Votre question

Pubs en pop-under sous differents navigateurs (Resolu)

Tags :
  • Internet Explorer
  • Sécurité
Dernière réponse : dans Sécurité et virus
4 Octobre 2009 14:37:15

Bonjour.
J'ai deux problemes.

Primo:
Depuis quelques jours, internet explorer s'ouvre tout seul en affichant des pubs. J'ai remarque qu'il y a plusieurs processus Iexplorer en meme temps... Certaines fois, le noms des fenetre IE commencent par "CiD: " d'autres fois c'est "Adsserver", ou alors rien de special...

Deuxiemement:
J'avais aussi, mais depuis plus longtemps, des pubs qui s'affichent derriere mes pages internet, par un navigateur inconnu (petit logo vert, jaune, rouge et bleu...). Apres divers recherches basiques, j'ai eu l'intuition qu'a l'origine de ca etait un petit programme nommé difba.exe et localisé dans application data... Je l'ai supprimé et arreté le processus. Pour l'instant ca ne revient plus... Est ce que c'est bien de la que ca peut venir? est ce qu'il faut que je le suprime autrement?

Merci d'avance!!

Autres pages sur : pubs pop under differents navigateurs resolu

a b 8 Sécurité
4 Octobre 2009 21:50:17

Bonjour,

Télécharge Lop S&D.exe (d’ Eric 71) sur ton Bureau.

  • Double-clique sur le raccourci Lop S&D présent sur ton bureau (Si tu es sous Vista, clique droit -> exécuter en tant qu'admin)
  • Séléctionne la langue souhaitée , puis choisis l'Option 1 (Recherche)
  • Patiente jusqu'à la fin du scan
  • Poste le rapport généré (C:\lopR.txt)
    5 Octobre 2009 12:31:34

    Bonjour.

    D'abord, quelques petites precisions.
    Les fenetres de pub dans IExplorer ne s'ouvrent que quand IExplorer est utilisé.
    Le deuxieme probleme semble avoir ete resolu par la mise a la poubelle du .exe suspecté... j'espere que ca n'avait pas d'autre fonction.

    Le rapport:

    --------------------\\ Lop S&D 4.2.5-0 XP/Vista

    Microsoft Windows XP Édition familiale ( v5.1.2600 ) Service Pack 3
    X86-based PC ( Multiprocessor Free : Intel(R) Core(TM)2 CPU 6600 @ 2.40GHz )
    BIOS : Award Modular BIOS v6.00PG
    USER : DUPLANTIER ( Administrator )
    BOOT : Normal boot
    Antivirus : AVG Anti-Virus Free 8.5 (Activated)
    A:\ (USB)
    C:\ (Local Disk) - NTFS - Total:45 Go (Free:25 Go)
    D:\ (Local Disk) - NTFS - Total:234 Go (Free:214 Go)
    E:\ (CD or DVD)
    F:\ (USB)

    "C:\Lop SD" ( MAJ : 19-12-2008|23:40 )
    Option : [1] ( 05/10/2009|11:49 )

    --------------------\\ Listing des dossiers dans APPLIC~1

    [04/11/2006|19:18] C:\DOCUME~1\ADMINI~1\APPLIC~1\Microsoft

    [02/01/2009|11:23] C:\DOCUME~1\ALLUSE~1\APPLIC~1\{3276BE95_AF08_429F_A64F_CA64CB79BCF6}
    [14/04/2009|08:33] C:\DOCUME~1\ALLUSE~1\APPLIC~1\{83C91755-2546-441D-AC40-9A6B4B860800}
    [18/05/2008|09:58] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe
    [02/01/2009|11:20] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple
    [02/01/2009|11:22] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple Computer
    [18/08/2009|13:16] C:\DOCUME~1\ALLUSE~1\APPLIC~1\avg8
    [06/11/2006|21:47] C:\DOCUME~1\ALLUSE~1\APPLIC~1\CyberLink
    [12/08/2009|16:52] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Fighters
    [02/10/2009|16:21] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Google
    [27/09/2009|16:14] C:\DOCUME~1\ALLUSE~1\APPLIC~1\HP
    [27/09/2009|16:09] C:\DOCUME~1\ALLUSE~1\APPLIC~1\HP Product Assistant
    [21/02/2009|08:44] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Lavasoft
    [17/03/2009|14:25] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft
    [08/11/2006|21:35] C:\DOCUME~1\ALLUSE~1\APPLIC~1\NVIDIA
    [09/11/2006|16:05] C:\DOCUME~1\ALLUSE~1\APPLIC~1\nView_Profiles
    [01/10/2009|13:38] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Program Amen Blue Peak
    [28/09/2009|22:38] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Skype
    [09/12/2007|17:55] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Sony Ericsson
    [04/10/2009|08:07] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Spybot - Search & Destroy
    [09/12/2007|17:55] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Teleca
    [02/07/2007|16:27] C:\DOCUME~1\ALLUSE~1\APPLIC~1\TomTom
    [27/09/2009|16:16] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WEBREG
    [06/11/2006|14:13] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Genuine Advantage
    [15/05/2008|09:52] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WLInstaller

    [04/11/2006|19:18] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft

    [11/02/2008|09:12] C:\DOCUME~1\DUPLAN~1\APPLIC~1\Adobe
    [17/05/2008|12:17] C:\DOCUME~1\DUPLAN~1\APPLIC~1\AdobeUM
    [02/01/2009|11:23] C:\DOCUME~1\DUPLAN~1\APPLIC~1\Apple Computer
    [01/10/2009|13:38] C:\DOCUME~1\DUPLAN~1\APPLIC~1\Boobteamdupe
    [29/09/2009|12:31] C:\DOCUME~1\DUPLAN~1\APPLIC~1\Creative
    [27/07/2008|19:26] C:\DOCUME~1\DUPLAN~1\APPLIC~1\dvdcss
    [11/12/2007|12:21] C:\DOCUME~1\DUPLAN~1\APPLIC~1\Google
    [13/12/2006|18:34] C:\DOCUME~1\DUPLAN~1\APPLIC~1\Help
    [27/09/2009|16:18] C:\DOCUME~1\DUPLAN~1\APPLIC~1\HP
    [04/10/2009|17:30] C:\DOCUME~1\DUPLAN~1\APPLIC~1\HPAppData
    [09/11/2006|16:02] C:\DOCUME~1\DUPLAN~1\APPLIC~1\HTNetMeter
    [26/11/2006|20:25] C:\DOCUME~1\DUPLAN~1\APPLIC~1\Identities
    [02/07/2007|16:24] C:\DOCUME~1\DUPLAN~1\APPLIC~1\InstallShield
    [03/03/2007|18:46] C:\DOCUME~1\DUPLAN~1\APPLIC~1\iPodder
    [31/07/2009|19:01] C:\DOCUME~1\DUPLAN~1\APPLIC~1\IrfanView
    [21/02/2009|11:50] C:\DOCUME~1\DUPLAN~1\APPLIC~1\Lavasoft
    [08/11/2006|01:17] C:\DOCUME~1\DUPLAN~1\APPLIC~1\Macromedia
    [02/10/2009|13:49] C:\DOCUME~1\DUPLAN~1\APPLIC~1\Microsoft
    [17/12/2006|14:38] C:\DOCUME~1\DUPLAN~1\APPLIC~1\Mozilla
    [22/03/2007|20:00] C:\DOCUME~1\DUPLAN~1\APPLIC~1\MSNInstaller
    [23/04/2009|17:28] C:\DOCUME~1\DUPLAN~1\APPLIC~1\Real
    [05/10/2009|11:37] C:\DOCUME~1\DUPLAN~1\APPLIC~1\Skype
    [05/10/2009|07:02] C:\DOCUME~1\DUPLAN~1\APPLIC~1\skypePM
    [09/12/2007|17:56] C:\DOCUME~1\DUPLAN~1\APPLIC~1\Sony Ericsson
    [10/02/2008|15:38] C:\DOCUME~1\DUPLAN~1\APPLIC~1\SPAMfighter
    [02/10/2009|13:51] C:\DOCUME~1\DUPLAN~1\APPLIC~1\Spamihilator
    [29/05/2007|18:34] C:\DOCUME~1\DUPLAN~1\APPLIC~1\Sun
    [09/12/2007|18:23] C:\DOCUME~1\DUPLAN~1\APPLIC~1\Teleca
    [09/06/2009|17:35] C:\DOCUME~1\DUPLAN~1\APPLIC~1\vlc
    [27/09/2009|16:11] C:\DOCUME~1\DUPLAN~1\APPLIC~1\Yahoo!

    [24/01/2008|10:39] C:\DOCUME~1\INVIT~1\APPLIC~1\Google
    [24/01/2008|10:38] C:\DOCUME~1\INVIT~1\APPLIC~1\Identities
    [10/05/2009|07:23] C:\DOCUME~1\INVIT~1\APPLIC~1\Microsoft
    [24/01/2008|10:38] C:\DOCUME~1\INVIT~1\APPLIC~1\Real
    [24/01/2008|10:38] C:\DOCUME~1\INVIT~1\APPLIC~1\Sony Ericsson
    [24/01/2008|10:38] C:\DOCUME~1\INVIT~1\APPLIC~1\Teleca

    [10/05/2009|07:23] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft

    [10/05/2009|07:23] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft

    --------------------\\ Tâches planifiées dans C:\WINDOWS\tasks

    [05/10/2009 11:00][--ah-----] C:\WINDOWS\tasks\A6101CF3904F93FF.job
    [05/10/2009 07:01][--a------] C:\WINDOWS\tasks\SLOW-PCfighter.job
    [05/10/2009 08:34][--a------] C:\WINDOWS\tasks\Ad-Aware Update (Weekly).job
    [05/10/2009 07:00][--ah-----] C:\WINDOWS\tasks\SA.DAT
    [02/03/2006 14:00][-r-h-----] C:\WINDOWS\tasks\desktop.ini

    ( A6101CF3904F93FF.job )=( c:\docume~1\duplan~1\applic~1\boobte~1\campwarndata.exe )

    --------------------\\ Listing des dossiers dans C:\Program Files

    [01/06/2009|13:12] C:\Program Files\Adobe
    [06/11/2006|18:33] C:\Program Files\Ahead
    [04/11/2006|19:44] C:\Program Files\Analog Devices
    [02/01/2009|11:21] C:\Program Files\Apple Software Update
    [04/11/2006|19:48] C:\Program Files\ASUS WiFi-AP Solo
    [23/07/2008|10:09] C:\Program Files\AVG
    [18/12/2006|16:08] C:\Program Files\Black Isle
    [02/01/2009|11:22] C:\Program Files\Bonjour
    [01/10/2009|13:38] C:\Program Files\Boobteamdupe
    [19/09/2009|15:49] C:\Program Files\Browser Configuration Utility
    [08/11/2008|08:49] C:\Program Files\CeWe Color
    [04/11/2006|19:15] C:\Program Files\ComPlus Applications
    [18/12/2007|22:57] C:\Program Files\Creative
    [04/11/2006|20:08] C:\Program Files\CyberLink
    [20/09/2009|15:48] C:\Program Files\Digital Image Recovery
    [26/12/2006|13:35] C:\Program Files\Electronic Arts
    [29/09/2009|15:59] C:\Program Files\eMule
    [13/02/2008|13:19] C:\Program Files\Everest Poker
    [28/09/2009|22:38] C:\Program Files\Fichiers communs
    [19/09/2009|15:49] C:\Program Files\GIGABYTE
    [02/10/2009|16:21] C:\Program Files\Google
    [06/11/2006|19:10] C:\Program Files\Hewlett-Packard
    [15/12/2006|07:11] C:\Program Files\HooTech
    [27/09/2009|16:10] C:\Program Files\HP
    [24/04/2007|18:53] C:\Program Files\IKEA HomePlanner
    [03/03/2007|18:11] C:\Program Files\Illustrate
    [02/10/2009|14:34] C:\Program Files\InstallShield Installation Information
    [04/11/2006|19:30] C:\Program Files\Intel
    [30/07/2009|01:20] C:\Program Files\Internet Explorer
    [02/01/2009|11:22] C:\Program Files\iPod
    [18/03/2007|13:04] C:\Program Files\IrfanView
    [02/01/2009|11:23] C:\Program Files\iTunes
    [23/05/2009|10:52] C:\Program Files\Java
    [03/03/2007|17:44] C:\Program Files\Juice
    [08/09/2009|17:21] C:\Program Files\Kroll Ontrack
    [14/04/2009|08:33] C:\Program Files\Lavasoft
    [03/03/2007|18:04] C:\Program Files\Magic RM to MP3 Converter
    [04/11/2006|19:47] C:\Program Files\Marvell
    [17/09/2008|20:00] C:\Program Files\Messenger
    [13/04/2009|09:17] C:\Program Files\Microsoft
    [13/06/2008|20:02] C:\Program Files\Microsoft ActiveSync
    [04/11/2006|19:18] C:\Program Files\microsoft frontpage
    [23/01/2009|16:50] C:\Program Files\Microsoft Office
    [12/09/2009|07:39] C:\Program Files\Microsoft Silverlight
    [13/04/2009|09:16] C:\Program Files\Microsoft SQL Server Compact Edition
    [06/11/2006|17:56] C:\Program Files\Microsoft.NET
    [16/09/2008|09:20] C:\Program Files\Movie Maker
    [05/10/2009|11:46] C:\Program Files\Mozilla Firefox
    [15/08/2009|20:22] C:\Program Files\MSBuild
    [23/01/2009|16:50] C:\Program Files\MSECache
    [22/03/2007|20:00] C:\Program Files\MSN
    [04/11/2006|19:14] C:\Program Files\MSN Gaming Zone
    [10/12/2007|21:00] C:\Program Files\MSXML 4.0
    [16/09/2008|09:18] C:\Program Files\NetMeeting
    [06/11/2006|14:15] C:\Program Files\Old Messenger
    [04/11/2006|19:14] C:\Program Files\Online Services
    [12/08/2009|18:03] C:\Program Files\Outlook Express
    [18/09/2009|19:30] C:\Program Files\Paint.NET
    [02/01/2009|11:22] C:\Program Files\QuickTime
    [17/12/2006|16:34] C:\Program Files\Real
    [19/09/2009|15:54] C:\Program Files\Realtek
    [15/08/2009|20:22] C:\Program Files\Reference Assemblies
    [28/04/2009|12:27] C:\Program Files\Securitoo
    [04/11/2006|19:17] C:\Program Files\Services en ligne
    [28/09/2009|22:38] C:\Program Files\Skype
    [09/12/2007|17:54] C:\Program Files\Sony Ericsson
    [04/10/2009|07:30] C:\Program Files\Spybot - Search & Destroy
    [06/07/2007|07:36] C:\Program Files\TomTom HOME
    [04/11/2006|19:28] C:\Program Files\Uninstall Information
    [09/05/2009|10:51] C:\Program Files\VideoLAN
    [13/04/2009|09:17] C:\Program Files\Windows Live
    [13/04/2009|09:15] C:\Program Files\Windows Live SkyDrive
    [12/12/2006|20:42] C:\Program Files\Windows Media Connect 2
    [15/04/2009|08:40] C:\Program Files\Windows Media Player
    [16/09/2008|09:17] C:\Program Files\Windows NT
    [04/11/2006|19:17] C:\Program Files\WindowsUpdate
    [17/12/2006|23:34] C:\Program Files\WinRAR
    [09/11/2006|19:56] C:\Program Files\WinZip
    [04/11/2006|19:18] C:\Program Files\xerox
    [02/10/2009|15:41] C:\Program Files\Yahoo!

    --------------------\\ Listing des dossiers dans C:\Program Files\Fichiers communs

    [01/06/2009|13:12] C:\Program Files\Fichiers communs\Adobe
    [06/11/2006|18:33] C:\Program Files\Fichiers communs\Ahead
    [02/10/2009|15:39] C:\Program Files\Fichiers communs\Apple
    [06/11/2006|17:58] C:\Program Files\Fichiers communs\DESIGNER
    [28/04/2009|12:25] C:\Program Files\Fichiers communs\France Telecom
    [27/09/2009|16:07] C:\Program Files\Fichiers communs\Hewlett-Packard
    [27/09/2009|16:08] C:\Program Files\Fichiers communs\HP
    [04/11/2006|19:48] C:\Program Files\Fichiers communs\InstallShield
    [29/05/2007|18:33] C:\Program Files\Fichiers communs\Java
    [06/11/2006|18:34] C:\Program Files\Fichiers communs\LightScribe
    [05/03/2009|23:34] C:\Program Files\Fichiers communs\Microsoft Shared
    [04/11/2006|19:16] C:\Program Files\Fichiers communs\MSSoap
    [06/11/2006|18:35] C:\Program Files\Fichiers communs\Nero
    [04/11/2006|19:58] C:\Program Files\Fichiers communs\ODBC
    [23/04/2009|17:27] C:\Program Files\Fichiers communs\Real
    [04/11/2006|19:16] C:\Program Files\Fichiers communs\Services
    [28/09/2009|22:38] C:\Program Files\Fichiers communs\Skype
    [09/12/2007|17:55] C:\Program Files\Fichiers communs\Sony Ericsson Shared
    [04/11/2006|19:58] C:\Program Files\Fichiers communs\SpeechEngines
    [16/09/2008|09:34] C:\Program Files\Fichiers communs\System
    [09/12/2007|17:55] C:\Program Files\Fichiers communs\Teleca Shared
    [01/06/2009|13:12] C:\Program Files\Fichiers communs\Vbox
    [17/03/2009|14:25] C:\Program Files\Fichiers communs\Windows Live
    [14/05/2008|09:42] C:\Program Files\Fichiers communs\WindowsLiveInstaller
    [23/04/2009|17:27] C:\Program Files\Fichiers communs\xing shared

    --------------------\\ Process

    ( 72 Processes )

    IEXPLORE.EXE ~ [PID:3056]
    IEXPLORE.EXE ~ [PID:3612]
    iexplore.exe ~ [PID:4064]
    IEXPLORE.EXE ~ [PID:4572]

    --------------------\\ Recherche avec S_Lop

    C:\DOCUME~1\DUPLAN~1\APPLIC~1\BOOBTE~1
    C:\DOCUME~1\DUPLAN~1\APPLIC~1\BOOBTE~1\campwarndata.exe
    C:\DOCUME~1\DUPLAN~1\APPLIC~1\BOOBTE~1\mapimessref.exe
    C:\DOCUME~1\DUPLAN~1\APPLIC~1\BOOBTE~1\ufntqaye.exe

    --------------------\\ Recherche de Fichiers / Dossiers Lop

    C:\DOCUME~1\DUPLAN~1\APPLIC~1\boobte~1
    C:\DOCUME~1\DUPLAN~1\APPLIC~1\boobte~1\campwarndata.exe
    C:\DOCUME~1\DUPLAN~1\APPLIC~1\boobte~1\mapimessref.exe
    C:\DOCUME~1\DUPLAN~1\APPLIC~1\boobte~1\ufntqaye.exe
    C:\Program Files\boobte~1
    C:\DOCUME~1\DUPLAN~1\MENUDM~1\PROGRA~1\3wPlayer
    C:\DOCUME~1\DUPLAN~1\MENUDM~1\PROGRA~1\3wPlayer\3wPlayer.lnk
    C:\DOCUME~1\DUPLAN~1\MENUDM~1\PROGRA~1\3wPlayer\HomePage.lnk
    C:\DOCUME~1\DUPLAN~1\MENUDM~1\PROGRA~1\3wPlayer\Uninstall.lnk
    C:\DOCUME~1\DUPLAN~1\Cookies\duplantier@advertstream[1].txt
    C:\DOCUME~1\DUPLAN~1\Cookies\duplantier@d2.advertserve[1].txt
    C:\DOCUME~1\DUPLAN~1\Cookies\duplantier@foreignpolicy.advertserve[1].txt
    C:\DOCUME~1\DUPLAN~1\Cookies\duplantier@install.3wplayer[2].txt
    C:\DOCUME~1\DUPLAN~1\Cookies\duplantier@www.adserver5[1].txt
    C:\DOCUME~1\DUPLAN~1\Cookies\duplantier@adin.bigpoint[2].txt
    C:\DOCUME~1\DUPLAN~1\Cookies\duplantier@bigpoint[1].txt
    C:\DOCUME~1\DUPLAN~1\Cookies\duplantier@fr.darkorbit.bigpoint[2].txt
    C:\DOCUME~1\DUPLAN~1\Cookies\duplantier@fr.seafight.bigpoint[1].txt
    C:\DOCUME~1\DUPLAN~1\Cookies\duplantier@fr.thepimps.bigpoint[2].txt
    C:\DOCUME~1\DUPLAN~1\Cookies\duplantier@fr1.seafight.bigpoint[2].txt
    C:\DOCUME~1\DUPLAN~1\Cookies\duplantier@thepimps.bigpoint[2].txt
    C:\DOCUME~1\DUPLAN~1\Cookies\duplantier@banner.cotedazurpalace[2].txt
    C:\DOCUME~1\DUPLAN~1\Cookies\duplantier@cotedazurpalace[1].txt
    C:\DOCUME~1\DUPLAN~1\Cookies\duplantier@www.cotedazurpalace[1].txt
    C:\DOCUME~1\DUPLAN~1\Cookies\duplantier@partypoker[2].txt
    C:\DOCUME~1\DUPLAN~1\Cookies\duplantier@fr.seafight.bigpoint[1].txt
    C:\DOCUME~1\DUPLAN~1\Cookies\duplantier@fr1.seafight.bigpoint[2].txt
    C:\DOCUME~1\DUPLAN~1\Cookies\duplantier@32vegas[2].txt
    C:\DOCUME~1\DUPLAN~1\Cookies\duplantier@banner.32vegas[2].txt
    C:\DOCUME~1\DUPLAN~1\Cookies\duplantier@2xmoinscher[1].txt
    C:\DOCUME~1\DUPLAN~1\Cookies\duplantier@cc.2xmoinscher[2].txt
    C:\DOCUME~1\DUPLAN~1\Cookies\duplantier@www.2xmoinscher[2].txt
    C:\WINDOWS\Tasks\A6101CF3904F93FF.job

    --------------------\\ Verification du Registre

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Dent Hold 1]
    "DisplayName"="CiD Help"
    "UninstallString"="C:\\DOCUME~1\\DUPLAN~1\\APPLIC~1\\BOOBTE~1\\mapimessref.exe -uninstall"

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "FIVE THUNK"="C:\\DOCUME~1\\DUPLAN~1\\APPLIC~1\\BOOBTE~1\\mapimessref.exe"
    "FIVE THUNK"="C:\\DOCUME~1\\DUPLAN~1\\APPLIC~1\\BOOBTE~1\\mapimessref.exe"

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

    --------------------\\ Verification du fichier Hosts

    Fichier Hosts PROPRE


    --------------------\\ Recherche de fichiers avec Catchme

    catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
    Rootkit scan 2009-10-05 11:49:48
    Windows 5.1.2600 Service Pack 3 NTFS
    scanning hidden processes ...
    scanning hidden files ...
    scan completed successfully
    hidden processes: 0
    hidden files: 100

    --------------------\\ Recherche d'autres infections

    --------------------\\ Cracks & Keygens ..

    C:\DOCUME~1\DUPLAN~1\Application Data\vlc\art\title\hail! hail! rock'n roll No serial(crack).avi
    C:\DOCUME~1\DUPLAN~1\Application Data\vlc\art\title\hail! hail! rock'n roll No serial(crack).avi\art.jpg


    [F:81][D:230]-> C:\DOCUME~1\DUPLAN~1\LOCALS~1\Temp
    [F:2398][D:0]-> C:\DOCUME~1\DUPLAN~1\Cookies
    [F:37884][D:49]-> C:\DOCUME~1\DUPLAN~1\LOCALS~1\TEMPOR~1\content.IE5

    1 - "C:\Lop SD\LopR_1.txt" - 05/10/2009|11:57 - Option : [1]

    --------------------\\ Fin du rapport a 11:57:09


    Merci.
    Contenus similaires
    a b 8 Sécurité
    6 Octobre 2009 21:48:58

    re,

    Relance Lop S&D.

  • Choisis cette fois ci l'Option 2 (Suppression)
    [#ff0000]! Ne ferme pas la fenêtre lors de la suppression ! [/#f]
  • Poste le rapport généré (C:\lopR.txt)
    7 Octobre 2009 07:32:34

    Salut Angeldark
    Merci encore

    Le rapport:

    --------------------\\ Lop S&D 4.2.5-0 XP/Vista

    Microsoft Windows XP Édition familiale ( v5.1.2600 ) Service Pack 3
    X86-based PC ( Multiprocessor Free : Intel(R) Core(TM)2 CPU 6600 @ 2.40GHz )
    BIOS : Award Modular BIOS v6.00PG
    USER : DUPLANTIER ( Administrator )
    BOOT : Normal boot
    Antivirus : AVG Anti-Virus Free 8.5 (Activated)
    A:\ (USB)
    C:\ (Local Disk) - NTFS - Total:45 Go (Free:25 Go)
    D:\ (Local Disk) - NTFS - Total:234 Go (Free:214 Go)
    E:\ (CD or DVD)
    F:\ (USB)

    "C:\Lop SD" ( MAJ : 19-12-2008|23:40 )
    Option : [2] ( 07/10/2009| 7:05 )


    \\\\\\\\\\\\\\\\\\\\\\\\\\\\\\ SUPPRESSION

    Supprime! - C:\DOCUME~1\DUPLAN~1\APPLIC~1\boobte~1\campwarndata.exe
    Supprime! - C:\DOCUME~1\DUPLAN~1\APPLIC~1\boobte~1\mapimessref.exe
    Supprime! - C:\DOCUME~1\DUPLAN~1\APPLIC~1\boobte~1\ufntqaye.exe
    Supprime! - C:\DOCUME~1\DUPLAN~1\MENUDM~1\PROGRA~1\3wPlayer\3wPlayer.lnk
    Supprime! - C:\DOCUME~1\DUPLAN~1\MENUDM~1\PROGRA~1\3wPlayer\HomePage.lnk
    Supprime! - C:\DOCUME~1\DUPLAN~1\MENUDM~1\PROGRA~1\3wPlayer\Uninstall.lnk
    Supprime! - C:\DOCUME~1\DUPLAN~1\Cookies\duplantier@advertstream[1].txt
    Supprime! - C:\DOCUME~1\DUPLAN~1\Cookies\duplantier@d2.advertserve[1].txt
    Supprime! - C:\DOCUME~1\DUPLAN~1\Cookies\duplantier@foreignpolicy.advertserve[1].txt
    Supprime! - C:\DOCUME~1\DUPLAN~1\Cookies\duplantier@install.3wplayer[2].txt
    Supprime! - C:\DOCUME~1\DUPLAN~1\Cookies\duplantier@www.adserver5[1].txt
    Supprime! - C:\DOCUME~1\DUPLAN~1\Cookies\duplantier@adin.bigpoint[2].txt
    Supprime! - C:\DOCUME~1\DUPLAN~1\Cookies\duplantier@bigpoint[1].txt
    Supprime! - C:\DOCUME~1\DUPLAN~1\Cookies\duplantier@fr.darkorbit.bigpoint[2].txt
    Supprime! - C:\DOCUME~1\DUPLAN~1\Cookies\duplantier@fr.seafight.bigpoint[1].txt
    Supprime! - C:\DOCUME~1\DUPLAN~1\Cookies\duplantier@fr.thepimps.bigpoint[2].txt
    Supprime! - C:\DOCUME~1\DUPLAN~1\Cookies\duplantier@fr1.seafight.bigpoint[2].txt
    Supprime! - C:\DOCUME~1\DUPLAN~1\Cookies\duplantier@banner.cotedazurpalace[2].txt
    Supprime! - C:\DOCUME~1\DUPLAN~1\Cookies\duplantier@cotedazurpalace[1].txt
    Supprime! - C:\DOCUME~1\DUPLAN~1\Cookies\duplantier@www.cotedazurpalace[1].txt
    Supprime! - C:\DOCUME~1\DUPLAN~1\Cookies\duplantier@32vegas[2].txt
    Supprime! - C:\DOCUME~1\DUPLAN~1\Cookies\duplantier@banner.32vegas[2].txt
    Supprime! - C:\DOCUME~1\DUPLAN~1\Cookies\duplantier@2xmoinscher[1].txt
    Supprime! - C:\DOCUME~1\DUPLAN~1\Cookies\duplantier@cc.2xmoinscher[2].txt
    Supprime! - C:\DOCUME~1\DUPLAN~1\Cookies\duplantier@www.2xmoinscher[2].txt
    Supprime! - C:\WINDOWS\Tasks\A6101CF3904F93FF.job
    Supprime! - C:\DOCUME~1\DUPLAN~1\APPLIC~1\boobte~1
    Supprime! - C:\Program Files\boobte~1
    Supprime! - C:\DOCUME~1\DUPLAN~1\MENUDM~1\PROGRA~1\3wPlayer

    \\\\\\\\\\\\\\\\\\\\\\\\\\\\\\


    --------------------\\ Listing des dossiers dans APPLIC~1

    [04/11/2006|19:18] C:\DOCUME~1\ADMINI~1\APPLIC~1\Microsoft

    [02/01/2009|11:23] C:\DOCUME~1\ALLUSE~1\APPLIC~1\{3276BE95_AF08_429F_A64F_CA64CB79BCF6}
    [14/04/2009|08:33] C:\DOCUME~1\ALLUSE~1\APPLIC~1\{83C91755-2546-441D-AC40-9A6B4B860800}
    [18/05/2008|09:58] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe
    [02/01/2009|11:20] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple
    [02/01/2009|11:22] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple Computer
    [18/08/2009|13:16] C:\DOCUME~1\ALLUSE~1\APPLIC~1\avg8
    [06/11/2006|21:47] C:\DOCUME~1\ALLUSE~1\APPLIC~1\CyberLink
    [12/08/2009|16:52] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Fighters
    [06/10/2009|11:04] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Google
    [27/09/2009|16:14] C:\DOCUME~1\ALLUSE~1\APPLIC~1\HP
    [27/09/2009|16:09] C:\DOCUME~1\ALLUSE~1\APPLIC~1\HP Product Assistant
    [21/02/2009|08:44] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Lavasoft
    [05/10/2009|18:04] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft
    [08/11/2006|21:35] C:\DOCUME~1\ALLUSE~1\APPLIC~1\NVIDIA
    [09/11/2006|16:05] C:\DOCUME~1\ALLUSE~1\APPLIC~1\nView_Profiles
    [01/10/2009|13:38] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Program Amen Blue Peak
    [28/09/2009|22:38] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Skype
    [09/12/2007|17:55] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Sony Ericsson
    [04/10/2009|08:07] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Spybot - Search & Destroy
    [09/12/2007|17:55] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Teleca
    [02/07/2007|16:27] C:\DOCUME~1\ALLUSE~1\APPLIC~1\TomTom
    [27/09/2009|16:16] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WEBREG
    [06/11/2006|14:13] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Genuine Advantage
    [15/05/2008|09:52] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WLInstaller

    [04/11/2006|19:18] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft

    [11/02/2008|09:12] C:\DOCUME~1\DUPLAN~1\APPLIC~1\Adobe
    [17/05/2008|12:17] C:\DOCUME~1\DUPLAN~1\APPLIC~1\AdobeUM
    [02/01/2009|11:23] C:\DOCUME~1\DUPLAN~1\APPLIC~1\Apple Computer
    [29/09/2009|12:31] C:\DOCUME~1\DUPLAN~1\APPLIC~1\Creative
    [27/07/2008|19:26] C:\DOCUME~1\DUPLAN~1\APPLIC~1\dvdcss
    [11/12/2007|12:21] C:\DOCUME~1\DUPLAN~1\APPLIC~1\Google
    [13/12/2006|18:34] C:\DOCUME~1\DUPLAN~1\APPLIC~1\Help
    [06/10/2009|16:08] C:\DOCUME~1\DUPLAN~1\APPLIC~1\HP
    [06/10/2009|14:51] C:\DOCUME~1\DUPLAN~1\APPLIC~1\HPAppData
    [09/11/2006|16:02] C:\DOCUME~1\DUPLAN~1\APPLIC~1\HTNetMeter
    [26/11/2006|20:25] C:\DOCUME~1\DUPLAN~1\APPLIC~1\Identities
    [02/07/2007|16:24] C:\DOCUME~1\DUPLAN~1\APPLIC~1\InstallShield
    [03/03/2007|18:46] C:\DOCUME~1\DUPLAN~1\APPLIC~1\iPodder
    [31/07/2009|19:01] C:\DOCUME~1\DUPLAN~1\APPLIC~1\IrfanView
    [21/02/2009|11:50] C:\DOCUME~1\DUPLAN~1\APPLIC~1\Lavasoft
    [08/11/2006|01:17] C:\DOCUME~1\DUPLAN~1\APPLIC~1\Macromedia
    [05/10/2009|18:04] C:\DOCUME~1\DUPLAN~1\APPLIC~1\Microsoft
    [17/12/2006|14:38] C:\DOCUME~1\DUPLAN~1\APPLIC~1\Mozilla
    [22/03/2007|20:00] C:\DOCUME~1\DUPLAN~1\APPLIC~1\MSNInstaller
    [23/04/2009|17:28] C:\DOCUME~1\DUPLAN~1\APPLIC~1\Real
    [07/10/2009|07:01] C:\DOCUME~1\DUPLAN~1\APPLIC~1\Skype
    [07/10/2009|06:37] C:\DOCUME~1\DUPLAN~1\APPLIC~1\skypePM
    [09/12/2007|17:56] C:\DOCUME~1\DUPLAN~1\APPLIC~1\Sony Ericsson
    [10/02/2008|15:38] C:\DOCUME~1\DUPLAN~1\APPLIC~1\SPAMfighter
    [02/10/2009|13:51] C:\DOCUME~1\DUPLAN~1\APPLIC~1\Spamihilator
    [29/05/2007|18:34] C:\DOCUME~1\DUPLAN~1\APPLIC~1\Sun
    [09/12/2007|18:23] C:\DOCUME~1\DUPLAN~1\APPLIC~1\Teleca
    [09/06/2009|17:35] C:\DOCUME~1\DUPLAN~1\APPLIC~1\vlc
    [27/09/2009|16:11] C:\DOCUME~1\DUPLAN~1\APPLIC~1\Yahoo!

    [24/01/2008|10:39] C:\DOCUME~1\INVIT~1\APPLIC~1\Google
    [24/01/2008|10:38] C:\DOCUME~1\INVIT~1\APPLIC~1\Identities
    [10/05/2009|07:23] C:\DOCUME~1\INVIT~1\APPLIC~1\Microsoft
    [24/01/2008|10:38] C:\DOCUME~1\INVIT~1\APPLIC~1\Real
    [24/01/2008|10:38] C:\DOCUME~1\INVIT~1\APPLIC~1\Sony Ericsson
    [24/01/2008|10:38] C:\DOCUME~1\INVIT~1\APPLIC~1\Teleca

    [10/05/2009|07:23] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft

    [10/05/2009|07:23] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft

    --------------------\\ Tâches planifiées dans C:\WINDOWS\tasks

    [07/10/2009 06:35][--a------] C:\WINDOWS\tasks\SLOW-PCfighter.job
    [06/10/2009 08:34][--a------] C:\WINDOWS\tasks\Ad-Aware Update (Weekly).job
    [07/10/2009 06:35][--ah-----] C:\WINDOWS\tasks\SA.DAT
    [02/03/2006 14:00][-r-h-----] C:\WINDOWS\tasks\desktop.ini

    --------------------\\ Listing des dossiers dans C:\Program Files

    [01/06/2009|13:12] C:\Program Files\Adobe
    [06/11/2006|18:33] C:\Program Files\Ahead
    [04/11/2006|19:44] C:\Program Files\Analog Devices
    [02/01/2009|11:21] C:\Program Files\Apple Software Update
    [04/11/2006|19:48] C:\Program Files\ASUS WiFi-AP Solo
    [23/07/2008|10:09] C:\Program Files\AVG
    [18/12/2006|16:08] C:\Program Files\Black Isle
    [02/01/2009|11:22] C:\Program Files\Bonjour
    [19/09/2009|15:49] C:\Program Files\Browser Configuration Utility
    [08/11/2008|08:49] C:\Program Files\CeWe Color
    [04/11/2006|19:15] C:\Program Files\ComPlus Applications
    [18/12/2007|22:57] C:\Program Files\Creative
    [04/11/2006|20:08] C:\Program Files\CyberLink
    [20/09/2009|15:48] C:\Program Files\Digital Image Recovery
    [26/12/2006|13:35] C:\Program Files\Electronic Arts
    [29/09/2009|15:59] C:\Program Files\eMule
    [13/02/2008|13:19] C:\Program Files\Everest Poker
    [28/09/2009|22:38] C:\Program Files\Fichiers communs
    [19/09/2009|15:49] C:\Program Files\GIGABYTE
    [06/10/2009|11:04] C:\Program Files\Google
    [06/11/2006|19:10] C:\Program Files\Hewlett-Packard
    [15/12/2006|07:11] C:\Program Files\HooTech
    [27/09/2009|16:10] C:\Program Files\HP
    [24/04/2007|18:53] C:\Program Files\IKEA HomePlanner
    [03/03/2007|18:11] C:\Program Files\Illustrate
    [02/10/2009|14:34] C:\Program Files\InstallShield Installation Information
    [04/11/2006|19:30] C:\Program Files\Intel
    [30/07/2009|01:20] C:\Program Files\Internet Explorer
    [02/01/2009|11:22] C:\Program Files\iPod
    [18/03/2007|13:04] C:\Program Files\IrfanView
    [02/01/2009|11:23] C:\Program Files\iTunes
    [23/05/2009|10:52] C:\Program Files\Java
    [03/03/2007|17:44] C:\Program Files\Juice
    [08/09/2009|17:21] C:\Program Files\Kroll Ontrack
    [14/04/2009|08:33] C:\Program Files\Lavasoft
    [03/03/2007|18:04] C:\Program Files\Magic RM to MP3 Converter
    [04/11/2006|19:47] C:\Program Files\Marvell
    [17/09/2008|20:00] C:\Program Files\Messenger
    [13/04/2009|09:17] C:\Program Files\Microsoft
    [13/06/2008|20:02] C:\Program Files\Microsoft ActiveSync
    [04/11/2006|19:18] C:\Program Files\microsoft frontpage
    [23/01/2009|16:50] C:\Program Files\Microsoft Office
    [12/09/2009|07:39] C:\Program Files\Microsoft Silverlight
    [13/04/2009|09:16] C:\Program Files\Microsoft SQL Server Compact Edition
    [06/11/2006|17:56] C:\Program Files\Microsoft.NET
    [16/09/2008|09:20] C:\Program Files\Movie Maker
    [07/10/2009|06:57] C:\Program Files\Mozilla Firefox
    [15/08/2009|20:22] C:\Program Files\MSBuild
    [23/01/2009|16:50] C:\Program Files\MSECache
    [22/03/2007|20:00] C:\Program Files\MSN
    [04/11/2006|19:14] C:\Program Files\MSN Gaming Zone
    [10/12/2007|21:00] C:\Program Files\MSXML 4.0
    [16/09/2008|09:18] C:\Program Files\NetMeeting
    [06/11/2006|14:15] C:\Program Files\Old Messenger
    [04/11/2006|19:14] C:\Program Files\Online Services
    [12/08/2009|18:03] C:\Program Files\Outlook Express
    [18/09/2009|19:30] C:\Program Files\Paint.NET
    [02/01/2009|11:22] C:\Program Files\QuickTime
    [17/12/2006|16:34] C:\Program Files\Real
    [19/09/2009|15:54] C:\Program Files\Realtek
    [15/08/2009|20:22] C:\Program Files\Reference Assemblies
    [28/04/2009|12:27] C:\Program Files\Securitoo
    [04/11/2006|19:17] C:\Program Files\Services en ligne
    [28/09/2009|22:38] C:\Program Files\Skype
    [09/12/2007|17:54] C:\Program Files\Sony Ericsson
    [04/10/2009|07:30] C:\Program Files\Spybot - Search & Destroy
    [06/07/2007|07:36] C:\Program Files\TomTom HOME
    [04/11/2006|19:28] C:\Program Files\Uninstall Information
    [09/05/2009|10:51] C:\Program Files\VideoLAN
    [13/04/2009|09:17] C:\Program Files\Windows Live
    [05/10/2009|18:40] C:\Program Files\Windows Live Safety Center
    [13/04/2009|09:15] C:\Program Files\Windows Live SkyDrive
    [12/12/2006|20:42] C:\Program Files\Windows Media Connect 2
    [15/04/2009|08:40] C:\Program Files\Windows Media Player
    [16/09/2008|09:17] C:\Program Files\Windows NT
    [04/11/2006|19:17] C:\Program Files\WindowsUpdate
    [17/12/2006|23:34] C:\Program Files\WinRAR
    [09/11/2006|19:56] C:\Program Files\WinZip
    [04/11/2006|19:18] C:\Program Files\xerox
    [02/10/2009|15:41] C:\Program Files\Yahoo!

    --------------------\\ Listing des dossiers dans C:\Program Files\Fichiers communs

    [01/06/2009|13:12] C:\Program Files\Fichiers communs\Adobe
    [06/11/2006|18:33] C:\Program Files\Fichiers communs\Ahead
    [02/10/2009|15:39] C:\Program Files\Fichiers communs\Apple
    [06/11/2006|17:58] C:\Program Files\Fichiers communs\DESIGNER
    [28/04/2009|12:25] C:\Program Files\Fichiers communs\France Telecom
    [27/09/2009|16:07] C:\Program Files\Fichiers communs\Hewlett-Packard
    [27/09/2009|16:08] C:\Program Files\Fichiers communs\HP
    [04/11/2006|19:48] C:\Program Files\Fichiers communs\InstallShield
    [29/05/2007|18:33] C:\Program Files\Fichiers communs\Java
    [06/11/2006|18:34] C:\Program Files\Fichiers communs\LightScribe
    [05/03/2009|23:34] C:\Program Files\Fichiers communs\Microsoft Shared
    [04/11/2006|19:16] C:\Program Files\Fichiers communs\MSSoap
    [06/11/2006|18:35] C:\Program Files\Fichiers communs\Nero
    [04/11/2006|19:58] C:\Program Files\Fichiers communs\ODBC
    [23/04/2009|17:27] C:\Program Files\Fichiers communs\Real
    [04/11/2006|19:16] C:\Program Files\Fichiers communs\Services
    [28/09/2009|22:38] C:\Program Files\Fichiers communs\Skype
    [09/12/2007|17:55] C:\Program Files\Fichiers communs\Sony Ericsson Shared
    [04/11/2006|19:58] C:\Program Files\Fichiers communs\SpeechEngines
    [16/09/2008|09:34] C:\Program Files\Fichiers communs\System
    [09/12/2007|17:55] C:\Program Files\Fichiers communs\Teleca Shared
    [01/06/2009|13:12] C:\Program Files\Fichiers communs\Vbox
    [17/03/2009|14:25] C:\Program Files\Fichiers communs\Windows Live
    [14/05/2008|09:42] C:\Program Files\Fichiers communs\WindowsLiveInstaller
    [23/04/2009|17:27] C:\Program Files\Fichiers communs\xing shared

    --------------------\\ Process

    ( 68 Processes )

    ... OK !

    --------------------\\ Recherche avec S_Lop

    Aucun fichier / dossier Lop trouvé !

    --------------------\\ Recherche de Fichiers / Dossiers Lop

    C:\DOCUME~1\DUPLAN~1\Cookies\duplantier@thepimps.bigpoint[1].txt
    C:\DOCUME~1\DUPLAN~1\Cookies\duplantier@partypoker[1].txt

    --------------------\\ Verification du Registre

    ..... OK !

    --------------------\\ Verification du fichier Hosts

    Fichier Hosts PROPRE


    --------------------\\ Recherche de fichiers avec Catchme

    catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
    Rootkit scan 2009-10-07 07:05:58
    Windows 5.1.2600 Service Pack 3 NTFS
    scanning hidden processes ...
    scanning hidden files ...
    scan completed successfully
    hidden processes: 0
    hidden files: 100

    --------------------\\ Recherche d'autres infections

    --------------------\\ Cracks & Keygens ..

    C:\DOCUME~1\DUPLAN~1\Application Data\vlc\art\title\hail! hail! rock'n roll No serial(crack).avi
    C:\DOCUME~1\DUPLAN~1\Application Data\vlc\art\title\hail! hail! rock'n roll No serial(crack).avi\art.jpg


    [F:62][D:238]-> C:\DOCUME~1\DUPLAN~1\LOCALS~1\Temp
    [F:2404][D:0]-> C:\DOCUME~1\DUPLAN~1\Cookies
    [F:17437][D:47]-> C:\DOCUME~1\DUPLAN~1\LOCALS~1\TEMPOR~1\content.IE5

    1 - "C:\Lop SD\LopR_1.txt" - 05/10/2009|11:57 - Option : [1]
    2 - "C:\Lop SD\LopR_2.txt" - 07/10/2009| 7:08 - Option : [2]

    --------------------\\ Fin du rapport a 7:08:25




    8 Octobre 2009 08:15:47

    Merci infiniment Angeldark
    Le résultat est positif: plus de ces entrées intempestives...
    Many thanks again

    Good Luck
    a b 8 Sécurité
    8 Octobre 2009 20:41:46

    Pars pas tout de suite :D 
    Supprime tes cracks et cie.

    Télécharge MalwareByte's Anti-Malware sur ton Bureau.

  • Installe-le en double-cliquant sur le fichier Download_mbam-setup.exe.
  • Exécute maintenant MalwareByte's Anti-Malware. Si cela n'est pas déjà fait, sélectionne "Exécuter un examen complet".
  • Afin de lancer la recherche, clic sur"Rechercher".
  • Une fois le scan terminé, une fenêtre s'ouvre, clic sur OK. Deux possibilités s'offrent à toi :

    ~ Si le programme n'a rien trouvé, appuie sur OK. Un rapport va apparaître, ferme-le.
    ~~ Si des infections sont présentes, clic sur "Afficher les résultats" puis sur "Supprimer la sélection". Enregistre le rapport sur ton Bureau.
    ~~~~ Fais redémarrer ton ordinateur normalement et poste le rapport dans ta prochaine réponse.

    REMARQUE : Si MalwareByte's Anti-Malware a besoin de redémarrer pour terminer la suppression, accepte en cliquant sur Ok.[/#f]

    Note : Si tu ne parviens à télécharger MBAM à part de MajorGeeks, tu peux le télécharger ici!

    [#FF0000]Aide
    :
  • Comment utiliser MBAM.
  • Comment faire démarrer son ordinateur en mode sans échec.
    9 Octobre 2009 14:21:28

    OK
    J'ai fait la manip. C'est vrai que ce matin, de nouveau apparaissaient des pop under indésirables. Arrrrrhhhh !
    Je viens donc de faire la manip indiquée. Voilà le rapport:

    Malwarebytes' Anti-Malware 1.41
    Version de la base de données: 2928
    Windows 5.1.2600 Service Pack 3

    09/10/2009 14:09:31
    mbam-log-2009-10-09 (14-09-21).txt

    Type de recherche: Examen complet (A:\|C:\|D:\|E:\|F:\|)
    Eléments examinés: 244999
    Temps écoulé: 1 hour(s), 31 minute(s), 21 second(s)

    Processus mémoire infecté(s): 0
    Module(s) mémoire infecté(s): 0
    Clé(s) du Registre infectée(s): 1
    Valeur(s) du Registre infectée(s): 0
    Elément(s) de données du Registre infecté(s): 0
    Dossier(s) infecté(s): 0
    Fichier(s) infecté(s): 0

    Processus mémoire infecté(s):
    (Aucun élément nuisible détecté)

    Module(s) mémoire infecté(s):
    (Aucun élément nuisible détecté)

    Clé(s) du Registre infectée(s):
    HKEY_CURRENT_USER\SOFTWARE\fcn (Rogue.Residue) -> No action taken.

    Valeur(s) du Registre infectée(s):
    (Aucun élément nuisible détecté)

    Elément(s) de données du Registre infecté(s):
    (Aucun élément nuisible détecté)

    Dossier(s) infecté(s):
    (Aucun élément nuisible détecté)

    Fichier(s) infecté(s):
    (Aucun élément nuisible détecté)

    Amicalement
    Smaksing
    9 Octobre 2009 18:26:51

    Et ce soir, ça recommence, après la manip décrite ci dessus. Help!!
    a b 8 Sécurité
    10 Octobre 2009 19:46:58

    Re,

    Télécharge Hijackthis (de Trend Micro) sur ton Bureau.

  • Double clique sur HJTInstall.exe pour lancer l'installation.
  • Clique sur Install.
  • Double clique sur le raccourci d'HijackThis qui vient d'être créé pour le lancer. (Clique droit -> lancer en tant qu'admin si sous Vista)
  • Accepte la licence en cliquant sur Yes.
  • Clique sur Do a system scan and save a logfile.
  • Poste ici le rapport généré.

    Note : Le rapport se trouve également ici : C:\Program Files\Trend Micro\Hijackthis\Hijackthis.log

    Aide : Comment utiliser HijackThis.
    10 Octobre 2009 23:46:19

    Ok
    Le rapport:
    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 23:44:46, on 10/10/2009
    Platform: Windows XP SP3 (WinNT 5.01.2600)
    MSIE: Internet Explorer v7.00 (7.00.6000.16876)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
    C:\Program Files\Bonjour\mDNSResponder.exe
    C:\WINDOWS\system32\CTsvcCDA.exe
    C:\Program Files\GIGABYTE\EnergySaver\GSvr.exe
    C:\WINDOWS\system32\svchost.exe
    C:\Program Files\Java\jre6\bin\jqs.exe
    C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
    C:\WINDOWS\system32\nvsvc32.exe
    C:\PROGRA~1\AVG\AVG8\avgrsx.exe
    C:\PROGRA~1\AVG\AVG8\avgnsx.exe
    C:\WINDOWS\system32\svchost.exe
    C:\PROGRA~1\AVG\AVG8\avgemc.exe
    C:\Program Files\AVG\AVG8\avgcsrvx.exe
    C:\Program Files\AVG\AVG8\avgcsrvx.exe
    C:\WINDOWS\system32\wbem\wmiapsrv.exe
    C:\WINDOWS\Explorer.EXE
    C:\Program Files\Analog Devices\SoundMAX\Smax4.exe
    C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
    C:\Program Files\Java\jre6\bin\jusched.exe
    C:\WINDOWS\system32\rundll32.exe
    C:\Program Files\TomTom HOME\TomTomHOME.exe
    C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe
    C:\Program Files\iTunes\iTunesHelper.exe
    C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
    C:\PROGRA~1\AVG\AVG8\avgtray.exe
    C:\WINDOWS\system32\RUNDLL32.EXE
    C:\WINDOWS\RTHDCPL.EXE
    C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
    C:\Program Files\Skype\Phone\Skype.exe
    C:\Program Files\Internet Explorer\IEXPLORE.EXE
    C:\Program Files\iPod\bin\iPodService.exe
    C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\Creative\MediaSource\Detector\CTDetect.exe
    C:\PROGRA~1\MICROS~3\rapimgr.exe
    C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
    C:\Program Files\Microsoft ActiveSync\wcescomm.exe
    C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
    C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
    C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe
    C:\Program Files\Fichiers communs\Teleca Shared\Generic.exe
    C:\Program Files\Sony Ericsson\Mobile2\Mobile Phone Monitor\epmworker.exe
    C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe
    C:\Program Files\Skype\Plugin Manager\skypePM.exe
    C:\Program Files\Windows Live\Contacts\wlcomm.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_clipbook.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_clipbook.exe
    C:\Program Files\Mozilla Firefox\firefox.exe
    C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.mediapart.fr/
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.trooner.com/
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
    R3 - URLSearchHook: DeviceVM Url Search Hook - {0063BF63-BFFF-4B8F-9D26-4267DF7F17DD} - C:\WINDOWS\system32\dvmurl.dll
    R3 - URLSearchHook: (no name) - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - (no file)
    O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file)
    O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll
    O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll (file missing)
    O2 - BHO: Popup Manager - {08E74C67-99A6-45C7-94DA-A397A8FD8082} - (no file)
    O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
    O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll
    O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
    O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
    O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
    O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
    O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
    O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe
    O4 - HKLM\..\Run: [SoundMAX] "C:\Program Files\Analog Devices\SoundMAX\Smax4.exe" /tray
    O4 - HKLM\..\Run: [JMB36X Configure] C:\WINDOWS\system32\JMRaidTool.exe boot
    O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
    O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
    O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
    O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
    O4 - HKLM\..\Run: [TomTomHOME.exe] "C:\Program Files\TomTom HOME\TomTomHOME.exe" -s
    O4 - HKLM\..\Run: [Sony Ericsson PC Suite] "C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe" /startoptions
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
    O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
    O4 - HKLM\..\Run: [Ad-Watch] C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe
    O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
    O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe
    O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
    O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
    O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
    O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
    O4 - HKLM\..\Run: [blue peak seek up] C:\Documents and Settings\All Users\Application Data\Program Amen Blue Peak\locks store.exe
    O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
    O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
    O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [Creative Detector] "C:\Program Files\Creative\MediaSource\Detector\CTDetect.exe" /R
    O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
    O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
    O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
    O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
    O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
    O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
    O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
    O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\WINDOWS\system32\GPhotos.scr/200
    O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
    O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_803138DCE93649E4.dll/cmsidewiki.html
    O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
    O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
    O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~3\INetRepl.dll
    O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~3\INetRepl.dll
    O9 - Extra 'Tools' menuitem: Créer un favori mobile... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~3\INetRepl.dll
    O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
    O9 - Extra button: Afficher ou masquer l'HP Smart Web Printing - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
    O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
    O9 - Extra 'Tools' menuitem: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
    O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} (Windows Live Safety Center Base Module) - http://cdn.scan.onecare.live.com/resource/download/scan...
    O16 - DPF: {8F48147B-78D9-40F9-ACC0-BDDE59B246F4} (AccountHelper Class) - http://www.tele2mail.com/static/apps/utils/AccountHelpe...
    O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/fl...
    O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll
    O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL
    O20 - Winlogon Notify: avgrsstarter - C:\WINDOWS\SYSTEM32\avgrsstx.dll
    O23 - Service: AVG Free8 E-mail Scanner (avg8emc) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgemc.exe
    O23 - Service: AVG Free8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
    O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
    O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTsvcCDA.exe
    O23 - Service: GEST Service for program management. (GEST Service) - Unknown owner - C:\Program Files\GIGABYTE\EnergySaver\GSvr.exe
    O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1150\Intel 32\IDriverT.exe
    O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
    O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
    O23 - Service: Lavasoft Ad-Aware Service - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
    O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
    O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe

    --
    End of file - 12514 bytes
    a b 8 Sécurité
    12 Octobre 2009 21:35:26

    Refais un scan LopS&D option 1.
    13 Octobre 2009 10:24:47

    Oula! Aide urgente demandee
    Pendant le scan de lop sd survient une alerte du firewall avg:
    cheval de troie: Generic14. CA0T!!!
    Que faire?

    En attendant voici le resultat du scan:


    --------------------\\ Lop S&D 4.2.5-0 XP/Vista

    Microsoft Windows XP Édition familiale ( v5.1.2600 ) Service Pack 3
    X86-based PC ( Multiprocessor Free : Intel(R) Core(TM)2 CPU 6600 @ 2.40GHz )
    BIOS : Award Modular BIOS v6.00PG
    USER : DUPLANTIER ( Administrator )
    BOOT : Normal boot
    Antivirus : AVG Anti-Virus Free 8.5 (Activated)
    A:\ (USB)
    C:\ (Local Disk) - NTFS - Total:45 Go (Free:23 Go)
    D:\ (Local Disk) - NTFS - Total:234 Go (Free:214 Go)
    E:\ (CD or DVD)
    F:\ (USB)

    "C:\Lop SD" ( MAJ : 19-12-2008|23:40 )
    Option : [1] ( 13/10/2009|10:20 )

    --------------------\\ Listing des dossiers dans APPLIC~1

    [04/11/2006|19:18] C:\DOCUME~1\ADMINI~1\APPLIC~1\Microsoft

    [02/01/2009|11:23] C:\DOCUME~1\ALLUSE~1\APPLIC~1\{3276BE95_AF08_429F_A64F_CA64CB79BCF6}
    [14/04/2009|08:33] C:\DOCUME~1\ALLUSE~1\APPLIC~1\{83C91755-2546-441D-AC40-9A6B4B860800}
    [18/05/2008|09:58] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe
    [02/01/2009|11:20] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple
    [02/01/2009|11:22] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple Computer
    [18/08/2009|13:16] C:\DOCUME~1\ALLUSE~1\APPLIC~1\avg8
    [06/11/2006|21:47] C:\DOCUME~1\ALLUSE~1\APPLIC~1\CyberLink
    [12/08/2009|16:52] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Fighters
    [06/10/2009|11:04] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Google
    [27/09/2009|16:14] C:\DOCUME~1\ALLUSE~1\APPLIC~1\HP
    [27/09/2009|16:09] C:\DOCUME~1\ALLUSE~1\APPLIC~1\HP Product Assistant
    [21/02/2009|08:44] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Lavasoft
    [09/10/2009|12:24] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Malwarebytes
    [05/10/2009|18:04] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft
    [08/11/2006|21:35] C:\DOCUME~1\ALLUSE~1\APPLIC~1\NVIDIA
    [09/11/2006|16:05] C:\DOCUME~1\ALLUSE~1\APPLIC~1\nView_Profiles
    [01/10/2009|13:38] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Program Amen Blue Peak
    [28/09/2009|22:38] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Skype
    [09/12/2007|17:55] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Sony Ericsson
    [04/10/2009|08:07] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Spybot - Search & Destroy
    [09/12/2007|17:55] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Teleca
    [02/07/2007|16:27] C:\DOCUME~1\ALLUSE~1\APPLIC~1\TomTom
    [27/09/2009|16:16] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WEBREG
    [06/11/2006|14:13] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Genuine Advantage
    [15/05/2008|09:52] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WLInstaller

    [04/11/2006|19:18] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft

    [11/02/2008|09:12] C:\DOCUME~1\DUPLAN~1\APPLIC~1\Adobe
    [17/05/2008|12:17] C:\DOCUME~1\DUPLAN~1\APPLIC~1\AdobeUM
    [02/01/2009|11:23] C:\DOCUME~1\DUPLAN~1\APPLIC~1\Apple Computer
    [29/09/2009|12:31] C:\DOCUME~1\DUPLAN~1\APPLIC~1\Creative
    [27/07/2008|19:26] C:\DOCUME~1\DUPLAN~1\APPLIC~1\dvdcss
    [11/12/2007|12:21] C:\DOCUME~1\DUPLAN~1\APPLIC~1\Google
    [13/12/2006|18:34] C:\DOCUME~1\DUPLAN~1\APPLIC~1\Help
    [06/10/2009|16:08] C:\DOCUME~1\DUPLAN~1\APPLIC~1\HP
    [12/10/2009|10:09] C:\DOCUME~1\DUPLAN~1\APPLIC~1\HPAppData
    [09/11/2006|16:02] C:\DOCUME~1\DUPLAN~1\APPLIC~1\HTNetMeter
    [26/11/2006|20:25] C:\DOCUME~1\DUPLAN~1\APPLIC~1\Identities
    [02/07/2007|16:24] C:\DOCUME~1\DUPLAN~1\APPLIC~1\InstallShield
    [03/03/2007|18:46] C:\DOCUME~1\DUPLAN~1\APPLIC~1\iPodder
    [31/07/2009|19:01] C:\DOCUME~1\DUPLAN~1\APPLIC~1\IrfanView
    [21/02/2009|11:50] C:\DOCUME~1\DUPLAN~1\APPLIC~1\Lavasoft
    [08/11/2006|01:17] C:\DOCUME~1\DUPLAN~1\APPLIC~1\Macromedia
    [09/10/2009|12:25] C:\DOCUME~1\DUPLAN~1\APPLIC~1\Malwarebytes
    [05/10/2009|18:04] C:\DOCUME~1\DUPLAN~1\APPLIC~1\Microsoft
    [17/12/2006|14:38] C:\DOCUME~1\DUPLAN~1\APPLIC~1\Mozilla
    [22/03/2007|20:00] C:\DOCUME~1\DUPLAN~1\APPLIC~1\MSNInstaller
    [23/04/2009|17:28] C:\DOCUME~1\DUPLAN~1\APPLIC~1\Real
    [13/10/2009|10:11] C:\DOCUME~1\DUPLAN~1\APPLIC~1\Skype
    [12/10/2009|08:00] C:\DOCUME~1\DUPLAN~1\APPLIC~1\skypePM
    [09/12/2007|17:56] C:\DOCUME~1\DUPLAN~1\APPLIC~1\Sony Ericsson
    [10/02/2008|15:38] C:\DOCUME~1\DUPLAN~1\APPLIC~1\SPAMfighter
    [02/10/2009|13:51] C:\DOCUME~1\DUPLAN~1\APPLIC~1\Spamihilator
    [29/05/2007|18:34] C:\DOCUME~1\DUPLAN~1\APPLIC~1\Sun
    [09/12/2007|18:23] C:\DOCUME~1\DUPLAN~1\APPLIC~1\Teleca
    [09/06/2009|17:35] C:\DOCUME~1\DUPLAN~1\APPLIC~1\vlc
    [27/09/2009|16:11] C:\DOCUME~1\DUPLAN~1\APPLIC~1\Yahoo!

    [24/01/2008|10:39] C:\DOCUME~1\INVIT~1\APPLIC~1\Google
    [24/01/2008|10:38] C:\DOCUME~1\INVIT~1\APPLIC~1\Identities
    [10/05/2009|07:23] C:\DOCUME~1\INVIT~1\APPLIC~1\Microsoft
    [24/01/2008|10:38] C:\DOCUME~1\INVIT~1\APPLIC~1\Real
    [24/01/2008|10:38] C:\DOCUME~1\INVIT~1\APPLIC~1\Sony Ericsson
    [24/01/2008|10:38] C:\DOCUME~1\INVIT~1\APPLIC~1\Teleca

    [10/05/2009|07:23] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft

    [10/05/2009|07:23] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft

    --------------------\\ Tâches planifiées dans C:\WINDOWS\tasks

    [10/10/2009 06:04][--a------] C:\WINDOWS\tasks\SLOW-PCfighter.job
    [13/10/2009 08:34][--a------] C:\WINDOWS\tasks\Ad-Aware Update (Weekly).job
    [10/10/2009 06:01][--ah-----] C:\WINDOWS\tasks\SA.DAT
    [02/03/2006 14:00][-r-h-----] C:\WINDOWS\tasks\desktop.ini

    --------------------\\ Listing des dossiers dans C:\Program Files

    [01/06/2009|13:12] C:\Program Files\Adobe
    [06/11/2006|18:33] C:\Program Files\Ahead
    [04/11/2006|19:44] C:\Program Files\Analog Devices
    [02/01/2009|11:21] C:\Program Files\Apple Software Update
    [04/11/2006|19:48] C:\Program Files\ASUS WiFi-AP Solo
    [23/07/2008|10:09] C:\Program Files\AVG
    [18/12/2006|16:08] C:\Program Files\Black Isle
    [02/01/2009|11:22] C:\Program Files\Bonjour
    [19/09/2009|15:49] C:\Program Files\Browser Configuration Utility
    [08/11/2008|08:49] C:\Program Files\CeWe Color
    [04/11/2006|19:15] C:\Program Files\ComPlus Applications
    [18/12/2007|22:57] C:\Program Files\Creative
    [04/11/2006|20:08] C:\Program Files\CyberLink
    [20/09/2009|15:48] C:\Program Files\Digital Image Recovery
    [26/12/2006|13:35] C:\Program Files\Electronic Arts
    [29/09/2009|15:59] C:\Program Files\eMule
    [13/02/2008|13:19] C:\Program Files\Everest Poker
    [28/09/2009|22:38] C:\Program Files\Fichiers communs
    [19/09/2009|15:49] C:\Program Files\GIGABYTE
    [06/10/2009|11:04] C:\Program Files\Google
    [06/11/2006|19:10] C:\Program Files\Hewlett-Packard
    [15/12/2006|07:11] C:\Program Files\HooTech
    [27/09/2009|16:10] C:\Program Files\HP
    [24/04/2007|18:53] C:\Program Files\IKEA HomePlanner
    [03/03/2007|18:11] C:\Program Files\Illustrate
    [02/10/2009|14:34] C:\Program Files\InstallShield Installation Information
    [04/11/2006|19:30] C:\Program Files\Intel
    [30/07/2009|01:20] C:\Program Files\Internet Explorer
    [02/01/2009|11:22] C:\Program Files\iPod
    [18/03/2007|13:04] C:\Program Files\IrfanView
    [02/01/2009|11:23] C:\Program Files\iTunes
    [23/05/2009|10:52] C:\Program Files\Java
    [03/03/2007|17:44] C:\Program Files\Juice
    [08/09/2009|17:21] C:\Program Files\Kroll Ontrack
    [14/04/2009|08:33] C:\Program Files\Lavasoft
    [03/03/2007|18:04] C:\Program Files\Magic RM to MP3 Converter
    [04/11/2006|19:47] C:\Program Files\Marvell
    [17/09/2008|20:00] C:\Program Files\Messenger
    [13/04/2009|09:17] C:\Program Files\Microsoft
    [13/06/2008|20:02] C:\Program Files\Microsoft ActiveSync
    [04/11/2006|19:18] C:\Program Files\microsoft frontpage
    [23/01/2009|16:50] C:\Program Files\Microsoft Office
    [12/09/2009|07:39] C:\Program Files\Microsoft Silverlight
    [13/04/2009|09:16] C:\Program Files\Microsoft SQL Server Compact Edition
    [06/11/2006|17:56] C:\Program Files\Microsoft.NET
    [16/09/2008|09:20] C:\Program Files\Movie Maker
    [13/10/2009|10:17] C:\Program Files\Mozilla Firefox
    [15/08/2009|20:22] C:\Program Files\MSBuild
    [23/01/2009|16:50] C:\Program Files\MSECache
    [22/03/2007|20:00] C:\Program Files\MSN
    [04/11/2006|19:14] C:\Program Files\MSN Gaming Zone
    [10/12/2007|21:00] C:\Program Files\MSXML 4.0
    [16/09/2008|09:18] C:\Program Files\NetMeeting
    [06/11/2006|14:15] C:\Program Files\Old Messenger
    [04/11/2006|19:14] C:\Program Files\Online Services
    [12/08/2009|18:03] C:\Program Files\Outlook Express
    [18/09/2009|19:30] C:\Program Files\Paint.NET
    [02/01/2009|11:22] C:\Program Files\QuickTime
    [17/12/2006|16:34] C:\Program Files\Real
    [19/09/2009|15:54] C:\Program Files\Realtek
    [15/08/2009|20:22] C:\Program Files\Reference Assemblies
    [28/04/2009|12:27] C:\Program Files\Securitoo
    [04/11/2006|19:17] C:\Program Files\Services en ligne
    [28/09/2009|22:38] C:\Program Files\Skype
    [09/12/2007|17:54] C:\Program Files\Sony Ericsson
    [04/10/2009|07:30] C:\Program Files\Spybot - Search & Destroy
    [06/07/2007|07:36] C:\Program Files\TomTom HOME
    [10/10/2009|23:43] C:\Program Files\Trend Micro
    [04/11/2006|19:28] C:\Program Files\Uninstall Information
    [09/05/2009|10:51] C:\Program Files\VideoLAN
    [13/04/2009|09:17] C:\Program Files\Windows Live
    [05/10/2009|18:40] C:\Program Files\Windows Live Safety Center
    [13/04/2009|09:15] C:\Program Files\Windows Live SkyDrive
    [12/12/2006|20:42] C:\Program Files\Windows Media Connect 2
    [15/04/2009|08:40] C:\Program Files\Windows Media Player
    [16/09/2008|09:17] C:\Program Files\Windows NT
    [04/11/2006|19:17] C:\Program Files\WindowsUpdate
    [17/12/2006|23:34] C:\Program Files\WinRAR
    [09/11/2006|19:56] C:\Program Files\WinZip
    [04/11/2006|19:18] C:\Program Files\xerox
    [02/10/2009|15:41] C:\Program Files\Yahoo!

    --------------------\\ Listing des dossiers dans C:\Program Files\Fichiers communs

    [01/06/2009|13:12] C:\Program Files\Fichiers communs\Adobe
    [06/11/2006|18:33] C:\Program Files\Fichiers communs\Ahead
    [02/10/2009|15:39] C:\Program Files\Fichiers communs\Apple
    [06/11/2006|17:58] C:\Program Files\Fichiers communs\DESIGNER
    [28/04/2009|12:25] C:\Program Files\Fichiers communs\France Telecom
    [27/09/2009|16:07] C:\Program Files\Fichiers communs\Hewlett-Packard
    [27/09/2009|16:08] C:\Program Files\Fichiers communs\HP
    [04/11/2006|19:48] C:\Program Files\Fichiers communs\InstallShield
    [29/05/2007|18:33] C:\Program Files\Fichiers communs\Java
    [06/11/2006|18:34] C:\Program Files\Fichiers communs\LightScribe
    [05/03/2009|23:34] C:\Program Files\Fichiers communs\Microsoft Shared
    [04/11/2006|19:16] C:\Program Files\Fichiers communs\MSSoap
    [06/11/2006|18:35] C:\Program Files\Fichiers communs\Nero
    [04/11/2006|19:58] C:\Program Files\Fichiers communs\ODBC
    [23/04/2009|17:27] C:\Program Files\Fichiers communs\Real
    [04/11/2006|19:16] C:\Program Files\Fichiers communs\Services
    [28/09/2009|22:38] C:\Program Files\Fichiers communs\Skype
    [09/12/2007|17:55] C:\Program Files\Fichiers communs\Sony Ericsson Shared
    [04/11/2006|19:58] C:\Program Files\Fichiers communs\SpeechEngines
    [16/09/2008|09:34] C:\Program Files\Fichiers communs\System
    [09/12/2007|17:55] C:\Program Files\Fichiers communs\Teleca Shared
    [01/06/2009|13:12] C:\Program Files\Fichiers communs\Vbox
    [17/03/2009|14:25] C:\Program Files\Fichiers communs\Windows Live
    [14/05/2008|09:42] C:\Program Files\Fichiers communs\WindowsLiveInstaller
    [23/04/2009|17:27] C:\Program Files\Fichiers communs\xing shared

    --------------------\\ Process

    ( 76 Processes )

    IEXPLORE.EXE ~ [PID:3344]
    iexplore.exe ~ [PID:3896]
    iexplore.exe ~ [PID:3932]
    iexplore.exe ~ [PID:5528]
    iexplore.exe ~ [PID:4464]
    iexplore.exe ~ [PID:5348]

    --------------------\\ Recherche avec S_Lop

    Aucun fichier / dossier Lop trouvé !

    --------------------\\ Recherche de Fichiers / Dossiers Lop

    C:\DOCUME~1\DUPLAN~1\Cookies\duplantier@advertstream[1].txt
    C:\DOCUME~1\DUPLAN~1\Cookies\duplantier@bigpoint[1].txt
    C:\DOCUME~1\DUPLAN~1\Cookies\duplantier@seafight.bigpoint[1].txt
    C:\DOCUME~1\DUPLAN~1\Cookies\duplantier@thepimps.bigpoint[1].txt
    C:\DOCUME~1\DUPLAN~1\Cookies\duplantier@partypoker[1].txt
    C:\DOCUME~1\DUPLAN~1\Cookies\duplantier@seafight.bigpoint[1].txt

    --------------------\\ Verification du Registre

    ..... OK !

    --------------------\\ Verification du fichier Hosts

    Fichier Hosts PROPRE


    --------------------\\ Recherche de fichiers avec Catchme


    --------------------\\ Recherche d'autres infections

    --------------------\\ Cracks & Keygens ..

    C:\DOCUME~1\DUPLAN~1\Application Data\vlc\art\title\hail! hail! rock'n roll No serial(crack).avi
    C:\DOCUME~1\DUPLAN~1\Application Data\vlc\art\title\hail! hail! rock'n roll No serial(crack).avi\art.jpg


    [F:83][D:239]-> C:\DOCUME~1\DUPLAN~1\LOCALS~1\Temp
    [F:2404][D:0]-> C:\DOCUME~1\DUPLAN~1\Cookies
    [F:28136][D:55]-> C:\DOCUME~1\DUPLAN~1\LOCALS~1\TEMPOR~1\content.IE5

    1 - "C:\Lop SD\LopR_1.txt" - 05/10/2009|11:57 - Option : [1]
    2 - "C:\Lop SD\LopR_2.txt" - 07/10/2009| 7:08 - Option : [2]
    3 - "C:\Lop SD\LopR_3.txt" - 13/10/2009|10:22 - Option : [1]

    --------------------\\ Fin du rapport a 10:22:31


    merci
    a b 8 Sécurité
    15 Octobre 2009 23:27:51

    Désactive AVG et refais un scan option 1 pour voir.
    16 Octobre 2009 15:10:03

    bonjour,
    Je ne suis pas certain que ma desactivation a ete effective...
    mais voici le nouveau rapport:

    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 15:08:56, on 16/10/2009
    Platform: Windows XP SP3 (WinNT 5.01.2600)
    MSIE: Internet Explorer v7.00 (7.00.6000.16915)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
    C:\Program Files\Bonjour\mDNSResponder.exe
    C:\WINDOWS\system32\CTsvcCDA.exe
    C:\Program Files\GIGABYTE\EnergySaver\GSvr.exe
    C:\WINDOWS\system32\svchost.exe
    C:\Program Files\Java\jre6\bin\jqs.exe
    C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\nvsvc32.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\svchost.exe
    C:\PROGRA~1\AVG\AVG8\avgrsx.exe
    C:\PROGRA~1\AVG\AVG8\avgemc.exe
    C:\Program Files\AVG\AVG8\avgcsrvx.exe
    C:\Program Files\AVG\AVG8\avgcsrvx.exe
    C:\WINDOWS\system32\wbem\wmiapsrv.exe
    C:\WINDOWS\Explorer.EXE
    C:\Program Files\Analog Devices\SoundMAX\Smax4.exe
    C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
    C:\Program Files\Java\jre6\bin\jusched.exe
    C:\WINDOWS\system32\rundll32.exe
    C:\Program Files\TomTom HOME\TomTomHOME.exe
    C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe
    C:\Program Files\iTunes\iTunesHelper.exe
    C:\WINDOWS\system32\RUNDLL32.EXE
    C:\WINDOWS\RTHDCPL.EXE
    C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
    C:\Program Files\Skype\Phone\Skype.exe
    C:\Program Files\Internet Explorer\IEXPLORE.EXE
    C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe
    C:\Program Files\iPod\bin\iPodService.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\Creative\MediaSource\Detector\CTDetect.exe
    C:\PROGRA~1\MICROS~3\rapimgr.exe
    C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
    C:\Program Files\Microsoft ActiveSync\wcescomm.exe
    C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
    C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
    C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe
    C:\Program Files\Fichiers communs\Teleca Shared\Generic.exe
    C:\Program Files\Sony Ericsson\Mobile2\Mobile Phone Monitor\epmworker.exe
    C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe
    C:\Program Files\Skype\Plugin Manager\skypePM.exe
    C:\Program Files\Windows Live\Contacts\wlcomm.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
    C:\PROGRA~1\AVG\AVG8\avgnsx.exe
    C:\Program Files\Mozilla Firefox\firefox.exe
    C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_clipbook.exe
    C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.mediapart.fr/
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.trooner.com/
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
    R3 - URLSearchHook: DeviceVM Url Search Hook - {0063BF63-BFFF-4B8F-9D26-4267DF7F17DD} - C:\WINDOWS\system32\dvmurl.dll
    R3 - URLSearchHook: (no name) - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - (no file)
    O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file)
    O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll
    O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll (file missing)
    O2 - BHO: Popup Manager - {08E74C67-99A6-45C7-94DA-A397A8FD8082} - (no file)
    O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
    O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll
    O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
    O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
    O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
    O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
    O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
    O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe
    O4 - HKLM\..\Run: [SoundMAX] "C:\Program Files\Analog Devices\SoundMAX\Smax4.exe" /tray
    O4 - HKLM\..\Run: [JMB36X Configure] C:\WINDOWS\system32\JMRaidTool.exe boot
    O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
    O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
    O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
    O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
    O4 - HKLM\..\Run: [TomTomHOME.exe] "C:\Program Files\TomTom HOME\TomTomHOME.exe" -s
    O4 - HKLM\..\Run: [Sony Ericsson PC Suite] "C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe" /startoptions
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
    O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
    O4 - HKLM\..\Run: [Ad-Watch] C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe
    O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
    O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe
    O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
    O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
    O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
    O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
    O4 - HKLM\..\Run: [blue peak seek up] C:\Documents and Settings\All Users\Application Data\Program Amen Blue Peak\locks store.exe
    O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
    O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
    O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [Creative Detector] "C:\Program Files\Creative\MediaSource\Detector\CTDetect.exe" /R
    O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
    O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
    O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
    O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
    O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
    O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
    O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
    O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\WINDOWS\system32\GPhotos.scr/200
    O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
    O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_803138DCE93649E4.dll/cmsidewiki.html
    O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
    O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
    O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~3\INetRepl.dll
    O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~3\INetRepl.dll
    O9 - Extra 'Tools' menuitem: Créer un favori mobile... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~3\INetRepl.dll
    O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
    O9 - Extra button: Afficher ou masquer l'HP Smart Web Printing - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
    O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
    O9 - Extra 'Tools' menuitem: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
    O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} (Windows Live Safety Center Base Module) - http://cdn.scan.onecare.live.com/resource/download/scan...
    O16 - DPF: {8F48147B-78D9-40F9-ACC0-BDDE59B246F4} (AccountHelper Class) - http://www.tele2mail.com/static/apps/utils/AccountHelpe...
    O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/fl...
    O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll
    O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL
    O20 - Winlogon Notify: avgrsstarter - C:\WINDOWS\SYSTEM32\avgrsstx.dll
    O23 - Service: AVG Free8 E-mail Scanner (avg8emc) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgemc.exe
    O23 - Service: AVG Free8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
    O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
    O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTsvcCDA.exe
    O23 - Service: GEST Service for program management. (GEST Service) - Unknown owner - C:\Program Files\GIGABYTE\EnergySaver\GSvr.exe
    O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1150\Intel 32\IDriverT.exe
    O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
    O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
    O23 - Service: Lavasoft Ad-Aware Service - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
    O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
    O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe

    --
    End of file - 12340 bytes
    a b 8 Sécurité
    18 Octobre 2009 22:26:42

    Option 1 Lop&Sd ;) 
    19 Octobre 2009 00:45:45

    Oups...!
    Sorry.
    le voila:


    --------------------\\ Lop S&D 4.2.5-0 XP/Vista

    Microsoft Windows XP Édition familiale ( v5.1.2600 ) Service Pack 3
    X86-based PC ( Multiprocessor Free : Intel(R) Core(TM)2 CPU 6600 @ 2.40GHz )
    BIOS : Award Modular BIOS v6.00PG
    USER : DUPLANTIER ( Administrator )
    BOOT : Normal boot
    Antivirus : AVG Anti-Virus Free 8.5 (Activated)
    A:\ (USB)
    C:\ (Local Disk) - NTFS - Total:45 Go (Free:22 Go)
    D:\ (Local Disk) - NTFS - Total:234 Go (Free:214 Go)
    E:\ (CD or DVD)

    "C:\Lop SD" ( MAJ : 19-12-2008|23:40 )
    Option : [1] ( 19/10/2009| 0:39 )

    --------------------\\ Listing des dossiers dans APPLIC~1

    [04/11/2006|19:18] C:\DOCUME~1\ADMINI~1\APPLIC~1\Microsoft

    [02/01/2009|11:23] C:\DOCUME~1\ALLUSE~1\APPLIC~1\{3276BE95_AF08_429F_A64F_CA64CB79BCF6}
    [14/04/2009|08:33] C:\DOCUME~1\ALLUSE~1\APPLIC~1\{83C91755-2546-441D-AC40-9A6B4B860800}
    [18/05/2008|09:58] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe
    [02/01/2009|11:20] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple
    [02/01/2009|11:22] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple Computer
    [18/08/2009|13:16] C:\DOCUME~1\ALLUSE~1\APPLIC~1\avg8
    [06/11/2006|21:47] C:\DOCUME~1\ALLUSE~1\APPLIC~1\CyberLink
    [12/08/2009|16:52] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Fighters
    [06/10/2009|11:04] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Google
    [27/09/2009|16:14] C:\DOCUME~1\ALLUSE~1\APPLIC~1\HP
    [27/09/2009|16:09] C:\DOCUME~1\ALLUSE~1\APPLIC~1\HP Product Assistant
    [21/02/2009|08:44] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Lavasoft
    [09/10/2009|12:24] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Malwarebytes
    [05/10/2009|18:04] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft
    [08/11/2006|21:35] C:\DOCUME~1\ALLUSE~1\APPLIC~1\NVIDIA
    [09/11/2006|16:05] C:\DOCUME~1\ALLUSE~1\APPLIC~1\nView_Profiles
    [01/10/2009|13:38] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Program Amen Blue Peak
    [28/09/2009|22:38] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Skype
    [09/12/2007|17:55] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Sony Ericsson
    [04/10/2009|08:07] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Spybot - Search & Destroy
    [09/12/2007|17:55] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Teleca
    [02/07/2007|16:27] C:\DOCUME~1\ALLUSE~1\APPLIC~1\TomTom
    [27/09/2009|16:16] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WEBREG
    [06/11/2006|14:13] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Genuine Advantage
    [15/05/2008|09:52] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WLInstaller

    [04/11/2006|19:18] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft

    [11/02/2008|09:12] C:\DOCUME~1\DUPLAN~1\APPLIC~1\Adobe
    [17/05/2008|12:17] C:\DOCUME~1\DUPLAN~1\APPLIC~1\AdobeUM
    [02/01/2009|11:23] C:\DOCUME~1\DUPLAN~1\APPLIC~1\Apple Computer
    [29/09/2009|12:31] C:\DOCUME~1\DUPLAN~1\APPLIC~1\Creative
    [27/07/2008|19:26] C:\DOCUME~1\DUPLAN~1\APPLIC~1\dvdcss
    [11/12/2007|12:21] C:\DOCUME~1\DUPLAN~1\APPLIC~1\Google
    [13/12/2006|18:34] C:\DOCUME~1\DUPLAN~1\APPLIC~1\Help
    [06/10/2009|16:08] C:\DOCUME~1\DUPLAN~1\APPLIC~1\HP
    [18/10/2009|20:24] C:\DOCUME~1\DUPLAN~1\APPLIC~1\HPAppData
    [09/11/2006|16:02] C:\DOCUME~1\DUPLAN~1\APPLIC~1\HTNetMeter
    [26/11/2006|20:25] C:\DOCUME~1\DUPLAN~1\APPLIC~1\Identities
    [02/07/2007|16:24] C:\DOCUME~1\DUPLAN~1\APPLIC~1\InstallShield
    [03/03/2007|18:46] C:\DOCUME~1\DUPLAN~1\APPLIC~1\iPodder
    [31/07/2009|19:01] C:\DOCUME~1\DUPLAN~1\APPLIC~1\IrfanView
    [21/02/2009|11:50] C:\DOCUME~1\DUPLAN~1\APPLIC~1\Lavasoft
    [08/11/2006|01:17] C:\DOCUME~1\DUPLAN~1\APPLIC~1\Macromedia
    [09/10/2009|12:25] C:\DOCUME~1\DUPLAN~1\APPLIC~1\Malwarebytes
    [05/10/2009|18:04] C:\DOCUME~1\DUPLAN~1\APPLIC~1\Microsoft
    [17/12/2006|14:38] C:\DOCUME~1\DUPLAN~1\APPLIC~1\Mozilla
    [22/03/2007|20:00] C:\DOCUME~1\DUPLAN~1\APPLIC~1\MSNInstaller
    [23/04/2009|17:28] C:\DOCUME~1\DUPLAN~1\APPLIC~1\Real
    [18/10/2009|07:53] C:\DOCUME~1\DUPLAN~1\APPLIC~1\Skype
    [18/10/2009|08:00] C:\DOCUME~1\DUPLAN~1\APPLIC~1\skypePM
    [09/12/2007|17:56] C:\DOCUME~1\DUPLAN~1\APPLIC~1\Sony Ericsson
    [10/02/2008|15:38] C:\DOCUME~1\DUPLAN~1\APPLIC~1\SPAMfighter
    [02/10/2009|13:51] C:\DOCUME~1\DUPLAN~1\APPLIC~1\Spamihilator
    [29/05/2007|18:34] C:\DOCUME~1\DUPLAN~1\APPLIC~1\Sun
    [09/12/2007|18:23] C:\DOCUME~1\DUPLAN~1\APPLIC~1\Teleca
    [09/06/2009|17:35] C:\DOCUME~1\DUPLAN~1\APPLIC~1\vlc
    [27/09/2009|16:11] C:\DOCUME~1\DUPLAN~1\APPLIC~1\Yahoo!

    [24/01/2008|10:39] C:\DOCUME~1\INVIT~1\APPLIC~1\Google
    [24/01/2008|10:38] C:\DOCUME~1\INVIT~1\APPLIC~1\Identities
    [10/05/2009|07:23] C:\DOCUME~1\INVIT~1\APPLIC~1\Microsoft
    [24/01/2008|10:38] C:\DOCUME~1\INVIT~1\APPLIC~1\Real
    [24/01/2008|10:38] C:\DOCUME~1\INVIT~1\APPLIC~1\Sony Ericsson
    [24/01/2008|10:38] C:\DOCUME~1\INVIT~1\APPLIC~1\Teleca

    [10/05/2009|07:23] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft

    [10/05/2009|07:23] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft

    --------------------\\ Tâches planifiées dans C:\WINDOWS\tasks

    [16/10/2009 15:19][--a------] C:\WINDOWS\tasks\SLOW-PCfighter.job
    [13/10/2009 08:34][--a------] C:\WINDOWS\tasks\Ad-Aware Update (Weekly).job
    [16/10/2009 15:12][--ah-----] C:\WINDOWS\tasks\SA.DAT
    [02/03/2006 14:00][-r-h-----] C:\WINDOWS\tasks\desktop.ini

    --------------------\\ Listing des dossiers dans C:\Program Files

    [01/06/2009|13:12] C:\Program Files\Adobe
    [06/11/2006|18:33] C:\Program Files\Ahead
    [04/11/2006|19:44] C:\Program Files\Analog Devices
    [02/01/2009|11:21] C:\Program Files\Apple Software Update
    [04/11/2006|19:48] C:\Program Files\ASUS WiFi-AP Solo
    [23/07/2008|10:09] C:\Program Files\AVG
    [18/12/2006|16:08] C:\Program Files\Black Isle
    [02/01/2009|11:22] C:\Program Files\Bonjour
    [19/09/2009|15:49] C:\Program Files\Browser Configuration Utility
    [08/11/2008|08:49] C:\Program Files\CeWe Color
    [04/11/2006|19:15] C:\Program Files\ComPlus Applications
    [18/12/2007|22:57] C:\Program Files\Creative
    [04/11/2006|20:08] C:\Program Files\CyberLink
    [20/09/2009|15:48] C:\Program Files\Digital Image Recovery
    [26/12/2006|13:35] C:\Program Files\Electronic Arts
    [29/09/2009|15:59] C:\Program Files\eMule
    [13/02/2008|13:19] C:\Program Files\Everest Poker
    [28/09/2009|22:38] C:\Program Files\Fichiers communs
    [19/09/2009|15:49] C:\Program Files\GIGABYTE
    [06/10/2009|11:04] C:\Program Files\Google
    [06/11/2006|19:10] C:\Program Files\Hewlett-Packard
    [15/12/2006|07:11] C:\Program Files\HooTech
    [27/09/2009|16:10] C:\Program Files\HP
    [24/04/2007|18:53] C:\Program Files\IKEA HomePlanner
    [03/03/2007|18:11] C:\Program Files\Illustrate
    [02/10/2009|14:34] C:\Program Files\InstallShield Installation Information
    [04/11/2006|19:30] C:\Program Files\Intel
    [14/10/2009|18:59] C:\Program Files\Internet Explorer
    [02/01/2009|11:22] C:\Program Files\iPod
    [18/03/2007|13:04] C:\Program Files\IrfanView
    [02/01/2009|11:23] C:\Program Files\iTunes
    [23/05/2009|10:52] C:\Program Files\Java
    [03/03/2007|17:44] C:\Program Files\Juice
    [08/09/2009|17:21] C:\Program Files\Kroll Ontrack
    [14/04/2009|08:33] C:\Program Files\Lavasoft
    [03/03/2007|18:04] C:\Program Files\Magic RM to MP3 Converter
    [04/11/2006|19:47] C:\Program Files\Marvell
    [17/09/2008|20:00] C:\Program Files\Messenger
    [13/04/2009|09:17] C:\Program Files\Microsoft
    [13/06/2008|20:02] C:\Program Files\Microsoft ActiveSync
    [04/11/2006|19:18] C:\Program Files\microsoft frontpage
    [23/01/2009|16:50] C:\Program Files\Microsoft Office
    [12/09/2009|07:39] C:\Program Files\Microsoft Silverlight
    [13/04/2009|09:16] C:\Program Files\Microsoft SQL Server Compact Edition
    [06/11/2006|17:56] C:\Program Files\Microsoft.NET
    [16/09/2008|09:20] C:\Program Files\Movie Maker
    [18/10/2009|20:19] C:\Program Files\Mozilla Firefox
    [15/08/2009|20:22] C:\Program Files\MSBuild
    [23/01/2009|16:50] C:\Program Files\MSECache
    [22/03/2007|20:00] C:\Program Files\MSN
    [04/11/2006|19:14] C:\Program Files\MSN Gaming Zone
    [10/12/2007|21:00] C:\Program Files\MSXML 4.0
    [16/09/2008|09:18] C:\Program Files\NetMeeting
    [06/11/2006|14:15] C:\Program Files\Old Messenger
    [04/11/2006|19:14] C:\Program Files\Online Services
    [12/08/2009|18:03] C:\Program Files\Outlook Express
    [18/09/2009|19:30] C:\Program Files\Paint.NET
    [02/01/2009|11:22] C:\Program Files\QuickTime
    [17/12/2006|16:34] C:\Program Files\Real
    [19/09/2009|15:54] C:\Program Files\Realtek
    [15/08/2009|20:22] C:\Program Files\Reference Assemblies
    [28/04/2009|12:27] C:\Program Files\Securitoo
    [04/11/2006|19:17] C:\Program Files\Services en ligne
    [28/09/2009|22:38] C:\Program Files\Skype
    [09/12/2007|17:54] C:\Program Files\Sony Ericsson
    [04/10/2009|07:30] C:\Program Files\Spybot - Search & Destroy
    [06/07/2007|07:36] C:\Program Files\TomTom HOME
    [10/10/2009|23:43] C:\Program Files\Trend Micro
    [04/11/2006|19:28] C:\Program Files\Uninstall Information
    [09/05/2009|10:51] C:\Program Files\VideoLAN
    [13/04/2009|09:17] C:\Program Files\Windows Live
    [05/10/2009|18:40] C:\Program Files\Windows Live Safety Center
    [13/04/2009|09:15] C:\Program Files\Windows Live SkyDrive
    [12/12/2006|20:42] C:\Program Files\Windows Media Connect 2
    [15/04/2009|08:40] C:\Program Files\Windows Media Player
    [16/09/2008|09:17] C:\Program Files\Windows NT
    [04/11/2006|19:17] C:\Program Files\WindowsUpdate
    [17/12/2006|23:34] C:\Program Files\WinRAR
    [09/11/2006|19:56] C:\Program Files\WinZip
    [04/11/2006|19:18] C:\Program Files\xerox
    [02/10/2009|15:41] C:\Program Files\Yahoo!

    --------------------\\ Listing des dossiers dans C:\Program Files\Fichiers communs

    [01/06/2009|13:12] C:\Program Files\Fichiers communs\Adobe
    [06/11/2006|18:33] C:\Program Files\Fichiers communs\Ahead
    [02/10/2009|15:39] C:\Program Files\Fichiers communs\Apple
    [06/11/2006|17:58] C:\Program Files\Fichiers communs\DESIGNER
    [28/04/2009|12:25] C:\Program Files\Fichiers communs\France Telecom
    [27/09/2009|16:07] C:\Program Files\Fichiers communs\Hewlett-Packard
    [27/09/2009|16:08] C:\Program Files\Fichiers communs\HP
    [04/11/2006|19:48] C:\Program Files\Fichiers communs\InstallShield
    [29/05/2007|18:33] C:\Program Files\Fichiers communs\Java
    [06/11/2006|18:34] C:\Program Files\Fichiers communs\LightScribe
    [05/03/2009|23:34] C:\Program Files\Fichiers communs\Microsoft Shared
    [04/11/2006|19:16] C:\Program Files\Fichiers communs\MSSoap
    [06/11/2006|18:35] C:\Program Files\Fichiers communs\Nero
    [04/11/2006|19:58] C:\Program Files\Fichiers communs\ODBC
    [23/04/2009|17:27] C:\Program Files\Fichiers communs\Real
    [04/11/2006|19:16] C:\Program Files\Fichiers communs\Services
    [28/09/2009|22:38] C:\Program Files\Fichiers communs\Skype
    [09/12/2007|17:55] C:\Program Files\Fichiers communs\Sony Ericsson Shared
    [04/11/2006|19:58] C:\Program Files\Fichiers communs\SpeechEngines
    [16/09/2008|09:34] C:\Program Files\Fichiers communs\System
    [09/12/2007|17:55] C:\Program Files\Fichiers communs\Teleca Shared
    [01/06/2009|13:12] C:\Program Files\Fichiers communs\Vbox
    [17/03/2009|14:25] C:\Program Files\Fichiers communs\Windows Live
    [14/05/2008|09:42] C:\Program Files\Fichiers communs\WindowsLiveInstaller
    [23/04/2009|17:27] C:\Program Files\Fichiers communs\xing shared

    --------------------\\ Process

    ( 46 Processes )

    iexplore.exe ~ [PID:5920]

    --------------------\\ Recherche avec S_Lop

    Aucun fichier / dossier Lop trouvé !

    --------------------\\ Recherche de Fichiers / Dossiers Lop

    C:\DOCUME~1\DUPLAN~1\Cookies\duplantier@advertstream[1].txt
    C:\DOCUME~1\DUPLAN~1\Cookies\duplantier@bigpoint[2].txt
    C:\DOCUME~1\DUPLAN~1\Cookies\duplantier@darkorbit.bigpoint[2].txt
    C:\DOCUME~1\DUPLAN~1\Cookies\duplantier@seafight.bigpoint[1].txt
    C:\DOCUME~1\DUPLAN~1\Cookies\duplantier@thepimps.bigpoint[1].txt
    C:\DOCUME~1\DUPLAN~1\Cookies\duplantier@cotedazurpalace[2].txt
    C:\DOCUME~1\DUPLAN~1\Cookies\duplantier@serve.cotedazurpalace[1].txt
    C:\DOCUME~1\DUPLAN~1\Cookies\duplantier@www.cotedazurpalace[2].txt
    C:\DOCUME~1\DUPLAN~1\Cookies\duplantier@partypoker[2].txt
    C:\DOCUME~1\DUPLAN~1\Cookies\duplantier@seafight.bigpoint[1].txt

    --------------------\\ Verification du Registre

    ..... OK !

    --------------------\\ Verification du fichier Hosts

    Fichier Hosts PROPRE


    --------------------\\ Recherche de fichiers avec Catchme

    catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
    Rootkit scan 2009-10-19 00:40:19
    Windows 5.1.2600 Service Pack 3 NTFS
    scanning hidden processes ...
    scanning hidden files ...
    scan completed successfully
    hidden processes: 0
    hidden files: 100

    --------------------\\ Recherche d'autres infections

    --------------------\\ Cracks & Keygens ..

    C:\DOCUME~1\DUPLAN~1\Application Data\vlc\art\title\hail! hail! rock'n roll No serial(crack).avi
    C:\DOCUME~1\DUPLAN~1\Application Data\vlc\art\title\hail! hail! rock'n roll No serial(crack).avi\art.jpg


    [F:111][D:240]-> C:\DOCUME~1\DUPLAN~1\LOCALS~1\Temp
    [F:2421][D:0]-> C:\DOCUME~1\DUPLAN~1\Cookies
    [F:26037][D:55]-> C:\DOCUME~1\DUPLAN~1\LOCALS~1\TEMPOR~1\content.IE5

    1 - "C:\Lop SD\LopR_1.txt" - 05/10/2009|11:57 - Option : [1]
    2 - "C:\Lop SD\LopR_2.txt" - 07/10/2009| 7:08 - Option : [2]
    3 - "C:\Lop SD\LopR_3.txt" - 13/10/2009|10:22 - Option : [1]
    4 - "C:\Lop SD\LopR_4.txt" - 19/10/2009| 0:43 - Option : [1]

    --------------------\\ Fin du rapport a 0:43:05
    a b 8 Sécurité
    21 Octobre 2009 22:10:38

    Re,

    Choisis do a system scan only, coche ces lignes (si toujours présentes) :
    R3 - URLSearchHook: (no name) - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - (no file)
    O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file)
    O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll (file missing)
    O2 - BHO: Popup Manager - {08E74C67-99A6-45C7-94DA-A397A8FD8082} - (no file)
    O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
    O4 - HKLM\..\Run: [blue peak seek up] C:\Documents and Settings\All Users\Application Data\Program Amen Blue Peak\locks store.exe

    Ferme toutes les applications en cours (particulièrement ton navigateur Internet).
    Puis Fix Checked !

    &

    Sélectionne entièrement l'encadré ci-dessous , puis clique droit Copier

    C:\DOCUME~1\ALLUSE~1\APPLIC~1\Program Amen Blue Peak


    Relance Lop S&D.

  • Choisis cette fois ci l'Option 4 (LopScript)
  • Une page blanche va s'ouvrir , clique droit dessus et choisis Coller
  • Ferme la page , il te sera demandé de l'enregistrer , clique sur [Enregistrer]
  • Ne ferme pas la fenêtre lors de la suppression !
  • Poste le rapport généré (C:\lopR.txt)
    25 Octobre 2009 19:52:22

    bonjour.
    J'ai du m'absenter quelques jours...
    Me voila de nouveau et j'ai fait mes devoirs.
    Voici le rapport:


    --------------------\\ Lop S&D 4.2.5-0 XP/Vista

    Microsoft Windows XP Édition familiale ( v5.1.2600 ) Service Pack 3
    X86-based PC ( Multiprocessor Free : Intel(R) Core(TM)2 CPU 6600 @ 2.40GHz )
    BIOS : Award Modular BIOS v6.00PG
    USER : DUPLANTIER ( Administrator )
    BOOT : Normal boot
    Antivirus : AVG Anti-Virus Free 8.5 (Activated)
    A:\ (USB)
    C:\ (Local Disk) - NTFS - Total:45 Go (Free:23 Go)
    D:\ (Local Disk) - NTFS - Total:234 Go (Free:214 Go)
    E:\ (CD or DVD) - CDFS - Total:4 Go (Free:0 Go)

    "C:\Lop SD" ( MAJ : 19-12-2008|23:40 )
    Option : [4] ( 25/10/2009|19:48 )

    \\\\\\\\\\\\\\\\\\\\\\\\\\\\\\ Lop Script

    C:\DOCUME~1\ALLUSE~1\APPLIC~1\Program Amen Blue Peak


    \\\\\\\\\\\\\\\\\\\\\\\\\\\\\\ SUPPRESSION

    Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\Program Amen Blue Peak
    Supprime! - C:\DOCUME~1\DUPLAN~1\Cookies\duplantier@advertstream[1].txt
    Supprime! - C:\DOCUME~1\DUPLAN~1\Cookies\duplantier@d2.advertserve[1].txt
    Supprime! - C:\DOCUME~1\DUPLAN~1\Cookies\duplantier@bigpoint[2].txt
    Supprime! - C:\DOCUME~1\DUPLAN~1\Cookies\duplantier@darkorbit.bigpoint[2].txt
    Supprime! - C:\DOCUME~1\DUPLAN~1\Cookies\duplantier@seafight.bigpoint[1].txt
    Supprime! - C:\DOCUME~1\DUPLAN~1\Cookies\duplantier@thepimps.bigpoint[1].txt
    Supprime! - C:\DOCUME~1\DUPLAN~1\Cookies\duplantier@cotedazurpalace[1].txt
    Supprime! - C:\DOCUME~1\DUPLAN~1\Cookies\duplantier@serve.cotedazurpalace[1].txt
    Supprime! - C:\DOCUME~1\DUPLAN~1\Cookies\duplantier@www.cotedazurpalace[1].txt

    \\\\\\\\\\\\\\\\\\\\\\\\\\\\\\


    --------------------\\ Listing des dossiers dans APPLIC~1

    [04/11/2006|18:18] C:\DOCUME~1\ADMINI~1\APPLIC~1\Microsoft

    [02/01/2009|10:23] C:\DOCUME~1\ALLUSE~1\APPLIC~1\{3276BE95_AF08_429F_A64F_CA64CB79BCF6}
    [14/04/2009|07:33] C:\DOCUME~1\ALLUSE~1\APPLIC~1\{83C91755-2546-441D-AC40-9A6B4B860800}
    [18/05/2008|08:58] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe
    [02/01/2009|10:20] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple
    [02/01/2009|10:22] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple Computer
    [18/08/2009|12:16] C:\DOCUME~1\ALLUSE~1\APPLIC~1\avg8
    [06/11/2006|20:47] C:\DOCUME~1\ALLUSE~1\APPLIC~1\CyberLink
    [12/08/2009|15:52] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Fighters
    [06/10/2009|10:04] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Google
    [27/09/2009|15:14] C:\DOCUME~1\ALLUSE~1\APPLIC~1\HP
    [27/09/2009|15:09] C:\DOCUME~1\ALLUSE~1\APPLIC~1\HP Product Assistant
    [21/02/2009|07:44] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Lavasoft
    [09/10/2009|11:24] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Malwarebytes
    [05/10/2009|17:04] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft
    [08/11/2006|20:35] C:\DOCUME~1\ALLUSE~1\APPLIC~1\NVIDIA
    [09/11/2006|15:05] C:\DOCUME~1\ALLUSE~1\APPLIC~1\nView_Profiles
    [28/09/2009|21:38] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Skype
    [09/12/2007|16:55] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Sony Ericsson
    [04/10/2009|07:07] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Spybot - Search & Destroy
    [09/12/2007|16:55] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Teleca
    [02/07/2007|15:27] C:\DOCUME~1\ALLUSE~1\APPLIC~1\TomTom
    [27/09/2009|15:16] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WEBREG
    [06/11/2006|13:13] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Genuine Advantage
    [15/05/2008|08:52] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WLInstaller

    [04/11/2006|18:18] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft

    [11/02/2008|08:12] C:\DOCUME~1\DUPLAN~1\APPLIC~1\Adobe
    [17/05/2008|11:17] C:\DOCUME~1\DUPLAN~1\APPLIC~1\AdobeUM
    [02/01/2009|10:23] C:\DOCUME~1\DUPLAN~1\APPLIC~1\Apple Computer
    [29/09/2009|11:31] C:\DOCUME~1\DUPLAN~1\APPLIC~1\Creative
    [27/07/2008|18:26] C:\DOCUME~1\DUPLAN~1\APPLIC~1\dvdcss
    [11/12/2007|11:21] C:\DOCUME~1\DUPLAN~1\APPLIC~1\Google
    [13/12/2006|17:34] C:\DOCUME~1\DUPLAN~1\APPLIC~1\Help
    [06/10/2009|15:08] C:\DOCUME~1\DUPLAN~1\APPLIC~1\HP
    [25/10/2009|12:01] C:\DOCUME~1\DUPLAN~1\APPLIC~1\HPAppData
    [09/11/2006|15:02] C:\DOCUME~1\DUPLAN~1\APPLIC~1\HTNetMeter
    [26/11/2006|19:25] C:\DOCUME~1\DUPLAN~1\APPLIC~1\Identities
    [02/07/2007|15:24] C:\DOCUME~1\DUPLAN~1\APPLIC~1\InstallShield
    [03/03/2007|17:46] C:\DOCUME~1\DUPLAN~1\APPLIC~1\iPodder
    [31/07/2009|18:01] C:\DOCUME~1\DUPLAN~1\APPLIC~1\IrfanView
    [21/02/2009|10:50] C:\DOCUME~1\DUPLAN~1\APPLIC~1\Lavasoft
    [08/11/2006|00:17] C:\DOCUME~1\DUPLAN~1\APPLIC~1\Macromedia
    [09/10/2009|11:25] C:\DOCUME~1\DUPLAN~1\APPLIC~1\Malwarebytes
    [05/10/2009|17:04] C:\DOCUME~1\DUPLAN~1\APPLIC~1\Microsoft
    [17/12/2006|13:38] C:\DOCUME~1\DUPLAN~1\APPLIC~1\Mozilla
    [22/03/2007|19:00] C:\DOCUME~1\DUPLAN~1\APPLIC~1\MSNInstaller
    [23/04/2009|16:28] C:\DOCUME~1\DUPLAN~1\APPLIC~1\Real
    [25/10/2009|19:44] C:\DOCUME~1\DUPLAN~1\APPLIC~1\Skype
    [25/10/2009|11:26] C:\DOCUME~1\DUPLAN~1\APPLIC~1\skypePM
    [09/12/2007|16:56] C:\DOCUME~1\DUPLAN~1\APPLIC~1\Sony Ericsson
    [10/02/2008|14:38] C:\DOCUME~1\DUPLAN~1\APPLIC~1\SPAMfighter
    [02/10/2009|12:51] C:\DOCUME~1\DUPLAN~1\APPLIC~1\Spamihilator
    [29/05/2007|17:34] C:\DOCUME~1\DUPLAN~1\APPLIC~1\Sun
    [09/12/2007|17:23] C:\DOCUME~1\DUPLAN~1\APPLIC~1\Teleca
    [09/06/2009|16:35] C:\DOCUME~1\DUPLAN~1\APPLIC~1\vlc
    [27/09/2009|15:11] C:\DOCUME~1\DUPLAN~1\APPLIC~1\Yahoo!

    [24/01/2008|09:39] C:\DOCUME~1\INVIT~1\APPLIC~1\Google
    [24/01/2008|09:38] C:\DOCUME~1\INVIT~1\APPLIC~1\Identities
    [10/05/2009|06:23] C:\DOCUME~1\INVIT~1\APPLIC~1\Microsoft
    [24/01/2008|09:38] C:\DOCUME~1\INVIT~1\APPLIC~1\Real
    [24/01/2008|09:38] C:\DOCUME~1\INVIT~1\APPLIC~1\Sony Ericsson
    [24/01/2008|09:38] C:\DOCUME~1\INVIT~1\APPLIC~1\Teleca

    [10/05/2009|06:23] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft

    [10/05/2009|06:23] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft

    --------------------\\ Tâches planifiées dans C:\WINDOWS\tasks

    [25/10/2009 15:01][--a------] C:\WINDOWS\tasks\SLOW-PCfighter.job
    [20/10/2009 07:34][--a------] C:\WINDOWS\tasks\Ad-Aware Update (Weekly).job
    [25/10/2009 14:53][--ah-----] C:\WINDOWS\tasks\SA.DAT
    [02/03/2006 13:00][-r-h-----] C:\WINDOWS\tasks\desktop.ini

    --------------------\\ Listing des dossiers dans C:\Program Files

    [01/06/2009|12:12] C:\Program Files\Adobe
    [06/11/2006|17:33] C:\Program Files\Ahead
    [04/11/2006|18:44] C:\Program Files\Analog Devices
    [02/01/2009|10:21] C:\Program Files\Apple Software Update
    [04/11/2006|18:48] C:\Program Files\ASUS WiFi-AP Solo
    [23/07/2008|09:09] C:\Program Files\AVG
    [18/12/2006|15:08] C:\Program Files\Black Isle
    [02/01/2009|10:22] C:\Program Files\Bonjour
    [19/09/2009|14:49] C:\Program Files\Browser Configuration Utility
    [08/11/2008|07:49] C:\Program Files\CeWe Color
    [04/11/2006|18:15] C:\Program Files\ComPlus Applications
    [18/12/2007|21:57] C:\Program Files\Creative
    [04/11/2006|19:08] C:\Program Files\CyberLink
    [20/09/2009|14:48] C:\Program Files\Digital Image Recovery
    [26/12/2006|12:35] C:\Program Files\Electronic Arts
    [25/10/2009|18:47] C:\Program Files\eMule
    [13/02/2008|12:19] C:\Program Files\Everest Poker
    [28/09/2009|21:38] C:\Program Files\Fichiers communs
    [19/09/2009|14:49] C:\Program Files\GIGABYTE
    [06/10/2009|10:04] C:\Program Files\Google
    [06/11/2006|18:10] C:\Program Files\Hewlett-Packard
    [15/12/2006|06:11] C:\Program Files\HooTech
    [27/09/2009|15:10] C:\Program Files\HP
    [24/04/2007|17:53] C:\Program Files\IKEA HomePlanner
    [03/03/2007|17:11] C:\Program Files\Illustrate
    [02/10/2009|13:34] C:\Program Files\InstallShield Installation Information
    [04/11/2006|18:30] C:\Program Files\Intel
    [14/10/2009|17:59] C:\Program Files\Internet Explorer
    [02/01/2009|10:22] C:\Program Files\iPod
    [18/03/2007|12:04] C:\Program Files\IrfanView
    [02/01/2009|10:23] C:\Program Files\iTunes
    [23/05/2009|09:52] C:\Program Files\Java
    [03/03/2007|16:44] C:\Program Files\Juice
    [08/09/2009|16:21] C:\Program Files\Kroll Ontrack
    [14/04/2009|07:33] C:\Program Files\Lavasoft
    [03/03/2007|17:04] C:\Program Files\Magic RM to MP3 Converter
    [04/11/2006|18:47] C:\Program Files\Marvell
    [17/09/2008|19:00] C:\Program Files\Messenger
    [13/04/2009|08:17] C:\Program Files\Microsoft
    [13/06/2008|19:02] C:\Program Files\Microsoft ActiveSync
    [04/11/2006|18:18] C:\Program Files\microsoft frontpage
    [23/01/2009|15:50] C:\Program Files\Microsoft Office
    [12/09/2009|06:39] C:\Program Files\Microsoft Silverlight
    [13/04/2009|08:16] C:\Program Files\Microsoft SQL Server Compact Edition
    [06/11/2006|16:56] C:\Program Files\Microsoft.NET
    [16/09/2008|08:20] C:\Program Files\Movie Maker
    [25/10/2009|19:46] C:\Program Files\Mozilla Firefox
    [15/08/2009|19:22] C:\Program Files\MSBuild
    [23/01/2009|15:50] C:\Program Files\MSECache
    [22/03/2007|19:00] C:\Program Files\MSN
    [04/11/2006|18:14] C:\Program Files\MSN Gaming Zone
    [10/12/2007|20:00] C:\Program Files\MSXML 4.0
    [16/09/2008|08:18] C:\Program Files\NetMeeting
    [06/11/2006|13:15] C:\Program Files\Old Messenger
    [04/11/2006|18:14] C:\Program Files\Online Services
    [12/08/2009|17:03] C:\Program Files\Outlook Express
    [18/09/2009|18:30] C:\Program Files\Paint.NET
    [25/10/2009|11:48] C:\Program Files\QUAD Utilities
    [02/01/2009|10:22] C:\Program Files\QuickTime
    [17/12/2006|15:34] C:\Program Files\Real
    [19/09/2009|14:54] C:\Program Files\Realtek
    [15/08/2009|19:22] C:\Program Files\Reference Assemblies
    [28/04/2009|11:27] C:\Program Files\Securitoo
    [04/11/2006|18:17] C:\Program Files\Services en ligne
    [28/09/2009|21:38] C:\Program Files\Skype
    [09/12/2007|16:54] C:\Program Files\Sony Ericsson
    [04/10/2009|06:30] C:\Program Files\Spybot - Search & Destroy
    [06/07/2007|06:36] C:\Program Files\TomTom HOME
    [10/10/2009|22:43] C:\Program Files\Trend Micro
    [04/11/2006|18:28] C:\Program Files\Uninstall Information
    [09/05/2009|09:51] C:\Program Files\VideoLAN
    [13/04/2009|08:17] C:\Program Files\Windows Live
    [05/10/2009|17:40] C:\Program Files\Windows Live Safety Center
    [13/04/2009|08:15] C:\Program Files\Windows Live SkyDrive
    [12/12/2006|19:42] C:\Program Files\Windows Media Connect 2
    [15/04/2009|07:40] C:\Program Files\Windows Media Player
    [16/09/2008|08:17] C:\Program Files\Windows NT
    [04/11/2006|18:17] C:\Program Files\WindowsUpdate
    [17/12/2006|22:34] C:\Program Files\WinRAR
    [09/11/2006|18:56] C:\Program Files\WinZip
    [04/11/2006|18:18] C:\Program Files\xerox
    [02/10/2009|14:41] C:\Program Files\Yahoo!

    --------------------\\ Listing des dossiers dans C:\Program Files\Fichiers communs

    [01/06/2009|12:12] C:\Program Files\Fichiers communs\Adobe
    [06/11/2006|17:33] C:\Program Files\Fichiers communs\Ahead
    [02/10/2009|14:39] C:\Program Files\Fichiers communs\Apple
    [06/11/2006|16:58] C:\Program Files\Fichiers communs\DESIGNER
    [28/04/2009|11:25] C:\Program Files\Fichiers communs\France Telecom
    [27/09/2009|15:07] C:\Program Files\Fichiers communs\Hewlett-Packard
    [27/09/2009|15:08] C:\Program Files\Fichiers communs\HP
    [04/11/2006|18:48] C:\Program Files\Fichiers communs\InstallShield
    [29/05/2007|17:33] C:\Program Files\Fichiers communs\Java
    [06/11/2006|17:34] C:\Program Files\Fichiers communs\LightScribe
    [05/03/2009|22:34] C:\Program Files\Fichiers communs\Microsoft Shared
    [04/11/2006|18:16] C:\Program Files\Fichiers communs\MSSoap
    [06/11/2006|17:35] C:\Program Files\Fichiers communs\Nero
    [04/11/2006|18:58] C:\Program Files\Fichiers communs\ODBC
    [23/04/2009|16:27] C:\Program Files\Fichiers communs\Real
    [04/11/2006|18:16] C:\Program Files\Fichiers communs\Services
    [28/09/2009|21:38] C:\Program Files\Fichiers communs\Skype
    [09/12/2007|16:55] C:\Program Files\Fichiers communs\Sony Ericsson Shared
    [04/11/2006|18:58] C:\Program Files\Fichiers communs\SpeechEngines
    [16/09/2008|08:34] C:\Program Files\Fichiers communs\System
    [09/12/2007|16:55] C:\Program Files\Fichiers communs\Teleca Shared
    [01/06/2009|12:12] C:\Program Files\Fichiers communs\Vbox
    [17/03/2009|13:25] C:\Program Files\Fichiers communs\Windows Live
    [14/05/2008|08:42] C:\Program Files\Fichiers communs\WindowsLiveInstaller
    [23/04/2009|16:27] C:\Program Files\Fichiers communs\xing shared

    --------------------\\ Process

    ( 58 Processes )

    ... OK !

    --------------------\\ Recherche avec S_Lop

    Aucun fichier / dossier Lop trouvé !

    --------------------\\ Recherche de Fichiers / Dossiers Lop

    Aucun fichier / dossier Lop trouvé !

    --------------------\\ Verification du Registre

    ..... OK !

    --------------------\\ Verification du fichier Hosts

    Fichier Hosts PROPRE


    --------------------\\ Recherche de fichiers avec Catchme

    catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
    Rootkit scan 2009-10-25 19:40:39
    Windows 5.1.2600 Service Pack 3 NTFS
    scanning hidden processes ...
    scanning hidden files ...
    catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
    Rootkit scan 2009-10-25 19:49:00
    Windows 5.1.2600 Service Pack 3 NTFS
    scanning hidden processes ...
    scanning hidden files ...
    scan completed successfully
    hidden processes: 0
    hidden files: 100

    --------------------\\ Recherche d'autres infections

    --------------------\\ Cracks & Keygens ..

    C:\DOCUME~1\DUPLAN~1\Application Data\vlc\art\title\hail! hail! rock'n roll No serial(crack).avi
    C:\DOCUME~1\DUPLAN~1\Application Data\vlc\art\title\hail! hail! rock'n roll No serial(crack).avi\art.jpg


    [F:118][D:244]-> C:\DOCUME~1\DUPLAN~1\LOCALS~1\Temp
    [F:2428][D:0]-> C:\DOCUME~1\DUPLAN~1\Cookies
    [F:7964][D:39]-> C:\DOCUME~1\DUPLAN~1\LOCALS~1\TEMPOR~1\content.IE5

    1 - "C:\Lop SD\LopR_1.txt" - 05/10/2009|11:57 - Option : [1]
    2 - "C:\Lop SD\LopR_2.txt" - 07/10/2009| 7:08 - Option : [2]
    3 - "C:\Lop SD\LopR_3.txt" - 13/10/2009|10:22 - Option : [1]
    4 - "C:\Lop SD\LopR_4.txt" - 19/10/2009| 0:43 - Option : [1]
    5 - "C:\Lop SD\LopR_5.txt" - 25/10/2009|19:50 - Option : [4]

    --------------------\\ Fin du rapport a 19:50:53
    a b 8 Sécurité
    25 Octobre 2009 21:22:06

    Reposte un rapport Hijackthis :) 
    26 Octobre 2009 12:19:13

    Le voici
    Merci pour la réactivité...



    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 12:18:16, on 26/10/2009
    Platform: Windows XP SP3 (WinNT 5.01.2600)
    MSIE: Internet Explorer v7.00 (7.00.6000.16915)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
    C:\Program Files\Bonjour\mDNSResponder.exe
    C:\WINDOWS\system32\CTsvcCDA.exe
    C:\Program Files\GIGABYTE\EnergySaver\GSvr.exe
    C:\WINDOWS\system32\svchost.exe
    C:\Program Files\Java\jre6\bin\jqs.exe
    C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\nvsvc32.exe
    C:\PROGRA~1\AVG\AVG8\avgrsx.exe
    C:\PROGRA~1\AVG\AVG8\avgnsx.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\svchost.exe
    C:\PROGRA~1\AVG\AVG8\avgemc.exe
    C:\Program Files\AVG\AVG8\avgcsrvx.exe
    C:\Program Files\AVG\AVG8\avgcsrvx.exe
    C:\WINDOWS\Explorer.EXE
    C:\Program Files\Analog Devices\SoundMAX\Smax4.exe
    C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
    C:\Program Files\Java\jre6\bin\jusched.exe
    C:\WINDOWS\system32\rundll32.exe
    C:\Program Files\TomTom HOME\TomTomHOME.exe
    C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe
    C:\Program Files\iTunes\iTunesHelper.exe
    C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
    C:\PROGRA~1\AVG\AVG8\avgtray.exe
    C:\WINDOWS\system32\RUNDLL32.EXE
    C:\WINDOWS\RTHDCPL.EXE
    C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
    C:\Program Files\Skype\Phone\Skype.exe
    C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\Creative\MediaSource\Detector\CTDetect.exe
    C:\Program Files\iPod\bin\iPodService.exe
    C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
    C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
    C:\PROGRA~1\MICROS~3\rapimgr.exe
    C:\Program Files\Microsoft ActiveSync\wcescomm.exe
    C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
    C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe
    C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe
    C:\Program Files\Fichiers communs\Teleca Shared\Generic.exe
    C:\Program Files\Sony Ericsson\Mobile2\Mobile Phone Monitor\epmworker.exe
    C:\Program Files\Skype\Plugin Manager\skypePM.exe
    C:\Program Files\Windows Live\Contacts\wlcomm.exe
    C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
    C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe
    C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_clipbook.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\Program Files\eMule\emule.exe
    C:\Program Files\AVG\AVG8\avgscanx.exe
    C:\Program Files\AVG\AVG8\avgcsrvx.exe
    C:\Program Files\Mozilla Firefox\firefox.exe
    C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_clipbook.exe
    C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.mediapart.fr/
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.trooner.com/
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
    R3 - URLSearchHook: DeviceVM Url Search Hook - {0063BF63-BFFF-4B8F-9D26-4267DF7F17DD} - C:\WINDOWS\system32\dvmurl.dll
    O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file)
    O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll
    O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll (file missing)
    O2 - BHO: (no name) - {08E74C67-99A6-45C7-94DA-A397A8FD8082} - (no file)
    O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
    O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll
    O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
    O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
    O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
    O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
    O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
    O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe
    O4 - HKLM\..\Run: [SoundMAX] "C:\Program Files\Analog Devices\SoundMAX\Smax4.exe" /tray
    O4 - HKLM\..\Run: [JMB36X Configure] C:\WINDOWS\system32\JMRaidTool.exe boot
    O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
    O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
    O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
    O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
    O4 - HKLM\..\Run: [TomTomHOME.exe] "C:\Program Files\TomTom HOME\TomTomHOME.exe" -s
    O4 - HKLM\..\Run: [Sony Ericsson PC Suite] "C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe" /startoptions
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
    O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
    O4 - HKLM\..\Run: [Ad-Watch] C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe
    O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
    O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe
    O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
    O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
    O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
    O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
    O4 - HKLM\..\Run: [CrocPopup+ ] C:\PROGRA~1\CROCPO~1\CROCPO~1.exe
    O4 - HKLM\..\Run: [Malwarebytes Anti-Malware (reboot)] "C:\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscript
    O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
    O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
    O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [Creative Detector] "C:\Program Files\Creative\MediaSource\Detector\CTDetect.exe" /R
    O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
    O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
    O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
    O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
    O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
    O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
    O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
    O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\WINDOWS\system32\GPhotos.scr/200
    O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
    O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_803138DCE93649E4.dll/cmsidewiki.html
    O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
    O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
    O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~3\INetRepl.dll
    O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~3\INetRepl.dll
    O9 - Extra 'Tools' menuitem: Créer un favori mobile... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~3\INetRepl.dll
    O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
    O9 - Extra button: Afficher ou masquer l'HP Smart Web Printing - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
    O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
    O9 - Extra 'Tools' menuitem: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
    O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} (Windows Live Safety Center Base Module) - http://cdn.scan.onecare.live.com/resource/download/scan...
    O16 - DPF: {8F48147B-78D9-40F9-ACC0-BDDE59B246F4} (AccountHelper Class) - http://www.tele2mail.com/static/apps/utils/AccountHelpe...
    O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/fl...
    O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll
    O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL
    O20 - Winlogon Notify: avgrsstarter - C:\WINDOWS\SYSTEM32\avgrsstx.dll
    O23 - Service: AVG Free8 E-mail Scanner (avg8emc) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgemc.exe
    O23 - Service: AVG Free8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
    O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
    O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTsvcCDA.exe
    O23 - Service: GEST Service for program management. (GEST Service) - Unknown owner - C:\Program Files\GIGABYTE\EnergySaver\GSvr.exe
    O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1150\Intel 32\IDriverT.exe
    O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
    O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
    O23 - Service: Lavasoft Ad-Aware Service - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
    O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
    O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe

    --
    End of file - 12537 bytes
    a b 8 Sécurité
    26 Octobre 2009 19:40:16

    Tu as encore des soucis ?
    27 Octobre 2009 11:59:46

    Non!
    Merci beaucoup.
    A toi.
    A toute l'equipe du forum. vous faites un boulot tip top!!

    Je rajoute resolu au titre...

    Merci encore.

    Je ferai plus gaffe a l'avenir...
    Tom's guide dans le monde
    • Allemagne
    • Italie
    • Irlande
    • Royaume Uni
    • Etats Unis
    Suivre Tom's Guide
    Inscrivez-vous à la Newsletter
    • ajouter à twitter
    • ajouter à facebook
    • ajouter un flux RSS