Win32 Help !!!

bonsoir

1
Télécharge BTFix de Bibi26.

Dézippe l'archive sur ton Bureau.

Ouvre le dossier BTFix.

Double clique sur BTFix.exe.

Clique sur Rechercher.

Un rapport va apparaître, copie/colle-le dans ta prochaine réponse.

2

Télécharge Lop S&D.exe sur ton bureau

Double-clique dessus pour lancer l'installation

Puis double-clique sur le raccourci Lop S&D présent sur ton bureau

Séléctionne la langue souhaitée , puis choisis l'Option 1 ( Recherche )

Patiente jusqu'à la fin du scan

Poste le rapport généré ( C:\lopR.txt )

( Si le Bureau ne réapparait pas presse Ctrl + Alt + Suppr , Onglet Fichier , Nouvelle tâche , tape explorer.exe et valide )

Rapport de BTFIX:


BTFix 1.086 (par bibi26) - 16/03/2008 09:45:28 - Analyse
Lancé depuis C:\Documents and Settings\Doday\Bureau\BTFix\BTFix\BTFix.exe

---> Fichiers/Dossiers trouvés

- [Heuristique : Dealio Toolbar] C:\WINDOWS\Installer\4e33fa9.msi
- [Heuristique : Search Settings] C:\WINDOWS\Installer\4e33fae.msi
- C:\WINDOWS\Installer\{90529245-9C54-45B5-BBB3-B180CA04F248}\
- C:\WINDOWS\Installer\{5F9593C6-27DF-46E3-8CD7-0AA33BAFEDD8}\
- C:\Program Files\Search Settings\
- C:\Program Files\Mozilla Firefox\extensions\toolbar@dealio.com\
- C:\Program Files\Mozilla Firefox\extensions\search@searchsettings.com\
- C:\Documents and Settings\Doday\Application Data\Search Settings\
- C:\Documents and Settings\Doday\Application Data\Dealio\

---> Analyse terminée

[ Windows XP (NT 5.1) Build 2600, Service Pack 2 ]
[ USER : Doday ] [ "C:\Lop SD" ]
[ 16/03/2008 | 9:47:45,87 ] [ PC : DAUDAY-650977F5 ]
[ MAJ : 13-03-2008 | 20:45 ]

-------------[ Listing des dossiers dans Application Data ]------------

[17/05/2007|10:58] C:\DOCUME~1\ADMINI~1\APPLIC~1\.
[17/05/2007|10:58] C:\DOCUME~1\ADMINI~1\APPLIC~1\..
[17/05/2007|10:58] C:\DOCUME~1\ADMINI~1\APPLIC~1\desktop.ini
[17/05/2007|09:18] C:\DOCUME~1\ADMINI~1\APPLIC~1\Microsoft

[18/01/2008|18:23] C:\DOCUME~1\ALLUSE~1\APPLIC~1\.
[18/01/2008|18:23] C:\DOCUME~1\ALLUSE~1\APPLIC~1\..
[05/08/2007|11:56] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe
[07/09/2007|17:20] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Ahead
[28/11/2007|18:16] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple
[08/12/2007|15:34] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple Computer
[01/09/2007|08:57] C:\DOCUME~1\ALLUSE~1\APPLIC~1\AVS4YOU
[17/05/2007|10:58] C:\DOCUME~1\ALLUSE~1\APPLIC~1\desktop.ini
[06/11/2007|22:41] C:\DOCUME~1\ALLUSE~1\APPLIC~1\EnterNHelp
[06/11/2007|22:41] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Fonts
[06/11/2007|22:41] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Funk Animals
[05/08/2007|11:47] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Google
[29/08/2007|16:56] C:\DOCUME~1\ALLUSE~1\APPLIC~1\InstallShield
[03/11/2007|10:38] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Lavasoft
[08/08/2007|19:23] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Messenger Plus!
[30/11/2007|15:15] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Micro Application
[09/12/2007|23:24] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft
[09/09/2007|08:59] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft Help
[06/11/2007|22:43] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Nikon
[06/11/2007|22:41] C:\DOCUME~1\ALLUSE~1\APPLIC~1\PKP_DLds.DAT
[29/07/2007|20:37] C:\DOCUME~1\ALLUSE~1\APPLIC~1\save two ping trans
[17/02/2008|10:48] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Spybot - Search & Destroy
[14/03/2008|18:14] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Tick Find Close Surf
[06/11/2007|22:41] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Ultima_T15
[17/05/2007|10:24] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Genuine Advantage
[09/12/2007|23:19] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WLInstaller

[17/05/2007|10:58] C:\DOCUME~1\DEFAUL~1\APPLIC~1\.
[17/05/2007|10:58] C:\DOCUME~1\DEFAUL~1\APPLIC~1\..
[17/05/2007|10:58] C:\DOCUME~1\DEFAUL~1\APPLIC~1\desktop.ini
[13/12/2007|03:04] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft

[02/03/2008|12:48] C:\DOCUME~1\Doday\APPLIC~1\.
[02/03/2008|12:48] C:\DOCUME~1\Doday\APPLIC~1\..
[29/07/2007|17:26] C:\DOCUME~1\Doday\APPLIC~1\Adobe
[07/09/2007|17:47] C:\DOCUME~1\Doday\APPLIC~1\Ahead
[05/11/2007|17:50] C:\DOCUME~1\Doday\APPLIC~1\Apple Computer
[18/05/2007|08:23] C:\DOCUME~1\Doday\APPLIC~1\ATI
[01/09/2007|09:33] C:\DOCUME~1\Doday\APPLIC~1\AVSMedia
[30/11/2007|22:10] C:\DOCUME~1\Doday\APPLIC~1\Brother
[03/06/2007|20:42] C:\DOCUME~1\Doday\APPLIC~1\BSplayer
[26/05/2007|10:26] C:\DOCUME~1\Doday\APPLIC~1\BSplayer Pro
[17/02/2008|10:36] C:\DOCUME~1\Doday\APPLIC~1\Dealio
[09/12/2007|14:12] C:\DOCUME~1\Doday\APPLIC~1\DeepBurner
[17/05/2007|10:58] C:\DOCUME~1\Doday\APPLIC~1\desktop.ini
[03/06/2007|17:25] C:\DOCUME~1\Doday\APPLIC~1\DivX
[22/11/2007|21:22] C:\DOCUME~1\Doday\APPLIC~1\dvdcss
[06/11/2007|22:41] C:\DOCUME~1\Doday\APPLIC~1\Flowers
[05/08/2007|09:04] C:\DOCUME~1\Doday\APPLIC~1\Google
[26/05/2007|12:08] C:\DOCUME~1\Doday\APPLIC~1\Help
[17/05/2007|09:26] C:\DOCUME~1\Doday\APPLIC~1\Identities
[03/01/2008|16:42] C:\DOCUME~1\Doday\APPLIC~1\InfraRecorder
[15/03/2008|19:19] C:\DOCUME~1\Doday\APPLIC~1\LimeWire
[03/03/2008|06:38] C:\DOCUME~1\Doday\APPLIC~1\ma-config.com
[17/05/2007|10:47] C:\DOCUME~1\Doday\APPLIC~1\Macromedia
[30/11/2007|16:29] C:\DOCUME~1\Doday\APPLIC~1\Micro Application
[09/12/2007|23:36] C:\DOCUME~1\Doday\APPLIC~1\Microsoft
[17/06/2007|22:36] C:\DOCUME~1\Doday\APPLIC~1\Mozilla
[06/11/2007|22:44] C:\DOCUME~1\Doday\APPLIC~1\Nikon
[09/03/2008|16:50] C:\DOCUME~1\Doday\APPLIC~1\OpenOffice.org2
[14/06/2007|13:29] C:\DOCUME~1\Doday\APPLIC~1\Real
[14/03/2008|14:06] C:\DOCUME~1\Doday\APPLIC~1\safeviewface
[06/01/2008|17:52] C:\DOCUME~1\Doday\APPLIC~1\Search Settings
[24/11/2007|12:01] C:\DOCUME~1\Doday\APPLIC~1\SecondLife
[17/05/2007|10:49] C:\DOCUME~1\Doday\APPLIC~1\Sun
[17/05/2007|10:18] C:\DOCUME~1\Doday\APPLIC~1\vlc

[17/05/2007|09:24] C:\DOCUME~1\LOCALS~1\APPLIC~1\.
[17/05/2007|09:24] C:\DOCUME~1\LOCALS~1\APPLIC~1\..
[31/05/2007|08:45] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft

[17/05/2007|09:24] C:\DOCUME~1\NETWOR~1\APPLIC~1\.
[17/05/2007|09:24] C:\DOCUME~1\NETWOR~1\APPLIC~1\..
[17/05/2007|09:24] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft

----------------[ Tâches planifiées dans C:\WINDOWS\tasks ]---------------

[16/03/2008 09:00][--ah-----] C:\WINDOWS\tasks\AE5EA27891855314.job
[15/03/2008 15:23][--a------] C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[14/03/2008 18:14][--ah-----] C:\WINDOWS\tasks\SA.DAT
[05/08/2004 13:00][-r-h-----] C:\WINDOWS\tasks\desktop.ini

---------------[ Listing des dossiers dans C:\Program Files ]--------------

[14/03/2008|18:11] C:\Program Files\.
[14/03/2008|18:11] C:\Program Files\..
[05/08/2007|11:56] C:\Program Files\Adobe
[17/05/2007|10:02] C:\Program Files\Alwil Software
[28/11/2007|18:16] C:\Program Files\Apple Software Update
[06/11/2007|22:37] C:\Program Files\ArcSoft
[18/01/2008|18:24] C:\Program Files\Astonsoft
[18/05/2007|08:15] C:\Program Files\ATI Technologies
[10/10/2007|20:30] C:\Program Files\AviSynth 2.5
[23/06/2007|21:31] C:\Program Files\bobyte
[10/02/2008|00:20] C:\Program Files\Bonjour
[20/12/2007|22:41] C:\Program Files\Circle Developement
[17/05/2007|09:10] C:\Program Files\ComPlus Applications
[15/08/2007|10:49] C:\Program Files\CONEXANT
[20/06/2007|14:05] C:\Program Files\directx
[17/02/2008|12:42] C:\Program Files\DivX
[17/02/2008|19:52] C:\Program Files\DivXLand
[15/03/2008|08:01] C:\Program Files\eMule
[21/09/2007|16:31] C:\Program Files\eRightSoft
[10/10/2007|20:30] C:\Program Files\FairUse Wizard 2
[09/12/2007|23:19] C:\Program Files\Fichiers communs
[18/01/2008|18:25] C:\Program Files\Free Easy Burner
[07/10/2007|13:12] C:\Program Files\Gabest
[24/02/2008|18:49] C:\Program Files\Google Video
[02/03/2008|14:57] C:\Program Files\InstallShield Installation Information
[15/02/2008|07:54] C:\Program Files\Internet Explorer
[02/12/2007|16:04] C:\Program Files\Java
[24/01/2008|20:49] C:\Program Files\JCA2000
[02/03/2008|12:54] C:\Program Files\Lavalys
[05/08/2007|10:04] C:\Program Files\Lavasoft
[15/02/2008|23:08] C:\Program Files\LimeWire
[02/03/2008|12:48] C:\Program Files\ma-config.com
[31/08/2007|16:40] C:\Program Files\Ma‹do Production
[20/12/2007|22:41] C:\Program Files\Messenger Plus! Live
[30/11/2007|15:15] C:\Program Files\Micro Application
[17/05/2007|09:18] C:\Program Files\microsoft frontpage
[09/09/2007|08:59] C:\Program Files\Microsoft Office
[09/12/2007|23:29] C:\Program Files\Microsoft SQL Server Compact Edition
[17/05/2007|09:12] C:\Program Files\Movie Maker
[16/03/2008|09:41] C:\Program Files\Mozilla Firefox
[17/05/2007|09:07] C:\Program Files\MSN
[17/05/2007|09:08] C:\Program Files\MSN Gaming Zone
[07/09/2007|21:09] C:\Program Files\MSXML 4.0
[17/05/2007|09:15] C:\Program Files\NetMeeting
[06/11/2007|22:42] C:\Program Files\Nikon
[17/05/2007|09:09] C:\Program Files\Online Services
[30/11/2007|21:44] C:\Program Files\OpenOffice.org 2.3
[12/06/2007|20:15] C:\Program Files\Outlook Express
[02/03/2008|14:24] C:\Program Files\Realtek
[15/02/2008|16:28] C:\Program Files\safeviewface
[29/08/2007|16:51] C:\Program Files\Sandisk
[06/01/2008|15:50] C:\Program Files\Search Settings
[17/05/2007|09:16] C:\Program Files\Services en ligne
[14/07/2007|11:18] C:\Program Files\Solveig Multimedia
[17/05/2007|09:26] C:\Program Files\Uninstall Information
[29/08/2007|18:14] C:\Program Files\URUSoft
[16/07/2007|14:39] C:\Program Files\USB Disk Win98 Driver
[17/02/2008|12:19] C:\Program Files\VideoLAN
[03/06/2007|20:42] C:\Program Files\Webteh
[19/09/2007|20:05] C:\Program Files\WinAVI MP4 Converter
[18/01/2008|18:27] C:\Program Files\Windows Live
[18/01/2008|18:24] C:\Program Files\Windows Live Toolbar
[31/08/2007|09:20] C:\Program Files\Windows Media Connect 2
[31/08/2007|09:20] C:\Program Files\Windows Media Player
[17/05/2007|09:08] C:\Program Files\Windows NT
[17/05/2007|09:16] C:\Program Files\WindowsUpdate
[17/05/2007|09:18] C:\Program Files\xerox

------[ Listing des dossiers dans C:\Program Files\Fichiers communs ]------

[09/12/2007|23:19] C:\Program Files\Fichiers communs\.
[09/12/2007|23:19] C:\Program Files\Fichiers communs\..
[05/08/2007|11:56] C:\Program Files\Fichiers communs\Adobe
[09/09/2007|09:06] C:\Program Files\Fichiers communs\Ahead
[08/12/2007|15:32] C:\Program Files\Fichiers communs\Apple
[24/09/2007|20:06] C:\Program Files\Fichiers communs\AVSMedia
[09/09/2007|08:58] C:\Program Files\Fichiers communs\Designer
[29/08/2007|16:55] C:\Program Files\Fichiers communs\InstallShield
[02/08/2007|13:21] C:\Program Files\Fichiers communs\Java
[09/12/2007|23:24] C:\Program Files\Fichiers communs\Microsoft Shared
[17/05/2007|09:14] C:\Program Files\Fichiers communs\MSSoap
[06/11/2007|22:42] C:\Program Files\Fichiers communs\muvee Technologies
[27/06/2007|17:02] C:\Program Files\Fichiers communs\Nero
[06/11/2007|22:44] C:\Program Files\Fichiers communs\Nikon
[09/09/2007|08:59] C:\Program Files\Fichiers communs\ODBC
[17/05/2007|09:15] C:\Program Files\Fichiers communs\Services
[17/05/2007|10:58] C:\Program Files\Fichiers communs\SpeechEngines
[13/08/2007|12:07] C:\Program Files\Fichiers communs\Symantec Shared
[09/09/2007|08:53] C:\Program Files\Fichiers communs\System
[09/12/2007|23:24] C:\Program Files\Fichiers communs\WindowsLiveInstaller
[03/11/2007|10:36] C:\Program Files\Fichiers communs\Wise Installation Wizard

----------------------[ Recherche avec S_Lop ]---------------------

Aucun fichier / dossier Lop trouvé !

-----------------[ Recherche de Fichiers / Dossiers Lop ]-----------------

C:\DOCUME~1\ALLUSE~1\APPLIC~1\Tick Find Close Surf
C:\Program Files\Circle Developement
C:\Program Files\Circle Developement\Uninstall.exe
C:\WINDOWS\Tasks\AE5EA27891855314.job

----------------------[ Verification du Registre ]----------------------

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

..... OK !

--------------------[ Verification du fichier Hosts ]---------------------

Fichier Hosts MODIFIE

127.0.0.1 bin.errorprotector.com ## added by CiD
127.0.0.1 br.errorsafe.com ## added by CiD
127.0.0.1 br.winantivirus.com ## added by CiD
127.0.0.1 br.winfixer.com ## added by CiD
127.0.0.1 cdn.drivecleaner.com ## added by CiD
127.0.0.1 cdn.errorsafe.com ## added by CiD
127.0.0.1 cdn.winsoftware.com ## added by CiD
127.0.0.1 de.errorsafe.com ## added by CiD
127.0.0.1 de.winantivirus.com ## added by CiD
127.0.0.1 download.cdn.drivecleaner.com ## added by CiD
127.0.0.1 download.cdn.errorsafe.com ## added by CiD
127.0.0.1 download.cdn.winsoftware.com ## added by CiD
127.0.0.1 download.errorsafe.com ## added by CiD
127.0.0.1 download.systemdoctor.com ## added by CiD
127.0.0.1 download.winantispyware.com ## added by CiD
127.0.0.1 download.windrivecleaner.com ## added by CiD
127.0.0.1 download.winfixer.com ## added by CiD
127.0.0.1 drivecleaner.com ## added by CiD
127.0.0.1 dynamique.drivecleaner.com ## added by CiD
127.0.0.1 errorprotector.com ## added by CiD
127.0.0.1 errorsafe.com ## added by CiD
127.0.0.1 es.winantivirus.com ## added by CiD
127.0.0.1 fr.winantivirus.com ## added by CiD
127.0.0.1 fr.winfixer.com ## added by CiD
127.0.0.1 go.drivecleaner.com ## added by CiD
127.0.0.1 go.errorsafe.com ## added by CiD
127.0.0.1 go.winantispyware.com ## added by CiD
127.0.0.1 go.winantivirus.com ## added by CiD
127.0.0.1 hk.winantivirus.com ## added by CiD
127.0.0.1 instlog.errorsafe.com ## added by CiD
127.0.0.1 instlog.winantivirus.com ## added by CiD
127.0.0.1 instlog.winfixer.com ## added by CiD
127.0.0.1 jsp.drivecleaner.com ## added by CiD
127.0.0.1 kb.errorsafe.com ## added by CiD
127.0.0.1 kb.winantivirus.com ## added by CiD
127.0.0.1 nl.errorsafe.com ## added by CiD
127.0.0.1 se.errorsafe.com ## added by CiD
127.0.0.1 secure.drivecleaner.com ## added by CiD
127.0.0.1 secure.errorsafe.com ## added by CiD
127.0.0.1 secure.winantispam.com ## added by CiD
127.0.0.1 secure.winantispy.com ## added by CiD
127.0.0.1 secure.winantivirus.com ## added by CiD
127.0.0.1 support.winantivirus.com ## added by CiD
127.0.0.1 trial.updates.winsoftware.com ## added by CiD
127.0.0.1 ulog.winantivirus.com ## added by CiD
127.0.0.1 utils.errorsafe.com ## added by CiD
127.0.0.1 utils.winantivirus.com ## added by CiD
127.0.0.1 utils.winfixer.com ## added by CiD
127.0.0.1 winantispyware.com ## added by CiD
127.0.0.1 winantivirus.com ## added by CiD
127.0.0.1 winfixer.com ## added by CiD
127.0.0.1 winfixer2006.com ## added by CiD
127.0.0.1 winsoftware.com ## added by CiD
127.0.0.1 www.drivecleaner.com ## added by CiD
127.0.0.1 www.errorprotector.com ## added by CiD
127.0.0.1 www.errorsafe.com ## added by CiD
127.0.0.1 www.systemdoctor.com ## added by CiD
127.0.0.1 www.utils.winfixer.com ## added by CiD
127.0.0.1 www.win-anti-virus-pro.com ## added by CiD
127.0.0.1 www.win-virus-pro.com ## added by CiD
127.0.0.1 www.winantispam.com ## added by CiD
127.0.0.1 www.winantispy.com ## added by CiD
127.0.0.1 www.winantispyware.com ## added by CiD
127.0.0.1 www.winantivirus.com ## added by CiD
127.0.0.1 www.winantiviruspro.com ## added by CiD
127.0.0.1 www.windrivecleaner.com ## added by CiD
127.0.0.1 www.windrivesafe.com ## added by CiD
127.0.0.1 www.winfixer.com ## added by CiD
127.0.0.1 www.winfixer2006.com ## added by CiD
127.0.0.1 www.winsoftware.com ## added by CiD

-> 71 ( 70 ## added by CiD )

----------------[ Recherche de fichiers avec Catchme ]-----------------

catchme 0.3.1262 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-03-16 09:49:02
Windows 5.1.2600 Service Pack 2 NTFS
scanning hidden files ...
scan completed successfully
hidden files: 0

--------------------[ Recherche d'autres infections ]---------------------

Aucune autre infection trouvée !

/!\ [Fich:673][Doss:35] C:\DOCUME~1\Doday\LOCALS~1\Temp
/!\ [Fich:137][Doss:0] C:\DOCUME~1\Doday\Cookies
/!\ [Fich:812][Doss:4] C:\DOCUME~1\Doday\LOCALS~1\TEMPOR~1\content.IE5

--------------------[ Fin du rapport a 9:49:19,62 ]----------------------

quand lop cherchait, un virus a été détecter "cheval de troie'

bonjour


ignore ce genre d'alerte

1

Ouvre BTFix.

Clique sur Nettoyer.

Un rapport va apparaître, copie/colle-le dans ta prochaine réponse.

2
Relance Lop S&D

Choisis cette fois ci l'Option 2 ( Suppression )

Ne ferme pas la fenêtre lors de la suppression !

Poste le rapport généré ( C:\lopR.txt )

( Si le Bureau ne réapparît pas presse Ctrl + Alt + Suppr , Onglet Fichier , Nouvelle tâche , tape explorer.exe et valide )

[ Windows XP (NT 5.1) Build 2600, Service Pack 2 ]
[ USER : Doday ] [ "C:\Lop SD" ]
[ 16/03/2008 | 12:06:53,71 ] [ PC : DAUDAY-650977F5 ]
[ MAJ : 13-03-2008 | 20:45 ]

\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\ SUPPRESSION /////////////////////////////

Supprimé! - C:\Program Files\Circle Developement\Uninstall.exe
Supprimé! - C:\WINDOWS\Tasks\AE5EA27891855314.job
Supprimé! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\Tick Find Close Surf
Supprimé! - C:\Program Files\Circle Developement
Restauré! - Fichier Hosts

//////////////////////////////////////-\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\


-------------[ Listing des dossiers dans Application Data ]------------

[17/05/2007|10:58] C:\DOCUME~1\ADMINI~1\APPLIC~1\.
[17/05/2007|10:58] C:\DOCUME~1\ADMINI~1\APPLIC~1\..
[17/05/2007|10:58] C:\DOCUME~1\ADMINI~1\APPLIC~1\desktop.ini
[17/05/2007|09:18] C:\DOCUME~1\ADMINI~1\APPLIC~1\Microsoft

[16/03/2008|12:07] C:\DOCUME~1\ALLUSE~1\APPLIC~1\.
[16/03/2008|12:07] C:\DOCUME~1\ALLUSE~1\APPLIC~1\..
[05/08/2007|11:56] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe
[07/09/2007|17:20] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Ahead
[28/11/2007|18:16] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple
[08/12/2007|15:34] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple Computer
[01/09/2007|08:57] C:\DOCUME~1\ALLUSE~1\APPLIC~1\AVS4YOU
[17/05/2007|10:58] C:\DOCUME~1\ALLUSE~1\APPLIC~1\desktop.ini
[06/11/2007|22:41] C:\DOCUME~1\ALLUSE~1\APPLIC~1\EnterNHelp
[06/11/2007|22:41] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Fonts
[06/11/2007|22:41] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Funk Animals
[05/08/2007|11:47] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Google
[29/08/2007|16:56] C:\DOCUME~1\ALLUSE~1\APPLIC~1\InstallShield
[03/11/2007|10:38] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Lavasoft
[08/08/2007|19:23] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Messenger Plus!
[30/11/2007|15:15] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Micro Application
[09/12/2007|23:24] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft
[09/09/2007|08:59] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft Help
[06/11/2007|22:43] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Nikon
[06/11/2007|22:41] C:\DOCUME~1\ALLUSE~1\APPLIC~1\PKP_DLds.DAT
[29/07/2007|20:37] C:\DOCUME~1\ALLUSE~1\APPLIC~1\save two ping trans
[17/02/2008|10:48] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Spybot - Search & Destroy
[06/11/2007|22:41] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Ultima_T15
[17/05/2007|10:24] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Genuine Advantage
[16/03/2008|11:11] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WLInstaller

[17/05/2007|10:58] C:\DOCUME~1\DEFAUL~1\APPLIC~1\.
[17/05/2007|10:58] C:\DOCUME~1\DEFAUL~1\APPLIC~1\..
[17/05/2007|10:58] C:\DOCUME~1\DEFAUL~1\APPLIC~1\desktop.ini
[13/12/2007|03:04] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft

[02/03/2008|12:48] C:\DOCUME~1\Doday\APPLIC~1\.
[02/03/2008|12:48] C:\DOCUME~1\Doday\APPLIC~1\..
[29/07/2007|17:26] C:\DOCUME~1\Doday\APPLIC~1\Adobe
[07/09/2007|17:47] C:\DOCUME~1\Doday\APPLIC~1\Ahead
[05/11/2007|17:50] C:\DOCUME~1\Doday\APPLIC~1\Apple Computer
[18/05/2007|08:23] C:\DOCUME~1\Doday\APPLIC~1\ATI
[01/09/2007|09:33] C:\DOCUME~1\Doday\APPLIC~1\AVSMedia
[30/11/2007|22:10] C:\DOCUME~1\Doday\APPLIC~1\Brother
[03/06/2007|20:42] C:\DOCUME~1\Doday\APPLIC~1\BSplayer
[26/05/2007|10:26] C:\DOCUME~1\Doday\APPLIC~1\BSplayer Pro
[17/02/2008|10:36] C:\DOCUME~1\Doday\APPLIC~1\Dealio
[09/12/2007|14:12] C:\DOCUME~1\Doday\APPLIC~1\DeepBurner
[17/05/2007|10:58] C:\DOCUME~1\Doday\APPLIC~1\desktop.ini
[03/06/2007|17:25] C:\DOCUME~1\Doday\APPLIC~1\DivX
[22/11/2007|21:22] C:\DOCUME~1\Doday\APPLIC~1\dvdcss
[06/11/2007|22:41] C:\DOCUME~1\Doday\APPLIC~1\Flowers
[05/08/2007|09:04] C:\DOCUME~1\Doday\APPLIC~1\Google
[26/05/2007|12:08] C:\DOCUME~1\Doday\APPLIC~1\Help
[17/05/2007|09:26] C:\DOCUME~1\Doday\APPLIC~1\Identities
[03/01/2008|16:42] C:\DOCUME~1\Doday\APPLIC~1\InfraRecorder
[16/03/2008|11:27] C:\DOCUME~1\Doday\APPLIC~1\LimeWire
[03/03/2008|06:38] C:\DOCUME~1\Doday\APPLIC~1\ma-config.com
[17/05/2007|10:47] C:\DOCUME~1\Doday\APPLIC~1\Macromedia
[30/11/2007|16:29] C:\DOCUME~1\Doday\APPLIC~1\Micro Application
[09/12/2007|23:36] C:\DOCUME~1\Doday\APPLIC~1\Microsoft
[17/06/2007|22:36] C:\DOCUME~1\Doday\APPLIC~1\Mozilla
[06/11/2007|22:44] C:\DOCUME~1\Doday\APPLIC~1\Nikon
[09/03/2008|16:50] C:\DOCUME~1\Doday\APPLIC~1\OpenOffice.org2
[14/06/2007|13:29] C:\DOCUME~1\Doday\APPLIC~1\Real
[14/03/2008|14:06] C:\DOCUME~1\Doday\APPLIC~1\safeviewface
[06/01/2008|17:52] C:\DOCUME~1\Doday\APPLIC~1\Search Settings
[24/11/2007|12:01] C:\DOCUME~1\Doday\APPLIC~1\SecondLife
[17/05/2007|10:49] C:\DOCUME~1\Doday\APPLIC~1\Sun
[17/05/2007|10:18] C:\DOCUME~1\Doday\APPLIC~1\vlc

[17/05/2007|09:24] C:\DOCUME~1\LOCALS~1\APPLIC~1\.
[17/05/2007|09:24] C:\DOCUME~1\LOCALS~1\APPLIC~1\..
[31/05/2007|08:45] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft

[17/05/2007|09:24] C:\DOCUME~1\NETWOR~1\APPLIC~1\.
[17/05/2007|09:24] C:\DOCUME~1\NETWOR~1\APPLIC~1\..
[17/05/2007|09:24] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft

----------------[ Tâches planifiées dans C:\WINDOWS\tasks ]---------------

[15/03/2008 15:23][--a------] C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[14/03/2008 18:14][--ah-----] C:\WINDOWS\tasks\SA.DAT
[05/08/2004 13:00][-r-h-----] C:\WINDOWS\tasks\desktop.ini

---------------[ Listing des dossiers dans C:\Program Files ]--------------

[16/03/2008|12:07] C:\Program Files\.
[16/03/2008|12:07] C:\Program Files\..
[05/08/2007|11:56] C:\Program Files\Adobe
[17/05/2007|10:02] C:\Program Files\Alwil Software
[28/11/2007|18:16] C:\Program Files\Apple Software Update
[06/11/2007|22:37] C:\Program Files\ArcSoft
[18/01/2008|18:24] C:\Program Files\Astonsoft
[18/05/2007|08:15] C:\Program Files\ATI Technologies
[10/10/2007|20:30] C:\Program Files\AviSynth 2.5
[23/06/2007|21:31] C:\Program Files\bobyte
[10/02/2008|00:20] C:\Program Files\Bonjour
[17/05/2007|09:10] C:\Program Files\ComPlus Applications
[15/08/2007|10:49] C:\Program Files\CONEXANT
[20/06/2007|14:05] C:\Program Files\directx
[17/02/2008|12:42] C:\Program Files\DivX
[17/02/2008|19:52] C:\Program Files\DivXLand
[15/03/2008|08:01] C:\Program Files\eMule
[21/09/2007|16:31] C:\Program Files\eRightSoft
[10/10/2007|20:30] C:\Program Files\FairUse Wizard 2
[09/12/2007|23:19] C:\Program Files\Fichiers communs
[18/01/2008|18:25] C:\Program Files\Free Easy Burner
[07/10/2007|13:12] C:\Program Files\Gabest
[24/02/2008|18:49] C:\Program Files\Google Video
[02/03/2008|14:57] C:\Program Files\InstallShield Installation Information
[15/02/2008|07:54] C:\Program Files\Internet Explorer
[02/12/2007|16:04] C:\Program Files\Java
[24/01/2008|20:49] C:\Program Files\JCA2000
[02/03/2008|12:54] C:\Program Files\Lavalys
[05/08/2007|10:04] C:\Program Files\Lavasoft
[15/02/2008|23:08] C:\Program Files\LimeWire
[02/03/2008|12:48] C:\Program Files\ma-config.com
[31/08/2007|16:40] C:\Program Files\Ma‹do Production
[20/12/2007|22:41] C:\Program Files\Messenger Plus! Live
[30/11/2007|15:15] C:\Program Files\Micro Application
[17/05/2007|09:18] C:\Program Files\microsoft frontpage
[09/09/2007|08:59] C:\Program Files\Microsoft Office
[09/12/2007|23:29] C:\Program Files\Microsoft SQL Server Compact Edition
[17/05/2007|09:12] C:\Program Files\Movie Maker
[16/03/2008|11:05] C:\Program Files\Mozilla Firefox
[17/05/2007|09:07] C:\Program Files\MSN
[17/05/2007|09:08] C:\Program Files\MSN Gaming Zone
[07/09/2007|21:09] C:\Program Files\MSXML 4.0
[17/05/2007|09:15] C:\Program Files\NetMeeting
[06/11/2007|22:42] C:\Program Files\Nikon
[17/05/2007|09:09] C:\Program Files\Online Services
[30/11/2007|21:44] C:\Program Files\OpenOffice.org 2.3
[12/06/2007|20:15] C:\Program Files\Outlook Express
[02/03/2008|14:24] C:\Program Files\Realtek
[15/02/2008|16:28] C:\Program Files\safeviewface
[29/08/2007|16:51] C:\Program Files\Sandisk
[06/01/2008|15:50] C:\Program Files\Search Settings
[17/05/2007|09:16] C:\Program Files\Services en ligne
[14/07/2007|11:18] C:\Program Files\Solveig Multimedia
[17/05/2007|09:26] C:\Program Files\Uninstall Information
[29/08/2007|18:14] C:\Program Files\URUSoft
[16/07/2007|14:39] C:\Program Files\USB Disk Win98 Driver
[17/02/2008|12:19] C:\Program Files\VideoLAN
[03/06/2007|20:42] C:\Program Files\Webteh
[19/09/2007|20:05] C:\Program Files\WinAVI MP4 Converter
[18/01/2008|18:27] C:\Program Files\Windows Live
[18/01/2008|18:24] C:\Program Files\Windows Live Toolbar
[31/08/2007|09:20] C:\Program Files\Windows Media Connect 2
[31/08/2007|09:20] C:\Program Files\Windows Media Player
[17/05/2007|09:08] C:\Program Files\Windows NT
[17/05/2007|09:16] C:\Program Files\WindowsUpdate
[17/05/2007|09:18] C:\Program Files\xerox

------[ Listing des dossiers dans C:\Program Files\Fichiers communs ]------

[09/12/2007|23:19] C:\Program Files\Fichiers communs\.
[09/12/2007|23:19] C:\Program Files\Fichiers communs\..
[05/08/2007|11:56] C:\Program Files\Fichiers communs\Adobe
[09/09/2007|09:06] C:\Program Files\Fichiers communs\Ahead
[08/12/2007|15:32] C:\Program Files\Fichiers communs\Apple
[24/09/2007|20:06] C:\Program Files\Fichiers communs\AVSMedia
[09/09/2007|08:58] C:\Program Files\Fichiers communs\Designer
[29/08/2007|16:55] C:\Program Files\Fichiers communs\InstallShield
[02/08/2007|13:21] C:\Program Files\Fichiers communs\Java
[09/12/2007|23:24] C:\Program Files\Fichiers communs\Microsoft Shared
[17/05/2007|09:14] C:\Program Files\Fichiers communs\MSSoap
[06/11/2007|22:42] C:\Program Files\Fichiers communs\muvee Technologies
[27/06/2007|17:02] C:\Program Files\Fichiers communs\Nero
[06/11/2007|22:44] C:\Program Files\Fichiers communs\Nikon
[09/09/2007|08:59] C:\Program Files\Fichiers communs\ODBC
[17/05/2007|09:15] C:\Program Files\Fichiers communs\Services
[17/05/2007|10:58] C:\Program Files\Fichiers communs\SpeechEngines
[13/08/2007|12:07] C:\Program Files\Fichiers communs\Symantec Shared
[09/09/2007|08:53] C:\Program Files\Fichiers communs\System
[09/12/2007|23:24] C:\Program Files\Fichiers communs\WindowsLiveInstaller
[03/11/2007|10:36] C:\Program Files\Fichiers communs\Wise Installation Wizard

----------------------[ Recherche avec S_Lop ]---------------------

Aucun fichier / dossier Lop trouvé !

-----------------[ Recherche de Fichiers / Dossiers Lop ]-----------------

Aucun fichier / dossier Lop trouvé !

----------------------[ Verification du Registre ]----------------------

..... OK !

--------------------[ Verification du fichier Hosts ]---------------------

Fichier Hosts PROPRE


----------------[ Recherche de fichiers avec Catchme ]-----------------

catchme 0.3.1262 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-03-16 12:07:50
Windows 5.1.2600 Service Pack 2 NTFS
scanning hidden files ...
scan completed successfully
hidden files: 0

--------------------[ Recherche d'autres infections ]---------------------

Aucune autre infection trouvée !

/!\ [Fich:11][Doss:3] C:\DOCUME~1\Doday\LOCALS~1\Temp
/!\ [Fich:137][Doss:0] C:\DOCUME~1\Doday\Cookies
/!\ [Fich:64][Doss:4] C:\DOCUME~1\Doday\LOCALS~1\TEMPOR~1\content.IE5

--------------------[ Fin du rapport a 12:08:17,62 ]----------------------


Pareil il ma détécter des virus apres la suppression

re

je voudrais le rapport de suppression de BTFix  

et tu fais sa comment ?

je te l'avais déjà expliqué.

BTFix 1.086 (par bibi26) - 17/03/2008 00:14:01 - Nettoyage - Mode normal
Lancé depuis C:\Documents and Settings\Doday\Bureau\BTFix\BTFix\BTFix.exe

---> Fichiers/dossiers supprimés (Première passe)

- Fichiers temporaires effacés
- [Heuristique : Dealio Toolbar] C:\WINDOWS\Installer\4e33fa9.msi
- [Heuristique : Search Settings] C:\WINDOWS\Installer\4e33fae.msi
- C:\WINDOWS\Installer\{90529245-9C54-45B5-BBB3-B180CA04F248}\
- C:\WINDOWS\Installer\{5F9593C6-27DF-46E3-8CD7-0AA33BAFEDD8}\
- C:\Program Files\Search Settings\kb125\res\
- C:\Program Files\Search Settings\kb125\temp\
- C:\Program Files\Search Settings\kb125\
- C:\Program Files\Search Settings\
- C:\Program Files\Mozilla Firefox\extensions\toolbar@dealio.com\CHROME\CONTENT\
- C:\Program Files\Mozilla Firefox\extensions\toolbar@dealio.com\CHROME\LOCALE\EN-US\
- C:\Program Files\Mozilla Firefox\extensions\toolbar@dealio.com\CHROME\LOCALE\
- C:\Program Files\Mozilla Firefox\extensions\toolbar@dealio.com\CHROME\SKIN\
- C:\Program Files\Mozilla Firefox\extensions\toolbar@dealio.com\CHROME\
- C:\Program Files\Mozilla Firefox\extensions\toolbar@dealio.com\COMPONENTS\
- C:\Program Files\Mozilla Firefox\extensions\toolbar@dealio.com\
- C:\Program Files\Mozilla Firefox\extensions\search@searchsettings.com\CHROME\CONTENT\
- C:\Program Files\Mozilla Firefox\extensions\search@searchsettings.com\CHROME\LOCALE\EN-US\
- C:\Program Files\Mozilla Firefox\extensions\search@searchsettings.com\CHROME\LOCALE\
- C:\Program Files\Mozilla Firefox\extensions\search@searchsettings.com\CHROME\SKIN\
- C:\Program Files\Mozilla Firefox\extensions\search@searchsettings.com\CHROME\
- C:\Program Files\Mozilla Firefox\extensions\search@searchsettings.com\COMPONENTS\
- C:\Program Files\Mozilla Firefox\extensions\search@searchsettings.com\
- C:\Documents and Settings\Doday\Application Data\Search Settings\kb125\res\
- C:\Documents and Settings\Doday\Application Data\Search Settings\kb125\temp\
- C:\Documents and Settings\Doday\Application Data\Search Settings\kb125\
- C:\Documents and Settings\Doday\Application Data\Search Settings\
- C:\Documents and Settings\Doday\Application Data\Dealio\kb125\res\
- C:\Documents and Settings\Doday\Application Data\Dealio\kb125\resFF\
- C:\Documents and Settings\Doday\Application Data\Dealio\kb125\rules\
- C:\Documents and Settings\Doday\Application Data\Dealio\kb125\rulesFF\
- C:\Documents and Settings\Doday\Application Data\Dealio\kb125\temp\
- C:\Documents and Settings\Doday\Application Data\Dealio\kb125\
- C:\Documents and Settings\Doday\Application Data\Dealio\

---> Nettoyage terminé

bonsoir

reposte un log hijackthis stp

Bonsoir !

voici :

Logfile of HijackThis v1.99.1
Scan saved at 17:21:22, on 17/03/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Program Files\USB Disk Win98 Driver\Res.EXE
C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe
C:\outils\DAEMON Tools\daemon.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Sandisk\Common\Bin\WinCinemaMgr.exe
C:\Program Files\Nikon\PictureProject\NkbMonitor.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Program Files\Windows Live\Messenger\usnsvc.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\Doday\Bureau\hijackthis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O4 - HKLM\..\Run: [Raccourci vers la page des propriétés de High Definition Audio] HDAShCut.exe
O4 - HKLM\..\Run: [ATICCC] "C:\Program Files\ATI Technologies\ATI.ACE\cli.exe" runtime
O4 - HKLM\..\Run: [USB Storage Toolbox] C:\Program Files\USB Disk Win98 Driver\Res.EXE
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [DAEMON Tools] "C:\outils\DAEMON Tools\daemon.exe" -lang 1033
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [eMuleAutoStart] C:\Program Files\eMule\emule.exe -AutoStart
O4 - Global Startup: WinCinema Manager.lnk = C:\Program Files\Sandisk\Common\Bin\WinCinemaMgr.exe
O4 - Global Startup: NkbMonitor.exe.lnk = C:\Program Files\Nikon\PictureProject\NkbMonitor.exe
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Easy-WebPrint Ajouter à la liste d'impressions - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_AddToList.html
O8 - Extra context menu item: Easy-WebPrint Impression rapide - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_HSPrint.html
O8 - Extra context menu item: Easy-WebPrint Imprimer - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_Print.html
O8 - Extra context menu item: Easy-WebPrint Prévisualiser - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_Preview.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: Stop Pub - {10954C80-4F0F-11d3-B17C-00C0DFE39736} - C:\Program Files\JCA2000\StopPub\StopPub.exe
O9 - Extra 'Tools' menuitem: Stop Pub - {10954C80-4F0F-11d3-B17C-00C0DFE39736} - C:\Program Files\JCA2000\StopPub\StopPub.exe
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O10 - Unknown file in Winsock LSP: c:\program files\bonjour\mdnsnsp.dll
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://webscanner.kaspersky.fr/kavwebscan_unicode.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986....
O16 - DPF: {4A85DBE0-BFB2-4119-8401-186A7C6EB653} - http://messenger.zone.msn.com/binary/MJSS.cab69309.cab
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.ca...
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.zebulon.fr/scan8/oscan8.cab
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/2005111401/housecall...
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://messenger.zone.msn.com/binary/ZIntro.cab56649.ca...
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPACl...
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL
O18 - Protocol: wlmailhtml - {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Program Files\Windows Live\Mail\mailcomm.dll
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft AB - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe

re

tu vas remplacer Avast! par Antivir, qui lui est un vrai antivirus, tu vas faire un scan avec et poster le rapport.  


Désinstalle correctement Avast!


Pour le remplacer par Antivir.

-->Tuto<--


Pourquoi changer ? : Avast! vs Antivir

AntiVir PersonalEdition Classic
Report file date: lundi 17 mars 2008 20:54

Scanning for 1150818 virus strains and unwanted programs.

Licensed to: Avira AntiVir PersonalEdition Classic
Serial number: 0000149996-ADJIE-0001
Platform: Windows XP
Windows version: (Service Pack 2) [5.1.2600]
Username: Doday
Computer name: DAUDAY-650977F5

Version information:
BUILD.DAT : 270 15603 Bytes 19/09/2007 13:32:00
AVSCAN.EXE : 7.0.6.1 290856 Bytes 23/08/2007 13:16:29
AVSCAN.DLL : 7.0.6.0 49192 Bytes 16/08/2007 12:23:51
LUKE.DLL : 7.0.5.3 147496 Bytes 14/08/2007 15:32:47
LUKERES.DLL : 7.0.6.1 10280 Bytes 21/08/2007 12:35:20
ANTIVIR0.VDF : 6.40.0.0 11030528 Bytes 18/07/2007 14:27:15
ANTIVIR1.VDF : 7.0.3.2 5447168 Bytes 07/03/2008 19:09:23
ANTIVIR2.VDF : 7.0.3.3 2048 Bytes 07/03/2008 19:09:23
ANTIVIR3.VDF : 7.0.3.41 197632 Bytes 17/03/2008 19:09:23
AVEWIN32.DLL : 7.6.0.73 3334656 Bytes 17/03/2008 19:09:24
AVWINLL.DLL : 1.0.0.7 14376 Bytes 26/02/2007 10:36:26
AVPREF.DLL : 7.0.2.2 25640 Bytes 18/07/2007 07:39:17
AVREP.DLL : 7.0.0.1 155688 Bytes 16/04/2007 13:16:24
AVPACK32.DLL : 7.6.0.3 360488 Bytes 17/03/2008 19:09:24
AVREG.DLL : 7.0.1.6 30760 Bytes 18/07/2007 07:17:06
AVARKT.DLL : 1.0.0.20 278568 Bytes 28/08/2007 12:26:33
AVEVTLOG.DLL : 7.0.0.20 86056 Bytes 18/07/2007 07:10:18
NETNT.DLL : 7.0.0.0 7720 Bytes 08/03/2007 11:09:42
RCIMAGE.DLL : 7.0.1.30 2342952 Bytes 07/08/2007 12:38:13
RCTEXT.DLL : 7.0.62.0 86056 Bytes 21/08/2007 12:50:37
SQLITE3.DLL : 3.3.17.1 339968 Bytes 23/07/2007 09:37:21

Configuration settings for the scan:
Jobname..........................: Manual Selection
Configuration file...............: C:\Documents and Settings\All Users\Application Data\Avira\AntiVir PersonalEdition Classic\PROFILES\folder.avp
Logging..........................: low
Primary action...................: interactive
Secondary action.................: ignore
Scan master boot sector..........: off
Scan boot sector.................: on
Boot sectors.....................: C:,
Scan memory......................: on
Process scan.....................: on
Scan registry....................: on
Search for rootkits..............: off
Scan all files...................: All files
Scan archives....................: on
Recursion depth..................: 20
Smart extensions.................: on
Deviating archive types..........: +BSD Mailbox, +Netscape/Mozilla Mailbox, +Eudora Mailbox, +Squid cache, +Pegasus Mailbox, +MS Outlook Mailbox,
Macro heuristic..................: on
File heuristic...................: medium
Deviating risk categories........: +APPL,+GAME,+JOKE,+PCK,+SPR,

Start of the scan: lundi 17 mars 2008 20:54

The scan of running processes will be started
Scan process 'avscan.exe' - '1' Module(s) have been scanned
Scan process 'avcenter.exe' - '1' Module(s) have been scanned
Scan process 'explorer.exe' - '1' Module(s) have been scanned
Scan process 'aawservice.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'lsass.exe' - '1' Module(s) have been scanned
Scan process 'services.exe' - '1' Module(s) have been scanned
Scan process 'winlogon.exe' - '1' Module(s) have been scanned
Scan process 'csrss.exe' - '1' Module(s) have been scanned
Scan process 'smss.exe' - '1' Module(s) have been scanned
14 processes with 14 modules were scanned

Start scanning boot sectors:
Boot sector 'C:\'
[NOTE] No virus was found!

Starting to scan the registry.
The registry was scanned ( '32' files ).


Starting the file scan:

Begin scan in 'C:\'
C:\pagefile.sys
[WARNING] The file could not be opened!
C:\Documents and Settings\Doday\Application Data\safeviewface\djudutjs.exe
[DETECTION] Is the Trojan horse TR/Dldr.Swizzor.Gen
[INFO] The file was deleted!
C:\Documents and Settings\Doday\Application Data\safeviewface\fmgyyhvj.exe
[DETECTION] Is the Trojan horse TR/Dldr.Swizzor.Gen
[INFO] The file was deleted!
C:\Documents and Settings\Doday\Application Data\safeviewface\mfonbzbi.exe
[DETECTION] Is the Trojan horse TR/Dldr.Swizzor.Gen
[INFO] The file was deleted!
C:\Documents and Settings\Doday\Bureau\ComboFix.exe
[0] Archive type: RAR SFX (self extracting)
--> 327882R2FWJFW\psexec.cfexe
[DETECTION] Contains detection pattern of the application APPL/Rmadmin.131072
[INFO] The file was deleted!
C:\WINDOWS\Nircmd.exe
[DETECTION] Contains detection pattern of the application APPL/NirCmd.3
[INFO] The file was deleted!
C:\WINDOWS\system32\drivers\sptd.sys
[WARNING] The file could not be opened!


End of the scan: lundi 17 mars 2008 21:40
Used time: 46:42 min

The scan has been done completely.

6732 Scanning directories
231507 Files were scanned
5 viruses and/or unwanted programs were found
0 Files were classified as suspicious:
5 files were deleted
0 files were repaired
0 files were moved to quarantine
0 files were renamed
2 Files cannot be scanned
231502 Files not concerned
1239 Archives were scanned
2 Warnings
0 Notes

ps: j'ai fait supprime pour els virus trouver !

ok

supprime le dossier:
C:\Documents and Settings\Doday\Application Data\safeviewface
Note :

Les fichiers et dossiers cachés du système apparaissent alors dans l'explorateur Windows en transparence.


tu as encore des soucis?

béé c en anglais ?

bonsoir


tu parles d'antivir?
ce n'est pas compliqué à utiliser, je t'ai donné un tuto...

tu as fait ce que je t'ai demandé?

oui mais je vois pas ce que tu veux dire par els dossiers transparents

si tu fais exactement comme je te l'explique pour afficher tes fichiers et dossiers cachés, les cachés seront plus "transparents" que les autres
et tu as besoin de faire ça pour supprimer le dossier que je souhaite que tu supprimes.

ok d'accord !