[Résolu] problemes de pages de pub qui s'ouvrent seules

Bonjour,

Télécharge Lop S&D.exe sur ton Bureau.

Double-clique dessus pour lancer l'installation

Puis double-clique sur le raccourci Lop S&D présent sur ton Bureau

Séléctionne la langue souhaitée , puis choisis l'option 1 (Recherche)

Patiente jusqu'à la fin du scan

Poste le rapport généré (C:\lopR.txt)

(Si le Bureau ne réapparait pas presse Ctrl + Alt + Suppr , Onglet Fichier , Nouvelle tâche , tape explorer.exe et valide)

merci de la rapidité de ta réponse

voici le rapport



-----------------------[ Lop S&D 4.1.0-2 XP/Vista ]---------------------

[ Windows XP (NT 5.1) Build 2600, Service Pack 2 ]
[ USER : Sandie ] [ "C:\Lop SD" ]
[ 26/03/2008 | 18:41:41,20 ] [ PC : SALON ]
[ MAJ : 26-03-2008 | 13:15 ]

-------------[ Listing des dossiers dans Application Data ]------------

[08/03/2008|17:32] C:\DOCUME~1\ALLUSE~1\APPLIC~1\.
[08/03/2008|17:32] C:\DOCUME~1\ALLUSE~1\APPLIC~1\..
[10/02/2008|17:47] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe
[02/01/2008|18:31] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple Computer
[22/03/2007|11:41] C:\DOCUME~1\ALLUSE~1\APPLIC~1\desktop.ini
[29/03/2007|18:19] C:\DOCUME~1\ALLUSE~1\APPLIC~1\ESTsoft
[22/03/2007|19:36] C:\DOCUME~1\ALLUSE~1\APPLIC~1\hpzinstall.log
[16/06/2007|18:23] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Messenger Plus!
[12/02/2008|22:24] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft
[22/03/2007|14:21] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Network Associates
[14/02/2008|19:02] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Part Hide Grey Pop
[02/01/2008|12:43] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Prevx
[22/03/2007|11:53] C:\DOCUME~1\ALLUSE~1\APPLIC~1\SBSI
[03/02/2008|16:43] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Spybot - Search & Destroy
[08/03/2008|17:32] C:\DOCUME~1\ALLUSE~1\APPLIC~1\SUPERAntiSpyware.com
[22/03/2007|15:42] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Genuine Advantage
[20/10/2007|17:50] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Live Toolbar
[02/01/2008|12:03] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WLInstaller

[22/03/2007|11:41] C:\DOCUME~1\DEFAUL~1\APPLIC~1\.
[22/03/2007|11:41] C:\DOCUME~1\DEFAUL~1\APPLIC~1\..
[22/03/2007|11:41] C:\DOCUME~1\DEFAUL~1\APPLIC~1\desktop.ini
[22/03/2007|11:51] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Identities
[22/03/2007|11:40] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft

[20/03/2008|19:40] C:\DOCUME~1\FRANOI~1\APPLIC~1\.
[20/03/2008|19:40] C:\DOCUME~1\FRANOI~1\APPLIC~1\..
[08/07/2007|20:20] C:\DOCUME~1\FRANOI~1\APPLIC~1\ABBYY
[31/03/2007|09:30] C:\DOCUME~1\FRANOI~1\APPLIC~1\Adobe
[14/02/2008|19:02] C:\DOCUME~1\FRANOI~1\APPLIC~1\comp bolt eggs
[22/03/2007|11:41] C:\DOCUME~1\FRANOI~1\APPLIC~1\desktop.ini
[08/04/2007|09:09] C:\DOCUME~1\FRANOI~1\APPLIC~1\ESTsoft
[08/07/2007|20:29] C:\DOCUME~1\FRANOI~1\APPLIC~1\Google
[20/03/2008|19:40] C:\DOCUME~1\FRANOI~1\APPLIC~1\Help
[18/09/2007|18:16] C:\DOCUME~1\FRANOI~1\APPLIC~1\Hewlett-Packard
[26/03/2007|22:41] C:\DOCUME~1\FRANOI~1\APPLIC~1\Identities
[21/02/2008|20:08] C:\DOCUME~1\FRANOI~1\APPLIC~1\Macromedia
[25/03/2007|21:42] C:\DOCUME~1\FRANOI~1\APPLIC~1\MessengerSkinner
[02/01/2008|12:17] C:\DOCUME~1\FRANOI~1\APPLIC~1\Microsoft
[22/03/2007|22:29] C:\DOCUME~1\FRANOI~1\APPLIC~1\Mozilla
[14/02/2008|18:54] C:\DOCUME~1\FRANOI~1\APPLIC~1\MySpace
[02/01/2008|12:43] C:\DOCUME~1\FRANOI~1\APPLIC~1\PrevxCSI
[07/12/2007|22:19] C:\DOCUME~1\FRANOI~1\APPLIC~1\Real
[07/04/2007|18:25] C:\DOCUME~1\FRANOI~1\APPLIC~1\Sun
[08/03/2008|17:32] C:\DOCUME~1\FRANOI~1\APPLIC~1\SUPERAntiSpyware.com
[24/05/2007|21:45] C:\DOCUME~1\FRANOI~1\APPLIC~1\vlc

[08/03/2008|15:05] C:\DOCUME~1\INVIT~1\APPLIC~1\.
[08/03/2008|15:05] C:\DOCUME~1\INVIT~1\APPLIC~1\..
[22/03/2007|11:41] C:\DOCUME~1\INVIT~1\APPLIC~1\desktop.ini
[22/03/2007|11:51] C:\DOCUME~1\INVIT~1\APPLIC~1\Identities
[31/12/2007|14:51] C:\DOCUME~1\INVIT~1\APPLIC~1\Macromedia
[31/12/2007|16:38] C:\DOCUME~1\INVIT~1\APPLIC~1\Microsoft
[31/12/2007|14:44] C:\DOCUME~1\INVIT~1\APPLIC~1\Mozilla
[08/03/2008|15:05] C:\DOCUME~1\INVIT~1\APPLIC~1\MySpace
[31/12/2007|14:44] C:\DOCUME~1\INVIT~1\APPLIC~1\Real

[13/10/2007|09:13] C:\DOCUME~1\Jeff\APPLIC~1\.
[13/10/2007|09:13] C:\DOCUME~1\Jeff\APPLIC~1\..
[29/03/2007|19:16] C:\DOCUME~1\Jeff\APPLIC~1\ABBYY
[22/03/2007|16:17] C:\DOCUME~1\Jeff\APPLIC~1\Adobe
[21/04/2007|23:40] C:\DOCUME~1\Jeff\APPLIC~1\Apple Computer
[22/03/2007|11:41] C:\DOCUME~1\Jeff\APPLIC~1\desktop.ini
[29/03/2007|18:19] C:\DOCUME~1\Jeff\APPLIC~1\ESTsoft
[26/03/2007|21:22] C:\DOCUME~1\Jeff\APPLIC~1\Hewlett-Packard
[26/03/2007|21:25] C:\DOCUME~1\Jeff\APPLIC~1\HPCOM_48BitScanUpdate.log
[22/03/2007|11:51] C:\DOCUME~1\Jeff\APPLIC~1\Identities
[22/03/2007|17:12] C:\DOCUME~1\Jeff\APPLIC~1\Macromedia
[10/04/2007|18:21] C:\DOCUME~1\Jeff\APPLIC~1\MailFrontier
[24/01/2008|13:36] C:\DOCUME~1\Jeff\APPLIC~1\Microsoft
[26/03/2007|07:28] C:\DOCUME~1\Jeff\APPLIC~1\Microsoft Web Folders
[22/03/2007|15:15] C:\DOCUME~1\Jeff\APPLIC~1\Mozilla
[14/04/2007|13:52] C:\DOCUME~1\Jeff\APPLIC~1\Notepad++
[14/04/2007|13:47] C:\DOCUME~1\Jeff\APPLIC~1\Nvu
[15/04/2007|18:24] C:\DOCUME~1\Jeff\APPLIC~1\OpenOffice.org2
[13/10/2007|09:13] C:\DOCUME~1\Jeff\APPLIC~1\Real
[27/03/2007|00:06] C:\DOCUME~1\Jeff\APPLIC~1\Sun
[11/04/2007|20:42] C:\DOCUME~1\Jeff\APPLIC~1\vlc

[22/03/2007|11:51] C:\DOCUME~1\LOCALS~1\APPLIC~1\.
[22/03/2007|11:51] C:\DOCUME~1\LOCALS~1\APPLIC~1\..
[22/03/2007|17:14] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft

[22/03/2007|11:51] C:\DOCUME~1\NETWOR~1\APPLIC~1\.
[22/03/2007|11:51] C:\DOCUME~1\NETWOR~1\APPLIC~1\..
[02/01/2008|12:32] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft

[22/03/2007|11:41] C:\DOCUME~1\PROPRI~1\APPLIC~1\.
[22/03/2007|11:41] C:\DOCUME~1\PROPRI~1\APPLIC~1\..
[22/03/2007|11:41] C:\DOCUME~1\PROPRI~1\APPLIC~1\desktop.ini
[22/03/2007|11:51] C:\DOCUME~1\PROPRI~1\APPLIC~1\Identities
[22/03/2007|11:40] C:\DOCUME~1\PROPRI~1\APPLIC~1\Microsoft

[18/03/2008|20:24] C:\DOCUME~1\Sandie\APPLIC~1\.
[18/03/2008|20:24] C:\DOCUME~1\Sandie\APPLIC~1\..
[12/04/2007|15:54] C:\DOCUME~1\Sandie\APPLIC~1\Adobe
[20/05/2007|20:47] C:\DOCUME~1\Sandie\APPLIC~1\Apple Computer
[14/02/2008|20:05] C:\DOCUME~1\Sandie\APPLIC~1\comp bolt eggs
[22/03/2007|11:41] C:\DOCUME~1\Sandie\APPLIC~1\desktop.ini
[17/04/2007|21:09] C:\DOCUME~1\Sandie\APPLIC~1\ESTsoft
[22/03/2007|19:37] C:\DOCUME~1\Sandie\APPLIC~1\Hewlett-Packard
[22/03/2007|11:51] C:\DOCUME~1\Sandie\APPLIC~1\Identities
[14/10/2007|21:08] C:\DOCUME~1\Sandie\APPLIC~1\Macromedia
[13/01/2008|15:10] C:\DOCUME~1\Sandie\APPLIC~1\Microsoft
[22/03/2007|19:20] C:\DOCUME~1\Sandie\APPLIC~1\Mozilla
[12/02/2008|22:24] C:\DOCUME~1\Sandie\APPLIC~1\MySpace
[24/01/2008|22:48] C:\DOCUME~1\Sandie\APPLIC~1\OpenOffice.org2
[06/10/2007|19:23] C:\DOCUME~1\Sandie\APPLIC~1\Real
[23/12/2007|11:29] C:\DOCUME~1\Sandie\APPLIC~1\Screenshot Sender
[22/04/2007|13:08] C:\DOCUME~1\Sandie\APPLIC~1\Sun
[18/03/2008|20:24] C:\DOCUME~1\Sandie\APPLIC~1\SUPERAntiSpyware.com
[28/03/2007|21:07] C:\DOCUME~1\Sandie\APPLIC~1\vlc

----------------[ Tâches planifiées dans C:\WINDOWS\tasks ]---------------

[26/03/2008 18:00][--ah-----] C:\WINDOWS\tasks\AB8BA1AB91885393.job
[25/03/2008 19:37][--a------] C:\WINDOWS\tasks\FRU Task #Hewlett-Packard#hp psc 1100 series#1174588571.job
[26/03/2008 16:01][--ah-----] C:\WINDOWS\tasks\SA.DAT
[28/08/2001 12:00][-r-h-c---] C:\WINDOWS\tasks\desktop.ini

---------------[ Listing des dossiers dans C:\Program Files ]--------------

[12/03/2008|17:25] C:\Program Files\.
[12/03/2008|17:25] C:\Program Files\..
[02/01/2008|13:46] C:\Program Files\ABBYY FineReader 8.0 Professional Edition
[10/02/2008|17:46] C:\Program Files\Adobe
[29/05/2007|19:32] C:\Program Files\Alcohol Soft
[01/04/2007|18:36] C:\Program Files\ArcSoft
[28/03/2007|17:21] C:\Program Files\Axon Data
[13/11/2007|20:36] C:\Program Files\BearShare
[06/08/2007|18:42] C:\Program Files\Buzz
[12/03/2008|17:21] C:\Program Files\Casperlab Software
[08/03/2008|15:37] C:\Program Files\CCleaner
[29/05/2007|19:42] C:\Program Files\CDBurnerXP Pro 3
[12/12/2007|21:13] C:\Program Files\CDex_170b2
[14/02/2008|19:02] C:\Program Files\comp bolt eggs
[22/03/2007|11:45] C:\Program Files\ComPlus Applications
[02/09/2007|18:46] C:\Program Files\DivX
[22/04/2007|18:47] C:\Program Files\EHMINSTALL
[29/03/2007|18:19] C:\Program Files\ESTsoft
[03/02/2008|16:32] C:\Program Files\Everest Poker
[08/03/2008|17:31] C:\Program Files\Fichiers communs
[28/05/2007|18:32] C:\Program Files\FileZilla
[11/04/2007|18:37] C:\Program Files\FLVPlayer
[28/05/2007|18:53] C:\Program Files\Free Audio Pack
[24/01/2008|13:49] C:\Program Files\Gimp
[08/07/2007|20:27] C:\Program Files\Google
[08/04/2007|10:46] C:\Program Files\Guitar Pro 4
[24/01/2008|13:50] C:\Program Files\GuitarFX 3
[22/03/2007|19:35] C:\Program Files\Hewlett-Packard
[26/03/2007|21:24] C:\Program Files\HP
[11/04/2007|20:53] C:\Program Files\i2p
[29/05/2007|20:14] C:\Program Files\InfraRecorder
[07/02/2008|22:51] C:\Program Files\InstallShield Installation Information
[12/02/2008|22:51] C:\Program Files\Internet Explorer
[08/03/2008|17:30] C:\Program Files\Java
[06/08/2007|17:43] C:\Program Files\Jeskola Buzz
[25/08/2007|15:28] C:\Program Files\Linksys Wireless-G PCI Wireless Network Monitor
[22/03/2007|15:50] C:\Program Files\Messenger
[03/02/2008|17:56] C:\Program Files\Messenger Plus! Live
[26/03/2007|07:28] C:\Program Files\microsoft frontpage
[26/03/2007|07:28] C:\Program Files\Microsoft Office
[11/04/2007|21:13] C:\Program Files\Microsoft Visual Studio
[22/03/2007|11:52] C:\Program Files\MouseWare
[22/03/2007|12:32] C:\Program Files\Movie Maker
[26/03/2008|17:41] C:\Program Files\Mozilla Firefox
[22/03/2007|11:45] C:\Program Files\MSN
[22/03/2007|11:45] C:\Program Files\MSN Gaming Zone
[03/02/2008|16:50] C:\Program Files\MSN Messenger
[22/03/2007|15:57] C:\Program Files\MSXML 4.0
[09/03/2008|13:55] C:\Program Files\MySpace
[22/03/2007|12:29] C:\Program Files\NetMeeting
[22/03/2007|14:21] C:\Program Files\Network Associates
[24/01/2008|13:50] C:\Program Files\Nvu
[10/04/2007|18:43] C:\Program Files\OpenOffice.org 2.2
[16/06/2007|18:21] C:\Program Files\Outlook Express
[04/01/2008|22:35] C:\Program Files\pacificpoker.exe
[21/10/2007|16:36] C:\Program Files\Photo Story 3 for Windows
[06/10/2007|19:18] C:\Program Files\Real
[22/03/2007|11:45] C:\Program Files\Services en ligne
[06/08/2007|17:27] C:\Program Files\Sony Setup
[03/02/2008|16:45] C:\Program Files\Spybot - Search & Destroy
[03/02/2008|17:47] C:\Program Files\Spyware Terminator
[08/03/2008|17:32] C:\Program Files\SUPERAntiSpyware
[30/05/2007|19:59] C:\Program Files\Trust
[22/03/2007|11:51] C:\Program Files\Uninstall Information
[31/10/2007|22:14] C:\Program Files\Veoh Networks
[05/08/2007|16:45] C:\Program Files\VideoLAN
[12/03/2008|17:25] C:\Program Files\WebPopupKiller
[06/06/2007|11:53] C:\Program Files\Winamp
[24/01/2008|13:51] C:\Program Files\Windows Live
[02/01/2008|13:52] C:\Program Files\Windows Live Toolbar
[22/03/2007|16:44] C:\Program Files\Windows Media Connect 2
[30/05/2007|19:56] C:\Program Files\Windows Media Player
[22/03/2007|12:28] C:\Program Files\Windows NT
[22/03/2007|15:17] C:\Program Files\WindowsUpdate
[22/03/2007|11:48] C:\Program Files\xerox
[09/06/2007|21:39] C:\Program Files\Zelda Return of the Hylian
[22/03/2007|18:25] C:\Program Files\Zone Labs

------[ Listing des dossiers dans C:\Program Files\Fichiers communs ]------

[08/03/2008|17:31] C:\Program Files\Fichiers communs\.
[08/03/2008|17:31] C:\Program Files\Fichiers communs\..
[10/02/2008|17:47] C:\Program Files\Fichiers communs\Adobe
[22/03/2007|14:21] C:\Program Files\Fichiers communs\Cisco Systems
[26/03/2007|07:30] C:\Program Files\Fichiers communs\Designer
[22/03/2007|19:30] C:\Program Files\Fichiers communs\Hewlett-Packard
[02/04/2007|09:15] C:\Program Files\Fichiers communs\InstallShield
[23/03/2007|19:51] C:\Program Files\Fichiers communs\Java
[22/03/2007|11:52] C:\Program Files\Fichiers communs\Logitech
[06/08/2007|17:59] C:\Program Files\Fichiers communs\MAGIX Shared
[02/01/2008|12:08] C:\Program Files\Fichiers communs\Microsoft Shared
[22/03/2007|11:46] C:\Program Files\Fichiers communs\MSSoap
[22/03/2007|14:20] C:\Program Files\Fichiers communs\Network Associates
[22/03/2007|11:41] C:\Program Files\Fichiers communs\ODBC
[30/05/2007|19:59] C:\Program Files\Fichiers communs\PCCamera
[06/10/2007|19:19] C:\Program Files\Fichiers communs\Real
[22/03/2007|11:46] C:\Program Files\Fichiers communs\Services
[22/03/2007|11:41] C:\Program Files\Fichiers communs\SpeechEngines
[16/06/2007|18:21] C:\Program Files\Fichiers communs\System
[02/01/2008|12:08] C:\Program Files\Fichiers communs\WindowsLiveInstaller
[08/03/2008|17:31] C:\Program Files\Fichiers communs\Wise Installation Wizard
[06/10/2007|19:19] C:\Program Files\Fichiers communs\xing shared

----------------------[ Recherche avec S_Lop ]---------------------

Aucun fichier / dossier Lop trouvé !

-----------------[ Recherche de Fichiers / Dossiers Lop ]-----------------

C:\DOCUME~1\ALLUSE~1\APPLIC~1\Part Hide Grey Pop
C:\DOCUME~1\ALLUSE~1\APPLIC~1\Part Hide Grey Pop\Active Flag.exe
C:\DOCUME~1\ALLUSE~1\APPLIC~1\Part Hide Grey Pop\Bleh Heart.exe
C:\WINDOWS\Tasks\AB8BA1AB91885393.job

----------------------[ Verification du Registre ]----------------------

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Grey pop cake audio"="C:\\Documents and Settings\\All Users\\Application Data\\Part Hide Grey Pop\\Bleh Heart.exe"

--------------------[ Verification du fichier Hosts ]---------------------

Fichier Hosts PROPRE


----------------[ Recherche de fichiers avec Catchme ]-----------------

catchme 0.3.1262 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-03-26 18:43:10
Windows 5.1.2600 Service Pack 2 NTFS
scanning hidden files ...
scan completed successfully
hidden files: 0

--------------------[ Recherche d'autres infections ]---------------------

C:\WINDOWS\pack.epk
C:\WINDOWS\system32\nvs2.inf
C:\WINDOWS\system32\dbmefb_navps.dat
C:\WINDOWS\system32\dbmefb_nav.dat
C:\WINDOWS\system32\dbmefb.dat
! EGDACCESS !


/!\ [Fich:2946][Doss:54] C:\DOCUME~1\Sandie\LOCALS~1\Temp
/!\ [Fich:76][Doss:0] C:\DOCUME~1\Sandie\Cookies
/!\ [Fich:4408][Doss:8] C:\DOCUME~1\Sandie\LOCALS~1\TEMPOR~1\content.IE5

--------------------[ Fin du rapport a 18:43:44,26 ]----------------------

Re,

Relance Lop S&D

Choisis cette fois ci l'Option 2 (Suppression)

Ne ferme pas la fenêtre lors de la suppression !

Poste le rapport généré (C:\lopR.txt)

(Si le Bureau ne réapparaît pas, presse Ctrl + Alt + Suppr , Onglet Fichier , Nouvelle tâche , tape explorer.exe et valide)

voila le nouveau rapport


-----------------------[ Lop S&D 4.1.0-2 XP/Vista ]---------------------

[ Windows XP (NT 5.1) Build 2600, Service Pack 2 ]
[ USER : Sandie ] [ "C:\Lop SD" ]
[ 26/03/2008 | 18:41:41,20 ] [ PC : SALON ]
[ MAJ : 26-03-2008 | 13:15 ]

-------------[ Listing des dossiers dans Application Data ]------------

[08/03/2008|17:32] C:\DOCUME~1\ALLUSE~1\APPLIC~1\.
[08/03/2008|17:32] C:\DOCUME~1\ALLUSE~1\APPLIC~1\..
[10/02/2008|17:47] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe
[02/01/2008|18:31] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple Computer
[22/03/2007|11:41] C:\DOCUME~1\ALLUSE~1\APPLIC~1\desktop.ini
[29/03/2007|18:19] C:\DOCUME~1\ALLUSE~1\APPLIC~1\ESTsoft
[22/03/2007|19:36] C:\DOCUME~1\ALLUSE~1\APPLIC~1\hpzinstall.log
[16/06/2007|18:23] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Messenger Plus!
[12/02/2008|22:24] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft
[22/03/2007|14:21] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Network Associates
[14/02/2008|19:02] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Part Hide Grey Pop
[02/01/2008|12:43] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Prevx
[22/03/2007|11:53] C:\DOCUME~1\ALLUSE~1\APPLIC~1\SBSI
[03/02/2008|16:43] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Spybot - Search & Destroy
[08/03/2008|17:32] C:\DOCUME~1\ALLUSE~1\APPLIC~1\SUPERAntiSpyware.com
[22/03/2007|15:42] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Genuine Advantage
[20/10/2007|17:50] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Live Toolbar
[02/01/2008|12:03] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WLInstaller

[22/03/2007|11:41] C:\DOCUME~1\DEFAUL~1\APPLIC~1\.
[22/03/2007|11:41] C:\DOCUME~1\DEFAUL~1\APPLIC~1\..
[22/03/2007|11:41] C:\DOCUME~1\DEFAUL~1\APPLIC~1\desktop.ini
[22/03/2007|11:51] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Identities
[22/03/2007|11:40] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft

[20/03/2008|19:40] C:\DOCUME~1\FRANOI~1\APPLIC~1\.
[20/03/2008|19:40] C:\DOCUME~1\FRANOI~1\APPLIC~1\..
[08/07/2007|20:20] C:\DOCUME~1\FRANOI~1\APPLIC~1\ABBYY
[31/03/2007|09:30] C:\DOCUME~1\FRANOI~1\APPLIC~1\Adobe
[14/02/2008|19:02] C:\DOCUME~1\FRANOI~1\APPLIC~1\comp bolt eggs
[22/03/2007|11:41] C:\DOCUME~1\FRANOI~1\APPLIC~1\desktop.ini
[08/04/2007|09:09] C:\DOCUME~1\FRANOI~1\APPLIC~1\ESTsoft
[08/07/2007|20:29] C:\DOCUME~1\FRANOI~1\APPLIC~1\Google
[20/03/2008|19:40] C:\DOCUME~1\FRANOI~1\APPLIC~1\Help
[18/09/2007|18:16] C:\DOCUME~1\FRANOI~1\APPLIC~1\Hewlett-Packard
[26/03/2007|22:41] C:\DOCUME~1\FRANOI~1\APPLIC~1\Identities
[21/02/2008|20:08] C:\DOCUME~1\FRANOI~1\APPLIC~1\Macromedia
[25/03/2007|21:42] C:\DOCUME~1\FRANOI~1\APPLIC~1\MessengerSkinner
[02/01/2008|12:17] C:\DOCUME~1\FRANOI~1\APPLIC~1\Microsoft
[22/03/2007|22:29] C:\DOCUME~1\FRANOI~1\APPLIC~1\Mozilla
[14/02/2008|18:54] C:\DOCUME~1\FRANOI~1\APPLIC~1\MySpace
[02/01/2008|12:43] C:\DOCUME~1\FRANOI~1\APPLIC~1\PrevxCSI
[07/12/2007|22:19] C:\DOCUME~1\FRANOI~1\APPLIC~1\Real
[07/04/2007|18:25] C:\DOCUME~1\FRANOI~1\APPLIC~1\Sun
[08/03/2008|17:32] C:\DOCUME~1\FRANOI~1\APPLIC~1\SUPERAntiSpyware.com
[24/05/2007|21:45] C:\DOCUME~1\FRANOI~1\APPLIC~1\vlc

[08/03/2008|15:05] C:\DOCUME~1\INVIT~1\APPLIC~1\.
[08/03/2008|15:05] C:\DOCUME~1\INVIT~1\APPLIC~1\..
[22/03/2007|11:41] C:\DOCUME~1\INVIT~1\APPLIC~1\desktop.ini
[22/03/2007|11:51] C:\DOCUME~1\INVIT~1\APPLIC~1\Identities
[31/12/2007|14:51] C:\DOCUME~1\INVIT~1\APPLIC~1\Macromedia
[31/12/2007|16:38] C:\DOCUME~1\INVIT~1\APPLIC~1\Microsoft
[31/12/2007|14:44] C:\DOCUME~1\INVIT~1\APPLIC~1\Mozilla
[08/03/2008|15:05] C:\DOCUME~1\INVIT~1\APPLIC~1\MySpace
[31/12/2007|14:44] C:\DOCUME~1\INVIT~1\APPLIC~1\Real

[13/10/2007|09:13] C:\DOCUME~1\Jeff\APPLIC~1\.
[13/10/2007|09:13] C:\DOCUME~1\Jeff\APPLIC~1\..
[29/03/2007|19:16] C:\DOCUME~1\Jeff\APPLIC~1\ABBYY
[22/03/2007|16:17] C:\DOCUME~1\Jeff\APPLIC~1\Adobe
[21/04/2007|23:40] C:\DOCUME~1\Jeff\APPLIC~1\Apple Computer
[22/03/2007|11:41] C:\DOCUME~1\Jeff\APPLIC~1\desktop.ini
[29/03/2007|18:19] C:\DOCUME~1\Jeff\APPLIC~1\ESTsoft
[26/03/2007|21:22] C:\DOCUME~1\Jeff\APPLIC~1\Hewlett-Packard
[26/03/2007|21:25] C:\DOCUME~1\Jeff\APPLIC~1\HPCOM_48BitScanUpdate.log
[22/03/2007|11:51] C:\DOCUME~1\Jeff\APPLIC~1\Identities
[22/03/2007|17:12] C:\DOCUME~1\Jeff\APPLIC~1\Macromedia
[10/04/2007|18:21] C:\DOCUME~1\Jeff\APPLIC~1\MailFrontier
[24/01/2008|13:36] C:\DOCUME~1\Jeff\APPLIC~1\Microsoft
[26/03/2007|07:28] C:\DOCUME~1\Jeff\APPLIC~1\Microsoft Web Folders
[22/03/2007|15:15] C:\DOCUME~1\Jeff\APPLIC~1\Mozilla
[14/04/2007|13:52] C:\DOCUME~1\Jeff\APPLIC~1\Notepad++
[14/04/2007|13:47] C:\DOCUME~1\Jeff\APPLIC~1\Nvu
[15/04/2007|18:24] C:\DOCUME~1\Jeff\APPLIC~1\OpenOffice.org2
[13/10/2007|09:13] C:\DOCUME~1\Jeff\APPLIC~1\Real
[27/03/2007|00:06] C:\DOCUME~1\Jeff\APPLIC~1\Sun
[11/04/2007|20:42] C:\DOCUME~1\Jeff\APPLIC~1\vlc

[22/03/2007|11:51] C:\DOCUME~1\LOCALS~1\APPLIC~1\.
[22/03/2007|11:51] C:\DOCUME~1\LOCALS~1\APPLIC~1\..
[22/03/2007|17:14] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft

[22/03/2007|11:51] C:\DOCUME~1\NETWOR~1\APPLIC~1\.
[22/03/2007|11:51] C:\DOCUME~1\NETWOR~1\APPLIC~1\..
[02/01/2008|12:32] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft

[22/03/2007|11:41] C:\DOCUME~1\PROPRI~1\APPLIC~1\.
[22/03/2007|11:41] C:\DOCUME~1\PROPRI~1\APPLIC~1\..
[22/03/2007|11:41] C:\DOCUME~1\PROPRI~1\APPLIC~1\desktop.ini
[22/03/2007|11:51] C:\DOCUME~1\PROPRI~1\APPLIC~1\Identities
[22/03/2007|11:40] C:\DOCUME~1\PROPRI~1\APPLIC~1\Microsoft

[18/03/2008|20:24] C:\DOCUME~1\Sandie\APPLIC~1\.
[18/03/2008|20:24] C:\DOCUME~1\Sandie\APPLIC~1\..
[12/04/2007|15:54] C:\DOCUME~1\Sandie\APPLIC~1\Adobe
[20/05/2007|20:47] C:\DOCUME~1\Sandie\APPLIC~1\Apple Computer
[14/02/2008|20:05] C:\DOCUME~1\Sandie\APPLIC~1\comp bolt eggs
[22/03/2007|11:41] C:\DOCUME~1\Sandie\APPLIC~1\desktop.ini
[17/04/2007|21:09] C:\DOCUME~1\Sandie\APPLIC~1\ESTsoft
[22/03/2007|19:37] C:\DOCUME~1\Sandie\APPLIC~1\Hewlett-Packard
[22/03/2007|11:51] C:\DOCUME~1\Sandie\APPLIC~1\Identities
[14/10/2007|21:08] C:\DOCUME~1\Sandie\APPLIC~1\Macromedia
[13/01/2008|15:10] C:\DOCUME~1\Sandie\APPLIC~1\Microsoft
[22/03/2007|19:20] C:\DOCUME~1\Sandie\APPLIC~1\Mozilla
[12/02/2008|22:24] C:\DOCUME~1\Sandie\APPLIC~1\MySpace
[24/01/2008|22:48] C:\DOCUME~1\Sandie\APPLIC~1\OpenOffice.org2
[06/10/2007|19:23] C:\DOCUME~1\Sandie\APPLIC~1\Real
[23/12/2007|11:29] C:\DOCUME~1\Sandie\APPLIC~1\Screenshot Sender
[22/04/2007|13:08] C:\DOCUME~1\Sandie\APPLIC~1\Sun
[18/03/2008|20:24] C:\DOCUME~1\Sandie\APPLIC~1\SUPERAntiSpyware.com
[28/03/2007|21:07] C:\DOCUME~1\Sandie\APPLIC~1\vlc

----------------[ Tâches planifiées dans C:\WINDOWS\tasks ]---------------

[26/03/2008 18:00][--ah-----] C:\WINDOWS\tasks\AB8BA1AB91885393.job
[25/03/2008 19:37][--a------] C:\WINDOWS\tasks\FRU Task #Hewlett-Packard#hp psc 1100 series#1174588571.job
[26/03/2008 16:01][--ah-----] C:\WINDOWS\tasks\SA.DAT
[28/08/2001 12:00][-r-h-c---] C:\WINDOWS\tasks\desktop.ini

---------------[ Listing des dossiers dans C:\Program Files ]--------------

[12/03/2008|17:25] C:\Program Files\.
[12/03/2008|17:25] C:\Program Files\..
[02/01/2008|13:46] C:\Program Files\ABBYY FineReader 8.0 Professional Edition
[10/02/2008|17:46] C:\Program Files\Adobe
[29/05/2007|19:32] C:\Program Files\Alcohol Soft
[01/04/2007|18:36] C:\Program Files\ArcSoft
[28/03/2007|17:21] C:\Program Files\Axon Data
[13/11/2007|20:36] C:\Program Files\BearShare
[06/08/2007|18:42] C:\Program Files\Buzz
[12/03/2008|17:21] C:\Program Files\Casperlab Software
[08/03/2008|15:37] C:\Program Files\CCleaner
[29/05/2007|19:42] C:\Program Files\CDBurnerXP Pro 3
[12/12/2007|21:13] C:\Program Files\CDex_170b2
[14/02/2008|19:02] C:\Program Files\comp bolt eggs
[22/03/2007|11:45] C:\Program Files\ComPlus Applications
[02/09/2007|18:46] C:\Program Files\DivX
[22/04/2007|18:47] C:\Program Files\EHMINSTALL
[29/03/2007|18:19] C:\Program Files\ESTsoft
[03/02/2008|16:32] C:\Program Files\Everest Poker
[08/03/2008|17:31] C:\Program Files\Fichiers communs
[28/05/2007|18:32] C:\Program Files\FileZilla
[11/04/2007|18:37] C:\Program Files\FLVPlayer
[28/05/2007|18:53] C:\Program Files\Free Audio Pack
[24/01/2008|13:49] C:\Program Files\Gimp
[08/07/2007|20:27] C:\Program Files\Google
[08/04/2007|10:46] C:\Program Files\Guitar Pro 4
[24/01/2008|13:50] C:\Program Files\GuitarFX 3
[22/03/2007|19:35] C:\Program Files\Hewlett-Packard
[26/03/2007|21:24] C:\Program Files\HP
[11/04/2007|20:53] C:\Program Files\i2p
[29/05/2007|20:14] C:\Program Files\InfraRecorder
[07/02/2008|22:51] C:\Program Files\InstallShield Installation Information
[12/02/2008|22:51] C:\Program Files\Internet Explorer
[08/03/2008|17:30] C:\Program Files\Java
[06/08/2007|17:43] C:\Program Files\Jeskola Buzz
[25/08/2007|15:28] C:\Program Files\Linksys Wireless-G PCI Wireless Network Monitor
[22/03/2007|15:50] C:\Program Files\Messenger
[03/02/2008|17:56] C:\Program Files\Messenger Plus! Live
[26/03/2007|07:28] C:\Program Files\microsoft frontpage
[26/03/2007|07:28] C:\Program Files\Microsoft Office
[11/04/2007|21:13] C:\Program Files\Microsoft Visual Studio
[22/03/2007|11:52] C:\Program Files\MouseWare
[22/03/2007|12:32] C:\Program Files\Movie Maker
[26/03/2008|17:41] C:\Program Files\Mozilla Firefox
[22/03/2007|11:45] C:\Program Files\MSN
[22/03/2007|11:45] C:\Program Files\MSN Gaming Zone
[03/02/2008|16:50] C:\Program Files\MSN Messenger
[22/03/2007|15:57] C:\Program Files\MSXML 4.0
[09/03/2008|13:55] C:\Program Files\MySpace
[22/03/2007|12:29] C:\Program Files\NetMeeting
[22/03/2007|14:21] C:\Program Files\Network Associates
[24/01/2008|13:50] C:\Program Files\Nvu
[10/04/2007|18:43] C:\Program Files\OpenOffice.org 2.2
[16/06/2007|18:21] C:\Program Files\Outlook Express
[04/01/2008|22:35] C:\Program Files\pacificpoker.exe
[21/10/2007|16:36] C:\Program Files\Photo Story 3 for Windows
[06/10/2007|19:18] C:\Program Files\Real
[22/03/2007|11:45] C:\Program Files\Services en ligne
[06/08/2007|17:27] C:\Program Files\Sony Setup
[03/02/2008|16:45] C:\Program Files\Spybot - Search & Destroy
[03/02/2008|17:47] C:\Program Files\Spyware Terminator
[08/03/2008|17:32] C:\Program Files\SUPERAntiSpyware
[30/05/2007|19:59] C:\Program Files\Trust
[22/03/2007|11:51] C:\Program Files\Uninstall Information
[31/10/2007|22:14] C:\Program Files\Veoh Networks
[05/08/2007|16:45] C:\Program Files\VideoLAN
[12/03/2008|17:25] C:\Program Files\WebPopupKiller
[06/06/2007|11:53] C:\Program Files\Winamp
[24/01/2008|13:51] C:\Program Files\Windows Live
[02/01/2008|13:52] C:\Program Files\Windows Live Toolbar
[22/03/2007|16:44] C:\Program Files\Windows Media Connect 2
[30/05/2007|19:56] C:\Program Files\Windows Media Player
[22/03/2007|12:28] C:\Program Files\Windows NT
[22/03/2007|15:17] C:\Program Files\WindowsUpdate
[22/03/2007|11:48] C:\Program Files\xerox
[09/06/2007|21:39] C:\Program Files\Zelda Return of the Hylian
[22/03/2007|18:25] C:\Program Files\Zone Labs

------[ Listing des dossiers dans C:\Program Files\Fichiers communs ]------

[08/03/2008|17:31] C:\Program Files\Fichiers communs\.
[08/03/2008|17:31] C:\Program Files\Fichiers communs\..
[10/02/2008|17:47] C:\Program Files\Fichiers communs\Adobe
[22/03/2007|14:21] C:\Program Files\Fichiers communs\Cisco Systems
[26/03/2007|07:30] C:\Program Files\Fichiers communs\Designer
[22/03/2007|19:30] C:\Program Files\Fichiers communs\Hewlett-Packard
[02/04/2007|09:15] C:\Program Files\Fichiers communs\InstallShield
[23/03/2007|19:51] C:\Program Files\Fichiers communs\Java
[22/03/2007|11:52] C:\Program Files\Fichiers communs\Logitech
[06/08/2007|17:59] C:\Program Files\Fichiers communs\MAGIX Shared
[02/01/2008|12:08] C:\Program Files\Fichiers communs\Microsoft Shared
[22/03/2007|11:46] C:\Program Files\Fichiers communs\MSSoap
[22/03/2007|14:20] C:\Program Files\Fichiers communs\Network Associates
[22/03/2007|11:41] C:\Program Files\Fichiers communs\ODBC
[30/05/2007|19:59] C:\Program Files\Fichiers communs\PCCamera
[06/10/2007|19:19] C:\Program Files\Fichiers communs\Real
[22/03/2007|11:46] C:\Program Files\Fichiers communs\Services
[22/03/2007|11:41] C:\Program Files\Fichiers communs\SpeechEngines
[16/06/2007|18:21] C:\Program Files\Fichiers communs\System
[02/01/2008|12:08] C:\Program Files\Fichiers communs\WindowsLiveInstaller
[08/03/2008|17:31] C:\Program Files\Fichiers communs\Wise Installation Wizard
[06/10/2007|19:19] C:\Program Files\Fichiers communs\xing shared

----------------------[ Recherche avec S_Lop ]---------------------

Aucun fichier / dossier Lop trouvé !

-----------------[ Recherche de Fichiers / Dossiers Lop ]-----------------

C:\DOCUME~1\ALLUSE~1\APPLIC~1\Part Hide Grey Pop
C:\DOCUME~1\ALLUSE~1\APPLIC~1\Part Hide Grey Pop\Active Flag.exe
C:\DOCUME~1\ALLUSE~1\APPLIC~1\Part Hide Grey Pop\Bleh Heart.exe
C:\WINDOWS\Tasks\AB8BA1AB91885393.job

----------------------[ Verification du Registre ]----------------------

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Grey pop cake audio"="C:\\Documents and Settings\\All Users\\Application Data\\Part Hide Grey Pop\\Bleh Heart.exe"

--------------------[ Verification du fichier Hosts ]---------------------

Fichier Hosts PROPRE


----------------[ Recherche de fichiers avec Catchme ]-----------------

catchme 0.3.1262 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-03-26 18:43:10
Windows 5.1.2600 Service Pack 2 NTFS
scanning hidden files ...
scan completed successfully
hidden files: 0

--------------------[ Recherche d'autres infections ]---------------------

C:\WINDOWS\pack.epk
C:\WINDOWS\system32\nvs2.inf
C:\WINDOWS\system32\dbmefb_navps.dat
C:\WINDOWS\system32\dbmefb_nav.dat
C:\WINDOWS\system32\dbmefb.dat
! EGDACCESS !


/!\ [Fich:2946][Doss:54] C:\DOCUME~1\Sandie\LOCALS~1\Temp
/!\ [Fich:76][Doss:0] C:\DOCUME~1\Sandie\Cookies
/!\ [Fich:4408][Doss:8] C:\DOCUME~1\Sandie\LOCALS~1\TEMPOR~1\content.IE5

--------------------[ Fin du rapport a 18:43:44,26 ]----------------------

Option 2...

ha mince, excuse moi



-----------------------[ Lop S&D 4.1.0-2 XP/Vista ]---------------------

[ Windows XP (NT 5.1) Build 2600, Service Pack 2 ]
[ USER : Sandie ] [ "C:\Lop SD" ]
[ 26/03/2008 | 19:15:21,71 ] [ PC : SALON ]
[ MAJ : 26-03-2008 | 13:15 ]


//////////////////////////////////////-\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\


-------------[ Listing des dossiers dans Application Data ]------------

[26/03/2008|18:56] C:\DOCUME~1\ALLUSE~1\APPLIC~1\.
[26/03/2008|18:56] C:\DOCUME~1\ALLUSE~1\APPLIC~1\..
[10/02/2008|17:47] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe
[02/01/2008|18:31] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple Computer
[22/03/2007|11:41] C:\DOCUME~1\ALLUSE~1\APPLIC~1\desktop.ini
[29/03/2007|18:19] C:\DOCUME~1\ALLUSE~1\APPLIC~1\ESTsoft
[22/03/2007|19:36] C:\DOCUME~1\ALLUSE~1\APPLIC~1\hpzinstall.log
[16/06/2007|18:23] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Messenger Plus!
[12/02/2008|22:24] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft
[22/03/2007|14:21] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Network Associates
[02/01/2008|12:43] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Prevx
[22/03/2007|11:53] C:\DOCUME~1\ALLUSE~1\APPLIC~1\SBSI
[03/02/2008|16:43] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Spybot - Search & Destroy
[08/03/2008|17:32] C:\DOCUME~1\ALLUSE~1\APPLIC~1\SUPERAntiSpyware.com
[22/03/2007|15:42] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Genuine Advantage
[20/10/2007|17:50] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Live Toolbar
[02/01/2008|12:03] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WLInstaller

[22/03/2007|11:41] C:\DOCUME~1\DEFAUL~1\APPLIC~1\.
[22/03/2007|11:41] C:\DOCUME~1\DEFAUL~1\APPLIC~1\..
[22/03/2007|11:41] C:\DOCUME~1\DEFAUL~1\APPLIC~1\desktop.ini
[22/03/2007|11:51] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Identities
[22/03/2007|11:40] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft

[20/03/2008|19:40] C:\DOCUME~1\FRANOI~1\APPLIC~1\.
[20/03/2008|19:40] C:\DOCUME~1\FRANOI~1\APPLIC~1\..
[08/07/2007|20:20] C:\DOCUME~1\FRANOI~1\APPLIC~1\ABBYY
[31/03/2007|09:30] C:\DOCUME~1\FRANOI~1\APPLIC~1\Adobe
[14/02/2008|19:02] C:\DOCUME~1\FRANOI~1\APPLIC~1\comp bolt eggs
[22/03/2007|11:41] C:\DOCUME~1\FRANOI~1\APPLIC~1\desktop.ini
[08/04/2007|09:09] C:\DOCUME~1\FRANOI~1\APPLIC~1\ESTsoft
[08/07/2007|20:29] C:\DOCUME~1\FRANOI~1\APPLIC~1\Google
[20/03/2008|19:40] C:\DOCUME~1\FRANOI~1\APPLIC~1\Help
[18/09/2007|18:16] C:\DOCUME~1\FRANOI~1\APPLIC~1\Hewlett-Packard
[26/03/2007|22:41] C:\DOCUME~1\FRANOI~1\APPLIC~1\Identities
[21/02/2008|20:08] C:\DOCUME~1\FRANOI~1\APPLIC~1\Macromedia
[25/03/2007|21:42] C:\DOCUME~1\FRANOI~1\APPLIC~1\MessengerSkinner
[02/01/2008|12:17] C:\DOCUME~1\FRANOI~1\APPLIC~1\Microsoft
[22/03/2007|22:29] C:\DOCUME~1\FRANOI~1\APPLIC~1\Mozilla
[14/02/2008|18:54] C:\DOCUME~1\FRANOI~1\APPLIC~1\MySpace
[02/01/2008|12:43] C:\DOCUME~1\FRANOI~1\APPLIC~1\PrevxCSI
[07/12/2007|22:19] C:\DOCUME~1\FRANOI~1\APPLIC~1\Real
[07/04/2007|18:25] C:\DOCUME~1\FRANOI~1\APPLIC~1\Sun
[08/03/2008|17:32] C:\DOCUME~1\FRANOI~1\APPLIC~1\SUPERAntiSpyware.com
[24/05/2007|21:45] C:\DOCUME~1\FRANOI~1\APPLIC~1\vlc

[08/03/2008|15:05] C:\DOCUME~1\INVIT~1\APPLIC~1\.
[08/03/2008|15:05] C:\DOCUME~1\INVIT~1\APPLIC~1\..
[22/03/2007|11:41] C:\DOCUME~1\INVIT~1\APPLIC~1\desktop.ini
[22/03/2007|11:51] C:\DOCUME~1\INVIT~1\APPLIC~1\Identities
[31/12/2007|14:51] C:\DOCUME~1\INVIT~1\APPLIC~1\Macromedia
[31/12/2007|16:38] C:\DOCUME~1\INVIT~1\APPLIC~1\Microsoft
[31/12/2007|14:44] C:\DOCUME~1\INVIT~1\APPLIC~1\Mozilla
[08/03/2008|15:05] C:\DOCUME~1\INVIT~1\APPLIC~1\MySpace
[31/12/2007|14:44] C:\DOCUME~1\INVIT~1\APPLIC~1\Real

[13/10/2007|09:13] C:\DOCUME~1\Jeff\APPLIC~1\.
[13/10/2007|09:13] C:\DOCUME~1\Jeff\APPLIC~1\..
[29/03/2007|19:16] C:\DOCUME~1\Jeff\APPLIC~1\ABBYY
[22/03/2007|16:17] C:\DOCUME~1\Jeff\APPLIC~1\Adobe
[21/04/2007|23:40] C:\DOCUME~1\Jeff\APPLIC~1\Apple Computer
[22/03/2007|11:41] C:\DOCUME~1\Jeff\APPLIC~1\desktop.ini
[29/03/2007|18:19] C:\DOCUME~1\Jeff\APPLIC~1\ESTsoft
[26/03/2007|21:22] C:\DOCUME~1\Jeff\APPLIC~1\Hewlett-Packard
[26/03/2007|21:25] C:\DOCUME~1\Jeff\APPLIC~1\HPCOM_48BitScanUpdate.log
[22/03/2007|11:51] C:\DOCUME~1\Jeff\APPLIC~1\Identities
[22/03/2007|17:12] C:\DOCUME~1\Jeff\APPLIC~1\Macromedia
[10/04/2007|18:21] C:\DOCUME~1\Jeff\APPLIC~1\MailFrontier
[24/01/2008|13:36] C:\DOCUME~1\Jeff\APPLIC~1\Microsoft
[26/03/2007|07:28] C:\DOCUME~1\Jeff\APPLIC~1\Microsoft Web Folders
[22/03/2007|15:15] C:\DOCUME~1\Jeff\APPLIC~1\Mozilla
[14/04/2007|13:52] C:\DOCUME~1\Jeff\APPLIC~1\Notepad++
[14/04/2007|13:47] C:\DOCUME~1\Jeff\APPLIC~1\Nvu
[15/04/2007|18:24] C:\DOCUME~1\Jeff\APPLIC~1\OpenOffice.org2
[13/10/2007|09:13] C:\DOCUME~1\Jeff\APPLIC~1\Real
[27/03/2007|00:06] C:\DOCUME~1\Jeff\APPLIC~1\Sun
[11/04/2007|20:42] C:\DOCUME~1\Jeff\APPLIC~1\vlc

[22/03/2007|11:51] C:\DOCUME~1\LOCALS~1\APPLIC~1\.
[22/03/2007|11:51] C:\DOCUME~1\LOCALS~1\APPLIC~1\..
[22/03/2007|17:14] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft

[22/03/2007|11:51] C:\DOCUME~1\NETWOR~1\APPLIC~1\.
[22/03/2007|11:51] C:\DOCUME~1\NETWOR~1\APPLIC~1\..
[02/01/2008|12:32] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft

[22/03/2007|11:41] C:\DOCUME~1\PROPRI~1\APPLIC~1\.
[22/03/2007|11:41] C:\DOCUME~1\PROPRI~1\APPLIC~1\..
[22/03/2007|11:41] C:\DOCUME~1\PROPRI~1\APPLIC~1\desktop.ini
[22/03/2007|11:51] C:\DOCUME~1\PROPRI~1\APPLIC~1\Identities
[22/03/2007|11:40] C:\DOCUME~1\PROPRI~1\APPLIC~1\Microsoft

[18/03/2008|20:24] C:\DOCUME~1\Sandie\APPLIC~1\.
[18/03/2008|20:24] C:\DOCUME~1\Sandie\APPLIC~1\..
[12/04/2007|15:54] C:\DOCUME~1\Sandie\APPLIC~1\Adobe
[20/05/2007|20:47] C:\DOCUME~1\Sandie\APPLIC~1\Apple Computer
[14/02/2008|20:05] C:\DOCUME~1\Sandie\APPLIC~1\comp bolt eggs
[22/03/2007|11:41] C:\DOCUME~1\Sandie\APPLIC~1\desktop.ini
[17/04/2007|21:09] C:\DOCUME~1\Sandie\APPLIC~1\ESTsoft
[22/03/2007|19:37] C:\DOCUME~1\Sandie\APPLIC~1\Hewlett-Packard
[22/03/2007|11:51] C:\DOCUME~1\Sandie\APPLIC~1\Identities
[14/10/2007|21:08] C:\DOCUME~1\Sandie\APPLIC~1\Macromedia
[13/01/2008|15:10] C:\DOCUME~1\Sandie\APPLIC~1\Microsoft
[22/03/2007|19:20] C:\DOCUME~1\Sandie\APPLIC~1\Mozilla
[12/02/2008|22:24] C:\DOCUME~1\Sandie\APPLIC~1\MySpace
[24/01/2008|22:48] C:\DOCUME~1\Sandie\APPLIC~1\OpenOffice.org2
[06/10/2007|19:23] C:\DOCUME~1\Sandie\APPLIC~1\Real
[23/12/2007|11:29] C:\DOCUME~1\Sandie\APPLIC~1\Screenshot Sender
[22/04/2007|13:08] C:\DOCUME~1\Sandie\APPLIC~1\Sun
[18/03/2008|20:24] C:\DOCUME~1\Sandie\APPLIC~1\SUPERAntiSpyware.com
[28/03/2007|21:07] C:\DOCUME~1\Sandie\APPLIC~1\vlc

----------------[ Tâches planifiées dans C:\WINDOWS\tasks ]---------------

[25/03/2008 19:37][--a------] C:\WINDOWS\tasks\FRU Task #Hewlett-Packard#hp psc 1100 series#1174588571.job
[26/03/2008 16:01][--ah-----] C:\WINDOWS\tasks\SA.DAT
[28/08/2001 12:00][-r-h-c---] C:\WINDOWS\tasks\desktop.ini

---------------[ Listing des dossiers dans C:\Program Files ]--------------

[12/03/2008|17:25] C:\Program Files\.
[12/03/2008|17:25] C:\Program Files\..
[02/01/2008|13:46] C:\Program Files\ABBYY FineReader 8.0 Professional Edition
[10/02/2008|17:46] C:\Program Files\Adobe
[29/05/2007|19:32] C:\Program Files\Alcohol Soft
[01/04/2007|18:36] C:\Program Files\ArcSoft
[28/03/2007|17:21] C:\Program Files\Axon Data
[13/11/2007|20:36] C:\Program Files\BearShare
[06/08/2007|18:42] C:\Program Files\Buzz
[12/03/2008|17:21] C:\Program Files\Casperlab Software
[08/03/2008|15:37] C:\Program Files\CCleaner
[29/05/2007|19:42] C:\Program Files\CDBurnerXP Pro 3
[12/12/2007|21:13] C:\Program Files\CDex_170b2
[14/02/2008|19:02] C:\Program Files\comp bolt eggs
[22/03/2007|11:45] C:\Program Files\ComPlus Applications
[02/09/2007|18:46] C:\Program Files\DivX
[22/04/2007|18:47] C:\Program Files\EHMINSTALL
[29/03/2007|18:19] C:\Program Files\ESTsoft
[03/02/2008|16:32] C:\Program Files\Everest Poker
[08/03/2008|17:31] C:\Program Files\Fichiers communs
[28/05/2007|18:32] C:\Program Files\FileZilla
[11/04/2007|18:37] C:\Program Files\FLVPlayer
[28/05/2007|18:53] C:\Program Files\Free Audio Pack
[24/01/2008|13:49] C:\Program Files\Gimp
[08/07/2007|20:27] C:\Program Files\Google
[08/04/2007|10:46] C:\Program Files\Guitar Pro 4
[24/01/2008|13:50] C:\Program Files\GuitarFX 3
[22/03/2007|19:35] C:\Program Files\Hewlett-Packard
[26/03/2007|21:24] C:\Program Files\HP
[11/04/2007|20:53] C:\Program Files\i2p
[29/05/2007|20:14] C:\Program Files\InfraRecorder
[07/02/2008|22:51] C:\Program Files\InstallShield Installation Information
[12/02/2008|22:51] C:\Program Files\Internet Explorer
[08/03/2008|17:30] C:\Program Files\Java
[06/08/2007|17:43] C:\Program Files\Jeskola Buzz
[25/08/2007|15:28] C:\Program Files\Linksys Wireless-G PCI Wireless Network Monitor
[22/03/2007|15:50] C:\Program Files\Messenger
[03/02/2008|17:56] C:\Program Files\Messenger Plus! Live
[26/03/2007|07:28] C:\Program Files\microsoft frontpage
[26/03/2007|07:28] C:\Program Files\Microsoft Office
[11/04/2007|21:13] C:\Program Files\Microsoft Visual Studio
[22/03/2007|11:52] C:\Program Files\MouseWare
[22/03/2007|12:32] C:\Program Files\Movie Maker
[26/03/2008|17:41] C:\Program Files\Mozilla Firefox
[22/03/2007|11:45] C:\Program Files\MSN
[22/03/2007|11:45] C:\Program Files\MSN Gaming Zone
[03/02/2008|16:50] C:\Program Files\MSN Messenger
[22/03/2007|15:57] C:\Program Files\MSXML 4.0
[09/03/2008|13:55] C:\Program Files\MySpace
[22/03/2007|12:29] C:\Program Files\NetMeeting
[22/03/2007|14:21] C:\Program Files\Network Associates
[24/01/2008|13:50] C:\Program Files\Nvu
[10/04/2007|18:43] C:\Program Files\OpenOffice.org 2.2
[16/06/2007|18:21] C:\Program Files\Outlook Express
[04/01/2008|22:35] C:\Program Files\pacificpoker.exe
[21/10/2007|16:36] C:\Program Files\Photo Story 3 for Windows
[06/10/2007|19:18] C:\Program Files\Real
[22/03/2007|11:45] C:\Program Files\Services en ligne
[06/08/2007|17:27] C:\Program Files\Sony Setup
[03/02/2008|16:45] C:\Program Files\Spybot - Search & Destroy
[03/02/2008|17:47] C:\Program Files\Spyware Terminator
[08/03/2008|17:32] C:\Program Files\SUPERAntiSpyware
[30/05/2007|19:59] C:\Program Files\Trust
[22/03/2007|11:51] C:\Program Files\Uninstall Information
[31/10/2007|22:14] C:\Program Files\Veoh Networks
[05/08/2007|16:45] C:\Program Files\VideoLAN
[12/03/2008|17:25] C:\Program Files\WebPopupKiller
[06/06/2007|11:53] C:\Program Files\Winamp
[24/01/2008|13:51] C:\Program Files\Windows Live
[02/01/2008|13:52] C:\Program Files\Windows Live Toolbar
[22/03/2007|16:44] C:\Program Files\Windows Media Connect 2
[30/05/2007|19:56] C:\Program Files\Windows Media Player
[22/03/2007|12:28] C:\Program Files\Windows NT
[22/03/2007|15:17] C:\Program Files\WindowsUpdate
[22/03/2007|11:48] C:\Program Files\xerox
[09/06/2007|21:39] C:\Program Files\Zelda Return of the Hylian
[22/03/2007|18:25] C:\Program Files\Zone Labs

------[ Listing des dossiers dans C:\Program Files\Fichiers communs ]------

[08/03/2008|17:31] C:\Program Files\Fichiers communs\.
[08/03/2008|17:31] C:\Program Files\Fichiers communs\..
[10/02/2008|17:47] C:\Program Files\Fichiers communs\Adobe
[22/03/2007|14:21] C:\Program Files\Fichiers communs\Cisco Systems
[26/03/2007|07:30] C:\Program Files\Fichiers communs\Designer
[22/03/2007|19:30] C:\Program Files\Fichiers communs\Hewlett-Packard
[02/04/2007|09:15] C:\Program Files\Fichiers communs\InstallShield
[23/03/2007|19:51] C:\Program Files\Fichiers communs\Java
[22/03/2007|11:52] C:\Program Files\Fichiers communs\Logitech
[06/08/2007|17:59] C:\Program Files\Fichiers communs\MAGIX Shared
[02/01/2008|12:08] C:\Program Files\Fichiers communs\Microsoft Shared
[22/03/2007|11:46] C:\Program Files\Fichiers communs\MSSoap
[22/03/2007|14:20] C:\Program Files\Fichiers communs\Network Associates
[22/03/2007|11:41] C:\Program Files\Fichiers communs\ODBC
[30/05/2007|19:59] C:\Program Files\Fichiers communs\PCCamera
[06/10/2007|19:19] C:\Program Files\Fichiers communs\Real
[22/03/2007|11:46] C:\Program Files\Fichiers communs\Services
[22/03/2007|11:41] C:\Program Files\Fichiers communs\SpeechEngines
[16/06/2007|18:21] C:\Program Files\Fichiers communs\System
[02/01/2008|12:08] C:\Program Files\Fichiers communs\WindowsLiveInstaller
[08/03/2008|17:31] C:\Program Files\Fichiers communs\Wise Installation Wizard
[06/10/2007|19:19] C:\Program Files\Fichiers communs\xing shared

----------------------[ Recherche avec S_Lop ]---------------------

Aucun fichier / dossier Lop trouvé !

-----------------[ Recherche de Fichiers / Dossiers Lop ]-----------------

Aucun fichier / dossier Lop trouvé !

----------------------[ Verification du Registre ]----------------------

..... OK !

--------------------[ Verification du fichier Hosts ]---------------------

Fichier Hosts PROPRE


----------------[ Recherche de fichiers avec Catchme ]-----------------

catchme 0.3.1262 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-03-26 19:16:54
Windows 5.1.2600 Service Pack 2 NTFS
scanning hidden files ...
scan completed successfully
hidden files: 0

--------------------[ Recherche d'autres infections ]---------------------

C:\WINDOWS\pack.epk
C:\WINDOWS\system32\nvs2.inf
C:\WINDOWS\system32\dbmefb_navps.dat
C:\WINDOWS\system32\dbmefb_nav.dat
C:\WINDOWS\system32\dbmefb.dat
! EGDACCESS !


/!\ [Fich:2946][Doss:54] C:\DOCUME~1\Sandie\LOCALS~1\Temp
/!\ [Fich:76][Doss:0] C:\DOCUME~1\Sandie\Cookies
/!\ [Fich:4438][Doss:8] C:\DOCUME~1\Sandie\LOCALS~1\TEMPOR~1\content.IE5

--------------------[ Fin du rapport a 19:17:15,10 ]----------------------

Re,

Télécharge Navilog1.exe (IL-MAFIOSO)
Enregistre-le sur ton Bureau.
Lance l'installation en double cliquant sur navilog.exe.
Une fois l'installation terminée, l'utilitaire s'exécutera automatiquement.
(Si ce n'est pas le cas, double clique sur le raccourci présent sur le Bureau)

Laisse-toi guider par l'utilitaire. Choisis l'option 1 puis valide.
[#ff0000]! N'utilise pas l'option 2, 3 et 4 sans notre accord ![/#f]
Patiente jusqu'à l'apparition de ce message :
"*** Analyse Termine le ..... ***"
Appuie sur une touche comme demandé. Le Bloc-notes va s'ouvrir. Poste-nous son contenu de cette manière :

-> Edition / Sélectionner tout
-> Edition / Copier
-> Clique-Droit / Coller dans ta réponse

NOTE : Le rapport se trouve également ici : C:\fixnavi.txt

voila le rapport


Search Navipromo version 3.5.1 commencé le 26/03/2008 à 19:32:35,10

!!! Attention,ce rapport peut indiquer des fichiers/programmes légitimes!!!
!!! Postez ce rapport sur le forum pour le faire analyser !!!
!!! Ne lancez pas la partie désinfection sans l'avis d'un spécialiste !!!

Outil exécuté depuis C:\Program Files\navilog1
Session actuelle : "Sandie"

Mise à jour le 23.03.2008 à 22h00 par IL-MAFIOSO


Microsoft Windows XP [version 5.1.2600]
Internet Explorer : 7.0.5730.11
Système de fichiers : NTFS

Executé en mode normal

*** Recherche Programmes installés ***




*** Recherche dossiers dans C:\WINDOWS ***



*** Recherche dossiers dans C:\Program Files ***



*** Recherche dossiers dans C:\DOCUME~1\ALLUSE~1\APPLIC~1 ***




*** Recherche dossiers dans "C:\Documents and Settings\Sandie\applic~1" ***



*** Recherche dossiers dans "C:\Documents and Settings\Sandie\locals~1\applic~1" ***



*** Recherche dossiers dans "C:\Documents and Settings\Sandie\menudm~1\progra~1" ***


*** Recherche dossiers dans C:\DOCUME~1\ALLUSE~1\MENUD?~1\PROGRA~1 ***


*** Recherche avec Catchme-rootkit/stealth malware detector par gmer ***
pour + d'infos : http://www.gmer.net

Fichier(s) caché(s) :

C:\WINDOWS\system32\btcbyt.dat
C:\WINDOWS\system32\btcbyt.exe
C:\WINDOWS\system32\btcbyt_nav.dat
C:\WINDOWS\system32\btcbyt_navps.dat



*** Recherche avec GenericNaviSearch ***
!!! Tous ces résultats peuvent révéler des fichiers légitimes !!!
!!! A vérifier impérativement avant toute suppression manuelle !!!

* Recherche dans C:\WINDOWS\system32 *

* Recherche dans "C:\Documents and Settings\Sandie\locals~1\applic~1" *

* Recherche dans "C:\docume~1\Françoise\locals~1\applic~1" *

* Recherche dans "C:\docume~1\Invité\locals~1\applic~1" *

* Recherche dans "C:\docume~1\Jeff\locals~1\applic~1" *

* Recherche dans "C:\docume~1\Propriétaire\locals~1\applic~1" *



*** Recherche fichiers ***


C:\WINDOWS\pack.epk trouvé !
C:\WINDOWS\system32\nvs2.inf trouvé !


*** Recherche clés spécifiques dans le Registre ***

HKEY_CURRENT_USER\Software\Lanconfig trouvé !
HKEY_CURRENT_USER\Software\mc trouvé !

*** Module de Recherche complémentaire ***
(Recherche fichiers spécifiques)

1)Recherche nouveaux fichiers Instant Access :


2)Recherche Heuristique :

* Dans C:\WINDOWS\system32 :

btcbyt.dat trouvé !
dbmefb.dat trouvé !
dbmefb.exe~ trouvé !

* Dans "C:\Documents and Settings\Sandie\locals~1\applic~1" :


* Dans "C:\docume~1\Françoise\locals~1\applic~1" :


* Dans "C:\docume~1\Invité\locals~1\applic~1" :


* Dans "C:\docume~1\Jeff\locals~1\applic~1" :


* Dans "C:\docume~1\Propriétaire\locals~1\applic~1" :


3)Recherche Certificats :

Certificat Egroup trouvé !
Certificat Electronic-Group trouvé !
Certificat OOO-Favorit trouvé !
Certificat Sunny-Day-Design-Ltd absent !

4)Recherche fichiers connus :



*** Analyse terminée le 26/03/2008 à 19:44:23,46 ***

Re,

Double clique sur le raccourci de Navilog1 présent sur ton Bureau.
Suis les instructions. Choisis ensuite l'option 2 puis valide.
Laisse toi guider et réponds aux questions éventuelles.

L'utilitaire va t'informer qu'il va redémarrer l'ordinateur.
[#ff0000]**Ferme toutes les fenêtres ouvertes et enregistre tes documents personnels ouverts**[/#f]
Appuie maintenant sur une touche, comme demandé.
(si ton PC ne redémarre pas automatiquement, fais-le manuellement)

Patiente jusqu'à l'apparition de ce message :
"*** Nettoyage Termine le ..... ***"

Le Bloc-notes va s'ouvrir.
Sauvegarde le rapport de manière à le retrouver.
Referme le Bloc-notes. Ton bureau va maintenant réapparaître.

NOTE : Si ton Bureau ne réapparait pas, appuie simultanément sur Ctrl+Alt+Suppr pour ouvrir le Gestionnaire des tâches.
Rends-toi sur l'onglet "Processus". Clique en haut à gauche sur Fichier et choisis "Exécuter..."
Tape explorer puis valide.

Poste le rapport sauvegardé auparavant (C:\cleannavi.txt)
Ainsi qu'un nouveau rapport Hijackthis.

Ferme Internet Explorer puis Démarrer/Panneau de Configuration/Options Internet.
Choisis l'onglet Contenu puis onglet Certificats.
Regarde si tu trouves les programmes suivant (en particulier dans Editeurs approuvés):

Montorgueil
VIP

Si tu les trouves, fais ceci :
* Sélectionne chacun de ces certificats et clique sur exporter. Enregistre le/les sur ton bureau.
* Supprime ensuite ceux présents dans l'onglet "certificats" des options de ton naviguateur.

Ensuite pour chacun des certificats présents sur ton bureau :
* Va sur le site Web :
http://www.bleepingcomputer.com/submit-malware.php?chan...
* Copie/colle ceci dans la case 'Link to Topic' :
le nom du certificat (Montorgueil ,......)
* Copie/colle ceci dans la case 'Browse to the File' :
Le certificat correspondant que tu avais exportés vers ton bureau

Si c'est fait, supprime enfin le certificat présent sur ton bureau.

voici le rapport cleannavi, l'autre arrive bientot


Clean Navipromo version 3.5.1 commencé le 26/03/2008 à 20:04:50,32

Outil exécuté depuis C:\Program Files\navilog1
Session actuelle : "Sandie"
Actual User Account : "Sandie"

Mise à jour le 23.03.2008 à 22h00 par IL-MAFIOSO


Microsoft Windows XP [version 5.1.2600]
Internet Explorer : 7.0.5730.11
Système de fichiers : NTFS

Mode suppression automatique
avec prise en charge résultats Catchme et GNS


*** Creation backups fichiers trouvés par Catchme ***

Copie vers "C:\Program Files\navilog1\Backupnavi"

Copie C:\WINDOWS\system32\btcbyt.dat réalisée avec succès !
Copie C:\WINDOWS\system32\btcbyt.exe réalisée avec succès !
Copie C:\WINDOWS\system32\btcbyt_nav.dat réalisée avec succès !
Copie C:\WINDOWS\system32\btcbyt_navps.dat réalisée avec succès !

*** Suppression des fichiers trouvés avec Catchme ***

C:\WINDOWS\system32\btcbyt.dat supprimé !
C:\WINDOWS\system32\btcbyt.exe supprimé !
C:\WINDOWS\system32\btcbyt_nav.dat supprimé !
C:\WINDOWS\system32\btcbyt_navps.dat supprimé !

** 2ème passage avec résultats Catchme **

* Dans C:\WINDOWS\system32 *


C:\WINDOWS\prefetch\btcbyt*.pf trouvé !
Copie C:\WINDOWS\prefetch\btcbyt*.pf réalisée avec succès !
C:\WINDOWS\prefetch\btcbyt*.pf supprimé !

* Dans "C:\Documents and Settings\Sandie\locals~1\applic~1" *


*** Suppression avec sauvegardes résultats GenericNaviSearch ***

* Suppression dans C:\WINDOWS\System32 *


* Suppression dans "C:\Documents and Settings\Sandie\locals~1\applic~1" *


* Suppression dans "C:\docume~1\Françoise\locals~1\applic~1" *


* Suppression dans "C:\docume~1\Invité\locals~1\applic~1" *


* Suppression dans "C:\docume~1\Jeff\locals~1\applic~1" *


* Suppression dans "C:\docume~1\Propriétaire\locals~1\applic~1" *



*** Suppression dossiers dans C:\WINDOWS ***


*** Suppression dossiers dans C:\Program Files ***


*** Suppression dossiers dans C:\DOCUME~1\ALLUSE~1\APPLIC~1 ***


*** Suppression dossiers dans "C:\Documents and Settings\Sandie\applic~1" ***


*** Suppression dossiers dans "C:\Documents and Settings\Sandie\locals~1\applic~1" ***


*** Suppression dossiers dans "C:\Documents and Settings\Sandie\menudm~1\progra~1" ***


*** Suppression dossiers dans C:\DOCUME~1\ALLUSE~1\MENUD?~1\PROGRA~1 ***



*** Suppression fichiers ***

C:\WINDOWS\pack.epk supprimé !
C:\WINDOWS\system32\nvs2.inf supprimé !

*** Suppression fichiers temporaires ***

Nettoyage contenu C:\WINDOWS\Temp effectué !
Nettoyage contenu C:\Documents and Settings\Sandie\locals~1\Temp effectué !

*** Traitement Recherche complémentaire ***
(Recherche fichiers spécifiques)

1)Suppression avec sauvegardes nouveaux fichiers Instant Access :

2)Recherche, création sauvegardes et suppression Heuristique :


* Dans C:\WINDOWS\system32 *

dbmefb.dat trouvé !
Copie dbmefb.dat réalisée avec succès !
dbmefb.dat supprimé !

dbmefb_nav.dat trouvé !
Copie dbmefb_nav.dat réalisée avec succès !
dbmefb_nav.dat supprimé !

dbmefb_navps.dat trouvé !
Copie dbmefb_navps.dat réalisée avec succès !
dbmefb_navps.dat supprimé !

dbmefb.exe~ trouvé !
Copie dbmefb.exe~ réalisée avec succès !
dbmefb.exe~ supprimé !


* Dans "C:\Documents and Settings\Sandie\locals~1\applic~1" *


* Dans "C:\docume~1\Françoise\locals~1\applic~1" *


* Dans "C:\docume~1\Invité\locals~1\applic~1" *


* Dans "C:\docume~1\Jeff\locals~1\applic~1" *


* Dans "C:\docume~1\Propriétaire\locals~1\applic~1" *


*** Sauvegarde du Registre vers dossier Backupnavi ***

sauvegarde du Registre réalisée avec succès !

*** Nettoyage Registre ***

Nettoyage Registre Ok


*** Certificats ***

Certificat Egroup supprimé !
Certificat Electronic-Group supprimé !
Certificat OOO-Favorit supprimé !
Certificat Sunny-Day-Design-Ltdt absent !

*** Nettoyage terminé le 26/03/2008 à 20:13:14,90 ***

voila

Logfile of HijackThis v1.99.1
Scan saved at 20:18:02, on 26/03/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16608)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Network Associates\Common Framework\FrameworkService.exe
C:\Program Files\Network Associates\VirusScan\Mcshield.exe
C:\Program Files\Network Associates\VirusScan\VsTskMgr.exe
C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe
C:\WINDOWS\System32\PAStiSvc.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Linksys Wireless-G PCI Wireless Network Monitor\WLService.exe
C:\Program Files\Linksys Wireless-G PCI Wireless Network Monitor\WMP54Gv4.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\atiptaxx.exe
C:\PROGRA~1\MOUSEW~1\SYSTEM\EM_EXEC.EXE
C:\Program Files\Network Associates\VirusScan\SHSTAT.EXE
C:\Program Files\Network Associates\Common Framework\UpdaterUI.exe
C:\Program Files\Fichiers communs\Network Associates\TalkBack\TBMon.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Veoh Networks\Veoh\VeohClient.exe
C:\PROGRA~1\Mozilla Firefox\firefox.exe
C:\Documents and Settings\Sandie\Bureau\hijackthis\Scanner.exe.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: (no name) - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - (no file)
O4 - HKLM\..\Run: [AtiPTA] atiptaxx.exe
O4 - HKLM\..\Run: [EM_EXEC] C:\PROGRA~1\MOUSEW~1\SYSTEM\EM_EXEC.EXE
O4 - HKLM\..\Run: [ShStatEXE] "C:\Program Files\Network Associates\VirusScan\SHSTAT.EXE" /STANDALONE
O4 - HKLM\..\Run: [McAfeeUpdaterUI] "C:\Program Files\Network Associates\Common Framework\UpdaterUI.exe" /StartedFromRunKey
O4 - HKLM\..\Run: [Network Associates Error Reporting Service] "C:\Program Files\Fichiers communs\Network Associates\TalkBack\TBMon.exe"
O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Veoh] "C:\Program Files\Veoh Networks\Veoh\VeohClient.exe" /VeohHide
O4 - HKCU\..\Run: [WhenUSave] "C:\Program Files\Save\Save.exe"
O4 - HKCU\..\Run: [WINSOS VERIFY] "C:\Program Files\WINSOS\WINSOS.EXE" MINI
O8 - Extra context menu item: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O11 - Options group: [INTERNATIONAL] International*
O14 - IERESET.INF: START_PAGE_URL=http://www.planetis.com/
O16 - DPF: {2250C29C-C5E9-4F55-BE4E-01E45A40FCF1} (CMediaMix Object) - http://musicmix.messenger.msn.com/Medialogic.CAB
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.ca...
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls...
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPACl...
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: Service Framework McAfee (McAfeeFramework) - Network Associates, Inc. - C:\Program Files\Network Associates\Common Framework\FrameworkService.exe
O23 - Service: Network Associates McShield (McShield) - Network Associates, Inc. - C:\Program Files\Network Associates\VirusScan\Mcshield.exe
O23 - Service: Network Associates Task Manager (McTaskManager) - Network Associates, Inc. - C:\Program Files\Network Associates\VirusScan\VsTskMgr.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: StarWind iSCSI Service (StarWindService) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe
O23 - Service: STI Simulator - Unknown owner - C:\WINDOWS\System32\PAStiSvc.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe
O23 - Service: WMP54Gv4SVC - Unknown owner - C:\Program Files\Linksys Wireless-G PCI Wireless Network Monitor\WLService.exe" "WMP54Gv4.exe (file missing)

re, est ce normal si je ne trouve pas les programme Montorgueil et
VIP dans l'onglet certificat? j'ai chercher partout mais ils ne sont pas la.

C'est possible  

Télécharge BTFix ([#ff0000]Bibi26[/#f]).
Dézippe l'archive sur ton Bureau.

Ouvre le dossier BTFix.

Double clique sur BTFix.exe.

Clique sur Rechercher.

Un rapport va apparaître, copie/colle-le dans ta prochaine réponse.

 


BTFix 1.090 (par bibi26) - 26/03/2008 21:03:33 - Analyse
Lancé depuis C:\Documents and Settings\Sandie\Bureau\BTFix\BTFix\BTFix.exe

---> Fichiers/Dossiers trouvés

- C:\Documents and Settings\Sandie\Menu Démarrer\Programmes\WhenU\

---> Analyse terminée

Re,

Ouvre à nouveau BTFix.

Clique sur Nettoyer.

Un rapport va apparaître, copie/colle-le dans ta prochaine réponse.

Bonsoir, le rapport du nettoyage


BTFix 1.090 (par bibi26) - 27/03/2008 19:35:31 - Nettoyage - Mode normal
Lancé depuis C:\Documents and Settings\Sandie\Bureau\BTFix\BTFix\BTFix.exe

---> Fichiers/dossiers supprimés (Première passe)

- Fichiers temporaires effacés
- C:\Documents and Settings\Sandie\Menu Démarrer\Programmes\WhenU\

---> Nettoyage terminé

Reposte un rapport Hijackthis.

Voila, en tout cas une seule pub s'est affichée depuis 2heure que je dois etre connectée ^^


Logfile of HijackThis v1.99.1
Scan saved at 21:07:39, on 27/03/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16608)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Network Associates\Common Framework\FrameworkService.exe
C:\Program Files\Network Associates\VirusScan\Mcshield.exe
C:\Program Files\Network Associates\VirusScan\VsTskMgr.exe
C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe
C:\WINDOWS\System32\PAStiSvc.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Linksys Wireless-G PCI Wireless Network Monitor\WLService.exe
C:\Program Files\Linksys Wireless-G PCI Wireless Network Monitor\WMP54Gv4.exe
C:\WINDOWS\system32\atiptaxx.exe
C:\PROGRA~1\MOUSEW~1\SYSTEM\EM_EXEC.EXE
C:\Program Files\Network Associates\VirusScan\SHSTAT.EXE
C:\Program Files\Network Associates\Common Framework\UpdaterUI.exe
C:\Program Files\Fichiers communs\Network Associates\TalkBack\TBMon.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Veoh Networks\Veoh\VeohClient.exe
C:\WINDOWS\explorer.exe
C:\PROGRA~1\Mozilla Firefox\firefox.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Windows Live\Messenger\usnsvc.exe
C:\Program Files\Microsoft Office\Office\WINWORD.EXE
C:\WINDOWS\msagent\AgentSvr.exe
C:\Documents and Settings\Sandie\Bureau\hijackthis\Scanner.exe.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: (no name) - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - (no file)
O4 - HKLM\..\Run: [AtiPTA] atiptaxx.exe
O4 - HKLM\..\Run: [EM_EXEC] C:\PROGRA~1\MOUSEW~1\SYSTEM\EM_EXEC.EXE
O4 - HKLM\..\Run: [ShStatEXE] "C:\Program Files\Network Associates\VirusScan\SHSTAT.EXE" /STANDALONE
O4 - HKLM\..\Run: [McAfeeUpdaterUI] "C:\Program Files\Network Associates\Common Framework\UpdaterUI.exe" /StartedFromRunKey
O4 - HKLM\..\Run: [Network Associates Error Reporting Service] "C:\Program Files\Fichiers communs\Network Associates\TalkBack\TBMon.exe"
O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Veoh] "C:\Program Files\Veoh Networks\Veoh\VeohClient.exe" /VeohHide
O4 - HKCU\..\Run: [WINSOS VERIFY] "C:\Program Files\WINSOS\WINSOS.EXE" MINI
O8 - Extra context menu item: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O11 - Options group: [INTERNATIONAL] International*
O14 - IERESET.INF: START_PAGE_URL=http://www.planetis.com/
O16 - DPF: {2250C29C-C5E9-4F55-BE4E-01E45A40FCF1} (CMediaMix Object) - http://musicmix.messenger.msn.com/Medialogic.CAB
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.ca...
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls...
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPACl...
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: Service Framework McAfee (McAfeeFramework) - Network Associates, Inc. - C:\Program Files\Network Associates\Common Framework\FrameworkService.exe
O23 - Service: Network Associates McShield (McShield) - Network Associates, Inc. - C:\Program Files\Network Associates\VirusScan\Mcshield.exe
O23 - Service: Network Associates Task Manager (McTaskManager) - Network Associates, Inc. - C:\Program Files\Network Associates\VirusScan\VsTskMgr.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: StarWind iSCSI Service (StarWindService) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe
O23 - Service: STI Simulator - Unknown owner - C:\WINDOWS\System32\PAStiSvc.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe
O23 - Service: WMP54Gv4SVC - Unknown owner - C:\Program Files\Linksys Wireless-G PCI Wireless Network Monitor\WLService.exe" "WMP54Gv4.exe (file missing)

On va continuer  

Télécharge MalwareByte's Anti-Malware sur ton Bureau.
Installe-le en double-cliquant sur le fichier Download_mbam-setup.exe.

Une fois l'installation et la mise à jour effectuées, redémarre en mode sans échec.
AIDE : Redémarrer en mode sans échec

Exécute maintenant MalwareByte's Anti-Malware. Si cela n'est pas déjà fait, sélectionne "Exécuter un examen complet".

Afin de lancer la recherche, clic sur"Rechercher".

Une fois le scan terminé, une fenêtre s'ouvre, clic sur OK. Deux possibilités s'offrent à toi :
-- si le programme n'a rien trouvé, appuie sur OK. Un rapport va apparaître, ferme-le.
-- si des infections sont présentes, clic sur "Afficher les résultats" puis sur "Supprimer la sélection". Enregistre le rapport sur ton Bureau afin de le poster dans ta prochaine réponse.
[#ff0000]REMARQUE : Si MalwareByte's Anti-Malware a besoin de redémarrer pour terminer la suppression, accepte en cliquant sur Ok.[/#f]

AIDE : Tuto en images sur MBAM

Bonsoir, le programme n'a rien trouvé. voici quand meme le rapport.

Malwarebytes' Anti-Malware 1.09
Version de la base de données: 560

Type de recherche: Examen complet (A:\|C:\|D:\|Q:\|)
Eléments examinés: 122819
Temps écoulé: 7 hour(s), 29 minute(s), 12 second(s)

Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 0
Valeur(s) du Registre infectée(s): 0
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 0
Fichier(s) infecté(s): 0

Processus mémoire infecté(s):
(Aucun élément nuisible détecté)

Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)

Clé(s) du Registre infectée(s):
(Aucun élément nuisible détecté)

Valeur(s) du Registre infectée(s):
(Aucun élément nuisible détecté)

Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)

Dossier(s) infecté(s):
(Aucun élément nuisible détecté)

Fichier(s) infecté(s):
(Aucun élément nuisible détecté)

Re,

Fix les lignes dans le cadre ci-dessous avec Hijackthis : AIDE EN IMAGES



Supprime ce dossier :
C:\Program Files\WINSOS

bonjour! c'est fait le dossier c:\programfiles\winsos est supprimé

Reposte un rapport Hijackthis.

Logfile of HijackThis v1.99.1
Scan saved at 19:06:14, on 30/03/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16608)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Network Associates\Common Framework\FrameworkService.exe
C:\Program Files\Network Associates\VirusScan\Mcshield.exe
C:\Program Files\Network Associates\VirusScan\VsTskMgr.exe
C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe
C:\WINDOWS\System32\PAStiSvc.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Linksys Wireless-G PCI Wireless Network Monitor\WLService.exe
C:\Program Files\Linksys Wireless-G PCI Wireless Network Monitor\WMP54Gv4.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\atiptaxx.exe
C:\PROGRA~1\MOUSEW~1\SYSTEM\EM_EXEC.EXE
C:\Program Files\Network Associates\VirusScan\SHSTAT.EXE
C:\Program Files\Network Associates\Common Framework\UpdaterUI.exe
C:\Program Files\Fichiers communs\Network Associates\TalkBack\TBMon.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\WINDOWS\system32\ctfmon.exe
C:\PROGRA~1\Mozilla Firefox\firefox.exe
C:\Program Files\Windows Live\Messenger\usnsvc.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Documents and Settings\Sandie\Bureau\hijackthis\Scanner.exe.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: (no name) - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - (no file)
O4 - HKLM\..\Run: [AtiPTA] atiptaxx.exe
O4 - HKLM\..\Run: [EM_EXEC] C:\PROGRA~1\MOUSEW~1\SYSTEM\EM_EXEC.EXE
O4 - HKLM\..\Run: [ShStatEXE] "C:\Program Files\Network Associates\VirusScan\SHSTAT.EXE" /STANDALONE
O4 - HKLM\..\Run: [McAfeeUpdaterUI] "C:\Program Files\Network Associates\Common Framework\UpdaterUI.exe" /StartedFromRunKey
O4 - HKLM\..\Run: [Network Associates Error Reporting Service] "C:\Program Files\Fichiers communs\Network Associates\TalkBack\TBMon.exe"
O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Veoh] "C:\Program Files\Veoh Networks\Veoh\VeohClient.exe" /VeohHide
O8 - Extra context menu item: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O11 - Options group: [INTERNATIONAL] International*
O14 - IERESET.INF: START_PAGE_URL=http://www.planetis.com/
O16 - DPF: {2250C29C-C5E9-4F55-BE4E-01E45A40FCF1} (CMediaMix Object) - http://musicmix.messenger.msn.com/Medialogic.CAB
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.ca...
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls...
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPACl...
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: Service Framework McAfee (McAfeeFramework) - Network Associates, Inc. - C:\Program Files\Network Associates\Common Framework\FrameworkService.exe
O23 - Service: Network Associates McShield (McShield) - Network Associates, Inc. - C:\Program Files\Network Associates\VirusScan\Mcshield.exe
O23 - Service: Network Associates Task Manager (McTaskManager) - Network Associates, Inc. - C:\Program Files\Network Associates\VirusScan\VsTskMgr.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: StarWind iSCSI Service (StarWindService) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe
O23 - Service: STI Simulator - Unknown owner - C:\WINDOWS\System32\PAStiSvc.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe
O23 - Service: WMP54Gv4SVC - Unknown owner - C:\Program Files\Linksys Wireless-G PCI Wireless Network Monitor\WLService.exe" "WMP54Gv4.exe (file missing)

Re,

Fix les lignes dans le cadre ci-dessous avec Hijackthis : AIDE EN IMAGES

re, c'est fait  

Reposte un rapport Hijackthis  

Logfile of HijackThis v1.99.1
Scan saved at 21:31:06, on 31/03/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16608)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Network Associates\Common Framework\FrameworkService.exe
C:\Program Files\Network Associates\VirusScan\Mcshield.exe
C:\Program Files\Network Associates\VirusScan\VsTskMgr.exe
C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe
C:\WINDOWS\System32\PAStiSvc.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Linksys Wireless-G PCI Wireless Network Monitor\WLService.exe
C:\Program Files\Linksys Wireless-G PCI Wireless Network Monitor\WMP54Gv4.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\atiptaxx.exe
C:\PROGRA~1\MOUSEW~1\SYSTEM\EM_EXEC.EXE
C:\Program Files\Network Associates\VirusScan\SHSTAT.EXE
C:\Program Files\Network Associates\Common Framework\UpdaterUI.exe
C:\Program Files\Fichiers communs\Network Associates\TalkBack\TBMon.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\WINDOWS\system32\ctfmon.exe
C:\PROGRA~1\Mozilla Firefox\firefox.exe
C:\Program Files\Windows Live\Messenger\usnsvc.exe
C:\Documents and Settings\Sandie\Bureau\hijackthis\Scanner.exe.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O4 - HKLM\..\Run: [AtiPTA] atiptaxx.exe
O4 - HKLM\..\Run: [EM_EXEC] C:\PROGRA~1\MOUSEW~1\SYSTEM\EM_EXEC.EXE
O4 - HKLM\..\Run: [ShStatEXE] "C:\Program Files\Network Associates\VirusScan\SHSTAT.EXE" /STANDALONE
O4 - HKLM\..\Run: [McAfeeUpdaterUI] "C:\Program Files\Network Associates\Common Framework\UpdaterUI.exe" /StartedFromRunKey
O4 - HKLM\..\Run: [Network Associates Error Reporting Service] "C:\Program Files\Fichiers communs\Network Associates\TalkBack\TBMon.exe"
O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Veoh] "C:\Program Files\Veoh Networks\Veoh\VeohClient.exe" /VeohHide
O8 - Extra context menu item: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O11 - Options group: [INTERNATIONAL] International*
O14 - IERESET.INF: START_PAGE_URL=http://www.planetis.com/
O16 - DPF: {2250C29C-C5E9-4F55-BE4E-01E45A40FCF1} (CMediaMix Object) - http://musicmix.messenger.msn.com/Medialogic.CAB
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.ca...
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls...
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPACl...
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: Service Framework McAfee (McAfeeFramework) - Network Associates, Inc. - C:\Program Files\Network Associates\Common Framework\FrameworkService.exe
O23 - Service: Network Associates McShield (McShield) - Network Associates, Inc. - C:\Program Files\Network Associates\VirusScan\Mcshield.exe
O23 - Service: Network Associates Task Manager (McTaskManager) - Network Associates, Inc. - C:\Program Files\Network Associates\VirusScan\VsTskMgr.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: StarWind iSCSI Service (StarWindService) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe
O23 - Service: STI Simulator - Unknown owner - C:\WINDOWS\System32\PAStiSvc.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe
O23 - Service: WMP54Gv4SVC - Unknown owner - C:\Program Files\Linksys Wireless-G PCI Wireless Network Monitor\WLService.exe" "WMP54Gv4.exe (file missing)

AU SECOUR LES PAGES DE PUB SONT DE RETOUR DEPUIS HIER. le bonheur n'a duré qu'un mois...  

aidez moi svp

Même pub ?

oui le meme style de pub. plus des pub CID qui sont beaucoup plus nombreuses

Ok.

Télécharge Lop S&D.exe sur ton Bureau.

Double-clique dessus pour lancer l'installation

Puis double-clique sur le raccourci Lop S&D présent sur ton Bureau

Séléctionne la langue souhaitée , puis choisis l'option 1 (Recherche)

Patiente jusqu'à la fin du scan

Poste le rapport généré (C:\lopR.txt)

(Si le Bureau ne réapparait pas presse Ctrl + Alt + Suppr , Onglet Fichier , Nouvelle tâche , tape explorer.exe et valide)

voila:

ps: merci de m'avoir repondu rapidement ^^



-----------------------[ Lop S&D 4.1.0-2 XP/Vista ]---------------------

[ Windows XP (NT 5.1) Build 2600, Service Pack 2 ]
[ USER : Sandie ] [ "C:\Lop SD" ]
[ 01/05/2008 | 21:45:45,92 ] [ PC : SALON ]
[ MAJ : 26-03-2008 | 13:15 ]

-------------[ Listing des dossiers dans Application Data ]------------

[01/05/2008|11:56] C:\DOCUME~1\ALLUSE~1\APPLIC~1\.
[01/05/2008|11:56] C:\DOCUME~1\ALLUSE~1\APPLIC~1\..
[10/02/2008|18:47] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe
[02/01/2008|19:31] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple Computer
[22/03/2007|12:41] C:\DOCUME~1\ALLUSE~1\APPLIC~1\desktop.ini
[29/03/2007|19:19] C:\DOCUME~1\ALLUSE~1\APPLIC~1\ESTsoft
[22/03/2007|20:36] C:\DOCUME~1\ALLUSE~1\APPLIC~1\hpzinstall.log
[28/03/2008|21:34] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Malwarebytes
[16/06/2007|19:23] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Messenger Plus!
[12/02/2008|23:24] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft
[22/03/2007|15:21] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Network Associates
[01/05/2008|11:56] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Part Hide Grey Pop
[02/01/2008|13:43] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Prevx
[22/03/2007|12:53] C:\DOCUME~1\ALLUSE~1\APPLIC~1\SBSI
[03/02/2008|17:43] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Spybot - Search & Destroy
[08/03/2008|18:32] C:\DOCUME~1\ALLUSE~1\APPLIC~1\SUPERAntiSpyware.com
[22/03/2007|16:42] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Genuine Advantage
[20/10/2007|18:50] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Live Toolbar
[02/01/2008|13:03] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WLInstaller

[22/03/2007|12:41] C:\DOCUME~1\DEFAUL~1\APPLIC~1\.
[22/03/2007|12:41] C:\DOCUME~1\DEFAUL~1\APPLIC~1\..
[22/03/2007|12:41] C:\DOCUME~1\DEFAUL~1\APPLIC~1\desktop.ini
[22/03/2007|12:51] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Identities
[22/03/2007|12:40] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft

[20/03/2008|20:40] C:\DOCUME~1\FRANOI~1\APPLIC~1\.
[20/03/2008|20:40] C:\DOCUME~1\FRANOI~1\APPLIC~1\..
[08/07/2007|21:20] C:\DOCUME~1\FRANOI~1\APPLIC~1\ABBYY
[09/04/2008|18:38] C:\DOCUME~1\FRANOI~1\APPLIC~1\Adobe
[01/05/2008|11:56] C:\DOCUME~1\FRANOI~1\APPLIC~1\comp bolt eggs
[22/03/2007|12:41] C:\DOCUME~1\FRANOI~1\APPLIC~1\desktop.ini
[08/04/2007|10:09] C:\DOCUME~1\FRANOI~1\APPLIC~1\ESTsoft
[08/07/2007|21:29] C:\DOCUME~1\FRANOI~1\APPLIC~1\Google
[20/03/2008|20:40] C:\DOCUME~1\FRANOI~1\APPLIC~1\Help
[18/09/2007|19:16] C:\DOCUME~1\FRANOI~1\APPLIC~1\Hewlett-Packard
[26/03/2007|23:41] C:\DOCUME~1\FRANOI~1\APPLIC~1\Identities
[21/02/2008|21:08] C:\DOCUME~1\FRANOI~1\APPLIC~1\Macromedia
[25/03/2007|22:42] C:\DOCUME~1\FRANOI~1\APPLIC~1\MessengerSkinner
[02/01/2008|13:17] C:\DOCUME~1\FRANOI~1\APPLIC~1\Microsoft
[22/03/2007|23:29] C:\DOCUME~1\FRANOI~1\APPLIC~1\Mozilla
[14/02/2008|19:54] C:\DOCUME~1\FRANOI~1\APPLIC~1\MySpace
[02/01/2008|13:43] C:\DOCUME~1\FRANOI~1\APPLIC~1\PrevxCSI
[07/12/2007|23:19] C:\DOCUME~1\FRANOI~1\APPLIC~1\Real
[07/04/2007|19:25] C:\DOCUME~1\FRANOI~1\APPLIC~1\Sun
[08/03/2008|18:32] C:\DOCUME~1\FRANOI~1\APPLIC~1\SUPERAntiSpyware.com
[24/05/2007|22:45] C:\DOCUME~1\FRANOI~1\APPLIC~1\vlc

[08/03/2008|16:05] C:\DOCUME~1\INVIT~1\APPLIC~1\.
[08/03/2008|16:05] C:\DOCUME~1\INVIT~1\APPLIC~1\..
[22/03/2007|12:41] C:\DOCUME~1\INVIT~1\APPLIC~1\desktop.ini
[22/03/2007|12:51] C:\DOCUME~1\INVIT~1\APPLIC~1\Identities
[31/12/2007|15:51] C:\DOCUME~1\INVIT~1\APPLIC~1\Macromedia
[31/12/2007|17:38] C:\DOCUME~1\INVIT~1\APPLIC~1\Microsoft
[31/12/2007|15:44] C:\DOCUME~1\INVIT~1\APPLIC~1\Mozilla
[08/03/2008|16:05] C:\DOCUME~1\INVIT~1\APPLIC~1\MySpace
[31/12/2007|15:44] C:\DOCUME~1\INVIT~1\APPLIC~1\Real

[13/10/2007|10:13] C:\DOCUME~1\Jeff\APPLIC~1\.
[13/10/2007|10:13] C:\DOCUME~1\Jeff\APPLIC~1\..
[29/03/2007|20:16] C:\DOCUME~1\Jeff\APPLIC~1\ABBYY
[22/03/2007|17:17] C:\DOCUME~1\Jeff\APPLIC~1\Adobe
[22/04/2007|00:40] C:\DOCUME~1\Jeff\APPLIC~1\Apple Computer
[22/03/2007|12:41] C:\DOCUME~1\Jeff\APPLIC~1\desktop.ini
[29/03/2007|19:19] C:\DOCUME~1\Jeff\APPLIC~1\ESTsoft
[26/03/2007|22:22] C:\DOCUME~1\Jeff\APPLIC~1\Hewlett-Packard
[26/03/2007|22:25] C:\DOCUME~1\Jeff\APPLIC~1\HPCOM_48BitScanUpdate.log
[22/03/2007|12:51] C:\DOCUME~1\Jeff\APPLIC~1\Identities
[22/03/2007|18:12] C:\DOCUME~1\Jeff\APPLIC~1\Macromedia
[10/04/2007|19:21] C:\DOCUME~1\Jeff\APPLIC~1\MailFrontier
[24/01/2008|14:36] C:\DOCUME~1\Jeff\APPLIC~1\Microsoft
[26/03/2007|08:28] C:\DOCUME~1\Jeff\APPLIC~1\Microsoft Web Folders
[22/03/2007|16:15] C:\DOCUME~1\Jeff\APPLIC~1\Mozilla
[14/04/2007|14:52] C:\DOCUME~1\Jeff\APPLIC~1\Notepad++
[14/04/2007|14:47] C:\DOCUME~1\Jeff\APPLIC~1\Nvu
[15/04/2007|19:24] C:\DOCUME~1\Jeff\APPLIC~1\OpenOffice.org2
[13/10/2007|10:13] C:\DOCUME~1\Jeff\APPLIC~1\Real
[27/03/2007|01:06] C:\DOCUME~1\Jeff\APPLIC~1\Sun
[11/04/2007|21:42] C:\DOCUME~1\Jeff\APPLIC~1\vlc

[22/03/2007|12:51] C:\DOCUME~1\LOCALS~1\APPLIC~1\.
[22/03/2007|12:51] C:\DOCUME~1\LOCALS~1\APPLIC~1\..
[22/03/2007|18:14] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft

[22/03/2007|12:51] C:\DOCUME~1\NETWOR~1\APPLIC~1\.
[22/03/2007|12:51] C:\DOCUME~1\NETWOR~1\APPLIC~1\..
[02/01/2008|13:32] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft

[22/03/2007|12:41] C:\DOCUME~1\PROPRI~1\APPLIC~1\.
[22/03/2007|12:41] C:\DOCUME~1\PROPRI~1\APPLIC~1\..
[22/03/2007|12:41] C:\DOCUME~1\PROPRI~1\APPLIC~1\desktop.ini
[22/03/2007|12:51] C:\DOCUME~1\PROPRI~1\APPLIC~1\Identities
[22/03/2007|12:40] C:\DOCUME~1\PROPRI~1\APPLIC~1\Microsoft

[28/03/2008|21:35] C:\DOCUME~1\Sandie\APPLIC~1\.
[28/03/2008|21:35] C:\DOCUME~1\Sandie\APPLIC~1\..
[09/04/2008|14:22] C:\DOCUME~1\Sandie\APPLIC~1\Adobe
[20/05/2007|21:47] C:\DOCUME~1\Sandie\APPLIC~1\Apple Computer
[14/02/2008|21:05] C:\DOCUME~1\Sandie\APPLIC~1\comp bolt eggs
[22/03/2007|12:41] C:\DOCUME~1\Sandie\APPLIC~1\desktop.ini
[17/04/2007|22:09] C:\DOCUME~1\Sandie\APPLIC~1\ESTsoft
[22/03/2007|20:37] C:\DOCUME~1\Sandie\APPLIC~1\Hewlett-Packard
[22/03/2007|12:51] C:\DOCUME~1\Sandie\APPLIC~1\Identities
[14/10/2007|22:08] C:\DOCUME~1\Sandie\APPLIC~1\Macromedia
[28/03/2008|21:35] C:\DOCUME~1\Sandie\APPLIC~1\Malwarebytes
[13/01/2008|16:10] C:\DOCUME~1\Sandie\APPLIC~1\Microsoft
[22/03/2007|20:20] C:\DOCUME~1\Sandie\APPLIC~1\Mozilla
[12/02/2008|23:24] C:\DOCUME~1\Sandie\APPLIC~1\MySpace
[15/04/2008|12:03] C:\DOCUME~1\Sandie\APPLIC~1\OpenOffice.org2
[06/10/2007|20:23] C:\DOCUME~1\Sandie\APPLIC~1\Real
[23/12/2007|12:29] C:\DOCUME~1\Sandie\APPLIC~1\Screenshot Sender
[22/04/2007|14:08] C:\DOCUME~1\Sandie\APPLIC~1\Sun
[18/03/2008|21:24] C:\DOCUME~1\Sandie\APPLIC~1\SUPERAntiSpyware.com
[28/03/2007|22:07] C:\DOCUME~1\Sandie\APPLIC~1\vlc

----------------[ Tâches planifiées dans C:\WINDOWS\tasks ]---------------

[01/05/2008 21:00][--ah-----] C:\WINDOWS\tasks\AD61928D918A0651.job
[01/05/2008 19:37][--a------] C:\WINDOWS\tasks\FRU Task #Hewlett-Packard#hp psc 1100 series#1174588571.job
[01/05/2008 19:26][--ah-----] C:\WINDOWS\tasks\SA.DAT
[28/08/2001 13:00][-r-h-c---] C:\WINDOWS\tasks\desktop.ini

---------------[ Listing des dossiers dans C:\Program Files ]--------------

[01/05/2008|11:56] C:\Program Files\.
[01/05/2008|11:56] C:\Program Files\..
[02/01/2008|14:46] C:\Program Files\ABBYY FineReader 8.0 Professional Edition
[10/02/2008|18:46] C:\Program Files\Adobe
[29/05/2007|20:32] C:\Program Files\Alcohol Soft
[01/04/2007|19:36] C:\Program Files\ArcSoft
[28/03/2007|18:21] C:\Program Files\Axon Data
[13/11/2007|21:36] C:\Program Files\BearShare
[06/08/2007|19:42] C:\Program Files\Buzz
[12/03/2008|18:21] C:\Program Files\Casperlab Software
[08/03/2008|16:37] C:\Program Files\CCleaner
[29/05/2007|20:42] C:\Program Files\CDBurnerXP Pro 3
[12/12/2007|22:13] C:\Program Files\CDex_170b2
[01/05/2008|11:56] C:\Program Files\comp bolt eggs
[22/03/2007|12:45] C:\Program Files\ComPlus Applications
[02/09/2007|19:46] C:\Program Files\DivX
[30/03/2008|15:59] C:\Program Files\Dofus
[22/04/2007|19:47] C:\Program Files\EHMINSTALL
[29/03/2007|19:19] C:\Program Files\ESTsoft
[03/02/2008|17:32] C:\Program Files\Everest Poker
[08/03/2008|18:31] C:\Program Files\Fichiers communs
[28/05/2007|19:32] C:\Program Files\FileZilla
[11/04/2007|19:37] C:\Program Files\FLVPlayer
[28/05/2007|19:53] C:\Program Files\Free Audio Pack
[24/01/2008|14:49] C:\Program Files\Gimp
[08/07/2007|21:27] C:\Program Files\Google
[08/04/2007|11:46] C:\Program Files\Guitar Pro 4
[24/01/2008|14:50] C:\Program Files\GuitarFX 3
[22/03/2007|20:35] C:\Program Files\Hewlett-Packard
[26/03/2007|22:24] C:\Program Files\HP
[11/04/2007|21:53] C:\Program Files\i2p
[29/05/2007|21:14] C:\Program Files\InfraRecorder
[09/04/2008|18:31] C:\Program Files\InstallShield Installation Information
[09/04/2008|22:54] C:\Program Files\Internet Explorer
[08/03/2008|18:30] C:\Program Files\Java
[06/08/2007|18:43] C:\Program Files\Jeskola Buzz
[25/08/2007|16:28] C:\Program Files\Linksys Wireless-G PCI Wireless Network Monitor
[28/03/2008|21:34] C:\Program Files\Malwarebytes' Anti-Malware
[22/03/2007|16:50] C:\Program Files\Messenger
[28/03/2008|21:31] C:\Program Files\Messenger Plus! Live
[26/03/2007|08:28] C:\Program Files\microsoft frontpage
[26/03/2007|08:28] C:\Program Files\Microsoft Office
[11/04/2007|22:13] C:\Program Files\Microsoft Visual Studio
[22/03/2007|12:52] C:\Program Files\MouseWare
[22/03/2007|13:32] C:\Program Files\Movie Maker
[01/05/2008|19:32] C:\Program Files\Mozilla Firefox
[22/03/2007|12:45] C:\Program Files\MSN
[22/03/2007|12:45] C:\Program Files\MSN Gaming Zone
[03/02/2008|17:50] C:\Program Files\MSN Messenger
[22/03/2007|16:57] C:\Program Files\MSXML 4.0
[09/03/2008|14:55] C:\Program Files\MySpace
[26/03/2008|21:13] C:\Program Files\Navilog1
[22/03/2007|13:29] C:\Program Files\NetMeeting
[22/03/2007|15:21] C:\Program Files\Network Associates
[24/01/2008|14:50] C:\Program Files\Nvu
[10/04/2007|19:43] C:\Program Files\OpenOffice.org 2.2
[16/06/2007|19:21] C:\Program Files\Outlook Express
[04/01/2008|23:35] C:\Program Files\pacificpoker.exe
[21/10/2007|17:36] C:\Program Files\Photo Story 3 for Windows
[06/10/2007|20:18] C:\Program Files\Real
[22/03/2007|12:45] C:\Program Files\Services en ligne
[06/08/2007|18:27] C:\Program Files\Sony Setup
[03/02/2008|17:45] C:\Program Files\Spybot - Search & Destroy
[03/02/2008|18:47] C:\Program Files\Spyware Terminator
[08/03/2008|18:32] C:\Program Files\SUPERAntiSpyware
[28/04/2008|22:00] C:\Program Files\TI Education
[30/05/2007|20:59] C:\Program Files\Trust
[22/03/2007|12:51] C:\Program Files\Uninstall Information
[31/10/2007|23:14] C:\Program Files\Veoh Networks
[05/08/2007|17:45] C:\Program Files\VideoLAN
[12/03/2008|18:25] C:\Program Files\WebPopupKiller
[06/06/2007|12:53] C:\Program Files\Winamp
[12/04/2008|19:09] C:\Program Files\Windows Journal Viewer
[24/01/2008|14:51] C:\Program Files\Windows Live
[02/01/2008|14:52] C:\Program Files\Windows Live Toolbar
[22/03/2007|17:44] C:\Program Files\Windows Media Connect 2
[30/05/2007|20:56] C:\Program Files\Windows Media Player
[22/03/2007|13:28] C:\Program Files\Windows NT
[22/03/2007|16:17] C:\Program Files\WindowsUpdate
[22/03/2007|12:48] C:\Program Files\xerox
[09/06/2007|22:39] C:\Program Files\Zelda Return of the Hylian
[22/03/2007|19:25] C:\Program Files\Zone Labs

------[ Listing des dossiers dans C:\Program Files\Fichiers communs ]------

[08/03/2008|18:31] C:\Program Files\Fichiers communs\.
[08/03/2008|18:31] C:\Program Files\Fichiers communs\..
[10/02/2008|18:47] C:\Program Files\Fichiers communs\Adobe
[22/03/2007|15:21] C:\Program Files\Fichiers communs\Cisco Systems
[26/03/2007|08:30] C:\Program Files\Fichiers communs\Designer
[22/03/2007|20:30] C:\Program Files\Fichiers communs\Hewlett-Packard
[02/04/2007|10:15] C:\Program Files\Fichiers communs\InstallShield
[23/03/2007|20:51] C:\Program Files\Fichiers communs\Java
[22/03/2007|12:52] C:\Program Files\Fichiers communs\Logitech
[06/08/2007|18:59] C:\Program Files\Fichiers communs\MAGIX Shared
[12/04/2008|19:09] C:\Program Files\Fichiers communs\Microsoft Shared
[22/03/2007|12:46] C:\Program Files\Fichiers communs\MSSoap
[22/03/2007|15:20] C:\Program Files\Fichiers communs\Network Associates
[22/03/2007|12:41] C:\Program Files\Fichiers communs\ODBC
[30/05/2007|20:59] C:\Program Files\Fichiers communs\PCCamera
[06/10/2007|20:19] C:\Program Files\Fichiers communs\Real
[22/03/2007|12:46] C:\Program Files\Fichiers communs\Services
[22/03/2007|12:41] C:\Program Files\Fichiers communs\SpeechEngines
[16/06/2007|19:21] C:\Program Files\Fichiers communs\System
[02/01/2008|13:08] C:\Program Files\Fichiers communs\WindowsLiveInstaller
[08/03/2008|18:31] C:\Program Files\Fichiers communs\Wise Installation Wizard
[06/10/2007|20:19] C:\Program Files\Fichiers communs\xing shared

----------------------[ Recherche avec S_Lop ]---------------------

Aucun fichier / dossier Lop trouvé !

-----------------[ Recherche de Fichiers / Dossiers Lop ]-----------------

C:\DOCUME~1\ALLUSE~1\APPLIC~1\Part Hide Grey Pop
C:\DOCUME~1\ALLUSE~1\APPLIC~1\Part Hide Grey Pop\Cast Mix.exe
C:\WINDOWS\Tasks\AD61928D918A0651.job

----------------------[ Verification du Registre ]----------------------

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Grey pop cake audio"="C:\\Documents and Settings\\All Users\\Application Data\\Part Hide Grey Pop\\Cast Mix.exe"

--------------------[ Verification du fichier Hosts ]---------------------

Fichier Hosts PROPRE


----------------[ Recherche de fichiers avec Catchme ]-----------------

catchme 0.3.1262 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-05-01 21:47:49
Windows 5.1.2600 Service Pack 2 NTFS
scanning hidden files ...
scan completed successfully
hidden files: 0

--------------------[ Recherche d'autres infections ]---------------------

Aucune autre infection trouvée !

/!\ [Fich:454][Doss:11] C:\DOCUME~1\Sandie\LOCALS~1\Temp
/!\ [Fich:74][Doss:0] C:\DOCUME~1\Sandie\Cookies
/!\ [Fich:10934][Doss:12] C:\DOCUME~1\Sandie\LOCALS~1\TEMPOR~1\content.IE5

--------------------[ Fin du rapport a 21:49:01,35 ]----------------------

Re,

Relance Lop S&D

Choisis cette fois ci l'Option 2 (Suppression)

Ne ferme pas la fenêtre lors de la suppression !

Poste le rapport généré (C:\lopR.txt)

(Si le Bureau ne réapparaît pas, presse Ctrl + Alt + Suppr , Onglet Fichier , Nouvelle tâche , tape explorer.exe et valide)

-----------------------[ Lop S&D 4.1.0-2 XP/Vista ]---------------------

[ Windows XP (NT 5.1) Build 2600, Service Pack 2 ]
[ USER : Sandie ] [ "C:\Lop SD" ]
[ 01/05/2008 | 22:32:08,37 ] [ PC : SALON ]
[ MAJ : 26-03-2008 | 13:15 ]

\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\ SUPPRESSION /////////////////////////////

Supprimé! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\Part Hide Grey Pop\Cast Mix.exe
Supprimé! - C:\WINDOWS\Tasks\AD61928D918A0651.job
Supprimé! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\Part Hide Grey Pop

//////////////////////////////////////-\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\


-------------[ Listing des dossiers dans Application Data ]------------

[01/05/2008|22:32] C:\DOCUME~1\ALLUSE~1\APPLIC~1\.
[01/05/2008|22:32] C:\DOCUME~1\ALLUSE~1\APPLIC~1\..
[10/02/2008|18:47] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe
[02/01/2008|19:31] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple Computer
[22/03/2007|12:41] C:\DOCUME~1\ALLUSE~1\APPLIC~1\desktop.ini
[29/03/2007|19:19] C:\DOCUME~1\ALLUSE~1\APPLIC~1\ESTsoft
[22/03/2007|20:36] C:\DOCUME~1\ALLUSE~1\APPLIC~1\hpzinstall.log
[28/03/2008|21:34] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Malwarebytes
[16/06/2007|19:23] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Messenger Plus!
[12/02/2008|23:24] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft
[22/03/2007|15:21] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Network Associates
[02/01/2008|13:43] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Prevx
[22/03/2007|12:53] C:\DOCUME~1\ALLUSE~1\APPLIC~1\SBSI
[03/02/2008|17:43] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Spybot - Search & Destroy
[08/03/2008|18:32] C:\DOCUME~1\ALLUSE~1\APPLIC~1\SUPERAntiSpyware.com
[22/03/2007|16:42] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Genuine Advantage
[20/10/2007|18:50] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Live Toolbar
[02/01/2008|13:03] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WLInstaller

[22/03/2007|12:41] C:\DOCUME~1\DEFAUL~1\APPLIC~1\.
[22/03/2007|12:41] C:\DOCUME~1\DEFAUL~1\APPLIC~1\..
[22/03/2007|12:41] C:\DOCUME~1\DEFAUL~1\APPLIC~1\desktop.ini
[22/03/2007|12:51] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Identities
[22/03/2007|12:40] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft

[20/03/2008|20:40] C:\DOCUME~1\FRANOI~1\APPLIC~1\.
[20/03/2008|20:40] C:\DOCUME~1\FRANOI~1\APPLIC~1\..
[08/07/2007|21:20] C:\DOCUME~1\FRANOI~1\APPLIC~1\ABBYY
[09/04/2008|18:38] C:\DOCUME~1\FRANOI~1\APPLIC~1\Adobe
[01/05/2008|11:56] C:\DOCUME~1\FRANOI~1\APPLIC~1\comp bolt eggs
[22/03/2007|12:41] C:\DOCUME~1\FRANOI~1\APPLIC~1\desktop.ini
[08/04/2007|10:09] C:\DOCUME~1\FRANOI~1\APPLIC~1\ESTsoft
[08/07/2007|21:29] C:\DOCUME~1\FRANOI~1\APPLIC~1\Google
[20/03/2008|20:40] C:\DOCUME~1\FRANOI~1\APPLIC~1\Help
[18/09/2007|19:16] C:\DOCUME~1\FRANOI~1\APPLIC~1\Hewlett-Packard
[26/03/2007|23:41] C:\DOCUME~1\FRANOI~1\APPLIC~1\Identities
[21/02/2008|21:08] C:\DOCUME~1\FRANOI~1\APPLIC~1\Macromedia
[25/03/2007|22:42] C:\DOCUME~1\FRANOI~1\APPLIC~1\MessengerSkinner
[02/01/2008|13:17] C:\DOCUME~1\FRANOI~1\APPLIC~1\Microsoft
[22/03/2007|23:29] C:\DOCUME~1\FRANOI~1\APPLIC~1\Mozilla
[14/02/2008|19:54] C:\DOCUME~1\FRANOI~1\APPLIC~1\MySpace
[02/01/2008|13:43] C:\DOCUME~1\FRANOI~1\APPLIC~1\PrevxCSI
[07/12/2007|23:19] C:\DOCUME~1\FRANOI~1\APPLIC~1\Real
[07/04/2007|19:25] C:\DOCUME~1\FRANOI~1\APPLIC~1\Sun
[08/03/2008|18:32] C:\DOCUME~1\FRANOI~1\APPLIC~1\SUPERAntiSpyware.com
[24/05/2007|22:45] C:\DOCUME~1\FRANOI~1\APPLIC~1\vlc

[08/03/2008|16:05] C:\DOCUME~1\INVIT~1\APPLIC~1\.
[08/03/2008|16:05] C:\DOCUME~1\INVIT~1\APPLIC~1\..
[22/03/2007|12:41] C:\DOCUME~1\INVIT~1\APPLIC~1\desktop.ini
[22/03/2007|12:51] C:\DOCUME~1\INVIT~1\APPLIC~1\Identities
[31/12/2007|15:51] C:\DOCUME~1\INVIT~1\APPLIC~1\Macromedia
[31/12/2007|17:38] C:\DOCUME~1\INVIT~1\APPLIC~1\Microsoft
[31/12/2007|15:44] C:\DOCUME~1\INVIT~1\APPLIC~1\Mozilla
[08/03/2008|16:05] C:\DOCUME~1\INVIT~1\APPLIC~1\MySpace
[31/12/2007|15:44] C:\DOCUME~1\INVIT~1\APPLIC~1\Real

[13/10/2007|10:13] C:\DOCUME~1\Jeff\APPLIC~1\.
[13/10/2007|10:13] C:\DOCUME~1\Jeff\APPLIC~1\..
[29/03/2007|20:16] C:\DOCUME~1\Jeff\APPLIC~1\ABBYY
[22/03/2007|17:17] C:\DOCUME~1\Jeff\APPLIC~1\Adobe
[22/04/2007|00:40] C:\DOCUME~1\Jeff\APPLIC~1\Apple Computer
[22/03/2007|12:41] C:\DOCUME~1\Jeff\APPLIC~1\desktop.ini
[29/03/2007|19:19] C:\DOCUME~1\Jeff\APPLIC~1\ESTsoft
[26/03/2007|22:22] C:\DOCUME~1\Jeff\APPLIC~1\Hewlett-Packard
[26/03/2007|22:25] C:\DOCUME~1\Jeff\APPLIC~1\HPCOM_48BitScanUpdate.log
[22/03/2007|12:51] C:\DOCUME~1\Jeff\APPLIC~1\Identities
[22/03/2007|18:12] C:\DOCUME~1\Jeff\APPLIC~1\Macromedia
[10/04/2007|19:21] C:\DOCUME~1\Jeff\APPLIC~1\MailFrontier
[24/01/2008|14:36] C:\DOCUME~1\Jeff\APPLIC~1\Microsoft
[26/03/2007|08:28] C:\DOCUME~1\Jeff\APPLIC~1\Microsoft Web Folders
[22/03/2007|16:15] C:\DOCUME~1\Jeff\APPLIC~1\Mozilla
[14/04/2007|14:52] C:\DOCUME~1\Jeff\APPLIC~1\Notepad++
[14/04/2007|14:47] C:\DOCUME~1\Jeff\APPLIC~1\Nvu
[15/04/2007|19:24] C:\DOCUME~1\Jeff\APPLIC~1\OpenOffice.org2
[13/10/2007|10:13] C:\DOCUME~1\Jeff\APPLIC~1\Real
[27/03/2007|01:06] C:\DOCUME~1\Jeff\APPLIC~1\Sun
[11/04/2007|21:42] C:\DOCUME~1\Jeff\APPLIC~1\vlc

[22/03/2007|12:51] C:\DOCUME~1\LOCALS~1\APPLIC~1\.
[22/03/2007|12:51] C:\DOCUME~1\LOCALS~1\APPLIC~1\..
[22/03/2007|18:14] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft

[22/03/2007|12:51] C:\DOCUME~1\NETWOR~1\APPLIC~1\.
[22/03/2007|12:51] C:\DOCUME~1\NETWOR~1\APPLIC~1\..
[02/01/2008|13:32] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft

[22/03/2007|12:41] C:\DOCUME~1\PROPRI~1\APPLIC~1\.
[22/03/2007|12:41] C:\DOCUME~1\PROPRI~1\APPLIC~1\..
[22/03/2007|12:41] C:\DOCUME~1\PROPRI~1\APPLIC~1\desktop.ini
[22/03/2007|12:51] C:\DOCUME~1\PROPRI~1\APPLIC~1\Identities
[22/03/2007|12:40] C:\DOCUME~1\PROPRI~1\APPLIC~1\Microsoft

[28/03/2008|21:35] C:\DOCUME~1\Sandie\APPLIC~1\.
[28/03/2008|21:35] C:\DOCUME~1\Sandie\APPLIC~1\..
[09/04/2008|14:22] C:\DOCUME~1\Sandie\APPLIC~1\Adobe
[20/05/2007|21:47] C:\DOCUME~1\Sandie\APPLIC~1\Apple Computer
[14/02/2008|21:05] C:\DOCUME~1\Sandie\APPLIC~1\comp bolt eggs
[22/03/2007|12:41] C:\DOCUME~1\Sandie\APPLIC~1\desktop.ini
[17/04/2007|22:09] C:\DOCUME~1\Sandie\APPLIC~1\ESTsoft
[22/03/2007|20:37] C:\DOCUME~1\Sandie\APPLIC~1\Hewlett-Packard
[22/03/2007|12:51] C:\DOCUME~1\Sandie\APPLIC~1\Identities
[14/10/2007|22:08] C:\DOCUME~1\Sandie\APPLIC~1\Macromedia
[28/03/2008|21:35] C:\DOCUME~1\Sandie\APPLIC~1\Malwarebytes
[13/01/2008|16:10] C:\DOCUME~1\Sandie\APPLIC~1\Microsoft
[22/03/2007|20:20] C:\DOCUME~1\Sandie\APPLIC~1\Mozilla
[12/02/2008|23:24] C:\DOCUME~1\Sandie\APPLIC~1\MySpace
[15/04/2008|12:03] C:\DOCUME~1\Sandie\APPLIC~1\OpenOffice.org2
[06/10/2007|20:23] C:\DOCUME~1\Sandie\APPLIC~1\Real
[23/12/2007|12:29] C:\DOCUME~1\Sandie\APPLIC~1\Screenshot Sender
[22/04/2007|14:08] C:\DOCUME~1\Sandie\APPLIC~1\Sun
[18/03/2008|21:24] C:\DOCUME~1\Sandie\APPLIC~1\SUPERAntiSpyware.com
[28/03/2007|22:07] C:\DOCUME~1\Sandie\APPLIC~1\vlc

----------------[ Tâches planifiées dans C:\WINDOWS\tasks ]---------------

[01/05/2008 19:37][--a------] C:\WINDOWS\tasks\FRU Task #Hewlett-Packard#hp psc 1100 series#1174588571.job
[01/05/2008 19:26][--ah-----] C:\WINDOWS\tasks\SA.DAT
[28/08/2001 13:00][-r-h-c---] C:\WINDOWS\tasks\desktop.ini

---------------[ Listing des dossiers dans C:\Program Files ]--------------

[01/05/2008|11:56] C:\Program Files\.
[01/05/2008|11:56] C:\Program Files\..
[02/01/2008|14:46] C:\Program Files\ABBYY FineReader 8.0 Professional Edition
[10/02/2008|18:46] C:\Program Files\Adobe
[29/05/2007|20:32] C:\Program Files\Alcohol Soft
[01/04/2007|19:36] C:\Program Files\ArcSoft
[28/03/2007|18:21] C:\Program Files\Axon Data
[13/11/2007|21:36] C:\Program Files\BearShare
[06/08/2007|19:42] C:\Program Files\Buzz
[12/03/2008|18:21] C:\Program Files\Casperlab Software
[08/03/2008|16:37] C:\Program Files\CCleaner
[29/05/2007|20:42] C:\Program Files\CDBurnerXP Pro 3
[12/12/2007|22:13] C:\Program Files\CDex_170b2
[01/05/2008|11:56] C:\Program Files\comp bolt eggs
[22/03/2007|12:45] C:\Program Files\ComPlus Applications
[02/09/2007|19:46] C:\Program Files\DivX
[30/03/2008|15:59] C:\Program Files\Dofus
[22/04/2007|19:47] C:\Program Files\EHMINSTALL
[29/03/2007|19:19] C:\Program Files\ESTsoft
[03/02/2008|17:32] C:\Program Files\Everest Poker
[08/03/2008|18:31] C:\Program Files\Fichiers communs
[28/05/2007|19:32] C:\Program Files\FileZilla
[11/04/2007|19:37] C:\Program Files\FLVPlayer
[28/05/2007|19:53] C:\Program Files\Free Audio Pack
[24/01/2008|14:49] C:\Program Files\Gimp
[08/07/2007|21:27] C:\Program Files\Google
[08/04/2007|11:46] C:\Program Files\Guitar Pro 4
[24/01/2008|14:50] C:\Program Files\GuitarFX 3
[22/03/2007|20:35] C:\Program Files\Hewlett-Packard
[26/03/2007|22:24] C:\Program Files\HP
[11/04/2007|21:53] C:\Program Files\i2p
[29/05/2007|21:14] C:\Program Files\InfraRecorder
[09/04/2008|18:31] C:\Program Files\InstallShield Installation Information
[09/04/2008|22:54] C:\Program Files\Internet Explorer
[08/03/2008|18:30] C:\Program Files\Java
[06/08/2007|18:43] C:\Program Files\Jeskola Buzz
[25/08/2007|16:28] C:\Program Files\Linksys Wireless-G PCI Wireless Network Monitor
[28/03/2008|21:34] C:\Program Files\Malwarebytes' Anti-Malware
[22/03/2007|16:50] C:\Program Files\Messenger
[28/03/2008|21:31] C:\Program Files\Messenger Plus! Live
[26/03/2007|08:28] C:\Program Files\microsoft frontpage
[26/03/2007|08:28] C:\Program Files\Microsoft Office
[11/04/2007|22:13] C:\Program Files\Microsoft Visual Studio
[22/03/2007|12:52] C:\Program Files\MouseWare
[22/03/2007|13:32] C:\Program Files\Movie Maker
[01/05/2008|22:32] C:\Program Files\Mozilla Firefox
[22/03/2007|12:45] C:\Program Files\MSN
[22/03/2007|12:45] C:\Program Files\MSN Gaming Zone
[03/02/2008|17:50] C:\Program Files\MSN Messenger
[22/03/2007|16:57] C:\Program Files\MSXML 4.0
[09/03/2008|14:55] C:\Program Files\MySpace
[26/03/2008|21:13] C:\Program Files\Navilog1
[22/03/2007|13:29] C:\Program Files\NetMeeting
[22/03/2007|15:21] C:\Program Files\Network Associates
[24/01/2008|14:50] C:\Program Files\Nvu
[10/04/2007|19:43] C:\Program Files\OpenOffice.org 2.2
[16/06/2007|19:21] C:\Program Files\Outlook Express
[04/01/2008|23:35] C:\Program Files\pacificpoker.exe
[21/10/2007|17:36] C:\Program Files\Photo Story 3 for Windows
[06/10/2007|20:18] C:\Program Files\Real
[22/03/2007|12:45] C:\Program Files\Services en ligne
[06/08/2007|18:27] C:\Program Files\Sony Setup
[03/02/2008|17:45] C:\Program Files\Spybot - Search & Destroy
[03/02/2008|18:47] C:\Program Files\Spyware Terminator
[08/03/2008|18:32] C:\Program Files\SUPERAntiSpyware
[28/04/2008|22:00] C:\Program Files\TI Education
[30/05/2007|20:59] C:\Program Files\Trust
[22/03/2007|12:51] C:\Program Files\Uninstall Information
[31/10/2007|23:14] C:\Program Files\Veoh Networks
[05/08/2007|17:45] C:\Program Files\VideoLAN
[12/03/2008|18:25] C:\Program Files\WebPopupKiller
[06/06/2007|12:53] C:\Program Files\Winamp
[12/04/2008|19:09] C:\Program Files\Windows Journal Viewer
[24/01/2008|14:51] C:\Program Files\Windows Live
[02/01/2008|14:52] C:\Program Files\Windows Live Toolbar
[22/03/2007|17:44] C:\Program Files\Windows Media Connect 2
[30/05/2007|20:56] C:\Program Files\Windows Media Player
[22/03/2007|13:28] C:\Program Files\Windows NT
[22/03/2007|16:17] C:\Program Files\WindowsUpdate
[22/03/2007|12:48] C:\Program Files\xerox
[09/06/2007|22:39] C:\Program Files\Zelda Return of the Hylian
[22/03/2007|19:25] C:\Program Files\Zone Labs

------[ Listing des dossiers dans C:\Program Files\Fichiers communs ]------

[08/03/2008|18:31] C:\Program Files\Fichiers communs\.
[08/03/2008|18:31] C:\Program Files\Fichiers communs\..
[10/02/2008|18:47] C:\Program Files\Fichiers communs\Adobe
[22/03/2007|15:21] C:\Program Files\Fichiers communs\Cisco Systems
[26/03/2007|08:30] C:\Program Files\Fichiers communs\Designer
[22/03/2007|20:30] C:\Program Files\Fichiers communs\Hewlett-Packard
[02/04/2007|10:15] C:\Program Files\Fichiers communs\InstallShield
[23/03/2007|20:51] C:\Program Files\Fichiers communs\Java
[22/03/2007|12:52] C:\Program Files\Fichiers communs\Logitech
[06/08/2007|18:59] C:\Program Files\Fichiers communs\MAGIX Shared
[12/04/2008|19:09] C:\Program Files\Fichiers communs\Microsoft Shared
[22/03/2007|12:46] C:\Program Files\Fichiers communs\MSSoap
[22/03/2007|15:20] C:\Program Files\Fichiers communs\Network Associates
[22/03/2007|12:41] C:\Program Files\Fichiers communs\ODBC
[30/05/2007|20:59] C:\Program Files\Fichiers communs\PCCamera
[06/10/2007|20:19] C:\Program Files\Fichiers communs\Real
[22/03/2007|12:46] C:\Program Files\Fichiers communs\Services
[22/03/2007|12:41] C:\Program Files\Fichiers communs\SpeechEngines
[16/06/2007|19:21] C:\Program Files\Fichiers communs\System
[02/01/2008|13:08] C:\Program Files\Fichiers communs\WindowsLiveInstaller
[08/03/2008|18:31] C:\Program Files\Fichiers communs\Wise Installation Wizard
[06/10/2007|20:19] C:\Program Files\Fichiers communs\xing shared

----------------------[ Recherche avec S_Lop ]---------------------

Aucun fichier / dossier Lop trouvé !

-----------------[ Recherche de Fichiers / Dossiers Lop ]-----------------

Aucun fichier / dossier Lop trouvé !

----------------------[ Verification du Registre ]----------------------

..... OK !

--------------------[ Verification du fichier Hosts ]---------------------

Fichier Hosts PROPRE


----------------[ Recherche de fichiers avec Catchme ]-----------------

catchme 0.3.1262 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-05-01 22:33:45
Windows 5.1.2600 Service Pack 2 NTFS
scanning hidden files ...
scan completed successfully
hidden files: 0

--------------------[ Recherche d'autres infections ]---------------------

Aucune autre infection trouvée !

/!\ [Fich:454][Doss:12] C:\DOCUME~1\Sandie\LOCALS~1\Temp
/!\ [Fich:74][Doss:0] C:\DOCUME~1\Sandie\Cookies
/!\ [Fich:10934][Doss:12] C:\DOCUME~1\Sandie\LOCALS~1\TEMPOR~1\content.IE5

--------------------[ Fin du rapport a 22:34:33,48 ]----------------------

Reposte un rapport Hijackthis.

Logfile of HijackThis v1.99.1
Scan saved at 22:49:51, on 01/05/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16640)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Network Associates\Common Framework\FrameworkService.exe
C:\Program Files\Network Associates\VirusScan\Mcshield.exe
C:\Program Files\Network Associates\VirusScan\VsTskMgr.exe
C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe
C:\WINDOWS\System32\PAStiSvc.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Linksys Wireless-G PCI Wireless Network Monitor\WLService.exe
C:\Program Files\Linksys Wireless-G PCI Wireless Network Monitor\WMP54Gv4.exe
C:\WINDOWS\system32\atiptaxx.exe
C:\PROGRA~1\MOUSEW~1\SYSTEM\EM_EXEC.EXE
C:\Program Files\Network Associates\VirusScan\SHSTAT.EXE
C:\Program Files\Network Associates\Common Framework\UpdaterUI.exe
C:\Program Files\Fichiers communs\Network Associates\TalkBack\TBMon.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Veoh Networks\Veoh\VeohClient.exe
C:\PROGRA~1\Mozilla Firefox\firefox.exe
C:\Program Files\Windows Live\Messenger\usnsvc.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\explorer.exe
C:\Documents and Settings\Sandie\Bureau\hijackthis\Scanner.exe.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O3 - Toolbar: Veoh Browser Plug-in - {D0943516-5076-4020-A3B5-AEFAF26AB263} - C:\Program Files\Veoh Networks\Veoh\Plugins\reg\VeohToolbar.dll
O4 - HKLM\..\Run: [AtiPTA] atiptaxx.exe
O4 - HKLM\..\Run: [EM_EXEC] C:\PROGRA~1\MOUSEW~1\SYSTEM\EM_EXEC.EXE
O4 - HKLM\..\Run: [ShStatEXE] "C:\Program Files\Network Associates\VirusScan\SHSTAT.EXE" /STANDALONE
O4 - HKLM\..\Run: [McAfeeUpdaterUI] "C:\Program Files\Network Associates\Common Framework\UpdaterUI.exe" /StartedFromRunKey
O4 - HKLM\..\Run: [Network Associates Error Reporting Service] "C:\Program Files\Fichiers communs\Network Associates\TalkBack\TBMon.exe"
O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Veoh] "C:\Program Files\Veoh Networks\Veoh\VeohClient.exe" /VeohHide
O8 - Extra context menu item: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O11 - Options group: [INTERNATIONAL] International*
O14 - IERESET.INF: START_PAGE_URL=http://www.planetis.com/
O16 - DPF: {2250C29C-C5E9-4F55-BE4E-01E45A40FCF1} (CMediaMix Object) - http://musicmix.messenger.msn.com/Medialogic.CAB
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.ca...
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls...
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPACl...
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: Service Framework McAfee (McAfeeFramework) - Network Associates, Inc. - C:\Program Files\Network Associates\Common Framework\FrameworkService.exe
O23 - Service: Network Associates McShield (McShield) - Network Associates, Inc. - C:\Program Files\Network Associates\VirusScan\Mcshield.exe
O23 - Service: Network Associates Task Manager (McTaskManager) - Network Associates, Inc. - C:\Program Files\Network Associates\VirusScan\VsTskMgr.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: StarWind iSCSI Service (StarWindService) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe
O23 - Service: STI Simulator - Unknown owner - C:\WINDOWS\System32\PAStiSvc.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe
O23 - Service: WMP54Gv4SVC - Unknown owner - C:\Program Files\Linksys Wireless-G PCI Wireless Network Monitor\WLService.exe" "WMP54Gv4.exe (file missing)

Re,

Télécharge OTMoveIt (d'OldTimer). Sauvegarde-le sur ton Bureau.
Sélectionne tous les emplacements dans le cadre ci-dessous :


---> Clique-droit puis Copier (ou Ctrl+C)

Double-clique sur OTMoveIt.exe afin de le lancer.
Fais un Clique-droit sur le cadre de gauche puis choisis Coller (ou Ctrl+V).
Clique maintenant sur [#ff0000]MoveIt![/#f]

[#ff0000]Si un fichier ou dossier ne peut pas être supprimé immédiatement, le logiciel te demandera de redémarrer.
Accepte en cliquant sur YES.[/#f]

Poste le rapport situé dans ce dossier : C:\_OTMoveIt\MovedFiles\
Le nom du rapport correspond au moment de sa création : date_heure.log

->Informations sur le logiciel<-

re


C:\DOCUME~1\FRANOI~1\APPLIC~1\comp bolt eggs moved successfully.
C:\DOCUME~1\FRANOI~1\APPLIC~1\MessengerSkinner\Userdata moved successfully.
C:\DOCUME~1\FRANOI~1\APPLIC~1\MessengerSkinner moved successfully.
C:\Program Files\comp bolt eggs moved successfully.

OTMoveIt2 by OldTimer - Version 1.0.4.1 log created on 05042008_162146

Reposte un rapport Hijackthis.

Logfile of HijackThis v1.99.1
Scan saved at 23:05:37, on 04/05/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16640)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Network Associates\Common Framework\FrameworkService.exe
C:\Program Files\Network Associates\VirusScan\Mcshield.exe
C:\Program Files\Network Associates\VirusScan\VsTskMgr.exe
C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe
C:\WINDOWS\System32\PAStiSvc.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Linksys Wireless-G PCI Wireless Network Monitor\WLService.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\atiptaxx.exe
C:\PROGRA~1\MOUSEW~1\SYSTEM\EM_EXEC.EXE
C:\Program Files\Network Associates\VirusScan\SHSTAT.EXE
C:\Program Files\Network Associates\Common Framework\UpdaterUI.exe
C:\Program Files\Fichiers communs\Network Associates\TalkBack\TBMon.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Veoh Networks\Veoh\VeohClient.exe
C:\Program Files\Linksys Wireless-G PCI Wireless Network Monitor\WMP54Gv4.exe
C:\PROGRA~1\Mozilla Firefox\firefox.exe
C:\Program Files\Windows Live\Messenger\usnsvc.exe
C:\Documents and Settings\Sandie\Bureau\hijackthis\Scanner.exe.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O3 - Toolbar: Veoh Browser Plug-in - {D0943516-5076-4020-A3B5-AEFAF26AB263} - C:\Program Files\Veoh Networks\Veoh\Plugins\reg\VeohToolbar.dll
O4 - HKLM\..\Run: [AtiPTA] atiptaxx.exe
O4 - HKLM\..\Run: [EM_EXEC] C:\PROGRA~1\MOUSEW~1\SYSTEM\EM_EXEC.EXE
O4 - HKLM\..\Run: [ShStatEXE] "C:\Program Files\Network Associates\VirusScan\SHSTAT.EXE" /STANDALONE
O4 - HKLM\..\Run: [McAfeeUpdaterUI] "C:\Program Files\Network Associates\Common Framework\UpdaterUI.exe" /StartedFromRunKey
O4 - HKLM\..\Run: [Network Associates Error Reporting Service] "C:\Program Files\Fichiers communs\Network Associates\TalkBack\TBMon.exe"
O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Veoh] "C:\Program Files\Veoh Networks\Veoh\VeohClient.exe" /VeohHide
O8 - Extra context menu item: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O11 - Options group: [INTERNATIONAL] International*
O14 - IERESET.INF: START_PAGE_URL=http://www.planetis.com/
O16 - DPF: {2250C29C-C5E9-4F55-BE4E-01E45A40FCF1} (CMediaMix Object) - http://musicmix.messenger.msn.com/Medialogic.CAB
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.ca...
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls...
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPACl...
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: Service Framework McAfee (McAfeeFramework) - Network Associates, Inc. - C:\Program Files\Network Associates\Common Framework\FrameworkService.exe
O23 - Service: Network Associates McShield (McShield) - Network Associates, Inc. - C:\Program Files\Network Associates\VirusScan\Mcshield.exe
O23 - Service: Network Associates Task Manager (McTaskManager) - Network Associates, Inc. - C:\Program Files\Network Associates\VirusScan\VsTskMgr.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: StarWind iSCSI Service (StarWindService) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe
O23 - Service: STI Simulator - Unknown owner - C:\WINDOWS\System32\PAStiSvc.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe
O23 - Service: WMP54Gv4SVC - Unknown owner - C:\Program Files\Linksys Wireless-G PCI Wireless Network Monitor\WLService.exe" "WMP54Gv4.exe (file missing)

Encore des soucis ?

hum non pas de pub depuis 1h! ca a l'air de marcher  
MERCI ANGELDARK ^^ je te dirai si j'ai d'autre problemes. compte sur moi haha

Ok  

Télécharge ToolsCleaner sur ton Bureau.

Clique sur Recherche et laisse le scan se terminer.

Clique sur Suppression pour finaliser.

Clique sur Quitter, pour que le rapport puisse se créer.

Poste le rapport (TCleaner.txt) qui se trouve à la racine de ton disque dur (C:\)

Désactive puis réactive la restauration du système : Voir aide

Ajoute maintenant [Résolu] au titre de ton sujet. Pour cela :
* Clique dans ton premier message sur le bouton "Editer" :
* Rajoute la mention [Résolu] au titre
* Clique ensuite sur "Valider votre message"

Lis le dossier dossier sur la prévention et la protection pour ne plus avoir ce genre de problème en cliquant sur l'image ci-dessous :

-->- Recherche:

C:\Lop SD: trouvé !
C:\_OtMoveIt: trouvé !
C:\Documents and Settings\All Users\Bureau\Navilog1.lnk: trouvé !
C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Navilog1: trouvé !
C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Navilog1\Navilog1.lnk: trouvé !
C:\Documents and Settings\Sandie\Bureau\Lop S&D.lnk: trouvé !
C:\Documents and Settings\Sandie\Bureau\LopSD.exe: trouvé !
C:\Documents and Settings\Sandie\Bureau\BtFix.zip: trouvé !
C:\Documents and Settings\Sandie\Bureau\OtMoveIt2.exe: trouvé !
C:\Documents and Settings\Sandie\Bureau\Navilog1.exe: trouvé !
C:\Documents and Settings\Sandie\Bureau\HijackThis: trouvé !
C:\Documents and Settings\Sandie\Bureau\Btfix: trouvé !
C:\Documents and Settings\Sandie\Bureau\BTFix\Btfix: trouvé !
C:\Documents and Settings\Sandie\Menu Démarrer\Programmes\Lop S&D: trouvé !
C:\Documents and Settings\Sandie\Recent\HijackThis.lnk: trouvé !
C:\Lop SD\Lop S&D.lnk: trouvé !
C:\Program Files\Navilog1: trouvé !
C:\Program Files\Navilog1\Navilog1.bat: trouvé !

---------------------------------
-->- Suppression:

C:\Documents and Settings\All Users\Bureau\Navilog1.lnk: supprimé !
C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Navilog1\Navilog1.lnk: supprimé !
C:\Documents and Settings\Sandie\Bureau\Lop S&D.lnk: supprimé !
C:\Documents and Settings\Sandie\Bureau\LopSD.exe: supprimé !
C:\Documents and Settings\Sandie\Bureau\BtFix.zip: supprimé !
C:\Documents and Settings\Sandie\Bureau\OtMoveIt2.exe: supprimé !
C:\Documents and Settings\Sandie\Bureau\Navilog1.exe: supprimé !
C:\Documents and Settings\Sandie\Recent\HijackThis.lnk: supprimé !
C:\Lop SD\Lop S&D.lnk: supprimé !
C:\Program Files\Navilog1\Navilog1.bat: supprimé !
C:\Lop SD: supprimé !
C:\_OtMoveIt: supprimé !
C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Navilog1: supprimé !
C:\Documents and Settings\Sandie\Bureau\HijackThis: supprimé !
C:\Documents and Settings\Sandie\Bureau\Btfix: supprimé !
C:\Documents and Settings\Sandie\Menu Démarrer\Programmes\Lop S&D: supprimé !
C:\Program Files\Navilog1: supprimé !

Bonne continuation