Votre question

Spyware CiD m'en débarrasser ?

Tags :
  • Windows
  • Sécurité
Dernière réponse : dans Sécurité et virus
26 Décembre 2007 15:29:39

Bonjour tout le monde, depuis quelques jours et sans raison j'ai des pages CiD qui s'ouvrent tout le temps sur mon pc et ça fait ramer le tout, j'ai essayé des petits utilitaires mais rien, j'aimerais que vous m'aidiez à m'en débarrasser définitivement :) 


Je poste un log hijack this pour aller plus vite, merci à tous! :hello: 

Citation :
Logfile of HijackThis v1.99.1
Scan saved at 15:31:52, on 26/12/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16574)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\TGTSoft\StyleXP\StyleXPService.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
C:\windows\system\hpsysdrv.exe
C:\WINDOWS\system32\keyhook.exe
C:\WINDOWS\AGRSMMSG.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\WINDOWS\ALCWZRD.EXE
C:\WINDOWS\ALCMTR.EXE
C:\WINDOWS\system32\LVCOMSX.EXE
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\HP\KBD\KBD.EXE
C:\Program Files\HP\hpcoretech\hpcmpmgr.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.EXE
C:\Program Files\TGTSoft\StyleXP\StyleXP.exe
C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe
C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexStoreSvr.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Opera\Opera.exe
C:\Program Files\Hijackthis Version Française\hijackthis vf.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&loca...
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Internet Explorer avec Club-Internet
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: CoTGT_BHO Class - {C333CF63-767F-4831-94AC-E683D962C63C} - C:\Program Files\TGTSoft\StyleXP\TGT_BHO.dll
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
O4 - HKLM\..\Run: [hpsysdrv] c:\windows\system\hpsysdrv.exe
O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE
O4 - HKLM\..\Run: [VTTimer] VTTimer.exe
O4 - HKLM\..\Run: [SiS Windows KeyHook] C:\WINDOWS\system32\keyhook.exe
O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [AlcWzrd] ALCWZRD.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
O4 - HKLM\..\Run: [HP Software Update] "C:\Program Files\HP\HP Software Update\HPWuSchd2.exe"
O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KBD.EXE
O4 - HKLM\..\Run: [HP Component Manager] "C:\Program Files\HP\hpcoretech\hpcmpmgr.exe"
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe"
O4 - HKLM\..\Run: [bend logo clock film] C:\Documents and Settings\All Users\Application Data\Frag great bend logo\Bash open.exe
O4 - HKCU\..\Run: [STYLEXP] C:\Program Files\TGTSoft\StyleXP\StyleXP.exe -Hide
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [AimBird] C:\DOCUME~1\HP_PRO~1\APPLIC~1\WIPEOW~1\ooze name.exe
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O8 - Extra context menu item: &Search - ?p=ZNfox000
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O11 - Options group: [INTERNATIONAL] International*
O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab31267....
O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPACl...
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {39B0684F-D7BF-4743-B050-FDC3F48F7E3B} - http://www.fileplanet.com/fpdlmgr/cabs/FPDC_2.1.2.76.ca...
O16 - DPF: {4C39376E-FA9D-4349-BACC-D305C1750EF3} (EPUImageControl Class) - http://tools.ebayimg.com/eps/wl/activex/eBay_Enhanced_P...
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx2.hotmail.com/mail/w2/pr02/resources/MSNPUpld...
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClie...
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMessengerSetupDown...
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://messenger.zone.msn.com/binary/ZIntro.cab56649.ca...
O16 - DPF: {BD393C14-72AD-4790-A095-76522973D6B8} (CBreakshotControl Class) - http://messenger.zone.msn.com/binary/Bankshot.cab31267....
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPACl...
O17 - HKLM\System\CCS\Services\Tcpip\..\{8ADE1899-D82A-4164-92E3-7B867555FDE5}: NameServer = 194.117.200.10,194.117.200.15
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O20 - Winlogon Notify: WRNotifier - WRLogonNTF.dll (file missing)
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Fichiers communs\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: StyleXPService - Unknown owner - C:\Program Files\TGTSoft\StyleXP\StyleXPService.exe
O23 - Service: Windows Live Setup Service (WLSetupSvc) - Unknown owner - C:\Program Files\Windows Live\installer\WLSetupSvc.exe

Autres pages sur : spyware cid debarrasser

a b 8 Sécurité
26 Décembre 2007 17:21:01

Bonjour,

Télécharge Lop S&D.exe sur ton Bureau.
  • Double-clique dessus pour lancer l'installation
  • Puis double-clique sur le raccourci Lop S&D présent sur ton Bureau
  • Séléctionne la langue souhaitée , puis choisis l'option 1 (Recherche)
  • Patiente jusqu'à la fin du scan
  • Poste le rapport généré (C:\lopR.txt)

    (Si le Bureau ne réapparait pas presse Ctrl + Alt + Suppr , Onglet Fichier , Nouvelle tâche , tape explorer.exe et valide)
    26 Décembre 2007 21:40:11

    Citation :

    -----------------------------[ Lop S&D 2.0.1 ]---------------------------

    Microsoft Windows XP [version 5.1.2600] [ OS : Windows_NT ]

    "C:\Program Files\Lop SD"

    [ 26/12/2007 | 21:35:28,35 ] [ NOM-641695C7437 ]


    -------------[ Listing des dossiers dans Application Data ]------------

    C:\Documents and Settings\All Users\APPLIC~1\Frag great bend logo
    C:\Documents and Settings\All Users\APPLIC~1\Adobe
    C:\Documents and Settings\All Users\APPLIC~1\TEMP
    C:\Documents and Settings\All Users\APPLIC~1\FLEXnet
    C:\Documents and Settings\All Users\APPLIC~1\Ahead
    C:\Documents and Settings\All Users\APPLIC~1\Nero
    C:\Documents and Settings\All Users\APPLIC~1\ATI
    C:\Documents and Settings\All Users\APPLIC~1\Spybot - Search & Destroy
    C:\Documents and Settings\All Users\APPLIC~1\Skype
    C:\Documents and Settings\All Users\APPLIC~1\hpzinstall.log
    C:\Documents and Settings\All Users\APPLIC~1\QTSBandwidthCache
    C:\Documents and Settings\All Users\APPLIC~1\Apple
    C:\Documents and Settings\All Users\APPLIC~1\WindowsLiveInstaller
    C:\Documents and Settings\All Users\APPLIC~1\WLInstaller
    C:\Documents and Settings\All Users\APPLIC~1\Apple Computer
    C:\Documents and Settings\All Users\APPLIC~1\Microsoft
    C:\Documents and Settings\All Users\APPLIC~1\Autodesk
    C:\Documents and Settings\All Users\APPLIC~1\Messenger Plus!
    C:\Documents and Settings\All Users\APPLIC~1\Windows Genuine Advantage
    C:\Documents and Settings\All Users\APPLIC~1\Macrovision
    C:\Documents and Settings\All Users\APPLIC~1\Adobe Systems
    C:\Documents and Settings\All Users\APPLIC~1\pixelStorm
    C:\Documents and Settings\All Users\APPLIC~1\ESTsoft
    C:\Documents and Settings\All Users\APPLIC~1\Macromedia
    C:\Documents and Settings\All Users\APPLIC~1\Kaspersky Anti-Virus Personal Pro
    C:\Documents and Settings\All Users\APPLIC~1\QuickTime
    C:\Documents and Settings\All Users\APPLIC~1\Raxco
    C:\Documents and Settings\All Users\APPLIC~1\Symantec
    C:\Documents and Settings\All Users\APPLIC~1\Motive
    C:\Documents and Settings\All Users\APPLIC~1\InterVideo
    C:\Documents and Settings\All Users\APPLIC~1\Hewlett-Packard
    C:\Documents and Settings\All Users\APPLIC~1\desktop.ini
    C:\Documents and Settings\All Users\APPLIC~1\SBSI

    C:\Documents and Settings\Default User\APPLIC~1\Symantec
    C:\Documents and Settings\Default User\APPLIC~1\SampleView
    C:\Documents and Settings\Default User\APPLIC~1\Apple Computer
    C:\Documents and Settings\Default User\APPLIC~1\Intervideo
    C:\Documents and Settings\Default User\APPLIC~1\Sun
    C:\Documents and Settings\Default User\APPLIC~1\desktop.ini
    C:\Documents and Settings\Default User\APPLIC~1\Microsoft
    C:\Documents and Settings\Default User\APPLIC~1\Identities


    C:\Documents and Settings\HP_PropriǸtaire\APPLIC~1\AdobeDLM.log
    C:\Documents and Settings\HP_PropriǸtaire\APPLIC~1\Macromedia

    C:\Documents and Settings\HP_Propri‚taire\APPLIC~1\Adobe
    C:\Documents and Settings\HP_Propri‚taire\APPLIC~1\Azureus
    C:\Documents and Settings\HP_Propri‚taire\APPLIC~1\wipeownsbat
    C:\Documents and Settings\HP_Propri‚taire\APPLIC~1\InstallShield
    C:\Documents and Settings\HP_Propri‚taire\APPLIC~1\.#
    C:\Documents and Settings\HP_Propri‚taire\APPLIC~1\Skype
    C:\Documents and Settings\HP_Propri‚taire\APPLIC~1\Bioshock
    C:\Documents and Settings\HP_Propri‚taire\APPLIC~1\teamspeak2
    C:\Documents and Settings\HP_Propri‚taire\APPLIC~1\BitTorrent
    C:\Documents and Settings\HP_Propri‚taire\APPLIC~1\Nero
    C:\Documents and Settings\HP_Propri‚taire\APPLIC~1\Microsoft
    C:\Documents and Settings\HP_Propri‚taire\APPLIC~1\dvdcss
    C:\Documents and Settings\HP_Propri‚taire\APPLIC~1\ATI
    C:\Documents and Settings\HP_Propri‚taire\APPLIC~1\OpenOffice.org2
    C:\Documents and Settings\HP_Propri‚taire\APPLIC~1\Steinberg
    C:\Documents and Settings\HP_Propri‚taire\APPLIC~1\SpaceTime 3D
    C:\Documents and Settings\HP_Propri‚taire\APPLIC~1\Screenshot Sender
    C:\Documents and Settings\HP_Propri‚taire\APPLIC~1\SecuROM
    C:\Documents and Settings\HP_Propri‚taire\APPLIC~1\Microsoft Web Folders
    C:\Documents and Settings\HP_Propri‚taire\APPLIC~1\Styler
    C:\Documents and Settings\HP_Propri‚taire\APPLIC~1\AdobeUM
    C:\Documents and Settings\HP_Propri‚taire\APPLIC~1\Real
    C:\Documents and Settings\HP_Propri‚taire\APPLIC~1\Bitdefender
    C:\Documents and Settings\HP_Propri‚taire\APPLIC~1\Lavasoft
    C:\Documents and Settings\HP_Propri‚taire\APPLIC~1\Ahead
    C:\Documents and Settings\HP_Propri‚taire\APPLIC~1\Opera
    C:\Documents and Settings\HP_Propri‚taire\APPLIC~1\GdiplusUpgrade_MSIApproach_Wrapper.log
    C:\Documents and Settings\HP_Propri‚taire\APPLIC~1\Lionhead Studios
    C:\Documents and Settings\HP_Propri‚taire\APPLIC~1\.ABC
    C:\Documents and Settings\HP_Propri‚taire\APPLIC~1\EAST Technologies
    C:\Documents and Settings\HP_Propri‚taire\APPLIC~1\GDIPFONTCACHEV1.DAT
    C:\Documents and Settings\HP_Propri‚taire\APPLIC~1\XnView
    C:\Documents and Settings\HP_Propri‚taire\APPLIC~1\Media Player Classic
    C:\Documents and Settings\HP_Propri‚taire\APPLIC~1\Motive
    C:\Documents and Settings\HP_Propri‚taire\APPLIC~1\ESTsoft
    C:\Documents and Settings\HP_Propri‚taire\APPLIC~1\Syntrillium
    C:\Documents and Settings\HP_Propri‚taire\APPLIC~1\Google
    C:\Documents and Settings\HP_Propri‚taire\APPLIC~1\Atari
    C:\Documents and Settings\HP_Propri‚taire\APPLIC~1\Apple Computer
    C:\Documents and Settings\HP_Propri‚taire\APPLIC~1\Macromedia
    C:\Documents and Settings\HP_Propri‚taire\APPLIC~1\FotoWire
    C:\Documents and Settings\HP_Propri‚taire\APPLIC~1\sversion.ini
    C:\Documents and Settings\HP_Propri‚taire\APPLIC~1\Help
    C:\Documents and Settings\HP_Propri‚taire\APPLIC~1\Visicom Media
    C:\Documents and Settings\HP_Propri‚taire\APPLIC~1\Thunderbird
    C:\Documents and Settings\HP_Propri‚taire\APPLIC~1\vlc
    C:\Documents and Settings\HP_Propri‚taire\APPLIC~1\Mozilla
    C:\Documents and Settings\HP_Propri‚taire\APPLIC~1\MSNInstaller
    C:\Documents and Settings\HP_Propri‚taire\APPLIC~1\Intervideo
    C:\Documents and Settings\HP_Propri‚taire\APPLIC~1\Sonic
    C:\Documents and Settings\HP_Propri‚taire\APPLIC~1\Leadertech
    C:\Documents and Settings\HP_Propri‚taire\APPLIC~1\Symantec
    C:\Documents and Settings\HP_Propri‚taire\APPLIC~1\SampleView
    C:\Documents and Settings\HP_Propri‚taire\APPLIC~1\Sun
    C:\Documents and Settings\HP_Propri‚taire\APPLIC~1\desktop.ini
    C:\Documents and Settings\HP_Propri‚taire\APPLIC~1\Identities

    C:\Documents and Settings\LocalService\APPLIC~1\Microsoft
    C:\Documents and Settings\LocalService\APPLIC~1\Macromedia

    C:\Documents and Settings\NetworkService\APPLIC~1\Microsoft

    ----------------[ Tâches planifiées dans C:\WINDOWS\tasks ]---------------

    [16/12/2007 20:10][--a------]C:\WINDOWS\tasks\C:\WINDOWS\tasks\At6.job
    [16/12/2007 20:10][--a------]C:\WINDOWS\tasks\C:\WINDOWS\tasks\At5.job
    [16/12/2007 20:10][--a------]C:\WINDOWS\tasks\C:\WINDOWS\tasks\At4.job
    [26/12/2007 20:00][--a------]C:\WINDOWS\tasks\C:\WINDOWS\tasks\At3.job
    [26/12/2007 14:00][--a------]C:\WINDOWS\tasks\C:\WINDOWS\tasks\At2.job
    [25/12/2007 18:37][--a------]C:\WINDOWS\tasks\C:\WINDOWS\tasks\AppleSoftwareUpdate.job
    [26/12/2007 19:00][--a------]C:\WINDOWS\tasks\C:\WINDOWS\tasks\Synchroniser.job
    [26/12/2007 07:38][--a------]C:\WINDOWS\tasks\C:\WINDOWS\tasks\Nettoyage de disque.job
    [05/08/2004 11:00][-rah-----]C:\WINDOWS\tasks\C:\WINDOWS\tasks\desktop.ini
    [03/09/2005 13:57][--a------]C:\WINDOWS\tasks\C:\WINDOWS\tasks\Symantec NetDetect.job
    [26/12/2007 07:38][--ah-----]C:\WINDOWS\tasks\C:\WINDOWS\tasks\SA.DAT

    ---------------[ Listing des dossiers dans C:\Program Files ]--------------

    C:\Program Files\7za.exe
    C:\Program Files\Adobe
    C:\Program Files\Alwil Software
    C:\Program Files\Apple Software Update
    C:\Program Files\a-squared HiJackFree
    C:\Program Files\ATI Technologies
    C:\Program Files\AusLogics Disk Defrag
    C:\Program Files\AviSynth 2.5
    C:\Program Files\Axon Data
    C:\Program Files\Azureus
    C:\Program Files\backburner 2
    C:\Program Files\BitTorrent
    C:\Program Files\CCleaner
    C:\Program Files\Circle Developement
    C:\Program Files\Common Files
    C:\Program Files\DAEMON Tools
    C:\Program Files\Desktop
    C:\Program Files\Digital Flash Player
    C:\Program Files\directx
    C:\Program Files\DivX
    C:\Program Files\East-Tec Eraser 2006
    C:\Program Files\Easy Internet signup
    C:\Program Files\eMule
    C:\Program Files\ESTsoft
    C:\Program Files\Fichiers communs
    C:\Program Files\FLVPlayer
    C:\Program Files\Games-Masters.com
    C:\Program Files\Help and Support Additions
    C:\Program Files\Hewlett-Packard
    C:\Program Files\Hijackthis Version Fran‡aise
    C:\Program Files\HP
    C:\Program Files\Internet Explorer
    C:\Program Files\iPod
    C:\Program Files\iTunes
    C:\Program Files\Java
    C:\Program Files\Lavasoft
    C:\Program Files\Logitech
    C:\Program Files\Lop SD
    C:\Program Files\MAIET
    C:\Program Files\Media Player Classic
    C:\Program Files\Messenger Plus! Live
    C:\Program Files\Microsoft CAPICOM 2.1.0.2
    C:\Program Files\microsoft frontpage
    C:\Program Files\Microsoft Office
    C:\Program Files\Microsoft Visual Studio
    C:\Program Files\Microsoft Works
    C:\Program Files\Microsoft.NET
    C:\Program Files\Movie Maker
    C:\Program Files\Mozilla Firefox
    C:\Program Files\Mozilla Thunderbird
    C:\Program Files\MSN Gaming Zone
    C:\Program Files\MSN Messenger
    C:\Program Files\MSXML 4.0
    C:\Program Files\MSXML 6.0
    C:\Program Files\Multi_Media_France
    C:\Program Files\Music Mixer 3.0
    C:\Program Files\Music Mixer 4
    C:\Program Files\Nero
    C:\Program Files\NetMeeting
    C:\Program Files\OpenOffice.org 2.2
    C:\Program Files\Opera
    C:\Program Files\Outlook Express
    C:\Program Files\Overland
    C:\Program Files\PC-Doctor for Windows
    C:\Program Files\PENDULO Studios
    C:\Program Files\PowerISO
    C:\Program Files\QuickTime
    C:\Program Files\Realtek
    C:\Program Files\Rockstar Games
    C:\Program Files\Sega
    C:\Program Files\SiS VGA Utilities V3.59e
    C:\Program Files\Skype
    C:\Program Files\Spybot - Search & Destroy
    C:\Program Files\svchosts.tbe
    C:\Program Files\TGTSoft
    C:\Program Files\ToniArts
    C:\Program Files\Ubisoft
    C:\Program Files\UxTheme Multipatcher Fr
    C:\Program Files\VideoLAN
    C:\Program Files\VirtualDub
    C:\Program Files\WinAVI Video Converter
    C:\Program Files\Windows Live
    C:\Program Files\Windows Media Connect 2
    C:\Program Files\Windows Media Player
    C:\Program Files\Windows NT
    C:\Program Files\WinRAR
    C:\Program Files\wipeownsbat
    C:\Program Files\Wolfenstein - Enemy Territory
    C:\Program Files\wunauclt.exe
    C:\Program Files\xerox

    ------[ Listing des dossiers dans C:\Program Files\Fichiers communs ]------

    C:\Program Files\Fichiers communs\Adobe
    C:\Program Files\Fichiers communs\Adobe Systems Shared
    C:\Program Files\Fichiers communs\Ahead
    C:\Program Files\Fichiers communs\Apple
    C:\Program Files\Fichiers communs\Autodesk Shared
    C:\Program Files\Fichiers communs\AVSMedia
    C:\Program Files\Fichiers communs\Blizzard Entertainment
    C:\Program Files\Fichiers communs\DESIGNER
    C:\Program Files\Fichiers communs\DirectX
    C:\Program Files\Fichiers communs\FotoWire
    C:\Program Files\Fichiers communs\Hewlett-Packard
    C:\Program Files\Fichiers communs\HP
    C:\Program Files\Fichiers communs\InstallShield
    C:\Program Files\Fichiers communs\Java
    C:\Program Files\Fichiers communs\Kaspersky Lab
    C:\Program Files\Fichiers communs\LHSPF
    C:\Program Files\Fichiers communs\Logitech
    C:\Program Files\Fichiers communs\Macromedia
    C:\Program Files\Fichiers communs\Macrovision Shared
    C:\Program Files\Fichiers communs\MAGIX Shared
    C:\Program Files\Fichiers communs\Microsoft Shared
    C:\Program Files\Fichiers communs\Motive
    C:\Program Files\Fichiers communs\MSSoap
    C:\Program Files\Fichiers communs\ODBC
    C:\Program Files\Fichiers communs\Real
    C:\Program Files\Fichiers communs\Services
    C:\Program Files\Fichiers communs\Skype
    C:\Program Files\Fichiers communs\Softwin
    C:\Program Files\Fichiers communs\SpeechEngines
    C:\Program Files\Fichiers communs\Symantec Shared
    C:\Program Files\Fichiers communs\System
    C:\Program Files\Fichiers communs\WexTech Shared
    C:\Program Files\Fichiers communs\Wise Installation Wizard

    ----------------------[ Recherche avec S_Lop ]---------------------

    Aucun fichier / dossier Lop trouvé !

    -----------------[ Recherche de Fichiers / Dossiers Lop ]-----------------

    C:\Program Files\Multi_Media_France

    ----------------------[ Verification du Registre ]----------------------

    ..... OK !

    --------------------[ Verification du fichier Hosts ]---------------------

    Fichier Hosts MODIFIE

    127.0.0.1 localhost
    127.0.0.1 bin.errorprotector.com ## added by CiD
    127.0.0.1 br.errorsafe.com ## added by CiD
    127.0.0.1 br.winantivirus.com ## added by CiD
    127.0.0.1 br.winfixer.com ## added by CiD
    127.0.0.1 cdn.drivecleaner.com ## added by CiD
    127.0.0.1 cdn.errorsafe.com ## added by CiD
    127.0.0.1 cdn.winsoftware.com ## added by CiD
    127.0.0.1 de.errorsafe.com ## added by CiD
    127.0.0.1 de.winantivirus.com ## added by CiD
    127.0.0.1 download.cdn.drivecleaner.com ## added by CiD
    127.0.0.1 download.cdn.errorsafe.com ## added by CiD
    127.0.0.1 download.cdn.winsoftware.com ## added by CiD
    127.0.0.1 download.errorsafe.com ## added by CiD
    127.0.0.1 download.systemdoctor.com ## added by CiD
    127.0.0.1 download.winantispyware.com ## added by CiD
    127.0.0.1 download.windrivecleaner.com ## added by CiD
    127.0.0.1 download.winfixer.com ## added by CiD
    127.0.0.1 drivecleaner.com ## added by CiD
    127.0.0.1 dynamique.drivecleaner.com ## added by CiD
    127.0.0.1 errorprotector.com ## added by CiD
    127.0.0.1 errorsafe.com ## added by CiD
    127.0.0.1 es.winantivirus.com ## added by CiD
    127.0.0.1 fr.winantivirus.com ## added by CiD
    127.0.0.1 fr.winfixer.com ## added by CiD
    127.0.0.1 go.drivecleaner.com ## added by CiD
    127.0.0.1 go.errorsafe.com ## added by CiD
    127.0.0.1 go.winantispyware.com ## added by CiD
    127.0.0.1 go.winantivirus.com ## added by CiD
    127.0.0.1 hk.winantivirus.com ## added by CiD
    127.0.0.1 instlog.errorsafe.com ## added by CiD
    127.0.0.1 instlog.winantivirus.com ## added by CiD
    127.0.0.1 instlog.winfixer.com ## added by CiD
    127.0.0.1 jsp.drivecleaner.com ## added by CiD
    127.0.0.1 kb.errorsafe.com ## added by CiD
    127.0.0.1 kb.winantivirus.com ## added by CiD
    127.0.0.1 nl.errorsafe.com ## added by CiD
    127.0.0.1 se.errorsafe.com ## added by CiD
    127.0.0.1 secure.drivecleaner.com ## added by CiD
    127.0.0.1 secure.errorsafe.com ## added by CiD
    127.0.0.1 secure.winantispam.com ## added by CiD
    127.0.0.1 secure.winantispy.com ## added by CiD
    127.0.0.1 secure.winantivirus.com ## added by CiD
    127.0.0.1 support.winantivirus.com ## added by CiD
    127.0.0.1 trial.updates.winsoftware.com ## added by CiD
    127.0.0.1 ulog.winantivirus.com ## added by CiD
    127.0.0.1 utils.errorsafe.com ## added by CiD
    127.0.0.1 utils.winantivirus.com ## added by CiD
    127.0.0.1 utils.winfixer.com ## added by CiD
    127.0.0.1 winantispyware.com ## added by CiD
    127.0.0.1 winantivirus.com ## added by CiD
    127.0.0.1 winfixer.com ## added by CiD
    127.0.0.1 winfixer2006.com ## added by CiD
    127.0.0.1 winsoftware.com ## added by CiD
    127.0.0.1 www.drivecleaner.com ## added by CiD
    127.0.0.1 www.errorprotector.com ## added by CiD
    127.0.0.1 www.errorsafe.com ## added by CiD
    127.0.0.1 www.systemdoctor.com ## added by CiD
    127.0.0.1 www.utils.winfixer.com ## added by CiD
    127.0.0.1 www.win-anti-virus-pro.com ## added by CiD
    127.0.0.1 www.win-virus-pro.com ## added by CiD
    127.0.0.1 www.winantispam.com ## added by CiD
    127.0.0.1 www.winantispy.com ## added by CiD
    127.0.0.1 www.winantispyware.com ## added by CiD
    127.0.0.1 www.winantivirus.com ## added by CiD
    127.0.0.1 www.winantiviruspro.com ## added by CiD
    127.0.0.1 www.windrivecleaner.com ## added by CiD
    127.0.0.1 www.windrivesafe.com ## added by CiD
    127.0.0.1 www.winfixer.com ## added by CiD
    127.0.0.1 www.winfixer2006.com ## added by CiD
    127.0.0.1 www.winsoftware.com ## added by CiD

    ----------------[ Recherche de fichiers avec Catchme ]-----------------

    catchme 0.3.1262 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
    Rootkit scan 2007-12-26 21:37:05
    Windows 5.1.2600 Service Pack 2 NTFS
    scanning hidden files ...
    scan completed successfully
    hidden files: 0

    --------------------[ Recherche d'autres infections ]---------------------

    Aucune autre infection trouvée !

    --------------------[ Fin du rapport a 21:37:14,13 ]----------------------













    Voila mon scan lop merci à toi angeldark :) 
    Contenus similaires
    a b 8 Sécurité
    26 Décembre 2007 21:56:49

    Re,

    Relance Lop S&D

  • Choisis cette fois ci l'Option 2 (Suppression)
  • Ne ferme pas la fenêtre lors de la suppression !
  • Poste le rapport généré (C:\lopR.txt)

    (Si le Bureau ne réapparît pas presse Ctrl + Alt + Suppr , Onglet Fichier , Nouvelle tâche , tape explorer.exe et valide)

    Reposte un rapport Hijackthis.
    26 Décembre 2007 22:02:29

    Merci pour ta rapidité Angeldark ça fait plaisir :pt1cable: 

    Voici le scan lop :
    Citation :


    -----------------------------[ Lop S&D 2.0.1 ]---------------------------

    Microsoft Windows XP [version 5.1.2600] [ OS : Windows_NT ]

    "C:\Program Files\Lop SD"

    [ 26/12/2007 | 22:00:15,85 ] [ NOM-641695C7437 ]

    \\\\\\\\\\\\\\\\\\\\\\\\\\\\\\ SUPPRESSION /////////////////////////////

    Supprimé! - C:\Program Files\Multi_Media_France
    Restauré! - Fichier Hosts

    //////////////////////////////////////-\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\


    -------------[ Listing des dossiers dans Application Data ]------------

    C:\Documents and Settings\All Users\APPLIC~1\Frag great bend logo
    C:\Documents and Settings\All Users\APPLIC~1\Adobe
    C:\Documents and Settings\All Users\APPLIC~1\TEMP
    C:\Documents and Settings\All Users\APPLIC~1\FLEXnet
    C:\Documents and Settings\All Users\APPLIC~1\Ahead
    C:\Documents and Settings\All Users\APPLIC~1\Nero
    C:\Documents and Settings\All Users\APPLIC~1\ATI
    C:\Documents and Settings\All Users\APPLIC~1\Spybot - Search & Destroy
    C:\Documents and Settings\All Users\APPLIC~1\Skype
    C:\Documents and Settings\All Users\APPLIC~1\hpzinstall.log
    C:\Documents and Settings\All Users\APPLIC~1\QTSBandwidthCache
    C:\Documents and Settings\All Users\APPLIC~1\Apple
    C:\Documents and Settings\All Users\APPLIC~1\WindowsLiveInstaller
    C:\Documents and Settings\All Users\APPLIC~1\WLInstaller
    C:\Documents and Settings\All Users\APPLIC~1\Apple Computer
    C:\Documents and Settings\All Users\APPLIC~1\Microsoft
    C:\Documents and Settings\All Users\APPLIC~1\Autodesk
    C:\Documents and Settings\All Users\APPLIC~1\Messenger Plus!
    C:\Documents and Settings\All Users\APPLIC~1\Windows Genuine Advantage
    C:\Documents and Settings\All Users\APPLIC~1\Macrovision
    C:\Documents and Settings\All Users\APPLIC~1\Adobe Systems
    C:\Documents and Settings\All Users\APPLIC~1\pixelStorm
    C:\Documents and Settings\All Users\APPLIC~1\ESTsoft
    C:\Documents and Settings\All Users\APPLIC~1\Macromedia
    C:\Documents and Settings\All Users\APPLIC~1\Kaspersky Anti-Virus Personal Pro
    C:\Documents and Settings\All Users\APPLIC~1\QuickTime
    C:\Documents and Settings\All Users\APPLIC~1\Raxco
    C:\Documents and Settings\All Users\APPLIC~1\Symantec
    C:\Documents and Settings\All Users\APPLIC~1\Motive
    C:\Documents and Settings\All Users\APPLIC~1\InterVideo
    C:\Documents and Settings\All Users\APPLIC~1\Hewlett-Packard
    C:\Documents and Settings\All Users\APPLIC~1\desktop.ini
    C:\Documents and Settings\All Users\APPLIC~1\SBSI

    C:\Documents and Settings\Default User\APPLIC~1\Symantec
    C:\Documents and Settings\Default User\APPLIC~1\SampleView
    C:\Documents and Settings\Default User\APPLIC~1\Apple Computer
    C:\Documents and Settings\Default User\APPLIC~1\Intervideo
    C:\Documents and Settings\Default User\APPLIC~1\Sun
    C:\Documents and Settings\Default User\APPLIC~1\desktop.ini
    C:\Documents and Settings\Default User\APPLIC~1\Microsoft
    C:\Documents and Settings\Default User\APPLIC~1\Identities


    C:\Documents and Settings\HP_PropriǸtaire\APPLIC~1\AdobeDLM.log
    C:\Documents and Settings\HP_PropriǸtaire\APPLIC~1\Macromedia

    C:\Documents and Settings\HP_Propri‚taire\APPLIC~1\Adobe
    C:\Documents and Settings\HP_Propri‚taire\APPLIC~1\Azureus
    C:\Documents and Settings\HP_Propri‚taire\APPLIC~1\wipeownsbat
    C:\Documents and Settings\HP_Propri‚taire\APPLIC~1\InstallShield
    C:\Documents and Settings\HP_Propri‚taire\APPLIC~1\.#
    C:\Documents and Settings\HP_Propri‚taire\APPLIC~1\Skype
    C:\Documents and Settings\HP_Propri‚taire\APPLIC~1\Bioshock
    C:\Documents and Settings\HP_Propri‚taire\APPLIC~1\teamspeak2
    C:\Documents and Settings\HP_Propri‚taire\APPLIC~1\BitTorrent
    C:\Documents and Settings\HP_Propri‚taire\APPLIC~1\Nero
    C:\Documents and Settings\HP_Propri‚taire\APPLIC~1\Microsoft
    C:\Documents and Settings\HP_Propri‚taire\APPLIC~1\dvdcss
    C:\Documents and Settings\HP_Propri‚taire\APPLIC~1\ATI
    C:\Documents and Settings\HP_Propri‚taire\APPLIC~1\OpenOffice.org2
    C:\Documents and Settings\HP_Propri‚taire\APPLIC~1\Steinberg
    C:\Documents and Settings\HP_Propri‚taire\APPLIC~1\SpaceTime 3D
    C:\Documents and Settings\HP_Propri‚taire\APPLIC~1\Screenshot Sender
    C:\Documents and Settings\HP_Propri‚taire\APPLIC~1\SecuROM
    C:\Documents and Settings\HP_Propri‚taire\APPLIC~1\Microsoft Web Folders
    C:\Documents and Settings\HP_Propri‚taire\APPLIC~1\Styler
    C:\Documents and Settings\HP_Propri‚taire\APPLIC~1\AdobeUM
    C:\Documents and Settings\HP_Propri‚taire\APPLIC~1\Real
    C:\Documents and Settings\HP_Propri‚taire\APPLIC~1\Bitdefender
    C:\Documents and Settings\HP_Propri‚taire\APPLIC~1\Lavasoft
    C:\Documents and Settings\HP_Propri‚taire\APPLIC~1\Ahead
    C:\Documents and Settings\HP_Propri‚taire\APPLIC~1\Opera
    C:\Documents and Settings\HP_Propri‚taire\APPLIC~1\GdiplusUpgrade_MSIApproach_Wrapper.log
    C:\Documents and Settings\HP_Propri‚taire\APPLIC~1\Lionhead Studios
    C:\Documents and Settings\HP_Propri‚taire\APPLIC~1\.ABC
    C:\Documents and Settings\HP_Propri‚taire\APPLIC~1\EAST Technologies
    C:\Documents and Settings\HP_Propri‚taire\APPLIC~1\GDIPFONTCACHEV1.DAT
    C:\Documents and Settings\HP_Propri‚taire\APPLIC~1\XnView
    C:\Documents and Settings\HP_Propri‚taire\APPLIC~1\Media Player Classic
    C:\Documents and Settings\HP_Propri‚taire\APPLIC~1\Motive
    C:\Documents and Settings\HP_Propri‚taire\APPLIC~1\ESTsoft
    C:\Documents and Settings\HP_Propri‚taire\APPLIC~1\Syntrillium
    C:\Documents and Settings\HP_Propri‚taire\APPLIC~1\Google
    C:\Documents and Settings\HP_Propri‚taire\APPLIC~1\Atari
    C:\Documents and Settings\HP_Propri‚taire\APPLIC~1\Apple Computer
    C:\Documents and Settings\HP_Propri‚taire\APPLIC~1\Macromedia
    C:\Documents and Settings\HP_Propri‚taire\APPLIC~1\FotoWire
    C:\Documents and Settings\HP_Propri‚taire\APPLIC~1\sversion.ini
    C:\Documents and Settings\HP_Propri‚taire\APPLIC~1\Help
    C:\Documents and Settings\HP_Propri‚taire\APPLIC~1\Visicom Media
    C:\Documents and Settings\HP_Propri‚taire\APPLIC~1\Thunderbird
    C:\Documents and Settings\HP_Propri‚taire\APPLIC~1\vlc
    C:\Documents and Settings\HP_Propri‚taire\APPLIC~1\Mozilla
    C:\Documents and Settings\HP_Propri‚taire\APPLIC~1\MSNInstaller
    C:\Documents and Settings\HP_Propri‚taire\APPLIC~1\Intervideo
    C:\Documents and Settings\HP_Propri‚taire\APPLIC~1\Sonic
    C:\Documents and Settings\HP_Propri‚taire\APPLIC~1\Leadertech
    C:\Documents and Settings\HP_Propri‚taire\APPLIC~1\Symantec
    C:\Documents and Settings\HP_Propri‚taire\APPLIC~1\SampleView
    C:\Documents and Settings\HP_Propri‚taire\APPLIC~1\Sun
    C:\Documents and Settings\HP_Propri‚taire\APPLIC~1\desktop.ini
    C:\Documents and Settings\HP_Propri‚taire\APPLIC~1\Identities

    C:\Documents and Settings\LocalService\APPLIC~1\Microsoft
    C:\Documents and Settings\LocalService\APPLIC~1\Macromedia

    C:\Documents and Settings\NetworkService\APPLIC~1\Microsoft

    ----------------[ Tâches planifiées dans C:\WINDOWS\tasks ]---------------

    [16/12/2007 20:10][--a------]C:\WINDOWS\tasks\C:\WINDOWS\tasks\At6.job
    [16/12/2007 20:10][--a------]C:\WINDOWS\tasks\C:\WINDOWS\tasks\At5.job
    [16/12/2007 20:10][--a------]C:\WINDOWS\tasks\C:\WINDOWS\tasks\At4.job
    [26/12/2007 20:00][--a------]C:\WINDOWS\tasks\C:\WINDOWS\tasks\At3.job
    [26/12/2007 14:00][--a------]C:\WINDOWS\tasks\C:\WINDOWS\tasks\At2.job
    [25/12/2007 18:37][--a------]C:\WINDOWS\tasks\C:\WINDOWS\tasks\AppleSoftwareUpdate.job
    [26/12/2007 19:00][--a------]C:\WINDOWS\tasks\C:\WINDOWS\tasks\Synchroniser.job
    [26/12/2007 07:38][--a------]C:\WINDOWS\tasks\C:\WINDOWS\tasks\Nettoyage de disque.job
    [05/08/2004 11:00][-rah-----]C:\WINDOWS\tasks\C:\WINDOWS\tasks\desktop.ini
    [03/09/2005 13:57][--a------]C:\WINDOWS\tasks\C:\WINDOWS\tasks\Symantec NetDetect.job
    [26/12/2007 07:38][--ah-----]C:\WINDOWS\tasks\C:\WINDOWS\tasks\SA.DAT

    ---------------[ Listing des dossiers dans C:\Program Files ]--------------

    C:\Program Files\7za.exe
    C:\Program Files\Adobe
    C:\Program Files\Alwil Software
    C:\Program Files\Apple Software Update
    C:\Program Files\a-squared HiJackFree
    C:\Program Files\ATI Technologies
    C:\Program Files\AusLogics Disk Defrag
    C:\Program Files\AviSynth 2.5
    C:\Program Files\Axon Data
    C:\Program Files\Azureus
    C:\Program Files\backburner 2
    C:\Program Files\BitTorrent
    C:\Program Files\CCleaner
    C:\Program Files\Circle Developement
    C:\Program Files\Common Files
    C:\Program Files\DAEMON Tools
    C:\Program Files\Desktop
    C:\Program Files\Digital Flash Player
    C:\Program Files\directx
    C:\Program Files\DivX
    C:\Program Files\East-Tec Eraser 2006
    C:\Program Files\Easy Internet signup
    C:\Program Files\eMule
    C:\Program Files\ESTsoft
    C:\Program Files\Fichiers communs
    C:\Program Files\FLVPlayer
    C:\Program Files\Games-Masters.com
    C:\Program Files\Help and Support Additions
    C:\Program Files\Hewlett-Packard
    C:\Program Files\Hijackthis Version Fran‡aise
    C:\Program Files\HP
    C:\Program Files\Internet Explorer
    C:\Program Files\iPod
    C:\Program Files\iTunes
    C:\Program Files\Java
    C:\Program Files\Lavasoft
    C:\Program Files\Logitech
    C:\Program Files\Lop SD
    C:\Program Files\MAIET
    C:\Program Files\Media Player Classic
    C:\Program Files\Messenger Plus! Live
    C:\Program Files\Microsoft CAPICOM 2.1.0.2
    C:\Program Files\microsoft frontpage
    C:\Program Files\Microsoft Office
    C:\Program Files\Microsoft Visual Studio
    C:\Program Files\Microsoft Works
    C:\Program Files\Microsoft.NET
    C:\Program Files\Movie Maker
    C:\Program Files\Mozilla Firefox
    C:\Program Files\Mozilla Thunderbird
    C:\Program Files\MSN Gaming Zone
    C:\Program Files\MSN Messenger
    C:\Program Files\MSXML 4.0
    C:\Program Files\MSXML 6.0
    C:\Program Files\Music Mixer 3.0
    C:\Program Files\Music Mixer 4
    C:\Program Files\Nero
    C:\Program Files\NetMeeting
    C:\Program Files\OpenOffice.org 2.2
    C:\Program Files\Opera
    C:\Program Files\Outlook Express
    C:\Program Files\Overland
    C:\Program Files\PC-Doctor for Windows
    C:\Program Files\PENDULO Studios
    C:\Program Files\PowerISO
    C:\Program Files\QuickTime
    C:\Program Files\Realtek
    C:\Program Files\Rockstar Games
    C:\Program Files\Sega
    C:\Program Files\SiS VGA Utilities V3.59e
    C:\Program Files\Skype
    C:\Program Files\Spybot - Search & Destroy
    C:\Program Files\svchosts.tbe
    C:\Program Files\TGTSoft
    C:\Program Files\ToniArts
    C:\Program Files\Ubisoft
    C:\Program Files\UxTheme Multipatcher Fr
    C:\Program Files\VideoLAN
    C:\Program Files\VirtualDub
    C:\Program Files\WinAVI Video Converter
    C:\Program Files\Windows Live
    C:\Program Files\Windows Media Connect 2
    C:\Program Files\Windows Media Player
    C:\Program Files\Windows NT
    C:\Program Files\WinRAR
    C:\Program Files\wipeownsbat
    C:\Program Files\Wolfenstein - Enemy Territory
    C:\Program Files\wunauclt.exe
    C:\Program Files\xerox

    ------[ Listing des dossiers dans C:\Program Files\Fichiers communs ]------

    C:\Program Files\Fichiers communs\Adobe
    C:\Program Files\Fichiers communs\Adobe Systems Shared
    C:\Program Files\Fichiers communs\Ahead
    C:\Program Files\Fichiers communs\Apple
    C:\Program Files\Fichiers communs\Autodesk Shared
    C:\Program Files\Fichiers communs\AVSMedia
    C:\Program Files\Fichiers communs\Blizzard Entertainment
    C:\Program Files\Fichiers communs\DESIGNER
    C:\Program Files\Fichiers communs\DirectX
    C:\Program Files\Fichiers communs\FotoWire
    C:\Program Files\Fichiers communs\Hewlett-Packard
    C:\Program Files\Fichiers communs\HP
    C:\Program Files\Fichiers communs\InstallShield
    C:\Program Files\Fichiers communs\Java
    C:\Program Files\Fichiers communs\Kaspersky Lab
    C:\Program Files\Fichiers communs\LHSPF
    C:\Program Files\Fichiers communs\Logitech
    C:\Program Files\Fichiers communs\Macromedia
    C:\Program Files\Fichiers communs\Macrovision Shared
    C:\Program Files\Fichiers communs\MAGIX Shared
    C:\Program Files\Fichiers communs\Microsoft Shared
    C:\Program Files\Fichiers communs\Motive
    C:\Program Files\Fichiers communs\MSSoap
    C:\Program Files\Fichiers communs\ODBC
    C:\Program Files\Fichiers communs\Real
    C:\Program Files\Fichiers communs\Services
    C:\Program Files\Fichiers communs\Skype
    C:\Program Files\Fichiers communs\Softwin
    C:\Program Files\Fichiers communs\SpeechEngines
    C:\Program Files\Fichiers communs\Symantec Shared
    C:\Program Files\Fichiers communs\System
    C:\Program Files\Fichiers communs\WexTech Shared
    C:\Program Files\Fichiers communs\Wise Installation Wizard

    ----------------------[ Recherche avec S_Lop ]---------------------


    -----------------[ Recherche de Fichiers / Dossiers Lop ]-----------------

    Aucun fichier / dossier Lop trouvé !

    ----------------------[ Verification du Registre ]----------------------

    ..... OK !

    --------------------[ Verification du fichier Hosts ]---------------------

    Fichier Hosts PROPRE


    ----------------[ Recherche de fichiers avec Catchme ]-----------------

    catchme 0.3.1262 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
    Rootkit scan 2007-12-26 22:01:49
    Windows 5.1.2600 Service Pack 2 NTFS
    scanning hidden files ...
    scan completed successfully
    hidden files: 0

    --------------------[ Recherche d'autres infections ]---------------------

    Aucune autre infection trouvée !

    --------------------[ Fin du rapport a 22:01:57,47 ]----------------------




    Et le scan Hijack this
    Citation :

    Logfile of HijackThis v1.99.1
    Scan saved at 22:04:21, on 26/12/2007
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v7.00 (7.00.6000.16574)

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\Ati2evxx.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\TGTSoft\StyleXP\StyleXPService.exe
    C:\WINDOWS\system32\Ati2evxx.exe
    C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
    C:\Program Files\Alwil Software\Avast4\ashServ.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
    C:\windows\system\hpsysdrv.exe
    C:\WINDOWS\system32\keyhook.exe
    C:\WINDOWS\AGRSMMSG.exe
    C:\WINDOWS\SOUNDMAN.EXE
    C:\WINDOWS\ALCWZRD.EXE
    C:\WINDOWS\ALCMTR.EXE
    C:\WINDOWS\system32\LVCOMSX.EXE
    C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
    C:\HP\KBD\KBD.EXE
    C:\Program Files\HP\hpcoretech\hpcmpmgr.exe
    C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.EXE
    C:\Program Files\TGTSoft\StyleXP\StyleXP.exe
    C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe
    C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
    C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
    C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE
    C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe
    C:\WINDOWS\system32\PnkBstrA.exe
    C:\WINDOWS\system32\svchost.exe
    C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
    C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
    C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe
    C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexStoreSvr.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\MSN Messenger\usnsvc.exe
    C:\Program Files\MSN Messenger\msnmsgr.exe
    C:\Program Files\MSN Messenger\msnmsgr.exe
    C:\Program Files\Opera\Opera.exe
    C:\Program Files\eMule\emule.exe
    C:\Program Files\Media Player Classic\mplayerc.exe
    C:\WINDOWS\explorer.exe
    C:\Program Files\Hijackthis Version Française\hijackthis vf.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
    R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&loca...
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Internet Explorer avec Club-Internet
    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
    R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
    O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
    O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
    O2 - BHO: CoTGT_BHO Class - {C333CF63-767F-4831-94AC-E683D962C63C} - C:\Program Files\TGTSoft\StyleXP\TGT_BHO.dll
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
    O4 - HKLM\..\Run: [hpsysdrv] c:\windows\system\hpsysdrv.exe
    O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE
    O4 - HKLM\..\Run: [VTTimer] VTTimer.exe
    O4 - HKLM\..\Run: [SiS Windows KeyHook] C:\WINDOWS\system32\keyhook.exe
    O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
    O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
    O4 - HKLM\..\Run: [AlcWzrd] ALCWZRD.EXE
    O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
    O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
    O4 - HKLM\..\Run: [HP Software Update] "C:\Program Files\HP\HP Software Update\HPWuSchd2.exe"
    O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KBD.EXE
    O4 - HKLM\..\Run: [HP Component Manager] "C:\Program Files\HP\hpcoretech\hpcmpmgr.exe"
    O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe"
    O4 - HKLM\..\Run: [bend logo clock film] C:\Documents and Settings\All Users\Application Data\Frag great bend logo\Bash open.exe
    O4 - HKCU\..\Run: [STYLEXP] C:\Program Files\TGTSoft\StyleXP\StyleXP.exe -Hide
    O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe"
    O4 - HKCU\..\Run: [AimBird] C:\DOCUME~1\HP_PRO~1\APPLIC~1\WIPEOW~1\ooze name.exe
    O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
    O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
    O8 - Extra context menu item: &Search - ?p=ZNfox000
    O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
    O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
    O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
    O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
    O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
    O11 - Options group: [INTERNATIONAL] International*
    O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab31267....
    O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPACl...
    O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} - C:\Program Files\Yahoo!\Common\yinsthelper.dll
    O16 - DPF: {39B0684F-D7BF-4743-B050-FDC3F48F7E3B} - http://www.fileplanet.com/fpdlmgr/cabs/FPDC_2.1.2.76.ca...
    O16 - DPF: {4C39376E-FA9D-4349-BACC-D305C1750EF3} (EPUImageControl Class) - http://tools.ebayimg.com/eps/wl/activex/eBay_Enhanced_P...
    O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx2.hotmail.com/mail/w2/pr02/resources/MSNPUpld...
    O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClie...
    O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMessengerSetupDown...
    O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://messenger.zone.msn.com/binary/ZIntro.cab56649.ca...
    O16 - DPF: {BD393C14-72AD-4790-A095-76522973D6B8} (CBreakshotControl Class) - http://messenger.zone.msn.com/binary/Bankshot.cab31267....
    O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPACl...
    O17 - HKLM\System\CCS\Services\Tcpip\..\{8ADE1899-D82A-4164-92E3-7B867555FDE5}: NameServer = 194.117.200.10,194.117.200.15
    O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
    O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
    O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL
    O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll
    O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
    O20 - Winlogon Notify: WRNotifier - WRLogonNTF.dll (file missing)
    O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
    O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
    O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
    O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
    O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
    O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
    O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
    O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
    O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
    O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Fichiers communs\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1050\Intel 32\IDriverT.exe
    O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
    O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
    O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe
    O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
    O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
    O23 - Service: StyleXPService - Unknown owner - C:\Program Files\TGTSoft\StyleXP\StyleXPService.exe
    O23 - Service: Windows Live Setup Service (WLSetupSvc) - Unknown owner - C:\Program Files\Windows Live\installer\WLSetupSvc.exe

    a b 8 Sécurité
    26 Décembre 2007 22:06:04

    Re,

    Fix les lignes dans le cadre ci-dessous avec Hijackthis : AIDE EN IMAGES

    R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
    O4 - HKLM\..\Run: [bend logo clock film] C:\Documents and Settings\All Users\Application Data\Frag great bend logo\Bash open.exe
    O4 - HKCU\..\Run: [AimBird] C:\DOCUME~1\HP_PRO~1\APPLIC~1\WIPEOW~1\ooze name.exe
    O20 - Winlogon Notify: WRNotifier - WRLogonNTF.dll (file missing)


    &

    Télécharge OTMoveIt (d'OldTimer). Sauvegarde-le sur ton Bureau.
    Sélectionne tous les emplacements dans le cadre ci-dessous :

    C:\Documents and Settings\All Users\Application Data\Frag great bend logo
    C:\DOCUME~1\HP_PRO~1\APPLIC~1\WIPEOW~1
    C:\WINDOWS\tasks\At*.job
    C:\Program Files\wipeownsbat

    ---> Clique-droit puis Copier (ou Ctrl+C)

    Double-clique sur OTMoveIt.exe afin de le lancer.
    Fais un Clique-droit sur le cadre de gauche puis choisis Coller (ou Ctrl+V).
    Clique maintenant sur [#ff0000]MoveIt![/#f]

    [#ff0000]Si un fichier ou dossier ne peut pas être supprimé immédiatement, le logiciel te demandera de redémarrer.
    Accepte en cliquant sur YES.[/#f]

    Poste le rapport situé dans ce dossier : C:\_OTMoveIt\MovedFiles\
    Le nom du rapport correspond au moment de sa création : date_heure.log

    ->Informations sur le logiciel<-
    26 Décembre 2007 22:34:06

    C:\Documents and Settings\All Users\Application Data\Frag great bend logo moved successfully.
    C:\DOCUME~1\HP_PRO~1\APPLIC~1\WIPEOW~1 moved successfully.
    File move failed. C:\WINDOWS\tasks\At*.job scheduled to be moved on reboot.
    C:\Program Files\wipeownsbat moved successfully.

    Created on 12/26/2007 22:28:55


    Voila le fameux rapport merci :) 
    a b 8 Sécurité
    26 Décembre 2007 22:44:09

    Reposte un rapport Hijackthis.
    26 Décembre 2007 22:53:58

    Citation :
    Logfile of HijackThis v1.99.1
    Scan saved at 22:55:34, on 26/12/2007
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v7.00 (7.00.6000.16574)

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\Ati2evxx.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\TGTSoft\StyleXP\StyleXPService.exe
    C:\WINDOWS\system32\Ati2evxx.exe
    C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
    C:\Program Files\Alwil Software\Avast4\ashServ.exe
    C:\WINDOWS\Explorer.EXE
    C:\WINDOWS\system32\spoolsv.exe
    C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
    C:\windows\system\hpsysdrv.exe
    C:\WINDOWS\system32\keyhook.exe
    C:\WINDOWS\AGRSMMSG.exe
    C:\WINDOWS\SOUNDMAN.EXE
    C:\WINDOWS\ALCWZRD.EXE
    C:\WINDOWS\ALCMTR.EXE
    C:\WINDOWS\system32\LVCOMSX.EXE
    C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
    C:\HP\KBD\KBD.EXE
    C:\Program Files\HP\hpcoretech\hpcmpmgr.exe
    C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.EXE
    C:\Program Files\TGTSoft\StyleXP\StyleXP.exe
    C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe
    C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
    C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
    C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE
    C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe
    C:\WINDOWS\system32\PnkBstrA.exe
    C:\WINDOWS\system32\svchost.exe
    C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
    C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
    C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe
    C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexStoreSvr.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\Opera\Opera.exe
    C:\Program Files\MSN Messenger\msnmsgr.exe
    C:\Program Files\MSN Messenger\msnmsgr.exe
    C:\Program Files\MSN Messenger\usnsvc.exe
    C:\Program Files\Hijackthis Version Française\hijackthis vf.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
    R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&loca...
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Internet Explorer avec Club-Internet
    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
    O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
    O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
    O2 - BHO: CoTGT_BHO Class - {C333CF63-767F-4831-94AC-E683D962C63C} - C:\Program Files\TGTSoft\StyleXP\TGT_BHO.dll
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
    O4 - HKLM\..\Run: [hpsysdrv] c:\windows\system\hpsysdrv.exe
    O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE
    O4 - HKLM\..\Run: [VTTimer] VTTimer.exe
    O4 - HKLM\..\Run: [SiS Windows KeyHook] C:\WINDOWS\system32\keyhook.exe
    O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
    O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
    O4 - HKLM\..\Run: [AlcWzrd] ALCWZRD.EXE
    O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
    O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
    O4 - HKLM\..\Run: [HP Software Update] "C:\Program Files\HP\HP Software Update\HPWuSchd2.exe"
    O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KBD.EXE
    O4 - HKLM\..\Run: [HP Component Manager] "C:\Program Files\HP\hpcoretech\hpcmpmgr.exe"
    O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe"
    O4 - HKCU\..\Run: [STYLEXP] C:\Program Files\TGTSoft\StyleXP\StyleXP.exe -Hide
    O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe"
    O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
    O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
    O8 - Extra context menu item: &Search - ?p=ZNfox000
    O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
    O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
    O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
    O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
    O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
    O11 - Options group: [INTERNATIONAL] International*
    O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab31267....
    O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPACl...
    O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} - C:\Program Files\Yahoo!\Common\yinsthelper.dll
    O16 - DPF: {39B0684F-D7BF-4743-B050-FDC3F48F7E3B} - http://www.fileplanet.com/fpdlmgr/cabs/FPDC_2.1.2.76.ca...
    O16 - DPF: {4C39376E-FA9D-4349-BACC-D305C1750EF3} (EPUImageControl Class) - http://tools.ebayimg.com/eps/wl/activex/eBay_Enhanced_P...
    O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx2.hotmail.com/mail/w2/pr02/resources/MSNPUpld...
    O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClie...
    O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMessengerSetupDown...
    O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://messenger.zone.msn.com/binary/ZIntro.cab56649.ca...
    O16 - DPF: {BD393C14-72AD-4790-A095-76522973D6B8} (CBreakshotControl Class) - http://messenger.zone.msn.com/binary/Bankshot.cab31267....
    O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPACl...
    O17 - HKLM\System\CCS\Services\Tcpip\..\{8ADE1899-D82A-4164-92E3-7B867555FDE5}: NameServer = 194.117.200.10,194.117.200.15
    O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
    O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
    O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL
    O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll
    O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
    O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
    O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
    O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
    O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
    O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
    O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
    O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
    O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
    O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
    O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Fichiers communs\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1050\Intel 32\IDriverT.exe
    O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
    O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
    O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe
    O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
    O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
    O23 - Service: StyleXPService - Unknown owner - C:\Program Files\TGTSoft\StyleXP\StyleXPService.exe
    O23 - Service: Windows Live Setup Service (WLSetupSvc) - Unknown owner - C:\Program Files\Windows Live\installer\WLSetupSvc.exe



    Voila angel :) 
    27 Décembre 2007 09:40:49

    up :) 
    a b 8 Sécurité
    27 Décembre 2007 12:42:45

    Le LopS&D ?
    27 Décembre 2007 15:36:18

    Mmmmmm je comprends pas tu m'as demandé un rapport Hijack This :) 

    Voila un scan lop


    Citation :
    -----------------------------[ Lop S&D 2.0.2.b ]---------------------------

    Microsoft Windows XP [version 5.1.2600] [ OS : Windows_NT ]

    "C:\Program Files\Lop SD"

    [ 27/12/2007 | 15:41:25,43 ] [ NOM-641695C7437 ]


    -------------[ Listing des dossiers dans Application Data ]------------

    C:\Documents and Settings\All Users\APPLIC~1\Adobe
    C:\Documents and Settings\All Users\APPLIC~1\TEMP
    C:\Documents and Settings\All Users\APPLIC~1\FLEXnet
    C:\Documents and Settings\All Users\APPLIC~1\Ahead
    C:\Documents and Settings\All Users\APPLIC~1\Nero
    C:\Documents and Settings\All Users\APPLIC~1\ATI
    C:\Documents and Settings\All Users\APPLIC~1\Spybot - Search & Destroy
    C:\Documents and Settings\All Users\APPLIC~1\Skype
    C:\Documents and Settings\All Users\APPLIC~1\hpzinstall.log
    C:\Documents and Settings\All Users\APPLIC~1\QTSBandwidthCache
    C:\Documents and Settings\All Users\APPLIC~1\Apple
    C:\Documents and Settings\All Users\APPLIC~1\WindowsLiveInstaller
    C:\Documents and Settings\All Users\APPLIC~1\WLInstaller
    C:\Documents and Settings\All Users\APPLIC~1\Apple Computer
    C:\Documents and Settings\All Users\APPLIC~1\Microsoft
    C:\Documents and Settings\All Users\APPLIC~1\Autodesk
    C:\Documents and Settings\All Users\APPLIC~1\Messenger Plus!
    C:\Documents and Settings\All Users\APPLIC~1\Windows Genuine Advantage
    C:\Documents and Settings\All Users\APPLIC~1\Macrovision
    C:\Documents and Settings\All Users\APPLIC~1\Adobe Systems
    C:\Documents and Settings\All Users\APPLIC~1\pixelStorm
    C:\Documents and Settings\All Users\APPLIC~1\ESTsoft
    C:\Documents and Settings\All Users\APPLIC~1\Macromedia
    C:\Documents and Settings\All Users\APPLIC~1\Kaspersky Anti-Virus Personal Pro
    C:\Documents and Settings\All Users\APPLIC~1\QuickTime
    C:\Documents and Settings\All Users\APPLIC~1\Raxco
    C:\Documents and Settings\All Users\APPLIC~1\Symantec
    C:\Documents and Settings\All Users\APPLIC~1\Motive
    C:\Documents and Settings\All Users\APPLIC~1\InterVideo
    C:\Documents and Settings\All Users\APPLIC~1\Hewlett-Packard
    C:\Documents and Settings\All Users\APPLIC~1\desktop.ini
    C:\Documents and Settings\All Users\APPLIC~1\SBSI

    C:\Documents and Settings\Default User\APPLIC~1\Symantec
    C:\Documents and Settings\Default User\APPLIC~1\SampleView
    C:\Documents and Settings\Default User\APPLIC~1\Apple Computer
    C:\Documents and Settings\Default User\APPLIC~1\Intervideo
    C:\Documents and Settings\Default User\APPLIC~1\Sun
    C:\Documents and Settings\Default User\APPLIC~1\desktop.ini
    C:\Documents and Settings\Default User\APPLIC~1\Microsoft
    C:\Documents and Settings\Default User\APPLIC~1\Identities


    C:\Documents and Settings\HP_PropriǸtaire\APPLIC~1\AdobeDLM.log
    C:\Documents and Settings\HP_PropriǸtaire\APPLIC~1\Macromedia

    C:\Documents and Settings\HP_Propri%u201Ataire\APPLIC~1\Adobe
    C:\Documents and Settings\HP_Propri%u201Ataire\APPLIC~1\Azureus
    C:\Documents and Settings\HP_Propri%u201Ataire\APPLIC~1\InstallShield
    C:\Documents and Settings\HP_Propri%u201Ataire\APPLIC~1\.#
    C:\Documents and Settings\HP_Propri%u201Ataire\APPLIC~1\Skype
    C:\Documents and Settings\HP_Propri%u201Ataire\APPLIC~1\Bioshock
    C:\Documents and Settings\HP_Propri%u201Ataire\APPLIC~1\teamspeak2
    C:\Documents and Settings\HP_Propri%u201Ataire\APPLIC~1\BitTorrent
    C:\Documents and Settings\HP_Propri%u201Ataire\APPLIC~1\Nero
    C:\Documents and Settings\HP_Propri%u201Ataire\APPLIC~1\Microsoft
    C:\Documents and Settings\HP_Propri%u201Ataire\APPLIC~1\dvdcss
    C:\Documents and Settings\HP_Propri%u201Ataire\APPLIC~1\ATI
    C:\Documents and Settings\HP_Propri%u201Ataire\APPLIC~1\OpenOffice.org2
    C:\Documents and Settings\HP_Propri%u201Ataire\APPLIC~1\Steinberg
    C:\Documents and Settings\HP_Propri%u201Ataire\APPLIC~1\SpaceTime 3D
    C:\Documents and Settings\HP_Propri%u201Ataire\APPLIC~1\Screenshot Sender
    C:\Documents and Settings\HP_Propri%u201Ataire\APPLIC~1\SecuROM
    C:\Documents and Settings\HP_Propri%u201Ataire\APPLIC~1\Microsoft Web Folders
    C:\Documents and Settings\HP_Propri%u201Ataire\APPLIC~1\Styler
    C:\Documents and Settings\HP_Propri%u201Ataire\APPLIC~1\AdobeUM
    C:\Documents and Settings\HP_Propri%u201Ataire\APPLIC~1\Real
    C:\Documents and Settings\HP_Propri%u201Ataire\APPLIC~1\Bitdefender
    C:\Documents and Settings\HP_Propri%u201Ataire\APPLIC~1\Lavasoft
    C:\Documents and Settings\HP_Propri%u201Ataire\APPLIC~1\Ahead
    C:\Documents and Settings\HP_Propri%u201Ataire\APPLIC~1\Opera
    C:\Documents and Settings\HP_Propri%u201Ataire\APPLIC~1\GdiplusUpgrade_MSIApproach_Wrapper.log
    C:\Documents and Settings\HP_Propri%u201Ataire\APPLIC~1\Lionhead Studios
    C:\Documents and Settings\HP_Propri%u201Ataire\APPLIC~1\.ABC
    C:\Documents and Settings\HP_Propri%u201Ataire\APPLIC~1\EAST Technologies
    C:\Documents and Settings\HP_Propri%u201Ataire\APPLIC~1\GDIPFONTCACHEV1.DAT
    C:\Documents and Settings\HP_Propri%u201Ataire\APPLIC~1\XnView
    C:\Documents and Settings\HP_Propri%u201Ataire\APPLIC~1\Media Player Classic
    C:\Documents and Settings\HP_Propri%u201Ataire\APPLIC~1\Motive
    C:\Documents and Settings\HP_Propri%u201Ataire\APPLIC~1\ESTsoft
    C:\Documents and Settings\HP_Propri%u201Ataire\APPLIC~1\Syntrillium
    C:\Documents and Settings\HP_Propri%u201Ataire\APPLIC~1\Google
    C:\Documents and Settings\HP_Propri%u201Ataire\APPLIC~1\Atari
    C:\Documents and Settings\HP_Propri%u201Ataire\APPLIC~1\Apple Computer
    C:\Documents and Settings\HP_Propri%u201Ataire\APPLIC~1\Macromedia
    C:\Documents and Settings\HP_Propri%u201Ataire\APPLIC~1\FotoWire
    C:\Documents and Settings\HP_Propri%u201Ataire\APPLIC~1\sversion.ini
    C:\Documents and Settings\HP_Propri%u201Ataire\APPLIC~1\Help
    C:\Documents and Settings\HP_Propri%u201Ataire\APPLIC~1\Visicom Media
    C:\Documents and Settings\HP_Propri%u201Ataire\APPLIC~1\Thunderbird
    C:\Documents and Settings\HP_Propri%u201Ataire\APPLIC~1\vlc
    C:\Documents and Settings\HP_Propri%u201Ataire\APPLIC~1\Mozilla
    C:\Documents and Settings\HP_Propri%u201Ataire\APPLIC~1\MSNInstaller
    C:\Documents and Settings\HP_Propri%u201Ataire\APPLIC~1\Intervideo
    C:\Documents and Settings\HP_Propri%u201Ataire\APPLIC~1\Sonic
    C:\Documents and Settings\HP_Propri%u201Ataire\APPLIC~1\Leadertech
    C:\Documents and Settings\HP_Propri%u201Ataire\APPLIC~1\Symantec
    C:\Documents and Settings\HP_Propri%u201Ataire\APPLIC~1\SampleView
    C:\Documents and Settings\HP_Propri%u201Ataire\APPLIC~1\Sun
    C:\Documents and Settings\HP_Propri%u201Ataire\APPLIC~1\desktop.ini
    C:\Documents and Settings\HP_Propri%u201Ataire\APPLIC~1\Identities

    C:\Documents and Settings\LocalService\APPLIC~1\Microsoft
    C:\Documents and Settings\LocalService\APPLIC~1\Macromedia

    C:\Documents and Settings\NetworkService\APPLIC~1\Microsoft

    ----------------[ Tâches planifiées dans C:\WINDOWS\tasks ]---------------

    [16/12/2007 20:10][--a------]C:\WINDOWS\tasks\At6.job
    [16/12/2007 20:10][--a------]C:\WINDOWS\tasks\At5.job
    [16/12/2007 20:10][--a------]C:\WINDOWS\tasks\At4.job
    [26/12/2007 20:00][--a------]C:\WINDOWS\tasks\At3.job
    [26/12/2007 14:00][--a------]C:\WINDOWS\tasks\At2.job
    [25/12/2007 18:37][--a------]C:\WINDOWS\tasks\AppleSoftwareUpdate.job
    [26/12/2007 19:00][--a------]C:\WINDOWS\tasks\Synchroniser.job
    [27/12/2007 09:09][--a------]C:\WINDOWS\tasks\Nettoyage de disque.job
    [05/08/2004 11:00][-rah-----]C:\WINDOWS\tasks\desktop.ini
    [03/09/2005 13:57][--a------]C:\WINDOWS\tasks\Symantec NetDetect.job
    [27/12/2007 09:09][--ah-----]C:\WINDOWS\tasks\SA.DAT

    ---------------[ Listing des dossiers dans C:\Program Files ]--------------

    C:\Program Files\7za.exe
    C:\Program Files\Adobe
    C:\Program Files\Alwil Software
    C:\Program Files\Apple Software Update
    C:\Program Files\a-squared HiJackFree
    C:\Program Files\ATI Technologies
    C:\Program Files\AusLogics Disk Defrag
    C:\Program Files\AviSynth 2.5
    C:\Program Files\Axon Data
    C:\Program Files\Azureus
    C:\Program Files\backburner 2
    C:\Program Files\BitTorrent
    C:\Program Files\CCleaner
    C:\Program Files\Circle Developement
    C:\Program Files\Common Files
    C:\Program Files\DAEMON Tools
    C:\Program Files\Desktop
    C:\Program Files\Digital Flash Player
    C:\Program Files\directx
    C:\Program Files\DivX
    C:\Program Files\East-Tec Eraser 2006
    C:\Program Files\Easy Internet signup
    C:\Program Files\eMule
    C:\Program Files\ESTsoft
    C:\Program Files\Fichiers communs
    C:\Program Files\FLVPlayer
    C:\Program Files\Games-Masters.com
    C:\Program Files\Help and Support Additions
    C:\Program Files\Hewlett-Packard
    C:\Program Files\Hijackthis Version Fran%u2021aise
    C:\Program Files\HP
    C:\Program Files\Internet Explorer
    C:\Program Files\iPod
    C:\Program Files\iTunes
    C:\Program Files\Java
    C:\Program Files\Lavasoft
    C:\Program Files\Logitech
    C:\Program Files\Lop SD
    C:\Program Files\MAIET
    C:\Program Files\Media Player Classic
    C:\Program Files\Messenger Plus! Live
    C:\Program Files\Microsoft CAPICOM 2.1.0.2
    C:\Program Files\microsoft frontpage
    C:\Program Files\Microsoft Office
    C:\Program Files\Microsoft Visual Studio
    C:\Program Files\Microsoft Works
    C:\Program Files\Microsoft.NET
    C:\Program Files\Movie Maker
    C:\Program Files\Mozilla Firefox
    C:\Program Files\Mozilla Thunderbird
    C:\Program Files\MSN Gaming Zone
    C:\Program Files\MSN Messenger
    C:\Program Files\MSXML 4.0
    C:\Program Files\MSXML 6.0
    C:\Program Files\Music Mixer 3.0
    C:\Program Files\Music Mixer 4
    C:\Program Files\Nero
    C:\Program Files\NetMeeting
    C:\Program Files\OpenOffice.org 2.2
    C:\Program Files\Opera
    C:\Program Files\Outlook Express
    C:\Program Files\Overland
    C:\Program Files\PC-Doctor for Windows
    C:\Program Files\PENDULO Studios
    C:\Program Files\PowerISO
    C:\Program Files\QuickTime
    C:\Program Files\Realtek
    C:\Program Files\Rockstar Games
    C:\Program Files\Sega
    C:\Program Files\SiS VGA Utilities V3.59e
    C:\Program Files\Skype
    C:\Program Files\Spybot - Search & Destroy
    C:\Program Files\svchosts.tbe
    C:\Program Files\TGTSoft
    C:\Program Files\ToniArts
    C:\Program Files\Ubisoft
    C:\Program Files\UxTheme Multipatcher Fr
    C:\Program Files\VideoLAN
    C:\Program Files\VirtualDub
    C:\Program Files\WinAVI Video Converter
    C:\Program Files\Windows Live
    C:\Program Files\Windows Media Connect 2
    C:\Program Files\Windows Media Player
    C:\Program Files\Windows NT
    C:\Program Files\WinRAR
    C:\Program Files\Wolfenstein - Enemy Territory
    C:\Program Files\wunauclt.exe
    C:\Program Files\xerox

    ------[ Listing des dossiers dans C:\Program Files\Fichiers communs ]------

    C:\Program Files\Fichiers communs\Adobe
    C:\Program Files\Fichiers communs\Adobe Systems Shared
    C:\Program Files\Fichiers communs\Ahead
    C:\Program Files\Fichiers communs\Apple
    C:\Program Files\Fichiers communs\Autodesk Shared
    C:\Program Files\Fichiers communs\AVSMedia
    C:\Program Files\Fichiers communs\Blizzard Entertainment
    C:\Program Files\Fichiers communs\DESIGNER
    C:\Program Files\Fichiers communs\DirectX
    C:\Program Files\Fichiers communs\FotoWire
    C:\Program Files\Fichiers communs\Hewlett-Packard
    C:\Program Files\Fichiers communs\HP
    C:\Program Files\Fichiers communs\InstallShield
    C:\Program Files\Fichiers communs\Java
    C:\Program Files\Fichiers communs\Kaspersky Lab
    C:\Program Files\Fichiers communs\LHSPF
    C:\Program Files\Fichiers communs\Logitech
    C:\Program Files\Fichiers communs\Macromedia
    C:\Program Files\Fichiers communs\Macrovision Shared
    C:\Program Files\Fichiers communs\MAGIX Shared
    C:\Program Files\Fichiers communs\Microsoft Shared
    C:\Program Files\Fichiers communs\Motive
    C:\Program Files\Fichiers communs\MSSoap
    C:\Program Files\Fichiers communs\ODBC
    C:\Program Files\Fichiers communs\Real
    C:\Program Files\Fichiers communs\Services
    C:\Program Files\Fichiers communs\Skype
    C:\Program Files\Fichiers communs\Softwin
    C:\Program Files\Fichiers communs\SpeechEngines
    C:\Program Files\Fichiers communs\Symantec Shared
    C:\Program Files\Fichiers communs\System
    C:\Program Files\Fichiers communs\WexTech Shared
    C:\Program Files\Fichiers communs\Wise Installation Wizard

    ----------------------[ Recherche avec S_Lop ]---------------------

    Aucun fichier / dossier Lop trouvé !

    -----------------[ Recherche de Fichiers / Dossiers Lop ]-----------------

    Aucun fichier / dossier Lop trouvé !

    ----------------------[ Verification du Registre ]----------------------

    ..... OK !

    --------------------[ Verification du fichier Hosts ]---------------------

    Fichier Hosts PROPRE


    ----------------[ Recherche de fichiers avec Catchme ]-----------------

    catchme 0.3.1262 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
    Rootkit scan 2007-12-27 15:42:49
    Windows 5.1.2600 Service Pack 2 NTFS
    scanning hidden files ...
    scan completed successfully
    hidden files: 0

    --------------------[ Recherche d'autres infections ]---------------------

    Aucune autre infection trouvée !

    --------------------[ Fin du rapport a 15:42:58,56 ]----------------------
    a b 8 Sécurité
    27 Décembre 2007 17:05:07

    J'ai bien demandé un nouveau rapport Lop S&D, regarde en haut ;) 

    Télécharge Smitfraudfix (de S!ri).
    Enregistre-le sur ton bureau.
    Lance SmitfraudFix.exe (le .exe peut ne pas apparaitre).
    Choisis l'Option 1 (Recherche)
    Poste le premier rapport ici.

    **Si le lien ne fonctionne pas, clique ici**
    27 Décembre 2007 17:26:09

    Ok merci Angel, voici le rapport

    Citation :
    SmitFraudFix v2.274

    Rapport fait à 17:25:57,14, 27/12/2007
    Executé à partir de C:\Documents and Settings\HP_Propri‚taire\Mes documents\SmitfraudFix
    OS: Microsoft Windows XP [version 5.1.2600] - Windows_NT
    Le type du système de fichiers est NTFS
    Fix executé en mode normal

    »»»»»»»»»»»»»»»»»»»»»»»» Process

    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\Ati2evxx.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\TGTSoft\StyleXP\StyleXPService.exe
    C:\WINDOWS\system32\Ati2evxx.exe
    C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
    C:\Program Files\Alwil Software\Avast4\ashServ.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
    C:\windows\system\hpsysdrv.exe
    C:\WINDOWS\system32\keyhook.exe
    C:\WINDOWS\AGRSMMSG.exe
    C:\WINDOWS\SOUNDMAN.EXE
    C:\WINDOWS\ALCWZRD.EXE
    C:\WINDOWS\ALCMTR.EXE
    C:\WINDOWS\system32\LVCOMSX.EXE
    C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
    C:\HP\KBD\KBD.EXE
    C:\Program Files\HP\hpcoretech\hpcmpmgr.exe
    C:\Program Files\TGTSoft\StyleXP\StyleXP.exe
    C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.EXE
    C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe
    C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
    C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
    C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe
    C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE
    C:\WINDOWS\system32\PnkBstrA.exe
    C:\WINDOWS\system32\svchost.exe
    C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
    C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
    C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe
    C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexStoreSvr.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\MSN Messenger\msnmsgr.exe
    C:\Program Files\MSN Messenger\usnsvc.exe
    C:\Program Files\eMule\emule.exe
    C:\WINDOWS\explorer.exe
    C:\WINDOWS\system32\cleanmgr.exe
    C:\Program Files\MSN Messenger\msnmsgr.exe
    C:\Program Files\Opera\Opera.exe
    C:\WINDOWS\system32\wuauclt.exe
    C:\WINDOWS\system32\cmd.exe

    »»»»»»»»»»»»»»»»»»»»»»»» hosts


    »»»»»»»»»»»»»»»»»»»»»»»» C:\


    »»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS

    C:\WINDOWS\Tasks\At?.job PRESENT !
    C:\WINDOWS\Tasks\At??.job PRESENT !

    »»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system


    »»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\Web


    »»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system32


    »»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system32\LogFiles


    »»»»»»»»»»»»»»»»»»»»»»»» C:\Documents and Settings\HP_Propri‚taire


    »»»»»»»»»»»»»»»»»»»»»»»» C:\Documents and Settings\HP_Propri‚taire\Application Data


    »»»»»»»»»»»»»»»»»»»»»»»» Menu Démarrer


    »»»»»»»»»»»»»»»»»»»»»»»» C:\DOCUME~1\HP_PRO~1\Favoris


    »»»»»»»»»»»»»»»»»»»»»»»» Bureau


    »»»»»»»»»»»»»»»»»»»»»»»» C:\Program Files

    C:\Program Files\serial.zip PRESENT !

    »»»»»»»»»»»»»»»»»»»»»»»» Clés corrompues


    »»»»»»»»»»»»»»»»»»»»»»»» Eléments du bureau



    »»»»»»»»»»»»»»»»»»»»»»»» IEDFix
    !!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

    IEDFix.exe by S!Ri


    »»»»»»»»»»»»»»»»»»»»»»»» Sharedtaskscheduler
    !!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

    SrchSTS.exe by S!Ri
    Search SharedTaskScheduler's .dll


    »»»»»»»»»»»»»»»»»»»»»»»» AppInit_DLLs
    !!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
    "AppInit_DLLs"=""


    »»»»»»»»»»»»»»»»»»»»»»»» Winlogon.System
    !!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon]
    "System"=""


    »»»»»»»»»»»»»»»»»»»»»»»» Rustock



    »»»»»»»»»»»»»»»»»»»»»»»» DNS

    Description: Realtek RTL8139/810x Family Fast Ethernet NIC - Miniport d'ordonnancement de paquets
    DNS Server Search Order: 194.117.200.10
    DNS Server Search Order: 194.117.200.15

    HKLM\SYSTEM\CCS\Services\Tcpip\..\{8ADE1899-D82A-4164-92E3-7B867555FDE5}: NameServer=194.117.200.10,194.117.200.15
    HKLM\SYSTEM\CS1\Services\Tcpip\..\{8ADE1899-D82A-4164-92E3-7B867555FDE5}: NameServer=194.117.200.10,194.117.200.15
    HKLM\SYSTEM\CS3\Services\Tcpip\..\{8ADE1899-D82A-4164-92E3-7B867555FDE5}: NameServer=194.117.200.10,194.117.200.15


    »»»»»»»»»»»»»»»»»»»»»»»» Recherche infection wininet.dll


    »»»»»»»»»»»»»»»»»»»»»»»» Fin

    a b 8 Sécurité
    27 Décembre 2007 18:08:33

    Re,

    Redémarre en mode sans échec

    Lance SmitfraudFix.exe et choisis cette fois l'Option 2 et réponds oui à la ou les questions.
    Sauvegarde le rapport sur ton Bureau.

    Redémarre normalement.

    Poste les rapports Hijackthis et SmitfraudFix.
    Tom's guide dans le monde
    • Allemagne
    • Italie
    • Irlande
    • Royaume Uni
    • Etats Unis
    Suivre Tom's Guide
    Inscrivez-vous à la Newsletter
    • ajouter à twitter
    • ajouter à facebook
    • ajouter un flux RSS