[Résolu] nettoyage

salut,je nettoie le pc d'une copine, j'ai passé ccleaner, spybot et malwarebyte, mais il est encore tres long au demarrage,c'est un xp home. merci d'avance amicalement

bonjour

Tu as fait les étapes classiques : défrag, nettoyage des fichiers temporaires, nettoyage des caches des navigateurs ?

Bonjour

poste le rapport de malawarebyte qui se trouve dans longlet rapports/logs du logiciel

ensuite

RSIT
Télécharge random's system information tool (RSIT) par random/random et sauvegarde le sur ton Bureau

* Double-clic sur RSIT.exe pour l'exécuter.
* Clique sur le bouton "Continue" sur la fenêtre d'avertissement.
* Une fois le scan terminé, tu auras deux rapports qui seront ouverts : log.txt et info.txt (c:\rsit)
* Poste les dans ta prochaine réponse

Note : un rapport hijackthis est contenu dans le rapport log.txt

Si tes rapports sont trop long utilise ce site : http://www.miraclesalad.com/webtools/clip.php
Copie/coller ton rapport et clique sur le lien IP ADRESSE copie coller ton IP dans la zone adéquate puis clique sur le bouton Paste to new clipboard
Donne le lien dans ta prochaine réponse.
Il est de type : http://www.miraclesalad.com/webtools/clip.php?clip=XXXX ou xxxx est un numéro.

re et merci d'avance: voilà le 1er, info.txt

http://www.miraclesalad.com/webtools/clip.php?clip=2edf

et le 2ème log.txt

http://www.miraclesalad.com/webtools/clip.php?clip=2ee0

il reste le gestionnaire orange mais je galère à l'enlever. amicalement

edit : oups, j'ai oublié le rapport malwarebyte que voici:

Malwarebytes' Anti-Malware 1.36
Version de la base de données: 1961
Windows 5.1.2600 Service Pack 3

10/04/2009 20:09:34
mbam-log-2009-04-10 (20-09-34).txt

Type de recherche: Examen complet (C:\|D:\|)
Eléments examinés: 207323
Temps écoulé: 1 hour(s), 58 minute(s), 43 second(s)

Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 9
Valeur(s) du Registre infectée(s): 0
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 25
Fichier(s) infecté(s): 38

Processus mémoire infecté(s):
(Aucun élément nuisible détecté)

Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)

Clé(s) du Registre infectée(s):
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{5c3f6257-3e00-45c2-88d5-cb0f3a17bf0e} (Trojan.BHO) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{6f87f145-dc2d-4766-af03-3a3b96ffad98} (Trojan.BHO) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{b64f4a7c-97c9-11da-8bde-f66bad1e3f3a} (Rogue.WinAntivirus) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{07b18ea9-a523-4961-b6bb-170de4475cca} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{07b18eab-a523-4961-b6bb-170de4475cca} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{00a6faf1-072e-44cf-8957-5838f569a31d} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Multimedia\WMPlayer\Schemes\f3pss (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\fcn (Rogue.Residue) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\office one 450 fonts_is1 (Worm.Archive) -> Quarantined and deleted successfully.

Valeur(s) du Registre infectée(s):
(Aucun élément nuisible détecté)

Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)

Dossier(s) infecté(s):
D:\Documents and Settings\Annick\Local Settings\Temp\NI.UGA6PV_0001_N122M1202 (Rogue.Multiple) -> Quarantined and deleted successfully.
D:\Documents and Settings\All Users\Application Data\SalesMon (Rogue.Multiple) -> Quarantined and deleted successfully.
D:\Documents and Settings\All Users\Application Data\SalesMon\Data (Rogue.Multiple) -> Quarantined and deleted successfully.
D:\Documents and Settings\Alison\Application Data\Starware370 (Adware.Starware) -> Quarantined and deleted successfully.
D:\Documents and Settings\Alison\Application Data\Starware370\BrowserSearch (Adware.Starware) -> Quarantined and deleted successfully.
D:\Documents and Settings\Alison\Application Data\Starware370\Button_6 (Adware.Starware) -> Quarantined and deleted successfully.
D:\Documents and Settings\Alison\Application Data\Starware370\Button_7 (Adware.Starware) -> Quarantined and deleted successfully.
D:\Documents and Settings\Alison\Application Data\Starware370\Button_8 (Adware.Starware) -> Quarantined and deleted successfully.
D:\Documents and Settings\Alison\Application Data\Starware370\Configurator (Adware.Starware) -> Quarantined and deleted successfully.
D:\Documents and Settings\Alison\Application Data\Starware370\ErrorSearch (Adware.Starware) -> Quarantined and deleted successfully.
D:\Documents and Settings\Alison\Application Data\Starware370\Layouts (Adware.Starware) -> Quarantined and deleted successfully.
D:\Documents and Settings\Alison\Application Data\Starware370\Manager (Adware.Starware) -> Quarantined and deleted successfully.
D:\Documents and Settings\Alison\Application Data\Starware370\Paroles (Adware.Starware) -> Quarantined and deleted successfully.
D:\Documents and Settings\Alison\Application Data\Starware370\Radio_FR (Adware.Starware) -> Quarantined and deleted successfully.
D:\Documents and Settings\Alison\Application Data\Starware370\Recherche_de_musique (Adware.Starware) -> Quarantined and deleted successfully.
D:\Documents and Settings\Alison\Application Data\Starware370\RelatedSearch (Adware.Starware) -> Quarantined and deleted successfully.
D:\Documents and Settings\Alison\Application Data\Starware370\Telechargement (Adware.Starware) -> Quarantined and deleted successfully.
D:\Documents and Settings\Alison\Application Data\Starware370\Toolbar (Adware.Starware) -> Quarantined and deleted successfully.
D:\Documents and Settings\Alison\Application Data\Starware370\ToolbarLogo (Adware.Starware) -> Quarantined and deleted successfully.
D:\Documents and Settings\Alison\Application Data\Starware370\ToolbarSearch (Adware.Starware) -> Quarantined and deleted successfully.
D:\Documents and Settings\Alison\Application Data\Starware370\TravelSearch (Adware.Starware) -> Quarantined and deleted successfully.
D:\Documents and Settings\Alison\Application Data\ProtectionComplete (Rogue.ProtectionComplete) -> Quarantined and deleted successfully.
D:\Documents and Settings\Alison\Application Data\ProtectionComplete\Logs (Rogue.ProtectionComplete) -> Quarantined and deleted successfully.
D:\Documents and Settings\Annick\Application Data\ProtectionComplete (Rogue.ProtectionComplete) -> Quarantined and deleted successfully.
D:\Documents and Settings\Annick\Application Data\ProtectionComplete\Logs (Rogue.ProtectionComplete) -> Quarantined and deleted successfully.

Fichier(s) infecté(s):
D:\Documents and Settings\Alison\Application Data\Starware370\BrowserSearch\BrowserSearch.xml (Adware.Starware) -> Quarantined and deleted successfully.
D:\Documents and Settings\Alison\Application Data\Starware370\BrowserSearch\BrowserSearch.xml.backup (Adware.Starware) -> Quarantined and deleted successfully.
D:\Documents and Settings\Alison\Application Data\Starware370\Button_6\Button_6Options.xml (Adware.Starware) -> Quarantined and deleted successfully.
D:\Documents and Settings\Alison\Application Data\Starware370\Button_6\Button_6Options.xml.backup (Adware.Starware) -> Quarantined and deleted successfully.
D:\Documents and Settings\Alison\Application Data\Starware370\Button_7\Button_7Options.xml (Adware.Starware) -> Quarantined and deleted successfully.
D:\Documents and Settings\Alison\Application Data\Starware370\Button_7\Button_7Options.xml.backup (Adware.Starware) -> Quarantined and deleted successfully.
D:\Documents and Settings\Alison\Application Data\Starware370\Button_8\Button_8Options.xml (Adware.Starware) -> Quarantined and deleted successfully.
D:\Documents and Settings\Alison\Application Data\Starware370\Button_8\Button_8Options.xml.backup (Adware.Starware) -> Quarantined and deleted successfully.
D:\Documents and Settings\Alison\Application Data\Starware370\Configurator\Configurator.xml (Adware.Starware) -> Quarantined and deleted successfully.
D:\Documents and Settings\Alison\Application Data\Starware370\Configurator\Configurator.xml.backup (Adware.Starware) -> Quarantined and deleted successfully.
D:\Documents and Settings\Alison\Application Data\Starware370\ErrorSearch\ErrorSearchOptions.xml (Adware.Starware) -> Quarantined and deleted successfully.
D:\Documents and Settings\Alison\Application Data\Starware370\ErrorSearch\ErrorSearchOptions.xml.backup (Adware.Starware) -> Quarantined and deleted successfully.
D:\Documents and Settings\Alison\Application Data\Starware370\Layouts\ToolbarLayout.xml (Adware.Starware) -> Quarantined and deleted successfully.
D:\Documents and Settings\Alison\Application Data\Starware370\Layouts\ToolbarLayout.xml.backup (Adware.Starware) -> Quarantined and deleted successfully.
D:\Documents and Settings\Alison\Application Data\Starware370\Manager\ManagerOptions.xml (Adware.Starware) -> Quarantined and deleted successfully.
D:\Documents and Settings\Alison\Application Data\Starware370\Manager\ManagerOptions.xml.backup (Adware.Starware) -> Quarantined and deleted successfully.
D:\Documents and Settings\Alison\Application Data\Starware370\Paroles\ParolesOptions.xml (Adware.Starware) -> Quarantined and deleted successfully.
D:\Documents and Settings\Alison\Application Data\Starware370\Paroles\ParolesOptions.xml.backup (Adware.Starware) -> Quarantined and deleted successfully.
D:\Documents and Settings\Alison\Application Data\Starware370\Radio_FR\Radio_FROptions.xml (Adware.Starware) -> Quarantined and deleted successfully.
D:\Documents and Settings\Alison\Application Data\Starware370\Radio_FR\Radio_FROptions.xml.backup (Adware.Starware) -> Quarantined and deleted successfully.
D:\Documents and Settings\Alison\Application Data\Starware370\Recherche_de_musique\Recherche_de_musiqueOptions.xml (Adware.Starware) -> Quarantined and deleted successfully.
D:\Documents and Settings\Alison\Application Data\Starware370\Recherche_de_musique\Recherche_de_musiqueOptions.xml.backup (Adware.Starware) -> Quarantined and deleted successfully.
D:\Documents and Settings\Alison\Application Data\Starware370\RelatedSearch\RelatedSearchOptions.xml (Adware.Starware) -> Quarantined and deleted successfully.
D:\Documents and Settings\Alison\Application Data\Starware370\RelatedSearch\RelatedSearchOptions.xml.backup (Adware.Starware) -> Quarantined and deleted successfully.
D:\Documents and Settings\Alison\Application Data\Starware370\Telechargement\TelechargementOptions.xml (Adware.Starware) -> Quarantined and deleted successfully.
D:\Documents and Settings\Alison\Application Data\Starware370\Telechargement\TelechargementOptions.xml.backup (Adware.Starware) -> Quarantined and deleted successfully.
D:\Documents and Settings\Alison\Application Data\Starware370\Toolbar\TBProductsOptions.xml (Adware.Starware) -> Quarantined and deleted successfully.
D:\Documents and Settings\Alison\Application Data\Starware370\Toolbar\TBProductsOptions.xml.backup (Adware.Starware) -> Quarantined and deleted successfully.
D:\Documents and Settings\Alison\Application Data\Starware370\ToolbarLogo\ToolbarLogoOptions.xml (Adware.Starware) -> Quarantined and deleted successfully.
D:\Documents and Settings\Alison\Application Data\Starware370\ToolbarLogo\ToolbarLogoOptions.xml.backup (Adware.Starware) -> Quarantined and deleted successfully.
D:\Documents and Settings\Alison\Application Data\Starware370\ToolbarSearch\ToolbarSearchOptions.xml (Adware.Starware) -> Quarantined and deleted successfully.
D:\Documents and Settings\Alison\Application Data\Starware370\ToolbarSearch\ToolbarSearchOptions.xml.backup (Adware.Starware) -> Quarantined and deleted successfully.
D:\Documents and Settings\Alison\Application Data\Starware370\TravelSearch\TravelSearchOptions.xml (Adware.Starware) -> Quarantined and deleted successfully.
D:\Documents and Settings\Alison\Application Data\Starware370\TravelSearch\TravelSearchOptions.xml.backup (Adware.Starware) -> Quarantined and deleted successfully.
D:\Documents and Settings\Alison\Application Data\ProtectionComplete\Logs\threats.log (Rogue.ProtectionComplete) -> Quarantined and deleted successfully.
D:\Documents and Settings\Alison\Application Data\ProtectionComplete\Logs\update.log (Rogue.ProtectionComplete) -> Quarantined and deleted successfully.
D:\Documents and Settings\Annick\Application Data\ProtectionComplete\Logs\threats.log (Rogue.ProtectionComplete) -> Quarantined and deleted successfully.
D:\Documents and Settings\Annick\Application Data\ProtectionComplete\Logs\update.log (Rogue.ProtectionComplete) -> Quarantined and deleted successfully.

Il y a encore enormement de fichiers infectés. Il y a du travail à faire.

Télécharge Lop S&D.exe ( d’ Eric 71 & Angeldark ) sur ton bureau.
Aide : http://www.bibou0007.com/outils-specifiques-f78/tutorial-lop-sd-t956.htm

• Double-clique dessus pour lancer l'installation
  
• Puis double-clique sur le raccourci Lop S&D présent sur ton bureau
  
• Séléctionne la langue souhaitée , puis choisis l'Option 1 ( Recherche )
  
• Patiente jusqu'à la fin du scan
  
• Poste le rapport généré ( C:\lopR.txt )
  

(Si le Bureau ne réapparait pas presse Ctrl + Alt + Suppr , Onglet Fichier , Nouvelle tâche , tape explorer.exe et valide

--------------------\\ Lop S&D 4.2.5-0 XP/Vista

Microsoft Windows XP Édition familiale ( v5.1.2600 ) Service Pack 3
X86-based PC ( Uniprocessor Free : AMD Athlon(tm) 64 Processor 3400+ )
BIOS : BIOS Date: 09/06/05 17:29:38 Ver: 08.00.12
USER : Annick ( Administrator )
BOOT : Normal boot
Antivirus : Avira AntiVir PersonalEdition Classic 8.0.1.30 (Activated)
Firewall : Norton Internet Security 2005 (Not Activated)
C:\ (Local Disk) - NTFS - Total:79 Go (Free:67 Go)
D:\ (Local Disk) - NTFS - Total:100 Go (Free:91 Go)
E:\ (CD or DVD)
F:\ (CD or DVD) - CDFS - Total:0 Go (Free:0 Go)
H:\ (USB)
I:\ (USB)
J:\ (USB)
K:\ (USB)

"C:\Lop SD" ( MAJ : 19-12-2008|23:40 )
Option : [1] ( 15/04/2009|14:21 )

--------------------\\ Listing des dossiers dans APPLIC~1

[30/09/2005|00:29] D:\DOCUME~1\ADMINI~1\APPLIC~1\Identities
[29/09/2005|15:55] D:\DOCUME~1\ADMINI~1\APPLIC~1\Macromedia
[29/09/2005|16:07] D:\DOCUME~1\ADMINI~1\APPLIC~1\Microsoft
[29/09/2005|15:54] D:\DOCUME~1\ADMINI~1\APPLIC~1\Real
[29/09/2005|15:51] D:\DOCUME~1\ADMINI~1\APPLIC~1\Symantec
[29/09/2005|15:48] D:\DOCUME~1\ADMINI~1\APPLIC~1\You've Got Pictures Screensaver

[15/10/2008|13:54] D:\DOCUME~1\Alison\APPLIC~1\Adobe
[17/01/2009|17:51] D:\DOCUME~1\Alison\APPLIC~1\Apple Computer
[06/12/2005|22:53] D:\DOCUME~1\Alison\APPLIC~1\ArcSoft
[31/12/2006|12:52] D:\DOCUME~1\Alison\APPLIC~1\CyberLink
[10/12/2005|20:30] D:\DOCUME~1\Alison\APPLIC~1\EPSON
[05/04/2008|17:46] D:\DOCUME~1\Alison\APPLIC~1\erreurchasseur
[23/12/2006|19:21] D:\DOCUME~1\Alison\APPLIC~1\Google
[30/09/2005|00:29] D:\DOCUME~1\Alison\APPLIC~1\Identities
[11/12/2006|20:57] D:\DOCUME~1\Alison\APPLIC~1\ispnews
[29/09/2006|17:31] D:\DOCUME~1\Alison\APPLIC~1\Macromedia
[22/11/2008|21:53] D:\DOCUME~1\Alison\APPLIC~1\Microsoft
[15/10/2008|13:45] D:\DOCUME~1\Alison\APPLIC~1\Mozilla
[05/04/2008|17:47] D:\DOCUME~1\Alison\APPLIC~1\Nettordinateur
[01/12/2005|21:54] D:\DOCUME~1\Alison\APPLIC~1\OD2
[03/01/2007|12:38] D:\DOCUME~1\Alison\APPLIC~1\Real
[19/03/2007|20:46] D:\DOCUME~1\Alison\APPLIC~1\Sonic
[20/12/2006|20:15] D:\DOCUME~1\Alison\APPLIC~1\Sun
[29/09/2005|15:51] D:\DOCUME~1\Alison\APPLIC~1\Symantec
[11/02/2007|12:53] D:\DOCUME~1\Alison\APPLIC~1\Ulead Systems
[18/06/2008|13:29] D:\DOCUME~1\Alison\APPLIC~1\Viewpoint
[10/03/2006|19:45] D:\DOCUME~1\Alison\APPLIC~1\vlc
[29/09/2005|15:48] D:\DOCUME~1\Alison\APPLIC~1\You've Got Pictures Screensaver

[12/03/2009|15:18] D:\DOCUME~1\ALLUSE~1\APPLIC~1\{55A29068-F2CE-456C-9148-C869879E2357}
[29/09/2005|15:47] D:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe
[29/09/2005|15:48] D:\DOCUME~1\ALLUSE~1\APPLIC~1\AOL
[24/12/2007|23:36] D:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple
[24/12/2007|23:38] D:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple Computer
[14/04/2009|19:57] D:\DOCUME~1\ALLUSE~1\APPLIC~1\Avira
[12/11/2005|12:00] D:\DOCUME~1\ALLUSE~1\APPLIC~1\Ciel
[26/01/2006|18:38] D:\DOCUME~1\ALLUSE~1\APPLIC~1\CyberLink
[16/03/2008|18:33] D:\DOCUME~1\ALLUSE~1\APPLIC~1\erreurchasseur
[14/04/2009|19:10] D:\DOCUME~1\ALLUSE~1\APPLIC~1\F-Secure
[18/06/2008|13:24] D:\DOCUME~1\ALLUSE~1\APPLIC~1\fssg
[07/04/2008|23:45] D:\DOCUME~1\ALLUSE~1\APPLIC~1\Google
[08/04/2008|07:52] D:\DOCUME~1\ALLUSE~1\APPLIC~1\Lavasoft
[10/04/2009|11:30] D:\DOCUME~1\ALLUSE~1\APPLIC~1\Malwarebytes
[30/05/2008|15:58] D:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft
[31/03/2008|20:29] D:\DOCUME~1\ALLUSE~1\APPLIC~1\Nettordinateur
[21/01/2006|12:14] D:\DOCUME~1\ALLUSE~1\APPLIC~1\OD2
[13/11/2005|13:20] D:\DOCUME~1\ALLUSE~1\APPLIC~1\QuickTime
[30/09/2005|00:29] D:\DOCUME~1\ALLUSE~1\APPLIC~1\SBSI
[26/02/2009|15:48] D:\DOCUME~1\ALLUSE~1\APPLIC~1\Software rule flag owns
[14/04/2009|18:25] D:\DOCUME~1\ALLUSE~1\APPLIC~1\Spybot - Search & Destroy
[26/04/2006|15:17] D:\DOCUME~1\ALLUSE~1\APPLIC~1\Symantec
[12/03/2009|15:19] D:\DOCUME~1\ALLUSE~1\APPLIC~1\TuneUp Software
[12/11/2005|13:31] D:\DOCUME~1\ALLUSE~1\APPLIC~1\UDL
[29/09/2005|15:58] D:\DOCUME~1\ALLUSE~1\APPLIC~1\Ulead Systems
[29/09/2005|15:48] D:\DOCUME~1\ALLUSE~1\APPLIC~1\Viewpoint
[08/08/2006|10:29] D:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Genuine Advantage
[16/09/2007|17:52] D:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Live Toolbar

[19/09/2008|21:09] D:\DOCUME~1\Annick\APPLIC~1\Adobe
[24/12/2005|22:33] D:\DOCUME~1\Annick\APPLIC~1\AdobeUM
[24/12/2007|23:47] D:\DOCUME~1\Annick\APPLIC~1\Apple Computer
[01/02/2006|19:30] D:\DOCUME~1\Annick\APPLIC~1\ArcSoft
[06/01/2007|17:48] D:\DOCUME~1\Annick\APPLIC~1\Atari
[23/11/2005|19:27] D:\DOCUME~1\Annick\APPLIC~1\CyberLink
[08/10/2008|18:52] D:\DOCUME~1\Annick\APPLIC~1\dvdcss
[18/12/2005|14:24] D:\DOCUME~1\Annick\APPLIC~1\EPSON
[19/03/2008|13:53] D:\DOCUME~1\Annick\APPLIC~1\erreurchasseur
[04/02/2006|19:37] D:\DOCUME~1\Annick\APPLIC~1\FotoWire
[01/08/2008|10:58] D:\DOCUME~1\Annick\APPLIC~1\F-Secure
[16/10/2006|19:10] D:\DOCUME~1\Annick\APPLIC~1\Google
[27/01/2006|14:29] D:\DOCUME~1\Annick\APPLIC~1\Help
[30/09/2005|00:29] D:\DOCUME~1\Annick\APPLIC~1\Identities
[25/12/2007|10:53] D:\DOCUME~1\Annick\APPLIC~1\InstallShield
[07/12/2006|18:30] D:\DOCUME~1\Annick\APPLIC~1\ispnews
[21/12/2005|16:59] D:\DOCUME~1\Annick\APPLIC~1\Leadertech
[29/09/2005|15:55] D:\DOCUME~1\Annick\APPLIC~1\Macromedia
[10/04/2009|11:30] D:\DOCUME~1\Annick\APPLIC~1\Malwarebytes
[13/04/2008|18:14] D:\DOCUME~1\Annick\APPLIC~1\Microsoft
[19/09/2008|20:24] D:\DOCUME~1\Annick\APPLIC~1\Mozilla
[14/04/2009|18:21] D:\DOCUME~1\Annick\APPLIC~1\MSNInstaller
[31/03/2008|20:34] D:\DOCUME~1\Annick\APPLIC~1\Nettordinateur
[12/11/2005|19:03] D:\DOCUME~1\Annick\APPLIC~1\OD2
[27/07/2006|18:55] D:\DOCUME~1\Annick\APPLIC~1\Real
[21/12/2005|16:59] D:\DOCUME~1\Annick\APPLIC~1\Sonic
[03/04/2009|17:51] D:\DOCUME~1\Annick\APPLIC~1\Spam Dupe
[11/03/2006|19:11] D:\DOCUME~1\Annick\APPLIC~1\Sun
[11/03/2006|10:55] D:\DOCUME~1\Annick\APPLIC~1\Symantec
[12/03/2009|15:20] D:\DOCUME~1\Annick\APPLIC~1\TuneUp Software
[13/11/2005|13:16] D:\DOCUME~1\Annick\APPLIC~1\Ulead Systems
[18/06/2008|13:04] D:\DOCUME~1\Annick\APPLIC~1\Viewpoint
[08/10/2008|19:28] D:\DOCUME~1\Annick\APPLIC~1\vlc
[29/09/2005|15:48] D:\DOCUME~1\Annick\APPLIC~1\You've Got Pictures Screensaver

[30/09/2005|00:29] D:\DOCUME~1\DEFAUL~1\APPLIC~1\Identities
[30/07/2008|20:15] D:\DOCUME~1\DEFAUL~1\APPLIC~1\Macromedia
[29/09/2005|16:07] D:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft
[29/09/2005|15:54] D:\DOCUME~1\DEFAUL~1\APPLIC~1\Real
[29/09/2005|15:51] D:\DOCUME~1\DEFAUL~1\APPLIC~1\Symantec
[29/09/2005|15:48] D:\DOCUME~1\DEFAUL~1\APPLIC~1\You've Got Pictures Screensaver


[22/01/2008|20:12] D:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft

[19/07/2007|23:11] D:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft
[09/01/2006|17:25] D:\DOCUME~1\NETWOR~1\APPLIC~1\Symantec

[11/02/2006|17:40] D:\DOCUME~1\PROPRI~1\APPLIC~1\You've Got Pictures Screensaver

--------------------\\ Tâches planifiées dans C:\WINDOWS\tasks

[15/04/2009 14:15][--ah-----] C:\WINDOWS\tasks\User_Feed_Synchronization-{24B491C1-0310-4C5B-B6CC-286C88043E54}.job
[15/04/2009 14:13][--a------] C:\WINDOWS\tasks\Maintenance en 1 clic.job
[09/03/2009 11:54][--a------] C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[15/04/2009 14:13][--ah-----] C:\WINDOWS\tasks\SA.DAT
[05/08/2004 14:00][-r-h-----] C:\WINDOWS\tasks\desktop.ini

--------------------\\ Listing des dossiers dans C:\Program Files

[29/09/2005|15:47] C:\Program Files\Adobe
[29/09/2005|15:36] C:\Program Files\AMD
[29/09/2005|15:48] C:\Program Files\AOL 9.0
[29/09/2005|15:48] C:\Program Files\AOL Compagnon
[24/12/2007|23:37] C:\Program Files\Apple Software Update
[12/11/2005|13:27] C:\Program Files\ArcSoft
[14/04/2009|19:57] C:\Program Files\Avira
[08/04/2008|10:47] C:\Program Files\CCleaner
[12/11/2005|12:00] C:\Program Files\Ciel
[14/04/2009|21:07] C:\Program Files\Circle Developement
[08/01/2006|18:08] C:\Program Files\CONEXANT
[29/09/2005|15:59] C:\Program Files\CyberLink
[26/02/2006|12:27] C:\Program Files\D-Tools
[14/10/2008|10:20] C:\Program Files\eMule
[12/11/2005|13:29] C:\Program Files\epson
[10/04/2009|11:35] C:\Program Files\Fichiers communs
[29/09/2005|15:54] C:\Program Files\GMixon
[14/04/2009|21:24] C:\Program Files\Google
[04/07/2008|09:16] C:\Program Files\Icone
[14/04/2009|18:27] C:\Program Files\InstallShield Installation Information
[14/04/2009|22:22] C:\Program Files\Internet Explorer
[24/12/2007|23:38] C:\Program Files\iPod
[18/07/2008|14:03] C:\Program Files\iTunes
[29/09/2005|15:40] C:\Program Files\Java
[20/12/2008|18:16] C:\Program Files\JS World
[26/04/2006|15:03] C:\Program Files\jv16 PowerTools
[29/09/2005|15:48] C:\Program Files\Learn2.com
[04/07/2008|09:16] C:\Program Files\LETMIN
[14/04/2009|18:20] C:\Program Files\Logitech
[10/04/2009|11:30] C:\Program Files\Malwarebytes' Anti-Malware
[14/10/2008|09:13] C:\Program Files\Messenger
[16/08/2004|18:11] C:\Program Files\microsoft frontpage
[03/12/2005|19:14] C:\Program Files\Microsoft Office
[14/10/2008|09:08] C:\Program Files\Movie Maker
[10/04/2009|11:56] C:\Program Files\Mozilla Firefox
[14/04/2009|18:21] C:\Program Files\MSN
[16/08/2004|18:03] C:\Program Files\MSN Gaming Zone
[10/04/2009|11:39] C:\Program Files\MSN Messenger
[17/11/2006|22:24] C:\Program Files\MSXML 4.0
[08/04/2008|16:02] C:\Program Files\Navilog1
[14/10/2008|09:04] C:\Program Files\NetMeeting
[12/11/2005|12:01] C:\Program Files\OFFICE One6.5
[14/10/2008|09:04] C:\Program Files\Outlook Express
[25/12/2007|10:54] C:\Program Files\Philips
[31/08/2008|22:13] C:\Program Files\PhotoFiltre
[31/08/2008|21:48] C:\Program Files\PhotoScape
[24/12/2007|23:38] C:\Program Files\QuickTime
[12/11/2005|12:01] C:\Program Files\Readiris Pro 8
[29/09/2005|15:48] C:\Program Files\Real
[08/04/2008|11:06] C:\Program Files\RegCleaner
[16/08/2004|18:07] C:\Program Files\Services en ligne
[29/09/2005|15:59] C:\Program Files\Sonic
[26/02/2009|15:48] C:\Program Files\Spam Dupe
[14/04/2009|18:25] C:\Program Files\Spybot - Search & Destroy
[14/04/2009|18:39] C:\Program Files\Trend Micro
[12/03/2009|15:19] C:\Program Files\TuneUp Utilities 2009
[02/01/2006|19:45] C:\Program Files\Ubi Soft
[07/04/2008|23:44] C:\Program Files\Ubisoft
[29/09/2005|15:58] C:\Program Files\Ulead Systems
[16/08/2004|18:19] C:\Program Files\Uninstall Information
[26/02/2006|12:09] C:\Program Files\VideoLAN
[29/09/2005|15:48] C:\Program Files\Viewpoint
[30/07/2007|14:35] C:\Program Files\Windows Live Safety Center
[29/09/2005|15:57] C:\Program Files\Windows Media Components
[21/01/2008|21:15] C:\Program Files\Windows Media Connect 2
[14/10/2008|09:04] C:\Program Files\Windows Media Player
[14/10/2008|09:04] C:\Program Files\Windows NT
[16/08/2004|18:07] C:\Program Files\WindowsUpdate
[16/08/2004|18:11] C:\Program Files\xerox

--------------------\\ Listing des dossiers dans C:\Program Files\Fichiers communs

[29/09/2005|15:47] C:\Program Files\Fichiers communs\Adobe
[29/09/2005|15:48] C:\Program Files\Fichiers communs\AOL
[29/09/2005|15:48] C:\Program Files\Fichiers communs\aolshare
[24/12/2007|23:36] C:\Program Files\Fichiers communs\Apple
[12/11/2005|12:00] C:\Program Files\Fichiers communs\Borland Shared
[03/12/2005|19:14] C:\Program Files\Fichiers communs\Designer
[26/12/2005|17:52] C:\Program Files\Fichiers communs\DirectX
[08/04/2008|10:44] C:\Program Files\Fichiers communs\ErreurChasseur
[04/02/2006|19:37] C:\Program Files\Fichiers communs\FotoWire
[08/01/2008|14:40] C:\Program Files\Fichiers communs\France Telecom
[12/11/2005|13:32] C:\Program Files\Fichiers communs\InstallShield
[29/09/2005|15:40] C:\Program Files\Fichiers communs\Java
[04/02/2006|19:35] C:\Program Files\Fichiers communs\Logitech
[27/02/2007|19:01] C:\Program Files\Fichiers communs\Microsoft Shared
[16/08/2004|18:06] C:\Program Files\Fichiers communs\MSSoap
[08/04/2008|10:44] C:\Program Files\Fichiers communs\Nettordinateur
[29/09/2005|15:48] C:\Program Files\Fichiers communs\Nullsoft
[16/08/2004|17:57] C:\Program Files\Fichiers communs\ODBC
[29/09/2005|15:54] C:\Program Files\Fichiers communs\Real
[16/08/2004|18:06] C:\Program Files\Fichiers communs\Services
[29/09/2005|15:59] C:\Program Files\Fichiers communs\Sonic Shared
[16/08/2004|17:56] C:\Program Files\Fichiers communs\SpeechEngines
[29/09/2005|15:55] C:\Program Files\Fichiers communs\SureThing Shared
[14/10/2008|09:04] C:\Program Files\Fichiers communs\System
[29/09/2005|15:57] C:\Program Files\Fichiers communs\Ulead Systems
[29/09/2005|15:54] C:\Program Files\Fichiers communs\xing shared

--------------------\\ Process

( 38 Processes )

iexplore.exe ~ [PID:3372]
iexplore.exe ~ [PID:3600]

--------------------\\ Recherche avec S_Lop

Aucun fichier / dossier Lop trouvé !

--------------------\\ Recherche de Fichiers / Dossiers Lop

D:\DOCUME~1\ALLUSE~1\APPLIC~1\Software rule flag owns
D:\DOCUME~1\ALLUSE~1\APPLIC~1\Software rule flag owns\64 nurb.0xe
D:\DOCUME~1\ALLUSE~1\APPLIC~1\Software rule flag owns\CORN COPY.0xe
D:\DOCUME~1\ALLUSE~1\APPLIC~1\Software rule flag owns\Eggs Acid.dat
D:\DOCUME~1\ALLUSE~1\APPLIC~1\Software rule flag owns\Eggs Acid.exe
C:\Program Files\Circle Developement

--------------------\\ Verification du Registre

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

..... OK !

--------------------\\ Verification du fichier Hosts

Fichier Hosts PROPRE


--------------------\\ Recherche de fichiers avec Catchme

catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-04-15 14:22:39
Windows 5.1.2600 Service Pack 3 NTFS
scanning hidden processes ...
scanning hidden files ...
folder error: D:\DOCUME~1\Annick\LOCALS~1\APPLIC~1

--------------------\\ Recherche d'autres infections


Aucune autre infection trouvée !

[F:19][D:11]-> D:\DOCUME~1\Annick\LOCALS~1\Temp
[F:27][D:0]-> D:\DOCUME~1\Annick\Cookies
[F:607][D:7]-> D:\DOCUME~1\Annick\LOCALS~1\TEMPOR~1\content.IE5

1 - "C:\Lop SD\LopR_1.txt" - 15/04/2009|14:24 - Option : [1]

--------------------\\ Fin du rapport a 14:24:06

salut je rentre et je resort, relances lop&sd et lances l'option 2

(mets le rapport pour laddy)

(bonne continuation!)

--------------------\\ Lop S&D 4.2.5-0 XP/Vista

Microsoft Windows XP Édition familiale ( v5.1.2600 ) Service Pack 3
X86-based PC ( Uniprocessor Free : AMD Athlon(tm) 64 Processor 3400+ )
BIOS : BIOS Date: 09/06/05 17:29:38 Ver: 08.00.12
USER : Annick ( Administrator )
BOOT : Normal boot
Antivirus : Avira AntiVir PersonalEdition Classic 8.0.1.30 (Activated)
Firewall : Norton Internet Security 2005 (Not Activated)
C:\ (Local Disk) - NTFS - Total:79 Go (Free:67 Go)
D:\ (Local Disk) - NTFS - Total:100 Go (Free:91 Go)
E:\ (CD or DVD)
F:\ (CD or DVD) - CDFS - Total:0 Go (Free:0 Go)
H:\ (USB)
I:\ (USB)
J:\ (USB)
K:\ (USB)

"C:\Lop SD" ( MAJ : 19-12-2008|23:40 )
Option : [2] ( 15/04/2009|14:38 )


\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\ SUPPRESSION

Supprime! - D:\DOCUME~1\ALLUSE~1\APPLIC~1\Software rule flag owns\64 nurb.0xe
Supprime! - D:\DOCUME~1\ALLUSE~1\APPLIC~1\Software rule flag owns\CORN COPY.0xe
Supprime! - D:\DOCUME~1\ALLUSE~1\APPLIC~1\Software rule flag owns\Eggs Acid.dat
Supprime! - D:\DOCUME~1\ALLUSE~1\APPLIC~1\Software rule flag owns\Eggs Acid.exe
Supprime! - D:\DOCUME~1\ALLUSE~1\APPLIC~1\Software rule flag owns
Supprime! - C:\Program Files\Circle Developement
-
[ Fichier Hosts ] .. Restaure!

\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\

Supprime! - D:\DOCUME~1\Annick\APPLIC~1\ErreurChasseur
Supprime! - D:\DOCUME~1\ALLUSE~1\APPLIC~1\ErreurChasseur
Supprime! - C:\Program Files\Viewpoint
Supprime! - D:\DOCUME~1\Annick\APPLIC~1\Viewpoint
Supprime! - D:\DOCUME~1\ALLUSE~1\APPLIC~1\Viewpoint

\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\


--------------------\\ Listing des dossiers dans APPLIC~1

[30/09/2005|00:29] D:\DOCUME~1\ADMINI~1\APPLIC~1\Identities
[29/09/2005|15:55] D:\DOCUME~1\ADMINI~1\APPLIC~1\Macromedia
[29/09/2005|16:07] D:\DOCUME~1\ADMINI~1\APPLIC~1\Microsoft
[29/09/2005|15:54] D:\DOCUME~1\ADMINI~1\APPLIC~1\Real
[29/09/2005|15:51] D:\DOCUME~1\ADMINI~1\APPLIC~1\Symantec
[29/09/2005|15:48] D:\DOCUME~1\ADMINI~1\APPLIC~1\You've Got Pictures Screensaver

[15/10/2008|13:54] D:\DOCUME~1\Alison\APPLIC~1\Adobe
[17/01/2009|17:51] D:\DOCUME~1\Alison\APPLIC~1\Apple Computer
[06/12/2005|22:53] D:\DOCUME~1\Alison\APPLIC~1\ArcSoft
[31/12/2006|12:52] D:\DOCUME~1\Alison\APPLIC~1\CyberLink
[10/12/2005|20:30] D:\DOCUME~1\Alison\APPLIC~1\EPSON
[05/04/2008|17:46] D:\DOCUME~1\Alison\APPLIC~1\erreurchasseur
[23/12/2006|19:21] D:\DOCUME~1\Alison\APPLIC~1\Google
[30/09/2005|00:29] D:\DOCUME~1\Alison\APPLIC~1\Identities
[11/12/2006|20:57] D:\DOCUME~1\Alison\APPLIC~1\ispnews
[29/09/2006|17:31] D:\DOCUME~1\Alison\APPLIC~1\Macromedia
[22/11/2008|21:53] D:\DOCUME~1\Alison\APPLIC~1\Microsoft
[15/10/2008|13:45] D:\DOCUME~1\Alison\APPLIC~1\Mozilla
[05/04/2008|17:47] D:\DOCUME~1\Alison\APPLIC~1\Nettordinateur
[01/12/2005|21:54] D:\DOCUME~1\Alison\APPLIC~1\OD2
[03/01/2007|12:38] D:\DOCUME~1\Alison\APPLIC~1\Real
[19/03/2007|20:46] D:\DOCUME~1\Alison\APPLIC~1\Sonic
[20/12/2006|20:15] D:\DOCUME~1\Alison\APPLIC~1\Sun
[29/09/2005|15:51] D:\DOCUME~1\Alison\APPLIC~1\Symantec
[11/02/2007|12:53] D:\DOCUME~1\Alison\APPLIC~1\Ulead Systems
[18/06/2008|13:29] D:\DOCUME~1\Alison\APPLIC~1\Viewpoint
[10/03/2006|19:45] D:\DOCUME~1\Alison\APPLIC~1\vlc
[29/09/2005|15:48] D:\DOCUME~1\Alison\APPLIC~1\You've Got Pictures Screensaver

[12/03/2009|15:18] D:\DOCUME~1\ALLUSE~1\APPLIC~1\{55A29068-F2CE-456C-9148-C869879E2357}
[29/09/2005|15:47] D:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe
[29/09/2005|15:48] D:\DOCUME~1\ALLUSE~1\APPLIC~1\AOL
[24/12/2007|23:36] D:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple
[24/12/2007|23:38] D:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple Computer
[14/04/2009|19:57] D:\DOCUME~1\ALLUSE~1\APPLIC~1\Avira
[12/11/2005|12:00] D:\DOCUME~1\ALLUSE~1\APPLIC~1\Ciel
[26/01/2006|18:38] D:\DOCUME~1\ALLUSE~1\APPLIC~1\CyberLink
[14/04/2009|19:10] D:\DOCUME~1\ALLUSE~1\APPLIC~1\F-Secure
[18/06/2008|13:24] D:\DOCUME~1\ALLUSE~1\APPLIC~1\fssg
[07/04/2008|23:45] D:\DOCUME~1\ALLUSE~1\APPLIC~1\Google
[08/04/2008|07:52] D:\DOCUME~1\ALLUSE~1\APPLIC~1\Lavasoft
[10/04/2009|11:30] D:\DOCUME~1\ALLUSE~1\APPLIC~1\Malwarebytes
[30/05/2008|15:58] D:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft
[31/03/2008|20:29] D:\DOCUME~1\ALLUSE~1\APPLIC~1\Nettordinateur
[21/01/2006|12:14] D:\DOCUME~1\ALLUSE~1\APPLIC~1\OD2
[13/11/2005|13:20] D:\DOCUME~1\ALLUSE~1\APPLIC~1\QuickTime
[30/09/2005|00:29] D:\DOCUME~1\ALLUSE~1\APPLIC~1\SBSI
[14/04/2009|18:25] D:\DOCUME~1\ALLUSE~1\APPLIC~1\Spybot - Search & Destroy
[26/04/2006|15:17] D:\DOCUME~1\ALLUSE~1\APPLIC~1\Symantec
[12/03/2009|15:19] D:\DOCUME~1\ALLUSE~1\APPLIC~1\TuneUp Software
[12/11/2005|13:31] D:\DOCUME~1\ALLUSE~1\APPLIC~1\UDL
[29/09/2005|15:58] D:\DOCUME~1\ALLUSE~1\APPLIC~1\Ulead Systems
[08/08/2006|10:29] D:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Genuine Advantage
[16/09/2007|17:52] D:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Live Toolbar

[19/09/2008|21:09] D:\DOCUME~1\Annick\APPLIC~1\Adobe
[24/12/2005|22:33] D:\DOCUME~1\Annick\APPLIC~1\AdobeUM
[24/12/2007|23:47] D:\DOCUME~1\Annick\APPLIC~1\Apple Computer
[01/02/2006|19:30] D:\DOCUME~1\Annick\APPLIC~1\ArcSoft
[06/01/2007|17:48] D:\DOCUME~1\Annick\APPLIC~1\Atari
[23/11/2005|19:27] D:\DOCUME~1\Annick\APPLIC~1\CyberLink
[08/10/2008|18:52] D:\DOCUME~1\Annick\APPLIC~1\dvdcss
[18/12/2005|14:24] D:\DOCUME~1\Annick\APPLIC~1\EPSON
[04/02/2006|19:37] D:\DOCUME~1\Annick\APPLIC~1\FotoWire
[01/08/2008|10:58] D:\DOCUME~1\Annick\APPLIC~1\F-Secure
[16/10/2006|19:10] D:\DOCUME~1\Annick\APPLIC~1\Google
[27/01/2006|14:29] D:\DOCUME~1\Annick\APPLIC~1\Help
[30/09/2005|00:29] D:\DOCUME~1\Annick\APPLIC~1\Identities
[25/12/2007|10:53] D:\DOCUME~1\Annick\APPLIC~1\InstallShield
[07/12/2006|18:30] D:\DOCUME~1\Annick\APPLIC~1\ispnews
[21/12/2005|16:59] D:\DOCUME~1\Annick\APPLIC~1\Leadertech
[29/09/2005|15:55] D:\DOCUME~1\Annick\APPLIC~1\Macromedia
[10/04/2009|11:30] D:\DOCUME~1\Annick\APPLIC~1\Malwarebytes
[13/04/2008|18:14] D:\DOCUME~1\Annick\APPLIC~1\Microsoft
[19/09/2008|20:24] D:\DOCUME~1\Annick\APPLIC~1\Mozilla
[14/04/2009|18:21] D:\DOCUME~1\Annick\APPLIC~1\MSNInstaller
[31/03/2008|20:34] D:\DOCUME~1\Annick\APPLIC~1\Nettordinateur
[12/11/2005|19:03] D:\DOCUME~1\Annick\APPLIC~1\OD2
[27/07/2006|18:55] D:\DOCUME~1\Annick\APPLIC~1\Real
[21/12/2005|16:59] D:\DOCUME~1\Annick\APPLIC~1\Sonic
[14/04/2009|22:00] D:\DOCUME~1\Annick\APPLIC~1\Spam Dupe
[11/03/2006|19:11] D:\DOCUME~1\Annick\APPLIC~1\Sun
[11/03/2006|10:55] D:\DOCUME~1\Annick\APPLIC~1\Symantec
[12/03/2009|15:20] D:\DOCUME~1\Annick\APPLIC~1\TuneUp Software
[13/11/2005|13:16] D:\DOCUME~1\Annick\APPLIC~1\Ulead Systems
[08/10/2008|19:28] D:\DOCUME~1\Annick\APPLIC~1\vlc
[29/09/2005|15:48] D:\DOCUME~1\Annick\APPLIC~1\You've Got Pictures Screensaver

[30/09/2005|00:29] D:\DOCUME~1\DEFAUL~1\APPLIC~1\Identities
[30/07/2008|20:15] D:\DOCUME~1\DEFAUL~1\APPLIC~1\Macromedia
[29/09/2005|16:07] D:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft
[29/09/2005|15:54] D:\DOCUME~1\DEFAUL~1\APPLIC~1\Real
[29/09/2005|15:51] D:\DOCUME~1\DEFAUL~1\APPLIC~1\Symantec
[29/09/2005|15:48] D:\DOCUME~1\DEFAUL~1\APPLIC~1\You've Got Pictures Screensaver


[22/01/2008|20:12] D:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft

[19/07/2007|23:11] D:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft
[09/01/2006|17:25] D:\DOCUME~1\NETWOR~1\APPLIC~1\Symantec

[11/02/2006|17:40] D:\DOCUME~1\PROPRI~1\APPLIC~1\You've Got Pictures Screensaver

--------------------\\ Tâches planifiées dans C:\WINDOWS\tasks

[15/04/2009 14:15][--ah-----] C:\WINDOWS\tasks\User_Feed_Synchronization-{24B491C1-0310-4C5B-B6CC-286C88043E54}.job
[15/04/2009 14:13][--a------] C:\WINDOWS\tasks\Maintenance en 1 clic.job
[09/03/2009 11:54][--a------] C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[15/04/2009 14:13][--ah-----] C:\WINDOWS\tasks\SA.DAT
[05/08/2004 14:00][-r-h-----] C:\WINDOWS\tasks\desktop.ini

--------------------\\ Listing des dossiers dans C:\Program Files

[29/09/2005|15:47] C:\Program Files\Adobe
[29/09/2005|15:36] C:\Program Files\AMD
[29/09/2005|15:48] C:\Program Files\AOL 9.0
[29/09/2005|15:48] C:\Program Files\AOL Compagnon
[24/12/2007|23:37] C:\Program Files\Apple Software Update
[12/11/2005|13:27] C:\Program Files\ArcSoft
[14/04/2009|19:57] C:\Program Files\Avira
[08/04/2008|10:47] C:\Program Files\CCleaner
[12/11/2005|12:00] C:\Program Files\Ciel
[08/01/2006|18:08] C:\Program Files\CONEXANT
[29/09/2005|15:59] C:\Program Files\CyberLink
[26/02/2006|12:27] C:\Program Files\D-Tools
[14/10/2008|10:20] C:\Program Files\eMule
[12/11/2005|13:29] C:\Program Files\epson
[10/04/2009|11:35] C:\Program Files\Fichiers communs
[29/09/2005|15:54] C:\Program Files\GMixon
[14/04/2009|21:24] C:\Program Files\Google
[04/07/2008|09:16] C:\Program Files\Icone
[14/04/2009|18:27] C:\Program Files\InstallShield Installation Information
[14/04/2009|22:22] C:\Program Files\Internet Explorer
[24/12/2007|23:38] C:\Program Files\iPod
[18/07/2008|14:03] C:\Program Files\iTunes
[29/09/2005|15:40] C:\Program Files\Java
[20/12/2008|18:16] C:\Program Files\JS World
[26/04/2006|15:03] C:\Program Files\jv16 PowerTools
[29/09/2005|15:48] C:\Program Files\Learn2.com
[04/07/2008|09:16] C:\Program Files\LETMIN
[14/04/2009|18:20] C:\Program Files\Logitech
[10/04/2009|11:30] C:\Program Files\Malwarebytes' Anti-Malware
[14/10/2008|09:13] C:\Program Files\Messenger
[16/08/2004|18:11] C:\Program Files\microsoft frontpage
[03/12/2005|19:14] C:\Program Files\Microsoft Office
[14/10/2008|09:08] C:\Program Files\Movie Maker
[10/04/2009|11:56] C:\Program Files\Mozilla Firefox
[14/04/2009|18:21] C:\Program Files\MSN
[16/08/2004|18:03] C:\Program Files\MSN Gaming Zone
[10/04/2009|11:39] C:\Program Files\MSN Messenger
[17/11/2006|22:24] C:\Program Files\MSXML 4.0
[08/04/2008|16:02] C:\Program Files\Navilog1
[14/10/2008|09:04] C:\Program Files\NetMeeting
[12/11/2005|12:01] C:\Program Files\OFFICE One6.5
[14/10/2008|09:04] C:\Program Files\Outlook Express
[25/12/2007|10:54] C:\Program Files\Philips
[31/08/2008|22:13] C:\Program Files\PhotoFiltre
[31/08/2008|21:48] C:\Program Files\PhotoScape
[24/12/2007|23:38] C:\Program Files\QuickTime
[12/11/2005|12:01] C:\Program Files\Readiris Pro 8
[29/09/2005|15:48] C:\Program Files\Real
[08/04/2008|11:06] C:\Program Files\RegCleaner
[16/08/2004|18:07] C:\Program Files\Services en ligne
[29/09/2005|15:59] C:\Program Files\Sonic
[26/02/2009|15:48] C:\Program Files\Spam Dupe
[14/04/2009|18:25] C:\Program Files\Spybot - Search & Destroy
[14/04/2009|18:39] C:\Program Files\Trend Micro
[12/03/2009|15:19] C:\Program Files\TuneUp Utilities 2009
[02/01/2006|19:45] C:\Program Files\Ubi Soft
[07/04/2008|23:44] C:\Program Files\Ubisoft
[29/09/2005|15:58] C:\Program Files\Ulead Systems
[16/08/2004|18:19] C:\Program Files\Uninstall Information
[26/02/2006|12:09] C:\Program Files\VideoLAN
[30/07/2007|14:35] C:\Program Files\Windows Live Safety Center
[29/09/2005|15:57] C:\Program Files\Windows Media Components
[21/01/2008|21:15] C:\Program Files\Windows Media Connect 2
[14/10/2008|09:04] C:\Program Files\Windows Media Player
[14/10/2008|09:04] C:\Program Files\Windows NT
[16/08/2004|18:07] C:\Program Files\WindowsUpdate
[16/08/2004|18:11] C:\Program Files\xerox

--------------------\\ Listing des dossiers dans C:\Program Files\Fichiers communs

[29/09/2005|15:47] C:\Program Files\Fichiers communs\Adobe
[29/09/2005|15:48] C:\Program Files\Fichiers communs\AOL
[29/09/2005|15:48] C:\Program Files\Fichiers communs\aolshare
[24/12/2007|23:36] C:\Program Files\Fichiers communs\Apple
[12/11/2005|12:00] C:\Program Files\Fichiers communs\Borland Shared
[03/12/2005|19:14] C:\Program Files\Fichiers communs\Designer
[26/12/2005|17:52] C:\Program Files\Fichiers communs\DirectX
[08/04/2008|10:44] C:\Program Files\Fichiers communs\ErreurChasseur
[04/02/2006|19:37] C:\Program Files\Fichiers communs\FotoWire
[08/01/2008|14:40] C:\Program Files\Fichiers communs\France Telecom
[12/11/2005|13:32] C:\Program Files\Fichiers communs\InstallShield
[29/09/2005|15:40] C:\Program Files\Fichiers communs\Java
[04/02/2006|19:35] C:\Program Files\Fichiers communs\Logitech
[27/02/2007|19:01] C:\Program Files\Fichiers communs\Microsoft Shared
[16/08/2004|18:06] C:\Program Files\Fichiers communs\MSSoap
[08/04/2008|10:44] C:\Program Files\Fichiers communs\Nettordinateur
[29/09/2005|15:48] C:\Program Files\Fichiers communs\Nullsoft
[16/08/2004|17:57] C:\Program Files\Fichiers communs\ODBC
[29/09/2005|15:54] C:\Program Files\Fichiers communs\Real
[16/08/2004|18:06] C:\Program Files\Fichiers communs\Services
[29/09/2005|15:59] C:\Program Files\Fichiers communs\Sonic Shared
[16/08/2004|17:56] C:\Program Files\Fichiers communs\SpeechEngines
[29/09/2005|15:55] C:\Program Files\Fichiers communs\SureThing Shared
[14/10/2008|09:04] C:\Program Files\Fichiers communs\System
[29/09/2005|15:57] C:\Program Files\Fichiers communs\Ulead Systems
[29/09/2005|15:54] C:\Program Files\Fichiers communs\xing shared

--------------------\\ Process

( 35 Processes )

... OK !

--------------------\\ Recherche avec S_Lop

Aucun fichier / dossier Lop trouvé !

--------------------\\ Recherche de Fichiers / Dossiers Lop

Aucun fichier / dossier Lop trouvé !

--------------------\\ Verification du Registre

..... OK !

--------------------\\ Verification du fichier Hosts

Fichier Hosts PROPRE


--------------------\\ Recherche de fichiers avec Catchme

catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-04-15 14:39:21
Windows 5.1.2600 Service Pack 3 NTFS
scanning hidden processes ...
scanning hidden files ...
folder error: D:\DOCUME~1\Annick\LOCALS~1\APPLIC~1

--------------------\\ Recherche d'autres infections

Aucune autre infection trouvée !

[F:11][D:11]-> D:\DOCUME~1\Annick\LOCALS~1\Temp
[F:27][D:0]-> D:\DOCUME~1\Annick\Cookies
[F:638][D:7]-> D:\DOCUME~1\Annick\LOCALS~1\TEMPOR~1\content.IE5

1 - "C:\Lop SD\LopR_1.txt" - 15/04/2009|14:24 - Option : [1]
2 - "C:\Lop SD\LopR_2.txt" - 15/04/2009|14:39 - Option : [2]

--------------------\\ Fin du rapport a 14:39:49

Smitfraudfix

Télécharge SmitfraudFix (S!Ri)

# Décompresse-le sur le bureau (clic droit >> Extraire ici).
# Ouvre le dossier et lance Smitfraudix.(cmd)
# Choisis l'option 1.
# Patiente durant l'analyse, enregistre le rapport et poste son contenu.

SmitFraudFix v2.408

Rapport fait à 17:18:21,87, 15/04/2009
Executé à partir de D:\Documents and Settings\Annick\Bureau\SmitfraudFix
OS: Microsoft Windows XP [version 5.1.2600] - Windows_NT
Le type du système de fichiers est NTFS
Fix executé en mode normal

»»»»»»»»»»»»»»»»»»»»»»»» Process

C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
C:\PROGRA~1\FICHIE~1\AOL\ACS\AOLacsd.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
c:\APPS\Powercinema\Kernel\TV\CLCapSvc.exe
C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLMLServer.exe
C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLMLService.exe
c:\APPS\HIDSERVICE\HIDSERVICE.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\TUProgSt.exe
C:\Program Files\Fichiers communs\Ulead Systems\DVD\ULCDRSvr.exe
c:\APPS\Powercinema\Kernel\TV\CLSched.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
D:\Documents and Settings\Annick\Bureau\SmitfraudFix\Policies.exe
D:\Documents and Settings\Annick\Bureau\SmitfraudFix\Policies.exe
C:\WINDOWS\system32\cmd.exe

»»»»»»»»»»»»»»»»»»»»»»»» hosts


»»»»»»»»»»»»»»»»»»»»»»»» D:\


»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS


»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system


»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\Web


»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system32


»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system32\LogFiles


»»»»»»»»»»»»»»»»»»»»»»»» D:\Documents and Settings\Annick


»»»»»»»»»»»»»»»»»»»»»»»» D:\DOCUME~1\Annick\LOCALS~1\Temp


»»»»»»»»»»»»»»»»»»»»»»»» D:\Documents and Settings\Annick\Application Data


»»»»»»»»»»»»»»»»»»»»»»»» Menu Démarrer


»»»»»»»»»»»»»»»»»»»»»»»» D:\DOCUME~1\Annick\Favoris


»»»»»»»»»»»»»»»»»»»»»»»» Bureau


»»»»»»»»»»»»»»»»»»»»»»»» C:\Program Files

C:\Program Files\Google\googletoolbar1.dll PRESENT !

»»»»»»»»»»»»»»»»»»»»»»»» Clés corrompues


»»»»»»»»»»»»»»»»»»»»»»»» Eléments du bureau

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Desktop\Components\0]
"Source"="About:Home"
"SubscribedURL"="About:Home"
"FriendlyName"="Ma page d'accueil"


»»»»»»»»»»»»»»»»»»»»»»»» o4Patch
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

o4Patch
Credits: Malware Analysis & Diagnostic
Code: S!Ri



»»»»»»»»»»»»»»»»»»»»»»»» IEDFix
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

IEDFix
Credits: Malware Analysis & Diagnostic
Code: S!Ri



»»»»»»»»»»»»»»»»»»»»»»»» Agent.OMZ.Fix
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

Agent.OMZ.Fix
Credits: Malware Analysis & Diagnostic
Code: S!Ri


»»»»»»»»»»»»»»»»»»»»»»»» VACFix
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

VACFix
Credits: Malware Analysis & Diagnostic
Code: S!Ri


»»»»»»»»»»»»»»»»»»»»»»»» 404Fix
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

404Fix
Credits: Malware Analysis & Diagnostic
Code: S!Ri


»»»»»»»»»»»»»»»»»»»»»»»» Sharedtaskscheduler
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

SrchSTS.exe by S!Ri
Search SharedTaskScheduler's .dll


»»»»»»»»»»»»»»»»»»»»»»»» AppInit_DLLs
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"=""


»»»»»»»»»»»»»»»»»»»»»»»» Winlogon
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon]
"Userinit"="C:\\WINDOWS\\system32\\userinit.exe,"

»»»»»»»»»»»»»»»»»»»»»»»» RK

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon]
"System"=""




»»»»»»»»»»»»»»»»»»»»»»»» DNS

Description: Realtek RTL8139/810x Family Fast Ethernet NIC - Miniport d'ordonnancement de paquets
DNS Server Search Order: 192.168.1.1

HKLM\SYSTEM\CCS\Services\Tcpip\..\{E9D768E1-C336-4F05-ACEB-107480B010A0}: DhcpNameServer=192.168.1.1
HKLM\SYSTEM\CS1\Services\Tcpip\..\{E9D768E1-C336-4F05-ACEB-107480B010A0}: DhcpNameServer=192.168.1.1
HKLM\SYSTEM\CS2\Services\Tcpip\..\{E9D768E1-C336-4F05-ACEB-107480B010A0}: DhcpNameServer=192.168.1.1
HKLM\SYSTEM\CCS\Services\Tcpip\Parameters: DhcpNameServer=192.168.1.1
HKLM\SYSTEM\CS1\Services\Tcpip\Parameters: DhcpNameServer=192.168.1.1
HKLM\SYSTEM\CS2\Services\Tcpip\Parameters: DhcpNameServer=192.168.1.1


»»»»»»»»»»»»»»»»»»»»»»»» Recherche infection wininet.dll


»»»»»»»»»»»»»»»»»»»»»»»» Fin

C'est une infection qui s'isntalle sur toutes les sessions utilisateurs.

Désactive L'antivirus et antispyware....

OTmoveIT3 !

• Télécharge OTMoveIt de OldTimer.
  
  Aide : http://www.bibou0007.com/outils-specifiques-f78/tutorial-otmoveit-t387.htm
  
  
• Sauvegarde le sur ton Bureau.
  
• Double-Clique sur OTMoveIt3.exe pour le lancer.
  
• Copie le chemin des fichiers suivants en selectionnant TOUT et en appuyant sur CTRL+C (ou, après avoir sélectionner, clique-droit et choisis Copier) :

Citation :

:processes
explorer.exe

:files
D:\DOCUME~1\Alison\APPLIC~1\Nettordinateur
D:\DOCUME~1\Alison\APPLIC~1\erreurchasseur
D:\DOCUME~1\ALLUSE~1\APPLIC~1\Nettordinateur
D:\DOCUME~1\ALLUSE~1\APPLIC~1\erreurchasseur
D:\DOCUME~1\Annick\APPLIC~1\Nettordinateur

:commands
[purity]
[emptytemp]
[start explorer]

• Retourne dans OTMoveit3, fais un clique-droit dans la fenêtre "Paste instructions for items to move" et choisis Coller.
  
• Clique sur le bouton rouge Moveit!.
  
• Ferme OTMoveIt.
  

Note : Si un fichier ou un dossier ne peut être déplacer immédiatement il te sera demander de redémarrer ta machine pour finir le processus. Si c'est le cas, choisis Yes.

Poste le rapport de OTMoveIT3 dispo ici : C:\_OTMoveIt\MovedFiles

Error: Unable to interpret in the current context!
========== PROCESSES ==========
Process explorer.exe killed successfully.
========== FILES ==========
D:\DOCUME~1\Alison\APPLIC~1\Nettordinateur\Logs moved successfully.
D:\DOCUME~1\Alison\APPLIC~1\Nettordinateur moved successfully.
D:\DOCUME~1\Alison\APPLIC~1\erreurchasseur\Logs moved successfully.
D:\DOCUME~1\Alison\APPLIC~1\erreurchasseur moved successfully.
D:\DOCUME~1\ALLUSE~1\APPLIC~1\Nettordinateur moved successfully.
File/Folder D:\DOCUME~1\ALLUSE~1\APPLIC~1\erreurchasseur not found.
D:\DOCUME~1\Annick\APPLIC~1\Nettordinateur\Logs moved successfully.
D:\DOCUME~1\Annick\APPLIC~1\Nettordinateur moved successfully.
========== COMMANDS ==========
File delete failed. D:\DOCUME~1\Annick\LOCALS~1\Temp\~DF1EC2.tmp scheduled to be deleted on reboot.
File delete failed. D:\DOCUME~1\Annick\LOCALS~1\Temp\~DF1ED4.tmp scheduled to be deleted on reboot.
File delete failed. D:\DOCUME~1\Annick\LOCALS~1\Temp\~DF1F74.tmp scheduled to be deleted on reboot.
File delete failed. D:\DOCUME~1\Annick\LOCALS~1\Temp\~DF1F86.tmp scheduled to be deleted on reboot.
File delete failed. D:\DOCUME~1\Annick\LOCALS~1\Temp\~DF96D3.tmp scheduled to be deleted on reboot.
File delete failed. D:\DOCUME~1\Annick\LOCALS~1\Temp\~DF96E5.tmp scheduled to be deleted on reboot.
User's Temp folder emptied.
User's Internet Explorer cache folder emptied.
File delete failed. D:\Documents and Settings\Annick\Local Settings\Temporary Internet Files\Content.IE5\94AJWRDW\4UX6RCA4FNB4FCAB2AA30CA0EGN2YCAZZB4BYCAYW1LSQCANI0W5ACAXMBD08CAR2SAVZCA4MQZIQCAJMIRSXCA8UB9C1CAUANQI5CAJX95KJCAAU7B2PCALQT0VICAVJMGUJCA0HZXA4CA86PPKMCA9Y1HPL.htm scheduled to be deleted on reboot.
File delete failed. D:\Documents and Settings\Annick\Local Settings\Temporary Internet Files\Content.IE5\94AJWRDW\nettoyage-t3273[1].htm scheduled to be deleted on reboot.
File delete failed. D:\Documents and Settings\Annick\Local Settings\Temporary Internet Files\Content.IE5\94AJWRDW\P43GPCAICM817CAQEXJZOCAGRW1ZPCAN1RW8VCAW64EEZCA9AQNB2CA6U3RNRCAQZYOZLCAH9SKM3CAS0H71TCAL5G2ARCA6KZPLRCAC6X34LCAKNY0GNCAG7UX6JCA0O137RCA0BG73NCARN1C23CAU44W5J.htm scheduled to be deleted on reboot.
File delete failed. D:\Documents and Settings\Annick\Local Settings\Temporary Internet Files\Content.IE5\index.dat scheduled to be deleted on reboot.
File delete failed. D:\Documents and Settings\Annick\Local Settings\Temporary Internet Files\AntiPhishing\2CEDBFBC-DBA8-43AA-B1FD-CC8E6316E3E2.dat scheduled to be deleted on reboot.
User's Temporary Internet Files folder emptied.
File delete failed. D:\Documents and Settings\LocalService\Local Settings\Temp\History\History.IE5\index.dat scheduled to be deleted on reboot.
File delete failed. D:\Documents and Settings\LocalService\Local Settings\Temp\Fichiers Internet temporaires\Content.IE5\index.dat scheduled to be deleted on reboot.
File delete failed. D:\Documents and Settings\LocalService\Local Settings\Temp\Cookies\index.dat scheduled to be deleted on reboot.
Local Service Temp folder emptied.
Local Service Temporary Internet Files folder emptied.
Network Service Temp folder emptied.
Network Service Temporary Internet Files folder emptied.
Windows Temp folder emptied.
Java cache emptied.
FireFox cache emptied.
Temp folders emptied.
Explorer started successfully

OTMoveIt3 by OldTimer - Version 1.0.11.0 log created on 04162009_081650

Files moved on Reboot...
File D:\DOCUME~1\Annick\LOCALS~1\Temp\~DF1EC2.tmp not found!
File D:\DOCUME~1\Annick\LOCALS~1\Temp\~DF1ED4.tmp not found!
File D:\DOCUME~1\Annick\LOCALS~1\Temp\~DF1F74.tmp not found!
File D:\DOCUME~1\Annick\LOCALS~1\Temp\~DF1F86.tmp not found!
File D:\DOCUME~1\Annick\LOCALS~1\Temp\~DF96D3.tmp not found!
File D:\DOCUME~1\Annick\LOCALS~1\Temp\~DF96E5.tmp not found!
File D:\Documents and Settings\Annick\Local Settings\Temporary Internet Files\Content.IE5\94AJWRDW\4UX6RCA4FNB4FCAB2AA30CA0EGN2YCAZZB4BYCAYW1LSQCANI0W5ACAXMBD08CAR2SAVZCA4MQZIQCAJMIRSXCA8UB9C1CAUANQI5CAJX95KJCAAU7B2PCALQT0VICAVJMGUJCA0HZXA4CA86PPKMCA9Y1HPL.htm not found!
File D:\Documents and Settings\Annick\Local Settings\Temporary Internet Files\Content.IE5\94AJWRDW\nettoyage-t3273[1].htm not found!
File D:\Documents and Settings\Annick\Local Settings\Temporary Internet Files\Content.IE5\94AJWRDW\P43GPCAICM817CAQEXJZOCAGRW1ZPCAN1RW8VCAW64EEZCA9AQNB2CA6U3RNRCAQZYOZLCAH9SKM3CAS0H71TCAL5G2ARCA6KZPLRCAC6X34LCAKNY0GNCAG7UX6JCA0O137RCA0BG73NCARN1C23CAU44W5J.htm not found!
D:\Documents and Settings\Annick\Local Settings\Temporary Internet Files\AntiPhishing\2CEDBFBC-DBA8-43AA-B1FD-CC8E6316E3E2.dat moved successfully.

• Double-Clique sur OTMoveIt3.exe pour le lancer.
  
• Copie le chemin des fichiers suivants en selectionnant TOUT et en appuyant sur CTRL+C (ou, après avoir sélectionner, clique-droit et choisis Copier) :

Citation :

:processes
explorer.exe

:reg
[-HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\F]
[-HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{010ee751-0424-11de-9b6c-00038a000015}]



[purity]
[emptytemp]
[start explorer]

• Retourne dans OTMoveit3, fais un clique-droit dans la fenêtre "Paste instructions for items to move" et choisis Coller.
  
• Clique sur le bouton rouge Moveit!.
  
• Ferme OTMoveIt.
  

Note : Si un fichier ou un dossier ne peut être déplacer immédiatement il te sera demander de redémarrer ta machine pour finir le processus. Si c'est le cas, choisis Yes.

Poste le rapport de OTMoveIT3 dispo ici : C:\_OTMoveIt\MovedFiles

avec le rapport otmoveit poste moi deux nouveaux rapports RSIT s'il te plait.

========== PROCESSES ==========
Process explorer.exe killed successfully.
========== REGISTRY ==========
Registry key HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\F\\ deleted successfully.
Registry key HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{010ee751-0424-11de-9b6c-00038a000015}\\ deleted successfully.

OTMoveIt3 by OldTimer - Version 1.0.11.0 log created on 04162009_092538


http://www.miraclesalad.com/webtools/clip.php?clip=2ee7



http://www.miraclesalad.com/webtools/clip.php?clip=2ee8

Ouvre hijackthis coche cette ligne :
O8 - Extra context menu item: &Search - ?p=ZN

fermes toutes tes applications y compris ton navigateur internet et clique sur fix checked

ensuite

CCleaner : nettoyage temporaires

Télécharger Ccleaner Slim ou http://www.ccleaner.com/download/builds/downloading-slim
- Installe le. Ensuite, clique sur[ b]« Options »[/b], « Avancé » et décoche la case « Effacer uniquement les fichiers, du dossier Temp de Windows, plus vieux que 48 heures ». Clique sur l'onglet « Nettoyeur » puis sur « Lancer le Nettoyage ».
-Ensuite clique sur l'onglet Registre, clique sur « Chercher des erreurs » puis sur « Réparer les erreurs sélectionnées ». Sauvegarder les clés dans un répertoire de ton choix.
AIDE : http://bibou0007.com/nettoyeurs-et-optimiseurs-f79/tutorial-ccleaner-t362.htm

Note : la version Slim est dépourvu de la toolbar Yahoo et plus lèger.


Recherche de toolbars infectieuses :
/!\ Désactive toutes tes protections résidentes ! /!\

• Télécharge Toolbar-S&D (de la Team IDN) sur ton Bureau : http://eric.71.mespages.googlepages.com/ToolBarSD.exe
  
• Si tu es sous Vista Clique-droit sur le fichier téléchargé > Exécuter en tant qu'administrateur
  
• Toujours pour les utilisateurs Vista : Clique-droit sur le raccourci de Toolbar-S&D > Exécuter en tant qu'administrateur
  
• Choisis F pour Français, et valide par Entrée
  
• Choisis maintenant l'option 1 (Recherche). Patiente jusqu'à la fin de la recherche.
  
• Poste le rapport généré. (C:\TB.txt)
  

/!\ Réactive toutes tes protections résidentes ! /!\

accompagne d'un nouveau rapport rsit

-----------\\ ToolBar S&D 1.2.8 XP/Vista

Microsoft Windows XP Édition familiale ( v5.1.2600 ) Service Pack 3
X86-based PC ( Uniprocessor Free : AMD Athlon(tm) 64 Processor 3400+ )
BIOS : BIOS Date: 09/06/05 17:29:38 Ver: 08.00.12
USER : Annick ( Administrator )
BOOT : Normal boot
Antivirus : Avira AntiVir PersonalEdition Classic 8.0.1.30 (Not Activated)
Firewall : Norton Internet Security 2005 (Not Activated)
C:\ (Local Disk) - NTFS - Total:79 Go (Free:67 Go)
D:\ (Local Disk) - NTFS - Total:100 Go (Free:91 Go)
E:\ (CD or DVD)
F:\ (CD or DVD) - CDFS - Total:0 Go (Free:0 Go)
H:\ (USB)
I:\ (USB)
J:\ (USB)
K:\ (USB)

"C:\ToolBar SD" ( MAJ : 21-12-2008|20:47 )
Option : [1] ( 16/04/2009|12:35 )

-----------\\ Recherche de Fichiers / Dossiers ...


-----------\\ [..\Internet Explorer\Main]

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Local Page"="C:\\WINDOWS\\system32\\blank.htm"
"SearchMigratedDefaultURL"="http://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8"
"Search Page"="http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch"
"Start Page"="http://www.orange.fr"

[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157"
"Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Local Page"="C:\\WINDOWS\\system32\\blank.htm"
"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"


--------------------\\ Recherche d'autres infections


Aucune autre infection trouvée !


1 - "C:\ToolBar SD\TB_1.txt" - 16/04/2009|12:36 - Option : [1]

-----------\\ Fin du rapport a 12:36:19,34


http://www.miraclesalad.com/webtools/clip.php?clip=2ee9

Sauvegarde base de registre :

Sauvegarde ta base de registre avec Erunt
Aide : http://www.zebulon.fr/dossiers/57-6-sauvegarder-base-de-registre.html

• Double-Clique sur OTMoveIt3.exe pour le lancer.
  
• Copie le chemin des fichiers suivants en selectionnant TOUT et en appuyant sur CTRL+C (ou, après avoir sélectionner, clique-droit et choisis Copier) :

Citation :

:processes

:reg
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ErreurChasseur]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Flag Owns Live Grim]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\gdcw]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\My Web Search Bar Search Scope Monitor]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MyWebSearch Email Plugin]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Nettordinateur]

:files
C:\WINDOWS\system32\tmp.txt
c:\program files\erreurchasseur\
d:\documents and settings\all users\application data\software rule flag owns\eggs acid.exe
c:\program files\mywebs~1\
c:\program files\nettordinateur\

:commands
[purity]
[emptytemp]
[start explorer]

[*]Retourne dans OTMoveit3, fais un clique-droit dans la fenêtre "Paste instructions for items to move" et choisis Coller.
[*]Clique sur le bouton rouge Moveit!.
[*]Ferme OTMoveIt.
[/list]
Note : Si un fichier ou un dossier ne peut être déplacer immédiatement il te sera demander de redémarrer ta machine pour finir le processus. Si c'est le cas, choisis Yes.

Poste le rapport de OTMoveIT3 dispo ici : C:\_OTMoveIt\MovedFiles

========== PROCESSES ==========
========== REGISTRY ==========
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ErreurChasseur\\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Flag Owns Live Grim\\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\gdcw\\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\My Web Search Bar Search Scope Monitor\\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MyWebSearch Email Plugin\\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Nettordinateur\\ deleted successfully.
Error: Unable to interpret <:file> in the current context!
Error: Unable to interpret in the current context!
Error: Unable to interpret in the current context!
Error: Unable to interpret in the current context!
Error: Unable to interpret in the current context!
Error: Unable to interpret in the current context!
========== COMMANDS ==========
File delete failed. D:\DOCUME~1\Annick\LOCALS~1\Temp\~DFB88B.tmp scheduled to be deleted on reboot.
File delete failed. D:\DOCUME~1\Annick\LOCALS~1\Temp\~DFB89E.tmp scheduled to be deleted on reboot.
File delete failed. D:\DOCUME~1\Annick\LOCALS~1\Temp\~DFB90C.tmp scheduled to be deleted on reboot.
File delete failed. D:\DOCUME~1\Annick\LOCALS~1\Temp\~DFB91E.tmp scheduled to be deleted on reboot.
File delete failed. D:\DOCUME~1\Annick\LOCALS~1\Temp\~DFBA3B.tmp scheduled to be deleted on reboot.
File delete failed. D:\DOCUME~1\Annick\LOCALS~1\Temp\~DFBA4D.tmp scheduled to be deleted on reboot.
User's Temp folder emptied.
User's Internet Explorer cache folder emptied.
File delete failed. D:\Documents and Settings\Annick\Local Settings\Temporary Internet Files\Content.IE5\P5RDVEHK\ads[7].htm scheduled to be deleted on reboot.
File delete failed. D:\Documents and Settings\Annick\Local Settings\Temporary Internet Files\Content.IE5\LKL8TXY5\ads[9].htm scheduled to be deleted on reboot.
File delete failed. D:\Documents and Settings\Annick\Local Settings\Temporary Internet Files\Content.IE5\JD0LRKG9\nettoyage-t3273[1].htm scheduled to be deleted on reboot.
File delete failed. D:\Documents and Settings\Annick\Local Settings\Temporary Internet Files\Content.IE5\index.dat scheduled to be deleted on reboot.
File delete failed. D:\Documents and Settings\Annick\Local Settings\Temporary Internet Files\AntiPhishing\2CEDBFBC-DBA8-43AA-B1FD-CC8E6316E3E2.dat scheduled to be deleted on reboot.
User's Temporary Internet Files folder emptied.
File delete failed. D:\Documents and Settings\LocalService\Local Settings\Temp\History\History.IE5\index.dat scheduled to be deleted on reboot.
File delete failed. D:\Documents and Settings\LocalService\Local Settings\Temp\Fichiers Internet temporaires\Content.IE5\index.dat scheduled to be deleted on reboot.
File delete failed. D:\Documents and Settings\LocalService\Local Settings\Temp\Cookies\index.dat scheduled to be deleted on reboot.
Local Service Temp folder emptied.
Local Service Temporary Internet Files folder emptied.
Network Service Temp folder emptied.
File delete failed. D:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\index.dat scheduled to be deleted on reboot.
Network Service Temporary Internet Files folder emptied.
Windows Temp folder emptied.
Java cache emptied.
FireFox cache emptied.
Temp folders emptied.
Explorer started successfully

OTMoveIt3 by OldTimer - Version 1.0.11.0 log created on 04162009_154914

Files moved on Reboot...
File D:\DOCUME~1\Annick\LOCALS~1\Temp\~DFB88B.tmp not found!
File D:\DOCUME~1\Annick\LOCALS~1\Temp\~DFB89E.tmp not found!
File D:\DOCUME~1\Annick\LOCALS~1\Temp\~DFB90C.tmp not found!
File D:\DOCUME~1\Annick\LOCALS~1\Temp\~DFB91E.tmp not found!
File D:\DOCUME~1\Annick\LOCALS~1\Temp\~DFBA3B.tmp not found!
File D:\DOCUME~1\Annick\LOCALS~1\Temp\~DFBA4D.tmp not found!
D:\Documents and Settings\Annick\Local Settings\Temporary Internet Files\Content.IE5\P5RDVEHK\ads[7].htm moved successfully.
D:\Documents and Settings\Annick\Local Settings\Temporary Internet Files\Content.IE5\LKL8TXY5\ads[9].htm moved successfully.
D:\Documents and Settings\Annick\Local Settings\Temporary Internet Files\Content.IE5\JD0LRKG9\nettoyage-t3273[1].htm moved successfully.
D:\Documents and Settings\Annick\Local Settings\Temporary Internet Files\AntiPhishing\2CEDBFBC-DBA8-43AA-B1FD-CC8E6316E3E2.dat moved successfully.

Laddy a écrit:

Sauvegarde base de registre :

Sauvegarde ta base de registre avec Erunt
Aide : http://www.zebulon.fr/dossiers/57-6-sauvegarder-base-de-registre.html

• Double-Clique sur OTMoveIt3.exe pour le lancer.
  
• Copie le chemin des fichiers suivants en selectionnant TOUT et en appuyant sur CTRL+C (ou, après avoir sélectionner, clique-droit et choisis Copier) :

Citation :

:processes

:reg
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ErreurChasseur]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Flag Owns Live Grim]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\gdcw]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\My Web Search Bar Search Scope Monitor]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MyWebSearch Email Plugin]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Nettordinateur]

:files
C:\WINDOWS\system32\tmp.txt
c:\program files\erreurchasseur\
d:\documents and settings\all users\application data\software rule flag owns\eggs acid.exe
c:\program files\mywebs~1\
c:\program files\nettordinateur\

:commands
[purity]
[emptytemp]
[start explorer]

[*]Retourne dans OTMoveit3, fais un clique-droit dans la fenêtre "Paste instructions for items to move" et choisis Coller.
[*]Clique sur le bouton rouge Moveit!.
[*]Ferme OTMoveIt.
[/list]
Note : Si un fichier ou un dossier ne peut être déplacer immédiatement il te sera demander de redémarrer ta machine pour finir le processus. Si c'est le cas, choisis Yes.

Poste le rapport de OTMoveIT3 dispo ici : C:\_OTMoveIt\MovedFiles

(refais ceci stp,il y avait une petite faute de frappe)

========== PROCESSES ==========
========== REGISTRY ==========
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ErreurChasseur\\ not found.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Flag Owns Live Grim\\ not found.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\gdcw\\ not found.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\My Web Search Bar Search Scope Monitor\\ not found.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MyWebSearch Email Plugin\\ not found.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Nettordinateur\\ not found.
========== FILES ==========
C:\WINDOWS\system32\tmp.txt moved successfully.
Folder c:\program files\erreurchasseur not found.
File/Folder d:\documents and settings\all users\application data\software rule flag owns\eggs acid.exe not found.
Folder c:\program files\mywebs~1 not found.
Folder c:\program files\nettordinateur not found.
========== COMMANDS ==========
File delete failed. D:\DOCUME~1\Annick\LOCALS~1\Temp\~DFC20.tmp scheduled to be deleted on reboot.
File delete failed. D:\DOCUME~1\Annick\LOCALS~1\Temp\~DFC32.tmp scheduled to be deleted on reboot.
File delete failed. D:\DOCUME~1\Annick\LOCALS~1\Temp\~DFCA2.tmp scheduled to be deleted on reboot.
File delete failed. D:\DOCUME~1\Annick\LOCALS~1\Temp\~DFCB4.tmp scheduled to be deleted on reboot.
File delete failed. D:\DOCUME~1\Annick\LOCALS~1\Temp\~DFCFE.tmp scheduled to be deleted on reboot.
File delete failed. D:\DOCUME~1\Annick\LOCALS~1\Temp\~DFD10.tmp scheduled to be deleted on reboot.
User's Temp folder emptied.
User's Internet Explorer cache folder emptied.
File delete failed. D:\Documents and Settings\Annick\Local Settings\Temporary Internet Files\Content.IE5\V9I72732\nettoyage-t3273[2].htm scheduled to be deleted on reboot.
File delete failed. D:\Documents and Settings\Annick\Local Settings\Temporary Internet Files\Content.IE5\KXB7ZYGV\ads[8].htm scheduled to be deleted on reboot.
File delete failed. D:\Documents and Settings\Annick\Local Settings\Temporary Internet Files\Content.IE5\0N3RQPLD\ads[5].htm scheduled to be deleted on reboot.
File delete failed. D:\Documents and Settings\Annick\Local Settings\Temporary Internet Files\Content.IE5\index.dat scheduled to be deleted on reboot.
File delete failed. D:\Documents and Settings\Annick\Local Settings\Temporary Internet Files\AntiPhishing\2CEDBFBC-DBA8-43AA-B1FD-CC8E6316E3E2.dat scheduled to be deleted on reboot.
User's Temporary Internet Files folder emptied.
File delete failed. D:\Documents and Settings\LocalService\Local Settings\Temp\History\History.IE5\index.dat scheduled to be deleted on reboot.
File delete failed. D:\Documents and Settings\LocalService\Local Settings\Temp\Fichiers Internet temporaires\Content.IE5\index.dat scheduled to be deleted on reboot.
File delete failed. D:\Documents and Settings\LocalService\Local Settings\Temp\Cookies\index.dat scheduled to be deleted on reboot.
Local Service Temp folder emptied.
Local Service Temporary Internet Files folder emptied.
Network Service Temp folder emptied.
Network Service Temporary Internet Files folder emptied.
Windows Temp folder emptied.
Java cache emptied.
FireFox cache emptied.
Temp folders emptied.
Explorer started successfully

OTMoveIt3 by OldTimer - Version 1.0.11.0 log created on 04172009_002939

Files moved on Reboot...
File D:\DOCUME~1\Annick\LOCALS~1\Temp\~DFC20.tmp not found!
File D:\DOCUME~1\Annick\LOCALS~1\Temp\~DFC32.tmp not found!
File D:\DOCUME~1\Annick\LOCALS~1\Temp\~DFCA2.tmp not found!
File D:\DOCUME~1\Annick\LOCALS~1\Temp\~DFCB4.tmp not found!
File D:\DOCUME~1\Annick\LOCALS~1\Temp\~DFCFE.tmp not found!
File D:\DOCUME~1\Annick\LOCALS~1\Temp\~DFD10.tmp not found!
D:\Documents and Settings\Annick\Local Settings\Temporary Internet Files\Content.IE5\V9I72732\nettoyage-t3273[2].htm moved successfully.
D:\Documents and Settings\Annick\Local Settings\Temporary Internet Files\Content.IE5\KXB7ZYGV\ads[8].htm moved successfully.
D:\Documents and Settings\Annick\Local Settings\Temporary Internet Files\Content.IE5\0N3RQPLD\ads[5].htm moved successfully.
D:\Documents and Settings\Annick\Local Settings\Temporary Internet Files\AntiPhishing\2CEDBFBC-DBA8-43AA-B1FD-CC8E6316E3E2.dat moved successfully.

salut fais un scan kaspersky en ligne

avec "ie" et acceptes l'active "x"

http://www.bibou0007.com/scans-en-ligne-f75/tutorial-kaspersky-online-t394.htm

postes le rapport

re, je ne peux malheureusement pas faire le scan, dès que j'accepte les conditions, ie propose d'installer l'active'x puis se bloque. Je suis obligé d'arreter ie8 puis de le redémarrer. Je pense que je vais devoir desinstaller ie8 et remettre ie7. encore merci de votre attention et de votre patience, amicalement

re, ok dis nous si tu as des soucis nous t'aiderons en conséquences

re, effectivement le scan kapersky est incompatible avec IE8 voilà donc le rapport avec IE7 :

-------------------------------------------------------------------------------
KASPERSKY ON-LINE SCANNER REPORT
Friday, April 17, 2009 6:09:44 PM
Système d'exploitation : Microsoft Windows XP Home Edition, Service Pack 3 (Build 2600)
Kaspersky On-line Scanner version : 5.0.84.2
Dernière mise à jour de la base antivirus Kaspersky : 17/04/2009
Enregistrements dans la base antivirus Kaspersky : 2054215
-------------------------------------------------------------------------------

Paramètres d'analyse:
Analyser avec la base antivirus suivante: étendue
Analyser les archives: vrai
Analyser les bases de messagerie: vrai

Cible de l'analyse - Poste de travail:
C:\
D:\
E:\
F:\
H:\
I:\
J:\
K:\

Statistiques de l'analyse:
Total d'objets analysés: 94915
Nombre de virus trouvés: 5
Nombre d'objets infectés: 9 / 0
Nombre d'objets suspects: 0
Durée de l'analyse: 01:18:09

Nom de l'objet infecté / Nom du virus / Dernière action
C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLML_AGENT_LOG1.txt L'objet est verrouillé ignoré
C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLML_AUDIO\CLML.db L'objet est verrouillé ignoré
C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLML_AUDIO\CLML.db-journal L'objet est verrouillé ignoré
C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLML_BINARY\CLML.db L'objet est verrouillé ignoré
C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLML_BLOB\CLML.db L'objet est verrouillé ignoré
C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLML_BLOB\CLML.db-journal L'objet est verrouillé ignoré
C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLML_GLOBAL\CLML.db L'objet est verrouillé ignoré
C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLML_GLOBAL\CLML.db-journal L'objet est verrouillé ignoré
C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLML_IMAGE\CLML.db L'objet est verrouillé ignoré
C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLML_IMAGE\CLML.db-journal L'objet est verrouillé ignoré
C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLML_MAIN\CLML.db L'objet est verrouillé ignoré
C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLML_MAIN\CLML.db-journal L'objet est verrouillé ignoré
C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLML_TV\CLML.db L'objet est verrouillé ignoré
C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLML_TV\CLML.db-journal L'objet est verrouillé ignoré
C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLML_VIDEO\CLML.db L'objet est verrouillé ignoré
C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLML_VIDEO\CLML.db-journal L'objet est verrouillé ignoré
C:\System Volume Information\MountPointManagerRemoteDatabase L'objet est verrouillé ignoré
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP970\change.log L'objet est verrouillé ignoré
C:\WINDOWS\Debug\PASSWD.LOG L'objet est verrouillé ignoré
C:\WINDOWS\SchedLgU.Txt L'objet est verrouillé ignoré
C:\WINDOWS\SoftwareDistribution\EventCache\{276855E6-9E16-4032-8E97-96CA4CF2BB82}.bin L'objet est verrouillé ignoré
C:\WINDOWS\SoftwareDistribution\ReportingEvents.log L'objet est verrouillé ignoré
C:\WINDOWS\Sti_Trace.log L'objet est verrouillé ignoré
C:\WINDOWS\system32\CatRoot2\edb.log L'objet est verrouillé ignoré
C:\WINDOWS\system32\CatRoot2\tmp.edb L'objet est verrouillé ignoré
C:\WINDOWS\system32\config\AppEvent.Evt L'objet est verrouillé ignoré
C:\WINDOWS\system32\config\DEFAULT L'objet est verrouillé ignoré
C:\WINDOWS\system32\config\default.LOG L'objet est verrouillé ignoré
C:\WINDOWS\system32\config\Internet.evt L'objet est verrouillé ignoré
C:\WINDOWS\system32\config\SAM L'objet est verrouillé ignoré
C:\WINDOWS\system32\config\SAM.LOG L'objet est verrouillé ignoré
C:\WINDOWS\system32\config\SecEvent.Evt L'objet est verrouillé ignoré
C:\WINDOWS\system32\config\SECURITY L'objet est verrouillé ignoré
C:\WINDOWS\system32\config\SECURITY.LOG L'objet est verrouillé ignoré
C:\WINDOWS\system32\config\SOFTWARE L'objet est verrouillé ignoré
C:\WINDOWS\system32\config\software.LOG L'objet est verrouillé ignoré
C:\WINDOWS\system32\config\SysEvent.Evt L'objet est verrouillé ignoré
C:\WINDOWS\system32\config\SYSTEM L'objet est verrouillé ignoré
C:\WINDOWS\system32\config\system.LOG L'objet est verrouillé ignoré
C:\WINDOWS\system32\config\TuneUp.evt L'objet est verrouillé ignoré
C:\WINDOWS\system32\h323log.txt L'objet est verrouillé ignoré
C:\WINDOWS\system32\wbem\Repository\FS\INDEX.BTR L'objet est verrouillé ignoré
C:\WINDOWS\system32\wbem\Repository\FS\INDEX.MAP L'objet est verrouillé ignoré
C:\WINDOWS\system32\wbem\Repository\FS\MAPPING.VER L'objet est verrouillé ignoré
C:\WINDOWS\system32\wbem\Repository\FS\MAPPING1.MAP L'objet est verrouillé ignoré
C:\WINDOWS\system32\wbem\Repository\FS\MAPPING2.MAP L'objet est verrouillé ignoré
C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.DATA L'objet est verrouillé ignoré
C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.MAP L'objet est verrouillé ignoré
C:\WINDOWS\wiadebug.log L'objet est verrouillé ignoré
C:\WINDOWS\wiaservc.log L'objet est verrouillé ignoré
C:\WINDOWS\WindowsUpdate.log L'objet est verrouillé ignoré
D:\Documents and Settings\Alison\Local Settings\Temporary Internet Files\Content.IE5\99EU8XC7\install_fr[1].exe Infecté : not-a-virus:Downloader.Win32.WinFixer.ef ignoré
D:\Documents and Settings\Alison\Local Settings\Temporary Internet Files\Content.IE5\O7AZSV8D\installer_fr[1].exe Infecté : not-a-virus:Downloader.Win32.WinFixer.cu ignoré
D:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr0.dat L'objet est verrouillé ignoré
D:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr1.dat L'objet est verrouillé ignoré
D:\Documents and Settings\All Users\Application Data\TuneUp Software\TuneUp Utilities\Program Statistics\ProgramStatistics.tudb L'objet est verrouillé ignoré
D:\Documents and Settings\Annick\Application Data\setup_fr[1].0xe Infecté : not-a-virus:Downloader.Win32.WinFixer.ha ignoré
D:\Documents and Settings\Annick\Application Data\Spam Dupe\bind multi grim.0xe Infecté : Trojan.Win32.Obfuscated.gen ignoré
D:\Documents and Settings\Annick\Application Data\Spam Dupe\bivvspbr.0xe Infecté : Trojan.Win32.Obfuscated.gen ignoré
D:\Documents and Settings\Annick\Application Data\Spam Dupe\Keep Blue.0xe Infecté : Trojan.Win32.Obfuscated.gen ignoré
D:\Documents and Settings\Annick\Application Data\Spam Dupe\Keep Blue.1xe Infecté : Trojan.Win32.Obfuscated.aeme ignoré
D:\Documents and Settings\Annick\Application Data\Spam Dupe\MeowSeekDogList.0xe Infecté : Trojan.Win32.Obfuscated.gen ignoré
D:\Documents and Settings\Annick\Application Data\Spam Dupe\pgpmimdr.0xe Infecté : Trojan.Win32.Obfuscated.gen ignoré
D:\Documents and Settings\Annick\Cookies\index.dat L'objet est verrouillé ignoré
D:\Documents and Settings\Annick\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat L'objet est verrouillé ignoré
D:\Documents and Settings\Annick\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG L'objet est verrouillé ignoré
D:\Documents and Settings\Annick\Local Settings\Historique\History.IE5\index.dat L'objet est verrouillé ignoré
D:\Documents and Settings\Annick\Local Settings\Temp\~DF90D6.tmp L'objet est verrouillé ignoré
D:\Documents and Settings\Annick\Local Settings\Temp\~DF90E8.tmp L'objet est verrouillé ignoré
D:\Documents and Settings\Annick\Local Settings\Temporary Internet Files\Content.IE5\index.dat L'objet est verrouillé ignoré
D:\Documents and Settings\Annick\NTUSER.DAT L'objet est verrouillé ignoré
D:\Documents and Settings\Annick\ntuser.dat.LOG L'objet est verrouillé ignoré
D:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat L'objet est verrouillé ignoré
D:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG L'objet est verrouillé ignoré
D:\Documents and Settings\LocalService\Local Settings\Temp\Cookies\index.dat L'objet est verrouillé ignoré
D:\Documents and Settings\LocalService\Local Settings\Temp\Fichiers Internet temporaires\Content.IE5\index.dat L'objet est verrouillé ignoré
D:\Documents and Settings\LocalService\Local Settings\Temp\History\History.IE5\index.dat L'objet est verrouillé ignoré
D:\Documents and Settings\LocalService\NTUSER.DAT L'objet est verrouillé ignoré
D:\Documents and Settings\LocalService\ntuser.dat.LOG L'objet est verrouillé ignoré
D:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat L'objet est verrouillé ignoré
D:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG L'objet est verrouillé ignoré
D:\Documents and Settings\NetworkService\NTUSER.DAT L'objet est verrouillé ignoré
D:\Documents and Settings\NetworkService\ntuser.dat.LOG L'objet est verrouillé ignoré
D:\System Volume Information\MountPointManagerRemoteDatabase L'objet est verrouillé ignoré
D:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP970\change.log L'objet est verrouillé ignoré

Analyse terminée.

un petit coup de ccleaner pour suivre et après ceci


désactives tes protections et option 1 seulement + le rapport

http://www.bibou0007.com/outils-specifiques-f78/tutorial-lop-sd-t956.htm

--------------------\\ Lop S&D 4.2.5-0 XP/Vista

Microsoft Windows XP Édition familiale ( v5.1.2600 ) Service Pack 3
X86-based PC ( Uniprocessor Free : AMD Athlon(tm) 64 Processor 3400+ )
BIOS : BIOS Date: 09/06/05 17:29:38 Ver: 08.00.12
USER : Annick ( Administrator )
BOOT : Normal boot
Antivirus : Avira AntiVir PersonalEdition Classic 8.0.1.30 (Not Activated)
Firewall : Norton Internet Security 2005 (Not Activated)
C:\ (Local Disk) - NTFS - Total:79 Go (Free:70 Go)
D:\ (Local Disk) - NTFS - Total:100 Go (Free:92 Go)
E:\ (CD or DVD)
F:\ (CD or DVD) - CDFS - Total:0 Go (Free:0 Go)
H:\ (USB)
I:\ (USB)
J:\ (USB)
K:\ (USB)

"C:\Lop SD" ( MAJ : 19-12-2008|23:40 )
Option : [1] ( 17/04/2009|20:03 )

--------------------\\ Listing des dossiers dans APPLIC~1

[30/09/2005|00:29] D:\DOCUME~1\ADMINI~1\APPLIC~1\Identities
[29/09/2005|15:55] D:\DOCUME~1\ADMINI~1\APPLIC~1\Macromedia
[29/09/2005|16:07] D:\DOCUME~1\ADMINI~1\APPLIC~1\Microsoft
[29/09/2005|15:54] D:\DOCUME~1\ADMINI~1\APPLIC~1\Real
[29/09/2005|15:51] D:\DOCUME~1\ADMINI~1\APPLIC~1\Symantec
[29/09/2005|15:48] D:\DOCUME~1\ADMINI~1\APPLIC~1\You've Got Pictures Screensaver

[15/10/2008|13:54] D:\DOCUME~1\Alison\APPLIC~1\Adobe
[17/01/2009|17:51] D:\DOCUME~1\Alison\APPLIC~1\Apple Computer
[06/12/2005|22:53] D:\DOCUME~1\Alison\APPLIC~1\ArcSoft
[31/12/2006|12:52] D:\DOCUME~1\Alison\APPLIC~1\CyberLink
[10/12/2005|20:30] D:\DOCUME~1\Alison\APPLIC~1\EPSON
[23/12/2006|19:21] D:\DOCUME~1\Alison\APPLIC~1\Google
[30/09/2005|00:29] D:\DOCUME~1\Alison\APPLIC~1\Identities
[11/12/2006|20:57] D:\DOCUME~1\Alison\APPLIC~1\ispnews
[29/09/2006|17:31] D:\DOCUME~1\Alison\APPLIC~1\Macromedia
[22/11/2008|21:53] D:\DOCUME~1\Alison\APPLIC~1\Microsoft
[15/10/2008|13:45] D:\DOCUME~1\Alison\APPLIC~1\Mozilla
[01/12/2005|21:54] D:\DOCUME~1\Alison\APPLIC~1\OD2
[03/01/2007|12:38] D:\DOCUME~1\Alison\APPLIC~1\Real
[19/03/2007|20:46] D:\DOCUME~1\Alison\APPLIC~1\Sonic
[20/12/2006|20:15] D:\DOCUME~1\Alison\APPLIC~1\Sun
[29/09/2005|15:51] D:\DOCUME~1\Alison\APPLIC~1\Symantec
[11/02/2007|12:53] D:\DOCUME~1\Alison\APPLIC~1\Ulead Systems
[18/06/2008|13:29] D:\DOCUME~1\Alison\APPLIC~1\Viewpoint
[10/03/2006|19:45] D:\DOCUME~1\Alison\APPLIC~1\vlc
[29/09/2005|15:48] D:\DOCUME~1\Alison\APPLIC~1\You've Got Pictures Screensaver

[12/03/2009|15:18] D:\DOCUME~1\ALLUSE~1\APPLIC~1\{55A29068-F2CE-456C-9148-C869879E2357}
[29/09/2005|15:47] D:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe
[29/09/2005|15:48] D:\DOCUME~1\ALLUSE~1\APPLIC~1\AOL
[24/12/2007|23:36] D:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple
[24/12/2007|23:38] D:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple Computer
[14/04/2009|19:57] D:\DOCUME~1\ALLUSE~1\APPLIC~1\Avira
[12/11/2005|12:00] D:\DOCUME~1\ALLUSE~1\APPLIC~1\Ciel
[26/01/2006|18:38] D:\DOCUME~1\ALLUSE~1\APPLIC~1\CyberLink
[14/04/2009|19:10] D:\DOCUME~1\ALLUSE~1\APPLIC~1\F-Secure
[18/06/2008|13:24] D:\DOCUME~1\ALLUSE~1\APPLIC~1\fssg
[07/04/2008|23:45] D:\DOCUME~1\ALLUSE~1\APPLIC~1\Google
[08/04/2008|07:52] D:\DOCUME~1\ALLUSE~1\APPLIC~1\Lavasoft
[10/04/2009|11:30] D:\DOCUME~1\ALLUSE~1\APPLIC~1\Malwarebytes
[30/05/2008|15:58] D:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft
[21/01/2006|12:14] D:\DOCUME~1\ALLUSE~1\APPLIC~1\OD2
[13/11/2005|13:20] D:\DOCUME~1\ALLUSE~1\APPLIC~1\QuickTime
[30/09/2005|00:29] D:\DOCUME~1\ALLUSE~1\APPLIC~1\SBSI
[14/04/2009|18:25] D:\DOCUME~1\ALLUSE~1\APPLIC~1\Spybot - Search & Destroy
[26/04/2006|15:17] D:\DOCUME~1\ALLUSE~1\APPLIC~1\Symantec
[12/03/2009|15:19] D:\DOCUME~1\ALLUSE~1\APPLIC~1\TuneUp Software
[12/11/2005|13:31] D:\DOCUME~1\ALLUSE~1\APPLIC~1\UDL
[29/09/2005|15:58] D:\DOCUME~1\ALLUSE~1\APPLIC~1\Ulead Systems
[08/08/2006|10:29] D:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Genuine Advantage
[16/09/2007|17:52] D:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Live Toolbar

[19/09/2008|21:09] D:\DOCUME~1\Annick\APPLIC~1\Adobe
[24/12/2005|22:33] D:\DOCUME~1\Annick\APPLIC~1\AdobeUM
[24/12/2007|23:47] D:\DOCUME~1\Annick\APPLIC~1\Apple Computer
[01/02/2006|19:30] D:\DOCUME~1\Annick\APPLIC~1\ArcSoft
[06/01/2007|17:48] D:\DOCUME~1\Annick\APPLIC~1\Atari
[23/11/2005|19:27] D:\DOCUME~1\Annick\APPLIC~1\CyberLink
[08/10/2008|18:52] D:\DOCUME~1\Annick\APPLIC~1\dvdcss
[18/12/2005|14:24] D:\DOCUME~1\Annick\APPLIC~1\EPSON
[04/02/2006|19:37] D:\DOCUME~1\Annick\APPLIC~1\FotoWire
[01/08/2008|10:58] D:\DOCUME~1\Annick\APPLIC~1\F-Secure
[16/10/2006|19:10] D:\DOCUME~1\Annick\APPLIC~1\Google
[27/01/2006|14:29] D:\DOCUME~1\Annick\APPLIC~1\Help
[30/09/2005|00:29] D:\DOCUME~1\Annick\APPLIC~1\Identities
[25/12/2007|10:53] D:\DOCUME~1\Annick\APPLIC~1\InstallShield
[07/12/2006|18:30] D:\DOCUME~1\Annick\APPLIC~1\ispnews
[21/12/2005|16:59] D:\DOCUME~1\Annick\APPLIC~1\Leadertech
[29/09/2005|15:55] D:\DOCUME~1\Annick\APPLIC~1\Macromedia
[10/04/2009|11:30] D:\DOCUME~1\Annick\APPLIC~1\Malwarebytes
[13/04/2008|18:14] D:\DOCUME~1\Annick\APPLIC~1\Microsoft
[19/09/2008|20:24] D:\DOCUME~1\Annick\APPLIC~1\Mozilla
[14/04/2009|18:21] D:\DOCUME~1\Annick\APPLIC~1\MSNInstaller
[12/11/2005|19:03] D:\DOCUME~1\Annick\APPLIC~1\OD2
[27/07/2006|18:55] D:\DOCUME~1\Annick\APPLIC~1\Real
[21/12/2005|16:59] D:\DOCUME~1\Annick\APPLIC~1\Sonic
[14/04/2009|22:00] D:\DOCUME~1\Annick\APPLIC~1\Spam Dupe
[11/03/2006|19:11] D:\DOCUME~1\Annick\APPLIC~1\Sun
[11/03/2006|10:55] D:\DOCUME~1\Annick\APPLIC~1\Symantec
[12/03/2009|15:20] D:\DOCUME~1\Annick\APPLIC~1\TuneUp Software
[13/11/2005|13:16] D:\DOCUME~1\Annick\APPLIC~1\Ulead Systems
[08/10/2008|19:28] D:\DOCUME~1\Annick\APPLIC~1\vlc
[16/04/2009|15:42] D:\DOCUME~1\Annick\APPLIC~1\WinRAR
[29/09/2005|15:48] D:\DOCUME~1\Annick\APPLIC~1\You've Got Pictures Screensaver

[30/09/2005|00:29] D:\DOCUME~1\DEFAUL~1\APPLIC~1\Identities
[30/07/2008|20:15] D:\DOCUME~1\DEFAUL~1\APPLIC~1\Macromedia
[29/09/2005|16:07] D:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft
[29/09/2005|15:54] D:\DOCUME~1\DEFAUL~1\APPLIC~1\Real
[29/09/2005|15:51] D:\DOCUME~1\DEFAUL~1\APPLIC~1\Symantec
[29/09/2005|15:48] D:\DOCUME~1\DEFAUL~1\APPLIC~1\You've Got Pictures Screensaver


[22/01/2008|20:12] D:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft

[19/07/2007|23:11] D:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft
[09/01/2006|17:25] D:\DOCUME~1\NETWOR~1\APPLIC~1\Symantec

[11/02/2006|17:40] D:\DOCUME~1\PROPRI~1\APPLIC~1\You've Got Pictures Screensaver

--------------------\\ Tâches planifiées dans C:\WINDOWS\tasks

[17/04/2009 19:54][--ah-----] C:\WINDOWS\tasks\User_Feed_Synchronization-{24B491C1-0310-4C5B-B6CC-286C88043E54}.job
[17/04/2009 20:00][--a------] C:\WINDOWS\tasks\Maintenance en 1 clic.job
[09/03/2009 11:54][--a------] C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[17/04/2009 16:19][--ah-----] C:\WINDOWS\tasks\SA.DAT
[05/08/2004 14:00][-r-h-----] C:\WINDOWS\tasks\desktop.ini

--------------------\\ Listing des dossiers dans C:\Program Files

[29/09/2005|15:47] C:\Program Files\Adobe
[29/09/2005|15:36] C:\Program Files\AMD
[29/09/2005|15:48] C:\Program Files\AOL 9.0
[29/09/2005|15:48] C:\Program Files\AOL Compagnon
[24/12/2007|23:37] C:\Program Files\Apple Software Update
[12/11/2005|13:27] C:\Program Files\ArcSoft
[14/04/2009|19:57] C:\Program Files\Avira
[16/04/2009|12:32] C:\Program Files\CCleaner
[12/11/2005|12:00] C:\Program Files\Ciel
[08/01/2006|18:08] C:\Program Files\CONEXANT
[29/09/2005|15:59] C:\Program Files\CyberLink
[26/02/2006|12:27] C:\Program Files\D-Tools
[14/10/2008|10:20] C:\Program Files\eMule
[12/11/2005|13:29] C:\Program Files\epson
[16/04/2009|15:47] C:\Program Files\ERUNT
[10/04/2009|11:35] C:\Program Files\Fichiers communs
[29/09/2005|15:54] C:\Program Files\GMixon
[14/04/2009|21:24] C:\Program Files\Google
[04/07/2008|09:16] C:\Program Files\Icone
[14/04/2009|18:27] C:\Program Files\InstallShield Installation Information
[17/04/2009|16:19] C:\Program Files\Internet Explorer
[24/12/2007|23:38] C:\Program Files\iPod
[18/07/2008|14:03] C:\Program Files\iTunes
[29/09/2005|15:40] C:\Program Files\Java
[20/12/2008|18:16] C:\Program Files\JS World
[26/04/2006|15:03] C:\Program Files\jv16 PowerTools
[29/09/2005|15:48] C:\Program Files\Learn2.com
[04/07/2008|09:16] C:\Program Files\LETMIN
[14/04/2009|18:20] C:\Program Files\Logitech
[10/04/2009|11:30] C:\Program Files\Malwarebytes' Anti-Malware
[14/10/2008|09:13] C:\Program Files\Messenger
[16/08/2004|18:11] C:\Program Files\microsoft frontpage
[03/12/2005|19:14] C:\Program Files\Microsoft Office
[14/10/2008|09:08] C:\Program Files\Movie Maker
[10/04/2009|11:56] C:\Program Files\Mozilla Firefox
[14/04/2009|18:21] C:\Program Files\MSN
[16/08/2004|18:03] C:\Program Files\MSN Gaming Zone
[10/04/2009|11:39] C:\Program Files\MSN Messenger
[17/11/2006|22:24] C:\Program Files\MSXML 4.0
[08/04/2008|16:02] C:\Program Files\Navilog1
[14/10/2008|09:04] C:\Program Files\NetMeeting
[12/11/2005|12:01] C:\Program Files\OFFICE One6.5
[14/10/2008|09:04] C:\Program Files\Outlook Express
[25/12/2007|10:54] C:\Program Files\Philips
[31/08/2008|22:13] C:\Program Files\PhotoFiltre
[31/08/2008|21:48] C:\Program Files\PhotoScape
[24/12/2007|23:38] C:\Program Files\QuickTime
[12/11/2005|12:01] C:\Program Files\Readiris Pro 8
[29/09/2005|15:48] C:\Program Files\Real
[08/04/2008|11:06] C:\Program Files\RegCleaner
[16/08/2004|18:07] C:\Program Files\Services en ligne
[29/09/2005|15:59] C:\Program Files\Sonic
[26/02/2009|15:48] C:\Program Files\Spam Dupe
[14/04/2009|18:25] C:\Program Files\Spybot - Search & Destroy
[16/04/2009|09:40] C:\Program Files\Trend Micro
[12/03/2009|15:19] C:\Program Files\TuneUp Utilities 2009
[02/01/2006|19:45] C:\Program Files\Ubi Soft
[07/04/2008|23:44] C:\Program Files\Ubisoft
[29/09/2005|15:58] C:\Program Files\Ulead Systems
[16/08/2004|18:19] C:\Program Files\Uninstall Information
[26/02/2006|12:09] C:\Program Files\VideoLAN
[30/07/2007|14:35] C:\Program Files\Windows Live Safety Center
[29/09/2005|15:57] C:\Program Files\Windows Media Components
[21/01/2008|21:15] C:\Program Files\Windows Media Connect 2
[14/10/2008|09:04] C:\Program Files\Windows Media Player
[14/10/2008|09:04] C:\Program Files\Windows NT
[16/08/2004|18:07] C:\Program Files\WindowsUpdate
[16/04/2009|15:42] C:\Program Files\WinRAR
[16/08/2004|18:11] C:\Program Files\xerox

--------------------\\ Listing des dossiers dans C:\Program Files\Fichiers communs

[29/09/2005|15:47] C:\Program Files\Fichiers communs\Adobe
[29/09/2005|15:48] C:\Program Files\Fichiers communs\AOL
[29/09/2005|15:48] C:\Program Files\Fichiers communs\aolshare
[24/12/2007|23:36] C:\Program Files\Fichiers communs\Apple
[12/11/2005|12:00] C:\Program Files\Fichiers communs\Borland Shared
[03/12/2005|19:14] C:\Program Files\Fichiers communs\Designer
[26/12/2005|17:52] C:\Program Files\Fichiers communs\DirectX
[08/04/2008|10:44] C:\Program Files\Fichiers communs\ErreurChasseur
[04/02/2006|19:37] C:\Program Files\Fichiers communs\FotoWire
[08/01/2008|14:40] C:\Program Files\Fichiers communs\France Telecom
[12/11/2005|13:32] C:\Program Files\Fichiers communs\InstallShield
[29/09/2005|15:40] C:\Program Files\Fichiers communs\Java
[04/02/2006|19:35] C:\Program Files\Fichiers communs\Logitech
[27/02/2007|19:01] C:\Program Files\Fichiers communs\Microsoft Shared
[16/08/2004|18:06] C:\Program Files\Fichiers communs\MSSoap
[08/04/2008|10:44] C:\Program Files\Fichiers communs\Nettordinateur
[29/09/2005|15:48] C:\Program Files\Fichiers communs\Nullsoft
[16/08/2004|17:57] C:\Program Files\Fichiers communs\ODBC
[29/09/2005|15:54] C:\Program Files\Fichiers communs\Real
[16/08/2004|18:06] C:\Program Files\Fichiers communs\Services
[29/09/2005|15:59] C:\Program Files\Fichiers communs\Sonic Shared
[16/08/2004|17:56] C:\Program Files\Fichiers communs\SpeechEngines
[29/09/2005|15:55] C:\Program Files\Fichiers communs\SureThing Shared
[14/10/2008|09:04] C:\Program Files\Fichiers communs\System
[29/09/2005|15:57] C:\Program Files\Fichiers communs\Ulead Systems
[29/09/2005|15:54] C:\Program Files\Fichiers communs\xing shared

--------------------\\ Process

( 37 Processes )

iexplore.exe ~ [PID:1660]

--------------------\\ Recherche avec S_Lop

Aucun fichier / dossier Lop trouvé !

--------------------\\ Recherche de Fichiers / Dossiers Lop

Aucun fichier / dossier Lop trouvé !

--------------------\\ Verification du Registre

..... OK !

--------------------\\ Verification du fichier Hosts

Fichier Hosts PROPRE


--------------------\\ Recherche de fichiers avec Catchme

catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-04-17 20:04:52
Windows 5.1.2600 Service Pack 3 NTFS
scanning hidden processes ...
scanning hidden files ...
folder error: D:\DOCUME~1\Annick\LOCALS~1\APPLIC~1

--------------------\\ Recherche d'autres infections


Aucune autre infection trouvée !

[F:2][D:2]-> D:\DOCUME~1\Annick\LOCALS~1\Temp
[F:6][D:0]-> D:\DOCUME~1\Annick\Cookies
[F:223][D:4]-> D:\DOCUME~1\Annick\LOCALS~1\TEMPOR~1\content.IE5

1 - "C:\Lop SD\LopR_1.txt" - 15/04/2009|14:24 - Option : [1]
2 - "C:\Lop SD\LopR_2.txt" - 15/04/2009|14:39 - Option : [2]
3 - "C:\Lop SD\LopR_3.txt" - 17/04/2009|20:01 - Option : [1]
4 - "C:\Lop SD\LopR_4.txt" - 17/04/2009|20:05 - Option : [1]

--------------------\\ Fin du rapport a 20:05:27

re, fais l'option 2 et postes le rapport

--------------------\\ Lop S&D 4.2.5-0 XP/Vista

Microsoft Windows XP Édition familiale ( v5.1.2600 ) Service Pack 3
X86-based PC ( Uniprocessor Free : AMD Athlon(tm) 64 Processor 3400+ )
BIOS : BIOS Date: 09/06/05 17:29:38 Ver: 08.00.12
USER : Annick ( Administrator )
BOOT : Normal boot
Antivirus : Avira AntiVir PersonalEdition Classic 8.0.1.30 (Activated)
Firewall : Norton Internet Security 2005 (Not Activated)
C:\ (Local Disk) - NTFS - Total:79 Go (Free:70 Go)
D:\ (Local Disk) - NTFS - Total:100 Go (Free:92 Go)
E:\ (CD or DVD)
F:\ (CD or DVD) - CDFS - Total:0 Go (Free:0 Go)
H:\ (USB)
I:\ (USB)
J:\ (USB)
K:\ (USB)

"C:\Lop SD" ( MAJ : 19-12-2008|23:40 )
Option : [2] ( 18/04/2009|14:25 )


\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\


--------------------\\ Listing des dossiers dans APPLIC~1

[30/09/2005|00:29] D:\DOCUME~1\ADMINI~1\APPLIC~1\Identities
[29/09/2005|15:55] D:\DOCUME~1\ADMINI~1\APPLIC~1\Macromedia
[29/09/2005|16:07] D:\DOCUME~1\ADMINI~1\APPLIC~1\Microsoft
[29/09/2005|15:54] D:\DOCUME~1\ADMINI~1\APPLIC~1\Real
[29/09/2005|15:51] D:\DOCUME~1\ADMINI~1\APPLIC~1\Symantec
[29/09/2005|15:48] D:\DOCUME~1\ADMINI~1\APPLIC~1\You've Got Pictures Screensaver

[15/10/2008|13:54] D:\DOCUME~1\Alison\APPLIC~1\Adobe
[17/01/2009|17:51] D:\DOCUME~1\Alison\APPLIC~1\Apple Computer
[06/12/2005|22:53] D:\DOCUME~1\Alison\APPLIC~1\ArcSoft
[31/12/2006|12:52] D:\DOCUME~1\Alison\APPLIC~1\CyberLink
[10/12/2005|20:30] D:\DOCUME~1\Alison\APPLIC~1\EPSON
[23/12/2006|19:21] D:\DOCUME~1\Alison\APPLIC~1\Google
[30/09/2005|00:29] D:\DOCUME~1\Alison\APPLIC~1\Identities
[11/12/2006|20:57] D:\DOCUME~1\Alison\APPLIC~1\ispnews
[29/09/2006|17:31] D:\DOCUME~1\Alison\APPLIC~1\Macromedia
[22/11/2008|21:53] D:\DOCUME~1\Alison\APPLIC~1\Microsoft
[15/10/2008|13:45] D:\DOCUME~1\Alison\APPLIC~1\Mozilla
[01/12/2005|21:54] D:\DOCUME~1\Alison\APPLIC~1\OD2
[03/01/2007|12:38] D:\DOCUME~1\Alison\APPLIC~1\Real
[19/03/2007|20:46] D:\DOCUME~1\Alison\APPLIC~1\Sonic
[20/12/2006|20:15] D:\DOCUME~1\Alison\APPLIC~1\Sun
[29/09/2005|15:51] D:\DOCUME~1\Alison\APPLIC~1\Symantec
[11/02/2007|12:53] D:\DOCUME~1\Alison\APPLIC~1\Ulead Systems
[18/06/2008|13:29] D:\DOCUME~1\Alison\APPLIC~1\Viewpoint
[10/03/2006|19:45] D:\DOCUME~1\Alison\APPLIC~1\vlc
[29/09/2005|15:48] D:\DOCUME~1\Alison\APPLIC~1\You've Got Pictures Screensaver

[12/03/2009|15:18] D:\DOCUME~1\ALLUSE~1\APPLIC~1\{55A29068-F2CE-456C-9148-C869879E2357}
[29/09/2005|15:47] D:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe
[29/09/2005|15:48] D:\DOCUME~1\ALLUSE~1\APPLIC~1\AOL
[24/12/2007|23:36] D:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple
[24/12/2007|23:38] D:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple Computer
[14/04/2009|19:57] D:\DOCUME~1\ALLUSE~1\APPLIC~1\Avira
[12/11/2005|12:00] D:\DOCUME~1\ALLUSE~1\APPLIC~1\Ciel
[26/01/2006|18:38] D:\DOCUME~1\ALLUSE~1\APPLIC~1\CyberLink
[14/04/2009|19:10] D:\DOCUME~1\ALLUSE~1\APPLIC~1\F-Secure
[18/06/2008|13:24] D:\DOCUME~1\ALLUSE~1\APPLIC~1\fssg
[07/04/2008|23:45] D:\DOCUME~1\ALLUSE~1\APPLIC~1\Google
[08/04/2008|07:52] D:\DOCUME~1\ALLUSE~1\APPLIC~1\Lavasoft
[10/04/2009|11:30] D:\DOCUME~1\ALLUSE~1\APPLIC~1\Malwarebytes
[30/05/2008|15:58] D:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft
[21/01/2006|12:14] D:\DOCUME~1\ALLUSE~1\APPLIC~1\OD2
[13/11/2005|13:20] D:\DOCUME~1\ALLUSE~1\APPLIC~1\QuickTime
[30/09/2005|00:29] D:\DOCUME~1\ALLUSE~1\APPLIC~1\SBSI
[14/04/2009|18:25] D:\DOCUME~1\ALLUSE~1\APPLIC~1\Spybot - Search & Destroy
[26/04/2006|15:17] D:\DOCUME~1\ALLUSE~1\APPLIC~1\Symantec
[12/03/2009|15:19] D:\DOCUME~1\ALLUSE~1\APPLIC~1\TuneUp Software
[12/11/2005|13:31] D:\DOCUME~1\ALLUSE~1\APPLIC~1\UDL
[29/09/2005|15:58] D:\DOCUME~1\ALLUSE~1\APPLIC~1\Ulead Systems
[08/08/2006|10:29] D:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Genuine Advantage
[16/09/2007|17:52] D:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Live Toolbar

[19/09/2008|21:09] D:\DOCUME~1\Annick\APPLIC~1\Adobe
[24/12/2005|22:33] D:\DOCUME~1\Annick\APPLIC~1\AdobeUM
[24/12/2007|23:47] D:\DOCUME~1\Annick\APPLIC~1\Apple Computer
[01/02/2006|19:30] D:\DOCUME~1\Annick\APPLIC~1\ArcSoft
[06/01/2007|17:48] D:\DOCUME~1\Annick\APPLIC~1\Atari
[23/11/2005|19:27] D:\DOCUME~1\Annick\APPLIC~1\CyberLink
[08/10/2008|18:52] D:\DOCUME~1\Annick\APPLIC~1\dvdcss
[18/12/2005|14:24] D:\DOCUME~1\Annick\APPLIC~1\EPSON
[04/02/2006|19:37] D:\DOCUME~1\Annick\APPLIC~1\FotoWire
[01/08/2008|10:58] D:\DOCUME~1\Annick\APPLIC~1\F-Secure
[16/10/2006|19:10] D:\DOCUME~1\Annick\APPLIC~1\Google
[27/01/2006|14:29] D:\DOCUME~1\Annick\APPLIC~1\Help
[30/09/2005|00:29] D:\DOCUME~1\Annick\APPLIC~1\Identities
[25/12/2007|10:53] D:\DOCUME~1\Annick\APPLIC~1\InstallShield
[07/12/2006|18:30] D:\DOCUME~1\Annick\APPLIC~1\ispnews
[21/12/2005|16:59] D:\DOCUME~1\Annick\APPLIC~1\Leadertech
[29/09/2005|15:55] D:\DOCUME~1\Annick\APPLIC~1\Macromedia
[10/04/2009|11:30] D:\DOCUME~1\Annick\APPLIC~1\Malwarebytes
[13/04/2008|18:14] D:\DOCUME~1\Annick\APPLIC~1\Microsoft
[19/09/2008|20:24] D:\DOCUME~1\Annick\APPLIC~1\Mozilla
[14/04/2009|18:21] D:\DOCUME~1\Annick\APPLIC~1\MSNInstaller
[12/11/2005|19:03] D:\DOCUME~1\Annick\APPLIC~1\OD2
[27/07/2006|18:55] D:\DOCUME~1\Annick\APPLIC~1\Real
[21/12/2005|16:59] D:\DOCUME~1\Annick\APPLIC~1\Sonic
[14/04/2009|22:00] D:\DOCUME~1\Annick\APPLIC~1\Spam Dupe
[11/03/2006|19:11] D:\DOCUME~1\Annick\APPLIC~1\Sun
[11/03/2006|10:55] D:\DOCUME~1\Annick\APPLIC~1\Symantec
[12/03/2009|15:20] D:\DOCUME~1\Annick\APPLIC~1\TuneUp Software
[13/11/2005|13:16] D:\DOCUME~1\Annick\APPLIC~1\Ulead Systems
[08/10/2008|19:28] D:\DOCUME~1\Annick\APPLIC~1\vlc
[16/04/2009|15:42] D:\DOCUME~1\Annick\APPLIC~1\WinRAR
[29/09/2005|15:48] D:\DOCUME~1\Annick\APPLIC~1\You've Got Pictures Screensaver

[30/09/2005|00:29] D:\DOCUME~1\DEFAUL~1\APPLIC~1\Identities
[30/07/2008|20:15] D:\DOCUME~1\DEFAUL~1\APPLIC~1\Macromedia
[29/09/2005|16:07] D:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft
[29/09/2005|15:54] D:\DOCUME~1\DEFAUL~1\APPLIC~1\Real
[29/09/2005|15:51] D:\DOCUME~1\DEFAUL~1\APPLIC~1\Symantec
[29/09/2005|15:48] D:\DOCUME~1\DEFAUL~1\APPLIC~1\You've Got Pictures Screensaver


[22/01/2008|20:12] D:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft

[19/07/2007|23:11] D:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft
[09/01/2006|17:25] D:\DOCUME~1\NETWOR~1\APPLIC~1\Symantec

[11/02/2006|17:40] D:\DOCUME~1\PROPRI~1\APPLIC~1\You've Got Pictures Screensaver

--------------------\\ Tâches planifiées dans C:\WINDOWS\tasks

[18/04/2009 14:25][--ah-----] C:\WINDOWS\tasks\User_Feed_Synchronization-{24B491C1-0310-4C5B-B6CC-286C88043E54}.job
[18/04/2009 14:20][--a------] C:\WINDOWS\tasks\Maintenance en 1 clic.job
[09/03/2009 11:54][--a------] C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[18/04/2009 14:20][--ah-----] C:\WINDOWS\tasks\SA.DAT
[05/08/2004 14:00][-r-h-----] C:\WINDOWS\tasks\desktop.ini

--------------------\\ Listing des dossiers dans C:\Program Files

[29/09/2005|15:47] C:\Program Files\Adobe
[29/09/2005|15:36] C:\Program Files\AMD
[29/09/2005|15:48] C:\Program Files\AOL 9.0
[29/09/2005|15:48] C:\Program Files\AOL Compagnon
[24/12/2007|23:37] C:\Program Files\Apple Software Update
[12/11/2005|13:27] C:\Program Files\ArcSoft
[14/04/2009|19:57] C:\Program Files\Avira
[16/04/2009|12:32] C:\Program Files\CCleaner
[12/11/2005|12:00] C:\Program Files\Ciel
[08/01/2006|18:08] C:\Program Files\CONEXANT
[29/09/2005|15:59] C:\Program Files\CyberLink
[26/02/2006|12:27] C:\Program Files\D-Tools
[14/10/2008|10:20] C:\Program Files\eMule
[12/11/2005|13:29] C:\Program Files\epson
[16/04/2009|15:47] C:\Program Files\ERUNT
[10/04/2009|11:35] C:\Program Files\Fichiers communs
[29/09/2005|15:54] C:\Program Files\GMixon
[14/04/2009|21:24] C:\Program Files\Google
[04/07/2008|09:16] C:\Program Files\Icone
[14/04/2009|18:27] C:\Program Files\InstallShield Installation Information
[17/04/2009|16:19] C:\Program Files\Internet Explorer
[24/12/2007|23:38] C:\Program Files\iPod
[18/07/2008|14:03] C:\Program Files\iTunes
[29/09/2005|15:40] C:\Program Files\Java
[20/12/2008|18:16] C:\Program Files\JS World
[26/04/2006|15:03] C:\Program Files\jv16 PowerTools
[29/09/2005|15:48] C:\Program Files\Learn2.com
[04/07/2008|09:16] C:\Program Files\LETMIN
[14/04/2009|18:20] C:\Program Files\Logitech
[10/04/2009|11:30] C:\Program Files\Malwarebytes' Anti-Malware
[14/10/2008|09:13] C:\Program Files\Messenger
[16/08/2004|18:11] C:\Program Files\microsoft frontpage
[03/12/2005|19:14] C:\Program Files\Microsoft Office
[14/10/2008|09:08] C:\Program Files\Movie Maker
[10/04/2009|11:56] C:\Program Files\Mozilla Firefox
[14/04/2009|18:21] C:\Program Files\MSN
[16/08/2004|18:03] C:\Program Files\MSN Gaming Zone
[10/04/2009|11:39] C:\Program Files\MSN Messenger
[17/11/2006|22:24] C:\Program Files\MSXML 4.0
[08/04/2008|16:02] C:\Program Files\Navilog1
[14/10/2008|09:04] C:\Program Files\NetMeeting
[12/11/2005|12:01] C:\Program Files\OFFICE One6.5
[14/10/2008|09:04] C:\Program Files\Outlook Express
[25/12/2007|10:54] C:\Program Files\Philips
[31/08/2008|22:13] C:\Program Files\PhotoFiltre
[31/08/2008|21:48] C:\Program Files\PhotoScape
[24/12/2007|23:38] C:\Program Files\QuickTime
[12/11/2005|12:01] C:\Program Files\Readiris Pro 8
[29/09/2005|15:48] C:\Program Files\Real
[08/04/2008|11:06] C:\Program Files\RegCleaner
[16/08/2004|18:07] C:\Program Files\Services en ligne
[29/09/2005|15:59] C:\Program Files\Sonic
[26/02/2009|15:48] C:\Program Files\Spam Dupe
[14/04/2009|18:25] C:\Program Files\Spybot - Search & Destroy
[16/04/2009|09:40] C:\Program Files\Trend Micro
[12/03/2009|15:19] C:\Program Files\TuneUp Utilities 2009
[02/01/2006|19:45] C:\Program Files\Ubi Soft
[07/04/2008|23:44] C:\Program Files\Ubisoft
[29/09/2005|15:58] C:\Program Files\Ulead Systems
[16/08/2004|18:19] C:\Program Files\Uninstall Information
[26/02/2006|12:09] C:\Program Files\VideoLAN
[30/07/2007|14:35] C:\Program Files\Windows Live Safety Center
[29/09/2005|15:57] C:\Program Files\Windows Media Components
[21/01/2008|21:15] C:\Program Files\Windows Media Connect 2
[14/10/2008|09:04] C:\Program Files\Windows Media Player
[14/10/2008|09:04] C:\Program Files\Windows NT
[16/08/2004|18:07] C:\Program Files\WindowsUpdate
[16/04/2009|15:42] C:\Program Files\WinRAR
[16/08/2004|18:11] C:\Program Files\xerox

--------------------\\ Listing des dossiers dans C:\Program Files\Fichiers communs

[29/09/2005|15:47] C:\Program Files\Fichiers communs\Adobe
[29/09/2005|15:48] C:\Program Files\Fichiers communs\AOL
[29/09/2005|15:48] C:\Program Files\Fichiers communs\aolshare
[24/12/2007|23:36] C:\Program Files\Fichiers communs\Apple
[12/11/2005|12:00] C:\Program Files\Fichiers communs\Borland Shared
[03/12/2005|19:14] C:\Program Files\Fichiers communs\Designer
[26/12/2005|17:52] C:\Program Files\Fichiers communs\DirectX
[08/04/2008|10:44] C:\Program Files\Fichiers communs\ErreurChasseur
[04/02/2006|19:37] C:\Program Files\Fichiers communs\FotoWire
[08/01/2008|14:40] C:\Program Files\Fichiers communs\France Telecom
[12/11/2005|13:32] C:\Program Files\Fichiers communs\InstallShield
[29/09/2005|15:40] C:\Program Files\Fichiers communs\Java
[04/02/2006|19:35] C:\Program Files\Fichiers communs\Logitech
[27/02/2007|19:01] C:\Program Files\Fichiers communs\Microsoft Shared
[16/08/2004|18:06] C:\Program Files\Fichiers communs\MSSoap
[08/04/2008|10:44] C:\Program Files\Fichiers communs\Nettordinateur
[29/09/2005|15:48] C:\Program Files\Fichiers communs\Nullsoft
[16/08/2004|17:57] C:\Program Files\Fichiers communs\ODBC
[29/09/2005|15:54] C:\Program Files\Fichiers communs\Real
[16/08/2004|18:06] C:\Program Files\Fichiers communs\Services
[29/09/2005|15:59] C:\Program Files\Fichiers communs\Sonic Shared
[16/08/2004|17:56] C:\Program Files\Fichiers communs\SpeechEngines
[29/09/2005|15:55] C:\Program Files\Fichiers communs\SureThing Shared
[14/10/2008|09:04] C:\Program Files\Fichiers communs\System
[29/09/2005|15:57] C:\Program Files\Fichiers communs\Ulead Systems
[29/09/2005|15:54] C:\Program Files\Fichiers communs\xing shared

--------------------\\ Process

( 37 Processes )

... OK !

--------------------\\ Recherche avec S_Lop

Aucun fichier / dossier Lop trouvé !

--------------------\\ Recherche de Fichiers / Dossiers Lop

Aucun fichier / dossier Lop trouvé !

--------------------\\ Verification du Registre

..... OK !

--------------------\\ Verification du fichier Hosts

Fichier Hosts PROPRE


--------------------\\ Recherche de fichiers avec Catchme

catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-04-18 14:27:02
Windows 5.1.2600 Service Pack 3 NTFS
scanning hidden processes ...
scanning hidden files ...
folder error: D:\DOCUME~1\Annick\LOCALS~1\APPLIC~1

--------------------\\ Recherche d'autres infections


Aucune autre infection trouvée !

[F:31][D:0]-> D:\DOCUME~1\Annick\Cookies
[F:535][D:6]-> D:\DOCUME~1\Annick\LOCALS~1\TEMPOR~1\content.IE5

1 - "C:\Lop SD\LopR_1.txt" - 15/04/2009|14:24 - Option : [1]
2 - "C:\Lop SD\LopR_2.txt" - 15/04/2009|14:39 - Option : [2]
3 - "C:\Lop SD\LopR_3.txt" - 17/04/2009|20:01 - Option : [1]
4 - "C:\Lop SD\LopR_4.txt" - 17/04/2009|20:05 - Option : [1]
5 - "C:\Lop SD\LopR_5.txt" - 18/04/2009|14:28 - Option : [2]

--------------------\\ Fin du rapport a 14:28:16

ok fais ceci

on enlèves les log qu'on s'est servit avec ceci

http://www.bibou0007.com/outils-specifiques-f78/tutorial-toolscleaner-2-t375.htm

ensuite un petit scan pour vérif

http://www.bibou0007.com/scans-en-ligne-f75/tutorial-bitdefender-online-t390.htm

poste le rapport bitdefender

Statistiques

Temps
00:40:50

Fichiers
92210

Directoires
8501

Secteurs de boot
0

Archives
1389

Paquets programmes
18867




Résultats

Virus identifiés
4

Fichiers infectés
10

Fichiers suspects
0

Avertissements
0

Désinfectés
0

Fichiers effacés
10




Info sur les moteurs

Définition virus
2673152

Version des moteurs
AVCORE v1.7 (build 8314.19) (i386) (Sep 29 2008 17:19:14)

Analyse des plugins
15

Archive des plugins
42

Unpack des plugins
7

E-mail plugins
6

Système plugins
0




Paramètres d'analyse

Première action
Désinfecté

Seconde Action
Supprimé

Heuristique
Oui

Acceptez les avertissements
Oui

Extensions analysées
exe;com;dll;ocx;scr;bin;dat;386;vxd;sys;wdm;cla;class;ovl;ole;hlp;doc;dot;xls;ppt;wbk;wiz;pot;ppa;xla;xlt;vbs;vbe;mdb;rtf;htm;hta;html;xml;xtp;php;asp;js;shs;chm;lnk;pif;prc;url;smm;pfd;msi;ini;csc;cmd;bas;

Excludez les extensions


Analyse d'emails
Oui

Analyse des Archives
Oui

Analyser paquets programmes
Oui

Analyse des fichiers
Oui

Analyse de boot
Oui




Fichier analysé
Statut

D:\Documents and Settings\Alison\Local Settings\Temporary Internet Files\Content.IE5\99EU8XC7\install_fr[1].exe
Infecté par: Trojan.Generic.1548098

D:\Documents and Settings\Alison\Local Settings\Temporary Internet Files\Content.IE5\99EU8XC7\install_fr[1].exe
Echec de la désinfection

D:\Documents and Settings\Alison\Local Settings\Temporary Internet Files\Content.IE5\99EU8XC7\install_fr[1].exe
Supprimé

D:\Documents and Settings\Alison\Local Settings\Temporary Internet Files\Content.IE5\O7AZSV8D\installer_fr[1].exe
Infecté par: Trojan.Generic.1459708

D:\Documents and Settings\Alison\Local Settings\Temporary Internet Files\Content.IE5\O7AZSV8D\installer_fr[1].exe
Echec de la désinfection

D:\Documents and Settings\Alison\Local Settings\Temporary Internet Files\Content.IE5\O7AZSV8D\installer_fr[1].exe
Supprimé

D:\Documents and Settings\Annick\Application Data\Spam Dupe\MeowSeekDogList.exe
Infecté par: Trojan.Swizzor.4

D:\Documents and Settings\Annick\Application Data\Spam Dupe\MeowSeekDogList.exe
Echec de la désinfection

D:\Documents and Settings\Annick\Application Data\Spam Dupe\MeowSeekDogList.exe
Supprimé

D:\Documents and Settings\Annick\Application Data\Spam Dupe\tsoxvvvn.exe
Infecté par: Trojan.Swizzor.4

D:\Documents and Settings\Annick\Application Data\Spam Dupe\tsoxvvvn.exe
Echec de la désinfection

D:\Documents and Settings\Annick\Application Data\Spam Dupe\tsoxvvvn.exe
Supprimé

D:\Documents and Settings\Annick\Local Settings\Application Data\ocwkk.exe
Infecté par: Gen:Adware.Heur.0131CEDEDE

D:\Documents and Settings\Annick\Local Settings\Application Data\ocwkk.exe
Echec de la désinfection

D:\Documents and Settings\Annick\Local Settings\Application Data\ocwkk.exe
Supprimé

D:\Documents and Settings\Annick\Local Settings\Application Data\qykci.exe
Infecté par: Gen:Adware.Heur.0131CEDEDE

D:\Documents and Settings\Annick\Local Settings\Application Data\qykci.exe
Echec de la désinfection

D:\Documents and Settings\Annick\Local Settings\Application Data\qykci.exe
Supprimé

D:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP970\A0617977.exe
Infecté par: Trojan.Swizzor.4

D:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP970\A0617977.exe
Echec de la désinfection

D:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP970\A0617977.exe
Supprimé

D:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP970\A0617978.exe
Infecté par: Trojan.Swizzor.4

D:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP970\A0617978.exe
Echec de la désinfection

D:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP970\A0617978.exe
Supprimé

D:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP970\A0617979.exe
Infecté par: Gen:Adware.Heur.0131CEDEDE

D:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP970\A0617979.exe
Echec de la désinfection

D:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP970\A0617979.exe
Supprimé

D:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP970\A0617980.exe
Infecté par: Gen:Adware.Heur.0131CEDEDE

D:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP970\A0617980.exe
Echec de la désinfection

D:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP970\A0617980.exe
Supprimé

hello les bibouliennes et bibouliens, je remercie particulièrement laddy et actarus pour leurs interventions et m'incline devant tant de compétences. Voilà donc un sujet clos. amicalement

Salut
si le pc est stable et que des points de restauration apparaissent comme infectés les supprimer par l'antivirus ou purger les points de restauration

Citation :

D:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP970\A0617980.exe