virusFermé

Question

Bonjour,
Pouvez vous m'aider à supprimerle le virus win 32 hupugon kme ? 
J ai un souci avec ce virus et ne sais pas comment le virer. J'ai suivi les procédures récupérées sur d autres messages et problèmes résolus. Je vous envoie ci dessous le resultat de l analyse 

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 10:49:02, on 06/10/2008
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16705)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
C:\PROGRA~1\Wanadoo\CnxMon.exe
C:\PROGRA~1\Wanadoo\TaskbarIcon.exe
C:\PROGRA~1\WANADO~1\Wanadoo Messager.exe
C:\WINDOWS\system32\LVCOMSX.EXE
C:\Program Files\Logitech\Video\LogiTray.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.2\Apps\apdproxy.exe
C:\Program Files\Windows Live\Contrôle parental\fssui.exe
C:\Program Files\UPSMON\UPSMON.exe
C:\Program Files\Thomson\SpeedTouch USB\Dragdiag.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
C:\Program Files\Logitech\Video\FxSvr2.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\IncrediMail\bin\IMApp.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe
C:\WINDOWS\system32\slserv.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\UPSMON\UPSMON_Service.Exe
C:\Program Files\Skype\Plugin Manager\skypePM.exe
C:\Program Files\Wanadoo\EspaceWanadoo.exe
C:\Program Files\Wanadoo\ComComp.exe
C:\Program Files\Wanadoo\Watch.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\Program Files\Trend Micro\HijackThis\HJT.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = https://www.orange.fr/portail
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.orange.fr/portail
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://resultsmaster.com/...
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = https://register.passport.net/reg.srf?xpwiz=true&lc=1036&langid=1036
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Wanadoo
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\PROGRA~1\Wanadoo\SEARCH~1.DLL
O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: Windows Live OneCare Family Safety Browser Helper - {4f3ed5cd-0726-42a9-87f5-d13f3d2976ac} - C:\Program Files\Windows Live\Contrôle parental\fssbho.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - C:\Program Files\MSN Apps\ST\01.03.0000.1005\en-xu\stmain.dll
O2 - BHO: BHO Barre de Confiance CM-CIC - {988B07F5-7392-455A-8A1F-64935CB8B6ED} - C:\Program Files\BarreConfCMCIC\TAPBar.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll
O2 - BHO: MSNToolBandBHO - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\MSN Toolbar\01.02.5000.1021\fr\msntb.dll
O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: (no name) - {ACB1E670-3217-45C4-A021-6B829A8A27CB} - (no file)
O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\MSN Toolbar\01.02.5000.1021\fr\msntb.dll
O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: Barre de confiance CM-CIC - {55BDF3B0-C0A8-481A-B8A6-01CD2BE0F3FD} - C:\Program Files\BarreConfCMCIC\TAPBar.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O4 - HKLM\..\Run: [ATIModeChange] Ati2mdxx.exe
O4 - HKLM\..\Run: [ATIPTA] C:\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [Creative WebCam Tray] C:\Program Files\Creative\Shared Files\CAMTRAY.EXE
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
O4 - HKLM\..\Run: [WooCnxMon] C:\PROGRA~1\Wanadoo\CnxMon.exe
O4 - HKLM\..\Run: [WOOWATCH] C:\PROGRA~1\Wanadoo\Watch.exe
O4 - HKLM\..\Run: [WOOTASKBARICON] C:\PROGRA~1\Wanadoo\TaskbarIcon.exe
O4 - HKLM\..\Run: [Wanadoo Messager.exe] "C:\PROGRA~1\WANADO~1\Wanadoo Messager.exe" /background
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe 
O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe
O4 - HKLM\..\Run: [Wayfacefilegrey] C:\Documents and Settings\All Users\Application Data\DATA PROXY WAY FACE\Drivesecond.exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.2\Apps\apdproxy.exe"
O4 - HKLM\..\Run: [fssui] "C:\Program Files\Windows Live\Contrôle parental\fssui.exe" -autorun
O4 - HKLM\..\Run: [UPSMON] C:\Program Files\UPSMON\UPSMON.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [SpeedTouch USB Diagnostics] "C:\Program Files\Thomson\SpeedTouch USB\Dragdiag.exe" /icon
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKCU\..\Run: [IncrediMail] C:\Program Files\IncrediMail\bin\IncMail.exe /c
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - HKCU\..\Run: [LogitechSoftwareUpdate] "C:\Program Files\Logitech\Video\ManifestEngine.exe" boot
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [DashBrowse] C:\DOCUME~1\JACOBI~1\APPLIC~1\DRIVEE~1\pile bits build.exe
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [IETI] C:\Program Files\Skype\Phone\IEPlugin\unins000.exe /VERYSILENT /SUPPRESSMSGBOXES /NORESTART (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O4 - HKUS\.DEFAULT\..\RunOnce: [IETI] C:\Program Files\Skype\Phone\IEPlugin\unins000.exe /VERYSILENT /SUPPRESSMSGBOXES /NORESTART (User 'Default user')
O4 - Global Startup: Adobe Gamma Loader.exe.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: DSLMON.lnk = C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: &Add animation to IncrediMail Style Box - C:\PROGRA~1\INCRED~1\bin\resources\WebMenuImg.htm
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM95\aim.exe
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: Wanadoo - {1462651F-F4BA-4C76-A001-C4284D0FE16E} - https://www.orange.fr/portail (file missing) (HKCU)
O16 - DPF: CabBuilder - http://ak.imgag.com/imgag/kiw/toolbar/download/InstallerControl.cab
O16 - DPF: {0B79F48A-E8D6-11DB-9283-E25056D89593} (F-Secure Online Scanner 3.1) - https://www.f-secure.com/en/home/support
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - https://www.kaspersky.fr/?domain=webscanner.kaspersky.fr
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab
O16 - DPF: {5AE58FCF-6F6A-49B2-B064-02492C66E3F4} (MUCatalogWebControl Class) - http://www.catalog.update.microsoft.com/ClientControl/en/x86/MuCatalogWebControl.cab?1211907831890
O16 - DPF: {745395C8-D0E1-4227-8586-624CA9A10A8D} - http://infodevmaison1.dyndns.org:8080/activex/AMC.cab
O16 - DPF: {80DD2229-B8E4-4C77-B72F-F22972D723EA} (AvxScanOnline Control) - http://www.bitdefender.com/scan/Msie/bitdefender.cab
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/msnmessengersetupdownloader.cab
O16 - DPF: {CF40ACC5-E1BB-4AFF-AC72-04C2F616BCA7} (get_atlcom Class) - http://www.adobe.com/products/acrobat/nos/gp.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{74F1D844-A12E-46DF-B991-6BE1F2506B8A}: NameServer = 81.253.149.1 80.10.246.3
O18 - Protocol: bw+0 - {EA30E862-8F1D-45F3-9962-B3B205FF486F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {EA30E862-8F1D-45F3-9962-B3B205FF486F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {EA30E862-8F1D-45F3-9962-B3B205FF486F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {EA30E862-8F1D-45F3-9962-B3B205FF486F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {EA30E862-8F1D-45F3-9962-B3B205FF486F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {EA30E862-8F1D-45F3-9962-B3B205FF486F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {EA30E862-8F1D-45F3-9962-B3B205FF486F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {EA30E862-8F1D-45F3-9962-B3B205FF486F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {EA30E862-8F1D-45F3-9962-B3B205FF486F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {EA30E862-8F1D-45F3-9962-B3B205FF486F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {EA30E862-8F1D-45F3-9962-B3B205FF486F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {EA30E862-8F1D-45F3-9962-B3B205FF486F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {EA30E862-8F1D-45F3-9962-B3B205FF486F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {EA30E862-8F1D-45F3-9962-B3B205FF486F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {EA30E862-8F1D-45F3-9962-B3B205FF486F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {EA30E862-8F1D-45F3-9962-B3B205FF486F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {EA30E862-8F1D-45F3-9962-B3B205FF486F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {EA30E862-8F1D-45F3-9962-B3B205FF486F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {EA30E862-8F1D-45F3-9962-B3B205FF486F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {EA30E862-8F1D-45F3-9962-B3B205FF486F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {EA30E862-8F1D-45F3-9962-B3B205FF486F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {EA30E862-8F1D-45F3-9962-B3B205FF486F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {EA30E862-8F1D-45F3-9962-B3B205FF486F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {EA30E862-8F1D-45F3-9962-B3B205FF486F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {EA30E862-8F1D-45F3-9962-B3B205FF486F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {EA30E862-8F1D-45F3-9962-B3B205FF486F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {EA30E862-8F1D-45F3-9962-B3B205FF486F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {EA30E862-8F1D-45F3-9962-B3B205FF486F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {EA30E862-8F1D-45F3-9962-B3B205FF486F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {EA30E862-8F1D-45F3-9962-B3B205FF486F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {EA30E862-8F1D-45F3-9962-B3B205FF486F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {EA30E862-8F1D-45F3-9962-B3B205FF486F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {EA30E862-8F1D-45F3-9962-B3B205FF486F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {EA30E862-8F1D-45F3-9962-B3B205FF486F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {EA30E862-8F1D-45F3-9962-B3B205FF486F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {EA30E862-8F1D-45F3-9962-B3B205FF486F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {EA30E862-8F1D-45F3-9962-B3B205FF486F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {EA30E862-8F1D-45F3-9962-B3B205FF486F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {EA30E862-8F1D-45F3-9962-B3B205FF486F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {EA30E862-8F1D-45F3-9962-B3B205FF486F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {EA30E862-8F1D-45F3-9962-B3B205FF486F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {EA30E862-8F1D-45F3-9962-B3B205FF486F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {EA30E862-8F1D-45F3-9962-B3B205FF486F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {EA30E862-8F1D-45F3-9962-B3B205FF486F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {EA30E862-8F1D-45F3-9962-B3B205FF486F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {EA30E862-8F1D-45F3-9962-B3B205FF486F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {EA30E862-8F1D-45F3-9962-B3B205FF486F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {EA30E862-8F1D-45F3-9962-B3B205FF486F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {EA30E862-8F1D-45F3-9962-B3B205FF486F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {EA30E862-8F1D-45F3-9962-B3B205FF486F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {EA30E862-8F1D-45F3-9962-B3B205FF486F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {EA30E862-8F1D-45F3-9962-B3B205FF486F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {EA30E862-8F1D-45F3-9962-B3B205FF486F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {EA30E862-8F1D-45F3-9962-B3B205FF486F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {EA30E862-8F1D-45F3-9962-B3B205FF486F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {EA30E862-8F1D-45F3-9962-B3B205FF486F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {EA30E862-8F1D-45F3-9962-B3B205FF486F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {EA30E862-8F1D-45F3-9962-B3B205FF486F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {EA30E862-8F1D-45F3-9962-B3B205FF486F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {EA30E862-8F1D-45F3-9962-B3B205FF486F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {EA30E862-8F1D-45F3-9962-B3B205FF486F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {EA30E862-8F1D-45F3-9962-B3B205FF486F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {EA30E862-8F1D-45F3-9962-B3B205FF486F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {EA30E862-8F1D-45F3-9962-B3B205FF486F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {EA30E862-8F1D-45F3-9962-B3B205FF486F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {EA30E862-8F1D-45F3-9962-B3B205FF486F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {EA30E862-8F1D-45F3-9962-B3B205FF486F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {EA30E862-8F1D-45F3-9962-B3B205FF486F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {EA30E862-8F1D-45F3-9962-B3B205FF486F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {EA30E862-8F1D-45F3-9962-B3B205FF486F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {EA30E862-8F1D-45F3-9962-B3B205FF486F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {EA30E862-8F1D-45F3-9962-B3B205FF486F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {EA30E862-8F1D-45F3-9962-B3B205FF486F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {EA30E862-8F1D-45F3-9962-B3B205FF486F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {EA30E862-8F1D-45F3-9962-B3B205FF486F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {EA30E862-8F1D-45F3-9962-B3B205FF486F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: offline-8876480 - {EA30E862-8F1D-45F3-9962-B3B205FF486F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: SmartLinkService (SLService) -   - C:\WINDOWS\SYSTEM32\slserv.exe
O23 - Service: UPSMONService - Unknown owner - C:\Program Files\UPSMON\UPSMON_Service.Exe

jlpjlp · Answer

slt,


tu télécharge Lop S&D.exe sur ton Bureau.https://77b4795d-a-62cb3a1a-s-sites.googlegroups.com/site/eric71mespages/LopSD.exe?attachauth=ANoY7co3ntqUavpZ3q1BG-h4pc13vqDZmhcNeEPChtsyrgAykRbhE8bZzhk979EfQD4AgwtQUHCaQ7ZQwNYMo3_0kA8htAspckDJtu2K5t6J9z6dLW4fpZyH4FpFL1tVMBZ8H-KnN7afZ5vt-WxZRpnynk-a0XmV_Y0C0q6DxGEDKie1TnPT7gFoZnoCnspzBmbW6ZzxA4fNr3oEDlbelNZON-LjF8nOmQ%3D%3D&attredirects=2 

* Double-clique dessus pour lancer l'installation 
* Puis double-clique sur le raccourci Lop S&D présent sur ton Bureau 
* Séléctionne la langue souhaitée , puis choisis l'option 1 (Recherche) 
* Patiente jusqu'à la fin du scan 
* Poste le rapport généré (C:\lopR.txt) 
---


a plus

brigtte · Answer

Salut,
J ai suivi vos instructions et vous envoie le rapport 



   --------------------\  Lop S&D 4.2.4-5   XP/Vista

   Microsoft Windows XP Édition familiale ( v5.1.2600 ) Service Pack 3
   X86-based PC ( Uniprocessor Free : AMD Athlon(tm) XP 2400+ )
   BIOS : Phoenix - AwardBIOS v6.00PG
   USER : JACOBI BRIGITTE ( Administrator )
   BOOT : Normal boot
   Antivirus : avast! antivirus 4.8.1229 [VPS 081005-0] 4.8.1229 (Activated)
   C:\ (Local Disk) - NTFS - Total : 72 Go Free : 53 Go
   D:\ (CD or DVD)
   E:\ (CD or DVD)
   F:\ (Local Disk) - FAT32 - Total : 3 Go Free : 3 Go
   G:\ (USB)
   H:\ (USB)

   "C:\Lop SD" ( MAJ : 02-10-2008|23:42 )
   Option : [1] ( 06/10/2008|11:56 )
 
   --------------------\  Listing des dossiers dans APPLIC~1  

   [21/01/2004|15:23] C:\DOCUME~1\ALLUSE~1\APPLIC~1\ACD Systems
   [20/02/2008|09:43] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe
   [13/06/2008|09:22] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple
   [26/09/2008|16:17] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple Computer
   [26/11/2003|13:29] C:\DOCUME~1\ALLUSE~1\APPLIC~1\CyberLink
   [27/12/2007|10:31] C:\DOCUME~1\ALLUSE~1\APPLIC~1\DATA PROXY WAY FACE
   [26/09/2006|01:33] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Google
   [13/08/2008|14:05] C:\DOCUME~1\ALLUSE~1\APPLIC~1\IM
   [13/08/2008|14:04] C:\DOCUME~1\ALLUSE~1\APPLIC~1\IncrediMail
   [27/12/2007|11:28] C:\DOCUME~1\ALLUSE~1\APPLIC~1\MailFrontier
   [19/01/2008|09:48] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft
   [15/02/2004|20:24] C:\DOCUME~1\ALLUSE~1\APPLIC~1\MSN6
   [09/09/2004|19:43] C:\DOCUME~1\ALLUSE~1\APPLIC~1\OLYMPUS
   [11/10/2006|17:22] C:\DOCUME~1\ALLUSE~1\APPLIC~1\QuickTime
   [30/09/2002|15:00] C:\DOCUME~1\ALLUSE~1\APPLIC~1\SBSI
   [19/10/2007|22:07] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Skype
   [24/08/2007|12:39] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Transparent
   [17/03/2007|17:10] C:\DOCUME~1\ALLUSE~1\APPLIC~1\UDL
   [11/11/2004|15:56] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Viewpoint
   [11/07/2007|08:13] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Genuine Advantage
   [27/12/2007|14:11] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WLInstaller

   [26/11/2003|13:25] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Adobe
   [30/09/2002|14:09] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Identities
   [26/11/2003|13:25] C:\DOCUME~1\DEFAUL~1\APPLIC~1\InterTrust
   [29/12/2007|11:00] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft
   [26/11/2003|13:27] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Real

   [20/08/2005|21:55] C:\DOCUME~1\JACOBI~1\APPLIC~1\ACD Systems
   [28/02/2008|22:33] C:\DOCUME~1\JACOBI~1\APPLIC~1\Adobe
   [30/08/2004|11:58] C:\DOCUME~1\JACOBI~1\APPLIC~1\Aim
   [13/06/2008|10:07] C:\DOCUME~1\JACOBI~1\APPLIC~1\Apple Computer
   [27/05/2004|08:36] C:\DOCUME~1\JACOBI~1\APPLIC~1\Creative
   [30/01/2008|23:38] C:\DOCUME~1\JACOBI~1\APPLIC~1\CyberLink
   [27/12/2007|10:32] C:\DOCUME~1\JACOBI~1\APPLIC~1\Drive Each
   [06/06/2008|09:36] C:\DOCUME~1\JACOBI~1\APPLIC~1\EPSON
   [11/10/2006|17:28] C:\DOCUME~1\JACOBI~1\APPLIC~1\FotoWire
   [27/09/2006|21:23] C:\DOCUME~1\JACOBI~1\APPLIC~1\Google
   [15/02/2004|10:38] C:\DOCUME~1\JACOBI~1\APPLIC~1\Help
   [30/09/2002|14:09] C:\DOCUME~1\JACOBI~1\APPLIC~1\Identities
   [26/11/2003|13:25] C:\DOCUME~1\JACOBI~1\APPLIC~1\InterTrust
   [21/01/2004|17:33] C:\DOCUME~1\JACOBI~1\APPLIC~1\Leadertech
   [20/02/2004|00:00] C:\DOCUME~1\JACOBI~1\APPLIC~1\Macromedia
   [27/10/2007|13:36] C:\DOCUME~1\JACOBI~1\APPLIC~1\Microsoft
   [01/03/2008|10:28] C:\DOCUME~1\JACOBI~1\APPLIC~1\Mozilla
   [15/02/2004|20:26] C:\DOCUME~1\JACOBI~1\APPLIC~1\MSN6
   [29/08/2004|14:25] C:\DOCUME~1\JACOBI~1\APPLIC~1\Real
   [08/05/2007|11:20] C:\DOCUME~1\JACOBI~1\APPLIC~1\Screenshot Sender
   [06/10/2008|08:49] C:\DOCUME~1\JACOBI~1\APPLIC~1\Skype
   [06/10/2008|08:50] C:\DOCUME~1\JACOBI~1\APPLIC~1\skypePM
   [21/01/2004|17:33] C:\DOCUME~1\JACOBI~1\APPLIC~1\Sonic
   [27/05/2004|10:20] C:\DOCUME~1\JACOBI~1\APPLIC~1\Sun
   [22/10/2005|21:24] C:\DOCUME~1\JACOBI~1\APPLIC~1\vlc
   [19/01/2008|18:35] C:\DOCUME~1\JACOBI~1\APPLIC~1\WinRAR

   [21/08/2007|10:38] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft

   [26/01/2008|15:13] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft

 
   --------------------\  Tâches planifiées dans C:\WINDOWS	asks

   [26/09/2008 16:16][--a------] C:\WINDOWS	asks\AppleSoftwareUpdate.job
   [06/10/2008 11:00][--ah-----] C:\WINDOWS	asks\BA66246682B1A166.job
   [06/10/2008 08:49][--ah-----] C:\WINDOWS	asks\SA.DAT
   [30/08/2002 14:00][-r-h-----] C:\WINDOWS	asks\desktop.ini

   ( BA66246682B1A166.job )=( c:\docume~1\jacobi~1\applic~1\drivee~1\spamintraboob.exe )

   --------------------\  Listing des dossiers dans C:\Program Files

   [08/01/2008|08:53] C:\Program Files\7-Zip
   [09/04/2007|07:18] C:\Program Files\ABBYY FineReader 6.0 Sprint
   [27/05/2008|07:55] C:\Program Files\AbiSuite2
   [27/06/2008|17:48] C:\Program Files\Adobe
   [11/11/2004|15:56] C:\Program Files\AIM95
   [12/05/2007|15:19] C:\Program Files\Alwil Software
   [26/09/2008|16:16] C:\Program Files\Apple Software Update
   [27/12/2007|13:50] C:\Program Files\Avira
   [27/12/2007|13:53] C:\Program Files\Axis Communications
   [12/07/2007|09:51] C:\Program Files\BarreConfCMCIC
   [26/09/2008|16:20] C:\Program Files\Bonjour
   [22/05/2004|12:55] C:\Program Files\Common Files
   [30/09/2002|14:01] C:\Program Files\ComPlus Applications
   [27/05/2004|08:33] C:\Program Files\Creative
   [26/11/2003|13:29] C:\Program Files\CyberLink
   [24/09/2007|22:50] C:\Program Files\CyberMUT
   [21/01/2004|16:32] C:\Program Files\directx
   [08/05/2007|11:19] C:\Program Files\Drive Each
   [27/05/2004|08:30] C:\Program Files\Empreinte RichMedia System
   [17/03/2007|17:06] C:\Program Files\EPSON
   [21/01/2004|15:49] C:\Program Files\Ericsson
   [26/09/2008|16:17] C:\Program Files\Fichiers communs
   [24/09/2007|15:13] C:\Program Files\Google
   [17/04/2004|20:01] C:\Program Files\HighMAT CD Writing Wizard
   [13/08/2008|14:04] C:\Program Files\IncrediMail
   [05/06/2008|07:34] C:\Program Files\InstallShield Installation Information
   [14/08/2008|09:15] C:\Program Files\Internet Explorer
   [20/08/2008|20:09] C:\Program Files\Java
   [12/04/2008|16:55] C:\Program Files\Kiwee Toolbar2
   [11/10/2006|17:28] C:\Program Files\Logitech
   [15/05/2005|01:14] C:\Program Files\McAfee
   [03/09/2008|18:22] C:\Program Files\Messenger
   [28/12/2007|18:04] C:\Program Files\Microsoft CAPICOM 2.1.0.2
   [30/09/2002|14:05] C:\Program Files\microsoft frontpage
   [27/10/2007|13:14] C:\Program Files\Microsoft Office
   [27/12/2007|14:25] C:\Program Files\Microsoft SQL Server Compact Edition
   [21/01/2004|15:19] C:\Program Files\Microsoft Visual Studio
   [26/11/2003|13:29] C:\Program Files\Microsoft Works
   [03/09/2008|16:16] C:\Program Files\Movie Maker
   [03/09/2008|08:13] C:\Program Files\Mozilla Firefox
   [27/10/2007|13:13] C:\Program Files\MSECache
   [15/02/2004|20:40] C:\Program Files\MSN
   [13/02/2005|17:08] C:\Program Files\MSN Apps
   [30/09/2002|14:00] C:\Program Files\MSN Gaming Zone
   [15/03/2007|22:24] C:\Program Files\MSXML 4.0
   [03/09/2008|16:12] C:\Program Files\NetMeeting
   [06/03/2005|00:54] C:\Program Files\OfficeUpdate11
   [09/09/2004|19:41] C:\Program Files\OLYMPUS
   [03/09/2008|16:11] C:\Program Files\Outlook Express
   [24/09/2007|22:50] C:\Program Files\PocketGestion
   [26/09/2008|16:19] C:\Program Files\QuickTime
   [26/11/2003|13:27] C:\Program Files\Real
   [15/02/2004|09:57] C:\Program Files\SAGEM
   [30/09/2002|14:00] C:\Program Files\Services en ligne
   [21/01/2004|15:47] C:\Program Files\Sierra On-Line
   [19/10/2007|22:07] C:\Program Files\Skype
   [26/11/2003|13:27] C:\Program Files\Sonic
   [21/01/2004|15:56] C:\Program Files\Sony Ericsson
   [20/08/2008|20:09] C:\Program Files\Sun
   [27/12/2007|12:32] C:\Program Files\Sunbelt Software
   [05/06/2008|07:34] C:\Program Files\Thomson
   [24/08/2007|12:39] C:\Program Files\Transparent
   [06/10/2008|09:06] C:\Program Files\Trend Micro
   [21/01/2004|16:30] C:\Program Files\Ubi Soft
   [10/07/2004|20:07] C:\Program Files\Uninstall Information
   [03/10/2008|16:54] C:\Program Files\UPSMON
   [11/06/2005|21:54] C:\Program Files\VideoLAN
   [22/03/2004|11:21] C:\Program Files\Viewpoint
   [06/10/2008|09:29] C:\Program Files\Wanadoo
   [01/11/2004|14:19] C:\Program Files\Wanadoo Messager
   [11/05/2005|03:49] C:\Program Files\WildTangent
   [17/04/2004|20:09] C:\Program Files\Windows Journal Viewer
   [28/02/2008|09:06] C:\Program Files\Windows Live
   [27/12/2007|14:24] C:\Program Files\Windows Live Favorites
   [27/12/2007|14:23] C:\Program Files\Windows Live Toolbar
   [27/05/2004|08:31] C:\Program Files\Windows Media Components
   [21/08/2007|10:18] C:\Program Files\Windows Media Connect 2
   [03/09/2008|16:11] C:\Program Files\Windows Media Player
   [03/09/2008|16:11] C:\Program Files\Windows NT
   [19/08/2004|19:52] C:\Program Files\WindowsUpdate
   [19/01/2008|18:33] C:\Program Files\WinRAR
   [30/09/2002|14:05] C:\Program Files\xerox

   --------------------\  Listing des dossiers dans C:\Program Files\Fichiers communs

   [01/09/2005|21:28] C:\Program Files\Fichiers communs\ACD Systems
   [20/02/2008|09:42] C:\Program Files\Fichiers communs\Adobe
   [28/12/2004|01:23] C:\Program Files\Fichiers communs\AOL
   [26/09/2008|16:17] C:\Program Files\Fichiers communs\Apple
   [21/01/2004|15:19] C:\Program Files\Fichiers communs\Designer
   [11/10/2006|17:28] C:\Program Files\Fichiers communs\FotoWire
   [17/03/2007|16:45] C:\Program Files\Fichiers communs\InstallShield
   [27/05/2004|10:18] C:\Program Files\Fichiers communs\Java
   [11/10/2006|17:26] C:\Program Files\Fichiers communs\Logitech
   [22/01/2008|18:47] C:\Program Files\Fichiers communs\Microsoft Shared
   [30/09/2002|14:02] C:\Program Files\Fichiers communs\MSSoap
   [15/05/2005|01:14] C:\Program Files\Fichiers communs\Network Associates
   [30/09/2002|13:55] C:\Program Files\Fichiers communs\ODBC
   [26/11/2003|13:27] C:\Program Files\Fichiers communs\Real
   [27/05/2004|08:30] C:\Program Files\Fichiers communs\RichMedia System Shared
   [30/09/2002|14:02] C:\Program Files\Fichiers communs\Services
   [26/03/2008|00:11] C:\Program Files\Fichiers communs\Skype
   [30/09/2002|13:55] C:\Program Files\Fichiers communs\SpeechEngines
   [26/11/2003|13:27] C:\Program Files\Fichiers communs\SureThing Shared
   [03/09/2008|16:11] C:\Program Files\Fichiers communs\System
   [27/12/2007|14:19] C:\Program Files\Fichiers communs\WindowsLiveInstaller
   [26/11/2003|13:27] C:\Program Files\Fichiers communs\xing shared

   --------------------\  Process

   ( 56 Processes )

   IEXPLORE.EXE ~ [PID:2980]

   --------------------\  Recherche avec S_Lop

   Aucun fichier / dossier Lop trouvé !
 
   --------------------\  Recherche de Fichiers / Dossiers Lop

   C:\DOCUME~1\JACOBI~1\APPLIC~1\drivee~1
   C:\Program Files\drivee~1
   C:\DOCUME~1\JACOBI~1\Cookies\jacobi_brigitte@advertstream[1].txt
   C:\DOCUME~1\JACOBI~1\Cookies\jacobi_brigitte@advertising[2].txt
   C:\DOCUME~1\JACOBI~1\Cookies\jacobi brigitte@adex.bigpoint[2].txt
   C:\DOCUME~1\JACOBI~1\Cookies\jacobi_brigitte@adopt.euroclick[2].txt
   C:\WINDOWS\Tasks\BA66246682B1A166.job
 
   --------------------\  Verification du Registre

   [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] 
   "DashBrowse"="C:\DOCUME~1\JACOBI~1\APPLIC~1\DRIVEE~1\pile bits build.exe"

   [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

   --------------------\  Verification du fichier Hosts

   Fichier Hosts MODIFIE

   127.0.0.1 bin.errorprotector.com ## added by CiD
   127.0.0.1 br.errorsafe.com ## added by CiD
   127.0.0.1 br.winantivirus.com ## added by CiD
   127.0.0.1 br.winfixer.com ## added by CiD
   127.0.0.1 cdn.drivecleaner.com ## added by CiD
   127.0.0.1 cdn.errorsafe.com ## added by CiD
   127.0.0.1 cdn.winsoftware.com ## added by CiD
   127.0.0.1 de.errorsafe.com ## added by CiD
   127.0.0.1 de.winantivirus.com ## added by CiD
   127.0.0.1 download.cdn.drivecleaner.com ## added by CiD
   127.0.0.1 download.cdn.errorsafe.com ## added by CiD
   127.0.0.1 download.cdn.winsoftware.com ## added by CiD
   127.0.0.1 download.errorsafe.com ## added by CiD
   127.0.0.1 download.systemdoctor.com ## added by CiD
   127.0.0.1 download.winantispyware.com ## added by CiD
   127.0.0.1 download.windrivecleaner.com ## added by CiD
   127.0.0.1 download.winfixer.com ## added by CiD
   127.0.0.1 drivecleaner.com ## added by CiD
   127.0.0.1 dynamique.drivecleaner.com ## added by CiD
   127.0.0.1 errorprotector.com ## added by CiD
   127.0.0.1 errorsafe.com ## added by CiD
   127.0.0.1 es.winantivirus.com ## added by CiD
   127.0.0.1 fr.winantivirus.com ## added by CiD
   127.0.0.1 fr.winfixer.com ## added by CiD
   127.0.0.1 go.drivecleaner.com ## added by CiD
   127.0.0.1 go.errorsafe.com ## added by CiD
   127.0.0.1 go.winantispyware.com ## added by CiD
   127.0.0.1 go.winantivirus.com ## added by CiD
   127.0.0.1 hk.winantivirus.com ## added by CiD
   127.0.0.1 instlog.errorsafe.com ## added by CiD
   127.0.0.1 instlog.winantivirus.com ## added by CiD
   127.0.0.1 instlog.winfixer.com ## added by CiD
   127.0.0.1 jsp.drivecleaner.com ## added by CiD
   127.0.0.1 kb.errorsafe.com ## added by CiD
   127.0.0.1 kb.winantivirus.com ## added by CiD
   127.0.0.1 nl.errorsafe.com ## added by CiD
   127.0.0.1 se.errorsafe.com ## added by CiD
   127.0.0.1 secure.drivecleaner.com ## added by CiD
   127.0.0.1 secure.errorsafe.com ## added by CiD
   127.0.0.1 secure.winantispam.com ## added by CiD
   127.0.0.1 secure.winantispy.com ## added by CiD
   127.0.0.1 secure.winantivirus.com ## added by CiD
   127.0.0.1 support.winantivirus.com ## added by CiD
   127.0.0.1 trial.updates.winsoftware.com ## added by CiD
   127.0.0.1 ulog.winantivirus.com ## added by CiD
   127.0.0.1 utils.errorsafe.com ## added by CiD
   127.0.0.1 utils.winantivirus.com ## added by CiD
   127.0.0.1 utils.winfixer.com ## added by CiD
   127.0.0.1 winantispyware.com ## added by CiD
   127.0.0.1 winantivirus.com ## added by CiD
   127.0.0.1 winfixer.com ## added by CiD
   127.0.0.1 winfixer2006.com ## added by CiD
   127.0.0.1 winsoftware.com ## added by CiD
   127.0.0.1 [i]ww/iw.drivecleaner.com ## added by CiD
   127.0.0.1 [i]ww/iw.errorprotector.com ## added by CiD
   127.0.0.1 [i]ww/iw.errorsafe.com ## added by CiD
   127.0.0.1 [i]ww/iw.systemdoctor.com ## added by CiD
   127.0.0.1 [i]ww/iw.utils.winfixer.com ## added by CiD
   127.0.0.1 [i]ww/iw.win-anti-virus-pro.com ## added by CiD
   127.0.0.1 [i]ww/iw.win-virus-pro.com ## added by CiD
   127.0.0.1 [i]ww/iw.winantispam.com ## added by CiD
   127.0.0.1 [i]ww/iw.winantispy.com ## added by CiD
   127.0.0.1 [i]ww/iw.winantispyware.com ## added by CiD
   127.0.0.1 [i]ww/iw.winantivirus.com ## added by CiD
   127.0.0.1 [i]ww/iw.winantiviruspro.com ## added by CiD
   127.0.0.1 [i]ww/iw.windrivecleaner.com ## added by CiD
   127.0.0.1 [i]ww/iw.windrivesafe.com ## added by CiD
   127.0.0.1 [i]ww/iw.winfixer.com ## added by CiD
   127.0.0.1 [i]ww/iw.winfixer2006.com ## added by CiD
   127.0.0.1 [i]ww/iw.winsoftware.com ## added by CiD

   -> 72 [ 70 ## added by CiD ]

   --------------------\  Recherche de fichiers avec Catchme
 
   catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
   Rootkit scan 2008-10-06 11:59:05
   Windows 5.1.2600 Service Pack 3 NTFS
   scanning hidden processes ...
   scanning hidden files ...
   scan completed successfully
   hidden processes: 0
   hidden files: 25
 
   --------------------\  Recherche d'autres infections


   Aucune autre infection trouvée  !

   [F:743][D:59]-> C:\DOCUME~1\JACOBI~1\LOCALS~1\Temp
   [F:1432][D:0]-> C:\DOCUME~1\JACOBI~1\Cookies
   [F:7829][D:21]-> C:\DOCUME~1\JACOBI~1\LOCALS~1\TEMPOR~1\content.IE5

   1 - "C:\Lop SD\LopR_1.txt" - 06/10/2008|12:02 - Option : [1]

   --------------------\  Fin du rapport a 12:02:23

jlpjlp · Answer

relance lop sd:


* Choisis cette fois ci l'Option 2 (Suppression)
* Ne ferme pas la fenêtre lors de la suppression !
* Poste le rapport généré (C:\lopR.txt)


___________

ensuite verifie si le virus de depart est encore trouvé et recolle un hijakhcits

brigtte · Answer

ci dessus le rapport généré : 
   --------------------\  Lop S&D 4.2.4-5   XP/Vista

   Microsoft Windows XP Édition familiale ( v5.1.2600 ) Service Pack 3
   X86-based PC ( Uniprocessor Free : AMD Athlon(tm) XP 2400+ )
   BIOS : Phoenix - AwardBIOS v6.00PG
   USER : JACOBI BRIGITTE ( Administrator )
   BOOT : Normal boot
   Antivirus : avast! antivirus 4.8.1229 [VPS 081005-0] 4.8.1229 (Activated)
   C:\ (Local Disk) - NTFS - Total : 72 Go Free : 53 Go
   D:\ (CD or DVD)
   E:\ (CD or DVD)
   F:\ (Local Disk) - FAT32 - Total : 3 Go Free : 3 Go
   G:\ (USB)
   H:\ (USB)

   "C:\Lop SD" ( MAJ : 02-10-2008|23:42 )
   Option : [2] ( 06/10/2008|12:41 )


   \\\\\\\\\\\\\\\ SUPPRESSION

   Supprime! - C:\DOCUME~1\JACOBI~1\Cookies\jacobi_brigitte@advertstream[1].txt
   Supprime! - C:\DOCUME~1\JACOBI~1\Cookies\jacobi_brigitte@advertising[2].txt
   Supprime! - C:\DOCUME~1\JACOBI~1\Cookies\jacobi brigitte@adex.bigpoint[2].txt
   Supprime! - C:\DOCUME~1\JACOBI~1\Cookies\jacobi_brigitte@adopt.euroclick[2].txt
   Supprime! - C:\WINDOWS\Tasks\BA66246682B1A166.job 
   Supprime! - C:\DOCUME~1\JACOBI~1\APPLIC~1\drivee~1
   Supprime! - C:\Program Files\drivee~1
   -
   [ Fichier Hosts ] .. Restaure!
 
   \\\\\\\\\\\\\\\ 

   Supprime! - C:\Program Files\Viewpoint
   Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\Viewpoint
 
   \\\\\\\\\\\\\\\

 
   --------------------\  Listing des dossiers dans APPLIC~1  

   [21/01/2004|15:23] C:\DOCUME~1\ALLUSE~1\APPLIC~1\ACD Systems
   [20/02/2008|09:43] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe
   [13/06/2008|09:22] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple
   [26/09/2008|16:17] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple Computer
   [26/11/2003|13:29] C:\DOCUME~1\ALLUSE~1\APPLIC~1\CyberLink
   [27/12/2007|10:31] C:\DOCUME~1\ALLUSE~1\APPLIC~1\DATA PROXY WAY FACE
   [26/09/2006|01:33] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Google
   [13/08/2008|14:05] C:\DOCUME~1\ALLUSE~1\APPLIC~1\IM
   [13/08/2008|14:04] C:\DOCUME~1\ALLUSE~1\APPLIC~1\IncrediMail
   [27/12/2007|11:28] C:\DOCUME~1\ALLUSE~1\APPLIC~1\MailFrontier
   [19/01/2008|09:48] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft
   [15/02/2004|20:24] C:\DOCUME~1\ALLUSE~1\APPLIC~1\MSN6
   [09/09/2004|19:43] C:\DOCUME~1\ALLUSE~1\APPLIC~1\OLYMPUS
   [11/10/2006|17:22] C:\DOCUME~1\ALLUSE~1\APPLIC~1\QuickTime
   [30/09/2002|15:00] C:\DOCUME~1\ALLUSE~1\APPLIC~1\SBSI
   [19/10/2007|22:07] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Skype
   [24/08/2007|12:39] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Transparent
   [17/03/2007|17:10] C:\DOCUME~1\ALLUSE~1\APPLIC~1\UDL
   [11/07/2007|08:13] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Genuine Advantage
   [27/12/2007|14:11] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WLInstaller

   [26/11/2003|13:25] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Adobe
   [30/09/2002|14:09] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Identities
   [26/11/2003|13:25] C:\DOCUME~1\DEFAUL~1\APPLIC~1\InterTrust
   [29/12/2007|11:00] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft
   [26/11/2003|13:27] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Real

   [20/08/2005|21:55] C:\DOCUME~1\JACOBI~1\APPLIC~1\ACD Systems
   [28/02/2008|22:33] C:\DOCUME~1\JACOBI~1\APPLIC~1\Adobe
   [30/08/2004|11:58] C:\DOCUME~1\JACOBI~1\APPLIC~1\Aim
   [13/06/2008|10:07] C:\DOCUME~1\JACOBI~1\APPLIC~1\Apple Computer
   [27/05/2004|08:36] C:\DOCUME~1\JACOBI~1\APPLIC~1\Creative
   [30/01/2008|23:38] C:\DOCUME~1\JACOBI~1\APPLIC~1\CyberLink
   [06/06/2008|09:36] C:\DOCUME~1\JACOBI~1\APPLIC~1\EPSON
   [11/10/2006|17:28] C:\DOCUME~1\JACOBI~1\APPLIC~1\FotoWire
   [27/09/2006|21:23] C:\DOCUME~1\JACOBI~1\APPLIC~1\Google
   [15/02/2004|10:38] C:\DOCUME~1\JACOBI~1\APPLIC~1\Help
   [30/09/2002|14:09] C:\DOCUME~1\JACOBI~1\APPLIC~1\Identities
   [26/11/2003|13:25] C:\DOCUME~1\JACOBI~1\APPLIC~1\InterTrust
   [21/01/2004|17:33] C:\DOCUME~1\JACOBI~1\APPLIC~1\Leadertech
   [20/02/2004|00:00] C:\DOCUME~1\JACOBI~1\APPLIC~1\Macromedia
   [27/10/2007|13:36] C:\DOCUME~1\JACOBI~1\APPLIC~1\Microsoft
   [01/03/2008|10:28] C:\DOCUME~1\JACOBI~1\APPLIC~1\Mozilla
   [15/02/2004|20:26] C:\DOCUME~1\JACOBI~1\APPLIC~1\MSN6
   [29/08/2004|14:25] C:\DOCUME~1\JACOBI~1\APPLIC~1\Real
   [08/05/2007|11:20] C:\DOCUME~1\JACOBI~1\APPLIC~1\Screenshot Sender
   [06/10/2008|08:49] C:\DOCUME~1\JACOBI~1\APPLIC~1\Skype
   [06/10/2008|08:50] C:\DOCUME~1\JACOBI~1\APPLIC~1\skypePM
   [21/01/2004|17:33] C:\DOCUME~1\JACOBI~1\APPLIC~1\Sonic
   [27/05/2004|10:20] C:\DOCUME~1\JACOBI~1\APPLIC~1\Sun
   [22/10/2005|21:24] C:\DOCUME~1\JACOBI~1\APPLIC~1\vlc
   [19/01/2008|18:35] C:\DOCUME~1\JACOBI~1\APPLIC~1\WinRAR

   [21/08/2007|10:38] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft

   [26/01/2008|15:13] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft

 
   --------------------\  Tâches planifiées dans C:\WINDOWS	asks

   [26/09/2008 16:16][--a------] C:\WINDOWS	asks\AppleSoftwareUpdate.job
   [06/10/2008 08:49][--ah-----] C:\WINDOWS	asks\SA.DAT
   [30/08/2002 14:00][-r-h-----] C:\WINDOWS	asks\desktop.ini

   --------------------\  Listing des dossiers dans C:\Program Files

   [08/01/2008|08:53] C:\Program Files\7-Zip
   [09/04/2007|07:18] C:\Program Files\ABBYY FineReader 6.0 Sprint
   [27/05/2008|07:55] C:\Program Files\AbiSuite2
   [27/06/2008|17:48] C:\Program Files\Adobe
   [11/11/2004|15:56] C:\Program Files\AIM95
   [12/05/2007|15:19] C:\Program Files\Alwil Software
   [26/09/2008|16:16] C:\Program Files\Apple Software Update
   [27/12/2007|13:50] C:\Program Files\Avira
   [27/12/2007|13:53] C:\Program Files\Axis Communications
   [12/07/2007|09:51] C:\Program Files\BarreConfCMCIC
   [26/09/2008|16:20] C:\Program Files\Bonjour
   [22/05/2004|12:55] C:\Program Files\Common Files
   [30/09/2002|14:01] C:\Program Files\ComPlus Applications
   [27/05/2004|08:33] C:\Program Files\Creative
   [26/11/2003|13:29] C:\Program Files\CyberLink
   [24/09/2007|22:50] C:\Program Files\CyberMUT
   [21/01/2004|16:32] C:\Program Files\directx
   [27/05/2004|08:30] C:\Program Files\Empreinte RichMedia System
   [17/03/2007|17:06] C:\Program Files\EPSON
   [21/01/2004|15:49] C:\Program Files\Ericsson
   [26/09/2008|16:17] C:\Program Files\Fichiers communs
   [24/09/2007|15:13] C:\Program Files\Google
   [17/04/2004|20:01] C:\Program Files\HighMAT CD Writing Wizard
   [13/08/2008|14:04] C:\Program Files\IncrediMail
   [05/06/2008|07:34] C:\Program Files\InstallShield Installation Information
   [14/08/2008|09:15] C:\Program Files\Internet Explorer
   [20/08/2008|20:09] C:\Program Files\Java
   [12/04/2008|16:55] C:\Program Files\Kiwee Toolbar2
   [11/10/2006|17:28] C:\Program Files\Logitech
   [15/05/2005|01:14] C:\Program Files\McAfee
   [03/09/2008|18:22] C:\Program Files\Messenger
   [28/12/2007|18:04] C:\Program Files\Microsoft CAPICOM 2.1.0.2
   [30/09/2002|14:05] C:\Program Files\microsoft frontpage
   [27/10/2007|13:14] C:\Program Files\Microsoft Office
   [27/12/2007|14:25] C:\Program Files\Microsoft SQL Server Compact Edition
   [21/01/2004|15:19] C:\Program Files\Microsoft Visual Studio
   [26/11/2003|13:29] C:\Program Files\Microsoft Works
   [03/09/2008|16:16] C:\Program Files\Movie Maker
   [03/09/2008|08:13] C:\Program Files\Mozilla Firefox
   [27/10/2007|13:13] C:\Program Files\MSECache
   [15/02/2004|20:40] C:\Program Files\MSN
   [13/02/2005|17:08] C:\Program Files\MSN Apps
   [30/09/2002|14:00] C:\Program Files\MSN Gaming Zone
   [15/03/2007|22:24] C:\Program Files\MSXML 4.0
   [03/09/2008|16:12] C:\Program Files\NetMeeting
   [06/03/2005|00:54] C:\Program Files\OfficeUpdate11
   [09/09/2004|19:41] C:\Program Files\OLYMPUS
   [03/09/2008|16:11] C:\Program Files\Outlook Express
   [24/09/2007|22:50] C:\Program Files\PocketGestion
   [26/09/2008|16:19] C:\Program Files\QuickTime
   [26/11/2003|13:27] C:\Program Files\Real
   [15/02/2004|09:57] C:\Program Files\SAGEM
   [30/09/2002|14:00] C:\Program Files\Services en ligne
   [21/01/2004|15:47] C:\Program Files\Sierra On-Line
   [19/10/2007|22:07] C:\Program Files\Skype
   [26/11/2003|13:27] C:\Program Files\Sonic
   [21/01/2004|15:56] C:\Program Files\Sony Ericsson
   [20/08/2008|20:09] C:\Program Files\Sun
   [27/12/2007|12:32] C:\Program Files\Sunbelt Software
   [05/06/2008|07:34] C:\Program Files\Thomson
   [24/08/2007|12:39] C:\Program Files\Transparent
   [06/10/2008|09:06] C:\Program Files\Trend Micro
   [21/01/2004|16:30] C:\Program Files\Ubi Soft
   [10/07/2004|20:07] C:\Program Files\Uninstall Information
   [03/10/2008|16:54] C:\Program Files\UPSMON
   [11/06/2005|21:54] C:\Program Files\VideoLAN
   [06/10/2008|12:28] C:\Program Files\Wanadoo
   [01/11/2004|14:19] C:\Program Files\Wanadoo Messager
   [11/05/2005|03:49] C:\Program Files\WildTangent
   [17/04/2004|20:09] C:\Program Files\Windows Journal Viewer
   [28/02/2008|09:06] C:\Program Files\Windows Live
   [27/12/2007|14:24] C:\Program Files\Windows Live Favorites
   [27/12/2007|14:23] C:\Program Files\Windows Live Toolbar
   [27/05/2004|08:31] C:\Program Files\Windows Media Components
   [21/08/2007|10:18] C:\Program Files\Windows Media Connect 2
   [03/09/2008|16:11] C:\Program Files\Windows Media Player
   [03/09/2008|16:11] C:\Program Files\Windows NT
   [19/08/2004|19:52] C:\Program Files\WindowsUpdate
   [19/01/2008|18:33] C:\Program Files\WinRAR
   [30/09/2002|14:05] C:\Program Files\xerox

   --------------------\  Listing des dossiers dans C:\Program Files\Fichiers communs

   [01/09/2005|21:28] C:\Program Files\Fichiers communs\ACD Systems
   [20/02/2008|09:42] C:\Program Files\Fichiers communs\Adobe
   [28/12/2004|01:23] C:\Program Files\Fichiers communs\AOL
   [26/09/2008|16:17] C:\Program Files\Fichiers communs\Apple
   [21/01/2004|15:19] C:\Program Files\Fichiers communs\Designer
   [11/10/2006|17:28] C:\Program Files\Fichiers communs\FotoWire
   [17/03/2007|16:45] C:\Program Files\Fichiers communs\InstallShield
   [27/05/2004|10:18] C:\Program Files\Fichiers communs\Java
   [11/10/2006|17:26] C:\Program Files\Fichiers communs\Logitech
   [22/01/2008|18:47] C:\Program Files\Fichiers communs\Microsoft Shared
   [30/09/2002|14:02] C:\Program Files\Fichiers communs\MSSoap
   [15/05/2005|01:14] C:\Program Files\Fichiers communs\Network Associates
   [30/09/2002|13:55] C:\Program Files\Fichiers communs\ODBC
   [26/11/2003|13:27] C:\Program Files\Fichiers communs\Real
   [27/05/2004|08:30] C:\Program Files\Fichiers communs\RichMedia System Shared
   [30/09/2002|14:02] C:\Program Files\Fichiers communs\Services
   [26/03/2008|00:11] C:\Program Files\Fichiers communs\Skype
   [30/09/2002|13:55] C:\Program Files\Fichiers communs\SpeechEngines
   [26/11/2003|13:27] C:\Program Files\Fichiers communs\SureThing Shared
   [03/09/2008|16:11] C:\Program Files\Fichiers communs\System
   [27/12/2007|14:19] C:\Program Files\Fichiers communs\WindowsLiveInstaller
   [26/11/2003|13:27] C:\Program Files\Fichiers communs\xing shared

   --------------------\  Process

   ( 54 Processes )

   ... OK !

   --------------------\  Recherche avec S_Lop

   Aucun fichier / dossier Lop trouvé !
 
   --------------------\  Recherche de Fichiers / Dossiers Lop

   Aucun fichier / dossier Lop trouvé ! 
 
   --------------------\  Verification du Registre
 
   ..... OK !

   --------------------\  Verification du fichier Hosts

   Fichier Hosts PROPRE


   --------------------\  Recherche de fichiers avec Catchme
 
   catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
   Rootkit scan 2008-10-06 12:43:08
   Windows 5.1.2600 Service Pack 3 NTFS
   scanning hidden processes ...
   scanning hidden files ...
   scan completed successfully
   hidden processes: 0
   hidden files: 25
 
   --------------------\  Recherche d'autres infections


   Aucune autre infection trouvée  !

   [F:743][D:59]-> C:\DOCUME~1\JACOBI~1\LOCALS~1\Temp
   [F:1428][D:0]-> C:\DOCUME~1\JACOBI~1\Cookies
   [F:8228][D:21]-> C:\DOCUME~1\JACOBI~1\LOCALS~1\TEMPOR~1\content.IE5

   1 - "C:\Lop SD\LopR_1.txt" - 06/10/2008|12:02 - Option : [1]
   2 - "C:\Lop SD\LopR_2.txt" - 06/10/2008|12:45 - Option : [2]

   --------------------\  Fin du rapport a 12:45:06

jlpjlp · Answer

ensuite verifie si le virus de depart est encore trouvé et recolle un hijakhcits

jlpjlp · Answer

le virus de depart est encore trouvé???


__________________

 colle le rapport d'un scan en ligne 
avec un des suivants: 


bitdefender en ligne : 
http://www.bitdefender.fr/scan_fr/scan8/ie.html 

Panda en ligne : 
http://pandasoftware.fr

Kaspersky en ligne
https://www.kaspersky.fr/?domain=webscanner.kaspersky.fr


__________________

 recolle un hijakhcits

brigtte · Answer

Bonjour,

j ai fait un controle webscanner kaspersky et tu trouveras ci joint le rapport final
apparemment le virus y est toujourS???
KASPERSKY ON-LINE SCANNER REPORT  
Friday, October 10, 2008 8:40:58 AM
Système d'exploitation : Microsoft Windows XP Home Edition, Service Pack 3 (Build 2600)
Kaspersky On-line Scanner version : 5.0.84.2
Dernière mise à jour de la base antivirus Kaspersky : 9/10/2008
Enregistrements dans la base antivirus Kaspersky : 1162917
 
 
Paramètres d'analyse 
Analyser avec la base antivirus suivante standard 
Analyser les archives vrai 
Analyser les bases de messagerie vrai 
 
Cible de l'analyse Poste de travail 
C:\
D:\
E:\
F:\
G:\
H:\  
 
Statistiques de l'analyse 
Total d'objets analysés 102518 
Nombre de virus trouvés 1 
Nombre d'objets infectés 3 / 0 
Nombre d'objets suspects 0 
Durée de l'analyse 02:31:10 

Nom de l'objet infecté Nom du virus Dernière action 
C:\Documents and Settings\JACOBI BRIGITTE\Application Data\Skype\brigtte\call256.dbb  L'objet est verrouillé  ignoré  
 
C:\Documents and Settings\JACOBI BRIGITTE\Application Data\Skype\brigtte\callmember256.dbb  L'objet est verrouillé  ignoré  
 
C:\Documents and Settings\JACOBI BRIGITTE\Application Data\Skype\brigtte\chat4096.dbb  L'objet est verrouillé  ignoré  
 
C:\Documents and Settings\JACOBI BRIGITTE\Application Data\Skype\brigtte\chat512.dbb  L'objet est verrouillé  ignoré  
 
C:\Documents and Settings\JACOBI BRIGITTE\Application Data\Skype\brigtte\chatmember256.dbb  L'objet est verrouillé  ignoré  
 
C:\Documents and Settings\JACOBI BRIGITTE\Application Data\Skype\brigtte\chatmsg1024.dbb  L'objet est verrouillé  ignoré  
 
C:\Documents and Settings\JACOBI BRIGITTE\Application Data\Skype\brigtte\chatmsg256.dbb  L'objet est verrouillé  ignoré  
 
C:\Documents and Settings\JACOBI BRIGITTE\Application Data\Skype\brigtte\chatmsg512.dbb  L'objet est verrouillé  ignoré  
 
C:\Documents and Settings\JACOBI BRIGITTE\Application Data\Skype\brigtte\contactgroup256.dbb  L'objet est verrouillé  ignoré  
 
C:\Documents and Settings\JACOBI BRIGITTE\Application Data\Skype\brigtte\dyncontent\bundle.dat  L'objet est verrouillé  ignoré  
 
C:\Documents and Settings\JACOBI BRIGITTE\Application Data\Skype\brigtte\index2.dat  L'objet est verrouillé  ignoré  
 
C:\Documents and Settings\JACOBI BRIGITTE\Application Data\Skype\brigtte\message256.dbb  L'objet est verrouillé  ignoré  
 
C:\Documents and Settings\JACOBI BRIGITTE\Application Data\Skype\brigtte\profile256.dbb  L'objet est verrouillé  ignoré  
 
C:\Documents and Settings\JACOBI BRIGITTE\Application Data\Skype\brigtte	ransfer256.dbb  L'objet est verrouillé  ignoré  
 
C:\Documents and Settings\JACOBI BRIGITTE\Application Data\Skype\brigtte	ransfer512.dbb  L'objet est verrouillé  ignoré  
 
C:\Documents and Settings\JACOBI BRIGITTE\Application Data\Skype\brigtte\user1024.dbb  L'objet est verrouillé  ignoré  
 
C:\Documents and Settings\JACOBI BRIGITTE\Application Data\Skype\brigtte\user16384.dbb  L'objet est verrouillé  ignoré  
 
C:\Documents and Settings\JACOBI BRIGITTE\Application Data\Skype\brigtte\user256.dbb  L'objet est verrouillé  ignoré  
 
C:\Documents and Settings\JACOBI BRIGITTE\Application Data\Skype\brigtte\user4096.dbb  L'objet est verrouillé  ignoré  
 
C:\Documents and Settings\JACOBI BRIGITTE\Application Data\Skype\brigtte\voicemail256.dbb  L'objet est verrouillé  ignoré  
 
C:\Documents and Settings\JACOBI BRIGITTE\Cookies\index.dat  L'objet est verrouillé  ignoré  
 
C:\Documents and Settings\JACOBI BRIGITTE\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat  L'objet est verrouillé  ignoré  
 
C:\Documents and Settings\JACOBI BRIGITTE\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG  L'objet est verrouillé  ignoré  
 
C:\Documents and Settings\JACOBI BRIGITTE\Local Settings\Application DataKiweeToolbar1.2.116.msi/_713788D036849A848DAA56B9D8E20370/_255311685EC0439E9B51F19CA2877AB9  Infecté : Trojan-Downloader.Win32.Zlob.meq  ignoré  
 
C:\Documents and Settings\JACOBI BRIGITTE\Local Settings\Application DataKiweeToolbar1.2.116.msi/_713788D036849A848DAA56B9D8E20370  Infecté : Trojan-Downloader.Win32.Zlob.meq  ignoré  
 
C:\Documents and Settings\JACOBI BRIGITTE\Local Settings\Application DataKiweeToolbar1.2.116.msi  Embedded: infecté - 2  ignoré  
 
C:\Documents and Settings\JACOBI BRIGITTE\Local Settings\Historique\History.IE5\index.dat  L'objet est verrouillé  ignoré  
 
C:\Documents and Settings\JACOBI BRIGITTE\Local Settings\Historique\History.IE5\MSHist012008100620081007\index.dat  L'objet est verrouillé  ignoré  
 
C:\Documents and Settings\JACOBI BRIGITTE\Local Settings\Historique\History.IE5\MSHist012008100920081010\index.dat  L'objet est verrouillé  ignoré  
 
C:\Documents and Settings\JACOBI BRIGITTE\Local Settings\Temp\fla229.tmp  L'objet est verrouillé  ignoré  
 
C:\Documents and Settings\JACOBI BRIGITTE\Local Settings\Temp\~DFEDC3.tmp  L'objet est verrouillé  ignoré  
 
C:\Documents and Settings\JACOBI BRIGITTE\Local Settings\Temp\~DFFF12.tmp  L'objet est verrouillé  ignoré  
 
C:\Documents and Settings\JACOBI BRIGITTE\Local Settings\Temporary Internet Files\AntiPhishing\B3BB5BBA-E7D5-40AB-A041-A5B1C0B26C8F.dat  L'objet est verrouillé  ignoré  
 
C:\Documents and Settings\JACOBI BRIGITTE\Local Settings\Temporary Internet Files\Content.IE5\index.dat  L'objet est verrouillé  ignoré  
 
C:\Documents and Settings\JACOBI BRIGITTE\Local Settings\Temporary Internet Files\Content.IE5\J338DUPO\11553746-1[1].on2  L'objet est verrouillé  ignoré  
 
C:\Documents and Settings\JACOBI BRIGITTE\NTUSER.DAT  L'objet est verrouillé  ignoré  
 
C:\Documents and Settings\JACOBI BRIGITTE
tuser.dat.LOG  L'objet est verrouillé  ignoré  
 
C:\Documents and Settings\LocalService\Cookies\index.dat  L'objet est verrouillé  ignoré  
 
C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat  L'objet est verrouillé  ignoré  
 
C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG  L'objet est verrouillé  ignoré  
 
C:\Documents and Settings\LocalService\Local Settings\Historique\History.IE5\index.dat  L'objet est verrouillé  ignoré  
 
C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\index.dat  L'objet est verrouillé  ignoré  
 
C:\Documents and Settings\LocalService\NTUSER.DAT  L'objet est verrouillé  ignoré  
 
C:\Documents and Settings\LocalService
tuser.dat.LOG  L'objet est verrouillé  ignoré  
 
C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat  L'objet est verrouillé  ignoré  
 
C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG  L'objet est verrouillé  ignoré  
 
C:\Documents and Settings\NetworkService\NTUSER.DAT  L'objet est verrouillé  ignoré  
 
C:\Documents and Settings\NetworkService
tuser.dat.LOG  L'objet est verrouillé  ignoré  
 
C:\Program Files\Alwil Software\Avast4\DATA\aswResp.dat  L'objet est verrouillé  ignoré  
 
C:\Program Files\Alwil Software\Avast4\DATA\Avast4.db  L'objet est verrouillé  ignoré  
 
C:\Program Files\Alwil Software\Avast4\DATA\log
shield.log  L'objet est verrouillé  ignoré  
 
C:\Program Files\Alwil Software\Avast4\DATA\log\selfdef.log  L'objet est verrouillé  ignoré  
 
C:\Program Files\Alwil Software\Avast4\DATAeport\Protection résidente.txt  L'objet est verrouillé  ignoré  
 
C:\Program Files\Logitech\Desktop Messenger\8876480\Users\JACOBI BRIGITTE\Data\BWDocMap.pht  L'objet est verrouillé  ignoré  
 
C:\Program Files\Logitech\Desktop Messenger\8876480\Users\JACOBI BRIGITTE\Data\BWInfopakMap.pht  L'objet est verrouillé  ignoré  
 
C:\Program Files\Logitech\Desktop Messenger\8876480\Users\JACOBI BRIGITTE\Data\chandir.dat  L'objet est verrouillé  ignoré  
 
C:\Program Files\Logitech\Desktop Messenger\8876480\Users\JACOBI BRIGITTE\Data\chandir.idx  L'objet est verrouillé  ignoré  
 
C:\Program Files\Logitech\Desktop Messenger\8876480\Users\JACOBI BRIGITTE\Data\chn.dat  L'objet est verrouillé  ignoré  
 
C:\Program Files\Logitech\Desktop Messenger\8876480\Users\JACOBI BRIGITTE\Data\chn.idx  L'objet est verrouillé  ignoré  
 
C:\Program Files\Logitech\Desktop Messenger\8876480\Users\JACOBI BRIGITTE\Data\D0000000.FCS  L'objet est verrouillé  ignoré  
 
C:\Program Files\Logitech\Desktop Messenger\8876480\Users\JACOBI BRIGITTE\Data\inuse.txt  L'objet est verrouillé  ignoré  
 
C:\Program Files\Logitech\Desktop Messenger\8876480\Users\JACOBI BRIGITTE\Data\L0000015.FCS  L'objet est verrouillé  ignoré  
 
C:\Program Files\Logitech\Desktop Messenger\8876480\Users\JACOBI BRIGITTE\Data\main.log  L'objet est verrouillé  ignoré  
 
C:\Program Files\Logitech\Desktop Messenger\8876480\Users\JACOBI BRIGITTE\Data\prs.dat  L'objet est verrouillé  ignoré  
 
C:\Program Files\Logitech\Desktop Messenger\8876480\Users\JACOBI BRIGITTE\Data\prs.idx  L'objet est verrouillé  ignoré  
 
C:\Program Files\Logitech\Desktop Messenger\8876480\Users\JACOBI BRIGITTE\Data\prs_die.dat  L'objet est verrouillé  ignoré  
 
C:\Program Files\Logitech\Desktop Messenger\8876480\Users\JACOBI BRIGITTE\Data\prs_die.idx  L'objet est verrouillé  ignoré  
 
C:\Program Files\Logitech\Desktop Messenger\8876480\Users\JACOBI BRIGITTE\Data\prs_dnd.dat  L'objet est verrouillé  ignoré  
 
C:\Program Files\Logitech\Desktop Messenger\8876480\Users\JACOBI BRIGITTE\Data\prs_dnd.idx  L'objet est verrouillé  ignoré  
 
C:\Program Files\Logitech\Desktop Messenger\8876480\Users\JACOBI BRIGITTE\Data\prs_ext.dat  L'objet est verrouillé  ignoré  
 
C:\Program Files\Logitech\Desktop Messenger\8876480\Users\JACOBI BRIGITTE\Data\prs_ext.idx  L'objet est verrouillé  ignoré  
 
C:\Program Files\Logitech\Desktop Messenger\8876480\Users\JACOBI BRIGITTE\Data\prs_rcv.dat  L'objet est verrouillé  ignoré  
 
C:\Program Files\Logitech\Desktop Messenger\8876480\Users\JACOBI BRIGITTE\Data\prs_rcv.idx  L'objet est verrouillé  ignoré  
 
C:\Program Files\Logitech\Desktop Messenger\8876480\Users\JACOBI BRIGITTE\Data\storydb.dat  L'objet est verrouillé  ignoré  
 
C:\Program Files\Logitech\Desktop Messenger\8876480\Users\JACOBI BRIGITTE\Data\storydb.idx  L'objet est verrouillé  ignoré  
 
C:\Program Files\UPSMON\10\1.pal  L'objet est verrouillé  ignoré  
 
C:\Program Files\UPSMON\DATABuff.REC  L'objet est verrouillé  ignoré  
 
C:\System Volume Information\_restore{9AEDEF4B-1977-4657-B854-EFDB21259CFF}\RP920\change.log  L'objet est verrouillé  ignoré  
 
C:\WINDOWS\Debug\PASSWD.LOG  L'objet est verrouillé  ignoré  
 
C:\WINDOWS\SchedLgU.Txt  L'objet est verrouillé  ignoré  
 
C:\WINDOWS\SoftwareDistribution\ReportingEvents.log  L'objet est verrouillé  ignoré  
 
C:\WINDOWS\Sti_Trace.log  L'objet est verrouillé  ignoré  
 
C:\WINDOWS\system32\CatRoot2\edb.log  L'objet est verrouillé  ignoré  
 
C:\WINDOWS\system32\CatRoot2	mp.edb  L'objet est verrouillé  ignoré  
 
C:\WINDOWS\system32\config\Antivirus.Evt  L'objet est verrouillé  ignoré  
 
C:\WINDOWS\system32\config\AppEvent.Evt  L'objet est verrouillé  ignoré  
 
C:\WINDOWS\system32\config\DEFAULT  L'objet est verrouillé  ignoré  
 
C:\WINDOWS\system32\config\default.LOG  L'objet est verrouillé  ignoré  
 
C:\WINDOWS\system32\config\Internet.evt  L'objet est verrouillé  ignoré  
 
C:\WINDOWS\system32\config\SAM  L'objet est verrouillé  ignoré  
 
C:\WINDOWS\system32\config\SAM.LOG  L'objet est verrouillé  ignoré  
 
C:\WINDOWS\system32\config\SecEvent.Evt  L'objet est verrouillé  ignoré  
 
C:\WINDOWS\system32\config\SECURITY  L'objet est verrouillé  ignoré  
 
C:\WINDOWS\system32\config\SECURITY.LOG  L'objet est verrouillé  ignoré  
 
C:\WINDOWS\system32\config\SOFTWARE  L'objet est verrouillé  ignoré  
 
C:\WINDOWS\system32\config\software.LOG  L'objet est verrouillé  ignoré  
 
C:\WINDOWS\system32\config\SysEvent.Evt  L'objet est verrouillé  ignoré  
 
C:\WINDOWS\system32\config\SYSTEM  L'objet est verrouillé  ignoré  
 
C:\WINDOWS\system32\config\system.LOG  L'objet est verrouillé  ignoré  
 
C:\WINDOWS\system32\h323log.txt  L'objet est verrouillé  ignoré  
 
C:\WINDOWS\system32\wbem\Repository\FS\INDEX.BTR  L'objet est verrouillé  ignoré  
 
C:\WINDOWS\system32\wbem\Repository\FS\INDEX.MAP  L'objet est verrouillé  ignoré  
 
C:\WINDOWS\system32\wbem\Repository\FS\MAPPING.VER  L'objet est verrouillé  ignoré  
 
C:\WINDOWS\system32\wbem\Repository\FS\MAPPING1.MAP  L'objet est verrouillé  ignoré  
 
C:\WINDOWS\system32\wbem\Repository\FS\MAPPING2.MAP  L'objet est verrouillé  ignoré  
 
C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.DATA  L'objet est verrouillé  ignoré  
 
C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.MAP  L'objet est verrouillé  ignoré  
 
C:\WINDOWS\Temp\Perflib_Perfdata_564.dat  L'objet est verrouillé  ignoré  
 
C:\WINDOWS\wiadebug.log  L'objet est verrouillé  ignoré  
 
C:\WINDOWS\wiaservc.log  L'objet est verrouillé  ignoré  
 
C:\WINDOWS\WindowsUpdate.log  L'objet est verrouillé  ignoré  
 
F:\System Volume Information\_restore{9AEDEF4B-1977-4657-B854-EFDB21259CFF}\RP920\change.log  L'objet est verrouillé  ignoré  
 
Analyse terminée.

jlpjlp · Answer

télécharge OTMoveIt
http://download.bleepingcomputer.com/oldtimer/OTMoveIt2.exe (de Old_Timer) sur ton Bureau. Ou sur https://www.luanagames.com/index.fr.html
double-clique sur OTMoveIt.exe pour le lancer.
copie la liste qui se trouve en citation ci-dessous,
et colle-la dans le cadre de gauche de OTMoveIt :Paste List of Files/Folders to be moved.

Citation :

C:\Documents and Settings\JACOBI BRIGITTE\Local Settings\Application DataKiweeToolbar1.2.116.msi

clique sur MoveIt! pour lancer la suppression.
le résultat apparaitra dans le cadre "Results".
clique sur Exit pour fermer.
poste le rapport situé dans C:\_OTMoveIt\MovedFiles.

il te sera peut-être demander de redémarrer le pc pour achever la suppression.si c'est le cas accepte par Yes. 

__________________

vire ce qui est dans le dossier moved files en allant dans psote de travail puis C puis otmovit

_____________________

encore des soucis???

jlpjlp · Answer

pour virer ce qui a été utilisé lance tools cleaner

http://www.commentcamarche.net/telecharger/telecharger 34055291 toolscleaner

Virus

9 réponses

Discussions similaires

Newsletters