pub intempestive Le Messenger, Spyware Secure Résolu

Question

Bonjour,

J'ai un problème de pubs intempestives Le Messenger et Spyware Secure dont je n'arrive pas à me débarasser alors je vous contacte en espérant que quelqu'un acceptera de m'aider.
Mon antivirus est Kaspersky Internet Security 7.0 et j'ai essayé de les éliminer en faisant tourner Spybot sans succès.
J'ai vu sur le forum qu'unrapport Hijackthis est nécessaire donc je copie le rapport ici.
Merci pour votre aide !

ps: j'ai comme l'impression que j'ai aussi quelques vieux qui trainent et un bon ménage serait nécassaire mais avant d'éliminer quoi que ce soit je préfère vous donner le rapport tel quel...vous aurez compris que je suis novice !

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 11:54:14, on 03/09/2008
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16705)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Adobe\Photoshop Elements 4.0\PhotoshopElementsFileAgent.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\avp.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\system32
vsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\Analog Devices\Core\smax4pnp.exe
C:\Program Files\Canon\CAL\CALMAIN.exe
C:\Program Files\Analog Devices\SoundMAX\Smax4.exe
C:\WINDOWS\sm56hlpr.exe
C:\Program Files\ScanSoft\OmniPageSE2.0\OpwareSE2.exe
C:\WINDOWS\system32\LVCOMSX.EXE
C:\Program Files\Adobe\Photoshop Elements 4.0\apdproxy.exe
C:\Program Files\Logitech\Video\LogiTray.exe
C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
C:\Program Files\Logitech\iTouch\iTouch.exe
C:\Program Files\Picasa2\PicasaMediaDetector.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Program Files\Logitech\MouseWare\system\em_exec.exe
C:\Program Files\Microsoft Office\OFFICE11\OUTLOOK.EXE
C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe
C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\avp.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe
C:\documents and settingsigqudy\local settings\application data\czihndb.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\Sony Corporation\Image Transfer\SonyTray.exe
C:\Program Files\Sony\Sony Picture Utility\VolumeWatcher\SPUVolumeWatcher.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\PROGRA~1\COMMON~1\Nokia\MPAPI\MPAPI3s.exe
C:\Program Files\Logitech\Video\FxSvr2.exe
C:\Program Files\Common Files\PCSuite\Services\ServiceLayer.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Skype\Plugin Manager\skypePM.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://login.yahoo.com?.src=ym&.lang=en-US&.intl=us&.done=https%3A%2F%2Fmail.yahoo.com%2Fdc%2Flaunch%3F.rand%3D9s33iertvcb85
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R3 - URLSearchHook: &Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: XBTP06568 Class - {311F9DE8-6126-4EEE-B15F-65CBB3B4F9F6} - C:\Program Files\AOL Security Toolbar\AOL_security_toolbar.dll (file missing)
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\System32\DLA\DLASHX_W.DLL
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar3.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: Easy-WebPrint - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:\Program Files\Canon\Easy-WebPrint\Toolband.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar3.dll
O3 - Toolbar: AOL Security Toolbar - {3BB63FD4-3C00-44D7-94A9-5DE211900DEF} - C:\Program Files\AOL Security Toolbar\AOL_security_toolbar.dll (file missing)
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: &Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [High Definition Audio Property Page Shortcut] HDAShCut.exe
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe
O4 - HKLM\..\Run: [SoundMAX] "C:\Program Files\Analog Devices\SoundMAX\Smax4.exe" /tray
O4 - HKLM\..\Run: [SMSERIAL] sm56hlpr.exe
O4 - HKLM\..\Run: [OpwareSE2] "C:\Program Files\ScanSoft\OmniPageSE2.0\OpwareSE2.exe"
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Elements 4.0\apdproxy.exe"
O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe 
O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
O4 - HKLM\..\Run: [zBrowser Launcher] C:\Program Files\Logitech\iTouch\iTouch.exe
O4 - HKLM\..\Run: [Logitech Utility] Logi_MwX.Exe
O4 - HKLM\..\Run: [Picasa Media Detector] C:\Program Files\Picasa2\PicasaMediaDetector.exe
O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - HKLM\..\Run: [PCSuiteTrayApplication] C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe -startup
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [AVP] "C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\avp.exe"
O4 - HKLM\..\Run: [DLA] C:\WINDOWS\System32\DLA\DLACTRLW.EXE
O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [LogitechSoftwareUpdate] "C:\Program Files\Logitech\Video\ManifestEngine.exe" boot
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [PcSync] C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe /NoDialog
O4 - HKCU\..\Run: [Yahoo! Pager] "C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" -quiet
O4 - HKCU\..\Run: [czihndb] "c:\documents and settingsigqudy\local settings\application data\czihndb.exe" czihndb
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - Startup: Outil de détection de support Picture Motion Browser.lnk = C:\Program Files\Sony\Sony Picture Utility\VolumeWatcher\SPUVolumeWatcher.exe
O4 - Global Startup: Image Transfer.lnk = ?
O4 - Global Startup: SoftStuff Wallpaper Changer.lnk = D:\softstrt.exe
O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: Ajouter à Kaspersky Anti-Bannière - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\ie_banner_deny.htm
O8 - Extra context menu item: Convertir les liens sélectionnés en fichier Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Easy-WebPrint Ajouter à la liste d'impressions - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_AddToList.html
O8 - Extra context menu item: Easy-WebPrint Impression rapide - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_HSPrint.html
O8 - Extra context menu item: Easy-WebPrint Imprimer - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_Print.html
O8 - Extra context menu item: Easy-WebPrint Prévisualiser - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_Preview.html
O8 - Extra context menu item: Ouvrir dans un nouvel onglet d'arrière-plan - res://C:\Program Files\Windows Live Toolbar\Components\fr-fr\msntabres.dll.mui/229?9b41ae26ee96442b90ec29413fd5a43f
O8 - Extra context menu item: Ouvrir dans un nouvel onglet de premier plan - res://C:\Program Files\Windows Live Toolbar\Components\fr-fr\msntabres.dll.mui/230?9b41ae26ee96442b90ec29413fd5a43f
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra button: Statistiques d’Anti-Virus Internet - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\SCIEPlgn.dll
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {1FF43AD5-2262-4C2F-81D4-26D710C3F305} (VB2S Mannequin Virtuel Control) - http://mannequin.redoute.fr/activex/Mannequin.cab
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {4871A87A-BFDD-4106-8153-FFDE2BAC2967} (DLM Control) - http://dlm.tools.akamai.com/dlmanager/versions/activex/dlm-activex-2.2.3.7.cab
O16 - DPF: {63308B48-F435-42FD-AB0A-3564C7BEF9D7} (Toontown Install/Update Helper French) - https://iplay.fr.toontown.com/download/sv1.5.19.5/ttinst-french.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~3\GOEC62~1.DLL,C:\PROGRA~1\KASPER~1\KASPER~2.0\adialhk.dll
O23 - Service: Adobe Active File Monitor V4 (AdobeActiveFileMonitor4.0) - Unknown owner - C:\Program Files\Adobe\Photoshop Elements 4.0\PhotoshopElementsFileAgent.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Kaspersky Internet Security 7.0 (AVP) - Kaspersky Lab - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\avp.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Canon Camera Access Library 8 (CCALib8) - Canon Inc. - C:\Program Files\Canon\CAL\CALMAIN.exe
O23 - Service: GoogleDesktopManager - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: Windows CardSpace (idsvc) - Unknown owner - C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe (file missing)
O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32
vsvc32.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\Common Files\PCSuite\Services\ServiceLayer.exe

geoffrey5 · Accepted Answer

Salut sydney !!

un ptit coup de main m a été demandé par E.T

fais ceci stp :

Copie le texte ci-dessous : 

File:: 
c:\documents and settings\rigqudy\local settings\application data\czihndb.exe


Folder:: 


Registry:: 



Ouvre le Bloc-Notes puis colle le texte copié. 
(Démarrer\Tous les programmes\Accessoires\Bloc notes.) 
Sauvegarde ce fichier sous le nom de CFScript.txt. 

Glisse maintenant le fichier CFScript.txt dans Combofix.exe comme ci-dessous : 

http://sd-1.archive-host.com/membres/up/1366464061/CFScript.gif 

Cela va relancer Combofix, 

Une fenêtre bleue va apparaître: au message qui apparaît ( Type 1 to continue, or 2 to abort) , tape 1 puis valide. 

Patiente le temps du scan.Le bureau va disparaître à plusieurs reprises: c'est normal! 

Ne touche à rien tant que le scan n'est pas terminé. 

Après redémarrage, poste le contenu du rapport Combofix.txt accompagné d'un rapport Hijackthis. 

S'il n'y a pas de rédémarrage, poste quand même les rapports.

ensuite refais un nouveau rapport hijackthis pour vérifier stp

E..T · Answer

Salut, Télécharge >> Lop S&D.exe << puis enregistres-le sur ton Bureau . double-clic sur le fichier LopSD.exe suffira à lancer l'installation Accepte le contrat de licence Créer le répertoire de destination, accepte en cliquant sur oui Un raccourci sera créé sur ton Bureau. Double clic dessus. Choisis la langue f pour Français puis valide par Entrée. Choisis l'option Recherche en saisissant 1 valides par Entrée. Ton bureau va disparaitre c'est normal. Patiente le temps du scan A la fin du scan un rapport sera généré et s'ouvrira automatiquement dans le Bloc-Notes. Copies-colles le contenu de ce rapport ici. >>On le trouve aussi en %systemdrive%\LopR.txt @++

E..T · Answer

Ouep,

Refais la même chose mais la tu choisis le choix 2
Laisse travailler le pc
Une fois le nettoyage fini ,une recherche sera relancée et un rapport
s'ouvrira automatiquement dans le Bloc-Notes.
Copies-colles le contenu de ce rapport sur le forum. 

----------------------------------------------------------------------------------------------------------------------------------------------
----------------------------------------------------------------------------------------------------------------------------------------------

Ensuite,

Télécharge Navilog1 depuis-ce lien :
http://perso.orange.fr/il.mafioso/Navifix/Navilog1.exe

Enregistrer la cible (du lien) sous... et enregistre-le sur ton bureau.
Ensuite double clique sur navilog1.exe pour lancer l'installation.

Une fois l'installation terminée, le fix s'exécutera automatiquement.
(Si ce n'est pas le cas, double-clique sur le raccourci Navilog1 présent sur le bureau).


Au menu principal, Fais le choix 1
Laisse toi guider et patiente.
Patiente jusqu'au message :
*** Analyse Termine le ..... ***
Appuie sur une touche le bloc note va s'ouvrir.
Copie-colle le rapport ici.

@++

E..T · Answer

Bon ça avance ;-) Relance Navilog # Sur le menu, choisis Désinfection automatique l'option 2 # Le fix va se mettre à travailler... sois patient! # Cliques simplement sur OK si des fenêtres apparaissent. Un rapport va être génrer sur ton disque C:\ qui sera en option 2 >> Envoi le >>> Si ton bureau ne réapparait pas après le fix ce n'est rien ! <<< Fais CTRL+ALT+SUPP pour ouvrir le gestionnaire de tâches. Puis rends-toi à l'onglet "processus". Clique en haut à gauche sur fichiers et choisis "exécuter" Tape explorer et valide. Celà te fera apparaitre ton bureau. ---------------------------------------------------------------------------------------------------------------------------------------------- ---------------------------------------------------------------------------------------------------------------------------------------------- Puis poste un nouveau rapport hijack this. ++

E..T · Answer

Ouep,
Comment va le pc ?
++

Edit >> Je regarde ton hijack.

E..T · Answer

Bon on continue ;-)

Fais ce qui suit :

* Télécharge MalwareByte's Anti-Malware (by RubbeR DuckY) :
*http://www.commentcamarche.net/telecharger/telecharger 34055379 malwarebyte s anti malware
* Installe le programme sur le bureau :

o S'il manque le fichier COMCTL32.OCX,  télécharge le ici

* Fais les mises à jour (clic sur Mises à jour puis Recherche de mises à jour)

* Démarre en mode sans échec
Comment faire >> https://www.micro-astuce.com/depannage/demarrer-mode-sans-echec.php
Redémarres l’ordinateur
Dès le chargement du BIOS, commences à appuyer sur la touche F8 de ton clavier,i jusqu'au ou le menu des options avancées de Windows apparait. 
Sélectionne "Mode sans échec" dans le menu puis appuyez sur Entrée. 


* Lance MalwareByte's Anti-Malware, clique sur Exécuter un examen complet puis Rechercher et sélectionnez tous tes disques durs

* // !! \ Une fois le scan terminé, clique sur supprimer (si un message te demande de redémarrer le PC, accepte.)

* Un rapport sera généré, enregistre le de manière à le retrouver sur ton bureau par exemple et poste le ici.

Pour le reste on verra ce midi ou ce soir après boulot ;-) 

@++

Sydney43 · Answer

ça y est, l'analyse est enfin finie....je comprends pourquoi tu me disais qu'on verrait le reste plus tard...!
Alors voici le rapport 

Malwarebytes' Anti-Malware 1.26
Database version: 1106
Windows 5.1.2600 Service Pack 3

9/3/2008 10:31:04 PM
mbam-log-2008-09-03 (22-31-04).txt

Scan type: Full Scan (A:\|C:\|D:\|E:\|H:\|)
Objects scanned: 163096
Time elapsed: 6 hour(s), 25 minute(s), 47 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 5
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 4

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
HKEY_CLASSES_ROOT\urlsearchhook.softomateurlsearchhook (Trojan.BHO) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\urlsearchhook.softomateurlsearchhook.1 (Trojan.BHO) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{4897bba6-48d9-468c-8efa-846275d7701b} (Adware.SoftMate) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{ca3eb689-8f09-4026-aa10-b9534c691ce0} (Trojan.BHO) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Typelib\{4509d3cc-b642-4745-b030-645b79522c6d} (Adware.SoftMate) -> Quarantined and deleted successfully.

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
C:\Documents and Settings\Rigqudy\Local Settings\Application Data\czihndb_navps.dat (Adware.Navipromo.H) -> Quarantined and deleted successfully.
C:\Documents and Settings\Rigqudy\Local Settings\Application Data\czihndb_nav.dat (Adware.Navipromo.H) -> Quarantined and deleted successfully.
C:\Documents and Settings\Rigqudy\Local Settings\Application Data\czihndb.dat (Adware.Navipromo.H) -> Quarantined and deleted successfully.
C:\Documents and Settings\Rigqudy\Local Settings\Application Data\czihndb.exe (Adware.Navipromo.H) -> Quarantined and deleted successfully.


est-ce que cette fois sera la bonne ?
A+

E..T · Answer

Bonsoir,
Poste un rapport hijack this.
++

E..T · Answer

Salut,
Ah ouai t'es à Sydney ?
Je regarde ton log et te dis quoi.
++

E..T · Answer

Bon,

Télécharge >> Lop S&D.exe << puis enregistres-le sur ton Bureau .
double-clic sur le fichier LopSD.exe suffira à lancer l'installation
Accepte le contrat de licence
Créer le répertoire de destination, accepte en cliquant sur oui
Un raccourci sera créé sur ton Bureau.
Double clic dessus.
Choisis la langue f pour Français puis valide par Entrée.
Choisis l'option Recherche en saisissant 1 valides par Entrée.
Ton bureau va disparaitre c'est normal.
Patiente le temps du scan
A la fin du scan un rapport sera généré et s'ouvrira automatiquement dans le Bloc-Notes.
Copies-colles le contenu de ce rapport ici.
>>On le trouve aussi en %systemdrive%\LopR.txt

La suite demain.
Bonne journée et bonne nuit pour moi.
@++

Sydney43 · Answer

Salut,

Non je suis maintenant à Singapour mais j'étais à Sydney avant et j'adore cette ville !
j'ai refait tourner Lop SD comme tu me l'as demandé...voici le rapport
tu me disais que le bureau disparait pendant l'analyse, ce n'est pas le cas; j'imagine que ce n'est pas grave mais au point où j'en suis, je préfère te le signaler...

   --------------------\  Lop S&D 4.2.3-9   XP/Vista

   Microsoft Windows XP Professional ( v5.1.2600 ) Service Pack 3
   X86-based PC ( Uniprocessor Free : AMD Athlon(tm) 64 Processor 3000+ )
   BIOS : BIOS Date: 11/17/05 21:51:32 Ver: 08.00.12
   USER : Rigqudy ( Administrator )
   BOOT : Normal boot
   Antivirus : Kaspersky Internet Security 7.0.1.325 (Activated)
   Firewall  : Kaspersky Internet Security 7.0.1.325 (Activated)

   "C:\Lop SD" ( MAJ : 02-09-2008|17:30 )
   Option : [1] ( 04/09/2008| 9:24 )
 
   --------------------\  Listing des dossiers dans APPLIC~1  






 
   --------------------\  Tâches planifiées dans C:\WINDOWS	asks

   [04/09/2008 09:14][--a------] C:\WINDOWS	asks\V‚rifier les mises … jour de Windows Live Toolbar.job
   [20/08/2008 16:50][--a------] C:\WINDOWS	asks\AppleSoftwareUpdate.job
   [04/09/2008 06:48][--ah-----] C:\WINDOWS	asks\SA.DAT
   [04/08/2004 20:00][-r-h-----] C:\WINDOWS	asks\desktop.ini

   --------------------\  Listing des dossiers dans C:\Program Files

   [24/08/2006|12:48] C:\Program Files\Games
   [03/12/2006|13:39] C:\Program Files\
   [12/07/2008|15:48] C:\Program Files\
   [25/05/2006|08:04] C:\Program Files\
   [25/05/2006|08:03] C:\Program Files\Devices
   [19/05/2008|09:18] C:\Program Files\Software Update
   [29/05/2006|16:27] C:\Program Files\
   [27/03/2008|18:05] C:\Program Files\
   [24/07/2008|07:27] C:\Program Files\
   [16/09/2007|22:01] C:\Program Files\
   [20/06/2008|17:33] C:\Program Files\Cascades
   [27/08/2008|06:43] C:\Program Files\Files
   [24/05/2006|15:55] C:\Program Files\Applications
   [18/09/2007|22:20] C:\Program Files\
   [14/04/2008|19:10] C:\Program Files\
   [20/06/2008|16:02] C:\Program Files\Games
   [05/12/2007|18:15] C:\Program Files\
   [22/06/2007|12:16] C:\Program Files\
   [02/08/2008|14:56] C:\Program Files\Installation Information
   [18/08/2008|19:30] C:\Program Files\Explorer
   [20/08/2008|17:17] C:\Program Files\
   [20/08/2008|17:18] C:\Program Files\
   [23/07/2008|19:37] C:\Program Files\
   [02/04/2008|11:33] C:\Program Files\Lab
   [04/12/2007|17:53] C:\Program Files\
   [04/09/2006|09:24] C:\Program Files\
   [10/10/2007|16:42] C:\Program Files\Jongg - The REAL Game!
   [03/09/2008|22:49] C:\Program Files\Anti-Malware
   [20/06/2008|16:31] C:\Program Files\Interactive
   [02/09/2008|11:30] C:\Program Files\
   [09/05/2007|19:12] C:\Program Files\CAPICOM 2.1.0.2
   [24/05/2006|15:58] C:\Program Files\frontpage
   [13/05/2008|17:52] C:\Program Files\Office
   [29/05/2006|15:28] C:\Program Files\Visual Studio
   [29/05/2006|16:06] C:\Program Files\Works
   [03/09/2007|11:23] C:\Program Files\Minds
   [19/08/2008|10:30] C:\Program Files\
   [21/01/2008|12:56] C:\Program Files\PhoneTools
   [02/09/2008|11:24] C:\Program Files\Maker
   [03/09/2007|10:36] C:\Program Files\
   [13/05/2008|17:52] C:\Program Files\
   [18/12/2006|15:53] C:\Program Files\
   [24/05/2006|15:55] C:\Program Files\Gaming Zone
   [02/09/2008|19:11] C:\Program Files\Messenger
   [23/02/2007|18:13] C:\Program Files\4.0
   [04/09/2007|23:03] C:\Program Files\6.0
   [03/09/2008|15:05] C:\Program Files\
   [02/09/2008|11:18] C:\Program Files\
   [18/09/2007|22:19] C:\Program Files\
   [29/05/2006|16:07] C:\Program Files\
   [24/05/2006|15:55] C:\Program Files\Services
   [02/09/2008|11:17] C:\Program Files\Express
   [25/05/2006|08:07] C:\Program Files\Fax Modem
   [22/06/2007|12:17] C:\Program Files\
   [02/06/2006|16:28] C:\Program Files\
   [24/07/2008|07:26] C:\Program Files\
   [03/09/2007|10:31] C:\Program Files\Assemblies
   [24/07/2008|07:13] C:\Program Files\
   [29/05/2006|16:28] C:\Program Files\
   [14/01/2008|14:01] C:\Program Files\
   [26/06/2008|11:10] C:\Program Files\
   [02/06/2006|16:28] C:\Program Files\Corporation
   [01/09/2008|12:09] C:\Program Files\- Search & Destroy
   [23/07/2008|19:38] C:\Program Files\
   [29/05/2006|15:09] C:\Program Files\
   [03/09/2008|11:53] C:\Program Files\Micro
   [24/05/2006|16:08] C:\Program Files\Information
   [06/01/2008|13:27] C:\Program Files\& Adoption
   [22/06/2007|12:16] C:\Program Files\Digital Technologies
   [30/11/2007|21:20] C:\Program Files\Live Toolbar
   [04/03/2007|12:23] C:\Program Files\Media Connect 2
   [02/09/2008|11:17] C:\Program Files\Media Player
   [02/09/2008|11:17] C:\Program Files\NT
   [24/05/2006|15:57] C:\Program Files\
   [24/05/2006|15:58] C:\Program Files\
   [19/12/2007|08:40] C:\Program Files\

   --------------------\  Listing des dossiers dans C:\Program Files\Common Files

   [01/06/2008|10:16] C:\Program Files\Common Files\
   [09/09/2007|18:13] C:\Program Files\Common Files\
   [16/09/2007|21:57] C:\Program Files\Common Files\
   [29/05/2006|15:28] C:\Program Files\Common Files\
   [07/01/2007|15:43] C:\Program Files\Common Files\
   [31/05/2006|21:21] C:\Program Files\Common Files\
   [17/08/2006|17:21] C:\Program Files\Common Files\
   [04/09/2006|09:23] C:\Program Files\Common Files\
   [23/07/2008|23:44] C:\Program Files\Common Files\Shared
   [24/05/2006|15:56] C:\Program Files\Common Files\
   [18/09/2007|22:19] C:\Program Files\Common Files\
   [25/05/2006|01:51] C:\Program Files\Common Files\
   [18/09/2007|22:19] C:\Program Files\Common Files\
   [29/05/2006|16:28] C:\Program Files\Common Files\Shared
   [24/05/2006|15:56] C:\Program Files\Common Files\
   [14/01/2008|14:01] C:\Program Files\Common Files\
   [25/05/2006|01:51] C:\Program Files\Common Files\
   [02/09/2008|11:17] C:\Program Files\Common Files\

   --------------------\  Process

   ( 61 Processus )

   iexplore.exe ~ [PID:2284]

   --------------------\  Recherche avec S_Lop

   Aucun fichier / dossier Lop trouvé !
 
   --------------------\  Recherche de Fichiers / Dossiers Lop

   Aucun fichier / dossier Lop trouvé ! 
 
   --------------------\  Verification du Registre
 
   ..... OK !

   --------------------\  Verification du fichier Hosts

   Fichier Hosts PROPRE


   --------------------\  Recherche de fichiers avec Catchme
 
   catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
   Rootkit scan 2008-09-04 09:27:40
   Windows 5.1.2600 Service Pack 3 NTFS
   scanning hidden processes ...
   scanning hidden files ...
   scan completed successfully
   hidden processes: 0
   hidden files: 0
 
   --------------------\  Recherche d'autres infections

   --------------------\  Cracks & Keygens ..

   C:\DOCUME~1\Rigqudy\My Documents\My Music\iTunes\iTunes Music\Roudoudou\Original Soundcrack
   C:\DOCUME~1\Rigqudy\My Documents\My Music\iTunes\iTunes Music\Roudoudou\Original Soundcrack\- 01-Tiki Walk.mp3
   C:\DOCUME~1\Rigqudy\My Documents\My Music\iTunes\iTunes Music\Roudoudou\Original Soundcrack\- 02-Message from Number 9.mp3
   C:\DOCUME~1\Rigqudy\My Documents\My Music\iTunes\iTunes Music\Roudoudou\Original Soundcrack\- 03-Space Express.mp3
   C:\DOCUME~1\Rigqudy\My Documents\My Music\iTunes\iTunes Music\Roudoudou\Original Soundcrack\- 04-Misty Lagoon.mp3
   C:\DOCUME~1\Rigqudy\My Documents\My Music\iTunes\iTunes Music\Roudoudou\Original Soundcrack\- 05-The Lost Waltz.mp3
   C:\DOCUME~1\Rigqudy\My Documents\My Music\iTunes\iTunes Music\Roudoudou\Original Soundcrack\- 06-Sunny Sunday.mp3
   C:\DOCUME~1\Rigqudy\My Documents\My Music\iTunes\iTunes Music\Roudoudou\Original Soundcrack\- 07-Buy or Die!.mp3
   C:\DOCUME~1\Rigqudy\My Documents\My Music\iTunes\iTunes Music\Roudoudou\Original Soundcrack\- 08-Surprise! Surprise!.mp3
   C:\DOCUME~1\Rigqudy\My Documents\My Music\iTunes\iTunes Music\Roudoudou\Original Soundcrack\- 09-Ellie Love Song.mp3
   C:\DOCUME~1\Rigqudy\My Documents\My Music\iTunes\iTunes Music\Roudoudou\Original Soundcrack\- 10-The RIse & Fall of the Record Empire.mp3
   C:\DOCUME~1\Rigqudy\My Documents\My Music\iTunes\iTunes Music\Roudoudou\Original Soundcrack\- 11-Yesterday's Dreams.mp3
   C:\DOCUME~1\Rigqudy\My Documents\My Music\iTunes\iTunes Music\Roudoudou\Original Soundcrack\- 12-Original Soundcrack.mp3


   [F:52][D:3]-> C:\DOCUME~1\Rigqudy\LOCALS~1\Temp
   [F:1650][D:0]-> C:\DOCUME~1\Rigqudy\Cookies
   [F:349][D:16]-> C:\DOCUME~1\Rigqudy\LOCALS~1\TEMPOR~1\content.IE5

   1 - "C:\Lop SD\LopR_1.txt" - 03/09/2008|13:06 - Option : [1]
   2 - "C:\Lop SD\LopR_2.txt" - 03/09/2008|14:26 - Option : [2]
   3 - "C:\Lop SD\LopR_3.txt" - 04/09/2008| 9:20 - Option : [1]
   4 - "C:\Lop SD\LopR_4.txt" - 04/09/2008| 9:30 - Option : [1]


Bonne nuit !

E..T · Answer

Salut,

Refais la même chose mais la tu choisis le choix 2
Laisse travailler le pc
Une fois le nettoyage fini ,une recherche sera relancée et un rapport
s'ouvrira automatiquement dans le Bloc-Notes.
Copies-colles le contenu de ce rapport sur le forum. 

------------------------------------------------------------­------------------------------------------------------------­----------------------
------------------------------------------------------------­------------------------------------------------------------­----------------------

Ensuite poste un rapport hijack this


+++

Sydney43 · Answer

voici le rapport lopSD:


   --------------------\  Lop S&D 4.2.3-9   XP/Vista

   Microsoft Windows XP Professional ( v5.1.2600 ) Service Pack 3
   X86-based PC ( Uniprocessor Free : AMD Athlon(tm) 64 Processor 3000+ )
   BIOS : BIOS Date: 11/17/05 21:51:32 Ver: 08.00.12
   USER : Rigqudy ( Administrator )
   BOOT : Normal boot
   Antivirus : Kaspersky Internet Security 7.0.1.325 (Activated)
   Firewall  : Kaspersky Internet Security 7.0.1.325 (Activated)

   "C:\Lop SD" ( MAJ : 02-09-2008|17:30 )
   Option : [2] ( 04/09/2008|16:12 )

 
   \\\\\\\\\\\\\\\ 

 
   --------------------\  Listing des dossiers dans APPLIC~1  






 
   --------------------\  Tâches planifiées dans C:\WINDOWS	asks

   [04/09/2008 16:14][--a------] C:\WINDOWS	asks\V‚rifier les mises … jour de Windows Live Toolbar.job
   [20/08/2008 16:50][--a------] C:\WINDOWS	asks\AppleSoftwareUpdate.job
   [04/09/2008 06:48][--ah-----] C:\WINDOWS	asks\SA.DAT
   [04/08/2004 20:00][-r-h-----] C:\WINDOWS	asks\desktop.ini

   --------------------\  Listing des dossiers dans C:\Program Files

   [24/08/2006|12:48] C:\Program Files\Games
   [03/12/2006|13:39] C:\Program Files\
   [12/07/2008|15:48] C:\Program Files\
   [25/05/2006|08:04] C:\Program Files\
   [25/05/2006|08:03] C:\Program Files\Devices
   [19/05/2008|09:18] C:\Program Files\Software Update
   [29/05/2006|16:27] C:\Program Files\
   [27/03/2008|18:05] C:\Program Files\
   [24/07/2008|07:27] C:\Program Files\
   [16/09/2007|22:01] C:\Program Files\
   [20/06/2008|17:33] C:\Program Files\Cascades
   [27/08/2008|06:43] C:\Program Files\Files
   [24/05/2006|15:55] C:\Program Files\Applications
   [18/09/2007|22:20] C:\Program Files\
   [14/04/2008|19:10] C:\Program Files\
   [20/06/2008|16:02] C:\Program Files\Games
   [05/12/2007|18:15] C:\Program Files\
   [22/06/2007|12:16] C:\Program Files\
   [02/08/2008|14:56] C:\Program Files\Installation Information
   [18/08/2008|19:30] C:\Program Files\Explorer
   [20/08/2008|17:17] C:\Program Files\
   [20/08/2008|17:18] C:\Program Files\
   [23/07/2008|19:37] C:\Program Files\
   [02/04/2008|11:33] C:\Program Files\Lab
   [04/12/2007|17:53] C:\Program Files\
   [04/09/2006|09:24] C:\Program Files\
   [10/10/2007|16:42] C:\Program Files\Jongg - The REAL Game!
   [03/09/2008|22:49] C:\Program Files\Anti-Malware
   [20/06/2008|16:31] C:\Program Files\Interactive
   [02/09/2008|11:30] C:\Program Files\
   [09/05/2007|19:12] C:\Program Files\CAPICOM 2.1.0.2
   [24/05/2006|15:58] C:\Program Files\frontpage
   [13/05/2008|17:52] C:\Program Files\Office
   [29/05/2006|15:28] C:\Program Files\Visual Studio
   [29/05/2006|16:06] C:\Program Files\Works
   [03/09/2007|11:23] C:\Program Files\Minds
   [19/08/2008|10:30] C:\Program Files\
   [21/01/2008|12:56] C:\Program Files\PhoneTools
   [02/09/2008|11:24] C:\Program Files\Maker
   [03/09/2007|10:36] C:\Program Files\
   [13/05/2008|17:52] C:\Program Files\
   [18/12/2006|15:53] C:\Program Files\
   [24/05/2006|15:55] C:\Program Files\Gaming Zone
   [02/09/2008|19:11] C:\Program Files\Messenger
   [23/02/2007|18:13] C:\Program Files\4.0
   [04/09/2007|23:03] C:\Program Files\6.0
   [03/09/2008|15:05] C:\Program Files\
   [02/09/2008|11:18] C:\Program Files\
   [18/09/2007|22:19] C:\Program Files\
   [29/05/2006|16:07] C:\Program Files\
   [24/05/2006|15:55] C:\Program Files\Services
   [02/09/2008|11:17] C:\Program Files\Express
   [25/05/2006|08:07] C:\Program Files\Fax Modem
   [22/06/2007|12:17] C:\Program Files\
   [02/06/2006|16:28] C:\Program Files\
   [24/07/2008|07:26] C:\Program Files\
   [03/09/2007|10:31] C:\Program Files\Assemblies
   [24/07/2008|07:13] C:\Program Files\
   [29/05/2006|16:28] C:\Program Files\
   [14/01/2008|14:01] C:\Program Files\
   [26/06/2008|11:10] C:\Program Files\
   [02/06/2006|16:28] C:\Program Files\Corporation
   [01/09/2008|12:09] C:\Program Files\- Search & Destroy
   [23/07/2008|19:38] C:\Program Files\
   [29/05/2006|15:09] C:\Program Files\
   [03/09/2008|11:53] C:\Program Files\Micro
   [24/05/2006|16:08] C:\Program Files\Information
   [06/01/2008|13:27] C:\Program Files\& Adoption
   [22/06/2007|12:16] C:\Program Files\Digital Technologies
   [30/11/2007|21:20] C:\Program Files\Live Toolbar
   [04/03/2007|12:23] C:\Program Files\Media Connect 2
   [02/09/2008|11:17] C:\Program Files\Media Player
   [02/09/2008|11:17] C:\Program Files\NT
   [24/05/2006|15:57] C:\Program Files\
   [24/05/2006|15:58] C:\Program Files\
   [19/12/2007|08:40] C:\Program Files\

   --------------------\  Listing des dossiers dans C:\Program Files\Common Files

   [01/06/2008|10:16] C:\Program Files\Common Files\
   [09/09/2007|18:13] C:\Program Files\Common Files\
   [16/09/2007|21:57] C:\Program Files\Common Files\
   [29/05/2006|15:28] C:\Program Files\Common Files\
   [07/01/2007|15:43] C:\Program Files\Common Files\
   [31/05/2006|21:21] C:\Program Files\Common Files\
   [17/08/2006|17:21] C:\Program Files\Common Files\
   [04/09/2006|09:23] C:\Program Files\Common Files\
   [23/07/2008|23:44] C:\Program Files\Common Files\Shared
   [24/05/2006|15:56] C:\Program Files\Common Files\
   [18/09/2007|22:19] C:\Program Files\Common Files\
   [25/05/2006|01:51] C:\Program Files\Common Files\
   [18/09/2007|22:19] C:\Program Files\Common Files\
   [29/05/2006|16:28] C:\Program Files\Common Files\Shared
   [24/05/2006|15:56] C:\Program Files\Common Files\
   [14/01/2008|14:01] C:\Program Files\Common Files\
   [25/05/2006|01:51] C:\Program Files\Common Files\
   [02/09/2008|11:17] C:\Program Files\Common Files\

   --------------------\  Process

   ( 59 Processus )

   ... OK !

   --------------------\  Recherche avec S_Lop

   Aucun fichier / dossier Lop trouvé !
 
   --------------------\  Recherche de Fichiers / Dossiers Lop

   Aucun fichier / dossier Lop trouvé ! 
 
   --------------------\  Verification du Registre
 
   ..... OK !

   --------------------\  Verification du fichier Hosts

   Fichier Hosts PROPRE


   --------------------\  Recherche de fichiers avec Catchme
 
   catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
   Rootkit scan 2008-09-04 16:18:28
   Windows 5.1.2600 Service Pack 3 NTFS
   scanning hidden processes ...
   scanning hidden files ...
   scan completed successfully
   hidden processes: 0
   hidden files: 0
 
   --------------------\  Recherche d'autres infections


   Aucune autre infection trouvée  !

   [F:50][D:3]-> C:\DOCUME~1\Rigqudy\LOCALS~1\Temp
   [F:1650][D:0]-> C:\DOCUME~1\Rigqudy\Cookies
   [F:297][D:16]-> C:\DOCUME~1\Rigqudy\LOCALS~1\TEMPOR~1\content.IE5

   1 - "C:\Lop SD\LopR_1.txt" - 03/09/2008|13:06 - Option : [1]
   2 - "C:\Lop SD\LopR_2.txt" - 03/09/2008|14:26 - Option : [2]
   3 - "C:\Lop SD\LopR_3.txt" - 04/09/2008| 9:20 - Option : [1]
   4 - "C:\Lop SD\LopR_4.txt" - 04/09/2008| 9:30 - Option : [1]
   5 - "C:\Lop SD\LopR_5.txt" - 04/09/2008|16:22 - Option : [2]


(j'ai viré les morceaux d'itunes qui sortaient en crack et keygen...de toute façon c'était pas bon....)

et le rapport hijack this:

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 16:26:11, on 04/09/2008
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16705)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\Analog Devices\Core\smax4pnp.exe
C:\Program Files\Analog Devices\SoundMAX\Smax4.exe
C:\WINDOWS\sm56hlpr.exe
C:\Program Files\ScanSoft\OmniPageSE2.0\OpwareSE2.exe
C:\WINDOWS\system32\LVCOMSX.EXE
C:\Program Files\Adobe\Photoshop Elements 4.0\apdproxy.exe
C:\Program Files\Logitech\Video\LogiTray.exe
C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
C:\Program Files\Logitech\iTouch\iTouch.exe
C:\Program Files\Picasa2\PicasaMediaDetector.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe
C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\avp.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\Logitech\MouseWare\system\em_exec.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Program Files\Logitech\Video\FxSvr2.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Adobe\Photoshop Elements 4.0\PhotoshopElementsFileAgent.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\avp.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\system32
vsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\PROGRA~1\COMMON~1\Nokia\MPAPI\MPAPI3s.exe
C:\Program Files\Sony Corporation\Image Transfer\SonyTray.exe
C:\Program Files\Canon\CAL\CALMAIN.exe
C:\Program Files\Sony\Sony Picture Utility\VolumeWatcher\SPUVolumeWatcher.exe
C:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe
C:\Program Files\Skype\Plugin Manager\skypePM.exe
C:\Program Files\Common Files\PCSuite\Services\ServiceLayer.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Microsoft Office\OFFICE11\OUTLOOK.EXE
C:\Program Files\Microsoft Office\OFFICE11\WINWORD.EXE
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://login.yahoo.com?.src=ym&.lang=en-US&.intl=us&.done=https%3A%2F%2Fmail.yahoo.com%2Fdc%2Flaunch%3F.rand%3D9s33iertvcb85
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R3 - URLSearchHook: &Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: XBTP06568 Class - {311F9DE8-6126-4EEE-B15F-65CBB3B4F9F6} - C:\Program Files\AOL Security Toolbar\AOL_security_toolbar.dll (file missing)
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\System32\DLA\DLASHX_W.DLL
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar3.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: Easy-WebPrint - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:\Program Files\Canon\Easy-WebPrint\Toolband.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar3.dll
O3 - Toolbar: AOL Security Toolbar - {3BB63FD4-3C00-44D7-94A9-5DE211900DEF} - C:\Program Files\AOL Security Toolbar\AOL_security_toolbar.dll (file missing)
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: &Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [High Definition Audio Property Page Shortcut] HDAShCut.exe
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe
O4 - HKLM\..\Run: [SoundMAX] "C:\Program Files\Analog Devices\SoundMAX\Smax4.exe" /tray
O4 - HKLM\..\Run: [SMSERIAL] sm56hlpr.exe
O4 - HKLM\..\Run: [OpwareSE2] "C:\Program Files\ScanSoft\OmniPageSE2.0\OpwareSE2.exe"
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Elements 4.0\apdproxy.exe"
O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe 
O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
O4 - HKLM\..\Run: [zBrowser Launcher] C:\Program Files\Logitech\iTouch\iTouch.exe
O4 - HKLM\..\Run: [Logitech Utility] Logi_MwX.Exe
O4 - HKLM\..\Run: [Picasa Media Detector] C:\Program Files\Picasa2\PicasaMediaDetector.exe
O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - HKLM\..\Run: [PCSuiteTrayApplication] C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe -startup
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [AVP] "C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\avp.exe"
O4 - HKLM\..\Run: [DLA] C:\WINDOWS\System32\DLA\DLACTRLW.EXE
O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [LogitechSoftwareUpdate] "C:\Program Files\Logitech\Video\ManifestEngine.exe" boot
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [PcSync] C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe /NoDialog
O4 - HKCU\..\Run: [Yahoo! Pager] "C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" -quiet
O4 - HKCU\..\Run: [czihndb] "c:\documents and settingsigqudy\local settings\application data\czihndb.exe" czihndb
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - Startup: Outil de détection de support Picture Motion Browser.lnk = C:\Program Files\Sony\Sony Picture Utility\VolumeWatcher\SPUVolumeWatcher.exe
O4 - Global Startup: Image Transfer.lnk = ?
O4 - Global Startup: SoftStuff Wallpaper Changer.lnk = D:\softstrt.exe
O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: Ajouter à Kaspersky Anti-Bannière - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\ie_banner_deny.htm
O8 - Extra context menu item: Convertir les liens sélectionnés en fichier Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Easy-WebPrint Ajouter à la liste d'impressions - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_AddToList.html
O8 - Extra context menu item: Easy-WebPrint Impression rapide - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_HSPrint.html
O8 - Extra context menu item: Easy-WebPrint Imprimer - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_Print.html
O8 - Extra context menu item: Easy-WebPrint Prévisualiser - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_Preview.html
O8 - Extra context menu item: Ouvrir dans un nouvel onglet d'arrière-plan - res://C:\Program Files\Windows Live Toolbar\Components\fr-fr\msntabres.dll.mui/229?9b41ae26ee96442b90ec29413fd5a43f
O8 - Extra context menu item: Ouvrir dans un nouvel onglet de premier plan - res://C:\Program Files\Windows Live Toolbar\Components\fr-fr\msntabres.dll.mui/230?9b41ae26ee96442b90ec29413fd5a43f
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra button: Statistiques d’Anti-Virus Internet - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\SCIEPlgn.dll
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {1FF43AD5-2262-4C2F-81D4-26D710C3F305} (VB2S Mannequin Virtuel Control) - http://mannequin.redoute.fr/activex/Mannequin.cab
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {4871A87A-BFDD-4106-8153-FFDE2BAC2967} (DLM Control) - http://dlm.tools.akamai.com/dlmanager/versions/activex/dlm-activex-2.2.3.7.cab
O16 - DPF: {63308B48-F435-42FD-AB0A-3564C7BEF9D7} (Toontown Install/Update Helper French) - https://iplay.fr.toontown.com/download/sv1.5.19.5/ttinst-french.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~3\GOEC62~1.DLL,C:\PROGRA~1\KASPER~1\KASPER~2.0\adialhk.dll
O23 - Service: Adobe Active File Monitor V4 (AdobeActiveFileMonitor4.0) - Unknown owner - C:\Program Files\Adobe\Photoshop Elements 4.0\PhotoshopElementsFileAgent.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Kaspersky Internet Security 7.0 (AVP) - Kaspersky Lab - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\avp.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Canon Camera Access Library 8 (CCALib8) - Canon Inc. - C:\Program Files\Canon\CAL\CALMAIN.exe
O23 - Service: GoogleDesktopManager - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: Windows CardSpace (idsvc) - Unknown owner - C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe (file missing)
O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32
vsvc32.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\Common Files\PCSuite\Services\ServiceLayer.exe

E..T · Answer

Re,

Fais ce qui suit

Télécharge combofix : http://download.bleepingcomputer.com/sUBs/ComboFix.exe


-> Double clique combofix.exe.
-> Tape sur la touche 1 (Yes) pour démarrer le scan.
-> Lorsque le scan sera complété, un rapport apparaîtra. Copie/colle ce rapport dans ta prochaine réponse.

NOTE : Le rapport se trouve également ici : C:\Combofix.txt

Avant d'utiliser ComboFix :

-> Déconnecte toi d'internet et referme les fenêtres de tous les programmes en cours.

-> Désactive provisoirement et seulement le temps de l'utilisation de ComboFix, la protection en temps réel de ton Antivirus et de tes Antispywares, qui peuvent géner fortement la procédure de recherche et de nettoyage de l'outil.

Une fois fait, sur ton bureau double-clic sur Combofix.exe.

- Répond oui au message d'avertissement, pour que le programme commence à procéder à l'analyse du pc.

/!\ Pendant la durée de cette étape, ne te sert pas du pc et n'ouvre aucun programmes.

- En fin de scan il est possible que ComboFix ait besoin de redemarrer le pc pour finaliser la désinfection\recherche, laisses-le faire.

- Un rapport s'ouvrira ensuite dans le bloc notes, ce fichier rapport Combofix.txt, est automatiquement sauvegardé et rangé à C:\Combofix.txt)

-> Réactive la protection en temps réel de ton Antivirus et de tes Antispywares, avant de te reconnecter à internet.

-> Reviens sur le forum, et copie et colle la totalité du contenu de C:\Combofix.txt dans ton prochain message.

-> Tutoriel https://www.bleepingcomputer.com/combofix/fr/comment-utiliser-combofix

@++

Sydney43 · Answer

voilà le rapport Combofix

ComboFix 08-09-03.03 - Rigqudy 2008-09-04 16:51:35.1 - NTFSx86
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.621 [GMT 8:00]
Running from: C:\Documents and Settings\Rigqudy\Desktop\ComboFix.exe
* Created a new restore point

[color=red][b]WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !![/b][/color]
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\Documents and Settings\Rigqudy\Cookies\rigqudy@2o7[2].txt
C:\Documents and Settings\Rigqudy\Cookies\rigqudy@a.hasbro[2].txt
C:\Documents and Settings\Rigqudy\Cookies\rigqudy@fnac[1].txt
C:\Documents and Settings\Rigqudy\Cookies\rigqudy@metrics.adobe[2].txt
C:\Documents and Settings\Rigqudy\Cookies\rigqudy@tracker.affistats[1].txt
C:\WINDOWS\Downloaded Program Files\setup.inf
C:\WINDOWS\winhelp.ini

.
((((((((((((((((((((((((( Files Created from 2008-08-04 to 2008-09-04 )))))))))))))))))))))))))))))))
.

2008-09-03 22:31 . 2008-09-03 22:55 1,182 --a------ C:\mbam-log-2008-09-03 (22-31-04).lnk
2008-09-03 16:02 . 2008-09-03 22:31 <DIR> d-------- C:\Documents and Settings\Administrator\Application Data\Malwarebytes
2008-09-03 16:01 . 2008-09-03 16:01 <DIR> d-------- C:\Documents and Settings\Administrator
2008-09-03 15:28 . 2008-09-03 22:49 <DIR> d-------- C:\Program Files\Malwarebytes' Anti-Malware
2008-09-03 15:28 . 2008-09-03 15:28 <DIR> d-------- C:\Documents and Settings\Rigqudy\Application Data\Malwarebytes
2008-09-03 15:28 . 2008-09-03 15:28 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Malwarebytes
2008-09-03 15:28 . 2008-09-02 00:16 38,528 --a------ C:\WINDOWS\system32\drivers\mbamswissarmy.sys
2008-09-03 15:28 . 2008-09-02 00:16 17,200 --a------ C:\WINDOWS\system32\drivers\mbam.sys
2008-09-03 14:30 . 2008-09-03 15:05 <DIR> d-------- C:\Program Files\Navilog1
2008-09-03 14:29 . 2008-09-03 14:29 571,505 --a------ C:\Navilog1.exe
2008-09-03 12:57 . 2008-09-04 16:22 <DIR> d-------- C:\Lop SD
2008-09-03 11:53 . 2008-09-03 11:53 <DIR> d-------- C:\Program Files\Trend Micro
2008-09-02 11:24 . 2008-09-02 11:24 <DIR> d-------- C:\WINDOWS\system32\scripting
2008-09-02 11:24 . 2008-09-02 11:24 <DIR> d-------- C:\WINDOWS\system32\en
2008-09-02 11:24 . 2008-09-02 11:24 <DIR> d-------- C:\WINDOWS\system32\bits
2008-09-02 11:24 . 2008-09-02 11:24 <DIR> d-------- C:\WINDOWS\l2schemas
2008-09-02 11:19 . 2008-09-02 11:25 <DIR> d-------- C:\WINDOWS\ServicePackFiles
2008-09-01 12:00 . 2008-09-01 12:09 <DIR> d-------- C:\Program Files\Spybot - Search & Destroy
2008-09-01 12:00 . 2008-09-02 09:14 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
2008-08-30 07:06 . 2008-04-14 08:12 1,737,856 --------- C:\WINDOWS\system32\mtxparhd.dll
2008-08-30 07:05 . 2004-08-03 22:41 1,041,536 --------- C:\WINDOWS\system32\drivers\hsfdpsp2.sys
2008-08-30 07:04 . 2008-04-14 08:11 1,888,992 --------- C:\WINDOWS\system32\ati3duag.dll
2008-08-20 17:17 . 2008-08-20 17:18 <DIR> d-------- C:\Program Files\iTunes
2008-08-19 10:31 . 2008-08-19 10:31 245 --a------ C:\WINDOWS\TLCAPPS.INI
2008-08-18 10:58 . 2008-04-12 03:04 691,712 -----c--- C:\WINDOWS\system32\dllcache\inetcomm.dll

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-09-04 09:01 --------- d-----w C:\Documents and Settings\Rigqudy\Application Data\skypePM
2008-09-04 09:00 34,178,848 --sha-w C:\WINDOWS\system32\drivers\fidbox.dat
2008-09-04 09:00 --------- d-----w C:\Documents and Settings\Rigqudy\Application Data\Skype
2008-09-04 08:59 939,040 --sha-w C:\WINDOWS\system32\drivers\fidbox2.dat
2008-09-04 08:57 91,076 --sha-w C:\WINDOWS\system32\drivers\fidbox2.idx
2008-09-04 08:57 460,796 --sha-w C:\WINDOWS\system32\drivers\fidbox.idx
2008-09-03 22:49 --------- d-----w C:\Documents and Settings\All Users\Application Data\Kaspersky Lab
2008-09-02 11:11 --------- d-----w C:\Program Files\MSN Messenger
2008-08-28 15:24 --------- d-----w C:\Documents and Settings\Rigqudy\Application Data\ZoomBrowser EX
2008-08-28 15:23 --------- d-----w C:\Documents and Settings\All Users\Application Data\ZoomBrowser
2008-08-20 09:17 --------- d-----w C:\Program Files\iPod
2008-08-19 02:30 --------- d-----w C:\Program Files\Mindscape
2008-08-18 04:22 96,976 ----a-w C:\WINDOWS\system32\drivers\klin.dat
2008-08-02 06:56 --------- d--h--w C:\Program Files\InstallShield Installation Information
2008-07-31 23:10 --------- d-----w C:\Documents and Settings\Rigqudy\Application Data\Canon
2008-07-24 12:12 87,855 ----a-w C:\WINDOWS\system32\drivers\klick.dat
2008-07-23 23:27 --------- d-----w C:\Program Files\Bonjour
2008-07-23 23:26 --------- d-----w C:\Program Files\QuickTime
2008-07-23 23:13 --------- d-----w C:\Program Files\Safari
2008-07-23 11:38 --------- d-----w C:\Program Files\Sun
2008-07-23 11:37 --------- d-----w C:\Program Files\Java
2008-07-10 01:35 32,000 ----a-w C:\WINDOWS\system32\drivers\usbaapl.sys
2008-03-31 01:25 17,788,920 ----a-w C:\Program Files\antivir_workstation_win7u_en_h.exe
2008-01-14 06:02 32 ----a-w C:\Documents and Settings\All Users\Application Data\ezsid.dat
2006-06-13 12:30 317,232 -c--a-w C:\Program Files\dxwebsetup.exe
2006-06-03 07:45 23,488,648 -c--a-w C:\Program Files\AdbeRdr708_fr_FR.exe
2006-06-03 07:30 7,218,088 -c--a-w C:\Program Files\psa30se_fr_fr.exe
2006-06-03 07:25 762,512 -c--a-w C:\Program Files\ytb612_efgsip.exe
2006-06-02 08:03 35,334,432 -c--a-w C:\Program Files\logitech.exe
2006-06-02 05:54 9,402,704 -c--a-w C:\Program Files\SkypeSetup.exe
2006-06-02 05:07 10,738,088 -c--a-w C:\Program Files\SkypeSetup-Beta.exe
.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Skype"="C:\Program Files\Skype\Phone\Skype.exe" [2008-02-01 21898024]
"LogitechSoftwareUpdate"="C:\Program Files\Logitech\Video\ManifestEngine.exe" [2005-06-08 196608]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2008-04-14 15360]
"swg"="C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2007-08-29 68856]
"PcSync"="C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe" [2006-06-27 1449984]
"Yahoo! Pager"="C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" [2007-10-27 3810544]
"SpybotSD TeaTimer"="C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe" [2008-08-18 1832272]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"="C:\WINDOWS\system32\NvCpl.dll" [2005-10-10 7286784]
"NvMediaCenter"="C:\WINDOWS\system32\NvMcTray.dll" [2005-10-10 86016]
"SoundMAXPnP"="C:\Program Files\Analog Devices\Core\smax4pnp.exe" [2005-05-20 925696]
"OpwareSE2"="C:\Program Files\ScanSoft\OmniPageSE2.0\OpwareSE2.exe" [2003-05-08 49152]
"LVCOMSX"="C:\WINDOWS\system32\LVCOMSX.EXE" [2005-12-09 225280]
"Adobe Photo Downloader"="C:\Program Files\Adobe\Photoshop Elements 4.0\apdproxy.exe" [2005-09-08 57344]
"LogitechVideoRepair"="C:\Program Files\Logitech\Video\ISStart.exe" [2005-06-08 458752]
"LogitechVideoTray"="C:\Program Files\Logitech\Video\LogiTray.exe" [2005-06-08 217088]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe" [2008-06-10 144784]
"zBrowser Launcher"="C:\Program Files\Logitech\iTouch\iTouch.exe" [2004-03-18 892928]
"Picasa Media Detector"="C:\Program Files\Picasa2\PicasaMediaDetector.exe" [2005-10-29 335872]
"Google Desktop Search"="C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" [2007-08-28 1838592]
"PCSuiteTrayApplication"="C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe" [2006-06-15 229376]
"Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-01-11 39792]
"DLA"="C:\WINDOWS\System32\DLA\DLACTRLW.EXE" [2006-06-13 127036]
"AppleSyncNotifier"="C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe" [2008-07-10 116040]
"QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [2008-05-27 413696]
"iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe" [2008-07-30 289064]
"AVP"="C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\avp.exe" [2008-02-08 227856]
"nwiz"="nwiz.exe" [2005-10-10 C:\WINDOWS\system32\nwiz.exe]
"High Definition Audio Property Page Shortcut"="HDAShCut.exe" [2004-10-27 C:\WINDOWS\system32\HdAShCut.exe]
"SMSERIAL"="sm56hlpr.exe" [2004-06-29 C:\WINDOWS\sm56hlpr.exe]
"Logitech Utility"="Logi_MwX.Exe" [2002-11-08 C:\WINDOWS\LOGI_MWX.EXE]

C:\Documents and Settings\Rigqudy\Start Menu\Programs\Startup\
Outil de d‚tection de support Picture Motion Browser.lnk - C:\Program Files\Sony\Sony Picture Utility\VolumeWatcher\SPUVolumeWatcher.exe [2008-06-26 368640]

C:\Documents and Settings\All Users\Start Menu\Programs\Startup\
Image Transfer.lnk - C:\Program Files\Sony Corporation\Image Transfer\SonyTray.exe [2006-06-02 73728]
SoftStuff Wallpaper Changer.lnk - D:\softstrt.exe [2006-06-08 180736]

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\KasperskyAntiVirus]
"DisableMonitoring"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"C:\\Program Files\\Yahoo!\\Messenger\\YahooMessenger.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"C:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"C:\\Program Files\\iTunes\\iTunes.exe"=
"C:\\Program Files\\MSN Messenger\\msnmsgr.exe"=
"C:\\Program Files\\MSN Messenger\\livecall.exe"=
"C:\\Program Files\\Skype\\Phone\\Skype.exe"=

R3 klim5;Kaspersky Anti-Virus NDIS Filter;C:\WINDOWS\system32\DRIVERS\klim5.sys [2007-12-13 24592]
S3 LVPrcMon;Logitech LVPrcMon Driver;C:\WINDOWS\system32\drivers\LVPrcMon.sys [2005-12-09 16768]

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{ab601f7b-1a11-11db-957a-0015f25b4c29}]
\Shell\AutoRun\command - F:\setupSNK.exe
.
Contents of the 'Scheduled Tasks' folder
.
- - - - ORPHANS REMOVED - - - -

HKCU-Run-czihndb - c:\documents and settings\rigqudy\local settings\application data\czihndb.exe

.
------- Supplementary Scan -------
.
R0 -: HKCU-Main,Start Page = hxxp://fr.mg40.mail.yahoo.com/dc/launch?.rand=9s33iertvcb85
R0 -: HKCU-Main,SearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
R1 -: HKCU-Internet Settings,ProxyOverride = *.local
R1 -: HKCU-SearchURL,(Default) = hxxp://www.google.com/search?q=%s
O8 -: &Windows Live Search - C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O8 -: Ajouter à Kaspersky Anti-Bannière
O8 -: Convertir les liens sélectionnés en fichier Adobe PDF - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 -: E&xporter vers Microsoft Excel - C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 -: Easy-WebPrint Ajouter à la liste d'impressions - C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_AddToList.html
O8 -: Easy-WebPrint Impression rapide - C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_HSPrint.html
O8 -: Easy-WebPrint Imprimer - C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_Print.html
O8 -: Easy-WebPrint Prévisualiser - C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_Preview.html
O8 -: Ouvrir dans un nouvel onglet d'arrière-plan - C:\Program Files\Windows Live Toolbar\Components\fr-fr\msntabres.dll.mui/229?9b41ae26ee96442b90ec29413fd5a43f
O8 -: Ouvrir dans un nouvel onglet de premier plan - C:\Program Files\Windows Live Toolbar\Components\fr-fr\msntabres.dll.mui/230?9b41ae26ee96442b90ec29413fd5a43f

O16 -: {1FF43AD5-2262-4C2F-81D4-26D710C3F305} - hxxp://mannequin.redoute.fr/activex/Mannequin.cab
C:\WINDOWS\Downloaded Program Files\mannequin.dll

O16 -: {4871A87A-BFDD-4106-8153-FFDE2BAC2967} - hxxp://dlm.tools.akamai.com/dlmanager/versions/activex/dlm-activex-2.2.3.7.cab
C:\WINDOWS\Downloaded Program Files\DownloadManagerV2.inf
C:\WINDOWS\Downloaded Program Files\Manager.exe
C:\WINDOWS\Downloaded Program Files\DownloadManagerV2.ocx

O16 -: {63308B48-F435-42FD-AB0A-3564C7BEF9D7} - hxxps://iplay.fr.toontown.com/download/sv1.5.19.5/ttinst-french.cab
C:\WINDOWS\Downloaded Program Files\ttinst-french.inf
C:\WINDOWS\Downloaded Program Files\ttinst-french.dll
.

**************************************************************************

catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-09-04 16:58:36
Windows 5.1.2600 Service Pack 3 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
------------------------ Other Running Processes ------------------------
.
C:\Program Files\Adobe\Photoshop Elements 4.0\PhotoshopElementsFileAgent.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Canon\CAL\CALMAIN.exe
C:\Program Files\Logitech\MouseWare\system\EM_EXEC.EXE
C:\Program Files\Logitech\Video\FxSvr2.exe
C:\Program Files\Yahoo!\Messenger\Ymsgr_tray.exe
C:\Program Files\Skype\Plugin Manager\skypePM.exe
C:\PROGRA~1\COMMON~1\Nokia\MPAPI\MPAPI3s.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\Common Files\PCSuite\Services\ServiceLayer.exe
C:\Program Files\iPod\bin\iPodService.exe
.
**************************************************************************
.
Completion time: 2008-09-04 17:12:15 - machine was rebooted
ComboFix-quarantined-files.txt 2008-09-04 09:12:05

Pre-Run: 22,122,885,120 bytes free
Post-Run: 22,201,819,136 bytes free

204 --- E O F --- 2008-09-02 12:07:14

A+

E..T · Answer

Merki Geoffrey ;-))   (+1)

Sydney43, suit ses conseils.

Moi je suis tout ça avec attention.

Encore merçi geoffrey.
Bon courage sydney!
++++

geoffrey5 · Answer

mais de rien  ;-)

Sydney43 · Answer

Merci à toi Geoffrey de m'aider aussi et pendant que j'y suis merci de toute ton aide E..T !!!!

alors voici le rapport combofix:

ComboFix 08-09-03.03 - Rigqudy 2008-09-04 20:03:10.2 - NTFSx86
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.639 [GMT 8:00]
Running from: C:\Documents and Settings\Rigqudy\Desktop\ComboFix.exe
Command switches used :: C:\CFScript.txt
* Created a new restore point

[color=red][b]WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !![/b][/color]
.

((((((((((((((((((((((((( Files Created from 2008-08-04 to 2008-09-04 )))))))))))))))))))))))))))))))
.

2008-09-03 22:31 . 2008-09-03 22:55 1,182 --a------ C:\mbam-log-2008-09-03 (22-31-04).lnk
2008-09-03 16:02 . 2008-09-03 22:31 <DIR> d-------- C:\Documents and Settings\Administrator\Application Data\Malwarebytes
2008-09-03 16:01 . 2008-09-03 16:01 <DIR> d-------- C:\Documents and Settings\Administrator
2008-09-03 15:28 . 2008-09-03 22:49 <DIR> d-------- C:\Program Files\Malwarebytes' Anti-Malware
2008-09-03 15:28 . 2008-09-03 15:28 <DIR> d-------- C:\Documents and Settings\Rigqudy\Application Data\Malwarebytes
2008-09-03 15:28 . 2008-09-03 15:28 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Malwarebytes
2008-09-03 15:28 . 2008-09-02 00:16 38,528 --a------ C:\WINDOWS\system32\drivers\mbamswissarmy.sys
2008-09-03 15:28 . 2008-09-02 00:16 17,200 --a------ C:\WINDOWS\system32\drivers\mbam.sys
2008-09-03 14:30 . 2008-09-03 15:05 <DIR> d-------- C:\Program Files\Navilog1
2008-09-03 14:29 . 2008-09-03 14:29 571,505 --a------ C:\Navilog1.exe
2008-09-03 12:57 . 2008-09-04 16:22 <DIR> d-------- C:\Lop SD
2008-09-03 11:53 . 2008-09-03 11:53 <DIR> d-------- C:\Program Files\Trend Micro
2008-09-02 11:24 . 2008-09-02 11:24 <DIR> d-------- C:\WINDOWS\system32\scripting
2008-09-02 11:24 . 2008-09-02 11:24 <DIR> d-------- C:\WINDOWS\system32\en
2008-09-02 11:24 . 2008-09-02 11:24 <DIR> d-------- C:\WINDOWS\system32\bits
2008-09-02 11:24 . 2008-09-02 11:24 <DIR> d-------- C:\WINDOWS\l2schemas
2008-09-02 11:19 . 2008-09-02 11:25 <DIR> d-------- C:\WINDOWS\ServicePackFiles
2008-09-01 12:00 . 2008-09-01 12:09 <DIR> d-------- C:\Program Files\Spybot - Search & Destroy
2008-09-01 12:00 . 2008-09-02 09:14 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
2008-08-30 07:06 . 2008-04-14 08:12 1,737,856 --------- C:\WINDOWS\system32\mtxparhd.dll
2008-08-30 07:05 . 2004-08-03 22:41 1,041,536 --------- C:\WINDOWS\system32\drivers\hsfdpsp2.sys
2008-08-30 07:04 . 2008-04-14 08:11 1,888,992 --------- C:\WINDOWS\system32\ati3duag.dll
2008-08-20 17:17 . 2008-08-20 17:18 <DIR> d-------- C:\Program Files\iTunes
2008-08-19 10:31 . 2008-08-19 10:31 245 --a------ C:\WINDOWS\TLCAPPS.INI
2008-08-18 10:58 . 2008-04-12 03:04 691,712 -----c--- C:\WINDOWS\system32\dllcache\inetcomm.dll

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-09-04 12:08 --------- d-----w C:\Documents and Settings\Rigqudy\Application Data\Skype
2008-09-04 12:07 942,368 --sha-w C:\WINDOWS\system32\drivers\fidbox2.dat
2008-09-04 12:07 34,327,584 --sha-w C:\WINDOWS\system32\drivers\fidbox.dat
2008-09-04 09:16 --------- d-----w C:\Documents and Settings\All Users\Application Data\Kaspersky Lab
2008-09-04 09:01 --------- d-----w C:\Documents and Settings\Rigqudy\Application Data\skypePM
2008-09-04 08:57 91,076 --sha-w C:\WINDOWS\system32\drivers\fidbox2.idx
2008-09-04 08:57 460,796 --sha-w C:\WINDOWS\system32\drivers\fidbox.idx
2008-09-02 11:11 --------- d-----w C:\Program Files\MSN Messenger
2008-08-28 15:24 --------- d-----w C:\Documents and Settings\Rigqudy\Application Data\ZoomBrowser EX
2008-08-28 15:23 --------- d-----w C:\Documents and Settings\All Users\Application Data\ZoomBrowser
2008-08-20 09:17 --------- d-----w C:\Program Files\iPod
2008-08-19 02:30 --------- d-----w C:\Program Files\Mindscape
2008-08-18 04:22 96,976 ----a-w C:\WINDOWS\system32\drivers\klin.dat
2008-08-02 06:56 --------- d--h--w C:\Program Files\InstallShield Installation Information
2008-07-31 23:10 --------- d-----w C:\Documents and Settings\Rigqudy\Application Data\Canon
2008-07-24 12:12 87,855 ----a-w C:\WINDOWS\system32\drivers\klick.dat
2008-07-23 23:27 --------- d-----w C:\Program Files\Bonjour
2008-07-23 23:26 --------- d-----w C:\Program Files\QuickTime
2008-07-23 23:13 --------- d-----w C:\Program Files\Safari
2008-07-23 11:38 --------- d-----w C:\Program Files\Sun
2008-07-23 11:37 --------- d-----w C:\Program Files\Java
2008-07-18 14:10 94,920 ----a-w C:\WINDOWS\system32\cdm.dll
2008-07-18 14:10 53,448 ----a-w C:\WINDOWS\system32\wuauclt.exe
2008-07-18 14:10 45,768 ----a-w C:\WINDOWS\system32\wups2.dll
2008-07-18 14:10 36,552 ----a-w C:\WINDOWS\system32\wups.dll
2008-07-18 14:09 563,912 ----a-w C:\WINDOWS\system32\wuapi.dll
2008-07-18 14:09 325,832 ----a-w C:\WINDOWS\system32\wucltui.dll
2008-07-18 14:09 205,000 ----a-w C:\WINDOWS\system32\wuweb.dll
2008-07-18 14:09 1,811,656 ----a-w C:\WINDOWS\system32\wuaueng.dll
2008-07-18 14:07 270,880 ----a-w C:\WINDOWS\system32\mucltui.dll
2008-07-18 14:07 210,976 ----a-w C:\WINDOWS\system32\muweb.dll
2008-07-10 01:35 32,000 ----a-w C:\WINDOWS\system32\drivers\usbaapl.sys
2008-07-07 20:26 253,952 ----a-w C:\WINDOWS\system32\es.dll
2008-06-24 16:43 74,240 ----a-w C:\WINDOWS\system32\mscms.dll
2008-06-23 16:57 826,368 ----a-w C:\WINDOWS\system32\wininet.dll
2008-06-20 17:46 245,248 ----a-w C:\WINDOWS\system32\mswsock.dll
2008-03-31 01:25 17,788,920 ----a-w C:\Program Files\antivir_workstation_win7u_en_h.exe
2008-01-14 06:02 32 ----a-w C:\Documents and Settings\All Users\Application Data\ezsid.dat
2006-06-13 12:30 317,232 -c--a-w C:\Program Files\dxwebsetup.exe
2006-06-03 07:45 23,488,648 -c--a-w C:\Program Files\AdbeRdr708_fr_FR.exe
2006-06-03 07:30 7,218,088 -c--a-w C:\Program Files\psa30se_fr_fr.exe
2006-06-03 07:25 762,512 -c--a-w C:\Program Files\ytb612_efgsip.exe
2006-06-02 08:03 35,334,432 -c--a-w C:\Program Files\logitech.exe
2006-06-02 05:54 9,402,704 -c--a-w C:\Program Files\SkypeSetup.exe
2006-06-02 05:07 10,738,088 -c--a-w C:\Program Files\SkypeSetup-Beta.exe
.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Skype"="C:\Program Files\Skype\Phone\Skype.exe" [2008-02-01 21898024]
"LogitechSoftwareUpdate"="C:\Program Files\Logitech\Video\ManifestEngine.exe" [2005-06-08 196608]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2008-04-14 15360]
"swg"="C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2007-08-29 68856]
"PcSync"="C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe" [2006-06-27 1449984]
"Yahoo! Pager"="C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" [2007-10-27 3810544]
"SpybotSD TeaTimer"="C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe" [2008-08-18 1832272]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"="C:\WINDOWS\system32\NvCpl.dll" [2005-10-10 7286784]
"NvMediaCenter"="C:\WINDOWS\system32\NvMcTray.dll" [2005-10-10 86016]
"SoundMAXPnP"="C:\Program Files\Analog Devices\Core\smax4pnp.exe" [2005-05-20 925696]
"OpwareSE2"="C:\Program Files\ScanSoft\OmniPageSE2.0\OpwareSE2.exe" [2003-05-08 49152]
"LVCOMSX"="C:\WINDOWS\system32\LVCOMSX.EXE" [2005-12-09 225280]
"Adobe Photo Downloader"="C:\Program Files\Adobe\Photoshop Elements 4.0\apdproxy.exe" [2005-09-08 57344]
"LogitechVideoRepair"="C:\Program Files\Logitech\Video\ISStart.exe" [2005-06-08 458752]
"LogitechVideoTray"="C:\Program Files\Logitech\Video\LogiTray.exe" [2005-06-08 217088]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe" [2008-06-10 144784]
"zBrowser Launcher"="C:\Program Files\Logitech\iTouch\iTouch.exe" [2004-03-18 892928]
"Picasa Media Detector"="C:\Program Files\Picasa2\PicasaMediaDetector.exe" [2005-10-29 335872]
"Google Desktop Search"="C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" [2007-08-28 1838592]
"PCSuiteTrayApplication"="C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe" [2006-06-15 229376]
"Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-01-11 39792]
"DLA"="C:\WINDOWS\System32\DLA\DLACTRLW.EXE" [2006-06-13 127036]
"AppleSyncNotifier"="C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe" [2008-07-10 116040]
"QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [2008-05-27 413696]
"iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe" [2008-07-30 289064]
"nwiz"="nwiz.exe" [2005-10-10 C:\WINDOWS\system32\nwiz.exe]
"High Definition Audio Property Page Shortcut"="HDAShCut.exe" [2004-10-27 C:\WINDOWS\system32\HdAShCut.exe]
"SMSERIAL"="sm56hlpr.exe" [2004-06-29 C:\WINDOWS\sm56hlpr.exe]
"Logitech Utility"="Logi_MwX.Exe" [2002-11-08 C:\WINDOWS\LOGI_MWX.EXE]

C:\Documents and Settings\Rigqudy\Start Menu\Programs\Startup\
Outil de d‚tection de support Picture Motion Browser.lnk - C:\Program Files\Sony\Sony Picture Utility\VolumeWatcher\SPUVolumeWatcher.exe [2008-06-26 368640]

C:\Documents and Settings\All Users\Start Menu\Programs\Startup\
Image Transfer.lnk - C:\Program Files\Sony Corporation\Image Transfer\SonyTray.exe [2006-06-02 73728]
SoftStuff Wallpaper Changer.lnk - D:\softstrt.exe [2006-06-08 180736]

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\KasperskyAntiVirus]
"DisableMonitoring"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"C:\\Program Files\\Yahoo!\\Messenger\\YahooMessenger.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"C:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"C:\\Program Files\\iTunes\\iTunes.exe"=
"C:\\Program Files\\MSN Messenger\\msnmsgr.exe"=
"C:\\Program Files\\MSN Messenger\\livecall.exe"=
"C:\\Program Files\\Skype\\Phone\\Skype.exe"=

R3 klim5;Kaspersky Anti-Virus NDIS Filter;C:\WINDOWS\system32\DRIVERS\klim5.sys [2007-12-13 24592]
S3 LVPrcMon;Logitech LVPrcMon Driver;C:\WINDOWS\system32\drivers\LVPrcMon.sys [2005-12-09 16768]

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{ab601f7b-1a11-11db-957a-0015f25b4c29}]
\Shell\AutoRun\command - F:\setupSNK.exe
.
Contents of the 'Scheduled Tasks' folder
.

**************************************************************************

catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-09-04 20:08:12
Windows 5.1.2600 Service Pack 3 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

**************************************************************************
.
Completion time: 2008-09-04 20:11:17
ComboFix-quarantined-files.txt 2008-09-04 12:10:11
ComboFix2.txt 2008-09-04 09:12:16

Pre-Run: 22,264,373,248 bytes free
Post-Run: 22,240,763,904 bytes free

158 --- E O F --- 2008-09-02 12:07:14

puis le rapport hijackthis:
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 20:13:16, on 04/09/2008
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16705)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Adobe\Photoshop Elements 4.0\PhotoshopElementsFileAgent.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\avp.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\Analog Devices\Core\smax4pnp.exe
C:\WINDOWS\sm56hlpr.exe
C:\Program Files\ScanSoft\OmniPageSE2.0\OpwareSE2.exe
C:\WINDOWS\system32\LVCOMSX.EXE
C:\Program Files\Logitech\Video\LogiTray.exe
C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
C:\Program Files\Logitech\iTouch\iTouch.exe
C:\Program Files\Picasa2\PicasaMediaDetector.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe
C:\Program Files\Canon\CAL\CALMAIN.exe
C:\Program Files\Logitech\MouseWare\system\em_exec.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Program Files\Sony Corporation\Image Transfer\SonyTray.exe
C:\Program Files\Logitech\Video\FxSvr2.exe
C:\Program Files\Sony\Sony Picture Utility\VolumeWatcher\SPUVolumeWatcher.exe
C:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe
C:\Program Files\Skype\Plugin Manager\skypePM.exe
C:\PROGRA~1\COMMON~1\Nokia\MPAPI\MPAPI3s.exe
C:\Program Files\Common Files\PCSuite\Services\ServiceLayer.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\avp.exe
C:\WINDOWS\explorer.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://login.yahoo.com?.src=ym&.lang=en-US&.intl=us&.done=https%3A%2F%2Fmail.yahoo.com%2Fdc%2Flaunch%3F.rand%3D9s33iertvcb85
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R3 - URLSearchHook: &Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: XBTP06568 Class - {311F9DE8-6126-4EEE-B15F-65CBB3B4F9F6} - C:\Program Files\AOL Security Toolbar\AOL_security_toolbar.dll (file missing)
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\System32\DLA\DLASHX_W.DLL
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar3.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: Easy-WebPrint - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:\Program Files\Canon\Easy-WebPrint\Toolband.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar3.dll
O3 - Toolbar: AOL Security Toolbar - {3BB63FD4-3C00-44D7-94A9-5DE211900DEF} - C:\Program Files\AOL Security Toolbar\AOL_security_toolbar.dll (file missing)
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: &Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [High Definition Audio Property Page Shortcut] HDAShCut.exe
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe
O4 - HKLM\..\Run: [SMSERIAL] sm56hlpr.exe
O4 - HKLM\..\Run: [OpwareSE2] "C:\Program Files\ScanSoft\OmniPageSE2.0\OpwareSE2.exe"
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Elements 4.0\apdproxy.exe"
O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe
O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
O4 - HKLM\..\Run: [zBrowser Launcher] C:\Program Files\Logitech\iTouch\iTouch.exe
O4 - HKLM\..\Run: [Logitech Utility] Logi_MwX.Exe
O4 - HKLM\..\Run: [Picasa Media Detector] C:\Program Files\Picasa2\PicasaMediaDetector.exe
O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - HKLM\..\Run: [PCSuiteTrayApplication] C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe -startup
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [DLA] C:\WINDOWS\System32\DLA\DLACTRLW.EXE
O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [LogitechSoftwareUpdate] "C:\Program Files\Logitech\Video\ManifestEngine.exe" boot
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [PcSync] C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe /NoDialog
O4 - HKCU\..\Run: [Yahoo! Pager] "C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" -quiet
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - Startup: Outil de détection de support Picture Motion Browser.lnk = C:\Program Files\Sony\Sony Picture Utility\VolumeWatcher\SPUVolumeWatcher.exe
O4 - Global Startup: Image Transfer.lnk = ?
O4 - Global Startup: SoftStuff Wallpaper Changer.lnk = D:\softstrt.exe
O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: Ajouter à Kaspersky Anti-Bannière - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\ie_banner_deny.htm
O8 - Extra context menu item: Convertir les liens sélectionnés en fichier Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Easy-WebPrint Ajouter à la liste d'impressions - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_AddToList.html
O8 - Extra context menu item: Easy-WebPrint Impression rapide - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_HSPrint.html
O8 - Extra context menu item: Easy-WebPrint Imprimer - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_Print.html
O8 - Extra context menu item: Easy-WebPrint Prévisualiser - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_Preview.html
O8 - Extra context menu item: Ouvrir dans un nouvel onglet d'arrière-plan - res://C:\Program Files\Windows Live Toolbar\Components\fr-fr\msntabres.dll.mui/229?9b41ae26ee96442b90ec29413fd5a43f
O8 - Extra context menu item: Ouvrir dans un nouvel onglet de premier plan - res://C:\Program Files\Windows Live Toolbar\Components\fr-fr\msntabres.dll.mui/230?9b41ae26ee96442b90ec29413fd5a43f
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra button: Statistiques d’Anti-Virus Internet - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\SCIEPlgn.dll
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {1FF43AD5-2262-4C2F-81D4-26D710C3F305} (VB2S Mannequin Virtuel Control) - http://mannequin.redoute.fr/activex/Mannequin.cab
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {4871A87A-BFDD-4106-8153-FFDE2BAC2967} (DLM Control) - http://dlm.tools.akamai.com/dlmanager/versions/activex/dlm-activex-2.2.3.7.cab
O16 - DPF: {63308B48-F435-42FD-AB0A-3564C7BEF9D7} (Toontown Install/Update Helper French) - https://iplay.fr.toontown.com/download/sv1.5.19.5/ttinst-french.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: Adobe Active File Monitor V4 (AdobeActiveFileMonitor4.0) - Unknown owner - C:\Program Files\Adobe\Photoshop Elements 4.0\PhotoshopElementsFileAgent.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Kaspersky Internet Security 7.0 (AVP) - Kaspersky Lab - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\avp.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Canon Camera Access Library 8 (CCALib8) - Canon Inc. - C:\Program Files\Canon\CAL\CALMAIN.exe
O23 - Service: GoogleDesktopManager - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: Windows CardSpace (idsvc) - Unknown owner - C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe (file missing)
O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\Common Files\PCSuite\Services\ServiceLayer.exe

Sydney43 · Answer

et voilà...c'était rapide

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 20:19:55, on 04/09/2008
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16705)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Adobe\Photoshop Elements 4.0\PhotoshopElementsFileAgent.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\avp.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\system32
vsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\Analog Devices\Core\smax4pnp.exe
C:\WINDOWS\sm56hlpr.exe
C:\Program Files\ScanSoft\OmniPageSE2.0\OpwareSE2.exe
C:\WINDOWS\system32\LVCOMSX.EXE
C:\Program Files\Logitech\Video\LogiTray.exe
C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
C:\Program Files\Logitech\iTouch\iTouch.exe
C:\Program Files\Picasa2\PicasaMediaDetector.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe
C:\Program Files\Canon\CAL\CALMAIN.exe
C:\Program Files\Logitech\MouseWare\system\em_exec.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Program Files\Sony Corporation\Image Transfer\SonyTray.exe
C:\Program Files\Logitech\Video\FxSvr2.exe
C:\Program Files\Sony\Sony Picture Utility\VolumeWatcher\SPUVolumeWatcher.exe
C:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe
C:\Program Files\Skype\Plugin Manager\skypePM.exe
C:\PROGRA~1\COMMON~1\Nokia\MPAPI\MPAPI3s.exe
C:\Program Files\Common Files\PCSuite\Services\ServiceLayer.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\avp.exe
C:\WINDOWS\explorer.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\WINDOWS\explorer.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://login.yahoo.com?.src=ym&.lang=en-US&.intl=us&.done=https%3A%2F%2Fmail.yahoo.com%2Fdc%2Flaunch%3F.rand%3D9s33iertvcb85
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R3 - URLSearchHook: &Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: XBTP06568 Class - {311F9DE8-6126-4EEE-B15F-65CBB3B4F9F6} - C:\Program Files\AOL Security Toolbar\AOL_security_toolbar.dll (file missing)
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\System32\DLA\DLASHX_W.DLL
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar3.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: Easy-WebPrint - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:\Program Files\Canon\Easy-WebPrint\Toolband.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar3.dll
O3 - Toolbar: AOL Security Toolbar - {3BB63FD4-3C00-44D7-94A9-5DE211900DEF} - C:\Program Files\AOL Security Toolbar\AOL_security_toolbar.dll (file missing)
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: &Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [High Definition Audio Property Page Shortcut] HDAShCut.exe
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe
O4 - HKLM\..\Run: [SMSERIAL] sm56hlpr.exe
O4 - HKLM\..\Run: [OpwareSE2] "C:\Program Files\ScanSoft\OmniPageSE2.0\OpwareSE2.exe"
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Elements 4.0\apdproxy.exe"
O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe 
O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
O4 - HKLM\..\Run: [zBrowser Launcher] C:\Program Files\Logitech\iTouch\iTouch.exe
O4 - HKLM\..\Run: [Logitech Utility] Logi_MwX.Exe
O4 - HKLM\..\Run: [Picasa Media Detector] C:\Program Files\Picasa2\PicasaMediaDetector.exe
O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - HKLM\..\Run: [PCSuiteTrayApplication] C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe -startup
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [DLA] C:\WINDOWS\System32\DLA\DLACTRLW.EXE
O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [LogitechSoftwareUpdate] "C:\Program Files\Logitech\Video\ManifestEngine.exe" boot
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [PcSync] C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe /NoDialog
O4 - HKCU\..\Run: [Yahoo! Pager] "C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" -quiet
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - Startup: Outil de détection de support Picture Motion Browser.lnk = C:\Program Files\Sony\Sony Picture Utility\VolumeWatcher\SPUVolumeWatcher.exe
O4 - Global Startup: Image Transfer.lnk = ?
O4 - Global Startup: SoftStuff Wallpaper Changer.lnk = D:\softstrt.exe
O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: Ajouter à Kaspersky Anti-Bannière - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\ie_banner_deny.htm
O8 - Extra context menu item: Convertir les liens sélectionnés en fichier Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Easy-WebPrint Ajouter à la liste d'impressions - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_AddToList.html
O8 - Extra context menu item: Easy-WebPrint Impression rapide - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_HSPrint.html
O8 - Extra context menu item: Easy-WebPrint Imprimer - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_Print.html
O8 - Extra context menu item: Easy-WebPrint Prévisualiser - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_Preview.html
O8 - Extra context menu item: Ouvrir dans un nouvel onglet d'arrière-plan - res://C:\Program Files\Windows Live Toolbar\Components\fr-fr\msntabres.dll.mui/229?9b41ae26ee96442b90ec29413fd5a43f
O8 - Extra context menu item: Ouvrir dans un nouvel onglet de premier plan - res://C:\Program Files\Windows Live Toolbar\Components\fr-fr\msntabres.dll.mui/230?9b41ae26ee96442b90ec29413fd5a43f
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra button: Statistiques d’Anti-Virus Internet - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\SCIEPlgn.dll
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {1FF43AD5-2262-4C2F-81D4-26D710C3F305} (VB2S Mannequin Virtuel Control) - http://mannequin.redoute.fr/activex/Mannequin.cab
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {4871A87A-BFDD-4106-8153-FFDE2BAC2967} (DLM Control) - http://dlm.tools.akamai.com/dlmanager/versions/activex/dlm-activex-2.2.3.7.cab
O16 - DPF: {63308B48-F435-42FD-AB0A-3564C7BEF9D7} (Toontown Install/Update Helper French) - https://iplay.fr.toontown.com/download/sv1.5.19.5/ttinst-french.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: Adobe Active File Monitor V4 (AdobeActiveFileMonitor4.0) - Unknown owner - C:\Program Files\Adobe\Photoshop Elements 4.0\PhotoshopElementsFileAgent.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Kaspersky Internet Security 7.0 (AVP) - Kaspersky Lab - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\avp.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Canon Camera Access Library 8 (CCALib8) - Canon Inc. - C:\Program Files\Canon\CAL\CALMAIN.exe
O23 - Service: GoogleDesktopManager - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: Windows CardSpace (idsvc) - Unknown owner - C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe (file missing)
O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32
vsvc32.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\Common Files\PCSuite\Services\ServiceLayer.exe

geoffrey5 · Answer

relance hijackthis en cliquant sur scan only et coches ces lignes stp :

O2 - BHO: XBTP06568 Class - {311F9DE8-6126-4EEE-B15F-65CBB3B4F9F6} - C:\Program Files\AOL Security Toolbar\AOL_security_toolbar.dll (file missing) 
O3 - Toolbar: AOL Security Toolbar - {3BB63FD4-3C00-44D7-94A9-5DE211900DEF} - C:\Program Files\AOL Security Toolbar\AOL_security_toolbar.dll (file missing) 
O4 - Global Startup: Image Transfer.lnk = ? 
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"     
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime     
O16 - DPF: {4871A87A-BFDD-4106-8153-FFDE2BAC2967} (DLM Control) - http://dlm.tools.akamai.com/dlmanager/versions/activex/dlm-activex-2.2.3.7.cab 

puis tu cliques sur fix checked.

vas aussi faire la mise à niveau d adobe reader à cette adresse :

https://get2.adobe.com/reader/otherversions/


est ce que tu as encore des problemes ??

geoffrey5 · Answer

Mais de rien sydney, c est avec plaisir que je t ai aidé  ;-)

tu peux faire ceci pour terminer stp :

Pour supprimer toutes les traces des logiciels qui ont servi à traiter les infections spécifiques :  

Télécharge toolscleaner sur ton Bureau : 

(c est le numéro 15 en bas de la page) : https://www.androidworld.fr/ 

* Double-clique sur ToolsCleaner2.exe et laisse le travailler 
* Clique sur Recherche et laisse le scan se terminer. 
* Clique sur Suppression pour finaliser. 
* Tu peux, si tu le souhaites, te servir des Options facultatives. 
* Clique sur Quitter, pour que le rapport puisse se créer. 
* Le rapport (TCleaner.txt) se trouve à la racine de votre disque dur (C:\)...colle le dans ta réponse


Désactive et réactive la Restauration du système :
 
1 Dans la barre des tâches de Windows, clique sur Démarrer.
 
2 Clique avec le bouton droit de la souris sur Poste de travail puis clique sur Propriétés.
 
3 Dans l'onglet Restauration du système, coche "Désactiver la Restauration du système"

4 Clique sur Appliquer.
  
5 Ensuite décoche "Désactiver la restauration du systeme"

6 clique sur appliquer puis ok

7 vas créer un point de restauration dans accessoires----outils systeme----restauration du systeme.


Tu peux mettre ton problème résolu !!

Sydney43 · Answer

ok je fais tout ça !!!
bonne nuit

Sydney43 · Answer

voilà tout est fait et voici le rapport TCleaner:

-->- Recherche: 

C:\Navilog1.exe: trouvé !
C:\Lop SD: trouvé !
C:\Qoobox: trouvé !
C:\Documents and Settings\All Users\Desktop\Navilog1.lnk: trouvé !
C:\Documents and Settings\All Users\Start Menu\Programs\HijackThis: trouvé !
C:\Documents and Settings\All Users\Start Menu\Programs\Navilog1: trouvé !
C:\Documents and Settings\All Users\Start Menu\Programs\HijackThis\HijackThis.lnk: trouvé !
C:\Documents and Settings\All Users\Start Menu\Programs\Navilog1\Navilog1.lnk: trouvé !
C:\Documents and Settings\Rigqudy\Desktop\HijackThis.lnk: trouvé !
C:\Documents and Settings\Rigqudy\Desktop\LopSD.exe: trouvé !
C:\Documents and Settings\Rigqudy\Desktop\ComboFix.exe: trouvé !
C:\Documents and Settings\Rigqudy\Recent\HijackThis.lnk: trouvé !
C:\Lop SD\LopSD.exe: trouvé !
C:\Program Files\Navilog1: trouvé !
C:\Program Files\Logitech\iTouch\Drivers\Clean: trouvé !
C:\Program Files\Navilog1\Navilog1.bat: trouvé !
C:\Program Files\Trend Micro\HijackThis: trouvé !
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe: trouvé !

---------------------------------
-->- Suppression: 

C:\Navilog1.exe: supprimé !
C:\Documents and Settings\All Users\Desktop\Navilog1.lnk: supprimé !
C:\Documents and Settings\All Users\Start Menu\Programs\HijackThis\HijackThis.lnk: supprimé !
C:\Documents and Settings\All Users\Start Menu\Programs\Navilog1\Navilog1.lnk: supprimé !
C:\Documents and Settings\Rigqudy\Desktop\HijackThis.lnk: supprimé !
C:\Documents and Settings\Rigqudy\Desktop\LopSD.exe: supprimé !
C:\Documents and Settings\Rigqudy\Desktop\ComboFix.exe: Erreur de suppression !
C:\Documents and Settings\Rigqudy\Recent\HijackThis.lnk: supprimé !
C:\Lop SD\LopSD.exe: supprimé !
C:\Program Files\Navilog1\Navilog1.bat: supprimé !
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe: supprimé !
C:\Lop SD: supprimé !
C:\Qoobox: supprimé !
C:\Documents and Settings\All Users\Start Menu\Programs\HijackThis: supprimé !
C:\Documents and Settings\All Users\Start Menu\Programs\Navilog1: supprimé !
C:\Program Files\Navilog1: supprimé !
C:\Program Files\Logitech\iTouch\Drivers\Clean: supprimé !
C:\Program Files\Trend Micro\HijackThis: supprimé !

merci encore :-)

geoffrey5 · Answer

C est ok  ;-)

Tu peux supprimer combofix qui est sur ton bureau

Bonne nuit @+

Sydney43 · Answer

c'est fait 
pour moi ça va il est 9h du mat...
@++

geoffrey5 · Answer

ah ok lol...Tu habites au quebec ??

Sydney43 · Answer

non, de l'autre côté...à Singapour.

geoffrey5 · Answer

Salut !!

ok  lol

Tu as maintenant mon site internet si ca peut t aider  ;-)

Bonne soirée @+

Sydney43 · Answer

oui, je le garde en mémoire ...
tu es donc en Belgique ?
A+

geoffrey5 · Answer

Et oui la belle Belgique au temps magnifique !!  lol  (il pleut)

geoffrey5 · Answer

lol  quel bel été  :s

Je dois partir...en cas de problèmes, tu reviens quand tu veux ;-)

Bonne fin de soirée à toi @+

Pub intempestive Le Messenger, Spyware Secure

31 réponses

Votre réponse

Discussions similaires

Newsletters