pop up récurrents + problème avec antivir

Bonjour,

Télécharge Lop S&D.exe sur ton Bureau.

Double-clique dessus pour lancer l'installation

Puis double-clique sur le raccourci Lop S&D présent sur ton Bureau

Séléctionne la langue souhaitée , puis choisis l'option 1 (Recherche)

Patiente jusqu'à la fin du scan

Poste le rapport généré (C:\lopR.txt)

(Si le Bureau ne réapparait pas presse Ctrl + Alt + Suppr , Onglet Fichier , Nouvelle tâche , tape explorer.exe et valide)

salut,

voici le rapport de Lop :


-----------------------------[ Lop S&D 2.3.3 ]---------------------------

[ Windows XP (NT 5.1) Build 2600, Service Pack 2 ]
[ USER : SAVY ] [ "C:\Program Files\Lop SD" ]
[ 12/02/2008 | 18:23:53,89 ] [ PC : SAVY-CBADB77D12 ]
[ MAJ : 12-02-2008 | 00:15 ]

-------------[ Listing des dossiers dans Application Data ]------------

[16/12/2007|17:33] C:\DOCUME~1\ALLUSE~1\APPLIC~1\.
[16/12/2007|17:33] C:\DOCUME~1\ALLUSE~1\APPLIC~1\..
[12/10/2006|18:23] C:\DOCUME~1\ALLUSE~1\APPLIC~1\addr_file.html
[09/12/2004|16:06] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe
[16/11/2006|18:46] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Ahead
[12/02/2008|17:22] C:\DOCUME~1\ALLUSE~1\APPLIC~1\AntiVir PersonalEdition Classic
[18/11/2006|11:40] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple Computer
[09/12/2004|16:27] C:\DOCUME~1\ALLUSE~1\APPLIC~1\CyberLink
[12/09/2004|15:39] C:\DOCUME~1\ALLUSE~1\APPLIC~1\desktop.ini
[30/09/2007|15:53] C:\DOCUME~1\ALLUSE~1\APPLIC~1\DVD Shrink
[17/01/2008|10:47] C:\DOCUME~1\ALLUSE~1\APPLIC~1\great coal love default
[28/12/2007|17:27] C:\DOCUME~1\ALLUSE~1\APPLIC~1\LauncherAccess.dt
[02/12/2006|09:19] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Messenger Plus!
[02/10/2005|12:27] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft
[04/09/2007|16:24] C:\DOCUME~1\ALLUSE~1\APPLIC~1\QTSBandwidthCache
[09/12/2004|15:49] C:\DOCUME~1\ALLUSE~1\APPLIC~1\QuickTime
[15/04/2006|13:40] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Skype
[17/01/2008|10:47] C:\DOCUME~1\ALLUSE~1\APPLIC~1\user first axis bows
[09/07/2006|15:22] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Genuine Advantage
[23/10/2006|18:36] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Live Toolbar
[01/11/2005|18:43] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Zylom

[12/09/2004|15:39] C:\DOCUME~1\DEFAUL~1\APPLIC~1\.
[12/09/2004|15:39] C:\DOCUME~1\DEFAUL~1\APPLIC~1\..
[12/09/2004|15:39] C:\DOCUME~1\DEFAUL~1\APPLIC~1\desktop.ini
[09/12/2004|14:00] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft

[09/12/2004|14:06] C:\DOCUME~1\LOCALS~1\APPLIC~1\.
[09/12/2004|14:06] C:\DOCUME~1\LOCALS~1\APPLIC~1\..
[09/12/2004|14:00] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft

[09/12/2004|14:06] C:\DOCUME~1\NETWOR~1\APPLIC~1\.
[09/12/2004|14:06] C:\DOCUME~1\NETWOR~1\APPLIC~1\..
[18/02/2005|17:53] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft

[16/12/2007|17:34] C:\DOCUME~1\SAVY\APPLIC~1\.
[16/12/2007|17:34] C:\DOCUME~1\SAVY\APPLIC~1\..
[09/12/2004|17:36] C:\DOCUME~1\SAVY\APPLIC~1\Adobe
[09/12/2004|17:36] C:\DOCUME~1\SAVY\APPLIC~1\AdobeUM
[16/11/2006|18:59] C:\DOCUME~1\SAVY\APPLIC~1\Ahead
[25/05/2006|11:00] C:\DOCUME~1\SAVY\APPLIC~1\Apple Computer
[03/06/2006|22:55] C:\DOCUME~1\SAVY\APPLIC~1\Azureus
[01/09/2006|13:41] C:\DOCUME~1\SAVY\APPLIC~1\Creative
[12/09/2004|15:39] C:\DOCUME~1\SAVY\APPLIC~1\desktop.ini
[06/11/2005|02:23] C:\DOCUME~1\SAVY\APPLIC~1\Google
[01/11/2005|18:43] C:\DOCUME~1\SAVY\APPLIC~1\Identities
[01/09/2006|13:35] C:\DOCUME~1\SAVY\APPLIC~1\InterTrust
[24/03/2005|18:45] C:\DOCUME~1\SAVY\APPLIC~1\Kazaa Lite
[19/02/2007|18:09] C:\DOCUME~1\SAVY\APPLIC~1\Macromedia
[09/11/2006|07:16] C:\DOCUME~1\SAVY\APPLIC~1\Microsoft
[18/12/2004|16:48] C:\DOCUME~1\SAVY\APPLIC~1\Microsoft Games
[18/12/2004|12:35] C:\DOCUME~1\SAVY\APPLIC~1\Mozilla
[03/03/2007|14:24] C:\DOCUME~1\SAVY\APPLIC~1\NeroDCTemplates
[17/01/2008|10:48] C:\DOCUME~1\SAVY\APPLIC~1\new math hold
[09/12/2004|15:52] C:\DOCUME~1\SAVY\APPLIC~1\Real
[16/12/2007|17:34] C:\DOCUME~1\SAVY\APPLIC~1\Samsung
[05/05/2006|17:44] C:\DOCUME~1\SAVY\APPLIC~1\SmartFTP
[14/05/2005|12:22] C:\DOCUME~1\SAVY\APPLIC~1\Sun
[09/12/2004|16:04] C:\DOCUME~1\SAVY\APPLIC~1\sversion.ini
[16/03/2005|16:36] C:\DOCUME~1\SAVY\APPLIC~1\Talkback
[16/03/2005|16:36] C:\DOCUME~1\SAVY\APPLIC~1\Thunderbird
[28/08/2005|18:43] C:\DOCUME~1\SAVY\APPLIC~1\vlc
[01/11/2005|18:43] C:\DOCUME~1\SAVY\APPLIC~1\Zylom

----------------[ Tâches planifiées dans C:\WINDOWS\tasks ]---------------

[12/02/2008 18:00][--ah-----] C:\WINDOWS\tasks\AEED9B57918A0B7F.job [--262--]
[12/02/2008 17:42][--a------] C:\WINDOWS\tasks\V‚rifier les mises … jour de Windows Live Toolbar.job [--256--]
[15/01/2008 14:59][--a------] C:\WINDOWS\tasks\AppleSoftwareUpdate.job [--284--]
[12/02/2008 16:40][--ah-----] C:\WINDOWS\tasks\SA.DAT [--6--]
[05/08/2004 13:00][-r-h-c---] C:\WINDOWS\tasks\desktop.ini [--65--]

---------------[ Listing des dossiers dans C:\Program Files ]--------------

[12/02/2008|18:23] C:\Program Files\.
[12/02/2008|18:23] C:\Program Files\..
[01/09/2006|13:35] C:\Program Files\Adobe
[16/11/2006|18:56] C:\Program Files\Ahead
[31/10/2007|19:32] C:\Program Files\AntiVir PersonalEdition Classic
[18/11/2006|11:40] C:\Program Files\Apple Software Update
[09/12/2004|17:52] C:\Program Files\ATI Technologies
[20/06/2006|17:16] C:\Program Files\Azureus
[01/09/2005|18:09] C:\Program Files\Cavedog
[09/11/2006|00:16] C:\Program Files\CDex
[09/12/2004|13:55] C:\Program Files\ComPlus Applications
[01/09/2006|13:30] C:\Program Files\Creative
[19/03/2005|07:34] C:\Program Files\CursorZone
[09/12/2004|16:27] C:\Program Files\CyberLink
[18/12/2004|19:14] C:\Program Files\directx
[07/11/2007|08:07] C:\Program Files\DivX
[21/12/2007|11:21] C:\Program Files\Dofus
[30/09/2007|15:53] C:\Program Files\DVD Shrink
[30/09/2007|15:57] C:\Program Files\DVDFab HD Decrypter 3
[17/03/2007|11:38] C:\Program Files\EA SPORTS
[17/03/2006|17:25] C:\Program Files\EACom
[10/09/2007|18:07] C:\Program Files\Equipe Actimel
[05/07/2006|06:43] C:\Program Files\etexchange
[10/01/2008|18:43] C:\Program Files\Fichiers communs
[18/12/2004|19:08] C:\Program Files\Fox
[30/08/2006|15:15] C:\Program Files\FpTest
[18/12/2004|12:31] C:\Program Files\Free.fr
[18/09/2006|18:51] C:\Program Files\Freeplayer
[19/03/2005|07:33] C:\Program Files\Grip
[19/03/2005|07:34] C:\Program Files\GRIPCZ41
[09/12/2004|15:33] C:\Program Files\HighMAT CD Writing Wizard
[05/03/2006|08:48] C:\Program Files\Hotbar
[02/12/2006|13:49] C:\Program Files\Hydro Thunder
[13/01/2007|16:09] C:\Program Files\i-Covers
[13/01/2007|21:38] C:\Program Files\INSTAFINK
[16/12/2007|17:32] C:\Program Files\InstallShield Installation Information
[12/12/2007|15:24] C:\Program Files\Internet Explorer
[18/11/2006|11:44] C:\Program Files\iPod
[18/11/2006|11:44] C:\Program Files\iTunes
[22/09/2006|08:55] C:\Program Files\Java
[03/03/2006|18:21] C:\Program Files\Kazaa
[17/12/2006|19:22] C:\Program Files\KONAMI
[28/05/2007|09:35] C:\Program Files\LimeWire
[12/02/2008|18:23] C:\Program Files\Lop SD
[18/09/2006|18:51] C:\Program Files\Messenger
[14/01/2008|21:25] C:\Program Files\Messenger Plus! Live
[09/12/2004|14:00] C:\Program Files\microsoft frontpage
[17/03/2006|17:59] C:\Program Files\Microsoft Games
[09/12/2004|13:56] C:\Program Files\Movie Maker
[12/02/2008|17:19] C:\Program Files\Mozilla Firefox
[25/05/2006|11:35] C:\Program Files\Mozilla Thunderbird
[10/12/2004|11:55] C:\Program Files\MSI
[09/12/2004|13:53] C:\Program Files\MSN
[09/12/2004|13:54] C:\Program Files\MSN Gaming Zone
[14/01/2008|21:25] C:\Program Files\MSN Messenger
[18/11/2006|03:01] C:\Program Files\MSXML 4.0
[24/03/2005|18:40] C:\Program Files\MyWay
[19/03/2005|07:33] C:\Program Files\NetGuide
[09/12/2004|13:56] C:\Program Files\NetMeeting
[17/01/2008|10:47] C:\Program Files\new math hold
[05/03/2006|08:47] C:\Program Files\Oberon Media
[09/12/2004|15:56] C:\Program Files\OOD2KFRE
[12/02/2008|17:08] C:\Program Files\OpenOffice.org1.1.3
[12/01/2008|18:00] C:\Program Files\Outlook Express
[09/12/2004|17:35] C:\Program Files\PhotoFiltre
[18/11/2006|11:42] C:\Program Files\QuickTime
[09/12/2004|15:51] C:\Program Files\Real
[16/12/2007|17:32] C:\Program Files\Samsung
[09/12/2004|15:48] C:\Program Files\Satsuki Decoder Pack
[09/12/2004|13:57] C:\Program Files\Services en ligne
[10/12/2004|11:57] C:\Program Files\Setup Files
[09/12/2004|16:07] C:\Program Files\SoftChris
[12/02/2008|17:14] C:\Program Files\Trend Micro
[23/03/2006|17:39] C:\Program Files\Ubi Soft
[09/12/2004|14:08] C:\Program Files\Uninstall Information
[10/12/2004|13:02] C:\Program Files\VIA
[09/12/2004|14:17] C:\Program Files\VIAudioi
[09/12/2004|15:49] C:\Program Files\Webteh
[12/01/2008|19:29] C:\Program Files\Winamp
[09/12/2004|15:33] C:\Program Files\Windows Journal Viewer
[19/11/2007|21:14] C:\Program Files\Windows Live
[01/12/2007|00:40] C:\Program Files\Windows Live Toolbar
[01/10/2007|20:38] C:\Program Files\Windows Media Connect
[12/01/2008|18:00] C:\Program Files\Windows Media Player
[09/12/2004|13:54] C:\Program Files\Windows NT
[09/12/2004|13:57] C:\Program Files\WindowsUpdate
[19/11/2006|12:39] C:\Program Files\WinRAR
[25/01/2008|19:55] C:\Program Files\World of Warcraft
[09/12/2004|14:00] C:\Program Files\xerox
[31/12/2006|15:59] C:\Program Files\Zone Labs
[15/04/2006|14:35] C:\Program Files\Zylom Games

------[ Listing des dossiers dans C:\Program Files\Fichiers communs ]------

[10/01/2008|18:43] C:\Program Files\Fichiers communs\.
[10/01/2008|18:43] C:\Program Files\Fichiers communs\..
[09/12/2004|17:36] C:\Program Files\Fichiers communs\Adobe
[16/11/2006|18:46] C:\Program Files\Fichiers communs\Ahead
[10/01/2008|18:43] C:\Program Files\Fichiers communs\Blizzard Entertainment
[12/10/2006|12:22] C:\Program Files\Fichiers communs\DirectX
[01/09/2006|13:14] C:\Program Files\Fichiers communs\InstallShield
[17/08/2006|07:51] C:\Program Files\Fichiers communs\Java
[16/11/2006|18:56] C:\Program Files\Fichiers communs\LightScribe
[23/10/2006|18:36] C:\Program Files\Fichiers communs\Microsoft Shared
[09/12/2004|13:56] C:\Program Files\Fichiers communs\MSSoap
[16/11/2006|18:54] C:\Program Files\Fichiers communs\Nero
[12/09/2004|15:39] C:\Program Files\Fichiers communs\ODBC
[09/12/2004|15:51] C:\Program Files\Fichiers communs\Real
[09/12/2004|13:56] C:\Program Files\Fichiers communs\Services
[12/09/2004|15:39] C:\Program Files\Fichiers communs\SpeechEngines
[13/06/2007|16:51] C:\Program Files\Fichiers communs\System
[09/12/2004|15:52] C:\Program Files\Fichiers communs\xing shared

----------------------[ Recherche avec S_Lop ]---------------------

C:\DOCUME~1\SAVY\LOCALS~1\Temp\bis2C1.exe

-----------------[ Recherche de Fichiers / Dossiers Lop ]-----------------

C:\DOCUME~1\ALLUSE~1\APPLIC~1\great coal love default
C:\DOCUME~1\ALLUSE~1\APPLIC~1\great coal love default\Cake fast.exe
C:\DOCUME~1\ALLUSE~1\APPLIC~1\great coal love default\Mapi About.exe
C:\WINDOWS\Tasks\AEED9B57918A0B7F.job

----------------------[ Verification du Registre ]----------------------

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Love default global mess"="C:\\Documents and Settings\\All Users\\Application Data\\great coal love default\\Cake fast.exe"

--------------------[ Verification du fichier Hosts ]---------------------

Fichier Hosts MODIFIE

127.0.0.1 bin.errorprotector.com ## added by CiD
127.0.0.1 br.errorsafe.com ## added by CiD
127.0.0.1 br.winantivirus.com ## added by CiD
127.0.0.1 br.winfixer.com ## added by CiD
127.0.0.1 cdn.drivecleaner.com ## added by CiD
127.0.0.1 cdn.errorsafe.com ## added by CiD
127.0.0.1 cdn.winsoftware.com ## added by CiD
127.0.0.1 de.errorsafe.com ## added by CiD
127.0.0.1 de.winantivirus.com ## added by CiD
127.0.0.1 download.cdn.drivecleaner.com ## added by CiD
127.0.0.1 download.cdn.errorsafe.com ## added by CiD
127.0.0.1 download.cdn.winsoftware.com ## added by CiD
127.0.0.1 download.errorsafe.com ## added by CiD
127.0.0.1 download.systemdoctor.com ## added by CiD
127.0.0.1 download.winantispyware.com ## added by CiD
127.0.0.1 download.windrivecleaner.com ## added by CiD
127.0.0.1 download.winfixer.com ## added by CiD
127.0.0.1 drivecleaner.com ## added by CiD
127.0.0.1 dynamique.drivecleaner.com ## added by CiD
127.0.0.1 errorprotector.com ## added by CiD
127.0.0.1 errorsafe.com ## added by CiD
127.0.0.1 es.winantivirus.com ## added by CiD
127.0.0.1 fr.winantivirus.com ## added by CiD
127.0.0.1 fr.winfixer.com ## added by CiD
127.0.0.1 go.drivecleaner.com ## added by CiD
127.0.0.1 go.errorsafe.com ## added by CiD
127.0.0.1 go.winantispyware.com ## added by CiD
127.0.0.1 go.winantivirus.com ## added by CiD
127.0.0.1 hk.winantivirus.com ## added by CiD
127.0.0.1 instlog.errorsafe.com ## added by CiD
127.0.0.1 instlog.winantivirus.com ## added by CiD
127.0.0.1 instlog.winfixer.com ## added by CiD
127.0.0.1 jsp.drivecleaner.com ## added by CiD
127.0.0.1 kb.errorsafe.com ## added by CiD
127.0.0.1 kb.winantivirus.com ## added by CiD
127.0.0.1 nl.errorsafe.com ## added by CiD
127.0.0.1 se.errorsafe.com ## added by CiD
127.0.0.1 secure.drivecleaner.com ## added by CiD
127.0.0.1 secure.errorsafe.com ## added by CiD
127.0.0.1 secure.winantispam.com ## added by CiD
127.0.0.1 secure.winantispy.com ## added by CiD
127.0.0.1 secure.winantivirus.com ## added by CiD
127.0.0.1 support.winantivirus.com ## added by CiD
127.0.0.1 trial.updates.winsoftware.com ## added by CiD
127.0.0.1 ulog.winantivirus.com ## added by CiD
127.0.0.1 utils.errorsafe.com ## added by CiD
127.0.0.1 utils.winantivirus.com ## added by CiD
127.0.0.1 utils.winfixer.com ## added by CiD
127.0.0.1 winantispyware.com ## added by CiD
127.0.0.1 winantivirus.com ## added by CiD
127.0.0.1 winfixer.com ## added by CiD
127.0.0.1 winfixer2006.com ## added by CiD
127.0.0.1 winsoftware.com ## added by CiD
127.0.0.1 www.drivecleaner.com ## added by CiD
127.0.0.1 www.errorprotector.com ## added by CiD
127.0.0.1 www.errorsafe.com ## added by CiD
127.0.0.1 www.systemdoctor.com ## added by CiD
127.0.0.1 www.utils.winfixer.com ## added by CiD
127.0.0.1 www.win-anti-virus-pro.com ## added by CiD
127.0.0.1 www.win-virus-pro.com ## added by CiD
127.0.0.1 www.winantispam.com ## added by CiD
127.0.0.1 www.winantispy.com ## added by CiD
127.0.0.1 www.winantispyware.com ## added by CiD
127.0.0.1 www.winantivirus.com ## added by CiD
127.0.0.1 www.winantiviruspro.com ## added by CiD
127.0.0.1 www.windrivecleaner.com ## added by CiD
127.0.0.1 www.windrivesafe.com ## added by CiD
127.0.0.1 www.winfixer.com ## added by CiD
127.0.0.1 www.winfixer2006.com ## added by CiD
127.0.0.1 www.winsoftware.com ## added by CiD

-> 73 ( 70 ## added by CiD )

/!\ 2 Not 127.0.0.1 !!

----------------[ Recherche de fichiers avec Catchme ]-----------------

catchme 0.3.1262 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-02-12 18:24:42
Windows 5.1.2600 Service Pack 2 NTFS
scanning hidden files ...
scan completed successfully
hidden files: 0

--------------------[ Recherche d'autres infections ]---------------------

Aucune autre infection trouvée !

/!\ [Fich:16222][Doss:386] C:\DOCUME~1\SAVY\LOCALS~1\Temp
/!\ [Fich:979][Doss:0] C:\DOCUME~1\SAVY\Cookies
/!\ [Fich:890][Doss:15] C:\DOCUME~1\SAVY\LOCALS~1\TEMPOR~1\content.IE5

--------------------[ Fin du rapport a 18:25:12,89 ]----------------------

Re,

Relance Lop S&D

Choisis cette fois ci l'Option 2 (Suppression)

Ne ferme pas la fenêtre lors de la suppression !

Poste le rapport généré (C:\lopR.txt)

(Si le Bureau ne réapparît pas presse Ctrl + Alt + Suppr , Onglet Fichier , Nouvelle tâche , tape explorer.exe et valide)

coucou,

je poste le rapport de Lop.
Au fait, j'ai finalement réussi à réinstaller la version free de Antivir, la mise à jour s'est faite correctement. C'était bien moi qui était nul  

voici donc le rapport:


-----------------------------[ Lop S&D 2.3.3 ]---------------------------

[ Windows XP (NT 5.1) Build 2600, Service Pack 2 ]
[ USER : SAVY ] [ "C:\Program Files\Lop SD" ]
[ 12/02/2008 | 19:07:00,65 ] [ PC : SAVY-CBADB77D12 ]
[ MAJ : 12-02-2008 | 00:15 ]

\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\ SUPPRESSION /////////////////////////////

Supprimé! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\great coal love default\Cake fast.exe
Supprimé! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\great coal love default\Mapi About.exe
Supprimé! - C:\WINDOWS\Tasks\AEED9B57918A0B7F.job
Supprimé! - C:\DOCUME~1\SAVY\LOCALS~1\Temp\bis2C1.exe
Supprimé! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\great coal love default
Restauré! - Fichier Hosts

//////////////////////////////////////-\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\


-------------[ Listing des dossiers dans Application Data ]------------

[12/02/2008|19:07] C:\DOCUME~1\ALLUSE~1\APPLIC~1\.
[12/02/2008|19:07] C:\DOCUME~1\ALLUSE~1\APPLIC~1\..
[12/10/2006|18:23] C:\DOCUME~1\ALLUSE~1\APPLIC~1\addr_file.html
[09/12/2004|16:06] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe
[16/11/2006|18:46] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Ahead
[18/11/2006|11:40] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple Computer
[12/02/2008|18:59] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Avira
[09/12/2004|16:27] C:\DOCUME~1\ALLUSE~1\APPLIC~1\CyberLink
[12/09/2004|15:39] C:\DOCUME~1\ALLUSE~1\APPLIC~1\desktop.ini
[30/09/2007|15:53] C:\DOCUME~1\ALLUSE~1\APPLIC~1\DVD Shrink
[28/12/2007|17:27] C:\DOCUME~1\ALLUSE~1\APPLIC~1\LauncherAccess.dt
[02/12/2006|09:19] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Messenger Plus!
[02/10/2005|12:27] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft
[04/09/2007|16:24] C:\DOCUME~1\ALLUSE~1\APPLIC~1\QTSBandwidthCache
[09/12/2004|15:49] C:\DOCUME~1\ALLUSE~1\APPLIC~1\QuickTime
[15/04/2006|13:40] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Skype
[17/01/2008|10:47] C:\DOCUME~1\ALLUSE~1\APPLIC~1\user first axis bows
[09/07/2006|15:22] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Genuine Advantage
[23/10/2006|18:36] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Live Toolbar
[01/11/2005|18:43] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Zylom

[12/09/2004|15:39] C:\DOCUME~1\DEFAUL~1\APPLIC~1\.
[12/09/2004|15:39] C:\DOCUME~1\DEFAUL~1\APPLIC~1\..
[12/09/2004|15:39] C:\DOCUME~1\DEFAUL~1\APPLIC~1\desktop.ini
[09/12/2004|14:00] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft

[09/12/2004|14:06] C:\DOCUME~1\LOCALS~1\APPLIC~1\.
[09/12/2004|14:06] C:\DOCUME~1\LOCALS~1\APPLIC~1\..
[09/12/2004|14:00] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft

[09/12/2004|14:06] C:\DOCUME~1\NETWOR~1\APPLIC~1\.
[09/12/2004|14:06] C:\DOCUME~1\NETWOR~1\APPLIC~1\..
[18/02/2005|17:53] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft

[16/12/2007|17:34] C:\DOCUME~1\SAVY\APPLIC~1\.
[16/12/2007|17:34] C:\DOCUME~1\SAVY\APPLIC~1\..
[09/12/2004|17:36] C:\DOCUME~1\SAVY\APPLIC~1\Adobe
[09/12/2004|17:36] C:\DOCUME~1\SAVY\APPLIC~1\AdobeUM
[16/11/2006|18:59] C:\DOCUME~1\SAVY\APPLIC~1\Ahead
[25/05/2006|11:00] C:\DOCUME~1\SAVY\APPLIC~1\Apple Computer
[03/06/2006|22:55] C:\DOCUME~1\SAVY\APPLIC~1\Azureus
[01/09/2006|13:41] C:\DOCUME~1\SAVY\APPLIC~1\Creative
[12/09/2004|15:39] C:\DOCUME~1\SAVY\APPLIC~1\desktop.ini
[06/11/2005|02:23] C:\DOCUME~1\SAVY\APPLIC~1\Google
[01/11/2005|18:43] C:\DOCUME~1\SAVY\APPLIC~1\Identities
[01/09/2006|13:35] C:\DOCUME~1\SAVY\APPLIC~1\InterTrust
[24/03/2005|18:45] C:\DOCUME~1\SAVY\APPLIC~1\Kazaa Lite
[19/02/2007|18:09] C:\DOCUME~1\SAVY\APPLIC~1\Macromedia
[09/11/2006|07:16] C:\DOCUME~1\SAVY\APPLIC~1\Microsoft
[18/12/2004|16:48] C:\DOCUME~1\SAVY\APPLIC~1\Microsoft Games
[18/12/2004|12:35] C:\DOCUME~1\SAVY\APPLIC~1\Mozilla
[03/03/2007|14:24] C:\DOCUME~1\SAVY\APPLIC~1\NeroDCTemplates
[17/01/2008|10:48] C:\DOCUME~1\SAVY\APPLIC~1\new math hold
[09/12/2004|15:52] C:\DOCUME~1\SAVY\APPLIC~1\Real
[16/12/2007|17:34] C:\DOCUME~1\SAVY\APPLIC~1\Samsung
[05/05/2006|17:44] C:\DOCUME~1\SAVY\APPLIC~1\SmartFTP
[14/05/2005|12:22] C:\DOCUME~1\SAVY\APPLIC~1\Sun
[09/12/2004|16:04] C:\DOCUME~1\SAVY\APPLIC~1\sversion.ini
[16/03/2005|16:36] C:\DOCUME~1\SAVY\APPLIC~1\Talkback
[16/03/2005|16:36] C:\DOCUME~1\SAVY\APPLIC~1\Thunderbird
[28/08/2005|18:43] C:\DOCUME~1\SAVY\APPLIC~1\vlc
[01/11/2005|18:43] C:\DOCUME~1\SAVY\APPLIC~1\Zylom

----------------[ Tâches planifiées dans C:\WINDOWS\tasks ]---------------

[12/02/2008 18:42][--a------] C:\WINDOWS\tasks\V‚rifier les mises … jour de Windows Live Toolbar.job [--256--]
[15/01/2008 14:59][--a------] C:\WINDOWS\tasks\AppleSoftwareUpdate.job [--284--]
[12/02/2008 18:31][--ah-----] C:\WINDOWS\tasks\SA.DAT [--6--]
[05/08/2004 13:00][-r-h-c---] C:\WINDOWS\tasks\desktop.ini [--65--]

---------------[ Listing des dossiers dans C:\Program Files ]--------------

[12/02/2008|18:59] C:\Program Files\.
[12/02/2008|18:59] C:\Program Files\..
[01/09/2006|13:35] C:\Program Files\Adobe
[16/11/2006|18:56] C:\Program Files\Ahead
[18/11/2006|11:40] C:\Program Files\Apple Software Update
[09/12/2004|17:52] C:\Program Files\ATI Technologies
[12/02/2008|18:59] C:\Program Files\Avira
[20/06/2006|17:16] C:\Program Files\Azureus
[01/09/2005|18:09] C:\Program Files\Cavedog
[09/11/2006|00:16] C:\Program Files\CDex
[09/12/2004|13:55] C:\Program Files\ComPlus Applications
[01/09/2006|13:30] C:\Program Files\Creative
[19/03/2005|07:34] C:\Program Files\CursorZone
[09/12/2004|16:27] C:\Program Files\CyberLink
[18/12/2004|19:14] C:\Program Files\directx
[07/11/2007|08:07] C:\Program Files\DivX
[21/12/2007|11:21] C:\Program Files\Dofus
[30/09/2007|15:53] C:\Program Files\DVD Shrink
[30/09/2007|15:57] C:\Program Files\DVDFab HD Decrypter 3
[17/03/2007|11:38] C:\Program Files\EA SPORTS
[17/03/2006|17:25] C:\Program Files\EACom
[10/09/2007|18:07] C:\Program Files\Equipe Actimel
[05/07/2006|06:43] C:\Program Files\etexchange
[10/01/2008|18:43] C:\Program Files\Fichiers communs
[18/12/2004|19:08] C:\Program Files\Fox
[30/08/2006|15:15] C:\Program Files\FpTest
[18/12/2004|12:31] C:\Program Files\Free.fr
[18/09/2006|18:51] C:\Program Files\Freeplayer
[19/03/2005|07:33] C:\Program Files\Grip
[19/03/2005|07:34] C:\Program Files\GRIPCZ41
[09/12/2004|15:33] C:\Program Files\HighMAT CD Writing Wizard
[05/03/2006|08:48] C:\Program Files\Hotbar
[02/12/2006|13:49] C:\Program Files\Hydro Thunder
[13/01/2007|16:09] C:\Program Files\i-Covers
[13/01/2007|21:38] C:\Program Files\INSTAFINK
[16/12/2007|17:32] C:\Program Files\InstallShield Installation Information
[12/12/2007|15:24] C:\Program Files\Internet Explorer
[18/11/2006|11:44] C:\Program Files\iPod
[18/11/2006|11:44] C:\Program Files\iTunes
[12/02/2008|18:43] C:\Program Files\Java
[03/03/2006|18:21] C:\Program Files\Kazaa
[17/12/2006|19:22] C:\Program Files\KONAMI
[28/05/2007|09:35] C:\Program Files\LimeWire
[12/02/2008|19:07] C:\Program Files\Lop SD
[18/09/2006|18:51] C:\Program Files\Messenger
[14/01/2008|21:25] C:\Program Files\Messenger Plus! Live
[09/12/2004|14:00] C:\Program Files\microsoft frontpage
[17/03/2006|17:59] C:\Program Files\Microsoft Games
[09/12/2004|13:56] C:\Program Files\Movie Maker
[12/02/2008|18:42] C:\Program Files\Mozilla Firefox
[25/05/2006|11:35] C:\Program Files\Mozilla Thunderbird
[10/12/2004|11:55] C:\Program Files\MSI
[09/12/2004|13:53] C:\Program Files\MSN
[09/12/2004|13:54] C:\Program Files\MSN Gaming Zone
[14/01/2008|21:25] C:\Program Files\MSN Messenger
[18/11/2006|03:01] C:\Program Files\MSXML 4.0
[24/03/2005|18:40] C:\Program Files\MyWay
[19/03/2005|07:33] C:\Program Files\NetGuide
[09/12/2004|13:56] C:\Program Files\NetMeeting
[17/01/2008|10:47] C:\Program Files\new math hold
[05/03/2006|08:47] C:\Program Files\Oberon Media
[09/12/2004|15:56] C:\Program Files\OOD2KFRE
[12/02/2008|18:31] C:\Program Files\OpenOffice.org1.1.3
[12/01/2008|18:00] C:\Program Files\Outlook Express
[09/12/2004|17:35] C:\Program Files\PhotoFiltre
[18/11/2006|11:42] C:\Program Files\QuickTime
[09/12/2004|15:51] C:\Program Files\Real
[16/12/2007|17:32] C:\Program Files\Samsung
[09/12/2004|15:48] C:\Program Files\Satsuki Decoder Pack
[09/12/2004|13:57] C:\Program Files\Services en ligne
[10/12/2004|11:57] C:\Program Files\Setup Files
[09/12/2004|16:07] C:\Program Files\SoftChris
[12/02/2008|17:14] C:\Program Files\Trend Micro
[23/03/2006|17:39] C:\Program Files\Ubi Soft
[09/12/2004|14:08] C:\Program Files\Uninstall Information
[10/12/2004|13:02] C:\Program Files\VIA
[09/12/2004|14:17] C:\Program Files\VIAudioi
[09/12/2004|15:49] C:\Program Files\Webteh
[12/01/2008|19:29] C:\Program Files\Winamp
[09/12/2004|15:33] C:\Program Files\Windows Journal Viewer
[19/11/2007|21:14] C:\Program Files\Windows Live
[01/12/2007|00:40] C:\Program Files\Windows Live Toolbar
[01/10/2007|20:38] C:\Program Files\Windows Media Connect
[12/01/2008|18:00] C:\Program Files\Windows Media Player
[09/12/2004|13:54] C:\Program Files\Windows NT
[09/12/2004|13:57] C:\Program Files\WindowsUpdate
[19/11/2006|12:39] C:\Program Files\WinRAR
[25/01/2008|19:55] C:\Program Files\World of Warcraft
[09/12/2004|14:00] C:\Program Files\xerox
[31/12/2006|15:59] C:\Program Files\Zone Labs
[15/04/2006|14:35] C:\Program Files\Zylom Games

------[ Listing des dossiers dans C:\Program Files\Fichiers communs ]------

[10/01/2008|18:43] C:\Program Files\Fichiers communs\.
[10/01/2008|18:43] C:\Program Files\Fichiers communs\..
[09/12/2004|17:36] C:\Program Files\Fichiers communs\Adobe
[16/11/2006|18:46] C:\Program Files\Fichiers communs\Ahead
[10/01/2008|18:43] C:\Program Files\Fichiers communs\Blizzard Entertainment
[12/10/2006|12:22] C:\Program Files\Fichiers communs\DirectX
[01/09/2006|13:14] C:\Program Files\Fichiers communs\InstallShield
[17/08/2006|07:51] C:\Program Files\Fichiers communs\Java
[16/11/2006|18:56] C:\Program Files\Fichiers communs\LightScribe
[23/10/2006|18:36] C:\Program Files\Fichiers communs\Microsoft Shared
[09/12/2004|13:56] C:\Program Files\Fichiers communs\MSSoap
[16/11/2006|18:54] C:\Program Files\Fichiers communs\Nero
[12/09/2004|15:39] C:\Program Files\Fichiers communs\ODBC
[09/12/2004|15:51] C:\Program Files\Fichiers communs\Real
[09/12/2004|13:56] C:\Program Files\Fichiers communs\Services
[12/09/2004|15:39] C:\Program Files\Fichiers communs\SpeechEngines
[13/06/2007|16:51] C:\Program Files\Fichiers communs\System
[09/12/2004|15:52] C:\Program Files\Fichiers communs\xing shared

----------------------[ Recherche avec S_Lop ]---------------------

Aucun fichier / dossier Lop trouvé !

-----------------[ Recherche de Fichiers / Dossiers Lop ]-----------------

Aucun fichier / dossier Lop trouvé !

----------------------[ Verification du Registre ]----------------------

..... OK !

--------------------[ Verification du fichier Hosts ]---------------------

Fichier Hosts PROPRE


----------------[ Recherche de fichiers avec Catchme ]-----------------

catchme 0.3.1262 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-02-12 19:08:05
Windows 5.1.2600 Service Pack 2 NTFS
scanning hidden files ...
scan completed successfully
hidden files: 0

--------------------[ Recherche d'autres infections ]---------------------

Aucune autre infection trouvée !

/!\ [Fich:16221][Doss:387] C:\DOCUME~1\SAVY\LOCALS~1\Temp
/!\ [Fich:981][Doss:0] C:\DOCUME~1\SAVY\Cookies
/!\ [Fich:968][Doss:15] C:\DOCUME~1\SAVY\LOCALS~1\TEMPOR~1\content.IE5

--------------------[ Fin du rapport a 19:08:32,96 ]----------------------


merci de ton aide

Reposte un rapport Hijackthis.

Télécharge BTFix ([#ff0000]Bibi26[/#f]).
Dézippe l'archive sur ton Bureau.

Ouvre le dossier BTFix.

Double clique sur BTFix.exe.

Clique sur Rechercher.

Un rapport va apparaître, copie/colle-le dans ta prochaine réponse.

Re,

j'ai donc refait un scan Hijackthis. Voici le rapport:

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 20:08:22, on 12/02/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16574)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\Program Files\VIAudioi\SBADeck\ADeck.exe
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Creative\MediaSource\Detector\CTDetect.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\CTsvcCDA.EXE
C:\Program Files\VIA\RAID\raid_tool.exe
C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
C:\Program Files\OpenOffice.org1.1.3\program\soffice.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\PROGRA~1\Mozilla Firefox\firefox.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
C:\WINDOWS\explorer.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://g.msn.fr/0SEFRFR/SAOS02
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://runonce.msn.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://g.msn.fr/0SEFRFR/SAOS01?FORM=TOOLBR
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: NetGuideBHO Class - {0FD7DAF0-BBEF-4990-B19E-2805D280571F} - C:\PROGRA~1\NetGuide\BHO\NETGUI~1.DLL (file missing)
O2 - BHO: myBar BHO - {0494D0D1-F8E0-41ad-92A3-14154ECE70AC} - C:\Program Files\MyWay\myBar\1.bin\MYBAR.DLL
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: NavErrRedir Class - {0FD7DAF0-BBEF-4990-B19E-2805D280571F} - C:\PROGRA~1\NetGuide\BHO\NETGUI~1.DLL (file missing)
O2 - BHO: InstaFinderK - {4E7BD74F-2B8D-469E-90F0-F66AB581A933} - C:\PROGRA~1\INSTAF~1\INSTAF~1.DLL
O2 - BHO: CursorZone - {4E7BD74F-2B8D-469E-A38A-E56FA49CA83A} - C:\PROGRA~1\Grip\Toolbar\CURSOR~1\gripcz41.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: Grip Toolbar - {4E7BD74F-2B8D-469E-A38A-E56FA49CA83A} - C:\PROGRA~1\Grip\Toolbar\CURSOR~1\gripcz41.dll
O3 - Toolbar: My &Search Bar - {0494D0D9-F8E0-41ad-92A3-14154ECE70AC} - C:\Program Files\MyWay\myBar\1.bin\MYBAR.DLL
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O4 - HKLM\..\Run: [AudioDeck] C:\Program Files\VIAudioi\SBADeck\ADeck.exe 1
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [README MAGS] C:\DOCUME~1\SAVY\APPLIC~1\NEWMAT~1\baitfour.exe
O4 - HKCU\..\Run: [Creative Detector] C:\Program Files\Creative\MediaSource\Detector\CTDetect.exe /R
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [eMuleAutoStart] C:\Documents and Settings\SAVY\Mes documents\Mes vidéos\eMule\emule.exe -AutoStart
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: OpenOffice.org 1.1.3.lnk = C:\Program Files\OpenOffice.org1.1.3\program\quickstart.exe
O4 - Global Startup: VIA RAID TOOL.lnk = C:\Program Files\VIA\RAID\raid_tool.exe
O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: Grip.com - file://C:\Program Files\GRIPCZ41\Cache\SelectedContextSearch.htm
O8 - Extra context menu item: Ouvrir dans un nouvel onglet d'arrière-plan - res://C:\Program Files\Windows Live Toolbar\Components\fr-fr\msntabres.dll.mui/229?133139094388444fb26fde15807ebf8f
O8 - Extra context menu item: Ouvrir dans un nouvel onglet de premier plan - res://C:\Program Files\Windows Live Toolbar\Components\fr-fr\msntabres.dll.mui/230?133139094388444fb26fde15807ebf8f
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab31267....
O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPACl...
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986....
O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab312...
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://v5.windowsupdate.microsoft.com/v5consumer/V5Cont...
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClie...
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMessengerSetupDown...
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://messenger.zone.msn.com/binary/ZIntro.cab32846.ca...
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPACl...
O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTsvcCDA.EXE
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
O23 - Service: O&O Defrag 2000 (OOD2000) - O&O Software GmbH - C:\WINDOWS\system32\OOD2000.exe

--
End of file - 9549 bytes


Et voici le rapport BTFix:

BTFix 1.075 (par bibi26) - 12/02/2008 20:09:28 - Analyse
Lancé depuis C:\Documents and Settings\SAVY\Bureau\BTFix\BTFix.exe

---> Fichiers/Dossiers trouvés

- C:\DBBackup\
- C:\WINDOWS\smdat32m.sys
- C:\WINDOWS\smdat32a.sys
- C:\Program Files\MyWay\
- C:\Program Files\Hotbar\
- C:\Program Files\INSTAFINK\

---> Analyse terminée


 

Re,

Ouvre à nouveau BTFix.

Clique sur Nettoyer.

Un rapport va apparaître, copie/colle-le dans ta prochaine réponse.

salut

Voici le rapport de BtFix après nettoyage:

BTFix 1.075 (par bibi26) - 14/02/2008 18:42:54 - Nettoyage - Mode normal
Lancé depuis C:\Documents and Settings\SAVY\Bureau\antivirus etc\BTFix\BTFix.exe

---> Fichiers/dossiers supprimés (Première passe)

- Fichiers temporaires effacés
- C:\DBBackup\
- C:\WINDOWS\smdat32m.sys
- C:\WINDOWS\smdat32a.sys
- C:\Program Files\MyWay\myBar\1.bin\
- C:\Program Files\MyWay\myBar\Cache\
- C:\Program Files\MyWay\myBar\History\
- C:\Program Files\MyWay\myBar\Settings\
- C:\Program Files\MyWay\myBar\
- C:\Program Files\MyWay\
- C:\Program Files\Hotbar\Bin\4.6.1.0\
- C:\Program Files\Hotbar\Bin\
- C:\Program Files\Hotbar\
- C:\Program Files\INSTAFINK\Cache\NewCfg\
- C:\Program Files\INSTAFINK\Cache\
- C:\Program Files\INSTAFINK\

---> Nettoyage terminé

merci

Reposte un rapport Hijackthis  

voilà le rapport Hijackthis:

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 23:46:22, on 15/02/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16608)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
C:\WINDOWS\system32\CTsvcCDA.EXE
C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\VIAudioi\SBADeck\ADeck.exe
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Creative\MediaSource\Detector\CTDetect.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Documents and Settings\SAVY\Mes documents\Mes vidéos\eMule\emule.exe
C:\Program Files\VIA\RAID\raid_tool.exe
C:\Program Files\OpenOffice.org1.1.3\program\soffice.exe
C:\PROGRA~1\Mozilla Firefox\firefox.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\update.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: NetGuideBHO Class - {0FD7DAF0-BBEF-4990-B19E-2805D280571F} - C:\PROGRA~1\NetGuide\BHO\NETGUI~1.DLL (file missing)
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: NavErrRedir Class - {0FD7DAF0-BBEF-4990-B19E-2805D280571F} - C:\PROGRA~1\NetGuide\BHO\NETGUI~1.DLL (file missing)
O2 - BHO: CursorZone - {4E7BD74F-2B8D-469E-A38A-E56FA49CA83A} - C:\PROGRA~1\Grip\Toolbar\CURSOR~1\gripcz41.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: Grip Toolbar - {4E7BD74F-2B8D-469E-A38A-E56FA49CA83A} - C:\PROGRA~1\Grip\Toolbar\CURSOR~1\gripcz41.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O4 - HKLM\..\Run: [AudioDeck] C:\Program Files\VIAudioi\SBADeck\ADeck.exe 1
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [README MAGS] C:\DOCUME~1\SAVY\APPLIC~1\NEWMAT~1\baitfour.exe
O4 - HKCU\..\Run: [Creative Detector] C:\Program Files\Creative\MediaSource\Detector\CTDetect.exe /R
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [eMuleAutoStart] C:\Documents and Settings\SAVY\Mes documents\Mes vidéos\eMule\emule.exe -AutoStart
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: OpenOffice.org 1.1.3.lnk = C:\Program Files\OpenOffice.org1.1.3\program\quickstart.exe
O4 - Global Startup: VIA RAID TOOL.lnk = C:\Program Files\VIA\RAID\raid_tool.exe
O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: Grip.com - file://C:\Program Files\GRIPCZ41\Cache\SelectedContextSearch.htm
O8 - Extra context menu item: Ouvrir dans un nouvel onglet d'arrière-plan - res://C:\Program Files\Windows Live Toolbar\Components\fr-fr\msntabres.dll.mui/229?133139094388444fb26fde15807ebf8f
O8 - Extra context menu item: Ouvrir dans un nouvel onglet de premier plan - res://C:\Program Files\Windows Live Toolbar\Components\fr-fr\msntabres.dll.mui/230?133139094388444fb26fde15807ebf8f
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab31267....
O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPACl...
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986....
O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab312...
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://v5.windowsupdate.microsoft.com/v5consumer/V5Cont...
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClie...
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMessengerSetupDown...
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://messenger.zone.msn.com/binary/ZIntro.cab32846.ca...
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPACl...
O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTsvcCDA.EXE
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
O23 - Service: O&O Defrag 2000 (OOD2000) - O&O Software GmbH - C:\WINDOWS\system32\OOD2000.exe

--
End of file - 8523 bytes

   

Re,

Fix les lignes dans le cadre ci-dessous avec Hijackthis : AIDE EN IMAGES



Télécharge OTMoveIt (d'OldTimer). Sauvegarde-le sur ton Bureau.
Sélectionne tous les emplacements dans le cadre ci-dessous :


---> Clique-droit puis Copier (ou Ctrl+C)

Double-clique sur OTMoveIt.exe afin de le lancer.
Fais un Clique-droit sur le cadre de gauche puis choisis Coller (ou Ctrl+V).
Clique maintenant sur [#ff0000]MoveIt![/#f]

[#ff0000]Si un fichier ou dossier ne peut pas être supprimé immédiatement, le logiciel te demandera de redémarrer.
Accepte en cliquant sur YES.[/#f]

Poste le rapport situé dans ce dossier : C:\_OTMoveIt\MovedFiles\
Le nom du rapport correspond au moment de sa création : date_heure.log

->Informations sur le logiciel<-

salut

Mieux vaut tard que jamais mais voici le rapport de OTMoveit:

C:\DOCUME~1\ALLUSE~1\APPLIC~1\user first axis bows moved successfully.
C:\DOCUME~1\SAVY\APPLIC~1\new math hold moved successfully.
C:\Program Files\new math hold moved successfully.

OTMoveIt2 v1.0.20 log created on 02232008_183355

Voila
Merci