Pop-up CID

Merci beaucoup de ton aide !

J'ai suivi tes instructions.
Voici le rapport de C:\combofix

ComboFix 08-07-26.1 - Jurg 2008-07-27 8:00:25.1 - NTFSx86
Endroit: C:\Documents and Settings\Jurg\Bureau\ComboFix.exe

[color=red][b]AVERTISSEMENT - LA CONSOLE DE RÉCUPÉRATION N'EST PAS INSTALLÉE SUR CETTE MACHINE !![/b][/color]
.

(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\WINDOWS\cookies.ini
C:\WINDOWS\pskt.ini
C:\WINDOWS\system32\ddcDUoLE.dll
C:\WINDOWS\system32\egzqkz.dll
C:\WINDOWS\system32\eOUxwyay.ini
C:\WINDOWS\system32\eOUxwyay.ini2
C:\WINDOWS\system32\inofvoas.dll
C:\WINDOWS\system32\jkkjGyxv.dll
C:\WINDOWS\system32\jkkKArpn.dll
C:\WINDOWS\system32\opnkjHYR.dll
C:\WINDOWS\system32\rqRHaaWO.dll
C:\WINDOWS\system32\rxxcklcx.ini
C:\WINDOWS\system32\ubbonggy.ini
C:\WINDOWS\system32\vtUooPfF.dll
C:\WINDOWS\system32\xajbajnp.dll
C:\WINDOWS\system32\yaywxUOe.dll
C:\WINDOWS\system32\yslgamjr.ini

.
((((((((((((((((((((((((((((( Fichiers cr‚‚s 2008-06-27 to 2008-07-27 ))))))))))))))))))))))))))))))))))))
.

2008-07-27 08:08 . 2008-07-27 08:08 294 ---hs---- C:\WINDOWS\system32\yslgamjr.ini
2008-07-26 22:00 . 2008-07-26 22:00 <REP> d-------- C:\Program Files\Trend Micro
2008-07-26 18:23 . 2008-07-26 18:23 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Yahoo! Companion
2008-07-26 18:20 . 2008-07-26 18:20 <REP> d-------- C:\Program Files\Yahoo!
2008-07-26 18:20 . 2008-07-26 18:20 <REP> d-------- C:\Program Files\CCleaner
2008-07-26 17:53 . 2008-07-26 22:02 <REP> d-------- C:\Program Files\Lopxp
2008-07-26 14:33 . 2008-07-26 14:33 <REP> d-------- C:\Documents and Settings\Jurg\Application Data\Leadertech
2008-07-26 14:29 . 2008-07-26 14:29 83,456 --a------ C:\WINDOWS\system32\rjmaglsy.dll
2008-07-26 14:27 . 2008-07-26 14:27 105,472 --a------ C:\WINDOWS\system32\uuxlsjyr.dll
2008-07-26 14:27 . 2008-07-26 14:27 105,472 --a------ C:\WINDOWS\system32\slvdiz.dll
2008-07-26 14:27 . 2008-07-26 14:27 91,648 --a------ C:\WINDOWS\system32\hofeefyh.dll
2008-07-24 23:02 . 2008-07-24 23:02 105,472 --a------ C:\WINDOWS\system32\folszy.dll
2008-07-24 23:02 . 2008-07-24 23:02 105,472 --a------ C:\WINDOWS\system32\bomxxxyf.dll
2008-07-24 22:56 . 2008-07-24 22:56 91,648 --a------ C:\WINDOWS\system32\juyqtwuf.dll
2008-07-23 22:55 . 2008-07-27 07:42 111,626 --a------ C:\WINDOWS\BM5bd9480d.xml
2008-06-30 21:47 . 2008-06-30 21:47 <REP> d-------- C:\Program Files\NoAdware5.0
2008-06-27 21:09 . 2008-06-27 21:09 <REP> d-------- C:\Documents and Settings\Jurg\Application Data\Wyzo
2008-06-27 21:09 . 2008-06-27 21:09 <REP> d-------- C:\Documents and Settings\Jurg\Application Data\.wyzo
2008-06-27 21:09 . 2008-06-27 21:09 0 --a------ C:\WINDOWS\nsreg.dat
2008-06-27 21:08 . 2008-06-27 21:09 <REP> d-------- C:\Program Files\Wyzo
2008-06-27 21:01 . 2008-06-27 21:12 <REP> d-------- C:\Documents and Settings\Jurg\Application Data\LimeWire

.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-07-26 15:12 --------- d-----w C:\Program Files\LimeWire
2008-07-25 11:52 --------- d-----w C:\Program Files\Incomplete
2008-07-25 11:52 --------- d-----w C:\Documents and Settings\Eliott\Application Data\LimeWire
2008-07-24 16:06 --------- d-----w C:\Program Files\Google
2008-07-24 16:06 --------- d-----w C:\Documents and Settings\All Users\Application Data\Google Updater
2008-07-01 14:59 --------- d-----w C:\Program Files\Guitar Pro 5
2008-06-17 18:20 --------- d-----w C:\Program Files\MSN Messenger
2008-06-14 17:59 272,768 ------w C:\WINDOWS\system32\drivers\bthport.sys
2008-06-14 12:42 --------- d-----w C:\Program Files\Apple Software Update
2008-06-14 12:27 --------- d-----w C:\Documents and Settings\Jurg\Application Data\Canon
2008-05-29 19:23 --------- d-----w C:\Program Files\MSECache
.

Salut !

Désolé, mais en fait il a dû se planter au mileiu la première fois.
Je viens de relancer et voici le rapport complet :

ComboFix 08-07-26.1 - Jurg 2008-07-27 18:04:13.3 - NTFSx86
Microsoft Windows XP Édition familiale 5.1.2600.2.1252.1.1036.18.557 [GMT 2:00]
Endroit: C:\Documents and Settings\Jurg\Bureau\ComboFix.exe

[color=red][b]AVERTISSEMENT - LA CONSOLE DE RÉCUPÉRATION N'EST PAS INSTALLÉE SUR CETTE MACHINE !![/b][/color]
.

(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\WINDOWS\pskt.ini
C:\WINDOWS\system32\yslgamjr.ini
.
---- Previous Run -------
.
C:\WINDOWS\cookies.ini
C:\WINDOWS\pskt.ini
C:\WINDOWS\system32\ddcDUoLE.dll
C:\WINDOWS\system32\egzqkz.dll
C:\WINDOWS\system32\eOUxwyay.ini
C:\WINDOWS\system32\eOUxwyay.ini2
C:\WINDOWS\system32\inofvoas.dll
C:\WINDOWS\system32\jkkjGyxv.dll
C:\WINDOWS\system32\jkkKArpn.dll
C:\WINDOWS\system32\opnkjHYR.dll
C:\WINDOWS\system32\rqRHaaWO.dll
C:\WINDOWS\system32\rxxcklcx.ini
C:\WINDOWS\system32\ubbonggy.ini
C:\WINDOWS\system32\vtUooPfF.dll
C:\WINDOWS\system32\xajbajnp.dll
C:\WINDOWS\system32\yaywxUOe.dll
C:\WINDOWS\system32\yslgamjr.ini

.
((((((((((((((((((((((((((((( Fichiers créés 2008-06-27 to 2008-07-27 ))))))))))))))))))))))))))))))))))))
.

2008-07-27 15:00 . 2008-07-27 15:00 <REP> d-------- C:\Documents and Settings\LocalService\Mes documents
2008-07-27 08:50 . 2008-07-27 08:50 <REP> d-------- C:\Program Files\Spybot - Search & Destroy
2008-07-27 08:50 . 2008-07-27 10:27 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
2008-07-27 08:36 . 2008-07-27 08:36 <REP> d-------- C:\Program Files\Avira
2008-07-27 08:36 . 2008-07-27 08:36 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Avira
2008-07-26 22:00 . 2008-07-26 22:00 <REP> d-------- C:\Program Files\Trend Micro
2008-07-26 18:23 . 2008-07-26 18:23 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Yahoo! Companion
2008-07-26 18:20 . 2008-07-26 18:20 <REP> d-------- C:\Program Files\Yahoo!
2008-07-26 18:20 . 2008-07-26 18:20 <REP> d-------- C:\Program Files\CCleaner
2008-07-26 17:53 . 2008-07-26 22:02 <REP> d-------- C:\Program Files\Lopxp
2008-07-26 14:33 . 2008-07-26 14:33 <REP> d-------- C:\Documents and Settings\Jurg\Application Data\Leadertech
2008-07-26 14:29 . 2008-07-26 14:29 83,456 --a------ C:\WINDOWS\system32\rjmaglsy.dll
2008-07-26 14:27 . 2008-07-26 14:27 105,472 --a------ C:\WINDOWS\system32\uuxlsjyr.dll
2008-07-26 14:27 . 2008-07-26 14:27 105,472 --a------ C:\WINDOWS\system32\slvdiz.dll
2008-07-26 14:27 . 2008-07-26 14:27 91,648 --a------ C:\WINDOWS\system32\hofeefyh.dll
2008-07-24 23:02 . 2008-07-24 23:02 105,472 --a------ C:\WINDOWS\system32\folszy.dll
2008-07-24 23:02 . 2008-07-24 23:02 105,472 --a------ C:\WINDOWS\system32\bomxxxyf.dll
2008-07-24 22:56 . 2008-07-24 22:56 91,648 --a------ C:\WINDOWS\system32\juyqtwuf.dll
2008-07-23 22:55 . 2008-07-27 08:48 111,626 --a------ C:\WINDOWS\BM5bd9480d.xml
2008-06-30 21:47 . 2008-07-27 09:06 <REP> d-------- C:\Program Files\NoAdware5.0
2008-06-27 21:09 . 2008-06-27 21:09 <REP> d-------- C:\Documents and Settings\Jurg\Application Data\Wyzo
2008-06-27 21:09 . 2008-06-27 21:09 <REP> d-------- C:\Documents and Settings\Jurg\Application Data\.wyzo
2008-06-27 21:09 . 2008-06-27 21:09 0 --a------ C:\WINDOWS\nsreg.dat
2008-06-27 21:08 . 2008-06-27 21:09 <REP> d-------- C:\Program Files\Wyzo
2008-06-27 21:01 . 2008-06-27 21:12 <REP> d-------- C:\Documents and Settings\Jurg\Application Data\LimeWire

.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-07-26 15:12 --------- d-----w C:\Program Files\LimeWire
2008-07-25 11:52 --------- d-----w C:\Program Files\Incomplete
2008-07-25 11:52 --------- d-----w C:\Documents and Settings\Eliott\Application Data\LimeWire
2008-07-24 16:06 --------- d-----w C:\Program Files\Google
2008-07-24 16:06 --------- d-----w C:\Documents and Settings\All Users\Application Data\Google Updater
2008-07-01 14:59 --------- d-----w C:\Program Files\Guitar Pro 5
2008-06-17 18:20 --------- d-----w C:\Program Files\MSN Messenger
2008-06-14 17:59 272,768 ------w C:\WINDOWS\system32\drivers\bthport.sys
2008-06-14 12:42 --------- d-----w C:\Program Files\Apple Software Update
2008-06-14 12:27 --------- d-----w C:\Documents and Settings\Jurg\Application Data\Canon
2008-05-29 19:23 --------- d-----w C:\Program Files\MSECache
2008-05-07 05:15 1,293,824 ----a-w C:\WINDOWS\system32\quartz.dll
.

((((((((((((((((((((((((((((((((( Point de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
REGEDIT4
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{19be602a-c441-448b-9868-e56efc5a66e9}]
2008-07-26 14:27 105472 --a------ C:\WINDOWS\system32\slvdiz.dll

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-20 01:09 15360]
"swg"="C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2007-07-03 22:01 68856]
"MSMSGS"="C:\Program Files\Messenger\msmsgs.exe" [2004-10-13 18:24 1694208]
"H/PC Connection Agent"="C:\Program Files\Microsoft ActiveSync\WCESCOMM.EXE" [2004-02-24 15:20 401491]
"SpybotSD TeaTimer"="C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe" [2008-07-07 09:42 2156368]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"diagent"="C:\Program Files\Creative\SBLive\Diagnostics\diagent.exe" [2002-04-03 01:01 135264]
"UpdReg"="C:\WINDOWS\UpdReg.EXE" [2000-05-11 01:00 90112]
"OpwareSE2"="C:\Program Files\ScanSoft\OmniPageSE2.0\OpwareSE2.exe" [2003-05-08 11:00 49152]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe" [2007-09-25 02:11 132496]
"Adobe Photo Downloader"="C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.0\Apps\apdproxy.exe" [2005-06-23 20:33 57344]
"ATIPTA"="C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe" [2003-02-20 21:00 315392]
"QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [2007-04-27 09:41 282624]
"iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe" [2007-05-26 12:45 257088]
"Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-01-11 23:16 39792]
"58ea7b91"="C:\WINDOWS\system32\rjmaglsy.dll" [2008-07-26 14:29 83456]
"avgnt"="C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" [2008-06-12 14:28 266497]
"BM5bd9480d"="C:\WINDOWS\system32\hofeefyh.dll" [2008-07-26 14:27 91648]
"BCMSMMSG"="BCMSMMSG.exe" [2003-08-29 05:59 122880 C:\WINDOWS\BCMSMMSG.exe]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\System32\CTFMON.EXE" [2004-08-20 01:09 15360]

C:\Documents and Settings\All Users\Menu D‚marrer\Programmes\D‚marrage\
NETGEAR WPN111 Smart Wizard.lnk - C:\Program Files\NETGEAR\WPN111\wpn111.exe [2007-05-19 11:17:53 884838]
Outil de mise … jour Google.lnk - C:\Program Files\Google\Google Updater\GoogleUpdater.exe [2008-04-18 22:12:41 124400]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"msacm.ctmp3"= C:\WINDOWS\System32\ctmp3.acm
"MSACM.CEGSM"= mobilev.acm

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"C:\\Program Files\\Microsoft ActiveSync\\wcescomm.exe"=
"C:\\Program Files\\iTunes\\iTunes.exe"=
"C:\\Program Files\\MSN Messenger\\msnmsgr.exe"=
"C:\\Program Files\\MSN Messenger\\livecall.exe"=

S3 DNINDIS5;DNINDIS5 NDIS Protocol Driver;C:\WINDOWS\System32\DNINDIS5.SYS [2003-07-24 12:10]
S3 WPN111;Wireless USB 2.0 Adapter with RangeMax Service;C:\WINDOWS\system32\DRIVERS\WPN111.sys [2005-09-26 16:02]

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{8a11a9d0-4450-11dd-b907-000cf19cf066}]
\Shell\AutoRun\command - G:\TAMOIL.exe

*Newly Created Service* - SSMDRV
.
Contenu du dossier 'Scheduled Tasks/Tâches planifiées'
2008-07-26 C:\WINDOWS\Tasks\AppleSoftwareUpdate.job - s!$:C:\Program Files\Apple Software Update\SoftwareUpdate.exe-TaskSYSTEM0$@ []
2008-07-27 C:\WINDOWS\Tasks\SDMsgUpdate (TE).job - s !;+C:\PROGRA1\SMARTD1\Messages\SDNotify.exeW-PTE -V900 -SSDU.ini -A -Mhttps://www.smartdraw.com/msgs/messagecheck.aspx -D0 -T -N -XJurg00 []
.
.
------- Supplementary Scan -------
.
R0 -: HKCU-Main,Local Page = \blank.htm
R0 -: HKCU-Main,Start Page = hxxp://www.google.ch/
R0 -: HKCU-Main,Search Page = hxxp://www.google.com
R0 -: HKCU-Main,Search Bar = hxxp://www.google.com/ie
R1 -: HKCU-SearchURL,(Default) = hxxp://www.google.com/search?q=%s
R0 -: HKLM-Search,SearchAssistant = hxxp://www.google.com/ie
O8 -: E&xporter vers Microsoft Excel - C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 -: Easy-WebPrint Ajouter à la liste d'impressions - C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_AddToList.html
O8 -: Easy-WebPrint Impression rapide - C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_HSPrint.html
O8 -: Easy-WebPrint Imprimer - C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_Print.html
O8 -: Easy-WebPrint Prévisualiser - C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_Preview.html
O18 -: Handler: mctp - {d7b95390-b1c5-11d0-b111-0080c712fe82} - C:\Program Files\Microsoft ActiveSync\aatp.dll
O18 -: WinCE Filter: image/bmp - {86F59FAE-FB3A-11D1-AA72-00C04FAE2D4B} - C:\Program Files\Microsoft ActiveSync\cenetflt.dll
O18 -: WinCE Filter: image/gif - {86F59FAE-FB3A-11D1-AA72-00C04FAE2D4B} - C:\Program Files\Microsoft ActiveSync\cenetflt.dll
O18 -: WinCE Filter: image/jpeg - {86F59FAE-FB3A-11D1-AA72-00C04FAE2D4B} - C:\Program Files\Microsoft ActiveSync\cenetflt.dll
O18 -: WinCE Filter: image/xbm - {86F59FAE-FB3A-11D1-AA72-00C04FAE2D4B} - C:\Program Files\Microsoft ActiveSync\cenetflt.dll
O18 -: WinCE Filter: text/asp - {6C5C3074-FFAB-11d1-8EC4-00C04F98D57A} - C:\Program Files\Microsoft ActiveSync\cenetflt.dll
O18 -: WinCE Filter: text/html - {6C5C3074-FFAB-11d1-8EC4-00C04F98D57A} - C:\Program Files\Microsoft ActiveSync\cenetflt.dll


**************************************************************************

catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-07-27 18:07:11
Windows 5.1.2600 Service Pack 2 NTFS

Balayage processus cachés ...

Balayage caché autostart entries ...

Balayage des fichiers cachés ...

Scan terminé avec succès
Les fichiers cachés: 0

**************************************************************************
.
Temps d'accomplissement: 2008-07-27 18:08:49
ComboFix-quarantined-files.txt 2008-07-27 16:08:35

Pre-Run: 50,263,777,280 octets libres
Post-Run: 50,332,160,000 octets libres

160 --- E O F --- 2008-07-27 06:17:52

Voilà les rapports :

ComboFix 08-07-26.1 - Jurg 2008-07-27 18:35:02.4 - NTFSx86
Microsoft Windows XP Édition familiale 5.1.2600.2.1252.1.1036.18.655 [GMT 2:00]
Endroit: C:\Documents and Settings\Jurg\Bureau\ComboFix.exe
Command switches used :: C:\Documents and Settings\Jurg\Bureau\CFScript.txt
* Création d'un nouveau point de restauration

[color=red][b]AVERTISSEMENT - LA CONSOLE DE RÉCUPÉRATION N'EST PAS INSTALLÉE SUR CETTE MACHINE !![/b][/color]

FILE ::
C:\WINDOWS\BM5bd9480d.xml
C:\WINDOWS\nsreg.dat
C:\WINDOWS\system32\bomxxxyf.dll
C:\WINDOWS\system32\folszy.dll
C:\WINDOWS\system32\hofeefyh.dl­l
C:\WINDOWS\system32\hofeefyh.dll
C:\WINDOWS\system32\juyqtwuf.dll
C:\WINDOWS\system32\rjmaglsy.dll
C:\WINDOWS\system32\slvdiz.dll
C:\WINDOWS\system32\uuxlsjyr.dll
.

(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\Program Files\Lopxp
C:\Program Files\Lopxp\cid.txt
C:\Program Files\Lopxp\Fix\TempList.dat
C:\Program Files\Lopxp\Lopxp.bat
C:\Program Files\Lopxp\Sauvegardes\AC9F9CC091880F38.job
C:\Program Files\Lopxp\Sauvegardes\Bind army eggs joy\view pile.exe
C:\Program Files\Lopxp\Sauvegardes\itch mode load\[u]0[/u]
C:\Program Files\Lopxp\Sauvegardes\itch mode load\Barbmovedeaf.exe
C:\Program Files\Lopxp\Sauvegardes\itch mode load\bfpmacbx.exe
C:\Program Files\Lopxp\Sauvegardes\itch mode load\Errorgplreal.exe
C:\Program Files\Lopxp\tools\CiDfind.vbs
C:\Program Files\Lopxp\tools\Disable_Wsh.reg
C:\Program Files\Lopxp\tools\Enable_Wsh.reg
C:\Program Files\Lopxp\tools\ListMe.cmd
C:\Program Files\Lopxp\tools\lsTasks.exe
C:\Program Files\Lopxp\tools\P2PFix.reg
C:\Program Files\Lopxp\tools\P2PPatt.dat
C:\Program Files\Lopxp\tools\Patt1.dat
C:\Program Files\Lopxp\tools\Patt2.dat
C:\Program Files\Lopxp\tools\pv.exe
C:\Program Files\Lopxp\tools\Str.exe
C:\Program Files\Lopxp\tools\swreg.exe
C:\Program Files\Lopxp\tools\vfind.exe
C:\Program Files\Lopxp\tools\whitelist.dat
C:\Program Files\NoAdware5.0
C:\Program Files\NoAdware5.0\noadware4_011108.na
C:\Program Files\NoAdware5.0\NoAdware5.exe
C:\Program Files\NoAdware5.0\unins000.dat
C:\Program Files\NoAdware5.0\unins000.exe
C:\WINDOWS\BM5bd9480d.xml
C:\WINDOWS\nsreg.dat
C:\WINDOWS\system32\bomxxxyf.dll
C:\WINDOWS\system32\folszy.dll
C:\WINDOWS\system32\hofeefyh.dll
C:\WINDOWS\system32\juyqtwuf.dll
C:\WINDOWS\system32\rjmaglsy.dll
C:\WINDOWS\system32\slvdiz.dll
C:\WINDOWS\system32\uuxlsjyr.dll

.
((((((((((((((((((((((((((((( Fichiers créés 2008-06-27 to 2008-07-27 ))))))))))))))))))))))))))))))))))))
.

2008-07-27 15:00 . 2008-07-27 15:00 <REP> d-------- C:\Documents and Settings\LocalService\Mes documents
2008-07-27 08:50 . 2008-07-27 08:50 <REP> d-------- C:\Program Files\Spybot - Search & Destroy
2008-07-27 08:50 . 2008-07-27 10:27 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
2008-07-27 08:36 . 2008-07-27 08:36 <REP> d-------- C:\Program Files\Avira
2008-07-27 08:36 . 2008-07-27 08:36 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Avira
2008-07-26 22:00 . 2008-07-26 22:00 <REP> d-------- C:\Program Files\Trend Micro
2008-07-26 18:23 . 2008-07-26 18:23 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Yahoo! Companion
2008-07-26 18:20 . 2008-07-26 18:20 <REP> d-------- C:\Program Files\Yahoo!
2008-07-26 18:20 . 2008-07-26 18:20 <REP> d-------- C:\Program Files\CCleaner
2008-07-26 14:33 . 2008-07-26 14:33 <REP> d-------- C:\Documents and Settings\Jurg\Application Data\Leadertech
2008-06-27 21:09 . 2008-06-27 21:09 <REP> d-------- C:\Documents and Settings\Jurg\Application Data\Wyzo
2008-06-27 21:09 . 2008-06-27 21:09 <REP> d-------- C:\Documents and Settings\Jurg\Application Data\.wyzo
2008-06-27 21:08 . 2008-06-27 21:09 <REP> d-------- C:\Program Files\Wyzo
2008-06-27 21:01 . 2008-06-27 21:12 <REP> d-------- C:\Documents and Settings\Jurg\Application Data\LimeWire

.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-07-26 15:12 --------- d-----w C:\Program Files\LimeWire
2008-07-25 11:52 --------- d-----w C:\Program Files\Incomplete
2008-07-25 11:52 --------- d-----w C:\Documents and Settings\Eliott\Application Data\LimeWire
2008-07-24 16:06 --------- d-----w C:\Program Files\Google
2008-07-24 16:06 --------- d-----w C:\Documents and Settings\All Users\Application Data\Google Updater
2008-07-01 14:59 --------- d-----w C:\Program Files\Guitar Pro 5
2008-06-17 18:20 --------- d-----w C:\Program Files\MSN Messenger
2008-06-14 17:59 272,768 ------w C:\WINDOWS\system32\drivers\bthport.sys
2008-06-14 12:42 --------- d-----w C:\Program Files\Apple Software Update
2008-06-14 12:27 --------- d-----w C:\Documents and Settings\Jurg\Application Data\Canon
2008-05-29 19:23 --------- d-----w C:\Program Files\MSECache
2008-05-07 05:15 1,293,824 ----a-w C:\WINDOWS\system32\quartz.dll
.

((((((((((((((((((((((((((((((((( Point de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
REGEDIT4
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-20 01:09 15360]
"swg"="C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2007-07-03 22:01 68856]
"MSMSGS"="C:\Program Files\Messenger\msmsgs.exe" [2004-10-13 18:24 1694208]
"H/PC Connection Agent"="C:\Program Files\Microsoft ActiveSync\WCESCOMM.EXE" [2004-02-24 15:20 401491]
"SpybotSD TeaTimer"="C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe" [2008-07-07 09:42 2156368]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"diagent"="C:\Program Files\Creative\SBLive\Diagnostics\diagent.exe" [2002-04-03 01:01 135264]
"UpdReg"="C:\WINDOWS\UpdReg.EXE" [2000-05-11 01:00 90112]
"OpwareSE2"="C:\Program Files\ScanSoft\OmniPageSE2.0\OpwareSE2.exe" [2003-05-08 11:00 49152]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe" [2007-09-25 02:11 132496]
"Adobe Photo Downloader"="C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.0\Apps\apdproxy.exe" [2005-06-23 20:33 57344]
"ATIPTA"="C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe" [2003-02-20 21:00 315392]
"QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [2007-04-27 09:41 282624]
"iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe" [2007-05-26 12:45 257088]
"Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-01-11 23:16 39792]
"avgnt"="C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" [2008-06-12 14:28 266497]
"BCMSMMSG"="BCMSMMSG.exe" [2003-08-29 05:59 122880 C:\WINDOWS\BCMSMMSG.exe]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\System32\CTFMON.EXE" [2004-08-20 01:09 15360]

C:\Documents and Settings\All Users\Menu D‚marrer\Programmes\D‚marrage\
NETGEAR WPN111 Smart Wizard.lnk - C:\Program Files\NETGEAR\WPN111\wpn111.exe [2007-05-19 11:17:53 884838]
Outil de mise … jour Google.lnk - C:\Program Files\Google\Google Updater\GoogleUpdater.exe [2008-04-18 22:12:41 124400]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"msacm.ctmp3"= C:\WINDOWS\System32\ctmp3.acm
"MSACM.CEGSM"= mobilev.acm

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"C:\\Program Files\\Microsoft ActiveSync\\wcescomm.exe"=
"C:\\Program Files\\iTunes\\iTunes.exe"=
"C:\\Program Files\\MSN Messenger\\msnmsgr.exe"=
"C:\\Program Files\\MSN Messenger\\livecall.exe"=

S3 DNINDIS5;DNINDIS5 NDIS Protocol Driver;C:\WINDOWS\System32\DNINDIS5.SYS [2003-07-24 12:10]
S3 WPN111;Wireless USB 2.0 Adapter with RangeMax Service;C:\WINDOWS\system32\DRIVERS\WPN111.sys [2005-09-26 16:02]

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{8a11a9d0-4450-11dd-b907-000cf19cf066}]
\Shell\AutoRun\command - G:\TAMOIL.exe

*Newly Created Service* - SSMDRV
.
Contenu du dossier 'Scheduled Tasks/Tâches planifiées'
2008-07-26 C:\WINDOWS\Tasks\AppleSoftwareUpdate.job - s!$:C:\Program Files\Apple Software Update\SoftwareUpdate.exe-TaskSYSTEM0$@ []
2008-07-27 C:\WINDOWS\Tasks\SDMsgUpdate (TE).job - s !;+C:\PROGRA1\SMARTD1\Messages\SDNotify.exeW-PTE -V900 -SSDU.ini -A -Mhttps://www.smartdraw.com/msgs/messagecheck.aspx -D0 -T -N -XJurg00 []
.
- - - - ORPHANS REMOVED - - - -

HKLM-Run-58ea7b91 - C:\WINDOWS\system32\rjmaglsy.dll
HKLM-Run-BM5bd9480d - C:\WINDOWS\system32\hofeefyh.dll


**************************************************************************

catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-07-27 18:35:47
Windows 5.1.2600 Service Pack 2 NTFS

Balayage processus cachés ...

Balayage caché autostart entries ...

Balayage des fichiers cachés ...

Scan terminé avec succès
Les fichiers cachés: 0

**************************************************************************
.
Temps d'accomplissement: 2008-07-27 18:37:06
ComboFix-quarantined-files.txt 2008-07-27 16:36:54
ComboFix2.txt 2008-07-27 16:08:49

Pre-Run: 50,311,376,896 octets libres
Post-Run: 50,297,401,344 octets libres

157 --- E O F --- 2008-07-27 06:17:52


Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 18:38:30, on 27/07/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\System32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
C:\WINDOWS\System32\CTsvcCDA.exe
C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
C:\WINDOWS\System32\PnkBstrA.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\MsPMSPSv.exe
C:\Program Files\ScanSoft\OmniPageSE2.0\OpwareSE2.exe
C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\WINDOWS\BCMSMMSG.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Microsoft ActiveSync\WCESCOMM.EXE
C:\Program Files\NETGEAR\WPN111\wpn111.exe
C:\Program Files\Google\Google Updater\GoogleUpdater.exe
C:\Program Files\Creative\SBLive\Diagnostics\diagent.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Java\jre1.6.0_03\bin\jucheck.exe
C:\WINDOWS\system32\notepad.exe
C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\WINDOWS\system32\notepad.exe
C:\WINDOWS\explorer.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.ch/?gws_rd=ssl
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = \blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.1.1119.1736\swg.dll
O3 - Toolbar: Easy-WebPrint - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:\Program Files\Canon\Easy-WebPrint\Toolband.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O3 - Toolbar: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O4 - HKLM\..\Run: [diagent] "C:\Program Files\Creative\SBLive\Diagnostics\diagent.exe" startup
O4 - HKLM\..\Run: [UpdReg] C:\WINDOWS\UpdReg.EXE
O4 - HKLM\..\Run: [OpwareSE2] "C:\Program Files\ScanSoft\OmniPageSE2.0\OpwareSE2.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.0\Apps\apdproxy.exe"
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [BCMSMMSG] BCMSMMSG.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Program Files\Microsoft ActiveSync\WCESCOMM.EXE"
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: NETGEAR WPN111 Smart Wizard.lnk = ?
O4 - Global Startup: Outil de mise à jour Google.lnk = C:\Program Files\Google\Google Updater\GoogleUpdater.exe
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Easy-WebPrint Ajouter à la liste d'impressions - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_AddToList.html
O8 - Extra context menu item: Easy-WebPrint Impression rapide - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_HSPrint.html
O8 - Extra context menu item: Easy-WebPrint Imprimer - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_Print.html
O8 - Extra context menu item: Easy-WebPrint Prévisualiser - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_Preview.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: Créer un Favori de l'appareil mobile - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\inetrepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\inetrepl.dll
O9 - Extra 'Tools' menuitem: Créer un Favori de l'appareil mobile... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\inetrepl.dll
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {3BFFE033-BF43-11D5-A271-00A024A51325} (iNotes6 Class) - https://webmail.tamoil.ch/owa/auth/logon.aspx?url=https%3a%2f%2fwebmail.tamoil.ch%2fowa%2fiNotes6W.cab&reason=0
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/...
O23 - Service: Avira AntiVir Personal - Free Antivirus Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: Avira AntiVir Personal - Free Antivirus Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\System32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\System32\CTsvcCDA.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\System32\PnkBstrA.exe

Voilà le rapport :


Type de recherche: Examen rapide
Eléments examinés: 45362
Temps écoulé: 4 minute(s), 36 second(s)

Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 0
Valeur(s) du Registre infectée(s): 0
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 0
Fichier(s) infecté(s): 2

Processus mémoire infecté(s):
(Aucun élément nuisible détecté)

Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)

Clé(s) du Registre infectée(s):
(Aucun élément nuisible détecté)

Valeur(s) du Registre infectée(s):
(Aucun élément nuisible détecté)

Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)

Dossier(s) infecté(s):
(Aucun élément nuisible détecté)

Fichier(s) infecté(s):
C:\WINDOWS\BM5bd9480d.txt (Trojan.Vundo) -> No action taken.
C:\Documents and Settings\Jurg\results.txt (Malware.Trace) -> No action taken.

me voilà

j'ai supprimè les deux points dans malaware

j'ai chargé java, adobe 9 et explorer 7

voici le rapport hijackthis

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 20:15:54, on 27/07/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.5730.0013)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\System32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
C:\WINDOWS\System32\CTsvcCDA.exe
C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
C:\WINDOWS\System32\PnkBstrA.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\MsPMSPSv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\ScanSoft\OmniPageSE2.0\OpwareSE2.exe
C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.0\Apps\apdproxy.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Creative\SBLive\Diagnostics\diagent.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\WINDOWS\BCMSMMSG.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Microsoft ActiveSync\WCESCOMM.EXE
C:\Program Files\NETGEAR\WPN111\wpn111.exe
C:\Program Files\Google\Google Updater\GoogleUpdater.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.ch/?gws_rd=ssl
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.1.1119.1736\swg.dll
O3 - Toolbar: Easy-WebPrint - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:\Program Files\Canon\Easy-WebPrint\Toolband.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O3 - Toolbar: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O4 - HKLM\..\Run: [diagent] "C:\Program Files\Creative\SBLive\Diagnostics\diagent.exe" startup
O4 - HKLM\..\Run: [UpdReg] C:\WINDOWS\UpdReg.EXE
O4 - HKLM\..\Run: [OpwareSE2] "C:\Program Files\ScanSoft\OmniPageSE2.0\OpwareSE2.exe"
O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.0\Apps\apdproxy.exe"
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [BCMSMMSG] BCMSMMSG.exe
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Program Files\Microsoft ActiveSync\WCESCOMM.EXE"
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: NETGEAR WPN111 Smart Wizard.lnk = ?
O4 - Global Startup: Outil de mise à jour Google.lnk = C:\Program Files\Google\Google Updater\GoogleUpdater.exe
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Easy-WebPrint Ajouter à la liste d'impressions - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_AddToList.html
O8 - Extra context menu item: Easy-WebPrint Impression rapide - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_HSPrint.html
O8 - Extra context menu item: Easy-WebPrint Imprimer - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_Print.html
O8 - Extra context menu item: Easy-WebPrint Prévisualiser - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_Preview.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra button: Créer un Favori de l'appareil mobile - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\inetrepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\inetrepl.dll
O9 - Extra 'Tools' menuitem: Créer un Favori de l'appareil mobile... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\inetrepl.dll
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {3BFFE033-BF43-11D5-A271-00A024A51325} (iNotes6 Class) - https://webmail.tamoil.ch/owa/auth/logon.aspx?url=https%3a%2f%2fwebmail.tamoil.ch%2fowa%2fiNotes6W.cab&reason=0
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/...
O23 - Service: Avira AntiVir Personal - Free Antivirus Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: Avira AntiVir Personal - Free Antivirus Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\System32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\System32\CTsvcCDA.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\System32\PnkBstrA.exe

Voilà

Le AVG à tourné près d'une heure !!

VG Anti-Spyware - Rapport d'analyse
---------------------------------------------------------

+ Créé à: 21:38:18 27/07/2008

+ Résultat de l'analyse:



D:\Program Files\Altnet\Download Manager\asmps.dll -> Adware.Altnet : Ignoré.
:mozilla.372:C:\Documents and Settings\Jurg\Application Data\Wyzo\Data\Profiles\mo686uzb.default\cookies.txt -> TrackingCookie.247realmedia : Nettoyé.
C:\Documents and Settings\Camille\Cookies\camille@247realmedia[2].txt -> TrackingCookie.247realmedia : Nettoyé.
:mozilla.150:C:\Documents and Settings\Jurg\Application Data\Wyzo\Data\Profiles\mo686uzb.default\cookies.txt -> TrackingCookie.2o7 : Nettoyé.
:mozilla.263:C:\Documents and Settings\Jurg\Application Data\Wyzo\Data\Profiles\mo686uzb.default\cookies.txt -> TrackingCookie.2o7 : Nettoyé.
:mozilla.39:C:\Documents and Settings\Jurg\Application Data\Wyzo\Data\Profiles\mo686uzb.default\cookies.txt -> TrackingCookie.2o7 : Nettoyé.
:mozilla.412:C:\Documents and Settings\Jurg\Application Data\Wyzo\Data\Profiles\mo686uzb.default\cookies.txt -> TrackingCookie.2o7 : Nettoyé.
:mozilla.413:C:\Documents and Settings\Jurg\Application Data\Wyzo\Data\Profiles\mo686uzb.default\cookies.txt -> TrackingCookie.2o7 : Nettoyé.
C:\Documents and Settings\Camille\Cookies\camille@2o7[2].txt -> TrackingCookie.2o7 : Nettoyé.
C:\Documents and Settings\Camille\Cookies\camille@aolfr.122.2o7[1].txt -> TrackingCookie.2o7 : Nettoyé.
C:\Documents and Settings\Camille\Cookies\camille@msnportal.112.2o7[1].txt -> TrackingCookie.2o7 : Nettoyé.
C:\Documents and Settings\Christiane\Cookies\christiane@2o7[1].txt -> TrackingCookie.2o7 : Nettoyé.
C:\Documents and Settings\Christiane\Cookies\christiane@msnportal.112.2o7[1].txt -> TrackingCookie.2o7 : Nettoyé.
C:\Documents and Settings\Lucas\Cookies\lucas@msnportal.112.2o7[1].txt -> TrackingCookie.2o7 : Nettoyé.
C:\Documents and Settings\Eliott\Cookies\eliott@rotator.adjuggler[1].txt -> TrackingCookie.Adjuggler : Nettoyé.
C:\Documents and Settings\Eliott\Cookies\eliott@adrevolver[2].txt -> TrackingCookie.Adrevolver : Nettoyé.
C:\Documents and Settings\Eliott\Cookies\eliott@media.adrevolver[2].txt -> TrackingCookie.Adrevolver : Nettoyé.
C:\Documents and Settings\Camille\Cookies\camille@adtech[1].txt -> TrackingCookie.Adtech : Nettoyé.
:mozilla.385:C:\Documents and Settings\Jurg\Application Data\Wyzo\Data\Profiles\mo686uzb.default\cookies.txt -> TrackingCookie.Advertising : Nettoyé.
:mozilla.386:C:\Documents and Settings\Jurg\Application Data\Wyzo\Data\Profiles\mo686uzb.default\cookies.txt -> TrackingCookie.Advertising : Nettoyé.
:mozilla.387:C:\Documents and Settings\Jurg\Application Data\Wyzo\Data\Profiles\mo686uzb.default\cookies.txt -> TrackingCookie.Advertising : Nettoyé.
C:\Documents and Settings\Eliott\Cookies\eliott@advertising[2].txt -> TrackingCookie.Advertising : Nettoyé.
:mozilla.407:C:\Documents and Settings\Jurg\Application Data\Wyzo\Data\Profiles\mo686uzb.default\cookies.txt -> TrackingCookie.Adviva : Nettoyé.
C:\Documents and Settings\Eliott\Cookies\eliott@adviva[1].txt -> TrackingCookie.Adviva : Nettoyé.
:mozilla.373:C:\Documents and Settings\Jurg\Application Data\Wyzo\Data\Profiles\mo686uzb.default\cookies.txt -> TrackingCookie.Atdmt : Nettoyé.
C:\Documents and Settings\Camille\Cookies\camille@atdmt[2].txt -> TrackingCookie.Atdmt : Nettoyé.
C:\Documents and Settings\Christiane\Cookies\christiane@atdmt[2].txt -> TrackingCookie.Atdmt : Nettoyé.
C:\Documents and Settings\Eliott\Cookies\eliott@atdmt[2].txt -> TrackingCookie.Atdmt : Nettoyé.
C:\Documents and Settings\Lucas\Cookies\lucas@atdmt[2].txt -> TrackingCookie.Atdmt : Nettoyé.
:mozilla.362:C:\Documents and Settings\Jurg\Application Data\Wyzo\Data\Profiles\mo686uzb.default\cookies.txt -> TrackingCookie.Bluestreak : Nettoyé.
C:\Documents and Settings\Camille\Cookies\camille@bluestreak[1].txt -> TrackingCookie.Bluestreak : Nettoyé.
C:\Documents and Settings\Christiane\Cookies\christiane@bluestreak[1].txt -> TrackingCookie.Bluestreak : Nettoyé.
C:\Documents and Settings\Eliott\Cookies\eliott@bluestreak[2].txt -> TrackingCookie.Bluestreak : Nettoyé.
:mozilla.264:C:\Documents and Settings\Jurg\Application Data\Wyzo\Data\Profiles\mo686uzb.default\cookies.txt -> TrackingCookie.Burstbeacon : Nettoyé.
:mozilla.347:C:\Documents and Settings\Jurg\Application Data\Wyzo\Data\Profiles\mo686uzb.default\cookies.txt -> TrackingCookie.Burstnet : Nettoyé.
:mozilla.366:C:\Documents and Settings\Jurg\Application Data\Wyzo\Data\Profiles\mo686uzb.default\cookies.txt -> TrackingCookie.Casalemedia : Nettoyé.
:mozilla.367:C:\Documents and Settings\Jurg\Application Data\Wyzo\Data\Profiles\mo686uzb.default\cookies.txt -> TrackingCookie.Casalemedia : Nettoyé.
:mozilla.368:C:\Documents and Settings\Jurg\Application Data\Wyzo\Data\Profiles\mo686uzb.default\cookies.txt -> TrackingCookie.Casalemedia : Nettoyé.
:mozilla.369:C:\Documents and Settings\Jurg\Application Data\Wyzo\Data\Profiles\mo686uzb.default\cookies.txt -> TrackingCookie.Casalemedia : Nettoyé.
C:\Documents and Settings\Eliott\Cookies\eliott@casalemedia[2].txt -> TrackingCookie.Casalemedia : Nettoyé.
C:\Documents and Settings\Christiane\Cookies\christiane@ads.guardian.co[1].txt -> TrackingCookie.Co : Nettoyé.
C:\Documents and Settings\Lucas\Cookies\lucas@ads.guardian.co[1].txt -> TrackingCookie.Co : Nettoyé.
C:\Documents and Settings\Camille\Cookies\camille@fl01.ct2.comclick[2].txt -> TrackingCookie.Comclick : Nettoyé.
C:\Documents and Settings\Christiane\Cookies\christiane@fl01.ct2.comclick[1].txt -> TrackingCookie.Comclick : Nettoyé.
:mozilla.398:C:\Documents and Settings\Jurg\Application Data\Wyzo\Data\Profiles\mo686uzb.default\cookies.txt -> TrackingCookie.Doubleclick : Nettoyé.
C:\Documents and Settings\Camille\Cookies\camille@doubleclick[1].txt -> TrackingCookie.Doubleclick : Nettoyé.
C:\Documents and Settings\Christiane\Cookies\christiane@doubleclick[2].txt -> TrackingCookie.Doubleclick : Nettoyé.
C:\Documents and Settings\Eliott\Cookies\eliott@doubleclick[1].txt -> TrackingCookie.Doubleclick : Nettoyé.
C:\Documents and Settings\Jurg\Cookies\jurg@doubleclick[1].txt -> TrackingCookie.Doubleclick : Nettoyé.
:mozilla.406:C:\Documents and Settings\Jurg\Application Data\Wyzo\Data\Profiles\mo686uzb.default\cookies.txt -> TrackingCookie.Esomniture : Nettoyé.
C:\Documents and Settings\Camille\Cookies\camille@e-2dj6wjliepcjkfq.stats.esomniture[1].txt -> TrackingCookie.Esomniture : Nettoyé.
C:\Documents and Settings\Christiane\Cookies\christiane@e-2dj6waliold5ohp.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Nettoyé.
:mozilla.294:C:\Documents and Settings\Jurg\Application Data\Wyzo\Data\Profiles\mo686uzb.default\cookies.txt -> TrackingCookie.Estat : Nettoyé.
C:\Documents and Settings\Camille\Cookies\camille@estat[1].txt -> TrackingCookie.Estat : Nettoyé.
C:\Documents and Settings\Christiane\Cookies\christiane@estat[1].txt -> TrackingCookie.Estat : Nettoyé.
C:\Documents and Settings\Eliott\Cookies\eliott@adopt.euroclick[1].txt -> TrackingCookie.Euroclick : Nettoyé.
:mozilla.105:C:\Documents and Settings\Jurg\Application Data\Wyzo\Data\Profiles\mo686uzb.default\cookies.txt -> TrackingCookie.Fastclick : Nettoyé.
:mozilla.106:C:\Documents and Settings\Jurg\Application Data\Wyzo\Data\Profiles\mo686uzb.default\cookies.txt -> TrackingCookie.Fastclick : Nettoyé.
C:\Documents and Settings\Camille\Cookies\camille@fastclick[1].txt -> TrackingCookie.Fastclick : Nettoyé.
C:\Documents and Settings\Eliott\Cookies\eliott@fastclick[2].txt -> TrackingCookie.Fastclick : Nettoyé.
:mozilla.339:C:\Documents and Settings\Jurg\Application Data\Wyzo\Data\Profiles\mo686uzb.default\cookies.txt -> TrackingCookie.Googleadservices : Nettoyé.
:mozilla.340:C:\Documents and Settings\Jurg\Application Data\Wyzo\Data\Profiles\mo686uzb.default\cookies.txt -> TrackingCookie.Googleadservices : Nettoyé.
C:\Documents and Settings\Camille\Cookies\camille@ehg-dig.hitbox[1].txt -> TrackingCookie.Hitbox : Nettoyé.
C:\Documents and Settings\Camille\Cookies\camille@hitbox[2].txt -> TrackingCookie.Hitbox : Nettoyé.
C:\Documents and Settings\Christiane\Cookies\christiane@ehg-telecomitalia.hitbox[2].txt -> TrackingCookie.Hitbox : Nettoyé.
C:\Documents and Settings\Christiane\Cookies\christiane@hitbox[1].txt -> TrackingCookie.Hitbox : Nettoyé.
C:\Documents and Settings\Eliott\Cookies\eliott@ehg-upcchellomedia.hitbox[1].txt -> TrackingCookie.Hitbox : Nettoyé.
C:\Documents and Settings\Eliott\Cookies\eliott@hitbox[2].txt -> TrackingCookie.Hitbox : Nettoyé.
:mozilla.20:C:\Documents and Settings\Jurg\Application Data\Wyzo\Data\Profiles\mo686uzb.default\cookies.txt -> TrackingCookie.Hotlog : Nettoyé.
:mozilla.320:C:\Documents and Settings\Jurg\Application Data\Wyzo\Data\Profiles\mo686uzb.default\cookies.txt -> TrackingCookie.Imrworldwide : Nettoyé.
:mozilla.321:C:\Documents and Settings\Jurg\Application Data\Wyzo\Data\Profiles\mo686uzb.default\cookies.txt -> TrackingCookie.Imrworldwide : Nettoyé.
C:\Documents and Settings\Eliott\Cookies\eliott@searchportal.information[1].txt -> TrackingCookie.Information : Nettoyé.
:mozilla.168:C:\Documents and Settings\Jurg\Application Data\Wyzo\Data\Profiles\mo686uzb.default\cookies.txt -> TrackingCookie.Liveperson : Nettoyé.
:mozilla.169:C:\Documents and Settings\Jurg\Application Data\Wyzo\Data\Profiles\mo686uzb.default\cookies.txt -> TrackingCookie.Liveperson : Nettoyé.
:mozilla.356:C:\Documents and Settings\Jurg\Application Data\Wyzo\Data\Profiles\mo686uzb.default\cookies.txt -> TrackingCookie.Liveperson : Nettoyé.
C:\Documents and Settings\Eliott\Cookies\eliott@www.lop[2].txt -> TrackingCookie.Lop : Nettoyé.
:mozilla.254:C:\Documents and Settings\Jurg\Application Data\Wyzo\Data\Profiles\mo686uzb.default\cookies.txt -> TrackingCookie.Mediaplex : Nettoyé.
C:\Documents and Settings\Christiane\Cookies\christiane@mediaplex[1].txt -> TrackingCookie.Mediaplex : Nettoyé.
:mozilla.301:C:\Documents and Settings\Jurg\Application Data\Wyzo\Data\Profiles\mo686uzb.default\cookies.txt -> TrackingCookie.Msn : Nettoyé.
:mozilla.370:C:\Documents and Settings\Jurg\Application Data\Wyzo\Data\Profiles\mo686uzb.default\cookies.txt -> TrackingCookie.Msn : Nettoyé.
:mozilla.416:C:\Documents and Settings\Jurg\Application Data\Wyzo\Data\Profiles\mo686uzb.default\cookies.txt -> TrackingCookie.Msn : Nettoyé.
C:\Documents and Settings\Camille\Cookies\camille@auto.search.msn[1].txt -> TrackingCookie.Msn : Nettoyé.
C:\Documents and Settings\Camille\Cookies\camille@overture[1].txt -> TrackingCookie.Overture : Nettoyé.
C:\Documents and Settings\Christiane\Cookies\christiane@overture[1].txt -> TrackingCookie.Overture : Nettoyé.
C:\Documents and Settings\Christiane\Cookies\christiane@perf.overture[1].txt -> TrackingCookie.Overture : Nettoyé.
C:\Documents and Settings\Lucas\Cookies\lucas@overture[1].txt -> TrackingCookie.Overture : Nettoyé.
C:\Documents and Settings\Camille\Cookies\camille@ads.planetactive[1].txt -> TrackingCookie.Planetactive : Nettoyé.
C:\Documents and Settings\Christiane\Cookies\christiane@ads.planetactive[1].txt -> TrackingCookie.Planetactive : Nettoyé.
:mozilla.378:C:\Documents and Settings\Jurg\Application Data\Wyzo\Data\Profiles\mo686uzb.default\cookies.txt -> TrackingCookie.Pointroll : Nettoyé.
:mozilla.379:C:\Documents and Settings\Jurg\Application Data\Wyzo\Data\Profiles\mo686uzb.default\cookies.txt -> TrackingCookie.Pointroll : Nettoyé.
:mozilla.380:C:\Documents and Settings\Jurg\Application Data\Wyzo\Data\Profiles\mo686uzb.default\cookies.txt -> TrackingCookie.Pointroll : Nettoyé.
:mozilla.381:C:\Documents and Settings\Jurg\Application Data\Wyzo\Data\Profiles\mo686uzb.default\cookies.txt -> TrackingCookie.Pointroll : Nettoyé.
:mozilla.382:C:\Documents and Settings\Jurg\Application Data\Wyzo\Data\Profiles\mo686uzb.default\cookies.txt -> TrackingCookie.Pointroll : Nettoyé.
:mozilla.383:C:\Documents and Settings\Jurg\Application Data\Wyzo\Data\Profiles\mo686uzb.default\cookies.txt -> TrackingCookie.Pointroll : Nettoyé.
:mozilla.384:C:\Documents and Settings\Jurg\Application Data\Wyzo\Data\Profiles\mo686uzb.default\cookies.txt -> TrackingCookie.Pointroll : Nettoyé.
C:\Documents and Settings\Camille\Cookies\camille@ads.pointroll[2].txt -> TrackingCookie.Pointroll : Nettoyé.
:mozilla.98:C:\Documents and Settings\Jurg\Application Data\Wyzo\Data\Profiles\mo686uzb.default\cookies.txt -> TrackingCookie.Questionmarket : Nettoyé.
:mozilla.99:C:\Documents and Settings\Jurg\Application Data\Wyzo\Data\Profiles\mo686uzb.default\cookies.txt -> TrackingCookie.Questionmarket : Nettoyé.
C:\Documents and Settings\Eliott\Cookies\eliott@revenue[2].txt -> TrackingCookie.Revenue : Nettoyé.
:mozilla.226:C:\Documents and Settings\Jurg\Application Data\Wyzo\Data\Profiles\mo686uzb.default\cookies.txt -> TrackingCookie.Revsci : Nettoyé.
:mozilla.227:C:\Documents and Settings\Jurg\Application Data\Wyzo\Data\Profiles\mo686uzb.default\cookies.txt -> TrackingCookie.Revsci : Nettoyé.
C:\Documents and Settings\Lucas\Cookies\lucas@revsci[2].txt -> TrackingCookie.Revsci : Nettoyé.
:mozilla.269:C:\Documents and Settings\Jurg\Application Data\Wyzo\Data\Profiles\mo686uzb.default\cookies.txt -> TrackingCookie.Serving-sys : Nettoyé.
:mozilla.270:C:\Documents and Settings\Jurg\Application Data\Wyzo\Data\Profiles\mo686uzb.default\cookies.txt -> TrackingCookie.Serving-sys : Nettoyé.
:mozilla.271:C:\Documents and Settings\Jurg\Application Data\Wyzo\Data\Profiles\mo686uzb.default\cookies.txt -> TrackingCookie.Serving-sys : Nettoyé.
:mozilla.272:C:\Documents and Settings\Jurg\Application Data\Wyzo\Data\Profiles\mo686uzb.default\cookies.txt -> TrackingCookie.Serving-sys : Nettoyé.
:mozilla.273:C:\Documents and Settings\Jurg\Application Data\Wyzo\Data\Profiles\mo686uzb.default\cookies.txt -> TrackingCookie.Serving-sys : Nettoyé.
:mozilla.274:C:\Documents and Settings\Jurg\Application Data\Wyzo\Data\Profiles\mo686uzb.default\cookies.txt -> TrackingCookie.Serving-sys : Nettoyé.
:mozilla.408:C:\Documents and Settings\Jurg\Application Data\Wyzo\Data\Profiles\mo686uzb.default\cookies.txt -> TrackingCookie.Serving-sys : Nettoyé.
C:\Documents and Settings\Camille\Cookies\camille@bs.serving-sys[2].txt -> TrackingCookie.Serving-sys : Nettoyé.
C:\Documents and Settings\Camille\Cookies\camille@serving-sys[1].txt -> TrackingCookie.Serving-sys : Nettoyé.
C:\Documents and Settings\Christiane\Cookies\christiane@bs.serving-sys[2].txt -> TrackingCookie.Serving-sys : Nettoyé.
C:\Documents and Settings\Christiane\Cookies\christiane@serving-sys[2].txt -> TrackingCookie.Serving-sys : Nettoyé.
:mozilla.93:C:\Documents and Settings\Jurg\Application Data\Wyzo\Data\Profiles\mo686uzb.default\cookies.txt -> TrackingCookie.Smartadserver : Nettoyé.
:mozilla.94:C:\Documents and Settings\Jurg\Application Data\Wyzo\Data\Profiles\mo686uzb.default\cookies.txt -> TrackingCookie.Smartadserver : Nettoyé.
:mozilla.95:C:\Documents and Settings\Jurg\Application Data\Wyzo\Data\Profiles\mo686uzb.default\cookies.txt -> TrackingCookie.Smartadserver : Nettoyé.
:mozilla.96:C:\Documents and Settings\Jurg\Application Data\Wyzo\Data\Profiles\mo686uzb.default\cookies.txt -> TrackingCookie.Smartadserver : Nettoyé.
C:\Documents and Settings\Camille\Cookies\camille@smartadserver[2].txt -> TrackingCookie.Smartadserver : Nettoyé.
C:\Documents and Settings\Christiane\Cookies\christiane@smartadserver[2].txt -> TrackingCookie.Smartadserver : Nettoyé.
C:\Documents and Settings\Christiane\Cookies\christiane@www.smartadserver[1].txt -> TrackingCookie.Smartadserver : Nettoyé.
C:\Documents and Settings\Eliott\Cookies\eliott@smartadserver[2].txt -> TrackingCookie.Smartadserver : Nettoyé.
:mozilla.171:C:\Documents and Settings\Jurg\Application Data\Wyzo\Data\Profiles\mo686uzb.default\cookies.txt -> TrackingCookie.Statcounter : Nettoyé.
:mozilla.172:C:\Documents and Settings\Jurg\Application Data\Wyzo\Data\Profiles\mo686uzb.default\cookies.txt -> TrackingCookie.Statcounter : Nettoyé.
C:\Documents and Settings\Eliott\Cookies\eliott@statcounter[2].txt -> TrackingCookie.Statcounter : Nettoyé.
:mozilla.30:C:\Documents and Settings\Jurg\Application Data\Wyzo\Data\Profiles\mo686uzb.default\cookies.txt -> TrackingCookie.Tacoda : Nettoyé.
:mozilla.31:C:\Documents and Settings\Jurg\Application Data\Wyzo\Data\Profiles\mo686uzb.default\cookies.txt -> TrackingCookie.Tacoda : Nettoyé.
:mozilla.32:C:\Documents and Settings\Jurg\Application Data\Wyzo\Data\Profiles\mo686uzb.default\cookies.txt -> TrackingCookie.Tacoda : Nettoyé.
:mozilla.33:C:\Documents and Settings\Jurg\Application Data\Wyzo\Data\Profiles\mo686uzb.default\cookies.txt -> TrackingCookie.Tacoda : Nettoyé.
:mozilla.27:C:\Documents and Settings\Jurg\Application Data\Wyzo\Data\Profiles\mo686uzb.default\cookies.txt -> TrackingCookie.Tradedoubler : Nettoyé.
:mozilla.28:C:\Documents and Settings\Jurg\Application Data\Wyzo\Data\Profiles\mo686uzb.default\cookies.txt -> TrackingCookie.Tradedoubler : Nettoyé.
:mozilla.29:C:\Documents and Settings\Jurg\Application Data\Wyzo\Data\Profiles\mo686uzb.default\cookies.txt -> TrackingCookie.Tradedoubler : Nettoyé.
C:\Documents and Settings\Camille\Cookies\camille@tradedoubler[2].txt -> TrackingCookie.Tradedoubler : Nettoyé.
C:\Documents and Settings\Christiane\Cookies\christiane@tradedoubler[1].txt -> TrackingCookie.Tradedoubler : Nettoyé.
C:\Documents and Settings\Eliott\Cookies\eliott@tradedoubler[1].txt -> TrackingCookie.Tradedoubler : Nettoyé.
:mozilla.83:C:\Documents and Settings\Jurg\Application Data\Wyzo\Data\Profiles\mo686uzb.default\cookies.txt -> TrackingCookie.Tribalfusion : Nettoyé.
C:\Documents and Settings\Eliott\Cookies\eliott@tribalfusion[2].txt -> TrackingCookie.Tribalfusion : Nettoyé.
:mozilla.124:C:\Documents and Settings\Jurg\Application Data\Wyzo\Data\Profiles\mo686uzb.default\cookies.txt -> TrackingCookie.Weborama : Nettoyé.
:mozilla.310:C:\Documents and Settings\Jurg\Application Data\Wyzo\Data\Profiles\mo686uzb.default\cookies.txt -> TrackingCookie.Weborama : Nettoyé.
:mozilla.311:C:\Documents and Settings\Jurg\Application Data\Wyzo\Data\Profiles\mo686uzb.default\cookies.txt -> TrackingCookie.Weborama : Nettoyé.
:mozilla.312:C:\Documents and Settings\Jurg\Application Data\Wyzo\Data\Profiles\mo686uzb.default\cookies.txt -> TrackingCookie.Weborama : Nettoyé.
:mozilla.313:C:\Documents and Settings\Jurg\Application Data\Wyzo\Data\Profiles\mo686uzb.default\cookies.txt -> TrackingCookie.Weborama : Nettoyé.
C:\Documents and Settings\Camille\Cookies\camille@weborama[1].txt -> TrackingCookie.Weborama : Nettoyé.
C:\Documents and Settings\Christiane\Cookies\christiane@weborama[1].txt -> TrackingCookie.Weborama : Nettoyé.
C:\Documents and Settings\Eliott\Cookies\eliott@aimfar.solution.weborama[2].txt -> TrackingCookie.Weborama : Nettoyé.
C:\Documents and Settings\Eliott\Cookies\eliott@weborama[2].txt -> TrackingCookie.Weborama : Nettoyé.
C:\Documents and Settings\Jurg\Cookies\jurg@searchmobile.solution.weborama[2].txt -> TrackingCookie.Weborama : Nettoyé.
C:\Documents and Settings\Jurg\Cookies\jurg@weborama[1].txt -> TrackingCookie.Weborama : Nettoyé.
C:\Documents and Settings\Camille\Cookies\camille@m.webtrends[2].txt -> TrackingCookie.Webtrends : Nettoyé.
:mozilla.244:C:\Documents and Settings\Jurg\Application Data\Wyzo\Data\Profiles\mo686uzb.default\cookies.txt -> TrackingCookie.Webtrendslive : Nettoyé.
:mozilla.153:C:\Documents and Settings\Jurg\Application Data\Wyzo\Data\Profiles\mo686uzb.default\cookies.txt -> TrackingCookie.Yadro : Nettoyé.
C:\Documents and Settings\Eliott\Cookies\eliott@ad.yieldmanager[2].txt -> TrackingCookie.Yieldmanager : Nettoyé.
:mozilla.205:C:\Documents and Settings\Jurg\Application Data\Wyzo\Data\Profiles\mo686uzb.default\cookies.txt -> TrackingCookie.Zedo : Nettoyé.
:mozilla.206:C:\Documents and Settings\Jurg\Application Data\Wyzo\Data\Profiles\mo686uzb.default\cookies.txt -> TrackingCookie.Zedo : Nettoyé.
:mozilla.207:C:\Documents and Settings\Jurg\Application Data\Wyzo\Data\Profiles\mo686uzb.default\cookies.txt -> TrackingCookie.Zedo : Nettoyé.
:mozilla.208:C:\Documents and Settings\Jurg\Application Data\Wyzo\Data\Profiles\mo686uzb.default\cookies.txt -> TrackingCookie.Zedo : Nettoyé.
:mozilla.209:C:\Documents and Settings\Jurg\Application Data\Wyzo\Data\Profiles\mo686uzb.default\cookies.txt -> TrackingCookie.Zedo : Nettoyé.
C:\Documents and Settings\Lucas\Cookies\lucas@zedo[1].txt -> TrackingCookie.Zedo : Nettoyé.


Fin du rapport

-->- Recherche:

C:\Qoobox: trouvé !
C:\Documents and Settings\All Users\Menu Démarrer\Programmes\HijackThis: trouvé !
C:\Documents and Settings\All Users\Menu Démarrer\Programmes\HijackThis\HijackThis.lnk: trouvé !
C:\Documents and Settings\Jurg\Bureau\HijackThis.lnk: trouvé !
C:\Documents and Settings\Jurg\Bureau\ComboFix.exe: trouvé !
C:\Program Files\Trend Micro\HijackThis: trouvé !
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe: trouvé !

---------------------------------
-->- Suppression:

C:\Documents and Settings\All Users\Menu Démarrer\Programmes\HijackThis\HijackThis.lnk: supprimé !
C:\Documents and Settings\Jurg\Bureau\HijackThis.lnk: supprimé !
C:\Documents and Settings\Jurg\Bureau\ComboFix.exe: supprimé !
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe: supprimé !
C:\Qoobox: supprimé !
C:\Documents and Settings\All Users\Menu Démarrer\Programmes\HijackThis: supprimé !
C:\Program Files\Trend Micro\HijackThis: supprimé !


Suis-je au bout de mes peines ?
En tous les cas il ne semble plus y avoir de pop-up !!

Merci pour ton aide super-efficace !!

Bonnes vacances à toi aussi