Votre question

probleme vitesse chargement

Tags :
  • Windows
  • Sécurité
Dernière réponse : dans Sécurité et virus
13 Mars 2008 19:15:38

bonsoir a tous!! voila depuis le week end dernier j'ai ma connexion a intezrnet qui ralenti beaucoup!! en fait il met du temps a charger une page web et meme pour aller sur msn!! j'ai utilisé spybot et AVG pour analyser mon pc et j'ai trouvé pa mal de problemes mais c'est toujours long!!
du coup j'ai utilisé hijackthis et voici se qui marque:
Logfile of HijackThis v1.99.1
Scan saved at 18:21:18, on 13/03/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16608)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
C:\Documents and Settings\chef\Local Settings\Application Data\windowsupdate.exe
C:\Program Files\Vista Start Menu\VistaStartMenu.exe
C:\WINDOWS\BricoPacks\Vista Inspirat 2\UberIcon\UberIcon Manager.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Documents and Settings\chef\Local Settings\Application Data\windowsupdate.exe
C:\Program Files\Hercules\WiFi Station\WifiStation.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exe
C:\WINDOWS\BricoPacks\Vista Inspirat 2\YzShadow\YzShadow.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\System32\svchost.exe
C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
C:\PROGRA~1\Grisoft\AVG7\avgemc.exe
C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\WINDOWS\system32\cisvc.exe
C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe
C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcLog.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\UAService7.exe
C:\WINDOWS\system32\SearchIndexer.exe
C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcAppFlt.exe
C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Windows Live\Messenger\usnsvc.exe
C:\WINDOWS\system32\cidaemon.exe
C:\PROGRA~1\Grisoft\AVG7\avgcc.exe
C:\WINDOWS\system32\drwtsn32.exe
C:\WINDOWS\system32\drwtsn32.exe
C:\WINDOWS\explorer.exe
C:\WINDOWS\system32\SearchProtocolHost.exe
C:\Documents and Settings\chef\Mes documents\Débarra\logiciels\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\userinit.exe,C:\DOCUME~1\chef\LOCALS~1\Temp\services.exe
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
O4 - HKLM\..\Run: [bait deaf idle setup] C:\Documents and Settings\All Users\Application Data\Htm Support Bait Deaf\Face For.exe
O4 - HKLM\..\Run: [KAVPersonal50] "C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus Personal\kav.exe" /minimize
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVG7\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [autoload] C:\Documents and Settings\chef\Local Settings\Application Data\windowsupdate.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [ntuser] C:\WINDOWS\system32\drivers\svchost.exe
O4 - HKCU\..\Run: [VistaStartMenu] "C:\Program Files\Vista Start Menu\VistaStartMenu.exe"
O4 - HKCU\..\Run: [UberIcon] "C:\WINDOWS\BricoPacks\Vista Inspirat 2\UberIcon\UberIcon Manager.exe"
O4 - HKCU\..\Run: [browse window] C:\DOCUME~1\chef\APPLIC~1\PROGRA~1\partbonefunk.exe
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [autoload] C:\Documents and Settings\chef\Local Settings\Application Data\windowsupdate.exe
O4 - HKCU\..\Run: [ntuser] C:\WINDOWS\system32\drivers\svchost.exe
O4 - Startup: RocketDock.lnk = C:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exe
O4 - Startup: TransBar.lnk = C:\WINDOWS\BricoPacks\Vista Inspirat 2\TransBar\TransBar.exe
O4 - Startup: UberIcon.lnk = C:\WINDOWS\BricoPacks\Vista Inspirat 2\UberIcon\UberIcon Manager.exe
O4 - Startup: Y'z Shadow.lnk = C:\WINDOWS\BricoPacks\Vista Inspirat 2\YzShadow\YzShadow.exe
O4 - Global Startup: WiFi Station.lnk = ?
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: (no name) - {9034A523-D068-4BE8-A284-9DF278BE776E} - http://www.explorertool.net/redirect.php (file missing)
O9 - Extra 'Tools' menuitem: IE Anti-Spyware - {9034A523-D068-4BE8-A284-9DF278BE776E} - http://www.explorertool.net/redirect.php (file missing)
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: Allocam Multi Vision - {2D6B57BF-71FA-41A3-BDC5-3B5A25813D2E} - C:\PROGRA~1\ALLOCA~1\allocam.exe (file missing) (HKCU)
O9 - Extra 'Tools' menuitem: Allocam Multi Vision - {2D6B57BF-71FA-41A3-BDC5-3B5A25813D2E} - C:\PROGRA~1\ALLOCA~1\allocam.exe (file missing) (HKCU)
O10 - Unknown file in Winsock LSP: c:\windows\system32\nvappfilter.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\nvappfilter.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\nvappfilter.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\nvappfilter.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\nvappfilter.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\nvappfilter.dll
O11 - Options group: [INTERNATIONAL] International*
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/windowsupdate/v6/V5Cont...
O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} (DivXBrowserPlugin Object) - http://download.divx.com/player/DivXBrowserPlugin.cab
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} (Java Runtime Environment 1.6.0) - http://javadl-esd.sun.com/update/1.6.0/jinstall-6u3-win...
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/fl...
O17 - HKLM\System\CCS\Services\Tcpip\..\{D6004ECB-7DA1-4550-9979-4634711A9F2F}: NameServer = 208.67.220.220,208.67.222.222
O17 - HKLM\System\CCS\Services\Tcpip\..\{E4A14A7A-0C27-4571-A1E0-AB61CD85964D}: NameServer = 208.67.220.220,208.67.222.222
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: NameServer = 208.67.220.220,208.67.222.222
O17 - HKLM\System\CS2\Services\Tcpip\Parameters: NameServer = 208.67.220.220,208.67.222.222
O17 - HKLM\System\CS2\Services\Tcpip\..\{35456AC6-3B2D-4F03-96AB-2C6823F1686F}: NameServer = 208.67.220.220,208.67.222.222
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: NameServer = 208.67.220.220,208.67.222.222
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WINDOW~4\MESSEN~1\MSGRAP~1.DLL
O18 - Protocol: ms-help - {314111C7-A502-11D2-BBCA-00C04F8EC294} - C:\Program Files\Fichiers communs\Microsoft Shared\Help\hxds.dll
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WINDOW~4\MESSEN~1\MSGRAP~1.DLL
O18 - Protocol: wlmailhtml - {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Program Files\Windows Live\Mail\mailcomm.dll
O18 - Filter hijack: text/xml - {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~1\FICHIE~1\MICROS~1\OFFICE12\MSOXMLMF.DLL
O20 - Winlogon Notify: WBSrv - C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wbsrv.dll
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O20 - Winlogon Notify: WLCtrl32 - C:\WINDOWS\SYSTEM32\WLCtrl32.dll
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O21 - SSODL: SetupPrx - {ad0c12cf-afe8-48dc-bc24-12468f87e920} - C:\WINDOWS\Installer\{ad0c12cf-afe8-48dc-bc24-12468f87e920}\SetupPrx.dll
O23 - Service: Autodesk Licensing Service - Autodesk - C:\Program Files\Fichiers communs\Autodesk Shared\Service\AdskScSrv.exe
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgemc.exe
O23 - Service: ForceWare Intelligent Application Manager (IAM) - Unknown owner - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcAppFlt.exe
O23 - Service: Forceware Web Interface (ForcewareWebInterface) - Unknown owner - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe" -k runservice (file missing)
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: ForceWare user log service (nSvcLog) - NVIDIA - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcLog.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: Planificateur de tâches (Schedule) - Unknown owner - C:\WINDOWS\system32\drivers\svchost.exe
O23 - Service: SecuROM User Access Service (V7) (UserAccess7) - Sony DADC Austria AG. - C:\WINDOWS\system32\UAService7.exe


PS: pour moi je ne comprends rien du tout!!!! donc si vous pouvais m'aider merci davance et desolé si qqun a deja posté un message du meme genre

Autres pages sur : probleme vitesse chargement

a b 8 Sécurité
13 Mars 2008 19:18:15

Bonjour,

Télécharge Lop S&D.exe sur ton Bureau.
  • Double-clique dessus pour lancer l'installation
  • Puis double-clique sur le raccourci Lop S&D présent sur ton Bureau
  • Séléctionne la langue souhaitée , puis choisis l'option 1 (Recherche)
  • Patiente jusqu'à la fin du scan
  • Poste le rapport généré (C:\lopR.txt)

    (Si le Bureau ne réapparait pas presse Ctrl + Alt + Suppr , Onglet Fichier , Nouvelle tâche , tape explorer.exe et valide)
    13 Mars 2008 20:03:44

    voici le rapport

    -----------------------[ Lop S&D 4.0.6 XP/Vista ]----------------------

    [ Windows XP (NT 5.1) Build 2600, Service Pack 2 ]
    [ USER : chef ] [ "C:\Lop SD" ]
    [ 13/03/2008 | 19:57:58,29 ] [ PC : THIBAULT ]
    [ MAJ : 11-03-2008 | 01:12 ]

    -------------[ Listing des dossiers dans Application Data ]------------

    [19/02/2008|20:38] C:\DOCUME~1\ALLUSE~1\APPLIC~1\.
    [19/02/2008|20:38] C:\DOCUME~1\ALLUSE~1\APPLIC~1\..
    [15/09/2007|15:37] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe
    [04/07/2007|23:49] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple Computer
    [09/03/2008|15:02] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Autodesk
    [19/02/2008|22:32] C:\DOCUME~1\ALLUSE~1\APPLIC~1\avg7
    [05/07/2007|00:34] C:\DOCUME~1\ALLUSE~1\APPLIC~1\desktop.ini
    [19/02/2008|20:38] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Grisoft
    [20/02/2008|09:37] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Htm Support Bait Deaf
    [07/07/2007|19:15] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Messenger Plus!
    [05/10/2007|20:26] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft
    [13/03/2008|10:16] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft Help
    [07/07/2007|16:59] C:\DOCUME~1\ALLUSE~1\APPLIC~1\NFS Underground
    [25/07/2007|17:05] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Sony Ericsson
    [15/02/2008|17:17] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Spybot - Search & Destroy
    [19/07/2007|16:39] C:\DOCUME~1\ALLUSE~1\APPLIC~1\SRS Labs
    [25/07/2007|17:05] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Teleca
    [19/02/2008|14:18] C:\DOCUME~1\ALLUSE~1\APPLIC~1\TEMP
    [04/07/2007|23:50] C:\DOCUME~1\ALLUSE~1\APPLIC~1\TuneUp Software
    [07/07/2007|14:40] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Genuine Advantage
    [15/11/2007|16:57] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WLInstaller

    [19/02/2008|20:39] C:\DOCUME~1\chef\APPLIC~1\.
    [19/02/2008|20:39] C:\DOCUME~1\chef\APPLIC~1\..
    [05/07/2007|11:54] C:\DOCUME~1\chef\APPLIC~1\ACD Systems
    [15/09/2007|15:29] C:\DOCUME~1\chef\APPLIC~1\Adobe
    [15/09/2007|15:34] C:\DOCUME~1\chef\APPLIC~1\AdobeUM
    [15/09/2007|21:09] C:\DOCUME~1\chef\APPLIC~1\Apple Computer
    [09/03/2008|15:04] C:\DOCUME~1\chef\APPLIC~1\Autodesk
    [13/03/2008|11:55] C:\DOCUME~1\chef\APPLIC~1\AVG7
    [18/11/2007|09:35] C:\DOCUME~1\chef\APPLIC~1\Azureus
    [05/07/2007|00:34] C:\DOCUME~1\chef\APPLIC~1\desktop.ini
    [15/08/2007|18:15] C:\DOCUME~1\chef\APPLIC~1\DivX
    [19/10/2007|18:01] C:\DOCUME~1\chef\APPLIC~1\Google
    [15/09/2007|17:14] C:\DOCUME~1\chef\APPLIC~1\Help
    [05/10/2007|20:27] C:\DOCUME~1\chef\APPLIC~1\Identities
    [18/07/2007|10:10] C:\DOCUME~1\chef\APPLIC~1\Macromedia
    [19/02/2008|20:38] C:\DOCUME~1\chef\APPLIC~1\Microsoft
    [17/08/2007|12:40] C:\DOCUME~1\chef\APPLIC~1\Mozilla
    [17/08/2007|12:40] C:\DOCUME~1\chef\APPLIC~1\Netscape
    [17/08/2007|12:39] C:\DOCUME~1\chef\APPLIC~1\Photodex
    [02/01/2008|18:02] C:\DOCUME~1\chef\APPLIC~1\PnkBstrK.sys
    [20/02/2008|09:37] C:\DOCUME~1\chef\APPLIC~1\Programtime
    [21/10/2007|19:19] C:\DOCUME~1\chef\APPLIC~1\Real
    [01/09/2007|15:57] C:\DOCUME~1\chef\APPLIC~1\SecuROM
    [09/07/2007|16:12] C:\DOCUME~1\chef\APPLIC~1\Sun
    [07/07/2007|15:29] C:\DOCUME~1\chef\APPLIC~1\Talkback
    [26/07/2007|13:36] C:\DOCUME~1\chef\APPLIC~1\Teleca
    [04/07/2007|23:50] C:\DOCUME~1\chef\APPLIC~1\TuneUp Software
    [09/03/2008|15:13] C:\DOCUME~1\chef\APPLIC~1\Vista Start Menu
    [09/12/2007|18:42] C:\DOCUME~1\chef\APPLIC~1\vlc
    [06/10/2007|07:35] C:\DOCUME~1\chef\APPLIC~1\Windows Desktop Search

    [05/07/2007|00:34] C:\DOCUME~1\DEFAUL~1\APPLIC~1\.
    [05/07/2007|00:34] C:\DOCUME~1\DEFAUL~1\APPLIC~1\..
    [05/07/2007|00:34] C:\DOCUME~1\DEFAUL~1\APPLIC~1\desktop.ini
    [04/07/2007|22:45] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft

    [19/02/2008|20:38] C:\DOCUME~1\LOCALS~1\APPLIC~1\.
    [19/02/2008|20:38] C:\DOCUME~1\LOCALS~1\APPLIC~1\..
    [19/07/2007|17:51] C:\DOCUME~1\LOCALS~1\APPLIC~1\Adobe
    [19/02/2008|20:38] C:\DOCUME~1\LOCALS~1\APPLIC~1\AVG7
    [19/02/2008|20:38] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft

    [04/07/2007|22:47] C:\DOCUME~1\NETWOR~1\APPLIC~1\.
    [04/07/2007|22:47] C:\DOCUME~1\NETWOR~1\APPLIC~1\..
    [19/02/2008|20:38] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft

    ----------------[ Tâches planifiées dans C:\WINDOWS\tasks ]---------------

    [13/03/2008 10:00][--ah-----] C:\WINDOWS\tasks\B673968398EC0D37.job
    [22/02/2008 17:15][--a------] C:\WINDOWS\tasks\Maintenance en 1 clic.job
    [13/03/2008 10:06][--ah-----] C:\WINDOWS\tasks\SA.DAT
    [05/08/2004 13:00][-r-h-----] C:\WINDOWS\tasks\desktop.ini

    ---------------[ Listing des dossiers dans C:\Program Files ]--------------

    [13/03/2008|11:49] C:\Program Files\.
    [13/03/2008|11:49] C:\Program Files\..
    [02/01/2008|17:45] C:\Program Files\Activision
    [04/07/2007|23:46] C:\Program Files\Adobe
    [21/10/2007|19:17] C:\Program Files\Allocam Multi Visio
    [04/07/2007|23:07] C:\Program Files\AMD
    [04/07/2007|23:43] C:\Program Files\AusLogics Disk Defrag
    [15/08/2007|19:31] C:\Program Files\AutoCAD 2008
    [15/08/2007|19:23] C:\Program Files\Autodesk
    [03/02/2008|18:40] C:\Program Files\AVIConverter
    [13/07/2007|10:33] C:\Program Files\AviSynth 2.5
    [10/07/2007|18:41] C:\Program Files\AvRack
    [12/02/2008|18:14] C:\Program Files\Call of Duty Game of the Year Edition
    [20/07/2007|12:59] C:\Program Files\CamStudio
    [20/02/2008|09:37] C:\Program Files\Circle Developement
    [03/11/2007|13:00] C:\Program Files\Codemasters
    [04/07/2007|22:42] C:\Program Files\ComPlus Applications
    [01/09/2007|20:08] C:\Program Files\DivX
    [05/07/2007|00:01] C:\Program Files\D-Tools
    [19/08/2007|16:02] C:\Program Files\EA GAMES
    [13/03/2008|16:24] C:\Program Files\eMule
    [13/07/2007|10:33] C:\Program Files\eRightSoft
    [20/07/2007|12:58] C:\Program Files\Fake Webcam
    [20/01/2008|20:19] C:\Program Files\Fichiers communs
    [21/02/2008|23:04] C:\Program Files\GameSpy Arcade
    [19/10/2007|17:01] C:\Program Files\Google
    [19/02/2008|20:38] C:\Program Files\Grisoft
    [29/02/2008|18:35] C:\Program Files\Helper
    [07/07/2007|14:01] C:\Program Files\Hercules
    [18/11/2007|12:39] C:\Program Files\HighwayPursuit
    [20/02/2008|20:34] C:\Program Files\InstallShield Installation Information
    [19/02/2008|23:08] C:\Program Files\Internet Explorer
    [30/12/2007|20:44] C:\Program Files\Java
    [04/07/2007|23:48] C:\Program Files\Kaspersky Lab
    [04/07/2007|23:42] C:\Program Files\MatroskaProp
    [20/07/2007|12:33] C:\Program Files\Messenger
    [22/12/2007|22:24] C:\Program Files\Messenger Plus! Live
    [04/07/2007|22:45] C:\Program Files\microsoft frontpage
    [15/08/2007|19:23] C:\Program Files\Microsoft Office
    [05/10/2007|20:27] C:\Program Files\Microsoft SQL Server Compact Edition
    [05/07/2007|00:14] C:\Program Files\Microsoft Visual Studio
    [05/07/2007|00:14] C:\Program Files\Microsoft Works
    [29/08/2007|07:19] C:\Program Files\Movie Maker
    [21/10/2007|17:06] C:\Program Files\Mozilla Firefox
    [04/07/2007|23:43] C:\Program Files\MRT Codecs Pack
    [05/07/2007|00:14] C:\Program Files\MSBuild
    [04/07/2007|22:40] C:\Program Files\MSN
    [04/07/2007|22:41] C:\Program Files\MSN Gaming Zone
    [22/12/2007|22:24] C:\Program Files\MSN Messenger
    [20/07/2007|13:05] C:\Program Files\MSN Multiconnect
    [26/07/2007|08:52] C:\Program Files\MSXML 4.0
    [16/08/2007|10:40] C:\Program Files\MSXML 6.0
    [04/07/2007|22:43] C:\Program Files\NetMeeting
    [29/02/2008|18:36] C:\Program Files\NetProject
    [04/07/2007|23:17] C:\Program Files\NVIDIA Corporation
    [13/10/2007|11:45] C:\Program Files\Odebit Multim‚dia
    [04/07/2007|23:42] C:\Program Files\On2 Technologies
    [29/08/2007|07:19] C:\Program Files\Outlook Express
    [14/02/2008|11:01] C:\Program Files\Programtime
    [04/07/2007|23:50] C:\Program Files\QuickTime
    [21/07/2007|18:49] C:\Program Files\RAR Password Cracker
    [19/10/2007|09:53] C:\Program Files\Real
    [04/07/2007|23:01] C:\Program Files\Realtek Sound Manager
    [04/07/2007|23:41] C:\Program Files\RegCleaner
    [04/07/2007|22:44] C:\Program Files\Services en ligne
    [25/07/2007|17:04] C:\Program Files\Sony Ericsson
    [15/02/2008|17:12] C:\Program Files\Spybot - Search & Destroy
    [29/08/2007|16:12] C:\Program Files\Stardock
    [21/02/2008|23:17] C:\Program Files\Steam
    [20/01/2008|20:20] C:\Program Files\TI Education
    [25/08/2007|09:04] C:\Program Files\TuneUp Utilities 2007
    [01/09/2007|15:49] C:\Program Files\Ubisoft
    [15/08/2007|19:24] C:\Program Files\Uninstall Information
    [25/11/2007|15:28] C:\Program Files\Valve
    [09/12/2007|18:41] C:\Program Files\VideoLAN
    [04/11/2007|20:23] C:\Program Files\VirtualDJ
    [29/08/2007|07:09] C:\Program Files\Vista Start Menu
    [28/08/2007|19:56] C:\Program Files\VisualTaskTips
    [29/02/2008|23:12] C:\Program Files\Web Media Player
    [05/10/2007|20:26] C:\Program Files\Windows Desktop Search
    [29/02/2008|21:01] C:\Program Files\Windows Live
    [20/02/2008|20:59] C:\Program Files\Windows Live Safety Center
    [07/07/2007|16:10] C:\Program Files\Windows Media Connect 2
    [07/07/2007|16:10] C:\Program Files\Windows Media Player
    [04/07/2007|22:41] C:\Program Files\Windows NT
    [04/07/2007|22:44] C:\Program Files\WindowsUpdate
    [06/11/2007|09:57] C:\Program Files\WinRAR
    [04/07/2007|23:57] C:\Program Files\WinZip
    [04/07/2007|22:45] C:\Program Files\xerox

    ------[ Listing des dossiers dans C:\Program Files\Fichiers communs ]------

    [20/01/2008|20:19] C:\Program Files\Fichiers communs\.
    [20/01/2008|20:19] C:\Program Files\Fichiers communs\..
    [13/10/2007|09:43] C:\Program Files\Fichiers communs\ACD Systems
    [15/09/2007|15:37] C:\Program Files\Fichiers communs\Adobe
    [15/08/2007|19:31] C:\Program Files\Fichiers communs\Autodesk Shared
    [15/08/2007|19:23] C:\Program Files\Fichiers communs\DESIGNER
    [05/07/2007|12:57] C:\Program Files\Fichiers communs\DirectX
    [04/07/2007|23:01] C:\Program Files\Fichiers communs\InstallShield
    [30/12/2007|20:40] C:\Program Files\Fichiers communs\Java
    [19/02/2008|23:00] C:\Program Files\Fichiers communs\Microsoft Shared
    [04/07/2007|22:43] C:\Program Files\Fichiers communs\MSSoap
    [05/07/2007|00:34] C:\Program Files\Fichiers communs\ODBC
    [21/10/2007|19:19] C:\Program Files\Fichiers communs\Real
    [04/07/2007|22:43] C:\Program Files\Fichiers communs\Services
    [05/07/2007|00:34] C:\Program Files\Fichiers communs\SpeechEngines
    [07/07/2007|15:16] C:\Program Files\Fichiers communs\System
    [25/07/2007|17:05] C:\Program Files\Fichiers communs\Teleca Shared
    [20/01/2008|20:19] C:\Program Files\Fichiers communs\TI Shared
    [15/11/2007|16:59] C:\Program Files\Fichiers communs\WindowsLiveInstaller
    [20/01/2008|20:17] C:\Program Files\Fichiers communs\Wise Installation Wizard

    ----------------------[ Recherche avec S_Lop ]---------------------

    Aucun fichier / dossier Lop trouvé !

    -----------------[ Recherche de Fichiers / Dossiers Lop ]-----------------

    C:\DOCUME~1\ALLUSE~1\APPLIC~1\Htm Support Bait Deaf
    C:\DOCUME~1\ALLUSE~1\APPLIC~1\Htm Support Bait Deaf\Face For.exe
    C:\Program Files\Circle Developement
    C:\WINDOWS\Tasks\B673968398EC0D37.job

    ----------------------[ Verification du Registre ]----------------------

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "bait deaf idle setup"="C:\\Documents and Settings\\All Users\\Application Data\\Htm Support Bait Deaf\\Face For.exe"

    --------------------[ Verification du fichier Hosts ]---------------------

    Fichier Hosts PROPRE


    ----------------[ Recherche de fichiers avec Catchme ]-----------------

    catchme 0.3.1262 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
    Rootkit scan 2008-03-13 19:58:26
    Windows 5.1.2600 Service Pack 2 NTFS
    scanning hidden files ...
    scan completed successfully
    hidden files: 0

    --------------------[ Recherche d'autres infections ]---------------------

    Aucune autre infection trouvée !

    /!\ [Fich:173][Doss:11] C:\DOCUME~1\chef\LOCALS~1\Temp
    /!\ [Fich:36][Doss:0] C:\DOCUME~1\chef\Cookies
    /!\ [Fich:116][Doss:15] C:\DOCUME~1\chef\LOCALS~1\TEMPOR~1\content.IE5

    --------------------[ Fin du rapport a 20:00:08,46 ]----------------------
    Contenus similaires
    a b 8 Sécurité
    13 Mars 2008 20:12:40

    Re,

    Relance Lop S&D

  • Choisis cette fois ci l'Option 2 (Suppression)
  • Ne ferme pas la fenêtre lors de la suppression !
  • Poste le rapport généré (C:\lopR.txt)

    (Si le Bureau ne réapparaît pas, presse Ctrl + Alt + Suppr , Onglet Fichier , Nouvelle tâche , tape explorer.exe et valide)
    13 Mars 2008 20:20:49

    le voici!!


    -----------------------[ Lop S&D 4.0.6 XP/Vista ]----------------------

    [ Windows XP (NT 5.1) Build 2600, Service Pack 2 ]
    [ USER : chef ] [ "C:\Lop SD" ]
    [ 13/03/2008 | 20:15:49,56 ] [ PC : THIBAULT ]
    [ MAJ : 11-03-2008 | 01:12 ]

    \\\\\\\\\\\\\\\\\\\\\\\\\\\\\\ SUPPRESSION /////////////////////////////

    Supprimé! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\Htm Support Bait Deaf\Face For.exe
    Supprimé! - C:\WINDOWS\Tasks\B673968398EC0D37.job
    Supprimé! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\Htm Support Bait Deaf
    Supprimé! - C:\Program Files\Circle Developement
    Restauré! - Fichier Hosts

    //////////////////////////////////////-\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\


    -------------[ Listing des dossiers dans Application Data ]------------

    [13/03/2008|20:15] C:\DOCUME~1\ALLUSE~1\APPLIC~1\.
    [13/03/2008|20:15] C:\DOCUME~1\ALLUSE~1\APPLIC~1\..
    [15/09/2007|15:37] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe
    [04/07/2007|23:49] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple Computer
    [09/03/2008|15:02] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Autodesk
    [19/02/2008|22:32] C:\DOCUME~1\ALLUSE~1\APPLIC~1\avg7
    [05/07/2007|00:34] C:\DOCUME~1\ALLUSE~1\APPLIC~1\desktop.ini
    [19/02/2008|20:38] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Grisoft
    [07/07/2007|19:15] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Messenger Plus!
    [05/10/2007|20:26] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft
    [13/03/2008|10:16] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft Help
    [07/07/2007|16:59] C:\DOCUME~1\ALLUSE~1\APPLIC~1\NFS Underground
    [25/07/2007|17:05] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Sony Ericsson
    [15/02/2008|17:17] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Spybot - Search & Destroy
    [19/07/2007|16:39] C:\DOCUME~1\ALLUSE~1\APPLIC~1\SRS Labs
    [25/07/2007|17:05] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Teleca
    [19/02/2008|14:18] C:\DOCUME~1\ALLUSE~1\APPLIC~1\TEMP
    [04/07/2007|23:50] C:\DOCUME~1\ALLUSE~1\APPLIC~1\TuneUp Software
    [07/07/2007|14:40] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Genuine Advantage
    [15/11/2007|16:57] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WLInstaller

    [19/02/2008|20:39] C:\DOCUME~1\chef\APPLIC~1\.
    [19/02/2008|20:39] C:\DOCUME~1\chef\APPLIC~1\..
    [05/07/2007|11:54] C:\DOCUME~1\chef\APPLIC~1\ACD Systems
    [15/09/2007|15:29] C:\DOCUME~1\chef\APPLIC~1\Adobe
    [15/09/2007|15:34] C:\DOCUME~1\chef\APPLIC~1\AdobeUM
    [15/09/2007|21:09] C:\DOCUME~1\chef\APPLIC~1\Apple Computer
    [09/03/2008|15:04] C:\DOCUME~1\chef\APPLIC~1\Autodesk
    [13/03/2008|11:55] C:\DOCUME~1\chef\APPLIC~1\AVG7
    [18/11/2007|09:35] C:\DOCUME~1\chef\APPLIC~1\Azureus
    [05/07/2007|00:34] C:\DOCUME~1\chef\APPLIC~1\desktop.ini
    [15/08/2007|18:15] C:\DOCUME~1\chef\APPLIC~1\DivX
    [19/10/2007|18:01] C:\DOCUME~1\chef\APPLIC~1\Google
    [15/09/2007|17:14] C:\DOCUME~1\chef\APPLIC~1\Help
    [05/10/2007|20:27] C:\DOCUME~1\chef\APPLIC~1\Identities
    [18/07/2007|10:10] C:\DOCUME~1\chef\APPLIC~1\Macromedia
    [19/02/2008|20:38] C:\DOCUME~1\chef\APPLIC~1\Microsoft
    [17/08/2007|12:40] C:\DOCUME~1\chef\APPLIC~1\Mozilla
    [17/08/2007|12:40] C:\DOCUME~1\chef\APPLIC~1\Netscape
    [17/08/2007|12:39] C:\DOCUME~1\chef\APPLIC~1\Photodex
    [02/01/2008|18:02] C:\DOCUME~1\chef\APPLIC~1\PnkBstrK.sys
    [20/02/2008|09:37] C:\DOCUME~1\chef\APPLIC~1\Programtime
    [21/10/2007|19:19] C:\DOCUME~1\chef\APPLIC~1\Real
    [01/09/2007|15:57] C:\DOCUME~1\chef\APPLIC~1\SecuROM
    [09/07/2007|16:12] C:\DOCUME~1\chef\APPLIC~1\Sun
    [07/07/2007|15:29] C:\DOCUME~1\chef\APPLIC~1\Talkback
    [26/07/2007|13:36] C:\DOCUME~1\chef\APPLIC~1\Teleca
    [04/07/2007|23:50] C:\DOCUME~1\chef\APPLIC~1\TuneUp Software
    [09/03/2008|15:13] C:\DOCUME~1\chef\APPLIC~1\Vista Start Menu
    [09/12/2007|18:42] C:\DOCUME~1\chef\APPLIC~1\vlc
    [06/10/2007|07:35] C:\DOCUME~1\chef\APPLIC~1\Windows Desktop Search

    [05/07/2007|00:34] C:\DOCUME~1\DEFAUL~1\APPLIC~1\.
    [05/07/2007|00:34] C:\DOCUME~1\DEFAUL~1\APPLIC~1\..
    [05/07/2007|00:34] C:\DOCUME~1\DEFAUL~1\APPLIC~1\desktop.ini
    [04/07/2007|22:45] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft

    [19/02/2008|20:38] C:\DOCUME~1\LOCALS~1\APPLIC~1\.
    [19/02/2008|20:38] C:\DOCUME~1\LOCALS~1\APPLIC~1\..
    [19/07/2007|17:51] C:\DOCUME~1\LOCALS~1\APPLIC~1\Adobe
    [19/02/2008|20:38] C:\DOCUME~1\LOCALS~1\APPLIC~1\AVG7
    [19/02/2008|20:38] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft

    [04/07/2007|22:47] C:\DOCUME~1\NETWOR~1\APPLIC~1\.
    [04/07/2007|22:47] C:\DOCUME~1\NETWOR~1\APPLIC~1\..
    [19/02/2008|20:38] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft

    ----------------[ Tâches planifiées dans C:\WINDOWS\tasks ]---------------

    [22/02/2008 17:15][--a------] C:\WINDOWS\tasks\Maintenance en 1 clic.job
    [13/03/2008 10:06][--ah-----] C:\WINDOWS\tasks\SA.DAT
    [05/08/2004 13:00][-r-h-----] C:\WINDOWS\tasks\desktop.ini

    ---------------[ Listing des dossiers dans C:\Program Files ]--------------

    [13/03/2008|20:15] C:\Program Files\.
    [13/03/2008|20:15] C:\Program Files\..
    [02/01/2008|17:45] C:\Program Files\Activision
    [04/07/2007|23:46] C:\Program Files\Adobe
    [21/10/2007|19:17] C:\Program Files\Allocam Multi Visio
    [04/07/2007|23:07] C:\Program Files\AMD
    [04/07/2007|23:43] C:\Program Files\AusLogics Disk Defrag
    [15/08/2007|19:31] C:\Program Files\AutoCAD 2008
    [15/08/2007|19:23] C:\Program Files\Autodesk
    [03/02/2008|18:40] C:\Program Files\AVIConverter
    [13/07/2007|10:33] C:\Program Files\AviSynth 2.5
    [10/07/2007|18:41] C:\Program Files\AvRack
    [12/02/2008|18:14] C:\Program Files\Call of Duty Game of the Year Edition
    [20/07/2007|12:59] C:\Program Files\CamStudio
    [03/11/2007|13:00] C:\Program Files\Codemasters
    [04/07/2007|22:42] C:\Program Files\ComPlus Applications
    [01/09/2007|20:08] C:\Program Files\DivX
    [05/07/2007|00:01] C:\Program Files\D-Tools
    [19/08/2007|16:02] C:\Program Files\EA GAMES
    [13/03/2008|16:24] C:\Program Files\eMule
    [13/07/2007|10:33] C:\Program Files\eRightSoft
    [20/07/2007|12:58] C:\Program Files\Fake Webcam
    [20/01/2008|20:19] C:\Program Files\Fichiers communs
    [21/02/2008|23:04] C:\Program Files\GameSpy Arcade
    [19/10/2007|17:01] C:\Program Files\Google
    [19/02/2008|20:38] C:\Program Files\Grisoft
    [29/02/2008|18:35] C:\Program Files\Helper
    [07/07/2007|14:01] C:\Program Files\Hercules
    [18/11/2007|12:39] C:\Program Files\HighwayPursuit
    [20/02/2008|20:34] C:\Program Files\InstallShield Installation Information
    [19/02/2008|23:08] C:\Program Files\Internet Explorer
    [30/12/2007|20:44] C:\Program Files\Java
    [04/07/2007|23:48] C:\Program Files\Kaspersky Lab
    [04/07/2007|23:42] C:\Program Files\MatroskaProp
    [20/07/2007|12:33] C:\Program Files\Messenger
    [22/12/2007|22:24] C:\Program Files\Messenger Plus! Live
    [04/07/2007|22:45] C:\Program Files\microsoft frontpage
    [15/08/2007|19:23] C:\Program Files\Microsoft Office
    [05/10/2007|20:27] C:\Program Files\Microsoft SQL Server Compact Edition
    [05/07/2007|00:14] C:\Program Files\Microsoft Visual Studio
    [05/07/2007|00:14] C:\Program Files\Microsoft Works
    [29/08/2007|07:19] C:\Program Files\Movie Maker
    [21/10/2007|17:06] C:\Program Files\Mozilla Firefox
    [04/07/2007|23:43] C:\Program Files\MRT Codecs Pack
    [05/07/2007|00:14] C:\Program Files\MSBuild
    [04/07/2007|22:40] C:\Program Files\MSN
    [04/07/2007|22:41] C:\Program Files\MSN Gaming Zone
    [22/12/2007|22:24] C:\Program Files\MSN Messenger
    [20/07/2007|13:05] C:\Program Files\MSN Multiconnect
    [26/07/2007|08:52] C:\Program Files\MSXML 4.0
    [16/08/2007|10:40] C:\Program Files\MSXML 6.0
    [04/07/2007|22:43] C:\Program Files\NetMeeting
    [29/02/2008|18:36] C:\Program Files\NetProject
    [04/07/2007|23:17] C:\Program Files\NVIDIA Corporation
    [13/10/2007|11:45] C:\Program Files\Odebit Multim‚dia
    [04/07/2007|23:42] C:\Program Files\On2 Technologies
    [29/08/2007|07:19] C:\Program Files\Outlook Express
    [14/02/2008|11:01] C:\Program Files\Programtime
    [04/07/2007|23:50] C:\Program Files\QuickTime
    [21/07/2007|18:49] C:\Program Files\RAR Password Cracker
    [19/10/2007|09:53] C:\Program Files\Real
    [04/07/2007|23:01] C:\Program Files\Realtek Sound Manager
    [04/07/2007|23:41] C:\Program Files\RegCleaner
    [04/07/2007|22:44] C:\Program Files\Services en ligne
    [25/07/2007|17:04] C:\Program Files\Sony Ericsson
    [15/02/2008|17:12] C:\Program Files\Spybot - Search & Destroy
    [29/08/2007|16:12] C:\Program Files\Stardock
    [21/02/2008|23:17] C:\Program Files\Steam
    [20/01/2008|20:20] C:\Program Files\TI Education
    [25/08/2007|09:04] C:\Program Files\TuneUp Utilities 2007
    [01/09/2007|15:49] C:\Program Files\Ubisoft
    [15/08/2007|19:24] C:\Program Files\Uninstall Information
    [25/11/2007|15:28] C:\Program Files\Valve
    [09/12/2007|18:41] C:\Program Files\VideoLAN
    [04/11/2007|20:23] C:\Program Files\VirtualDJ
    [29/08/2007|07:09] C:\Program Files\Vista Start Menu
    [28/08/2007|19:56] C:\Program Files\VisualTaskTips
    [29/02/2008|23:12] C:\Program Files\Web Media Player
    [05/10/2007|20:26] C:\Program Files\Windows Desktop Search
    [29/02/2008|21:01] C:\Program Files\Windows Live
    [20/02/2008|20:59] C:\Program Files\Windows Live Safety Center
    [07/07/2007|16:10] C:\Program Files\Windows Media Connect 2
    [07/07/2007|16:10] C:\Program Files\Windows Media Player
    [04/07/2007|22:41] C:\Program Files\Windows NT
    [04/07/2007|22:44] C:\Program Files\WindowsUpdate
    [06/11/2007|09:57] C:\Program Files\WinRAR
    [04/07/2007|23:57] C:\Program Files\WinZip
    [04/07/2007|22:45] C:\Program Files\xerox

    ------[ Listing des dossiers dans C:\Program Files\Fichiers communs ]------

    [20/01/2008|20:19] C:\Program Files\Fichiers communs\.
    [20/01/2008|20:19] C:\Program Files\Fichiers communs\..
    [13/10/2007|09:43] C:\Program Files\Fichiers communs\ACD Systems
    [15/09/2007|15:37] C:\Program Files\Fichiers communs\Adobe
    [15/08/2007|19:31] C:\Program Files\Fichiers communs\Autodesk Shared
    [15/08/2007|19:23] C:\Program Files\Fichiers communs\DESIGNER
    [05/07/2007|12:57] C:\Program Files\Fichiers communs\DirectX
    [04/07/2007|23:01] C:\Program Files\Fichiers communs\InstallShield
    [30/12/2007|20:40] C:\Program Files\Fichiers communs\Java
    [19/02/2008|23:00] C:\Program Files\Fichiers communs\Microsoft Shared
    [04/07/2007|22:43] C:\Program Files\Fichiers communs\MSSoap
    [05/07/2007|00:34] C:\Program Files\Fichiers communs\ODBC
    [21/10/2007|19:19] C:\Program Files\Fichiers communs\Real
    [04/07/2007|22:43] C:\Program Files\Fichiers communs\Services
    [05/07/2007|00:34] C:\Program Files\Fichiers communs\SpeechEngines
    [07/07/2007|15:16] C:\Program Files\Fichiers communs\System
    [25/07/2007|17:05] C:\Program Files\Fichiers communs\Teleca Shared
    [20/01/2008|20:19] C:\Program Files\Fichiers communs\TI Shared
    [15/11/2007|16:59] C:\Program Files\Fichiers communs\WindowsLiveInstaller
    [20/01/2008|20:17] C:\Program Files\Fichiers communs\Wise Installation Wizard

    ----------------------[ Recherche avec S_Lop ]---------------------

    Aucun fichier / dossier Lop trouvé !

    -----------------[ Recherche de Fichiers / Dossiers Lop ]-----------------

    Aucun fichier / dossier Lop trouvé !

    ----------------------[ Verification du Registre ]----------------------

    ..... OK !

    --------------------[ Verification du fichier Hosts ]---------------------

    Fichier Hosts PROPRE


    ----------------[ Recherche de fichiers avec Catchme ]-----------------

    catchme 0.3.1262 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
    Rootkit scan 2008-03-13 20:16:16
    Windows 5.1.2600 Service Pack 2 NTFS
    scanning hidden files ...
    scan completed successfully
    hidden files: 0

    --------------------[ Recherche d'autres infections ]---------------------

    Aucune autre infection trouvée !

    /!\ [Fich:171][Doss:11] C:\DOCUME~1\chef\LOCALS~1\Temp
    /!\ [Fich:44][Doss:0] C:\DOCUME~1\chef\Cookies
    /!\ [Fich:130][Doss:15] C:\DOCUME~1\chef\LOCALS~1\TEMPOR~1\content.IE5

    --------------------[ Fin du rapport a 20:17:48,07 ]----------------------
    a b 8 Sécurité
    13 Mars 2008 20:41:04

    Reposte un rapport Hijackthis.
    13 Mars 2008 21:00:33

    Logfile of HijackThis v1.99.1
    Scan saved at 20:59:06, on 13/03/2008
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v7.00 (7.00.6000.16608)

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
    C:\Documents and Settings\chef\Local Settings\Application Data\windowsupdate.exe
    C:\Program Files\Vista Start Menu\VistaStartMenu.exe
    C:\WINDOWS\BricoPacks\Vista Inspirat 2\UberIcon\UberIcon Manager.exe
    C:\Documents and Settings\chef\Local Settings\Application Data\windowsupdate.exe
    C:\Program Files\Hercules\WiFi Station\WifiStation.exe
    C:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exe
    C:\WINDOWS\BricoPacks\Vista Inspirat 2\YzShadow\YzShadow.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\WINDOWS\System32\svchost.exe
    C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
    C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
    C:\PROGRA~1\Grisoft\AVG7\avgemc.exe
    C:\WINDOWS\system32\cisvc.exe
    C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe
    C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcLog.exe
    C:\WINDOWS\system32\PnkBstrA.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\UAService7.exe
    C:\WINDOWS\system32\SearchIndexer.exe
    C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcAppFlt.exe
    C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe
    C:\Program Files\Windows Live\Messenger\msnmsgr.exe
    C:\Program Files\Windows Live\Messenger\usnsvc.exe
    C:\WINDOWS\system32\cidaemon.exe
    C:\PROGRA~1\Grisoft\AVG7\avgcc.exe
    C:\WINDOWS\system32\drwtsn32.exe
    C:\WINDOWS\system32\drwtsn32.exe
    C:\Program Files\Windows Media Player\wmplayer.exe
    C:\WINDOWS\explorer.exe
    C:\Documents and Settings\chef\Mes documents\Débarra\logiciels\HijackThis.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
    F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\userinit.exe,C:\DOCUME~1\chef\LOCALS~1\Temp\services.exe
    O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
    O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
    O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
    O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
    O4 - HKLM\..\Run: [KAVPersonal50] "C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus Personal\kav.exe" /minimize
    O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVG7\avgcc.exe /STARTUP
    O4 - HKLM\..\Run: [autoload] C:\Documents and Settings\chef\Local Settings\Application Data\windowsupdate.exe
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
    O4 - HKLM\..\Run: [ntuser] C:\WINDOWS\system32\drivers\svchost.exe
    O4 - HKCU\..\Run: [VistaStartMenu] "C:\Program Files\Vista Start Menu\VistaStartMenu.exe"
    O4 - HKCU\..\Run: [UberIcon] "C:\WINDOWS\BricoPacks\Vista Inspirat 2\UberIcon\UberIcon Manager.exe"
    O4 - HKCU\..\Run: [browse window] C:\DOCUME~1\chef\APPLIC~1\PROGRA~1\partbonefunk.exe
    O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
    O4 - HKCU\..\Run: [autoload] C:\Documents and Settings\chef\Local Settings\Application Data\windowsupdate.exe
    O4 - HKCU\..\Run: [ntuser] C:\WINDOWS\system32\drivers\svchost.exe
    O4 - Startup: RocketDock.lnk = C:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exe
    O4 - Startup: TransBar.lnk = C:\WINDOWS\BricoPacks\Vista Inspirat 2\TransBar\TransBar.exe
    O4 - Startup: UberIcon.lnk = C:\WINDOWS\BricoPacks\Vista Inspirat 2\UberIcon\UberIcon Manager.exe
    O4 - Startup: Y'z Shadow.lnk = C:\WINDOWS\BricoPacks\Vista Inspirat 2\YzShadow\YzShadow.exe
    O4 - Global Startup: WiFi Station.lnk = ?
    O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
    O9 - Extra button: (no name) - {9034A523-D068-4BE8-A284-9DF278BE776E} - http://www.explorertool.net/redirect.php (file missing)
    O9 - Extra 'Tools' menuitem: IE Anti-Spyware - {9034A523-D068-4BE8-A284-9DF278BE776E} - http://www.explorertool.net/redirect.php (file missing)
    O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
    O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
    O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra button: Allocam Multi Vision - {2D6B57BF-71FA-41A3-BDC5-3B5A25813D2E} - C:\PROGRA~1\ALLOCA~1\allocam.exe (file missing) (HKCU)
    O9 - Extra 'Tools' menuitem: Allocam Multi Vision - {2D6B57BF-71FA-41A3-BDC5-3B5A25813D2E} - C:\PROGRA~1\ALLOCA~1\allocam.exe (file missing) (HKCU)
    O10 - Unknown file in Winsock LSP: c:\windows\system32\nvappfilter.dll
    O10 - Unknown file in Winsock LSP: c:\windows\system32\nvappfilter.dll
    O10 - Unknown file in Winsock LSP: c:\windows\system32\nvappfilter.dll
    O10 - Unknown file in Winsock LSP: c:\windows\system32\nvappfilter.dll
    O10 - Unknown file in Winsock LSP: c:\windows\system32\nvappfilter.dll
    O10 - Unknown file in Winsock LSP: c:\windows\system32\nvappfilter.dll
    O11 - Options group: [INTERNATIONAL] International*
    O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/windowsupdate/v6/V5Cont...
    O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} (DivXBrowserPlugin Object) - http://download.divx.com/player/DivXBrowserPlugin.cab
    O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} (Java Runtime Environment 1.6.0) - http://javadl-esd.sun.com/update/1.6.0/jinstall-6u3-win...
    O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/fl...
    O17 - HKLM\System\CCS\Services\Tcpip\..\{D6004ECB-7DA1-4550-9979-4634711A9F2F}: NameServer = 208.67.220.220,208.67.222.222
    O17 - HKLM\System\CCS\Services\Tcpip\..\{E4A14A7A-0C27-4571-A1E0-AB61CD85964D}: NameServer = 208.67.220.220,208.67.222.222
    O17 - HKLM\System\CS1\Services\Tcpip\Parameters: NameServer = 208.67.220.220,208.67.222.222
    O17 - HKLM\System\CS2\Services\Tcpip\Parameters: NameServer = 208.67.220.220,208.67.222.222
    O17 - HKLM\System\CS2\Services\Tcpip\..\{35456AC6-3B2D-4F03-96AB-2C6823F1686F}: NameServer = 208.67.220.220,208.67.222.222
    O17 - HKLM\System\CCS\Services\Tcpip\Parameters: NameServer = 208.67.220.220,208.67.222.222
    O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WINDOW~4\MESSEN~1\MSGRAP~1.DLL
    O18 - Protocol: ms-help - {314111C7-A502-11D2-BBCA-00C04F8EC294} - C:\Program Files\Fichiers communs\Microsoft Shared\Help\hxds.dll
    O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WINDOW~4\MESSEN~1\MSGRAP~1.DLL
    O18 - Protocol: wlmailhtml - {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Program Files\Windows Live\Mail\mailcomm.dll
    O18 - Filter hijack: text/xml - {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~1\FICHIE~1\MICROS~1\OFFICE12\MSOXMLMF.DLL
    O20 - Winlogon Notify: WBSrv - C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wbsrv.dll
    O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
    O20 - Winlogon Notify: WLCtrl32 - C:\WINDOWS\SYSTEM32\WLCtrl32.dll
    O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
    O21 - SSODL: SetupPrx - {ad0c12cf-afe8-48dc-bc24-12468f87e920} - C:\WINDOWS\Installer\{ad0c12cf-afe8-48dc-bc24-12468f87e920}\SetupPrx.dll
    O23 - Service: Autodesk Licensing Service - Autodesk - C:\Program Files\Fichiers communs\Autodesk Shared\Service\AdskScSrv.exe
    O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
    O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
    O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgemc.exe
    O23 - Service: ForceWare Intelligent Application Manager (IAM) - Unknown owner - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcAppFlt.exe
    O23 - Service: Forceware Web Interface (ForcewareWebInterface) - Unknown owner - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe" -k runservice (file missing)
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
    O23 - Service: ForceWare user log service (nSvcLog) - NVIDIA - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcLog.exe
    O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
    O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
    O23 - Service: Planificateur de tâches (Schedule) - Unknown owner - C:\WINDOWS\system32\drivers\svchost.exe
    O23 - Service: SecuROM User Access Service (V7) (UserAccess7) - Sony DADC Austria AG. - C:\WINDOWS\system32\UAService7.exe

    a b 8 Sécurité
    13 Mars 2008 21:29:48

    Re,

    [#ff0000]Désactive tes protections résidentes (antivirus, Spybot...) ![/#f]

  • Télécharge Combofix ([#ff0000]sUBs[/#f]) sur ton Bureau.
  • Double clique sur combofix.exe afin de le lancer.
  • Tape sur la touche 1 (Yes) pour démarrer le scan.
  • Lorsque le scan sera complété, un rapport apparaîtra. Poste ce rapport dans ta prochaine réponse.
    14 Mars 2008 10:04:41

    Re, je n'arrive pas a lancer Combofix un message apparait en disant qu'il n'est pas compatible et qu'il fonctionne qu'avec Xp ou windows2000!! alors que j'ai XP!! ESt-ce normal??
    a b 8 Sécurité
    14 Mars 2008 13:15:39

    Tu peux le supprimer et recommencer ?
    14 Mars 2008 13:52:21

    je l'ai supprimé et retelechargé mais la meme reponse reste marqué!!
    Compment fait on pour retirer spybot et tout comme tu ma dis?? je risque rien??
    a b 8 Sécurité
    14 Mars 2008 13:55:59

    Pas de risque. On va faire autrement, Combofix rencontre un bug.

    Télécharge SDFix (créé par AndyManchesta) et sauvegarde le sur ton Bureau.
    Double clique sur SDFix.exe et choisis Install pour l'extraire sur le Bureau.

    Redémarre en mode sans échec

  • Ouvre le dossier SDFix qui vient d'être créé à la racine de ton dique dur (C:) et double clique sur RunThis.bat pour lancer le script.
  • Appuie sur Y pour commencer le processus de nettoyage.
  • Il va supprimer les services et les entrées du Registre de certains trojans trouvés puis te demandera d'appuyer sur une touche pour redémarrer.
  • Appuie sur une touche pour redémarrer le PC.
  • Ton système sera plus long pour redémarrer qu'à l'accoutumée car l'outil va continuer à s'exécuter et supprimer des fichiers.
  • Après le chargement du Bureau, l'outil terminera son travail et affichera Finished.
  • Appuie sur une touche pour finir l'exécution du script et charger les icônes de ton Bureau.
  • Les icônes du Bureau affichées, le rapport SDFix s'ouvrira à l'écran et s'enregistrera aussi dans le dossier SDFix sous le nom Report.txt.
  • Enfin, copie/colle le contenu du fichier Report.txt dans ta prochaine réponse sur le forum, avec un nouveau log Hijackthis.
    14 Mars 2008 14:39:26

    voila j'ai redemarré mon pc le message suivant apparait:
    "final check
    running catchme,please wait . this may take up to 5minutes"
    sa fait 15min que j'attends!! c'est normal??
    14 Mars 2008 14:48:25

    en fait c'est bon!!
    voici le rapport de SDFix

    SDFix: Version 1.157

    Run by chef on 14/03/2008 at 14:21

    Microsoft Windows XP [version 5.1.2600]
    Running From: C:\SDFix

    Checking Services :

    Name:
    zeqwur
    OVC41

    Path:
    \??\C:\WINDOWS\Help\zeqwur.chm
    System32\Drivers\Ovc41.sys

    zeqwur - Deleted
    OVC41 - Deleted



    Restoring Windows Registry Values
    Restoring Windows Default Hosts File

    Rebooting

    Service OVC41 - Deleted after Reboot

    Checking Files :

    Trojan Files Found:

    C:\WINDOWS\Installer\{ad0c12cf-afe8-48dc-bc24-12468f87e920}\SetupPrx.dll - Deleted
    C:\Documents and Settings\All Users\Menu D‚marrer\Online Security Guide.url - Deleted
    C:\Documents and Settings\All Users\Menu D‚marrer\Security Troubleshooting.url - Deleted
    C:\Program Files\NetProject\ot.ico - Deleted
    C:\Program Files\NetProject\ts.ico - Deleted
    C:\WINDOWS\17PHolmes1089.exe - Deleted
    C:\WINDOWS\mrofinu1089.exe - Deleted
    C:\WINDOWS\mrofinu1089.exe.tmp - Deleted
    C:\DOCUME~1\chef\LOCALS~1\Temp\services.exe - Deleted
    C:\WINDOWS\altvxvm.dll - Deleted
    C:\WINDOWS\bokpkov.dll - Deleted
    C:\WINDOWS\system32\drivers\svchost.exe - Deleted
    C:\WINDOWS\system32\real.txt - Deleted
    C:\WINDOWS\system32\WLCtrl32.dll - Deleted
    C:\WINDOWS\system32\WLCtrl32.dl_ - Deleted
    C:\WINDOWS\help\zeqwur.chm - Deleted
    C:\WINDOWS\system32\drivers\OVC41.sys - Deleted



    Folder C:\WINDOWS\Installer\{ad0c12cf-afe8-48dc-bc24-12468f87e920} - Removed
    Folder C:\Program Files\Helper - Removed
    Folder C:\Program Files\NetProject - Removed


    Removing Temp Files

    ADS Check :



    Final Check :

    catchme 0.3.1344.2 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
    Rootkit scan 2008-03-14 14:25:43
    Windows 5.1.2600 Service Pack 2 NTFS

    scanning hidden processes ...

    scanning hidden services & system hive ...

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\d347prt\Cfg\0Jf40]

    scanning hidden registry entries ...

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
    "AppInit_DLLs"="wbsys.dll"
    "DeviceNotSelectedTimeout"="15"
    "GDIProcessHandleQuota"=dword:00002710
    "Spooler"="yes"
    "swapdisk"=""
    "TransmissionRetryTimeout"="90"
    "USERProcessHandleQuota"=dword:00002710

    scanning hidden files ...


    scan completed successfully
    hidden processes: 0
    hidden services: 0
    hidden files: 206


    Remaining Services :



    Authorized Application Key Export:

    [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
    "%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
    "C:\\Program Files\\NVIDIA Corporation\\NetworkAccessManager\\Apache Group\\Apache2\\bin\\Apache.exe"="C:\\Program Files\\NVIDIA Corporation\\NetworkAccessManager\\Apache Group\\Apache2\\bin\\Apache.exe:*:Enabled:Apache HTTP Server"
    "%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
    "C:\\Program Files\\EA GAMES\\NFS Underground\\Speed.exe"="C:\\Program Files\\EA GAMES\\NFS Underground\\Speed.exe:*:D isabled:Speed"
    "C:\\WINDOWS\\system32\\mcoinstall.exe"="C:\\WINDOWS\\system32\\mcoinstall.exe:*:Enabled:mcoinstall"
    "C:\\Games\\Paintball2\\paintball2.exe"="C:\\Games\\Paintball2\\paintball2.exe:*:Enabled:p aintball2"
    "C:\\Program Files\\EA GAMES\\MOHDA\\MOHAA.exe"="C:\\Program Files\\EA GAMES\\MOHDA\\MOHAA.exe:*:Enabled:Medal of Honor Allied Assault(tm)"
    "C:\\Program Files\\GameSpy Arcade\\Aphex.exe"="C:\\Program Files\\GameSpy Arcade\\Aphex.exe:*:Enabled:GameSpy Arcade"
    "C:\\Program Files\\eMule\\emule.exe"="C:\\Program Files\\eMule\\emule.exe:*:Enabled:eMule"
    "C:\\Program Files\\Call of Duty Game of the Year Edition\\CoDMP.exe"="C:\\Program Files\\Call of Duty Game of the Year Edition\\CoDMP.exe:*:Enabled:CoDMP"
    "C:\\Program Files\\Allocam Multi Visio\\allocam.exe"="C:\\Program Files\\Allocam Multi Visio\\allocam.exe:*:Enabled:Multi Video"
    "C:\\PROGRA~1\\ALLOCA~1\\allocam.exe"="C:\\PROGRA~1\\ALLOCA~1\\allocam.exe:*:Enabled:Multi Video"
    "C:\\Documents and Settings\\chef\\Bureau\\msnmsgr.exe"="C:\\Documents and Settings\\chef\\Bureau\\msnmsgr.exe:*:Enabled:Windows Live Messenger"
    "C:\\Program Files\\Ubisoft\\Crytek\\Far Cry\\Bin32\\FarCry.exe"="C:\\Program Files\\Ubisoft\\Crytek\\Far Cry\\Bin32\\FarCry.exe:*:Enabled:Far Cry"
    "C:\\Documents and Settings\\chef\\Mes documents\\Jeux\\mini jeux\\volley.exe"="C:\\Documents and Settings\\chef\\Mes documents\\Jeux\\mini jeux\\volley.exe:*:Enabled:volley"
    "C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"="C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger"
    "C:\\Program Files\\Windows Live\\Messenger\\livecall.exe"="C:\\Program Files\\Windows Live\\Messenger\\livecall.exe:*:Enabled:Windows Live Messenger (Phone)"
    "C:\\Program Files\\Steam\\steamapps\\common\\lost planet dx9 trial\\LostPlanetDX9.exe"="C:\\Program Files\\Steam\\steamapps\\common\\lost planet dx9 trial\\LostPlanetDX9.exe:*:Enabled:LostPlanetDX9"
    "C:\\Documents and Settings\\chef\\Mes documents\\Jeux\\mini jeux\\Games for PC 386 & 486\\SPORT\\BLOBBY\\VOLLEY.EXE"="C:\\Documents and Settings\\chef\\Mes documents\\Jeux\\mini jeux\\Games for PC 386 & 486\\SPORT\\BLOBBY\\VOLLEY.EXE:*:Enabled:VOLLEY"
    "C:\\Program Files\\Steam\\steamapps\\common\\dawn of war winter assault demo\\WinterAssault.exe"="C:\\Program Files\\Steam\\steamapps\\common\\dawn of war winter assault demo\\WinterAssault.exe:*:Enabled:WinterAssault"
    "C:\\WINDOWS\\system32\\rtcshare.exe"="C:\\WINDOWS\\system32\\rtcshare.exe:*:Enabled:p artage de l'application RTC"
    "C:\\WINDOWS\\system32\\PnkBstrA.exe"="C:\\WINDOWS\\system32\\PnkBstrA.exe:*:Enabled:p nkBstrA"
    "C:\\WINDOWS\\system32\\PnkBstrB.exe"="C:\\WINDOWS\\system32\\PnkBstrB.exe:*:Enabled:p nkBstrB"
    "C:\\Program Files\\Grisoft\\AVG7\\avginet.exe"="C:\\Program Files\\Grisoft\\AVG7\\avginet.exe:*:Enabled:avginet.exe"
    "C:\\Program Files\\Grisoft\\AVG7\\avgamsvr.exe"="C:\\Program Files\\Grisoft\\AVG7\\avgamsvr.exe:*:Enabled:avgamsvr.exe"
    "C:\\Program Files\\Grisoft\\AVG7\\avgcc.exe"="C:\\Program Files\\Grisoft\\AVG7\\avgcc.exe:*:Enabled:avgcc.exe"
    "C:\\Program Files\\Grisoft\\AVG7\\avgemc.exe"="C:\\Program Files\\Grisoft\\AVG7\\avgemc.exe:*:Enabled:avgemc.exe"
    "C:\\Program Files\\Activision\\Call of Duty 4 - Modern Warfare\\iw3mp.exe"="C:\\Program Files\\Activision\\Call of Duty 4 - Modern Warfare\\iw3mp.exe:*:Enabled:Call of Duty(R) 4 - Modern Warfare(TM) "
    @=""
    "C:\\DOCUME~1\\chef\\LOCALS~1\\Temp\\services.exe"="C:\\DOCUME~1\\chef\\LOCALS~1\\Temp\\services.exe:*:Enabled:Flash Media"

    [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
    "%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
    "%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
    "C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"="C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger"
    "C:\\Program Files\\Windows Live\\Messenger\\livecall.exe"="C:\\Program Files\\Windows Live\\Messenger\\livecall.exe:*:Enabled:Windows Live Messenger (Phone)"

    Remaining Files :


    File Backups: - C:\SDFix\backups\backups.zip

    Files with Hidden Attributes :

    Sun 12 Mar 2006 10,311,680 ..SH. --- "C:\Program Files\AVIConverter\mencoder.exe"
    Wed 13 Oct 2004 1,694,208 ..SH. --- "C:\Program Files\Messenger\msmsgs.exe"
    Mon 28 Jan 2008 1,404,240 A.SHR --- "C:\Program Files\Spybot - Search & Destroy\SDUpdate.exe"
    Mon 28 Jan 2008 5,146,448 A.SHR --- "C:\Program Files\Spybot - Search & Destroy\SpybotSD.exe"
    Mon 28 Jan 2008 2,097,488 A.SHR --- "C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe"
    Wed 3 May 2006 163,328 ..SHR --- "C:\WINDOWS\system32\flvDX.dll"
    Wed 21 Feb 2007 31,232 ..SHR --- "C:\WINDOWS\system32\msfDX.dll"
    Mon 16 Jul 2007 4,348 A.SH. --- "C:\Documents and Settings\All Users\DRM\DRMv1.bak"
    Sun 26 Jun 2005 616,448 ..SHR --- "C:\Program Files\eRightSoft\SUPER\cygwin1.dll"
    Tue 21 Jun 2005 45,568 ..SHR --- "C:\Program Files\eRightSoft\SUPER\cygz.dll"
    Sat 7 Jul 2007 72,704 ..SHR --- "C:\Program Files\eRightSoft\SUPER\Setup.exe"
    Fri 27 Oct 2006 15,872 A.SHR --- "C:\Program Files\eRightSoft\SUPER\_Setup.dll"
    Thu 5 Aug 2004 60,416 A.SH. --- "C:\WINDOWS\BricoPacks\SysFiles\80_msimn.exe"
    Sat 7 Jul 2007 0 A.SH. --- "C:\Documents and Settings\All Users\DRM\Cache\Indiv01.tmp"
    Thu 13 Mar 2008 41,833 ..SH. --- "C:\Documents and Settings\chef\Local Settings\Application Data\windowsupdate.exe"
    Thu 13 Mar 2008 44,499 ..SH. --- "C:\Documents and Settings\LocalService\Local Settings\Application Data\windowsupdate.exe"
    Tue 4 Jun 2002 84,992 ...HR --- "C:\Program Files\eRightSoft\SUPER\mencoder\14_43260.dll"
    Tue 4 Jun 2002 44,032 ...HR --- "C:\Program Files\eRightSoft\SUPER\mencoder\28_83260.dll"
    Tue 10 Dec 2002 73,766 ...HR --- "C:\Program Files\eRightSoft\SUPER\mencoder\atrc3260.dll"
    Tue 10 Dec 2002 65,575 ...HR --- "C:\Program Files\eRightSoft\SUPER\mencoder\cook3260.dll"
    Sun 9 Jun 2002 36,864 ...HR --- "C:\Program Files\eRightSoft\SUPER\mencoder\ddnt3260.dll"
    Tue 4 Jun 2002 20,480 ...HR --- "C:\Program Files\eRightSoft\SUPER\mencoder\dnet3260.dll"
    Tue 10 Dec 2002 102,437 ...HR --- "C:\Program Files\eRightSoft\SUPER\mencoder\drv13260.dll"
    Tue 10 Dec 2002 176,165 ...HR --- "C:\Program Files\eRightSoft\SUPER\mencoder\drv23260.dll"
    Tue 10 Dec 2002 208,935 ...HR --- "C:\Program Files\eRightSoft\SUPER\mencoder\drv33260.dll"
    Tue 10 Dec 2002 217,127 ...HR --- "C:\Program Files\eRightSoft\SUPER\mencoder\drv43260.dll"
    Sun 9 Jun 2002 40,448 ...HR --- "C:\Program Files\eRightSoft\SUPER\mencoder\dspr3260.dll"
    Sat 3 Nov 2001 225,280 ...HR --- "C:\Program Files\eRightSoft\SUPER\mencoder\ivvideo.dll"
    Tue 10 Apr 2001 225,280 ...HR --- "C:\Program Files\eRightSoft\SUPER\mencoder\qtmlClient.dll"
    Fri 20 Feb 2004 232,960 ...HR --- "C:\Program Files\eRightSoft\SUPER\mencoder\raac.dll"
    Sun 9 Jun 2002 525,824 ...HR --- "C:\Program Files\eRightSoft\SUPER\mencoder\rnco3260.dll"
    Tue 10 Dec 2002 245,805 ...HR --- "C:\Program Files\eRightSoft\SUPER\mencoder\rnlt3260.dll"
    Tue 10 Dec 2002 45,093 ...HR --- "C:\Program Files\eRightSoft\SUPER\mencoder\rv103260.dll"
    Tue 10 Dec 2002 98,341 ...HR --- "C:\Program Files\eRightSoft\SUPER\mencoder\rv203260.dll"
    Tue 10 Dec 2002 94,247 ...HR --- "C:\Program Files\eRightSoft\SUPER\mencoder\rv303260.dll"
    Tue 10 Dec 2002 90,151 ...HR --- "C:\Program Files\eRightSoft\SUPER\mencoder\rv403260.dll"
    Tue 10 Dec 2002 102,439 ...HR --- "C:\Program Files\eRightSoft\SUPER\mencoder\sipr3260.dll"
    Sun 9 Jun 2002 49,152 ...HR --- "C:\Program Files\eRightSoft\SUPER\mencoder\tokr3260.dll"
    Sat 17 Nov 2007 1,301 ...HR --- "C:\Documents and Settings\chef\Application Data\SecuROM\UserData\securom_v7_01.bak"

    Finished!




    et celui de Hijackthis
    Logfile of HijackThis v1.99.1
    Scan saved at 14:45:33, on 14/03/2008
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v7.00 (7.00.6000.16608)

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
    C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
    C:\PROGRA~1\Grisoft\AVG7\avgemc.exe
    C:\WINDOWS\system32\cisvc.exe
    C:\WINDOWS\Explorer.EXE
    C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe
    C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcLog.exe
    C:\WINDOWS\system32\nvsvc32.exe
    C:\WINDOWS\system32\PnkBstrA.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\UAService7.exe
    C:\WINDOWS\system32\SearchIndexer.exe
    C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcAppFlt.exe
    C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe
    C:\WINDOWS\system32\cidaemon.exe
    C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
    C:\PROGRA~1\Grisoft\AVG7\avgcc.exe
    C:\Program Files\QuickTime\qttask.exe
    C:\WINDOWS\BricoPacks\Vista Inspirat 2\UberIcon\UberIcon Manager.exe
    C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
    C:\Program Files\Internet Explorer\IEXPLORE.EXE
    C:\Program Files\Hercules\WiFi Station\WifiStation.exe
    C:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exe
    C:\WINDOWS\BricoPacks\Vista Inspirat 2\YzShadow\YzShadow.exe
    C:\WINDOWS\system32\SearchProtocolHost.exe
    C:\Documents and Settings\chef\Mes documents\Débarra\logiciels\HijackThis.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
    O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
    O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
    O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
    O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
    O4 - HKLM\..\Run: [KAVPersonal50] "C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus Personal\kav.exe" /minimize
    O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVG7\avgcc.exe /STARTUP
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
    O4 - HKCU\..\Run: [UberIcon] "C:\WINDOWS\BricoPacks\Vista Inspirat 2\UberIcon\UberIcon Manager.exe"
    O4 - HKCU\..\Run: [browse window] C:\DOCUME~1\chef\APPLIC~1\PROGRA~1\partbonefunk.exe
    O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
    O4 - HKCU\..\Run: [VistaStartMenu] "C:\Program Files\Vista Start Menu\VistaStartMenu.exe"
    O4 - Startup: RocketDock.lnk = C:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exe
    O4 - Startup: TransBar.lnk = C:\WINDOWS\BricoPacks\Vista Inspirat 2\TransBar\TransBar.exe
    O4 - Startup: UberIcon.lnk = C:\WINDOWS\BricoPacks\Vista Inspirat 2\UberIcon\UberIcon Manager.exe
    O4 - Startup: Y'z Shadow.lnk = C:\WINDOWS\BricoPacks\Vista Inspirat 2\YzShadow\YzShadow.exe
    O4 - Global Startup: WiFi Station.lnk = ?
    O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
    O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
    O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
    O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra button: Allocam Multi Vision - {2D6B57BF-71FA-41A3-BDC5-3B5A25813D2E} - C:\PROGRA~1\ALLOCA~1\allocam.exe (file missing) (HKCU)
    O9 - Extra 'Tools' menuitem: Allocam Multi Vision - {2D6B57BF-71FA-41A3-BDC5-3B5A25813D2E} - C:\PROGRA~1\ALLOCA~1\allocam.exe (file missing) (HKCU)
    O10 - Unknown file in Winsock LSP: c:\windows\system32\nvappfilter.dll
    O10 - Unknown file in Winsock LSP: c:\windows\system32\nvappfilter.dll
    O10 - Unknown file in Winsock LSP: c:\windows\system32\nvappfilter.dll
    O10 - Unknown file in Winsock LSP: c:\windows\system32\nvappfilter.dll
    O10 - Unknown file in Winsock LSP: c:\windows\system32\nvappfilter.dll
    O10 - Unknown file in Winsock LSP: c:\windows\system32\nvappfilter.dll
    O11 - Options group: [INTERNATIONAL] International*
    O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/windowsupdate/v6/V5Cont...
    O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} (DivXBrowserPlugin Object) - http://download.divx.com/player/DivXBrowserPlugin.cab
    O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} (Java Runtime Environment 1.6.0) - http://javadl-esd.sun.com/update/1.6.0/jinstall-6u3-win...
    O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/fl...
    O17 - HKLM\System\CCS\Services\Tcpip\..\{D6004ECB-7DA1-4550-9979-4634711A9F2F}: NameServer = 208.67.220.220,208.67.222.222
    O17 - HKLM\System\CCS\Services\Tcpip\..\{E4A14A7A-0C27-4571-A1E0-AB61CD85964D}: NameServer = 208.67.220.220,208.67.222.222
    O17 - HKLM\System\CS1\Services\Tcpip\Parameters: NameServer = 208.67.220.220,208.67.222.222
    O17 - HKLM\System\CS2\Services\Tcpip\Parameters: NameServer = 208.67.220.220,208.67.222.222
    O17 - HKLM\System\CCS\Services\Tcpip\Parameters: NameServer = 208.67.220.220,208.67.222.222
    O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WINDOW~4\MESSEN~1\MSGRAP~1.DLL
    O18 - Protocol: ms-help - {314111C7-A502-11D2-BBCA-00C04F8EC294} - C:\Program Files\Fichiers communs\Microsoft Shared\Help\hxds.dll
    O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WINDOW~4\MESSEN~1\MSGRAP~1.DLL
    O18 - Protocol: wlmailhtml - {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Program Files\Windows Live\Mail\mailcomm.dll
    O18 - Filter hijack: text/xml - {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~1\FICHIE~1\MICROS~1\OFFICE12\MSOXMLMF.DLL
    O20 - Winlogon Notify: WBSrv - C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wbsrv.dll
    O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
    O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
    O23 - Service: Autodesk Licensing Service - Autodesk - C:\Program Files\Fichiers communs\Autodesk Shared\Service\AdskScSrv.exe
    O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
    O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
    O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgemc.exe
    O23 - Service: ForceWare Intelligent Application Manager (IAM) - Unknown owner - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcAppFlt.exe
    O23 - Service: Forceware Web Interface (ForcewareWebInterface) - Unknown owner - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe" -k runservice (file missing)
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
    O23 - Service: ForceWare user log service (nSvcLog) - NVIDIA - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcLog.exe
    O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
    O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
    O23 - Service: Planificateur de tâches (Schedule) - Unknown owner - C:\WINDOWS\system32\drivers\svchost.exe (file missing)
    O23 - Service: SecuROM User Access Service (V7) (UserAccess7) - Sony DADC Austria AG. - C:\WINDOWS\system32\UAService7.exe

    a b 8 Sécurité
    14 Mars 2008 17:39:36

    Refais un scan LopSD option 1.
    14 Mars 2008 18:28:56

    le voici


    -----------------------[ Lop S&D 4.0.6 XP/Vista ]----------------------

    [ Windows XP (NT 5.1) Build 2600, Service Pack 2 ]
    [ USER : chef ] [ "C:\Lop SD" ]
    [ 14/03/2008 | 18:25:23,26 ] [ PC : THIBAULT ]
    [ MAJ : 11-03-2008 | 01:12 ]

    -------------[ Listing des dossiers dans Application Data ]------------

    [14/03/2008|18:20] C:\DOCUME~1\ALLUSE~1\APPLIC~1\.
    [14/03/2008|18:20] C:\DOCUME~1\ALLUSE~1\APPLIC~1\..
    [14/03/2008|18:20] C:\DOCUME~1\ALLUSE~1\APPLIC~1\{A850D4D9-871B-4234-908D-21C457767270}
    [15/09/2007|15:37] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe
    [04/07/2007|23:49] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple Computer
    [09/03/2008|15:02] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Autodesk
    [19/02/2008|22:32] C:\DOCUME~1\ALLUSE~1\APPLIC~1\avg7
    [05/07/2007|00:34] C:\DOCUME~1\ALLUSE~1\APPLIC~1\desktop.ini
    [19/02/2008|20:38] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Grisoft
    [07/07/2007|19:15] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Messenger Plus!
    [05/10/2007|20:26] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft
    [13/03/2008|10:16] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft Help
    [07/07/2007|16:59] C:\DOCUME~1\ALLUSE~1\APPLIC~1\NFS Underground
    [25/07/2007|17:05] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Sony Ericsson
    [15/02/2008|17:17] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Spybot - Search & Destroy
    [19/07/2007|16:39] C:\DOCUME~1\ALLUSE~1\APPLIC~1\SRS Labs
    [25/07/2007|17:05] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Teleca
    [19/02/2008|14:18] C:\DOCUME~1\ALLUSE~1\APPLIC~1\TEMP
    [04/07/2007|23:50] C:\DOCUME~1\ALLUSE~1\APPLIC~1\TuneUp Software
    [07/07/2007|14:40] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Genuine Advantage
    [15/11/2007|16:57] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WLInstaller

    [14/03/2008|18:07] C:\DOCUME~1\chef\APPLIC~1\.
    [14/03/2008|18:07] C:\DOCUME~1\chef\APPLIC~1\..
    [05/07/2007|11:54] C:\DOCUME~1\chef\APPLIC~1\ACD Systems
    [15/09/2007|15:29] C:\DOCUME~1\chef\APPLIC~1\Adobe
    [15/09/2007|15:34] C:\DOCUME~1\chef\APPLIC~1\AdobeUM
    [15/09/2007|21:09] C:\DOCUME~1\chef\APPLIC~1\Apple Computer
    [09/03/2008|15:04] C:\DOCUME~1\chef\APPLIC~1\Autodesk
    [14/03/2008|08:00] C:\DOCUME~1\chef\APPLIC~1\AVG7
    [18/11/2007|09:35] C:\DOCUME~1\chef\APPLIC~1\Azureus
    [14/03/2008|18:07] C:\DOCUME~1\chef\APPLIC~1\Briquolo
    [05/07/2007|00:34] C:\DOCUME~1\chef\APPLIC~1\desktop.ini
    [15/08/2007|18:15] C:\DOCUME~1\chef\APPLIC~1\DivX
    [19/10/2007|18:01] C:\DOCUME~1\chef\APPLIC~1\Google
    [15/09/2007|17:14] C:\DOCUME~1\chef\APPLIC~1\Help
    [05/10/2007|20:27] C:\DOCUME~1\chef\APPLIC~1\Identities
    [18/07/2007|10:10] C:\DOCUME~1\chef\APPLIC~1\Macromedia
    [19/02/2008|20:38] C:\DOCUME~1\chef\APPLIC~1\Microsoft
    [17/08/2007|12:40] C:\DOCUME~1\chef\APPLIC~1\Mozilla
    [17/08/2007|12:40] C:\DOCUME~1\chef\APPLIC~1\Netscape
    [17/08/2007|12:39] C:\DOCUME~1\chef\APPLIC~1\Photodex
    [02/01/2008|18:02] C:\DOCUME~1\chef\APPLIC~1\PnkBstrK.sys
    [20/02/2008|09:37] C:\DOCUME~1\chef\APPLIC~1\Programtime
    [21/10/2007|19:19] C:\DOCUME~1\chef\APPLIC~1\Real
    [01/09/2007|15:57] C:\DOCUME~1\chef\APPLIC~1\SecuROM
    [09/07/2007|16:12] C:\DOCUME~1\chef\APPLIC~1\Sun
    [07/07/2007|15:29] C:\DOCUME~1\chef\APPLIC~1\Talkback
    [26/07/2007|13:36] C:\DOCUME~1\chef\APPLIC~1\Teleca
    [04/07/2007|23:50] C:\DOCUME~1\chef\APPLIC~1\TuneUp Software
    [14/03/2008|18:07] C:\DOCUME~1\chef\APPLIC~1\Vista Start Menu
    [09/12/2007|18:42] C:\DOCUME~1\chef\APPLIC~1\vlc
    [06/10/2007|07:35] C:\DOCUME~1\chef\APPLIC~1\Windows Desktop Search

    [05/07/2007|00:34] C:\DOCUME~1\DEFAUL~1\APPLIC~1\.
    [05/07/2007|00:34] C:\DOCUME~1\DEFAUL~1\APPLIC~1\..
    [05/07/2007|00:34] C:\DOCUME~1\DEFAUL~1\APPLIC~1\desktop.ini
    [04/07/2007|22:45] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft

    [19/02/2008|20:38] C:\DOCUME~1\LOCALS~1\APPLIC~1\.
    [19/02/2008|20:38] C:\DOCUME~1\LOCALS~1\APPLIC~1\..
    [19/07/2007|17:51] C:\DOCUME~1\LOCALS~1\APPLIC~1\Adobe
    [19/02/2008|20:38] C:\DOCUME~1\LOCALS~1\APPLIC~1\AVG7
    [19/02/2008|20:38] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft

    [04/07/2007|22:47] C:\DOCUME~1\NETWOR~1\APPLIC~1\.
    [04/07/2007|22:47] C:\DOCUME~1\NETWOR~1\APPLIC~1\..
    [19/02/2008|20:38] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft

    ----------------[ Tâches planifiées dans C:\WINDOWS\tasks ]---------------

    [22/02/2008 17:15][--a------] C:\WINDOWS\tasks\Maintenance en 1 clic.job
    [13/03/2008 10:06][--ah-----] C:\WINDOWS\tasks\SA.DAT
    [05/08/2004 13:00][-r-h-----] C:\WINDOWS\tasks\desktop.ini

    ---------------[ Listing des dossiers dans C:\Program Files ]--------------

    [14/03/2008|18:14] C:\Program Files\.
    [14/03/2008|18:14] C:\Program Files\..
    [02/01/2008|17:45] C:\Program Files\Activision
    [04/07/2007|23:46] C:\Program Files\Adobe
    [21/10/2007|19:17] C:\Program Files\Allocam Multi Visio
    [04/07/2007|23:07] C:\Program Files\AMD
    [04/07/2007|23:43] C:\Program Files\AusLogics Disk Defrag
    [15/08/2007|19:31] C:\Program Files\AutoCAD 2008
    [15/08/2007|19:23] C:\Program Files\Autodesk
    [03/02/2008|18:40] C:\Program Files\AVIConverter
    [13/07/2007|10:33] C:\Program Files\AviSynth 2.5
    [10/07/2007|18:41] C:\Program Files\AvRack
    [12/02/2008|18:14] C:\Program Files\Call of Duty Game of the Year Edition
    [20/07/2007|12:59] C:\Program Files\CamStudio
    [03/11/2007|13:00] C:\Program Files\Codemasters
    [04/07/2007|22:42] C:\Program Files\ComPlus Applications
    [01/09/2007|20:08] C:\Program Files\DivX
    [05/07/2007|00:01] C:\Program Files\D-Tools
    [19/08/2007|16:02] C:\Program Files\EA GAMES
    [14/03/2008|15:59] C:\Program Files\eMule
    [13/07/2007|10:33] C:\Program Files\eRightSoft
    [20/07/2007|12:58] C:\Program Files\Fake Webcam
    [20/01/2008|20:19] C:\Program Files\Fichiers communs
    [21/02/2008|23:04] C:\Program Files\GameSpy Arcade
    [19/10/2007|17:01] C:\Program Files\Google
    [19/02/2008|20:38] C:\Program Files\Grisoft
    [07/07/2007|14:01] C:\Program Files\Hercules
    [18/11/2007|12:39] C:\Program Files\HighwayPursuit
    [14/03/2008|18:05] C:\Program Files\InstallShield Installation Information
    [19/02/2008|23:08] C:\Program Files\Internet Explorer
    [30/12/2007|20:44] C:\Program Files\Java
    [04/07/2007|23:48] C:\Program Files\Kaspersky Lab
    [04/07/2007|23:42] C:\Program Files\MatroskaProp
    [20/07/2007|12:33] C:\Program Files\Messenger
    [22/12/2007|22:24] C:\Program Files\Messenger Plus! Live
    [04/07/2007|22:45] C:\Program Files\microsoft frontpage
    [15/08/2007|19:23] C:\Program Files\Microsoft Office
    [05/10/2007|20:27] C:\Program Files\Microsoft SQL Server Compact Edition
    [05/07/2007|00:14] C:\Program Files\Microsoft Visual Studio
    [05/07/2007|00:14] C:\Program Files\Microsoft Works
    [14/03/2008|17:52] C:\Program Files\Movie Maker
    [21/10/2007|17:06] C:\Program Files\Mozilla Firefox
    [04/07/2007|23:43] C:\Program Files\MRT Codecs Pack
    [05/07/2007|00:14] C:\Program Files\MSBuild
    [04/07/2007|22:40] C:\Program Files\MSN
    [04/07/2007|22:41] C:\Program Files\MSN Gaming Zone
    [22/12/2007|22:24] C:\Program Files\MSN Messenger
    [20/07/2007|13:05] C:\Program Files\MSN Multiconnect
    [26/07/2007|08:52] C:\Program Files\MSXML 4.0
    [16/08/2007|10:40] C:\Program Files\MSXML 6.0
    [04/07/2007|22:43] C:\Program Files\NetMeeting
    [04/07/2007|23:17] C:\Program Files\NVIDIA Corporation
    [13/10/2007|11:45] C:\Program Files\Odebit Multim‚dia
    [04/07/2007|23:42] C:\Program Files\On2 Technologies
    [14/03/2008|17:52] C:\Program Files\Outlook Express
    [14/02/2008|11:01] C:\Program Files\Programtime
    [04/07/2007|23:50] C:\Program Files\QuickTime
    [21/07/2007|18:49] C:\Program Files\RAR Password Cracker
    [19/10/2007|09:53] C:\Program Files\Real
    [04/07/2007|23:01] C:\Program Files\Realtek Sound Manager
    [04/07/2007|23:41] C:\Program Files\RegCleaner
    [04/07/2007|22:44] C:\Program Files\Services en ligne
    [25/07/2007|17:04] C:\Program Files\Sony Ericsson
    [15/02/2008|17:12] C:\Program Files\Spybot - Search & Destroy
    [14/03/2008|18:20] C:\Program Files\Stardock
    [14/03/2008|18:14] C:\Program Files\Thoosje Sidebar V2.0
    [20/01/2008|20:20] C:\Program Files\TI Education
    [14/03/2008|17:59] C:\Program Files\Transform XP to Vista
    [25/08/2007|09:04] C:\Program Files\TuneUp Utilities 2007
    [01/09/2007|15:49] C:\Program Files\Ubisoft
    [15/08/2007|19:24] C:\Program Files\Uninstall Information
    [25/11/2007|15:28] C:\Program Files\Valve
    [09/12/2007|18:41] C:\Program Files\VideoLAN
    [04/11/2007|20:23] C:\Program Files\VirtualDJ
    [29/02/2008|23:12] C:\Program Files\Web Media Player
    [05/10/2007|20:26] C:\Program Files\Windows Desktop Search
    [29/02/2008|21:01] C:\Program Files\Windows Live
    [20/02/2008|20:59] C:\Program Files\Windows Live Safety Center
    [07/07/2007|16:10] C:\Program Files\Windows Media Connect 2
    [07/07/2007|16:10] C:\Program Files\Windows Media Player
    [04/07/2007|22:41] C:\Program Files\Windows NT
    [04/07/2007|22:44] C:\Program Files\WindowsUpdate
    [06/11/2007|09:57] C:\Program Files\WinRAR
    [04/07/2007|23:57] C:\Program Files\WinZip
    [04/07/2007|22:45] C:\Program Files\xerox

    ------[ Listing des dossiers dans C:\Program Files\Fichiers communs ]------

    [20/01/2008|20:19] C:\Program Files\Fichiers communs\.
    [20/01/2008|20:19] C:\Program Files\Fichiers communs\..
    [13/10/2007|09:43] C:\Program Files\Fichiers communs\ACD Systems
    [15/09/2007|15:37] C:\Program Files\Fichiers communs\Adobe
    [15/08/2007|19:31] C:\Program Files\Fichiers communs\Autodesk Shared
    [15/08/2007|19:23] C:\Program Files\Fichiers communs\DESIGNER
    [05/07/2007|12:57] C:\Program Files\Fichiers communs\DirectX
    [04/07/2007|23:01] C:\Program Files\Fichiers communs\InstallShield
    [30/12/2007|20:40] C:\Program Files\Fichiers communs\Java
    [19/02/2008|23:00] C:\Program Files\Fichiers communs\Microsoft Shared
    [04/07/2007|22:43] C:\Program Files\Fichiers communs\MSSoap
    [05/07/2007|00:34] C:\Program Files\Fichiers communs\ODBC
    [21/10/2007|19:19] C:\Program Files\Fichiers communs\Real
    [04/07/2007|22:43] C:\Program Files\Fichiers communs\Services
    [05/07/2007|00:34] C:\Program Files\Fichiers communs\SpeechEngines
    [07/07/2007|15:16] C:\Program Files\Fichiers communs\System
    [25/07/2007|17:05] C:\Program Files\Fichiers communs\Teleca Shared
    [20/01/2008|20:19] C:\Program Files\Fichiers communs\TI Shared
    [15/11/2007|16:59] C:\Program Files\Fichiers communs\WindowsLiveInstaller
    [20/01/2008|20:17] C:\Program Files\Fichiers communs\Wise Installation Wizard

    ----------------------[ Recherche avec S_Lop ]---------------------

    Aucun fichier / dossier Lop trouvé !

    -----------------[ Recherche de Fichiers / Dossiers Lop ]-----------------

    Aucun fichier / dossier Lop trouvé !

    ----------------------[ Verification du Registre ]----------------------

    ..... OK !

    --------------------[ Verification du fichier Hosts ]---------------------

    Fichier Hosts PROPRE


    ----------------[ Recherche de fichiers avec Catchme ]-----------------

    catchme 0.3.1262 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
    Rootkit scan 2008-03-14 18:25:43
    Windows 5.1.2600 Service Pack 2 NTFS
    scanning hidden files ...
    scan completed successfully
    hidden files: 0

    --------------------[ Recherche d'autres infections ]---------------------

    Aucune autre infection trouvée !

    /!\ [Fich:5][Doss:13] C:\DOCUME~1\chef\LOCALS~1\Temp
    /!\ [Fich:62][Doss:0] C:\DOCUME~1\chef\Cookies
    /!\ [Fich:206][Doss:15] C:\DOCUME~1\chef\LOCALS~1\TEMPOR~1\content.IE5

    --------------------[ Fin du rapport a 18:27:38,90 ]----------------------
    a b 8 Sécurité
    14 Mars 2008 21:11:15

    Re,

    Fix les lignes dans le cadre ci-dessous avec Hijackthis : AIDE EN IMAGES

    O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
    O4 - HKCU\..\Run: [browse window] C:\DOCUME~1\chef\APPLIC~1\PROGRA~1\partbonefunk.exe
    O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe


    &

    Télécharge OTMoveIt (d'OldTimer). Sauvegarde-le sur ton Bureau.
    Sélectionne l'emplacement dans le cadre ci-dessous :

    C:\DOCUME~1\chef\APPLIC~1\PROGRA~1

    ---> Clique-droit puis Copier (ou Ctrl+C)

    Double-clique sur OTMoveIt.exe afin de le lancer.
    Fais un Clique-droit sur le cadre de gauche puis choisis Coller (ou Ctrl+V).
    Clique maintenant sur [#ff0000]MoveIt![/#f]

    [#ff0000]Si un fichier ou dossier ne peut pas être supprimé immédiatement, le logiciel te demandera de redémarrer.
    Accepte en cliquant sur YES.[/#f]

    Poste le rapport situé dans ce dossier : C:\_OTMoveIt\MovedFiles\
    Le nom du rapport correspond au moment de sa création : date_heure.log

    ->Informations sur le logiciel<-
    14 Mars 2008 21:25:26

    le voici

    C:\DOCUME~1\chef\APPLIC~1\PROGRA~1 moved successfully.

    OTMoveIt2 by OldTimer - Version 1.0.21 log created on 03142008_212425
    15 Mars 2008 10:38:36

    que doisje fairemaintenant svp??
    a b 8 Sécurité
    15 Mars 2008 12:39:00

    Reposte un rapport Hijackthis.
    15 Mars 2008 13:12:07

    voila!!

    Logfile of HijackThis v1.99.1
    Scan saved at 13:11:12, on 15/03/2008
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v7.00 (7.00.6000.16608)

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
    C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
    C:\PROGRA~1\Grisoft\AVG7\avgemc.exe
    C:\WINDOWS\system32\cisvc.exe
    C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe
    C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcLog.exe
    C:\WINDOWS\system32\nvsvc32.exe
    C:\WINDOWS\system32\PnkBstrA.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\UAService7.exe
    C:\WINDOWS\system32\SearchIndexer.exe
    C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe
    C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcAppFlt.exe
    C:\WINDOWS\Explorer.EXE
    C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
    C:\PROGRA~1\Grisoft\AVG7\avgcc.exe
    C:\WINDOWS\BricoPacks\Vista Inspirat 2\UberIcon\UberIcon Manager.exe
    C:\Program Files\Internet Explorer\IEXPLORE.EXE
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\VisualTaskTips\VisualTaskTips.exe
    C:\Program Files\Hercules\WiFi Station\WifiStation.exe
    C:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exe
    C:\WINDOWS\BricoPacks\Vista Inspirat 2\YzShadow\YzShadow.exe
    C:\WINDOWS\system32\cidaemon.exe
    C:\Program Files\Windows Live\Messenger\msnmsgr.exe
    C:\Program Files\Windows Live\Messenger\usnsvc.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\WINDOWS\system32\ntvdm.exe
    C:\Program Files\MySQL\MySQL Server 4.1\bin\mysqld-nt.exe
    C:\Program Files\eMule\emule.exe
    C:\Program Files\Windows Media Player\wmplayer.exe
    C:\WINDOWS\system32\SearchProtocolHost.exe
    C:\Documents and Settings\chef\Mes documents\Débarra\logiciels\HijackThis.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
    O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
    O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
    O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
    O4 - HKLM\..\Run: [KAVPersonal50] "C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus Personal\kav.exe" /minimize
    O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVG7\avgcc.exe /STARTUP
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
    O4 - HKCU\..\Run: [UberIcon] "C:\WINDOWS\BricoPacks\Vista Inspirat 2\UberIcon\UberIcon Manager.exe"
    O4 - HKCU\..\Run: [VisualTaskTips] C:\Program Files\VisualTaskTips\VisualTaskTips.exe
    O4 - HKCU\..\Run: [RocketDock] "C:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exe"
    O4 - HKCU\..\Run: [browse window] C:\DOCUME~1\chef\APPLIC~1\PROGRA~1\partbonefunk.exe
    O4 - Startup: RocketDock.lnk = C:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exe
    O4 - Startup: TransBar.lnk = C:\WINDOWS\BricoPacks\Vista Inspirat 2\TransBar\TransBar.exe
    O4 - Startup: UberIcon.lnk = C:\WINDOWS\BricoPacks\Vista Inspirat 2\UberIcon\UberIcon Manager.exe
    O4 - Startup: Y'z Shadow.lnk = C:\WINDOWS\BricoPacks\Vista Inspirat 2\YzShadow\YzShadow.exe
    O4 - Global Startup: WiFi Station.lnk = ?
    O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
    O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
    O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
    O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra button: Allocam Multi Vision - {2D6B57BF-71FA-41A3-BDC5-3B5A25813D2E} - C:\PROGRA~1\ALLOCA~1\allocam.exe (file missing) (HKCU)
    O9 - Extra 'Tools' menuitem: Allocam Multi Vision - {2D6B57BF-71FA-41A3-BDC5-3B5A25813D2E} - C:\PROGRA~1\ALLOCA~1\allocam.exe (file missing) (HKCU)
    O10 - Unknown file in Winsock LSP: c:\windows\system32\nvappfilter.dll
    O10 - Unknown file in Winsock LSP: c:\windows\system32\nvappfilter.dll
    O10 - Unknown file in Winsock LSP: c:\windows\system32\nvappfilter.dll
    O10 - Unknown file in Winsock LSP: c:\windows\system32\nvappfilter.dll
    O10 - Unknown file in Winsock LSP: c:\windows\system32\nvappfilter.dll
    O10 - Unknown file in Winsock LSP: c:\windows\system32\nvappfilter.dll
    O11 - Options group: [INTERNATIONAL] International*
    O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/windowsupdate/v6/V5Cont...
    O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} (DivXBrowserPlugin Object) - http://download.divx.com/player/DivXBrowserPlugin.cab
    O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} (Java Runtime Environment 1.6.0) - http://javadl-esd.sun.com/update/1.6.0/jinstall-6u3-win...
    O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/fl...
    O17 - HKLM\System\CCS\Services\Tcpip\..\{D6004ECB-7DA1-4550-9979-4634711A9F2F}: NameServer = 208.67.220.220,208.67.222.222
    O17 - HKLM\System\CCS\Services\Tcpip\..\{E4A14A7A-0C27-4571-A1E0-AB61CD85964D}: NameServer = 208.67.220.220,208.67.222.222
    O17 - HKLM\System\CS1\Services\Tcpip\Parameters: NameServer = 208.67.220.220,208.67.222.222
    O17 - HKLM\System\CS2\Services\Tcpip\Parameters: NameServer = 208.67.220.220,208.67.222.222
    O17 - HKLM\System\CCS\Services\Tcpip\Parameters: NameServer = 208.67.220.220,208.67.222.222
    O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WINDOW~4\MESSEN~1\MSGRAP~1.DLL
    O18 - Protocol: ms-help - {314111C7-A502-11D2-BBCA-00C04F8EC294} - C:\Program Files\Fichiers communs\Microsoft Shared\Help\hxds.dll
    O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WINDOW~4\MESSEN~1\MSGRAP~1.DLL
    O18 - Protocol: wlmailhtml - {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Program Files\Windows Live\Mail\mailcomm.dll
    O18 - Filter hijack: text/xml - {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~1\FICHIE~1\MICROS~1\OFFICE12\MSOXMLMF.DLL
    O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
    O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
    O23 - Service: Autodesk Licensing Service - Autodesk - C:\Program Files\Fichiers communs\Autodesk Shared\Service\AdskScSrv.exe
    O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
    O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
    O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgemc.exe
    O23 - Service: ForceWare Intelligent Application Manager (IAM) - Unknown owner - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcAppFlt.exe
    O23 - Service: Forceware Web Interface (ForcewareWebInterface) - Unknown owner - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe" -k runservice (file missing)
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
    O23 - Service: MySQL - Unknown owner - C:\Program.exe (file missing)
    O23 - Service: ForceWare user log service (nSvcLog) - NVIDIA - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcLog.exe
    O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
    O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
    O23 - Service: Planificateur de tâches (Schedule) - Unknown owner - C:\WINDOWS\system32\drivers\svchost.exe (file missing)
    O23 - Service: SecuROM User Access Service (V7) (UserAccess7) - Sony DADC Austria AG. - C:\WINDOWS\system32\UAService7.exe

    a b 8 Sécurité
    15 Mars 2008 13:25:49

    Tu peux recommencer ?
    15 Mars 2008 18:57:32

    recommencer une anallyse hijackthis??
    15 Mars 2008 20:08:49

    desolé je vois pas se que tu veux que je recommence!! pas tout depuis le debut quand meme??!!!!
    a b 8 Sécurité
    15 Mars 2008 20:56:55

    Nan, l'étape avec OTMoveIt.
    15 Mars 2008 21:10:20

    je coche les meme case?? mais elles n'existent plus aussi!!
    a b 8 Sécurité
    15 Mars 2008 21:34:54

    Bah si elles n'existent plus, tu continues quand même.
    15 Mars 2008 22:00:40

    voila enfin si c'est se qu'il fallait!!
    C:\DOCUME~1\chef\APPLIC~1\PROGRA~1 moved successfully.
    File/Folder not found.

    OTMoveIt2 by OldTimer - Version 1.0.21 log created on 03152008_215848
    a b 8 Sécurité
    15 Mars 2008 22:10:25

    Reposte un rapport Hijackthis.
    15 Mars 2008 23:13:13

    Logfile of HijackThis v1.99.1
    Scan saved at 23:12:38, on 15/03/2008
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v7.00 (7.00.6000.16608)

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
    C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
    C:\PROGRA~1\Grisoft\AVG7\avgemc.exe
    C:\WINDOWS\system32\cisvc.exe
    C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe
    C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcLog.exe
    C:\WINDOWS\system32\nvsvc32.exe
    C:\WINDOWS\system32\PnkBstrA.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\UAService7.exe
    C:\WINDOWS\system32\SearchIndexer.exe
    C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe
    C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcAppFlt.exe
    C:\WINDOWS\Explorer.EXE
    C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
    C:\PROGRA~1\Grisoft\AVG7\avgcc.exe
    C:\WINDOWS\BricoPacks\Vista Inspirat 2\UberIcon\UberIcon Manager.exe
    C:\Program Files\Internet Explorer\IEXPLORE.EXE
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\VisualTaskTips\VisualTaskTips.exe
    C:\Program Files\Hercules\WiFi Station\WifiStation.exe
    C:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exe
    C:\WINDOWS\BricoPacks\Vista Inspirat 2\YzShadow\YzShadow.exe
    C:\WINDOWS\system32\cidaemon.exe
    C:\Program Files\Windows Live\Messenger\msnmsgr.exe
    C:\Program Files\Windows Live\Messenger\usnsvc.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\WINDOWS\system32\ntvdm.exe
    C:\Program Files\MySQL\MySQL Server 4.1\bin\mysqld-nt.exe
    C:\Program Files\Windows Media Player\wmplayer.exe
    C:\Program Files\eMule\emule.exe
    C:\Documents and Settings\chef\Bureau\OTMoveIt2.exe
    C:\WINDOWS\system32\NOTEPAD.EXE
    C:\Documents and Settings\chef\Mes documents\Débarra\logiciels\HijackThis.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
    O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
    O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
    O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
    O4 - HKLM\..\Run: [KAVPersonal50] "C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus Personal\kav.exe" /minimize
    O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVG7\avgcc.exe /STARTUP
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
    O4 - HKCU\..\Run: [UberIcon] "C:\WINDOWS\BricoPacks\Vista Inspirat 2\UberIcon\UberIcon Manager.exe"
    O4 - HKCU\..\Run: [VisualTaskTips] C:\Program Files\VisualTaskTips\VisualTaskTips.exe
    O4 - HKCU\..\Run: [RocketDock] "C:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exe"
    O4 - HKCU\..\Run: [browse window] C:\DOCUME~1\chef\APPLIC~1\PROGRA~1\partbonefunk.exe
    O4 - Startup: RocketDock.lnk = C:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exe
    O4 - Startup: TransBar.lnk = C:\WINDOWS\BricoPacks\Vista Inspirat 2\TransBar\TransBar.exe
    O4 - Startup: UberIcon.lnk = C:\WINDOWS\BricoPacks\Vista Inspirat 2\UberIcon\UberIcon Manager.exe
    O4 - Startup: Y'z Shadow.lnk = C:\WINDOWS\BricoPacks\Vista Inspirat 2\YzShadow\YzShadow.exe
    O4 - Global Startup: WiFi Station.lnk = ?
    O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
    O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
    O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
    O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra button: Allocam Multi Vision - {2D6B57BF-71FA-41A3-BDC5-3B5A25813D2E} - C:\PROGRA~1\ALLOCA~1\allocam.exe (file missing) (HKCU)
    O9 - Extra 'Tools' menuitem: Allocam Multi Vision - {2D6B57BF-71FA-41A3-BDC5-3B5A25813D2E} - C:\PROGRA~1\ALLOCA~1\allocam.exe (file missing) (HKCU)
    O10 - Unknown file in Winsock LSP: c:\windows\system32\nvappfilter.dll
    O10 - Unknown file in Winsock LSP: c:\windows\system32\nvappfilter.dll
    O10 - Unknown file in Winsock LSP: c:\windows\system32\nvappfilter.dll
    O10 - Unknown file in Winsock LSP: c:\windows\system32\nvappfilter.dll
    O10 - Unknown file in Winsock LSP: c:\windows\system32\nvappfilter.dll
    O10 - Unknown file in Winsock LSP: c:\windows\system32\nvappfilter.dll
    O11 - Options group: [INTERNATIONAL] International*
    O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/windowsupdate/v6/V5Cont...
    O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} (DivXBrowserPlugin Object) - http://download.divx.com/player/DivXBrowserPlugin.cab
    O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} (Java Runtime Environment 1.6.0) - http://javadl-esd.sun.com/update/1.6.0/jinstall-6u3-win...
    O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/fl...
    O17 - HKLM\System\CCS\Services\Tcpip\..\{D6004ECB-7DA1-4550-9979-4634711A9F2F}: NameServer = 208.67.220.220,208.67.222.222
    O17 - HKLM\System\CCS\Services\Tcpip\..\{E4A14A7A-0C27-4571-A1E0-AB61CD85964D}: NameServer = 208.67.220.220,208.67.222.222
    O17 - HKLM\System\CS1\Services\Tcpip\Parameters: NameServer = 208.67.220.220,208.67.222.222
    O17 - HKLM\System\CS2\Services\Tcpip\Parameters: NameServer = 208.67.220.220,208.67.222.222
    O17 - HKLM\System\CCS\Services\Tcpip\Parameters: NameServer = 208.67.220.220,208.67.222.222
    O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WINDOW~4\MESSEN~1\MSGRAP~1.DLL
    O18 - Protocol: ms-help - {314111C7-A502-11D2-BBCA-00C04F8EC294} - C:\Program Files\Fichiers communs\Microsoft Shared\Help\hxds.dll
    O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WINDOW~4\MESSEN~1\MSGRAP~1.DLL
    O18 - Protocol: wlmailhtml - {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Program Files\Windows Live\Mail\mailcomm.dll
    O18 - Filter hijack: text/xml - {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~1\FICHIE~1\MICROS~1\OFFICE12\MSOXMLMF.DLL
    O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
    O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
    O23 - Service: Autodesk Licensing Service - Autodesk - C:\Program Files\Fichiers communs\Autodesk Shared\Service\AdskScSrv.exe
    O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
    O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
    O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgemc.exe
    O23 - Service: ForceWare Intelligent Application Manager (IAM) - Unknown owner - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcAppFlt.exe
    O23 - Service: Forceware Web Interface (ForcewareWebInterface) - Unknown owner - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe" -k runservice (file missing)
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
    O23 - Service: MySQL - Unknown owner - C:\Program.exe (file missing)
    O23 - Service: ForceWare user log service (nSvcLog) - NVIDIA - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcLog.exe
    O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
    O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
    O23 - Service: Planificateur de tâches (Schedule) - Unknown owner - C:\WINDOWS\system32\drivers\svchost.exe (file missing)
    O23 - Service: SecuROM User Access Service (V7) (UserAccess7) - Sony DADC Austria AG. - C:\WINDOWS\system32\UAService7.exe

    a b 8 Sécurité
    16 Mars 2008 12:14:28

    Bizarre...Supprime ta version de LopS&D puis recommence avec un scan option 1.
    16 Mars 2008 12:41:24

    ah pourquoi??

    voici le rapport

    -----------------------[ Lop S&D 4.0.7 XP/Vista ]----------------------

    [ Windows XP (NT 5.1) Build 2600, Service Pack 2 ]
    [ USER : chef ] [ "C:\Lop SD" ]
    [ 16/03/2008 | 12:38:23,30 ] [ PC : THIBAULT ]
    [ MAJ : 13-03-2008 | 20:45 ]

    -------------[ Listing des dossiers dans Application Data ]------------

    [14/03/2008|18:55] C:\DOCUME~1\ALLUSE~1\APPLIC~1\.
    [14/03/2008|18:55] C:\DOCUME~1\ALLUSE~1\APPLIC~1\..
    [15/09/2007|15:37] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe
    [04/07/2007|23:49] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple Computer
    [09/03/2008|15:02] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Autodesk
    [19/02/2008|22:32] C:\DOCUME~1\ALLUSE~1\APPLIC~1\avg7
    [05/07/2007|00:34] C:\DOCUME~1\ALLUSE~1\APPLIC~1\desktop.ini
    [19/02/2008|20:38] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Grisoft
    [07/07/2007|19:15] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Messenger Plus!
    [05/10/2007|20:26] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft
    [13/03/2008|10:16] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft Help
    [07/07/2007|16:59] C:\DOCUME~1\ALLUSE~1\APPLIC~1\NFS Underground
    [25/07/2007|17:05] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Sony Ericsson
    [15/02/2008|17:17] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Spybot - Search & Destroy
    [19/07/2007|16:39] C:\DOCUME~1\ALLUSE~1\APPLIC~1\SRS Labs
    [25/07/2007|17:05] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Teleca
    [19/02/2008|14:18] C:\DOCUME~1\ALLUSE~1\APPLIC~1\TEMP
    [04/07/2007|23:50] C:\DOCUME~1\ALLUSE~1\APPLIC~1\TuneUp Software
    [07/07/2007|14:40] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Genuine Advantage
    [15/11/2007|16:57] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WLInstaller

    [15/03/2008|22:18] C:\DOCUME~1\chef\APPLIC~1\.
    [15/03/2008|22:18] C:\DOCUME~1\chef\APPLIC~1\..
    [05/07/2007|11:54] C:\DOCUME~1\chef\APPLIC~1\ACD Systems
    [15/09/2007|15:29] C:\DOCUME~1\chef\APPLIC~1\Adobe
    [15/09/2007|15:34] C:\DOCUME~1\chef\APPLIC~1\AdobeUM
    [15/09/2007|21:09] C:\DOCUME~1\chef\APPLIC~1\Apple Computer
    [09/03/2008|15:04] C:\DOCUME~1\chef\APPLIC~1\Autodesk
    [16/03/2008|08:00] C:\DOCUME~1\chef\APPLIC~1\AVG7
    [18/11/2007|09:35] C:\DOCUME~1\chef\APPLIC~1\Azureus
    [14/03/2008|18:13] C:\DOCUME~1\chef\APPLIC~1\Briquolo
    [05/07/2007|00:34] C:\DOCUME~1\chef\APPLIC~1\desktop.ini
    [15/08/2007|18:15] C:\DOCUME~1\chef\APPLIC~1\DivX
    [19/10/2007|18:01] C:\DOCUME~1\chef\APPLIC~1\Google
    [15/09/2007|17:14] C:\DOCUME~1\chef\APPLIC~1\Help
    [05/10/2007|20:27] C:\DOCUME~1\chef\APPLIC~1\Identities
    [18/07/2007|10:10] C:\DOCUME~1\chef\APPLIC~1\Macromedia
    [19/02/2008|20:38] C:\DOCUME~1\chef\APPLIC~1\Microsoft
    [17/08/2007|12:40] C:\DOCUME~1\chef\APPLIC~1\Mozilla
    [17/08/2007|12:40] C:\DOCUME~1\chef\APPLIC~1\Netscape
    [17/08/2007|12:39] C:\DOCUME~1\chef\APPLIC~1\Photodex
    [02/01/2008|18:02] C:\DOCUME~1\chef\APPLIC~1\PnkBstrK.sys
    [15/03/2008|22:18] C:\DOCUME~1\chef\APPLIC~1\Programtime
    [21/10/2007|19:19] C:\DOCUME~1\chef\APPLIC~1\Real
    [01/09/2007|15:57] C:\DOCUME~1\chef\APPLIC~1\SecuROM
    [09/07/2007|16:12] C:\DOCUME~1\chef\APPLIC~1\Sun
    [07/07/2007|15:29] C:\DOCUME~1\chef\APPLIC~1\Talkback
    [26/07/2007|13:36] C:\DOCUME~1\chef\APPLIC~1\Teleca
    [04/07/2007|23:50] C:\DOCUME~1\chef\APPLIC~1\TuneUp Software
    [09/12/2007|18:42] C:\DOCUME~1\chef\APPLIC~1\vlc
    [06/10/2007|07:35] C:\DOCUME~1\chef\APPLIC~1\Windows Desktop Search

    [05/07/2007|00:34] C:\DOCUME~1\DEFAUL~1\APPLIC~1\.
    [05/07/2007|00:34] C:\DOCUME~1\DEFAUL~1\APPLIC~1\..
    [05/07/2007|00:34] C:\DOCUME~1\DEFAUL~1\APPLIC~1\desktop.ini
    [04/07/2007|22:45] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft

    [19/02/2008|20:38] C:\DOCUME~1\LOCALS~1\APPLIC~1\.
    [19/02/2008|20:38] C:\DOCUME~1\LOCALS~1\APPLIC~1\..
    [19/07/2007|17:51] C:\DOCUME~1\LOCALS~1\APPLIC~1\Adobe
    [19/02/2008|20:38] C:\DOCUME~1\LOCALS~1\APPLIC~1\AVG7
    [19/02/2008|20:38] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft

    [04/07/2007|22:47] C:\DOCUME~1\NETWOR~1\APPLIC~1\.
    [04/07/2007|22:47] C:\DOCUME~1\NETWOR~1\APPLIC~1\..
    [19/02/2008|20:38] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft

    ----------------[ Tâches planifiées dans C:\WINDOWS\tasks ]---------------

    [22/02/2008 17:15][--a------] C:\WINDOWS\tasks\Maintenance en 1 clic.job
    [13/03/2008 10:06][--ah-----] C:\WINDOWS\tasks\SA.DAT
    [05/08/2004 13:00][-r-h-----] C:\WINDOWS\tasks\desktop.ini

    ---------------[ Listing des dossiers dans C:\Program Files ]--------------

    [14/03/2008|22:51] C:\Program Files\.
    [14/03/2008|22:51] C:\Program Files\..
    [02/01/2008|17:45] C:\Program Files\Activision
    [04/07/2007|23:46] C:\Program Files\Adobe
    [21/10/2007|19:17] C:\Program Files\Allocam Multi Visio
    [04/07/2007|23:07] C:\Program Files\AMD
    [04/07/2007|23:43] C:\Program Files\AusLogics Disk Defrag
    [15/08/2007|19:31] C:\Program Files\AutoCAD 2008
    [15/08/2007|19:23] C:\Program Files\Autodesk
    [03/02/2008|18:40] C:\Program Files\AVIConverter
    [13/07/2007|10:33] C:\Program Files\AviSynth 2.5
    [10/07/2007|18:41] C:\Program Files\AvRack
    [12/02/2008|18:14] C:\Program Files\Call of Duty Game of the Year Edition
    [20/07/2007|12:59] C:\Program Files\CamStudio
    [03/11/2007|13:00] C:\Program Files\Codemasters
    [04/07/2007|22:42] C:\Program Files\ComPlus Applications
    [14/03/2008|22:30] C:\Program Files\DessinerCestGagner
    [01/09/2007|20:08] C:\Program Files\DivX
    [05/07/2007|00:01] C:\Program Files\D-Tools
    [19/08/2007|16:02] C:\Program Files\EA GAMES
    [16/03/2008|12:24] C:\Program Files\eMule
    [13/07/2007|10:33] C:\Program Files\eRightSoft
    [20/07/2007|12:58] C:\Program Files\Fake Webcam
    [20/01/2008|20:19] C:\Program Files\Fichiers communs
    [21/02/2008|23:04] C:\Program Files\GameSpy Arcade
    [19/10/2007|17:01] C:\Program Files\Google
    [19/02/2008|20:38] C:\Program Files\Grisoft
    [07/07/2007|14:01] C:\Program Files\Hercules
    [18/11/2007|12:39] C:\Program Files\HighwayPursuit
    [14/03/2008|18:05] C:\Program Files\InstallShield Installation Information
    [19/02/2008|23:08] C:\Program Files\Internet Explorer
    [30/12/2007|20:44] C:\Program Files\Java
    [04/07/2007|23:48] C:\Program Files\Kaspersky Lab
    [04/07/2007|23:42] C:\Program Files\MatroskaProp
    [20/07/2007|12:33] C:\Program Files\Messenger
    [22/12/2007|22:24] C:\Program Files\Messenger Plus! Live
    [04/07/2007|22:45] C:\Program Files\microsoft frontpage
    [15/08/2007|19:23] C:\Program Files\Microsoft Office
    [05/10/2007|20:27] C:\Program Files\Microsoft SQL Server Compact Edition
    [05/07/2007|00:14] C:\Program Files\Microsoft Visual Studio
    [05/07/2007|00:14] C:\Program Files\Microsoft Works
    [14/03/2008|18:55] C:\Program Files\Movie Maker
    [21/10/2007|17:06] C:\Program Files\Mozilla Firefox
    [04/07/2007|23:43] C:\Program Files\MRT Codecs Pack
    [05/07/2007|00:14] C:\Program Files\MSBuild
    [04/07/2007|22:40] C:\Program Files\MSN
    [04/07/2007|22:41] C:\Program Files\MSN Gaming Zone
    [22/12/2007|22:24] C:\Program Files\MSN Messenger
    [20/07/2007|13:05] C:\Program Files\MSN Multiconnect
    [26/07/2007|08:52] C:\Program Files\MSXML 4.0
    [16/08/2007|10:40] C:\Program Files\MSXML 6.0
    [14/03/2008|22:51] C:\Program Files\MySQL
    [04/07/2007|22:43] C:\Program Files\NetMeeting
    [04/07/2007|23:17] C:\Program Files\NVIDIA Corporation
    [13/10/2007|11:45] C:\Program Files\Odebit Multim‚dia
    [04/07/2007|23:42] C:\Program Files\On2 Technologies
    [14/03/2008|18:55] C:\Program Files\Outlook Express
    [14/02/2008|11:01] C:\Program Files\Programtime
    [04/07/2007|23:50] C:\Program Files\QuickTime
    [21/07/2007|18:49] C:\Program Files\RAR Password Cracker
    [19/10/2007|09:53] C:\Program Files\Real
    [04/07/2007|23:01] C:\Program Files\Realtek Sound Manager
    [04/07/2007|23:41] C:\Program Files\RegCleaner
    [14/03/2008|22:24] C:\Program Files\Scorched3D
    [04/07/2007|22:44] C:\Program Files\Services en ligne
    [25/07/2007|17:04] C:\Program Files\Sony Ericsson
    [15/02/2008|17:12] C:\Program Files\Spybot - Search & Destroy
    [14/03/2008|18:34] C:\Program Files\Stardock
    [14/03/2008|22:28] C:\Program Files\SuperMarioPac
    [14/03/2008|18:35] C:\Program Files\Thoosje Sidebar V2.0
    [20/01/2008|20:20] C:\Program Files\TI Education
    [25/08/2007|09:04] C:\Program Files\TuneUp Utilities 2007
    [01/09/2007|15:49] C:\Program Files\Ubisoft
    [15/08/2007|19:24] C:\Program Files\Uninstall Information
    [25/11/2007|15:28] C:\Program Files\Valve
    [09/12/2007|18:41] C:\Program Files\VideoLAN
    [04/11/2007|20:23] C:\Program Files\VirtualDJ
    [14/03/2008|18:30] C:\Program Files\VisualTaskTips
    [29/02/2008|23:12] C:\Program Files\Web Media Player
    [05/10/2007|20:26] C:\Program Files\Windows Desktop Search
    [29/02/2008|21:01] C:\Program Files\Windows Live
    [20/02/2008|20:59] C:\Program Files\Windows Live Safety Center
    [07/07/2007|16:10] C:\Program Files\Windows Media Connect 2
    [07/07/2007|16:10] C:\Program Files\Windows Media Player
    [04/07/2007|22:41] C:\Program Files\Windows NT
    [04/07/2007|22:44] C:\Program Files\WindowsUpdate
    [06/11/2007|09:57] C:\Program Files\WinRAR
    [04/07/2007|23:57] C:\Program Files\WinZip
    [04/07/2007|22:45] C:\Program Files\xerox

    ------[ Listing des dossiers dans C:\Program Files\Fichiers communs ]------

    [20/01/2008|20:19] C:\Program Files\Fichiers communs\.
    [20/01/2008|20:19] C:\Program Files\Fichiers communs\..
    [13/10/2007|09:43] C:\Program Files\Fichiers communs\ACD Systems
    [15/09/2007|15:37] C:\Program Files\Fichiers communs\Adobe
    [15/08/2007|19:31] C:\Program Files\Fichiers communs\Autodesk Shared
    [15/08/2007|19:23] C:\Program Files\Fichiers communs\DESIGNER
    [05/07/2007|12:57] C:\Program Files\Fichiers communs\DirectX
    [04/07/2007|23:01] C:\Program Files\Fichiers communs\InstallShield
    [30/12/2007|20:40] C:\Program Files\Fichiers communs\Java
    [19/02/2008|23:00] C:\Program Files\Fichiers communs\Microsoft Shared
    [04/07/2007|22:43] C:\Program Files\Fichiers communs\MSSoap
    [05/07/2007|00:34] C:\Program Files\Fichiers communs\ODBC
    [21/10/2007|19:19] C:\Program Files\Fichiers communs\Real
    [04/07/2007|22:43] C:\Program Files\Fichiers communs\Services
    [05/07/2007|00:34] C:\Program Files\Fichiers communs\SpeechEngines
    [07/07/2007|15:16] C:\Program Files\Fichiers communs\System
    [25/07/2007|17:05] C:\Program Files\Fichiers communs\Teleca Shared
    [20/01/2008|20:19] C:\Program Files\Fichiers communs\TI Shared
    [15/11/2007|16:59] C:\Program Files\Fichiers communs\WindowsLiveInstaller
    [20/01/2008|20:17] C:\Program Files\Fichiers communs\Wise Installation Wizard

    ----------------------[ Recherche avec S_Lop ]---------------------

    Aucun fichier / dossier Lop trouvé !

    -----------------[ Recherche de Fichiers / Dossiers Lop ]-----------------

    C:\DOCUME~1\chef\APPLIC~1\Programtime
    C:\Program Files\Programtime

    ----------------------[ Verification du Registre ]----------------------

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

    ..... OK !

    --------------------[ Verification du fichier Hosts ]---------------------

    Fichier Hosts PROPRE


    ----------------[ Recherche de fichiers avec Catchme ]-----------------

    catchme 0.3.1262 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
    Rootkit scan 2008-03-16 12:38:49
    Windows 5.1.2600 Service Pack 2 NTFS
    scanning hidden files ...
    scan completed successfully
    hidden files: 0

    --------------------[ Recherche d'autres infections ]---------------------

    Aucune autre infection trouvée !

    /!\ [Fich:52][Doss:13] C:\DOCUME~1\chef\LOCALS~1\Temp
    /!\ [Fich:94][Doss:0] C:\DOCUME~1\chef\Cookies
    /!\ [Fich:288][Doss:15] C:\DOCUME~1\chef\LOCALS~1\TEMPOR~1\content.IE5

    --------------------[ Fin du rapport a 12:40:30,44 ]----------------------
    a b 8 Sécurité
    16 Mars 2008 13:23:33

    Option 2 maintenant :) 
    16 Mars 2008 14:21:16

    -----------------------[ Lop S&D 4.0.7 XP/Vista ]----------------------

    [ Windows XP (NT 5.1) Build 2600, Service Pack 2 ]
    [ USER : chef ] [ "C:\Lop SD" ]
    [ 16/03/2008 | 14:17:17,80 ] [ PC : THIBAULT ]
    [ MAJ : 13-03-2008 | 20:45 ]

    \\\\\\\\\\\\\\\\\\\\\\\\\\\\\\ SUPPRESSION /////////////////////////////

    Supprimé! - C:\DOCUME~1\chef\APPLIC~1\Programtime
    Supprimé! - C:\Program Files\Programtime
    Restauré! - Fichier Hosts

    //////////////////////////////////////-\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\


    -------------[ Listing des dossiers dans Application Data ]------------

    [14/03/2008|18:55] C:\DOCUME~1\ALLUSE~1\APPLIC~1\.
    [14/03/2008|18:55] C:\DOCUME~1\ALLUSE~1\APPLIC~1\..
    [15/09/2007|15:37] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe
    [04/07/2007|23:49] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple Computer
    [09/03/2008|15:02] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Autodesk
    [19/02/2008|22:32] C:\DOCUME~1\ALLUSE~1\APPLIC~1\avg7
    [05/07/2007|00:34] C:\DOCUME~1\ALLUSE~1\APPLIC~1\desktop.ini
    [19/02/2008|20:38] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Grisoft
    [07/07/2007|19:15] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Messenger Plus!
    [05/10/2007|20:26] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft
    [13/03/2008|10:16] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft Help
    [07/07/2007|16:59] C:\DOCUME~1\ALLUSE~1\APPLIC~1\NFS Underground
    [25/07/2007|17:05] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Sony Ericsson
    [15/02/2008|17:17] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Spybot - Search & Destroy
    [19/07/2007|16:39] C:\DOCUME~1\ALLUSE~1\APPLIC~1\SRS Labs
    [25/07/2007|17:05] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Teleca
    [19/02/2008|14:18] C:\DOCUME~1\ALLUSE~1\APPLIC~1\TEMP
    [04/07/2007|23:50] C:\DOCUME~1\ALLUSE~1\APPLIC~1\TuneUp Software
    [07/07/2007|14:40] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Genuine Advantage
    [15/11/2007|16:57] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WLInstaller

    [16/03/2008|14:17] C:\DOCUME~1\chef\APPLIC~1\.
    [16/03/2008|14:17] C:\DOCUME~1\chef\APPLIC~1\..
    [05/07/2007|11:54] C:\DOCUME~1\chef\APPLIC~1\ACD Systems
    [15/09/2007|15:29] C:\DOCUME~1\chef\APPLIC~1\Adobe
    [15/09/2007|15:34] C:\DOCUME~1\chef\APPLIC~1\AdobeUM
    [15/09/2007|21:09] C:\DOCUME~1\chef\APPLIC~1\Apple Computer
    [09/03/2008|15:04] C:\DOCUME~1\chef\APPLIC~1\Autodesk
    [16/03/2008|08:00] C:\DOCUME~1\chef\APPLIC~1\AVG7
    [18/11/2007|09:35] C:\DOCUME~1\chef\APPLIC~1\Azureus
    [14/03/2008|18:13] C:\DOCUME~1\chef\APPLIC~1\Briquolo
    [05/07/2007|00:34] C:\DOCUME~1\chef\APPLIC~1\desktop.ini
    [15/08/2007|18:15] C:\DOCUME~1\chef\APPLIC~1\DivX
    [19/10/2007|18:01] C:\DOCUME~1\chef\APPLIC~1\Google
    [15/09/2007|17:14] C:\DOCUME~1\chef\APPLIC~1\Help
    [05/10/2007|20:27] C:\DOCUME~1\chef\APPLIC~1\Identities
    [18/07/2007|10:10] C:\DOCUME~1\chef\APPLIC~1\Macromedia
    [19/02/2008|20:38] C:\DOCUME~1\chef\APPLIC~1\Microsoft
    [17/08/2007|12:40] C:\DOCUME~1\chef\APPLIC~1\Mozilla
    [17/08/2007|12:40] C:\DOCUME~1\chef\APPLIC~1\Netscape
    [17/08/2007|12:39] C:\DOCUME~1\chef\APPLIC~1\Photodex
    [02/01/2008|18:02] C:\DOCUME~1\chef\APPLIC~1\PnkBstrK.sys
    [21/10/2007|19:19] C:\DOCUME~1\chef\APPLIC~1\Real
    [01/09/2007|15:57] C:\DOCUME~1\chef\APPLIC~1\SecuROM
    [09/07/2007|16:12] C:\DOCUME~1\chef\APPLIC~1\Sun
    [07/07/2007|15:29] C:\DOCUME~1\chef\APPLIC~1\Talkback
    [26/07/2007|13:36] C:\DOCUME~1\chef\APPLIC~1\Teleca
    [04/07/2007|23:50] C:\DOCUME~1\chef\APPLIC~1\TuneUp Software
    [09/12/2007|18:42] C:\DOCUME~1\chef\APPLIC~1\vlc
    [06/10/2007|07:35] C:\DOCUME~1\chef\APPLIC~1\Windows Desktop Search

    [05/07/2007|00:34] C:\DOCUME~1\DEFAUL~1\APPLIC~1\.
    [05/07/2007|00:34] C:\DOCUME~1\DEFAUL~1\APPLIC~1\..
    [05/07/2007|00:34] C:\DOCUME~1\DEFAUL~1\APPLIC~1\desktop.ini
    [04/07/2007|22:45] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft

    [19/02/2008|20:38] C:\DOCUME~1\LOCALS~1\APPLIC~1\.
    [19/02/2008|20:38] C:\DOCUME~1\LOCALS~1\APPLIC~1\..
    [19/07/2007|17:51] C:\DOCUME~1\LOCALS~1\APPLIC~1\Adobe
    [19/02/2008|20:38] C:\DOCUME~1\LOCALS~1\APPLIC~1\AVG7
    [19/02/2008|20:38] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft

    [04/07/2007|22:47] C:\DOCUME~1\NETWOR~1\APPLIC~1\.
    [04/07/2007|22:47] C:\DOCUME~1\NETWOR~1\APPLIC~1\..
    [19/02/2008|20:38] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft

    ----------------[ Tâches planifiées dans C:\WINDOWS\tasks ]---------------

    [22/02/2008 17:15][--a------] C:\WINDOWS\tasks\Maintenance en 1 clic.job
    [13/03/2008 10:06][--ah-----] C:\WINDOWS\tasks\SA.DAT
    [05/08/2004 13:00][-r-h-----] C:\WINDOWS\tasks\desktop.ini

    ---------------[ Listing des dossiers dans C:\Program Files ]--------------

    [16/03/2008|14:17] C:\Program Files\.
    [16/03/2008|14:17] C:\Program Files\..
    [02/01/2008|17:45] C:\Program Files\Activision
    [04/07/2007|23:46] C:\Program Files\Adobe
    [21/10/2007|19:17] C:\Program Files\Allocam Multi Visio
    [04/07/2007|23:07] C:\Program Files\AMD
    [04/07/2007|23:43] C:\Program Files\AusLogics Disk Defrag
    [15/08/2007|19:31] C:\Program Files\AutoCAD 2008
    [15/08/2007|19:23] C:\Program Files\Autodesk
    [03/02/2008|18:40] C:\Program Files\AVIConverter
    [13/07/2007|10:33] C:\Program Files\AviSynth 2.5
    [10/07/2007|18:41] C:\Program Files\AvRack
    [12/02/2008|18:14] C:\Program Files\Call of Duty Game of the Year Edition
    [20/07/2007|12:59] C:\Program Files\CamStudio
    [03/11/2007|13:00] C:\Program Files\Codemasters
    [04/07/2007|22:42] C:\Program Files\ComPlus Applications
    [14/03/2008|22:30] C:\Program Files\DessinerCestGagner
    [01/09/2007|20:08] C:\Program Files\DivX
    [05/07/2007|00:01] C:\Program Files\D-Tools
    [19/08/2007|16:02] C:\Program Files\EA GAMES
    [16/03/2008|13:44] C:\Program Files\eMule
    [13/07/2007|10:33] C:\Program Files\eRightSoft
    [20/07/2007|12:58] C:\Program Files\Fake Webcam
    [20/01/2008|20:19] C:\Program Files\Fichiers communs
    [21/02/2008|23:04] C:\Program Files\GameSpy Arcade
    [19/10/2007|17:01] C:\Program Files\Google
    [19/02/2008|20:38] C:\Program Files\Grisoft
    [07/07/2007|14:01] C:\Program Files\Hercules
    [18/11/2007|12:39] C:\Program Files\HighwayPursuit
    [14/03/2008|18:05] C:\Program Files\InstallShield Installation Information
    [19/02/2008|23:08] C:\Program Files\Internet Explorer
    [30/12/2007|20:44] C:\Program Files\Java
    [04/07/2007|23:48] C:\Program Files\Kaspersky Lab
    [04/07/2007|23:42] C:\Program Files\MatroskaProp
    [20/07/2007|12:33] C:\Program Files\Messenger
    [22/12/2007|22:24] C:\Program Files\Messenger Plus! Live
    [04/07/2007|22:45] C:\Program Files\microsoft frontpage
    [15/08/2007|19:23] C:\Program Files\Microsoft Office
    [05/10/2007|20:27] C:\Program Files\Microsoft SQL Server Compact Edition
    [05/07/2007|00:14] C:\Program Files\Microsoft Visual Studio
    [05/07/2007|00:14] C:\Program Files\Microsoft Works
    [14/03/2008|18:55] C:\Program Files\Movie Maker
    [21/10/2007|17:06] C:\Program Files\Mozilla Firefox
    [04/07/2007|23:43] C:\Program Files\MRT Codecs Pack
    [05/07/2007|00:14] C:\Program Files\MSBuild
    [04/07/2007|22:40] C:\Program Files\MSN
    [04/07/2007|22:41] C:\Program Files\MSN Gaming Zone
    [22/12/2007|22:24] C:\Program Files\MSN Messenger
    [20/07/2007|13:05] C:\Program Files\MSN Multiconnect
    [26/07/2007|08:52] C:\Program Files\MSXML 4.0
    [16/08/2007|10:40] C:\Program Files\MSXML 6.0
    [14/03/2008|22:51] C:\Program Files\MySQL
    [04/07/2007|22:43] C:\Program Files\NetMeeting
    [04/07/2007|23:17] C:\Program Files\NVIDIA Corporation
    [13/10/2007|11:45] C:\Program Files\Odebit Multim‚dia
    [04/07/2007|23:42] C:\Program Files\On2 Technologies
    [14/03/2008|18:55] C:\Program Files\Outlook Express
    [04/07/2007|23:50] C:\Program Files\QuickTime
    [21/07/2007|18:49] C:\Program Files\RAR Password Cracker
    [19/10/2007|09:53] C:\Program Files\Real
    [04/07/2007|23:01] C:\Program Files\Realtek Sound Manager
    [04/07/2007|23:41] C:\Program Files\RegCleaner
    [14/03/2008|22:24] C:\Program Files\Scorched3D
    [04/07/2007|22:44] C:\Program Files\Services en ligne
    [25/07/2007|17:04] C:\Program Files\Sony Ericsson
    [15/02/2008|17:12] C:\Program Files\Spybot - Search & Destroy
    [14/03/2008|18:34] C:\Program Files\Stardock
    [14/03/2008|22:28] C:\Program Files\SuperMarioPac
    [14/03/2008|18:35] C:\Program Files\Thoosje Sidebar V2.0
    [20/01/2008|20:20] C:\Program Files\TI Education
    [25/08/2007|09:04] C:\Program Files\TuneUp Utilities 2007
    [01/09/2007|15:49] C:\Program Files\Ubisoft
    [15/08/2007|19:24] C:\Program Files\Uninstall Information
    [25/11/2007|15:28] C:\Program Files\Valve
    [09/12/2007|18:41] C:\Program Files\VideoLAN
    [04/11/2007|20:23] C:\Program Files\VirtualDJ
    [14/03/2008|18:30] C:\Program Files\VisualTaskTips
    [29/02/2008|23:12] C:\Program Files\Web Media Player
    [05/10/2007|20:26] C:\Program Files\Windows Desktop Search
    [29/02/2008|21:01] C:\Program Files\Windows Live
    [20/02/2008|20:59] C:\Program Files\Windows Live Safety Center
    [07/07/2007|16:10] C:\Program Files\Windows Media Connect 2
    [07/07/2007|16:10] C:\Program Files\Windows Media Player
    [04/07/2007|22:41] C:\Program Files\Windows NT
    [04/07/2007|22:44] C:\Program Files\WindowsUpdate
    [06/11/2007|09:57] C:\Program Files\WinRAR
    [04/07/2007|23:57] C:\Program Files\WinZip
    [04/07/2007|22:45] C:\Program Files\xerox

    ------[ Listing des dossiers dans C:\Program Files\Fichiers communs ]------

    [20/01/2008|20:19] C:\Program Files\Fichiers communs\.
    [20/01/2008|20:19] C:\Program Files\Fichiers communs\..
    [13/10/2007|09:43] C:\Program Files\Fichiers communs\ACD Systems
    [15/09/2007|15:37] C:\Program Files\Fichiers communs\Adobe
    [15/08/2007|19:31] C:\Program Files\Fichiers communs\Autodesk Shared
    [15/08/2007|19:23] C:\Program Files\Fichiers communs\DESIGNER
    [05/07/2007|12:57] C:\Program Files\Fichiers communs\DirectX
    [04/07/2007|23:01] C:\Program Files\Fichiers communs\InstallShield
    [30/12/2007|20:40] C:\Program Files\Fichiers communs\Java
    [19/02/2008|23:00] C:\Program Files\Fichiers communs\Microsoft Shared
    [04/07/2007|22:43] C:\Program Files\Fichiers communs\MSSoap
    [05/07/2007|00:34] C:\Program Files\Fichiers communs\ODBC
    [21/10/2007|19:19] C:\Program Files\Fichiers communs\Real
    [04/07/2007|22:43] C:\Program Files\Fichiers communs\Services
    [05/07/2007|00:34] C:\Program Files\Fichiers communs\SpeechEngines
    [07/07/2007|15:16] C:\Program Files\Fichiers communs\System
    [25/07/2007|17:05] C:\Program Files\Fichiers communs\Teleca Shared
    [20/01/2008|20:19] C:\Program Files\Fichiers communs\TI Shared
    [15/11/2007|16:59] C:\Program Files\Fichiers communs\WindowsLiveInstaller
    [20/01/2008|20:17] C:\Program Files\Fichiers communs\Wise Installation Wizard

    ----------------------[ Recherche avec S_Lop ]---------------------

    Aucun fichier / dossier Lop trouvé !

    -----------------[ Recherche de Fichiers / Dossiers Lop ]-----------------

    Aucun fichier / dossier Lop trouvé !

    ----------------------[ Verification du Registre ]----------------------

    ..... OK !

    --------------------[ Verification du fichier Hosts ]---------------------

    Fichier Hosts PROPRE


    ----------------[ Recherche de fichiers avec Catchme ]-----------------

    catchme 0.3.1262 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
    Rootkit scan 2008-03-16 14:17:44
    Windows 5.1.2600 Service Pack 2 NTFS
    scanning hidden files ...
    scan completed successfully
    hidden files: 0

    --------------------[ Recherche d'autres infections ]---------------------

    Aucune autre infection trouvée !

    /!\ [Fich:47][Doss:13] C:\DOCUME~1\chef\LOCALS~1\Temp
    /!\ [Fich:94][Doss:0] C:\DOCUME~1\chef\Cookies
    /!\ [Fich:333][Doss:15] C:\DOCUME~1\chef\LOCALS~1\TEMPOR~1\content.IE5

    --------------------[ Fin du rapport a 14:19:03,76 ]----------------------
    a b 8 Sécurité
    16 Mars 2008 14:26:19

    Reposte un rapport Hijackthis :) 
    16 Mars 2008 14:33:51

    voila

    Logfile of HijackThis v1.99.1
    Scan saved at 14:33:34, on 16/03/2008
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v7.00 (7.00.6000.16608)

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
    C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
    C:\PROGRA~1\Grisoft\AVG7\avgemc.exe
    C:\WINDOWS\system32\cisvc.exe
    C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe
    C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcLog.exe
    C:\WINDOWS\system32\nvsvc32.exe
    C:\WINDOWS\system32\PnkBstrA.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\UAService7.exe
    C:\WINDOWS\system32\SearchIndexer.exe
    C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe
    C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcAppFlt.exe
    C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
    C:\PROGRA~1\Grisoft\AVG7\avgcc.exe
    C:\WINDOWS\BricoPacks\Vista Inspirat 2\UberIcon\UberIcon Manager.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\VisualTaskTips\VisualTaskTips.exe
    C:\Program Files\Hercules\WiFi Station\WifiStation.exe
    C:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exe
    C:\WINDOWS\BricoPacks\Vista Inspirat 2\YzShadow\YzShadow.exe
    C:\WINDOWS\system32\cidaemon.exe
    C:\Program Files\Windows Live\Messenger\msnmsgr.exe
    C:\Program Files\Windows Live\Messenger\usnsvc.exe
    C:\WINDOWS\system32\ntvdm.exe
    C:\Program Files\MySQL\MySQL Server 4.1\bin\mysqld-nt.exe
    C:\Program Files\eMule\emule.exe
    C:\Program Files\AVIConverter\AVIConverter.exe
    C:\WINDOWS\system32\cmd.exe
    C:\WINDOWS\explorer.exe
    C:\WINDOWS\system32\notepad.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\WINDOWS\system32\SearchProtocolHost.exe
    C:\Program Files\Windows Media Player\wmplayer.exe
    C:\Documents and Settings\chef\Mes documents\Débarra\logiciels\HijackThis.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
    O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
    O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
    O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
    O4 - HKLM\..\Run: [KAVPersonal50] "C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus Personal\kav.exe" /minimize
    O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVG7\avgcc.exe /STARTUP
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
    O4 - HKCU\..\Run: [UberIcon] "C:\WINDOWS\BricoPacks\Vista Inspirat 2\UberIcon\UberIcon Manager.exe"
    O4 - HKCU\..\Run: [VisualTaskTips] C:\Program Files\VisualTaskTips\VisualTaskTips.exe
    O4 - HKCU\..\Run: [RocketDock] "C:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exe"
    O4 - HKCU\..\Run: [browse window] C:\DOCUME~1\chef\APPLIC~1\PROGRA~1\partbonefunk.exe
    O4 - Startup: RocketDock.lnk = C:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exe
    O4 - Startup: TransBar.lnk = C:\WINDOWS\BricoPacks\Vista Inspirat 2\TransBar\TransBar.exe
    O4 - Startup: UberIcon.lnk = C:\WINDOWS\BricoPacks\Vista Inspirat 2\UberIcon\UberIcon Manager.exe
    O4 - Startup: Y'z Shadow.lnk = C:\WINDOWS\BricoPacks\Vista Inspirat 2\YzShadow\YzShadow.exe
    O4 - Global Startup: WiFi Station.lnk = ?
    O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
    O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
    O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
    O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra button: Allocam Multi Vision - {2D6B57BF-71FA-41A3-BDC5-3B5A25813D2E} - C:\PROGRA~1\ALLOCA~1\allocam.exe (file missing) (HKCU)
    O9 - Extra 'Tools' menuitem: Allocam Multi Vision - {2D6B57BF-71FA-41A3-BDC5-3B5A25813D2E} - C:\PROGRA~1\ALLOCA~1\allocam.exe (file missing) (HKCU)
    O10 - Unknown file in Winsock LSP: c:\windows\system32\nvappfilter.dll
    O10 - Unknown file in Winsock LSP: c:\windows\system32\nvappfilter.dll
    O10 - Unknown file in Winsock LSP: c:\windows\system32\nvappfilter.dll
    O10 - Unknown file in Winsock LSP: c:\windows\system32\nvappfilter.dll
    O10 - Unknown file in Winsock LSP: c:\windows\system32\nvappfilter.dll
    O10 - Unknown file in Winsock LSP: c:\windows\system32\nvappfilter.dll
    O11 - Options group: [INTERNATIONAL] International*
    O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/windowsupdate/v6/V5Cont...
    O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} (DivXBrowserPlugin Object) - http://download.divx.com/player/DivXBrowserPlugin.cab
    O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} (Java Runtime Environment 1.6.0) - http://javadl-esd.sun.com/update/1.6.0/jinstall-6u3-win...
    O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/fl...
    O17 - HKLM\System\CCS\Services\Tcpip\..\{D6004ECB-7DA1-4550-9979-4634711A9F2F}: NameServer = 208.67.220.220,208.67.222.222
    O17 - HKLM\System\CCS\Services\Tcpip\..\{E4A14A7A-0C27-4571-A1E0-AB61CD85964D}: NameServer = 208.67.220.220,208.67.222.222
    O17 - HKLM\System\CS1\Services\Tcpip\Parameters: NameServer = 208.67.220.220,208.67.222.222
    O17 - HKLM\System\CS2\Services\Tcpip\Parameters: NameServer = 208.67.220.220,208.67.222.222
    O17 - HKLM\System\CCS\Services\Tcpip\Parameters: NameServer = 208.67.220.220,208.67.222.222
    O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WINDOW~4\MESSEN~1\MSGRAP~1.DLL
    O18 - Protocol: ms-help - {314111C7-A502-11D2-BBCA-00C04F8EC294} - C:\Program Files\Fichiers communs\Microsoft Shared\Help\hxds.dll
    O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WINDOW~4\MESSEN~1\MSGRAP~1.DLL
    O18 - Protocol: wlmailhtml - {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Program Files\Windows Live\Mail\mailcomm.dll
    O18 - Filter hijack: text/xml - {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~1\FICHIE~1\MICROS~1\OFFICE12\MSOXMLMF.DLL
    O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
    O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
    O23 - Service: Autodesk Licensing Service - Autodesk - C:\Program Files\Fichiers communs\Autodesk Shared\Service\AdskScSrv.exe
    O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
    O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
    O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgemc.exe
    O23 - Service: ForceWare Intelligent Application Manager (IAM) - Unknown owner - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcAppFlt.exe
    O23 - Service: Forceware Web Interface (ForcewareWebInterface) - Unknown owner - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe" -k runservice (file missing)
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
    O23 - Service: MySQL - Unknown owner - C:\Program.exe (file missing)
    O23 - Service: ForceWare user log service (nSvcLog) - NVIDIA - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcLog.exe
    O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
    O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
    O23 - Service: Planificateur de tâches (Schedule) - Unknown owner - C:\WINDOWS\system32\drivers\svchost.exe (file missing)
    O23 - Service: SecuROM User Access Service (V7) (UserAccess7) - Sony DADC Austria AG. - C:\WINDOWS\system32\UAService7.exe

    a b 8 Sécurité
    16 Mars 2008 19:45:52

    Fix la ligne suivante :
    O4 - HKCU\..\Run: [browse window] C:\DOCUME~1\chef\APPLIC~1\PROGRA~1\partbonefunk.exe
    16 Mars 2008 20:09:59

    j'ai fixé cette ligne et mis oui ensuite!!
    a b 8 Sécurité
    16 Mars 2008 20:17:55

    Reposte un rapport Hijackthis :) 
    16 Mars 2008 20:24:51

    voila!!!

    Logfile of HijackThis v1.99.1
    Scan saved at 20:24:34, on 16/03/2008
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v7.00 (7.00.6000.16608)

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
    C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
    C:\PROGRA~1\Grisoft\AVG7\avgemc.exe
    C:\WINDOWS\system32\cisvc.exe
    C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe
    C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcLog.exe
    C:\WINDOWS\system32\nvsvc32.exe
    C:\WINDOWS\system32\PnkBstrA.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\UAService7.exe
    C:\WINDOWS\system32\SearchIndexer.exe
    C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe
    C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcAppFlt.exe
    C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
    C:\PROGRA~1\Grisoft\AVG7\avgcc.exe
    C:\WINDOWS\BricoPacks\Vista Inspirat 2\UberIcon\UberIcon Manager.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\VisualTaskTips\VisualTaskTips.exe
    C:\Program Files\Hercules\WiFi Station\WifiStation.exe
    C:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exe
    C:\WINDOWS\BricoPacks\Vista Inspirat 2\YzShadow\YzShadow.exe
    C:\WINDOWS\system32\cidaemon.exe
    C:\Program Files\Windows Live\Messenger\msnmsgr.exe
    C:\Program Files\Windows Live\Messenger\usnsvc.exe
    C:\WINDOWS\system32\ntvdm.exe
    C:\Program Files\MySQL\MySQL Server 4.1\bin\mysqld-nt.exe
    C:\WINDOWS\explorer.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\Program Files\Windows Media Player\wmplayer.exe
    C:\Documents and Settings\chef\Mes documents\Débarra\logiciels\HijackThis.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
    O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
    O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
    O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
    O4 - HKLM\..\Run: [KAVPersonal50] "C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus Personal\kav.exe" /minimize
    O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVG7\avgcc.exe /STARTUP
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
    O4 - HKCU\..\Run: [UberIcon] "C:\WINDOWS\BricoPacks\Vista Inspirat 2\UberIcon\UberIcon Manager.exe"
    O4 - HKCU\..\Run: [VisualTaskTips] C:\Program Files\VisualTaskTips\VisualTaskTips.exe
    O4 - HKCU\..\Run: [RocketDock] "C:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exe"
    O4 - Startup: RocketDock.lnk = C:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exe
    O4 - Startup: TransBar.lnk = C:\WINDOWS\BricoPacks\Vista Inspirat 2\TransBar\TransBar.exe
    O4 - Startup: UberIcon.lnk = C:\WINDOWS\BricoPacks\Vista Inspirat 2\UberIcon\UberIcon Manager.exe
    O4 - Startup: Y'z Shadow.lnk = C:\WINDOWS\BricoPacks\Vista Inspirat 2\YzShadow\YzShadow.exe
    O4 - Global Startup: WiFi Station.lnk = ?
    O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
    O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
    O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
    O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra button: Allocam Multi Vision - {2D6B57BF-71FA-41A3-BDC5-3B5A25813D2E} - C:\PROGRA~1\ALLOCA~1\allocam.exe (file missing) (HKCU)
    O9 - Extra 'Tools' menuitem: Allocam Multi Vision - {2D6B57BF-71FA-41A3-BDC5-3B5A25813D2E} - C:\PROGRA~1\ALLOCA~1\allocam.exe (file missing) (HKCU)
    O10 - Unknown file in Winsock LSP: c:\windows\system32\nvappfilter.dll
    O10 - Unknown file in Winsock LSP: c:\windows\system32\nvappfilter.dll
    O10 - Unknown file in Winsock LSP: c:\windows\system32\nvappfilter.dll
    O10 - Unknown file in Winsock LSP: c:\windows\system32\nvappfilter.dll
    O10 - Unknown file in Winsock LSP: c:\windows\system32\nvappfilter.dll
    O10 - Unknown file in Winsock LSP: c:\windows\system32\nvappfilter.dll
    O11 - Options group: [INTERNATIONAL] International*
    O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/windowsupdate/v6/V5Cont...
    O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} (DivXBrowserPlugin Object) - http://download.divx.com/player/DivXBrowserPlugin.cab
    O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} (Java Runtime Environment 1.6.0) - http://javadl-esd.sun.com/update/1.6.0/jinstall-6u3-win...
    O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/fl...
    O17 - HKLM\System\CCS\Services\Tcpip\..\{D6004ECB-7DA1-4550-9979-4634711A9F2F}: NameServer = 208.67.220.220,208.67.222.222
    O17 - HKLM\System\CCS\Services\Tcpip\..\{E4A14A7A-0C27-4571-A1E0-AB61CD85964D}: NameServer = 208.67.220.220,208.67.222.222
    O17 - HKLM\System\CS1\Services\Tcpip\Parameters: NameServer = 208.67.220.220,208.67.222.222
    O17 - HKLM\System\CS2\Services\Tcpip\Parameters: NameServer = 208.67.220.220,208.67.222.222
    O17 - HKLM\System\CCS\Services\Tcpip\Parameters: NameServer = 208.67.220.220,208.67.222.222
    O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WINDOW~4\MESSEN~1\MSGRAP~1.DLL
    O18 - Protocol: ms-help - {314111C7-A502-11D2-BBCA-00C04F8EC294} - C:\Program Files\Fichiers communs\Microsoft Shared\Help\hxds.dll
    O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WINDOW~4\MESSEN~1\MSGRAP~1.DLL
    O18 - Protocol: wlmailhtml - {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Program Files\Windows Live\Mail\mailcomm.dll
    O18 - Filter hijack: text/xml - {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~1\FICHIE~1\MICROS~1\OFFICE12\MSOXMLMF.DLL
    O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
    O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
    O23 - Service: Autodesk Licensing Service - Autodesk - C:\Program Files\Fichiers communs\Autodesk Shared\Service\AdskScSrv.exe
    O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
    O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
    O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgemc.exe
    O23 - Service: ForceWare Intelligent Application Manager (IAM) - Unknown owner - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcAppFlt.exe
    O23 - Service: Forceware Web Interface (ForcewareWebInterface) - Unknown owner - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe" -k runservice (file missing)
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
    O23 - Service: MySQL - Unknown owner - C:\Program.exe (file missing)
    O23 - Service: ForceWare user log service (nSvcLog) - NVIDIA - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcLog.exe
    O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
    O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
    O23 - Service: Planificateur de tâches (Schedule) - Unknown owner - C:\WINDOWS\system32\drivers\svchost.exe (file missing)
    O23 - Service: SecuROM User Access Service (V7) (UserAccess7) - Sony DADC Austria AG. - C:\WINDOWS\system32\UAService7.exe

    a b 8 Sécurité
    16 Mars 2008 20:29:41

    C'est mieux ?
    16 Mars 2008 20:32:49

    du quel genre?? si sa va mieux sur internet??
    a b 8 Sécurité
    17 Mars 2008 13:16:21

    Tous tes problèmes oui.
    22 Mars 2008 17:51:09

    désolé de te repondre que maintenant mais je suis interne et je viens de rentré!!
    EN fait tout vas beaucoup mieux!! merci beaucoup!!!! ^^
    a b 8 Sécurité
    23 Mars 2008 10:31:34

    Ok, no problem ;) 
    Tom's guide dans le monde
    • Allemagne
    • Italie
    • Irlande
    • Royaume Uni
    • Etats Unis
    Suivre Tom's Guide
    Inscrivez-vous à la Newsletter
    • ajouter à twitter
    • ajouter à facebook
    • ajouter un flux RSS