publicités intempestives et je n'y connais rien !!!

[Invité aurelie]

Bonjour,

 

Alors voici les résultats :

1/ rapport kapersky

 

KASPERSKY ONLINE SCANNER REPORT

Saturday, April 19, 2008 12:37:11 AM

Operating System: Microsoft Windows XP Professional, Service Pack 2 (Build 2600)

Kaspersky Online Scanner version: 5.0.98.0

Kaspersky Anti-Virus database last update: 18/04/2008

Kaspersky Anti-Virus database records: 714463

 

 

Scan Settings

Scan using the following antivirus database extended

Scan Archives true

Scan Mail Bases true

 

Scan Target My Computer

A:\

C:\

D:\

E:\

G:\

 

Scan Statistics

Total number of scanned objects 85977

Number of viruses found 4

Number of infected objects 15

Number of suspicious objects 0

Duration of the scan process 01:28:23

 

Infected Object Name Virus Name Last Action

C:\WINDOWS\system32\config\system.LOG Object is locked skipped

 

C:\WINDOWS\system32\config\software.LOG Object is locked skipped

 

C:\WINDOWS\system32\config\default.LOG Object is locked skipped

 

C:\WINDOWS\system32\config\SECURITY Object is locked skipped

 

C:\WINDOWS\system32\config\SAM Object is locked skipped

 

C:\WINDOWS\system32\config\SAM.LOG Object is locked skipped

 

C:\WINDOWS\system32\config\SECURITY.LOG Object is locked skipped

 

C:\WINDOWS\system32\config\AppEvent.Evt Object is locked skipped

 

C:\WINDOWS\system32\config\SecEvent.Evt Object is locked skipped

 

C:\WINDOWS\system32\config\SysEvent.Evt Object is locked skipped

 

C:\WINDOWS\system32\config\SYSTEM Object is locked skipped

 

C:\WINDOWS\system32\config\SOFTWARE Object is locked skipped

 

C:\WINDOWS\system32\config\DEFAULT Object is locked skipped

 

C:\WINDOWS\system32\config\Internet.evt Object is locked skipped

 

C:\WINDOWS\system32\config\Antivirus.Evt Object is locked skipped

 

C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.DATA Object is locked skipped

 

C:\WINDOWS\system32\wbem\Repository\FS\INDEX.BTR Object is locked skipped

 

C:\WINDOWS\system32\wbem\Repository\FS\INDEX.MAP Object is locked skipped

 

C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.MAP Object is locked skipped

 

C:\WINDOWS\system32\wbem\Repository\FS\MAPPING1.MAP Object is locked skipped

 

C:\WINDOWS\system32\wbem\Repository\FS\MAPPING2.MAP Object is locked skipped

 

C:\WINDOWS\system32\wbem\Repository\FS\MAPPING.VER Object is locked skipped

 

C:\WINDOWS\system32\CatRoot2\tmp.edb Object is locked skipped

 

C:\WINDOWS\system32\CatRoot2\edb.log Object is locked skipped

 

C:\WINDOWS\system32\h323log.txt Object is locked skipped

 

C:\WINDOWS\Temp\Perflib_Perfdata_654.dat Object is locked skipped

 

C:\WINDOWS\Debug\PASSWD.LOG Object is locked skipped

 

C:\WINDOWS\WindowsUpdate.log Object is locked skipped

 

C:\WINDOWS\SoftwareDistribution\ReportingEvents.log Object is locked skipped

 

C:\WINDOWS\Sti_Trace.log Object is locked skipped

 

C:\WINDOWS\wiaservc.log Object is locked skipped

 

C:\WINDOWS\wiadebug.log Object is locked skipped

 

C:\WINDOWS\SchedLgU.Txt Object is locked skipped

 

C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr0.dat Object is locked skipped

 

C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr1.dat Object is locked skipped

 

C:\Documents and Settings\NetworkService\NTUSER.DAT Object is locked skipped

 

C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped

 

C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped

 

C:\Documents and Settings\NetworkService\ntuser.dat.LOG Object is locked skipped

 

C:\Documents and Settings\LocalService\NTUSER.DAT Object is locked skipped

 

C:\Documents and Settings\LocalService\Local Settings\Historique\History.IE5\index.dat Object is locked skipped

 

C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped

 

C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped

 

C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped

 

C:\Documents and Settings\LocalService\Cookies\index.dat Object is locked skipped

 

C:\Documents and Settings\LocalService\ntuser.dat.LOG Object is locked skipped

 

C:\Documents and Settings\YJ\NTUSER.DAT Object is locked skipped

 

C:\Documents and Settings\YJ\Local Settings\Temp\~DF6778.tmp Object is locked skipped

 

C:\Documents and Settings\YJ\Local Settings\Temp\hpodvd09.log Object is locked skipped

 

C:\Documents and Settings\YJ\Local Settings\Historique\History.IE5\index.dat Object is locked skipped

 

C:\Documents and Settings\YJ\Local Settings\Historique\History.IE5\MSHist012008041820080419\index.dat Object is locked skipped

 

C:\Documents and Settings\YJ\Local Settings\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped

 

C:\Documents and Settings\YJ\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped

 

C:\Documents and Settings\YJ\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped

 

C:\Documents and Settings\YJ\Local Settings\Application Data\ApplicationHistory\hpqgalry.exe.7a3a829b.ini.inuse Object is locked skipped

 

C:\Documents and Settings\YJ\Local Settings\Application Data\HP\Digital Imaging\db\CB_Server_Errors.txt Object is locked skipped

 

C:\Documents and Settings\YJ\Local Settings\Application Data\HP\Digital Imaging\db\administrativeInfo.dbf Object is locked skipped

 

C:\Documents and Settings\YJ\Local Settings\Application Data\HP\Digital Imaging\db\pathnameTable.dbf Object is locked skipped

 

C:\Documents and Settings\YJ\Local Settings\Application Data\HP\Digital Imaging\db\pathnameTable.cdx Object is locked skipped

 

C:\Documents and Settings\YJ\Local Settings\Application Data\HP\Digital Imaging\db\imageTable.dbf Object is locked skipped

 

C:\Documents and Settings\YJ\Local Settings\Application Data\HP\Digital Imaging\db\imageTable.cdx Object is locked skipped

 

C:\Documents and Settings\YJ\Local Settings\Application Data\HP\Digital Imaging\db\albumTable.dbf Object is locked skipped

 

C:\Documents and Settings\YJ\Local Settings\Application Data\HP\Digital Imaging\db\albumTable.cdx Object is locked skipped

 

C:\Documents and Settings\YJ\Local Settings\Application Data\HP\Digital Imaging\db\albumImagesTable.dbf Object is locked skipped

 

C:\Documents and Settings\YJ\Local Settings\Application Data\HP\Digital Imaging\db\albumImagesTable.cdx Object is locked skipped

 

C:\Documents and Settings\YJ\Local Settings\Application Data\HP\Digital Imaging\db\keywordTable.dbf Object is locked skipped

 

C:\Documents and Settings\YJ\Local Settings\Application Data\HP\Digital Imaging\db\keywordTable.cdx Object is locked skipped

 

C:\Documents and Settings\YJ\Local Settings\Application Data\HP\Digital Imaging\db\keywordImagesTable.dbf Object is locked skipped

 

C:\Documents and Settings\YJ\Local Settings\Application Data\HP\Digital Imaging\db\keywordImagesTable.cdx Object is locked skipped

 

C:\Documents and Settings\YJ\Local Settings\Application Data\HP\Digital Imaging\db\managedFolderTable.dbf Object is locked skipped

 

C:\Documents and Settings\YJ\Local Settings\Application Data\HP\Digital Imaging\db\EXIFTable.dbf Object is locked skipped

 

C:\Documents and Settings\YJ\Local Settings\Application Data\HP\Digital Imaging\db\EXIFTable.cdx Object is locked skipped

 

C:\Documents and Settings\YJ\Local Settings\Application Data\HP\Digital Imaging\db\ROFTable.dbf Object is locked skipped

 

C:\Documents and Settings\YJ\Local Settings\Application Data\HP\Digital Imaging\db\ROFTable.cdx Object is locked skipped

 

C:\Documents and Settings\YJ\Local Settings\Application Data\HP\Digital Imaging\db\ROFImagesTable.dbf Object is locked skipped

 

C:\Documents and Settings\YJ\Local Settings\Application Data\HP\Digital Imaging\db\ROFImagesTable.cdx Object is locked skipped

 

C:\Documents and Settings\YJ\Local Settings\Application Data\HP\Digital Imaging\db\imageTable.fpt Object is locked skipped

 

C:\Documents and Settings\YJ\Bureau\Navilog1.exe/file10 Infected: not-a-virus:RiskTool.Win32.Reboot.f skipped

 

C:\Documents and Settings\YJ\Bureau\Navilog1.exe Inno: infected - 1 skipped

 

C:\Documents and Settings\YJ\Bureau\monjack\Download_mbam-setup.exe Infected: not-a-virus:Downloader.Win32.WinFixer.fs skipped

 

C:\Documents and Settings\YJ\Bureau\SmitfraudFix\Reboot.exe Infected: not-a-virus:RiskTool.Win32.Reboot.f skipped

 

C:\Documents and Settings\YJ\Cookies\index.dat Object is locked skipped

 

C:\Documents and Settings\YJ\ntuser.dat.LOG Object is locked skipped

 

C:\Program Files\Alwil Software\Avast4\DATA\log\nshield.log Object is locked skipped

 

C:\Program Files\Alwil Software\Avast4\DATA\aswResp.dat Object is locked skipped

 

C:\Program Files\Alwil Software\Avast4\DATA\Avast4.db Object is locked skipped

 

C:\Program Files\HP\hpcoretech\hpcmerr.log Object is locked skipped

 

C:\System Volume Information\_restore{615C60ED-E686-45BB-88E6-DE3F51F7E083}\RP1063\A0082840.exe Infected: not-a-virus:RiskTool.Win32.Reboot.f skipped

 

C:\System Volume Information\_restore{615C60ED-E686-45BB-88E6-DE3F51F7E083}\RP1063\A0082910.exe Infected: not-a-virus:RiskTool.Win32.Reboot.f skipped

 

C:\System Volume Information\_restore{615C60ED-E686-45BB-88E6-DE3F51F7E083}\RP1063\A0082917.exe/data.rar/SmitfraudFix/Reboot.exe Infected: not-a-virus:RiskTool.Win32.Reboot.f skipped

 

C:\System Volume Information\_restore{615C60ED-E686-45BB-88E6-DE3F51F7E083}\RP1063\A0082917.exe/data.rar Infected: not-a-virus:RiskTool.Win32.Reboot.f skipped

 

C:\System Volume Information\_restore{615C60ED-E686-45BB-88E6-DE3F51F7E083}\RP1063\A0082917.exe RarSFX: infected - 2 skipped

 

C:\System Volume Information\_restore{615C60ED-E686-45BB-88E6-DE3F51F7E083}\RP1063\A0082927.exe/file10 Infected: not-a-virus:RiskTool.Win32.Reboot.f skipped

 

C:\System Volume Information\_restore{615C60ED-E686-45BB-88E6-DE3F51F7E083}\RP1063\A0082927.exe Inno: infected - 1 skipped

 

C:\System Volume Information\_restore{615C60ED-E686-45BB-88E6-DE3F51F7E083}\RP1063\change.log Object is locked skipped

 

C:\System Volume Information\_restore{615C60ED-E686-45BB-88E6-DE3F51F7E083}\RP1063\A0083976.exe Infected: not-a-virus:RiskTool.Win32.Reboot.f skipped

 

D:\System Volume Information\_restore{615C60ED-E686-45BB-88E6-DE3F51F7E083}\RP1063\change.log Object is locked skipped

 

D:\emule temp\015.part/Setup.exe Infected: P2P-Worm.Win32.Kapucen.b skipped

 

D:\emule temp\015.part ZIP: infected - 1 skipped

 

G:\System Volume Information\MountPointManagerRemoteDatabase Object is locked skipped

 

G:\System Volume Information\_restore{615C60ED-E686-45BB-88E6-DE3F51F7E083}\RP1058\A0082686.exe Infected: not-a-virus:AdWare.Win32.Shopper.y skipped

 

G:\System Volume Information\_restore{615C60ED-E686-45BB-88E6-DE3F51F7E083}\RP1063\change.log Object is locked skipped

 

Scan process completed.

 

 

 

cleannavi.txt*

 

 

Clean Navipromo version 3.5.4 commencé le 18/04/2008 à 21:31:43,15

 

Outil exécuté depuis C:\Program Files\navilog1

Session actuelle : "YJ"

 

Mise à jour le 15.04.2008 à 18h00 par IL-MAFIOSO

 

 

Microsoft Windows XP [version 5.1.2600]

Internet Explorer : 7.0.5730.11

Système de fichiers : FAT32

 

Mode suppression automatique

avec prise en charge résultats Catchme et GNS

 

 

 

*** fsbl1.txt non trouvé ***

(Assurez-vous que Catchme n'avait rien trouvé lors de la recherche)

 

 

*** Suppression avec sauvegardes résultats GenericNaviSearch ***

 

* Suppression dans "C:\WINDOWS\System32" *

 

 

* Suppression dans "C:\Documents and Settings\YJ\locals~1\applic~1" *

 

 

 

*** Suppression dossiers dans "C:\WINDOWS" ***

 

 

*** Suppression dossiers dans "C:\Program Files" ***

 

 

*** Suppression dossiers dans "C:\DOCUME~1\ALLUSE~1\APPLIC~1" ***

 

 

*** Suppression dossiers dans "C:\Documents and Settings\YJ\applic~1" ***

 

 

*** Suppression dossiers dans "C:\Documents and Settings\YJ\locals~1\applic~1" ***

 

 

*** Suppression dossiers dans "C:\Documents and Settings\YJ\menud+~1\progra~1" ***

 

 

*** Suppression dossiers dans "C:\DOCUME~1\ALLUSE~1\MENUD?~1\PROGRA~1" ***

 

 

 

*** Suppression fichiers ***

 

C:\WINDOWS\system32\nvs2.inf supprimé !

 

*** Suppression fichiers temporaires ***

 

Nettoyage contenu C:\WINDOWS\Temp effectué !

Nettoyage contenu C:\Documents and Settings\YJ\locals~1\Temp effectué !

 

*** Traitement Recherche complémentaire ***

(Recherche fichiers spécifiques)

 

1)Suppression avec sauvegardes nouveaux fichiers Instant Access :

 

2)Recherche, création sauvegardes et suppression Heuristique :

 

 

* Dans "C:\WINDOWS\system32" *

 

 

* Dans "C:\Documents and Settings\YJ\locals~1\applic~1" *

 

lzdggnnp.dat trouvé !

Copie lzdggnnp.dat réalisée avec succès !

lzdggnnp.dat supprimé !

 

lzdggnnp_nav.dat trouvé !

Copie lzdggnnp_nav.dat réalisée avec succès !

lzdggnnp_nav.dat supprimé !

 

lzdggnnp_navps.dat trouvé !

Copie lzdggnnp_navps.dat réalisée avec succès !

lzdggnnp_navps.dat supprimé !

 

lzdggnnp.exe trouvé !

Copie lzdggnnp.exe réalisée avec succès !

lzdggnnp.exe supprimé !

 

C:\WINDOWS\prefetch\lzdggnnp*.pf trouvé !

Copie C:\WINDOWS\prefetch\lzdggnnp*.pf réalisée avec succès !

C:\WINDOWS\prefetch\lzdggnnp*.pf supprimé !

 

 

*** Sauvegarde du Registre vers dossier Safebackup ***

 

sauvegarde du Registre réalisée avec succès !

 

*** Nettoyage Registre ***

 

Nettoyage Registre Ok

 

 

*** Certificats ***

 

Certificat Egroup supprimé !

Certificat Electronic-Group supprimé !

Certificat OOO-Favorit supprimé !

Certificat Sunny-Day-Design-Ltdt absent !

 

*** Nettoyage terminé le 18/04/2008 à 21:35:10,48 ***

 

Voilà! J'attends la suite ! et bonne journée

[pear]

Bonjour,

 

Bon travail!

 

Supprimez ces fichiers infectés, les utres sont dans des quarantaines et dossiers de restauration:

 

D:\emule temp\015.part/Setup.exe Infected: P2P-Worm.Win32.Kapucen.b skipped

D:\emule temp\015.part ZIP: infected - 1 skipped

 

Désinstallez la Restauration Système.

 

Poste de Travail->Propriétés->Restauration Système.

Décocher la Restauration sur tous les lecteurs.

 

Vous la rétablirez ensuite.

Un nouveau point de restauration sera créé.

 

Télécharger ToolsCleaner! de A.Rothstein pour enlever les programmes utilisés pendant la procédure.

http://a-rothstein.changelog.fr/TC/ToolsCleaner2.exe

* Enregistrer ToolsCleaner2.exe sur le Bureau.

Sous Vista,Clic-droit > Exécuter en tant que Administrateur

* Double-cliquer dessus, puis cliquer sur Recherche --> Le programme va chercher les utilitaires installés

------> Il se peut que la fenêtre devienne blanche pendant le scan, c'est normal !

* Copier-coller le contenu du rapport qui apparait dans la fenêtre blanche.

 

et dites nous comment se comporte le pc,svp.

[Invité aurelie]

Alors à premiere vue je n'ai plus de pub non désirées!!

et voici le rapport demandé:

-->- Recherche:

 

C:\Documents and Settings\All Users\Menu Démarrer\Programmes\HijackThis: trouvé !

C:\Documents and Settings\All Users\Menu Démarrer\Programmes\HijackThis\HijackThis.lnk: trouvé !

C:\Documents and Settings\YJ\Bureau\HijackThis.lnk: trouvé !

C:\Documents and Settings\YJ\Bureau\Navilog1.exe: trouvé !

C:\Documents and Settings\YJ\Bureau\SmitFraudfix: trouvé !

C:\Documents and Settings\YJ\Bureau\monjack\HJTInstall.exe: trouvé !

C:\Program Files\Trend Micro\HijackThis: trouvé !

C:\Program Files\Trend Micro\HijackThis\HijackThis.exe: trouvé !

 

 

et j'en ai profité pr changé d'antivus j'ai mis antivir à la place d'avaast + 2 logiciel antispyware : ewido et malwarebytes à la place adaware.

 

voilou merci pour tout !