j'ai besoin d'aide pour pyagcore Résolu

Question

Bonjour,

J'ai besoin d'aide "pyagcore" qui je bloc internet explorer et les options MSN J'ai instaler "hijackthis" le bloc note m'a donner ce résulta 

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 18:22:18, on 12/03/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16791)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\SYSTEM32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\ehome\ehtray.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Acer\Empowering Technology\eRecovery\eRAgent.exe
C:\Acer\Empowering Technology\ePerformance\MemCheck.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\WINDOWS\system32\SysMonitor.exe
C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe
C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe
C:\Program Files\Kiwee Toolbar\2.8.167\kwtbaim.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\PROGRA~1\SFR\CONTRO~1\bin\OPTGui.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\AxBx\VirusKeeper 2009 Pro Evaluation\VirusKeeper.exe
C:\Program Files\SweetIM\Messenger\SweetIM.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\system32\ctfmon.exe
C:\documents and settings\confo\local settings\application data\guimg.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Micro Application\Les 4 Dictionnaires Utiles\MediaDICO4Ut.EXE
C:\WINDOWS\eHome\ehSched.exe
C:\Acer\Empowering Technology\Acer.Empowering.Framework.Launcher.exe
C:\Program Files\Windows Live\Family Safety\fsssvc.exe
C:\Program Files\Acer WLAN 11g USB Dongle\ZDWlan.exe
C:\Program Files\Micro Application\Les 4 Dictionnaires Utiles\Rac4Ut.EXE
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\Java\jre6\bin\jqs.exe
c:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
C:\WINDOWS\system32
vsvc32.exe
C:\Program Files\SFR\Controle Parental\bin\optproxy.exe
C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
C:\Documents and Settings\All Users\Application Data\SeekeenSrch\seekeen147.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\AxBx\VirusKeeper 2009 Pro Evaluation\vk_service.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files\Windows Live\Contacts\wlcomm.exe
C:\Program Files\OpenOffice.org 2.4\program\soffice.exe
C:\Documents and Settings\confo\Application Data\Microsoft\Live Search\Notification-LiveSearch.exe
C:\WINDOWS\system32\dllhost.exe
C:\Program Files\OpenOffice.org 2.4\program\soffice.BIN
C:\Documents and Settings\confo\Application Data\Microsoft\Live Search\Mise-a-jour-LiveSearch.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\Program Files\SeekeenSrch\seekeen.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\eHome\ehmsas.exe
C:\Program Files\AxBx\VirusKeeper 2009 Pro Evaluation\vk_watchop.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://home.sweetim.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://home.sweetim.com/
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: AGSearchHook Class - {0BC6E3FA-78EF-4886-842C-5A1258C4455A} - C:\Program Files\agi\common\agcutils.dll
R3 - URLSearchHook: SweetIM ToolbarURLSearchHook Class - {EEE6C35D-6118-11DC-9C72-001320C79847} - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgHelper.dll
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: AGSearchHook Class - {0BC6E3FA-78EF-4886-842C-5A1258C4455A} - C:\Program Files\agi\common\agcutils.dll
O2 - BHO: ShoppingReport - {100EB1FD-D03E-47FD-81F3-EE91287F9465} - C:\Program Files\ShoppingReport\Bin\2.5.0\ShoppingReport.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Windows Live Family Safety Browser Helper - {4f3ed5cd-0726-42a9-87f5-d13f3d2976ac} - C:\Program Files\Windows Live\Family Safety\fssbho.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Kiwee Toolbar - {6638A9DE-0745-4292-8A2E-AE530E7B9B3F} - C:\Program Files\Kiwee Toolbar\2.8.167\KiweeIEToolbar.dll
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SearchHelper.dll
O2 - BHO: Multi Media France Toolbar - {7009fcd4-05be-44f4-9583-93fe419ab7b0} - C:\Program Files\Multi_Media_France	bMult.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: AOL Toolbar Launcher - {7C554162-8CB7-45A4-B8F4-8EA1C75885F9} - C:\Program Files\AOL\AOL Toolbar 5.0\aoltb.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.0.926.3450\swg.dll
O2 - BHO: Come2PlayK2P Toolbar - {b8a5b62c-517f-42a5-85ae-29b5497fb15f} - C:\Program Files\Come2PlayK2P	bCome.dll
O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_219B3E1547538286.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O2 - BHO: SWEETIE - {EEE6C35C-6118-11DC-9C72-001320C79847} - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll
O3 - Toolbar: Acer eDataSecurity Management - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\WINDOWS\system32\eDStoolbar.dll
O3 - Toolbar: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: SweetIM Toolbar for Internet Explorer - {EEE6C35B-6118-11DC-9C72-001320C79847} - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll
O3 - Toolbar: Kiwee Toolbar - {6638A9DE-0745-4292-8A2E-AE530E7B9B3F} - C:\Program Files\Kiwee Toolbar\2.8.167\KiweeIEToolbar.dll
O3 - Toolbar: Multi Media France Toolbar - {7009fcd4-05be-44f4-9583-93fe419ab7b0} - C:\Program Files\Multi_Media_France	bMult.dll
O3 - Toolbar: Come2PlayK2P Toolbar - {b8a5b62c-517f-42a5-85ae-29b5497fb15f} - C:\Program Files\Come2PlayK2P	bCome.dll
O3 - Toolbar: AOL Toolbar - {DE9C389F-3316-41A7-809B-AA305ED9D922} - C:\Program Files\AOL\AOL Toolbar 5.0\aoltb.dll
O3 - Toolbar: &Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe
O4 - HKLM\..\Run: [LaunchApp] Alaunch
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [SkyTel] SkyTel.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [ntiMUI] c:\Program Files\NewTech Infosystems\NTI CD & DVD-Maker 7
tiMUI.exe
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [IMEKRMIG6.1] C:\WINDOWS\ime\imkr6_1\IMEKRMIG.EXE
O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [Acer Empowering Technology Monitor] C:\WINDOWS\system32\SysMonitor.exe
O4 - HKLM\..\Run: [eDataSecurity Loader] C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe 1
O4 - HKLM\..\Run: [eRecoveryService] C:\Acer\Empowering Technology\eRecovery\eRAgent.exe
O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\FICHIE~1\INSTAL~1\UPDATE~1\isuspm.exe -startup
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [PinnacleDriverCheck] C:\WINDOWS\system32\PSDrvCheck.exe -CheckReg
O4 - HKLM\..\Run: [KiweeHook] "C:\Program Files\Kiwee Toolbar\2.8.167\kwtbaim.exe"
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe
O4 - HKLM\..\Run: [OPTENET_GUI] C:\PROGRA~1\SFR\CONTRO~1\bin\OPTGui.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [VirusKeeper] C:\Program Files\AxBx\VirusKeeper 2009 Pro Evaluation\VirusKeeper.exe
O4 - HKLM\..\Run: [SweetIM] C:\Program Files\SweetIM\Messenger\SweetIM.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MediaDICO4Ut] C:\Program Files\Micro Application\Les 4 Dictionnaires Utiles\LanceMediaDICO4Ut.exe Lancement
O4 - HKCU\..\Run: [Packard Bell Data Secure] C:\Program Files\Packard Bell Data Secure\PBDataSecure.exe
O4 - HKCU\..\Run: [MsnMsgr] ~"C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [guimg] "c:\documents and settings\confo\local settings\application data\guimg.exe" guimg
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: DW_Start.lnk = C:\WINDOWS\system32\dwwnw64r.exe
O4 - Startup: OpenOffice.org 2.4.lnk = C:\Program Files\OpenOffice.org 2.4\program\quickstart.exe
O4 - Startup: Outil de notification Live Search.lnk = C:\Documents and Settings\confo\Application Data\Microsoft\Live Search\Notification-LiveSearch.exe
O4 - Global Startup: Acer Empowering Technology.lnk = ?
O4 - Global Startup: Acer WLAN 11g USB Dongle.lnk = C:\Program Files\Acer WLAN 11g USB Dongle\ZDWlan.exe
O4 - Global Startup: Démarrage rapide de HP Photosmart Premier.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Mindscape Website.url
O8 - Extra context menu item: &Recherche AOL Toolbar - c:\program files\aol\aol toolbar 5.0esources\fr-fr\local\search.html
O8 - Extra context menu item: &Search -  
O8 - Extra context menu item: (PopUpCop) Allow images... - res://C:\PROGRA~1\PopUpCop\PopUpCop.dll/allowimages
O8 - Extra context menu item: (PopUpCop) Block images... - res://C:\PROGRA~1\PopUpCop\PopUpCop.dll/blockimages
O8 - Extra context menu item: (PopUpCop) Open In New Window - res://C:\PROGRA~1\PopUpCop\PopUpCop.dll/imagenew
O8 - Extra context menu item: Recherche sur eBay - res://C:\Program Files\eBay\eBay Toolbar2\eBayTb.dll/RCSearch.html
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: AOL Toolbar - {3369AF0D-62E9-4bda-8103-B4C75499B578} - C:\Program Files\AOL\AOL Toolbar 5.0\aoltb.dll
O9 - Extra button: ShopperReports - Compare product prices - {C5428486-50A0-4a02-9D20-520B59A9F9B2} - C:\Program Files\ShoppingReport\Bin\2.5.0\ShoppingReport.dll
O9 - Extra button: ShopperReports - Compare travel rates - {C5428486-50A0-4a02-9D20-520B59A9F9B3} - C:\Program Files\ShoppingReport\Bin\2.5.0\ShoppingReport.dll
O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no file)
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O16 - DPF: CabBuilder - http://kiw.imgag.com/imgag/kiw/toolbar/download/InstallerControl.cab
O16 - DPF: {1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} - http://ak.exe.imgfarm.com/images/nocache/funwebproducts/ei/PopularScreenSaversFWBInitialSetup1.0.0.15-3.cab
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab
O16 - DPF: {5D637FAD-E202-48D1-8F18-5B9C459BD1E3} (Image Uploader Control) - http://www.extrafilm.fr/ImageUploader5.cab
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.cab
O16 - DPF: {BD8667B7-38D8-4C77-B580-18C3E146372C} (Creative Toolbox Plug-in) - http://kiw.imgag.com/imgag/cp/install/crusher-kiwen.cab
O16 - DPF: {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} (Zylom Games Player) - http://game14.zylom.com/activex/zylomgamesplayer.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab56986.cab
O18 - Filter hijack: text/html - {C6F62B7A-5450-4A2F-8687-6CEEC3AEB055} - C:\WINDOWS\system32\controlkids2.dll
O20 - Winlogon Notify: Scryptnat - Scryptnat.dll (file missing)
O23 - Service: Memory Check Service (AcerMemUsageCheckService) - Acer Inc. - C:\Acer\Empowering Technology\ePerformance\MemCheck.exe
O23 - Service: AG Windows Service (AGWinService) - Unknown owner - C:\Program Files\AGI\common\win32\PythonService.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: getPlus(R) Helper - Unknown owner - C:\Program Files\NOS\bin\getPlus_HelperSvc.exe (file missing)
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - c:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32
vsvc32.exe
O23 - Service: Contrôle Parental SFR (OPTENET_FILTER) - SFR - C:\Program Files\SFR\Controle Parental\bin\optproxy.exe
O23 - Service: Panda Process Protection Service (PavPrSrv) - Unknown owner - C:\Program Files\Fichiers communs\Panda Software\PavShld\pavprsrv.exe (file missing)
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: SeekeenSrch Service - Unknown owner - C:\Documents and Settings\All Users\Application Data\SeekeenSrch\seekeen147.exe
O23 - Service: VirusKeeper antivirus/antispyware (vkservice) - AxBx - C:\Program Files\AxBx\VirusKeeper 2009 Pro Evaluation\vk_service.exe

Utilisateur anonyme · Answer

Télécharge ToolBarSD (Team IDN) sur ton Bureau. 

* Lance l'installation du programme en exécutant le fichier téléchargé. 
* Double-clique maintenant sur le raccourci de Toolbar-S&D. 
* Sélectionne la langue souhaitée en tapant la lettre de ton choix puis en validant avec la touche Entrée. 
* Choisis maintenant l'option 1 (Recherche). Patiente jusqu'à la fin de la recherche. 
* Poste le rapport généré. (C:\TB.txt)

Utilisateur anonyme · Answer

ps ca va prendre du temps de te desinfecter parceque que franchement 
des pc infectés comme le tien c'est pas souvent...
c'est meme etonnant qu'il fonctionne encore (?)

Utilisateur anonyme · Answer

t'en es ou ?
parcequ'il est vraiment tant de faire quelquechose pour ton pc ;))

NicoIsAGeek · Answer

Ton ordi a du voir un peu trop de film X... Sans rancune hein ? C'est juste pour la déconne ;).  Bye !

Utilisateur anonyme · Answer

nico is a gekk on se passe de commentaires ......

sylviegr

ta desinfection risque d'etre longue car tu es sur-multi-infectée et il va falloir faire plusieurs procedures, ne t'inquietes pas si je ne te reponds pas tout de suite, je ne t'oublies pas, au pire je reviens toujours plus tard ...!!!
on a analysé (option 1)maintenant on va nettoyer(option2)...

Relance Toolbar-S&D en double-cliquant sur le raccourci. Tape sur "2" (au lieu de 1)puis valide en appuyant sur "Entrée". 

! Ne ferme pas la fenêtre lors de la suppression ! 

Un rapport sera généré, poste son contenu ici. 

NOTE : Si ton Bureau ne réapparait pas, appuie simultanément sur Ctrl+Alt+Suppr pour ouvrir le Gestionnaire des tâches. 
Rends-toi sur l'onglet "Processus". Clique en haut à gauche sur Fichier et choisis "Exécuter..." 
Tape explorer puis valide.

kevin05 · Answer

MOUARFFFFFF

Jolie entre les toolbars infectés et tout le bordel 

Bonne chance neophyte ;-)

Utilisateur anonyme · Answer

bonjour sylviefr

alors tu en es ou ?
tu a reussi a faire le post 6 ou tu a besoin d'aide ou de precisions ?

on a analysé (option 1)maintenant on va nettoyer(option2)... 

Relance Toolbar-S&D en double-cliquant sur le raccourci. Tape sur "2" (au lieu de 1)puis valide en appuyant sur "Entrée". 

! Ne ferme pas la fenêtre lors de la suppression ! 

Un rapport sera généré, poste son contenu ici. 

NOTE : Si ton Bureau ne réapparait pas, appuie simultanément sur Ctrl+Alt+Suppr pour ouvrir le Gestionnaire des tâches. 
Rends-toi sur l'onglet "Processus". Clique en haut à gauche sur Fichier et choisis "Exécuter..." 
Tape explorer puis valide.

Utilisateur anonyme · Answer

slt *
attention ca remarche comme tu dis mais c'est provisoire, si tu laisses les autres infections dans une semaine tu reviens...
est ce qu'on continue et on remet ton pc a neuf ??? en tout cas je te le conseille fortement...;)

et a la fin de la desinfection je te donnerais des conseils et astuces pour ne plus te prendre de virus !

alors on continue ?

Utilisateur anonyme · Answer

rassures toi on en  a enlevé un gros morceau ;)

maintenent peux tu reposter un nouveau rapport hijackthis comme tu as fais au 1 er post stp?

Utilisateur anonyme · Answer

bon, le logiciel toolsbar sd n' a pas enlevé la totalité de ce qu'il aurait du !


On va relancer toolsbar sd et encore l'option 2 mais cette fois en mode sans echec !
je t'explique :

pour cela tu dois redemarrer ton pc et juste avant le logo windows (des le debut), 
tu vas tapoter la touche F5 OU F8 selon les pc
et tu vas tomber sur une fenetre bizarre ou avec les fleches haut/bas de ton clavier il faudra 
aller sur : demarrer sans echec (c'est un mode de diagnostic de windows qui utilise que le minimum vital de ton pc)

ensuite ton bureau va apparaitre avec des couleurs et icones bizarres c'est normal !
tu n'auras pas acces a internet ! 


Relances toolsbar sd option 2 

redemarre en mode normal (c'est fait automatiquement) reconnectes toi et poste le rapport dans la prochaine reponse

T'inquiete pas on va remettre ce pc a neuf ;)

et ps: quand tu postes un message rends toi directement ds le cadre blanc en bas de la page (ne fais pas repondre a) sinon on va se perdre ;)

sylviesfr · Answer

Voici le nouveau rapport
  
 -----------\  ToolBar S&D 1.2.8   XP/Vista

   Microsoft (R) Windows Script Host Version 5.7
   Copyright (C) Microsoft Corporation 1996-2001. Tous droits r‚serv‚s.
   Microsoft Windows XP Professionnel ( v5.1.2600 ) Service Pack 3
   X86-based PC ( Multiprocessor Free : AMD Athlon(tm) 64 Processor 3500+ )
   BIOS : )Phoenix - Award WorkstationBIOS v6.00PG
   USER : confo ( Administrator )
   BOOT : Fail-safe boot
   Antivirus : VirusKeeper 2009 Pro antivirus 9.0 (Activated)
   C:\ (Local Disk) - NTFS - Total:71 Go (Free:22 Go)
   D:\ (Local Disk) - FAT32 - Total:72 Go (Free:71 Go)
   E:\ (CD or DVD)
   G:\ (USB)
   H:\ (USB)
   I:\ (USB)
   J:\ (USB)

   "C:\ToolBar SD" ( MAJ : 21-12-2008|20:47 )
   Option : [2] ( 14/03/2009|11:08 )

   -----------\  Recherche de Fichiers / Dossiers ...


   -----------\  Extensions

   (confo) - {3112ca9c-de6d-4884-a869-9855de68056c} => google-toolbar
   (confo) - {EEE6C361-6118-11DC-9C72-001320C79847} => sweetim-toolbar


   -----------\  [..\Internet Explorer\Main]

   [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
   "Local Page"="C:\WINDOWS\system32\blank.htm"
   "Start Page"="https://www.msn.com/fr-fr"
   "SearchMigratedDefaultURL"="https://www.bing.com/?scope=web&mkt=fr-FR{searchTerms}&src={referrer:source?}"
   "Default_Page_URL"="https://www.msn.com/fr-fr"

   [HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
   "Default_Page_URL"="https://www.msn.com/fr-fr/?ocid=iehp"
   "Default_Search_URL"="https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF"
   "Search Page"="https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF"
   "Start Page"="https://www.msn.com/fr-fr/"


   --------------------\  Recherche d'autres infections

  


 C:\WINDOWS\Pack.epk
 
   C:\DOCUME~1\confo\LOCALS~1\APPLIC~1\guimg.dat
   C:\DOCUME~1\confo\LOCALS~1\APPLIC~1\guimg.exe
   C:\DOCUME~1\confo\LOCALS~1\APPLIC~1\guimg_nav.dat
   C:\DOCUME~1\confo\LOCALS~1\APPLIC~1\guimg_navps.dat
   [b]==> EGDACCESS <==/b




   1 - "C:\ToolBar SD\TB_1.txt" - 12/03/2009|19:53 - Option : [1]
   2 - "C:\ToolBar SD\TB_2.txt" - 13/03/2009|15:09 - Option : [2]
   3 - "C:\ToolBar SD\TB_3.txt" - 14/03/2009|11:10 - Option : [2]

   -----------\  Fin du rapport a 11:10:58,95

Utilisateur anonyme · Answer

Télécharge Malwarebytes ICI

Fais la mise à jour du logiciel (elle se fait normalement à l'installation)

Lance une analyse complète en cliquant sur "Exécuter un examen complet"

Sélectionnes les disques que tu veux analyser et cliques sur "Lancer l'examen"

L'analyse peut durer un bon moment.....

Une fois l'analyse terminée, cliques sur "OK" puis sur "Afficher les résultats"

Vérifies que tout est bien coché et cliques sur "Supprimer la sélection" => et ensuite sur "OK"

Un rapport va s'ouvrir dans le bloc note... Fais un copié/collé du rapport dans ta prochaine réponse sur le forum


* Il se pourrait que certains fichiers devront être supprimés au redémarrage du PC... Faites le en cliquant sur "oui" à la question posée

sylviesfr · Answer

salut
je suis trop bête j'ai cliquer sur redémarrer avant de copier le rapport je me souvient qu'il y avais 20 infections qu'il a effacer.
désoler le week-end je doit être un peu mono-neurone. mais je suis sur que ça se soigne comme mon ordi (grace a toi)

Utilisateur anonyme · Answer

ce petit tutoriel t'aidera a te servir de malwarebyte, il faudra garder ce logiciel a l'avenir, je t'expliquerai pourquoi a la fin
https://www.malekal.com/tutoriel-malwarebyte-anti-malware/
retourne ds malware byte et tu as un onglet "rapport/logs" va dedans et ton rapport se trouve dedans !
poste le

sylviesfr · Answer

Malwarebytes' Anti-Malware 1.34
Version de la base de données: 1848
Windows 5.1.2600 Service Pack 3

14/03/2009 12:40:05
mbam-log-2009-03-14 (12-40-05).txt

Type de recherche: Examen complet (C:\|D:\|)
Eléments examinés: 243408
Temps écoulé: 43 minute(s), 57 second(s)

Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 9
Valeur(s) du Registre infectée(s): 2
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 0
Fichier(s) infecté(s): 9

Processus mémoire infecté(s):
(Aucun élément nuisible détecté)

Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)

Clé(s) du Registre infectée(s):
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{fcaddc14-bd46-408a-9842-cdbe1c6d37eb} (Spyware.Banker) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{b7d3e479-cc68-42b5-a338-938ece35f419} (Adware.SoftMate) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{100eb1fd-d03e-47fd-81f3-ee91287f9465} (Adware.Shopping.Report) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{c5428486-50a0-4a02-9d20-520b59a9f9b2} (Adware.Shopping.Report) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{c5428486-50a0-4a02-9d20-520b59a9f9b3} (Adware.Shopping.Report) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{9ff05104-b030-46fc-94b8-81276e4e27df} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{1d4db7d2-6ec9-47a3-bd87-1e41684e07bb} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\fcn (Rogue.Residue) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\multi_media_france toolbar (Adware.Trace) -> Quarantined and deleted successfully.

Valeur(s) du Registre infectée(s):
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\guimg (Adware.Navipromo.H) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Toolbar\WebBrowser\{b7d3e479-cc68-42b5-a338-938ece35f419} (Adware.SoftMate) -> Quarantined and deleted successfully.

Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)

Dossier(s) infecté(s):
(Aucun élément nuisible détecté)

Fichier(s) infecté(s):
C:\Documents and Settings\confo\Local Settings\Application Data\guimg_navps.dat (Adware.Navipromo.H) -> Quarantined and deleted successfully.
C:\Documents and Settings\confo\Local Settings\Application Data\guimg_nav.dat (Adware.Navipromo.H) -> Quarantined and deleted successfully.
C:\Documents and Settings\confo\Local Settings\Application Data\guimg.dat (Adware.Navipromo.H) -> Quarantined and deleted successfully.
C:\Documents and Settings\confo\Local Settings\Application Data\guimg.exe (Adware.Navipromo.H) -> Delete on reboot.
C:\ToolBar SD\Backup-TB\Program Files\Internet Explorer\msimg32.dll (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Documents and Settings\confo\Local Settings\Temp\ShprInstaller.exe (Adware.Shopper) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{B89CEA26-ECB5-40D8-BB54-F267A162670D}\RP554\A0239431.dll (Adware.Shopper) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{B89CEA26-ECB5-40D8-BB54-F267A162670D}\RP554\A0239433.dll (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\msnav32.ax (Malware.Trace) -> Quarantined and deleted successfully.

Utilisateur anonyme · Answer

excellent 
il faudrait un nouveau rapport hijackthis stp (ca devrait etre le dernier je pense)

sylviesfr · Answer

alors docteur il est sauver.

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 15:58:32, on 14/03/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16791)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\SYSTEM32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\ehome\ehtray.exe
C:\Acer\Empowering Technology\ePerformance\MemCheck.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Acer\Empowering Technology\eRecovery\eRAgent.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\WINDOWS\system32\SysMonitor.exe
C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\PROGRA~1\SFR\CONTRO~1\bin\OPTGui.exe
C:\Program Files\AxBx\VirusKeeper 2009 Pro Evaluation\VirusKeeper.exe
C:\Program Files\SweetIM\Messenger\SweetIM.exe
C:\WINDOWS\eHome\ehSched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Windows Live\Family Safety\fsssvc.exe
C:\Acer\Empowering Technology\Acer.Empowering.Framework.Launcher.exe
C:\Program Files\Micro Application\Les 4 Dictionnaires Utiles\MediaDICO4Ut.EXE
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Acer WLAN 11g USB Dongle\ZDWlan.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
c:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
C:\Program Files\Micro Application\Les 4 Dictionnaires Utiles\Rac4Ut.EXE
C:\WINDOWS\system32
vsvc32.exe
C:\Program Files\SFR\Controle Parental\bin\optproxy.exe
C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
C:\Documents and Settings\All Users\Application Data\SeekeenSrch\seekeen147.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\AxBx\VirusKeeper 2009 Pro Evaluation\vk_service.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files\SeekeenSrch\seekeen.exe
C:\WINDOWS\system32\dllhost.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\eHome\ehmsas.exe
C:\Documents and Settings\confo\Application Data\Microsoft\Live Search\Notification-LiveSearch.exe
C:\Documents and Settings\confo\Application Data\Microsoft\Live Search\Mise-a-jour-LiveSearch.exe
C:\Program Files\OpenOffice.org 2.4\program\soffice.exe
C:\Program Files\OpenOffice.org 2.4\program\soffice.BIN
C:\Program Files\AxBx\VirusKeeper 2009 Pro Evaluation\vk_watchop.exe
C:\WINDOWS\explorer.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: AGSearchHook Class - {0BC6E3FA-78EF-4886-842C-5A1258C4455A} - C:\Program Files\agi\common\agcutils.dll
R3 - URLSearchHook: SweetIM ToolbarURLSearchHook Class - {EEE6C35D-6118-11DC-9C72-001320C79847} - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgHelper.dll
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: AGSearchHook Class - {0BC6E3FA-78EF-4886-842C-5A1258C4455A} - C:\Program Files\agi\common\agcutils.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Windows Live Family Safety Browser Helper - {4f3ed5cd-0726-42a9-87f5-d13f3d2976ac} - C:\Program Files\Windows Live\Family Safety\fssbho.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SearchHelper.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: AOL Toolbar Launcher - {7C554162-8CB7-45A4-B8F4-8EA1C75885F9} - C:\Program Files\AOL\AOL Toolbar 5.0\aoltb.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.0.926.3450\swg.dll
O2 - BHO: Come2PlayK2P Toolbar - {b8a5b62c-517f-42a5-85ae-29b5497fb15f} - C:\Program Files\Come2PlayK2P	bCome.dll
O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_219B3E1547538286.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O2 - BHO: SWEETIE - {EEE6C35C-6118-11DC-9C72-001320C79847} - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll
O3 - Toolbar: Acer eDataSecurity Management - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\WINDOWS\system32\eDStoolbar.dll
O3 - Toolbar: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: SweetIM Toolbar for Internet Explorer - {EEE6C35B-6118-11DC-9C72-001320C79847} - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll
O3 - Toolbar: Come2PlayK2P Toolbar - {b8a5b62c-517f-42a5-85ae-29b5497fb15f} - C:\Program Files\Come2PlayK2P	bCome.dll
O3 - Toolbar: AOL Toolbar - {DE9C389F-3316-41A7-809B-AA305ED9D922} - C:\Program Files\AOL\AOL Toolbar 5.0\aoltb.dll
O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe
O4 - HKLM\..\Run: [LaunchApp] Alaunch
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [SkyTel] SkyTel.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [ntiMUI] c:\Program Files\NewTech Infosystems\NTI CD & DVD-Maker 7
tiMUI.exe
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [IMEKRMIG6.1] C:\WINDOWS\ime\imkr6_1\IMEKRMIG.EXE
O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [Acer Empowering Technology Monitor] C:\WINDOWS\system32\SysMonitor.exe
O4 - HKLM\..\Run: [eDataSecurity Loader] C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe 1
O4 - HKLM\..\Run: [eRecoveryService] C:\Acer\Empowering Technology\eRecovery\eRAgent.exe
O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\FICHIE~1\INSTAL~1\UPDATE~1\isuspm.exe -startup
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [PinnacleDriverCheck] C:\WINDOWS\system32\PSDrvCheck.exe -CheckReg
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe
O4 - HKLM\..\Run: [OPTENET_GUI] C:\PROGRA~1\SFR\CONTRO~1\bin\OPTGui.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [VirusKeeper] C:\Program Files\AxBx\VirusKeeper 2009 Pro Evaluation\VirusKeeper.exe
O4 - HKLM\..\Run: [SweetIM] C:\Program Files\SweetIM\Messenger\SweetIM.exe
O4 - HKLM\..\RunOnce: [Malwarebytes' Anti-Malware] D:\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MediaDICO4Ut] C:\Program Files\Micro Application\Les 4 Dictionnaires Utiles\LanceMediaDICO4Ut.exe Lancement
O4 - HKCU\..\Run: [Packard Bell Data Secure] C:\Program Files\Packard Bell Data Secure\PBDataSecure.exe
O4 - HKCU\..\Run: [MsnMsgr] ~"C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: DW_Start.lnk = C:\WINDOWS\system32\dwwnw64r.exe
O4 - Startup: OpenOffice.org 2.4.lnk = C:\Program Files\OpenOffice.org 2.4\program\quickstart.exe
O4 - Startup: Outil de notification Live Search.lnk = C:\Documents and Settings\confo\Application Data\Microsoft\Live Search\Notification-LiveSearch.exe
O4 - Global Startup: Acer Empowering Technology.lnk = ?
O4 - Global Startup: Acer WLAN 11g USB Dongle.lnk = C:\Program Files\Acer WLAN 11g USB Dongle\ZDWlan.exe
O4 - Global Startup: Démarrage rapide de HP Photosmart Premier.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Mindscape Website.url
O8 - Extra context menu item: &Recherche AOL Toolbar - c:\program files\aol\aol toolbar 5.0esources\fr-fr\local\search.html
O8 - Extra context menu item: (PopUpCop) Allow images... - res://C:\PROGRA~1\PopUpCop\PopUpCop.dll/allowimages
O8 - Extra context menu item: (PopUpCop) Block images... - res://C:\PROGRA~1\PopUpCop\PopUpCop.dll/blockimages
O8 - Extra context menu item: (PopUpCop) Open In New Window - res://C:\PROGRA~1\PopUpCop\PopUpCop.dll/imagenew
O8 - Extra context menu item: Recherche sur eBay - res://C:\Program Files\eBay\eBay Toolbar2\eBayTb.dll/RCSearch.html
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: AOL Toolbar - {3369AF0D-62E9-4bda-8103-B4C75499B578} - C:\Program Files\AOL\AOL Toolbar 5.0\aoltb.dll
O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no file)
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O16 - DPF: CabBuilder - http://kiw.imgag.com/imgag/kiw/toolbar/download/InstallerControl.cab
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab
O16 - DPF: {5D637FAD-E202-48D1-8F18-5B9C459BD1E3} (Image Uploader Control) - http://www.extrafilm.fr/ImageUploader5.cab
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.cab
O16 - DPF: {BD8667B7-38D8-4C77-B580-18C3E146372C} (Creative Toolbox Plug-in) - http://kiw.imgag.com/imgag/cp/install/crusher-kiwen.cab
O16 - DPF: {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} (Zylom Games Player) - http://game14.zylom.com/activex/zylomgamesplayer.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab56986.cab
O18 - Filter hijack: text/html - {C6F62B7A-5450-4A2F-8687-6CEEC3AEB055} - C:\WINDOWS\system32\controlkids2.dll
O20 - Winlogon Notify: Scryptnat - Scryptnat.dll (file missing)
O23 - Service: Memory Check Service (AcerMemUsageCheckService) - Acer Inc. - C:\Acer\Empowering Technology\ePerformance\MemCheck.exe
O23 - Service: AG Windows Service (AGWinService) - Unknown owner - C:\Program Files\AGI\common\win32\PythonService.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: getPlus(R) Helper - Unknown owner - C:\Program Files\NOS\bin\getPlus_HelperSvc.exe (file missing)
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - c:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32
vsvc32.exe
O23 - Service: Contrôle Parental SFR (OPTENET_FILTER) - SFR - C:\Program Files\SFR\Controle Parental\bin\optproxy.exe
O23 - Service: Panda Process Protection Service (PavPrSrv) - Unknown owner - C:\Program Files\Fichiers communs\Panda Software\PavShld\pavprsrv.exe (file missing)
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: SeekeenSrch Service - Unknown owner - C:\Documents and Settings\All Users\Application Data\SeekeenSrch\seekeen147.exe
O23 - Service: VirusKeeper antivirus/antispyware (vkservice) - AxBx - C:\Program Files\AxBx\VirusKeeper 2009 Pro Evaluation\vk_service.exe

Utilisateur anonyme · Answer

Non pas encore sauvé, je t'avais prévenu que le tien etait un rapport hors du commun ;)
t'inquietes pas , ca doit deja aller mieux la ?

allez on continue :

Télécharge et enregistre lopSD sur ton bureau 

Double-clic Lop S&D

Fair l'installation

Ferme toutes les applications

Le lancer par un double-clic sur le raccourci qui est sur le bureau 

Taper F pour français , puis presser entrée

Taper 1

Presse Entrée

Le PC va redémarrer 

* Note= si l'antivirus annonce une infection dans TEMP , l'ignorer

Attendre l'apparition du rapport

Copier le rapport et le coller dans la réponse


* le rapport se trouve aussi à C:\lopR

sylviesfr · Answer

--------------------\  Lop S&D 4.2.5-0   XP/Vista

   Microsoft (R) Windows Script Host Version 5.7
   Copyright (C) Microsoft Corporation 1996-2001. Tous droits r‚serv‚s.
   Microsoft Windows XP Professionnel ( v5.1.2600 ) Service Pack 3
   X86-based PC ( Multiprocessor Free : AMD Athlon(tm) 64 Processor 3500+ )
   BIOS : )Phoenix - Award WorkstationBIOS v6.00PG
   USER : confo ( Administrator )
   BOOT : Normal boot
   Antivirus : VirusKeeper 2009 Pro antivirus 9.0 (Activated)
   C:\ (Local Disk) - NTFS - Total:71 Go (Free:20 Go)
   D:\ (Local Disk) - FAT32 - Total:72 Go (Free:71 Go)
   E:\ (CD or DVD)
   F:\ (USB) - FAT32 - Total:3824 Mo (Free:3 Go)
   G:\ (USB)
   H:\ (USB)
   I:\ (USB)
   J:\ (USB)
   L:\ (Local Disk) - NTFS - Total:465 Go (Free:128 Go)

   "C:\Lop SD" ( MAJ : 19-12-2008|23:40 )
   Option : [1] ( 14/03/2009|18:05 )
 
   --------------------\  Listing des dossiers dans APPLIC~1

   [06/10/2006|23:18] C:\DOCUME~1\ADMINI~1\APPLIC~1\Identities
   [06/10/2006|23:18] C:\DOCUME~1\ADMINI~1\APPLIC~1\Macromedia
   [06/10/2006|23:18] C:\DOCUME~1\ADMINI~1\APPLIC~1\Microsoft

   [04/01/2009|09:42] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe
   [24/07/2008|20:52] C:\DOCUME~1\ALLUSE~1\APPLIC~1\agi
   [16/02/2007|11:31] C:\DOCUME~1\ALLUSE~1\APPLIC~1\AOL
   [30/08/2008|17:15] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple
   [10/11/2008|19:13] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple Computer
   [04/12/2007|17:22] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Backup
   [21/08/2007|15:08] C:\DOCUME~1\ALLUSE~1\APPLIC~1\CA
   [11/11/2006|18:31] C:\DOCUME~1\ALLUSE~1\APPLIC~1\CyberLink
   [26/12/2006|14:28] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Disney Interactive
   [24/01/2009|18:36] C:\DOCUME~1\ALLUSE~1\APPLIC~1\eBay
   [03/01/2009|20:32] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Google
   [12/11/2006|18:10] C:\DOCUME~1\ALLUSE~1\APPLIC~1\HP
   [18/07/2008|18:50] C:\DOCUME~1\ALLUSE~1\APPLIC~1\IM
   [18/07/2008|18:49] C:\DOCUME~1\ALLUSE~1\APPLIC~1\IncrediMail
   [23/01/2007|15:17] C:\DOCUME~1\ALLUSE~1\APPLIC~1\InstallShield
   [05/11/2008|17:22] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Kiwee Toolbar2
   [14/03/2009|11:49] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Malwarebytes
   [08/02/2009|07:43] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Messenger Plus!
   [20/02/2009|07:57] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft
   [05/01/2009|10:01] C:\DOCUME~1\ALLUSE~1\APPLIC~1\NOS
   [08/01/2007|18:16] C:\DOCUME~1\ALLUSE~1\APPLIC~1\NtiDvdCopy
   [28/10/2007|10:43] C:\DOCUME~1\ALLUSE~1\APPLIC~1\NVIDIA
   [20/11/2006|17:37] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Otto
   [15/08/2007|17:48] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Pinnacle
   [25/12/2006|01:04] C:\DOCUME~1\ALLUSE~1\APPLIC~1\QuickTime
   [05/03/2009|14:44] C:\DOCUME~1\ALLUSE~1\APPLIC~1\SeekeenSrch
   [02/11/2008|20:23] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Softdisk LLC
   [29/10/2008|13:34] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Sonic
   [21/07/2008|11:04] C:\DOCUME~1\ALLUSE~1\APPLIC~1\SweetIM
   [13/11/2006|18:42] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Symantec
   [22/11/2008|14:19] C:\DOCUME~1\ALLUSE~1\APPLIC~1\TEMP
   [07/02/2009|20:09] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Ubisoft
   [12/11/2008|07:56] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Ulead Systems
   [16/02/2007|11:26] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Viewpoint
   [19/01/2009|10:03] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WholeSecurity
   [18/08/2008|18:02] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Genuine Advantage
   [20/07/2008|09:53] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WLInstaller
   [12/11/2006|13:09] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Yahoo! Companion
   [01/08/2008|06:35] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Zylom

   [16/08/2007|13:36] C:\DOCUME~1\confo\APPLIC~1\Ace
   [23/01/2009|14:46] C:\DOCUME~1\confo\APPLIC~1\Adobe
   [12/11/2006|15:12] C:\DOCUME~1\confo\APPLIC~1\AdobeUM
   [24/07/2008|20:52] C:\DOCUME~1\confo\APPLIC~1\agi
   [16/02/2007|11:31] C:\DOCUME~1\confo\APPLIC~1\AOL
   [31/10/2008|19:39] C:\DOCUME~1\confo\APPLIC~1\Apple Computer
   [01/12/2008|20:49] C:\DOCUME~1\confo\APPLIC~1\ArcSoft
   [12/11/2006|16:26] C:\DOCUME~1\confo\APPLIC~1\CyberLink
   [25/12/2007|09:29] C:\DOCUME~1\confo\APPLIC~1\Disney Interactive
   [22/01/2009|21:42] C:\DOCUME~1\confo\APPLIC~1\dvdcss
   [24/01/2009|18:36] C:\DOCUME~1\confo\APPLIC~1\eBay
   [04/02/2009|17:24] C:\DOCUME~1\confo\APPLIC~1\Google
   [11/11/2006|18:57] C:\DOCUME~1\confo\APPLIC~1\Help
   [29/10/2008|13:48] C:\DOCUME~1\confo\APPLIC~1\HP
   [06/10/2006|23:18] C:\DOCUME~1\confo\APPLIC~1\Identities
   [27/12/2008|12:01] C:\DOCUME~1\confo\APPLIC~1\InstallShield
   [14/08/2007|17:22] C:\DOCUME~1\confo\APPLIC~1\InterTrust
   [09/03/2009|11:26] C:\DOCUME~1\confo\APPLIC~1\LimeWire
   [19/05/2007|11:59] C:\DOCUME~1\confo\APPLIC~1\LiteOn
   [06/10/2006|23:18] C:\DOCUME~1\confo\APPLIC~1\Macromedia
   [14/03/2009|11:49] C:\DOCUME~1\confo\APPLIC~1\Malwarebytes
   [27/01/2007|15:00] C:\DOCUME~1\confo\APPLIC~1\Micro Application
   [13/01/2009|15:05] C:\DOCUME~1\confo\APPLIC~1\Microsoft
   [05/01/2009|10:48] C:\DOCUME~1\confo\APPLIC~1\Mozilla
   [20/07/2008|09:27] C:\DOCUME~1\confo\APPLIC~1\MSNInstaller
   [14/03/2009|12:48] C:\DOCUME~1\confo\APPLIC~1\OpenOffice.org2
   [20/11/2006|17:37] C:\DOCUME~1\confo\APPLIC~1\Otto
   [25/10/2008|16:32] C:\DOCUME~1\confo\APPLIC~1\PopupCop
   [26/09/2008|17:56] C:\DOCUME~1\confo\APPLIC~1\Samsung
   [23/03/2007|14:35] C:\DOCUME~1\confo\APPLIC~1\Sony Ericsson
   [12/11/2006|15:48] C:\DOCUME~1\confo\APPLIC~1\Sun
   [23/03/2007|14:43] C:\DOCUME~1\confo\APPLIC~1\Teleca
   [18/06/2008|15:57] C:\DOCUME~1\confo\APPLIC~1	uxmath
   [15/08/2007|18:03] C:\DOCUME~1\confo\APPLIC~1\Ulead Systems
   [10/09/2008|06:23] C:\DOCUME~1\confo\APPLIC~1\Viewpoint
   [12/06/2007|11:46] C:\DOCUME~1\confo\APPLIC~1\vlc
   [16/02/2007|11:26] C:\DOCUME~1\confo\APPLIC~1\You've Got Pictures Screensaver

   [06/10/2006|23:18] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Identities
   [06/10/2006|23:18] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Macromedia
   [06/10/2006|23:18] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft

   [06/10/2006|23:18] C:\DOCUME~1\FRANOI~1\APPLIC~1\Macromedia
   [15/11/2007|17:08] C:\DOCUME~1\FRANOI~1\APPLIC~1\Microsoft

   [23/09/2007|15:16] C:\DOCUME~1\INVIT~1\APPLIC~1\Apple Computer
   [20/10/2007|14:56] C:\DOCUME~1\INVIT~1\APPLIC~1\CyberLink
   [22/10/2007|09:40] C:\DOCUME~1\INVIT~1\APPLIC~1\Help
   [06/10/2006|23:18] C:\DOCUME~1\INVIT~1\APPLIC~1\Identities
   [18/09/2007|09:45] C:\DOCUME~1\INVIT~1\APPLIC~1\LiteOn
   [06/10/2006|23:18] C:\DOCUME~1\INVIT~1\APPLIC~1\Macromedia
   [30/09/2007|10:25] C:\DOCUME~1\INVIT~1\APPLIC~1\Microsoft
   [29/09/2007|15:02] C:\DOCUME~1\INVIT~1\APPLIC~1\Ulead Systems
   [22/09/2007|17:36] C:\DOCUME~1\INVIT~1\APPLIC~1\vlc

   [24/07/2008|20:53] C:\DOCUME~1\LOCALS~1\APPLIC~1\agi
   [27/12/2007|18:06] C:\DOCUME~1\LOCALS~1\APPLIC~1\Help
   [06/10/2006|23:18] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft
   [05/03/2009|14:45] C:\DOCUME~1\LOCALS~1\APPLIC~1\Mozilla

   [10/11/2008|18:48] C:\DOCUME~1\NETWOR~1\APPLIC~1\agi
   [06/10/2006|23:18] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft

   [17/11/2007|12:06] C:\DOCUME~1\OUVERT~1\APPLIC~1\InstallShield
   [17/11/2007|12:06] C:\DOCUME~1\OUVERT~1\APPLIC~1\InstallShield Installation Information
   [06/10/2006|23:18] C:\DOCUME~1\OUVERT~1\APPLIC~1\Macromedia
   [06/02/2008|12:20] C:\DOCUME~1\OUVERT~1\APPLIC~1\Microsoft
 
   --------------------\  Tâches planifiées dans C:\WINDOWS	asks

   [09/03/2009 18:48][--a------] C:\WINDOWS	asks\AppleSoftwareUpdate.job
   [14/03/2009 12:41][--ah-----] C:\WINDOWS	asks\SA.DAT
   [10/08/2004 21:00][-r-h-----] C:\WINDOWS	asks\desktop.ini

   --------------------\  Listing des dossiers dans C:\Program Files

   [04/12/2007|17:13] C:\Program Files\AbiSuite2
   [06/10/2006|23:19] C:\Program Files\Acer WLAN 11g USB Dongle
   [04/01/2009|09:41] C:\Program Files\Adobe
   [05/11/2008|17:20] C:\Program Files\AGI
   [22/11/2008|16:29] C:\Program Files\Alwil Software
   [21/12/2008|18:20] C:\Program Files\AOL
   [02/09/2008|12:19] C:\Program Files\Apple Software Update
   [01/12/2008|20:47] C:\Program Files\ArcSoft
   [22/10/2007|16:43] C:\Program Files\Atout Clic CE1
   [02/09/2008|17:33] C:\Program Files\Atout Clic CP
   [04/01/2009|22:08] C:\Program Files\AxBx
   [10/11/2008|18:57] C:\Program Files\Bonjour
   [15/06/2008|18:55] C:\Program Files\Boonty
   [10/11/2008|18:12] C:\Program Files\BoontyGames
   [04/01/2009|22:05] C:\Program Files\CCleaner
   [12/11/2008|11:14] C:\Program Files\Come2PlayK2P
   [06/10/2006|23:19] C:\Program Files\commercial
   [12/11/2008|11:09] C:\Program Files\Conduit
   [15/11/2008|20:33] C:\Program Files\Control Kids
   [06/10/2006|23:19] C:\Program Files\CyberLink
   [20/11/2007|20:19] C:\Program Files\DeskPlayer
   [06/10/2006|23:19] C:\Program Files\DIFX
   [20/02/2009|20:09] C:\Program Files\Disney Interactive
   [25/06/2007|16:50] C:\Program Files\DV Cam
   [01/12/2008|21:14] C:\Program Files\DVBT Application
   [24/01/2009|18:36] C:\Program Files\eBay
   [27/09/2008|08:14] C:\Program Files\eMule
   [21/02/2009|20:41] C:\Program Files\FairUse Wizard 2
   [26/12/2008|18:47] C:\Program Files\Fichiers communs
   [02/11/2008|22:00] C:\Program Files\Freeze.com
   [06/10/2006|23:19] C:\Program Files\FrenchOtto
   [27/12/2008|11:55] C:\Program Files\Games
   [06/10/2006|23:19] C:\Program Files\GemMasterFrench
   [04/02/2009|17:31] C:\Program Files\Google
   [05/06/2007|07:37] C:\Program Files\GT Interactive
   [11/11/2006|18:56] C:\Program Files\Hachette Multim‚dia
   [02/09/2008|17:32] C:\Program Files\Happyneuron
   [29/10/2008|13:10] C:\Program Files\Hewlett-Packard
   [29/10/2008|13:42] C:\Program Files\HP
   [11/11/2008|19:40] C:\Program Files\IncrediMail
   [20/02/2009|20:09] C:\Program Files\InstallShield Installation Information
   [28/11/2008|14:20] C:\Program Files\Integard
   [12/11/2006|17:29] C:\Program Files\InterActual
   [13/03/2009|15:07] C:\Program Files\Internet Explorer
   [18/11/2008|13:11] C:\Program Files\iWizz
   [14/12/2008|21:29] C:\Program Files\Java
   [16/02/2007|11:26] C:\Program Files\Learn2.com
   [09/02/2009|17:56] C:\Program Files\LimeWire
   [08/09/2008|19:16] C:\Program Files\livetvbar
   [08/02/2009|21:53] C:\Program Files\McDonaldsDragons
   [30/09/2008|22:22] C:\Program Files\Messenger
   [08/02/2009|06:49] C:\Program Files\Messenger Plus! Live
   [26/09/2008|18:04] C:\Program Files\Micro Application
   [26/12/2008|19:07] C:\Program Files\Microsoft
   [20/07/2008|10:16] C:\Program Files\Microsoft CAPICOM 2.1.0.2
   [06/10/2006|23:19] C:\Program Files\microsoft frontpage
   [20/01/2008|14:27] C:\Program Files\Microsoft Office
   [27/02/2009|12:34] C:\Program Files\Microsoft Silverlight
   [20/07/2008|09:48] C:\Program Files\Microsoft SQL Server Compact Edition
   [26/12/2008|19:09] C:\Program Files\Microsoft Sync Framework
   [20/01/2008|14:54] C:\Program Files\Microsoft Works
   [24/01/2009|18:38] C:\Program Files\MINDSCAPE
   [05/06/2007|11:51] C:\Program Files\Mio Technology
   [28/07/2008|14:58] C:\Program Files\MiTAC Research (Shanghai) Ltd
   [15/06/2008|19:15] C:\Program Files\MOINS par MOINS
   [30/09/2008|05:12] C:\Program Files\Movie Maker
   [14/03/2009|18:02] C:\Program Files\Mozilla Firefox
   [28/06/2007|15:52] C:\Program Files\MSECache
   [22/07/2008|12:48] C:\Program Files\MSN
   [06/10/2006|23:19] C:\Program Files\MSN Gaming Zone
   [20/07/2008|19:21] C:\Program Files\MSN Messenger
   [21/08/2007|15:30] C:\Program Files\MSXML 4.0
   [30/09/2008|05:09] C:\Program Files\NetMeeting
   [06/10/2006|23:19] C:\Program Files\NewTech Infosystems
   [05/01/2009|10:01] C:\Program Files\NOS
   [18/09/2007|16:26] C:\Program Files\Novosoft International
   [06/10/2006|23:19] C:\Program Files\Oca History Tool
   [06/10/2006|23:19] C:\Program Files\Online Services
   [04/08/2008|19:47] C:\Program Files\OpenOffice.org 2.4
   [30/09/2008|05:09] C:\Program Files\Outlook Express
   [15/08/2007|17:51] C:\Program Files\Pinnacle
   [10/11/2008|18:56] C:\Program Files\QuickTime
   [06/10/2006|23:19] C:\Program Files\Realtek
   [24/07/2008|12:26] C:\Program Files\SDLL
   [05/03/2009|14:44] C:\Program Files\SeekeenSrch
   [06/10/2006|23:19] C:\Program Files\Services en ligne
   [21/12/2008|18:00] C:\Program Files\SFR
   [28/12/2008|17:14] C:\Program Files\SFR ADSL
   [24/03/2007|13:39] C:\Program Files\Sony Ericsson
   [02/03/2009|10:26] C:\Program Files\SweetIM
   [03/02/2007|14:43] C:\Program Files\System
   [17/12/2007|15:46] C:\Program Files\THQ
   [05/06/2007|06:50] C:\Program Files\TomTom DesktopSuite
   [21/08/2007|18:48] C:\Program Files\TomTom HOME
   [24/01/2009|18:35] C:\Program Files\Ubisoft
   [15/08/2007|18:01] C:\Program Files\Ulead Systems
   [03/02/2007|14:12] C:\Program Files\Uninstall Information
   [06/09/2007|19:05] C:\Program Files\ValuSoft
   [12/06/2007|11:44] C:\Program Files\VideoLAN
   [16/02/2007|11:26] C:\Program Files\Viewpoint
   [22/11/2008|17:08] C:\Program Files\Web Hottest Videos Personal Player
   [20/02/2009|07:58] C:\Program Files\Windows Live
   [26/12/2008|19:07] C:\Program Files\Windows Live SkyDrive
   [26/12/2008|19:09] C:\Program Files\Windows Live Toolbar
   [15/08/2007|18:02] C:\Program Files\Windows Media Components
   [18/08/2008|16:22] C:\Program Files\Windows Media Connect 2
   [18/08/2008|16:22] C:\Program Files\Windows Media Player
   [30/09/2008|05:09] C:\Program Files\Windows NT
   [15/11/2007|17:08] C:\Program Files\WinRAR
   [06/10/2006|23:19] C:\Program Files\xerox
   [08/11/2006|17:35] C:\Program Files\Yahoo!

   --------------------\  Listing des dossiers dans C:\Program Files\Fichiers communs

   [04/01/2009|09:41] C:\Program Files\Fichiers communs\Adobe
   [21/12/2008|18:20] C:\Program Files\Fichiers communs\AOL
   [16/02/2007|11:27] C:\Program Files\Fichiers communs\aolback
   [10/11/2008|18:55] C:\Program Files\Fichiers communs\Apple
   [23/05/2007|09:06] C:\Program Files\Fichiers communs\ArcSoft
   [15/11/2007|17:08] C:\Program Files\Fichiers communs\AVSMedia
   [12/11/2006|18:05] C:\Program Files\Fichiers communs\Hewlett-Packard
   [29/10/2008|13:34] C:\Program Files\Fichiers communs\HP
   [17/12/2007|15:32] C:\Program Files\Fichiers communs\InstallShield
   [08/11/2006|17:28] C:\Program Files\Fichiers communs\Java
   [06/10/2006|23:19] C:\Program Files\Fichiers communs\LightScribe
   [20/02/2009|07:55] C:\Program Files\Fichiers communs\Microsoft Shared
   [06/10/2006|23:19] C:\Program Files\Fichiers communs\MSSoap
   [06/10/2006|23:19] C:\Program Files\Fichiers communs\muvee Technologies
   [06/10/2006|23:19] C:\Program Files\Fichiers communs\NewTech Infosystems
   [16/02/2007|11:26] C:\Program Files\Fichiers communs\Nullsoft
   [06/06/2007|09:31] C:\Program Files\Fichiers communs\ODBC
   [22/11/2008|14:10] C:\Program Files\Fichiers communs\Panda Software
   [16/02/2007|11:29] C:\Program Files\Fichiers communs\Real
   [06/10/2006|23:19] C:\Program Files\Fichiers communs\Services
   [29/10/2008|13:34] C:\Program Files\Fichiers communs\Sonic Shared
   [06/10/2006|23:19] C:\Program Files\Fichiers communs\SpeechEngines
   [23/02/2007|15:29] C:\Program Files\Fichiers communs\Symantec Shared
   [30/09/2008|05:09] C:\Program Files\Fichiers communs\System
   [24/03/2007|13:39] C:\Program Files\Fichiers communs\Teleca Shared
   [26/12/2008|18:47] C:\Program Files\Fichiers communs\Windows Live
   [20/07/2008|09:35] C:\Program Files\Fichiers communs\WindowsLiveInstaller

   --------------------\  Process

   ( 64 Processes )

   ... OK !

   --------------------\  Recherche avec S_Lop

   Aucun fichier / dossier Lop trouvé !
 
   --------------------\  Recherche de Fichiers / Dossiers Lop

   C:\DOCUME~1\confo\LOCALS~1\Temp
se2D5.tmp
   C:\DOCUME~1\confo\LOCALS~1\Temp
sf200.tmp
   C:\DOCUME~1\confo\LOCALS~1\Temp
sh209.tmp
   C:\DOCUME~1\confo\Cookies\confo@advertising[1].txt
 
   --------------------\  Verification du Registre
 
   ..... OK !

   --------------------\  Verification du fichier Hosts

   Fichier Hosts PROPRE


   --------------------\  Recherche de fichiers avec Catchme
 
   catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
   Rootkit scan 2009-03-14 18:06:08
   Windows 5.1.2600 Service Pack 3 NTFS
   scanning hidden processes ...
   scanning hidden files ...
   scan completed successfully
   hidden processes: 0
   hidden files: 5
 
   --------------------\  Recherche d'autres infections

   C:\WINDOWS\Pack.epk
   [b]==> EGDACCESS <==/b



   [F:4717][D:291]-> C:\DOCUME~1\confo\LOCALS~1\Temp
   [F:129][D:0]-> C:\DOCUME~1\confo\Cookies
   [F:62675][D:35]-> C:\DOCUME~1\confo\LOCALS~1\TEMPOR~1\content.IE5

   1 - "C:\Lop SD\LopR_1.txt" - 14/03/2009|18:09 - Option : [1]

   --------------------\  Fin du rapport a 18:09:55

Utilisateur anonyme · Answer

Relance Lop S&D


Choisis cette fois-ci l'option 2 (Suppression)


Ne ferme pas la fenêtre lors de la suppression !


Poste le rapport généré (C:\lopR.txt)


* (Si le Bureau ne réapparait pas, presse Ctrl+Alt+Suppr, Onglet Fichier, Nouvelle tâche, tape explorer.exe et valide)

sylviesfr · Answer

dit moi tous ça c encore des virus qu'il a virée si oui mon ordi est très courageux de fonctionner.
il mérite une médaille d'or et moi un carton rouge.


   --------------------\  Lop S&D 4.2.5-0   XP/Vista

   Microsoft (R) Windows Script Host Version 5.7
   Copyright (C) Microsoft Corporation 1996-2001. Tous droits r‚serv‚s.
   Microsoft Windows XP Professionnel ( v5.1.2600 ) Service Pack 3
   X86-based PC ( Multiprocessor Free : AMD Athlon(tm) 64 Processor 3500+ )
   BIOS : )Phoenix - Award WorkstationBIOS v6.00PG
   USER : confo ( Administrator )
   BOOT : Normal boot
   Antivirus : VirusKeeper 2009 Pro antivirus 9.0 (Activated)
   C:\ (Local Disk) - NTFS - Total:71 Go (Free:20 Go)
   D:\ (Local Disk) - FAT32 - Total:72 Go (Free:71 Go)
   E:\ (CD or DVD)
   F:\ (USB) - FAT32 - Total:3824 Mo (Free:3 Go)
   G:\ (USB)
   H:\ (USB)
   I:\ (USB)
   J:\ (USB)
   L:\ (Local Disk) - NTFS - Total:465 Go (Free:128 Go)

   "C:\Lop SD" ( MAJ : 19-12-2008|23:40 )
   Option : [2] ( 14/03/2009|18:35 )


   \\\\\\\\\\\\\\\ SUPPRESSION

   Supprime! - C:\DOCUME~1\confo\LOCALS~1\Temp
se2D5.tmp
   Supprime! - C:\DOCUME~1\confo\LOCALS~1\Temp
sf200.tmp
   Supprime! - C:\DOCUME~1\confo\LOCALS~1\Temp
sh209.tmp
   Supprime! - C:\DOCUME~1\confo\Cookies\confo@advertising[1].txt
 
   \\\\\\\\\\\\\\\ 

   Supprime! - C:\Program Files\Viewpoint
   Supprime! - C:\DOCUME~1\confo\APPLIC~1\Viewpoint
   Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\Viewpoint
 
   \\\\\\\\\\\\\\\

 
   --------------------\  Listing des dossiers dans APPLIC~1

   [06/10/2006|23:18] C:\DOCUME~1\ADMINI~1\APPLIC~1\Identities
   [06/10/2006|23:18] C:\DOCUME~1\ADMINI~1\APPLIC~1\Macromedia
   [06/10/2006|23:18] C:\DOCUME~1\ADMINI~1\APPLIC~1\Microsoft

   [04/01/2009|09:42] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe
   [24/07/2008|20:52] C:\DOCUME~1\ALLUSE~1\APPLIC~1\agi
   [16/02/2007|11:31] C:\DOCUME~1\ALLUSE~1\APPLIC~1\AOL
   [30/08/2008|17:15] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple
   [10/11/2008|19:13] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple Computer
   [04/12/2007|17:22] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Backup
   [21/08/2007|15:08] C:\DOCUME~1\ALLUSE~1\APPLIC~1\CA
   [11/11/2006|18:31] C:\DOCUME~1\ALLUSE~1\APPLIC~1\CyberLink
   [26/12/2006|14:28] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Disney Interactive
   [24/01/2009|18:36] C:\DOCUME~1\ALLUSE~1\APPLIC~1\eBay
   [03/01/2009|20:32] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Google
   [12/11/2006|18:10] C:\DOCUME~1\ALLUSE~1\APPLIC~1\HP
   [18/07/2008|18:50] C:\DOCUME~1\ALLUSE~1\APPLIC~1\IM
   [18/07/2008|18:49] C:\DOCUME~1\ALLUSE~1\APPLIC~1\IncrediMail
   [23/01/2007|15:17] C:\DOCUME~1\ALLUSE~1\APPLIC~1\InstallShield
   [05/11/2008|17:22] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Kiwee Toolbar2
   [14/03/2009|11:49] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Malwarebytes
   [08/02/2009|07:43] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Messenger Plus!
   [20/02/2009|07:57] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft
   [05/01/2009|10:01] C:\DOCUME~1\ALLUSE~1\APPLIC~1\NOS
   [08/01/2007|18:16] C:\DOCUME~1\ALLUSE~1\APPLIC~1\NtiDvdCopy
   [28/10/2007|10:43] C:\DOCUME~1\ALLUSE~1\APPLIC~1\NVIDIA
   [20/11/2006|17:37] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Otto
   [15/08/2007|17:48] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Pinnacle
   [25/12/2006|01:04] C:\DOCUME~1\ALLUSE~1\APPLIC~1\QuickTime
   [05/03/2009|14:44] C:\DOCUME~1\ALLUSE~1\APPLIC~1\SeekeenSrch
   [02/11/2008|20:23] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Softdisk LLC
   [29/10/2008|13:34] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Sonic
   [21/07/2008|11:04] C:\DOCUME~1\ALLUSE~1\APPLIC~1\SweetIM
   [13/11/2006|18:42] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Symantec
   [22/11/2008|14:19] C:\DOCUME~1\ALLUSE~1\APPLIC~1\TEMP
   [07/02/2009|20:09] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Ubisoft
   [12/11/2008|07:56] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Ulead Systems
   [19/01/2009|10:03] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WholeSecurity
   [18/08/2008|18:02] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Genuine Advantage
   [20/07/2008|09:53] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WLInstaller
   [12/11/2006|13:09] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Yahoo! Companion
   [01/08/2008|06:35] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Zylom

   [16/08/2007|13:36] C:\DOCUME~1\confo\APPLIC~1\Ace
   [23/01/2009|14:46] C:\DOCUME~1\confo\APPLIC~1\Adobe
   [12/11/2006|15:12] C:\DOCUME~1\confo\APPLIC~1\AdobeUM
   [24/07/2008|20:52] C:\DOCUME~1\confo\APPLIC~1\agi
   [16/02/2007|11:31] C:\DOCUME~1\confo\APPLIC~1\AOL
   [31/10/2008|19:39] C:\DOCUME~1\confo\APPLIC~1\Apple Computer
   [01/12/2008|20:49] C:\DOCUME~1\confo\APPLIC~1\ArcSoft
   [12/11/2006|16:26] C:\DOCUME~1\confo\APPLIC~1\CyberLink
   [25/12/2007|09:29] C:\DOCUME~1\confo\APPLIC~1\Disney Interactive
   [22/01/2009|21:42] C:\DOCUME~1\confo\APPLIC~1\dvdcss
   [24/01/2009|18:36] C:\DOCUME~1\confo\APPLIC~1\eBay
   [04/02/2009|17:24] C:\DOCUME~1\confo\APPLIC~1\Google
   [11/11/2006|18:57] C:\DOCUME~1\confo\APPLIC~1\Help
   [29/10/2008|13:48] C:\DOCUME~1\confo\APPLIC~1\HP
   [06/10/2006|23:18] C:\DOCUME~1\confo\APPLIC~1\Identities
   [27/12/2008|12:01] C:\DOCUME~1\confo\APPLIC~1\InstallShield
   [14/08/2007|17:22] C:\DOCUME~1\confo\APPLIC~1\InterTrust
   [09/03/2009|11:26] C:\DOCUME~1\confo\APPLIC~1\LimeWire
   [19/05/2007|11:59] C:\DOCUME~1\confo\APPLIC~1\LiteOn
   [06/10/2006|23:18] C:\DOCUME~1\confo\APPLIC~1\Macromedia
   [14/03/2009|11:49] C:\DOCUME~1\confo\APPLIC~1\Malwarebytes
   [27/01/2007|15:00] C:\DOCUME~1\confo\APPLIC~1\Micro Application
   [13/01/2009|15:05] C:\DOCUME~1\confo\APPLIC~1\Microsoft
   [05/01/2009|10:48] C:\DOCUME~1\confo\APPLIC~1\Mozilla
   [20/07/2008|09:27] C:\DOCUME~1\confo\APPLIC~1\MSNInstaller
   [14/03/2009|12:48] C:\DOCUME~1\confo\APPLIC~1\OpenOffice.org2
   [20/11/2006|17:37] C:\DOCUME~1\confo\APPLIC~1\Otto
   [25/10/2008|16:32] C:\DOCUME~1\confo\APPLIC~1\PopupCop
   [26/09/2008|17:56] C:\DOCUME~1\confo\APPLIC~1\Samsung
   [23/03/2007|14:35] C:\DOCUME~1\confo\APPLIC~1\Sony Ericsson
   [12/11/2006|15:48] C:\DOCUME~1\confo\APPLIC~1\Sun
   [23/03/2007|14:43] C:\DOCUME~1\confo\APPLIC~1\Teleca
   [18/06/2008|15:57] C:\DOCUME~1\confo\APPLIC~1	uxmath
   [15/08/2007|18:03] C:\DOCUME~1\confo\APPLIC~1\Ulead Systems
   [12/06/2007|11:46] C:\DOCUME~1\confo\APPLIC~1\vlc
   [16/02/2007|11:26] C:\DOCUME~1\confo\APPLIC~1\You've Got Pictures Screensaver

   [06/10/2006|23:18] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Identities
   [06/10/2006|23:18] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Macromedia
   [06/10/2006|23:18] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft

   [06/10/2006|23:18] C:\DOCUME~1\FRANOI~1\APPLIC~1\Macromedia
   [15/11/2007|17:08] C:\DOCUME~1\FRANOI~1\APPLIC~1\Microsoft

   [23/09/2007|15:16] C:\DOCUME~1\INVIT~1\APPLIC~1\Apple Computer
   [20/10/2007|14:56] C:\DOCUME~1\INVIT~1\APPLIC~1\CyberLink
   [22/10/2007|09:40] C:\DOCUME~1\INVIT~1\APPLIC~1\Help
   [06/10/2006|23:18] C:\DOCUME~1\INVIT~1\APPLIC~1\Identities
   [18/09/2007|09:45] C:\DOCUME~1\INVIT~1\APPLIC~1\LiteOn
   [06/10/2006|23:18] C:\DOCUME~1\INVIT~1\APPLIC~1\Macromedia
   [30/09/2007|10:25] C:\DOCUME~1\INVIT~1\APPLIC~1\Microsoft
   [29/09/2007|15:02] C:\DOCUME~1\INVIT~1\APPLIC~1\Ulead Systems
   [22/09/2007|17:36] C:\DOCUME~1\INVIT~1\APPLIC~1\vlc

   [24/07/2008|20:53] C:\DOCUME~1\LOCALS~1\APPLIC~1\agi
   [27/12/2007|18:06] C:\DOCUME~1\LOCALS~1\APPLIC~1\Help
   [06/10/2006|23:18] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft
   [05/03/2009|14:45] C:\DOCUME~1\LOCALS~1\APPLIC~1\Mozilla

   [10/11/2008|18:48] C:\DOCUME~1\NETWOR~1\APPLIC~1\agi
   [06/10/2006|23:18] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft

   [17/11/2007|12:06] C:\DOCUME~1\OUVERT~1\APPLIC~1\InstallShield
   [17/11/2007|12:06] C:\DOCUME~1\OUVERT~1\APPLIC~1\InstallShield Installation Information
   [06/10/2006|23:18] C:\DOCUME~1\OUVERT~1\APPLIC~1\Macromedia
   [06/02/2008|12:20] C:\DOCUME~1\OUVERT~1\APPLIC~1\Microsoft
 
   --------------------\  Tâches planifiées dans C:\WINDOWS	asks

   [09/03/2009 18:48][--a------] C:\WINDOWS	asks\AppleSoftwareUpdate.job
   [14/03/2009 12:41][--ah-----] C:\WINDOWS	asks\SA.DAT
   [10/08/2004 21:00][-r-h-----] C:\WINDOWS	asks\desktop.ini

   --------------------\  Listing des dossiers dans C:\Program Files

   [04/12/2007|17:13] C:\Program Files\AbiSuite2
   [06/10/2006|23:19] C:\Program Files\Acer WLAN 11g USB Dongle
   [04/01/2009|09:41] C:\Program Files\Adobe
   [05/11/2008|17:20] C:\Program Files\AGI
   [22/11/2008|16:29] C:\Program Files\Alwil Software
   [21/12/2008|18:20] C:\Program Files\AOL
   [02/09/2008|12:19] C:\Program Files\Apple Software Update
   [01/12/2008|20:47] C:\Program Files\ArcSoft
   [22/10/2007|16:43] C:\Program Files\Atout Clic CE1
   [02/09/2008|17:33] C:\Program Files\Atout Clic CP
   [04/01/2009|22:08] C:\Program Files\AxBx
   [10/11/2008|18:57] C:\Program Files\Bonjour
   [15/06/2008|18:55] C:\Program Files\Boonty
   [10/11/2008|18:12] C:\Program Files\BoontyGames
   [04/01/2009|22:05] C:\Program Files\CCleaner
   [12/11/2008|11:14] C:\Program Files\Come2PlayK2P
   [06/10/2006|23:19] C:\Program Files\commercial
   [12/11/2008|11:09] C:\Program Files\Conduit
   [15/11/2008|20:33] C:\Program Files\Control Kids
   [06/10/2006|23:19] C:\Program Files\CyberLink
   [20/11/2007|20:19] C:\Program Files\DeskPlayer
   [06/10/2006|23:19] C:\Program Files\DIFX
   [20/02/2009|20:09] C:\Program Files\Disney Interactive
   [25/06/2007|16:50] C:\Program Files\DV Cam
   [01/12/2008|21:14] C:\Program Files\DVBT Application
   [24/01/2009|18:36] C:\Program Files\eBay
   [27/09/2008|08:14] C:\Program Files\eMule
   [21/02/2009|20:41] C:\Program Files\FairUse Wizard 2
   [26/12/2008|18:47] C:\Program Files\Fichiers communs
   [02/11/2008|22:00] C:\Program Files\Freeze.com
   [06/10/2006|23:19] C:\Program Files\FrenchOtto
   [27/12/2008|11:55] C:\Program Files\Games
   [06/10/2006|23:19] C:\Program Files\GemMasterFrench
   [04/02/2009|17:31] C:\Program Files\Google
   [05/06/2007|07:37] C:\Program Files\GT Interactive
   [11/11/2006|18:56] C:\Program Files\Hachette Multim‚dia
   [02/09/2008|17:32] C:\Program Files\Happyneuron
   [29/10/2008|13:10] C:\Program Files\Hewlett-Packard
   [29/10/2008|13:42] C:\Program Files\HP
   [11/11/2008|19:40] C:\Program Files\IncrediMail
   [20/02/2009|20:09] C:\Program Files\InstallShield Installation Information
   [28/11/2008|14:20] C:\Program Files\Integard
   [12/11/2006|17:29] C:\Program Files\InterActual
   [13/03/2009|15:07] C:\Program Files\Internet Explorer
   [18/11/2008|13:11] C:\Program Files\iWizz
   [14/12/2008|21:29] C:\Program Files\Java
   [16/02/2007|11:26] C:\Program Files\Learn2.com
   [09/02/2009|17:56] C:\Program Files\LimeWire
   [08/09/2008|19:16] C:\Program Files\livetvbar
   [08/02/2009|21:53] C:\Program Files\McDonaldsDragons
   [30/09/2008|22:22] C:\Program Files\Messenger
   [08/02/2009|06:49] C:\Program Files\Messenger Plus! Live
   [26/09/2008|18:04] C:\Program Files\Micro Application
   [26/12/2008|19:07] C:\Program Files\Microsoft
   [20/07/2008|10:16] C:\Program Files\Microsoft CAPICOM 2.1.0.2
   [06/10/2006|23:19] C:\Program Files\microsoft frontpage
   [20/01/2008|14:27] C:\Program Files\Microsoft Office
   [27/02/2009|12:34] C:\Program Files\Microsoft Silverlight
   [20/07/2008|09:48] C:\Program Files\Microsoft SQL Server Compact Edition
   [26/12/2008|19:09] C:\Program Files\Microsoft Sync Framework
   [20/01/2008|14:54] C:\Program Files\Microsoft Works
   [24/01/2009|18:38] C:\Program Files\MINDSCAPE
   [05/06/2007|11:51] C:\Program Files\Mio Technology
   [28/07/2008|14:58] C:\Program Files\MiTAC Research (Shanghai) Ltd
   [15/06/2008|19:15] C:\Program Files\MOINS par MOINS
   [30/09/2008|05:12] C:\Program Files\Movie Maker
   [14/03/2009|18:10] C:\Program Files\Mozilla Firefox
   [28/06/2007|15:52] C:\Program Files\MSECache
   [22/07/2008|12:48] C:\Program Files\MSN
   [06/10/2006|23:19] C:\Program Files\MSN Gaming Zone
   [20/07/2008|19:21] C:\Program Files\MSN Messenger
   [21/08/2007|15:30] C:\Program Files\MSXML 4.0
   [30/09/2008|05:09] C:\Program Files\NetMeeting
   [06/10/2006|23:19] C:\Program Files\NewTech Infosystems
   [05/01/2009|10:01] C:\Program Files\NOS
   [18/09/2007|16:26] C:\Program Files\Novosoft International
   [06/10/2006|23:19] C:\Program Files\Oca History Tool
   [06/10/2006|23:19] C:\Program Files\Online Services
   [04/08/2008|19:47] C:\Program Files\OpenOffice.org 2.4
   [30/09/2008|05:09] C:\Program Files\Outlook Express
   [15/08/2007|17:51] C:\Program Files\Pinnacle
   [10/11/2008|18:56] C:\Program Files\QuickTime
   [06/10/2006|23:19] C:\Program Files\Realtek
   [24/07/2008|12:26] C:\Program Files\SDLL
   [05/03/2009|14:44] C:\Program Files\SeekeenSrch
   [06/10/2006|23:19] C:\Program Files\Services en ligne
   [21/12/2008|18:00] C:\Program Files\SFR
   [28/12/2008|17:14] C:\Program Files\SFR ADSL
   [24/03/2007|13:39] C:\Program Files\Sony Ericsson
   [02/03/2009|10:26] C:\Program Files\SweetIM
   [03/02/2007|14:43] C:\Program Files\System
   [17/12/2007|15:46] C:\Program Files\THQ
   [05/06/2007|06:50] C:\Program Files\TomTom DesktopSuite
   [21/08/2007|18:48] C:\Program Files\TomTom HOME
   [24/01/2009|18:35] C:\Program Files\Ubisoft
   [15/08/2007|18:01] C:\Program Files\Ulead Systems
   [03/02/2007|14:12] C:\Program Files\Uninstall Information
   [06/09/2007|19:05] C:\Program Files\ValuSoft
   [12/06/2007|11:44] C:\Program Files\VideoLAN
   [22/11/2008|17:08] C:\Program Files\Web Hottest Videos Personal Player
   [20/02/2009|07:58] C:\Program Files\Windows Live
   [26/12/2008|19:07] C:\Program Files\Windows Live SkyDrive
   [26/12/2008|19:09] C:\Program Files\Windows Live Toolbar
   [15/08/2007|18:02] C:\Program Files\Windows Media Components
   [18/08/2008|16:22] C:\Program Files\Windows Media Connect 2
   [18/08/2008|16:22] C:\Program Files\Windows Media Player
   [30/09/2008|05:09] C:\Program Files\Windows NT
   [15/11/2007|17:08] C:\Program Files\WinRAR
   [06/10/2006|23:19] C:\Program Files\xerox
   [08/11/2006|17:35] C:\Program Files\Yahoo!

   --------------------\  Listing des dossiers dans C:\Program Files\Fichiers communs

   [04/01/2009|09:41] C:\Program Files\Fichiers communs\Adobe
   [21/12/2008|18:20] C:\Program Files\Fichiers communs\AOL
   [16/02/2007|11:27] C:\Program Files\Fichiers communs\aolback
   [10/11/2008|18:55] C:\Program Files\Fichiers communs\Apple
   [23/05/2007|09:06] C:\Program Files\Fichiers communs\ArcSoft
   [15/11/2007|17:08] C:\Program Files\Fichiers communs\AVSMedia
   [12/11/2006|18:05] C:\Program Files\Fichiers communs\Hewlett-Packard
   [29/10/2008|13:34] C:\Program Files\Fichiers communs\HP
   [17/12/2007|15:32] C:\Program Files\Fichiers communs\InstallShield
   [08/11/2006|17:28] C:\Program Files\Fichiers communs\Java
   [06/10/2006|23:19] C:\Program Files\Fichiers communs\LightScribe
   [20/02/2009|07:55] C:\Program Files\Fichiers communs\Microsoft Shared
   [06/10/2006|23:19] C:\Program Files\Fichiers communs\MSSoap
   [06/10/2006|23:19] C:\Program Files\Fichiers communs\muvee Technologies
   [06/10/2006|23:19] C:\Program Files\Fichiers communs\NewTech Infosystems
   [16/02/2007|11:26] C:\Program Files\Fichiers communs\Nullsoft
   [06/06/2007|09:31] C:\Program Files\Fichiers communs\ODBC
   [22/11/2008|14:10] C:\Program Files\Fichiers communs\Panda Software
   [16/02/2007|11:29] C:\Program Files\Fichiers communs\Real
   [06/10/2006|23:19] C:\Program Files\Fichiers communs\Services
   [29/10/2008|13:34] C:\Program Files\Fichiers communs\Sonic Shared
   [06/10/2006|23:19] C:\Program Files\Fichiers communs\SpeechEngines
   [23/02/2007|15:29] C:\Program Files\Fichiers communs\Symantec Shared
   [30/09/2008|05:09] C:\Program Files\Fichiers communs\System
   [24/03/2007|13:39] C:\Program Files\Fichiers communs\Teleca Shared
   [26/12/2008|18:47] C:\Program Files\Fichiers communs\Windows Live
   [20/07/2008|09:35] C:\Program Files\Fichiers communs\WindowsLiveInstaller

   --------------------\  Process

   ( 64 Processes )

   ... OK !

   --------------------\  Recherche avec S_Lop

   Aucun fichier / dossier Lop trouvé !
 
   --------------------\  Recherche de Fichiers / Dossiers Lop

   Aucun fichier / dossier Lop trouvé ! 
 
   --------------------\  Verification du Registre
 
   ..... OK !

   --------------------\  Verification du fichier Hosts

   Fichier Hosts PROPRE


   --------------------\  Recherche de fichiers avec Catchme
 
   catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
   Rootkit scan 2009-03-14 18:37:06
   Windows 5.1.2600 Service Pack 3 NTFS
   scanning hidden processes ...
   scanning hidden files ...
   scan completed successfully
 

  hidden processes: 0
   hidden files: 5
 
   --------------------\  Recherche d'autres infections

   C:\WINDOWS\Pack.epk
   [b]==> EGDACCESS <==/b



   [F:4705][D:289]-> C:\DOCUME~1\confo\LOCALS~1\Temp
   [F:128][D:0]-> C:\DOCUME~1\confo\Cookies
   [F:62677][D:35]-> C:\DOCUME~1\confo\LOCALS~1\TEMPOR~1\content.IE5

   1 - "C:\Lop SD\LopR_1.txt" - 14/03/2009|18:09 - Option : [1]
   2 - "C:\Lop SD\LopR_2.txt" - 14/03/2009|18:41 - Option : [2]

   --------------------\  Fin du rapport a 18:41:36

Utilisateur anonyme · Answer

c'est vrai que des comme les tiens c'est plutot rare 
ok pour la medaille d'or et por le carton y'a plus de couleurs !

reposte un nouveau rapport hijackthis stp
il devrait plus rester grand chose (normallement ...) ;)

sylviesfr · Answer

et si y en a encore plein ( il carbure aux virus) 

   --------------------\  Lop S&D 4.2.5-0   XP/Vista

   Microsoft (R) Windows Script Host Version 5.7
   Copyright (C) Microsoft Corporation 1996-2001. Tous droits r‚serv‚s.
   Microsoft Windows XP Professionnel ( v5.1.2600 ) Service Pack 3
   X86-based PC ( Multiprocessor Free : AMD Athlon(tm) 64 Processor 3500+ )
   BIOS : )Phoenix - Award WorkstationBIOS v6.00PG
   USER : confo ( Administrator )
   BOOT : Normal boot
   Antivirus : VirusKeeper 2009 Pro antivirus 9.0 (Activated)
   C:\ (Local Disk) - NTFS - Total:71 Go (Free:20 Go)
   D:\ (Local Disk) - FAT32 - Total:72 Go (Free:71 Go)
   E:\ (CD or DVD)
   F:\ (USB) - FAT32 - Total:3824 Mo (Free:3 Go)
   G:\ (USB)
   H:\ (USB)
   I:\ (USB)
   J:\ (USB)
   L:\ (Local Disk) - NTFS - Total:465 Go (Free:128 Go)

   "C:\Lop SD" ( MAJ : 19-12-2008|23:40 )
   Option : [2] ( 14/03/2009|18:35 )


   \\\\\\\\\\\\\\\ SUPPRESSION

   Supprime! - C:\DOCUME~1\confo\LOCALS~1\Temp
se2D5.tmp
   Supprime! - C:\DOCUME~1\confo\LOCALS~1\Temp
sf200.tmp
   Supprime! - C:\DOCUME~1\confo\LOCALS~1\Temp
sh209.tmp
   Supprime! - C:\DOCUME~1\confo\Cookies\confo@advertising[1].txt
 
   \\\\\\\\\\\\\\\ 

   Supprime! - C:\Program Files\Viewpoint
   Supprime! - C:\DOCUME~1\confo\APPLIC~1\Viewpoint
   Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\Viewpoint
 
   \\\\\\\\\\\\\\\

 
   --------------------\  Listing des dossiers dans APPLIC~1

   [06/10/2006|23:18] C:\DOCUME~1\ADMINI~1\APPLIC~1\Identities
   [06/10/2006|23:18] C:\DOCUME~1\ADMINI~1\APPLIC~1\Macromedia
   [06/10/2006|23:18] C:\DOCUME~1\ADMINI~1\APPLIC~1\Microsoft

   [04/01/2009|09:42] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe
   [24/07/2008|20:52] C:\DOCUME~1\ALLUSE~1\APPLIC~1\agi
   [16/02/2007|11:31] C:\DOCUME~1\ALLUSE~1\APPLIC~1\AOL
   [30/08/2008|17:15] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple
   [10/11/2008|19:13] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple Computer
   [04/12/2007|17:22] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Backup
   [21/08/2007|15:08] C:\DOCUME~1\ALLUSE~1\APPLIC~1\CA
   [11/11/2006|18:31] C:\DOCUME~1\ALLUSE~1\APPLIC~1\CyberLink
   [26/12/2006|14:28] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Disney Interactive
   [24/01/2009|18:36] C:\DOCUME~1\ALLUSE~1\APPLIC~1\eBay
   [03/01/2009|20:32] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Google
   [12/11/2006|18:10] C:\DOCUME~1\ALLUSE~1\APPLIC~1\HP
   [18/07/2008|18:50] C:\DOCUME~1\ALLUSE~1\APPLIC~1\IM
   [18/07/2008|18:49] C:\DOCUME~1\ALLUSE~1\APPLIC~1\IncrediMail
   [23/01/2007|15:17] C:\DOCUME~1\ALLUSE~1\APPLIC~1\InstallShield
   [05/11/2008|17:22] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Kiwee Toolbar2
   [14/03/2009|11:49] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Malwarebytes
   [08/02/2009|07:43] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Messenger Plus!
   [20/02/2009|07:57] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft
   [05/01/2009|10:01] C:\DOCUME~1\ALLUSE~1\APPLIC~1\NOS
   [08/01/2007|18:16] C:\DOCUME~1\ALLUSE~1\APPLIC~1\NtiDvdCopy
   [28/10/2007|10:43] C:\DOCUME~1\ALLUSE~1\APPLIC~1\NVIDIA
   [20/11/2006|17:37] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Otto
   [15/08/2007|17:48] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Pinnacle
   [25/12/2006|01:04] C:\DOCUME~1\ALLUSE~1\APPLIC~1\QuickTime
   [05/03/2009|14:44] C:\DOCUME~1\ALLUSE~1\APPLIC~1\SeekeenSrch
   [02/11/2008|20:23] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Softdisk LLC
   [29/10/2008|13:34] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Sonic
   [21/07/2008|11:04] C:\DOCUME~1\ALLUSE~1\APPLIC~1\SweetIM
   [13/11/2006|18:42] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Symantec
   [22/11/2008|14:19] C:\DOCUME~1\ALLUSE~1\APPLIC~1\TEMP
   [07/02/2009|20:09] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Ubisoft
   [12/11/2008|07:56] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Ulead Systems
   [19/01/2009|10:03] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WholeSecurity
   [18/08/2008|18:02] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Genuine Advantage
   [20/07/2008|09:53] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WLInstaller
   [12/11/2006|13:09] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Yahoo! Companion
   [01/08/2008|06:35] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Zylom

   [16/08/2007|13:36] C:\DOCUME~1\confo\APPLIC~1\Ace
   [23/01/2009|14:46] C:\DOCUME~1\confo\APPLIC~1\Adobe
   [12/11/2006|15:12] C:\DOCUME~1\confo\APPLIC~1\AdobeUM
   [24/07/2008|20:52] C:\DOCUME~1\confo\APPLIC~1\agi
   [16/02/2007|11:31] C:\DOCUME~1\confo\APPLIC~1\AOL
   [31/10/2008|19:39] C:\DOCUME~1\confo\APPLIC~1\Apple Computer
   [01/12/2008|20:49] C:\DOCUME~1\confo\APPLIC~1\ArcSoft
   [12/11/2006|16:26] C:\DOCUME~1\confo\APPLIC~1\CyberLink
   [25/12/2007|09:29] C:\DOCUME~1\confo\APPLIC~1\Disney Interactive
   [22/01/2009|21:42] C:\DOCUME~1\confo\APPLIC~1\dvdcss
   [24/01/2009|18:36] C:\DOCUME~1\confo\APPLIC~1\eBay
   [04/02/2009|17:24] C:\DOCUME~1\confo\APPLIC~1\Google
   [11/11/2006|18:57] C:\DOCUME~1\confo\APPLIC~1\Help
   [29/10/2008|13:48] C:\DOCUME~1\confo\APPLIC~1\HP
   [06/10/2006|23:18] C:\DOCUME~1\confo\APPLIC~1\Identities
   [27/12/2008|12:01] C:\DOCUME~1\confo\APPLIC~1\InstallShield
   [14/08/2007|17:22] C:\DOCUME~1\confo\APPLIC~1\InterTrust
   [09/03/2009|11:26] C:\DOCUME~1\confo\APPLIC~1\LimeWire
   [19/05/2007|11:59] C:\DOCUME~1\confo\APPLIC~1\LiteOn
   [06/10/2006|23:18] C:\DOCUME~1\confo\APPLIC~1\Macromedia
   [14/03/2009|11:49] C:\DOCUME~1\confo\APPLIC~1\Malwarebytes
   [27/01/2007|15:00] C:\DOCUME~1\confo\APPLIC~1\Micro Application
   [13/01/2009|15:05] C:\DOCUME~1\confo\APPLIC~1\Microsoft
   [05/01/2009|10:48] C:\DOCUME~1\confo\APPLIC~1\Mozilla
   [20/07/2008|09:27] C:\DOCUME~1\confo\APPLIC~1\MSNInstaller
   [14/03/2009|12:48] C:\DOCUME~1\confo\APPLIC~1\OpenOffice.org2
   [20/11/2006|17:37] C:\DOCUME~1\confo\APPLIC~1\Otto
   [25/10/2008|16:32] C:\DOCUME~1\confo\APPLIC~1\PopupCop
   [26/09/2008|17:56] C:\DOCUME~1\confo\APPLIC~1\Samsung
   [23/03/2007|14:35] C:\DOCUME~1\confo\APPLIC~1\Sony Ericsson
   [12/11/2006|15:48] C:\DOCUME~1\confo\APPLIC~1\Sun
   [23/03/2007|14:43] C:\DOCUME~1\confo\APPLIC~1\Teleca
   [18/06/2008|15:57] C:\DOCUME~1\confo\APPLIC~1	uxmath
   [15/08/2007|18:03] C:\DOCUME~1\confo\APPLIC~1\Ulead Systems
   [12/06/2007|11:46] C:\DOCUME~1\confo\APPLIC~1\vlc
   [16/02/2007|11:26] C:\DOCUME~1\confo\APPLIC~1\You've Got Pictures Screensaver

   [06/10/2006|23:18] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Identities
   [06/10/2006|23:18] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Macromedia
   [06/10/2006|23:18] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft

   [06/10/2006|23:18] C:\DOCUME~1\FRANOI~1\APPLIC~1\Macromedia
   [15/11/2007|17:08] C:\DOCUME~1\FRANOI~1\APPLIC~1\Microsoft

   [23/09/2007|15:16] C:\DOCUME~1\INVIT~1\APPLIC~1\Apple Computer
   [20/10/2007|14:56] C:\DOCUME~1\INVIT~1\APPLIC~1\CyberLink
   [22/10/2007|09:40] C:\DOCUME~1\INVIT~1\APPLIC~1\Help
   [06/10/2006|23:18] C:\DOCUME~1\INVIT~1\APPLIC~1\Identities
   [18/09/2007|09:45] C:\DOCUME~1\INVIT~1\APPLIC~1\LiteOn
   [06/10/2006|23:18] C:\DOCUME~1\INVIT~1\APPLIC~1\Macromedia
   [30/09/2007|10:25] C:\DOCUME~1\INVIT~1\APPLIC~1\Microsoft
   [29/09/2007|15:02] C:\DOCUME~1\INVIT~1\APPLIC~1\Ulead Systems
   [22/09/2007|17:36] C:\DOCUME~1\INVIT~1\APPLIC~1\vlc

   [24/07/2008|20:53] C:\DOCUME~1\LOCALS~1\APPLIC~1\agi
   [27/12/2007|18:06] C:\DOCUME~1\LOCALS~1\APPLIC~1\Help
   [06/10/2006|23:18] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft
   [05/03/2009|14:45] C:\DOCUME~1\LOCALS~1\APPLIC~1\Mozilla

   [10/11/2008|18:48] C:\DOCUME~1\NETWOR~1\APPLIC~1\agi
   [06/10/2006|23:18] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft

   [17/11/2007|12:06] C:\DOCUME~1\OUVERT~1\APPLIC~1\InstallShield
   [17/11/2007|12:06] C:\DOCUME~1\OUVERT~1\APPLIC~1\InstallShield Installation Information
   [06/10/2006|23:18] C:\DOCUME~1\OUVERT~1\APPLIC~1\Macromedia
   [06/02/2008|12:20] C:\DOCUME~1\OUVERT~1\APPLIC~1\Microsoft
 
   --------------------\  Tâches planifiées dans C:\WINDOWS	asks

   [09/03/2009 18:48][--a------] C:\WINDOWS	asks\AppleSoftwareUpdate.job
   [14/03/2009 12:41][--ah-----] C:\WINDOWS	asks\SA.DAT
   [10/08/2004 21:00][-r-h-----] C:\WINDOWS	asks\desktop.ini

   --------------------\  Listing des dossiers dans C:\Program Files

   [04/12/2007|17:13] C:\Program Files\AbiSuite2
   [06/10/2006|23:19] C:\Program Files\Acer WLAN 11g USB Dongle
   [04/01/2009|09:41] C:\Program Files\Adobe
   [05/11/2008|17:20] C:\Program Files\AGI
   [22/11/2008|16:29] C:\Program Files\Alwil Software
   [21/12/2008|18:20] C:\Program Files\AOL
   [02/09/2008|12:19] C:\Program Files\Apple Software Update
   [01/12/2008|20:47] C:\Program Files\ArcSoft
   [22/10/2007|16:43] C:\Program Files\Atout Clic CE1
   [02/09/2008|17:33] C:\Program Files\Atout Clic CP
   [04/01/2009|22:08] C:\Program Files\AxBx
   [10/11/2008|18:57] C:\Program Files\Bonjour
   [15/06/2008|18:55] C:\Program Files\Boonty
   [10/11/2008|18:12] C:\Program Files\BoontyGames
   [04/01/2009|22:05] C:\Program Files\CCleaner
   [12/11/2008|11:14] C:\Program Files\Come2PlayK2P
   [06/10/2006|23:19] C:\Program Files\commercial
   [12/11/2008|11:09] C:\Program Files\Conduit
   [15/11/2008|20:33] C:\Program Files\Control Kids
   [06/10/2006|23:19] C:\Program Files\CyberLink
   [20/11/2007|20:19] C:\Program Files\DeskPlayer
   [06/10/2006|23:19] C:\Program Files\DIFX
   [20/02/2009|20:09] C:\Program Files\Disney Interactive
   [25/06/2007|16:50] C:\Program Files\DV Cam
   [01/12/2008|21:14] C:\Program Files\DVBT Application
   [24/01/2009|18:36] C:\Program Files\eBay
   [27/09/2008|08:14] C:\Program Files\eMule
   [21/02/2009|20:41] C:\Program Files\FairUse Wizard 2
   [26/12/2008|18:47] C:\Program Files\Fichiers communs
   [02/11/2008|22:00] C:\Program Files\Freeze.com
   [06/10/2006|23:19] C:\Program Files\FrenchOtto
   [27/12/2008|11:55] C:\Program Files\Games
   [06/10/2006|23:19] C:\Program Files\GemMasterFrench
   [04/02/2009|17:31] C:\Program Files\Google
   [05/06/2007|07:37] C:\Program Files\GT Interactive
   [11/11/2006|18:56] C:\Program Files\Hachette Multim‚dia
   [02/09/2008|17:32] C:\Program Files\Happyneuron
   [29/10/2008|13:10] C:\Program Files\Hewlett-Packard
   [29/10/2008|13:42] C:\Program Files\HP
   [11/11/2008|19:40] C:\Program Files\IncrediMail
   [20/02/2009|20:09] C:\Program Files\InstallShield Installation Information
   [28/11/2008|14:20] C:\Program Files\Integard
   [12/11/2006|17:29] C:\Program Files\InterActual
   [13/03/2009|15:07] C:\Program Files\Internet Explorer
   [18/11/2008|13:11] C:\Program Files\iWizz
   [14/12/2008|21:29] C:\Program Files\Java
   [16/02/2007|11:26] C:\Program Files\Learn2.com
   [09/02/2009|17:56] C:\Program Files\LimeWire
   [08/09/2008|19:16] C:\Program Files\livetvbar
   [08/02/2009|21:53] C:\Program Files\McDonaldsDragons
   [30/09/2008|22:22] C:\Program Files\Messenger
   [08/02/2009|06:49] C:\Program Files\Messenger Plus! Live
   [26/09/2008|18:04] C:\Program Files\Micro Application
   [26/12/2008|19:07] C:\Program Files\Microsoft
   [20/07/2008|10:16] C:\Program Files\Microsoft CAPICOM 2.1.0.2
   [06/10/2006|23:19] C:\Program Files\microsoft frontpage
   [20/01/2008|14:27] C:\Program Files\Microsoft Office
   [27/02/2009|12:34] C:\Program Files\Microsoft Silverlight
   [20/07/2008|09:48] C:\Program Files\Microsoft SQL Server Compact Edition
   [26/12/2008|19:09] C:\Program Files\Microsoft Sync Framework
   [20/01/2008|14:54] C:\Program Files\Microsoft Works
   [24/01/2009|18:38] C:\Program Files\MINDSCAPE
   [05/06/2007|11:51] C:\Program Files\Mio Technology
   [28/07/2008|14:58] C:\Program Files\MiTAC Research (Shanghai) Ltd
   [15/06/2008|19:15] C:\Program Files\MOINS par MOINS
   [30/09/2008|05:12] C:\Program Files\Movie Maker
   [14/03/2009|18:10] C:\Program Files\Mozilla Firefox
   [28/06/2007|15:52] C:\Program Files\MSECache
   [22/07/2008|12:48] C:\Program Files\MSN
   [06/10/2006|23:19] C:\Program Files\MSN Gaming Zone
   [20/07/2008|19:21] C:\Program Files\MSN Messenger
   [21/08/2007|15:30] C:\Program Files\MSXML 4.0
   [30/09/2008|05:09] C:\Program Files\NetMeeting
   [06/10/2006|23:19] C:\Program Files\NewTech Infosystems
   [05/01/2009|10:01] C:\Program Files\NOS
   [18/09/2007|16:26] C:\Program Files\Novosoft International
   [06/10/2006|23:19] C:\Program Files\Oca History Tool
   [06/10/2006|23:19] C:\Program Files\Online Services
   [04/08/2008|19:47] C:\Program Files\OpenOffice.org 2.4
   [30/09/2008|05:09] C:\Program Files\Outlook Express
   [15/08/2007|17:51] C:\Program Files\Pinnacle
   [10/11/2008|18:56] C:\Program Files\QuickTime
   [06/10/2006|23:19] C:\Program Files\Realtek
   [24/07/2008|12:26] C:\Program Files\SDLL
   [05/03/2009|14:44] C:\Program Files\SeekeenSrch
   [06/10/2006|23:19] C:\Program Files\Services en ligne
   [21/12/2008|18:00] C:\Program Files\SFR
   [28/12/2008|17:14] C:\Program Files\SFR ADSL
   [24/03/2007|13:39] C:\Program Files\Sony Ericsson
   [02/03/2009|10:26] C:\Program Files\SweetIM
   [03/02/2007|14:43] C:\Program Files\System
   [17/12/2007|15:46] C:\Program Files\THQ
   [05/06/2007|06:50] C:\Program Files\TomTom DesktopSuite
   [21/08/2007|18:48] C:\Program Files\TomTom HOME
   [24/01/2009|18:35] C:\Program Files\Ubisoft
   [15/08/2007|18:01] C:\Program Files\Ulead Systems
   [03/02/2007|14:12] C:\Program Files\Uninstall Information
   [06/09/2007|19:05] C:\Program Files\ValuSoft
   [12/06/2007|11:44] C:\Program Files\VideoLAN
   [22/11/2008|17:08] C:\Program Files\Web Hottest Videos Personal Player
   [20/02/2009|07:58] C:\Program Files\Windows Live
   [26/12/2008|19:07] C:\Program Files\Windows Live SkyDrive
   [26/12/2008|19:09] C:\Program Files\Windows Live Toolbar
   [15/08/2007|18:02] C:\Program Files\Windows Media Components
   [18/08/2008|16:22] C:\Program Files\Windows Media Connect 2
   [18/08/2008|16:22] C:\Program Files\Windows Media Player
   [30/09/2008|05:09] C:\Program Files\Windows NT
   [15/11/2007|17:08] C:\Program Files\WinRAR
   [06/10/2006|23:19] C:\Program Files\xerox
   [08/11/2006|17:35] C:\Program Files\Yahoo!

   --------------------\  Listing des dossiers dans C:\Program Files\Fichiers communs

   [04/01/2009|09:41] C:\Program Files\Fichiers communs\Adobe
   [21/12/2008|18:20] C:\Program Files\Fichiers communs\AOL
   [16/02/2007|11:27] C:\Program Files\Fichiers communs\aolback
   [10/11/2008|18:55] C:\Program Files\Fichiers communs\Apple
   [23/05/2007|09:06] C:\Program Files\Fichiers communs\ArcSoft
   [15/11/2007|17:08] C:\Program Files\Fichiers communs\AVSMedia
   [12/11/2006|18:05] C:\Program Files\Fichiers communs\Hewlett-Packard
   [29/10/2008|13:34] C:\Program Files\Fichiers communs\HP
   [17/12/2007|15:32] C:\Program Files\Fichiers communs\InstallShield
   [08/11/2006|17:28] C:\Program Files\Fichiers communs\Java
   [06/10/2006|23:19] C:\Program Files\Fichiers communs\LightScribe
   [20/02/2009|07:55] C:\Program Files\Fichiers communs\Microsoft Shared
   [06/10/2006|23:19] C:\Program Files\Fichiers communs\MSSoap
   [06/10/2006|23:19] C:\Program Files\Fichiers communs\muvee Technologies
   [06/10/2006|23:19] C:\Program Files\Fichiers communs\NewTech Infosystems
   [16/02/2007|11:26] C:\Program Files\Fichiers communs\Nullsoft
   [06/06/2007|09:31] C:\Program Files\Fichiers communs\ODBC
   [22/11/2008|14:10] C:\Program Files\Fichiers communs\Panda Software
   [16/02/2007|11:29] C:\Program Files\Fichiers communs\Real
   [06/10/2006|23:19] C:\Program Files\Fichiers communs\Services
   [29/10/2008|13:34] C:\Program Files\Fichiers communs\Sonic Shared
   [06/10/2006|23:19] C:\Program Files\Fichiers communs\SpeechEngines
   [23/02/2007|15:29] C:\Program Files\Fichiers communs\Symantec Shared
   [30/09/2008|05:09] C:\Program Files\Fichiers communs\System
   [24/03/2007|13:39] C:\Program Files\Fichiers communs\Teleca Shared
   [26/12/2008|18:47] C:\Program Files\Fichiers communs\Windows Live
   [20/07/2008|09:35] C:\Program Files\Fichiers communs\WindowsLiveInstaller

   --------------------\  Process

   ( 64 Processes )

   ... OK !

   --------------------\  Recherche avec S_Lop

   Aucun fichier / dossier Lop trouvé !
 
   --------------------\  Recherche de Fichiers / Dossiers Lop

   Aucun fichier / dossier Lop trouvé ! 
 
   --------------------\  Verification du Registre
 
   ..... OK !

   --------------------\  Verification du fichier Hosts

   Fichier Hosts PROPRE


   --------------------\  Recherche de fichiers avec Catchme
 
   catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
   Rootkit scan 2009-03-14 18:37:06
   Windows 5.1.2600 Service Pack 3 NTFS
   scanning hidden processes ...
   scanning hidden files ...
   scan completed successfully
   hidden processes: 0
   hidden files: 5
 
   --------------------\  Recherche d'autres infections

   C:\WINDOWS\Pack.epk
   [b]==> EGDACCESS <==/b



   [F:4705][D:289]-> C:\DOCUME~1\confo\LOCALS~1\Temp
   [F:128][D:0]-> C:\DOCUME~1\confo\Cookies
   [F:62677][D:35]-> C:\DOCUME~1\confo\LOCALS~1\TEMPOR~1\content.IE5

   1 - "C:\Lop SD\LopR_1.txt" - 14/03/2009|18:09 - Option : [1]
   2 - "C:\Lop SD\LopR_2.txt" - 14/03/2009|18:41 - Option : [2]

   --------------------\  Fin du rapport a 18:41:36

Utilisateur anonyme · Answer

non ca c'est le rapport lop sd

il me faudrait un nouveau rapport HIJACKTHIS
comme au tout 1er message stp

sylviesfr · Answer

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 20:09:31, on 14/03/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16791)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\SYSTEM32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\ehome\ehtray.exe
C:\Acer\Empowering Technology\ePerformance\MemCheck.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Acer\Empowering Technology\eRecovery\eRAgent.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\WINDOWS\system32\SysMonitor.exe
C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\PROGRA~1\SFR\CONTRO~1\bin\OPTGui.exe
C:\Program Files\AxBx\VirusKeeper 2009 Pro Evaluation\VirusKeeper.exe
C:\Program Files\SweetIM\Messenger\SweetIM.exe
C:\WINDOWS\eHome\ehSched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Windows Live\Family Safety\fsssvc.exe
C:\Acer\Empowering Technology\Acer.Empowering.Framework.Launcher.exe
C:\Program Files\Micro Application\Les 4 Dictionnaires Utiles\MediaDICO4Ut.EXE
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Acer WLAN 11g USB Dongle\ZDWlan.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
c:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
C:\Program Files\Micro Application\Les 4 Dictionnaires Utiles\Rac4Ut.EXE
C:\WINDOWS\system32
vsvc32.exe
C:\Program Files\SFR\Controle Parental\bin\optproxy.exe
C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
C:\Documents and Settings\All Users\Application Data\SeekeenSrch\seekeen147.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\AxBx\VirusKeeper 2009 Pro Evaluation\vk_service.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files\SeekeenSrch\seekeen.exe
C:\WINDOWS\system32\dllhost.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\eHome\ehmsas.exe
C:\Documents and Settings\confo\Application Data\Microsoft\Live Search\Notification-LiveSearch.exe
C:\Documents and Settings\confo\Application Data\Microsoft\Live Search\Mise-a-jour-LiveSearch.exe
C:\Program Files\OpenOffice.org 2.4\program\soffice.exe
C:\Program Files\OpenOffice.org 2.4\program\soffice.BIN
C:\Program Files\AxBx\VirusKeeper 2009 Pro Evaluation\vk_watchop.exe
C:\WINDOWS\explorer.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Windows Live\Contacts\wlcomm.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: AGSearchHook Class - {0BC6E3FA-78EF-4886-842C-5A1258C4455A} - C:\Program Files\agi\common\agcutils.dll
R3 - URLSearchHook: SweetIM ToolbarURLSearchHook Class - {EEE6C35D-6118-11DC-9C72-001320C79847} - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgHelper.dll
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: AGSearchHook Class - {0BC6E3FA-78EF-4886-842C-5A1258C4455A} - C:\Program Files\agi\common\agcutils.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Windows Live Family Safety Browser Helper - {4f3ed5cd-0726-42a9-87f5-d13f3d2976ac} - C:\Program Files\Windows Live\Family Safety\fssbho.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SearchHelper.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: AOL Toolbar Launcher - {7C554162-8CB7-45A4-B8F4-8EA1C75885F9} - C:\Program Files\AOL\AOL Toolbar 5.0\aoltb.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.0.926.3450\swg.dll
O2 - BHO: Come2PlayK2P Toolbar - {b8a5b62c-517f-42a5-85ae-29b5497fb15f} - C:\Program Files\Come2PlayK2P	bCome.dll
O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_219B3E1547538286.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O2 - BHO: SWEETIE - {EEE6C35C-6118-11DC-9C72-001320C79847} - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll
O3 - Toolbar: Acer eDataSecurity Management - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\WINDOWS\system32\eDStoolbar.dll
O3 - Toolbar: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: SweetIM Toolbar for Internet Explorer - {EEE6C35B-6118-11DC-9C72-001320C79847} - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll
O3 - Toolbar: Come2PlayK2P Toolbar - {b8a5b62c-517f-42a5-85ae-29b5497fb15f} - C:\Program Files\Come2PlayK2P	bCome.dll
O3 - Toolbar: AOL Toolbar - {DE9C389F-3316-41A7-809B-AA305ED9D922} - C:\Program Files\AOL\AOL Toolbar 5.0\aoltb.dll
O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe
O4 - HKLM\..\Run: [LaunchApp] Alaunch
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [SkyTel] SkyTel.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [ntiMUI] c:\Program Files\NewTech Infosystems\NTI CD & DVD-Maker 7
tiMUI.exe
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [IMEKRMIG6.1] C:\WINDOWS\ime\imkr6_1\IMEKRMIG.EXE
O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [Acer Empowering Technology Monitor] C:\WINDOWS\system32\SysMonitor.exe
O4 - HKLM\..\Run: [eDataSecurity Loader] C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe 1
O4 - HKLM\..\Run: [eRecoveryService] C:\Acer\Empowering Technology\eRecovery\eRAgent.exe
O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\FICHIE~1\INSTAL~1\UPDATE~1\isuspm.exe -startup
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [PinnacleDriverCheck] C:\WINDOWS\system32\PSDrvCheck.exe -CheckReg
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe
O4 - HKLM\..\Run: [OPTENET_GUI] C:\PROGRA~1\SFR\CONTRO~1\bin\OPTGui.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [VirusKeeper] C:\Program Files\AxBx\VirusKeeper 2009 Pro Evaluation\VirusKeeper.exe
O4 - HKLM\..\Run: [SweetIM] C:\Program Files\SweetIM\Messenger\SweetIM.exe
O4 - HKLM\..\RunOnce: [Malwarebytes' Anti-Malware] D:\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MediaDICO4Ut] C:\Program Files\Micro Application\Les 4 Dictionnaires Utiles\LanceMediaDICO4Ut.exe Lancement
O4 - HKCU\..\Run: [Packard Bell Data Secure] C:\Program Files\Packard Bell Data Secure\PBDataSecure.exe
O4 - HKCU\..\Run: [MsnMsgr] ~"C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: DW_Start.lnk = C:\WINDOWS\system32\dwwnw64r.exe
O4 - Startup: OpenOffice.org 2.4.lnk = C:\Program Files\OpenOffice.org 2.4\program\quickstart.exe
O4 - Startup: Outil de notification Live Search.lnk = C:\Documents and Settings\confo\Application Data\Microsoft\Live Search\Notification-LiveSearch.exe
O4 - Global Startup: Acer Empowering Technology.lnk = ?
O4 - Global Startup: Acer WLAN 11g USB Dongle.lnk = C:\Program Files\Acer WLAN 11g USB Dongle\ZDWlan.exe
O4 - Global Startup: Démarrage rapide de HP Photosmart Premier.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Mindscape Website.url
O8 - Extra context menu item: &Recherche AOL Toolbar - c:\program files\aol\aol toolbar 5.0esources\fr-fr\local\search.html
O8 - Extra context menu item: (PopUpCop) Allow images... - res://C:\PROGRA~1\PopUpCop\PopUpCop.dll/allowimages
O8 - Extra context menu item: (PopUpCop) Block images... - res://C:\PROGRA~1\PopUpCop\PopUpCop.dll/blockimages
O8 - Extra context menu item: (PopUpCop) Open In New Window - res://C:\PROGRA~1\PopUpCop\PopUpCop.dll/imagenew
O8 - Extra context menu item: Recherche sur eBay - res://C:\Program Files\eBay\eBay Toolbar2\eBayTb.dll/RCSearch.html
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: AOL Toolbar - {3369AF0D-62E9-4bda-8103-B4C75499B578} - C:\Program Files\AOL\AOL Toolbar 5.0\aoltb.dll
O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no file)
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O16 - DPF: CabBuilder - http://kiw.imgag.com/imgag/kiw/toolbar/download/InstallerControl.cab
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab
O16 - DPF: {5D637FAD-E202-48D1-8F18-5B9C459BD1E3} (Image Uploader Control) - http://www.extrafilm.fr/ImageUploader5.cab
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.cab
O16 - DPF: {BD8667B7-38D8-4C77-B580-18C3E146372C} (Creative Toolbox Plug-in) - http://kiw.imgag.com/imgag/cp/install/crusher-kiwen.cab
O16 - DPF: {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} (Zylom Games Player) - http://game14.zylom.com/activex/zylomgamesplayer.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab56986.cab
O18 - Filter hijack: text/html - {C6F62B7A-5450-4A2F-8687-6CEEC3AEB055} - C:\WINDOWS\system32\controlkids2.dll
O20 - Winlogon Notify: Scryptnat - Scryptnat.dll (file missing)
O23 - Service: Memory Check Service (AcerMemUsageCheckService) - Acer Inc. - C:\Acer\Empowering Technology\ePerformance\MemCheck.exe
O23 - Service: AG Windows Service (AGWinService) - Unknown owner - C:\Program Files\AGI\common\win32\PythonService.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: getPlus(R) Helper - Unknown owner - C:\Program Files\NOS\bin\getPlus_HelperSvc.exe (file missing)
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - c:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32
vsvc32.exe
O23 - Service: Contrôle Parental SFR (OPTENET_FILTER) - SFR - C:\Program Files\SFR\Controle Parental\bin\optproxy.exe
O23 - Service: Panda Process Protection Service (PavPrSrv) - Unknown owner - C:\Program Files\Fichiers communs\Panda Software\PavShld\pavprsrv.exe (file missing)
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: SeekeenSrch Service - Unknown owner - C:\Documents and Settings\All Users\Application Data\SeekeenSrch\seekeen147.exe
O23 - Service: VirusKeeper antivirus/antispyware (vkservice) - AxBx - C:\Program Files\AxBx\VirusKeeper 2009 Pro Evaluation\vk_service.exe

Utilisateur anonyme · Answer

==> Télécharge et enregistre sur ton bureau SDfix (créé par AndyManchesta) 
http://downloads.andymanchesta.com/RemovalTools/SDFix.exe

==> Double cliquer sur SDFix.exe et choisir Install pour l'extraire dans un dossier dédié sur ton disque C:.

/!\ Démarre en mode sans échec : après le bip et avant le logo windows tapoter sur la touche F8 (ou F5): menu M.S.E.. 

==> Choisir son compte, pas celui de l'Administrateur ou autre. 

==> Dérouler la liste des instructions ci-dessous :

• Ouvrir le dossier SDFix qui vient d'être créé dans le répertoire C:\ et double clique sur RunThis.bat pour lancer le script. 
• Appuyer sur Y pour commencer le processus de nettoyage. 
• Il va supprimer les services et les entrées du Registre de certains trojans trouvés puis te demandera d'appuyer sur une touche pour redémarrer. 
• Appuyer sur une touche pour redémarrer le PC. 
• Le système sera plus long pour redémarrer qu'à l'accoutumée car l'outil va continuer à s'exécuter et supprimer des fichiers. 
• Après le chargement du Bureau, l'outil terminera son travail et affichera Finished. 
• Appuyer sur une touche pour finir l'exécution du script et charger les icônes du Bureau. 
• Les icônes du Bureau affichées, le rapport SDFix s'ouvrira à l'écran et s'enregistrera aussi dans le dossier SDFix sous le nom Report.txt. 
• Enfin, copier/coller le contenu du fichier Report.txt dans la prochaine réponse sur le forum

sylviesfr · Answer

[b]SDFix: Version 1.240 [/b]
Run by confo on 15/03/2009 at 13:37

Microsoft Windows XP [version 5.1.2600]
Running From: C:\SDFix

[b]Checking Services [/b]:


Restoring Default Security Values
Restoring Default Hosts File

Rebooting


[b]Checking Files [/b]: 

Trojan Files Found:

C:\WINDOWS\system32\autorun.ini - Deleted





Removing Temp Files

[b]ADS Check [/b]:
 


                                 [b]Final Check [/b]:

catchme 0.3.1361.2 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-03-15 13:45:36
Windows 5.1.2600 Service Pack 3 NTFS

scanning hidden processes ...

scanning hidden services & system hive ...

scanning hidden registry entries ...

scanning hidden files ...

scan completed successfully
hidden processes: 0
hidden services: 0
hidden files: 0


[b]Remaining Services [/b]:




Authorized Application Key Export:

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Fichiers communs\AOL\ACS\AOLacsd.exe"="C:\Program Files\Fichiers communs\AOL\ACS\AOLacsd.exe:*:Enabled:AOL"
"C:\Program Files\Fichiers communs\AOL\ACS\AOLDial.exe"="C:\Program Files\Fichiers communs\AOL\ACS\AOLDial.exe:*:Enabled:AOL"
"C:\Program Files\AOL 9.0\waol.exe"="C:\Program Files\AOL 9.0\waol.exe:*:Enabled:AOL 9.0"
"C:\Program Files\Messenger\msmsgs.exe"="C:\Program Files\Messenger\msmsgs.exe:*:Enabled:Windows Messenger"
"C:\Program Files\IncrediMail\bin\ImApp.exe"="C:\Program Files\IncrediMail\bin\ImApp.exe:*:Enabled:IncrediMail"
"C:\Program Files\IncrediMail\bin\IncMail.exe"="C:\Program Files\IncrediMail\bin\IncMail.exe:*:Enabled:IncrediMail"
"C:\Program Files\IncrediMail\bin\ImpCnt.exe"="C:\Program Files\IncrediMail\bin\ImpCnt.exe:*:Enabled:IncrediMail"
"C:\Documents and Settings\confo\Local Settings\Temp\IncrediMail\IMInstall\binaries\IncMail.exe"="C:\Documents and Settings\confo\Local Settings\Temp\IncrediMail\IMInstall\binaries\IncMail.exe:*:Enabled:IncrediMail"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe:*:Enabled:hpqtra08.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe:*:Enabled:hpqste08.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpofxm08.exe"="C:\Program Files\HP\Digital Imaging\bin\hpofxm08.exe:*:Enabled:hpofxm08.exe"
"C:\Program Files\HP\Digital Imaging\bin\hposfx08.exe"="C:\Program Files\HP\Digital Imaging\bin\hposfx08.exe:*:Enabled:hposfx08.exe"
"C:\Program Files\HP\Digital Imaging\bin\hposid01.exe"="C:\Program Files\HP\Digital Imaging\bin\hposid01.exe:*:Enabled:hposid01.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqscnvw.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqscnvw.exe:*:Enabled:hpqscnvw.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe:*:Enabled:hpqkygrp.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqCopy.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqCopy.exe:*:Enabled:hpqcopy.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpfccopy.exe"="C:\Program Files\HP\Digital Imaging\bin\hpfccopy.exe:*:Enabled:hpfccopy.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpzwiz01.exe"="C:\Program Files\HP\Digital Imaging\bin\hpzwiz01.exe:*:Enabled:hpzwiz01.exe"
"C:\Program Files\HP\Digital Imaging\Unload\HpqPhUnl.exe"="C:\Program Files\HP\Digital Imaging\Unload\HpqPhUnl.exe:*:Enabled:hpqphunl.exe"
"C:\Program Files\HP\Digital Imaging\Unload\HpqDIA.exe"="C:\Program Files\HP\Digital Imaging\Unload\HpqDIA.exe:*:Enabled:hpqdia.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpoews01.exe"="C:\Program Files\HP\Digital Imaging\bin\hpoews01.exe:*:Enabled:hpoews01.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqnrs08.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqnrs08.exe:*:Enabled:hpqnrs08.exe"
"C:\Program Files\Bonjour\mDNSResponder.exe"="C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour"
"D:\LimeWire\LimeWire.exe"="D:\LimeWire\LimeWire.exe:*:Enabled:LimeWire"
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe"="C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live Sync"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Fichiers communs\AOL\ACS\AOLacsd.exe"="C:\Program Files\Fichiers communs\AOL\ACS\AOLacsd.exe:*:Enabled:AOL"
"C:\Program Files\Fichiers communs\AOL\ACS\AOLDial.exe"="C:\Program Files\Fichiers communs\AOL\ACS\AOLDial.exe:*:Enabled:AOL"
"C:\Program Files\AOL 9.0\waol.exe"="C:\Program Files\AOL 9.0\waol.exe:*:Enabled:AOL 9.0"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe"="C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live Sync"

[b]Remaining Files [/b]:


File Backups: - C:\SDFix\backups\backups.zip

[b]Files with Hidden Attributes [/b]:

Fri 19 Nov 2004        26,112 A..H. --- "C:\WINDOWS\AcerDRV\InsD1211.exe"
Tue 15 Nov 2005        26,112 A..H. --- "C:\WINDOWS\AcerDRV\InsD1215.exe"
Mon 30 Aug 2004        44,032 A..H. --- "C:\WINDOWS\AcerDRVescan.exe"
Fri 19 Nov 2004        26,112 A..H. --- "C:\WINDOWS\system32\InsD1211.exe"
Tue 15 Nov 2005        26,112 A..H. --- "C:\WINDOWS\system32\InsD1215.exe"
Wed  6 Aug 2003        24,576 A..H. --- "C:\WINDOWS\system32\KCMDNIns.exe"
Wed 16 Nov 2005        24,576 A..HR --- "C:\WINDOWS\system32\Kill1211.exe"
Fri 11 Aug 2006         1,024 ...HR --- "C:\WINDOWS\system32\NTIBUN4.dll"
Fri 11 Aug 2006         1,024 ...HR --- "C:\WINDOWS\system32\NTICDMK7.dll"
Fri 11 Aug 2006         1,024 ...HR --- "C:\WINDOWS\system32\NTIFCD3.dll"
Fri 11 Aug 2006         1,024 ...HR --- "C:\WINDOWS\system32\NTIMP3.dll"
Fri 11 Aug 2006         1,024 ...HR --- "C:\WINDOWS\system32\NTIMPEG2.dll"
Thu  7 Aug 2003        24,576 A..H. --- "C:\WINDOWS\system32eboot.exe"
Sat 20 Nov 2004        26,112 A..H. --- "C:\WINDOWS\system32\RemD1211.exe"
Tue 15 Nov 2005        26,112 A..H. --- "C:\WINDOWS\system32\RemD1215.exe"
Mon 30 Aug 2004        44,032 A..H. --- "C:\WINDOWS\system32escan.exe"
Sun 12 Nov 2006         4,348 A.SH. --- "C:\Documents and Settings\All Users\DRM\DRMv1.bak"
Sat 14 Jun 2008        10,853 A..H. --- "C:\Program Files\InterActual\InterActual Player\iti3F.tmp"
Mon 18 Aug 2008             0 A.SH. --- "C:\Documents and Settings\All Users\DRM\Cache\Indiv03.tmp"
Sat 28 Feb 2009     3,518,240 A..H. --- "C:\WINDOWS\SoftwareDistribution\Download\737a4b4adf7cb8a3aab3d674c7504026\BIT2C9.tmp"
Sun 20 Jul 2008        11,116 A.SH. --- "C:\Documents and Settings\All Users\Documents\Ma musique\Sauvegarde de la licence\drmv2key.bak"
Fri 15 Jun 2007       492,032 A..HR --- "C:\Documents and Settings\confo\Local Settings\Temp\{F062F9E9-2F6B-4C55-AED2-73CB1486FC83}\ISSetup.dll"
Fri 15 Jun 2007       373,680 A..HR --- "C:\Documents and Settings\confo\Local Settings\Temp\{F062F9E9-2F6B-4C55-AED2-73CB1486FC83}\_Setup.dll"
Tue  2 Sep 2008     2,101,248 A.SH. --- "C:\Documents and Settings\confo\Mes documents\Mes photos\100MEDIA\SIV257.tmp"
Tue  2 Sep 2008     1,699,840 A.SH. --- "C:\Documents and Settings\confo\Mes documents\Mes photos\100MEDIA\SIV258.tmp"
Tue  2 Sep 2008     1,437,696 A.SH. --- "C:\Documents and Settings\confo\Mes documents\Mes photos\100MEDIA\SIV259.tmp"
Tue  2 Sep 2008       856,064 A.SH. --- "C:\Documents and Settings\confo\Mes documents\Mes photos\100MEDIA\SIV25A.tmp"
Tue  2 Sep 2008       598,016 A.SH. --- "C:\Documents and Settings\confo\Mes documents\Mes photos\100MEDIA\SIV25B.tmp"
Tue  2 Sep 2008       462,848 A.SH. --- "C:\Documents and Settings\confo\Mes documents\Mes photos\100MEDIA\SIV25C.tmp"
Tue  2 Sep 2008       458,752 A.SH. --- "C:\Documents and Settings\confo\Mes documents\Mes photos\100MEDIA\SIV25D.tmp"
Tue  2 Sep 2008       143,360 A.SH. --- "C:\Documents and Settings\confo\Mes documents\Mes photos\100MEDIA\SIV25E.tmp"

[b]Finished![/b]

Utilisateur anonyme · Answer

Relance hijackthis mais cette fois clic sur 
DO A SYSTEM SCAN  ONLY(tu n'auras pas de rapport !)

PUIS COCHES CES LIGNES
(et seulement ces lignes, tu pourrais alterer le bon fonctionnement du pc !)

ET ENSUITE CLIC SUR FIX CHEKEED

R3 - URLSearchHook: AGSearchHook Class - {0BC6E3FA-78EF-4886-842C-5A1258C4455A} - C:\Program Files\agi\common\agcutils.dll
 O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file) 
 O4 - HKCU\..\Run: [MsnMsgr] ~"C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background  
 O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no file) 
O2 - BHO: AGSearchHook Class - {0BC6E3FA-78EF-4886-842C-5A1258C4455A} - C:\Program Files\agi\common\agcutils.dll
O23 - Service: AG Windows Service (AGWinService) - Unknown owner - C:\Program Files\AGI\common\win32\PythonService.exe 

+ toutes lignes qui commencent par 016

ensuite va dans ajout/suppression de programmes et desinstalle la toolbar kiwee 


ensuite refais un rapport hijackthis normal et poste le rapport

sylviesfr · Answer

bonsoir

j'espère ne pas avoir mal fait les choses.
dans ajout/suppression de programmes je n'est pas trouver toolbar kiwee alors j'ai fait recherche (j'en est eu 12, j'en est effacer 2 qui avais le mot "pyagcore".

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 21:40:03, on 15/03/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16791)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\SYSTEM32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Acer\Empowering Technology\ePerformance\MemCheck.exe
C:\WINDOWS\ehome\ehtray.exe
C:\Acer\Empowering Technology\eRecovery\eRAgent.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\Java\jre6\bin\jusched.exe
C:\WINDOWS\system32\SysMonitor.exe
C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\Program Files\Windows Live\Family Safety\fsssvc.exe
C:\PROGRA~1\SFR\CONTRO~1\bin\OPTGui.exe
C:\Program Files\AxBx\VirusKeeper 2009 Pro Evaluation\VirusKeeper.exe
C:\Program Files\SweetIM\Messenger\SweetIM.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Micro Application\Les 4 Dictionnaires Utiles\MediaDICO4Ut.EXE
c:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
C:\Acer\Empowering Technology\Acer.Empowering.Framework.Launcher.exe
C:\Program Files\Acer WLAN 11g USB Dongle\ZDWlan.exe
C:\WINDOWS\system32
vsvc32.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\SFR\Controle Parental\bin\optproxy.exe
C:\Program Files\Micro Application\Les 4 Dictionnaires Utiles\Rac4Ut.EXE
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
C:\Documents and Settings\All Users\Application Data\SeekeenSrch\seekeen147.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\AxBx\VirusKeeper 2009 Pro Evaluation\vk_service.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\WINDOWS\system32\dllhost.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\Program Files\SeekeenSrch\seekeen.exe
C:\WINDOWS\eHome\ehmsas.exe
C:\Documents and Settings\confo\Application Data\Microsoft\Live Search\Notification-LiveSearch.exe
C:\Documents and Settings\confo\Application Data\Microsoft\Live Search\Mise-a-jour-LiveSearch.exe
C:\Program Files\OpenOffice.org 2.4\program\soffice.exe
C:\Program Files\OpenOffice.org 2.4\program\soffice.BIN
C:\Program Files\Windows Live\Contacts\wlcomm.exe
C:\Program Files\AxBx\VirusKeeper 2009 Pro Evaluation\vk_watchop.exe
C:\WINDOWS\system32\wuauclt.exe
C:\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: SweetIM ToolbarURLSearchHook Class - {EEE6C35D-6118-11DC-9C72-001320C79847} - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgHelper.dll
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Windows Live Family Safety Browser Helper - {4f3ed5cd-0726-42a9-87f5-d13f3d2976ac} - C:\Program Files\Windows Live\Family Safety\fssbho.dll
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SearchHelper.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: AOL Toolbar Launcher - {7C554162-8CB7-45A4-B8F4-8EA1C75885F9} - C:\Program Files\AOL\AOL Toolbar 5.0\aoltb.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.0.926.3450\swg.dll
O2 - BHO: Come2PlayK2P Toolbar - {b8a5b62c-517f-42a5-85ae-29b5497fb15f} - C:\Program Files\Come2PlayK2P	bCome.dll
O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_219B3E1547538286.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O2 - BHO: SWEETIE - {EEE6C35C-6118-11DC-9C72-001320C79847} - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll
O3 - Toolbar: Acer eDataSecurity Management - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\WINDOWS\system32\eDStoolbar.dll
O3 - Toolbar: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: SweetIM Toolbar for Internet Explorer - {EEE6C35B-6118-11DC-9C72-001320C79847} - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll
O3 - Toolbar: Come2PlayK2P Toolbar - {b8a5b62c-517f-42a5-85ae-29b5497fb15f} - C:\Program Files\Come2PlayK2P	bCome.dll
O3 - Toolbar: AOL Toolbar - {DE9C389F-3316-41A7-809B-AA305ED9D922} - C:\Program Files\AOL\AOL Toolbar 5.0\aoltb.dll
O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe
O4 - HKLM\..\Run: [LaunchApp] Alaunch
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [SkyTel] SkyTel.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [ntiMUI] c:\Program Files\NewTech Infosystems\NTI CD & DVD-Maker 7
tiMUI.exe
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [IMEKRMIG6.1] C:\WINDOWS\ime\imkr6_1\IMEKRMIG.EXE
O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [Acer Empowering Technology Monitor] C:\WINDOWS\system32\SysMonitor.exe
O4 - HKLM\..\Run: [eDataSecurity Loader] C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe 1
O4 - HKLM\..\Run: [eRecoveryService] C:\Acer\Empowering Technology\eRecovery\eRAgent.exe
O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\FICHIE~1\INSTAL~1\UPDATE~1\isuspm.exe -startup
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [PinnacleDriverCheck] C:\WINDOWS\system32\PSDrvCheck.exe -CheckReg
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe
O4 - HKLM\..\Run: [OPTENET_GUI] C:\PROGRA~1\SFR\CONTRO~1\bin\OPTGui.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [VirusKeeper] C:\Program Files\AxBx\VirusKeeper 2009 Pro Evaluation\VirusKeeper.exe
O4 - HKLM\..\Run: [SweetIM] C:\Program Files\SweetIM\Messenger\SweetIM.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MediaDICO4Ut] C:\Program Files\Micro Application\Les 4 Dictionnaires Utiles\LanceMediaDICO4Ut.exe Lancement
O4 - HKCU\..\Run: [Packard Bell Data Secure] C:\Program Files\Packard Bell Data Secure\PBDataSecure.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: DW_Start.lnk = C:\WINDOWS\system32\dwwnw64r.exe
O4 - Startup: OpenOffice.org 2.4.lnk = C:\Program Files\OpenOffice.org 2.4\program\quickstart.exe
O4 - Startup: Outil de notification Live Search.lnk = C:\Documents and Settings\confo\Application Data\Microsoft\Live Search\Notification-LiveSearch.exe
O4 - Global Startup: Acer Empowering Technology.lnk = ?
O4 - Global Startup: Acer WLAN 11g USB Dongle.lnk = C:\Program Files\Acer WLAN 11g USB Dongle\ZDWlan.exe
O4 - Global Startup: Démarrage rapide de HP Photosmart Premier.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Mindscape Website.url
O8 - Extra context menu item: &Recherche AOL Toolbar - c:\program files\aol\aol toolbar 5.0esources\fr-fr\local\search.html
O8 - Extra context menu item: (PopUpCop) Allow images... - res://C:\PROGRA~1\PopUpCop\PopUpCop.dll/allowimages
O8 - Extra context menu item: (PopUpCop) Block images... - res://C:\PROGRA~1\PopUpCop\PopUpCop.dll/blockimages
O8 - Extra context menu item: (PopUpCop) Open In New Window - res://C:\PROGRA~1\PopUpCop\PopUpCop.dll/imagenew
O8 - Extra context menu item: Recherche sur eBay - res://C:\Program Files\eBay\eBay Toolbar2\eBayTb.dll/RCSearch.html
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: AOL Toolbar - {3369AF0D-62E9-4bda-8103-B4C75499B578} - C:\Program Files\AOL\AOL Toolbar 5.0\aoltb.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O18 - Filter hijack: text/html - {C6F62B7A-5450-4A2F-8687-6CEEC3AEB055} - C:\WINDOWS\system32\controlkids2.dll
O20 - Winlogon Notify: Scryptnat - Scryptnat.dll (file missing)
O23 - Service: Memory Check Service (AcerMemUsageCheckService) - Acer Inc. - C:\Acer\Empowering Technology\ePerformance\MemCheck.exe
O23 - Service: AG Windows Service (AGWinService) - Unknown owner - C:\Program Files\AGI\common\win32\PythonService.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: getPlus(R) Helper - Unknown owner - C:\Program Files\NOS\bin\getPlus_HelperSvc.exe (file missing)
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - c:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32
vsvc32.exe
O23 - Service: Contrôle Parental SFR (OPTENET_FILTER) - SFR - C:\Program Files\SFR\Controle Parental\bin\optproxy.exe
O23 - Service: Panda Process Protection Service (PavPrSrv) - Unknown owner - C:\Program Files\Fichiers communs\Panda Software\PavShld\pavprsrv.exe (file missing)
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: SeekeenSrch Service - Unknown owner - C:\Documents and Settings\All Users\Application Data\SeekeenSrch\seekeen147.exe
O23 - Service: VirusKeeper antivirus/antispyware (vkservice) - AxBx - C:\Program Files\AxBx\VirusKeeper 2009 Pro Evaluation\vk_service.exe

Utilisateur anonyme · Answer

/!\ A l'attention de ceux qui passent sur ce sujet /!\
Le logiciel qui suit n'est pas à utiliser à la légère !
Ne le faites que si un helpeur du forum qui connait bien cet outil vous l'a recommandé.


On va utiliser Combofix pour finir la désinfection. Attention, ce logiciel est très puissant, il ne doit être utilisé qu'en dernier recours, et une mauvaise utilisation peut faire des dégâts... Fais exactement ce qui suit :

Télécharge ComboFix (de sUBs) sur ton Bureau (et pas ailleurs !). Pour cela, fais un clic droit sur ce lien et choisis "enregistrer la cible sous ... " et tape C-Fix dans dans la fenêtre qui s'ouvre, puis choisis le Bureau comme destination : http://download.bleepingcomputer.com/sUBs/ComboFix.exe

----------------------------------- [ ! ATTENTION ! ] --------------------------------------------------
! déconnecte toi, ferme toutes tes applications en cours et DESACTIVE TOUTES TES DEFENCES (anti-virus, antispyware, pare-feu) le temps de la manipulation qui pourraient gêner fortement l'outil...Tu les réactiveras donc après !

Attention pendant que l'outil travaille, ne touche surtout a rien souris,clavier...tu pourrais figer ton pc


==> Surtout, si tu rencontres des difficultés à ce niveau là, dis le moi avant de poursuivre...

Tuto ici pour installer la Console de récupération (important en cas de problème) : https://www.bleepingcomputer.com/combofix/fr/comment-utiliser-combofix

Utilisateur anonyme · Answer

slt sylvie
alors ce pc ?
a+

sylviesfr · Answer

coucou,

Pour l'instant tout va bien (pour vu que ça dur avec le mal que tu t'est donner)
Surtout je tien a te remercier encore une fois.
Tu est super avec des explications simple et claire (que m'aime moi " serial killer de pc" est compris)

Amicalement 

Sylvie

Utilisateur anonyme · Answer

super que ton pc fonctionne
mais as tu fais la derniere procedure ?

Autrement dit il fonctionne mais si tu restes avec ca, dans 1 mois tu reviens pour dire que tu es infectée !

suis ce que je te dis jusqu'au bout !

A+

sylviesfr · Answer

Coucou,

Non je me suis dégonfler, ça me fait trop peur. Je suis désoler. 
tant que ça va, ça va. je cour le risque qu'il tombe peu-être en panne ou pas.
Je sais je suis nul. Mais j'assume ma connerie. Tu as étais super, je pense que tu a l'impression de ne pas avoir fini. Et je m'en excuse encore.

amicalement

sylvie

kevin05 · Answer

salut

crée ton propre message

J'ai besoin d'aide pour pyagcore

35 réponses

Votre réponse

Newsletters