PC infecté [Résolu] - Sécurité - Virus

TomsGuide.com : 700 000 inscrits répondent à toutes vos questions high-tech et informatique.
Pour obtenir de l'aide, inscrivez-vous gratuitement !

FORUM Infos-du-Net

Sujet auquel vous répondez
Sujet : PC infecté [Résolu]
denise26	Pourriez-vous m'aider à désinfecter mon PC ? comme je vous l'explique dans mon précédent message, j'ai des pages de pubs qui s'ouvrent de façon intempestives : comme faire pour m'en débarrasser ? Je vous ai envoyé un rapport mais je n'ai pas de réponse. Est-ce normal?

J'ai terminé tout ce que tu m'as dit de faire, sauf que pour le rapport TCleaner.txt je crois que j'ai quitté trop vite aussi quand j'ai recommencé, forcément il n'y avait plus rien dans le rapport. Est-ce important ?
A part ça tout marche très bien, apparemment tout est rentré dans l'ordre, c'est vraiment super de pouvoir avoir une aide aussi efficace ! Mille merci !!!

Egwene

C’est OK, tu ne seras plus infecté(e) quand tu auras fait TOUTES les manip’ ci-dessous :p

1) Télécharge ToolsCleaner sur ton bureau.
http://www.commentcamarche.net/tel [...] nions.php3

Ce programme va te faire désinstaller tous les outils que je t’ai faits utiliser.

Clique sur Recherche et laisse le scan agir ...
Clique sur Suppression pour finaliser.
Tu peux, si tu le souhaites, te servir des Options facultatives.
Clique sur Quitter pour obtenir le rapport.
Poste le rapport (TCleaner.txt) qui se trouve à la racine de ton disque dur (C:\).

2) Télécharge et installe Ccleaner :
http://www.01net.com/telecharger/w [...] 32599.html

Avant de cliquer sur le bouton "installer", décoche toutes les "options supplémentaires". Ensuite, clique sur "Options", "Avancé" et décoche la case "Effacer uniquement les fichiers, du dossier Temp de Windows, plus vieux que 48 heures". Clique sur l'onglet "Nettoyeur" puis sur "Lancer le Nettoyage".
Ensuite clique sur l'onglet Registre, clique sur "Chercher des erreurs" puis sur "Réparer les erreurs sélectionnées". Il est inutile de faire des sauvegardes des clés. Répète l'opération autant de fois qu'il le faut jusqu'à qu'il ne trouve plus d'erreurs.
Tutorial ici : http://www.infos-du-net.com/forum/ [...] nstruction

Désactive ta restauration systeme

Réactive ta restauration systeme

Tutorial ici : http://www.infos-du-net.com/forum/ [...] on-systeme

********************************************************************************

Ajoute maintenant [Résolu] au titre. Pour cela :
* Clique, dans ton premier message, sur le bouton "Editer" http://img.infos-du-net.com/forum/ [...] 3/edit.gif
* Rajoute la mention [Résolu] au titre
* Clique ensuite sur "Valider votre message"

Ce serait sympa de rapporter ton infection sur > Malware-Complaints < pour faire condamner ses auteurs

- Règles du forum <- ici
- Poster un message <- ici ( par Malekal )

Pour t'enregistrer clique sur le bouton register ( en haut )
Si tu as plus de 13 ans choisis " I Agree to these terms and am over or exactly 13 years of age "
Si tu as moins de 13 ans choisis " I Agree to these terms and am under 13 years of age "

Tu auras une liste par type d'infection
Si ton infection n'est pas dans la liste crée un message dans Autres infections

Ton infection :

a+ et bon surf :hello:

Quelques liens intéressants :

http://mickael.barroux.free.fr/securite/
http://www.malekal.com/
http://www.infos-du-net.com/forum/ [...] protection

denise26

Bonjour ! voici le nouveau rapport HijackThis ; Le PC a l'air d'aller mieux, je n'ai plus de fenêtres de pub qui s'ouvrent tout le temps : OUF !!!! grâce à ton aide, m'en voici débarrassée ! Merci encore.

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 16:07:07, on 11/05/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16640)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
C:\PROGRA~1\FICHIE~1\AOL\ACS\AOLacsd.exe
c:\APPS\Powercinema\Kernel\TV\CLCapSvc.exe
c:\APPS\Powercinema\Kernel\TV\CLSched.exe
C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLMLServer.exe
C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLMLService.exe
C:\WINDOWS\System32\FTRTSVC.exe
c:\APPS\HIDSERVICE\HIDSERVICE.exe
C:\Program Files\Fichiers communs\NMSAccessU.exe
C:\WINDOWS\system32\HPZipm12.exe
C:\WINDOWS\system32\slserv.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Winsos\WINSOS.EXE
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Wanadoo\GestionnaireInternet.exe
C:\Program Files\Wanadoo\ComComp.exe
C:\PROGRA~1\Wanadoo\Toaster.exe
C:\PROGRA~1\Wanadoo\Inactivity.exe
C:\PROGRA~1\Wanadoo\PollingModule.exe
C:\WINDOWS\System32\ALERTM~1\ALERTM~1.EXE
C:\Program Files\Wanadoo\Watch.exe
C:\PROGRA~1\Wanadoo\WOOBrowser\WOOBrowser.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://search.msn.fr/spbasic.htm
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://search.msn.fr/spbasic.htm
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://resultsmaster.com/SmartOffe [...] ftPane.htm
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Orange
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: torrent_search Toolbar - {f14b0ccd-aa41-4406-ab68-c5de9d85b4a3} - C:\Program Files\torrent_search\tbtorr.dll
O4 - HKLM\..\Run: [NI.UERSV_9999_N91S1912] "c:\documents and settings\nicou\application data\errorsafefrenchnewreleaseinstall[1].exe" -nag
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [WINSOS VERIFY] "C:\Program Files\Winsos\WINSOS.EXE" MINI
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [^SetupICWDesktop] (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - HKUS\.DEFAULT\..\RunOnce: [^SetupICWDesktop] (User 'Default user')
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: (no name) - {1A93C934-025B-4c3a-B38E-9654A7003239} - C:\WINDOWS\system32\shdocvw.dll
O9 - Extra 'Tools' menuitem: GamesBar - {1A93C934-025B-4c3a-B38E-9654A7003239} - C:\WINDOWS\system32\shdocvw.dll
O9 - Extra button: iGraal - {88F05591-0079-4c37-B138-5DA8BC1782EF} - C:\Program Files\iGraal\iGraal.dll
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messager Wanadoo - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\PROGRA~1\WANADO~1\Wanadoo Messager.exe
O9 - Extra 'Tools' menuitem: Messager Wanadoo - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\PROGRA~1\WANADO~1\Wanadoo Messager.exe
O14 - IERESET.INF: START_PAGE_URL=file://C:\APPS\IE\offline\fr.htm
O16 - DPF: {011F473E-0880-43D4-99F3-F490A84128AE} (GenimoWebGames Control) - http://jeuxentelechargement.orange [...] ontrol.cab
O16 - DPF: {3E82BB3F-ABE4-458D-9281-0187286A4E51} (VoxsyncCtrl Class) - http://contacts.orange.fr/wfr_webab/VoxsyncX.cab
O16 - DPF: {5308E02B-4ABA-48E4-AA9E-8A7693661473} (GameCtl Class) - http://jeuxenligne.orange.fr/GisActiveX/Ax/GameAx.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/micros [...] 9666819156
O16 - DPF: {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} (Zylom Games Player) - http://game10.zylom.com/activex/zylomgamesplayer.cab
O16 - DPF: {D0C0F75C-683A-4390-A791-1ACFD5599AB8} (Oberon Flash Game Host) - http://jeuxenligne.orange.fr/Games [...] meHost.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/ [...] wflash.cab
O16 - DPF: {EF148DBB-5B6D-4130-B2A1-661571E86260} (Playtime Games Launcher) - http://jeuxenligne.orange.fr/onlin [...] uncher.cab
O23 - Service: Avira AntiVir Personal – Free Antivirus Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: Avira AntiVir Personal – Free Antivirus Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: AOL Connectivity Service (AOL ACS) - America Online, Inc. - C:\PROGRA~1\FICHIE~1\AOL\ACS\AOLacsd.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: CyberLink Background Capture Service (CBCS) (CLCapSvc) - Unknown owner - c:\APPS\Powercinema\Kernel\TV\CLCapSvc.exe
O23 - Service: CyberLink Task Scheduler (CTS) (CLSched) - Unknown owner - c:\APPS\Powercinema\Kernel\TV\CLSched.exe
O23 - Service: CyberLink Media Library Service - Cyberlink - C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLMLServer.exe
O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom - C:\WINDOWS\System32\FTRTSVC.exe
O23 - Service: Generic Service for HID Keyboard Input Collections (GenericHidService) - Unknown owner - c:\APPS\HIDSERVICE\HIDSERVICE.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech, Inc. - C:\Program Files\Fichiers communs\Logishrd\Bluetooth\LBTServ.exe
O23 - Service: MysqlInventime - Unknown owner - c:\mysql\bin\mysqld-nt.exe
O23 - Service: NMSAccessU - Unknown owner - C:\Program Files\Fichiers communs\NMSAccessU.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: SmartLinkService (SLService) - - C:\WINDOWS\SYSTEM32\slserv.exe

--
End of file - 8181 bytes

Egwene

:hello: Bonsoir,

Bien :super:

Poste un nouveau rapport hijackthis.

Comment va le PC ? Toujours des problèmes ?

;)

denise26

Bonsoir, me revoilà après une semaine d'absence. J'ai fait tout ce que tu m'as dit, à part que je n'ai pas trouvé sur l'explorateur le dernier fichier à supprimer. J'ai téléchargé comme tu m'as indiqué, voici le rapport d'Antivir (qui est en anglais ce qui ne me facilite pas les choses !) :

Avira AntiVir Personal
Report file date: samedi 10 mai 2008 22:06

Scanning for 1165085 virus strains and unwanted programs.

Licensed to: Avira AntiVir PersonalEdition Classic
Serial number: 0000149996-ADJIE-0001
Platform: Windows XP
Windows version: (Service Pack 2) [5.1.2600]
Boot mode: Normally booted
Username: SYSTEM
Computer name: Nicole

Version information:
BUILD.DAT : 8.1.00.295 16479 Bytes 09/04/2008 16:24:00
AVSCAN.EXE : 8.1.2.12 311553 Bytes 18/03/2008 09:02:56
AVSCAN.DLL : 8.1.1.0 53505 Bytes 07/02/2008 08:43:37
LUKE.DLL : 8.1.2.9 151809 Bytes 28/02/2008 08:41:23
LUKERES.DLL : 8.1.2.1 12033 Bytes 21/02/2008 08:28:40
ANTIVIR0.VDF : 6.40.0.0 11030528 Bytes 18/07/2007 10:33:34
ANTIVIR1.VDF : 7.0.3.2 5447168 Bytes 07/03/2008 13:08:58
ANTIVIR2.VDF : 7.0.3.62 337408 Bytes 21/03/2008 19:12:34
ANTIVIR3.VDF : 7.0.3.68 57856 Bytes 25/03/2008 08:27:50
Engineversion : 8.1.0.28
AEVDF.DLL : 8.1.0.5 102772 Bytes 25/02/2008 09:58:21
AESCRIPT.DLL : 8.1.0.19 229754 Bytes 07/04/2008 15:34:44
AESCN.DLL : 8.1.0.12 115060 Bytes 07/04/2008 15:34:44
AERDL.DLL : 8.1.0.19 418164 Bytes 07/04/2008 15:34:44
AEPACK.DLL : 8.1.1.0 364918 Bytes 18/03/2008 11:20:42
AEOFFICE.DLL : 8.1.0.15 192889 Bytes 07/04/2008 15:34:44
AEHEUR.DLL : 8.1.0.15 1147253 Bytes 07/04/2008 15:34:44
AEHELP.DLL : 8.1.0.11 115061 Bytes 07/04/2008 15:34:43
AEGEN.DLL : 8.1.0.15 299379 Bytes 07/04/2008 15:34:43
AEEMU.DLL : 8.1.0.5 430450 Bytes 07/04/2008 15:34:43
AECORE.DLL : 8.1.0.25 168309 Bytes 08/04/2008 09:58:32
AVWINLL.DLL : 1.0.0.7 14593 Bytes 23/01/2008 17:07:53
AVPREF.DLL : 8.0.0.1 25857 Bytes 18/02/2008 10:37:50
AVREP.DLL : 7.0.0.1 155688 Bytes 16/04/2007 13:26:47
AVREG.DLL : 8.0.0.0 30977 Bytes 23/01/2008 17:07:49
AVARKT.DLL : 1.0.0.23 307457 Bytes 12/02/2008 08:29:23
AVEVTLOG.DLL : 8.0.0.11 114945 Bytes 28/02/2008 08:31:31
SQLITE3.DLL : 3.3.17.1 339968 Bytes 22/01/2008 17:28:02
SMTPLIB.DLL : 1.2.0.19 28929 Bytes 23/01/2008 17:08:39
NETNT.DLL : 8.0.0.1 7937 Bytes 25/01/2008 12:05:10
RCIMAGE.DLL : 8.0.0.35 2371841 Bytes 10/03/2008 14:37:25
RCTEXT.DLL : 8.0.32.0 86273 Bytes 06/03/2008 12:02:11

Configuration settings for the scan:
Jobname..........................: Complete system scan
Configuration file...............: C:\Program Files\Avira\AntiVir PersonalEdition Classic\sysscan.avp
Logging..........................: low
Primary action...................: interactive
Secondary action.................: ignore
Scan master boot sector..........: on
Scan boot sector.................: on
Boot sectors.....................: C:,
Scan memory......................: on
Process scan.....................: on
Scan registry....................: on
Search for rootkits..............: off
Scan all files...................: All files
Scan archives....................: on
Recursion depth..................: 20
Smart extensions.................: on
Macro heuristic..................: on
File heuristic...................: medium

Start of the scan: samedi 10 mai 2008 22:06

The scan of running processes will be started
Scan process 'avscan.exe' - '1' Module(s) have been scanned
Scan process 'avcenter.exe' - '1' Module(s) have been scanned
Scan process 'CCleaner.exe' - '1' Module(s) have been scanned
Scan process 'avgnt.exe' - '1' Module(s) have been scanned
Scan process 'avguard.exe' - '1' Module(s) have been scanned
Scan process 'sched.exe' - '1' Module(s) have been scanned
Scan process 'alg.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'slserv.exe' - '1' Module(s) have been scanned
Scan process 'HPZipm12.exe' - '1' Module(s) have been scanned
Scan process 'NMSAccessU.exe' - '1' Module(s) have been scanned
Scan process 'HidService.exe' - '1' Module(s) have been scanned
Scan process 'CLMLService.exe' - '1' Module(s) have been scanned
Scan process 'FTRTSVC.exe' - '1' Module(s) have been scanned
Scan process 'CLMLServer.exe' - '1' Module(s) have been scanned
Scan process 'CLSched.exe' - '1' Module(s) have been scanned
Scan process 'CLCapSvc.exe' - '1' Module(s) have been scanned
Scan process 'AOLacsd.exe' - '1' Module(s) have been scanned
Scan process 'ctfmon.exe' - '1' Module(s) have been scanned
Scan process 'explorer.exe' - '1' Module(s) have been scanned
Scan process 'spoolsv.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'lsass.exe' - '1' Module(s) have been scanned
Scan process 'services.exe' - '1' Module(s) have been scanned
Scan process 'winlogon.exe' - '1' Module(s) have been scanned
Scan process 'csrss.exe' - '1' Module(s) have been scanned
Scan process 'smss.exe' - '1' Module(s) have been scanned
31 processes with 31 modules were scanned

Starting master boot sector scan:
Master boot sector HD0
[INFO] No virus was found!
Master boot sector HD1
[INFO] No virus was found!
[WARNING] Le périphérique n'est pas prêt.
Master boot sector HD2
[INFO] No virus was found!
[WARNING] Le périphérique n'est pas prêt.
Master boot sector HD3
[INFO] No virus was found!
[WARNING] Le périphérique n'est pas prêt.
Master boot sector HD4
[INFO] No virus was found!
[WARNING] Le périphérique n'est pas prêt.
Master boot sector HD5
[INFO] No virus was found!
[WARNING] Le périphérique n'est pas prêt.

Start scanning boot sectors:
Boot sector 'C:\'
[INFO] No virus was found!

Starting to scan the registry.
The registry was scanned ( '28' files ).

Starting the file scan:

Begin scan in 'C:\' <HDD>
C:\pagefile.sys
[WARNING] The file could not be opened!
C:\Documents and Settings\Nicou\Mes documents\parricau.nicole\hotbar.exe
[DETECTION] Contains detection pattern of the dropper DR/180Solutions.BJ.14
[NOTE] The file was deleted!
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP248\A0042115.exe
[DETECTION] Is the Trojan horse TR/Dldr.Swizzor.Gen
[NOTE] The file was deleted!
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP248\A0042162.exe
[DETECTION] Contains detection pattern of the dropper DR/MartShop.2
[NOTE] The file was deleted!
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP249\A0042304.exe
[DETECTION] Is the Trojan horse TR/Dldr.Swizzor.Gen
[NOTE] The file was deleted!

End of the scan: samedi 10 mai 2008 22:47
Used time: 40:37 min

The scan has been done completely.

7054 Scanning directories
475035 Files were scanned
4 viruses and/or unwanted programs were found
0 Files were classified as suspicious:
4 files were deleted
0 files were repaired
0 files were moved to quarantine
0 files were renamed
1 Files cannot be scanned
475031 Files not concerned
7949 Archives were scanned
6 Warnings
4 Notes

Merci pour ton aide.

Egwene

:hello: Bonjour,

Supprime les fichiers en gras suivants :

C:\Documents and Settings\Nicou\Local Settings\Application Data\IM\Animation\firecracker.ima
C:\Documents and Settings\Nicou\Local Settings\Application Data\IM\Runtime\EmoticonCenter\cracker.gif
c:\documents and settings\nicou\application data\errorsafefrenchnewreleaseinstall[1].exe

Désinstalle avast, redémarre et supprime ~~>C:\Program Files\Alwil Software

Télécharge ccleaner (>>tuto à lire !<<), tu download «the latest version » puis installe le en décochant - Ajouter la Barre d'Outils Yahoo! CCleaner
Puis lance le nettoyage, puis fais chercher des erreurs et sauvegardes si tu le souhaites.

Télécharge et installe Antivir. (tuto)
Pourquoi changer ? : Avast! vs Antivir
mais aussi:
14 antivirus au banc d'essai

Citation :

Antivir : le plus efficace des gratuits

Vérifie qu’il soit bien à jour ! Fais une analyse complète en mode sans échec, sauvegarde le rapport et poste le moi.

;)

denise26

Voici le nouveau rapport :

-----------------------[ Lop S&D 4.2.0-3 XP/Vista ]---------------------

[ Windows XP (NT 5.1) Build 2600, Service Pack 2 ]
[ USER : Nicou ] [ "C:\Lop SD" ] [ Selection : 2 ]
[ 02/05/2008 | 23:17:11,56 ] [ PC : Nicole ]
[ MAJ : 30-04-2008 | 18:35 ]

\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\ SUPPRESSION /////////////////////////////

Supprimé! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\Readme Live Axis Tons\Download hole.exe
Supprimé! - C:\Program Files\Bitdownload\session.store
Supprimé! - C:\Program Files\BitTorrent Fastest Tool\BitDownload-4.5-setup.exe
Supprimé! - C:\Program Files\BitTorrent Fastest Tool\BitP.exe
Supprimé! - C:\Program Files\BitTorrent Fastest Tool\INSTALL.LOG
Supprimé! - C:\WINDOWS\Tasks\AA39E4FF918A99F3.job
Supprimé! - C:\DOCUME~1\Nicou\APPLIC~1\PINGBL~1\firstpileaim.exe
Supprimé! - C:\DOCUME~1\Nicou\APPLIC~1\PINGBL~1\nugcaemu.exe
Supprimé! - C:\DOCUME~1\Nicou\APPLIC~1\PINGBL~1\rjylyngf.exe
Supprimé! - C:\DOCUME~1\Nicou\APPLIC~1\PINGBL~1\ThirdGplSize.exe
Supprimé! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\Readme Live Axis Tons
Supprimé! - C:\Program Files\Bitdownload
Supprimé! - C:\Program Files\BitTorrent Fastest Tool
Supprimé! - C:\DOCUME~1\Nicou\APPLIC~1\PINGBL~1
Supprimé! - C:\Program Files\PINGBL~1
Restauré! - Fichier Hosts

//////////////////////////////////////-\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\

Supprimé! - C:\DOCUME~1\Nicou\APPLIC~1\ShoppingReport

//////////////////////////////////////-\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\

-------------[ Listing des dossiers dans Application Data ]------------

[07/08/2007|18:22] C:\DOCUME~1\ALLUSE~1\APPLIC~1\.zreglib
[06/12/2007|19:22] C:\DOCUME~1\ALLUSE~1\APPLIC~1\2ACA5CC3-0F83-453D-A079-1076FE1A8B65
[23/01/2007|19:20] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe
[05/05/2006|00:26] C:\DOCUME~1\ALLUSE~1\APPLIC~1\AOL
[05/05/2006|11:20] C:\DOCUME~1\ALLUSE~1\APPLIC~1\CyberLink
[16/08/2004|17:55] C:\DOCUME~1\ALLUSE~1\APPLIC~1\desktop.ini
[26/05/2007|16:47] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Elaborate Bytes
[07/03/2008|19:35] C:\DOCUME~1\ALLUSE~1\APPLIC~1\FloodLightGames
[15/04/2008|21:20] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Friends Games
[09/04/2008|19:59] C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar
[09/04/2008|19:37] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Genimo
[26/05/2007|11:56] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Google
[06/12/2007|19:25] C:\DOCUME~1\ALLUSE~1\APPLIC~1\HotbarSA
[05/05/2006|00:22] C:\DOCUME~1\ALLUSE~1\APPLIC~1\HP
[05/05/2006|01:12] C:\DOCUME~1\ALLUSE~1\APPLIC~1\hpzinstall.log
[20/12/2007|19:07] C:\DOCUME~1\ALLUSE~1\APPLIC~1\LauncherAccess.dt
[19/04/2008|19:20] C:\DOCUME~1\ALLUSE~1\APPLIC~1\LogiShrd
[19/04/2008|19:08] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Logitech
[15/04/2008|21:20] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft
[04/11/2007|19:11] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Office Genuine Advantage
[09/07/2006|11:41] C:\DOCUME~1\ALLUSE~1\APPLIC~1\PlayFirst
[07/12/2006|19:59] C:\DOCUME~1\ALLUSE~1\APPLIC~1\PlayTime
[22/11/2006|19:37] C:\DOCUME~1\ALLUSE~1\APPLIC~1\QuickTime
[05/05/2006|00:26] C:\DOCUME~1\ALLUSE~1\APPLIC~1\SBSI
[05/05/2006|01:17] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Symantec
[15/04/2008|22:20] C:\DOCUME~1\ALLUSE~1\APPLIC~1\TEMP
[05/05/2006|00:26] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Viewpoint
[06/07/2006|19:43] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Genuine Advantage
[16/02/2007|22:34] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Live Toolbar
[04/03/2008|19:50] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WLInstaller
[26/08/2007|19:37] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Zylom

[16/08/2004|17:55] C:\DOCUME~1\DEFAUL~1\APPLIC~1\desktop.ini
[05/05/2006|00:26] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Identities
[05/05/2006|00:26] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft
[05/05/2006|00:26] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Real
[05/05/2006|00:26] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Sun
[05/05/2006|00:26] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Symantec
[05/05/2006|00:26] C:\DOCUME~1\DEFAUL~1\APPLIC~1\You've Got Pictures Screensaver

[05/12/2007|20:47] C:\DOCUME~1\LOCALS~1\APPLIC~1\Adobe
[05/12/2007|20:47] C:\DOCUME~1\LOCALS~1\APPLIC~1\AdobeUM
[15/04/2007|13:19] C:\DOCUME~1\LOCALS~1\APPLIC~1\Macromedia
[29/11/2006|19:39] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft

[13/04/2007|23:21] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft

[22/01/2007|19:23] C:\DOCUME~1\Nicou\APPLIC~1\Adobe
[24/01/2007|12:21] C:\DOCUME~1\Nicou\APPLIC~1\AdobeUM
[09/04/2008|19:59] C:\DOCUME~1\Nicou\APPLIC~1\Big Fish Games
[31/03/2007|14:33] C:\DOCUME~1\Nicou\APPLIC~1\CyberLink
[16/08/2004|17:55] C:\DOCUME~1\Nicou\APPLIC~1\desktop.ini
[10/11/2007|19:08] C:\DOCUME~1\Nicou\APPLIC~1\DivX
[08/04/2007|19:26] C:\DOCUME~1\Nicou\APPLIC~1\EoRezo
[07/03/2008|19:35] C:\DOCUME~1\Nicou\APPLIC~1\FloodLightGames
[04/05/2006|16:09] C:\DOCUME~1\Nicou\APPLIC~1\FotoWire
[09/09/2006|13:03] C:\DOCUME~1\Nicou\APPLIC~1\GdiplusUpgrade_MSIApproach_Wrapper.log
[26/06/2006|16:43] C:\DOCUME~1\Nicou\APPLIC~1\Google
[19/05/2006|16:11] C:\DOCUME~1\Nicou\APPLIC~1\Help
[06/12/2007|19:22] C:\DOCUME~1\Nicou\APPLIC~1\Hotbar
[26/08/2007|19:37] C:\DOCUME~1\Nicou\APPLIC~1\Identities
[19/04/2008|19:08] C:\DOCUME~1\Nicou\APPLIC~1\InstallShield
[30/07/2007|15:03] C:\DOCUME~1\Nicou\APPLIC~1\iWin
[15/04/2007|15:59] C:\DOCUME~1\Nicou\APPLIC~1\Lavasoft
[10/05/2006|09:27] C:\DOCUME~1\Nicou\APPLIC~1\Leadertech
[19/04/2008|19:20] C:\DOCUME~1\Nicou\APPLIC~1\Logitech
[03/07/2006|22:00] C:\DOCUME~1\Nicou\APPLIC~1\Macromedia
[30/01/2007|20:59] C:\DOCUME~1\Nicou\APPLIC~1\MessengerSkinner
[15/09/2007|20:40] C:\DOCUME~1\Nicou\APPLIC~1\Microsoft
[09/07/2006|11:41] C:\DOCUME~1\Nicou\APPLIC~1\PlayFirst
[19/10/2007|22:42] C:\DOCUME~1\Nicou\APPLIC~1\Pogo Games
[05/06/2006|15:16] C:\DOCUME~1\Nicou\APPLIC~1\Real
[17/12/2007|20:03] C:\DOCUME~1\Nicou\APPLIC~1\Samsung
[10/05/2006|09:27] C:\DOCUME~1\Nicou\APPLIC~1\Sonic
[05/05/2006|00:26] C:\DOCUME~1\Nicou\APPLIC~1\Sun
[05/05/2006|00:26] C:\DOCUME~1\Nicou\APPLIC~1\Symantec
[04/05/2006|23:55] C:\DOCUME~1\Nicou\APPLIC~1\Template
[20/12/2007|21:06] C:\DOCUME~1\Nicou\APPLIC~1\Voxmobili
[06/12/2007|19:22] C:\DOCUME~1\Nicou\APPLIC~1\WeatherDPA
[27/04/2008|20:24] C:\DOCUME~1\Nicou\APPLIC~1\Webroot
[26/08/2007|12:13] C:\DOCUME~1\Nicou\APPLIC~1\Wildfire
[05/05/2006|00:26] C:\DOCUME~1\Nicou\APPLIC~1\You've Got Pictures Screensaver
[26/08/2007|19:37] C:\DOCUME~1\Nicou\APPLIC~1\Zylom

[09/05/2007|19:22] C:\DOCUME~1\PROPRI~1\APPLIC~1\You've Got Pictures Screensaver

----------------[ Tâches planifiées dans C:\WINDOWS\tasks ]---------------

[02/05/2008 22:53][--a------] C:\WINDOWS\tasks\V‚rifier les mises … jour de Windows Live Toolbar.job
[04/05/2006 15:54][--a------] C:\WINDOWS\tasks\Rappel d'enregistrement 3.job
[05/04/2005 20:31][--a------] C:\WINDOWS\tasks\Symantec NetDetect.job
[02/05/2008 20:18][--ah-----] C:\WINDOWS\tasks\SA.DAT
[05/08/2004 14:00][-rah-----] C:\WINDOWS\tasks\desktop.ini

---------------[ Listing des dossiers dans C:\Program Files ]--------------

[05/11/2007|21:12] C:\Program Files\AC3Filter
[16/02/2007|22:53] C:\Program Files\Adobe
[07/11/2007|20:53] C:\Program Files\Alawar
[05/05/2006|01:22] C:\Program Files\Alwil Software
[25/12/2006|12:34] C:\Program Files\Ashampoo
[30/09/2006|12:42] C:\Program Files\Atari
[20/04/2008|23:14] C:\Program Files\Conduit
[05/05/2006|00:26] C:\Program Files\CyberLink
[04/05/2006|19:29] C:\Program Files\Digitale Huehnerjagd
[03/04/2008|19:19] C:\Program Files\Discovery Multimedia
[24/03/2008|13:52] C:\Program Files\DivX
[07/08/2007|18:23] C:\Program Files\Elaborate Bytes
[27/04/2008|21:11] C:\Program Files\eMule
[08/04/2007|19:26] C:\Program Files\eoRezo
[19/04/2008|19:08] C:\Program Files\Fichiers communs
[10/06/2007|13:11] C:\Program Files\Free Audio Pack
[19/10/2007|22:18] C:\Program Files\GameHouse
[09/04/2008|19:59] C:\Program Files\GamesBar
[22/08/2007|15:46] C:\Program Files\Google
[09/09/2006|13:02] C:\Program Files\Hewlett-Packard
[05/05/2006|00:18] C:\Program Files\HP
[24/03/2008|13:15] C:\Program Files\iGraal
[05/05/2006|11:49] C:\Program Files\Illustrate
[28/01/2008|17:58] C:\Program Files\IncrediMail
[19/04/2008|19:08] C:\Program Files\InstallShield Installation Information
[09/04/2008|15:55] C:\Program Files\Internet Explorer
[05/10/2006|18:57] C:\Program Files\Inventel
[09/10/2007|20:24] C:\Program Files\Java
[15/04/2007|15:59] C:\Program Files\Lavasoft
[05/05/2006|00:26] C:\Program Files\Learn2.com
[21/12/2006|10:55] C:\Program Files\Logiciel Photo Orange
[19/04/2008|19:08] C:\Program Files\Logitech
[05/05/2006|01:57] C:\Program Files\Messenger
[03/03/2007|20:08] C:\Program Files\Micro Application
[21/05/2007|21:24] C:\Program Files\Microsoft CAPICOM 2.1.0.2
[05/05/2006|00:26] C:\Program Files\microsoft frontpage
[17/02/2007|21:10] C:\Program Files\Microsoft Money 2005
[05/05/2006|01:41] C:\Program Files\microsoft office
[26/05/2007|19:36] C:\Program Files\Microsoft R‚f‚rence
[05/05/2006|00:29] C:\Program Files\Microsoft Works
[05/05/2006|00:26] C:\Program Files\Microsoft.NET
[05/05/2006|00:29] C:\Program Files\Movie Maker
[16/02/2007|22:02] C:\Program Files\MSN
[05/05/2006|00:26] C:\Program Files\MSN Gaming Zone
[16/11/2006|10:30] C:\Program Files\MSXML 4.0
[05/05/2006|00:29] C:\Program Files\NetMeeting
[23/05/2007|20:45] C:\Program Files\orange
[13/06/2007|22:50] C:\Program Files\Outlook Express
[20/12/2007|19:11] C:\Program Files\Outlook Express Quick Backup
[02/12/2006|19:58] C:\Program Files\PhotoFiltre
[05/05/2006|00:29] C:\Program Files\QuickTime
[05/05/2006|00:26] C:\Program Files\Real
[05/05/2006|00:26] C:\Program Files\Realtek
[20/04/2008|22:44] C:\Program Files\ReflexiveArcade
[04/05/2006|16:13] C:\Program Files\SAGEM
[17/12/2007|19:16] C:\Program Files\Samsung
[04/04/2008|20:18] C:\Program Files\scrabbleproB1.0.7
[05/10/2006|21:41] C:\Program Files\Securitoo
[05/05/2006|00:30] C:\Program Files\Services en ligne
[03/04/2008|19:31] C:\Program Files\Sierra On-Line
[05/05/2006|00:26] C:\Program Files\Sonic
[06/01/2008|20:16] C:\Program Files\StudioLine Photo Basic
[05/05/2006|01:17] C:\Program Files\Symantec
[14/07/2006|17:50] C:\Program Files\The Adventure Company
[15/06/2006|19:44] C:\Program Files\TMFX Studios
[20/04/2008|23:14] C:\Program Files\torrent_search
[21/04/2008|20:35] C:\Program Files\Trend Micro
[23/10/2007|20:23] C:\Program Files\Twilight
[05/05/2006|00:26] C:\Program Files\Uninstall Information
[05/05/2006|00:26] C:\Program Files\Viewpoint
[19/10/2006|19:50] C:\Program Files\VirginMega
[02/05/2008|23:14] C:\Program Files\Wanadoo
[20/05/2007|12:40] C:\Program Files\Wanadoo Messager
[27/04/2008|20:24] C:\Program Files\Webroot
[04/03/2008|19:51] C:\Program Files\Windows Live
[30/11/2007|10:08] C:\Program Files\Windows Live Toolbar
[28/12/2006|21:24] C:\Program Files\Windows Media Connect 2
[31/05/2007|15:15] C:\Program Files\Windows Media Player
[05/05/2006|00:30] C:\Program Files\Windows NT
[05/05/2006|00:26] C:\Program Files\WindowsUpdate
[30/04/2007|16:55] C:\Program Files\WinLemm
[03/01/2007|19:46] C:\Program Files\WinRAR
[06/04/2008|14:17] C:\Program Files\Winsos
[05/05/2006|00:26] C:\Program Files\xerox
[18/10/2007|18:51] C:\Program Files\Zylom Games

------[ Listing des dossiers dans C:\Program Files\Fichiers communs ]------

[15/05/2006|14:49] C:\Program Files\Fichiers communs\Adobe
[05/05/2006|00:28] C:\Program Files\Fichiers communs\AOL
[05/05/2006|00:28] C:\Program Files\Fichiers communs\aolshare
[05/05/2006|00:28] C:\Program Files\Fichiers communs\DESIGNER
[04/05/2006|16:09] C:\Program Files\Fichiers communs\FotoWire
[05/05/2006|00:17] C:\Program Files\Fichiers communs\Hewlett-Packard
[05/05/2006|00:20] C:\Program Files\Fichiers communs\HP
[04/05/2006|16:06] C:\Program Files\Fichiers communs\InstallShield
[05/05/2006|00:26] C:\Program Files\Fichiers communs\Java
[19/04/2008|19:09] C:\Program Files\Fichiers communs\Logishrd
[04/05/2006|16:08] C:\Program Files\Fichiers communs\Logitech
[19/04/2008|19:11] C:\Program Files\Fichiers communs\Microsoft Shared
[05/05/2006|00:26] C:\Program Files\Fichiers communs\MSSoap
[25/01/2007|04:52] C:\Program Files\Fichiers communs\NMSAccessU.exe
[05/05/2006|00:26] C:\Program Files\Fichiers communs\Nullsoft
[15/04/2008|21:19] C:\Program Files\Fichiers communs\Oberon Media
[05/05/2006|00:26] C:\Program Files\Fichiers communs\ODBC
[05/05/2006|00:26] C:\Program Files\Fichiers communs\Real
[05/05/2006|00:28] C:\Program Files\Fichiers communs\Services
[05/05/2006|00:28] C:\Program Files\Fichiers communs\Sonic Shared
[05/05/2006|00:26] C:\Program Files\Fichiers communs\SpeechEngines
[15/08/2007|16:01] C:\Program Files\Fichiers communs\SureThing Shared
[05/05/2006|01:20] C:\Program Files\Fichiers communs\Symantec Shared
[13/06/2007|22:50] C:\Program Files\Fichiers communs\System
[04/03/2008|19:51] C:\Program Files\Fichiers communs\WindowsLiveInstaller
[05/05/2006|00:26] C:\Program Files\Fichiers communs\xing shared

---------------------------[ Process ]--------------------------

... 50

... OK !

----------------------[ Recherche avec S_Lop ]---------------------

Aucun fichier / dossier Lop trouvé !

-----------------[ Recherche de Fichiers / Dossiers Lop ]-----------------

Aucun fichier / dossier Lop trouvé !

----------------------[ Verification du Registre ]----------------------

..... OK !

--------------------[ Verification du fichier Hosts ]---------------------

Fichier Hosts PROPRE

----------------[ Recherche de fichiers avec Catchme ]-----------------

catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-05-02 23:18:15
Windows 5.1.2600 Service Pack 2 NTFS
scanning hidden processes ...
scanning hidden files ...
scan completed successfully
hidden processes: 0
hidden files: 0

--------------------[ Recherche d'autres infections ]---------------------

=> C:\Documents and Settings\Nicou\Local Settings\Application Data\IM\Animation\firecracker.ima
=> C:\Documents and Settings\Nicou\Local Settings\Application Data\IM\Runtime\EmoticonCenter\cracker.gif

/!\ [Fich:17][Doss:108] C:\DOCUME~1\Nicou\LOCALS~1\Temp
/!\ [Fich:90][Doss:0] C:\DOCUME~1\Nicou\Cookies
/!\ [Fich:25][Doss:9] C:\DOCUME~1\Nicou\LOCALS~1\TEMPOR~1\content.IE5

Rapport hijackthis :
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 23:20:18, on 02/05/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16640)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\FICHIE~1\AOL\ACS\AOLacsd.exe
c:\APPS\Powercinema\Kernel\TV\CLCapSvc.exe
c:\APPS\Powercinema\Kernel\TV\CLSched.exe
C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLMLServer.exe
C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLMLService.exe
C:\WINDOWS\System32\FTRTSVC.exe
c:\APPS\HIDSERVICE\HIDSERVICE.exe
C:\Program Files\Fichiers communs\NMSAccessU.exe
C:\WINDOWS\system32\HPZipm12.exe
C:\WINDOWS\system32\slserv.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Webroot\Spy Sweeper\WRSSSDK.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\QuickTime\qttask.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\fxssvc.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\Wanadoo\GestionnaireInternet.exe
C:\Program Files\Wanadoo\ComComp.exe
C:\PROGRA~1\Wanadoo\Toaster.exe
C:\PROGRA~1\Wanadoo\Inactivity.exe
C:\PROGRA~1\Wanadoo\PollingModule.exe
C:\WINDOWS\System32\ALERTM~1\ALERTM~1.EXE
C:\Program Files\Wanadoo\Watch.exe
C:\WINDOWS\system32\cmd.exe
C:\WINDOWS\system32\notepad.exe
C:\PROGRA~1\Wanadoo\WOOBrowser\WOOBrowser.exe
C:\Program Files\IncrediMail\bin\IncMail.exe
C:\PROGRA~1\INCRED~1\bin\IMApp.exe
C:\WINDOWS\system32\cmd.exe
C:\WINDOWS\explorer.exe
C:\WINDOWS\system32\notepad.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://search.msn.fr/spbasic.htm
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://search.msn.fr/spbasic.htm
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://resultsmaster.com/SmartOffe [...] ftPane.htm
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Orange
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: torrent_search Toolbar - {f14b0ccd-aa41-4406-ab68-c5de9d85b4a3} - C:\Program Files\torrent_search\tbtorr.dll
O4 - HKLM\..\Run: [NI.UERSV_9999_N91S1912] "c:\documents and settings\nicou\application data\errorsafefrenchnewreleaseinstall[1].exe" -nag
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [WINSOS VERIFY] "C:\Program Files\Winsos\WINSOS.EXE" MINI
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [^SetupICWDesktop] (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - HKUS\.DEFAULT\..\RunOnce: [^SetupICWDesktop] (User 'Default user')
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: (no name) - {1A93C934-025B-4c3a-B38E-9654A7003239} - C:\WINDOWS\system32\shdocvw.dll
O9 - Extra 'Tools' menuitem: GamesBar - {1A93C934-025B-4c3a-B38E-9654A7003239} - C:\WINDOWS\system32\shdocvw.dll
O9 - Extra button: iGraal - {88F05591-0079-4c37-B138-5DA8BC1782EF} - C:\Program Files\iGraal\iGraal.dll
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messager Wanadoo - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\PROGRA~1\WANADO~1\Wanadoo Messager.exe
O9 - Extra 'Tools' menuitem: Messager Wanadoo - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\PROGRA~1\WANADO~1\Wanadoo Messager.exe
O14 - IERESET.INF: START_PAGE_URL=file://C:\APPS\IE\offline\fr.htm
O16 - DPF: {011F473E-0880-43D4-99F3-F490A84128AE} (GenimoWebGames Control) - http://jeuxentelechargement.orange [...] ontrol.cab
O16 - DPF: {3E82BB3F-ABE4-458D-9281-0187286A4E51} (VoxsyncCtrl Class) - http://contacts.orange.fr/wfr_webab/VoxsyncX.cab
O16 - DPF: {5308E02B-4ABA-48E4-AA9E-8A7693661473} (GameCtl Class) - http://jeuxenligne.orange.fr/GisActiveX/Ax/GameAx.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/micros [...] 9666819156
O16 - DPF: {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} (Zylom Games Player) - http://game10.zylom.com/activex/zylomgamesplayer.cab
O16 - DPF: {D0C0F75C-683A-4390-A791-1ACFD5599AB8} (Oberon Flash Game Host) - http://jeuxenligne.orange.fr/Games [...] meHost.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/ [...] wflash.cab
O16 - DPF: {EF148DBB-5B6D-4130-B2A1-661571E86260} (Playtime Games Launcher) - http://jeuxenligne.orange.fr/onlin [...] uncher.cab
O23 - Service: AOL Connectivity Service (AOL ACS) - America Online, Inc. - C:\PROGRA~1\FICHIE~1\AOL\ACS\AOLacsd.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: CyberLink Background Capture Service (CBCS) (CLCapSvc) - Unknown owner - c:\APPS\Powercinema\Kernel\TV\CLCapSvc.exe
O23 - Service: CyberLink Task Scheduler (CTS) (CLSched) - Unknown owner - c:\APPS\Powercinema\Kernel\TV\CLSched.exe
O23 - Service: CyberLink Media Library Service - Cyberlink - C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLMLServer.exe
O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom - C:\WINDOWS\System32\FTRTSVC.exe
O23 - Service: Generic Service for HID Keyboard Input Collections (GenericHidService) - Unknown owner - c:\APPS\HIDSERVICE\HIDSERVICE.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech, Inc. - C:\Program Files\Fichiers communs\Logishrd\Bluetooth\LBTServ.exe
O23 - Service: MysqlInventime - Unknown owner - c:\mysql\bin\mysqld-nt.exe
O23 - Service: NMSAccessU - Unknown owner - C:\Program Files\Fichiers communs\NMSAccessU.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: SmartLinkService (SLService) - - C:\WINDOWS\SYSTEM32\slserv.exe
O23 - Service: Webroot Spy Sweeper Engine (svcWRSSSDK) - Webroot Software, Inc. - C:\Program Files\Webroot\Spy Sweeper\WRSSSDK.exe

--
End of file - 8670 bytes

--------------------[ Fin du rapport a 23:18:48,84 ]----------------------

Egwene

Re,

Relance Lop S&D

Choisis cette fois ci l'Option 2 ( Suppression )

Ne ferme pas la fenêtre lors de la suppression !

Poste le rapport généré ( C:\lopR.txt )

(Si le Bureau ne réapparaît pas presse Ctrl + Alt + Suppr , Onglet Fichier , Nouvelle tâche , tape explorer.exe et valide)

+ nouveau rapport hijackthis.

;)

denise26

-----------------------[ Lop S&D 4.2.0-3 XP/Vista ]---------------------
Tout d'abord bonsoir, tu as raison ma question était un peu abrupte, mais ne se voulait pas autoritaire ! merci donc de ton aide, voici le rapport :

[ Windows XP (NT 5.1) Build 2600, Service Pack 2 ]
[ USER : Nicou ] [ "C:\Lop SD" ] [ Selection : 1 ]
[ 02/05/2008 | 20:26:56,26 ] [ PC : Nicole ]
[ MAJ : 30-04-2008 | 18:35 ]

-------------[ Listing des dossiers dans Application Data ]------------

[07/08/2007|18:22] C:\DOCUME~1\ALLUSE~1\APPLIC~1\.zreglib
[06/12/2007|19:22] C:\DOCUME~1\ALLUSE~1\APPLIC~1\2ACA5CC3-0F83-453D-A079-1076FE1A8B65
[23/01/2007|19:20] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe
[05/05/2006|00:26] C:\DOCUME~1\ALLUSE~1\APPLIC~1\AOL
[05/05/2006|11:20] C:\DOCUME~1\ALLUSE~1\APPLIC~1\CyberLink
[16/08/2004|17:55] C:\DOCUME~1\ALLUSE~1\APPLIC~1\desktop.ini
[26/05/2007|16:47] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Elaborate Bytes
[07/03/2008|19:35] C:\DOCUME~1\ALLUSE~1\APPLIC~1\FloodLightGames
[15/04/2008|21:20] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Friends Games
[09/04/2008|19:59] C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar
[09/04/2008|19:37] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Genimo
[26/05/2007|11:56] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Google
[06/12/2007|19:25] C:\DOCUME~1\ALLUSE~1\APPLIC~1\HotbarSA
[05/05/2006|00:22] C:\DOCUME~1\ALLUSE~1\APPLIC~1\HP
[05/05/2006|01:12] C:\DOCUME~1\ALLUSE~1\APPLIC~1\hpzinstall.log
[20/12/2007|19:07] C:\DOCUME~1\ALLUSE~1\APPLIC~1\LauncherAccess.dt
[19/04/2008|19:20] C:\DOCUME~1\ALLUSE~1\APPLIC~1\LogiShrd
[19/04/2008|19:08] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Logitech
[15/04/2008|21:20] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft
[04/11/2007|19:11] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Office Genuine Advantage
[09/07/2006|11:41] C:\DOCUME~1\ALLUSE~1\APPLIC~1\PlayFirst
[07/12/2006|19:59] C:\DOCUME~1\ALLUSE~1\APPLIC~1\PlayTime
[22/11/2006|19:37] C:\DOCUME~1\ALLUSE~1\APPLIC~1\QuickTime
[02/05/2008|20:26] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Readme Live Axis Tons
[05/05/2006|00:26] C:\DOCUME~1\ALLUSE~1\APPLIC~1\SBSI
[05/05/2006|01:17] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Symantec
[15/04/2008|22:20] C:\DOCUME~1\ALLUSE~1\APPLIC~1\TEMP
[05/05/2006|00:26] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Viewpoint
[06/07/2006|19:43] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Genuine Advantage
[16/02/2007|22:34] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Live Toolbar
[04/03/2008|19:50] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WLInstaller
[26/08/2007|19:37] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Zylom

[16/08/2004|17:55] C:\DOCUME~1\DEFAUL~1\APPLIC~1\desktop.ini
[05/05/2006|00:26] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Identities
[05/05/2006|00:26] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft
[05/05/2006|00:26] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Real
[05/05/2006|00:26] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Sun
[05/05/2006|00:26] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Symantec
[05/05/2006|00:26] C:\DOCUME~1\DEFAUL~1\APPLIC~1\You've Got Pictures Screensaver

[05/12/2007|20:47] C:\DOCUME~1\LOCALS~1\APPLIC~1\Adobe
[05/12/2007|20:47] C:\DOCUME~1\LOCALS~1\APPLIC~1\AdobeUM
[15/04/2007|13:19] C:\DOCUME~1\LOCALS~1\APPLIC~1\Macromedia
[29/11/2006|19:39] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft

[13/04/2007|23:21] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft

[22/01/2007|19:23] C:\DOCUME~1\Nicou\APPLIC~1\Adobe
[24/01/2007|12:21] C:\DOCUME~1\Nicou\APPLIC~1\AdobeUM
[09/04/2008|19:59] C:\DOCUME~1\Nicou\APPLIC~1\Big Fish Games
[31/03/2007|14:33] C:\DOCUME~1\Nicou\APPLIC~1\CyberLink
[16/08/2004|17:55] C:\DOCUME~1\Nicou\APPLIC~1\desktop.ini
[10/11/2007|19:08] C:\DOCUME~1\Nicou\APPLIC~1\DivX
[08/04/2007|19:26] C:\DOCUME~1\Nicou\APPLIC~1\EoRezo
[07/03/2008|19:35] C:\DOCUME~1\Nicou\APPLIC~1\FloodLightGames
[04/05/2006|16:09] C:\DOCUME~1\Nicou\APPLIC~1\FotoWire
[09/09/2006|13:03] C:\DOCUME~1\Nicou\APPLIC~1\GdiplusUpgrade_MSIApproach_Wrapper.log
[26/06/2006|16:43] C:\DOCUME~1\Nicou\APPLIC~1\Google
[19/05/2006|16:11] C:\DOCUME~1\Nicou\APPLIC~1\Help
[06/12/2007|19:22] C:\DOCUME~1\Nicou\APPLIC~1\Hotbar
[26/08/2007|19:37] C:\DOCUME~1\Nicou\APPLIC~1\Identities
[19/04/2008|19:08] C:\DOCUME~1\Nicou\APPLIC~1\InstallShield
[30/07/2007|15:03] C:\DOCUME~1\Nicou\APPLIC~1\iWin
[15/04/2007|15:59] C:\DOCUME~1\Nicou\APPLIC~1\Lavasoft
[10/05/2006|09:27] C:\DOCUME~1\Nicou\APPLIC~1\Leadertech
[19/04/2008|19:20] C:\DOCUME~1\Nicou\APPLIC~1\Logitech
[03/07/2006|22:00] C:\DOCUME~1\Nicou\APPLIC~1\Macromedia
[30/01/2007|20:59] C:\DOCUME~1\Nicou\APPLIC~1\MessengerSkinner
[15/09/2007|20:40] C:\DOCUME~1\Nicou\APPLIC~1\Microsoft
[02/05/2008|20:26] C:\DOCUME~1\Nicou\APPLIC~1\ping blah view
[09/07/2006|11:41] C:\DOCUME~1\Nicou\APPLIC~1\PlayFirst
[19/10/2007|22:42] C:\DOCUME~1\Nicou\APPLIC~1\Pogo Games
[05/06/2006|15:16] C:\DOCUME~1\Nicou\APPLIC~1\Real
[17/12/2007|20:03] C:\DOCUME~1\Nicou\APPLIC~1\Samsung
[06/12/2007|19:24] C:\DOCUME~1\Nicou\APPLIC~1\ShoppingReport
[10/05/2006|09:27] C:\DOCUME~1\Nicou\APPLIC~1\Sonic
[05/05/2006|00:26] C:\DOCUME~1\Nicou\APPLIC~1\Sun
[05/05/2006|00:26] C:\DOCUME~1\Nicou\APPLIC~1\Symantec
[04/05/2006|23:55] C:\DOCUME~1\Nicou\APPLIC~1\Template
[20/12/2007|21:06] C:\DOCUME~1\Nicou\APPLIC~1\Voxmobili
[06/12/2007|19:22] C:\DOCUME~1\Nicou\APPLIC~1\WeatherDPA
[27/04/2008|20:24] C:\DOCUME~1\Nicou\APPLIC~1\Webroot
[26/08/2007|12:13] C:\DOCUME~1\Nicou\APPLIC~1\Wildfire
[05/05/2006|00:26] C:\DOCUME~1\Nicou\APPLIC~1\You've Got Pictures Screensaver
[26/08/2007|19:37] C:\DOCUME~1\Nicou\APPLIC~1\Zylom

[09/05/2007|19:22] C:\DOCUME~1\PROPRI~1\APPLIC~1\You've Got Pictures Screensaver

----------------[ Tâches planifiées dans C:\WINDOWS\tasks ]---------------

[28/04/2008 21:53][--a------] C:\WINDOWS\tasks\V‚rifier les mises … jour de Windows Live Toolbar.job
[04/05/2006 15:54][--a------] C:\WINDOWS\tasks\Rappel d'enregistrement 3.job
[05/04/2005 20:31][--a------] C:\WINDOWS\tasks\Symantec NetDetect.job
[02/05/2008 20:18][--ah-----] C:\WINDOWS\tasks\SA.DAT
[05/08/2004 14:00][-rah-----] C:\WINDOWS\tasks\desktop.ini

---------------[ Listing des dossiers dans C:\Program Files ]--------------

[05/11/2007|21:12] C:\Program Files\AC3Filter
[16/02/2007|22:53] C:\Program Files\Adobe
[07/11/2007|20:53] C:\Program Files\Alawar
[05/05/2006|01:22] C:\Program Files\Alwil Software
[25/12/2006|12:34] C:\Program Files\Ashampoo
[30/09/2006|12:42] C:\Program Files\Atari
[27/04/2008|19:42] C:\Program Files\BitDownload
[20/04/2008|23:19] C:\Program Files\BitTorrent Fastest Tool
[20/04/2008|23:14] C:\Program Files\Conduit
[05/05/2006|00:26] C:\Program Files\CyberLink
[04/05/2006|19:29] C:\Program Files\Digitale Huehnerjagd
[03/04/2008|19:19] C:\Program Files\Discovery Multimedia
[24/03/2008|13:52] C:\Program Files\DivX
[07/08/2007|18:23] C:\Program Files\Elaborate Bytes
[27/04/2008|21:11] C:\Program Files\eMule
[08/04/2007|19:26] C:\Program Files\eoRezo
[19/04/2008|19:08] C:\Program Files\Fichiers communs
[10/06/2007|13:11] C:\Program Files\Free Audio Pack
[19/10/2007|22:18] C:\Program Files\GameHouse
[09/04/2008|19:59] C:\Program Files\GamesBar
[22/08/2007|15:46] C:\Program Files\Google
[09/09/2006|13:02] C:\Program Files\Hewlett-Packard
[05/05/2006|00:18] C:\Program Files\HP
[24/03/2008|13:15] C:\Program Files\iGraal
[05/05/2006|11:49] C:\Program Files\Illustrate
[28/01/2008|17:58] C:\Program Files\IncrediMail
[19/04/2008|19:08] C:\Program Files\InstallShield Installation Information
[09/04/2008|15:55] C:\Program Files\Internet Explorer
[05/10/2006|18:57] C:\Program Files\Inventel
[09/10/2007|20:24] C:\Program Files\Java
[15/04/2007|15:59] C:\Program Files\Lavasoft
[05/05/2006|00:26] C:\Program Files\Learn2.com
[21/12/2006|10:55] C:\Program Files\Logiciel Photo Orange
[19/04/2008|19:08] C:\Program Files\Logitech
[05/05/2006|01:57] C:\Program Files\Messenger
[03/03/2007|20:08] C:\Program Files\Micro Application
[21/05/2007|21:24] C:\Program Files\Microsoft CAPICOM 2.1.0.2
[05/05/2006|00:26] C:\Program Files\microsoft frontpage
[17/02/2007|21:10] C:\Program Files\Microsoft Money 2005
[05/05/2006|01:41] C:\Program Files\microsoft office
[26/05/2007|19:36] C:\Program Files\Microsoft R‚f‚rence
[05/05/2006|00:29] C:\Program Files\Microsoft Works
[05/05/2006|00:26] C:\Program Files\Microsoft.NET
[05/05/2006|00:29] C:\Program Files\Movie Maker
[16/02/2007|22:02] C:\Program Files\MSN
[05/05/2006|00:26] C:\Program Files\MSN Gaming Zone
[16/11/2006|10:30] C:\Program Files\MSXML 4.0
[05/05/2006|00:29] C:\Program Files\NetMeeting
[23/05/2007|20:45] C:\Program Files\orange
[13/06/2007|22:50] C:\Program Files\Outlook Express
[20/12/2007|19:11] C:\Program Files\Outlook Express Quick Backup
[02/12/2006|19:58] C:\Program Files\PhotoFiltre
[02/05/2008|20:25] C:\Program Files\ping blah view
[05/05/2006|00:29] C:\Program Files\QuickTime
[05/05/2006|00:26] C:\Program Files\Real
[05/05/2006|00:26] C:\Program Files\Realtek
[20/04/2008|22:44] C:\Program Files\ReflexiveArcade
[04/05/2006|16:13] C:\Program Files\SAGEM
[17/12/2007|19:16] C:\Program Files\Samsung
[04/04/2008|20:18] C:\Program Files\scrabbleproB1.0.7
[05/10/2006|21:41] C:\Program Files\Securitoo
[05/05/2006|00:30] C:\Program Files\Services en ligne
[03/04/2008|19:31] C:\Program Files\Sierra On-Line
[05/05/2006|00:26] C:\Program Files\Sonic
[06/01/2008|20:16] C:\Program Files\StudioLine Photo Basic
[05/05/2006|01:17] C:\Program Files\Symantec
[14/07/2006|17:50] C:\Program Files\The Adventure Company
[15/06/2006|19:44] C:\Program Files\TMFX Studios
[20/04/2008|23:14] C:\Program Files\torrent_search
[21/04/2008|20:35] C:\Program Files\Trend Micro
[23/10/2007|20:23] C:\Program Files\Twilight
[05/05/2006|00:26] C:\Program Files\Uninstall Information
[05/05/2006|00:26] C:\Program Files\Viewpoint
[19/10/2006|19:50] C:\Program Files\VirginMega
[02/05/2008|20:25] C:\Program Files\Wanadoo
[20/05/2007|12:40] C:\Program Files\Wanadoo Messager
[27/04/2008|20:24] C:\Program Files\Webroot
[04/03/2008|19:51] C:\Program Files\Windows Live
[30/11/2007|10:08] C:\Program Files\Windows Live Toolbar
[28/12/2006|21:24] C:\Program Files\Windows Media Connect 2
[31/05/2007|15:15] C:\Program Files\Windows Media Player
[05/05/2006|00:30] C:\Program Files\Windows NT
[05/05/2006|00:26] C:\Program Files\WindowsUpdate
[30/04/2007|16:55] C:\Program Files\WinLemm
[03/01/2007|19:46] C:\Program Files\WinRAR
[06/04/2008|14:17] C:\Program Files\Winsos
[05/05/2006|00:26] C:\Program Files\xerox
[18/10/2007|18:51] C:\Program Files\Zylom Games

------[ Listing des dossiers dans C:\Program Files\Fichiers communs ]------

[15/05/2006|14:49] C:\Program Files\Fichiers communs\Adobe
[05/05/2006|00:28] C:\Program Files\Fichiers communs\AOL
[05/05/2006|00:28] C:\Program Files\Fichiers communs\aolshare
[05/05/2006|00:28] C:\Program Files\Fichiers communs\DESIGNER
[04/05/2006|16:09] C:\Program Files\Fichiers communs\FotoWire
[05/05/2006|00:17] C:\Program Files\Fichiers communs\Hewlett-Packard
[05/05/2006|00:20] C:\Program Files\Fichiers communs\HP
[04/05/2006|16:06] C:\Program Files\Fichiers communs\InstallShield
[05/05/2006|00:26] C:\Program Files\Fichiers communs\Java
[19/04/2008|19:09] C:\Program Files\Fichiers communs\Logishrd
[04/05/2006|16:08] C:\Program Files\Fichiers communs\Logitech
[19/04/2008|19:11] C:\Program Files\Fichiers communs\Microsoft Shared
[05/05/2006|00:26] C:\Program Files\Fichiers communs\MSSoap
[25/01/2007|04:52] C:\Program Files\Fichiers communs\NMSAccessU.exe
[05/05/2006|00:26] C:\Program Files\Fichiers communs\Nullsoft
[15/04/2008|21:19] C:\Program Files\Fichiers communs\Oberon Media
[05/05/2006|00:26] C:\Program Files\Fichiers communs\ODBC
[05/05/2006|00:26] C:\Program Files\Fichiers communs\Real
[05/05/2006|00:28] C:\Program Files\Fichiers communs\Services
[05/05/2006|00:28] C:\Program Files\Fichiers communs\Sonic Shared
[05/05/2006|00:26] C:\Program Files\Fichiers communs\SpeechEngines
[15/08/2007|16:01] C:\Program Files\Fichiers communs\SureThing Shared
[05/05/2006|01:20] C:\Program Files\Fichiers communs\Symantec Shared
[13/06/2007|22:50] C:\Program Files\Fichiers communs\System
[04/03/2008|19:51] C:\Program Files\Fichiers communs\WindowsLiveInstaller
[05/05/2006|00:26] C:\Program Files\Fichiers communs\xing shared

---------------------------[ Process ]--------------------------

... 50

iexplore.exe ~ [3760]
iexplore.exe ~ [164]

----------------------[ Recherche avec S_Lop ]---------------------

C:\DOCUME~1\Nicou\APPLIC~1\PINGBL~1
C:\DOCUME~1\Nicou\APPLIC~1\PINGBL~1\firstpileaim.exe
C:\DOCUME~1\Nicou\APPLIC~1\PINGBL~1\nugcaemu.exe
C:\DOCUME~1\Nicou\APPLIC~1\PINGBL~1\rjylyngf.exe
C:\DOCUME~1\Nicou\APPLIC~1\PINGBL~1\ThirdGplSize.exe

-----------------[ Recherche de Fichiers / Dossiers Lop ]-----------------

C:\DOCUME~1\ALLUSE~1\APPLIC~1\Readme Live Axis Tons
C:\DOCUME~1\ALLUSE~1\APPLIC~1\Readme Live Axis Tons\Download hole.exe
C:\Program Files\Bitdownload
C:\Program Files\Bitdownload\session.store
C:\Program Files\BitTorrent Fastest Tool
C:\Program Files\BitTorrent Fastest Tool\BitDownload-4.5-setup.exe
C:\Program Files\BitTorrent Fastest Tool\BitP.exe
C:\Program Files\BitTorrent Fastest Tool\INSTALL.LOG
C:\WINDOWS\Prefetch\BITDOWNLOAD.EXE-2EAB6E97.pf
C:\WINDOWS\Tasks\AA39E4FF918A99F3.job

----------------------[ Verification du Registre ]----------------------

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\hopedoescreative]
"DisplayName"="CiD Help"
"UninstallString"="C:\\DOCUME~1\\Nicou\\APPLIC~1\\PINGBL~1\\firstpileaim.exe -uninstall"

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NOUNBALM"="C:\\DOCUME~1\\Nicou\\APPLIC~1\\PINGBL~1\\firstpileaim.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"AXIS TONS THE MP3"="C:\\Documents and Settings\\All Users\\Application Data\\Readme Live Axis Tons\\Download hole.exe"

--------------------[ Verification du fichier Hosts ]---------------------

Fichier Hosts PROPRE

----------------[ Recherche de fichiers avec Catchme ]-----------------

catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-05-02 20:29:02
Windows 5.1.2600 Service Pack 2 NTFS
scanning hidden processes ...
scanning hidden files ...
scan completed successfully
hidden processes: 0
hidden files: 0

--------------------[ Recherche d'autres infections ]---------------------

=> C:\Documents and Settings\Nicou\Local Settings\Application Data\IM\Animation\firecracker.ima
=> C:\Documents and Settings\Nicou\Local Settings\Application Data\IM\Runtime\EmoticonCenter\cracker.gif

/!\ [Fich:16][Doss:108] C:\DOCUME~1\Nicou\LOCALS~1\Temp
/!\ [Fich:90][Doss:0] C:\DOCUME~1\Nicou\Cookies
/!\ [Fich:122][Doss:9] C:\DOCUME~1\Nicou\LOCALS~1\TEMPOR~1\content.IE5

--------------------[ Fin du rapport a 20:29:39,17 ]----------------------

Egwene

:hello: Bonjour,

1) Un peu de politesse serait la bienvenue, comme bonjour ou merci :)

2) Télécharge Lop S&D.exe ( d’ Eric 71 & Angeldark ) sur ton bureau. ~>Tuto<~

Double-clique dessus pour lancer l'installation
Puis double-clique sur le raccourci Lop S&D présent sur ton bureau
Séléctionne la langue souhaitée , puis choisis l'Option 1 ( Recherche )
Patiente jusqu'à la fin du scan
Poste le rapport généré ( C:\lopR.txt )

(Si le Bureau ne réapparait pas presse Ctrl + Alt + Suppr , Onglet Fichier , Nouvelle tâche , tape explorer.exe et valide)

:)

denise26

et maintenant, je fais quoi ?

denise26

Merci ! voici le rapport :

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 21:06:51, on 27/04/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16640)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\FICHIE~1\AOL\ACS\AOLacsd.exe
c:\APPS\Powercinema\Kernel\TV\CLCapSvc.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
c:\APPS\Powercinema\Kernel\TV\CLSched.exe
C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLMLServer.exe
C:\WINDOWS\System32\FTRTSVC.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLMLService.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
c:\APPS\HIDSERVICE\HIDSERVICE.exe
C:\Program Files\Fichiers communs\NMSAccessU.exe
C:\WINDOWS\system32\HPZipm12.exe
C:\WINDOWS\system32\slserv.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\System32\alg.exe
C:\Program Files\Wanadoo\GestionnaireInternet.exe
C:\Program Files\Wanadoo\ComComp.exe
C:\PROGRA~1\Wanadoo\Toaster.exe
C:\PROGRA~1\Wanadoo\Inactivity.exe
C:\PROGRA~1\Wanadoo\PollingModule.exe
C:\WINDOWS\System32\ALERTM~1\ALERTM~1.EXE
C:\Program Files\Wanadoo\Watch.exe
C:\PROGRA~1\Wanadoo\WOOBrowser\WOOBrowser.exe
C:\Program Files\QuickTime\qttask.exe
C:\WINDOWS\system32\LVComsX.exe
C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe
C:\Program Files\Webroot\Spy Sweeper\WRSSSDK.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://search.ms

Messages similaires

Dans l'actualité

Microsoft in side

Windows 64 bits connaît son premier virus !

Quelques perturbations sur IDN

HP infecte ses serveurs en USB

Les téléchargements

Les derniers dossiers

Logiciels gratuits : les meilleurs converters audio

Upgrader son portable en 9 leçons

Les logiciels indispensables après un formatage

Que choisir ? Home Cinema 5.1 ou projecteur de son ?

FORUM Infos-du-Net

Sécurité - Virus

PC infecté [Résolu]