Ads Served by Adssite

jyg -  
jlpjlp Messages postés 52399 Statut Contributeur sécurité -
Bonjour,
Je n'arrive pas à me débarasser de Ads Served by Adssite. J'ai déjà utilisé Ad Aware 2008, Spybot, A-squared, Avg antispyware, il réapparait quand même de temps en temps.
merci de m'indiquer comment procéder pour enfin éradiquer cette saloperie.

Jyg
Configuration: Windows XP
Firefox 2.0.0.17

11 réponses

  1. jyg
     
    Voici le rapport Loop S&D :

    --------------------\\ Lop S&D 4.2.4-6 XP/Vista

    Microsoft Windows XP Édition familiale ( v5.1.2600 ) Service Pack 3
    X86-based PC ( Uniprocessor Free : AMD Athlon(tm) XP 2600+ )
    BIOS : Phoenix - AwardBIOS v6.00PG
    USER : Mélodie ( Administrator )
    BOOT : Normal boot
    Antivirus : avast! antivirus 4.8.1229 [VPS 081020-0] 4.8.1229 (Activated)
    C:\ (Local Disk) - NTFS - Total : 66 Go Free : 12 Go
    D:\ (CD or DVD)
    E:\ (CD or DVD)
    F:\ (USB) - FAT32 - Total : 952 Mo Free : 0 Go

    "C:\Lop SD" ( MAJ : 20-10-2008|20:35 )
    Option : [1] ( 21/10/2008|15:47 )

    --------------------\\ Listing des dossiers dans APPLIC~1

    [19/07/2004|15:02] C:\DOCUME~1\ADMINI~1\APPLIC~1\Adobe
    [24/11/2006|11:54] C:\DOCUME~1\ADMINI~1\APPLIC~1\AOL
    [19/07/2004|09:07] C:\DOCUME~1\ADMINI~1\APPLIC~1\Help
    [16/07/2004|23:29] C:\DOCUME~1\ADMINI~1\APPLIC~1\Identities
    [19/07/2004|15:02] C:\DOCUME~1\ADMINI~1\APPLIC~1\InterTrust
    [02/08/2004|15:13] C:\DOCUME~1\ADMINI~1\APPLIC~1\Macromedia
    [16/07/2004|23:32] C:\DOCUME~1\ADMINI~1\APPLIC~1\Microsoft
    [19/07/2004|09:13] C:\DOCUME~1\ADMINI~1\APPLIC~1\You've Got Pictures Screensaver

    [29/03/2008|15:11] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe
    [28/09/2008|17:40] C:\DOCUME~1\ALLUSE~1\APPLIC~1\agi
    [26/05/2005|08:52] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Ahead
    [19/07/2004|09:13] C:\DOCUME~1\ALLUSE~1\APPLIC~1\AOL
    [08/08/2008|19:02] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple Computer
    [29/05/2005|15:06] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Avg7
    [19/07/2004|09:23] C:\DOCUME~1\ALLUSE~1\APPLIC~1\CyberLink
    [29/09/2007|17:18] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Google
    [21/10/2008|09:20] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Grisoft
    [28/09/2008|17:41] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Kiwee Toolbar
    [18/10/2008|23:30] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Lavasoft
    [19/10/2008|00:21] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Malwarebytes
    [07/06/2008|10:30] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Messenger Plus!
    [02/10/2008|19:23] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft
    [22/10/2007|14:17] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Mozilla
    [29/11/2006|17:09] C:\DOCUME~1\ALLUSE~1\APPLIC~1\MSN6
    [30/08/2008|14:07] C:\DOCUME~1\ALLUSE~1\APPLIC~1\PlayFirst
    [05/06/2005|17:29] C:\DOCUME~1\ALLUSE~1\APPLIC~1\QuickTime
    [16/07/2004|23:36] C:\DOCUME~1\ALLUSE~1\APPLIC~1\SBSI
    [01/03/2005|12:30] C:\DOCUME~1\ALLUSE~1\APPLIC~1\SBT
    [21/10/2008|07:19] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Shim Cdrom Cast Surf
    [19/10/2008|03:49] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Spybot - Search & Destroy
    [19/07/2004|09:13] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Viewpoint
    [27/10/2007|23:02] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Genuine Advantage
    [23/08/2007|18:33] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Live Toolbar
    [06/10/2008|19:41] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WindowsLiveInstaller
    [06/10/2008|19:58] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WLInstaller
    [07/04/2008|14:05] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Yahoo! Companion
    [29/08/2008|19:36] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Zylom

    [19/07/2004|15:02] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Adobe
    [24/11/2006|11:54] C:\DOCUME~1\DEFAUL~1\APPLIC~1\AOL
    [19/07/2004|09:07] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Help
    [16/07/2004|23:29] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Identities
    [19/07/2004|15:02] C:\DOCUME~1\DEFAUL~1\APPLIC~1\InterTrust
    [02/08/2004|15:13] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Macromedia
    [16/07/2004|23:32] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft
    [19/07/2004|09:13] C:\DOCUME~1\DEFAUL~1\APPLIC~1\You've Got Pictures Screensaver

    [28/09/2008|17:42] C:\DOCUME~1\LOCALS~1\APPLIC~1\agi
    [02/10/2008|20:08] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft

    [31/05/2008|11:05] C:\DOCUME~1\Mlodie\APPLIC~1\Adobe

    [08/07/2008|22:25] C:\DOCUME~1\MLODIE~1\APPLIC~1\Adobe
    [28/09/2008|17:41] C:\DOCUME~1\MLODIE~1\APPLIC~1\agi
    [12/08/2007|21:32] C:\DOCUME~1\MLODIE~1\APPLIC~1\Ahead
    [26/10/2007|18:31] C:\DOCUME~1\MLODIE~1\APPLIC~1\Aim
    [24/11/2006|11:54] C:\DOCUME~1\MLODIE~1\APPLIC~1\AOL
    [03/09/2008|07:46] C:\DOCUME~1\MLODIE~1\APPLIC~1\Apple Computer
    [22/01/2007|19:59] C:\DOCUME~1\MLODIE~1\APPLIC~1\CyberLink
    [29/09/2007|20:54] C:\DOCUME~1\MLODIE~1\APPLIC~1\Google
    [19/07/2004|09:07] C:\DOCUME~1\MLODIE~1\APPLIC~1\Help
    [30/08/2008|14:06] C:\DOCUME~1\MLODIE~1\APPLIC~1\Identities
    [19/07/2004|15:02] C:\DOCUME~1\MLODIE~1\APPLIC~1\InterTrust
    [03/08/2008|23:59] C:\DOCUME~1\MLODIE~1\APPLIC~1\LimeWire
    [03/10/2007|21:34] C:\DOCUME~1\MLODIE~1\APPLIC~1\Macromedia
    [19/10/2008|00:21] C:\DOCUME~1\MLODIE~1\APPLIC~1\Malwarebytes
    [06/10/2008|19:50] C:\DOCUME~1\MLODIE~1\APPLIC~1\Microsoft
    [22/10/2007|14:19] C:\DOCUME~1\MLODIE~1\APPLIC~1\Mozilla
    [08/03/2008|17:33] C:\DOCUME~1\MLODIE~1\APPLIC~1\MSN6
    [21/10/2008|11:35] C:\DOCUME~1\MLODIE~1\APPLIC~1\OpenOffice.org2
    [30/08/2008|14:07] C:\DOCUME~1\MLODIE~1\APPLIC~1\PlayFirst
    [24/11/2007|22:11] C:\DOCUME~1\MLODIE~1\APPLIC~1\Sun
    [22/10/2007|14:19] C:\DOCUME~1\MLODIE~1\APPLIC~1\Talkback
    [21/10/2008|07:19] C:\DOCUME~1\MLODIE~1\APPLIC~1\way global dash
    [06/10/2008|19:48] C:\DOCUME~1\MLODIE~1\APPLIC~1\Windows Live Writer
    [19/07/2004|09:13] C:\DOCUME~1\MLODIE~1\APPLIC~1\You've Got Pictures Screensaver
    [30/08/2008|14:06] C:\DOCUME~1\MLODIE~1\APPLIC~1\Zylom

    [29/09/2008|21:19] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft

    --------------------\\ Tâches planifiées dans C:\WINDOWS\tasks

    [21/10/2008 15:00][--ah-----] C:\WINDOWS\tasks\ACCC5D6393B7D183.job
    [16/07/2008 10:11][--ah-----] C:\WINDOWS\tasks\Microsoft_Hardware_Launch_vVX1000_exe.job
    [12/07/2008 13:05][--ah-----] C:\WINDOWS\tasks\Microsoft_Hardware_Launch_setup_exe.job
    [24/04/2003 14:00][-r-h-----] C:\WINDOWS\tasks\desktop.ini
    [20/10/2008 21:01][--ah-----] C:\WINDOWS\tasks\SA.DAT

    ( ACCC5D6393B7D183.job )=( c:\docume~1\mlodie~1\applic~1\wayglo~1\Bashgrimcash.exe )

    --------------------\\ Listing des dossiers dans C:\Program Files

    [05/05/2008|10:45] C:\Program Files\Adobe
    [23/08/2007|16:00] C:\Program Files\ADSL Drivers
    [28/09/2008|17:32] C:\Program Files\AGI
    [26/05/2005|08:57] C:\Program Files\Ahead
    [08/03/2008|17:39] C:\Program Files\Alwil Software
    [21/10/2008|09:15] C:\Program Files\AOL 7.0
    [21/10/2008|09:15] C:\Program Files\AOL 7.0a
    [08/08/2008|18:35] C:\Program Files\AOL 7.0b
    [21/10/2008|11:07] C:\Program Files\a-squared Free
    [19/07/2004|09:06] C:\Program Files\ATI Technologies
    [02/05/2008|14:09] C:\Program Files\CCleaner
    [25/07/2008|14:51] C:\Program Files\Circle Developement
    [16/07/2004|23:36] C:\Program Files\Cr‚ez votre site Web
    [19/07/2004|09:23] C:\Program Files\CyberLink
    [22/10/2007|14:16] C:\Program Files\DivX
    [21/05/2008|22:09] C:\Program Files\DK
    [08/08/2008|18:48] C:\Program Files\Empire Interactive
    [21/08/2008|17:37] C:\Program Files\eMule
    [20/08/2008|14:27] C:\Program Files\EPSON
    [17/10/2008|22:29] C:\Program Files\FenAffiche
    [18/10/2008|23:31] C:\Program Files\Fichiers communs
    [21/09/2008|16:12] C:\Program Files\Football Generation
    [14/01/2007|11:19] C:\Program Files\FSX_Screensaver
    [29/09/2007|17:18] C:\Program Files\Google
    [21/10/2008|11:09] C:\Program Files\Grisoft
    [05/05/2008|10:13] C:\Program Files\HDD Health
    [03/05/2008|19:19] C:\Program Files\HealthMonitor
    [16/07/2004|23:34] C:\Program Files\HighMAT CD Writing Wizard
    [21/09/2008|16:03] C:\Program Files\InstallShield Installation Information
    [15/10/2008|23:54] C:\Program Files\Internet Explorer
    [08/03/2008|18:11] C:\Program Files\Java
    [28/09/2008|17:41] C:\Program Files\Kiwee Toolbar
    [09/03/2008|12:23] C:\Program Files\Lavalys
    [18/10/2008|23:31] C:\Program Files\Lavasoft
    [19/07/2004|09:13] C:\Program Files\Learn2.com
    [29/08/2008|23:59] C:\Program Files\LimeWire
    [19/10/2008|00:21] C:\Program Files\Malwarebytes' Anti-Malware
    [19/10/2008|04:15] C:\Program Files\Messenger
    [06/10/2008|20:41] C:\Program Files\Messenger Plus! Live
    [02/10/2008|19:21] C:\Program Files\Microsoft
    [01/03/2005|12:36] C:\Program Files\microsoft frontpage
    [12/07/2008|13:10] C:\Program Files\Microsoft LifeCam
    [01/03/2005|12:30] C:\Program Files\Microsoft Office
    [08/06/2005|16:28] C:\Program Files\Microsoft R‚f‚rence
    [10/04/2008|18:13] C:\Program Files\Microsoft SQL Server Compact Edition
    [01/03/2005|12:37] C:\Program Files\Microsoft Visual Studio
    [03/05/2008|19:32] C:\Program Files\Motherboard Monitor 5
    [19/10/2008|04:10] C:\Program Files\Movie Maker
    [21/10/2008|14:59] C:\Program Files\Mozilla Firefox
    [06/10/2008|19:36] C:\Program Files\MSECACHE
    [16/07/2004|23:20] C:\Program Files\MSN
    [16/07/2004|23:20] C:\Program Files\MSN Gaming Zone
    [19/10/2008|20:21] C:\Program Files\Navilog1
    [19/10/2008|04:07] C:\Program Files\NetMeeting
    [21/09/2008|16:21] C:\Program Files\NRJ
    [19/03/2008|15:36] C:\Program Files\OpenOffice.org 2.3
    [19/10/2008|04:07] C:\Program Files\Outlook Express
    [18/10/2007|16:56] C:\Program Files\PC Camera
    [28/03/2007|17:05] C:\Program Files\Philips
    [16/07/2004|23:35] C:\Program Files\Phoenix Technologies Ltd
    [31/05/2008|12:52] C:\Program Files\PhotoFiltre
    [19/07/2004|10:22] C:\Program Files\Pinnacle
    [08/08/2008|19:05] C:\Program Files\QuickTime
    [19/07/2004|09:13] C:\Program Files\Real
    [16/06/2007|10:20] C:\Program Files\Sega
    [16/07/2004|23:22] C:\Program Files\Services en ligne
    [01/03/2005|12:30] C:\Program Files\Snapshot Viewer
    [03/05/2008|19:35] C:\Program Files\SpeedFan
    [18/10/2008|23:52] C:\Program Files\Spybot - Search & Destroy
    [18/03/2008|17:12] C:\Program Files\SSC Service Utility
    [17/06/2007|16:09] C:\Program Files\The Adventure Company
    [29/12/2007|12:18] C:\Program Files\The K-Ball
    [01/03/2005|12:42] C:\Program Files\Thomson
    [30/07/2005|07:51] C:\Program Files\Uninstall Information
    [19/07/2004|09:13] C:\Program Files\Viewpoint
    [21/10/2008|07:19] C:\Program Files\way global dash
    [06/10/2008|19:37] C:\Program Files\Windows Installer Clean Up
    [16/07/2004|23:34] C:\Program Files\Windows Journal Viewer
    [02/10/2008|19:45] C:\Program Files\Windows Live
    [29/09/2008|19:20] C:\Program Files\Windows Live Favorites
    [02/10/2008|19:42] C:\Program Files\Windows Live Toolbar
    [18/04/2008|11:40] C:\Program Files\Windows Media Components
    [27/10/2007|19:35] C:\Program Files\Windows Media Connect 2
    [19/10/2008|04:07] C:\Program Files\Windows Media Player
    [19/10/2008|04:07] C:\Program Files\Windows NT
    [17/11/2005|17:57] C:\Program Files\WinRAR
    [26/05/2005|09:04] C:\Program Files\WinZip 8.1 Fr
    [16/07/2004|23:29] C:\Program Files\xerox
    [07/04/2008|11:38] C:\Program Files\Yahoo!
    [02/09/2008|18:59] C:\Program Files\Zylom Games

    --------------------\\ Listing des dossiers dans C:\Program Files\Fichiers communs

    [05/05/2008|10:44] C:\Program Files\Fichiers communs\Adobe
    [26/05/2005|08:52] C:\Program Files\Fichiers communs\Ahead
    [15/08/2008|21:55] C:\Program Files\Fichiers communs\AOL
    [10/04/2007|15:13] C:\Program Files\Fichiers communs\aolshare
    [01/03/2005|12:26] C:\Program Files\Fichiers communs\Designer
    [09/04/2007|16:45] C:\Program Files\Fichiers communs\DirectX
    [02/03/2005|10:40] C:\Program Files\Fichiers communs\EPSON
    [18/10/2007|16:53] C:\Program Files\Fichiers communs\InstallShield
    [29/08/2007|18:43] C:\Program Files\Fichiers communs\Java
    [06/10/2008|19:59] C:\Program Files\Fichiers communs\Microsoft Shared
    [16/07/2004|23:21] C:\Program Files\Fichiers communs\MSSoap
    [19/07/2004|09:13] C:\Program Files\Fichiers communs\Nullsoft
    [18/10/2007|16:56] C:\Program Files\Fichiers communs\PAC207
    [19/07/2004|09:13] C:\Program Files\Fichiers communs\Real
    [16/07/2004|23:21] C:\Program Files\Fichiers communs\Services
    [17/07/2004|00:17] C:\Program Files\Fichiers communs\SpeechEngines
    [19/10/2008|04:07] C:\Program Files\Fichiers communs\System
    [02/10/2008|19:15] C:\Program Files\Fichiers communs\Windows Live
    [13/11/2007|13:22] C:\Program Files\Fichiers communs\WindowsLiveInstaller
    [18/10/2008|23:31] C:\Program Files\Fichiers communs\Wise Installation Wizard

    --------------------\\ Process

    ( 43 Processes )

    IEXPLORE.EXE ~ [PID:2696]
    IEXPLORE.EXE ~ [PID:2140]

    --------------------\\ Recherche avec S_Lop

    Aucun fichier / dossier Lop trouvé !

    --------------------\\ Recherche de Fichiers / Dossiers Lop

    C:\DOCUME~1\ALLUSE~1\APPLIC~1\Shim Cdrom Cast Surf
    C:\DOCUME~1\ALLUSE~1\APPLIC~1\Shim Cdrom Cast Surf\Dvd Film.exe
    C:\DOCUME~1\ALLUSE~1\APPLIC~1\Shim Cdrom Cast Surf\media boob.exe
    C:\DOCUME~1\ALLUSE~1\APPLIC~1\Shim Cdrom Cast Surf\Sign Proxy.exe
    C:\DOCUME~1\MLODIE~1\APPLIC~1\wayglo~1
    C:\DOCUME~1\MLODIE~1\APPLIC~1\wayglo~1\Bash grim cash.exe
    C:\DOCUME~1\MLODIE~1\APPLIC~1\wayglo~1\jmvtwqsz.exe
    C:\DOCUME~1\MLODIE~1\APPLIC~1\wayglo~1\soapplatformknobsave.exe
    C:\DOCUME~1\MLODIE~1\APPLIC~1\wayglo~1\Team Trust.exe
    C:\DOCUME~1\MLODIE~1\APPLIC~1\wayglo~1\vvvbglxv.exe
    C:\DOCUME~1\MLODIE~1\APPLIC~1\wayglo~1\xdbdwqdc.exe
    C:\DOCUME~1\MLODIE~1\APPLIC~1\wayglo~1\ylnhyxlf.exe
    C:\Program Files\wayglo~1
    C:\DOCUME~1\MLODIE~1\LOCALS~1\Temp\nsp2DB.tmp
    C:\DOCUME~1\MLODIE~1\LOCALS~1\Temp\nsr2DA.tmp
    C:\DOCUME~1\MLODIE~1\LOCALS~1\Temp\nsy28E.tmp
    C:\Program Files\Circle Developement
    C:\Program Files\Circle Developement\Uninstall.exe
    C:\DOCUME~1\MLODIE~1\Cookies\mélodie@banner.cotedazurpalace[1].txt
    C:\DOCUME~1\MLODIE~1\Cookies\mélodie@adopt.euroclick[2].txt
    C:\DOCUME~1\MLODIE~1\Cookies\mélodie@pacificpoker[1].txt
    C:\WINDOWS\Tasks\ACCC5D6393B7D183.job

    --------------------\\ Verification du Registre

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "LiesMpeg"="C:\\DOCUME~1\\MLODIE~1\\APPLIC~1\\WAYGLO~1\\Team Trust.exe"

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "CAST SURF BROWSE TOOL"="C:\\Documents and Settings\\All Users\\Application Data\\Shim Cdrom Cast Surf\\Sign Proxy.exe"

    --------------------\\ Verification du fichier Hosts

    Fichier Hosts PROPRE

    --------------------\\ Recherche de fichiers avec Catchme

    catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
    Rootkit scan 2008-10-21 15:49:11
    Windows 5.1.2600 Service Pack 3 NTFS
    scanning hidden processes ...
    scanning hidden files ...
    scan completed successfully
    hidden processes: 0
    hidden files: 891

    --------------------\\ Recherche d'autres infections

    Aucune autre infection trouvée !

    [F:33][D:16]-> C:\DOCUME~1\MLODIE~1\LOCALS~1\Temp
    [F:34][D:0]-> C:\DOCUME~1\MLODIE~1\Cookies
    [F:222][D:4]-> C:\DOCUME~1\MLODIE~1\LOCALS~1\TEMPOR~1\content.IE5
    [F:1][D:1]-> C:\$Recycle.Bin

    1 - "C:\Lop SD\LopR_1.txt" - 21/10/2008|15:51 - Option : [1]

    --------------------\\ Fin du rapport a 15:51:15
    0
  2. jyg
     
    Voici le rapport de Loop S&D option 2, puis celui de Hijackthis.

    Concernant mes soucis, j'espère que ta parfaite intervention me permettra de faire fonctionner ce PC sans problème maintenant. Je ne sais pas ce qui a pu se passer, la machine ne m'appartient pas, mais je sais que ce PC est utilisé par des jeunes filles (18 et 15 ans) et que la sécurité n'est pas leur tasse de thé... L'utilisation de MSN ainsi que des téléchargements sans doute risqués n'ont pas dû arranger la situation de cette pauvre machine.
    Je vais donc les sermonner, mais sans trop me faire d'illusion sur la suite.

    Pour infos, je remarque que dans les processus, iexplore n'est pas dans la liste alors qu'il apparaissait systématiquement, même après avoir déconnecté MSN, c'est une information intéressante ?????

    Encore merci mille fois.

    Jyg

    --------------------\\ Lop S&D 4.2.4-6 XP/Vista

    Microsoft Windows XP Édition familiale ( v5.1.2600 ) Service Pack 3
    X86-based PC ( Uniprocessor Free : AMD Athlon(tm) XP 2600+ )
    BIOS : Phoenix - AwardBIOS v6.00PG
    USER : Mélodie ( Administrator )
    BOOT : Normal boot
    Antivirus : avast! antivirus 4.8.1229 [VPS 081020-0] 4.8.1229 (Activated)
    C:\ (Local Disk) - NTFS - Total : 66 Go Free : 12 Go
    D:\ (CD or DVD)
    E:\ (CD or DVD)

    "C:\Lop SD" ( MAJ : 20-10-2008|20:35 )
    Option : [2] ( 21/10/2008|16:11 )

    \\\\\\\\\\\\\\\\\\\\\\\\\\\\\\ SUPPRESSION

    Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\Shim Cdrom Cast Surf\Dvd Film.exe
    Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\Shim Cdrom Cast Surf\media boob.exe
    Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\Shim Cdrom Cast Surf\Sign Proxy.exe
    Supprime! - C:\DOCUME~1\MLODIE~1\APPLIC~1\wayglo~1\Bash grim cash.exe
    Supprime! - C:\DOCUME~1\MLODIE~1\APPLIC~1\wayglo~1\jmvtwqsz.exe
    Supprime! - C:\DOCUME~1\MLODIE~1\APPLIC~1\wayglo~1\soapplatformknobsave.exe
    Supprime! - C:\DOCUME~1\MLODIE~1\APPLIC~1\wayglo~1\Team Trust.exe
    Supprime! - C:\DOCUME~1\MLODIE~1\APPLIC~1\wayglo~1\vvvbglxv.exe
    Supprime! - C:\DOCUME~1\MLODIE~1\APPLIC~1\wayglo~1\xdbdwqdc.exe
    Supprime! - C:\DOCUME~1\MLODIE~1\APPLIC~1\wayglo~1\ylnhyxlf.exe
    Supprime! - C:\DOCUME~1\MLODIE~1\LOCALS~1\Temp\nsp2DB.tmp
    Supprime! - C:\DOCUME~1\MLODIE~1\LOCALS~1\Temp\nsr2DA.tmp
    Supprime! - C:\DOCUME~1\MLODIE~1\LOCALS~1\Temp\nsy28E.tmp
    Supprime! - C:\Program Files\Circle Developement\Uninstall.exe
    Supprime! - C:\DOCUME~1\MLODIE~1\Cookies\mélodie@banner.cotedazurpalace[1].txt
    Supprime! - C:\DOCUME~1\MLODIE~1\Cookies\mélodie@adopt.euroclick[2].txt
    Supprime! - C:\DOCUME~1\MLODIE~1\Cookies\mélodie@pacificpoker[1].txt
    Supprime! - C:\WINDOWS\Tasks\ACCC5D6393B7D183.job
    Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\Shim Cdrom Cast Surf
    Supprime! - C:\DOCUME~1\MLODIE~1\APPLIC~1\wayglo~1
    Supprime! - C:\Program Files\wayglo~1
    Supprime! - C:\Program Files\Circle Developement
    -
    [ Fichier Hosts ] .. Restaure!

    \\\\\\\\\\\\\\\\\\\\\\\\\\\\\\

    Supprime! - C:\Program Files\Viewpoint
    Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\Viewpoint

    \\\\\\\\\\\\\\\\\\\\\\\\\\\\\\

    --------------------\\ Listing des dossiers dans APPLIC~1

    [19/07/2004|15:02] C:\DOCUME~1\ADMINI~1\APPLIC~1\Adobe
    [24/11/2006|11:54] C:\DOCUME~1\ADMINI~1\APPLIC~1\AOL
    [19/07/2004|09:07] C:\DOCUME~1\ADMINI~1\APPLIC~1\Help
    [16/07/2004|23:29] C:\DOCUME~1\ADMINI~1\APPLIC~1\Identities
    [19/07/2004|15:02] C:\DOCUME~1\ADMINI~1\APPLIC~1\InterTrust
    [02/08/2004|15:13] C:\DOCUME~1\ADMINI~1\APPLIC~1\Macromedia
    [16/07/2004|23:32] C:\DOCUME~1\ADMINI~1\APPLIC~1\Microsoft
    [19/07/2004|09:13] C:\DOCUME~1\ADMINI~1\APPLIC~1\You've Got Pictures Screensaver

    [29/03/2008|15:11] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe
    [28/09/2008|17:40] C:\DOCUME~1\ALLUSE~1\APPLIC~1\agi
    [26/05/2005|08:52] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Ahead
    [19/07/2004|09:13] C:\DOCUME~1\ALLUSE~1\APPLIC~1\AOL
    [08/08/2008|19:02] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple Computer
    [29/05/2005|15:06] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Avg7
    [19/07/2004|09:23] C:\DOCUME~1\ALLUSE~1\APPLIC~1\CyberLink
    [29/09/2007|17:18] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Google
    [21/10/2008|09:20] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Grisoft
    [28/09/2008|17:41] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Kiwee Toolbar
    [18/10/2008|23:30] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Lavasoft
    [19/10/2008|00:21] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Malwarebytes
    [07/06/2008|10:30] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Messenger Plus!
    [02/10/2008|19:23] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft
    [22/10/2007|14:17] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Mozilla
    [29/11/2006|17:09] C:\DOCUME~1\ALLUSE~1\APPLIC~1\MSN6
    [30/08/2008|14:07] C:\DOCUME~1\ALLUSE~1\APPLIC~1\PlayFirst
    [05/06/2005|17:29] C:\DOCUME~1\ALLUSE~1\APPLIC~1\QuickTime
    [16/07/2004|23:36] C:\DOCUME~1\ALLUSE~1\APPLIC~1\SBSI
    [01/03/2005|12:30] C:\DOCUME~1\ALLUSE~1\APPLIC~1\SBT
    [19/10/2008|03:49] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Spybot - Search & Destroy
    [27/10/2007|23:02] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Genuine Advantage
    [23/08/2007|18:33] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Live Toolbar
    [06/10/2008|19:41] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WindowsLiveInstaller
    [06/10/2008|19:58] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WLInstaller
    [07/04/2008|14:05] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Yahoo! Companion
    [29/08/2008|19:36] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Zylom

    [19/07/2004|15:02] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Adobe
    [24/11/2006|11:54] C:\DOCUME~1\DEFAUL~1\APPLIC~1\AOL
    [19/07/2004|09:07] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Help
    [16/07/2004|23:29] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Identities
    [19/07/2004|15:02] C:\DOCUME~1\DEFAUL~1\APPLIC~1\InterTrust
    [02/08/2004|15:13] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Macromedia
    [16/07/2004|23:32] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft
    [19/07/2004|09:13] C:\DOCUME~1\DEFAUL~1\APPLIC~1\You've Got Pictures Screensaver

    [28/09/2008|17:42] C:\DOCUME~1\LOCALS~1\APPLIC~1\agi
    [02/10/2008|20:08] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft

    [31/05/2008|11:05] C:\DOCUME~1\Mlodie\APPLIC~1\Adobe

    [08/07/2008|22:25] C:\DOCUME~1\MLODIE~1\APPLIC~1\Adobe
    [28/09/2008|17:41] C:\DOCUME~1\MLODIE~1\APPLIC~1\agi
    [12/08/2007|21:32] C:\DOCUME~1\MLODIE~1\APPLIC~1\Ahead
    [26/10/2007|18:31] C:\DOCUME~1\MLODIE~1\APPLIC~1\Aim
    [24/11/2006|11:54] C:\DOCUME~1\MLODIE~1\APPLIC~1\AOL
    [03/09/2008|07:46] C:\DOCUME~1\MLODIE~1\APPLIC~1\Apple Computer
    [22/01/2007|19:59] C:\DOCUME~1\MLODIE~1\APPLIC~1\CyberLink
    [29/09/2007|20:54] C:\DOCUME~1\MLODIE~1\APPLIC~1\Google
    [19/07/2004|09:07] C:\DOCUME~1\MLODIE~1\APPLIC~1\Help
    [30/08/2008|14:06] C:\DOCUME~1\MLODIE~1\APPLIC~1\Identities
    [19/07/2004|15:02] C:\DOCUME~1\MLODIE~1\APPLIC~1\InterTrust
    [03/08/2008|23:59] C:\DOCUME~1\MLODIE~1\APPLIC~1\LimeWire
    [03/10/2007|21:34] C:\DOCUME~1\MLODIE~1\APPLIC~1\Macromedia
    [19/10/2008|00:21] C:\DOCUME~1\MLODIE~1\APPLIC~1\Malwarebytes
    [06/10/2008|19:50] C:\DOCUME~1\MLODIE~1\APPLIC~1\Microsoft
    [22/10/2007|14:19] C:\DOCUME~1\MLODIE~1\APPLIC~1\Mozilla
    [08/03/2008|17:33] C:\DOCUME~1\MLODIE~1\APPLIC~1\MSN6
    [21/10/2008|11:35] C:\DOCUME~1\MLODIE~1\APPLIC~1\OpenOffice.org2
    [30/08/2008|14:07] C:\DOCUME~1\MLODIE~1\APPLIC~1\PlayFirst
    [24/11/2007|22:11] C:\DOCUME~1\MLODIE~1\APPLIC~1\Sun
    [22/10/2007|14:19] C:\DOCUME~1\MLODIE~1\APPLIC~1\Talkback
    [06/10/2008|19:48] C:\DOCUME~1\MLODIE~1\APPLIC~1\Windows Live Writer
    [19/07/2004|09:13] C:\DOCUME~1\MLODIE~1\APPLIC~1\You've Got Pictures Screensaver
    [30/08/2008|14:06] C:\DOCUME~1\MLODIE~1\APPLIC~1\Zylom

    [29/09/2008|21:19] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft

    --------------------\\ Tâches planifiées dans C:\WINDOWS\tasks

    [16/07/2008 10:11][--ah-----] C:\WINDOWS\tasks\Microsoft_Hardware_Launch_vVX1000_exe.job
    [12/07/2008 13:05][--ah-----] C:\WINDOWS\tasks\Microsoft_Hardware_Launch_setup_exe.job
    [24/04/2003 14:00][-r-h-----] C:\WINDOWS\tasks\desktop.ini
    [20/10/2008 21:01][--ah-----] C:\WINDOWS\tasks\SA.DAT

    --------------------\\ Listing des dossiers dans C:\Program Files

    [05/05/2008|10:45] C:\Program Files\Adobe
    [23/08/2007|16:00] C:\Program Files\ADSL Drivers
    [28/09/2008|17:32] C:\Program Files\AGI
    [26/05/2005|08:57] C:\Program Files\Ahead
    [08/03/2008|17:39] C:\Program Files\Alwil Software
    [21/10/2008|09:15] C:\Program Files\AOL 7.0
    [21/10/2008|09:15] C:\Program Files\AOL 7.0a
    [08/08/2008|18:35] C:\Program Files\AOL 7.0b
    [21/10/2008|11:07] C:\Program Files\a-squared Free
    [19/07/2004|09:06] C:\Program Files\ATI Technologies
    [02/05/2008|14:09] C:\Program Files\CCleaner
    [16/07/2004|23:36] C:\Program Files\Cr‚ez votre site Web
    [19/07/2004|09:23] C:\Program Files\CyberLink
    [22/10/2007|14:16] C:\Program Files\DivX
    [21/05/2008|22:09] C:\Program Files\DK
    [08/08/2008|18:48] C:\Program Files\Empire Interactive
    [21/08/2008|17:37] C:\Program Files\eMule
    [20/08/2008|14:27] C:\Program Files\EPSON
    [17/10/2008|22:29] C:\Program Files\FenAffiche
    [18/10/2008|23:31] C:\Program Files\Fichiers communs
    [21/09/2008|16:12] C:\Program Files\Football Generation
    [14/01/2007|11:19] C:\Program Files\FSX_Screensaver
    [29/09/2007|17:18] C:\Program Files\Google
    [21/10/2008|11:09] C:\Program Files\Grisoft
    [05/05/2008|10:13] C:\Program Files\HDD Health
    [03/05/2008|19:19] C:\Program Files\HealthMonitor
    [16/07/2004|23:34] C:\Program Files\HighMAT CD Writing Wizard
    [21/09/2008|16:03] C:\Program Files\InstallShield Installation Information
    [15/10/2008|23:54] C:\Program Files\Internet Explorer
    [08/03/2008|18:11] C:\Program Files\Java
    [28/09/2008|17:41] C:\Program Files\Kiwee Toolbar
    [09/03/2008|12:23] C:\Program Files\Lavalys
    [18/10/2008|23:31] C:\Program Files\Lavasoft
    [19/07/2004|09:13] C:\Program Files\Learn2.com
    [29/08/2008|23:59] C:\Program Files\LimeWire
    [19/10/2008|00:21] C:\Program Files\Malwarebytes' Anti-Malware
    [19/10/2008|04:15] C:\Program Files\Messenger
    [06/10/2008|20:41] C:\Program Files\Messenger Plus! Live
    [02/10/2008|19:21] C:\Program Files\Microsoft
    [01/03/2005|12:36] C:\Program Files\microsoft frontpage
    [12/07/2008|13:10] C:\Program Files\Microsoft LifeCam
    [01/03/2005|12:30] C:\Program Files\Microsoft Office
    [08/06/2005|16:28] C:\Program Files\Microsoft R‚f‚rence
    [10/04/2008|18:13] C:\Program Files\Microsoft SQL Server Compact Edition
    [01/03/2005|12:37] C:\Program Files\Microsoft Visual Studio
    [03/05/2008|19:32] C:\Program Files\Motherboard Monitor 5
    [19/10/2008|04:10] C:\Program Files\Movie Maker
    [21/10/2008|14:59] C:\Program Files\Mozilla Firefox
    [06/10/2008|19:36] C:\Program Files\MSECACHE
    [16/07/2004|23:20] C:\Program Files\MSN
    [16/07/2004|23:20] C:\Program Files\MSN Gaming Zone
    [19/10/2008|20:21] C:\Program Files\Navilog1
    [19/10/2008|04:07] C:\Program Files\NetMeeting
    [21/09/2008|16:21] C:\Program Files\NRJ
    [19/03/2008|15:36] C:\Program Files\OpenOffice.org 2.3
    [19/10/2008|04:07] C:\Program Files\Outlook Express
    [18/10/2007|16:56] C:\Program Files\PC Camera
    [28/03/2007|17:05] C:\Program Files\Philips
    [16/07/2004|23:35] C:\Program Files\Phoenix Technologies Ltd
    [31/05/2008|12:52] C:\Program Files\PhotoFiltre
    [19/07/2004|10:22] C:\Program Files\Pinnacle
    [08/08/2008|19:05] C:\Program Files\QuickTime
    [19/07/2004|09:13] C:\Program Files\Real
    [16/06/2007|10:20] C:\Program Files\Sega
    [16/07/2004|23:22] C:\Program Files\Services en ligne
    [01/03/2005|12:30] C:\Program Files\Snapshot Viewer
    [03/05/2008|19:35] C:\Program Files\SpeedFan
    [18/10/2008|23:52] C:\Program Files\Spybot - Search & Destroy
    [18/03/2008|17:12] C:\Program Files\SSC Service Utility
    [17/06/2007|16:09] C:\Program Files\The Adventure Company
    [29/12/2007|12:18] C:\Program Files\The K-Ball
    [01/03/2005|12:42] C:\Program Files\Thomson
    [30/07/2005|07:51] C:\Program Files\Uninstall Information
    [06/10/2008|19:37] C:\Program Files\Windows Installer Clean Up
    [16/07/2004|23:34] C:\Program Files\Windows Journal Viewer
    [02/10/2008|19:45] C:\Program Files\Windows Live
    [29/09/2008|19:20] C:\Program Files\Windows Live Favorites
    [02/10/2008|19:42] C:\Program Files\Windows Live Toolbar
    [18/04/2008|11:40] C:\Program Files\Windows Media Components
    [27/10/2007|19:35] C:\Program Files\Windows Media Connect 2
    [19/10/2008|04:07] C:\Program Files\Windows Media Player
    [19/10/2008|04:07] C:\Program Files\Windows NT
    [17/11/2005|17:57] C:\Program Files\WinRAR
    [26/05/2005|09:04] C:\Program Files\WinZip 8.1 Fr
    [16/07/2004|23:29] C:\Program Files\xerox
    [07/04/2008|11:38] C:\Program Files\Yahoo!
    [02/09/2008|18:59] C:\Program Files\Zylom Games

    --------------------\\ Listing des dossiers dans C:\Program Files\Fichiers communs

    [05/05/2008|10:44] C:\Program Files\Fichiers communs\Adobe
    [26/05/2005|08:52] C:\Program Files\Fichiers communs\Ahead
    [15/08/2008|21:55] C:\Program Files\Fichiers communs\AOL
    [10/04/2007|15:13] C:\Program Files\Fichiers communs\aolshare
    [01/03/2005|12:26] C:\Program Files\Fichiers communs\Designer
    [09/04/2007|16:45] C:\Program Files\Fichiers communs\DirectX
    [02/03/2005|10:40] C:\Program Files\Fichiers communs\EPSON
    [18/10/2007|16:53] C:\Program Files\Fichiers communs\InstallShield
    [29/08/2007|18:43] C:\Program Files\Fichiers communs\Java
    [06/10/2008|19:59] C:\Program Files\Fichiers communs\Microsoft Shared
    [16/07/2004|23:21] C:\Program Files\Fichiers communs\MSSoap
    [19/07/2004|09:13] C:\Program Files\Fichiers communs\Nullsoft
    [18/10/2007|16:56] C:\Program Files\Fichiers communs\PAC207
    [19/07/2004|09:13] C:\Program Files\Fichiers communs\Real
    [16/07/2004|23:21] C:\Program Files\Fichiers communs\Services
    [17/07/2004|00:17] C:\Program Files\Fichiers communs\SpeechEngines
    [19/10/2008|04:07] C:\Program Files\Fichiers communs\System
    [02/10/2008|19:15] C:\Program Files\Fichiers communs\Windows Live
    [13/11/2007|13:22] C:\Program Files\Fichiers communs\WindowsLiveInstaller
    [18/10/2008|23:31] C:\Program Files\Fichiers communs\Wise Installation Wizard

    --------------------\\ Process

    ( 39 Processes )

    ... OK !

    --------------------\\ Recherche avec S_Lop

    Aucun fichier / dossier Lop trouvé !

    --------------------\\ Recherche de Fichiers / Dossiers Lop

    Aucun fichier / dossier Lop trouvé !

    --------------------\\ Verification du Registre

    ..... OK !

    --------------------\\ Verification du fichier Hosts

    Fichier Hosts PROPRE

    --------------------\\ Recherche de fichiers avec Catchme

    catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
    Rootkit scan 2008-10-21 16:12:49
    Windows 5.1.2600 Service Pack 3 NTFS
    scanning hidden processes ...
    scanning hidden files ...
    scan completed successfully
    hidden processes: 0
    hidden files: 891

    --------------------\\ Recherche d'autres infections

    Aucune autre infection trouvée !

    [F:30][D:14]-> C:\DOCUME~1\MLODIE~1\LOCALS~1\Temp
    [F:31][D:0]-> C:\DOCUME~1\MLODIE~1\Cookies
    [F:222][D:4]-> C:\DOCUME~1\MLODIE~1\LOCALS~1\TEMPOR~1\content.IE5
    [F:1][D:1]-> C:\$Recycle.Bin

    1 - "C:\Lop SD\LopR_1.txt" - 21/10/2008|15:51 - Option : [1]
    2 - "C:\Lop SD\LopR_2.txt" - 21/10/2008|16:14 - Option : [2]

    --------------------\\ Fin du rapport a 16:14:40

    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 16:15:58, on 21/10/2008
    Platform: Windows XP SP3 (WinNT 5.01.2600)
    MSIE: Internet Explorer v7.00 (7.00.6000.16735)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\System32\Ati2evxx.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
    C:\WINDOWS\system32\Ati2evxx.exe
    C:\WINDOWS\Explorer.EXE
    C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
    C:\Program Files\Alwil Software\Avast4\ashServ.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\WINDOWS\system32\agrsmsvc.exe
    C:\Program Files\Fichiers communs\EPSON\EBAPI\SAgent2.exe
    C:\Program Files\Windows Live\Family Safety\fsssvc.exe
    C:\Program Files\Microsoft LifeCam\MSCamS32.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\wanmpsvc.exe
    C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
    C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
    C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
    C:\Program Files\Real\RealPlayer\RealPlay.exe
    C:\Program Files\QuickTime\qttask.exe
    C:\Program Files\Windows Live\Family Safety\fsui.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe
    C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
    C:\Program Files\Microsoft Office\Office\WINWORD.EXE
    C:\hijackthis\eden.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
    R3 - URLSearchHook: AGSearchHook Class - {0BC6E3FA-78EF-4886-842C-5A1258C4455A} - C:\Program Files\AGI\common\agcutils.dll
    O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
    O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O2 - BHO: adssite - {54364fdf-914b-8006-2fcc-59dd0770d297} - C:\WINDOWS\system32\nsb2DC.dll
    O2 - BHO: Click-to-Call BHO - {5C255C8A-E604-49b4-9D64-90988571CECB} - C:\Program Files\Windows Live\Messenger\wlchtc.dll
    O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SearchHelper.dll
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
    O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
    O2 - BHO: Windows Live Toolbar Beta - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
    O3 - Toolbar: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
    O3 - Toolbar: &Windows Live Toolbar Beta - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
    O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
    O4 - HKLM\..\Run: [RealTray] C:\Program Files\Real\RealPlayer\RealPlay.exe SYSTEMBOOTHIDEPLAYER
    O4 - HKLM\..\Run: [LifeCam] "C:\Program Files\Microsoft LifeCam\LifeExp.exe"
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
    O4 - HKLM\..\Run: [fssui] "C:\Program Files\Windows Live\Family Safety\fsui.exe" -autorun
    O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
    O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
    O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL')
    O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU')
    O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
    O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
    O8 - Extra context menu item: &Recherche AOL Toolbar - res://C:\Program Files\AOL Toolbar\toolbar.dll/SEARCH.HTML
    O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
    O8 - Extra context menu item: Add to Windows &Live Favorites - https://onedrive.live.com/?id=favorites
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
    O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
    O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
    O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\System32\Shdocvw.dll
    O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.cab
    O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://v5.windowsupdate.microsoft.com/v5consumer/V5Controls/en/x86/client/wuweb_site.cab?1093373904468
    O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} (DivXBrowserPlugin Object) - http://download.divx.com/player/DivXBrowserPlugin.cab
    O16 - DPF: {69EF49E5-FE46-4B92-B5FA-2193AB7A6B8A} (GameLauncher Control) - http://www.acclaim.com/cabs/acclaim_v4.cab
    O16 - DPF: {B79A53C0-1DAC-4636-BACE-FD086A7A79BF} (AdSignerLCContrl Class) - https://static.impots.gouv.fr/tdir/static/adpform/AdSignerADP.cab
    O16 - DPF: {C36112BF-2FA3-4694-8603-3B510EA3B465} (Lycos File Upload Component) - http://f002.mail.caramail.lycos.fr/app/uploader/FileUploader.cab
    O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
    O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab56986.cab
    O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
    O23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) - Agere Systems - C:\WINDOWS\system32\agrsmsvc.exe
    O23 - Service: AG Windows Service (AGWinService) - Unknown owner - C:\Program Files\AGI\common\win32\PythonService.exe
    O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
    O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\System32\Ati2evxx.exe
    O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
    O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
    O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
    O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
    O23 - Service: EPSON Printer Status Agent2 (EPSONStatusAgent2) - SEIKO EPSON CORPORATION - C:\Program Files\Fichiers communs\EPSON\EBAPI\SAgent2.exe
    O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
    O23 - Service: WAN Miniport (ATW) Service (WANMiniportService) - America Online, Inc. - C:\WINDOWS\wanmpsvc.exe
    0
  3. jyg
     
    Voici le rapport du scan de Malwarebyte's et celui du Hijackthis à suivre.

    Malwarebyte's : 2 éléments trouvés et supprimés.

    Malwarebytes' Anti-Malware 1.27
    Version de la base de données: 1127
    Windows 5.1.2600 Service Pack 3

    21/10/2008 18:41:34
    mbam-log-2008-10-21 (18-41-26).txt

    Type de recherche: Examen complet (C:\|)
    Eléments examinés: 123015
    Temps écoulé: 1 hour(s), 23 minute(s), 27 second(s)

    Processus mémoire infecté(s): 0
    Module(s) mémoire infecté(s): 0
    Clé(s) du Registre infectée(s): 1
    Valeur(s) du Registre infectée(s): 0
    Elément(s) de données du Registre infecté(s): 0
    Dossier(s) infecté(s): 0
    Fichier(s) infecté(s): 1

    Processus mémoire infecté(s):
    (Aucun élément nuisible détecté)

    Module(s) mémoire infecté(s):
    (Aucun élément nuisible détecté)

    Clé(s) du Registre infectée(s):
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\adssite (Adware.Agent) -> No action taken.

    Valeur(s) du Registre infectée(s):
    (Aucun élément nuisible détecté)

    Elément(s) de données du Registre infecté(s):
    (Aucun élément nuisible détecté)

    Dossier(s) infecté(s):
    (Aucun élément nuisible détecté)

    Fichier(s) infecté(s):
    C:\WINDOWS\system32\adssite-remove.exe (Adware.Agent) -> No action taken.

    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 18:42:38, on 21/10/2008
    Platform: Windows XP SP3 (WinNT 5.01.2600)
    MSIE: Internet Explorer v7.00 (7.00.6000.16735)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\System32\Ati2evxx.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
    C:\WINDOWS\system32\Ati2evxx.exe
    C:\WINDOWS\Explorer.EXE
    C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
    C:\Program Files\Alwil Software\Avast4\ashServ.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
    C:\Program Files\Real\RealPlayer\RealPlay.exe
    C:\Program Files\QuickTime\qttask.exe
    C:\Program Files\Windows Live\Family Safety\fsui.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe
    C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
    C:\WINDOWS\system32\agrsmsvc.exe
    C:\Program Files\Fichiers communs\EPSON\EBAPI\SAgent2.exe
    C:\Program Files\Windows Live\Family Safety\fsssvc.exe
    C:\Program Files\Microsoft LifeCam\MSCamS32.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\wanmpsvc.exe
    C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
    C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Outils_Jyg\hijackthis\eden.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
    R3 - URLSearchHook: AGSearchHook Class - {0BC6E3FA-78EF-4886-842C-5A1258C4455A} - C:\Program Files\AGI\common\agcutils.dll
    O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
    O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O2 - BHO: Click-to-Call BHO - {5C255C8A-E604-49b4-9D64-90988571CECB} - C:\Program Files\Windows Live\Messenger\wlchtc.dll
    O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SearchHelper.dll
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
    O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
    O2 - BHO: Windows Live Toolbar Beta - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
    O3 - Toolbar: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
    O3 - Toolbar: &Windows Live Toolbar Beta - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
    O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
    O4 - HKLM\..\Run: [RealTray] C:\Program Files\Real\RealPlayer\RealPlay.exe SYSTEMBOOTHIDEPLAYER
    O4 - HKLM\..\Run: [LifeCam] "C:\Program Files\Microsoft LifeCam\LifeExp.exe"
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
    O4 - HKLM\..\Run: [fssui] "C:\Program Files\Windows Live\Family Safety\fsui.exe" -autorun
    O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
    O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
    O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL')
    O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU')
    O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
    O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
    O8 - Extra context menu item: &Recherche AOL Toolbar - res://C:\Program Files\AOL Toolbar\toolbar.dll/SEARCH.HTML
    O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
    O8 - Extra context menu item: Add to Windows &Live Favorites - https://onedrive.live.com/?id=favorites
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
    O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
    O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
    O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\System32\Shdocvw.dll
    O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.cab
    O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://v5.windowsupdate.microsoft.com/v5consumer/V5Controls/en/x86/client/wuweb_site.cab?1093373904468
    O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} (DivXBrowserPlugin Object) - http://download.divx.com/player/DivXBrowserPlugin.cab
    O16 - DPF: {69EF49E5-FE46-4B92-B5FA-2193AB7A6B8A} (GameLauncher Control) - http://www.acclaim.com/cabs/acclaim_v4.cab
    O16 - DPF: {B79A53C0-1DAC-4636-BACE-FD086A7A79BF} (AdSignerLCContrl Class) - https://static.impots.gouv.fr/tdir/static/adpform/AdSignerADP.cab
    O16 - DPF: {C36112BF-2FA3-4694-8603-3B510EA3B465} (Lycos File Upload Component) - http://f002.mail.caramail.lycos.fr/app/uploader/FileUploader.cab
    O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
    O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab56986.cab
    O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
    O23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) - Agere Systems - C:\WINDOWS\system32\agrsmsvc.exe
    O23 - Service: AG Windows Service (AGWinService) - Unknown owner - C:\Program Files\AGI\common\win32\PythonService.exe
    O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
    O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\System32\Ati2evxx.exe
    O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
    O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
    O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
    O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
    O23 - Service: EPSON Printer Status Agent2 (EPSONStatusAgent2) - SEIKO EPSON CORPORATION - C:\Program Files\Fichiers communs\EPSON\EBAPI\SAgent2.exe
    O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
    O23 - Service: WAN Miniport (ATW) Service (WANMiniportService) - America Online, Inc. - C:\WINDOWS\wanmpsvc.exe
    0
  4. jyg
     
    Comme indiqué, j'ai bien viré les 2 problèmes trouvés par Malwarebyte's et il semble que les problèmes aient disparus.

    Merci encore.

    Jyg
    0
  5. Vous n’avez pas trouvé la réponse que vous recherchez ?

    Posez votre question
  6. jlpjlp Messages postés 52399 Statut Contributeur sécurité 5 041
     
    slt,

    Télécharge Toolbar-S&D (Team IDN) sur ton Bureau.
    https://77b4795d-a-62cb3a1a-s-sites.googlegroups.com/site/eric71mespages/ToolBarSD.exe?attachauth=ANoY7cqJWPphpudyTqv7TRo5RQ3nm_Sx8JluVMO59X5E9cyE3j3LqKlmStIqiDqJdIgMJLi7MXn2nKVajQfoWuVvZZ2wIx_vkqO4k4P0K9jh-ra9jaKPXdZcoaVF2UqJZNH8ubL_42uIwh6f35xJ2GJMuzddVj2Qth1DgZ839lxEIFGkgWz3TdfvNMy-YtxfA3gqBUrj4U4LFeAPiWr3ClmjIP0t_Xs5PQ%3D%3D&attredirects=2

    * Lance l'installation du programme en exécutant le fichier téléchargé.
    * Double-clique maintenant sur le raccourci de Toolbar-S&D.
    * Sélectionne la langue souhaitée en tapant la lettre de ton choix puis en validant avec la touche Entrée.
    * Choisis maintenant l'option 1 (Recherche). Patiente jusqu'à la fin de la recherche.
    * Poste le rapport généré. (C:\TB.txt)
    -1
    1. jyg
       
      Bonjour,
      Tout d'abord, merci de cette prompte réponse, voici le rapport généré par ToolbarSD
      -----------\\ ToolBar S&D 1.2.2 XP/Vista

      Microsoft Windows XP Édition familiale ( v5.1.2600 ) Service Pack 3
      X86-based PC ( Uniprocessor Free : AMD Athlon(tm) XP 2600+ )
      BIOS : Phoenix - AwardBIOS v6.00PG
      USER : Mélodie ( Administrator )
      BOOT : Normal boot
      Antivirus : avast! antivirus 4.8.1229 [VPS 081020-0] 4.8.1229 (Activated)
      C:\ (Local Disk) - NTFS - Total : 66 Go Free : 12 Go
      D:\ (CD or DVD)
      E:\ (CD or DVD)
      F:\ (USB) - FAT32 - Total : 952 Mo Free : 0 Go
      G:\ (USB)
      H:\ (USB)
      I:\ (USB)
      J:\ (USB)

      "C:\ToolBar SD" ( MAJ : 04-10-2008|21:00 )
      Option : [1] ( 21/10/2008|14:09 )

      -----------\\ Recherche de Fichiers / Dossiers ...

      C:\DOCUME~1\MLODIE~1\MENUDM~1\PROGRA~1\Adssite Games Collection
      C:\WINDOWS\iun6002.exe
      C:\WINDOWS\system32\adssite-remove.exe
      C:\DOCUME~1\MLODIE~1\LOCALS~1\Temp\nsk28F.tmp

      -----------\\ Extensions

      (All Users) - {3112ca9c-de6d-4884-a869-9855de68056c} => google-toolbar

      (M‚lodie) - {3112ca9c-de6d-4884-a869-9855de68056c} => google-toolbar
      (M‚lodie) - {635abd67-4fe9-1b23-4f01-e679fa7484c1} => ytoolbar


      -----------\\ [..\Internet Explorer\Main]

      [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
      "Start Page"="http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome"
      "Local Page"="C:\\windows\\system32\\blank.htm"
      "Search Page"="http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch"
      "Default_Search_URL"="http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch"

      [HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
      "Default_Page_URL"="http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome"
      "Default_Search_URL"="http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch"
      "Search Page"="http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch"
      "Local Page"="C:\\windows\\system32\\blank.htm"
      "Start Page"="http://www.microsoft.com/isapi/redir.dll?prd={SUB_PRD}&clcid={SUB_CLSID}&pver={SUB_PVER}&ar=home"


      --------------------\\ Recherche d'autres infections


      Aucune autre infection trouvée !


      1 - "C:\ToolBar SD\TB_1.txt" - 21/10/2008|14:11 - Option : [1]

      -----------\\ Fin du rapport a 14:11:47,77
      0
  7. jlpjlp Messages postés 52399 Statut Contributeur sécurité 5 041
     
    ok relance toolbar sd et choisi l'option 2 et colle le rapport

    ______________________

    colle un rapport hijackthis

    http://www.trendsecure.com/portal/en-US/tools/security_tools­/hijackthis/download

    manuel :

    http://leblogdeclaude.blogspot.com/2006/10/informatique-sect­ion-hijackthis.html

    Je conseille de renomer Hijackthis, pour contrer une éventuelle infection de Vundo.

    ex:Renomme le fichier HijackThis.exe en eden.exe pour cela, fais un clic droit sur le fichier HijackThis.exe et choisis renommer dans la liste

    Ensuite avec Explorer créer un dossier c:\hijackthis
    Décompresser Hijackthis dans ce dossier.
    -1
    1. jyg
       
      Voici les rapports de ToolbarSD et ensuite de Hijackthis renommé en Eden

      Pour info, j'avais déjà Hijackthis sur le pc, je l'ai donc directement renommé, sans le télécharger.

      d'autre part, ayant Spybot en résident, j'ai eu deux messages de modification de la base auxquels j'ai répondu en acceptant la modification à la suppression de l'outil ToolbarSD.

      -----------\\ ToolBar S&D 1.2.2 XP/Vista

      Microsoft Windows XP Édition familiale ( v5.1.2600 ) Service Pack 3
      X86-based PC ( Uniprocessor Free : AMD Athlon(tm) XP 2600+ )
      BIOS : Phoenix - AwardBIOS v6.00PG
      USER : Mélodie ( Administrator )
      BOOT : Normal boot
      Antivirus : avast! antivirus 4.8.1229 [VPS 081020-0] 4.8.1229 (Activated)
      C:\ (Local Disk) - NTFS - Total : 66 Go Free : 12 Go
      D:\ (CD or DVD)
      E:\ (CD or DVD)
      G:\ (USB)
      H:\ (USB)
      I:\ (USB)
      J:\ (USB)

      "C:\ToolBar SD" ( MAJ : 04-10-2008|21:00 )
      Option : [2] ( 21/10/2008|14:26 )

      -----------\\ SUPPRESSION

      Supprime! - C:\DOCUME~1\MLODIE~1\MENUDM~1\PROGRA~1\Adssite Games Collection
      Supprime! - C:\WINDOWS\iun6002.exe
      Supprime! - C:\WINDOWS\system32\adssite-remove.exe
      Supprime! - C:\DOCUME~1\MLODIE~1\LOCALS~1\Temp\nsk28F.tmp

      -----------\\ Recherche de Fichiers / Dossiers ...


      -----------\\ Extensions

      (All Users) - {3112ca9c-de6d-4884-a869-9855de68056c} => google-toolbar

      (M‚lodie) - {3112ca9c-de6d-4884-a869-9855de68056c} => google-toolbar
      (M‚lodie) - {635abd67-4fe9-1b23-4f01-e679fa7484c1} => ytoolbar


      -----------\\ [..\Internet Explorer\Main]

      [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
      "Start Page"="http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome"
      "Local Page"="C:\\windows\\system32\\blank.htm"
      "Search Page"="http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch"
      "Default_Search_URL"="http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch"

      [HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
      "Default_Page_URL"="http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome"
      "Default_Search_URL"="http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch"
      "Search Page"="http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch"
      "Local Page"="C:\\windows\\system32\\blank.htm"
      "Start Page"="https://www.msn.com/fr-fr/"


      --------------------\\ Recherche d'autres infections


      Aucune autre infection trouvée !


      1 - "C:\ToolBar SD\TB_1.txt" - 21/10/2008|14:11 - Option : [1]
      2 - "C:\ToolBar SD\TB_2.txt" - 21/10/2008|14:28 - Option : [2]

      -----------\\ Fin du rapport a 14:28:13,30



      Logfile of Trend Micro HijackThis v2.0.2
      Scan saved at 14:33:37, on 21/10/2008
      Platform: Windows XP SP3 (WinNT 5.01.2600)
      MSIE: Internet Explorer v7.00 (7.00.6000.16735)
      Boot mode: Normal

      Running processes:
      C:\WINDOWS\System32\smss.exe
      C:\WINDOWS\system32\winlogon.exe
      C:\WINDOWS\system32\services.exe
      C:\WINDOWS\system32\lsass.exe
      C:\WINDOWS\System32\Ati2evxx.exe
      C:\WINDOWS\system32\svchost.exe
      C:\WINDOWS\System32\svchost.exe
      C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
      C:\WINDOWS\system32\Ati2evxx.exe
      C:\WINDOWS\Explorer.EXE
      C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
      C:\Program Files\Alwil Software\Avast4\ashServ.exe
      C:\WINDOWS\system32\spoolsv.exe
      C:\WINDOWS\system32\agrsmsvc.exe
      C:\Program Files\Fichiers communs\EPSON\EBAPI\SAgent2.exe
      C:\Program Files\Windows Live\Family Safety\fsssvc.exe
      C:\Program Files\Microsoft LifeCam\MSCamS32.exe
      C:\WINDOWS\System32\svchost.exe
      C:\WINDOWS\wanmpsvc.exe
      C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
      C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
      C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
      C:\Program Files\Real\RealPlayer\RealPlay.exe
      C:\Program Files\QuickTime\qttask.exe
      C:\Program Files\Windows Live\Family Safety\fsui.exe
      C:\WINDOWS\System32\svchost.exe
      C:\WINDOWS\system32\ctfmon.exe
      C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe
      C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
      C:\hijackthis\eden.exe

      R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
      R3 - URLSearchHook: AGSearchHook Class - {0BC6E3FA-78EF-4886-842C-5A1258C4455A} - C:\Program Files\AGI\common\agcutils.dll
      O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
      O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
      O2 - BHO: adssite - {54364fdf-914b-8006-2fcc-59dd0770d297} - C:\WINDOWS\system32\nsf290.dll
      O2 - BHO: Click-to-Call BHO - {5C255C8A-E604-49b4-9D64-90988571CECB} - C:\Program Files\Windows Live\Messenger\wlchtc.dll
      O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SearchHelper.dll
      O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
      O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
      O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
      O2 - BHO: Windows Live Toolbar Beta - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
      O3 - Toolbar: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
      O3 - Toolbar: &Windows Live Toolbar Beta - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
      O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
      O4 - HKLM\..\Run: [RealTray] C:\Program Files\Real\RealPlayer\RealPlay.exe SYSTEMBOOTHIDEPLAYER
      O4 - HKLM\..\Run: [LifeCam] "C:\Program Files\Microsoft LifeCam\LifeExp.exe"
      O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
      O4 - HKLM\..\Run: [fssui] "C:\Program Files\Windows Live\Family Safety\fsui.exe" -autorun
      O4 - HKLM\..\Run: [CAST SURF BROWSE TOOL] C:\Documents and Settings\All Users\Application Data\Shim Cdrom Cast Surf\Sign Proxy.exe
      O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
      O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
      O4 - HKCU\..\Run: [LiesMpeg] C:\DOCUME~1\MLODIE~1\APPLIC~1\WAYGLO~1\Team Trust.exe
      O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
      O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL')
      O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU')
      O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
      O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
      O8 - Extra context menu item: &Recherche AOL Toolbar - res://C:\Program Files\AOL Toolbar\toolbar.dll/SEARCH.HTML
      O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
      O8 - Extra context menu item: Add to Windows &Live Favorites - https://onedrive.live.com/?id=favorites
      O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
      O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
      O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
      O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
      O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\System32\Shdocvw.dll
      O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
      O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
      O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
      O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
      O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
      O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
      O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.cab
      O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://v5.windowsupdate.microsoft.com/v5consumer/V5Controls/en/x86/client/wuweb_site.cab?1093373904468
      O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} (DivXBrowserPlugin Object) - http://download.divx.com/player/DivXBrowserPlugin.cab
      O16 - DPF: {69EF49E5-FE46-4B92-B5FA-2193AB7A6B8A} (GameLauncher Control) - http://www.acclaim.com/cabs/acclaim_v4.cab
      O16 - DPF: {B79A53C0-1DAC-4636-BACE-FD086A7A79BF} (AdSignerLCContrl Class) - https://static.impots.gouv.fr/tdir/static/adpform/AdSignerADP.cab
      O16 - DPF: {C36112BF-2FA3-4694-8603-3B510EA3B465} (Lycos File Upload Component) - http://f002.mail.caramail.lycos.fr/app/uploader/FileUploader.cab
      O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
      O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab56986.cab
      O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
      O23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) - Agere Systems - C:\WINDOWS\system32\agrsmsvc.exe
      O23 - Service: AG Windows Service (AGWinService) - Unknown owner - C:\Program Files\AGI\common\win32\PythonService.exe
      O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
      O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\System32\Ati2evxx.exe
      O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
      O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
      O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
      O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
      O23 - Service: EPSON Printer Status Agent2 (EPSONStatusAgent2) - SEIKO EPSON CORPORATION - C:\Program Files\Fichiers communs\EPSON\EBAPI\SAgent2.exe
      O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
      O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
      O23 - Service: WAN Miniport (ATW) Service (WANMiniportService) - America Online, Inc. - C:\WINDOWS\wanmpsvc.exe
      0
  8. jlpjlp Messages postés 52399 Statut Contributeur sécurité 5 041
     
    tu télécharge Lop S&D.exe sur ton Bureau.https://77b4795d-a-62cb3a1a-s-sites.googlegroups.com/site/eric71mespages/LopSD.exe?attachauth=ANoY7co3ntqUavpZ3q1BG-h4pc13vqDZmhcNeEPChtsyrgAykRbhE8bZzhk979EfQD4AgwtQUHCaQ7ZQwNYMo3_0kA8htAspckDJtu2K5t6J9z6dLW4fpZyH4FpFL1tVMBZ8H-KnN7afZ5vt-WxZRpnynk-a0XmV_Y0C0q6DxGEDKie1TnPT7gFoZnoCnspzBmbW6ZzxA4fNr3oEDlbelNZON-LjF8nOmQ%3D%3D&attredirects=2

    * Double-clique dessus pour lancer l'installation
    * Puis double-clique sur le raccourci Lop S&D présent sur ton Bureau
    * Séléctionne la langue souhaitée , puis choisis l'option 1 (Recherche)
    * Patiente jusqu'à la fin du scan
    * Poste le rapport généré (C:\lopR.txt)
    -1
  9. jlpjlp Messages postés 52399 Statut Contributeur sécurité 5 041
     
    ok relance lop sd choisi l'option 2 et colle le rapport

    puis remets un hijakchits et dis tes soucis
    -1
  10. jlpjlp Messages postés 52399 Statut Contributeur sécurité 5 041
     
    télécharge OTMoveIt
    http://download.bleepingcomputer.com/oldtimer/OTMoveIt2.exe (de Old_Timer) sur ton Bureau. Ou sur https://www.luanagames.com/index.fr.html
    double-clique sur OTMoveIt.exe pour le lancer.
    copie la liste qui se trouve en citation ci-dessous,
    et colle-la dans le cadre de gauche de OTMoveIt :Paste List of Files/Folders to be moved.

    Citation :

    C:\WINDOWS\system32\nsb2DC.dll

    clique sur MoveIt! pour lancer la suppression.
    le résultat apparaitra dans le cadre "Results".
    clique sur Exit pour fermer.
    poste le rapport situé dans C:\_OTMoveIt\MovedFiles.

    il te sera peut-être demander de redémarrer le pc pour achever la suppression.si c'est le cas accepte par Yes.

    _______________________________

    scan avec
    MalwareByte's Anti-Malware et vire ce qui est trouvé et colle le rapport

    https://www.malekal.com/tutoriel-malwarebyte-anti-malware/

    ______________________________

    remets un hijakchits et dis si encore des soucis
    -1
  11. jlpjlp Messages postés 52399 Statut Contributeur sécurité 5 041
     
    il faut virer ce qui a été trouvé par malwarebyte??

    encore des problèmes???
    -1
  12. jlpjlp Messages postés 52399 Statut Contributeur sécurité 5 041
     
    ok c'est boon

    garde malwarebyte en complément de spybot et avast

    bonne suite
    -1