pages de publicités indésirables [Résolu]

[titi16fr]

Bonjour,

J'ai depuis quelques temps, des pages de publicités qui m'apparaissent avec un titre CID.

Comment puis-je m'en débarrasser s'il vous plait ?

j'ai aussi systématiquement un message qui apparaît quand je lance internet explorer qui est : "file///c:/program%20Files/AOL%20Toolbar/welcom.html est introuvable.Vérifiez que le chemin d'accè ou l'adresse internet son corrects"

Merci

[Sham-Rock]

bonjour

1

Télécharge puis installe Hijackthis (Trend Micro)
Poste ensuite un rapport dans ta prochaine réponse.
AIDE : Comment utiliser Hijackthis v2.0.2

2

Télécharge Lop S&D.exe sur ton bureau
[*]Double-clique dessus pour lancer l'installation
[*]Puis double-clique sur le raccourci Lop S&D présent sur ton bureau
[*]Séléctionne la langue souhaitée , puis choisis l'Option 1 ( Recherche )
[*]Patiente jusqu'à la fin du scan
[*]Poste le rapport généré ( C:\lopR.txt )


( Si le Bureau ne réapparait pas presse Ctrl + Alt + Suppr , Onglet Fichier , Nouvelle tâche , tape explorer.exe et valide )

[titi16fr]

Voici le log LOPSD


-----------------------[ Lop S&D 4.2.0-8 XP/Vista ]---------------------

[ Windows 'Longhorn' (NT 6.0) Workstation Build 6000 ]
[ USER : Jenny ] [ "C:\Lop SD" ] [ Selection : 1 ]
[ 16/05/2008 | 17:01:49,01 ] [ PC : ORDI-JENNY ]
[ MAJ : 11-05-2008 | 18:25 ]
[ UAC => 0 ]

-------------[ Listing des dossiers dans Application Data ]------------

[13/03/2008|21:05] C:\Users\Jenny\AppData\Roaming\Adobe\Flash Player
[27/10/2007|12:22] C:\Users\Jenny\AppData\Roaming\Adobe\Linguistics
[11/08/2007|23:05] C:\Users\Jenny\AppData\Roaming\Adobe\Acrobat

[22/08/2007|20:02] C:\Users\Jenny\AppData\Roaming\Ahead\Nero Burning ROM
[22/08/2007|11:10] C:\Users\Jenny\AppData\Roaming\Ahead\NeroVision


[11/05/2008|13:43] C:\Users\Jenny\AppData\Roaming\Apple Computer\iTunes
[14/04/2008|14:25] C:\Users\Jenny\AppData\Roaming\Apple Computer\QuickTime

[12/08/2007|08:05] C:\Users\Jenny\AppData\Roaming\CyberLink\PowerCine ma
[12/08/2007|08:05] C:\Users\Jenny\AppData\Roaming\CyberLink\PowerDVD

[23/11/2007|00:19] C:\Users\Jenny\AppData\Roaming\Desperate Housewives\Profiles
[18/11/2007|00:26] C:\Users\Jenny\AppData\Roaming\Desperate Housewives\Saves

[16/05/2008|10:05] C:\Users\Jenny\AppData\Roaming\GetValue.vbs\GetVal ue.vbs

[20/02/2008|07:10] C:\Users\Jenny\AppData\Roaming\Google\Local Search History

[11/08/2007|22:55] C:\Users\Jenny\AppData\Roaming\Hewlett-Packard\HP Software UI

[12/08/2007|08:05] C:\Users\Jenny\AppData\Roaming\HP\QuickPlay

[12/08/2007|09:39] C:\Users\Jenny\AppData\Roaming\Identities\{E6B97C3 4-CA19-4B68-A88E-73C05C24609F}
[11/08/2007|23:05] C:\Users\Jenny\AppData\Roaming\Identities\{CFC3D3A 3-95D4-4653-B751-5156957A0926}

[17/11/2007|23:13] C:\Users\Jenny\AppData\Roaming\InstallShield\ISEng ine12.0


[12/05/2008|12:28] C:\Users\Jenny\AppData\Roaming\LimeWire\library.da t
[11/05/2008|13:33] C:\Users\Jenny\AppData\Roaming\LimeWire\spam.dat
[11/05/2008|13:33] C:\Users\Jenny\AppData\Roaming\LimeWire\questions. props
[11/05/2008|13:33] C:\Users\Jenny\AppData\Roaming\LimeWire\tables.pro ps
[11/05/2008|13:33] C:\Users\Jenny\AppData\Roaming\LimeWire\installati on.props
[11/05/2008|13:33] C:\Users\Jenny\AppData\Roaming\LimeWire\mojito.pro ps
[11/05/2008|13:33] C:\Users\Jenny\AppData\Roaming\LimeWire\limewire.p rops
[11/05/2008|13:33] C:\Users\Jenny\AppData\Roaming\LimeWire\gnutella.n et
[11/05/2008|13:30] C:\Users\Jenny\AppData\Roaming\LimeWire\filters.pr ops
[11/05/2008|13:29] C:\Users\Jenny\AppData\Roaming\LimeWire\createtime s.cache
[11/05/2008|13:29] C:\Users\Jenny\AppData\Roaming\LimeWire\fileurns.c ache
[27/04/2008|11:18] C:\Users\Jenny\AppData\Roaming\LimeWire\simpp.xml
[27/04/2008|11:18] C:\Users\Jenny\AppData\Roaming\LimeWire\version.xm l
[13/03/2008|21:19] C:\Users\Jenny\AppData\Roaming\LimeWire\.NetworkSh are
[25/11/2007|15:21] C:\Users\Jenny\AppData\Roaming\LimeWire\active.moj ito
[20/08/2007|09:16] C:\Users\Jenny\AppData\Roaming\LimeWire\414splashf ree.png
[19/08/2007|23:30] C:\Users\Jenny\AppData\Roaming\LimeWire\responses. cache
[19/08/2007|21:06] C:\Users\Jenny\AppData\Roaming\LimeWire\fileurns.b ak
[19/08/2007|21:04] C:\Users\Jenny\AppData\Roaming\LimeWire\.AppSpecia lShare
[19/08/2007|21:04] C:\Users\Jenny\AppData\Roaming\LimeWire\xml
[19/08/2007|21:04] C:\Users\Jenny\AppData\Roaming\LimeWire\themes

[16/05/2008|09:07] C:\Users\Jenny\AppData\Roaming\Macromedia\Flash Player


[16/05/2008|12:07] C:\Users\Jenny\AppData\Roaming\Microsoft\IdentityC RL
[16/05/2008|12:07] C:\Users\Jenny\AppData\Roaming\Microsoft\digital locker
[15/05/2008|12:36] C:\Users\Jenny\AppData\Roaming\Microsoft\Word
[15/05/2008|04:38] C:\Users\Jenny\AppData\Roaming\Microsoft\HTML Help
[13/04/2008|07:47] C:\Users\Jenny\AppData\Roaming\Microsoft\Office
[13/04/2008|07:45] C:\Users\Jenny\AppData\Roaming\Microsoft\Excel
[03/04/2008|21:34] C:\Users\Jenny\AppData\Roaming\Microsoft\CLView
[12/02/2008|22:24] C:\Users\Jenny\AppData\Roaming\Microsoft\Pack Emoticones Love
[10/02/2008|22:52] C:\Users\Jenny\AppData\Roaming\Microsoft\Templates
[20/01/2008|20:50] C:\Users\Jenny\AppData\Roaming\Microsoft\MSN Messenger
[27/12/2007|16:40] C:\Users\Jenny\AppData\Roaming\Microsoft\Speech
[26/12/2007|20:46] C:\Users\Jenny\AppData\Roaming\Microsoft\OIS
[26/12/2007|19:41] C:\Users\Jenny\AppData\Roaming\Microsoft\UProof
[02/12/2007|15:11] C:\Users\Jenny\AppData\Roaming\Microsoft\Clip Organizer
[25/11/2007|18:12] C:\Users\Jenny\AppData\Roaming\Microsoft\QuickStyl es
[27/10/2007|14:32] C:\Users\Jenny\AppData\Roaming\Microsoft\eHome
[21/10/2007|22:31] C:\Users\Jenny\AppData\Roaming\Microsoft\Internet Explorer
[14/10/2007|17:31] C:\Users\Jenny\AppData\Roaming\Microsoft\Windows Media Encoder
[23/09/2007|17:36] C:\Users\Jenny\AppData\Roaming\Microsoft\Proof
[19/08/2007|18:05] C:\Users\Jenny\AppData\Roaming\Microsoft\LastFlash Config.WFC
[19/08/2007|13:45] C:\Users\Jenny\AppData\Roaming\Microsoft\Network
[12/08/2007|10:44] C:\Users\Jenny\AppData\Roaming\Microsoft\MMC
[12/08/2007|09:16] C:\Users\Jenny\AppData\Roaming\Microsoft\Crypto
[12/08/2007|07:44] C:\Users\Jenny\AppData\Roaming\Microsoft\Windows
[12/08/2007|00:30] C:\Users\Jenny\AppData\Roaming\Microsoft\�preuve
[12/08/2007|00:29] C:\Users\Jenny\AppData\Roaming\Microsoft\Document Building Blocks
[12/08/2007|00:29] C:\Users\Jenny\AppData\Roaming\Microsoft\AddIns
[11/08/2007|23:05] C:\Users\Jenny\AppData\Roaming\Microsoft\Protect
[11/08/2007|23:03] C:\Users\Jenny\AppData\Roaming\Microsoft\SystemCer tificates
[11/08/2007|22:55] C:\Users\Jenny\AppData\Roaming\Microsoft\CLR Security Config
[11/08/2007|22:53] C:\Users\Jenny\AppData\Roaming\Microsoft\Credentia ls

[16/05/2008|17:01] C:\Users\Jenny\AppData\Roaming\nvModes.001\nvModes .001

[16/05/2008|11:13] C:\Users\Jenny\AppData\Roaming\nvModes.dat\nvModes .dat

[07/04/2008|17:07] C:\Users\Jenny\AppData\Roaming\SecuROM\UserData

[16/05/2008|10:05] C:\Users\Jenny\AppData\Roaming\SetValue.bat\SetVal ue.bat

[18/02/2005|00:07] C:\Users\Jenny\AppData\Roaming\Template\Normal.wpt

[12/08/2007|16:27] C:\Users\Jenny\AppData\Roaming\UserTile.png\UserTi le.png

[17/03/2008|19:42] C:\Users\Jenny\AppData\Roaming\wklnhst.dat\wklnhst .dat

[19/08/2007|13:43] C:\Users\Jenny\AppData\Roaming\You've Got Pictures Screensaver\PictureDir

----------------[ Tâches planifiées dans C:\Windows\tasks ]---------------

[16/05/2008 17:00][--ah-----] C:\Windows\tasks\SA.DAT
[16/05/2008 16:59][--a------] C:\Windows\tasks\SCHEDLGU.TXT

------[ Listing des dossiers dans C:\ProgramData ]------

[25/06/2007|22:53] C:\ProgramData\{623D32E9-0C62-4453-AD44-98B31F52A5E1}
[21/02/2008|12:01] C:\ProgramData\Adobe
[22/08/2007|11:09] C:\ProgramData\Ahead
[16/05/2008|11:29] C:\ProgramData\AOL
[21/10/2007|18:44] C:\ProgramData\AOL Downloads
[19/04/2008|22:01] C:\ProgramData\Apple
[19/04/2008|22:06] C:\ProgramData\Apple Computer
[11/08/2007|22:49] C:\ProgramData\Application Data
[11/08/2007|22:49] C:\ProgramData\Bureau
[25/06/2007|22:54] C:\ProgramData\CyberLink
[11/08/2007|22:49] C:\ProgramData\Documents
[15/05/2008|18:40] C:\ProgramData\ESET
[11/08/2007|22:49] C:\ProgramData\Favoris
[16/05/2008|09:06] C:\ProgramData\Google
[25/06/2007|23:27] C:\ProgramData\Hewlett-Packard
[03/05/2008|22:32] C:\ProgramData\Hold Four Logo.s247e
[12/08/2007|08:05] C:\ProgramData\HP
[17/04/2008|04:58] C:\ProgramData\hpzinstall.log
[30/01/2008|22:34] C:\ProgramData\Lavasoft
[22/08/2007|19:39] C:\ProgramData\LightScribe
[19/08/2007|14:26] C:\ProgramData\Macromedia
[21/10/2007|20:02] C:\ProgramData\McAfee
[11/08/2007|22:49] C:\ProgramData\Menu D‚marrer
[10/03/2008|22:39] C:\ProgramData\Messenger Plus!
[16/05/2008|12:07] C:\ProgramData\Microsoft
[25/12/2007|21:31] C:\ProgramData\Microsoft Help
[11/08/2007|22:49] C:\ProgramData\ModŠles
[03/05/2008|22:32] C:\ProgramData\Peak Upload Second
[19/08/2007|19:11] C:\ProgramData\QuickTime
[25/06/2007|22:35] C:\ProgramData\Roxio
[25/06/2007|22:31] C:\ProgramData\Sonic
[15/05/2008|18:37] C:\ProgramData\Spybot - Search & Destroy
[19/08/2007|15:32] C:\ProgramData\Symantec
[12/05/2008|12:10] C:\ProgramData\Time Dead Warn Default
[03/05/2008|22:31] C:\ProgramData\Type Hole Hole.62jibkl
[03/05/2008|22:31] C:\ProgramData\Type Hole Hole.ahhei7u
[16/05/2008|11:09] C:\ProgramData\Type Hole Hole.q9sgx9
[10/03/2008|19:16] C:\ProgramData\Type Hole Hole.zthy8
[19/08/2007|13:43] C:\ProgramData\Viewpoint
[13/04/2008|10:48] C:\ProgramData\WLInstaller

---------------[ Listing des dossiers dans C:\Program Files ]--------------

[25/06/2007|22:53] C:\Program Files\Activation Assistant for the 2007 Microsoft Office suites
[21/02/2008|12:00] C:\Program Files\Adobe
[19/08/2007|16:14] C:\Program Files\Alwil Software
[16/05/2008|10:13] C:\Program Files\AOL
[19/08/2007|14:25] C:\Program Files\AOL Toolbar
[19/08/2007|12:58] C:\Program Files\AOLbox
[03/05/2008|22:37] C:\Program Files\Apple Software Update
[19/04/2008|22:06] C:\Program Files\Bonjour
[17/11/2007|23:14] C:\Program Files\Buena Vista Games
[07/01/2008|02:59] C:\Program Files\CCleaner
[10/03/2008|19:16] C:\Program Files\Circle Developement
[16/05/2008|11:28] C:\Program Files\Common Files
[02/11/2006|14:50] C:\Program Files\desktop.ini
[26/12/2007|16:16] C:\Program Files\EA GAMES
[25/06/2007|23:05] C:\Program Files\EasyBits
[03/02/2008|20:40] C:\Program Files\Electronic Arts
[20/08/2007|09:14] C:\Program Files\eMule
[15/05/2008|18:40] C:\Program Files\ESET
[11/08/2007|22:49] C:\Program Files\Fichiers communs [C:\Program Files\Common Files]
[16/05/2008|09:20] C:\Program Files\Google
[25/06/2007|23:22] C:\Program Files\Hewlett-Packard
[25/06/2007|23:22] C:\Program Files\HP
[25/06/2007|23:11] C:\Program Files\HPQ
[14/01/2008|16:15] C:\Program Files\InstallShield Installation Information
[25/06/2007|22:16] C:\Program Files\Intel
[21/10/2007|23:06] C:\Program Files\Internet Explorer
[19/04/2008|22:06] C:\Program Files\iPod
[19/04/2008|22:07] C:\Program Files\iTunes
[02/12/2007|13:51] C:\Program Files\Java
[19/08/2007|13:43] C:\Program Files\Learn2.com
[15/05/2008|18:46] C:\Program Files\Lop SD
[31/03/2008|21:02] C:\Program Files\Messenger Plus! Live
[14/01/2008|16:20] C:\Program Files\Micro Application
[02/11/2006|14:37] C:\Program Files\Microsoft Games
[25/06/2007|22:52] C:\Program Files\Microsoft Office
[25/06/2007|22:52] C:\Program Files\Microsoft Works
[25/06/2007|22:51] C:\Program Files\Microsoft.NET
[26/12/2007|16:23] C:\Program Files\Mindscape
[25/06/2007|21:55] C:\Program Files\Motorola
[02/11/2006|14:42] C:\Program Files\Movie Maker
[22/08/2007|07:32] C:\Program Files\MP3Gain
[02/11/2006|14:37] C:\Program Files\MSBuild
[02/11/2006|14:37] C:\Program Files\MSN
[07/04/2008|08:09] C:\Program Files\MSN Messenger
[15/05/2008|18:47] C:\Program Files\Navilog1
[22/08/2007|11:06] C:\Program Files\Nero
[19/04/2008|22:05] C:\Program Files\QuickTime
[19/08/2007|13:42] C:\Program Files\Real
[25/06/2007|23:09] C:\Program Files\Realtek
[02/11/2006|14:37] C:\Program Files\Reference Assemblies
[25/06/2007|22:36] C:\Program Files\Roxio
[12/08/2007|09:17] C:\Program Files\Samsung
[22/12/2007|12:21] C:\Program Files\Securitoo
[25/06/2007|23:06] C:\Program Files\Services en ligne
[12/12/2007|22:13] C:\Program Files\SP38015
[15/05/2008|18:37] C:\Program Files\Spybot - Search & Destroy
[25/06/2007|22:01] C:\Program Files\Synaptics
[02/11/2006|15:01] C:\Program Files\Uninstall Information
[19/08/2007|13:43] C:\Program Files\Viewpoint
[22/08/2007|08:53] C:\Program Files\Winamp
[02/11/2006|14:42] C:\Program Files\Windows Calendar
[02/11/2006|14:42] C:\Program Files\Windows Collaboration
[02/11/2006|14:42] C:\Program Files\Windows Defender
[02/11/2006|14:42] C:\Program Files\Windows Journal
[10/03/2008|19:16] C:\Program Files\Windows Live
[12/08/2007|09:36] C:\Program Files\Windows Mail
[12/08/2007|09:36] C:\Program Files\Windows Media Player
[11/08/2007|22:49] C:\Program Files\Windows NT
[02/11/2006|14:42] C:\Program Files\Windows Photo Gallery
[02/11/2006|14:42] C:\Program Files\Windows Sidebar
[15/05/2008|18:37] C:\Program Files\Yahoo!

------[ Listing des dossiers dans C:\Program Files\Common Files ]------

[21/02/2008|12:02] C:\Program Files\Common Files\Adobe
[16/05/2008|17:00] C:\Program Files\Common Files\AOL
[19/08/2007|13:44] C:\Program Files\Common Files\aolback
[19/04/2008|22:01] C:\Program Files\Common Files\Apple
[25/06/2007|22:52] C:\Program Files\Common Files\DESIGNER
[25/06/2007|23:03] C:\Program Files\Common Files\HP
[25/06/2007|23:10] C:\Program Files\Common Files\InstallShield
[25/06/2007|23:26] C:\Program Files\Common Files\Java
[25/06/2007|23:11] C:\Program Files\Common Files\LightScribe
[02/12/2007|16:37] C:\Program Files\Common Files\Micro Application Shared
[07/04/2008|08:06] C:\Program Files\Common Files\microsoft shared
[19/08/2007|13:43] C:\Program Files\Common Files\Nullsoft
[19/08/2007|13:42] C:\Program Files\Common Files\Real
[25/06/2007|22:35] C:\Program Files\Common Files\Roxio Shared
[19/08/2007|15:40] C:\Program Files\Common Files\Scanner
[02/11/2006|13:18] C:\Program Files\Common Files\Services
[25/06/2007|22:34] C:\Program Files\Common Files\Sonic Shared
[02/11/2006|13:18] C:\Program Files\Common Files\SpeechEngines
[25/06/2007|22:36] C:\Program Files\Common Files\SureThing Shared
[19/08/2007|15:32] C:\Program Files\Common Files\Symantec Shared
[02/11/2006|14:42] C:\Program Files\Common Files\System
[07/04/2008|08:06] C:\Program Files\Common Files\WindowsLiveInstaller

---------------------------[ Process ]--------------------------

... 70

iexplore.exe ~ [3900]
iexplore.exe ~ [1440]

----------------------[ Recherche avec S_Lop ]---------------------

C:\ProgramData\Hold Four Logo.s247e
C:\ProgramData\Type Hole Hole.62jibkl
C:\ProgramData\Type Hole Hole.ahhei7u
C:\ProgramData\Type Hole Hole.q9sgx9
C:\ProgramData\Type Hole Hole.zthy8
C:\ProgramData\Type Hole Hole.62jibkl
C:\ProgramData\Type Hole Hole.ahhei7u
C:\ProgramData\Type Hole Hole.q9sgx9
C:\ProgramData\Type Hole Hole.zthy8

-----------------[ Recherche de Fichiers / Dossiers Lop ]-----------------

C:\ProgramData\Time Dead Warn Default
C:\ProgramData\Time Dead Warn Default\five dupe.exe
C:\Program Files\Circle Developement
C:\Program Files\Circle Developement\Uninstall.exe

----------------------[ Verification du Registre ]----------------------

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\Curre ntVersion\Run]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Run]

..... OK !

--------------------[ Verification du fichier Hosts ]---------------------

Fichier Hosts PROPRE


----------------[ Recherche de fichiers avec Catchme ]-----------------

catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-05-16 17:03:43
Windows 6.0.6000 NTFS
scanning hidden processes ...
scanning hidden files ...
scan completed successfully
hidden processes: 0
hidden files: 0

--------------------[ Recherche d'autres infections ]---------------------

=> C:\Users\Jenny\Desktop\Prog anti-virus\Rogueremover Pro 1[1].15 And Cracked.zip


/!\ [Fich:8][Doss:0] C:\Users\Jenny\AppData\Local\Temp
/!\ [Fich:2][Doss:1] C:\Users\Jenny\AppData\Roaming\MICROS~1\Windows\Co okies
/!\ [Fich:3][Doss:1] C:\Users\Jenny\AppData\Local\MICROS~1\Windows\TEMP OR~1\content.IE5

[ UAC => 1 ]

--------------------[ Fin du rapport a 17:18:08,33 ]----------------------
et voici le log hijackthis

Logfile of HijackThis v1.99.1
Scan saved at 17:31:13, on 16/05/2008
Platform: Unknown Windows (WinNT 6.00.1904)
MSIE: Internet Explorer v7.00 (7.00.6000.16386)

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskeng.exe
C:\Windows\System32\rundll32.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Windows\RtHDVCpl.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
C:\Program Files\HP\QuickPlay\QPService.exe
C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe
C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
C:\Program Files\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe
C:\Program Files\HP\HP Software Update\hpwuSchd2.exe
C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
C:\Program Files\Common Files\AOL\1187526300\ee\aolsoftware.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Windows\ehome\ehmsas.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Hewlett-Packard\Shared\HpqToaster.exe
C:\Windows\explorer.exe
C:\Windows\system32\notepad.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files\Internet Explorer\iexplore.exe
c:\program files\aol\aol toolbar 4.0\AolTbServer.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Google
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,First Home Page = C:\Program Files\AOL Toolbar\welcome.html
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Int ernet Settings,ProxyOverride = *.local
O1 - Hosts: ::1 localhost
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: AOL Toolbar Launcher - {7C554162-8CB7-45A4-B8F4-8EA1C75885F9} - C:\Program Files\AOL\AOL Toolbar 4.0\aoltb.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Ask Search Assistant BHO - {9CB65201-89C4-402c-BA80-02D8C59F9B1D} - (no file)
O3 - Toolbar: AOL Toolbar - {DE9C389F-3316-41A7-809B-AA305ED9D922} - C:\Program Files\AOL\AOL Toolbar 4.0\aoltb.dll
O4 - HKLM\..\Run: [NvSvc] RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [SMSERIAL] C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe
O4 - HKLM\..\Run: [QPService] "C:\Program Files\HP\QuickPlay\QPService.exe"
O4 - HKLM\..\Run: [QlbCtrl] %ProgramFiles%\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start
O4 - HKLM\..\Run: [HP Health Check Scheduler] C:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe
O4 - HKLM\..\Run: [hpWirelessAssistant] %ProgramFiles%\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
O4 - HKLM\..\Run: [WAWifiMessage] %ProgramFiles%\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
O4 - HKLM\..\Run: [AOLDialer] C:\Program Files\Common Files\AOL\ACS\AOLDial.exe
O4 - HKLM\..\Run: [HostManager] C:\Program Files\Common Files\AOL\1187526300\ee\AOLSoftware.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe" /hide /waitservice
O4 - HKLM\..\RunOnce: [Launcher] %WINDIR%\SMINST\launcher.exe
O4 - HKCU\..\Run: [ccleaner] "C:\Program Files\CCleaner\ccleaner.exe" /AUTO
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [Debug Locks] "C:\ProgramData\Type Hole Hole.q9sgx9"
O8 - Extra context menu item: &Recherche AOL Toolbar - c:\program files\aol\aol toolbar 4.0\resources\fr-FR\local\search.html
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra button: AOL Toolbar - {3369AF0D-62E9-4bda-8103-B4C75499B578} - C:\Program Files\AOL\AOL Toolbar 4.0\aoltb.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\Windows\system32\Shdocvw.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\nlaapi.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\napinsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\bonjour\mdnsnsp.dll
O11 - Options group: [INTERNATIONAL] International*
O13 - Gopher Prefix:
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: ms-help - {314111C7-A502-11D2-BBCA-00C04F8EC294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Filter hijack: text/xml - {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DL L
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: CyberLink Background Capture Service (CBCS) (CLCapSvc) - Unknown owner - C:\Program Files\HP\QuickPlay\Kernel\TV\CLCapSvc.exe
O23 - Service: CyberLink Task Scheduler (CTS) (CLSched) - Unknown owner - C:\Program Files\HP\QuickPlay\Kernel\TV\CLSched.exe
O23 - Service: Com4Qlb - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4Qlb.exe
O23 - Service: @%SystemRoot%\ehome\ehstart.dll,-101 (ehstart) - Unknown owner - %windir%\system32\svchost.exe (file missing)
O23 - Service: Eset HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe
O23 - Service: Eset Service (ekrn) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
O23 - Service: HP Health Check Service - Hewlett-Packard - C:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe
O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: NMIndexingService - Unknown owner - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe (file missing)
O23 - Service: @%SystemRoot%\system32\qwave.dll,-1 (QWAVE) - Unknown owner - %windir%\system32\svchost.exe (file missing)
O23 - Service: RoxMediaDB9 - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe
O23 - Service: @%SystemRoot%\system32\seclogon.dll,-7001 (seclogon) - Unknown owner - %windir%\system32\svchost.exe (file missing)
O23 - Service: stllssvr - MicroVision Development, Inc. - C:\Program Files\Common Files\SureThing Shared\stllssvr.exe
O23 - Service: @%ProgramFiles%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - %ProgramFiles%\Windows Media Player\wmpnetwk.exe (file missing)

Merci

[Sham-Rock]

re

vire ça:
C:\Users\Jenny\Desktop\Prog anti-virus\Rogueremover Pro 1[1].15 And Cracked.zip



Sélectionne entièrement l'encadré ci-dessous , puis clique droit Copier

Citation:

C:\ProgramData\Peak Upload Second

Relance Lop S&D
Choisis cette fois ci l'Option 4 ( LopScript )
Une page blanche va s'ouvrir , clique droit dessus et choisis Coller
Ferme la page , il te sera demandé de l'enregistrer , clique sur [Enregistrer]
Ne ferme pas la fenêtre lors de la suppression !
Poste le rapport généré ( C:\lopR.txt )

( Si le Bureau ne réapparaît pas presse Ctrl + Alt + Suppr , Onglet Fichier , Nouvelle tâche , tape explorer.exe et valide )

[titi16fr]

Bonjour,

J'ai enregistré la phrase demandé et j'ai un message m'indiquant que le fichier n'a pas été trouvé. Effectivement, le fichier est toujours là :/

nouveau log


-----------------------[ Lop S&D 4.2.0-8 XP/Vista ]---------------------

[ Windows 'Longhorn' (NT 6.0) Workstation Build 6000 ]
[ USER : Jenny ] [ "C:\Lop SD" ] [ Selection : 1 ]
[ 17/05/2008 | 15:04:33,27 ] [ PC : ORDI-JENNY ]
[ MAJ : 11-05-2008 | 18:25 ]
[ UAC => 0 ]

-------------[ Listing des dossiers dans Application Data ]------------

[13/03/2008|21:05] C:\Users\Jenny\AppData\Roaming\Adobe\Flash Player
[27/10/2007|12:22] C:\Users\Jenny\AppData\Roaming\Adobe\Linguistics
[11/08/2007|23:05] C:\Users\Jenny\AppData\Roaming\Adobe\Acrobat

[22/08/2007|20:02] C:\Users\Jenny\AppData\Roaming\Ahead\Nero Burning ROM
[22/08/2007|11:10] C:\Users\Jenny\AppData\Roaming\Ahead\NeroVision


[17/05/2008|12:01] C:\Users\Jenny\AppData\Roaming\Apple Computer\iTunes
[14/04/2008|14:25] C:\Users\Jenny\AppData\Roaming\Apple Computer\QuickTime

[12/08/2007|08:05] C:\Users\Jenny\AppData\Roaming\CyberLink\PowerCine ma
[12/08/2007|08:05] C:\Users\Jenny\AppData\Roaming\CyberLink\PowerDVD

[23/11/2007|00:19] C:\Users\Jenny\AppData\Roaming\Desperate Housewives\Profiles
[18/11/2007|00:26] C:\Users\Jenny\AppData\Roaming\Desperate Housewives\Saves

[16/05/2008|10:05] C:\Users\Jenny\AppData\Roaming\GetValue.vbs\GetVal ue.vbs

[20/02/2008|07:10] C:\Users\Jenny\AppData\Roaming\Google\Local Search History

[11/08/2007|22:55] C:\Users\Jenny\AppData\Roaming\Hewlett-Packard\HP Software UI

[12/08/2007|08:05] C:\Users\Jenny\AppData\Roaming\HP\QuickPlay

[12/08/2007|09:39] C:\Users\Jenny\AppData\Roaming\Identities\{E6B97C3 4-CA19-4B68-A88E-73C05C24609F}
[11/08/2007|23:05] C:\Users\Jenny\AppData\Roaming\Identities\{CFC3D3A 3-95D4-4653-B751-5156957A0926}

[12/05/2008|12:28] C:\Users\Jenny\AppData\Roaming\LimeWire\library.da t
[11/05/2008|13:33] C:\Users\Jenny\AppData\Roaming\LimeWire\spam.dat
[11/05/2008|13:33] C:\Users\Jenny\AppData\Roaming\LimeWire\questions. props
[11/05/2008|13:33] C:\Users\Jenny\AppData\Roaming\LimeWire\tables.pro ps
[11/05/2008|13:33] C:\Users\Jenny\AppData\Roaming\LimeWire\installati on.props
[11/05/2008|13:33] C:\Users\Jenny\AppData\Roaming\LimeWire\mojito.pro ps
[11/05/2008|13:33] C:\Users\Jenny\AppData\Roaming\LimeWire\limewire.p rops
[11/05/2008|13:33] C:\Users\Jenny\AppData\Roaming\LimeWire\gnutella.n et
[11/05/2008|13:30] C:\Users\Jenny\AppData\Roaming\LimeWire\filters.pr ops
[11/05/2008|13:29] C:\Users\Jenny\AppData\Roaming\LimeWire\createtime s.cache
[11/05/2008|13:29] C:\Users\Jenny\AppData\Roaming\LimeWire\fileurns.c ache
[27/04/2008|11:18] C:\Users\Jenny\AppData\Roaming\LimeWire\simpp.xml
[27/04/2008|11:18] C:\Users\Jenny\AppData\Roaming\LimeWire\version.xm l
[13/03/2008|21:19] C:\Users\Jenny\AppData\Roaming\LimeWire\.NetworkSh are
[25/11/2007|15:21] C:\Users\Jenny\AppData\Roaming\LimeWire\active.moj ito
[20/08/2007|09:16] C:\Users\Jenny\AppData\Roaming\LimeWire\414splashf ree.png
[19/08/2007|23:30] C:\Users\Jenny\AppData\Roaming\LimeWire\responses. cache
[19/08/2007|21:06] C:\Users\Jenny\AppData\Roaming\LimeWire\fileurns.b ak
[19/08/2007|21:04] C:\Users\Jenny\AppData\Roaming\LimeWire\.AppSpecia lShare
[19/08/2007|21:04] C:\Users\Jenny\AppData\Roaming\LimeWire\xml
[19/08/2007|21:04] C:\Users\Jenny\AppData\Roaming\LimeWire\themes

[16/05/2008|18:53] C:\Users\Jenny\AppData\Roaming\Macromedia\Flash Player


[17/05/2008|12:15] C:\Users\Jenny\AppData\Roaming\Microsoft\Word
[16/05/2008|12:07] C:\Users\Jenny\AppData\Roaming\Microsoft\IdentityC RL
[16/05/2008|12:07] C:\Users\Jenny\AppData\Roaming\Microsoft\digital locker
[15/05/2008|04:38] C:\Users\Jenny\AppData\Roaming\Microsoft\HTML Help
[13/04/2008|07:47] C:\Users\Jenny\AppData\Roaming\Microsoft\Office
[13/04/2008|07:45] C:\Users\Jenny\AppData\Roaming\Microsoft\Excel
[03/04/2008|21:34] C:\Users\Jenny\AppData\Roaming\Microsoft\CLView
[12/02/2008|22:24] C:\Users\Jenny\AppData\Roaming\Microsoft\Pack Emoticones Love
[10/02/2008|22:52] C:\Users\Jenny\AppData\Roaming\Microsoft\Templates
[20/01/2008|20:50] C:\Users\Jenny\AppData\Roaming\Microsoft\MSN Messenger
[27/12/2007|16:40] C:\Users\Jenny\AppData\Roaming\Microsoft\Speech
[26/12/2007|20:46] C:\Users\Jenny\AppData\Roaming\Microsoft\OIS
[26/12/2007|19:41] C:\Users\Jenny\AppData\Roaming\Microsoft\UProof
[02/12/2007|15:11] C:\Users\Jenny\AppData\Roaming\Microsoft\Clip Organizer
[25/11/2007|18:12] C:\Users\Jenny\AppData\Roaming\Microsoft\QuickStyl es
[27/10/2007|14:32] C:\Users\Jenny\AppData\Roaming\Microsoft\eHome
[21/10/2007|22:31] C:\Users\Jenny\AppData\Roaming\Microsoft\Internet Explorer
[14/10/2007|17:31] C:\Users\Jenny\AppData\Roaming\Microsoft\Windows Media Encoder
[23/09/2007|17:36] C:\Users\Jenny\AppData\Roaming\Microsoft\Proof
[19/08/2007|18:05] C:\Users\Jenny\AppData\Roaming\Microsoft\LastFlash Config.WFC
[19/08/2007|13:45] C:\Users\Jenny\AppData\Roaming\Microsoft\Network
[12/08/2007|10:44] C:\Users\Jenny\AppData\Roaming\Microsoft\MMC
[12/08/2007|09:16] C:\Users\Jenny\AppData\Roaming\Microsoft\Crypto
[12/08/2007|07:44] C:\Users\Jenny\AppData\Roaming\Microsoft\Windows
[12/08/2007|00:30] C:\Users\Jenny\AppData\Roaming\Microsoft\�preuve
[12/08/2007|00:29] C:\Users\Jenny\AppData\Roaming\Microsoft\Document Building Blocks
[12/08/2007|00:29] C:\Users\Jenny\AppData\Roaming\Microsoft\AddIns
[11/08/2007|23:05] C:\Users\Jenny\AppData\Roaming\Microsoft\Protect
[11/08/2007|23:03] C:\Users\Jenny\AppData\Roaming\Microsoft\SystemCer tificates
[11/08/2007|22:55] C:\Users\Jenny\AppData\Roaming\Microsoft\CLR Security Config
[11/08/2007|22:53] C:\Users\Jenny\AppData\Roaming\Microsoft\Credentia ls

[17/05/2008|14:59] C:\Users\Jenny\AppData\Roaming\nvModes.001\nvModes .001

[17/05/2008|14:59] C:\Users\Jenny\AppData\Roaming\nvModes.dat\nvModes .dat

[07/04/2008|17:07] C:\Users\Jenny\AppData\Roaming\SecuROM\UserData

[16/05/2008|10:05] C:\Users\Jenny\AppData\Roaming\SetValue.bat\SetVal ue.bat

[18/02/2005|00:07] C:\Users\Jenny\AppData\Roaming\Template\Normal.wpt

[12/08/2007|16:27] C:\Users\Jenny\AppData\Roaming\UserTile.png\UserTi le.png

[17/03/2008|19:42] C:\Users\Jenny\AppData\Roaming\wklnhst.dat\wklnhst .dat

[19/08/2007|13:43] C:\Users\Jenny\AppData\Roaming\You've Got Pictures Screensaver\PictureDir

----------------[ Tâches planifiées dans C:\Windows\tasks ]---------------

[17/05/2008 14:57][--ah-----] C:\Windows\tasks\SA.DAT
[17/05/2008 14:56][--a------] C:\Windows\tasks\SCHEDLGU.TXT

------[ Listing des dossiers dans C:\ProgramData ]------

[25/06/2007|22:53] C:\ProgramData\{623D32E9-0C62-4453-AD44-98B31F52A5E1}
[21/02/2008|12:01] C:\ProgramData\Adobe
[22/08/2007|11:09] C:\ProgramData\Ahead
[16/05/2008|17:02] C:\ProgramData\AOL
[21/10/2007|18:44] C:\ProgramData\AOL Downloads
[19/04/2008|22:01] C:\ProgramData\Apple
[19/04/2008|22:06] C:\ProgramData\Apple Computer
[11/08/2007|22:49] C:\ProgramData\Application Data
[11/08/2007|22:49] C:\ProgramData\Bureau
[25/06/2007|22:54] C:\ProgramData\CyberLink
[11/08/2007|22:49] C:\ProgramData\Documents
[15/05/2008|18:40] C:\ProgramData\ESET
[11/08/2007|22:49] C:\ProgramData\Favoris
[16/05/2008|09:06] C:\ProgramData\Google
[25/06/2007|23:27] C:\ProgramData\Hewlett-Packard
[12/08/2007|08:05] C:\ProgramData\HP
[17/04/2008|04:58] C:\ProgramData\hpzinstall.log
[30/01/2008|22:34] C:\ProgramData\Lavasoft
[22/08/2007|19:39] C:\ProgramData\LightScribe
[19/08/2007|14:26] C:\ProgramData\Macromedia
[21/10/2007|20:02] C:\ProgramData\McAfee
[11/08/2007|22:49] C:\ProgramData\Menu D‚marrer
[10/03/2008|22:39] C:\ProgramData\Messenger Plus!
[16/05/2008|12:07] C:\ProgramData\Microsoft
[25/12/2007|21:31] C:\ProgramData\Microsoft Help
[11/08/2007|22:49] C:\ProgramData\ModŠles
[03/05/2008|22:32] C:\ProgramData\Peak Upload Second
[19/08/2007|19:11] C:\ProgramData\QuickTime
[25/06/2007|22:35] C:\ProgramData\Roxio
[25/06/2007|22:31] C:\ProgramData\Sonic
[15/05/2008|18:37] C:\ProgramData\Spybot - Search & Destroy
[19/08/2007|15:32] C:\ProgramData\Symantec
[19/08/2007|13:43] C:\ProgramData\Viewpoint
[13/04/2008|10:48] C:\ProgramData\WLInstaller

---------------[ Listing des dossiers dans C:\Program Files ]--------------

[25/06/2007|22:53] C:\Program Files\Activation Assistant for the 2007 Microsoft Office suites
[21/02/2008|12:00] C:\Program Files\Adobe
[19/08/2007|16:14] C:\Program Files\Alwil Software
[16/05/2008|10:13] C:\Program Files\AOL
[19/08/2007|14:25] C:\Program Files\AOL Toolbar
[19/08/2007|12:58] C:\Program Files\AOLbox
[03/05/2008|22:37] C:\Program Files\Apple Software Update
[19/04/2008|22:06] C:\Program Files\Bonjour
[07/01/2008|02:59] C:\Program Files\CCleaner
[16/05/2008|11:28] C:\Program Files\Common Files
[02/11/2006|14:50] C:\Program Files\desktop.ini
[26/12/2007|16:16] C:\Program Files\EA GAMES
[25/06/2007|23:05] C:\Program Files\EasyBits
[03/02/2008|20:40] C:\Program Files\Electronic Arts
[20/08/2007|09:14] C:\Program Files\eMule
[15/05/2008|18:40] C:\Program Files\ESET
[11/08/2007|22:49] C:\Program Files\Fichiers communs [C:\Program Files\Common Files]
[16/05/2008|09:20] C:\Program Files\Google
[25/06/2007|23:22] C:\Program Files\Hewlett-Packard
[25/06/2007|23:22] C:\Program Files\HP
[25/06/2007|23:11] C:\Program Files\HPQ
[17/05/2008|11:41] C:\Program Files\InstallShield Installation Information
[25/06/2007|22:16] C:\Program Files\Intel
[21/10/2007|23:06] C:\Program Files\Internet Explorer
[19/04/2008|22:06] C:\Program Files\iPod
[19/04/2008|22:07] C:\Program Files\iTunes
[02/12/2007|13:51] C:\Program Files\Java
[19/08/2007|13:43] C:\Program Files\Learn2.com
[15/05/2008|18:46] C:\Program Files\Lop SD
[31/03/2008|21:02] C:\Program Files\Messenger Plus! Live
[14/01/2008|16:20] C:\Program Files\Micro Application
[02/11/2006|14:37] C:\Program Files\Microsoft Games
[25/06/2007|22:52] C:\Program Files\Microsoft Office
[25/06/2007|22:52] C:\Program Files\Microsoft Works
[25/06/2007|22:51] C:\Program Files\Microsoft.NET
[26/12/2007|16:23] C:\Program Files\Mindscape
[25/06/2007|21:55] C:\Program Files\Motorola
[02/11/2006|14:42] C:\Program Files\Movie Maker
[22/08/2007|07:32] C:\Program Files\MP3Gain
[02/11/2006|14:37] C:\Program Files\MSBuild
[02/11/2006|14:37] C:\Program Files\MSN
[07/04/2008|08:09] C:\Program Files\MSN Messenger
[15/05/2008|18:47] C:\Program Files\Navilog1
[22/08/2007|11:06] C:\Program Files\Nero
[19/04/2008|22:05] C:\Program Files\QuickTime
[19/08/2007|13:42] C:\Program Files\Real
[25/06/2007|23:09] C:\Program Files\Realtek
[02/11/2006|14:37] C:\Program Files\Reference Assemblies
[25/06/2007|22:36] C:\Program Files\Roxio
[12/08/2007|09:17] C:\Program Files\Samsung
[22/12/2007|12:21] C:\Program Files\Securitoo
[25/06/2007|23:06] C:\Program Files\Services en ligne
[12/12/2007|22:13] C:\Program Files\SP38015
[15/05/2008|18:37] C:\Program Files\Spybot - Search & Destroy
[25/06/2007|22:01] C:\Program Files\Synaptics
[02/11/2006|15:01] C:\Program Files\Uninstall Information
[19/08/2007|13:43] C:\Program Files\Viewpoint
[22/08/2007|08:53] C:\Program Files\Winamp
[02/11/2006|14:42] C:\Program Files\Windows Calendar
[02/11/2006|14:42] C:\Program Files\Windows Collaboration
[02/11/2006|14:42] C:\Program Files\Windows Defender
[02/11/2006|14:42] C:\Program Files\Windows Journal
[10/03/2008|19:16] C:\Program Files\Windows Live
[12/08/2007|09:36] C:\Program Files\Windows Mail
[12/08/2007|09:36] C:\Program Files\Windows Media Player
[11/08/2007|22:49] C:\Program Files\Windows NT
[02/11/2006|14:42] C:\Program Files\Windows Photo Gallery
[02/11/2006|14:42] C:\Program Files\Windows Sidebar
[15/05/2008|18:37] C:\Program Files\Yahoo!

------[ Listing des dossiers dans C:\Program Files\Common Files ]------

[21/02/2008|12:02] C:\Program Files\Common Files\Adobe
[16/05/2008|17:07] C:\Program Files\Common Files\AOL
[19/08/2007|13:44] C:\Program Files\Common Files\aolback
[19/04/2008|22:01] C:\Program Files\Common Files\Apple
[25/06/2007|22:52] C:\Program Files\Common Files\DESIGNER
[25/06/2007|23:03] C:\Program Files\Common Files\HP
[25/06/2007|23:10] C:\Program Files\Common Files\InstallShield
[25/06/2007|23:26] C:\Program Files\Common Files\Java
[25/06/2007|23:11] C:\Program Files\Common Files\LightScribe
[02/12/2007|16:37] C:\Program Files\Common Files\Micro Application Shared
[07/04/2008|08:06] C:\Program Files\Common Files\microsoft shared
[19/08/2007|13:43] C:\Program Files\Common Files\Nullsoft
[19/08/2007|13:42] C:\Program Files\Common Files\Real
[25/06/2007|22:35] C:\Program Files\Common Files\Roxio Shared
[19/08/2007|15:40] C:\Program Files\Common Files\Scanner
[02/11/2006|13:18] C:\Program Files\Common Files\Services
[25/06/2007|22:34] C:\Program Files\Common Files\Sonic Shared
[02/11/2006|13:18] C:\Program Files\Common Files\SpeechEngines
[25/06/2007|22:36] C:\Program Files\Common Files\SureThing Shared
[19/08/2007|15:32] C:\Program Files\Common Files\Symantec Shared
[02/11/2006|14:42] C:\Program Files\Common Files\System
[07/04/2008|08:06] C:\Program Files\Common Files\WindowsLiveInstaller

---------------------------[ Process ]--------------------------

... 66

... OK !

----------------------[ Recherche avec S_Lop ]---------------------

Aucun fichier / dossier Lop trouvé !

-----------------[ Recherche de Fichiers / Dossiers Lop ]-----------------

Aucun fichier / dossier Lop trouvé !

----------------------[ Verification du Registre ]----------------------

..... OK !

--------------------[ Verification du fichier Hosts ]---------------------

Fichier Hosts PROPRE

----------------[ Recherche de fichiers avec Catchme ]-----------------

catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-05-17 15:04:53
Windows 6.0.6000 NTFS
scanning hidden processes ...
scanning hidden files ...
scan completed successfully
hidden processes: 0
hidden files: 0

--------------------[ Recherche d'autres infections ]---------------------

Aucune autre infection trouvée !

/!\ [Fich:12][Doss:2] C:\Users\Jenny\AppData\Local\Temp
/!\ [Fich:2][Doss:1] C:\Users\Jenny\AppData\Roaming\MICROS~1\Windows\Co okies
/!\ [Fich:2][Doss:0] C:\Users\Jenny\AppData\Local\MICROS~1\Windows\TEMP OR~1\content.IE5

[ UAC => 1 ]

--------------------[ Fin du rapport a 15:05:37,73 ]--------------------
Merci

[Sham-Rock]

bonjour

rien ne se passe jamais normalement avec Vista...

supprime à la main le dossier: C:\ProgramData\Peak Upload Second

reposte un log hijackthis stp

[titi16fr]

Fichier supprimé en mode sans échec

reponse un peu longue désolé (pbm irl)

voici le log Hijackthis
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 17:54:26, on 05/06/2008
Platform: Windows Vista (WinNT 6.00.1904)
MSIE: Internet Explorer v7.00 (7.00.6000.16386)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskeng.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Windows\System32\rundll32.exe
C:\Windows\RtHDVCpl.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
C:\Program Files\HP\QuickPlay\QPService.exe
C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe
C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
C:\Program Files\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe
C:\Program Files\HP\HP Software Update\hpwuSchd2.exe
C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
C:\Program Files\Common Files\AOL\1187526300\ee\aolsoftware.exe
C:\Program Files\QuickTime\QTTask.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Windows\ehome\ehmsas.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files\Internet Explorer\ieuser.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\Program Files\Hewlett-Packard\Shared\HpqToaster.exe
C:\Program Files\Internet Explorer\iexplore.exe
c:\program files\aol\aol toolbar 4.0\AolTbServer.exe
C:\Windows\system32\Macromed\Flash\FlashUtil9e.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = MSN.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,First Home Page = C:\Program Files\AOL Toolbar\welcome.html
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Int ernet Settings,ProxyOverride = *.local
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: AOL Toolbar Launcher - {7C554162-8CB7-45A4-B8F4-8EA1C75885F9} - C:\Program Files\AOL\AOL Toolbar 4.0\aoltb.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Ask Search Assistant BHO - {9CB65201-89C4-402c-BA80-02D8C59F9B1D} - (no file)
O3 - Toolbar: AOL Toolbar - {DE9C389F-3316-41A7-809B-AA305ED9D922} - C:\Program Files\AOL\AOL Toolbar 4.0\aoltb.dll
O4 - HKLM\..\Run: [NvSvc] RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [SMSERIAL] C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe
O4 - HKLM\..\Run: [QPService] "C:\Program Files\HP\QuickPlay\QPService.exe"
O4 - HKLM\..\Run: [QlbCtrl] %ProgramFiles%\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start
O4 - HKLM\..\Run: [HP Health Check Scheduler] C:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe
O4 - HKLM\..\Run: [hpWirelessAssistant] %ProgramFiles%\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
O4 - HKLM\..\Run: [WAWifiMessage] %ProgramFiles%\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
O4 - HKLM\..\Run: [AOLDialer] C:\Program Files\Common Files\AOL\ACS\AOLDial.exe
O4 - HKLM\..\Run: [HostManager] C:\Program Files\Common Files\AOL\1187526300\ee\AOLSoftware.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe" /hide /waitservice
O4 - HKLM\..\RunOnce: [Launcher] %WINDIR%\SMINST\launcher.exe
O4 - HKCU\..\Run: [ccleaner] "C:\Program Files\CCleaner\ccleaner.exe" /AUTO
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [Debug Locks] "C:\ProgramData\Type Hole Hole.q9sgx9"
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU')
O8 - Extra context menu item: &Recherche AOL Toolbar - c:\program files\aol\aol toolbar 4.0\resources\fr-FR\local\search.html
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra button: AOL Toolbar - {3369AF0D-62E9-4bda-8103-B4C75499B578} - C:\Program Files\AOL\AOL Toolbar 4.0\aoltb.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\Windows\system32\Shdocvw.dll
O13 - Gopher Prefix:
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: CyberLink Background Capture Service (CBCS) (CLCapSvc) - Unknown owner - C:\Program Files\HP\QuickPlay\Kernel\TV\CLCapSvc.exe
O23 - Service: CyberLink Task Scheduler (CTS) (CLSched) - Unknown owner - C:\Program Files\HP\QuickPlay\Kernel\TV\CLSched.exe
O23 - Service: Com4Qlb - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4Qlb.exe
O23 - Service: Eset HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe
O23 - Service: Eset Service (ekrn) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
O23 - Service: HP Health Check Service - Hewlett-Packard - C:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe
O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: NMIndexingService - Unknown owner - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe (file missing)
O23 - Service: RoxMediaDB9 - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe
O23 - Service: stllssvr - MicroVision Development, Inc. - C:\Program Files\Common Files\SureThing Shared\stllssvr.exe

--
End of file - 8602 bytes


merci

[Sham-Rock]

bonsoir
C:\ProgramData\Type Hole Hole.q9sgx9 a déjà été supprimé avec Lop S&D.


~Lance Hijackthis comme suit:
clic-droit sur Hijackthis.exe et choisir "Exécuter en tant qu'administrateur" puis:
Do a system scan only.
Coche les lignes qui suivent si encore présentes et uniquement celles-là.

O2 - BHO: Ask Search Assistant BHO - {9CB65201-89C4-402c-BA80-02D8C59F9B1D} - (no file)
O4 - HKCU\..\Run: [Debug Locks] "C:\ProgramData\Type Hole Hole.q9sgx9"

Clique sur Fix checked (en bas à gauche)


d'autres soucis?

[titi16fr]

J'ai un message qui apparait à chaque clique sur internet explorer.

"file:///C:/Program%20Files/AOL%20Toolbar/welcom.html est introuvable. Vérifiez que le chemin d'accès ou l'adresse internet sont corrects."

après 2 clics sur 2 fenetres ça marche mais c'est penible.

merci