Déconnection internet suivi d'un bug complet du pc

Disquette Messages: 36 Tutoriaux : 0

Hello,
Je suis désolé mais c'est un peu trop compliqué pour moi... Je pense que je vais abandonner cette idée de corriger le bug de déconnexion, tant pis :/

Par contre, j'aimerais bien, si possible que tu m'aides pour trois dernières choses, si tu peux ^^''

Tout d'abord, j'ai l'impression que mon ordi est encore plus lent qu'avant, alors que je n'ai rien changé de spécial...

Ensuite, j'ai des fenêtres publicitaires qui arrivent d'IE et c'est tout le temps le même site : CiD : lenomdelapub

Enfin, le plus gros problème : windows me demande sans cesse de télécharger les mises à jour (une petite centaine, d'ailleurs Oo'). Lorsque je les télécharge, non seulement ça prend une bonne partie de téléchargement (vu que je suis belge et qu'on a un quota limité de téléchargement, c'est emmerdant) et ensuite, après le téléchargement, il y a un message d'erreur et il me dit que finalement les mises à jour n'ont pas eu lieues...

Voili voilou :/

Merci d'avance, trop beaucoup tout plein!

N'utilise pas Internet Explore pour aller sur le NET.
Download et installe Mozilla-Firefox si ce n'est pas encore fait !
http://www.mozilla-europe.org/fr/
de plus installes le module Ad-block

-->source ici

Quand tu auras fait ça, désinstalle Lop S&D de Angeldark et Eric71
Donne un coup de CCleaner.
Ensuite réinstall à nouveau (les outils sont mis à jour trés régulièrement)

Lop S&D

de Angeldark et Eric71

http://eric.71.mespages.googlepages.com/LopSD.exe

Lop S&D

Scan.bat

R

Rechercher

Entrée.

Laisse l'outil travailler, il va générer un rapport, poste le à la suite.

Relance Lop S&D de Angeldark et Eric71
Cette fois-ci, choisis l'option 2, suppression+Host.
Poste le rapport.

Disquette Messages: 36 Tutoriaux : 0

Voili voilou ^^

Je ne travaillais avec IE mais j'avais quand même de la pub d'IE...

Voici les rapports :

RECHERCHER:

-----------------------[ Lop S&D 4.2.0-6 XP/Vista ]---------------------

[ Windows XP (NT 5.1) Build 2600, Service Pack 2 ]
[ USER : Lefebvre ] [ "C:\Lop SD" ] [ Selection : 1 ]
[ dim. 04/05/2008 | 16:23:24,51 ] [ PC : LEFEBVRE-130473 ]
[ MAJ : 04-05-2008 | 14:40 ]

-------------[ Listing des dossiers dans Application Data ]------------

[12/04/2008|15:23] C:\DOCUME~1\ALLUSE~1\APPLIC~1\addr_file.html
[30/04/2008|21:38] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe
[28/07/2007|23:03] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe Systems
[27/07/2007|14:08] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Ahead
[02/05/2008|00:08] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Avira
[22/03/2008|17:10] C:\DOCUME~1\ALLUSE~1\APPLIC~1\desktop.ini
[20/03/2008|09:25] C:\DOCUME~1\ALLUSE~1\APPLIC~1\DVD Shrink
[01/09/2007|23:27] C:\DOCUME~1\ALLUSE~1\APPLIC~1\FLEXnet
[27/07/2007|18:10] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Google
[16/04/2008|20:03] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Kaspersky Lab
[05/02/2008|10:40] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Lavasoft
[19/01/2008|01:58] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Macromedia
[14/04/2008|21:15] C:\DOCUME~1\ALLUSE~1\APPLIC~1\MailFrontier
[01/05/2008|09:20] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Messenger Plus!
[16/04/2008|19:12] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft
[30/04/2008|21:10] C:\DOCUME~1\ALLUSE~1\APPLIC~1\platform dupe draw memo
[20/08/2007|12:07] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Skype
[17/02/2008|22:44] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Spybot - Search & Destroy
[01/08/2007|16:40] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Genuine Advantage
[16/04/2008|19:10] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WLInstaller
[21/08/2007|23:14] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Yahoo! Companion

[22/03/2008|17:10] C:\DOCUME~1\DEFAUL~1\APPLIC~1\desktop.ini
[27/07/2007|11:37] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft

[30/04/2008|21:38] C:\DOCUME~1\Lefebvre\APPLIC~1\Adobe
[27/04/2008|15:38] C:\DOCUME~1\Lefebvre\APPLIC~1\Ahead
[30/04/2008|21:11] C:\DOCUME~1\Lefebvre\APPLIC~1\AtomLinkJoy
[01/01/2008|18:10] C:\DOCUME~1\Lefebvre\APPLIC~1\Auslogics
[03/05/2008|01:31] C:\DOCUME~1\Lefebvre\APPLIC~1\BitTorrent
[27/07/2007|11:21] C:\DOCUME~1\Lefebvre\APPLIC~1\desktop.ini
[19/08/2007|14:36] C:\DOCUME~1\Lefebvre\APPLIC~1\DivX
[03/02/2008|20:12] C:\DOCUME~1\Lefebvre\APPLIC~1\dvdcss
[05/11/2007|23:53] C:\DOCUME~1\Lefebvre\APPLIC~1\Help
[27/07/2007|11:51] C:\DOCUME~1\Lefebvre\APPLIC~1\Identities
[17/02/2008|22:42] C:\DOCUME~1\Lefebvre\APPLIC~1\Kingston
[27/07/2007|17:42] C:\DOCUME~1\Lefebvre\APPLIC~1\Logitech
[27/07/2007|13:33] C:\DOCUME~1\Lefebvre\APPLIC~1\ma-config.com
[25/02/2008|19:10] C:\DOCUME~1\Lefebvre\APPLIC~1\Macromedia
[02/12/2007|12:58] C:\DOCUME~1\Lefebvre\APPLIC~1\Microsoft
[27/07/2007|17:59] C:\DOCUME~1\Lefebvre\APPLIC~1\Mozilla
[18/08/2007|20:32] C:\DOCUME~1\Lefebvre\APPLIC~1\Real
[25/08/2007|19:23] C:\DOCUME~1\Lefebvre\APPLIC~1\Skype
[08/09/2007|17:56] C:\DOCUME~1\Lefebvre\APPLIC~1\Sun
[13/11/2007|10:02] C:\DOCUME~1\Lefebvre\APPLIC~1\vlc
[28/07/2007|15:25] C:\DOCUME~1\Lefebvre\APPLIC~1\WinRAR

[21/09/2007|19:49] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft

[27/07/2007|11:37] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft

----------------[ Tâches planifiées dans C:\WINDOWS\tasks ]---------------

[04/05/2008 16:00][--ah-----] C:\WINDOWS\tasks\AB6F631791F91A53.job
[04/05/2008 16:20][--ah-----] C:\WINDOWS\tasks\SA.DAT
[05/08/2004 14:00][-r-h-----] C:\WINDOWS\tasks\desktop.ini

AB6F631791F91A53.job <--> c:\docume~1\lefebvre\applic~1\atomli~1\Jumplocksbeep.exe

---------------[ Listing des dossiers dans C:\Program Files ]--------------

[17/02/2008|18:55] C:\Program Files\Adobe
[27/07/2007|14:09] C:\Program Files\Ahead
[27/07/2007|18:15] C:\Program Files\Alwil Software
[27/07/2007|12:02] C:\Program Files\Analog Devices
[18/12/2007|11:46] C:\Program Files\Ankama Games
[30/04/2008|21:08] C:\Program Files\AtomLinkJoy
[14/10/2007|20:37] C:\Program Files\Audacity
[01/01/2008|18:09] C:\Program Files\AusLogics Disk Defrag
[21/09/2007|19:49] C:\Program Files\AviSynth 2.5
[03/02/2008|18:51] C:\Program Files\Babylon
[06/01/2008|20:26] C:\Program Files\BitTorrent
[03/08/2007|09:47] C:\Program Files\Bodom-Child - RaBBi
[08/11/2007|22:11] C:\Program Files\Bonjour
[19/08/2007|21:45] C:\Program Files\Bullfrog
[14/11/2007|16:06] C:\Program Files\CamStudio
[28/07/2007|16:09] C:\Program Files\CCleaner
[05/11/2007|23:53] C:\Program Files\CDex_170b2
[30/04/2008|21:07] C:\Program Files\Circle Developement
[13/04/2008|14:14] C:\Program Files\Common Files
[27/07/2007|11:34] C:\Program Files\ComPlus Applications
[10/10/2007|16:46] C:\Program Files\directx
[21/08/2007|10:25] C:\Program Files\Disney Interactive
[27/10/2007|22:00] C:\Program Files\DivX
[15/04/2008|07:21] C:\Program Files\Dofus
[25/11/2007|20:05] C:\Program Files\Dofus-Arena beta 2
[17/11/2007|14:35] C:\Program Files\DofusCalc
[12/02/2008|16:56] C:\Program Files\DVD Shrink
[10/10/2007|16:48] C:\Program Files\Eidos Interactive
[23/04/2008|07:27] C:\Program Files\eMule
[21/09/2007|19:48] C:\Program Files\eRightSoft
[07/08/2007|10:40] C:\Program Files\ESF
[16/04/2008|19:11] C:\Program Files\Fichiers communs
[21/08/2007|23:24] C:\Program Files\Google
[14/08/2007|17:25] C:\Program Files\Gpotato
[28/07/2007|18:58] C:\Program Files\GUILD WARS
[05/08/2007|21:16] C:\Program Files\HyCam2
[23/08/2007|12:09] C:\Program Files\IndustryGiant 2
[28/03/2008|15:34] C:\Program Files\InstallShield Installation Information
[03/05/2008|10:53] C:\Program Files\Internet Explorer
[24/03/2008|23:25] C:\Program Files\Java
[05/02/2008|11:46] C:\Program Files\Lavalys
[10/12/2007|23:48] C:\Program Files\Lavasoft
[29/10/2007|16:08] C:\Program Files\Logitech
[27/07/2007|13:33] C:\Program Files\ma-config.com
[19/01/2008|01:58] C:\Program Files\Macromedia
[08/11/2007|20:42] C:\Program Files\Messenger
[30/04/2008|21:07] C:\Program Files\Messenger Plus! Live
[27/07/2007|11:37] C:\Program Files\microsoft frontpage
[14/12/2007|19:47] C:\Program Files\Microsoft GIF Animator
[18/09/2007|17:31] C:\Program Files\Microsoft Office
[18/09/2007|17:31] C:\Program Files\Microsoft Visual Studio
[18/09/2007|17:31] C:\Program Files\Microsoft Works
[20/01/2008|11:15] C:\Program Files\Movie Maker
[04/05/2008|16:05] C:\Program Files\Mozilla Firefox
[14/10/2007|22:06] C:\Program Files\mp3DirectCut
[27/07/2007|11:33] C:\Program Files\MSN
[27/07/2007|11:33] C:\Program Files\MSN Gaming Zone
[16/04/2008|19:16] C:\Program Files\MSN Messenger
[27/07/2007|17:40] C:\Program Files\MUSICMATCH
[27/07/2007|11:35] C:\Program Files\NetMeeting
[04/04/2008|15:01] C:\Program Files\Norton Security Scan
[08/11/2007|18:32] C:\Program Files\Odebit Multim‚dia
[27/07/2007|11:34] C:\Program Files\Online Services
[22/03/2008|17:22] C:\Program Files\Outlook Express
[02/11/2007|10:14] C:\Program Files\PSXMemTool
[18/08/2007|20:30] C:\Program Files\Real
[23/08/2007|12:11] C:\Program Files\Reality Pump
[27/07/2007|12:14] C:\Program Files\Realtek
[27/07/2007|11:57] C:\Program Files\S3
[27/07/2007|11:35] C:\Program Files\Services en ligne
[20/08/2007|12:07] C:\Program Files\Skype
[28/03/2008|15:34] C:\Program Files\Sony
[17/02/2008|22:44] C:\Program Files\Spybot - Search & Destroy
[02/05/2008|20:57] C:\Program Files\Steam
[08/11/2007|18:13] C:\Program Files\Trend Micro
[27/07/2007|11:51] C:\Program Files\Uninstall Information
[27/07/2007|11:55] C:\Program Files\VIA
[13/11/2007|18:48] C:\Program Files\VideoLAN
[08/11/2007|18:41] C:\Program Files\Web Media Player
[16/04/2008|19:14] C:\Program Files\Windows Live
[01/08/2007|16:42] C:\Program Files\Windows Media Connect 2
[22/03/2008|20:32] C:\Program Files\Windows Media Player
[27/07/2007|11:33] C:\Program Files\Windows NT
[27/07/2007|11:35] C:\Program Files\WindowsUpdate
[28/07/2007|15:25] C:\Program Files\WinRAR
[01/05/2008|10:15] C:\Program Files\World of Warcraft
[10/03/2008|15:37] C:\Program Files\WowCartographe
[27/07/2007|11:37] C:\Program Files\xerox
[08/11/2007|18:05] C:\Program Files\Yahoo!
[22/01/2008|14:05] C:\Program Files\Yetisports
[14/04/2008|21:13] C:\Program Files\Zone Labs

------[ Listing des dossiers dans C:\Program Files\Fichiers communs ]------

[17/02/2008|18:54] C:\Program Files\Fichiers communs\Adobe
[27/07/2007|14:08] C:\Program Files\Fichiers communs\Ahead
[27/07/2007|21:46] C:\Program Files\Fichiers communs\Blizzard Entertainment
[18/09/2007|17:32] C:\Program Files\Fichiers communs\DESIGNER
[27/07/2007|17:40] C:\Program Files\Fichiers communs\InstallShield
[08/09/2007|17:55] C:\Program Files\Fichiers communs\Java
[27/07/2007|17:39] C:\Program Files\Fichiers communs\Logitech
[19/01/2008|01:59] C:\Program Files\Fichiers communs\Macromedia
[01/09/2007|23:18] C:\Program Files\Fichiers communs\Macrovision Shared
[16/04/2008|19:12] C:\Program Files\Fichiers communs\Microsoft Shared
[27/07/2007|11:35] C:\Program Files\Fichiers communs\MSSoap
[27/07/2007|14:09] C:\Program Files\Fichiers communs\Nero
[27/07/2007|11:22] C:\Program Files\Fichiers communs\ODBC
[18/08/2007|20:30] C:\Program Files\Fichiers communs\Real
[27/07/2007|11:35] C:\Program Files\Fichiers communs\Services
[20/08/2007|12:07] C:\Program Files\Fichiers communs\Skype
[28/03/2008|15:34] C:\Program Files\Fichiers communs\Sony Shared
[27/07/2007|11:22] C:\Program Files\Fichiers communs\SpeechEngines
[22/03/2008|17:22] C:\Program Files\Fichiers communs\System
[29/07/2007|12:07] C:\Program Files\Fichiers communs\Vbox
[16/04/2008|19:12] C:\Program Files\Fichiers communs\WindowsLiveInstaller
[10/12/2007|23:48] C:\Program Files\Fichiers communs\Wise Installation Wizard
[18/08/2007|20:31] C:\Program Files\Fichiers communs\xing shared

---------------------------[ Process ]--------------------------

... 38

IEXPLORE.EXE ~ [508]
IEXPLORE.EXE ~ [1316]

----------------------[ Recherche avec S_Lop ]---------------------

Aucun fichier / dossier Lop trouvé !

-----------------[ Recherche de Fichiers / Dossiers Lop ]-----------------

C:\DOCUME~1\Lefebvre\APPLIC~1\atomli~1
C:\DOCUME~1\Lefebvre\APPLIC~1\atomli~1\hxuhatpk.exe
C:\DOCUME~1\Lefebvre\APPLIC~1\atomli~1\Jumplocksbeep.exe
C:\DOCUME~1\Lefebvre\APPLIC~1\atomli~1\KnobIdleWarnBows.exe
C:\DOCUME~1\Lefebvre\APPLIC~1\atomli~1\Wma less.exe
C:\Program Files\atomli~1
C:\Program Files\Circle Developement
C:\Program Files\Circle Developement\Uninstall.exe
C:\WINDOWS\Tasks\AB6F631791F91A53.job

----------------------[ Verification du Registre ]----------------------

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"peaktray"="C:\\DOCUME~1\\Lefebvre\\APPLIC~1\\ATOMLI~1\\Wma less.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

--------------------[ Verification du fichier Hosts ]---------------------

Fichier Hosts PROPRE

----------------[ Recherche de fichiers avec Catchme ]-----------------

catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-05-04 16:25:53
Windows 5.1.2600 Service Pack 2 NTFS
scanning hidden processes ...
scanning hidden files ...
scan completed successfully
hidden processes: 0
hidden files: 0

--------------------[ Recherche d'autres infections ]---------------------

=> C:\Documents and Settings\Lefebvre\Mes documents\BitTorrent Downloads\PC_GTA San Andreas -Ultimate- (read nfo)-.direct.play.-ToeD\Grand Theft Auto San Andreas\data\Decision\Craig\crack1.ped
=> C:\Documents and Settings\Lefebvre\Mes documents\Ma musique\Monopoly Tycoon\crack.ace
=> C:\Documents and Settings\Lefebvre\Mes documents\Ma musique\Monopoly Tycoon\Monopoly Crack File
=> C:\Documents and Settings\Lefebvre\Mes documents\Ma musique\Monopoly Tycoon\gamedata\sound\high\echocrackle2.wav
=> C:\Documents and Settings\Lefebvre\Mes documents\Ma musique\Monopoly Tycoon\gamedata\sound\high\echocrackle2hi.wav
=> C:\Documents and Settings\Lefebvre\Mes documents\Ma musique\Monopoly Tycoon\Monopoly Crack File\Monopoly Tycoon NoCD.rar
=> C:\Documents and Settings\Lefebvre\Bureau\Ic“nes Bureau\Flash 8\keygen.exe
=> C:\Documents and Settings\Lefebvre\Mes documents\BitTorrent Downloads\Adobe Photoshop CS3 v10 0 Extended Incl Keygen.zip

/!\ [Fich:85][Doss:164] C:\DOCUME~1\Lefebvre\LOCALS~1\Temp
/!\ [Fich:2][Doss:0] C:\DOCUME~1\Lefebvre\Cookies
/!\ [Fich:6][Doss:8] C:\DOCUME~1\Lefebvre\LOCALS~1\TEMPOR~1\content.IE5

--------------------[ Fin du rapport a 16:27:43,82 ]----------------------

SUPPRESSION + HOST :

-----------------------[ Lop S&D 4.2.0-6 XP/Vista ]---------------------

[ Windows XP (NT 5.1) Build 2600, Service Pack 2 ]
[ USER : Lefebvre ] [ "C:\Lop SD" ] [ Selection : 2 ]
[ dim. 04/05/2008 | 16:29:52,95 ] [ PC : LEFEBVRE-130473 ]
[ MAJ : 04-05-2008 | 14:40 ]

\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\ SUPPRESSION /////////////////////////////

Supprimé! - C:\DOCUME~1\Lefebvre\APPLIC~1\atomli~1\hxuhatpk.exe
Supprimé! - C:\DOCUME~1\Lefebvre\APPLIC~1\atomli~1\Jumplocksbeep.exe
Supprimé! - C:\DOCUME~1\Lefebvre\APPLIC~1\atomli~1\KnobIdleWarnBows.exe
Supprimé! - C:\DOCUME~1\Lefebvre\APPLIC~1\atomli~1\Wma less.exe
Supprimé! - C:\Program Files\Circle Developement\Uninstall.exe
Supprimé! - C:\WINDOWS\Tasks\AB6F631791F91A53.job
Supprimé! - C:\DOCUME~1\Lefebvre\APPLIC~1\atomli~1
Supprimé! - C:\Program Files\atomli~1
Supprimé! - C:\Program Files\Circle Developement
Restauré! - Fichier Hosts

//////////////////////////////////////-\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\

-------------[ Listing des dossiers dans Application Data ]------------

[12/04/2008|15:23] C:\DOCUME~1\ALLUSE~1\APPLIC~1\addr_file.html
[30/04/2008|21:38] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe
[28/07/2007|23:03] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe Systems
[27/07/2007|14:08] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Ahead
[02/05/2008|00:08] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Avira
[22/03/2008|17:10] C:\DOCUME~1\ALLUSE~1\APPLIC~1\desktop.ini
[20/03/2008|09:25] C:\DOCUME~1\ALLUSE~1\APPLIC~1\DVD Shrink
[01/09/2007|23:27] C:\DOCUME~1\ALLUSE~1\APPLIC~1\FLEXnet
[27/07/2007|18:10] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Google
[16/04/2008|20:03] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Kaspersky Lab
[05/02/2008|10:40] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Lavasoft
[19/01/2008|01:58] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Macromedia
[14/04/2008|21:15] C:\DOCUME~1\ALLUSE~1\APPLIC~1\MailFrontier
[01/05/2008|09:20] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Messenger Plus!
[16/04/2008|19:12] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft
[30/04/2008|21:10] C:\DOCUME~1\ALLUSE~1\APPLIC~1\platform dupe draw memo
[20/08/2007|12:07] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Skype
[17/02/2008|22:44] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Spybot - Search & Destroy
[01/08/2007|16:40] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Genuine Advantage
[16/04/2008|19:10] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WLInstaller
[21/08/2007|23:14] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Yahoo! Companion

[22/03/2008|17:10] C:\DOCUME~1\DEFAUL~1\APPLIC~1\desktop.ini
[27/07/2007|11:37] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft

[30/04/2008|21:38] C:\DOCUME~1\Lefebvre\APPLIC~1\Adobe
[27/04/2008|15:38] C:\DOCUME~1\Lefebvre\APPLIC~1\Ahead
[01/01/2008|18:10] C:\DOCUME~1\Lefebvre\APPLIC~1\Auslogics
[03/05/2008|01:31] C:\DOCUME~1\Lefebvre\APPLIC~1\BitTorrent
[27/07/2007|11:21] C:\DOCUME~1\Lefebvre\APPLIC~1\desktop.ini
[19/08/2007|14:36] C:\DOCUME~1\Lefebvre\APPLIC~1\DivX
[03/02/2008|20:12] C:\DOCUME~1\Lefebvre\APPLIC~1\dvdcss
[05/11/2007|23:53] C:\DOCUME~1\Lefebvre\APPLIC~1\Help
[27/07/2007|11:51] C:\DOCUME~1\Lefebvre\APPLIC~1\Identities
[17/02/2008|22:42] C:\DOCUME~1\Lefebvre\APPLIC~1\Kingston
[27/07/2007|17:42] C:\DOCUME~1\Lefebvre\APPLIC~1\Logitech
[27/07/2007|13:33] C:\DOCUME~1\Lefebvre\APPLIC~1\ma-config.com
[25/02/2008|19:10] C:\DOCUME~1\Lefebvre\APPLIC~1\Macromedia
[02/12/2007|12:58] C:\DOCUME~1\Lefebvre\APPLIC~1\Microsoft
[27/07/2007|17:59] C:\DOCUME~1\Lefebvre\APPLIC~1\Mozilla
[18/08/2007|20:32] C:\DOCUME~1\Lefebvre\APPLIC~1\Real
[25/08/2007|19:23] C:\DOCUME~1\Lefebvre\APPLIC~1\Skype
[08/09/2007|17:56] C:\DOCUME~1\Lefebvre\APPLIC~1\Sun
[13/11/2007|10:02] C:\DOCUME~1\Lefebvre\APPLIC~1\vlc
[28/07/2007|15:25] C:\DOCUME~1\Lefebvre\APPLIC~1\WinRAR

[21/09/2007|19:49] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft

[27/07/2007|11:37] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft

----------------[ Tâches planifiées dans C:\WINDOWS\tasks ]---------------

[04/05/2008 16:20][--ah-----] C:\WINDOWS\tasks\SA.DAT
[05/08/2004 14:00][-r-h-----] C:\WINDOWS\tasks\desktop.ini

---------------[ Listing des dossiers dans C:\Program Files ]--------------

[17/02/2008|18:55] C:\Program Files\Adobe
[27/07/2007|14:09] C:\Program Files\Ahead
[27/07/2007|18:15] C:\Program Files\Alwil Software
[27/07/2007|12:02] C:\Program Files\Analog Devices
[18/12/2007|11:46] C:\Program Files\Ankama Games
[14/10/2007|20:37] C:\Program Files\Audacity
[01/01/2008|18:09] C:\Program Files\AusLogics Disk Defrag
[21/09/2007|19:49] C:\Program Files\AviSynth 2.5
[03/02/2008|18:51] C:\Program Files\Babylon
[06/01/2008|20:26] C:\Program Files\BitTorrent
[03/08/2007|09:47] C:\Program Files\Bodom-Child - RaBBi
[08/11/2007|22:11] C:\Program Files\Bonjour
[19/08/2007|21:45] C:\Program Files\Bullfrog
[14/11/2007|16:06] C:\Program Files\CamStudio
[28/07/2007|16:09] C:\Program Files\CCleaner
[05/11/2007|23:53] C:\Program Files\CDex_170b2
[13/04/2008|14:14] C:\Program Files\Common Files
[27/07/2007|11:34] C:\Program Files\ComPlus Applications
[10/10/2007|16:46] C:\Program Files\directx
[21/08/2007|10:25] C:\Program Files\Disney Interactive
[27/10/2007|22:00] C:\Program Files\DivX
[15/04/2008|07:21] C:\Program Files\Dofus
[25/11/2007|20:05] C:\Program Files\Dofus-Arena beta 2
[17/11/2007|14:35] C:\Program Files\DofusCalc
[12/02/2008|16:56] C:\Program Files\DVD Shrink
[10/10/2007|16:48] C:\Program Files\Eidos Interactive
[23/04/2008|07:27] C:\Program Files\eMule
[21/09/2007|19:48] C:\Program Files\eRightSoft
[07/08/2007|10:40] C:\Program Files\ESF
[16/04/2008|19:11] C:\Program Files\Fichiers communs
[21/08/2007|23:24] C:\Program Files\Google
[14/08/2007|17:25] C:\Program Files\Gpotato
[28/07/2007|18:58] C:\Program Files\GUILD WARS
[05/08/2007|21:16] C:\Program Files\HyCam2
[23/08/2007|12:09] C:\Program Files\IndustryGiant 2
[28/03/2008|15:34] C:\Program Files\InstallShield Installation Information
[03/05/2008|10:53] C:\Program Files\Internet Explorer
[24/03/2008|23:25] C:\Program Files\Java
[05/02/2008|11:46] C:\Program Files\Lavalys
[10/12/2007|23:48] C:\Program Files\Lavasoft
[29/10/2007|16:08] C:\Program Files\Logitech
[27/07/2007|13:33] C:\Program Files\ma-config.com
[19/01/2008|01:58] C:\Program Files\Macromedia
[08/11/2007|20:42] C:\Program Files\Messenger
[30/04/2008|21:07] C:\Program Files\Messenger Plus! Live
[27/07/2007|11:37] C:\Program Files\microsoft frontpage
[14/12/2007|19:47] C:\Program Files\Microsoft GIF Animator
[18/09/2007|17:31] C:\Program Files\Microsoft Office
[18/09/2007|17:31] C:\Program Files\Microsoft Visual Studio
[18/09/2007|17:31] C:\Program Files\Microsoft Works
[20/01/2008|11:15] C:\Program Files\Movie Maker
[04/05/2008|16:29] C:\Program Files\Mozilla Firefox
[14/10/2007|22:06] C:\Program Files\mp3DirectCut
[27/07/2007|11:33] C:\Program Files\MSN
[27/07/2007|11:33] C:\Program Files\MSN Gaming Zone
[16/04/2008|19:16] C:\Program Files\MSN Messenger
[27/07/2007|17:40] C:\Program Files\MUSICMATCH
[27/07/2007|11:35] C:\Program Files\NetMeeting
[04/04/2008|15:01] C:\Program Files\Norton Security Scan
[08/11/2007|18:32] C:\Program Files\Odebit Multim‚dia
[27/07/2007|11:34] C:\Program Files\Online Services
[22/03/2008|17:22] C:\Program Files\Outlook Express
[02/11/2007|10:14] C:\Program Files\PSXMemTool
[18/08/2007|20:30] C:\Program Files\Real
[23/08/2007|12:11] C:\Program Files\Reality Pump
[27/07/2007|12:14] C:\Program Files\Realtek
[27/07/2007|11:57] C:\Program Files\S3
[27/07/2007|11:35] C:\Program Files\Services en ligne
[20/08/2007|12:07] C:\Program Files\Skype
[28/03/2008|15:34] C:\Program Files\Sony
[17/02/2008|22:44] C:\Program Files\Spybot - Search & Destroy
[02/05/2008|20:57] C:\Program Files\Steam
[08/11/2007|18:13] C:\Program Files\Trend Micro
[27/07/2007|11:51] C:\Program Files\Uninstall Information
[27/07/2007|11:55] C:\Program Files\VIA
[13/11/2007|18:48] C:\Program Files\VideoLAN
[08/11/2007|18:41] C:\Program Files\Web Media Player
[16/04/2008|19:14] C:\Program Files\Windows Live
[01/08/2007|16:42] C:\Program Files\Windows Media Connect 2
[22/03/2008|20:32] C:\Program Files\Windows Media Player
[27/07/2007|11:33] C:\Program Files\Windows NT
[27/07/2007|11:35] C:\Program Files\WindowsUpdate
[28/07/2007|15:25] C:\Program Files\WinRAR
[01/05/2008|10:15] C:\Program Files\World of Warcraft
[10/03/2008|15:37] C:\Program Files\WowCartographe
[27/07/2007|11:37] C:\Program Files\xerox
[08/11/2007|18:05] C:\Program Files\Yahoo!
[22/01/2008|14:05] C:\Program Files\Yetisports
[14/04/2008|21:13] C:\Program Files\Zone Labs

------[ Listing des dossiers dans C:\Program Files\Fichiers communs ]------

[17/02/2008|18:54] C:\Program Files\Fichiers communs\Adobe
[27/07/2007|14:08] C:\Program Files\Fichiers communs\Ahead
[27/07/2007|21:46] C:\Program Files\Fichiers communs\Blizzard Entertainment
[18/09/2007|17:32] C:\Program Files\Fichiers communs\DESIGNER
[27/07/2007|17:40] C:\Program Files\Fichiers communs\InstallShield
[08/09/2007|17:55] C:\Program Files\Fichiers communs\Java
[27/07/2007|17:39] C:\Program Files\Fichiers communs\Logitech
[19/01/2008|01:59] C:\Program Files\Fichiers communs\Macromedia
[01/09/2007|23:18] C:\Program Files\Fichiers communs\Macrovision Shared
[16/04/2008|19:12] C:\Program Files\Fichiers communs\Microsoft Shared
[27/07/2007|11:35] C:\Program Files\Fichiers communs\MSSoap
[27/07/2007|14:09] C:\Program Files\Fichiers communs\Nero
[27/07/2007|11:22] C:\Program Files\Fichiers communs\ODBC
[18/08/2007|20:30] C:\Program Files\Fichiers communs\Real
[27/07/2007|11:35] C:\Program Files\Fichiers communs\Services
[20/08/2007|12:07] C:\Program Files\Fichiers communs\Skype
[28/03/2008|15:34] C:\Program Files\Fichiers communs\Sony Shared
[27/07/2007|11:22] C:\Program Files\Fichiers communs\SpeechEngines
[22/03/2008|17:22] C:\Program Files\Fichiers communs\System
[29/07/2007|12:07] C:\Program Files\Fichiers communs\Vbox
[16/04/2008|19:12] C:\Program Files\Fichiers communs\WindowsLiveInstaller
[10/12/2007|23:48] C:\Program Files\Fichiers communs\Wise Installation Wizard
[18/08/2007|20:31] C:\Program Files\Fichiers communs\xing shared

---------------------------[ Process ]--------------------------

... 38

IEXPLORE.EXE ~ [3956]

----------------------[ Recherche avec S_Lop ]---------------------

Aucun fichier / dossier Lop trouvé !

-----------------[ Recherche de Fichiers / Dossiers Lop ]-----------------

Aucun fichier / dossier Lop trouvé !

----------------------[ Verification du Registre ]----------------------

..... OK !

--------------------[ Verification du fichier Hosts ]---------------------

Fichier Hosts PROPRE

----------------[ Recherche de fichiers avec Catchme ]-----------------

catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-05-04 16:32:01
Windows 5.1.2600 Service Pack 2 NTFS
scanning hidden processes ...
scanning hidden files ...
scan completed successfully
hidden processes: 0
hidden files: 0

--------------------[ Recherche d'autres infections ]---------------------

=> C:\Documents and Settings\Lefebvre\Mes documents\BitTorrent Downloads\PC_GTA San Andreas -Ultimate- (read nfo)-.direct.play.-ToeD\Grand Theft Auto San Andreas\data\Decision\Craig\crack1.ped
=> C:\Documents and Settings\Lefebvre\Mes documents\Ma musique\Monopoly Tycoon\crack.ace
=> C:\Documents and Settings\Lefebvre\Mes documents\Ma musique\Monopoly Tycoon\Monopoly Crack File
=> C:\Documents and Settings\Lefebvre\Mes documents\Ma musique\Monopoly Tycoon\gamedata\sound\high\echocrackle2.wav
=> C:\Documents and Settings\Lefebvre\Mes documents\Ma musique\Monopoly Tycoon\gamedata\sound\high\echocrackle2hi.wav
=> C:\Documents and Settings\Lefebvre\Mes documents\Ma musique\Monopoly Tycoon\Monopoly Crack File\Monopoly Tycoon NoCD.rar
=> C:\Documents and Settings\Lefebvre\Bureau\Ic“nes Bureau\Flash 8\keygen.exe
=> C:\Documents and Settings\Lefebvre\Mes documents\BitTorrent Downloads\Adobe Photoshop CS3 v10 0 Extended Incl Keygen.zip

/!\ [Fich:85][Doss:164] C:\DOCUME~1\Lefebvre\LOCALS~1\Temp
/!\ [Fich:2][Doss:0] C:\DOCUME~1\Lefebvre\Cookies
/!\ [Fich:6][Doss:8] C:\DOCUME~1\Lefebvre\LOCALS~1\TEMPOR~1\content.IE5

--------------------[ Fin du rapport a 16:33:06,39 ]----------------------

---> et tu fais clic droit / copier

- Ouvres killbox
- Sélectionne "delete on reboot"
- Clique sur le menu "File" -> "Past from clip board"
- Clique sur "All Files"
- Clique sur la croix rouge et blanche
- Répond "yes" et laisse redémarrer ton pc.
N'hésite pas à consulter en cas de souci.l'Aide killbox

NOTE: Si tu reçois le message "PendingFileRenameOperations Registry Data has been removed by external process!" et que l'ordinateur ne redémarre pas, redémarre le manuellement ---> Menu Démarrer / arreter / redémarrer l'ordinateur

Après redémarrage, relance Killbox puis clic sur le menu fichier -> Log -> Actions History Log
Poste le rapport ici

Disquette Messages: 36 Tutoriaux : 0

Voili voilou, je pense avoir tout fait comme tu m'as dit Sourire

Voici déjà le rapport :

a dim. 04/05/2008 ---- 20:31:50,95

----------------------------------
§§§§§§ [crack] §§§§§§
----------------------------------
[ ] Registre

-------------- [ ] rapide
-- Fichier --- [ ] disque systeme
------------- [X] complete

*******************
[Fichier]
*******************

c:\!KillBox\crack.ace

*********************
[Même date]
*********************

[04/05/2008 ] ---> C:\lopR.txt
[04/05/2008 ] ---> C:\WINDOWS\0.log
[04/05/2008 ] ---> C:\WINDOWS\Sti_Trace.log
[04/05/2008 ] ---> C:\WINDOWS\wiadebug.log
[04/05/2008 ] ---> C:\WINDOWS\wiaservc.log

Outil Aide Diagnostic By !aur3n7 Version 1.1
----------------------------------
§§§§§ Fin Rapport §§§§§
----------------------------------

Ensuite, j'ai toujours, quand je redémarre : message qui me demande si je veux fermer IEXPLORER.EXE... je ne comprends toujours pas...

Bref, merci encore Sourire

Je sens déjà la différence, je crois ^^

re,
supprime ce fichier :
c:\!KillBox\crack.ace avec Explorer.
reposte-moi un rapport Hijackthis.
Fais un rapport Hijackthis et colle le rapport, en principe DSS.exe à céé un raccourcis de Hijackthis sur le Bureau.
--->aide visuelle, clic ici

Disquette Messages: 36 Tutoriaux : 0

Re,

Voici le rapport Hijackthis :

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 14:01:43, on 5/05/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\system32\VTTimer.exe
C:\Program Files\Analog Devices\Core\smax4pnp.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\BitTorrent\bittorrent.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Logitech\SetPoint\KEM.exe
C:\Program Files\Logitech\SetPoint\KHALMNPR.EXE
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://us.rd.yahoo.com/customize/ycomp/defaults/sb/*http://www.yahoo.com/search/ ie.html
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://us.rd.yahoo.com/customize/ycomp/defaults/sp/*http://www.yahoo.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://us.rd.yahoo.com/customize/ycomp/defaults/su/*http://www.yahoo.com
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.nvidia.co.uk/
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost;*.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O3 - Toolbar: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O4 - HKLM\..\Run: [VTTimer] VTTimer.exe
O4 - HKLM\..\Run: [S3Trayp] S3trayp.exe
O4 - HKLM\..\Run: [High Definition Audio Property Page Shortcut] HDAShCut.exe
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe
O4 - HKLM\..\Run: [JMB36X Configure] C:\WINDOWS\system32\JMRaidTool.exe boot
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [Logitech Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [draw memo up hide] C:\Documents and Settings\All Users\Application Data\platform dupe draw memo\Bolt Clock.exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [BitTorrent] "C:\Program Files\BitTorrent\bittorrent.exe" --force_start_minimized
O4 - HKCU\..\Run: [NBJ] "C:\Program Files\Ahead\Nero BackItUp\NBJ.exe"
O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\KEM.exe
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://www.kaspersky.com/kos/english/kavwebscan_unicode.cab
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (Installation Support) - C:\Program Files\Yahoo!\Common\Yinsthelper.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Fichiers communs\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: MSCSPTISRV - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\MSCSPTISRV.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PACSPTISVR - Unknown owner - C:\Program Files\Fichiers communs\Sony Shared\AVLib\PACSPTISVR.exe
O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\SPTISRV.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe

--
End of file - 8144 bytes

Merci encore :p

re:

Hijackthis.

Dss.exe

cocher + fixer ces lignes,

source du tuto ici

========================
termine ce processus: Bolt Clock.exe
-->comment faire ?
_______________________________________

OAD.exe

changelog.fr

http://sosvirus.changelog.fr/OAD.exe

Double clique sur le OAD pour le lancer

rechercher

Bolt Clock

option 3 puis valide

OAD va maintenant rechercher le fichier.

- Fais un copier / coller de ce rapport dans ton prochain post.

Disquette Messages: 36 Tutoriaux : 0

Re,

Voilà, alors... Je n'ai, tout d'abord pas trouvé de processus Bolt Clock.exe
Voici la liste de mes processus : ici

Et voici le rapport OAD de Bolt Clock option 3 :

mar. 06/05/2008 ---- 17:51:29,81

----------------------------------
§§§§§§ [Bolt Clock] §§§§§§
----------------------------------
[ ] Registre

-------------- [ ] rapide
-- Fichier --- [ ] disque systeme
------------- [X] complete

*******************
[Fichier]
*******************

c:\Documents and Settings\All Users\Application Data\platform dupe draw memo\Bolt Clock.exe
c:\WINDOWS\Prefetch\BOLT CLOCK.EXE-1822BC5F.pf

*********************
[Même date]
*********************

[30/04/2008 ] --- REP ---> C:\Program Files\Messenger Plus! Live

Outil Aide Diagnostic By !aur3n7 Version 1.1
----------------------------------
§§§§§ Fin Rapport §§§§§
----------------------------------

Merci encore, et bonne fin d'après midi Sourire

---> et tu fais clic droit / copier

- Ouvres killbox
- Sélectionne "delete on reboot"
- Clique sur le menu "File" -> "Past from clip board"
- Clique sur "All Files"
- Clique sur la croix rouge et blanche
- Répond "yes" et laisse redémarrer ton pc.
N'hésite pas à consulter en cas de souci.l'Aide killbox

NOTE: Si tu reçois le message "PendingFileRenameOperations Registry Data has been removed by external process!" et que l'ordinateur ne redémarre pas, redémarre le manuellement ---> Menu Démarrer / arreter / redémarrer l'ordinateur

Après redémarrage, relance Killbox puis clic sur le menu fichier -> Log -> Actions History Log
Poste le rapport ici

Disquette Messages: 36 Tutoriaux : 0

Re,
voilà le rapport Killbox :

Pocket Killbox version 2.0.0.881
Running on Windows XP as Lefebvre(Administrator)
was started @ mardi, mai 06, 2008, 9:06 PM

# 1 [Delete on Reboot]
Path = c:\Documents and Settings\All Users\Application Data\platform dupe draw memo\Bolt Clock.exe

I Rebooted @ 9:07:00 PM
Killbox Closed(Exit) @ 9:07:03 PM
__________________________________________________

Pocket Killbox version 2.0.0.881
Running on Windows XP as Lefebvre(Administrator)
was started @ mardi, mai 06, 2008, 9:11 PM

Pour Ccleaner, il a supprimé 750 Mo (Oo') et trouvé 13 erreurs + la même pendant 3 essais, au 4ème elle n'y était plus Sourire

Merchi

re,
fais ceci:

Télécharge Malware Byte's Antimalware et installe le (assure toi qu'il se soit bien mis à jour avant de passer à la suite).
-->source ici

* Redémarre en mode sans échec :

* Lance MBAM et sélectionne "Exécuter un examen complet". Patiente le temps du scan.
* Une fois le scan terminé,clique sur "Supprimer la sélection".

Si MBAM a besoin de redémarrer pour terminer la suppression, accepte en cliquant sur Ok.
Enregistre le rapport sur ton Bureau lorsqu'il s'affichera.
Poste le dans ta prochaine réponse. [/list]

Disquette Messages: 62 Tutoriaux : 0

Hello,
Désolé pour mon absence, interdit d'internet pendant une longue semaine ça fait mal...

Voici donc le rapport : (4 trucs suspects trouvés)

Malwarebytes' Anti-Malware 1.12
Version de la base de données: 742

Type de recherche: Examen complet (C:\|)
Eléments examinés: 183760
Temps écoulé: 45 minute(s), 24 second(s)

Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 0
Valeur(s) du Registre infectée(s): 4
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 0
Fichier(s) infecté(s): 0

Processus mémoire infecté(s):
(Aucun élément nuisible détecté)

Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)

Clé(s) du Registre infectée(s):
(Aucun élément nuisible détecté)

Valeur(s) du Registre infectée(s):
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\New Windows\Allow\host-domain-lookup.com (Malware.Trace) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\New Windows\Allow\mysearchnow.com (Malware.Trace) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\New Windows\Allow\www.host-domain-lookup.com (Malware.Trace) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\New Windows\Allow\www.mysearchnow.com (Malware.Trace) -> Quarantined and deleted successfully.

Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)

Dossier(s) infecté(s):
(Aucun élément nuisible détecté)

Fichier(s) infecté(s):
(Aucun élément nuisible détecté)

Merci d'avance ^^

------------------------------------------------------------------
- Patiente pendant l'installation des Mises à jour.
- Choisis par la suite l'analyse du Poste de travail.
- Sauvegarde puis colle le rapport généré en fin d'analyse.

NOTE : Si tu reçois le message "La licence de Kaspersky On-line Scanner est périmée", va dans Ajout/Suppression de programmes puis désinstalle On-Line Scanner, reconnecte toi sur le site de Kaspersky pour retenter le scan en ligne.
Winx

Disquette Messages: 62 Tutoriaux : 0

Re,

Voilà je ne savais pas très bien enregistrer sous quel format donc voici les différents rapports :

texte

-------------------------------------------------------------------------------
KASPERSKY ONLINE SCANNER REPORT
Wednesday, May 14, 2008 1:55:05 PM
Operating System: Microsoft Windows XP Professional, Service Pack 2 (Build 2600)
Kaspersky Online Scanner version: 5.0.98.0
Kaspersky Anti-Virus database last update: 14/05/2008
Kaspersky Anti-Virus database records: 772041
-------------------------------------------------------------------------------

Scan Settings:
Scan using the following antivirus database: extended
Scan Archives: true
Scan Mail Bases: true

Scan Target - My Computer:
C:\
D:\
E:\
F:\
G:\
H:\

Scan Statistics:
Total number of scanned objects: 150184
Number of viruses found: 2
Number of infected objects: 2
Number of suspicious objects: 0
Duration of the scan process: 03:48:35

Infected Object Name / Virus Name / Last Action
C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr0.dat Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr1.dat Object is locked skipped
C:\Documents and Settings\Lefebvre\Bureau\Icônes Bureau\clean\pskill.exe Infected: not-a-virus:RiskTool.Win32.PsKill.k skipped
C:\Documents and Settings\Lefebvre\Cookies\index.dat Object is locked skipped
C:\Documents and Settings\Lefebvre\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped
C:\Documents and Settings\Lefebvre\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped
C:\Documents and Settings\Lefebvre\Local Settings\Historique\History.IE5\index.dat Object is locked skipped
C:\Documents and Settings\Lefebvre\Local Settings\Historique\History.IE5\MSHist012008051420080515\index.dat Object is locked skipped
C:\Documents and Settings\Lefebvre\Local Settings\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped
C:\Documents and Settings\Lefebvre\NTUSER.DAT Object is locked skipped
C:\Documents and Settings\Lefebvre\ntuser.dat.LOG Object is locked skipped
C:\Documents and Settings\LocalService\Cookies\index.dat Object is locked skipped
C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped
C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped
C:\Documents and Settings\LocalService\Local Settings\Historique\History.IE5\index.dat Object is locked skipped
C:\Documents and Settings\LocalService\Local Settings\Temp\Cookies\index.dat Object is locked skipped
C:\Documents and Settings\LocalService\Local Settings\Temp\Historique\History.IE5\index.dat Object is locked skipped
C:\Documents and Settings\LocalService\Local Settings\Temp\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped
C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped
C:\Documents and Settings\LocalService\NTUSER.DAT Object is locked skipped
C:\Documents and Settings\LocalService\ntuser.dat.LOG Object is locked skipped
C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped
C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped
C:\Documents and Settings\NetworkService\NTUSER.DAT Object is locked skipped
C:\Documents and Settings\NetworkService\ntuser.dat.LOG Object is locked skipped
C:\Program Files\Alwil Software\Avast4\DATA\aswResp.dat Object is locked skipped
C:\Program Files\Alwil Software\Avast4\DATA\Avast4.db Object is locked skipped
C:\Program Files\Alwil Software\Avast4\DATA\log\AshWebSv.ws Object is locked skipped
C:\Program Files\Alwil Software\Avast4\DATA\log\aswAr.log Object is locked skipped
C:\Program Files\Alwil Software\Avast4\DATA\log\aswMaiSv.log Object is locked skipped
C:\Program Files\Alwil Software\Avast4\DATA\log\nshield.log Object is locked skipped
C:\Program Files\Alwil Software\Avast4\DATA\report\Protection résidente.txt Object is locked skipped
C:\System Volume Information\_restore{8EA74153-6BAD-40F9-BD11-83E3DF8E777C}\RP100\change.log Object is locked skipped
C:\System Volume Information\_restore{8EA74153-6BAD-40F9-BD11-83E3DF8E777C}\RP38\A0049703.exe Infected: not-a-virus:Downloader.Win32.VDown.a skipped
C:\WINDOWS\Debug\PASSWD.LOG Object is locked skipped
C:\WINDOWS\Internet Logs\fwdbglog.txt Object is locked skipped
C:\WINDOWS\Internet Logs\fwpktlog.txt Object is locked skipped
C:\WINDOWS\Internet Logs\IAMDB.RDB Object is locked skipped
C:\WINDOWS\Internet Logs\LEFEBVRE-130473.ldb Object is locked skipped
C:\WINDOWS\Internet Logs\tvDebug.log Object is locked skipped
C:\WINDOWS\SchedLgU.Txt Object is locked skipped
C:\WINDOWS\SoftwareDistribution\ReportingEvents.log Object is locked skipped
C:\WINDOWS\system32\config\Antivirus.Evt Object is locked skipped
C:\WINDOWS\system32\config\AppEvent.Evt Object is locked skipped
C:\WINDOWS\system32\config\default Object is locked skipped
C:\WINDOWS\system32\config\default.LOG Object is locked skipped
C:\WINDOWS\system32\config\Internet.evt Object is locked skipped
C:\WINDOWS\system32\config\SAM Object is locked skipped
C:\WINDOWS\system32\config\SAM.LOG Object is locked skipped
C:\WINDOWS\system32\config\SecEvent.Evt Object is locked skipped
C:\WINDOWS\system32\config\SECURITY Object is locked skipped
C:\WINDOWS\system32\config\SECURITY.LOG Object is locked skipped
C:\WINDOWS\system32\config\software Object is locked skipped
C:\WINDOWS\system32\config\software.LOG Object is locked skipped
C:\WINDOWS\system32\config\SysEvent.Evt Object is locked skipped
C:\WINDOWS\system32\config\system Object is locked skipped
C:\WINDOWS\system32\config\system.LOG Object is locked skipped
C:\WINDOWS\system32\drivers\fidbox.dat Object is locked skipped
C:\WINDOWS\system32\drivers\fidbox.idx Object is locked skipped
C:\WINDOWS\system32\LogFiles\WUDF\WUDFTrace.etl Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\INDEX.BTR Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\INDEX.MAP Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\MAPPING.VER Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\MAPPING1.MAP Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\MAPPING2.MAP Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.DATA Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.MAP Object is locked skipped
C:\WINDOWS\Temp\Perflib_Perfdata_7b0.dat Object is locked skipped
C:\WINDOWS\Temp\ZLT000e5.TMP Object is locked skipped
C:\WINDOWS\Temp\ZLT000e8.TMP Object is locked skipped
C:\WINDOWS\Temp\_avast4_\Webshlock.txt Object is locked skipped
C:\WINDOWS\WindowsUpdate.log Object is locked skipped

Scan process completed.

Html

Wednesday, May 14, 2008 1:53:27 PM
Operating System: Microsoft Windows XP Professional, Service Pack 2 (Build 2600)
Kaspersky Online Scanner version: 5.0.98.0
Kaspersky Anti-Virus database last update: 14/05/2008
Kaspersky Anti-Virus database records: 772041
Scan Settings
Scan using the following antivirus database extended
Scan Archives true
Scan Mail Bases true
Scan Target My Computer
C:\
D:\
E:\
F:\
G:\
H:\
Scan Statistics
Total number of scanned objects 150184
Number of viruses found 2
Number of infected objects 2
Number of suspicious objects 0
Duration of the scan process 03:48:35

Infected Object Name Virus Name Last Action
C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr0.dat Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr1.dat Object is locked skipped
C:\Documents and Settings\Lefebvre\Bureau\Icônes Bureau\clean\pskill.exe Infected: not-a-virus:RiskTool.Win32.PsKill.k skipped
C:\Documents and Settings\Lefebvre\Cookies\index.dat Object is locked skipped
C:\Documents and Settings\Lefebvre\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped
C:\Documents and Settings\Lefebvre\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped
C:\Documents and Settings\Lefebvre\Local Settings\Historique\History.IE5\index.dat Object is locked skipped
C:\Documents and Settings\Lefebvre\Local Settings\Historique\History.IE5\MSHist012008051420080515\index.dat Object is locked skipped
C:\Documents and Settings\Lefebvre\Local Settings\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped
C:\Documents and Settings\Lefebvre\NTUSER.DAT Object is locked skipped
C:\Documents and Settings\Lefebvre\ntuser.dat.LOG Object is locked