Se connecter / S'enregistrer
Votre question

PC qui rame et iexplore.exe a 100%

Tags :
  • Sécurité
Dernière réponse : dans Sécurité et virus
26 Avril 2008 19:29:19

Bonjour,
Je viens de créer un compte ici en espérant avoir un peu d'aide.

En effet, je suis sur un PC qui est très lent au démarrage, et rame comme pas possible. J'ai consulter les processus, et au démarrage j'ai le processus iexplore.exe (et non iexplorer.exe) qui consomme de plus en plus la ressource processeur pour arriver à 100% de l'UC. Lorsque je le kille, il réapparait plusieurs fois, je le tue jusqu'à ce que ça marche.

Mais j'aimerais bien me débarasser de ce problème qui je supose est un virus, seulement je ne sais pas vraiment comment m'y prendre.

Merci de votre aide.

Je suis sous Windows XP

Autres pages sur : rame iexplore exe 100

26 Avril 2008 19:30:33

Voici le scan HiJackThis :

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 19:25:27, on 26/04/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\PROGRA~1\Hardware\Keyboard\Ikeymain.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\Papa-Maman-Caro\Bureau\HiJackThis\scanner.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://recherche.neuf.fr/
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://recherche.neuf.fr/ie/default.html
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = "C:\Program Files\MSN Gaming Zone\Windows\bckgzm.exe"
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (file missing)
O2 - BHO: WinXS - {4E7BD74F-2B8D-469E-D4F3-BF2CF4D5FA7D} - C:\PROGRA~1\MAXIFI~1\IEBand\mf.dll (file missing)
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - C:\Program Files\MSN Apps\ST\01.02.3000.1002\en-xu\stmain.dll (file missing)
O2 - BHO: MSNToolBandBHO - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\01.02.3000.1001\fr\msntb.dll (file missing)
O2 - BHO: (no name) - {F82226A0-0353-5DDC-B67D-D01073712227} - C:\DOCUME~1\GUILLA~1\APPLIC~1\CASHDA~1\Lies Mess.exe (file missing)
O3 - Toolbar: (no name) - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - (no file)
O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\01.02.3000.1001\fr\msntb.dll (file missing)
O3 - Toolbar: WinXS - {4E7BD74F-2B8D-469E-D4F3-BF2CF4D5FA7D} - C:\PROGRA~1\MAXIFI~1\IEBand\mf.dll (file missing)
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [iKeyWorks] C:\PROGRA~1\Hardware\Keyboard\Ikeymain.exe
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\Run: [MSConfig] C:\WINDOWS\PCHealth\HelpCtr\Binaries\MSConfig.exe /auto
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [mode bind] C:\DOCUME~1\PAPA-M~1\APPLIC~1\TIMEME~1\bore more load.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra button: AOL Toolbar - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - C:\WINDOWS\System32\shdocvw.dll
O9 - Extra 'Tools' menuitem: AOL Toolbar - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - C:\WINDOWS\System32\shdocvw.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\System32\Shdocvw.dll
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab31267....
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://www.kaspersky.com/kos/english/kavwebscan_unicode...
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.ca...
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.bitdefender.fr/scan_fr/scan8/oscan8.cab
O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} (HardwareDetection Control) - http://drivers1.free.fr/hardwaredetection.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClie...
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/msnmessengersetupdown...
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPACl...
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe

--
End of file - 7156 bytes
26 Avril 2008 19:33:34

:hello:  Bonjour,

Télécharge Lop S&D.exe ( d’ Eric 71 & Angeldark ) sur ton bureau. ~>Tuto<~
  • Double-clique dessus pour lancer l'installation
  • Puis double-clique sur le raccourci Lop S&D présent sur ton bureau
  • Séléctionne la langue souhaitée , puis choisis l'Option 1 ( Recherche )
  • Patiente jusqu'à la fin du scan
  • Poste le rapport généré ( C:\lopR.txt )
    (Si le Bureau ne réapparait pas presse Ctrl + Alt + Suppr , Onglet Fichier , Nouvelle tâche , tape explorer.exe et valide)

    ;) 
    Contenus similaires
    26 Avril 2008 19:43:28

    Voila le rapport (merci pour cette réponse rapide !)


    -----------------------[ Lop S&D 4.2.0-1 XP/Vista ]---------------------

    [ Windows XP (NT 5.1) Build 2600, Service Pack 2 ]
    [ USER : Papa-Maman-Caro ] [ "C:\Lop SD" ] [ Selection : 1 ]
    [ 26/04/2008 | 19:38:57,17 ] [ PC : GUILLAUME ]
    [ MAJ : 26-04-2008 | 11:00 ]

    -------------[ Listing des dossiers dans Application Data ]------------

    [19/04/2008|12:44] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe
    [06/02/2005|20:13] C:\DOCUME~1\ALLUSE~1\APPLIC~1\AOL
    [05/05/2006|21:42] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple Computer
    [25/02/2008|12:50] C:\DOCUME~1\ALLUSE~1\APPLIC~1\AtomCurbCopyDefault
    [31/07/2004|00:21] C:\DOCUME~1\ALLUSE~1\APPLIC~1\desktop.ini
    [12/03/2005|15:14] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Kaspersky Anti-Virus Personal
    [26/04/2008|09:34] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Kaspersky Lab
    [25/02/2008|12:50] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Mail For File Wave
    [22/10/2005|23:26] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Messenger Plus!
    [17/11/2007|21:17] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft
    [02/08/2004|20:56] C:\DOCUME~1\ALLUSE~1\APPLIC~1\MSN6
    [16/10/2004|19:31] C:\DOCUME~1\ALLUSE~1\APPLIC~1\nView_Profiles
    [12/04/2008|20:40] C:\DOCUME~1\ALLUSE~1\APPLIC~1\QTSBandwidthCache
    [30/06/2005|19:17] C:\DOCUME~1\ALLUSE~1\APPLIC~1\QuickTime
    [30/06/2005|20:40] C:\DOCUME~1\ALLUSE~1\APPLIC~1\River Past G3
    [14/07/2006|15:10] C:\DOCUME~1\ALLUSE~1\APPLIC~1\savebodyhoperef
    [19/04/2008|13:30] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Spybot - Search & Destroy
    [17/12/2006|22:35] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Symantec
    [09/08/2004|12:30] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Viewpoint
    [31/01/2008|20:23] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WinZip
    [25/02/2008|12:36] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WLInstaller

    [31/07/2004|00:21] C:\DOCUME~1\DEFAUL~1\APPLIC~1\desktop.ini
    [01/12/2007|20:02] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft

    [25/04/2008|23:10] C:\DOCUME~1\GUILLA~1\APPLIC~1\Adobe
    [06/02/2005|20:13] C:\DOCUME~1\GUILLA~1\APPLIC~1\AOL
    [22/06/2005|18:38] C:\DOCUME~1\GUILLA~1\APPLIC~1\Apple Computer
    [22/02/2005|19:14] C:\DOCUME~1\GUILLA~1\APPLIC~1\Atari
    [08/01/2005|15:08] C:\DOCUME~1\GUILLA~1\APPLIC~1\Azureus
    [13/07/2006|23:33] C:\DOCUME~1\GUILLA~1\APPLIC~1\BitTorrent
    [05/06/2005|20:25] C:\DOCUME~1\GUILLA~1\APPLIC~1\Cash Dash Chin
    [31/12/2004|18:43] C:\DOCUME~1\GUILLA~1\APPLIC~1\Checkflow
    [31/07/2004|00:21] C:\DOCUME~1\GUILLA~1\APPLIC~1\desktop.ini
    [30/06/2005|19:20] C:\DOCUME~1\GUILLA~1\APPLIC~1\FotoWire
    [20/07/2005|20:42] C:\DOCUME~1\GUILLA~1\APPLIC~1\Google
    [01/10/2004|20:37] C:\DOCUME~1\GUILLA~1\APPLIC~1\Help
    [30/07/2004|23:37] C:\DOCUME~1\GUILLA~1\APPLIC~1\Identities
    [14/09/2004|12:29] C:\DOCUME~1\GUILLA~1\APPLIC~1\Jasc
    [02/01/2005|20:54] C:\DOCUME~1\GUILLA~1\APPLIC~1\Lavasoft
    [22/06/2005|21:57] C:\DOCUME~1\GUILLA~1\APPLIC~1\Macromedia
    [19/12/2005|00:30] C:\DOCUME~1\GUILLA~1\APPLIC~1\Microsoft
    [27/02/2005|20:18] C:\DOCUME~1\GUILLA~1\APPLIC~1\Mozilla
    [02/08/2004|20:56] C:\DOCUME~1\GUILLA~1\APPLIC~1\MSN6
    [31/07/2004|13:14] C:\DOCUME~1\GUILLA~1\APPLIC~1\Nikon
    [04/08/2005|22:06] C:\DOCUME~1\GUILLA~1\APPLIC~1\Real
    [11/12/2004|16:57] C:\DOCUME~1\GUILLA~1\APPLIC~1\SBSoft
    [08/01/2005|14:28] C:\DOCUME~1\GUILLA~1\APPLIC~1\Sun
    [15/09/2006|20:58] C:\DOCUME~1\GUILLA~1\APPLIC~1\Symantec
    [29/04/2005|22:44] C:\DOCUME~1\GUILLA~1\APPLIC~1\Talkback
    [14/07/2006|15:11] C:\DOCUME~1\GUILLA~1\APPLIC~1\timemediaheart
    [17/11/2007|20:34] C:\DOCUME~1\GUILLA~1\APPLIC~1\vlc
    [09/08/2004|12:30] C:\DOCUME~1\GUILLA~1\APPLIC~1\You've Got Pictures Screensaver

    [30/07/2004|23:30] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft

    [01/12/2007|20:01] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft
    [15/09/2006|21:58] C:\DOCUME~1\NETWOR~1\APPLIC~1\Symantec

    [26/01/2008|11:25] C:\DOCUME~1\PAPA-M~1\APPLIC~1\Adobe
    [06/02/2005|20:13] C:\DOCUME~1\PAPA-M~1\APPLIC~1\AOL
    [06/05/2006|15:11] C:\DOCUME~1\PAPA-M~1\APPLIC~1\Apple Computer
    [31/07/2004|00:21] C:\DOCUME~1\PAPA-M~1\APPLIC~1\desktop.ini
    [24/02/2007|00:50] C:\DOCUME~1\PAPA-M~1\APPLIC~1\dvdcss
    [23/12/2005|18:12] C:\DOCUME~1\PAPA-M~1\APPLIC~1\Ecran de veille
    [21/11/2004|14:11] C:\DOCUME~1\PAPA-M~1\APPLIC~1\Help
    [25/10/2004|17:58] C:\DOCUME~1\PAPA-M~1\APPLIC~1\Identities
    [17/11/2007|20:11] C:\DOCUME~1\PAPA-M~1\APPLIC~1\InstallShield
    [19/04/2008|11:12] C:\DOCUME~1\PAPA-M~1\APPLIC~1\LimeWire
    [10/12/2006|13:38] C:\DOCUME~1\PAPA-M~1\APPLIC~1\Macromedia
    [25/11/2007|13:26] C:\DOCUME~1\PAPA-M~1\APPLIC~1\Microsoft
    [30/03/2005|20:22] C:\DOCUME~1\PAPA-M~1\APPLIC~1\Mozilla
    [26/02/2008|20:56] C:\DOCUME~1\PAPA-M~1\APPLIC~1\MSN6
    [22/06/2006|18:44] C:\DOCUME~1\PAPA-M~1\APPLIC~1\Nikon
    [03/04/2008|17:32] C:\DOCUME~1\PAPA-M~1\APPLIC~1\Real
    [13/12/2004|16:44] C:\DOCUME~1\PAPA-M~1\APPLIC~1\SBSoft
    [18/03/2007|16:24] C:\DOCUME~1\PAPA-M~1\APPLIC~1\Screenshot Sender
    [10/04/2005|14:26] C:\DOCUME~1\PAPA-M~1\APPLIC~1\Sun
    [08/07/2005|16:28] C:\DOCUME~1\PAPA-M~1\APPLIC~1\Talkback
    [25/04/2008|20:22] C:\DOCUME~1\PAPA-M~1\APPLIC~1\timemediaheart
    [22/12/2007|22:06] C:\DOCUME~1\PAPA-M~1\APPLIC~1\U3
    [24/12/2006|22:36] C:\DOCUME~1\PAPA-M~1\APPLIC~1\vlc

    ----------------[ Tâches planifiées dans C:\WINDOWS\tasks ]---------------

    [25/04/2008 23:07][--ah-----] C:\WINDOWS\tasks\A9E96A669192E1E2.job
    [22/07/2005 07:07][--a------] C:\WINDOWS\tasks\Reveil.job
    [26/04/2008 19:05][--ah-----] C:\WINDOWS\tasks\SA.DAT
    [28/08/2001 14:00][-r-h-----] C:\WINDOWS\tasks\desktop.ini

    A9E96A669192E1E2.job <--> c:\docume~1\papa-m~1\applic~1\timeme~1\support

    ---------------[ Listing des dossiers dans C:\Program Files ]--------------

    [15/07/2006|20:10] C:\Program Files\7-Zip
    [10/06/2006|23:09] C:\Program Files\ACE Mega CoDecS Pack
    [31/10/2007|13:11] C:\Program Files\Acro Software
    [15/03/2006|13:10] C:\Program Files\Activision
    [19/04/2008|12:44] C:\Program Files\Adobe
    [27/06/2006|12:06] C:\Program Files\Adolix
    [03/04/2005|18:17] C:\Program Files\Alcohol Soft
    [14/07/2006|15:01] C:\Program Files\Alwil Software
    [08/09/2006|13:52] C:\Program Files\CCleaner
    [16/10/2004|15:35] C:\Program Files\CDex_150
    [25/02/2008|12:48] C:\Program Files\Circle Developement
    [08/09/2006|13:40] C:\Program Files\Cool MP3 Converter
    [31/10/2007|16:20] C:\Program Files\Crimson Editor
    [22/01/2005|14:52] C:\Program Files\CyberLink
    [07/05/2005|21:07] C:\Program Files\Desktop.ini
    [21/05/2007|16:22] C:\Program Files\DivX
    [26/11/2004|16:22] C:\Program Files\fb_3do10p.SFS
    [26/11/2004|17:05] C:\Program Files\fb_maps09p.SFS
    [25/04/2008|23:51] C:\Program Files\Fichiers communs
    [27/06/2006|13:48] C:\Program Files\GameSpy Arcade
    [23/07/2006|18:27] C:\Program Files\Google
    [10/01/2007|21:14] C:\Program Files\Hardware
    [26/11/2004|18:06] C:\Program Files\il2_core.dll
    [26/11/2004|18:49] C:\Program Files\il2_coreP4.dll
    [07/10/2006|19:10] C:\Program Files\Illusion Softworks
    [17/11/2007|21:01] C:\Program Files\InstallShield Installation Information
    [11/04/2008|19:29] C:\Program Files\Internet Explorer
    [31/07/2004|19:53] C:\Program Files\Jasc Software Inc
    [19/04/2008|13:36] C:\Program Files\Java
    [29/07/2005|16:01] C:\Program Files\Lavalys
    [22/01/2005|14:54] C:\Program Files\Lavasoft
    [12/04/2008|12:38] C:\Program Files\LimeWire
    [30/06/2005|19:20] C:\Program Files\Logitech
    [06/02/2005|22:37] C:\Program Files\Matroska Playback Pack
    [06/02/2005|23:32] C:\Program Files\MatroskaProp
    [18/02/2005|20:29] C:\Program Files\Messenger
    [01/10/2006|14:21] C:\Program Files\Messenger Plus! 3
    [25/02/2008|12:48] C:\Program Files\Messenger Plus! Live
    [26/11/2004|11:35] C:\Program Files\mg_snd.dll
    [26/11/2004|11:39] C:\Program Files\mg_snd_sse.dll
    [23/02/2007|16:21] C:\Program Files\MicroProse Software
    [26/02/2008|20:14] C:\Program Files\Microsoft CAPICOM 2.1.0.2
    [30/07/2004|23:31] C:\Program Files\microsoft frontpage
    [15/07/2006|17:22] C:\Program Files\Microsoft Games
    [22/01/2005|21:41] C:\Program Files\Microsoft Office
    [25/02/2008|12:57] C:\Program Files\Microsoft SQL Server Compact Edition
    [20/09/2006|19:49] C:\Program Files\Monte Cristo
    [13/02/2005|14:29] C:\Program Files\Movie Maker
    [26/04/2008|19:20] C:\Program Files\Mozilla Firefox
    [25/12/2005|16:09] C:\Program Files\MP3 To Wave Maker Plus
    [06/02/2005|23:33] C:\Program Files\MRT Codecs Pack
    [26/02/2008|20:56] C:\Program Files\MSN
    [30/07/2004|23:27] C:\Program Files\MSN Gaming Zone
    [25/02/2008|12:48] C:\Program Files\MSN Messenger
    [18/11/2006|00:36] C:\Program Files\MSXML 4.0
    [13/02/2005|14:25] C:\Program Files\NetMeeting
    [16/11/2007|20:41] C:\Program Files\Neuf
    [31/07/2004|13:14] C:\Program Files\Nikon
    [17/12/2006|22:08] C:\Program Files\Norton AntiVirus
    [19/04/2008|12:28] C:\Program Files\OpenCV
    [13/06/2007|19:22] C:\Program Files\Outlook Express
    [24/07/2006|00:51] C:\Program Files\Power Tab Software
    [15/07/2006|21:23] C:\Program Files\Project64 1.6
    [08/09/2006|13:42] C:\Program Files\QuickTime
    [14/01/2005|18:31] C:\Program Files\Real
    [17/11/2007|21:01] C:\Program Files\REALTEK RTL8187 Wireless LAN Driver and Utility
    [08/09/2006|13:46] C:\Program Files\RegSupreme
    [06/10/2006|17:40] C:\Program Files\Securitoo
    [30/07/2004|23:30] C:\Program Files\Services en ligne
    [19/04/2008|13:25] C:\Program Files\Spybot - Search & Destroy
    [25/02/2008|12:49] C:\Program Files\timemediaheart
    [26/04/2008|19:14] C:\Program Files\Trend Micro
    [28/03/2005|19:12] C:\Program Files\trial_setup.ini
    [31/07/2004|00:54] C:\Program Files\VIAudioi
    [19/04/2008|12:50] C:\Program Files\VideoLAN
    [09/08/2004|12:30] C:\Program Files\Viewpoint
    [09/12/2006|19:02] C:\Program Files\Wanadoo
    [31/12/2004|11:41] C:\Program Files\Wanadoo Messager
    [19/04/2008|12:50] C:\Program Files\Winamp
    [27/02/2008|20:55] C:\Program Files\Windows Live
    [13/12/2006|17:26] C:\Program Files\Windows Media Connect 2
    [13/12/2006|17:26] C:\Program Files\Windows Media Player
    [13/02/2005|14:25] C:\Program Files\Windows NT
    [21/05/2007|16:35] C:\Program Files\WinRAR
    [31/01/2008|20:23] C:\Program Files\WinZip
    [30/07/2004|23:31] C:\Program Files\xerox
    [29/12/2007|22:30] C:\Program Files\Yahoo!
    [11/03/2005|14:37] C:\Program Files\Zone Labs

    ------[ Listing des dossiers dans C:\Program Files\Fichiers communs ]------

    [19/04/2008|12:44] C:\Program Files\Fichiers communs\Adobe
    [08/09/2006|13:41] C:\Program Files\Fichiers communs\AOL
    [28/08/2004|11:04] C:\Program Files\Fichiers communs\AVP Shared
    [22/01/2005|21:41] C:\Program Files\Fichiers communs\DESIGNER
    [30/06/2005|19:20] C:\Program Files\Fichiers communs\FotoWire
    [03/04/2005|19:03] C:\Program Files\Fichiers communs\InstallShield
    [30/11/2007|20:46] C:\Program Files\Fichiers communs\Java
    [30/06/2005|19:18] C:\Program Files\Fichiers communs\Logitech
    [25/02/2008|12:37] C:\Program Files\Fichiers communs\Microsoft Shared
    [30/07/2004|23:28] C:\Program Files\Fichiers communs\MSSoap
    [31/07/2004|13:13] C:\Program Files\Fichiers communs\Nikon
    [09/08/2004|12:29] C:\Program Files\Fichiers communs\Nullsoft
    [04/08/2005|22:04] C:\Program Files\Fichiers communs\Real
    [30/07/2004|23:29] C:\Program Files\Fichiers communs\Services
    [31/07/2004|00:21] C:\Program Files\Fichiers communs\SpeechEngines
    [17/12/2006|22:34] C:\Program Files\Fichiers communs\Symantec Shared
    [13/06/2007|19:22] C:\Program Files\Fichiers communs\System
    [25/02/2008|12:52] C:\Program Files\Fichiers communs\WindowsLiveInstaller
    [04/08/2005|22:04] C:\Program Files\Fichiers communs\xing shared

    ---------------------------[ Process ]--------------------------

    ... 31

    iexplore.exe ~ [1204]
    iexplore.exe ~ [3084]

    ----------------------[ Recherche avec S_Lop ]---------------------

    Aucun fichier / dossier Lop trouvé !

    -----------------[ Recherche de Fichiers / Dossiers Lop ]-----------------

    C:\DOCUME~1\GUILLA~1\APPLIC~1\timeme~1
    C:\DOCUME~1\PAPA-M~1\APPLIC~1\timeme~1
    C:\DOCUME~1\PAPA-M~1\APPLIC~1\timeme~1\bore more load.exe
    C:\DOCUME~1\PAPA-M~1\APPLIC~1\timeme~1\qqbawwqj.exe
    C:\DOCUME~1\PAPA-M~1\APPLIC~1\timeme~1\Real Meet Barb Sect.exe
    C:\DOCUME~1\PAPA-M~1\APPLIC~1\timeme~1\support open dart.exe
    C:\Program Files\timeme~1
    C:\Program Files\Circle Developement
    C:\Program Files\Circle Developement\Uninstall.exe
    C:\WINDOWS\Tasks\A9E96A669192E1E2.job

    ----------------------[ Verification du Registre ]----------------------

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "mode bind"="C:\\DOCUME~1\\PAPA-M~1\\APPLIC~1\\TIMEME~1\\bore more load.exe"

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

    --------------------[ Verification du fichier Hosts ]---------------------

    Fichier Hosts MODIFIE

    127.0.0.1 bin.errorprotector.com ## added by CiD
    127.0.0.1 br.errorsafe.com ## added by CiD
    127.0.0.1 br.winantivirus.com ## added by CiD
    127.0.0.1 br.winfixer.com ## added by CiD
    127.0.0.1 cdn.drivecleaner.com ## added by CiD
    127.0.0.1 cdn.errorsafe.com ## added by CiD
    127.0.0.1 cdn.winsoftware.com ## added by CiD
    127.0.0.1 de.errorsafe.com ## added by CiD
    127.0.0.1 de.winantivirus.com ## added by CiD
    127.0.0.1 download.cdn.drivecleaner.com ## added by CiD
    127.0.0.1 download.cdn.errorsafe.com ## added by CiD
    127.0.0.1 download.cdn.winsoftware.com ## added by CiD
    127.0.0.1 download.errorsafe.com ## added by CiD
    127.0.0.1 download.systemdoctor.com ## added by CiD
    127.0.0.1 download.winantispyware.com ## added by CiD
    127.0.0.1 download.windrivecleaner.com ## added by CiD
    127.0.0.1 download.winfixer.com ## added by CiD
    127.0.0.1 drivecleaner.com ## added by CiD
    127.0.0.1 dynamique.drivecleaner.com ## added by CiD
    127.0.0.1 errorprotector.com ## added by CiD
    127.0.0.1 errorsafe.com ## added by CiD
    127.0.0.1 es.winantivirus.com ## added by CiD
    127.0.0.1 fr.winantivirus.com ## added by CiD
    127.0.0.1 fr.winfixer.com ## added by CiD
    127.0.0.1 go.drivecleaner.com ## added by CiD
    127.0.0.1 go.errorsafe.com ## added by CiD
    127.0.0.1 go.winantispyware.com ## added by CiD
    127.0.0.1 go.winantivirus.com ## added by CiD
    127.0.0.1 hk.winantivirus.com ## added by CiD
    127.0.0.1 instlog.errorsafe.com ## added by CiD
    127.0.0.1 instlog.winantivirus.com ## added by CiD
    127.0.0.1 instlog.winfixer.com ## added by CiD
    127.0.0.1 jsp.drivecleaner.com ## added by CiD
    127.0.0.1 kb.errorsafe.com ## added by CiD
    127.0.0.1 kb.winantivirus.com ## added by CiD
    127.0.0.1 nl.errorsafe.com ## added by CiD
    127.0.0.1 se.errorsafe.com ## added by CiD
    127.0.0.1 secure.drivecleaner.com ## added by CiD
    127.0.0.1 secure.errorsafe.com ## added by CiD
    127.0.0.1 secure.winantispam.com ## added by CiD
    127.0.0.1 secure.winantispy.com ## added by CiD
    127.0.0.1 secure.winantivirus.com ## added by CiD
    127.0.0.1 support.winantivirus.com ## added by CiD
    127.0.0.1 trial.updates.winsoftware.com ## added by CiD
    127.0.0.1 ulog.winantivirus.com ## added by CiD
    127.0.0.1 utils.errorsafe.com ## added by CiD
    127.0.0.1 utils.winantivirus.com ## added by CiD
    127.0.0.1 utils.winfixer.com ## added by CiD
    127.0.0.1 winantispyware.com ## added by CiD
    127.0.0.1 winantivirus.com ## added by CiD
    127.0.0.1 winfixer.com ## added by CiD
    127.0.0.1 winfixer2006.com ## added by CiD
    127.0.0.1 winsoftware.com ## added by CiD
    127.0.0.1 www.drivecleaner.com ## added by CiD
    127.0.0.1 www.errorprotector.com ## added by CiD
    127.0.0.1 www.errorsafe.com ## added by CiD
    127.0.0.1 www.systemdoctor.com ## added by CiD
    127.0.0.1 www.utils.winfixer.com ## added by CiD
    127.0.0.1 www.win-anti-virus-pro.com ## added by CiD
    127.0.0.1 www.win-virus-pro.com ## added by CiD
    127.0.0.1 www.winantispam.com ## added by CiD
    127.0.0.1 www.winantispy.com ## added by CiD
    127.0.0.1 www.winantispyware.com ## added by CiD
    127.0.0.1 www.winantivirus.com ## added by CiD
    127.0.0.1 www.winantiviruspro.com ## added by CiD
    127.0.0.1 www.windrivecleaner.com ## added by CiD
    127.0.0.1 www.windrivesafe.com ## added by CiD
    127.0.0.1 www.winfixer.com ## added by CiD
    127.0.0.1 www.winfixer2006.com ## added by CiD
    127.0.0.1 www.winsoftware.com ## added by CiD

    -> 8250 ( 70 ## added by CiD )

    /!\ 1 Not 127.0.0.1 !!

    ----------------[ Recherche de fichiers avec Catchme ]-----------------

    catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
    Rootkit scan 2008-04-26 19:40:40
    Windows 5.1.2600 Service Pack 2 NTFS
    scanning hidden processes ...
    scanning hidden files ...
    scan completed successfully
    hidden processes: 0
    hidden files: 0

    --------------------[ Recherche d'autres infections ]---------------------


    Aucune autre infection trouvée !

    /!\ [Fich:18][Doss:0] C:\DOCUME~1\PAPA-M~1\Cookies
    /!\ [Fich:156][Doss:4] C:\DOCUME~1\PAPA-M~1\LOCALS~1\TEMPOR~1\content.IE5

    --------------------[ Fin du rapport a 19:42:13,65 ]----------------------
    26 Avril 2008 20:50:08

    Re,

    Relance Lop S&D

  • Choisis cette fois ci l'Option 2 ( Suppression )
  • Ne ferme pas la fenêtre lors de la suppression !
  • Poste le rapport généré ( C:\lopR.txt )

    (Si le Bureau ne réapparaît pas presse Ctrl + Alt + Suppr , Onglet Fichier , Nouvelle tâche , tape explorer.exe et valide)

    + nouveau rapport hijackthis.

    ;) 
    26 Avril 2008 21:00:15

    Alors voilà le rapport lopR.txt


    -----------------------[ Lop S&D 4.2.0-1 XP/Vista ]---------------------

    [ Windows XP (NT 5.1) Build 2600, Service Pack 2 ]
    [ USER : Papa-Maman-Caro ] [ "C:\Lop SD" ] [ Selection : 2 ]
    [ 26/04/2008 | 20:54:56,64 ] [ PC : GUILLAUME ]
    [ MAJ : 26-04-2008 | 11:00 ]


    \\\\\\\\\\\\\\\\\\\\\\\\\\\\\\ SUPPRESSION /////////////////////////////

    Supprimé! - C:\DOCUME~1\PAPA-M~1\APPLIC~1\timeme~1\bore more load.exe
    Supprimé! - C:\DOCUME~1\PAPA-M~1\APPLIC~1\timeme~1\qqbawwqj.exe
    Supprimé! - C:\DOCUME~1\PAPA-M~1\APPLIC~1\timeme~1\Real Meet Barb Sect.exe
    Supprimé! - C:\DOCUME~1\PAPA-M~1\APPLIC~1\timeme~1\support open dart.exe
    Supprimé! - C:\Program Files\Circle Developement\Uninstall.exe
    Supprimé! - C:\WINDOWS\Tasks\A9E96A669192E1E2.job
    Supprimé! - C:\DOCUME~1\GUILLA~1\APPLIC~1\timeme~1
    Supprimé! - C:\DOCUME~1\PAPA-M~1\APPLIC~1\timeme~1
    Supprimé! - C:\Program Files\timeme~1
    Supprimé! - C:\Program Files\Circle Developement
    Restauré! - Fichier Hosts

    //////////////////////////////////////-\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\


    -------------[ Listing des dossiers dans Application Data ]------------

    [19/04/2008|12:44] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe
    [06/02/2005|20:13] C:\DOCUME~1\ALLUSE~1\APPLIC~1\AOL
    [05/05/2006|21:42] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple Computer
    [25/02/2008|12:50] C:\DOCUME~1\ALLUSE~1\APPLIC~1\AtomCurbCopyDefault
    [31/07/2004|00:21] C:\DOCUME~1\ALLUSE~1\APPLIC~1\desktop.ini
    [12/03/2005|15:14] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Kaspersky Anti-Virus Personal
    [26/04/2008|09:34] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Kaspersky Lab
    [26/04/2008|19:56] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Lavasoft
    [25/02/2008|12:50] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Mail For File Wave
    [22/10/2005|23:26] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Messenger Plus!
    [17/11/2007|21:17] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft
    [02/08/2004|20:56] C:\DOCUME~1\ALLUSE~1\APPLIC~1\MSN6
    [16/10/2004|19:31] C:\DOCUME~1\ALLUSE~1\APPLIC~1\nView_Profiles
    [12/04/2008|20:40] C:\DOCUME~1\ALLUSE~1\APPLIC~1\QTSBandwidthCache
    [30/06/2005|19:17] C:\DOCUME~1\ALLUSE~1\APPLIC~1\QuickTime
    [30/06/2005|20:40] C:\DOCUME~1\ALLUSE~1\APPLIC~1\River Past G3
    [14/07/2006|15:10] C:\DOCUME~1\ALLUSE~1\APPLIC~1\savebodyhoperef
    [19/04/2008|13:30] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Spybot - Search & Destroy
    [17/12/2006|22:35] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Symantec
    [09/08/2004|12:30] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Viewpoint
    [31/01/2008|20:23] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WinZip
    [25/02/2008|12:36] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WLInstaller

    [31/07/2004|00:21] C:\DOCUME~1\DEFAUL~1\APPLIC~1\desktop.ini
    [01/12/2007|20:02] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft

    [25/04/2008|23:10] C:\DOCUME~1\GUILLA~1\APPLIC~1\Adobe
    [06/02/2005|20:13] C:\DOCUME~1\GUILLA~1\APPLIC~1\AOL
    [22/06/2005|18:38] C:\DOCUME~1\GUILLA~1\APPLIC~1\Apple Computer
    [22/02/2005|19:14] C:\DOCUME~1\GUILLA~1\APPLIC~1\Atari
    [08/01/2005|15:08] C:\DOCUME~1\GUILLA~1\APPLIC~1\Azureus
    [13/07/2006|23:33] C:\DOCUME~1\GUILLA~1\APPLIC~1\BitTorrent
    [05/06/2005|20:25] C:\DOCUME~1\GUILLA~1\APPLIC~1\Cash Dash Chin
    [31/12/2004|18:43] C:\DOCUME~1\GUILLA~1\APPLIC~1\Checkflow
    [31/07/2004|00:21] C:\DOCUME~1\GUILLA~1\APPLIC~1\desktop.ini
    [30/06/2005|19:20] C:\DOCUME~1\GUILLA~1\APPLIC~1\FotoWire
    [20/07/2005|20:42] C:\DOCUME~1\GUILLA~1\APPLIC~1\Google
    [01/10/2004|20:37] C:\DOCUME~1\GUILLA~1\APPLIC~1\Help
    [30/07/2004|23:37] C:\DOCUME~1\GUILLA~1\APPLIC~1\Identities
    [14/09/2004|12:29] C:\DOCUME~1\GUILLA~1\APPLIC~1\Jasc
    [02/01/2005|20:54] C:\DOCUME~1\GUILLA~1\APPLIC~1\Lavasoft
    [22/06/2005|21:57] C:\DOCUME~1\GUILLA~1\APPLIC~1\Macromedia
    [19/12/2005|00:30] C:\DOCUME~1\GUILLA~1\APPLIC~1\Microsoft
    [27/02/2005|20:18] C:\DOCUME~1\GUILLA~1\APPLIC~1\Mozilla
    [02/08/2004|20:56] C:\DOCUME~1\GUILLA~1\APPLIC~1\MSN6
    [31/07/2004|13:14] C:\DOCUME~1\GUILLA~1\APPLIC~1\Nikon
    [04/08/2005|22:06] C:\DOCUME~1\GUILLA~1\APPLIC~1\Real
    [08/01/2005|14:28] C:\DOCUME~1\GUILLA~1\APPLIC~1\Sun
    [15/09/2006|20:58] C:\DOCUME~1\GUILLA~1\APPLIC~1\Symantec
    [29/04/2005|22:44] C:\DOCUME~1\GUILLA~1\APPLIC~1\Talkback
    [17/11/2007|20:34] C:\DOCUME~1\GUILLA~1\APPLIC~1\vlc
    [09/08/2004|12:30] C:\DOCUME~1\GUILLA~1\APPLIC~1\You've Got Pictures Screensaver

    [30/07/2004|23:30] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft

    [01/12/2007|20:01] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft
    [15/09/2006|21:58] C:\DOCUME~1\NETWOR~1\APPLIC~1\Symantec

    [26/01/2008|11:25] C:\DOCUME~1\PAPA-M~1\APPLIC~1\Adobe
    [06/02/2005|20:13] C:\DOCUME~1\PAPA-M~1\APPLIC~1\AOL
    [06/05/2006|15:11] C:\DOCUME~1\PAPA-M~1\APPLIC~1\Apple Computer
    [31/07/2004|00:21] C:\DOCUME~1\PAPA-M~1\APPLIC~1\desktop.ini
    [24/02/2007|00:50] C:\DOCUME~1\PAPA-M~1\APPLIC~1\dvdcss
    [23/12/2005|18:12] C:\DOCUME~1\PAPA-M~1\APPLIC~1\Ecran de veille
    [21/11/2004|14:11] C:\DOCUME~1\PAPA-M~1\APPLIC~1\Help
    [25/10/2004|17:58] C:\DOCUME~1\PAPA-M~1\APPLIC~1\Identities
    [17/11/2007|20:11] C:\DOCUME~1\PAPA-M~1\APPLIC~1\InstallShield
    [19/04/2008|11:12] C:\DOCUME~1\PAPA-M~1\APPLIC~1\LimeWire
    [10/12/2006|13:38] C:\DOCUME~1\PAPA-M~1\APPLIC~1\Macromedia
    [25/11/2007|13:26] C:\DOCUME~1\PAPA-M~1\APPLIC~1\Microsoft
    [30/03/2005|20:22] C:\DOCUME~1\PAPA-M~1\APPLIC~1\Mozilla
    [26/02/2008|20:56] C:\DOCUME~1\PAPA-M~1\APPLIC~1\MSN6
    [22/06/2006|18:44] C:\DOCUME~1\PAPA-M~1\APPLIC~1\Nikon
    [03/04/2008|17:32] C:\DOCUME~1\PAPA-M~1\APPLIC~1\Real
    [18/03/2007|16:24] C:\DOCUME~1\PAPA-M~1\APPLIC~1\Screenshot Sender
    [10/04/2005|14:26] C:\DOCUME~1\PAPA-M~1\APPLIC~1\Sun
    [08/07/2005|16:28] C:\DOCUME~1\PAPA-M~1\APPLIC~1\Talkback
    [22/12/2007|22:06] C:\DOCUME~1\PAPA-M~1\APPLIC~1\U3
    [24/12/2006|22:36] C:\DOCUME~1\PAPA-M~1\APPLIC~1\vlc

    ----------------[ Tâches planifiées dans C:\WINDOWS\tasks ]---------------

    [22/07/2005 07:07][--a------] C:\WINDOWS\tasks\Reveil.job
    [26/04/2008 19:05][--ah-----] C:\WINDOWS\tasks\SA.DAT
    [28/08/2001 14:00][-r-h-----] C:\WINDOWS\tasks\desktop.ini

    ---------------[ Listing des dossiers dans C:\Program Files ]--------------

    [15/07/2006|20:10] C:\Program Files\7-Zip
    [10/06/2006|23:09] C:\Program Files\ACE Mega CoDecS Pack
    [31/10/2007|13:11] C:\Program Files\Acro Software
    [15/03/2006|13:10] C:\Program Files\Activision
    [19/04/2008|12:44] C:\Program Files\Adobe
    [27/06/2006|12:06] C:\Program Files\Adolix
    [03/04/2005|18:17] C:\Program Files\Alcohol Soft
    [14/07/2006|15:01] C:\Program Files\Alwil Software
    [08/09/2006|13:52] C:\Program Files\CCleaner
    [16/10/2004|15:35] C:\Program Files\CDex_150
    [08/09/2006|13:40] C:\Program Files\Cool MP3 Converter
    [31/10/2007|16:20] C:\Program Files\Crimson Editor
    [22/01/2005|14:52] C:\Program Files\CyberLink
    [07/05/2005|21:07] C:\Program Files\Desktop.ini
    [21/05/2007|16:22] C:\Program Files\DivX
    [26/11/2004|16:22] C:\Program Files\fb_3do10p.SFS
    [26/11/2004|17:05] C:\Program Files\fb_maps09p.SFS
    [26/04/2008|19:54] C:\Program Files\Fichiers communs
    [27/06/2006|13:48] C:\Program Files\GameSpy Arcade
    [23/07/2006|18:27] C:\Program Files\Google
    [10/01/2007|21:14] C:\Program Files\Hardware
    [26/11/2004|18:06] C:\Program Files\il2_core.dll
    [26/11/2004|18:49] C:\Program Files\il2_coreP4.dll
    [07/10/2006|19:10] C:\Program Files\Illusion Softworks
    [17/11/2007|21:01] C:\Program Files\InstallShield Installation Information
    [11/04/2008|19:29] C:\Program Files\Internet Explorer
    [31/07/2004|19:53] C:\Program Files\Jasc Software Inc
    [19/04/2008|13:36] C:\Program Files\Java
    [29/07/2005|16:01] C:\Program Files\Lavalys
    [26/04/2008|19:55] C:\Program Files\Lavasoft
    [12/04/2008|12:38] C:\Program Files\LimeWire
    [30/06/2005|19:20] C:\Program Files\Logitech
    [06/02/2005|22:37] C:\Program Files\Matroska Playback Pack
    [06/02/2005|23:32] C:\Program Files\MatroskaProp
    [18/02/2005|20:29] C:\Program Files\Messenger
    [01/10/2006|14:21] C:\Program Files\Messenger Plus! 3
    [25/02/2008|12:48] C:\Program Files\Messenger Plus! Live
    [26/11/2004|11:35] C:\Program Files\mg_snd.dll
    [26/11/2004|11:39] C:\Program Files\mg_snd_sse.dll
    [23/02/2007|16:21] C:\Program Files\MicroProse Software
    [26/02/2008|20:14] C:\Program Files\Microsoft CAPICOM 2.1.0.2
    [30/07/2004|23:31] C:\Program Files\microsoft frontpage
    [15/07/2006|17:22] C:\Program Files\Microsoft Games
    [22/01/2005|21:41] C:\Program Files\Microsoft Office
    [25/02/2008|12:57] C:\Program Files\Microsoft SQL Server Compact Edition
    [20/09/2006|19:49] C:\Program Files\Monte Cristo
    [13/02/2005|14:29] C:\Program Files\Movie Maker
    [26/04/2008|19:20] C:\Program Files\Mozilla Firefox
    [25/12/2005|16:09] C:\Program Files\MP3 To Wave Maker Plus
    [06/02/2005|23:33] C:\Program Files\MRT Codecs Pack
    [26/02/2008|20:56] C:\Program Files\MSN
    [30/07/2004|23:27] C:\Program Files\MSN Gaming Zone
    [25/02/2008|12:48] C:\Program Files\MSN Messenger
    [18/11/2006|00:36] C:\Program Files\MSXML 4.0
    [13/02/2005|14:25] C:\Program Files\NetMeeting
    [16/11/2007|20:41] C:\Program Files\Neuf
    [31/07/2004|13:14] C:\Program Files\Nikon
    [17/12/2006|22:08] C:\Program Files\Norton AntiVirus
    [19/04/2008|12:28] C:\Program Files\OpenCV
    [13/06/2007|19:22] C:\Program Files\Outlook Express
    [24/07/2006|00:51] C:\Program Files\Power Tab Software
    [15/07/2006|21:23] C:\Program Files\Project64 1.6
    [08/09/2006|13:42] C:\Program Files\QuickTime
    [14/01/2005|18:31] C:\Program Files\Real
    [17/11/2007|21:01] C:\Program Files\REALTEK RTL8187 Wireless LAN Driver and Utility
    [08/09/2006|13:46] C:\Program Files\RegSupreme
    [06/10/2006|17:40] C:\Program Files\Securitoo
    [30/07/2004|23:30] C:\Program Files\Services en ligne
    [19/04/2008|13:25] C:\Program Files\Spybot - Search & Destroy
    [26/04/2008|19:14] C:\Program Files\Trend Micro
    [28/03/2005|19:12] C:\Program Files\trial_setup.ini
    [31/07/2004|00:54] C:\Program Files\VIAudioi
    [19/04/2008|12:50] C:\Program Files\VideoLAN
    [09/08/2004|12:30] C:\Program Files\Viewpoint
    [09/12/2006|19:02] C:\Program Files\Wanadoo
    [31/12/2004|11:41] C:\Program Files\Wanadoo Messager
    [19/04/2008|12:50] C:\Program Files\Winamp
    [27/02/2008|20:55] C:\Program Files\Windows Live
    [13/12/2006|17:26] C:\Program Files\Windows Media Connect 2
    [13/12/2006|17:26] C:\Program Files\Windows Media Player
    [13/02/2005|14:25] C:\Program Files\Windows NT
    [21/05/2007|16:35] C:\Program Files\WinRAR
    [31/01/2008|20:23] C:\Program Files\WinZip
    [30/07/2004|23:31] C:\Program Files\xerox
    [29/12/2007|22:30] C:\Program Files\Yahoo!
    [11/03/2005|14:37] C:\Program Files\Zone Labs

    ------[ Listing des dossiers dans C:\Program Files\Fichiers communs ]------

    [19/04/2008|12:44] C:\Program Files\Fichiers communs\Adobe
    [08/09/2006|13:41] C:\Program Files\Fichiers communs\AOL
    [28/08/2004|11:04] C:\Program Files\Fichiers communs\AVP Shared
    [22/01/2005|21:41] C:\Program Files\Fichiers communs\DESIGNER
    [30/06/2005|19:20] C:\Program Files\Fichiers communs\FotoWire
    [03/04/2005|19:03] C:\Program Files\Fichiers communs\InstallShield
    [30/11/2007|20:46] C:\Program Files\Fichiers communs\Java
    [30/06/2005|19:18] C:\Program Files\Fichiers communs\Logitech
    [25/02/2008|12:37] C:\Program Files\Fichiers communs\Microsoft Shared
    [30/07/2004|23:28] C:\Program Files\Fichiers communs\MSSoap
    [31/07/2004|13:13] C:\Program Files\Fichiers communs\Nikon
    [09/08/2004|12:29] C:\Program Files\Fichiers communs\Nullsoft
    [04/08/2005|22:04] C:\Program Files\Fichiers communs\Real
    [30/07/2004|23:29] C:\Program Files\Fichiers communs\Services
    [31/07/2004|00:21] C:\Program Files\Fichiers communs\SpeechEngines
    [17/12/2006|22:34] C:\Program Files\Fichiers communs\Symantec Shared
    [13/06/2007|19:22] C:\Program Files\Fichiers communs\System
    [25/02/2008|12:52] C:\Program Files\Fichiers communs\WindowsLiveInstaller
    [26/04/2008|19:54] C:\Program Files\Fichiers communs\Wise Installation Wizard
    [04/08/2005|22:04] C:\Program Files\Fichiers communs\xing shared

    ---------------------------[ Process ]--------------------------

    ... 29

    ... OK !

    ----------------------[ Recherche avec S_Lop ]---------------------

    Aucun fichier / dossier Lop trouvé !

    -----------------[ Recherche de Fichiers / Dossiers Lop ]-----------------

    Aucun fichier / dossier Lop trouvé !

    ----------------------[ Verification du Registre ]----------------------

    ..... OK !

    --------------------[ Verification du fichier Hosts ]---------------------

    Fichier Hosts PROPRE


    ----------------[ Recherche de fichiers avec Catchme ]-----------------

    catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
    Rootkit scan 2008-04-26 20:56:44
    Windows 5.1.2600 Service Pack 2 NTFS
    scanning hidden processes ...
    scanning hidden files ...
    scan completed successfully
    hidden processes: 0
    hidden files: 0

    --------------------[ Recherche d'autres infections ]---------------------


    Aucune autre infection trouvée !

    /!\ [Fich:2][Doss:2] C:\DOCUME~1\PAPA-M~1\LOCALS~1\Temp
    /!\ [Fich:11][Doss:0] C:\DOCUME~1\PAPA-M~1\Cookies
    /!\ [Fich:155][Doss:4] C:\DOCUME~1\PAPA-M~1\LOCALS~1\TEMPOR~1\content.IE5

    --------------------[ Fin du rapport a 20:59:00,57 ]----------------------
    26 Avril 2008 21:01:24

    Et voilà le nouveau HJT

    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 21:00:39, on 26/04/2008
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
    C:\Program Files\Alwil Software\Avast4\ashServ.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
    C:\PROGRA~1\Hardware\Keyboard\Ikeymain.exe
    C:\WINDOWS\system32\rundll32.exe
    C:\Program Files\Messenger\msmsgs.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
    C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
    C:\WINDOWS\system32\wuauclt.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\Mozilla Firefox\firefox.exe
    C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
    C:\WINDOWS\system32\cmd.exe
    C:\WINDOWS\explorer.exe
    C:\WINDOWS\system32\notepad.exe
    C:\Documents and Settings\Papa-Maman-Caro\Bureau\HiJackThis\scanner.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://recherche.neuf.fr/
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://recherche.neuf.fr/ie/default.html
    R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = "C:\Program Files\MSN Gaming Zone\Windows\bckgzm.exe"
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
    O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (file missing)
    O2 - BHO: WinXS - {4E7BD74F-2B8D-469E-D4F3-BF2CF4D5FA7D} - C:\PROGRA~1\MAXIFI~1\IEBand\mf.dll (file missing)
    O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
    O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
    O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - C:\Program Files\MSN Apps\ST\01.02.3000.1002\en-xu\stmain.dll (file missing)
    O2 - BHO: MSNToolBandBHO - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\01.02.3000.1001\fr\msntb.dll (file missing)
    O2 - BHO: (no name) - {F82226A0-0353-5DDC-B67D-D01073712227} - C:\DOCUME~1\GUILLA~1\APPLIC~1\CASHDA~1\Lies Mess.exe (file missing)
    O3 - Toolbar: (no name) - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - (no file)
    O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\01.02.3000.1001\fr\msntb.dll (file missing)
    O3 - Toolbar: WinXS - {4E7BD74F-2B8D-469E-D4F3-BF2CF4D5FA7D} - C:\PROGRA~1\MAXIFI~1\IEBand\mf.dll (file missing)
    O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
    O4 - HKLM\..\Run: [iKeyWorks] C:\PROGRA~1\Hardware\Keyboard\Ikeymain.exe
    O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
    O4 - HKLM\..\Run: [MSConfig] C:\WINDOWS\PCHealth\HelpCtr\Binaries\MSConfig.exe /auto
    O4 - HKCU\..\Run: [mode bind] C:\DOCUME~1\PAPA-M~1\APPLIC~1\TIMEME~1\bore more load.exe
    O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL')
    O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU')
    O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
    O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
    O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
    O9 - Extra button: AOL Toolbar - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - C:\WINDOWS\System32\shdocvw.dll
    O9 - Extra 'Tools' menuitem: AOL Toolbar - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - C:\WINDOWS\System32\shdocvw.dll
    O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
    O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
    O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL
    O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\System32\Shdocvw.dll
    O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab31267....
    O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://www.kaspersky.com/kos/english/kavwebscan_unicode...
    O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.ca...
    O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.bitdefender.fr/scan_fr/scan8/oscan8.cab
    O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} (HardwareDetection Control) - http://drivers1.free.fr/hardwaredetection.cab
    O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClie...
    O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/msnmessengersetupdown...
    O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPACl...
    O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
    O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
    O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
    O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
    O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe

    --
    End of file - 7264 bytes
    26 Avril 2008 21:20:00

    Re,

    Désinstalle avast, redémarre et supprime ~~>C:\Program Files\Alwil Software

    Télécharge ccleaner (>>tuto à lire !<<), tu download «the latest version » puis installe le en décochant - Ajouter la Barre d'Outils Yahoo! CCleaner
    Puis lance le nettoyage, puis fais chercher des erreurs et sauvegardes si tu le souhaites.

    Télécharge et installe Antivir. (tuto)
    Pourquoi changer ? : Avast! vs Antivir
    mais aussi:
    14 antivirus au banc d'essai
    Citation :
    Antivir : le plus efficace des gratuits

    Vérifie qu’il soit bien à jour ! Fais une analyse complète en mode sans échec, sauvegarde le rapport et poste le moi.

    ;) 
    27 Avril 2008 13:44:00

    Voila le scan Antivir (à noter que je l'ai fait en deux, fois je l'ai lancé hier soir, mais vu qu'il allait finir très tard je l'ai relancé ce matin.

    Hier, il a trouvé 4 virus et voici le rapport de ce matin :



    Avira AntiVir Personal
    Report file date: dimanche 27 avril 2008 10:12

    Scanning for 1237787 virus strains and unwanted programs.

    Licensed to: Avira AntiVir PersonalEdition Classic
    Serial number: 0000149996-ADJIE-0001
    Platform: Windows XP
    Windows version: (Service Pack 2) [5.1.2600]
    Boot mode: Save mode
    Username: *****
    Computer name: *****

    Version information:
    BUILD.DAT : 8.1.00.295 16479 Bytes 09/04/2008 16:24:00
    AVSCAN.EXE : 8.1.2.12 311553 Bytes 26/04/2008 19:49:05
    AVSCAN.DLL : 8.1.1.0 53505 Bytes 26/04/2008 19:49:05
    LUKE.DLL : 8.1.2.9 151809 Bytes 26/04/2008 19:49:05
    LUKERES.DLL : 8.1.2.1 12033 Bytes 26/04/2008 19:49:05
    ANTIVIR0.VDF : 6.40.0.0 11030528 Bytes 18/07/2007 13:27:15
    ANTIVIR1.VDF : 7.0.3.2 5447168 Bytes 07/03/2008 19:49:06
    ANTIVIR2.VDF : 7.0.3.197 1260032 Bytes 22/04/2008 19:49:06
    ANTIVIR3.VDF : 7.0.3.216 137216 Bytes 25/04/2008 19:49:06
    Engineversion : 8.1.0.35
    AEVDF.DLL : 8.1.0.5 102772 Bytes 26/04/2008 19:49:06
    AESCRIPT.DLL : 8.1.0.27 233851 Bytes 26/04/2008 19:49:06
    AESCN.DLL : 8.1.0.14 119156 Bytes 26/04/2008 19:49:06
    AERDL.DLL : 8.1.0.20 418165 Bytes 26/04/2008 19:49:06
    AEPACK.DLL : 8.1.1.2 364917 Bytes 26/04/2008 19:49:06
    AEOFFICE.DLL : 8.1.0.18 192890 Bytes 26/04/2008 19:49:06
    AEHEUR.DLL : 8.1.0.20 1196406 Bytes 26/04/2008 19:49:06
    AEHELP.DLL : 8.1.0.14 115063 Bytes 26/04/2008 19:49:06
    AEGEN.DLL : 8.1.0.18 299381 Bytes 26/04/2008 19:49:06
    AEEMU.DLL : 8.1.0.5 430450 Bytes 26/04/2008 19:49:06
    AECORE.DLL : 8.1.0.27 168310 Bytes 26/04/2008 19:49:06
    AVWINLL.DLL : 1.0.0.7 14593 Bytes 26/04/2008 19:49:05
    AVPREF.DLL : 8.0.0.1 25857 Bytes 26/04/2008 19:49:05
    AVREP.DLL : 7.0.0.1 155688 Bytes 16/04/2007 12:16:24
    AVREG.DLL : 8.0.0.0 30977 Bytes 26/04/2008 19:49:05
    AVARKT.DLL : 1.0.0.23 307457 Bytes 26/04/2008 19:49:05
    AVEVTLOG.DLL : 8.0.0.11 114945 Bytes 26/04/2008 19:49:05
    SQLITE3.DLL : 3.3.17.1 339968 Bytes 26/04/2008 19:49:06
    SMTPLIB.DLL : 1.2.0.19 28929 Bytes 26/04/2008 19:49:06
    NETNT.DLL : 8.0.0.1 7937 Bytes 26/04/2008 19:49:06
    RCIMAGE.DLL : 8.0.0.35 2371841 Bytes 26/04/2008 19:49:01
    RCTEXT.DLL : 8.0.32.0 86273 Bytes 26/04/2008 19:49:01

    Configuration settings for the scan:
    Jobname..........................: Local Hard Disks
    Configuration file...............: c:\program files\avira\antivir personaledition classic\alldiscs.avp
    Logging..........................: low
    Primary action...................: interactive
    Secondary action.................: ignore
    Scan master boot sector..........: on
    Scan boot sector.................: on
    Boot sectors.....................: C:,
    Scan memory......................: on
    Process scan.....................: on
    Scan registry....................: on
    Search for rootkits..............: off
    Scan all files...................: Intelligent file selection
    Scan archives....................: on
    Recursion depth..................: 20
    Smart extensions.................: on
    Macro heuristic..................: on
    File heuristic...................: medium

    Start of the scan: dimanche 27 avril 2008 10:12

    The scan of running processes will be started
    Scan process 'avscan.exe' - '1' Module(s) have been scanned
    Scan process 'avcenter.exe' - '1' Module(s) have been scanned
    Scan process 'explorer.exe' - '1' Module(s) have been scanned
    Scan process 'svchost.exe' - '1' Module(s) have been scanned
    Scan process 'aawservice.exe' - '1' Module(s) have been scanned
    Scan process 'svchost.exe' - '1' Module(s) have been scanned
    Scan process 'svchost.exe' - '1' Module(s) have been scanned
    Scan process 'lsass.exe' - '1' Module(s) have been scanned
    Scan process 'services.exe' - '1' Module(s) have been scanned
    Scan process 'winlogon.exe' - '1' Module(s) have been scanned
    Scan process 'csrss.exe' - '1' Module(s) have been scanned
    Scan process 'smss.exe' - '1' Module(s) have been scanned
    12 processes with 12 modules were scanned

    Starting master boot sector scan:
    Master boot sector HD0
    [INFO] No virus was found!

    Start scanning boot sectors:
    Boot sector 'C:\'
    [INFO] No virus was found!

    Starting to scan the registry.
    The registry was scanned ( '42' files ).


    Starting the file scan:

    Begin scan in 'C:\'
    C:\pagefile.sys
    [WARNING] The file could not be opened!
    C:\WINDOWS\$NtUninstallKB828741$\catsrv.dll
    [WARNING] The file could not be opened!
    C:\WINDOWS\$NtUninstallKB828741$\catsrvut.dll
    [WARNING] The file could not be opened!
    C:\WINDOWS\$NtUninstallKB828741$\clbcatex.dll
    [WARNING] The file could not be opened!
    C:\WINDOWS\$NtUninstallKB828741$\clbcatq.dll
    [WARNING] The file could not be opened!
    C:\WINDOWS\$NtUninstallKB828741$\colbact.dll
    [WARNING] The file could not be opened!
    C:\WINDOWS\$NtUninstallKB828741$\comadmin.dll
    [WARNING] The file could not be opened!
    C:\WINDOWS\$NtUninstallKB828741$\comrepl.exe
    [WARNING] The file could not be opened!
    C:\WINDOWS\$NtUninstallKB828741$\comsvcs.dll
    [WARNING] The file could not be opened!
    C:\WINDOWS\$NtUninstallKB828741$\comuid.dll
    [WARNING] The file could not be opened!
    C:\WINDOWS\$NtUninstallKB828741$\es.dll
    [WARNING] The file could not be opened!
    C:\WINDOWS\$NtUninstallKB828741$\migregdb.exe
    [WARNING] The file could not be opened!
    C:\WINDOWS\$NtUninstallKB828741$\msdtcprx.dll
    [WARNING] The file could not be opened!
    C:\WINDOWS\$NtUninstallKB828741$\msdtctm.dll
    [WARNING] The file could not be opened!
    C:\WINDOWS\$NtUninstallKB828741$\msdtcuiu.dll
    [WARNING] The file could not be opened!
    C:\WINDOWS\$NtUninstallKB828741$\mtxclu.dll
    [WARNING] The file could not be opened!
    C:\WINDOWS\$NtUninstallKB828741$\mtxoci.dll
    [WARNING] The file could not be opened!
    C:\WINDOWS\$NtUninstallKB828741$\ole32.dll
    [WARNING] The file could not be opened!
    C:\WINDOWS\$NtUninstallKB828741$\rpcrt4.dll
    [WARNING] The file could not be opened!
    C:\WINDOWS\$NtUninstallKB828741$\rpcss.dll
    [WARNING] The file could not be opened!
    C:\WINDOWS\$NtUninstallKB828741$\txflog.dll
    [WARNING] The file could not be opened!
    C:\WINDOWS\$NtUninstallKB833987$\sxs.dll
    [WARNING] The file could not be opened!
    C:\WINDOWS\$NtUninstallKB835732$\browser.dll
    [WARNING] The file could not be opened!
    C:\WINDOWS\$NtUninstallKB835732$\callcont.dll
    [WARNING] The file could not be opened!
    C:\WINDOWS\$NtUninstallKB835732$\cmdevtgprov.dll
    [WARNING] The file could not be opened!
    C:\WINDOWS\$NtUninstallKB835732$\evtgprov.dll
    [WARNING] The file could not be opened!
    C:\WINDOWS\$NtUninstallKB835732$\h323msp.dll
    [WARNING] The file could not be opened!
    C:\WINDOWS\$NtUninstallKB835732$\helpctr.exe
    [WARNING] The file could not be opened!
    C:\WINDOWS\$NtUninstallKB835732$\ipnathlp.dll
    [WARNING] The file could not be opened!
    C:\WINDOWS\$NtUninstallKB835732$\lsasrv.dll
    [WARNING] The file could not be opened!
    C:\WINDOWS\$NtUninstallKB835732$\msasn1.dll
    [WARNING] The file could not be opened!
    C:\WINDOWS\$NtUninstallKB835732$\msgina.dll
    [WARNING] The file could not be opened!
    C:\WINDOWS\$NtUninstallKB835732$\mst120.dll
    [WARNING] The file could not be opened!
    C:\WINDOWS\$NtUninstallKB835732$\netapi32.dll
    [WARNING] The file could not be opened!
    C:\WINDOWS\$NtUninstallKB835732$\nmcom.dll
    [WARNING] The file could not be opened!
    C:\WINDOWS\$NtUninstallKB835732$\rtcdll.dll
    [WARNING] The file could not be opened!
    C:\WINDOWS\$NtUninstallKB835732$\schannel.dll
    [WARNING] The file could not be opened!
    C:\WINDOWS\system\CORE.DLL
    [DETECTION] Contains detection pattern of the construction kit KIT/Donrun.2
    [NOTE] The file was moved to '4866617f.qua'!
    C:\WINDOWS\system32\drivers\sptd.sys
    [WARNING] The file could not be opened!
    C:\WINDOWS\system32\drivers\sptd6621.sys
    [WARNING] The file could not be opened!


    End of the scan: dimanche 27 avril 2008 13:24
    Used time: 3:12:14 min

    The scan has been done completely.

    5833 Scanning directories
    268336 Files were scanned
    1 viruses and/or unwanted programs were found
    0 Files were classified as suspicious:
    0 files were deleted
    0 files were repaired
    1 files were moved to quarantine
    0 files were renamed
    39 Files cannot be scanned
    268335 Files not concerned
    10002 Archives were scanned
    39 Warnings
    1 Notes

    27 Avril 2008 17:10:47

    Re,

    Relance Lop S&D et choisis cette fois-ci l'option 4
    Une page blanche va s'ouvrir , copie/colle ce qui se trouve dans le cadre ci-dessous puis ferme la page.
    Il y aura une demande pour enregistrer les fichiers , il faut cliquer sur Enregistrer.

    C:\DOCUME~1\ALLUSE~1\APPLIC~1\AtomCurbCopyDefault
    C:\DOCUME~1\ALLUSE~1\APPLIC~1\Mail For File Wave
    C:\DOCUME~1\ALLUSE~1\APPLIC~1\savebodyhoperef
    C:\DOCUME~1\GUILLA~1\APPLIC~1\Cash Dash Chin


    Cela va lancer la suppression et générer un nouveau rapport. Poste-moi le rapport que tu obtiens.

    ;) 
    27 Avril 2008 19:43:52

    Hop voilà c'est fait, par contre j'ai lu un peu trop vide et j'ai lancé avec l'option 4 sans avoir rien rempli lors de l'ouverture du bloc note que j'ai fermé :) . Du coup j'ai refait la manip en ayant bie rempli le bloc note comme tu me l'as indiqué, j'espère que ça n'a rien fait de spécial.

    Bref voici le rapport :

    -----------------------[ Lop S&D 4.2.0-1 XP/Vista ]---------------------

    [ Windows XP (NT 5.1) Build 2600, Service Pack 2 ]
    [ USER : Papa-Maman-Caro ] [ "C:\Lop SD" ] [ Selection : 4 ]
    [ 27/04/2008 | 19:38:42,12 ] [ PC : GUILLAUME ]
    [ MAJ : 26-04-2008 | 11:00 ]

    \\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\ LopScript //////////////////////////////////

    C:\DOCUME~1\ALLUSE~1\APPLIC~1\AtomCurbCopyDefault
    C:\DOCUME~1\ALLUSE~1\APPLIC~1\Mail For File Wave
    C:\DOCUME~1\ALLUSE~1\APPLIC~1\savebodyhoperef
    C:\DOCUME~1\GUILLA~1\APPLIC~1\Cash Dash Chin

    Supprimé! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\AtomCurbCopyDefault
    Supprimé! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\Mail For File Wave
    Supprimé! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\savebodyhoperef
    Supprimé! - C:\DOCUME~1\GUILLA~1\APPLIC~1\Cash Dash Chin

    //////////////////////////////////////-\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\


    -------------[ Listing des dossiers dans Application Data ]------------

    [31/07/2004|00:21] C:\DOCUME~1\ADMINI~1\APPLIC~1\desktop.ini
    [27/04/2008|10:08] C:\DOCUME~1\ADMINI~1\APPLIC~1\Microsoft

    [19/04/2008|12:44] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe
    [06/02/2005|20:13] C:\DOCUME~1\ALLUSE~1\APPLIC~1\AOL
    [05/05/2006|21:42] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple Computer
    [26/04/2008|21:43] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Avira
    [31/07/2004|00:21] C:\DOCUME~1\ALLUSE~1\APPLIC~1\desktop.ini
    [12/03/2005|15:14] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Kaspersky Anti-Virus Personal
    [26/04/2008|09:34] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Kaspersky Lab
    [26/04/2008|19:56] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Lavasoft
    [22/10/2005|23:26] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Messenger Plus!
    [17/11/2007|21:17] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft
    [02/08/2004|20:56] C:\DOCUME~1\ALLUSE~1\APPLIC~1\MSN6
    [16/10/2004|19:31] C:\DOCUME~1\ALLUSE~1\APPLIC~1\nView_Profiles
    [12/04/2008|20:40] C:\DOCUME~1\ALLUSE~1\APPLIC~1\QTSBandwidthCache
    [30/06/2005|19:17] C:\DOCUME~1\ALLUSE~1\APPLIC~1\QuickTime
    [27/04/2008|14:46] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Raxco
    [30/06/2005|20:40] C:\DOCUME~1\ALLUSE~1\APPLIC~1\River Past G3
    [19/04/2008|13:30] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Spybot - Search & Destroy
    [17/12/2006|22:35] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Symantec
    [09/08/2004|12:30] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Viewpoint
    [31/01/2008|20:23] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WinZip
    [25/02/2008|12:36] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WLInstaller

    [31/07/2004|00:21] C:\DOCUME~1\DEFAUL~1\APPLIC~1\desktop.ini
    [01/12/2007|20:02] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft

    [25/04/2008|23:10] C:\DOCUME~1\GUILLA~1\APPLIC~1\Adobe
    [06/02/2005|20:13] C:\DOCUME~1\GUILLA~1\APPLIC~1\AOL
    [22/06/2005|18:38] C:\DOCUME~1\GUILLA~1\APPLIC~1\Apple Computer
    [22/02/2005|19:14] C:\DOCUME~1\GUILLA~1\APPLIC~1\Atari
    [08/01/2005|15:08] C:\DOCUME~1\GUILLA~1\APPLIC~1\Azureus
    [13/07/2006|23:33] C:\DOCUME~1\GUILLA~1\APPLIC~1\BitTorrent
    [31/12/2004|18:43] C:\DOCUME~1\GUILLA~1\APPLIC~1\Checkflow
    [31/07/2004|00:21] C:\DOCUME~1\GUILLA~1\APPLIC~1\desktop.ini
    [30/06/2005|19:20] C:\DOCUME~1\GUILLA~1\APPLIC~1\FotoWire
    [20/07/2005|20:42] C:\DOCUME~1\GUILLA~1\APPLIC~1\Google
    [01/10/2004|20:37] C:\DOCUME~1\GUILLA~1\APPLIC~1\Help
    [30/07/2004|23:37] C:\DOCUME~1\GUILLA~1\APPLIC~1\Identities
    [14/09/2004|12:29] C:\DOCUME~1\GUILLA~1\APPLIC~1\Jasc
    [02/01/2005|20:54] C:\DOCUME~1\GUILLA~1\APPLIC~1\Lavasoft
    [22/06/2005|21:57] C:\DOCUME~1\GUILLA~1\APPLIC~1\Macromedia
    [19/12/2005|00:30] C:\DOCUME~1\GUILLA~1\APPLIC~1\Microsoft
    [27/02/2005|20:18] C:\DOCUME~1\GUILLA~1\APPLIC~1\Mozilla
    [02/08/2004|20:56] C:\DOCUME~1\GUILLA~1\APPLIC~1\MSN6
    [31/07/2004|13:14] C:\DOCUME~1\GUILLA~1\APPLIC~1\Nikon
    [04/08/2005|22:06] C:\DOCUME~1\GUILLA~1\APPLIC~1\Real
    [08/01/2005|14:28] C:\DOCUME~1\GUILLA~1\APPLIC~1\Sun
    [15/09/2006|20:58] C:\DOCUME~1\GUILLA~1\APPLIC~1\Symantec
    [29/04/2005|22:44] C:\DOCUME~1\GUILLA~1\APPLIC~1\Talkback
    [17/11/2007|20:34] C:\DOCUME~1\GUILLA~1\APPLIC~1\vlc
    [09/08/2004|12:30] C:\DOCUME~1\GUILLA~1\APPLIC~1\You've Got Pictures Screensaver

    [30/07/2004|23:30] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft

    [01/12/2007|20:01] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft
    [15/09/2006|21:58] C:\DOCUME~1\NETWOR~1\APPLIC~1\Symantec

    [26/01/2008|11:25] C:\DOCUME~1\PAPA-M~1\APPLIC~1\Adobe
    [06/02/2005|20:13] C:\DOCUME~1\PAPA-M~1\APPLIC~1\AOL
    [06/05/2006|15:11] C:\DOCUME~1\PAPA-M~1\APPLIC~1\Apple Computer
    [31/07/2004|00:21] C:\DOCUME~1\PAPA-M~1\APPLIC~1\desktop.ini
    [24/02/2007|00:50] C:\DOCUME~1\PAPA-M~1\APPLIC~1\dvdcss
    [23/12/2005|18:12] C:\DOCUME~1\PAPA-M~1\APPLIC~1\Ecran de veille
    [21/11/2004|14:11] C:\DOCUME~1\PAPA-M~1\APPLIC~1\Help
    [25/10/2004|17:58] C:\DOCUME~1\PAPA-M~1\APPLIC~1\Identities
    [17/11/2007|20:11] C:\DOCUME~1\PAPA-M~1\APPLIC~1\InstallShield
    [19/04/2008|11:12] C:\DOCUME~1\PAPA-M~1\APPLIC~1\LimeWire
    [10/12/2006|13:38] C:\DOCUME~1\PAPA-M~1\APPLIC~1\Macromedia
    [25/11/2007|13:26] C:\DOCUME~1\PAPA-M~1\APPLIC~1\Microsoft
    [30/03/2005|20:22] C:\DOCUME~1\PAPA-M~1\APPLIC~1\Mozilla
    [26/02/2008|20:56] C:\DOCUME~1\PAPA-M~1\APPLIC~1\MSN6
    [22/06/2006|18:44] C:\DOCUME~1\PAPA-M~1\APPLIC~1\Nikon
    [03/04/2008|17:32] C:\DOCUME~1\PAPA-M~1\APPLIC~1\Real
    [18/03/2007|16:24] C:\DOCUME~1\PAPA-M~1\APPLIC~1\Screenshot Sender
    [10/04/2005|14:26] C:\DOCUME~1\PAPA-M~1\APPLIC~1\Sun
    [08/07/2005|16:28] C:\DOCUME~1\PAPA-M~1\APPLIC~1\Talkback
    [22/12/2007|22:06] C:\DOCUME~1\PAPA-M~1\APPLIC~1\U3
    [24/12/2006|22:36] C:\DOCUME~1\PAPA-M~1\APPLIC~1\vlc

    ----------------[ Tâches planifiées dans C:\WINDOWS\tasks ]---------------

    [22/07/2005 07:07][--a------] C:\WINDOWS\tasks\Reveil.job
    [27/04/2008 17:49][--ah-----] C:\WINDOWS\tasks\SA.DAT
    [28/08/2001 14:00][-r-h-----] C:\WINDOWS\tasks\desktop.ini

    ---------------[ Listing des dossiers dans C:\Program Files ]--------------

    [15/07/2006|20:10] C:\Program Files\7-Zip
    [10/06/2006|23:09] C:\Program Files\ACE Mega CoDecS Pack
    [31/10/2007|13:11] C:\Program Files\Acro Software
    [15/03/2006|13:10] C:\Program Files\Activision
    [19/04/2008|12:44] C:\Program Files\Adobe
    [27/06/2006|12:06] C:\Program Files\Adolix
    [03/04/2005|18:17] C:\Program Files\Alcohol Soft
    [26/04/2008|21:43] C:\Program Files\Avira
    [27/04/2008|13:37] C:\Program Files\CCleaner
    [16/10/2004|15:35] C:\Program Files\CDex_150
    [08/09/2006|13:40] C:\Program Files\Cool MP3 Converter
    [31/10/2007|16:20] C:\Program Files\Crimson Editor
    [22/01/2005|14:52] C:\Program Files\CyberLink
    [07/05/2005|21:07] C:\Program Files\Desktop.ini
    [21/05/2007|16:22] C:\Program Files\DivX
    [26/11/2004|16:22] C:\Program Files\fb_3do10p.SFS
    [26/11/2004|17:05] C:\Program Files\fb_maps09p.SFS
    [26/04/2008|19:54] C:\Program Files\Fichiers communs
    [27/06/2006|13:48] C:\Program Files\GameSpy Arcade
    [23/07/2006|18:27] C:\Program Files\Google
    [10/01/2007|21:14] C:\Program Files\Hardware
    [26/11/2004|18:06] C:\Program Files\il2_core.dll
    [26/11/2004|18:49] C:\Program Files\il2_coreP4.dll
    [07/10/2006|19:10] C:\Program Files\Illusion Softworks
    [17/11/2007|21:01] C:\Program Files\InstallShield Installation Information
    [11/04/2008|19:29] C:\Program Files\Internet Explorer
    [31/07/2004|19:53] C:\Program Files\Jasc Software Inc
    [19/04/2008|13:36] C:\Program Files\Java
    [29/07/2005|16:01] C:\Program Files\Lavalys
    [26/04/2008|19:55] C:\Program Files\Lavasoft
    [12/04/2008|12:38] C:\Program Files\LimeWire
    [30/06/2005|19:20] C:\Program Files\Logitech
    [06/02/2005|22:37] C:\Program Files\Matroska Playback Pack
    [06/02/2005|23:32] C:\Program Files\MatroskaProp
    [18/02/2005|20:29] C:\Program Files\Messenger
    [01/10/2006|14:21] C:\Program Files\Messenger Plus! 3
    [25/02/2008|12:48] C:\Program Files\Messenger Plus! Live
    [26/11/2004|11:35] C:\Program Files\mg_snd.dll
    [26/11/2004|11:39] C:\Program Files\mg_snd_sse.dll
    [23/02/2007|16:21] C:\Program Files\MicroProse Software
    [26/02/2008|20:14] C:\Program Files\Microsoft CAPICOM 2.1.0.2
    [30/07/2004|23:31] C:\Program Files\microsoft frontpage
    [15/07/2006|17:22] C:\Program Files\Microsoft Games
    [22/01/2005|21:41] C:\Program Files\Microsoft Office
    [25/02/2008|12:57] C:\Program Files\Microsoft SQL Server Compact Edition
    [20/09/2006|19:49] C:\Program Files\Monte Cristo
    [13/02/2005|14:29] C:\Program Files\Movie Maker
    [27/04/2008|19:36] C:\Program Files\Mozilla Firefox
    [25/12/2005|16:09] C:\Program Files\MP3 To Wave Maker Plus
    [06/02/2005|23:33] C:\Program Files\MRT Codecs Pack
    [26/02/2008|20:56] C:\Program Files\MSN
    [30/07/2004|23:27] C:\Program Files\MSN Gaming Zone
    [25/02/2008|12:48] C:\Program Files\MSN Messenger
    [18/11/2006|00:36] C:\Program Files\MSXML 4.0
    [13/02/2005|14:25] C:\Program Files\NetMeeting
    [16/11/2007|20:41] C:\Program Files\Neuf
    [31/07/2004|13:14] C:\Program Files\Nikon
    [17/12/2006|22:08] C:\Program Files\Norton AntiVirus
    [19/04/2008|12:28] C:\Program Files\OpenCV
    [13/06/2007|19:22] C:\Program Files\Outlook Express
    [24/07/2006|00:51] C:\Program Files\Power Tab Software
    [15/07/2006|21:23] C:\Program Files\Project64 1.6
    [08/09/2006|13:42] C:\Program Files\QuickTime
    [27/04/2008|14:46] C:\Program Files\Raxco
    [14/01/2005|18:31] C:\Program Files\Real
    [17/11/2007|21:01] C:\Program Files\REALTEK RTL8187 Wireless LAN Driver and Utility
    [08/09/2006|13:46] C:\Program Files\RegSupreme
    [06/10/2006|17:40] C:\Program Files\Securitoo
    [30/07/2004|23:30] C:\Program Files\Services en ligne
    [19/04/2008|13:25] C:\Program Files\Spybot - Search & Destroy
    [26/04/2008|19:14] C:\Program Files\Trend Micro
    [28/03/2005|19:12] C:\Program Files\trial_setup.ini
    [31/07/2004|00:54] C:\Program Files\VIAudioi
    [19/04/2008|12:50] C:\Program Files\VideoLAN
    [09/08/2004|12:30] C:\Program Files\Viewpoint
    [09/12/2006|19:02] C:\Program Files\Wanadoo
    [31/12/2004|11:41] C:\Program Files\Wanadoo Messager
    [19/04/2008|12:50] C:\Program Files\Winamp
    [27/02/2008|20:55] C:\Program Files\Windows Live
    [13/12/2006|17:26] C:\Program Files\Windows Media Connect 2
    [13/12/2006|17:26] C:\Program Files\Windows Media Player
    [13/02/2005|14:25] C:\Program Files\Windows NT
    [27/04/2008|13:47] C:\Program Files\WindowsUpdate
    [21/05/2007|16:35] C:\Program Files\WinRAR
    [31/01/2008|20:23] C:\Program Files\WinZip
    [30/07/2004|23:31] C:\Program Files\xerox
    [29/12/2007|22:30] C:\Program Files\Yahoo!
    [11/03/2005|14:37] C:\Program Files\Zone Labs

    ------[ Listing des dossiers dans C:\Program Files\Fichiers communs ]------

    [19/04/2008|12:44] C:\Program Files\Fichiers communs\Adobe
    [08/09/2006|13:41] C:\Program Files\Fichiers communs\AOL
    [28/08/2004|11:04] C:\Program Files\Fichiers communs\AVP Shared
    [22/01/2005|21:41] C:\Program Files\Fichiers communs\DESIGNER
    [30/06/2005|19:20] C:\Program Files\Fichiers communs\FotoWire
    [03/04/2005|19:03] C:\Program Files\Fichiers communs\InstallShield
    [30/11/2007|20:46] C:\Program Files\Fichiers communs\Java
    [30/06/2005|19:18] C:\Program Files\Fichiers communs\Logitech
    [25/02/2008|12:37] C:\Program Files\Fichiers communs\Microsoft Shared
    [30/07/2004|23:28] C:\Program Files\Fichiers communs\MSSoap
    [31/07/2004|13:13] C:\Program Files\Fichiers communs\Nikon
    [09/08/2004|12:29] C:\Program Files\Fichiers communs\Nullsoft
    [04/08/2005|22:04] C:\Program Files\Fichiers communs\Real
    [30/07/2004|23:29] C:\Program Files\Fichiers communs\Services
    [31/07/2004|00:21] C:\Program Files\Fichiers communs\SpeechEngines
    [17/12/2006|22:34] C:\Program Files\Fichiers communs\Symantec Shared
    [13/06/2007|19:22] C:\Program Files\Fichiers communs\System
    [25/02/2008|12:52] C:\Program Files\Fichiers communs\WindowsLiveInstaller
    [26/04/2008|19:54] C:\Program Files\Fichiers communs\Wise Installation Wizard
    [04/08/2005|22:04] C:\Program Files\Fichiers communs\xing shared

    ---------------------------[ Process ]--------------------------

    ... 31

    ... OK !

    ----------------------[ Recherche avec S_Lop ]---------------------

    Aucun fichier / dossier Lop trouvé !

    -----------------[ Recherche de Fichiers / Dossiers Lop ]-----------------

    Aucun fichier / dossier Lop trouvé !

    ----------------------[ Verification du Registre ]----------------------

    ..... OK !

    --------------------[ Verification du fichier Hosts ]---------------------

    Fichier Hosts PROPRE


    ----------------[ Recherche de fichiers avec Catchme ]-----------------

    catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
    Rootkit scan 2008-04-27 19:40:05
    Windows 5.1.2600 Service Pack 2 NTFS
    scanning hidden processes ...
    scanning hidden files ...
    scan completed successfully
    hidden processes: 0
    hidden files: 0

    --------------------[ Recherche d'autres infections ]---------------------


    Aucune autre infection trouvée !

    /!\ [Fich:45][Doss:4] C:\DOCUME~1\PAPA-M~1\LOCALS~1\Temp
    /!\ [Fich:15][Doss:0] C:\DOCUME~1\PAPA-M~1\Cookies
    /!\ [Fich:155][Doss:4] C:\DOCUME~1\PAPA-M~1\LOCALS~1\TEMPOR~1\content.IE5

    --------------------[ Fin du rapport a 19:40:55,37 ]----------------------
    27 Avril 2008 21:58:56

    Re,

    Bien :super:

    Poste un nouveau rapport hijackthis.

    ;) 
    27 Avril 2008 23:12:21

    Voila le HJT : (merci pour tout)

    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 23:10:18, on 27/04/2008
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
    C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
    C:\Program Files\Raxco\PerfectDisk2008\PD91Agent.exe
    C:\WINDOWS\System32\svchost.exe
    C:\PROGRA~1\Hardware\Keyboard\Ikeymain.exe
    C:\WINDOWS\system32\rundll32.exe
    C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
    C:\WINDOWS\system32\wscntfy.exe
    C:\Program Files\Windows Live\Messenger\msnmsgr.exe
    C:\Program Files\Windows Live\Messenger\usnsvc.exe
    C:\WINDOWS\explorer.exe
    C:\Documents and Settings\Papa-Maman-Caro\Bureau\temporaire\HiJackThis\scanner.exe
    C:\Program Files\Mozilla Firefox\firefox.exe
    C:\WINDOWS\system32\taskmgr.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://recherche.neuf.fr/
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://recherche.neuf.fr/ie/default.html
    R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = "C:\Program Files\MSN Gaming Zone\Windows\bckgzm.exe"
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
    O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (file missing)
    O2 - BHO: (no name) - {4E7BD74F-2B8D-469E-D4F3-BF2CF4D5FA7D} - (no file)
    O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
    O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
    O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: (no name) - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - (no file)
    O2 - BHO: (no name) - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - (no file)
    O2 - BHO: (no name) - {F82226A0-0353-5DDC-B67D-D01073712227} - (no file)
    O3 - Toolbar: (no name) - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - (no file)
    O3 - Toolbar: (no name) - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - (no file)
    O3 - Toolbar: (no name) - {4E7BD74F-2B8D-469E-D4F3-BF2CF4D5FA7D} - (no file)
    O4 - HKLM\..\Run: [iKeyWorks] C:\PROGRA~1\Hardware\Keyboard\Ikeymain.exe
    O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
    O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
    O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL')
    O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU')
    O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
    O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
    O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
    O9 - Extra button: AOL Toolbar - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - C:\WINDOWS\System32\shdocvw.dll
    O9 - Extra 'Tools' menuitem: AOL Toolbar - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - C:\WINDOWS\System32\shdocvw.dll
    O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
    O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
    O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL
    O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\System32\Shdocvw.dll
    O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab31267....
    O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://www.kaspersky.com/kos/english/kavwebscan_unicode...
    O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.ca...
    O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.bitdefender.fr/scan_fr/scan8/oscan8.cab
    O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} - http://drivers1.free.fr/hardwaredetection.cab
    O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClie...
    O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/msnmessengersetupdown...
    O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPACl...
    O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
    O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
    O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
    O23 - Service: PD91Agent - Raxco Software, Inc. - C:\Program Files\Raxco\PerfectDisk2008\PD91Agent.exe
    O23 - Service: PD91Engine - Raxco Software, Inc. - C:\Program Files\Raxco\PerfectDisk2008\PD91Engine.exe

    --
    End of file - 6886 bytes
    27 Avril 2008 23:21:29

    Re,

    Dernière vérification ;) 

    Télécharge MalwareByte's Anti-Malware sur ton Bureau.
    Installe-le en double-cliquant sur le fichier Download_mbam-setup.exe.

    Une fois l'installation et la mise à jour effectuées, redémarre en mode sans échec.
    AIDE : Redémarrer en mode sans échec

  • Exécute maintenant MalwareByte's Anti-Malware. Si cela n'est pas déjà fait, sélectionne "Exécuter un examen complet".
  • Afin de lancer la recherche, clic sur"Rechercher".
  • Une fois le scan terminé, une fenêtre s'ouvre, clic sur OK. Deux possibilités s'offrent à toi :
    -- si le programme n'a rien trouvé, appuie sur OK. Un rapport va apparaître, ferme-le.
    -- si des infections sont présentes, clic sur "Afficher les résultats" puis sur "Supprimer la sélection". Enregistre le rapport sur ton Bureau afin de le poster dans ta prochaine réponse.
    [#ff0000]REMARQUE : Si MalwareByte's Anti-Malware a besoin de redémarrer pour terminer la suppression, accepte en cliquant sur Ok.[/#f]

    AIDE : Tuto en images sur MBAM

    ;) 
    Tom's guide dans le monde
    • Allemagne
    • Italie
    • Irlande
    • Royaume Uni
    • Etats Unis
    Suivre Tom's Guide
    Inscrivez-vous à la Newsletter
    • ajouter à twitter
    • ajouter à facebook
    • ajouter un flux RSS