VIRUS Nokia 19

Bonjour,

Télécharge Lop S&D.zip.
Dézippe-le sur ton Bureau uniquement.
Ouvre le dossier Lop S&D puis double-clique sur Scan.bat. Tape sur "R" puis valide en appuyant sur "Entrée".
Un rapport sera généré, poste son contenu ici.

Merci pour cette réponse plus que rapide.

Voici le rapport obtenu


------------------------------[ Lop S&D 1.3 ]----------------------------

Version : Microsoft Windows XP [version 5.1.2600] [ OS : Windows_NT ]

Lancé depuis : "C:\Documents and Settings\Emilie\Bureau\LopSD\Lop S&D"

Rapport créé Le 16/10/2007 à 20:48:11,01 PC : EMILIE_DOMANGE

! Faire analyser le rapport par un Helper avant intervention !

-------------[ Listing des Dossiers dans Application Data ]-------------

C:\Documents and settings\All Users\Application Data\BitDefender
C:\Documents and settings\All Users\Application Data\Microsoft
C:\Documents and settings\All Users\Application Data\WLInstaller
C:\Documents and settings\All Users\Application Data\city each safe move
C:\Documents and settings\All Users\Application Data\TEMP
C:\Documents and settings\All Users\Application Data\Adobe
C:\Documents and settings\All Users\Application Data\NCH Swift Sound
C:\Documents and settings\All Users\Application Data\LauncherAccess.dt
C:\Documents and settings\All Users\Application Data\MumboJumbo
C:\Documents and settings\All Users\Application Data\Installer.log
C:\Documents and settings\All Users\Application Data\PlayFirst
C:\Documents and settings\All Users\Application Data\Oberongames
C:\Documents and settings\All Users\Application Data\Windows Genuine Advantage
C:\Documents and settings\All Users\Application Data\UDL
C:\Documents and settings\All Users\Application Data\Messenger Plus!
C:\Documents and settings\All Users\Application Data\Spybot - Search & Destroy
C:\Documents and settings\All Users\Application Data\Apple Computer
C:\Documents and settings\All Users\Application Data\Symantec
C:\Documents and settings\All Users\Application Data\desktop.ini
C:\Documents and settings\All Users\Application Data\SBSI

C:\Documents and settings\Default User\Application Data\Microsoft
C:\Documents and settings\Default User\Application Data\Symantec
C:\Documents and settings\Default User\Application Data\Sonic
C:\Documents and settings\Default User\Application Data\toshiba
C:\Documents and settings\Default User\Application Data\Adobe
C:\Documents and settings\Default User\Application Data\desktop.ini
C:\Documents and settings\Default User\Application Data\Identities

C:\Documents and settings\Emilie\Application Data\Bitdefender
C:\Documents and settings\Emilie\Application Data\ENCMATH
C:\Documents and settings\Emilie\Application Data\Microsoft
C:\Documents and settings\Emilie\Application Data\Macromedia
C:\Documents and settings\Emilie\Application Data\Screenshot Sender
C:\Documents and settings\Emilie\Application Data\Adobe
C:\Documents and settings\Emilie\Application Data\Apple Computer
C:\Documents and settings\Emilie\Application Data\NCH Swift Sound
C:\Documents and settings\Emilie\Application Data\wklnhst.dat
C:\Documents and settings\Emilie\Application Data\GDIPFONTCACHEV1.DAT
C:\Documents and settings\Emilie\Application Data\Opera
C:\Documents and settings\Emilie\Application Data\Shareaza
C:\Documents and settings\Emilie\Application Data\FotoWire
C:\Documents and settings\Emilie\Application Data\AdobeUM
C:\Documents and settings\Emilie\Application Data\Samsung
C:\Documents and settings\Emilie\Application Data\PlayFirst
C:\Documents and settings\Emilie\Application Data\Smart Panel
C:\Documents and settings\Emilie\Application Data\3M
C:\Documents and settings\Emilie\Application Data\Google
C:\Documents and settings\Emilie\Application Data\Sun
C:\Documents and settings\Emilie\Application Data\InterVideo
C:\Documents and settings\Emilie\Application Data\Template
C:\Documents and settings\Emilie\Application Data\Symantec
C:\Documents and settings\Emilie\Application Data\Sonic
C:\Documents and settings\Emilie\Application Data\toshiba
C:\Documents and settings\Emilie\Application Data\desktop.ini
C:\Documents and settings\Emilie\Application Data\Identities

C:\Documents and settings\LocalService\Application Data\Microsoft

C:\Documents and settings\NetworkService\Application Data\Microsoft

----------------[ Tâches planifiées dans C:\WINDOWS\tasks ]---------------

C:\WINDOWS\tasks\SA.DAT
C:\WINDOWS\tasks\desktop.ini

---------------[ Listing des dossiers dans Program Files ]--------------

C:\Program Files\3M
C:\Program Files\Adobe
C:\Program Files\Alice
C:\Program Files\Alwil Software
C:\Program Files\Apoint2K
C:\Program Files\ArcadeRockstar
C:\Program Files\Code Postal
C:\Program Files\ComPlus Applications
C:\Program Files\DivX
C:\Program Files\eChanblard
C:\Program Files\ENCMATH
C:\Program Files\epson
C:\Program Files\Fichiers communs
C:\Program Files\FileZilla
C:\Program Files\Fx Audio Conveter
C:\Program Files\GanymedeNet
C:\Program Files\Google
C:\Program Files\hachette Multimedia
C:\Program Files\Harrap's Multim‚dia
C:\Program Files\Intel
C:\Program Files\Internet Explorer
C:\Program Files\InterVideo
C:\Program Files\Java
C:\Program Files\LimeWire
C:\Program Files\Lionhead Studios
C:\Program Files\Logitech
C:\Program Files\ltmoh
C:\Program Files\Macromedia
C:\Program Files\Magic Reversi
C:\Program Files\Messenger
C:\Program Files\Messenger Plus! Live
C:\Program Files\Microsoft CAPICOM 2.1.0.2
C:\Program Files\microsoft frontpage
C:\Program Files\Microsoft Games
C:\Program Files\Microsoft Office
C:\Program Files\Microsoft Works
C:\Program Files\Microsoft.NET
C:\Program Files\Movie Maker
C:\Program Files\MSN
C:\Program Files\MSN Gaming Zone
C:\Program Files\MSN Messenger
C:\Program Files\MSN Toolbar Suite
C:\Program Files\MSXML 4.0
C:\Program Files\MumboJumbo
C:\Program Files\Namo
C:\Program Files\NCH Swift Sound
C:\Program Files\NetMeeting
C:\Program Files\Offre Wanadoo
C:\Program Files\Online Services
C:\Program Files\Outlook Express
C:\Program Files\QuickTime
C:\Program Files\Realtek AC97
C:\Program Files\Samsung
C:\Program Files\Scroll Mouse
C:\Program Files\Services en ligne
C:\Program Files\Shareaza
C:\Program Files\Smart Panel
C:\Program Files\Softissimo
C:\Program Files\Softwin
C:\Program Files\sollab
C:\Program Files\Sonic
C:\Program Files\Spybot - Search & Destroy
C:\Program Files\STRATX
C:\Program Files\Symantec
C:\Program Files\Tetris
C:\Program Files\Toshiba
C:\Program Files\Trend Micro
C:\Program Files\TurnTool
C:\Program Files\Web TV
C:\Program Files\Winamp
C:\Program Files\Windows Live
C:\Program Files\Windows Media Connect 2
C:\Program Files\Windows Media Player
C:\Program Files\Windows NT
C:\Program Files\xerox

------[ Listing des dossiers dans Program Files\Fichiers Communs ]------

C:\program files\fichiers communs\Adobe
C:\program files\fichiers communs\Adobe Systems Shared
C:\program files\fichiers communs\Designer
C:\program files\fichiers communs\FotoWire
C:\program files\fichiers communs\InstallShield
C:\program files\fichiers communs\Java
C:\program files\fichiers communs\Logitech
C:\program files\fichiers communs\Macromedia
C:\program files\fichiers communs\Microsoft Shared
C:\program files\fichiers communs\MSSoap
C:\program files\fichiers communs\ODBC
C:\program files\fichiers communs\Services
C:\program files\fichiers communs\Softwin
C:\program files\fichiers communs\SpeechEngines
C:\program files\fichiers communs\Symantec Shared
C:\program files\fichiers communs\System

----------------------[ Recherche dans le Registre ]----------------------

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run]


[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run]

"idol barb"="C:\\DOCUME~1\\Emilie\\APPLIC~1\\ENCMATH\\send axis.exe"

-----------------[ Recherche de Fichiers - Dossiers Lop ]-----------------

C:\Documents and settings\Emilie\Application Data\ENCMATH
C:\Program Files\ENCMATH
C:\Documents and settings\Emilie\Cookies\emilie@advertstream[2].txt
C:\Documents and settings\Emilie\Cookies\emilie@d2.advertserve[1].txt

--------------------[ Vérification du fichier Hosts ]---------------------

Fichier Hosts : MODIFIE

127.0.0.1 localhost
127.0.0.1 bin.errorprotector.com ## added by CiD
127.0.0.1 br.errorsafe.com ## added by CiD
127.0.0.1 br.winantivirus.com ## added by CiD
127.0.0.1 br.winfixer.com ## added by CiD
127.0.0.1 de.errorsafe.com ## added by CiD
127.0.0.1 de.winantivirus.com ## added by CiD
127.0.0.1 download.cdn.winsoftware.com ## added by CiD
127.0.0.1 download.errorsafe.com ## added by CiD
127.0.0.1 download.systemdoctor.com ## added by CiD
127.0.0.1 download.winantispyware.com ## added by CiD
127.0.0.1 download.windrivecleaner.com ## added by CiD
127.0.0.1 download.winfixer.com ## added by CiD
127.0.0.1 drivecleaner.com ## added by CiD
127.0.0.1 dynamique.drivecleaner.com ## added by CiD
127.0.0.1 errorprotector.com ## added by CiD
127.0.0.1 errorsafe.com ## added by CiD
127.0.0.1 es.winantivirus.com ## added by CiD
127.0.0.1 fr.winantivirus.com ## added by CiD
127.0.0.1 fr.winfixer.com ## added by CiD
127.0.0.1 go.drivecleaner.com ## added by CiD
127.0.0.1 go.errorsafe.com ## added by CiD
127.0.0.1 go.winantispyware.com ## added by CiD
127.0.0.1 go.winantivirus.com ## added by CiD
127.0.0.1 hk.winantivirus.com ## added by CiD
127.0.0.1 instlog.errorsafe.com ## added by CiD
127.0.0.1 instlog.winantivirus.com ## added by CiD
127.0.0.1 jsp.drivecleaner.com ## added by CiD
127.0.0.1 kb.errorsafe.com ## added by CiD
127.0.0.1 kb.winantivirus.com ## added by CiD
127.0.0.1 nl.errorsafe.com ## added by CiD
127.0.0.1 se.errorsafe.com ## added by CiD
127.0.0.1 secure.drivecleaner.com ## added by CiD
127.0.0.1 secure.errorsafe.com ## added by CiD
127.0.0.1 secure.winantispam.com ## added by CiD
127.0.0.1 secure.winantispy.com ## added by CiD
127.0.0.1 secure.winantivirus.com ## added by CiD
127.0.0.1 support.winantivirus.com ## added by CiD
127.0.0.1 ulog.winantivirus.com ## added by CiD
127.0.0.1 utils.errorsafe.com ## added by CiD
127.0.0.1 utils.winantivirus.com ## added by CiD
127.0.0.1 winantispyware.com ## added by CiD
127.0.0.1 winantivirus.com ## added by CiD
127.0.0.1 winfixer.com ## added by CiD
127.0.0.1 www.drivecleaner.com ## added by CiD
127.0.0.1 www.errorprotector.com ## added by CiD
127.0.0.1 www.errorsafe.com ## added by CiD
127.0.0.1 www.systemdoctor.com ## added by CiD
127.0.0.1 www.win-anti-virus-pro.com ## added by CiD
127.0.0.1 www.win-virus-pro.com ## added by CiD
127.0.0.1 www.winantispam.com ## added by CiD
127.0.0.1 www.winantispy.com ## added by CiD
127.0.0.1 www.winantispyware.com ## added by CiD
127.0.0.1 www.winantivirus.com ## added by CiD
127.0.0.1 www.winantiviruspro.com ## added by CiD
127.0.0.1 www.windrivecleaner.com ## added by CiD
127.0.0.1 www.windrivesafe.com ## added by CiD
127.0.0.1 www.winfixer.com ## added by CiD
127.0.0.1 cdn.drivecleaner.com ## added by CiD
127.0.0.1 cdn.errorsafe.com ## added by CiD
127.0.0.1 cdn.winsoftware.com ## added by CiD
127.0.0.1 download.cdn.drivecleaner.com ## added by CiD
127.0.0.1 download.cdn.errorsafe.com ## added by CiD
127.0.0.1 instlog.winfixer.com ## added by CiD
127.0.0.1 trial.updates.winsoftware.com ## added by CiD
127.0.0.1 utils.winfixer.com ## added by CiD
127.0.0.1 winfixer2006.com ## added by CiD
127.0.0.1 winsoftware.com ## added by CiD
127.0.0.1 www.utils.winfixer.com ## added by CiD
127.0.0.1 www.winfixer2006.com ## added by CiD
127.0.0.1 www.winsoftware.com ## added by CiD

--------------[ Recherche de fichiers cachés avec Catchme ]---------------

catchme 0.3.1066 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2007-10-16 20:49:13
Windows 5.1.2600 Service Pack 2 NTFS
scanning hidden processes ...
scanning hidden services & system hive ...
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Epoch]
"Epoch"=dword:0000aede
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{E3966504-3B8D-499E-8EBD-739768894160}]
"LeaseObtainedTime"=dword:4714e28a
"T1"=dword:47197fca
"T2"=dword:471cf5ba
"LeaseTerminatesTime"=dword:471e1d0a
"DhcpRetryTime"=dword:00049d3d
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\{E3966504-3B8D-499E-8EBD-739768894160}\Parameters\Tcpip]
"LeaseObtainedTime"=dword:4714e28a
"T1"=dword:47197fca
"T2"=dword:471cf5ba
"LeaseTerminatesTime"=dword:471e1d0a
scanning hidden registry entries ...
scanning hidden files ...
C:\Documents and Settings\Emilie\Local Settings\Application Data\Microsoft\Messenger\missemi007@msn.com\SharingMetadata\juju.74@msn.fr\DFSR\Staging\CS{100A9D11-29FD-FEB8-9FC3-E3CA4970E8F7}\01\11-{100A9D11-29FD-FEB8-9FC3-E3CA4970E8F7}-v1-{83AB7995-181F-412F-81A9-BAA8FEE17B68}-v11-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS 8 bytes hidden from API
C:\Documents and Settings\Emilie\Local Settings\Application Data\Microsoft\Messenger\missemi007@msn.com\SharingMetadata\tipanali@hotmail.fr\DFSR\Staging\CS{EB65E142-2DCD-99DA-DAD8-7702C74E6CF8}\01\10-{EB65E142-2DCD-99DA-DAD8-7702C74E6CF8}-v1-{83AB7995-181F-412F-81A9-BAA8FEE17B68}-v10-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS 8 bytes hidden from API
scan completed successfully
hidden processes: 0
hidden files: 3

--------------------[ Recherche d'autres infections ]---------------------

Aucune autre infection trouvée !

--------------------[ Fin du rapport à 21:00:45,60 ]----------------------

Re,

Ouvre le dossier Lop S&D puis double-clique sur Scan.bat. Tape sur "S" puis valide en appuyant sur "Entrée".
[#ff0000]! Ne ferme pas la fenêtre lors de la suppression ! [/#f]
Un rapport sera généré, poste son contenu ici.

NOTE : Si ton Bureau ne réapparait pas, appuie simultanément sur Ctrl+Alt+Suppr pour ouvrir le Gestionnaire des tâches.
Rends-toi sur l'onglet "Processus". Clique en haut à gauche sur Fichier et choisis "Exécuter..."
Tape explorer puis valide.

Et voila le rapport demandé


------------------------------[ Lop S&D 1.3 ]----------------------------

Version : Microsoft Windows XP [version 5.1.2600] [ OS : Windows_NT ]

Lancé depuis : "C:\Documents and Settings\Emilie\Bureau\LopSD\Lop S&D"

Rapport créé Le 16/10/2007 à 21:15:27,50 PC : EMILIE_DOMANGE

! Faire analyser le rapport par un Helper avant intervention !

\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\ SUPPRESSION ///////////////////////////////

Supprimé - C:\Program Files\ENCMATH
Supprimé - C:\Documents and settings\Emilie\Application Data\ENCMATH
Supprimé - C:\Documents and settings\Emilie\Cookies\emilie@advertstream[2].txt
Supprimé - C:\Documents and settings\Emilie\Cookies\emilie@d2.advertserve[1].txt
Restauré - Fichier Hosts

\\\\\\\\\\\\\\\\\\\\\\\\\\\ DEUXIEME PASSAGE ///////////////////////////

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Copié ! - [HKLM\Software\Microsoft\Windows\CurrentVersion\Run]
Copié ! - [HKCU\Software\Microsoft\Windows\CurrentVersion\Run]
Supprimé - HKCU\Software\Microsoft\Windows\CurrentVersion\Run | idol barb

//////////////////////////////////////-\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\

-------------[ Listing des Dossiers dans Application Data ]-------------

C:\Documents and settings\All Users\Application Data\BitDefender
C:\Documents and settings\All Users\Application Data\Microsoft
C:\Documents and settings\All Users\Application Data\WLInstaller
C:\Documents and settings\All Users\Application Data\city each safe move
C:\Documents and settings\All Users\Application Data\TEMP
C:\Documents and settings\All Users\Application Data\Adobe
C:\Documents and settings\All Users\Application Data\NCH Swift Sound
C:\Documents and settings\All Users\Application Data\LauncherAccess.dt
C:\Documents and settings\All Users\Application Data\MumboJumbo
C:\Documents and settings\All Users\Application Data\Installer.log
C:\Documents and settings\All Users\Application Data\PlayFirst
C:\Documents and settings\All Users\Application Data\Oberongames
C:\Documents and settings\All Users\Application Data\Windows Genuine Advantage
C:\Documents and settings\All Users\Application Data\UDL
C:\Documents and settings\All Users\Application Data\Messenger Plus!
C:\Documents and settings\All Users\Application Data\Spybot - Search & Destroy
C:\Documents and settings\All Users\Application Data\Apple Computer
C:\Documents and settings\All Users\Application Data\Symantec
C:\Documents and settings\All Users\Application Data\desktop.ini
C:\Documents and settings\All Users\Application Data\SBSI

C:\Documents and settings\Default User\Application Data\Microsoft
C:\Documents and settings\Default User\Application Data\Symantec
C:\Documents and settings\Default User\Application Data\Sonic
C:\Documents and settings\Default User\Application Data\toshiba
C:\Documents and settings\Default User\Application Data\Adobe
C:\Documents and settings\Default User\Application Data\desktop.ini
C:\Documents and settings\Default User\Application Data\Identities

C:\Documents and settings\Emilie\Application Data\Bitdefender
C:\Documents and settings\Emilie\Application Data\Microsoft
C:\Documents and settings\Emilie\Application Data\Macromedia
C:\Documents and settings\Emilie\Application Data\Screenshot Sender
C:\Documents and settings\Emilie\Application Data\Adobe
C:\Documents and settings\Emilie\Application Data\Apple Computer
C:\Documents and settings\Emilie\Application Data\NCH Swift Sound
C:\Documents and settings\Emilie\Application Data\wklnhst.dat
C:\Documents and settings\Emilie\Application Data\GDIPFONTCACHEV1.DAT
C:\Documents and settings\Emilie\Application Data\Opera
C:\Documents and settings\Emilie\Application Data\Shareaza
C:\Documents and settings\Emilie\Application Data\FotoWire
C:\Documents and settings\Emilie\Application Data\AdobeUM
C:\Documents and settings\Emilie\Application Data\Samsung
C:\Documents and settings\Emilie\Application Data\PlayFirst
C:\Documents and settings\Emilie\Application Data\Smart Panel
C:\Documents and settings\Emilie\Application Data\3M
C:\Documents and settings\Emilie\Application Data\Google
C:\Documents and settings\Emilie\Application Data\Sun
C:\Documents and settings\Emilie\Application Data\InterVideo
C:\Documents and settings\Emilie\Application Data\Template
C:\Documents and settings\Emilie\Application Data\Symantec
C:\Documents and settings\Emilie\Application Data\Sonic
C:\Documents and settings\Emilie\Application Data\toshiba
C:\Documents and settings\Emilie\Application Data\desktop.ini
C:\Documents and settings\Emilie\Application Data\Identities

C:\Documents and settings\LocalService\Application Data\Microsoft

C:\Documents and settings\NetworkService\Application Data\Microsoft

----------------[ Tâches planifiées dans C:\WINDOWS\tasks ]---------------

C:\WINDOWS\tasks\SA.DAT
C:\WINDOWS\tasks\desktop.ini

---------------[ Listing des dossiers dans Program Files ]--------------

C:\Program Files\3M
C:\Program Files\Adobe
C:\Program Files\Alice
C:\Program Files\Alwil Software
C:\Program Files\Apoint2K
C:\Program Files\ArcadeRockstar
C:\Program Files\Code Postal
C:\Program Files\ComPlus Applications
C:\Program Files\DivX
C:\Program Files\eChanblard
C:\Program Files\epson
C:\Program Files\Fichiers communs
C:\Program Files\FileZilla
C:\Program Files\Fx Audio Conveter
C:\Program Files\GanymedeNet
C:\Program Files\Google
C:\Program Files\hachette Multimedia
C:\Program Files\Harrap's Multim‚dia
C:\Program Files\Intel
C:\Program Files\Internet Explorer
C:\Program Files\InterVideo
C:\Program Files\Java
C:\Program Files\LimeWire
C:\Program Files\Lionhead Studios
C:\Program Files\Logitech
C:\Program Files\ltmoh
C:\Program Files\Macromedia
C:\Program Files\Magic Reversi
C:\Program Files\Messenger
C:\Program Files\Messenger Plus! Live
C:\Program Files\Microsoft CAPICOM 2.1.0.2
C:\Program Files\microsoft frontpage
C:\Program Files\Microsoft Games
C:\Program Files\Microsoft Office
C:\Program Files\Microsoft Works
C:\Program Files\Microsoft.NET
C:\Program Files\Movie Maker
C:\Program Files\MSN
C:\Program Files\MSN Gaming Zone
C:\Program Files\MSN Messenger
C:\Program Files\MSN Toolbar Suite
C:\Program Files\MSXML 4.0
C:\Program Files\MumboJumbo
C:\Program Files\Namo
C:\Program Files\NCH Swift Sound
C:\Program Files\NetMeeting
C:\Program Files\Offre Wanadoo
C:\Program Files\Online Services
C:\Program Files\Outlook Express
C:\Program Files\QuickTime
C:\Program Files\Realtek AC97
C:\Program Files\Samsung
C:\Program Files\Scroll Mouse
C:\Program Files\Services en ligne
C:\Program Files\Shareaza
C:\Program Files\Smart Panel
C:\Program Files\Softissimo
C:\Program Files\Softwin
C:\Program Files\sollab
C:\Program Files\Sonic
C:\Program Files\Spybot - Search & Destroy
C:\Program Files\STRATX
C:\Program Files\Symantec
C:\Program Files\Tetris
C:\Program Files\Toshiba
C:\Program Files\Trend Micro
C:\Program Files\TurnTool
C:\Program Files\Web TV
C:\Program Files\Winamp
C:\Program Files\Windows Live
C:\Program Files\Windows Media Connect 2
C:\Program Files\Windows Media Player
C:\Program Files\Windows NT
C:\Program Files\xerox

------[ Listing des dossiers dans Program Files\Fichiers Communs ]------

C:\program files\fichiers communs\Adobe
C:\program files\fichiers communs\Adobe Systems Shared
C:\program files\fichiers communs\Designer
C:\program files\fichiers communs\FotoWire
C:\program files\fichiers communs\InstallShield
C:\program files\fichiers communs\Java
C:\program files\fichiers communs\Logitech
C:\program files\fichiers communs\Macromedia
C:\program files\fichiers communs\Microsoft Shared
C:\program files\fichiers communs\MSSoap
C:\program files\fichiers communs\ODBC
C:\program files\fichiers communs\Services
C:\program files\fichiers communs\Softwin
C:\program files\fichiers communs\SpeechEngines
C:\program files\fichiers communs\Symantec Shared
C:\program files\fichiers communs\System

----------------------[ Recherche dans le Registre ]----------------------

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run]


[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run]


-----------------[ Recherche de Fichiers - Dossiers Lop ]-----------------

Aucun dossier Lop trouvé !

--------------------[ Vérification du fichier Hosts ]---------------------

Fichier Hosts : Propre

--------------[ Recherche de fichiers cachés avec Catchme ]---------------

catchme 0.3.1066 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2007-10-16 21:15:45
Windows 5.1.2600 Service Pack 2 NTFS
scanning hidden processes ...
scanning hidden services & system hive ...
scanning hidden registry entries ...
scanning hidden files ...
C:\Documents and Settings\Emilie\Local Settings\Application Data\Microsoft\Messenger\missemi007@msn.com\SharingMetadata\juju.74@msn.fr\DFSR\Staging\CS{100A9D11-29FD-FEB8-9FC3-E3CA4970E8F7}\01\11-{100A9D11-29FD-FEB8-9FC3-E3CA4970E8F7}-v1-{83AB7995-181F-412F-81A9-BAA8FEE17B68}-v11-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS 8 bytes hidden from API
C:\Documents and Settings\Emilie\Local Settings\Application Data\Microsoft\Messenger\missemi007@msn.com\SharingMetadata\tipanali@hotmail.fr\DFSR\Staging\CS{EB65E142-2DCD-99DA-DAD8-7702C74E6CF8}\01\10-{EB65E142-2DCD-99DA-DAD8-7702C74E6CF8}-v1-{83AB7995-181F-412F-81A9-BAA8FEE17B68}-v10-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS 8 bytes hidden from API
scan completed successfully
hidden processes: 0
hidden files: 3

--------------------[ Recherche d'autres infections ]---------------------

Aucune autre infection trouvée !

--------------------[ Fin du rapport à 21:27:06,68 ]----------------------

Merci beaucoup pour ses réponses si rapides

Tu peux faire un scan Lop S&D option 1 ?

Scanlob option1 ca veut dire que je fait Recherche? Si oui je suis en train de le faire, si non et bien je ne sais pas comment faire désolé.?.

Voici le résultat:


------------------------------[ Lop S&D 1.3 ]----------------------------

Version : Microsoft Windows XP [version 5.1.2600] [ OS : Windows_NT ]

Lancé depuis : "C:\Documents and Settings\Emilie\Bureau\LopSD\Lop S&D"

Rapport créé Le 16/10/2007 à 21:41:47,53 PC : EMILIE_DOMANGE

! Faire analyser le rapport par un Helper avant intervention !

-------------[ Listing des Dossiers dans Application Data ]-------------

C:\Documents and settings\All Users\Application Data\BitDefender
C:\Documents and settings\All Users\Application Data\Microsoft
C:\Documents and settings\All Users\Application Data\WLInstaller
C:\Documents and settings\All Users\Application Data\city each safe move
C:\Documents and settings\All Users\Application Data\TEMP
C:\Documents and settings\All Users\Application Data\Adobe
C:\Documents and settings\All Users\Application Data\NCH Swift Sound
C:\Documents and settings\All Users\Application Data\LauncherAccess.dt
C:\Documents and settings\All Users\Application Data\MumboJumbo
C:\Documents and settings\All Users\Application Data\Installer.log
C:\Documents and settings\All Users\Application Data\PlayFirst
C:\Documents and settings\All Users\Application Data\Oberongames
C:\Documents and settings\All Users\Application Data\Windows Genuine Advantage
C:\Documents and settings\All Users\Application Data\UDL
C:\Documents and settings\All Users\Application Data\Messenger Plus!
C:\Documents and settings\All Users\Application Data\Spybot - Search & Destroy
C:\Documents and settings\All Users\Application Data\Apple Computer
C:\Documents and settings\All Users\Application Data\Symantec
C:\Documents and settings\All Users\Application Data\desktop.ini
C:\Documents and settings\All Users\Application Data\SBSI

C:\Documents and settings\Default User\Application Data\Microsoft
C:\Documents and settings\Default User\Application Data\Symantec
C:\Documents and settings\Default User\Application Data\Sonic
C:\Documents and settings\Default User\Application Data\toshiba
C:\Documents and settings\Default User\Application Data\Adobe
C:\Documents and settings\Default User\Application Data\desktop.ini
C:\Documents and settings\Default User\Application Data\Identities

C:\Documents and settings\Emilie\Application Data\Bitdefender
C:\Documents and settings\Emilie\Application Data\Microsoft
C:\Documents and settings\Emilie\Application Data\Macromedia
C:\Documents and settings\Emilie\Application Data\Screenshot Sender
C:\Documents and settings\Emilie\Application Data\Adobe
C:\Documents and settings\Emilie\Application Data\Apple Computer
C:\Documents and settings\Emilie\Application Data\NCH Swift Sound
C:\Documents and settings\Emilie\Application Data\wklnhst.dat
C:\Documents and settings\Emilie\Application Data\GDIPFONTCACHEV1.DAT
C:\Documents and settings\Emilie\Application Data\Opera
C:\Documents and settings\Emilie\Application Data\Shareaza
C:\Documents and settings\Emilie\Application Data\FotoWire
C:\Documents and settings\Emilie\Application Data\AdobeUM
C:\Documents and settings\Emilie\Application Data\Samsung
C:\Documents and settings\Emilie\Application Data\PlayFirst
C:\Documents and settings\Emilie\Application Data\Smart Panel
C:\Documents and settings\Emilie\Application Data\3M
C:\Documents and settings\Emilie\Application Data\Google
C:\Documents and settings\Emilie\Application Data\Sun
C:\Documents and settings\Emilie\Application Data\InterVideo
C:\Documents and settings\Emilie\Application Data\Template
C:\Documents and settings\Emilie\Application Data\Symantec
C:\Documents and settings\Emilie\Application Data\Sonic
C:\Documents and settings\Emilie\Application Data\toshiba
C:\Documents and settings\Emilie\Application Data\desktop.ini
C:\Documents and settings\Emilie\Application Data\Identities

C:\Documents and settings\LocalService\Application Data\Microsoft

C:\Documents and settings\NetworkService\Application Data\Microsoft

----------------[ Tâches planifiées dans C:\WINDOWS\tasks ]---------------

C:\WINDOWS\tasks\SA.DAT
C:\WINDOWS\tasks\desktop.ini

---------------[ Listing des dossiers dans Program Files ]--------------

C:\Program Files\3M
C:\Program Files\Adobe
C:\Program Files\Alice
C:\Program Files\Alwil Software
C:\Program Files\Apoint2K
C:\Program Files\ArcadeRockstar
C:\Program Files\Code Postal
C:\Program Files\ComPlus Applications
C:\Program Files\DivX
C:\Program Files\eChanblard
C:\Program Files\epson
C:\Program Files\Fichiers communs
C:\Program Files\FileZilla
C:\Program Files\Fx Audio Conveter
C:\Program Files\GanymedeNet
C:\Program Files\Google
C:\Program Files\hachette Multimedia
C:\Program Files\Harrap's Multim‚dia
C:\Program Files\Intel
C:\Program Files\Internet Explorer
C:\Program Files\InterVideo
C:\Program Files\Java
C:\Program Files\LimeWire
C:\Program Files\Lionhead Studios
C:\Program Files\Logitech
C:\Program Files\ltmoh
C:\Program Files\Macromedia
C:\Program Files\Magic Reversi
C:\Program Files\Messenger
C:\Program Files\Messenger Plus! Live
C:\Program Files\Microsoft CAPICOM 2.1.0.2
C:\Program Files\microsoft frontpage
C:\Program Files\Microsoft Games
C:\Program Files\Microsoft Office
C:\Program Files\Microsoft Works
C:\Program Files\Microsoft.NET
C:\Program Files\Movie Maker
C:\Program Files\MSN
C:\Program Files\MSN Gaming Zone
C:\Program Files\MSN Messenger
C:\Program Files\MSN Toolbar Suite
C:\Program Files\MSXML 4.0
C:\Program Files\MumboJumbo
C:\Program Files\Namo
C:\Program Files\NCH Swift Sound
C:\Program Files\NetMeeting
C:\Program Files\Offre Wanadoo
C:\Program Files\Online Services
C:\Program Files\Outlook Express
C:\Program Files\QuickTime
C:\Program Files\Realtek AC97
C:\Program Files\Samsung
C:\Program Files\Scroll Mouse
C:\Program Files\Services en ligne
C:\Program Files\Shareaza
C:\Program Files\Smart Panel
C:\Program Files\Softissimo
C:\Program Files\Softwin
C:\Program Files\sollab
C:\Program Files\Sonic
C:\Program Files\Spybot - Search & Destroy
C:\Program Files\STRATX
C:\Program Files\Symantec
C:\Program Files\Tetris
C:\Program Files\Toshiba
C:\Program Files\Trend Micro
C:\Program Files\TurnTool
C:\Program Files\Web TV
C:\Program Files\Winamp
C:\Program Files\Windows Live
C:\Program Files\Windows Media Connect 2
C:\Program Files\Windows Media Player
C:\Program Files\Windows NT
C:\Program Files\xerox

------[ Listing des dossiers dans Program Files\Fichiers Communs ]------

C:\program files\fichiers communs\Adobe
C:\program files\fichiers communs\Adobe Systems Shared
C:\program files\fichiers communs\Designer
C:\program files\fichiers communs\FotoWire
C:\program files\fichiers communs\InstallShield
C:\program files\fichiers communs\Java
C:\program files\fichiers communs\Logitech
C:\program files\fichiers communs\Macromedia
C:\program files\fichiers communs\Microsoft Shared
C:\program files\fichiers communs\MSSoap
C:\program files\fichiers communs\ODBC
C:\program files\fichiers communs\Services
C:\program files\fichiers communs\Softwin
C:\program files\fichiers communs\SpeechEngines
C:\program files\fichiers communs\Symantec Shared
C:\program files\fichiers communs\System

----------------------[ Recherche dans le Registre ]----------------------

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run]


[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run]


-----------------[ Recherche de Fichiers - Dossiers Lop ]-----------------

Aucun dossier Lop trouvé !

--------------------[ Vérification du fichier Hosts ]---------------------

Fichier Hosts : Propre

--------------[ Recherche de fichiers cachés avec Catchme ]---------------

catchme 0.3.1066 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2007-10-16 21:42:33
Windows 5.1.2600 Service Pack 2 NTFS
scanning hidden processes ...
scanning hidden services & system hive ...
scanning hidden registry entries ...
scanning hidden files ...
C:\Documents and Settings\Emilie\Cookies\emilie@www.infos-du-net[3].txt
C:\Documents and Settings\Emilie\Local Settings\Application Data\Microsoft\Messenger\missemi007@msn.com\SharingMetadata\juju.74@msn.fr\DFSR\Staging\CS{100A9D11-29FD-FEB8-9FC3-E3CA4970E8F7}\01\11-{100A9D11-29FD-FEB8-9FC3-E3CA4970E8F7}-v1-{83AB7995-181F-412F-81A9-BAA8FEE17B68}-v11-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS 8 bytes hidden from API
C:\Documents and Settings\Emilie\Local Settings\Application Data\Microsoft\Messenger\missemi007@msn.com\SharingMetadata\tipanali@hotmail.fr\DFSR\Staging\CS{EB65E142-2DCD-99DA-DAD8-7702C74E6CF8}\01\10-{EB65E142-2DCD-99DA-DAD8-7702C74E6CF8}-v1-{83AB7995-181F-412F-81A9-BAA8FEE17B68}-v10-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS 8 bytes hidden from API
scan completed successfully
hidden processes: 0
hidden files: 4

--------------------[ Recherche d'autres infections ]---------------------

Aucune autre infection trouvée !

--------------------[ Fin du rapport à 21:54:15,06 ]----------------------


Merci

Reposte un rapport Hijackthis.

voila le rapport

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 22:10:20, on 16/10/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16544)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\igfxtray.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxpers.exe
C:\Program Files\ltmoh\Ltmoh.exe
C:\WINDOWS\AGRSMMSG.exe
C:\Program Files\Apoint2K\Apoint.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\TOSHIBA\E-KEY\CeEKey.exe
C:\Program Files\TOSHIBA\TouchPad\TPTray.exe
C:\WINDOWS\system32\ZoomingHook.exe
C:\WINDOWS\system32\TCtrlIOHook.exe
C:\WINDOWS\system32\TPSMain.exe
C:\Program Files\TOSHIBA\Utilitaire de zoom TOSHIBA\SmoothView.exe
C:\Program Files\TOSHIBA\Commandes TOSHIBA\TFncKy.exe
C:\Program Files\TOSHIBA\Touch and Launch\PadExe.exe
C:\Program Files\TOSHIBA\Tvs\TvsTray.exe
C:\WINDOWS\system32\TPSBattM.exe
C:\Program Files\Apoint2K\Apntex.exe
C:\Program Files\TOSHIBA\ConfigFree\NDSTray.exe
C:\WINDOWS\system32\dla\tfswctrl.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\TOSHIBA\ConfigFree\CFSServ.exe
C:\Program Files\Winamp\winampa.exe
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATI9BE.EXE
C:\WINDOWS\system32\LVCOMSX.EXE
C:\Program Files\Logitech\Video\LogiTray.exe
C:\Program Files\ArcadeRockstar\arcaderockstar32.exe
C:\WINDOWS\LBTWiz.exe
C:\Program Files\TOSHIBA\TOSCDSPD\toscdspd.exe
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BackWeb-8876480.exe
C:\Program Files\Shareaza\Shareaza.exe
C:\Program Files\Harrap's Multimédia\Shorter\bin\HiHarrapsTray.exe
C:\Program Files\3M\PSNLite\PsnLite.exe
C:\PROGRA~1\3M\PSNLite\PSNGive.exe
C:\Program Files\Logitech\Video\FxSvr2.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Program Files\MSN Messenger\usnsvc.exe
C:\Program Files\Fichiers communs\Softwin\BitDefender Communicator\xcommsvr.exe
C:\Program Files\Fichiers communs\Softwin\BitDefender Update Service\livesrv.exe
C:\Program Files\Softwin\BitDefender10\bdagent.exe
C:\Program Files\Softwin\BitDefender10\bdmcon.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Fichiers communs\Softwin\BitDefender Scan Server\bdss.exe
C:\Program Files\Softwin\BitDefender10\vsserv.exe
C:\WINDOWS\explorer.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.euromed-marseille.com/accueil.aspx
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.ustart.org
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla\tfswshx.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [TOSCDSPD] C:\Program Files\TOSHIBA\TOSCDSPD\toscdspd.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [updateMgr] "C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe" AcRdB7_0_8 -reboot 1
O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BackWeb-8876480.exe
O4 - HKCU\..\Run: [LogitechSoftwareUpdate] "C:\Program Files\Logitech\Video\ManifestEngine.exe" boot
O4 - HKCU\..\Run: [Shareaza] "C:\Program Files\Shareaza\Shareaza.exe" -tray
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Startup: Lancement rapide de Microsoft Office OneNote 2003.lnk = C:\Program Files\Microsoft Office\OFFICE11\ONENOTEM.EXE
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Ask Harrap's Shorter.lnk = ?
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: Post-it® Software Notes Lite.lnk = C:\Program Files\3M\PSNLite\PsnLite.exe
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_03\bin\npjpi150_03.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_03\bin\npjpi150_03.dll
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {001EE746-A1F9-460E-80AD-269E088D6A01} (Infotl Control) - http://site.ebrary.com/lib/cla10/support/plugins/ebrary...
O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab31267....
O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab312...
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.ca...
O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} (DivXBrowserPlugin Object) - http://go.divx.com/plugin/DivXBrowserPlugin.cab
O16 - DPF: {7E980B9B-8AE5-466A-B6D6-DA8CF814E78A} (MJLauncherCtrl Class) - http://msnfr.oberon-media.com/online2/MSN_INTL_FRANCE/l...
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClie...
O16 - DPF: {91D4B4D5-E368-40AB-8F53-A37FA634B471} (Installer9Ctrl Class) - http://www.tellmemorecampus.com/bin/tol9inst.cab
O16 - DPF: {A9ED6AA2-D9D4-4D71-9586-E293E2E3580B} (GameDesire Marbles&Diamonds&Runes) - http://67.15.101.3/g_bin/eng/marbles_2_0_0_27.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPACl...
O16 - DPF: {DC75FEF6-165D-4D25-A518-C8C4BDA7BAA6} (CPlayFirstDinerDashControl Object) - http://msnfr.oberon-media.com/online2/MSN_INTL_FRANCE/d...
O16 - DPF: {E1342154-4889-42B5-BEF6-19237577048F} (OberongamesLoader Object) - http://msnfr.oberon-media.com/online2/MSN_INTL_FRANCE/b...
O16 - DPF: {F6BF0D00-0B2A-4A75-BF7B-F385591623AF} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown....
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: BitDefender Scan Server (bdss) - Unknown owner - C:\Program Files\Fichiers communs\Softwin\BitDefender Scan Server\bdss.exe
O23 - Service: ConfigFree Service (CFSvcs) - TOSHIBA CORPORATION - C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: BitDefender Desktop Update Service (LIVESRV) - SOFTWIN S.R.L. - C:\Program Files\Fichiers communs\Softwin\BitDefender Update Service\livesrv.exe
O23 - Service: BitDefender Virus Shield (VSSERV) - SOFTWIN S.R.L. - C:\Program Files\Softwin\BitDefender10\vsserv.exe
O23 - Service: Windows Live Setup Service (WLSetupSvc) - Unknown owner - C:\Program Files\Windows Live\installer\WLSetupSvc.exe
O23 - Service: BitDefender Communicator (XCOMM) - SOFTWIN S.R.L - C:\Program Files\Fichiers communs\Softwin\BitDefender Communicator\xcommsvr.exe

--
End of file - 10826 bytes

Bonjour,
Euhhh? En rallumant mon ordi je n'ai plus grand chose dans ma barre de tache (plus avast, plus la petite télé de connection, plus la gestion d'énergie, plus d'autres choses), et mes commandes toshiba ne marche plus? Pourquoi???
Ca m'avait deja fait ca avec MSN fix et j'avais fait une restauration systeme. Que faire?

Emi

Re,

Supprime ce dossier :
C:\Documents and settings\All Users\Application Data\city each safe move

Bonjour,

Voila ca c'est fait (suppression du fichier) j'ai installé Antivir entre temps et fait un scan!
En ce qui concerne mon pb de barre de tache tu sais pourquoi?

Merci

Quel problème ?  

En rallumant mon ordi je n'ai plus grand chose dans ma barre de tache(à coté de l'horloge) (plus avast, plus la petite télé de connection, plus la gestion d'énergie, plus d'autres choses), et mes commandes toshiba ne marche plus? Pourquoi???
Ca m'avait deja fait ca avec MSN fix et j'avais fait une restauration systeme. Que faire?

Télécharge et exécute :
http://www.mytempdir.com/2038249

??? Je dois télécharger quoi? ??? La seule chose à faire sur la page c'est partager mes fichiers sur Internet.  
Je suis perdue

Faut cliquer "Continue to the Download Page" sur hein  

Comme ca tu pourras vois mes fichiers?

Voila c'est fait! C'est dans le registre

C'est mieux ?

Euh??? Ba ca n'a rien changé en fait. J'ai toujours pas tout les éléments dans ma barre de tache à coté de l'horloge et mes application Toshiba (ex page internet en cliquant sur un bouton spécial) ne marche pas! Si je fais une restauration systeme le virus va revenir?
Deuxième chose: le virus est parti? Car j'ai toujours Carlton dans mes connexions???

Le virus va revenir. Supprime Carlton des connexions, il ne reviendra pas.

ok merci. Mais pour ma barre de tache et mes applications??? Il me manque plein de trucs et ca m'inquiète! Je vois plus la connexion internet (petite télé) ni avast, ni msn,ni pleins de choses!

Tu devrais aller voir dans la section Hardware.

ok! Merci pour ton aide!!! C'est vraiment super

Re
Et si je fais une restauration puis Antivir? Le virus sera revenu???

J'ai déjà dit oui.