie.Casinopays : Nettoyé.
C:\Documents and Settings\Jérémy\Cookies\jérémy@casinotropez[1].txt -> TrackingCookie.Casinotropez : Nettoyé.
C:\Documents and Settings\Standard\Cookies\standard@casinotropez[1].txt -> TrackingCookie.Casinotropez : Nettoyé.
C:\Documents and Settings\Standard\Cookies\standard@www.casinotropez[2].txt -> TrackingCookie.Casinotropez : Nettoyé.
C:\Documents and Settings\Standard\Cookies\standard@centrport[2].txt -> TrackingCookie.Centrport : Nettoyé.
C:\Documents and Settings\Standard\Cookies\standard@cz3.clickzs[2].txt -> TrackingCookie.Clickzs : Nettoyé.
C:\Documents and Settings\Jérémy\Cookies\jérémy@com[2].txt -> TrackingCookie.Com : Nettoyé.
C:\Documents and Settings\Jérémy\Cookies\jérémy@fl01.ct2.comclick[1].txt -> TrackingCookie.Comclick : Nettoyé.
C:\Documents and Settings\Standard\Cookies\standard@fl01.ct2.comclick[1].txt -> TrackingCookie.Comclick : Nettoyé.
C:\Documents and Settings\aude-emelyne\Cookies\aude-emelyne@fl01.ct2.comclick[2].txt -> TrackingCookie.Comclick : Nettoyé.
C:\Documents and Settings\Jérémy\Cookies\jérémy@doubleclick[1].txt -> TrackingCookie.Doubleclick : Nettoyé.
C:\Documents and Settings\Standard\Cookies\standard@doubleclick[1].txt -> TrackingCookie.Doubleclick : Nettoyé.
C:\Documents and Settings\Jérémy\Cookies\jérémy@e-2dj6wjlocjazofo.stats.esomniture[1].txt -> TrackingCookie.Esomniture : Nettoyé.
C:\Documents and Settings\Jérémy\Cookies\jérémy@estat[1].txt -> TrackingCookie.Estat : Nettoyé.
C:\Documents and Settings\Standard\Cookies\standard@estat[1].txt -> TrackingCookie.Estat : Nettoyé.
C:\Documents and Settings\jeremy\Cookies\jeremy@estat[1].txt -> TrackingCookie.Estat : Nettoyé.
C:\Documents and Settings\jeremy\Local Settings\Temp\Cookies\jeremy@estat[1].txt -> TrackingCookie.Estat : Nettoyé.
C:\Documents and Settings\Jérémy\Cookies\jérémy@adopt.euroclick[1].txt -> TrackingCookie.Euroclick : Nettoyé.
C:\Documents and Settings\Standard\Cookies\standard@adopt.euroclick[1].txt -> TrackingCookie.Euroclick : Nettoyé.
C:\Documents and Settings\Jérémy\Cookies\jérémy@as-eu.falkag[1].txt -> TrackingCookie.Falkag : Nettoyé.
C:\Documents and Settings\Jérémy\Cookies\jérémy@sel.as-eu.falkag[1].txt -> TrackingCookie.Falkag : Nettoyé.
C:\Documents and Settings\Standard\Cookies\standard@as-eu.falkag[2].txt -> TrackingCookie.Falkag : Nettoyé.
C:\Documents and Settings\Standard\Cookies\standard@as1.falkag[2].txt -> TrackingCookie.Falkag : Nettoyé.
C:\Documents and Settings\Standard\Cookies\standard@sel.as-eu.falkag[1].txt -> TrackingCookie.Falkag : Nettoyé.
C:\Documents and Settings\aude-emelyne\Cookies\aude-emelyne@as1.falkag[2].txt -> TrackingCookie.Falkag : Nettoyé.
C:\Documents and Settings\jeremy\Local Settings\Temp\Cookies\jeremy@as1.falkag[1].txt -> TrackingCookie.Falkag : Nettoyé.
C:\Documents and Settings\Jérémy\Cookies\jérémy@fastclick[2].txt -> TrackingCookie.Fastclick : Nettoyé.
C:\Documents and Settings\Standard\Cookies\standard@fastclick[2].txt -> TrackingCookie.Fastclick : Nettoyé.
C:\Documents and Settings\Jérémy\Cookies\jérémy@banner.goldenpalace[2].txt -> TrackingCookie.Goldenpalace : Nettoyé.
C:\Documents and Settings\Jérémy\Cookies\jérémy@goldenpalace[2].txt -> TrackingCookie.Goldenpalace : Nettoyé.
C:\Documents and Settings\Jérémy\Cookies\jérémy@www.goldenpalace[1].txt -> TrackingCookie.Goldenpalace : Nettoyé.
C:\Documents and Settings\Standard\Cookies\standard@banner.goldenpalace[2].txt -> TrackingCookie.Goldenpalace : Nettoyé.
C:\Documents and Settings\Standard\Cookies\standard@goldenpalace[1].txt -> TrackingCookie.Goldenpalace : Nettoyé.
C:\Documents and Settings\Standard\Cookies\standard@www.goldenpalace[1].txt -> TrackingCookie.Goldenpalace : Nettoyé.
C:\Documents and Settings\Jérémy\Cookies\jérémy@hitbox[2].txt -> TrackingCookie.Hitbox : Nettoyé.
C:\Documents and Settings\Jérémy\Cookies\jérémy@phg.hitbox[1].txt -> TrackingCookie.Hitbox : Nettoyé.
C:\Documents and Settings\Standard\Cookies\standard@ehg-dig.hitbox[2].txt -> TrackingCookie.Hitbox : Nettoyé.
C:\Documents and Settings\Standard\Cookies\standard@ehg-grosbill.hitbox[1].txt -> TrackingCookie.Hitbox : Nettoyé.
C:\Documents and Settings\Standard\Cookies\standard@hg1.hitbox[2].txt -> TrackingCookie.Hitbox : Nettoyé.
C:\Documents and Settings\Standard\Cookies\standard@hitbox[1].txt -> TrackingCookie.Hitbox : Nettoyé.
C:\Documents and Settings\Standard\Cookies\standard@hotlog[1].txt -> TrackingCookie.Hotlog : Nettoyé.
C:\Documents and Settings\Jérémy\Cookies\jérémy@ivwbox[1].txt -> TrackingCookie.Ivwbox : Nettoyé.
C:\Documents and Settings\Jérémy\Cookies\jérémy@banner.kiwicasino[2].txt -> TrackingCookie.Kiwicasino : Nettoyé.
C:\Documents and Settings\Jérémy\Cookies\jérémy@kiwicasino[1].txt -> TrackingCookie.Kiwicasino : Nettoyé.
C:\Documents and Settings\Jérémy\Cookies\jérémy@sales.liveperson[2].txt -> TrackingCookie.Liveperson : Nettoyé.
C:\Documents and Settings\Standard\Cookies\standard@sales.liveperson[1].txt -> TrackingCookie.Liveperson : Nettoyé.
C:\Documents and Settings\Standard\Cookies\standard@server.iad.liveperson[2].txt -> TrackingCookie.Liveperson : Nettoyé.
C:\Documents and Settings\Jérémy\Cookies\jérémy@lop[1].txt -> TrackingCookie.Lop : Nettoyé.
C:\Documents and Settings\Standard\Cookies\standard@lop[1].txt -> TrackingCookie.Lop : Nettoyé.
C:\Documents and Settings\Standard\Local Settings\Temp\Cookies\standard@lop[1].txt -> TrackingCookie.Lop : Nettoyé.
C:\Documents and Settings\Jérémy\Cookies\jérémy@mediaplex[1].txt -> TrackingCookie.Mediaplex : Nettoyé.
C:\Documents and Settings\Standard\Cookies\standard@mediaplex[1].txt -> TrackingCookie.Mediaplex : Nettoyé.
C:\Documents and Settings\Jérémy\Cookies\jérémy@need2find[1].txt -> TrackingCookie.Need2find : Nettoyé.
C:\Documents and Settings\Standard\Cookies\standard@need2find[1].txt -> TrackingCookie.Need2find : Nettoyé.
C:\Documents and Settings\Jérémy\Cookies\jérémy@stat.onestat[2].txt -> TrackingCookie.Onestat : Nettoyé.
C:\Documents and Settings\Standard\Cookies\standard@stat.onestat[2].txt -> TrackingCookie.Onestat : Nettoyé.
C:\Documents and Settings\Jérémy\Cookies\jérémy@overture[2].txt -> TrackingCookie.Overture : Nettoyé.
C:\Documents and Settings\Jérémy\Cookies\jérémy@perf.overture[1].txt -> TrackingCookie.Overture : Nettoyé.
C:\Documents and Settings\Standard\Cookies\standard@overture[1].txt -> TrackingCookie.Overture : Nettoyé.
C:\Documents and Settings\Jérémy\Cookies\jérémy@paycounter[2].txt -> TrackingCookie.Paycounter : Nettoyé.
C:\Documents and Settings\jeremy\Local Settings\Temp\Cookies\jeremy@ads.planetactive[2].txt -> TrackingCookie.Planetactive : Nettoyé.
C:\Documents and Settings\Jérémy\Cookies\jérémy@ads.pointroll[2].txt -> TrackingCookie.Pointroll : Nettoyé.
C:\Documents and Settings\jeremy\Local Settings\Temp\Cookies\jeremy@ads.pointroll[1].txt -> TrackingCookie.Pointroll : Nettoyé.
C:\Documents and Settings\Jérémy\Cookies\jérémy@questionmarket[1].txt -> TrackingCookie.Questionmarket : Nettoyé.
C:\Documents and Settings\Standard\Cookies\standard@questionmarket[1].txt -> TrackingCookie.Questionmarket : Nettoyé.
C:\Documents and Settings\Jérémy\Cookies\jérémy@stats1.reliablestats[1].txt -> TrackingCookie.Reliablestats : Nettoyé.
C:\Documents and Settings\Standard\Cookies\standard@stats1.reliablestats[1].txt -> TrackingCookie.Reliablestats : Nettoyé.
C:\Documents and Settings\jeremy\Cookies\jeremy@stats1.reliablestats[1].txt -> TrackingCookie.Reliablestats : Nettoyé.
C:\Documents and Settings\jeremy\Local Settings\Temp\Cookies\jeremy@stats1.reliablestats[2].txt -> TrackingCookie.Reliablestats : Nettoyé.
C:\Documents and Settings\Jérémy\Cookies\jérémy@revenue[1].txt -> TrackingCookie.Revenue : Nettoyé.
C:\Documents and Settings\Standard\Cookies\standard@revenue[1].txt -> TrackingCookie.Revenue : Nettoyé.
C:\Documents and Settings\Jérémy\Cookies\jérémy@bs.serving-sys[1].txt -> TrackingCookie.Serving-sys : Nettoyé.
C:\Documents and Settings\Jérémy\Cookies\jérémy@serving-sys[2].txt -> TrackingCookie.Serving-sys : Nettoyé.
C:\Documents and Settings\Standard\Cookies\standard@bs.serving-sys[2].txt -> TrackingCookie.Serving-sys : Nettoyé.
C:\Documents and Settings\Standard\Cookies\standard@serving-sys[2].txt -> TrackingCookie.Serving-sys : Nettoyé.
C:\Documents and Settings\aude-emelyne\Cookies\aude-emelyne@serving-sys[1].txt -> TrackingCookie.Serving-sys : Nettoyé.
C:\Documents and Settings\jeremy\Cookies\jeremy@serving-sys[2].txt -> TrackingCookie.Serving-sys : Nettoyé.
C:\Documents and Settings\jeremy\Local Settings\Temp\Cookies\jeremy@serving-sys[1].txt -> TrackingCookie.Serving-sys : Nettoyé.
C:\Documents and Settings\Jérémy\Cookies\jérémy@cs.sexcounter[2].txt -> TrackingCookie.Sexcounter : Nettoyé.
C:\Documents and Settings\Jérémy\Cookies\jérémy@ws.sexcounter[2].txt -> TrackingCookie.Sexcounter : Nettoyé.
C:\Documents and Settings\Standard\Cookies\standard@cs.sexcounter[2].txt -> TrackingCookie.Sexcounter : Nettoyé.
C:\Documents and Settings\Standard\Cookies\standard@ws.sexcounter[2].txt -> TrackingCookie.Sexcounter : Nettoyé.
C:\Documents and Settings\Jérémy\Cookies\jérémy@sexlist[1].txt -> TrackingCookie.Sexlist : Nettoyé.
C:\Documents and Settings\Standard\Cookies\standard@sexlist[2].txt -> TrackingCookie.Sexlist : Nettoyé.
C:\Documents and Settings\Jérémy\Cookies\jérémy@counter15.sextracker[1].txt -> TrackingCookie.Sextracker : Nettoyé.
C:\Documents and Settings\Jérémy\Cookies\jérémy@counter3.sextracker[1].txt -> TrackingCookie.Sextracker : Nettoyé.
C:\Documents and Settings\Jérémy\Cookies\jérémy@counter6.sextracker[2].txt -> TrackingCookie.Sextracker : Nettoyé.
C:\Documents and Settings\Jérémy\Cookies\jérémy@counter7.sextracker[1].txt -> TrackingCookie.Sextracker : Nettoyé.
C:\Documents and Settings\Jérémy\Cookies\jérémy@sextracker[2].txt -> TrackingCookie.Sextracker : Nettoyé.
C:\Documents and Settings\Standard\Cookies\standard@counter13.sextracker[1].txt -> TrackingCookie.Sextracker : Nettoyé.
C:\Documents and Settings\Standard\Cookies\standard@counter16.sextracker[1].txt -> TrackingCookie.Sextracker : Nettoyé.
C:\Documents and Settings\Standard\Cookies\standard@counter6.sextracker[1].txt -> TrackingCookie.Sextracker : Nettoyé.
C:\Documents and Settings\Standard\Cookies\standard@counter8.sextracker[1].txt -> TrackingCookie.Sextracker : Nettoyé.
C:\Documents and Settings\Standard\Cookies\standard@sextracker[1].txt -> TrackingCookie.Sextracker : Nettoyé.
C:\Documents and Settings\Jérémy\Cookies\jérémy@www.smartadserver[1].txt -> TrackingCookie.Smartadserver : Nettoyé.
C:\Documents and Settings\Standard\Cookies\standard@www.smartadserver[2].txt -> TrackingCookie.Smartadserver : Nettoyé.
C:\Documents and Settings\jeremy\Cookies\jeremy@www.smartadserver[2].txt -> TrackingCookie.Smartadserver : Nettoyé.
C:\Documents and Settings\jeremy\Local Settings\Temp\Cookies\jeremy@www.smartadserver[2].txt -> TrackingCookie.Smartadserver : Nettoyé.
C:\Documents and Settings\Standard\Cookies\standard@statcounter[1].txt -> TrackingCookie.Statcounter : Nettoyé.
C:\Documents and Settings\Jérémy\Cookies\jérémy@tacoda[2].txt -> TrackingCookie.Tacoda : Nettoyé.
C:\Documents and Settings\Standard\Cookies\standard@tacoda[2].txt -> TrackingCookie.Tacoda : Nettoyé.
C:\Documents and Settings\Jérémy\Cookies\jérémy@tradedoubler[1].txt -> TrackingCookie.Tradedoubler : Nettoyé.
C:\Documents and Settings\Standard\Cookies\standard@tradedoubler[2].txt -> TrackingCookie.Tradedoubler : Nettoyé.
C:\Documents and Settings\jeremy\Local Settings\Temp\Cookies\jeremy@tradedoubler[1].txt -> TrackingCookie.Tradedoubler : Nettoyé.
C:\Documents and Settings\Jérémy\Cookies\jérémy@tribalfusion[1].txt -> TrackingCookie.Tribalfusion : Nettoyé.
C:\Documents and Settings\Standard\Cookies\standard@tribalfusion[1].txt -> TrackingCookie.Tribalfusion : Nettoyé.
C:\Documents and Settings\Jérémy\Cookies\jérémy@valueclick[1].txt -> TrackingCookie.Valueclick : Nettoyé.
C:\Documents and Settings\Standard\Cookies\standard@valueclick[1].txt -> TrackingCookie.Valueclick : Nettoyé.
C:\Documents and Settings\Standard\Cookies\standard@server3.web-stat[2].txt -> TrackingCookie.Web-stat : Nettoyé.
C:\Documents and Settings\Jérémy\Cookies\jérémy@weborama[1].txt -> TrackingCookie.Weborama : Nettoyé.
C:\Documents and Settings\Standard\Cookies\standard@weborama[2].txt -> TrackingCookie.Weborama : Nettoyé.
C:\Documents and Settings\aude-emelyne\Cookies\aude-emelyne@weborama[1].txt -> TrackingCookie.Weborama : Nettoyé.
C:\Documents and Settings\jeremy\Cookies\jeremy@weborama[2].txt -> TrackingCookie.Weborama : Nettoyé.
C:\Documents and Settings\jeremy\Local Settings\Temp\Cookies\jeremy@weborama[1].txt -> TrackingCookie.Weborama : Nettoyé.
C:\Documents and Settings\Standard\Cookies\standard@statse.webtrendslive[2].txt -> TrackingCookie.Webtrendslive : Nettoyé.
C:\Documents and Settings\Standard\Cookies\standard@xxxcounter[2].txt -> TrackingCookie.Xxxcounter : Nettoyé.
C:\Documents and Settings\Jérémy\Cookies\jérémy@ad.yieldmanager[2].txt -> TrackingCookie.Yieldmanager : Nettoyé.
C:\Documents and Settings\Standard\Cookies\standard@ad.yieldmanager[1].txt -> TrackingCookie.Yieldmanager : Nettoyé.
C:\Documents and Settings\jeremy\Local Settings\Temp\Cookies\jeremy@ad.yieldmanager[1].txt -> TrackingCookie.Yieldmanager : Nettoyé.
C:\Documents and Settings\Standard\Cookies\standard@zedo[1].txt -> TrackingCookie.Zedo : Nettoyé.
C:\Documents and Settings\jeremy\Local Settings\Temp\Cookies\jeremy@zedo[2].txt -> TrackingCookie.Zedo : Nettoyé.
HKU\S-1-5-21-1547161642-1390067357-682003330-1004\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{B212D577-05B7-4963-911E-4A8588160DFA} -> Trojan.Delf.nj : Nettoyé et sauvegardé (mise en quarantaine).
C:\System Volume Information\_restore{830AFB6F-7ED7-41BC-8308-DE1FC256F08B}\RP25\A0195804.exe -> Trojan.VB.atw : Nettoyé et sauvegardé (mise en quarantaine).
C:\System Volume Information\_restore{830AFB6F-7ED7-41BC-8308-DE1FC256F08B}\RP24\A0190365.dll -> Worm.Banwarum.f : Nettoyé et sauvegardé (mise en quarantaine).
C:\System Volume Information\_restore{830AFB6F-7ED7-41BC-8308-DE1FC256F08B}\RP24\A0191352.dll -> Worm.Banwarum.f : Nettoyé et sauvegardé (mise en quarantaine).
C:\System Volume Information\_restore{830AFB6F-7ED7-41BC-8308-DE1FC256F08B}\RP24\A0193372.dll -> Worm.Banwarum.f : Nettoyé et sauvegardé (mise en quarantaine).
C:\System Volume Information\_restore{830AFB6F-7ED7-41BC-8308-DE1FC256F08B}\RP24\A0193389.dll -> Worm.Banwarum.f : Nettoyé et sauvegardé (mise en quarantaine).
C:\System Volume Information\_restore{830AFB6F-7ED7-41BC-8308-DE1FC256F08B}\RP24\A0193429.dll -> Worm.Banwarum.f : Nettoyé et sauvegardé (mise en quarantaine).
C:\System Volume Information\_restore{830AFB6F-7ED7-41BC-8308-DE1FC256F08B}\RP24\A0194427.dll -> Worm.Banwarum.f : Nettoyé et sauvegardé (mise en quarantaine).
C:\System Volume Information\_restore{830AFB6F-7ED7-41BC-8308-DE1FC256F08B}\RP24\A0194454.dll -> Worm.Banwarum.f : Nettoyé et sauvegardé (mise en quarantaine).
C:\System Volume Information\_restore{830AFB6F-7ED7-41BC-8308-DE1FC256F08B}\RP24\A0189017.exe -> Worm.Glowa.b : Nettoyé et sauvegardé (mise en quarantaine).
C:\System Volume Information\_restore{830AFB6F-7ED7-41BC-8308-DE1FC256F08B}\RP24\A0190013.exe -> Worm.Glowa.b : Nettoyé et sauvegardé (mise en quarantaine).
C:\System Volume Information\_restore{830AFB6F-7ED7-41BC-8308-DE1FC256F08B}\RP24\A0190252.exe -> Worm.Glowa.b : Nettoyé et sauvegardé (mise en quarantaine).
C:\System Volume Information\_restore{830AFB6F-7ED7-41BC-8308-DE1FC256F08B}\RP24\A0190255.exe -> Worm.Glowa.b : Nettoyé et sauvegardé (mise en quarantaine).
C:\System Volume Information\_restore{830AFB6F-7ED7-41BC-8308-DE1FC256F08B}\RP24\A0190361.exe -> Worm.Glowa.b : Nettoyé et sauvegardé (mise en quarantaine).
C:\System Volume Information\_restore{830AFB6F-7ED7-41BC-8308-DE1FC256F08B}\RP24\A0190362.exe -> Worm.Glowa.b : Nettoyé et sauvegardé (mise en quarantaine).
C:\System Volume Information\_restore{830AFB6F-7ED7-41BC-8308-DE1FC256F08B}\RP24\A0190363.exe -> Worm.Glowa.b : Nettoyé et sauvegardé (mise en quarantaine).
C:\System Volume Information\_restore{830AFB6F-7ED7-41BC-8308-DE1FC256F08B}\RP24\A0192379.exe -> Worm.Glowa.b : Nettoyé et sauvegardé (mise en quarantaine).
C:\System Volume Information\_restore{830AFB6F-7ED7-41BC-8308-DE1FC256F08B}\RP24\A0194428.exe -> Worm.Glowa.b : Nettoyé et sauvegardé (mise en quarantaine).
C:\System Volume Information\_restore{830AFB6F-7ED7-41BC-8308-DE1FC256F08B}\RP25\A0196788.exe -> Worm.Glowa.b : Nettoyé et sauvegardé (mise en quarantaine).
C:\System Volume Information\_restore{830AFB6F-7ED7-41BC-8308-DE1FC256F08B}\RP25\A0196789.exe -> Worm.Glowa.b : Nettoyé et sauvegardé (mise en quarantaine).
C:\System Volume Information\_restore{830AFB6F-7ED7-41BC-8308-DE1FC256F08B}\RP25\A0196790.exe -> Worm.Glowa.b : Nettoyé et sauvegardé (mise en quarantaine).
C:\System Volume Information\_restore{830AFB6F-7ED7-41BC-8308-DE1FC256F08B}\RP25\A0196791.exe -> Worm.Glowa.b : Nettoyé et sauvegardé (mise en quarantaine).
C:\System Volume Information\_restore{830AFB6F-7ED7-41BC-8308-DE1FC256F08B}\RP25\A0196792.exe -> Worm.Glowa.b : Nettoyé et sauvegardé (mise en quarantaine).
C:\System Volume Information\_restore{830AFB6F-7ED7-41BC-8308-DE1FC256F08B}\RP25\A0196793.exe -> Worm.Glowa.b : Nettoyé et sauvegardé (mise en quarantaine).
C:\System Volume Information\_restore{830AFB6F-7ED7-41BC-8308-DE1FC256F08B}\RP25\A0196794.exe -> Worm.Glowa.b : Nettoyé et sauvegardé (mise en quarantaine).
C:\System Volume Information\_restore{830AFB6F-7ED7-41BC-8308-DE1FC256F08B}\RP25\A0196795.exe -> Worm.Glowa.b : Nettoyé et sauvegardé (mise en quarantaine).
C:\System Volume Information\_restore{830AFB6F-7ED7-41BC-8308-DE1FC256F08B}\RP25\A0196796.exe -> Worm.Glowa.b : Nettoyé et sauvegardé (mise en quarantaine).
C:\System Volume Information\_restore{830AFB6F-7ED7-41BC-8308-DE1FC256F08B}\RP25\A0196797.exe -> Worm.Glowa.b : Nettoyé et sauvegardé (mise en quarantaine).
C:\System Volume Information\_restore{830AFB6F-7ED7-41BC-8308-DE1FC256F08B}\RP25\A0196798.exe -> Worm.Glowa.b : Nettoyé et sauvegardé (mise en quarantaine).
C:\System Volume Information\_restore{830AFB6F-7ED7-41BC-8308-DE1FC256F08B}\RP25\A0196799.exe -> Worm.Glowa.b : Nettoyé et sauvegardé (mise en quarantaine).
C:\System Volume Information\_restore{830AFB6F-7ED7-41BC-8308-DE1FC256F08B}\RP25\A0196800.exe -> Worm.Glowa.b : Nettoyé et sauvegardé (mise en quarantaine).
C:\System Volume Information\_restore{830AFB6F-7ED7-41BC-8308-DE1FC256F08B}\RP25\A0196801.exe -> Worm.Glowa.b : Nettoyé et sauvegardé (mise en quarantaine).
C:\System Volume Information\_restore{830AFB6F-7ED7-41BC-8308-DE1FC256F08B}\RP25\A0196802.exe -> Worm.Glowa.b : Nettoyé et sauvegardé (mise en quarantaine).
C:\System Volume Information\_restore{830AFB6F-7ED7-41BC-8308-DE1FC256F08B}\RP25\A0196803.exe -> Worm.Glowa.b : Nettoyé et sauvegardé (mise en quarantaine).
C:\System Volume Information\_restore{830AFB6F-7ED7-41BC-8308-DE1FC256F08B}\RP25\A0196804.exe -> Worm.Glowa.b : Nettoyé et sauvegardé (mise en quarantaine).
C:\System Volume Information\_restore{830AFB6F-7ED7-41BC-8308-DE1FC256F08B}\RP25\A0196805.exe -> Worm.Glowa.b : Nettoyé et sauvegardé (mise en quarantaine).
C:\System Volume Information\_restore{830AFB6F-7ED7-41BC-8308-DE1FC256F08B}\RP25\A0196806.exe -> Worm.Glowa.b : Nettoyé et sauvegardé (mise en quarantaine).
C:\WINDOWS\system32\gduiut2.exe -> Worm.Glowa.d : Nettoyé et sauvegardé (mise en quarantaine).


Fin du rapport

Merci encore vraiment pour le temps que vous consacrez à aider les autres, c'est vraiment sympa  

Re,

Reposte un rapport Hijackthis stp.

Le voici

Logfile of HijackThis v1.99.1
Scan saved at 19:19:21, on 06/11/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\LVCOMSX.EXE
C:\Program Files\Logitech\Video\LogiTray.exe
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\MessengerPlus! 3\MsgPlus.exe
C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
C:\PROGRA~1\NUMERI~1\MONASS~1\SMARTB~1\MotiveSB.exe
C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mmtask.exe
C:\WINDOWS\system32\adirss.exe
C:\PROGRA~1\Grisoft\AVG7\avgcc.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Google\GoogleToolbarNotifier\1.0.720.3640\GoogleToolbarNotifier.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpohmr08.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe
C:\Program Files\Logitech\MouseWare\system\em_exec.exe
c:\Program Files\Numericable\Mon Assistant Internet\bin\mad.exe
C:\Program Files\Logitech\Video\FxSvr2.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpoevm08.exe
c:\Program Files\Numericable\Mon Assistant Internet\bin\mpbtn.exe
C:\PROGRA~1\Motive\ASSTCO~1\MOTIVE~1.EXE
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
C:\PROGRA~1\Grisoft\AVG7\avgemc.exe
C:\WINDOWS\system32\drivers\CDAC11BA.EXE
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\Bin\hpoSTS08.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Documents and Settings\aude-emelyne\Local Settings\Temporary Internet Files\Content.IE5\UPERGH0J\HijackThis[1].exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Internet Explorer par NUMERICABLE
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = 127.0.0.1;;localhost;<local>
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - C:\Program Files\MSN Apps\ST\01.03.0000.1005\en-xu\stmain.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: ASGP32.ASGP - {BB89F547-37EC-4920-880C-9D553B1C788C} - C:\WINDOWS\system32\asgp32.dll
O2 - BHO: MSNToolBandBHO - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\MSN Toolbar\01.02.5000.1021\fr\msntb.dll
O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\MSN Toolbar\01.02.5000.1021\fr\msntb.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O4 - HKLM\..\Run: [Logitech Utility] Logi_MwX.Exe
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe
O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [MessengerPlus3] "C:\Program Files\MessengerPlus! 3\MsgPlus.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
O4 - HKLM\..\Run: [Motive SmartBridge] C:\PROGRA~1\NUMERI~1\MONASS~1\SMARTB~1\MotiveSB.exe
O4 - HKLM\..\Run: [mmtask] "C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mmtask.exe"
O4 - HKLM\..\Run: [adir] C:\WINDOWS\system32\adirss.exe
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVG7\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [LogitechSoftwareUpdate] "C:\Program Files\Logitech\Video\ManifestEngine.exe" boot
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.0.720.3640\GoogleToolbarNotifier.exe
O4 - Global Startup: hp psc 1000 series.lnk = ?
O4 - Global Startup: hpoddt01.exe.lnk = ?
O4 - Global Startup: Mon Assistant Internet.lnk = C:\Program Files\Numericable\Mon Assistant Internet\bin\matcli.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: c:\windows\system32\avgfwafu.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\avgfwafu.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\avgfwafu.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\avgfwafu.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\avgfwafu.dll
O12 - Plugin for .tif: C:\Program Files\Internet Explorer\PLUGINS\npqtplugin7.dll
O16 - DPF: {1CD4E2DC-2DA0-4154-8723-38CB04FB6A58} - http://scripts.dlv4.com/binaries/egaccess4/egaccess4_10...
O16 - DPF: {2B323CD9-50E3-11D3-9466-00A0C9700498} (Yahoo! Audio Conferencing) - http://us.chat1.yimg.com/us.yimg.com/i/chat/applet/v45/...
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/2005111401/housecall...
O16 - DPF: {7D1E9C49-BD6A-11D3-87A8-009027A35D73} (Yahoo! Audio UI1) - http://chat.yahoo.com/cab/yacsui.cab
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O20 - AppInit_DLLs: MsgPlusLoader.dll
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgemc.exe
O23 - Service: AVG Firewall (AVGFwSrv) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgfwsrv.exe
O23 - Service: Boonty Games - BOONTY - C:\Program Files\Fichiers communs\BOONTY Shared\Service\Boonty.exe
O23 - Service: C-DillaCdaC11BA - Macrovision - C:\WINDOWS\system32\drivers\CDAC11BA.EXE
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe

Re,

- Lance Hijackthis ->Do a system scan only
->Coche les lignes ci-dessous :

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = 127.0.0.1;;localhost;<local>
O4 - HKLM\..\Run: [adir] C:\WINDOWS\system32\adirss.exe

Clique sur Fix checked (en bas à gauche)

- Assure toi d'avoir accès aux dossiers/fichiers cachés
-> Démarrer
-> Panneau de configuration
-> Options des Dossiers, onglet Affichage :
. Clique sur Afficher les dossiers cachés
. Décoche Masquer les extensions des fichiers dont le type est connu
. Décoche Masquer les fichiers protégés du système d'exploitation

Supprime :
C:\WINDOWS\system32\adirss.exe

coucou  
J'ai fait tout ce que tu m'as marqué, sauf "supprime c:/windows/system32/adirss.exe
car je ne sais pas ou je dois le supprimer ?

Sinon, qu'à révéler l'analyse de mon ordi ?
Pour le moment j'ai toujours la pub qui revient...

Poste de travail-> C:-> Windows-> System32-> Supprime adirss.exe

Reposte ensuite un rapport Hijackthis.

Voila voilou  

Logfile of HijackThis v1.99.1
Scan saved at 10:17:59, on 07/11/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\LVCOMSX.EXE
C:\Program Files\Logitech\Video\LogiTray.exe
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\MessengerPlus! 3\MsgPlus.exe
C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
C:\Program Files\Logitech\MouseWare\system\em_exec.exe
C:\PROGRA~1\NUMERI~1\MONASS~1\SMARTB~1\MotiveSB.exe
C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mmtask.exe
C:\PROGRA~1\Grisoft\AVG7\avgcc.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Google\GoogleToolbarNotifier\1.0.720.3640\GoogleToolbarNotifier.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpohmr08.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe
c:\Program Files\Numericable\Mon Assistant Internet\bin\mad.exe
C:\PROGRA~1\Motive\ASSTCO~1\MOTIVE~1.EXE
C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpoevm08.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
C:\PROGRA~1\Grisoft\AVG7\avgemc.exe
C:\WINDOWS\system32\drivers\CDAC11BA.EXE
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Logitech\Video\FxSvr2.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\Bin\hpoSTS08.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Documents and Settings\aude-emelyne\Local Settings\Temporary Internet Files\Content.IE5\29WRKHYP\HijackThis[1].exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Internet Explorer par NUMERICABLE
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - C:\Program Files\MSN Apps\ST\01.03.0000.1005\en-xu\stmain.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: ASGP32.ASGP - {BB89F547-37EC-4920-880C-9D553B1C788C} - C:\WINDOWS\system32\asgp32.dll
O2 - BHO: MSNToolBandBHO - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\MSN Toolbar\01.02.5000.1021\fr\msntb.dll
O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\MSN Toolbar\01.02.5000.1021\fr\msntb.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O4 - HKLM\..\Run: [Logitech Utility] Logi_MwX.Exe
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe
O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [MessengerPlus3] "C:\Program Files\MessengerPlus! 3\MsgPlus.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
O4 - HKLM\..\Run: [Motive SmartBridge] C:\PROGRA~1\NUMERI~1\MONASS~1\SMARTB~1\MotiveSB.exe
O4 - HKLM\..\Run: [mmtask] "C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mmtask.exe"
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVG7\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [LogitechSoftwareUpdate] "C:\Program Files\Logitech\Video\ManifestEngine.exe" boot
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.0.720.3640\GoogleToolbarNotifier.exe
O4 - Global Startup: hp psc 1000 series.lnk = ?
O4 - Global Startup: hpoddt01.exe.lnk = ?
O4 - Global Startup: Mon Assistant Internet.lnk = C:\Program Files\Numericable\Mon Assistant Internet\bin\matcli.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: c:\windows\system32\avgfwafu.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\avgfwafu.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\avgfwafu.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\avgfwafu.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\avgfwafu.dll
O12 - Plugin for .tif: C:\Program Files\Internet Explorer\PLUGINS\npqtplugin7.dll
O16 - DPF: {1CD4E2DC-2DA0-4154-8723-38CB04FB6A58} - http://scripts.dlv4.com/binaries/egaccess4/egaccess4_10...
O16 - DPF: {2B323CD9-50E3-11D3-9466-00A0C9700498} (Yahoo! Audio Conferencing) - http://us.chat1.yimg.com/us.yimg.com/i/chat/applet/v45/...
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/2005111401/housecall...
O16 - DPF: {7D1E9C49-BD6A-11D3-87A8-009027A35D73} (Yahoo! Audio UI1) - http://chat.yahoo.com/cab/yacsui.cab
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O20 - AppInit_DLLs: MsgPlusLoader.dll
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgemc.exe
O23 - Service: AVG Firewall (AVGFwSrv) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgfwsrv.exe
O23 - Service: Boonty Games - BOONTY - C:\Program Files\Fichiers communs\BOONTY Shared\Service\Boonty.exe
O23 - Service: C-DillaCdaC11BA - Macrovision - C:\WINDOWS\system32\drivers\CDAC11BA.EXE
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe

Bonjour,

Télécharge Blacklight (de F-Secure); clique sur "I ACCEPT" au bas de la page. Sauvegarde le sur ton Bureau.

Double-clique blbeta.exe et accepte la licence; clique Scan puis Next

Tu verras une liste de fichiers détectés apparaître. Tu verras également un rapport, sur ton Bureau, nommé fsbl.xxxxxxx.log (les xxxxxxx sont des chiffres).

Copie et colle le contenu de ce rapport dans ta prochaine réponse. NE PAS choisir l'option "Rename" de suite : nous devons analyser le rapport, car des fichiers légitimes peuvent être présents, tel wbemtest.exe

Tu peux consulter le tutorial de F-Secure BlackLight : (merci à Malekal)

http://www.malekal.com/tutorial_f-secure_BlackLight.htm...

je suis en train de le faire, une question toutefois, pourquoi je dois faire autant de scan ou de rapport ? Ils sont différents ?  

Voici le nouveau rapport

11/07/06 13:10:10 [Info]: BlackLight Engine 1.0.47 initialized
11/07/06 13:10:10 [Info]: OS: 5.1 build 2600 (Service Pack 2)
11/07/06 13:10:10 [Note]: 7019 4
11/07/06 13:10:10 [Note]: 7005 0
11/07/06 13:10:13 [Note]: 7006 0
11/07/06 13:10:13 [Note]: 7011 1680
11/07/06 13:10:13 [Note]: 7026 0
11/07/06 13:10:13 [Note]: 7026 0
11/07/06 13:10:13 [Note]: 7024 3
11/07/06 13:10:13 [Info]: Hidden process: C:\windows\system32\fbhycenldp.exe
11/07/06 13:10:13 [Note]: 7024 3
11/07/06 13:10:13 [Info]: Hidden process: C:\windows\system32\fbhycenldp.exe
11/07/06 13:10:13 [Note]: FSRAW library version 1.7.1020
11/07/06 13:17:20 [Info]: Hidden file: c:\WINDOWS\Prefetch\FBHYCENLDP.EXE-333D5F34.pf
11/07/06 13:17:20 [Note]: 10002 1
11/07/06 13:17:22 [Info]: Hidden file: c:\WINDOWS\system32\fbhycenldp.dat
11/07/06 13:17:22 [Note]: 10002 1
11/07/06 13:17:22 [Info]: Hidden file: C:\windows\system32\fbhycenldp.exe
11/07/06 13:17:22 [Note]: 10002 1
11/07/06 13:17:22 [Info]: Hidden file: c:\WINDOWS\system32\fbhycenldp_nav.dat
11/07/06 13:17:22 [Note]: 10002 1
11/07/06 13:17:22 [Info]: Hidden file: c:\WINDOWS\system32\fbhycenldp_navps.dat
11/07/06 13:17:22 [Note]: 10002 1

comment instaler (programme) l'antus virus dans l'ordinateur

comment impluque ças dans la machine

Re,

1/ il sont différents
2/ pas pour les mêmes infections

Là on vient de trouver la raison des pubs.

La procédure est longue et en partie en mode sans échec,
imprime ou mets dans un fichier texte les instructions.
Les manipulations sont à faire sans interruption et dans l'ordre.
Si tu ne comprends pas quelque chose, demande des explications avant de commencer.

Télécharge:

Brute Force Uninstaller
Créé un nouveau dossier directement sur le C:\ et nomme-le BFU. Décompresse le fichier téléchargé dans ce nouveau dossier (C:\BFU)

FAIS UN CLIC-DROIT ICI et choisis "Enregistrer la cible du lien sous..." afin de
télécharger EGDACCESS.bfu (de Metallica). Sauvegarde-le dans le dossier créé (C:\BFU).
**Note : si tu utlises Internet Explorer; lors de la sauvegarde, assure-toi que le champs "Type :" affiche "Tous les fichiers". Tu dois maintenant avoir deux fichiers dans le dossier C:\BFU : EGDACCESS.bfu et BFU.exe (très important).

AIDE : Comment installer et utiliser BFU ?

Ouvre le Bloc-Notes et copie-colle les lignes en bleu ci-dessous :

RegDeleteKey HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\fbhycenldp
RegDelValue HKLM\Software\Microsoft\Windows\CurrentVersion\Run|fbhycenldp
FileDelete %SYSDIR%\fbhycenldp_navps.dat
FileDelete %SYSDIR%\fbhycenldp_nav.dat
FileDelete %SYSDIR%\fbhycenldp.dat
FileDelete %SYSDIR%\fbhycenldp.exe
FileDelete %WINDIR%\PREFETCH\fbhycenldp.exe*.pf

SystemEmptyRecycleBin

FileDelete C:\egd.txt
SystemRun regedit|/e C:\egd.txt "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run"|0

OptionBFUExit

Sauvegarde dans le dossier créé (C:\BFU) (Nom du fichier : "Fixme.bfu " -sans inclure les guillemets- ; Type : Tous les fichiers).

Redémarre en mode Sans Échec : au redémarrage, tapote immédiatement la touche F8; tu verras un écran avec choix de démarrages apparaître. Utilisant les flèches du clavier, choisis "Mode Sans Échec" et valide avec "Entrée". Choisis ton compte usuel, et non Administrateur.

Démarre "Brute Force Uninstaller" en double-cliquant BFU.exe (du dossier C:\BFU)

- Clique sur le petit dossier jaune, à la droite de la boîte Scriptline to execute, et double-clique sur :

EGDACCESS.bfu

- Dans la boîte "Scriptline to execute", tu devrais maintenant voir ceci : C:\BFU\EGDACCESS.bfu

Clique sur Execute et laisse-le faire son travail.

Attends que Complete script execution apparaîsse pour cliquer sur OK.
Clique ensuite sur Exit pour fermer le programme BFU.

Relance ensuite BFU

- Clique sur le petit dossier jaune, à la droite de la boîte Scriptline to execute, et double-clique sur :

Fixme.bfu

Clique sur Execute et laisse-le faire son travail.

Redémarre normalement.

Poste les rapports situés ici :
C:\egd.txt
accompagné d'un rapport Hijackthis.

NOTE :

Si tu ne sais pas où trouver le Bloc-Notes, voici comment le trouver rapidement :
Démarrer-> Exécuter...-> Tape Notepad puis valide

AIDE : Tuto de Lazzzy

je vais essayer de faire tout cela, j'ai un peu de temps...je vous tiens au courant  

Rapport C:/edg.txt

Windows Registry Editor Version 5.00

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Logitech Utility"="Logi_MwX.Exe"
"LVCOMSX"="C:\\WINDOWS\\system32\\LVCOMSX.EXE"
"LogitechVideoRepair"="C:\\Program Files\\Logitech\\Video\\ISStart.exe"
"LogitechVideoTray"="C:\\Program Files\\Logitech\\Video\\LogiTray.exe"
"TkBellExe"="\"C:\\Program Files\\Fichiers communs\\Real\\Update_OB\\realsched.exe\" -osboot"
"QuickTime Task"="\"C:\\Program Files\\QuickTime\\qttask.exe\" -atboottime"
"MessengerPlus3"="\"C:\\Program Files\\MessengerPlus! 3\\MsgPlus.exe\""
"SunJavaUpdateSched"="C:\\Program Files\\Java\\jre1.5.0_06\\bin\\jusched.exe"
"Motive SmartBridge"="C:\\PROGRA~1\\NUMERI~1\\MONASS~1\\SMARTB~1\\MotiveSB.exe"
"mmtask"="\"C:\\Program Files\\MUSICMATCH\\MUSICMATCH Jukebox\\mmtask.exe\""
"AVG7_CC"="C:\\PROGRA~1\\Grisoft\\AVG7\\avgcc.exe /STARTUP"
"!AVG Anti-Spyware"="\"C:\\Program Files\\Grisoft\\AVG Anti-Spyware 7.5\\avgas.exe\" /minimized"

Rapport Hijackthis :

Logfile of HijackThis v1.99.1
Scan saved at 16:33:42, on 07/11/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\LVCOMSX.EXE
C:\Program Files\Logitech\MouseWare\system\em_exec.exe
C:\Program Files\Logitech\Video\LogiTray.exe
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\MessengerPlus! 3\MsgPlus.exe
C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
C:\PROGRA~1\NUMERI~1\MONASS~1\SMARTB~1\MotiveSB.exe
C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mmtask.exe
C:\PROGRA~1\Grisoft\AVG7\avgcc.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Google\GoogleToolbarNotifier\1.0.720.3640\GoogleToolbarNotifier.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpohmr08.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe
C:\Program Files\Logitech\Video\FxSvr2.exe
c:\Program Files\Numericable\Mon Assistant Internet\bin\mad.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpoevm08.exe
c:\Program Files\Numericable\Mon Assistant Internet\bin\mpbtn.exe
C:\PROGRA~1\Motive\ASSTCO~1\MOTIVE~1.EXE
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
C:\PROGRA~1\Grisoft\AVG7\avgemc.exe
C:\WINDOWS\system32\drivers\CDAC11BA.EXE
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\Bin\hpoSTS08.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Documents and Settings\aude-emelyne\Mes documents\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Internet Explorer par NUMERICABLE
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - C:\Program Files\MSN Apps\ST\01.03.0000.1005\en-xu\stmain.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: ASGP32.ASGP - {BB89F547-37EC-4920-880C-9D553B1C788C} - C:\WINDOWS\system32\asgp32.dll
O2 - BHO: MSNToolBandBHO - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\MSN Toolbar\01.02.5000.1021\fr\msntb.dll
O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\MSN Toolbar\01.02.5000.1021\fr\msntb.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O4 - HKLM\..\Run: [Logitech Utility] Logi_MwX.Exe
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe
O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [MessengerPlus3] "C:\Program Files\MessengerPlus! 3\MsgPlus.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
O4 - HKLM\..\Run: [Motive SmartBridge] C:\PROGRA~1\NUMERI~1\MONASS~1\SMARTB~1\MotiveSB.exe
O4 - HKLM\..\Run: [mmtask] "C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mmtask.exe"
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVG7\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [LogitechSoftwareUpdate] "C:\Program Files\Logitech\Video\ManifestEngine.exe" boot
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.0.720.3640\GoogleToolbarNotifier.exe
O4 - Global Startup: hp psc 1000 series.lnk = ?
O4 - Global Startup: hpoddt01.exe.lnk = ?
O4 - Global Startup: Mon Assistant Internet.lnk = C:\Program Files\Numericable\Mon Assistant Internet\bin\matcli.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: c:\windows\system32\avgfwafu.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\avgfwafu.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\avgfwafu.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\avgfwafu.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\avgfwafu.dll
O12 - Plugin for .tif: C:\Program Files\Internet Explorer\PLUGINS\npqtplugin7.dll
O16 - DPF: {2B323CD9-50E3-11D3-9466-00A0C9700498} (Yahoo! Audio Conferencing) - http://us.chat1.yimg.com/us.yimg.com/i/chat/applet/v45/...
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/2005111401/housecall...
O16 - DPF: {7D1E9C49-BD6A-11D3-87A8-009027A35D73} (Yahoo! Audio UI1) - http://chat.yahoo.com/cab/yacsui.cab
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O20 - AppInit_DLLs: MsgPlusLoader.dll
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgemc.exe
O23 - Service: AVG Firewall (AVGFwSrv) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgfwsrv.exe
O23 - Service: Boonty Games - BOONTY - C:\Program Files\Fichiers communs\BOONTY Shared\Service\Boonty.exe
O23 - Service: C-DillaCdaC11BA - Macrovision - C:\WINDOWS\system32\drivers\CDAC11BA.EXE
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe

Ca me semble OK pour egd.txt.

----------
-> Démarrer
-> Exécuter...
Tape Services.msc puis valide
Double clique sur " Boonty Games "
Type de démarrage : " Désactiver "
Clique en bas sur " Arrêter "
Valide les changements.
-----
Ouvre Hijackthis puis:
-> Open the Misc Tools Section
-> Delete an NT Service
Tape " BOONTY " puis valide.
----------

Supprime :
C:\Program Files\Fichiers communs\BOONTY Shared\

Pour type de démarrage "désactivé" OK Mais je ne peux pas cliquer sur "arréter"
Quand je tape BOONTY dans hikackthis, il me dit qu'il ne peut faire la manip car il ne trouve pas le fichier

Pas grave, supprime le dossier.

comment on fait déjà ? c'est bien dans C :
Je ne le trouve pas

EDIT : je l'ai trouvé  

Dites, est ce que l'analyse est terminée ?
Je n'ai plus aucune pub c'est génial  
Mais j'ai encore spyweb.net qui s'affiche sur ma page  

Re,


-> on a aps finit alors

- Télécharge DiagHelp.zip sur ton bureau
- Ne double-clic pas dessus !! Fais un clic droit sur le fichier et extraire tout
- Un nouveau dossier chercher va être créé DiagHelp
- Ouvre le et double-clic sur go.cmd (le .cmd peut ne pas apparaître)
- Une fenêtre va s'ouvrir, choisis l'option 1
- L'analyse va commencer, ceci peut durer quelques minutes, laisse faire et appuie sur une touche quand on te le demande
- Copie/colle le contenu du bloc-note qui s'ouvre, pour cela :
-- Dans le bloc-note, cliquez sur le menu Edition / Selectionner tout
-- A nouveau menu Edition / copier
-- Dans un nouveau message ici, faire un clic droit / coller

Le voici    

C:\WINDOWS\System32\stfv.bin -->08/11/2006 18:25:49
C:\WINDOWS\System32\LVCOMSX.LOG -->08/11/2006 18:11:54
C:\WINDOWS\System32\tmp.txt -->05/11/2006 14:46:55
C:\WINDOWS\System32\tmp.reg -->05/11/2006 14:46:55
C:\WINDOWS\System32\swsc.exe -->05/11/2006 14:32:24
C:\WINDOWS\System32\swreg.exe -->05/11/2006 14:32:24
C:\WINDOWS\System32\SrchSTS.exe -->05/11/2006 14:32:24
C:\WINDOWS\System32\Process.exe -->05/11/2006 14:32:23
C:\WINDOWS\System32\avgfwafu.dll -->02/11/2006 19:50:11
C:\WINDOWS\System32\CONFIG.NT -->02/11/2006 19:41:37
C:\WINDOWS\System32\se.exe.exe -->02/11/2006 18:47:51
C:\WINDOWS\System32\asgp32.dll -->02/11/2006 14:24:04
C:\WINDOWS\System32\intr32.dll -->02/11/2006 14:23:57
C:\WINDOWS\System32\revvrggi.exe -->02/11/2006 14:23:55
C:\WINDOWS\System32\PerfStringBackup.INI -->30/10/2006 11:27:22
C:\WINDOWS\System32\perfh00C.dat -->30/10/2006 11:27:22
C:\WINDOWS\System32\perfh009.dat -->30/10/2006 11:27:22
C:\WINDOWS\System32\perfc00C.dat -->30/10/2006 11:27:22
C:\WINDOWS\System32\perfc009.dat -->30/10/2006 11:27:22
C:\WINDOWS\System32\wpa.dbl -->30/10/2006 11:24:51
C:\WINDOWS\System32\FNTCACHE.DAT -->13/10/2006 15:08:26
C:\WINDOWS\System32\nscompat.tlb -->01/10/2006 10:22:13
C:\WINDOWS\System32\amcompat.tlb -->01/10/2006 10:22:13
C:\WINDOWS\System32\qtplugin.log -->30/06/2006 17:32:55
C:\WINDOWS\System32\lvcoinst.log -->25/06/2006 19:34:16

C:\WINDOWS\WindowsUpdate.log -->08/11/2006 18:17:45
C:\WINDOWS\0.log -->08/11/2006 18:12:01
C:\WINDOWS\wiadebug.log -->08/11/2006 18:12:00
C:\WINDOWS\wiaservc.log -->08/11/2006 18:11:59
C:\WINDOWS\bootstat.dat -->08/11/2006 18:11:39
C:\WINDOWS\SchedLgU.Txt -->07/11/2006 22:54:48
C:\WINDOWS\ntbtlog.txt -->07/11/2006 16:26:11
C:\WINDOWS\tsc.ini -->04/11/2006 19:40:14
C:\WINDOWS\win.ini -->04/11/2006 16:20:13
C:\WINDOWS\vsapi32.dll -->03/11/2006 19:06:03
C:\WINDOWS\VPTNFILE.901 -->03/11/2006 19:06:03
C:\WINDOWS\tsc.ptn -->03/11/2006 19:06:03
C:\WINDOWS\tsc.exe -->03/11/2006 19:06:03
C:\WINDOWS\LPT$VPN.901 -->03/11/2006 19:06:03
C:\WINDOWS\hcextoutput.dll -->03/11/2006 19:06:03

C:\WINDOWS\bwUnin-6.1.4.61-8876480L.exe |COMPANY |01/09/2005 18:22:57
C:\WINDOWS\bwUnin-6.1.4.68-8876480L.exe |COMPANY |21/09/2005 11:47:31
C:\WINDOWS\IsUn040c.exe |InstallShield Software Corporation |21/09/2005 11:47:55
C:\WINDOWS\IsUninst.exe |InstallShield Software Corporation |01/09/2005 18:42:29
C:\WINDOWS\LOGI_MWX.EXE |Logitech Inc. |01/09/2005 18:20:55
C:\WINDOWS\PATCH.EXE |Trend Micro Inc. |03/11/2006 19:04:02
C:\WINDOWS\runtsckl.exe |Trend Micro Inc. |02/11/2005 18:07:12
C:\WINDOWS\tsc.exe |Trend Micro Inc. |03/11/2006 19:06:03
C:\WINDOWS\twunk_16.exe |Twain Working Group |05/08/2004 13:00:00
C:\WINDOWS\twunk_32.exe |Twain Working Group |05/08/2004 13:00:00
C:\WINDOWS\unvise32qt.exe |MindVision |28/01/2006 06:59:29
C:\WINDOWS\AuHCcup1.dll |COMPANY |23/07/1999 10:53:20
C:\WINDOWS\BPMNT.dll |Trend Micro Inc. |03/11/2006 19:06:03
C:\WINDOWS\hcextoutput.dll |COMPANY |03/11/2006 19:06:03
C:\WINDOWS\loadhttp.dll |Trend Micro Inc. |15/10/2002 14:29:40
C:\WINDOWS\patchw32.dll |COMPANY |14/12/2001 13:34:46
C:\WINDOWS\TMUPDATE.DLL |Trend Micro Inc. |03/11/2006 19:04:03
C:\WINDOWS\twain.dll |Groupe de travail Twain |05/08/2004 13:00:00
C:\WINDOWS\twain_32.dll |Groupe de travail Twain |05/08/2004 13:00:00
C:\WINDOWS\UNZIP.DLL |Trend Micro Inc. |03/11/2006 19:04:02
C:\WINDOWS\vsapi32.dll |Trend Micro Inc. |03/11/2006 19:06:03
C:\WINDOWS\system32\append.exe |COMPANY |05/08/2004 13:00:00
C:\WINDOWS\system32\debug.exe |COMPANY |05/08/2004 13:00:00
C:\WINDOWS\system32\DivXsm.exe |COMPANY |09/08/2005 23:13:59
C:\WINDOWS\system32\dosx.exe |COMPANY |05/08/2004 13:00:00
C:\WINDOWS\system32\dvdplay.exe |COMPANY |23/08/2001 18:47:34
C:\WINDOWS\system32\edlin.exe |COMPANY |05/08/2004 13:00:00
C:\WINDOWS\system32\exe2bin.exe |COMPANY |05/08/2004 13:00:00
C:\WINDOWS\system32\fastopen.exe |COMPANY |05/08/2004 13:00:00
C:\WINDOWS\system32\HPZinw12.exe |HP |01/09/2005 18:08:50
C:\WINDOWS\system32\HPZipm12.exe |HP |01/09/2005 18:08:49
C:\WINDOWS\system32\InstMed.exe |COMPANY |21/09/2005 11:48:17
C:\WINDOWS\system32\java.exe |Sun Microsystems, Inc. |17/05/2006 19:31:21
C:\WINDOWS\system32\javaw.exe |Sun Microsystems, Inc. |17/05/2006 19:31:21
C:\WINDOWS\system32\javaws.exe |Sun Microsystems, Inc. |17/05/2006 19:31:21
C:\WINDOWS\system32\LVCOMSX.EXE |Logitech Inc. |21/05/2004 18:11:22
C:\WINDOWS\system32\mem.exe |COMPANY |05/08/2004 13:00:00
C:\WINDOWS\system32\mscdexnt.exe |COMPANY |05/08/2004 13:00:00
C:\WINDOWS\system32\nlsfunc.exe |COMPANY |05/08/2004 13:00:00
C:\WINDOWS\system32\Process.exe |http://www.beyondlogic.org |05/11/2006 14:32:36
C:\WINDOWS\system32\pxcpya64.exe |Sonic Solutions |09/09/2006 05:40:34
C:\WINDOWS\system32\pxcpyi64.exe |Sonic Solutions |09/09/2006 05:40:34
C:\WINDOWS\system32\pxhpinst.exe |Sonic Solutions |09/09/2006 05:40:33
C:\WINDOWS\system32\pxinsa64.exe |Sonic Solutions |09/09/2006 05:40:33
C:\WINDOWS\system32\pxinsi64.exe |Sonic Solutions |09/09/2006 05:40:33
C:\WINDOWS\system32\redir.exe |COMPANY |05/08/2004 13:00:00
C:\WINDOWS\system32\revvrggi.exe |COMPANY |02/11/2006 14:23:55
C:\WINDOWS\system32\se.exe.exe |COMPANY |02/11/2006 14:23:59
C:\WINDOWS\system32\setver.exe |COMPANY |05/08/2004 13:00:00
C:\WINDOWS\system32\share.exe |COMPANY |05/08/2004 13:00:00
C:\WINDOWS\system32\SrchSTS.exe |S!Ri |05/11/2006 14:32:37
C:\WINDOWS\system32\swreg.exe |SteelWerX |05/11/2006 14:32:36
C:\WINDOWS\system32\swsc.exe |COMPANY |05/11/2006 14:32:37
C:\WINDOWS\system32\usrmlnka.exe |U.S. Robotics Corporation |23/08/2001 18:47:48
C:\WINDOWS\system32\usrprbda.exe |U.S. Robotics Corporation |23/08/2001 18:47:48
C:\WINDOWS\system32\usrshuta.exe |U.S. Robotics Corporation |23/08/2001 18:47:48
C:\WINDOWS\system32\a3d.dll |Sensaura Ltd |11/10/2005 18:34:27
C:\WINDOWS\system32\amstream.dll |COMPANY |05/08/2004 13:00:00
C:\WINDOWS\system32\asgp32.dll |Laguna Media |02/11/2006 14:24:03
C:\WINDOWS\system32\atmfd.dll |Adobe Systems Incorporated |05/08/2004 13:00:00
C:\WINDOWS\system32\atmlib.dll |Adobe Systems |05/08/2004 13:00:00
C:\WINDOWS\system32\avgfwafu.dll |GRISOFT, s.r.o. |02/11/2006 19:50:11
C:\WINDOWS\system32\COMNCTR.DLL |Logitech Inc. |01/09/2005 18:20:58
C:\WINDOWS\system32\compatUI.dll |COMPANY |05/08/2004 13:00:00
C:\WINDOWS\system32\dgrpsetu.dll |Digi International, Inc. |01/09/2005 18:59:26
C:\WINDOWS\system32\dgsetup.dll |Digi International |05/08/2004 13:00:00
C:\WINDOWS\system32\DivX.dll |DivXNetworks |28/09/2005 22:29:12
C:\WINDOWS\system32\divx_xx07.dll |DivXNetworks |28/09/2005 22:29:10
C:\WINDOWS\system32\divx_xx0c.dll |DivXNetworks |28/09/2005 22:29:10
C:\WINDOWS\system32\divx_xx11.dll |DivXNetworks |28/09/2005 22:29:10
C:\WINDOWS\system32\dpl100.dll |DivXNetworks |27/10/2005 20:37:44
C:\WINDOWS\system32\dpu10.dll |DivXNetworks |27/10/2005 20:37:43
C:\WINDOWS\system32\dpu11.dll |DivXNetworks |27/10/2005 20:37:43
C:\WINDOWS\system32\dpuGUI10.dll |DivXNetworks |27/10/2005 20:37:47
C:\WINDOWS\system32\dpuGUI11.dll |DivXNetworks |27/10/2005 20:37:44
C:\WINDOWS\system32\dpus11.dll |DivXNetworks |27/10/2005 20:37:43
C:\WINDOWS\system32\dpv11.dll |DivXNetworks |27/10/2005 20:37:43
C:\WINDOWS\system32\dtu100.dll |DivXNetworks |27/10/2005 20:37:43
C:\WINDOWS\system32\Dunzip32.dll |Inner Media, Inc. |16/12/2005 15:49:40
C:\WINDOWS\system32\Duzactx.dll |Inner Media, Inc. |16/12/2005 15:49:41
C:\WINDOWS\system32\Dzactx.dll |Inner Media, Inc. |16/12/2005 15:49:41
C:\WINDOWS\system32\Dzip32.dll |Inner Media, Inc. |16/12/2005 15:49:41
C:\WINDOWS\system32\encdec.dll |COMPANY |05/08/2004 13:00:00
C:\WINDOWS\system32\EqnClass.Dll |Equinox Systems Inc. |01/09/2005 18:59:26
C:\WINDOWS\system32\FEELIT.DLL |Immersion Corporation |01/09/2005 18:20:58
C:\WINDOWS\system32\hpgwiamd.dll |Hewlett-Packard |28/02/2003 09:10:02
C:\WINDOWS\system32\hpotscl.dll |COMPANY |01/09/2005 18:07:28
C:\WINDOWS\system32\hpovst08.dll |Hewlett-Packard Co. |01/09/2005 18:07:29
C:\WINDOWS\system32\HPZc3212.dll |Hewlett-Packard Co. |01/09/2005 18:07:29
C:\WINDOWS\system32\hpzcoi07.dll |HP |09/03/2003 05:30:52
C:\WINDOWS\system32\hpzcon07.dll |Hewlett-Packard Company |09/03/2003 05:30:50
C:\WINDOWS\system32\HPZidr12.dll |HP |01/09/2005 18:08:45
C:\WINDOWS\system32\HPZipr12.dll |HP |01/09/2005 18:08:48
C:\WINDOWS\system32\HPZipt12.dll |HP |01/09/2005 18:08:55
C:\WINDOWS\system32\HPZisn12.dll |HP |01/09/2005 18:08:52
C:\WINDOWS\system32\hpzsnt07.dll |HP |09/03/2003 05:30:52
C:\WINDOWS\system32\hticons.dll |Hilgraeve, Inc. |01/09/2005 17:09:43
C:\WINDOWS\system32\hypertrm.dll |Hilgraeve, Inc. |01/09/2005 17:09:29
C:\WINDOWS\system32\Iacenc.dll |Intel Corporation |18/11/1998 14:33:16
C:\WINDOWS\system32\iccvid.dll |Radius Inc. |05/08/2004 13:00:00
C:\WINDOWS\system32\ieencode.dll |COMPANY |05/08/2004 13:00:00
C:\WINDOWS\system32\ifc21.dll |Immersion Corporation |01/09/2005 18:20:58
C:\WINDOWS\system32\indounin.dll |COMPANY |27/01/1999 12:39:06
C:\WINDOWS\system32\intr32.dll |Home |02/11/2006 14:23:55
C:\WINDOWS\system32\ir32_32.dll |COMPANY |05/08/2004 13:00:00
C:\WINDOWS\system32\ir41_qc.dll |Intel Corporation. |05/08/2004 13:00:00
C:\WINDOWS\system32\ir41_qcx.dll |Intel Corporation. |05/08/2004 13:00:00
C:\WINDOWS\system32\ir50_32.dll |Intel Corporation |05/08/2004 13:00:00
C:\WINDOWS\system32\ir50_qc.dll |Intel Corporation. |05/08/2004 13:00:00
C:\WINDOWS\system32\ir50_qcx.dll |Intel Corporation. |05/08/2004 13:00:00
C:\WINDOWS\system32\isrdbg32.dll |Intel Corporation |01/09/2005 17:11:04
C:\WINDOWS\system32\Iyvu9_32.dll |COMPANY |13/06/1997 06:56:08
C:\WINDOWS\system32\jgaw400.dll |Johnson-Grace Company |05/08/2004 13:00:00
C:\WINDOWS\system32\jgdw400.dll |America Online |05/08/2004 13:00:00
C:\WINDOWS\system32\jgmd400.dll |Johnson-Grace Company |05/08/2004 13:00:00
C:\WINDOWS\system32\jgpl400.dll |Johnson-Grace Company |05/08/2004 13:00:00
C:\WINDOWS\system32\jgsd400.dll |America Online |05/08/2004 13:00:00
C:\WINDOWS\system32\jgsh400.dll |Johnson-Grace Company |05/08/2004 13:00:00
C:\WINDOWS\system32\LCamCpl.dll |Logitech Inc. |01/06/2004 10:01:54
C:\WINDOWS\system32\LCoInst.Dll |Logitech, Inc. |01/09/2005 18:20:55
C:\WINDOWS\system32\lfbmp12n.dll |LEAD Technologies, Inc. |01/06/2004 09:37:50
C:\WINDOWS\system32\Lfcmp12n.dll |LEAD Technologies, Inc. |01/06/2004 09:37:50
C:\WINDOWS\system32\lffax12n.dll |LEAD Technologies, Inc. |01/06/2004 09:37:50
C:\WINDOWS\system32\lftif12n.dll |LEAD Technologies, Inc. |01/06/2004 09:37:50
C:\WINDOWS\system32\LGUICOM.DLL |Logitech Inc. |01/09/2005 18:20:58
C:\WINDOWS\system32\libdivx.dll |The OpenSSL Project, http://www.openssl.org/ |28/09/2005 19:50:04
C:\WINDOWS\system32\lmoufrc.dll |Logitech Inc. |01/09/2005 18:20:55
C:\WINDOWS\system32\LMOUSE16.DLL |Logitech, Inc. |01/09/2005 18:20:58
C:\WINDOWS\system32\LMOUSE32.DLL |Logitech, Inc. |01/09/2005 18:20:58
C:\WINDOWS\system32\LQCUI2.dll |Logitech Inc. |01/06/2004 09:43:16
C:\WINDOWS\system32\Ltdis12n.dll |LEAD Technologies, Inc. |01/06/2004 09:37:52
C:\WINDOWS\system32\Ltefx12n.dll |LEAD Technologies, Inc. |01/06/2004 09:37:52
C:\WINDOWS\system32\Ltfil12n.dll |LEAD Technologies, Inc. |01/06/2004 09:37:52
C:\WINDOWS\system32\Ltimg12n.dll |LEAD Technologies, Inc. |01/06/2004 09:37:54
C:\WINDOWS\system32\Ltkrn12n.dll |LEAD Technologies, Inc. |01/06/2004 09:37:54
C:\WINDOWS\system32\Ltwvc12n.dll |LEAD Technologies, Inc. |01/06/2004 09:37:58
C:\WINDOWS\system32\LVCodec2.dll |Logitech Inc. |06/02/2005 16:57:22
C:\WINDOWS\system32\lvcoinst.dll |Logitech Inc. |06/02/2005 16:57:23
C:\WINDOWS\system32\LVCOMCX.dll |Logitech Inc. |21/05/2004 18:12:38
C:\WINDOWS\system32\Lvkrn12n.dll |LEAD Technologies, Inc. |01/06/2004 09:37:58
C:\WINDOWS\system32\LVMAENUM.dll |Logitech Inc. |21/05/2004 18:11:48
C:\WINDOWS\system32\LVUI2.dll |Logitech Inc. |06/02/2005 16:57:22
C:\WINDOWS\system32\LVUI2RC.dll |Logitech Inc. |06/02/2005 16:57:22
C:\WINDOWS\system32\mcdvd_32.dll |MainConcept |12/09/2006 18:23:55
C:\WINDOWS\system32\mdwmdmsp.dll |RioPort |23/08/2001 18:47:06
C:\WINDOWS\system32\msdmo.dll |COMPANY |05/08/2004 13:00:00
C:\WINDOWS\system32\msencode.dll |COMPANY |05/08/2004 13:00:00
C:\WINDOWS\system32\MsgPlusLoader.dll |Patchou |14/06/2006 17:01:53
C:\WINDOWS\system32\Npindeo.dll |Intel Corporation |20/11/1998 12:38:58
C:\WINDOWS\system32\nv4_disp.dll |NVIDIA Corporation |01/09/2005 19:02:23
C:\WINDOWS\system32\paqsp.dll |COMPANY |23/08/2001 18:47:16
C:\WINDOWS\system32\pncrt.dll |Real Networks, Inc |27/11/2005 01:11:29
C:\WINDOWS\system32\pndx5016.dll |RealNetworks, Inc. |27/11/2005 01:11:30
C:\WINDOWS\system32\pndx5032.dll |RealNetworks, Inc. |27/11/2005 01:11:30
C:\WINDOWS\system32\px.dll |Sonic Solutions |09/09/2006 05:40:32
C:\WINDOWS\system32\pxdrv.dll |Sonic Solutions |09/09/2006 05:40:33
C:\WINDOWS\system32\pxmas.dll |Sonic Solutions |09/09/2006 05:40:32
C:\WINDOWS\system32\pxsfs.dll |Sonic Solutions |09/09/2006 05:40:33
C:\WINDOWS\system32\pxwave.dll |Sonic Solutions |09/09/2006 05:40:33
C:\WINDOWS\system32\QCUI2.dll |Logitech Inc. |01/06/2004 09:44:54
C:\WINDOWS\system32\qedwipes.dll |COMPANY |05/08/2004 13:00:00
C:\WINDOWS\system32\qt-dx331.dll |COMPANY |09/08/2005 23:12:28
C:\WINDOWS\system32\rmoc3260.dll |RealNetworks, Inc. |27/11/2005 01:11:40
C:\WINDOWS\system32\sbe.dll |COMPANY |05/08/2004 13:00:00
C:\WINDOWS\system32\slbcsp.dll |Schlumberger Technology Corporation |05/08/2004 13:00:00
C:\WINDOWS\system32\slbiop.dll |Schlumberger Technology Corporation |05/08/2004 13:00:00
C:\WINDOWS\system32\slbrccsp.dll |Schlumberger Technology Corporation |05/08/2004 13:00:00
C:\WINDOWS\system32\spnike.dll |S3/Diamond Multimedia |23/08/2001 18:47:18
C:\WINDOWS\system32\sprio600.dll |S3/Diamond Multimedia |23/08/2001 18:47:18
C:\WINDOWS\system32\sprio800.dll |S3/Diamond Multimedia |23/08/2001 18:47:18
C:\WINDOWS\system32\spxcoins.dll |Perle Systems Ltd. |25/06/2006 19:18:13
C:\WINDOWS\system32\ssldivx.dll |The OpenSSL Project, http://www.openssl.org/ |28/09/2005 19:50:03
C:\WINDOWS\system32\tsd32.dll |COMPANY |05/08/2004 13:00:00
C:\WINDOWS\system32\usrcntra.dll |U.S. Robotics Corporation |23/08/2001 18:47:20
C:\WINDOWS\system32\usrcoina.dll |U.S. Robotics Corporation |23/08/2001 18:47:20
C:\WINDOWS\system32\usrdpa.dll |U.S. Robotics Corporation |23/08/2001 18:47:20
C:\WINDOWS\system32\usrdtea.dll |U.S. Robotics Corporation |23/08/2001 18:47:20
C:\WINDOWS\system32\usrfaxa.dll |U.S. Robotics Corporation |23/08/2001 18:47:20
C:\WINDOWS\system32\usrlbva.dll |U.S. Robotics Corporation |23/08/2001 18:47:20
C:\WINDOWS\system32\usrrtosa.dll |U.S. Robotics Corporation |23/08/2001 18:47:20
C:\WINDOWS\system32\usrsdpia.dll |U.S. Robotics Corporation |23/08/2001 18:47:20
C:\WINDOWS\system32\usrsvpia.dll |U.S. Robotics Corporation |23/08/2001 18:47:20
C:\WINDOWS\system32\usrv42a.dll |U.S. Robotics Corporation |23/08/2001 18:47:20
C:\WINDOWS\system32\usrv80a.dll |U.S. Robotics Corporation |23/08/2001 18:47:20
C:\WINDOWS\system32\usrvoica.dll |U.S. Robotics Corporation |23/08/2001 18:47:20
C:\WINDOWS\system32\usrvpa.dll |U.S. Robotics Corporation |23/08/2001 18:47:20
C:\WINDOWS\system32\Vbis4032.dll |COMPANY |16/12/2005 15:50:04
C:\WINDOWS\system32\vxblock.dll |Sonic Solutions |09/09/2006 05:40:33
C:\WINDOWS\system32\win87em.dll |COMPANY |05/08/2004 13:00:00
C:\WINDOWS\system32\xvidcore.dll |COMPANY |12/09/2006 18:23:55
C:\WINDOWS\system32\xvidvfw.dll |COMPANY |12/09/2006 18:23:55

Le volume dans le lecteur C n'a pas de nom.
Le numéro de série du volume est B0CD-5F43

Répertoire de C:\WINDOWS\system32

05/08/2004 13:00 6 144 csrss.exe
1 fichier(s) 6 144 octets
0 Rép(s) 128 145 539 072 octets libres

Contenu de Downloaded Program Files
Le volume dans le lecteur C n'a pas de nom.
Le numéro de série du volume est B0CD-5F43

Répertoire de C:\WINDOWS\Downloaded Program Files

05/11/2006 14:49 <REP> .
05/11/2006 14:49 <REP> ..
01/09/2005 18:52 <REP> CONFLICT.1
25/06/2006 19:30 65 desktop.ini
25/07/2002 18:13 24 576 dwusplay.dll
25/07/2002 18:13 196 608 dwusplay.exe
18/05/2006 13:58 259 egaccess4.inf
02/03/2006 14:40 1 271 erma.inf
10/06/2005 10:44 417 792 isusweb.dll
10/11/2005 13:05 876 jinstall-1_5_0_06.inf
20/01/2000 14:25 1 162 Microsoft XML Parser for Java.osd
09/10/2003 10:32 144 QTPlugin.inf
27/03/2006 12:00 5 019 swflash.inf
02/11/2005 18:01 1 777 xscan.inf
02/11/2005 18:07 435 712 xscan53.ocx
27/05/2003 17:24 233 472 yacscom.dll
25/05/2003 13:47 233 yacscom.inf
19/10/2001 23:08 155 648 yacsui.dll
23/10/2001 12:18 243 yacsui.inf
16 fichier(s) 1 474 857 octets

Répertoire de C:\WINDOWS\Downloaded Program Files\CONFLICT.1

01/09/2005 18:52 <REP> .
01/09/2005 18:52 <REP> ..
0 fichier(s) 0 octets

Total des fichiers listés :
16 fichier(s) 1 474 857 octets
5 Rép(s) 128 145 534 976 octets libres

Recherche de rootkit! (Merci S!Ri)

Recherche d'infections connues




Liste des programmes installes

Adobe Acrobat 5.0
Adobe SVG Viewer 3.0
AutoUpdate
AVG 7.5
AVG Anti-Spyware 7.5
AVS DVD Player version 2.1
Azureus
Barre d'outils MSN
CCleaner (remove only)
Disque de souvenirs HP
DivX
DivX Player
GameSpy Arcade
Google Desktop Search
Google Toolbar for Internet Explorer
HijackThis 1.99.1
hp psc 1200 series
Image Resizer Powertoy for Windows XP
J2SE Runtime Environment 5.0 Update 6
Java 2 Runtime Environment, SE v1.4.2
Jigsaw Puzzle Lite (remove only)
Kit de Connexion France Télécom Câble 1.0
Lecteur Windows Media 10
Logitech Desktop Messenger
Logitech MouseWare 9.79
Logitech QuickCam
Logitech Resource Center
Macromedia Flash Player 8
Macromedia Shockwave Player
MailSkinner
Medal of Honor débarquement allié
Messenger Plus! 3 & Sponsor
Microsoft .NET Framework 1.1
Mon Assistant Internet
Mon Livre Photo by Cewe
MSN
MSN Messenger 7.5
Musicmatch® Jukebox
Photo et imagerie HP 2.0 - All-in-One
Photo et imagerie HP 2.0 - All-in-One Pilote
Photo et imagerie HP 2.0 - hp psc 1200 series
Programme de gestion Camera de Logitech®
QuickTime
RealPlayer
SafeCast Shared Components
Seekmo Toolbar
Spybot - Search & Destroy 1.4
WebFldrs XP
Windows Media Format Runtime
Yahoo! Install Manager
Yahoo! Toolbar
Yahoo! Toolbar avec bloqueur de fenêtres pop-up



Le volume dans le lecteur C n'a pas de nom.
Le numéro de série du volume est B0CD-5F43

Répertoire de C:\Program Files

08/11/2006 18:12 <REP> .
08/11/2006 18:12 <REP> ..
06/04/2006 08:14 <REP> a-squared
15/02/2006 17:17 <REP> Adobe
02/07/2006 08:08 <REP> Adverts
12/04/2005 08:48 <REP> AGD
19/06/2005 18:57 <REP> Ahead
02/01/2006 13:46 <REP> AKVIS
07/05/2006 08:03 <REP> Alwil Software
05/06/2005 17:57 <REP> ASCII
16/10/2005 17:29 <REP> Atlence
12/09/2006 18:24 <REP> AVSMedia
02/11/2006 19:13 <REP> Azureus
04/11/2006 16:21 <REP> BearShare
26/05/2005 19:05 <REP> BillardGL 1.75
09/09/2006 19:21 <REP> BSplayer_WhenUSave_Installer
10/07/2006 20:20 <REP> CCleaner
17/02/2005 20:41 <REP> Codemasters
05/04/2006 11:53 <REP> Common
21/10/2006 21:40 <REP> Common Files
18/01/2005 18:08 <REP> ComPlus Applications
16/12/2005 16:33 <REP> Corel
21/06/2005 11:41 <REP> Cubemaster 2000
26/07/2005 19:07 <REP> CueClub
12/09/2006 18:16 <REP> DivX
09/05/2005 10:24 <REP> Doom 3 Demo
20/08/2006 15:39 <REP> EA GAMES
06/04/2005 20:28 <REP> Empire Interactive
19/09/2005 15:28 <REP> eSoft Imaging
07/11/2006 18:58 <REP> Fichiers communs
02/09/2005 10:31 <REP> France Telecom Cable
20/08/2006 15:40 <REP> GameSpy Arcade
18/01/2005 18:56 <REP> Generic
06/07/2006 17:52 <REP> GEOGRAPHIE
12/09/2006 18:18 <REP> Google
06/11/2006 13:54 <REP> Grisoft
13/07/2005 13:08 <REP> Hello
19/01/2005 09:50 <REP> Hewlett-Packard
27/08/2005 19:37 <REP> Innovative Solutions
25/06/2006 19:29 <REP> Internet Explorer
01/03/2006 20:55 <REP> Jasc Software Inc
17/05/2006 19:31 <REP> Java
22/09/2006 19:18 <REP> KraiSoft
15/05/2005 17:54 <REP> Lavasoft
22/12/2005 20:53 <REP> LED
06/07/2006 17:51 <REP> Logitech
18/02/2006 18:50 <REP> Mes Jeux Installés
22/09/2006 19:08 <REP> Mes Jeux Téléchargés
04/09/2005 20:04 <REP> Messenger
01/05/2006 09:47 <REP> MessengerPlus! 3
20/01/2005 19:03 <REP> microsoft frontpage
20/01/2005 19:03 <REP> Microsoft Office
20/01/2005 19:05 <REP> Microsoft Visual Studio
13/10/2006 10:58 <REP> Mon Livre Photo by Cewe
13/07/2006 10:30 <REP> Motive
26/08/2005 21:21 <REP> MotoGP2 Demo
18/01/2005 18:08 <REP> Movie Maker
23/08/2005 14:23 <REP> MSN
11/04/2005 14:12 <REP> MSN Apps
18/01/2005 18:07 <REP> MSN Gaming Zone
10/10/2006 18:06 <REP> MSN Messenger
01/09/2005 18:21 <REP> MUSICMATCH
26/05/2005 18:47 <REP> Neoact
18/01/2005 18:09 <REP> NetMeeting
03/06/2005 15:50 <REP> Notepad++
13/07/2006 10:30 <REP> Numericable
26/08/2005 20:02 <REP> Nvu
18/01/2005 18:07 <REP> Online Services
25/06/2006 19:29 <REP> Outlook Express
16/05/2005 19:10 <REP> Paraben
24/05/2005 12:53 <REP> Picasa2
03/02/2006 17:26 <REP> QuickTime
20/05/2005 21:19 <REP> RC Simulator Demo
06/07/2006 17:48 <REP> Real
10/09/2006 15:26 <REP> Seekmo Programs
01/09/2005 17:12 <REP> Services en ligne
30/08/2005 16:58 <REP> Skype
08/02/2005 22:07 <REP> SoftCAD
05/04/2006 16:55 <REP> Spybot - Search & Destroy
07/02/2005 18:05 <REP> Top Gun Demo
16/04/2005 09:14 <REP> Trust online
09/09/2006 19:26 <REP> Webteh
17/12/2005 15:14 <REP> Win Généalogic
01/10/2006 10:22 <REP> Windows Media Player
18/01/2005 18:07 <REP> Windows NT
19/01/2006 17:49 <REP> WinRAR
18/01/2005 18:11 <REP> xerox
15/05/2005 18:00 <REP> XnView
21/10/2006 21:40 <REP> Yahoo!
0 fichier(s) 0 octets
89 Rép(s) 128 145 522 688 octets libres
Le volume dans le lecteur C n'a pas de nom.
Le numéro de série du volume est B0CD-5F43

Répertoire de C:\Program Files\fichiers communs

07/11/2006 18:58 <REP> .
07/11/2006 18:58 <REP> ..
15/02/2006 17:17 <REP> Adobe
12/02/2006 18:07 <REP> Adobe Systems Shared
20/02/2005 08:54 <REP> Ahead
16/10/2005 17:29 <REP> Atlence
12/09/2006 18:24 <REP> AVSMedia
20/01/2005 19:05 <REP> Designer
26/08/2005 21:21 <REP> DirectX
06/02/2005 16:58 <REP> FotoWire
19/01/2005 09:45 <REP> Hewlett-Packard
16/12/2005 16:33 <REP> InstallShield
10/02/2005 16:01 <REP> Java
11/05/2005 19:58 <REP> lapmpcre
19/09/2005 15:23 <REP> Logitech
16/05/2005 19:07 <REP> Macrovision Shared
12/12/2005 11:40 <REP> Microsoft Shared
18/01/2005 18:09 <REP> MSSoap
18/01/2005 18:54 <REP> ODBC
27/11/2005 01:11 <REP> Real
16/05/2005 19:47 <REP> SC Test Branding 1 Shared
18/01/2005 18:09 <REP> Services
18/01/2005 18:54 <REP> SpeechEngines
25/06/2006 19:29 <REP> System
27/11/2005 01:11 <REP> xing shared
0 fichier(s) 0 octets
25 Rép(s) 128 145 518 592 octets libres
Le volume dans le lecteur C n'a pas de nom.
Le numéro de série du volume est B0CD-5F43

Répertoire de C:\Program Files\fichiers communs\Microsoft Shared\Web Folders

01/09/2005 17:19 <REP> .
01/09/2005 17:19 <REP> ..
18/05/2001 15:57 561 209 MSONSEXT.DLL
03/06/1999 12:09 122 937 MSOWS409.DLL
07/03/2001 07:00 127 033 MSOWS40c.DLL
18/03/1999 05:37 593 977 RAGENT.DLL
4 fichier(s) 1 405 156 octets
2 Rép(s) 128 145 518 592 octets libres
Le volume dans le lecteur C n'a pas de nom.
Le numéro de série du volume est B0CD-5F43

Répertoire de C:\Program Files\common files

21/10/2006 21:40 <REP> .
21/10/2006 21:40 <REP> ..
13/07/2006 10:31 <REP> Motive
0 fichier(s) 0 octets
3 Rép(s) 128 145 518 592 octets libres
c:\Documents and Settings\All Users.WINDOWS\Application Data\AntiVir PersonalEdition classic\UPGRADE\basic\avcenter.exe
c:\Documents and Settings\All Users.WINDOWS\Application Data\AntiVir PersonalEdition classic\UPGRADE\basic\avconfig.exe
c:\Documents and Settings\All Users.WINDOWS\Application Data\AntiVir PersonalEdition classic\UPGRADE\basic\avguard.exe
c:\Documents and Settings\All Users.WINDOWS\Application Data\AntiVir PersonalEdition classic\UPGRADE\basic\AVMCDLG.exe
c:\Documents and Settings\All Users.WINDOWS\Application Data\AntiVir PersonalEdition classic\UPGRADE\basic\sched.exe
c:\Documents and Settings\aude-emelyne\Bureau\avgas-setup-7.5.0.50.exe
c:\Documents and Settings\aude-emelyne\Bureau\blbeta.exe
c:\Documents and Settings\aude-emelyne\Bureau\SDFix.exe
c:\Documents and Settings\aude-emelyne\Bureau\bfu\BFU.exe
c:\Documents and Settings\aude-emelyne\Bureau\DiagHelp\diaghelp\blbetac.exe
c:\Documents and Settings\aude-emelyne\Bureau\DiagHelp\diaghelp\FilesInfoCmd.exe
c:\Documents and Settings\aude-emelyne\Bureau\DiagHelp\diaghelp\Fport.exe
c:\Documents and Settings\aude-emelyne\Bureau\DiagHelp\diaghelp\grep.exe
c:\Documents and Settings\aude-emelyne\Bureau\DiagHelp\diaghelp\LFiles.exe
c:\Documents and Settings\aude-emelyne\Bureau\DiagHelp\diaghelp\LISTDLLS.exe
c:\Documents and Settings\aude-emelyne\Bureau\DiagHelp\diaghelp\pslist.exe
c:\Documents and Settings\aude-emelyne\Bureau\DiagHelp\diaghelp\streams.exe
c:\Documents and Settings\aude-emelyne\Bureau\DiagHelp\diaghelp\swreg.exe
c:\Documents and Settings\aude-emelyne\Bureau\SDFix\apps\cliptext.exe
c:\Documents and Settings\aude-emelyne\Bureau\SDFix\apps\Process.exe
c:\Documents and Settings\aude-emelyne\Bureau\SDFix\apps\RegDACL.exe
c:\Documents and Settings\aude-emelyne\Bureau\SDFix\apps\RestartIt!.exe
c:\Documents and Settings\aude-emelyne\Bureau\SDFix\apps\sc.exe
c:\Documents and Settings\aude-emelyne\Bureau\SDFix\apps\swreg.exe
c:\Documents and Settings\aude-emelyne\Bureau\SDFix\apps\swsc.exe
c:\Documents and Settings\aude-emelyne\Bureau\SDFix\apps\zip.exe
c:\Documents and Settings\aude-emelyne\Bureau\SDFix\apps\Replace\W2K.exe
c:\Documents and Settings\aude-emelyne\Bureau\SDFix\apps\Replace\XP.exe
c:\Documents and Settings\aude-emelyne\Bureau\SmitfraudFix\SmitfraudFix\dumphive.exe
c:\Documents and Settings\aude-emelyne\Bureau\SmitfraudFix\SmitfraudFix\GenericRenosFix.exe
c:\Documents and Settings\aude-emelyne\Bureau\SmitfraudFix\SmitfraudFix\Process.exe
c:\Documents and Settings\aude-emelyne\Bureau\SmitfraudFix\SmitfraudFix\Reboot.exe
c:\Documents and Settings\aude-emelyne\Bureau\SmitfraudFix\SmitfraudFix\restart.exe
c:\Documents and Settings\aude-emelyne\Bureau\SmitfraudFix\SmitfraudFix\SmiUpdate.exe
c:\Documents and Settings\aude-emelyne\Bureau\SmitfraudFix\SmitfraudFix\SrchSTS.exe
c:\Documents and Settings\aude-emelyne\Bureau\SmitfraudFix\SmitfraudFix\swreg.exe
c:\Documents and Settings\aude-emelyne\Bureau\SmitfraudFix\SmitfraudFix\swsc.exe
c:\Documents and Settings\aude-emelyne\Bureau\SmitfraudFix\SmitfraudFix\unzip.exe
c:\Documents and Settings\aude-emelyne\Mes documents\avg75afwt_423a810.exe
c:\Documents and Settings\aude-emelyne\Mes documents\ccsetup134.exe
c:\Documents and Settings\aude-emelyne\Mes documents\HijackThis.exe
c:\Documents and Settings\aude-emelyne\Mes documents\Mon_Livre_Photo_by_Cewe.exe
c:\Documents and Settings\aude-emelyne\Mes documents\MsgPlus-363.exe
c:\Documents and Settings\aude-emelyne\Mes documents\wd97vwr32.exe
c:\Documents and Settings\aude-emelyne\Mes documents\Mes fichiers reçus\Corel_PaintShopPro1000_FR_TBYB_TrialESD.exe
c:\Documents and Settings\aude-emelyne\Mes documents\Mes fichiers reçus\install.exe
c:\Documents and Settings\aude-emelyne\Mes documents\Mes fichiers reçus\INSTALL_MSN_MESSENGER_NT.EXE
c:\Documents and Settings\aude-emelyne\Mes documents\Mes fichiers reçus\pfs-setup.exe
c:\Documents and Settings\jeremy\Application Data\MSNInstaller\msnauins.exe
c:\Documents and Settings\jeremy\Bureau\AVSDVDPlayer.exe
c:\Documents and Settings\jeremy\Bureau\GTR_DEMO.exe
c:\Documents and Settings\jeremy\Bureau\Install_Messenger.exe
c:\Documents and Settings\jeremy\Bureau\Install_MSN_Messenger.EXE
c:\Documents and Settings\jeremy\Bureau\jigsaw_lite.exe
c:\Documents and Settings\jeremy\Bureau\qr.exe
c:\Documents and Settings\jeremy\Local Settings\Temp\setup_wm.exe
c:\Documents and Settings\jeremy\Local Settings\Temp\SLF7673.tmp\Colin_Mc_Rae_Rally_2005_(StarForce)_Telecharger(fr_1124){72795}.exe
c:\Documents and Settings\jeremy\Local Settings\Temp\SLF7E34.tmp\RCHelicopter_Telecharger{5748}.exe
c:\Documents and Settings\jeremy\Local Settings\Temp\Temporary Internet Files\Content.IE5\WJFNQCH9\installdrivecleanerstart_fr[1].exe
c:\Documents and Settings\jeremy\Local Settings\Temp\WMC0000.tmp\mpsetup.exe
c:\Documents and Settings\jeremy\Mes documents\avast.exe
c:\Documents and Settings\jeremy\Mes documents\BSINSTALLFR.exe
c:\Documents and Settings\jeremy\Mes documents\ccsetup131.exe
c:\Documents and Settings\jeremy\Mes documents\gspot221.exe
c:\Documents and Settings\jeremy\Mes documents\ImageResizerPowertoySetup.exe
c:\Documents and Settings\jeremy\Mes documents\nfsmwdemo.exe
c:\Documents and Settings\jeremy\Mes documents\Photoshop_CS2_F_TryOut.exe
c:\Documents and Settings\jeremy\Mes documents\QuickTimeFullInstaller.exe
c:\Documents and Settings\jeremy\Mes documents\reducteur.exe
c:\Documents and Settings\jeremy\Mes documents\setup_LedConsommation_4_0_5.exe
c:\Documents and Settings\jeremy\Mes documents\wrar351.exe
c:\Documents and Settings\jeremy\Mes documents\Cue Club Billard (Crack Extras Fr)\CueClub (Billard 3D)+Crack+extras FR\Cue_Club_Game+Crack+extras\cc104crk.exe
c:\Documents and Settings\jeremy\Mes documents\Cue Club Billard (Crack Extras Fr)\CueClub (Billard 3D)+Crack+extras FR\Cue_Club_Game+Crack+extras\cueclub.exe
c:\Documents and Settings\jeremy\Mes documents\PhotoshopTryout\Photoshop_CS2_F_TryOut\instmsia.exe
c:\Documents and Settings\jeremy\Mes documents\PhotoshopTryout\Photoshop_CS2_F_TryOut\instmsiw.exe
c:\Documents and Settings\jeremy\Mes documents\PhotoshopTryout\Photoshop_CS2_F_TryOut\setup.exe
c:\Documents and Settings\jeremy\Mes documents\Updater\bridge1\Bridge103Updater.exe
c:\Documents and Settings\jeremy\Mes documents\Updater\bridge1\OLSUpdater.exe
c:\Documents and Settings\jeremy\Mes documents\Updater\helpcenter1\AdobeUpdater403.exe
c:\Documents and Settings\jeremy\Mes documents\Updater\stockphotos1\UpdateInstaller1_0_5.exe
c:\Documents and Settings\Jérémy\Bureau\BullGuard.exe
c:\Documents and Settings\Jérémy\Local Settings\Temp\_ISDEL.EXE
c:\Documents and Settings\Jérémy\Local Settings\Temp\_VWUPSRV.EXE
c:\Documents and Settings\Jérémy\Local Settings\Temp\AVGNT.EXE
c:\Documents and Settings\Jérémy\Local Settings\Temp\AVGUARD.EXE
c:\Documents and Settings\Jérémy\Local Settings\Temp\AVNT.EXE
c:\Documents and Settings\Jérémy\Local Settings\Temp\AVSCHED32.EXE
c:\Documents and Settings\Jérémy\Local Settings\Temp\AVUNINST.EXE
c:\Documents and Settings\Jérémy\Local Settings\Temp\AVWIN.EXE
c:\Documents and Settings\Jérémy\Local Settings\Temp\AVWUPSRV.EXE
c:\Documents and Settings\Jérémy\Local Settings\Temp\DELUS.EXE
c:\Documents and Settings\Jérémy\Local Settings\Temp\GUARDGUI.EXE
c:\Documents and Settings\Jérémy\Local Settings\Temp\INETUPD.EXE
c:\Documents and Settings\Jérémy\Local Settings\Temp\irsetup.exe
c:\Documents and Settings\Jérémy\Local Settings\Temp\msnsearch.exe
c:\Documents and Settings\Jérémy\Local Settings\Temp\NOTIFIER.EXE
c:\Documents and Settings\Jérémy\Local Settings\Temp\REBOOT.EXE
c:\Documents and Settings\Jérémy\Local Settings\Temp\SETUP.EXE
c:\Documents and Settings\Jérémy\Local Settings\Temp\setup_wm.exe
c:\Documents and Settings\Jérémy\Local Settings\Temp\UNNMP.exe
c:\Documents and Settings\Jérémy\Local Settings\Temp\ins1.tmp\LDMClient.exe
c:\Documents and Settings\Jérémy\Local Settings\Temp\UPDATE\antivir_workstation_win7u_en_h.exe
c:\Documents and Settings\Jérémy\Local Settings\Temp\WZSE0.TMP\disk_1\avgctrl.exe
c:\Documents and Settings\Jérémy\Local Settings\Temp\WZSE0.TMP\disk_1\avgnt.exe
c:\Documents and Settings\Jérémy\Local Settings\Temp\WZSE0.TMP\disk_1\avguard.exe
c:\Documents and Settings\Jérémy\Local Settings\Temp\WZSE0.TMP\disk_1\avnt.exe
c:\Documents and Settings\Jérémy\Local Settings\Temp\WZSE0.TMP\disk_1\avsched32.exe
c:\Documents and Settings\Jérémy\Local Settings\Temp\WZSE0.TMP\disk_1\avuninst.exe
c:\Documents and Settings\Jérémy\Local Settings\Temp\WZSE0.TMP\disk_1\avwin.exe
c:\Documents and Settings\Jérémy\Local Settings\Temp\WZSE0.TMP\disk_1\avwupsrv.exe
c:\Documents and Settings\Jérémy\Local Settings\Temp\WZSE0.TMP\disk_1\delus.exe
c:\Documents and Settings\Jérémy\Local Settings\Temp\WZSE0.TMP\disk_1\guardgui.exe
c:\Documents and Settings\Jérémy\Local Settings\Temp\WZSE0.TMP\disk_1\inetupd.exe
c:\Documents and Settings\Jérémy\Local Settings\Temp\WZSE0.TMP\disk_1\notifier.exe
c:\Documents and Settings\Jérémy\Local Settings\Temp\WZSE0.TMP\disk_1\reboot.exe
c:\Documents and Settings\Jérémy\Local Settings\Temp\WZSE0.TMP\disk_1\setup.exe
c:\Documents and Settings\Jérémy\Local Settings\Temporary Internet Files\Content.IE5\6H92NA1K\SkypeSetup[1].exe
c:\Documents and Settings\Jérémy\Local Settings\Temporary Internet Files\Content.IE5\OPGNKBW3\cueclub_ns[1].exe
c:\Documents and Settings\Jérémy\Local Settings\Temporary Internet Files\Content.IE5\OVLR6YJ1\advanced_disk_cleaner[1].exe
c:\Documents and Settings\Jérémy\Mes documents\Ma musique\Green Day\aawsepersonal.exe
c:\Documents and Settings\Jérémy\Mes documents\Ma musique\Green Day\kmd.exe
c:\Documents and Settings\Jérémy\Mes documents\Ma musique\Green Day\MPSetupXP.exe
c:\Documents and Settings\Jérémy\Mes documents\TELECHARGEMENT\20 ans GTTurbo.part1.exe
c:\Documents and Settings\Jérémy\Mes documents\TELECHARGEMENT\advanced_disk_cleaner.exe
c:\Documents and Settings\Jérémy\Mes documents\TELECHARGEMENT\cueclub_ns.exe
c:\Documents and Settings\Jérémy\Mes documents\TELECHARGEMENT\nvu.exe
c:\Documents and Settings\Jérémy\Mes documents\TELECHARGEMENT\racer050.exe
c:\Documents and Settings\Jérémy\Mes documents\TELECHARGEMENT\SkypeSetup.exe
c:\Documents and Settings\Standard\Local Settings\Temp\_VWUPSRV.EXE
c:\Documents and Settings\Standard\Local Settings\Temp\Install_MSN_Messenger.EXE
c:\Documents and Settings\Standard\Local Settings\Temp\msnsearch.exe
c:\Documents and Settings\Standard\Local Settings\Temp\NeoSetup.exe
c:\Documents and Settings\Standard\Local Settings\Temp\NeoUninstall.exe
c:\Documents and Settings\Standard\Local Settings\Temp\setup_trial_5_3_05.exe
c:\Documents and Settings\Standard\Local Settings\Temp\FILE\carom.exe
c:\Documents and Settings\Standard\Local Settings\Temp\FILE\update.exe
c:\Documents and Settings\Standard\Local Settings\Temporary Internet Files\Content.IE5\3BP59HDY\regclean_zmeax[1].exe
c:\Documents and Settings\Standard\Local Settings\Temporary Internet Files\Content.IE5\3BP59HDY\regclean_zmf[1].exe
c:\Documents and Settings\Standard\Mes documents\telechargement\BillardGL-1.75-Setup.exe
c:\Documents and Settings\Standard\Mes documents\telechargement\CaromV307.exe
c:\Documents and Settings\Standard\Mes documents\telechargement\Firefox Setup 1.0.4.exe
c:\Documents and Settings\Standard\Mes documents\telechargement\géo.exe
c:\Documents and Settings\Standard\Mes documents\telechargement\gspot221.exe
c:\Documents and Settings\Standard\Mes documents\telechargement\INSTALL_MSN_MESSENGER_DL.EXE
c:\Documents and Settings\Standard\Mes documents\telechargement\les pays us.exe
c:\Documents and Settings\Standard\Mes documents\telechargement\notepad_pp.exe
c:\Documents and Settings\Standard\Mes documents\telechargement\picasa2-setup-1884.exe
c:\Documents and Settings\Standard\Mes documents\telechargement\regclean_zme.exe
c:\Documents and Settings\All Users.WINDOWS\Application Data\AntiVir PersonalEdition classic\UPGRADE\guardevt.dll
c:\Documents and Settings\All Users.WINDOWS\Application Data\AntiVir PersonalEdition classic\UPGRADE\rchelp.dll
c:\Documents and Settings\All Users.WINDOWS\Application Data\AntiVir PersonalEdition classic\UPGRADE\rcimage.dll
c:\Documents and Settings\All Users.WINDOWS\Application Data\AntiVir PersonalEdition classic\UPGRADE\rctext.dll
c:\Documents and Settings\All Users.WINDOWS\Application Data\AntiVir PersonalEdition classic\UPGRADE\upgrade.dll
c:\Documents and Settings\All Users.WINDOWS\Application Data\AntiVir PersonalEdition classic\UPGRADE\basic\avconfig.dll
c:\Documents and Settings\All Users.WINDOWS\Application Data\AntiVir PersonalEdition classic\UPGRADE\basic\avesvcr.dll
c:\Documents and Settings\All Users.WINDOWS\Application Data\AntiVir PersonalEdition classic\UPGRADE\basic\avewin32.dll
c:\Documents and Settings\All Users.WINDOWS\Application Data\AntiVir PersonalEdition classic\UPGRADE\basic\avgcmxp.dll
c:\Documents and Settings\All Users.WINDOWS\Application Data\AntiVir PersonalEdition classic\UPGRADE\basic\avinet.dll
c:\Documents and Settings\All Users.WINDOWS\Application Data\AntiVir PersonalEdition classic\UPGRADE\basic\AVMAILCR.dll
c:\Documents and Settings\All Users.WINDOWS\Application Data\AntiVir PersonalEdition classic\UPGRADE\basic\avnotify.dll
c:\Documents and Settings\All Users.WINDOWS\Application Data\AntiVir PersonalEdition classic\UPGRADE\basic\avpack32.dll
c:\Documents and Settings\All Users.WINDOWS\Application Data\AntiVir PersonalEdition classic\UPGRADE\basic\avpref.dll
c:\Documents and Settings\All Users.WINDOWS\Application Data\AntiVir PersonalEdition classic\UPGRADE\basic\AVReg.dll
c:\Documents and Settings\All Users.WINDOWS\Application Data\AntiVir PersonalEdition classic\UPGRADE\basic\avrep.dll
c:\Documents and Settings\All Users.WINDOWS\Application Data\AntiVir PersonalEdition classic\UPGRADE\basic\AVRpBase.dll
c:\Documents and Settings\All Users.WINDOWS\Application Data\AntiVir PersonalEdition classic\UPGRADE\basic\avscan.dll
c:\Documents and Settings\All Users.WINDOWS\Application Data\AntiVir PersonalEdition classic\UPGRADE\basic\avsda.dll
c:\Documents and Settings\All Users.WINDOWS\Application Data\AntiVir PersonalEdition classic\UPGRADE\basic\ccgen.dll
c:\Documents and Settings\All Users.WINDOWS\Application Data\AntiVir PersonalEdition classic\UPGRADE\basic\ccgenrc.dll
c:\Documents and Settings\All Users.WINDOWS\Application Data\AntiVir PersonalEdition classic\UPGRADE\basic\ccgrdrc.dll
c:\Documents and Settings\All Users.WINDOWS\Application Data\AntiVir PersonalEdition classic\UPGRADE\basic\ccguard.dll
c:\Documents and Settings\All Users.WINDOWS\Application Data\AntiVir PersonalEdition classic\UPGRADE\basic\cclic.dll
c:\Documents and Settings\All Users.WINDOWS\Application Data\AntiVir PersonalEdition classic\UPGRADE\basic\cclicrc.dll
c:\Documents and Settings\All Users.WINDOWS\Application Data\AntiVir PersonalEdition classic\UPGRADE\basic\ccmainrc.dll
c:\Documents and Settings\All Users.WINDOWS\Application Data\AntiVir PersonalEdition classic\UPGRADE\basic\ccmgrdrc.dll
c:\Documents and Settings\All Users.WINDOWS\Application Data\AntiVir PersonalEdition classic\UPGRADE\basic\ccmguard.dll
c:\Documents and Settings\All Users.WINDOWS\Application Data\AntiVir PersonalEdition classic\UPGRADE\basic\ccprofil.dll
c:\Documents and Settings\All Users.WINDOWS\Application Data\AntiVir PersonalEdition classic\UPGRADE\basic\ccquamgr.dll
c:\Documents and Settings\All Users.WINDOWS\Application Data\AntiVir PersonalEdition classic\UPGRADE\basic\ccquarc.dll
c:\Documents and Settings\All Users.WINDOWS\Application Data\AntiVir PersonalEdition classic\UPGRADE\basic\ccreporc.dll
c:\Documents and Settings\All Users.WINDOWS\Application Data\AntiVir PersonalEdition classic\UPGRADE\basic\ccreport.dll
c:\Documents and Settings\All Users.WINDOWS\Application Data\AntiVir PersonalEdition classic\UPGRADE\basic\ccscanrc.dll
c:\Documents and Settings\All Users.WINDOWS\Application Data\AntiVir PersonalEdition classic\UPGRADE\basic\ccsched.dll
c:\Documents and Settings\All Users.WINDOWS\Application Data\AntiVir PersonalEdition classic\UPGRADE\basic\ccscherc.dll
c:\Documents and Settings\All Users.WINDOWS\Application Data\AntiVir PersonalEdition classic\UPGRADE\basic\ccupdate.dll
c:\Documents and Settings\All Users.WINDOWS\Application Data\AntiVir PersonalEdition classic\UPGRADE\basic\ccupdrc.dll
c:\Documents and Settings\All Users.WINDOWS\Application Data\AntiVir PersonalEdition classic\UPGRADE\basic\guardmsg.dll
c:\Documents and Settings\All Users.WINDOWS\Application Data\AntiVir PersonalEdition classic\UPGRADE\basic\LicMgr.dll
c:\Documents and Settings\All Users.WINDOWS\Application Data\AntiVir PersonalEdition classic\UPGRADE\basic\luke.dll
c:\Documents and Settings\All Users.WINDOWS\Application Data\AntiVir PersonalEdition classic\UPGRADE\basic\lukeres.dll
c:\Documents and Settings\All Users.WINDOWS\Application Data\AntiVir PersonalEdition classic\UPGRADE\basic\mfc71u.dll
c:\Documents and Settings\All Users.WINDOWS\Application Data\AntiVir PersonalEdition classic\UPGRADE\basic\msvcp71.dll
c:\Documents and Settings\All Users.WINDOWS\Application Data\AntiVir PersonalEdition classic\UPGRADE\basic\msvcr71.dll
c:\Documents and Settings\All Users.WINDOWS\Application Data\AntiVir PersonalEdition classic\UPGRADE\basic\NetNT.dll
c:\Documents and Settings\All Users.WINDOWS\Application Data\AntiVir PersonalEdition classic\UPGRADE\basic\Netnw.dll
c:\Documents and Settings\All Users.WINDOWS\Application Data\AntiVir PersonalEdition classic\UPGRADE\basic\psapi.dll
c:\Documents and Settings\All Users.WINDOWS\Application Data\AntiVir PersonalEdition classic\UPGRADE\basic\scewxml.dll
c:\Documents and Settings\All Users.WINDOWS\Application Data\AntiVir PersonalEdition classic\UPGRADE\basic\schedr.dll
c:\Documents and Settings\All Users.WINDOWS\Application Data\AntiVir PersonalEdition classic\UPGRADE\basic\setup.dll
c:\Documents and Settings\All Users.WINDOWS\Application Data\AntiVir PersonalEdition classic\UPGRADE\basic\shlext.dll
c:\Documents and Settings\All Users.WINDOWS\Application Data\AntiVir PersonalEdition classic\UPGRADE\basic\smtplib.dll
c:\Documents and Settings\All Users.WINDOWS\Application Data\AntiVir PersonalEdition classic\UPGRADE\basic\sporder.dll
c:\Documents and Settings\All Users.WINDOWS\Application Data\AntiVir PersonalEdition classic\UPGRADE\basic\unacev2.dll
c:\Documents and Settings\All Users.WINDOWS\Application Data\AntiVir PersonalEdition classic\UPGRADE\basic\updgui.dll
c:\Documents and Settings\All Users.WINDOWS\Application Data\AntiVir PersonalEdition classic\UPGRADE\basic\updguirc.dll
c:\Documents and Settings\All Users.WINDOWS\Application Data\AntiVir PersonalEdition classic\UPGRADE\basic\updlib.dll
c:\Documents and Settings\All Users.WINDOWS\Application Data\AntiVir PersonalEdition classic\UPGRADE\basic\updlibrc.dll
c:\Documents and Settings\All Users.WINDOWS\Application Data\AntiVir PersonalEdition classic\UPGRADE\basic\wsplugin.dll
c:\Documents and Settings\All Users.WINDOWS\Application Data\Microsoft\IdentityCRL\ppcrlconfig.dll
c:\Documents and Settings\aude-emelyne\Application Data\Microsoft\IdentityCRL\ppcrlconfig.dll
c:\Documents and Settings\jeremy\Application Data\Microsoft\IdentityCRL\ppcrlconfig.dll

Re,

Désinstalle si possible :
Seekmo

Va sur le site de S!ri
Copie/Colle dans la première case : http://www.infos-du-net.com/forum/262243-11-pouvez-aide...
Clique sur Parcourir... puis ouvre:

C:\WINDOWS\System32\intr32.dll

Clique ensuite sur Upload

Télécharge : KillBox

Mets le dans un dossier ou sur ton bureau (Clique droit puis Extraire tout)
Selectionne le texte dans le cadre:



Clique droit puis Copier.
----------

. Ouvre Killbox.exe
. Choisis "Delete on reboot"
. Clique sur :
- " File " -> " Paste from Clipboard "
- " All Files "
- " Unregister .dll Before Deleting "

Pour terminer clique sur le rond rouge avec une croix blanche.

Une question te sera alors posée :
" File will be Removed on Reboot, Do you want to reboot now ? "

. Repond par "oui", un compte à rebour s'enclenche, ton PC va redémarrer.

Supprime ce dossier : C:\!KillBox

Aide sur KillBox

Voilà j'ai tout fait, je ne sais pas si cette manip devait permettre la disparition de cette pub, mais en tout cas elle est toujours là...
Petite question : les différents rapports que j'ai posté ne vont ils pas permettre à des gens "hacker" de s'introduire dans mon ordi ?

Encore une fois merci pour le boulot et le temps sacrifié à m'aider    

Non  

J'ai sûrement rater un truc quelque part...

Avec Internet Explorer
Fais un scan en ligne Panda
- Clique sur " Scan your PC "
- Ensuite sur " Check Now "
- /!\ Clique en bas sur " I don't Accept "
Entre ton adresse e-mail puis commence le scan
- Poste le rapport en fin d'analyse
Si tu as Avast! désactive-le lors du scan

Voila !


Incident Status Location

Adware:adware/spyblast Not disinfected Windows Registry
Dialer ialer.avv Not disinfected HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{2E246FAE-8420-11D9-870D-000C2917DE7F}
Adware:adware/cws.nfo Not disinfected Windows Registry
Spyware:spyware/surfsidekick Not disinfected Windows Registry
Adware:adware/mssearch Not disinfected Windows Registry
Spyware:spyware/clientman Not disinfected Windows Registry
Adware:adware/noname Not disinfected Windows Registry
Spyware:spyware/cws.olehelp Not disinfected Windows Registry
Adware:adware/cws Not disinfected Windows Registry
Spyware:spyware/adclicker Not disinfected Windows Registry
Potentially unwanted tool:Application/Processor Not disinfected C:\BFU\SmitfraudFix\Process.exe
Possible Virus. Not disinfected C:\BFU\SmitfraudFix\swsc.exe
Potentially unwanted tool:Application/Processor Not disinfected C:\Documents and Settings\aude-emelyne\Bureau\SDFix\apps\Process.exe
Possible Virus. Not disinfected C:\Documents and Settings\aude-emelyne\Bureau\SDFix\apps\swsc.exe
Potentially unwanted tool:Application/Processor Not disinfected C:\Documents and Settings\aude-emelyne\Bureau\SDFix.exe[SDFix\apps\Process.exe]
Possible Virus. Not disinfected C:\Documents and Settings\aude-emelyne\Bureau\SDFix.exe[SDFix\apps\swsc.exe]
Potentially unwanted tool:Application/Processor Not disinfected C:\Documents and Settings\aude-emelyne\Bureau\SmitfraudFix\SmitfraudFix\Process.exe
Possible Virus. Not disinfected C:\Documents and Settings\aude-emelyne\Bureau\SmitfraudFix\SmitfraudFix\swsc.exe
Potentially unwanted tool:Application/Processor Not disinfected C:\Documents and Settings\aude-emelyne\Bureau\SmitfraudFix.zip[SmitfraudFix/Process.exe]
Possible Virus. Not disinfected C:\Documents and Settings\aude-emelyne\Bureau\SmitfraudFix.zip[SmitfraudFix/swsc.exe]
Spyware:Cookie/2o7 Not disinfected C:\Documents and Settings\aude-emelyne\Cookies\aude-emelyne@2o7[2].txt
Spyware:Cookie/Adtech Not disinfected C:\Documents and Settings\aude-emelyne\Cookies\aude-emelyne@adtech[2].txt
Spyware:Cookie/Falkag Not disinfected C:\Documents and Settings\aude-emelyne\Cookies\aude-emelyne@as1.falkag[2].txt
Spyware:Cookie/Comclick Not disinfected C:\Documents and Settings\aude-emelyne\Cookies\aude-emelyne@fl01.ct2.comclick[1].txt
Spyware:Cookie/Weborama Not disinfected C:\Documents and Settings\aude-emelyne\Cookies\aude-emelyne@weborama[1].txt
Spyware:Cookie/Xiti Not disinfected C:\Documents and Settings\aude-emelyne\Cookies\aude-emelyne@xiti[1].txt
Spyware:Cookie/Systemdoctor Not disinfected C:\Documents and Settings\jeremy\Cookies\jeremy@2006[1].txt
Spyware:Cookie/Adtech Not disinfected C:\Documents and Settings\jeremy\Cookies\jeremy@adtech[2].txt
Spyware:Cookie/DriveCleaner Not disinfected C:\Documents and Settings\jeremy\Cookies\jeremy@drivecleaner[1].txt
Spyware:Cookie/Comclick Not disinfected C:\Documents and Settings\jeremy\Cookies\jeremy@fl01.ct2.comclick[1].txt
Spyware:Cookie/MetriWeb Not disinfected C:\Documents and Settings\jeremy\Cookies\jeremy@metriweb[1].txt
Spyware:Cookie/DriveCleaner Not disinfected C:\Documents and Settings\jeremy\Cookies\jeremy@stats.drivecleaner[2].txt
Spyware:Cookie/Reliablestats Not disinfected C:\Documents and Settings\jeremy\Cookies\jeremy@stats1.reliablestats[2].txt
Spyware:Cookie/Weborama Not disinfected C:\Documents and Settings\jeremy\Cookies\jeremy@weborama[1].txt
Spyware:Cookie/DriveCleaner Not disinfected C:\Documents and Settings\jeremy\Cookies\jeremy@www.drivecleaner[2].txt
Spyware:Cookie/Systemdoctor Not disinfected C:\Documents and Settings\jeremy\Cookies\jeremy@www.systemdoctor[1].txt
Spyware:Cookie/Xiti Not disinfected C:\Documents and Settings\jeremy\Cookies\jeremy@xiti[1].txt
Spyware:Cookie/Systemdoctor Not disinfected C:\Documents and Settings\jeremy\Local Settings\Temp\Cookies\jeremy@2006[2].txt
Spyware:Cookie/Apmebf Not disinfected C:\Documents and Settings\jeremy\Local Settings\Temp\Cookies\jeremy@apmebf[2].txt
Spyware:Cookie/DriveCleaner Not disinfected C:\Documents and Settings\jeremy\Local Settings\Temp\Cookies\jeremy@drivecleaner[2].txt
Spyware:Cookie/ErrorSafe Not disinfected C:\Documents and Settings\jeremy\Local Settings\Temp\Cookies\jeremy@errorsafe[2].txt
Spyware:Cookie/fe.lea.lycos Not disinfected C:\Documents and Settings\jeremy\Local Settings\Temp\Cookies\jeremy@fe.lea.lycos[1].txt
Spyware:Cookie/MetriWeb Not disinfected C:\Documents and Settings\jeremy\Local Settings\Temp\Cookies\jeremy@metriweb[1].txt
Spyware:Cookie/DriveCleaner Not disinfected C:\Documents and Settings\jeremy\Local Settings\Temp\Cookies\jeremy@stats.drivecleaner[2].txt
Spyware:Cookie/DriveCleaner Not disinfected C:\Documents and Settings\jeremy\Local Settings\Temp\Cookies\jeremy@www.drivecleaner[1].txt
Spyware:Cookie/ErrorSafe Not disinfected C:\Documents and Settings\jeremy\Local Settings\Temp\Cookies\jeremy@www.errorsafe[1].txt
Spyware:Cookie/Systemdoctor Not disinfected C:\Documents and Settings\jeremy\Local Settings\Temp\Cookies\jeremy@www.systemdoctor[2].txt
Spyware:Cookie/Xiti Not disinfected C:\Documents and Settings\jeremy\Local Settings\Temp\Cookies\jeremy@xiti[1].txt
Spyware:Cookie/Sandboxer Not disinfected C:\Documents and Settings\Jérémy\Cookies\jérémy@0[2].txt
Spyware:Cookie/888 Not disinfected C:\Documents and Settings\Jérémy\Cookies\jérémy@888[1].txt
Spyware:Cookie/888 Not disinfected C:\Documents and Settings\Jérémy\Cookies\jérémy@888[3].txt
Spyware:Cookie/Hbmediapro Not disinfected C:\Documents and Settings\Jérémy\Cookies\jérémy@adopt.hbmediapro[2].txt
Spyware:Cookie/adultfriendfinder Not disinfected C:\Documents and Settings\Jérémy\Cookies\jérémy@adultfriendfinder[2].txt
Spyware:Cookie/Apmebf Not disinfected C:\Documents and Settings\Jérémy\Cookies\jérémy@apmebf[2].txt
Spyware:Cookie/Belnk Not disinfected C:\Documents and Settings\Jérémy\Cookies\jérémy@belnk[2].txt
Spyware:Cookie/Cassava Not disinfected C:\Documents and Settings\Jérémy\Cookies\jérémy@cassava[1].txt
Spyware:Cookie/Cgi-bin Not disinfected C:\Documents and Settings\Jérémy\Cookies\jérémy@cgi-bin[1].txt
Spyware:Cookie/Kazaa Networks Not disinfected C:\Documents and Settings\Jérémy\Cookies\jérémy@desktop.kazaa[2].txt
Spyware:Cookie/Belnk Not disinfected C:\Documents and Settings\Jérémy\Cookies\jérémy@dist.belnk[2].txt
Spyware:Cookie/empnads Not disinfected C:\Documents and Settings\Jérémy\Cookies\jérémy@empnads[1].txt
Spyware:Cookie/fe.lea.lycos Not disinfected C:\Documents and Settings\Jérémy\Cookies\jérémy@fe.lea.lycos[1].txt
Spyware:Cookie/Rn11 Not disinfected C:\Documents and Settings\Jérémy\Cookies\jérémy@rn11[2].txt
Spyware:Cookie/WinFixer Not disinfected C:\Documents and Settings\Jérémy\Cookies\jérémy@winfixer[2].txt
Spyware:Cookie/Advnt Not disinfected C:\Documents and Settings\Jérémy\Cookies\jérémy@www.advnt01[1].txt
Spyware:Cookie/Xiti Not disinfected C:\Documents and Settings\Jérémy\Cookies\jérémy@xiti[1].txt
Adware:Adware/Lop Not disinfected C:\Documents and Settings\Jérémy\Local Settings\Temporary Internet Files\Content.IE5\REKNR50D\newpass2[1].htm
Spyware:Cookie/Sandboxer Not disinfected C:\Documents and Settings\Standard\Cookies\standard@0[1].txt
Spyware:Cookie/Sandboxer Not disinfected C:\Documents and Settings\Standard\Cookies\standard@0[2].txt
Spyware:Cookie/888 Not disinfected C:\Documents and Settings\Standard\Cookies\standard@888[1].txt
Spyware:Cookie/888 Not disinfected C:\Documents and Settings\Standard\Cookies\standard@888[3].txt
Spyware:Cookie/Hbmediapro Not disinfected C:\Documents and Settings\Standard\Cookies\standard@adopt.hbmediapro[2].txt
Spyware:Cookie/adultfriendfinder Not disinfected C:\Documents and Settings\Standard\Cookies\standard@adultfriendfinder[1].txt
Spyware:Cookie/Atwola Not disinfected C:\Documents and Settings\Standard\Cookies\standard@atwola[1].txt
Spyware:Cookie/Belnk Not disinfected C:\Documents and Settings\Standard\Cookies\standard@belnk[1].txt
Spyware:Cookie/bravenetA Not disinfected C:\Documents and Settings\Standard\Cookies\standard@bravenet[1].txt
Spyware:Cookie/Cassava Not disinfected C:\Documents and Settings\Standard\Cookies\standard@cassava[1].txt
Spyware:Cookie/Ccbill Not disinfected C:\Documents and Settings\Standard\Cookies\standard@ccbill[2].txt
Spyware:Cookie/Cgi-bin Not disinfected C:\Documents and Settings\Standard\Cookies\standard@cgi-bin[3].txt
Spyware:Cookie/Cgi-bin Not disinfected C:\Documents and Settings\Standard\Cookies\standard@cgi-bin[5].txt
Spyware:Cookie/Kazaa Networks Not disinfected C:\Documents and Settings\Standard\Cookies\standard@desktop.kazaa[1].txt
Spyware:Cookie/Belnk Not disinfected C:\Documents and Settings\Standard\Cookies\standard@dist.belnk[2].txt
Spyware:Cookie/empnads Not disinfected C:\Documents and Settings\Standard\Cookies\standard@empnads[1].txt
Spyware:Cookie/fe.lea.lycos Not disinfected C:\Documents and Settings\Standard\Cookies\standard@fe.lea.lycos[1].txt
Spyware:Cookie/Go Not disinfected C:\Documents and Settings\Standard\Cookies\standard@go[2].txt
Spyware:Cookie/MetriWeb Not disinfected C:\Documents and Settings\Standard\Cookies\standard@metriweb[1].txt
Spyware:Cookie/RealMedia Not disinfected C:\Documents and Settings\Standard\Cookies\standard@realmedia[2].txt
Spyware:Cookie/Rn11 Not disinfected C:\Documents and Settings\Standard\Cookies\standard@rn11[1].txt
Spyware:Cookie/WinFixer Not disinfected C:\Documents and Settings\Standard\Cookies\standard@winfixer[2].txt
Spyware:Cookie/Xiti Not disinfected C:\Documents and Settings\Standard\Cookies\standard@xiti[1].txt
Potentially unwanted tool:Application/Seekmo Not disinfected C:\Program Files\Seekmo Programs\Seekmo Toolbar\SeekmoTBUninstaller.exe
Potentially unwanted tool:Application/Processor Not disinfected C:\WINDOWS\system32\Process.exe
Virus:W32/Nuwar.A.worm Disinfected C:\WINDOWS\system32\revvrggi.exe
Possible Virus. Not disinfected C:\WINDOWS\system32\swsc.exe

Re,

Supprime :
C:\Program Files\Seekmo Programs\
C:\WINDOWS\system32\revvrggi.exe

Démarrer/Executer/Regedit, supprime :
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{2E246FAE-8420-11D9-870D-000C2917DE7F}

On va maintenant tenter de néttoyer ton registre.

Désinstalle AVG AS

- Télécharge et Installe CounterSpy : http://www.malekal.com/tutorial_CounterSpy.html
- Une fois installé et l'assistant de configuration executé, démarre CounterSpy afin d'effectuer une mise à jour.
- Redémarre en mode sans échec, si tu sais pas comment on fait lis ceci
- Clic sur le bouton "Scan Now" à gauche et laisse le scan se faire.
- A l'issu du scan, tous les éléments trouvés seront positionnés sur Quarantine
- Clic sur le bouton en bas à gauche Take Action pour envoyer tous les éléments détectés en quarantaine.
- Redémarre l'ordinateur
- Copie/colle un nouveau rapport Panda

bonsoir angeldark  
juste pour te dire que je n'ai pas eu le temps aujourd'hui, je ferai la nouvelle manip demain et posterai le rapport demain après midi
(boulot oblig)
bonne soirée  

Ok  

voila je suis enfin rentrée (dure journée) je commence le scan

Incident Status Location

Adware:adware/spyblast Not disinfected Windows Registry
Dialer ialer.avv Not disinfected HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{2E246FAE-8420-11D9-870D-000C2917DE7F}
Adware:adware/cws.nfo Not disinfected Windows Registry
Spyware:spyware/surfsidekick Not disinfected Windows Registry
Adware:adware/mssearch Not disinfected Windows Registry
Spyware:spyware/clientman Not disinfected Windows Registry
Adware:adware/noname Not disinfected Windows Registry
Spyware:spyware/cws.olehelp Not disinfected Windows Registry
Adware:adware/cws Not disinfected Windows Registry
Spyware:spyware/adclicker Not disinfected Windows Registry
Potentially unwanted tool:Application/Processor Not disinfected C:\BFU\SmitfraudFix\Process.exe
Possible Virus. Not disinfected C:\BFU\SmitfraudFix\swsc.exe
Potentially unwanted tool:Application/Processor Not disinfected C:\Documents and Settings\aude-emelyne\Bureau\SDFix\apps\Process.exe
Possible Virus. Not disinfected C:\Documents and Settings\aude-emelyne\Bureau\SDFix\apps\swsc.exe
Potentially unwanted tool:Application/Processor Not disinfected C:\Documents and Settings\aude-emelyne\Bureau\SDFix.exe[SDFix\apps\Process.exe]
Possible Virus. Not disinfected C:\Documents and Settings\aude-emelyne\Bureau\SDFix.exe[SDFix\apps\swsc.exe]
Potentially unwanted tool:Application/Processor Not disinfected C:\Documents and Settings\aude-emelyne\Bureau\SmitfraudFix\SmitfraudFix\Process.exe
Possible Virus. Not disinfected C:\Documents and Settings\aude-emelyne\Bureau\SmitfraudFix\SmitfraudFix\swsc.exe
Potentially unwanted tool:Application/Processor Not disinfected C:\Documents and Settings\aude-emelyne\Bureau\SmitfraudFix.zip[SmitfraudFix/Process.exe]
Possible Virus. Not disinfected C:\Documents and Settings\aude-emelyne\Bureau\SmitfraudFix.zip[SmitfraudFix/swsc.exe]
Spyware:Cookie/2o7 Not disinfected C:\Documents and Settings\aude-emelyne\Cookies\aude-emelyne@2o7[2].txt
Spyware:Cookie/Adtech Not disinfected C:\Documents and Settings\aude-emelyne\Cookies\aude-emelyne@adtech[2].txt
Spyware:Cookie/Falkag Not disinfected C:\Documents and Settings\aude-emelyne\Cookies\aude-emelyne@as1.falkag[2].txt
Spyware:Cookie/Comclick Not disinfected C:\Documents and Settings\aude-emelyne\Cookies\aude-emelyne@fl01.ct2.comclick[1].txt
Spyware:Cookie/Weborama Not disinfected C:\Documents and Settings\aude-emelyne\Cookies\aude-emelyne@weborama[1].txt
Spyware:Cookie/Xiti Not disinfected C:\Documents and Settings\aude-emelyne\Cookies\aude-emelyne@xiti[1].txt
Spyware:Cookie/Systemdoctor Not disinfected C:\Documents and Settings\jeremy\Cookies\jeremy@2006[1].txt
Spyware:Cookie/Adtech Not disinfected C:\Documents and Settings\jeremy\Cookies\jeremy@adtech[2].txt
Spyware:Cookie/DriveCleaner Not disinfected C:\Documents and Settings\jeremy\Cookies\jeremy@drivecleaner[1].txt
Spyware:Cookie/Comclick Not disinfected C:\Documents and Settings\jeremy\Cookies\jeremy@fl01.ct2.comclick[1].txt
Spyware:Cookie/MetriWeb Not disinfected C:\Documents and Settings\jeremy\Cookies\jeremy@metriweb[1].txt
Spyware:Cookie/DriveCleaner Not disinfected C:\Documents and Settings\jeremy\Cookies\jeremy@stats.drivecleaner[2].txt
Spyware:Cookie/Reliablestats Not disinfected C:\Documents and Settings\jeremy\Cookies\jeremy@stats1.reliablestats[2].txt
Spyware:Cookie/Weborama Not disinfected C:\Documents and Settings\jeremy\Cookies\jeremy@weborama[1].txt
Spyware:Cookie/DriveCleaner Not disinfected C:\Documents and Settings\jeremy\Cookies\jeremy@www.drivecleaner[2].txt
Spyware:Cookie/Systemdoctor Not disinfected C:\Documents and Settings\jeremy\Cookies\jeremy@www.systemdoctor[1].txt
Spyware:Cookie/Xiti Not disinfected C:\Documents and Settings\jeremy\Cookies\jeremy@xiti[1].txt
Spyware:Cookie/Systemdoctor Not disinfected C:\Documents and Settings\jeremy\Local Settings\Temp\Cookies\jeremy@2006[2].txt
Spyware:Cookie/Apmebf Not disinfected C:\Documents and Settings\jeremy\Local Settings\Temp\Cookies\jeremy@apmebf[2].txt
Spyware:Cookie/DriveCleaner Not disinfected C:\Documents and Settings\jeremy\Local Settings\Temp\Cookies\jeremy@drivecleaner[2].txt
Spyware:Cookie/ErrorSafe Not disinfected C:\Documents and Settings\jeremy\Local Settings\Temp\Cookies\jeremy@errorsafe[2].txt
Spyware:Cookie/fe.lea.lycos Not disinfected C:\Documents and Settings\jeremy\Local Settings\Temp\Cookies\jeremy@fe.lea.lycos[1].txt
Spyware:Cookie/MetriWeb Not disinfected C:\Documents and Settings\jeremy\Local Settings\Temp\Cookies\jeremy@metriweb[1].txt
Spyware:Cookie/DriveCleaner Not disinfected C:\Documents and Settings\jeremy\Local Settings\Temp\Cookies\jeremy@stats.drivecleaner[2].txt
Spyware:Cookie/DriveCleaner Not disinfected C:\Documents and Settings\jeremy\Local Settings\Temp\Cookies\jeremy@www.drivecleaner[1].txt
Spyware:Cookie/ErrorSafe Not disinfected C:\Documents and Settings\jeremy\Local Settings\Temp\Cookies\jeremy@www.errorsafe[1].txt
Spyware:Cookie/Systemdoctor Not disinfected C:\Documents and Settings\jeremy\Local Settings\Temp\Cookies\jeremy@www.systemdoctor[2].txt
Spyware:Cookie/Xiti Not disinfected C:\Documents and Settings\jeremy\Local Settings\Temp\Cookies\jeremy@xiti[1].txt
Spyware:Cookie/Sandboxer Not disinfected C:\Documents and Settings\Jérémy\Cookies\jérémy@0[2].txt
Spyware:Cookie/888 Not disinfected C:\Documents and Settings\Jérémy\Cookies\jérémy@888[1].txt
Spyware:Cookie/888 Not disinfected C:\Documents and Settings\Jérémy\Cookies\jérémy@888[3].txt
Spyware:Cookie/Hbmediapro Not disinfected C:\Documents and Settings\Jérémy\Cookies\jérémy@adopt.hbmediapro[2].txt
Spyware:Cookie/adultfriendfinder Not disinfected C:\Documents and Settings\Jérémy\Cookies\jérémy@adultfriendfinder[2].txt
Spyware:Cookie/Apmebf Not disinfected C:\Documents and Settings\Jérémy\Cookies\jérémy@apmebf[2].txt
Spyware:Cookie/Belnk Not disinfected C:\Documents and Settings\Jérémy\Cookies\jérémy@belnk[2].txt
Spyware:Cookie/Cassava Not disinfected C:\Documents and Settings\Jérémy\Cookies\jérémy@cassava[1].txt
Spyware:Cookie/Cgi-bin Not disinfected C:\Documents and Settings\Jérémy\Cookies\jérémy@cgi-bin[1].txt
Spyware:Cookie/Kazaa Networks Not disinfected C:\Documents and Settings\Jérémy\Cookies\jérémy@desktop.kazaa[2].txt
Spyware:Cookie/Belnk Not disinfected C:\Documents and Settings\Jérémy\Cookies\jérémy@dist.belnk[2].txt
Spyware:Cookie/empnads Not disinfected C:\Documents and Settings\Jérémy\Cookies\jérémy@empnads[1].txt
Spyware:Cookie/fe.lea.lycos Not disinfected C:\Documents and Settings\Jérémy\Cookies\jérémy@fe.lea.lycos[1].txt
Spyware:Cookie/Rn11 Not disinfected C:\Documents and Settings\Jérémy\Cookies\jérémy@rn11[2].txt
Spyware:Cookie/WinFixer Not disinfected C:\Documents and Settings\Jérémy\Cookies\jérémy@winfixer[2].txt
Spyware:Cookie/Advnt Not disinfected C:\Documents and Settings\Jérémy\Cookies\jérémy@www.advnt01[1].txt
Spyware:Cookie/Xiti Not disinfected C:\Documents and Settings\Jérémy\Cookies\jérémy@xiti[1].txt
Adware:Adware/Lop Not disinfected C:\Documents and Settings\Jérémy\Local Settings\Temporary Internet Files\Content.IE5\REKNR50D\newpass2[1].htm
Spyware:Cookie/Sandboxer Not disinfected C:\Documents and Settings\Standard\Cookies\standard@0[1].txt
Spyware:Cookie/Sandboxer Not disinfected C:\Documents and Settings\Standard\Cookies\standard@0[2].txt
Spyware:Cookie/888 Not disinfected C:\Documents and Settings\Standard\Cookies\standard@888[1].txt
Spyware:Cookie/888 Not disinfected C:\Documents and Settings\Standard\Cookies\standard@888[3].txt
Spyware:Cookie/Hbmediapro Not disinfected C:\Documents and Settings\Standard\Cookies\standard@adopt.hbmediapro[2].txt
Spyware:Cookie/adultfriendfinder Not disinfected C:\Documents and Settings\Standard\Cookies\standard@adultfriendfinder[1].txt
Spyware:Cookie/Atwola Not disinfected C:\Documents and Settings\Standard\Cookies\standard@atwola[1].txt
Spyware:Cookie/Belnk Not disinfected C:\Documents and Settings\Standard\Cookies\standard@belnk[1].txt
Spyware:Cookie/bravenetA Not disinfected C:\Documents and Settings\Standard\Cookies\standard@bravenet[1].txt
Spyware:Cookie/Cassava Not disinfected C:\Documents and Settings\Standard\Cookies\standard@cassava[1].txt
Spyware:Cookie/Ccbill Not disinfected C:\Documents and Settings\Standard\Cookies\standard@ccbill[2].txt
Spyware:Cookie/Cgi-bin Not disinfected C:\Documents and Settings\Standard\Cookies\standard@cgi-bin[3].txt
Spyware:Cookie/Cgi-bin Not disinfected C:\Documents and Settings\Standard\Cookies\standard@cgi-bin[5].txt
Spyware:Cookie/Kazaa Networks Not disinfected C:\Documents and Settings\Standard\Cookies\standard@desktop.kazaa[1].txt
Spyware:Cookie/Belnk Not disinfected C:\Documents and Settings\Standard\Cookies\standard@dist.belnk[2].txt
Spyware:Cookie/empnads Not disinfected C:\Documents and Settings\Standard\Cookies\standard@empnads[1].txt
Spyware:Cookie/fe.lea.lycos Not disinfected C:\Documents and Settings\Standard\Cookies\standard@fe.lea.lycos[1].txt
Spyware:Cookie/Go Not disinfected C:\Documents and Settings\Standard\Cookies\standard@go[2].txt
Spyware:Cookie/MetriWeb Not disinfected C:\Documents and Settings\Standard\Cookies\standard@metriweb[1].txt
Spyware:Cookie/RealMedia Not disinfected C:\Documents and Settings\Standard\Cookies\standard@realmedia[2].txt
Spyware:Cookie/Rn11 Not disinfected C:\Documents and Settings\Standard\Cookies\standard@rn11[1].txt
Spyware:Cookie/WinFixer Not disinfected C:\Documents and Settings\Standard\Cookies\standard@winfixer[2].txt
Spyware:Cookie/Xiti Not disinfected C:\Documents and Settings\Standard\Cookies\standard@xiti[1].txt
Potentially unwanted tool:Application/Seekmo Not disinfected C:\Program Files\Seekmo Programs\Seekmo Toolbar\SeekmoTBUninstaller.exe
Potentially unwanted tool:Application/Processor Not disinfected C:\WINDOWS\system32\Process.exe
Virus:W32/Nuwar.A.worm Disinfected C:\WINDOWS\system32\revvrggi.exe
Possible Virus. Not disinfected C:\WINDOWS\system32\swsc.exe


Voila, je termine en disant que la méchante pub n'est plus revenue   

As tu supprimé ce que j'ai dit ?
Désinstalle si possible CounterSpy

Télécharge SpySweeper (de Webroot, version d'essai de 14 jours) :

-Clique sur "Télécharger la version test".
-Installe le programme en choississant "installation standard".
-Accepte le redémarrage
-L'option de le mettre à jour s'affichera, acceptes la mise à jour
-Lorsque les mises à jour seront installées, dans colonne de gauche clique sur l'onglet Options puis analyse.
-Sous Eléments à analyser et Autres options coche toutes les cases.
-Ferme SpySweeper

La suite étant faite en mode sans échec, imprime ou copie/colle dans un fichier texte les instructions suivantes

Redémarre en mode sans échec : au redémarrage, tapotes immédiatement la touche F8, tu verras un écran avec choix de démarrages apparaître. Utilisant les flèches du clavier, choisis "Mode Sans Échec" et valide avec "Entrée". Choisis ton compte usuel, et non Administrateur.

Démarre SpySweeper
-Clique Analyser sur la gauche puis sur Démarrer l'analyse.
-Quand le scan est terminé, clique sur Suivant.
-Assure-toi que tous les éléments trouvés sont tous cochés, puis clic sur Suivant.
-Tous les éléments cochés seront alors mis en quarantaine.
-Dans "Récapitulatif", sélectionne en bas Afficher le journal de session puis Enregistrer dans un fichier afin de sauvegarder le rapport.

Redémarre normalement

Désinstalle SpySweeper à partir de ajout/suppression de programme sauf si tu veux continuer l'évaluation pendant 15 jours.

Copie/colle le rapport de SpySweeper ici

Coucou
Oui oui j'avais bien supprimé tout ce que tu m'as dit de faire, pourquoi il y a un souci ?
Voici le rapport, j'ai eu un peu de mal pour cette manip, j'espere que c'est bon :

15:10: Removal process completed. Elapsed time 00:05:00
15:10: A reboot was required but declined.
15:09: Warning: Failed to delete profile shadow file "C:\WINDOWS\Temp\SSTD9.tmp". Reason: Le fichier spécifié est introuvable
15:09: Warning: Failed to delete profile shadow file ".log". Reason: Le fichier spécifié est introuvable
15:09: Warning: Failed to delete profile shadow file "C:\WINDOWS\Temp\SSTD9.tmp". Reason: Le fichier spécifié est introuvable
15:09: Warning: Failed to delete profile shadow file ".log". Reason: Le fichier spécifié est introuvable
15:09: Warning: Failed to delete profile shadow file "C:\WINDOWS\Temp\SSTD9.tmp". Reason: Le fichier spécifié est introuvable
15:09: Warning: Failed to delete profile shadow file ".log". Reason: Le fichier spécifié est introuvable
15:09: Warning: Failed to delete profile shadow file "C:\WINDOWS\Temp\SSTD9.tmp". Reason: Le fichier spécifié est introuvable
15:09: Warning: Failed to delete profile shadow file ".log". Reason: Le fichier spécifié est introuvable
15:09: Warning: Failed to delete profile shadow file "C:\WINDOWS\Temp\SSTD9.tmp". Reason: Le fichier spécifié est introuvable
15:09: Warning: Failed to delete profile shadow file ".log". Reason: Le fichier spécifié est introuvable
15:09: Quarantining All Traces: gain - common components
15:09: Quarantining All Traces: dealtime cookie
15:09: Quarantining All Traces: falkag cookie
15:09: Quarantining All Traces: 2o7.net cookie
15:09: Quarantining All Traces: xiti cookie
15:09: Quarantining All Traces: weborama cookie
15:09: Quarantining All Traces: reliablestats cookie
15:09: Quarantining All Traces: metriweb.be cookie
15:09: Quarantining All Traces: comclick cookie
15:09: Quarantining All Traces: adtech cookie
15:09: Quarantining All Traces: altnet
15:09: Quarantining All Traces: hotbar
15:09: c:\documents and settings\jeremy\mes documents\ma musique\(album) alanis morissette - jagged little pill-acoustic 2005\(album) alanis morissette - jagged little pill-acoustic 2005\alanis morissette - jagged little pill acoustic (2005)\12-alanis_morissette-wake_up.mp3 is in use. It will be removed on reboot.
15:09: c:\documents and settings\jeremy\mes documents\ma musique\(album) alanis morissette - jagged little pill-acoustic 2005\(album) alanis morissette - jagged little pill-acoustic 2005\alanis morissette - jagged little pill acoustic (2005)\11-alanis_morissette-not_the_doctor.mp3 is in use. It will be removed on reboot.
15:09: c:\documents and settings\jeremy\mes documents\ma musique\(album) alanis morissette - jagged little pill-acoustic 2005\(album) alanis morissette - jagged little pill-acoustic 2005\alanis morissette - jagged little pill acoustic (2005)\10-alanis_morissette-ironic.mp3 is in use. It will be removed on reboot.
15:09: c:\documents and settings\jeremy\mes documents\ma musique\(album) alanis morissette - jagged little pill-acoustic 2005\(album) alanis morissette - jagged little pill-acoustic 2005\alanis morissette - jagged little pill acoustic (2005)\09-alanis_morissette-mary_jane.mp3 is in use. It will be removed on reboot.
15:09: c:\documents and settings\jeremy\mes documents\ma musique\(album) alanis morissette - jagged little pill-acoustic 2005\(album) alanis morissette - jagged little pill-acoustic 2005\alanis morissette - jagged little pill acoustic (2005)\08-alanis_morissette-head_over_feet.mp3 is in use. It will be removed on reboot.
15:09: c:\documents and settings\jeremy\mes documents\ma musique\(album) alanis morissette - jagged little pill-acoustic 2005\(album) alanis morissette - jagged little pill-acoustic 2005\alanis morissette - jagged little pill acoustic (2005)\07-alanis_morissette-you_learn.mp3 is in use. It will be removed on reboot.
15:09: c:\documents and settings\jeremy\mes documents\ma musique\(album) alanis morissette - jagged little pill-acoustic 2005\(album) alanis morissette - jagged little pill-acoustic 2005\alanis morissette - jagged little pill acoustic (2005)\06-alanis_morissette-forgiven.mp3 is in use. It will be removed on reboot.
15:09: c:\documents and settings\jeremy\mes documents\ma musique\(album) alanis morissette - jagged little pill-acoustic 2005\(album) alanis morissette - jagged little pill-acoustic 2005\alanis morissette - jagged little pill acoustic (2005)\05-alanis_morissette-right_through_you.mp3 is in use. It will be removed on reboot.
15:09: c:\documents and settings\jeremy\mes documents\ma musique\(album) alanis morissette - jagged little pill-acoustic 2005\(album) alanis morissette - jagged little pill-acoustic 2005\alanis morissette - jagged little pill acoustic (2005)\04-alanis_morissette-hand_in_my_pocket.mp3 is in use. It will be removed on reboot.
15:09: c:\documents and settings\jeremy\mes documents\ma musique\(album) alanis morissette - jagged little pill-acoustic 2005\(album) alanis morissette - jagged little pill-acoustic 2005\alanis morissette - jagged little pill acoustic (2005)\03-alanis_morissette-perfect.mp3 is in use. It will be removed on reboot.
15:09: c:\documents and settings\jeremy\mes documents\ma musique\(album) alanis morissette - jagged little pill-acoustic 2005\(album) alanis morissette - jagged little pill-acoustic 2005\alanis morissette - jagged little pill acoustic (2005)\02-alanis_morissette-you_oughta_know.mp3 is in use. It will be removed on reboot.
15:09: c:\documents and settings\jeremy\mes documents\ma musique\(album) alanis morissette - jagged little pill-acoustic 2005\(album) alanis morissette - jagged little pill-acoustic 2005\alanis morissette - jagged little pill acoustic (2005)\13-alanis morissette - your house (hidden track).m is in use. It will be removed on reboot.
15:09: c:\documents and settings\jeremy\mes documents\ma musique\(album) alanis morissette - jagged little pill-acoustic 2005\(album) alanis morissette - jagged little pill-acoustic 2005\alanis morissette - jagged little pill acoustic (2005)\01-alanis_morissette-all_i_really_want.mp3 is in use. It will be removed on reboot.
15:09: potentially rootkit-masked files is in use. It will be removed on reboot.
15:05: Quarantining All Traces: potentially rootkit-masked files
15:05: Quarantining All Traces: lopdotcom
15:05: Removal process initiated
15:03: Traces Found: 42
15:03: Full Sweep has completed. Elapsed time 00:58:44
15:03: File Sweep Complete, Elapsed Time: 00:57:15
14:51: Warning: Stream read error
14:43: c:\documents and settings\jeremy\mes documents\ma musique\(album) alanis morissette - jagged little pill-acoustic 2005\(album) alanis morissette - jagged little pill-acoustic 2005\alanis morissette - jagged little pill acoustic (2005)\12-alanis_morissette-wake_up.mp3 (ID = 0)
14:43: c:\documents and settings\jeremy\mes documents\ma musique\(album) alanis morissette - jagged little pill-acoustic 2005\(album) alanis morissette - jagged little pill-acoustic 2005\alanis morissette - jagged little pill acoustic (2005)\11-alanis_morissette-not_the_doctor.mp3 (ID = 0)
14:43: c:\documents and settings\jeremy\mes documents\ma musique\(album) alanis morissette - jagged little pill-acoustic 2005\(album) alanis morissette - jagged little pill-acoustic 2005\alanis morissette - jagged little pill acoustic (2005)\10-alanis_morissette-ironic.mp3 (ID = 0)
14:43: c:\documents and settings\jeremy\mes documents\ma musique\(album) alanis morissette - jagged little pill-acoustic 2005\(album) alanis morissette - jagged little pill-acoustic 2005\alanis morissette - jagged little pill acoustic (2005)\09-alanis_morissette-mary_jane.mp3 (ID = 0)
14:43: c:\documents and settings\jeremy\mes documents\ma musique\(album) alanis morissette - jagged little pill-acoustic 2005\(album) alanis morissette - jagged little pill-acoustic 2005\alanis morissette - jagged little pill acoustic (2005)\08-alanis_morissette-head_over_feet.mp3 (ID = 0)
14:43: c:\documents and settings\jeremy\mes documents\ma musique\(album) alanis morissette - jagged little pill-acoustic 2005\(album) alanis morissette - jagged little pill-acoustic 2005\alanis morissette - jagged little pill acoustic (2005)\07-alanis_morissette-you_learn.mp3 (ID = 0)
14:43: c:\documents and settings\jeremy\mes documents\ma musique\(album) alanis morissette - jagged little pill-acoustic 2005\(album) alanis morissette - jagged little pill-acoustic 2005\alanis morissette - jagged little pill acoustic (2005)\06-alanis_morissette-forgiven.mp3 (ID = 0)
14:43: c:\documents and settings\jeremy\mes documents\ma musique\(album) alanis morissette - jagged little pill-acoustic 2005\(album) alanis morissette - jagged little pill-acoustic 2005\alanis morissette - jagged little pill acoustic (2005)\05-alanis_morissette-right_through_you.mp3 (ID = 0)
14:43: c:\documents and settings\jeremy\mes documents\ma musique\(album) alanis morissette - jagged little pill-acoustic 2005\(album) alanis morissette - jagged little pill-acoustic 2005\alanis morissette - jagged little pill acoustic (2005)\04-alanis_morissette-hand_in_my_pocket.mp3 (ID = 0)
14:43: c:\documents and settings\jeremy\mes documents\ma musique\(album) alanis morissette - jagged little pill-acoustic 2005\(album) alanis morissette - jagged little pill-acoustic 2005\alanis morissette - jagged little pill acoustic (2005)\03-alanis_morissette-perfect.mp3 (ID = 0)
14:43: c:\documents and settings\jeremy\mes documents\ma musique\(album) alanis morissette - jagged little pill-acoustic 2005\(album) alanis morissette - jagged little pill-acoustic 2005\alanis morissette - jagged little pill acoustic (2005)\02-alanis_morissette-you_oughta_know.mp3 (ID = 0)
14:43: c:\documents and settings\jeremy\mes documents\ma musique\(album) alanis morissette - jagged little pill-acoustic 2005\(album) alanis morissette - jagged little pill-acoustic 2005\alanis morissette - jagged little pill acoustic (2005)\13-alanis morissette - your house (hidden track).m (ID = 0)
14:43: c:\documents and settings\jeremy\mes documents\ma musique\(album) alanis morissette - jagged little pill-acoustic 2005\(album) alanis morissette - jagged little pill-acoustic 2005\alanis morissette - jagged little pill acoustic (2005)\01-alanis_morissette-all_i_really_want.mp3 (ID = 0)
14:43: Found System Monitor: potentially rootkit-masked files
14:42: Warning: Failed to access drive I:
14:42: Warning: Failed to access drive H:
14:42: Warning: Failed to access drive G:
14:42: Warning: Failed to access drive F:
14:42: Warning: Failed to access drive E:
14:42: Warning: Failed to access drive D:
14:42: C:\Documents and Settings\Jérémy\Local Settings\Temp\bundle.inf (ID = 61287)
14:39: C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\GStartup.lnk (ID = 61450)
14:39: Found Adware: gain - common components
14:36: C:\System Volume Information\_restore{f921ec96-1cf0-4f59-a700-6a003fa16ad3}\RP160\A0064212.exe (ID = 458)
14:36: C:\System Volume Information\_restore{f921ec96-1cf0-4f59-a700-6a003fa16ad3}\RP160\A0064215.exe (ID = 459)
14:35: C:\Documents and Settings\Jérémy\Menu Démarrer\Programs\Altnet\Peer Points Manager.lnk (ID = 49852)
14:35: Found Adware: altnet
14:10: C:\System Volume Information\_restore{f921ec96-1cf0-4f59-a700-6a003fa16ad3}\RP160\A0067361.exe (ID = 458)
14:10: Found Adware: lopdotcom
14:06: Starting File Sweep
14:06: Warning: Failed to access drive A:
14:06: Cookie Sweep Complete, Elapsed Time: 00:00:00
14:06: c:\documents and settings\aude-emelyne\cookies\aude-emelyne@xiti[1].txt (ID = 3717)
14:06: c:\documents and settings\aude-emelyne\cookies\aude-emelyne@weborama[1].txt (ID = 3658)
14:06: c:\documents and settings\aude-emelyne\cookies\aude-emelyne@stat.dealtime[2].txt (ID = 2506)
14:06: c:\documents and settings\aude-emelyne\cookies\aude-emelyne@msnportal.112.2o7[1].txt (ID = 1958)
14:06: c:\documents and settings\aude-emelyne\cookies\aude-emelyne@msnaccountservices.112.2o7[1].txt (ID = 1958)
14:06: c:\documents and settings\aude-emelyne\cookies\aude-emelyne@fl01.ct2.comclick[1].txt (ID = 2450)
14:06: c:\documents and settings\aude-emelyne\cookies\aude-emelyne@dealtime[1].txt (ID = 2505)
14:06: Found Spy Cookie: dealtime cookie
14:06: c:\documents and settings\aude-emelyne\cookies\aude-emelyne@as1.falkag[1].txt (ID = 2650)
14:06: Found Spy Cookie: falkag cookie
14:06: c:\documents and settings\aude-emelyne\cookies\aude-emelyne@adtech[2].txt (ID = 2155)
14:06: c:\documents and settings\aude-emelyne\cookies\aude-emelyne@2o7[2].txt (ID = 1957)
14:06: Found Spy Cookie: 2o7.net cookie
14:06: c:\documents and settings\jeremy\cookies\jeremy@xiti[1].txt (ID = 3717)
14:06: Found Spy Cookie: xiti cookie
14:06: c:\documents and settings\jeremy\cookies\jeremy@weborama[1].txt (ID = 3658)
14:06: Found Spy Cookie: weborama cookie
14:06: c:\documents and settings\jeremy\cookies\jeremy@stats1.reliablestats[2].txt (ID = 3254)
14:06: Found Spy Cookie: reliablestats cookie
14:06: c:\documents and settings\jeremy\cookies\jeremy@metriweb[1].txt (ID = 2992)
14:06: Found Spy Cookie: metriweb.be cookie
14:06: c:\documents and settings\jeremy\cookies\jeremy@fl01.ct2.comclick[2].txt (ID = 2450)
14:06: Found Spy Cookie: comclick cookie
14:06: c:\documents and settings\jeremy\cookies\jeremy@adtech[2].txt (ID = 2155)
14:06: Found Spy Cookie: adtech cookie
14:06: Starting Cookie Sweep
14:06: Registry Sweep Complete, Elapsed Time:00:00:14
14:06: HKU\S-1-5-18\software\microsoft\internet explorer\extensions\cmdmapping\ || {946b3e9e-e21a-49c8-9f63-900533fafe15} (ID = 1058296)
14:06: HKU\WRSS_Profile_S-1-5-21-1547161642-1390067357-682003330-1005\software\microsoft\internet explorer\extensions\cmdmapping\ || {946b3e9e-e21a-49c8-9f63-900533fafe15} (ID = 1058296)
14:06: HKU\WRSS_Profile_S-1-5-21-1547161642-1390067357-682003330-1005\software\microsoft\installer\products\d493500bd4a54ea6bc805fc9cda952c5\ (ID = 788008)
14:06: HKU\WRSS_Profile_S-1-5-21-1547161642-1390067357-682003330-1005\software\microsoft\installer\features\10b0642b36134f8f914ea8e11ee5b503\ (ID = 788006)
14:06: HKU\WRSS_Profile_S-1-5-21-1547161642-1390067357-682003330-1005\software\microsoft\internet explorer\toolbar\shellbrowser\ || {74cc49f7-eb32-4a08-b204-948962a6e3db} (ID = 685412)
14:06: HKU\WRSS_Profile_S-1-5-21-1547161642-1390067357-682003330-1005\software\microsoft\internet explorer\extensions\cmdmapping\ || {946b3e9e-e21a-49c8-9f63-900533fafe14} (ID = 127575)
14:05: HKLM\software\microsoft\windows\currentversion\internet settings\5.0\user agent\post platform\ || HbTools 4.7.7 (ID = 1240557)
14:05: Found Adware: hotbar
14:05: Starting Registry Sweep
14:05: Memory Sweep Complete, Elapsed Time: 00:00:50
14:05: Starting Memory Sweep
14:04: Sweep initiated using definitions version 734
14:04: Spy Sweeper 5.0.7.1608 started
14:04: | Start of Session, samedi 11 novembre 2006 |
********
14:04: | End of Session, samedi 11 novembre 2006 |
Keylogger Shield: Off
BHO Shield: On
IE Security Shield: On
Alternate Data Stream (ADS) Execution Shield: On
Startup Shield: On
Common Ad Sites Shield: Off
Hosts File Shield: On
Spy Communication Shield: On
ActiveX Shield: On
Windows Messenger Service Shield: On
IE Favorites Shield: On
Spy Installation Shield: On
Memory Shield: On
IE Hijack Shield: On
IE Tracking Cookies Shield: Off
14:04: Shield States
14:04: Spyware Definitions: 734
14:04: Spy Sweeper 5.0.7.1608 started
14:02: | End of Session, samedi 11 novembre 2006 |
14:02: Program Version 5.0.7.1608 Using Spyware Definitions 734
Keylogger Shield: Off
BHO Shield: On
IE Security Shield: On
Alternate Data Stream (ADS) Execution Shield: On
Startup Shield: On
Common Ad Sites Shield: Off
Hosts File Shield: On
Spy Communication Shield: On
ActiveX Shield: On
Windows Messenger Service Shield: On
IE Favorites Shield: On
Spy Installation Shield: On
Memory Shield: On
IE Hijack Shield: On
IE Tracking Cookies Shield: Off
13:58: Shield States
13:58: Spyware Definitions: 734
13:58: Spy Sweeper 5.0.7.1608 started
Keylogger Shield: Off
BHO Shield: On
IE Security Shield: On
Alternate Data Stream (ADS) Execution Shield: On
Startup Shield: On
Common Ad Sites Shield: Off
Hosts File Shield: On
Spy Communication Shield: On
ActiveX Shield: On
Windows Messenger Service Shield: On
IE Favorites Shield: On
Spy Installation Shield: On
Memory Shield: On
IE Hijack Shield: On
IE Tracking Cookies Shield: Off
13:55: Shield States
13:55: Spyware Definitions: 734
13:55: Spy Sweeper 5.0.7.1608 started
13:55: Spy Sweeper 5.0.7.1608 started
13:55: | Start of Session, samedi 11 novembre 2006 |
********
14:02: Sweep initiated using definitions version 734
14:02: Spy Sweeper 5.0.7.1608 started
14:02: | Start of Session, samedi 11 novembre 2006 |
********

j'ajoute que j'ai refait une manip, et j'ai mis mes élements cochés en quarantaine, mais c'était en anglais alors j'ai eu du mal

Refais le scan Panda stp.

OK je le refais dans la soirée

Voici le rapport panda


Incident Status Location

Adware:adware/spyblast Not disinfected Windows Registry
Adware:adware/cws.nfo Not disinfected Windows Registry
Spyware:spyware/surfsidekick Not disinfected Windows Registry
Adware:adware/mssearch Not disinfected Windows Registry
Spyware:spyware/clientman Not disinfected Windows Registry
Adware:adware/noname Not disinfected Windows Registry
Spyware:spyware/cws.olehelp Not disinfected Windows Registry
Adware:adware/cws Not disinfected Windows Registry
Spyware:spyware/adclicker Not disinfected Windows Registry
Potentially unwanted tool:Application/Processor Not disinfected C:\BFU\SmitfraudFix\Process.exe
Possible Virus. Not disinfected C:\BFU\SmitfraudFix\swsc.exe
Potentially unwanted tool:Application/Processor Not disinfected C:\Documents and Settings\aude-emelyne\Bureau\SDFix\apps\Process.exe
Possible Virus. Not disinfected C:\Documents and Settings\aude-emelyne\Bureau\SDFix\apps\swsc.exe
Potentially unwanted tool:Application/Processor Not disinfected C:\Documents and Settings\aude-emelyne\Bureau\SDFix.exe[SDFix\apps\Process.exe]
Possible Virus. Not disinfected C:\Documents and Settings\aude-emelyne\Bureau\SDFix.exe[SDFix\apps\swsc.exe]
Potentially unwanted tool:Application/Processor Not disinfected C:\Documents and Settings\aude-emelyne\Bureau\SmitfraudFix\SmitfraudFix\Process.exe
Possible Virus. Not disinfected C:\Documents and Settings\aude-emelyne\Bureau\SmitfraudFix\SmitfraudFix\swsc.exe
Potentially unwanted tool:Application/Processor Not disinfected C:\Documents and Settings\aude-emelyne\Bureau\SmitfraudFix.zip[SmitfraudFix/Process.exe]
Possible Virus. Not disinfected C:\Documents and Settings\aude-emelyne\Bureau\SmitfraudFix.zip[SmitfraudFix/swsc.exe]
Spyware:Cookie/Adtech Not disinfected C:\Documents and Settings\aude-emelyne\Cookies\aude-emelyne@adtech[2].txt
Spyware:Cookie/Falkag Not disinfected C:\Documents and Settings\aude-emelyne\Cookies\aude-emelyne@as1.falkag[2].txt
Spyware:Cookie/Comclick Not disinfected C:\Documents and Settings\aude-emelyne\Cookies\aude-emelyne@fl01.ct2.comclick[1].txt
Spyware:Cookie/Serving-sys Not disinfected C:\Documents and Settings\aude-emelyne\Cookies\aude-emelyne@serving-sys[1].txt
Spyware:Cookie/Xiti Not disinfected C:\Documents and Settings\aude-emelyne\Cookies\aude-emelyne@xiti[1].txt
Adware:Adware/Lop Not disinfected C:\Documents and Settings\aude-emelyne\Local Settings\Application Data\Sunbelt Software\CounterSpy\Quarantine\7C0B681F-B4ED-491B-8508-FE137D\A073D62F-D052-4A96-AAD8-E42ADB
Spyware:Cookie/Systemdoctor Not disinfected C:\Documents and Settings\jeremy\Cookies\jeremy@2006[1].txt
Spyware:Cookie/cs.sexcounter Not disinfected C:\Documents and Settings\jeremy\Cookies\jeremy@cs.sexcounter[2].txt
Spyware:Cookie/DriveCleaner Not disinfected C:\Documents and Settings\jeremy\Cookies\jeremy@drivecleaner[1].txt
Spyware:Cookie/DriveCleaner Not disinfected C:\Documents and Settings\jeremy\Cookies\jeremy@stats.drivecleaner[2].txt
Spyware:Cookie/Weborama Not disinfected C:\Documents and Settings\jeremy\Cookies\jeremy@weborama[2].txt
Spyware:Cookie/DriveCleaner Not disinfected C:\Documents and Settings\jeremy\Cookies\jeremy@www.drivecleaner[2].txt
Spyware:Cookie/Systemdoctor Not disinfected C:\Documents and Settings\jeremy\Cookies\jeremy@www.systemdoctor[1].txt
Spyware:Cookie/Xiti Not disinfected C:\Documents and Settings\jeremy\Cookies\jeremy@xiti[1].txt
Spyware:Cookie/Systemdoctor Not disinfected C:\Documents and Settings\jeremy\Local Settings\Temp\Cookies\jeremy@2006[2].txt
Spyware:Cookie/Apmebf Not disinfected C:\Documents and Settings\jeremy\Local Settings\Temp\Cookies\jeremy@apmebf[2].txt
Spyware:Cookie/DriveCleaner Not disinfected C:\Documents and Settings\jeremy\Local Settings\Temp\Cookies\jeremy@drivecleaner[2].txt
Spyware:Cookie/ErrorSafe Not disinfected C:\Documents and Settings\jeremy\Local Settings\Temp\Cookies\jeremy@errorsafe[2].txt
Spyware:Cookie/fe.lea.lycos Not disinfected C:\Documents and Settings\jeremy\Local Settings\Temp\Cookies\jeremy@fe.lea.lycos[1].txt
Spyware:Cookie/MetriWeb Not disinfected C:\Documents and Settings\jeremy\Local Settings\Temp\Cookies\jeremy@metriweb[1].txt
Spyware:Cookie/DriveCleaner Not disinfected C:\Documents and Settings\jeremy\Local Settings\Temp\Cookies\jeremy@stats.drivecleaner[2].txt
Spyware:Cookie/DriveCleaner Not disinfected C:\Documents and Settings\jeremy\Local Settings\Temp\Cookies\jeremy@www.drivecleaner[1].txt
Spyware:Cookie/ErrorSafe Not disinfected C:\Documents and Settings\jeremy\Local Settings\Temp\Cookies\jeremy@www.errorsafe[1].txt
Spyware:Cookie/Systemdoctor Not disinfected C:\Documents and Settings\jeremy\Local Settings\Temp\Cookies\jeremy@www.systemdoctor[2].txt
Spyware:Cookie/Xiti Not disinfected C:\Documents and Settings\jeremy\Local Settings\Temp\Cookies\jeremy@xiti[1].txt
Spyware:Cookie/Sandboxer Not disinfected C:\Documents and Settings\Jérémy\Cookies\jérémy@0[2].txt
Spyware:Cookie/888 Not disinfected C:\Documents and Settings\Jérémy\Cookies\jérémy@888[1].txt
Spyware:Cookie/888 Not disinfected C:\Documents and Settings\Jérémy\Cookies\jérémy@888[3].txt
Spyware:Cookie/Hbmediapro Not disinfected C:\Documents and Settings\Jérémy\Cookies\jérémy@adopt.hbmediapro[2].txt
Spyware:Cookie/adultfriendfinder Not disinfected C:\Documents and Settings\Jérémy\Cookies\jérémy@adultfriendfinder[2].txt
Spyware:Cookie/Apmebf Not disinfected C:\Documents and Settings\Jérémy\Cookies\jérémy@apmebf[2].txt
Spyware:Cookie/Belnk Not disinfected C:\Documents and Settings\Jérémy\Cookies\jérémy@belnk[2].txt
Spyware:Cookie/Cassava Not disinfected C:\Documents and Settings\Jérémy\Cookies\jérémy@cassava[1].txt
Spyware:Cookie/Cgi-bin Not disinfected C:\Documents and Settings\Jérémy\Cookies\jérémy@cgi-bin[1].txt
Spyware:Cookie/Kazaa Networks Not disinfected C:\Documents and Settings\Jérémy\Cookies\jérémy@desktop.kazaa[2].txt
Spyware:Cookie/Belnk Not disinfected C:\Documents and Settings\Jérémy\Cookies\jérémy@dist.belnk[2].txt
Spyware:Cookie/empnads Not disinfected C:\Documents and Settings\Jérémy\Cookies\jérémy@empnads[1].txt
Spyware:Cookie/fe.lea.lycos Not disinfected C:\Documents and Settings\Jérémy\Cookies\jérémy@fe.lea.lycos[1].txt
Spyware:Cookie/Rn11 Not disinfected C:\Documents and Settings\Jérémy\Cookies\jérémy@rn11[2].txt
Spyware:Cookie/WinFixer Not disinfected C:\Documents and Settings\Jérémy\Cookies\jérémy@winfixer[2].txt
Spyware:Cookie/Advnt Not disinfected C:\Documents and Settings\Jérémy\Cookies\jérémy@www.advnt01[1].txt
Spyware:Cookie/Xiti Not disinfected C:\Documents and Settings\Jérémy\Cookies\jérémy@xiti[1].txt
Spyware:Cookie/Sandboxer Not disinfected C:\Documents and Settings\Standard\Cookies\standard@0[1].txt
Spyware:Cookie/Sandboxer Not disinfected C:\Documents and Settings\Standard\Cookies\standard@0[2].txt
Spyware:Cookie/888 Not disinfected C:\Documents and Settings\Standard\Cookies\standard@888[1].txt
Spyware:Cookie/888 Not disinfected C:\Documents and Settings\Standard\Cookies\standard@888[3].txt
Spyware:Cookie/Hbmediapro Not disinfected C:\Documents and Settings\Standard\Cookies\standard@adopt.hbmediapro[2].txt
Spyware:Cookie/adultfriendfinder Not disinfected C:\Documents and Settings\Standard\Cookies\standard@adultfriendfinder[1].txt
Spyware:Cookie/Atwola Not disinfected C:\Documents and Settings\Standard\Cookies\standard@atwola[1].txt
Spyware:Cookie/Belnk Not disinfected C:\Documents and Settings\Standard\Cookies\standard@belnk[1].txt
Spyware:Cookie/bravenetA Not disinfected C:\Documents and Settings\Standard\Cookies\standard@bravenet[1].txt
Spyware:Cookie/Cassava Not disinfected C:\Documents and Settings\Standard\Cookies\standard@cassava[1].txt
Spyware:Cookie/Ccbill Not disinfected C:\Documents and Settings\Standard\Cookies\standard@ccbill[2].txt
Spyware:Cookie/Cgi-bin Not disinfected C:\Documents and Settings\Standard\Cookies\standard@cgi-bin[3].txt
Spyware:Cookie/Cgi-bin Not disinfected C:\Documents and Settings\Standard\Cookies\standard@cgi-bin[5].txt
Spyware:Cookie/Kazaa Networks Not disinfected C:\Documents and Settings\Standard\Cookies\standard@desktop.kazaa[1].txt
Spyware:Cookie/Belnk Not disinfected C:\Documents and Settings\Standard\Cookies\standard@dist.belnk[2].txt
Spyware:Cookie/empnads Not disinfected C:\Documents and Settings\Standard\Cookies\standard@empnads[1].txt
Spyware:Cookie/fe.lea.lycos Not disinfected C:\Documents and Settings\Standard\Cookies\standard@fe.lea.lycos[1].txt
Spyware:Cookie/Go Not disinfected C:\Documents and Settings\Standard\Cookies\standard@go[2].txt
Spyware:Cookie/MetriWeb Not disinfected C:\Documents and Settings\Standard\Cookies\standard@metriweb[1].txt
Spyware:Cookie/RealMedia Not disinfected C:\Documents and Settings\Standard\Cookies\standard@realmedia[2].txt
Spyware:Cookie/Rn11 Not disinfected C:\Documents and Settings\Standard\Cookies\standard@rn11[1].txt
Spyware:Cookie/WinFixer Not disinfected C:\Documents and Settings\Standard\Cookies\standard@winfixer[2].txt
Spyware:Cookie/Xiti Not disinfected C:\Documents and Settings\Standard\Cookies\standard@xiti[1].txt
Potentially unwanted tool:Application/Seekmo Not disinfected C:\RECYCLER\S-1-5-21-1547161642-1390067357-682003330-1004\Dc2\Seekmo Toolbar\SeekmoTBUninstaller.exe
Potentially unwanted tool:Application/Processor Not disinfected C:\WINDOWS\system32\Process.exe
Possible Virus. Not disinfected C:\WINDOWS\system32\swsc.exe