pubs cid au secours ! [résolu]

bonjour

1


* Télécharge Lop S&D.exe sur ton bureau,
* Double-clique dessus pour lancer l'installation
* Puis double-clique sur le raccourci Lop S&D présent sur ton bureau
* Séléctionne la langue souhaitée , puis choisis l'Option 1 (Recherche)
* Patiente jusqu'à la fin du scan
* Poste le rapport généré (C:\lopR.txt)

( Si le Bureau ne réapparait pas presse Ctrl + Alt + Suppr , Onglet Fichier , Nouvelle tâche , tape explorer.exe et valide )

2

Télécharge puis installe Hijackthis (Trend Micro)
Poste ensuite un rapport dans ta prochaine réponse.
AIDE : Comment utiliser Hijackthis v2.0.2

merci de m'aider
je t'envoie les 2 rapports à la suite
je reste connectée et attends avec impatience tes instructions

-----------------------------[ Lop S&D 2.0.2.b ]---------------------------

Microsoft Windows XP [version 5.1.2600] [ OS : Windows_NT ]

"C:\Program Files\Lop SD"

[ 18/01/2008 | 17:58:13,70 ] [ SNCH50200269 ]


-------------[ Listing des dossiers dans Application Data ]------------

C:\Documents and Settings\All Users\APPLIC~1\soft ref platform bind
C:\Documents and Settings\All Users\APPLIC~1\QTSBandwidthCache
C:\Documents and Settings\All Users\APPLIC~1\hpzinstall.log
C:\Documents and Settings\All Users\APPLIC~1\Google
C:\Documents and Settings\All Users\APPLIC~1\NCH Swift Sound
C:\Documents and Settings\All Users\APPLIC~1\Microsoft
C:\Documents and Settings\All Users\APPLIC~1\Messenger Plus!
C:\Documents and Settings\All Users\APPLIC~1\avg7
C:\Documents and Settings\All Users\APPLIC~1\Apple Computer
C:\Documents and Settings\All Users\APPLIC~1\Adobe
C:\Documents and Settings\All Users\APPLIC~1\MSN6
C:\Documents and Settings\All Users\APPLIC~1\Spybot - Search & Destroy
C:\Documents and Settings\All Users\APPLIC~1\Grisoft
C:\Documents and Settings\All Users\APPLIC~1\Windows Genuine Advantage
C:\Documents and Settings\All Users\APPLIC~1\SBSI
C:\Documents and Settings\All Users\APPLIC~1\desktop.ini

C:\Documents and Settings\Default User\APPLIC~1\Adobe
C:\Documents and Settings\Default User\APPLIC~1\InterTrust
C:\Documents and Settings\Default User\APPLIC~1\Identities
C:\Documents and Settings\Default User\APPLIC~1\desktop.ini
C:\Documents and Settings\Default User\APPLIC~1\Microsoft

C:\Documents and Settings\DIDIE!!!\APPLIC~1\AVG7
C:\Documents and Settings\DIDIE!!!\APPLIC~1\Bolt 64 team
C:\Documents and Settings\DIDIE!!!\APPLIC~1\Microsoft
C:\Documents and Settings\DIDIE!!!\APPLIC~1\Real
C:\Documents and Settings\DIDIE!!!\APPLIC~1\Yahoo!
C:\Documents and Settings\DIDIE!!!\APPLIC~1\dvdcss
C:\Documents and Settings\DIDIE!!!\APPLIC~1\Vso
C:\Documents and Settings\DIDIE!!!\APPLIC~1\pcouffin.log
C:\Documents and Settings\DIDIE!!!\APPLIC~1\inst.exe
C:\Documents and Settings\DIDIE!!!\APPLIC~1\pcouffin.cat
C:\Documents and Settings\DIDIE!!!\APPLIC~1\pcouffin.sys
C:\Documents and Settings\DIDIE!!!\APPLIC~1\pcouffin.inf
C:\Documents and Settings\DIDIE!!!\APPLIC~1\CopyToDvd
C:\Documents and Settings\DIDIE!!!\APPLIC~1\Lavasoft
C:\Documents and Settings\DIDIE!!!\APPLIC~1\Sun
C:\Documents and Settings\DIDIE!!!\APPLIC~1\Google
C:\Documents and Settings\DIDIE!!!\APPLIC~1\Apple Computer
C:\Documents and Settings\DIDIE!!!\APPLIC~1\Macromedia
C:\Documents and Settings\DIDIE!!!\APPLIC~1\Dossier de t‚l‚chargement Share-to-Web
C:\Documents and Settings\DIDIE!!!\APPLIC~1\Leadertech
C:\Documents and Settings\DIDIE!!!\APPLIC~1\Adobe
C:\Documents and Settings\DIDIE!!!\APPLIC~1\AdobeUM
C:\Documents and Settings\DIDIE!!!\APPLIC~1\Help
C:\Documents and Settings\DIDIE!!!\APPLIC~1\MSN6
C:\Documents and Settings\DIDIE!!!\APPLIC~1\Hewlett-Packard
C:\Documents and Settings\DIDIE!!!\APPLIC~1\vlc
C:\Documents and Settings\DIDIE!!!\APPLIC~1\Dossier de t‚l‚chargement Share-to-Web
C:\Documents and Settings\DIDIE!!!\APPLIC~1\Microsoft Web Folders
C:\Documents and Settings\DIDIE!!!\APPLIC~1\InterTrust
C:\Documents and Settings\DIDIE!!!\APPLIC~1\Identities
C:\Documents and Settings\DIDIE!!!\APPLIC~1\desktop.ini

C:\Documents and Settings\LocalService\APPLIC~1\Microsoft
C:\Documents and Settings\LocalService\APPLIC~1\AVG7
C:\Documents and Settings\LocalService\APPLIC~1\Help

C:\Documents and Settings\mailler\APPLIC~1\Bolt 64 team
C:\Documents and Settings\mailler\APPLIC~1\AVG7
C:\Documents and Settings\mailler\APPLIC~1\AdobeUM
C:\Documents and Settings\mailler\APPLIC~1\Macromedia
C:\Documents and Settings\mailler\APPLIC~1\Google
C:\Documents and Settings\mailler\APPLIC~1\Sun
C:\Documents and Settings\mailler\APPLIC~1\Microsoft
C:\Documents and Settings\mailler\APPLIC~1\MSN6
C:\Documents and Settings\mailler\APPLIC~1\Microsoft Web Folders
C:\Documents and Settings\mailler\APPLIC~1\Lavasoft
C:\Documents and Settings\mailler\APPLIC~1\Dossier de t‚l‚chargement Share-to-Web
C:\Documents and Settings\mailler\APPLIC~1\Dossier de t‚l‚chargement Share-to-Web
C:\Documents and Settings\mailler\APPLIC~1\Adobe
C:\Documents and Settings\mailler\APPLIC~1\InterTrust
C:\Documents and Settings\mailler\APPLIC~1\Identities
C:\Documents and Settings\mailler\APPLIC~1\desktop.ini

C:\Documents and Settings\MAILLER JEANNINE\APPLIC~1\Yahoo!
C:\Documents and Settings\MAILLER JEANNINE\APPLIC~1\Bolt 64 team
C:\Documents and Settings\MAILLER JEANNINE\APPLIC~1\Help
C:\Documents and Settings\MAILLER JEANNINE\APPLIC~1\Google
C:\Documents and Settings\MAILLER JEANNINE\APPLIC~1\Microsoft
C:\Documents and Settings\MAILLER JEANNINE\APPLIC~1\AdobeUM
C:\Documents and Settings\MAILLER JEANNINE\APPLIC~1\Macromedia
C:\Documents and Settings\MAILLER JEANNINE\APPLIC~1\Dossier de t‚l‚chargement Share-to-Web
C:\Documents and Settings\MAILLER JEANNINE\APPLIC~1\Dossier de t‚l‚chargement Share-to-Web
C:\Documents and Settings\MAILLER JEANNINE\APPLIC~1\AVG7
C:\Documents and Settings\MAILLER JEANNINE\APPLIC~1\Adobe
C:\Documents and Settings\MAILLER JEANNINE\APPLIC~1\InterTrust
C:\Documents and Settings\MAILLER JEANNINE\APPLIC~1\Identities
C:\Documents and Settings\MAILLER JEANNINE\APPLIC~1\desktop.ini

C:\Documents and Settings\NetworkService\APPLIC~1\Microsoft

C:\Documents and Settings\Propri‚taire\APPLIC~1\Microsoft
C:\Documents and Settings\Propri‚taire\APPLIC~1\Adobe
C:\Documents and Settings\Propri‚taire\APPLIC~1\InterTrust
C:\Documents and Settings\Propri‚taire\APPLIC~1\Identities
C:\Documents and Settings\Propri‚taire\APPLIC~1\desktop.ini

----------------[ Tâches planifiées dans C:\WINDOWS\tasks ]---------------

[18/01/2008 17:00][--ah-----]C:\WINDOWS\tasks\A36FB3CB91883197.job
[11/11/2006 14:03][--a------]C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[18/01/2008 16:00][--a------]C:\WINDOWS\tasks\HPpromotions journeysoftware.job
[11/01/2008 12:05][--a------]C:\WINDOWS\tasks\WebReg 20060710120535.job
[05/07/2006 13:03][--a------]C:\WINDOWS\tasks\Rappel d'enregistrement 2.job
[18/01/2008 15:21][--ah-----]C:\WINDOWS\tasks\SA.DAT
[28/08/2001 11:00][-r-h-----]C:\WINDOWS\tasks\desktop.ini

---------------[ Listing des dossiers dans C:\Program Files ]--------------

C:\Program Files\Adobe
C:\Program Files\Apple Software Update
C:\Program Files\Audioneer
C:\Program Files\BackWeb
C:\Program Files\Bolt 64 team
C:\Program Files\CDRWIN
C:\Program Files\ComPlus Applications
C:\Program Files\DesignPro 2000
C:\Program Files\Disc2Phone
C:\Program Files\DivX
C:\Program Files\EHMINSTALL
C:\Program Files\eMule
C:\Program Files\Fichiers communs
C:\Program Files\Free Easy Burner
C:\Program Files\Friendly Technologies
C:\Program Files\Google
C:\Program Files\Grisoft
C:\Program Files\HandyBits
C:\Program Files\Hewlett-Packard
C:\Program Files\HP
C:\Program Files\INSTALL.LOG
C:\Program Files\Internet Explorer
C:\Program Files\Kit ADSL
C:\Program Files\Lavasoft
C:\Program Files\Lop SD
C:\Program Files\Messenger
C:\Program Files\Messenger Plus! Live
C:\Program Files\microsoft frontpage
C:\Program Files\Microsoft Money
C:\Program Files\Microsoft Office
C:\Program Files\Microsoft Visual Studio
C:\Program Files\MouseWare
C:\Program Files\Movie Maker
C:\Program Files\MSN
C:\Program Files\MSN Gaming Zone
C:\Program Files\MSN Messenger
C:\Program Files\MSXML 4.0
C:\Program Files\Navilog1
C:\Program Files\NetMeeting
C:\Program Files\Outlook Express
C:\Program Files\Prassi PrimoDVD 2.0 (French)
C:\Program Files\QuickTime
C:\Program Files\Real
C:\Program Files\SBApps
C:\Program Files\Services en ligne
C:\Program Files\Softwin
C:\Program Files\Spybot - Search & Destroy
C:\Program Files\Trend Micro
C:\Program Files\USB Driver-Express
C:\Program Files\Utilitaire de gestion du LAN Wifi IEEE 802.11g
C:\Program Files\VideoLAN
C:\Program Files\Windows Live
C:\Program Files\Windows Media Connect 2
C:\Program Files\Windows Media Player
C:\Program Files\Windows NT
C:\Program Files\xerox
C:\Program Files\Yahoo!

------[ Listing des dossiers dans C:\Program Files\Fichiers communs ]------

C:\Program Files\Fichiers communs\Adobe
C:\Program Files\Fichiers communs\Designer
C:\Program Files\Fichiers communs\FTL Shared
C:\Program Files\Fichiers communs\Hewlett-Packard
C:\Program Files\Fichiers communs\HP
C:\Program Files\Fichiers communs\InstallShield
C:\Program Files\Fichiers communs\Logitech
C:\Program Files\Fichiers communs\Microsoft Shared
C:\Program Files\Fichiers communs\MSSoap
C:\Program Files\Fichiers communs\ODBC
C:\Program Files\Fichiers communs\Real
C:\Program Files\Fichiers communs\Services
C:\Program Files\Fichiers communs\Softwin
C:\Program Files\Fichiers communs\SpeechEngines
C:\Program Files\Fichiers communs\System

----------------------[ Recherche avec S_Lop ]---------------------

Aucun fichier / dossier Lop trouvé !

-----------------[ Recherche de Fichiers / Dossiers Lop ]-----------------

C:\WINDOWS\Tasks\A36FB3CB91883197.job

----------------------[ Verification du Registre ]----------------------

..... OK !

--------------------[ Verification du fichier Hosts ]---------------------

Fichier Hosts MODIFIE

127.0.0.1 drivecleaner.com ## added by CiD
127.0.0.1 dynamique.drivecleaner.com ## added by CiD
127.0.0.1 errorprotector.com ## added by CiD
127.0.0.1 errorsafe.com ## added by CiD
127.0.0.1 es.winantivirus.com ## added by CiD
127.0.0.1 fr.winantivirus.com ## added by CiD
127.0.0.1 fr.winfixer.com ## added by CiD
127.0.0.1 go.drivecleaner.com ## added by CiD
127.0.0.1 go.errorsafe.com ## added by CiD
127.0.0.1 go.winantispyware.com ## added by CiD
127.0.0.1 go.winantivirus.com ## added by CiD
127.0.0.1 hk.winantivirus.com ## added by CiD
127.0.0.1 instlog.errorsafe.com ## added by CiD
127.0.0.1 instlog.winantivirus.com ## added by CiD
127.0.0.1 instlog.winfixer.com ## added by CiD
127.0.0.1 jsp.drivecleaner.com ## added by CiD
127.0.0.1 kb.errorsafe.com ## added by CiD
127.0.0.1 kb.winantivirus.com ## added by CiD
127.0.0.1 nl.errorsafe.com ## added by CiD
127.0.0.1 se.errorsafe.com ## added by CiD
127.0.0.1 secure.drivecleaner.com ## added by CiD
127.0.0.1 secure.errorsafe.com ## added by CiD
127.0.0.1 secure.winantispam.com ## added by CiD
127.0.0.1 secure.winantispy.com ## added by CiD
127.0.0.1 secure.winantivirus.com ## added by CiD
127.0.0.1 support.winantivirus.com ## added by CiD
127.0.0.1 trial.updates.winsoftware.com ## added by CiD
127.0.0.1 ulog.winantivirus.com ## added by CiD
127.0.0.1 utils.errorsafe.com ## added by CiD
127.0.0.1 utils.winantivirus.com ## added by CiD
127.0.0.1 utils.winfixer.com ## added by CiD
127.0.0.1 winantispyware.com ## added by CiD
127.0.0.1 winantivirus.com ## added by CiD
127.0.0.1 winfixer.com ## added by CiD
127.0.0.1 winfixer2006.com ## added by CiD
127.0.0.1 winsoftware.com ## added by CiD
127.0.0.1 www.drivecleaner.com ## added by CiD
127.0.0.1 www.errorprotector.com ## added by CiD
127.0.0.1 www.errorsafe.com ## added by CiD
127.0.0.1 www.systemdoctor.com ## added by CiD
127.0.0.1 www.utils.winfixer.com ## added by CiD
127.0.0.1 www.win-anti-virus-pro.com ## added by CiD
127.0.0.1 www.win-virus-pro.com ## added by CiD
127.0.0.1 www.winantispam.com ## added by CiD
127.0.0.1 www.winantispy.com ## added by CiD
127.0.0.1 www.winantispyware.com ## added by CiD
127.0.0.1 www.winantivirus.com ## added by CiD
127.0.0.1 www.winantiviruspro.com ## added by CiD
127.0.0.1 www.windrivecleaner.com ## added by CiD
127.0.0.1 www.windrivesafe.com ## added by CiD
127.0.0.1 www.winfixer.com ## added by CiD
127.0.0.1 www.winfixer2006.com ## added by CiD
127.0.0.1 www.winsoftware.com ## added by CiD

----------------[ Recherche de fichiers avec Catchme ]-----------------

catchme 0.3.1262 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-01-18 18:02:44
Windows 5.1.2600 Service Pack 2 NTFS
scanning hidden files ...
scan completed successfully
hidden files: 0

--------------------[ Recherche d'autres infections ]---------------------

Aucune autre infection trouvée !

--------------------[ Fin du rapport a 18:07:46,76 ]----------------------

voici le deuxième

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 18:14:22, on 18/01/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
C:\PROGRA~1\Grisoft\AVG7\avgemc.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\wscntfy.exe
C:\PROGRA~1\Grisoft\AVG7\avgcc.exe
C:\Program Files\Softwin\BitDefender9\bdnagent.exe
C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb12.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\MSN Messenger\MsnMsgr.Exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Documents and Settings\DIDIE!!!\Bureau\eMule\emule.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\HP\Digital Imaging\bin\hpqgalry.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\WINDOWS\system32\winlogon.exe
C:\apps\ActivSurf\4448364\Program\backweb-4448364.exe
C:\Program Files\MSN Messenger\usnsvc.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\explorer.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://fr.rd.yahoo.com/customize/ycomp/defaults/sb/*http://fr.yahoo.com/search/ie.html
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://fr.rd.yahoo.com/customize/ycomp/defaults/sp/*http://fr.yahoo.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://fr.yahoo.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.yahoo.com
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://fr.rd.yahoo.com/customize/ycomp/defaults/su/*http://fr.yahoo.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer fourni par Planetis
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVG7\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [BDNewsAgent] "C:\Program Files\Softwin\BitDefender9\bdnagent.exe"
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb12.exe
O4 - HKLM\..\Run: [ActivSurf] C:\apps\ActivSurf\4448364\Program\backweb-4448364.exe
O4 - HKLM\..\Run: [HP Software Update] "C:\Program Files\HP\HP Software Update\HPWuSchd2.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [platform bind axis time] C:\Documents and Settings\All Users\Application Data\soft ref platform bind\Meta Mode.exe
O4 - HKCU\..\Run: [MoneyAgent] "C:\Program Files\Microsoft Money\System\Money Express.exe"
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [Update Service] "C:\Program Files\Fichiers communs\Teknum Systems\update.exe" /startup
O4 - HKCU\..\Run: [eMuleAutoStart] C:\Documents and Settings\DIDIE!!!\Bureau\eMule\emule.exe -AutoStart
O4 - HKUS\S-1-5-19\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-21-1715567821-796845957-725345543-1004\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background (User 'mailler')
O4 - HKUS\S-1-5-21-1715567821-796845957-725345543-1004\..\Run: [Oncebeep] C:\DOCUME~1\mailler\APPLIC~1\BOLT64~1\FLAW MPEG.exe (User 'mailler')
O4 - HKUS\S-1-5-21-1715567821-796845957-725345543-1004\..\Run: [eMuleAutoStart] C:\Program Files\eMule\emule.exe -AutoStart (User 'mailler')
O4 - HKUS\S-1-5-18\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'Default user')
O4 - Global Startup: Démarrage rapide du logiciel HP Image Zone.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx1.mail.live.com/mail/w1/resources/MSNPUpld.ca...
O16 - DPF: {C45B1500-7B63-47C2-AB25-C28CB46AFDEE} (MediaBar) - http://sib1.od2.com/common/musicmanager/installation/Mu...
O17 - HKLM\System\CCS\Services\Tcpip\..\{8F1BDEB9-9A11-427D-B782-0ED69826A0DF}: NameServer = 84.103.237.144 86.64.145.144
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgemc.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe

--
End of file - 6154 bytes

re
supprime ta version elle est obsoléte
je viens de le refaire chez moi: regarde:
-----------------------------[ Lop S&D 2.0.5 ]---------------------------

prends mon lien de téléchargement et recommence  

désolé

-----------------------------[ Lop S&D 2.0.5 ]---------------------------

[ Microsoft Windows XP [version 5.1.2600] [ OS : Windows_NT ]

[ USER: DIDIE!!! ] [ "C:\Program Files\Lop SD" ]

[ 18/01/2008 | 23:46:24,31 ] [ SNCH50200269 ]


-------------[ Listing des dossiers dans Application Data ]------------

[18/01/2008|13:10] C:\DOCUME~1\ALLUSE~1\APPLIC~1\soft ref platform bind
[18/01/2008|13:10] C:\DOCUME~1\ALLUSE~1\APPLIC~1\..
[18/01/2008|13:10] C:\DOCUME~1\ALLUSE~1\APPLIC~1\.
[29/11/2007|21:23] C:\DOCUME~1\ALLUSE~1\APPLIC~1\QTSBandwidthCache
[04/11/2007|20:23] C:\DOCUME~1\ALLUSE~1\APPLIC~1\hpzinstall.log
[04/11/2007|19:04] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Google
[04/11/2007|18:28] C:\DOCUME~1\ALLUSE~1\APPLIC~1\NCH Swift Sound
[04/11/2007|15:44] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft
[10/07/2007|12:15] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Messenger Plus!
[30/04/2007|10:11] C:\DOCUME~1\ALLUSE~1\APPLIC~1\avg7
[11/11/2006|14:04] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple Computer
[27/09/2006|13:10] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe
[17/07/2006|16:02] C:\DOCUME~1\ALLUSE~1\APPLIC~1\MSN6
[17/07/2006|15:10] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Spybot - Search & Destroy
[17/07/2006|15:06] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Grisoft
[06/07/2006|09:40] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Genuine Advantage
[05/07/2006|10:43] C:\DOCUME~1\ALLUSE~1\APPLIC~1\SBSI
[05/07/2006|10:28] C:\DOCUME~1\ALLUSE~1\APPLIC~1\desktop.ini

[05/07/2006|11:02] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Adobe
[05/07/2006|11:02] C:\DOCUME~1\DEFAUL~1\APPLIC~1\InterTrust
[05/07/2006|10:40] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Identities
[05/07/2006|10:28] C:\DOCUME~1\DEFAUL~1\APPLIC~1\desktop.ini
[05/07/2006|10:28] C:\DOCUME~1\DEFAUL~1\APPLIC~1\..
[05/07/2006|10:28] C:\DOCUME~1\DEFAUL~1\APPLIC~1\.
[05/07/2006|10:27] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft

[12/01/2008|18:21] C:\DOCUME~1\DIDIE!!!\APPLIC~1\AVG7
[10/01/2008|20:20] C:\DOCUME~1\DIDIE!!!\APPLIC~1\..
[10/01/2008|20:20] C:\DOCUME~1\DIDIE!!!\APPLIC~1\Bolt 64 team
[10/01/2008|20:20] C:\DOCUME~1\DIDIE!!!\APPLIC~1\.
[03/01/2008|17:06] C:\DOCUME~1\DIDIE!!!\APPLIC~1\Microsoft
[01/01/2008|22:16] C:\DOCUME~1\DIDIE!!!\APPLIC~1\Real
[26/12/2007|20:39] C:\DOCUME~1\DIDIE!!!\APPLIC~1\Yahoo!
[10/11/2007|17:19] C:\DOCUME~1\DIDIE!!!\APPLIC~1\dvdcss
[04/11/2007|20:47] C:\DOCUME~1\DIDIE!!!\APPLIC~1\Vso
[04/11/2007|20:47] C:\DOCUME~1\DIDIE!!!\APPLIC~1\pcouffin.log
[04/11/2007|20:47] C:\DOCUME~1\DIDIE!!!\APPLIC~1\inst.exe
[04/11/2007|20:47] C:\DOCUME~1\DIDIE!!!\APPLIC~1\pcouffin.cat
[04/11/2007|20:47] C:\DOCUME~1\DIDIE!!!\APPLIC~1\pcouffin.sys
[04/11/2007|20:47] C:\DOCUME~1\DIDIE!!!\APPLIC~1\pcouffin.inf
[04/11/2007|20:44] C:\DOCUME~1\DIDIE!!!\APPLIC~1\CopyToDvd
[16/07/2007|21:11] C:\DOCUME~1\DIDIE!!!\APPLIC~1\Lavasoft
[08/06/2007|19:30] C:\DOCUME~1\DIDIE!!!\APPLIC~1\Sun
[17/05/2007|18:14] C:\DOCUME~1\DIDIE!!!\APPLIC~1\Google
[24/11/2006|20:50] C:\DOCUME~1\DIDIE!!!\APPLIC~1\Apple Computer
[11/10/2006|17:50] C:\DOCUME~1\DIDIE!!!\APPLIC~1\Macromedia
[28/09/2006|18:58] C:\DOCUME~1\DIDIE!!!\APPLIC~1\Dossier de t‚l‚chargement Share-to-Web
[28/09/2006|18:22] C:\DOCUME~1\DIDIE!!!\APPLIC~1\Leadertech
[27/09/2006|13:08] C:\DOCUME~1\DIDIE!!!\APPLIC~1\Adobe
[27/09/2006|13:08] C:\DOCUME~1\DIDIE!!!\APPLIC~1\AdobeUM
[15/09/2006|19:56] C:\DOCUME~1\DIDIE!!!\APPLIC~1\Help
[14/08/2006|15:02] C:\DOCUME~1\DIDIE!!!\APPLIC~1\MSN6
[23/07/2006|14:01] C:\DOCUME~1\DIDIE!!!\APPLIC~1\Hewlett-Packard
[21/07/2006|16:10] C:\DOCUME~1\DIDIE!!!\APPLIC~1\vlc
[19/07/2006|16:54] C:\DOCUME~1\DIDIE!!!\APPLIC~1\Dossier de t‚l‚chargement Share-to-Web
[19/07/2006|12:26] C:\DOCUME~1\DIDIE!!!\APPLIC~1\Microsoft Web Folders
[05/07/2006|11:02] C:\DOCUME~1\DIDIE!!!\APPLIC~1\InterTrust
[05/07/2006|10:40] C:\DOCUME~1\DIDIE!!!\APPLIC~1\Identities
[05/07/2006|10:28] C:\DOCUME~1\DIDIE!!!\APPLIC~1\desktop.ini

[01/11/2007|17:01] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft
[03/09/2007|17:41] C:\DOCUME~1\LOCALS~1\APPLIC~1\AVG7
[16/10/2006|16:47] C:\DOCUME~1\LOCALS~1\APPLIC~1\Help
[16/10/2006|16:47] C:\DOCUME~1\LOCALS~1\APPLIC~1\..
[16/10/2006|16:47] C:\DOCUME~1\LOCALS~1\APPLIC~1\.

[18/01/2008|13:10] C:\DOCUME~1\mailler\APPLIC~1\Bolt 64 team
[05/01/2008|17:13] C:\DOCUME~1\mailler\APPLIC~1\AVG7
[22/12/2007|15:13] C:\DOCUME~1\mailler\APPLIC~1\..
[22/12/2007|15:13] C:\DOCUME~1\mailler\APPLIC~1\.
[10/06/2007|12:27] C:\DOCUME~1\mailler\APPLIC~1\AdobeUM
[25/05/2007|11:08] C:\DOCUME~1\mailler\APPLIC~1\Macromedia
[20/05/2007|20:43] C:\DOCUME~1\mailler\APPLIC~1\Google
[17/05/2007|17:00] C:\DOCUME~1\mailler\APPLIC~1\Sun
[14/10/2006|20:04] C:\DOCUME~1\mailler\APPLIC~1\Microsoft
[25/07/2006|16:34] C:\DOCUME~1\mailler\APPLIC~1\MSN6
[19/07/2006|13:48] C:\DOCUME~1\mailler\APPLIC~1\Microsoft Web Folders
[17/07/2006|15:02] C:\DOCUME~1\mailler\APPLIC~1\Lavasoft
[17/07/2006|13:22] C:\DOCUME~1\mailler\APPLIC~1\Dossier de t‚l‚chargement Share-to-Web
[10/07/2006|11:02] C:\DOCUME~1\mailler\APPLIC~1\Dossier de t‚l‚chargement Share-to-Web
[05/07/2006|11:02] C:\DOCUME~1\mailler\APPLIC~1\Adobe
[05/07/2006|11:02] C:\DOCUME~1\mailler\APPLIC~1\InterTrust
[05/07/2006|10:40] C:\DOCUME~1\mailler\APPLIC~1\Identities
[05/07/2006|10:28] C:\DOCUME~1\mailler\APPLIC~1\desktop.ini

[30/12/2007|14:36] C:\DOCUME~1\MAILLE~1\APPLIC~1\Yahoo!
[30/12/2007|14:36] C:\DOCUME~1\MAILLE~1\APPLIC~1\..
[30/12/2007|14:36] C:\DOCUME~1\MAILLE~1\APPLIC~1\.
[27/12/2007|16:03] C:\DOCUME~1\MAILLE~1\APPLIC~1\Bolt 64 team
[05/11/2007|13:01] C:\DOCUME~1\MAILLE~1\APPLIC~1\Help
[02/07/2007|14:40] C:\DOCUME~1\MAILLE~1\APPLIC~1\Google
[02/03/2007|17:52] C:\DOCUME~1\MAILLE~1\APPLIC~1\Microsoft
[17/10/2006|15:07] C:\DOCUME~1\MAILLE~1\APPLIC~1\AdobeUM
[17/10/2006|15:06] C:\DOCUME~1\MAILLE~1\APPLIC~1\Macromedia
[01/10/2006|13:27] C:\DOCUME~1\MAILLE~1\APPLIC~1\Dossier de t‚l‚chargement Share-to-Web
[22/07/2006|19:33] C:\DOCUME~1\MAILLE~1\APPLIC~1\Dossier de t‚l‚chargement Share-to-Web
[17/07/2006|15:44] C:\DOCUME~1\MAILLE~1\APPLIC~1\AVG7
[05/07/2006|11:02] C:\DOCUME~1\MAILLE~1\APPLIC~1\Adobe
[05/07/2006|11:02] C:\DOCUME~1\MAILLE~1\APPLIC~1\InterTrust
[05/07/2006|10:40] C:\DOCUME~1\MAILLE~1\APPLIC~1\Identities
[05/07/2006|10:28] C:\DOCUME~1\MAILLE~1\APPLIC~1\desktop.ini

[02/03/2007|17:52] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft
[05/07/2006|10:39] C:\DOCUME~1\NETWOR~1\APPLIC~1\..
[05/07/2006|10:39] C:\DOCUME~1\NETWOR~1\APPLIC~1\.

[02/03/2007|17:52] C:\DOCUME~1\PROPRI~1\APPLIC~1\Microsoft
[05/07/2006|11:02] C:\DOCUME~1\PROPRI~1\APPLIC~1\Adobe
[05/07/2006|11:02] C:\DOCUME~1\PROPRI~1\APPLIC~1\InterTrust
[05/07/2006|10:40] C:\DOCUME~1\PROPRI~1\APPLIC~1\Identities
[05/07/2006|10:28] C:\DOCUME~1\PROPRI~1\APPLIC~1\desktop.ini
[05/07/2006|10:28] C:\DOCUME~1\PROPRI~1\APPLIC~1\..
[05/07/2006|10:28] C:\DOCUME~1\PROPRI~1\APPLIC~1\.

----------------[ Tâches planifiées dans C:\WINDOWS\tasks ]---------------

[18/01/2008 23:00][--ah-----] C:\WINDOWS\tasks\A36FB3CB91883197.job
[11/11/2006 14:03][--a------] C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[18/01/2008 20:00][--a------] C:\WINDOWS\tasks\HPpromotions journeysoftware.job
[11/01/2008 12:05][--a------] C:\WINDOWS\tasks\WebReg 20060710120535.job
[05/07/2006 13:03][--a------] C:\WINDOWS\tasks\Rappel d'enregistrement 2.job
[18/01/2008 15:21][--ah-----] C:\WINDOWS\tasks\SA.DAT
[28/08/2001 11:00][-r-h-----] C:\WINDOWS\tasks\desktop.ini

---------------[ Listing des dossiers dans C:\Program Files ]--------------

[18/01/2008|23:46] C:\Program Files\Lop SD
[18/01/2008|15:32] C:\Program Files\eMule
[18/01/2008|13:10] C:\Program Files\..
[18/01/2008|13:10] C:\Program Files\.
[18/01/2008|13:10] C:\Program Files\Bolt 64 team
[12/01/2008|14:50] C:\Program Files\Navilog1
[11/01/2008|20:35] C:\Program Files\Trend Micro
[11/01/2008|12:54] C:\Program Files\InstallShield Installation Information
[11/01/2008|00:00] C:\Program Files\Free Easy Burner
[01/01/2008|22:16] C:\Program Files\Fichiers communs
[01/01/2008|21:39] C:\Program Files\Real
[30/12/2007|15:48] C:\Program Files\Yahoo!
[21/12/2007|21:33] C:\Program Files\Messenger Plus! Live
[21/12/2007|21:33] C:\Program Files\MSN Messenger
[18/12/2007|22:55] C:\Program Files\Internet Explorer
[10/11/2007|17:46] C:\Program Files\Spybot - Search & Destroy
[05/11/2007|11:47] C:\Program Files\Google
[04/11/2007|20:21] C:\Program Files\CDRWIN
[04/11/2007|19:03] C:\Program Files\DivX
[04/11/2007|19:02] C:\Program Files\Adobe
[02/11/2007|22:46] C:\Program Files\Prassi PrimoDVD 2.0 (French)
[02/11/2007|17:13] C:\Program Files\Hewlett-Packard
[06/10/2007|19:24] C:\Program Files\Disc2Phone
[22/06/2007|17:36] C:\Program Files\Windows Live
[13/06/2007|12:15] C:\Program Files\Outlook Express
[02/03/2007|17:54] C:\Program Files\Grisoft
[02/12/2006|12:37] C:\Program Files\EHMINSTALL
[16/11/2006|18:25] C:\Program Files\MSXML 4.0
[11/11/2006|14:06] C:\Program Files\QuickTime
[11/11/2006|14:03] C:\Program Files\Apple Software Update
[14/10/2006|15:31] C:\Program Files\HP
[21/07/2006|15:51] C:\Program Files\VideoLAN
[19/07/2006|19:52] C:\Program Files\Windows Media Player
[19/07/2006|13:50] C:\Program Files\Microsoft Visual Studio
[19/07/2006|13:47] C:\Program Files\microsoft frontpage
[17/07/2006|15:02] C:\Program Files\Lavasoft
[17/07/2006|14:25] C:\Program Files\Utilitaire de gestion du LAN Wifi IEEE 802.11g
[17/07/2006|14:23] C:\Program Files\Kit ADSL
[17/07/2006|13:49] C:\Program Files\USB Driver-Express
[10/07/2006|11:17] C:\Program Files\Friendly Technologies
[06/07/2006|11:48] C:\Program Files\Windows Media Connect 2
[06/07/2006|10:48] C:\Program Files\Messenger
[06/07/2006|08:41] C:\Program Files\Movie Maker
[06/07/2006|08:37] C:\Program Files\NetMeeting
[06/07/2006|08:36] C:\Program Files\Windows NT
[06/07/2006|07:09] C:\Program Files\INSTALL.LOG
[06/07/2006|06:59] C:\Program Files\WindowsUpdate
[05/07/2006|13:05] C:\Program Files\Softwin
[05/07/2006|11:01] C:\Program Files\SBApps
[05/07/2006|11:01] C:\Program Files\Microsoft Money
[05/07/2006|11:00] C:\Program Files\DesignPro 2000
[05/07/2006|11:00] C:\Program Files\HandyBits
[05/07/2006|10:58] C:\Program Files\Microsoft Office
[05/07/2006|10:53] C:\Program Files\Audioneer
[05/07/2006|10:50] C:\Program Files\BackWeb
[05/07/2006|10:41] C:\Program Files\MouseWare
[05/07/2006|10:40] C:\Program Files\Uninstall Information
[05/07/2006|10:36] C:\Program Files\xerox
[05/07/2006|10:33] C:\Program Files\ComPlus Applications
[05/07/2006|10:32] C:\Program Files\Services en ligne
[05/07/2006|10:32] C:\Program Files\MSN Gaming Zone
[05/07/2006|10:32] C:\Program Files\MSN

------[ Listing des dossiers dans C:\Program Files\Fichiers communs ]------

[01/01/2008|22:17] C:\Program Files\Fichiers communs\Real
[01/01/2008|22:16] C:\Program Files\Fichiers communs\..
[01/01/2008|22:16] C:\Program Files\Fichiers communs\.
[04/11/2007|19:02] C:\Program Files\Fichiers communs\Adobe
[04/11/2007|15:44] C:\Program Files\Fichiers communs\Microsoft Shared
[06/10/2007|19:23] C:\Program Files\Fichiers communs\InstallShield
[13/06/2007|12:15] C:\Program Files\Fichiers communs\System
[14/10/2006|15:35] C:\Program Files\Fichiers communs\HP
[19/07/2006|13:35] C:\Program Files\Fichiers communs\Designer
[17/07/2006|18:47] C:\Program Files\Fichiers communs\Teknum Systems
[10/07/2006|13:08] C:\Program Files\Fichiers communs\FTL Shared
[10/07/2006|11:00] C:\Program Files\Fichiers communs\Hewlett-Packard
[05/07/2006|13:06] C:\Program Files\Fichiers communs\Softwin
[05/07/2006|10:41] C:\Program Files\Fichiers communs\Logitech
[05/07/2006|10:33] C:\Program Files\Fichiers communs\Services
[05/07/2006|10:33] C:\Program Files\Fichiers communs\MSSoap
[05/07/2006|10:28] C:\Program Files\Fichiers communs\ODBC
[05/07/2006|10:28] C:\Program Files\Fichiers communs\SpeechEngines

----------------------[ Recherche avec S_Lop ]---------------------

Aucun fichier / dossier Lop trouvé !

-----------------[ Recherche de Fichiers / Dossiers Lop ]-----------------

C:\WINDOWS\Tasks\A36FB3CB91883197.job

----------------------[ Verification du Registre ]----------------------

..... OK !

--------------------[ Verification du fichier Hosts ]---------------------

Fichier Hosts MODIFIE

127.0.0.1 drivecleaner.com ## added by CiD
127.0.0.1 dynamique.drivecleaner.com ## added by CiD
127.0.0.1 errorprotector.com ## added by CiD
127.0.0.1 errorsafe.com ## added by CiD
127.0.0.1 es.winantivirus.com ## added by CiD
127.0.0.1 fr.winantivirus.com ## added by CiD
127.0.0.1 fr.winfixer.com ## added by CiD
127.0.0.1 go.drivecleaner.com ## added by CiD
127.0.0.1 go.errorsafe.com ## added by CiD
127.0.0.1 go.winantispyware.com ## added by CiD
127.0.0.1 go.winantivirus.com ## added by CiD
127.0.0.1 hk.winantivirus.com ## added by CiD
127.0.0.1 instlog.errorsafe.com ## added by CiD
127.0.0.1 instlog.winantivirus.com ## added by CiD
127.0.0.1 instlog.winfixer.com ## added by CiD
127.0.0.1 jsp.drivecleaner.com ## added by CiD
127.0.0.1 kb.errorsafe.com ## added by CiD
127.0.0.1 kb.winantivirus.com ## added by CiD
127.0.0.1 nl.errorsafe.com ## added by CiD
127.0.0.1 se.errorsafe.com ## added by CiD
127.0.0.1 secure.drivecleaner.com ## added by CiD
127.0.0.1 secure.errorsafe.com ## added by CiD
127.0.0.1 secure.winantispam.com ## added by CiD
127.0.0.1 secure.winantispy.com ## added by CiD
127.0.0.1 secure.winantivirus.com ## added by CiD
127.0.0.1 support.winantivirus.com ## added by CiD
127.0.0.1 trial.updates.winsoftware.com ## added by CiD
127.0.0.1 ulog.winantivirus.com ## added by CiD
127.0.0.1 utils.errorsafe.com ## added by CiD
127.0.0.1 utils.winantivirus.com ## added by CiD
127.0.0.1 utils.winfixer.com ## added by CiD
127.0.0.1 winantispyware.com ## added by CiD
127.0.0.1 winantivirus.com ## added by CiD
127.0.0.1 winfixer.com ## added by CiD
127.0.0.1 winfixer2006.com ## added by CiD
127.0.0.1 winsoftware.com ## added by CiD
127.0.0.1 www.drivecleaner.com ## added by CiD
127.0.0.1 www.errorprotector.com ## added by CiD
127.0.0.1 www.errorsafe.com ## added by CiD
127.0.0.1 www.systemdoctor.com ## added by CiD
127.0.0.1 www.utils.winfixer.com ## added by CiD
127.0.0.1 www.win-anti-virus-pro.com ## added by CiD
127.0.0.1 www.win-virus-pro.com ## added by CiD
127.0.0.1 www.winantispam.com ## added by CiD
127.0.0.1 www.winantispy.com ## added by CiD
127.0.0.1 www.winantispyware.com ## added by CiD
127.0.0.1 www.winantivirus.com ## added by CiD
127.0.0.1 www.winantiviruspro.com ## added by CiD
127.0.0.1 www.windrivecleaner.com ## added by CiD
127.0.0.1 www.windrivesafe.com ## added by CiD
127.0.0.1 www.winfixer.com ## added by CiD
127.0.0.1 www.winfixer2006.com ## added by CiD
127.0.0.1 www.winsoftware.com ## added by CiD

----------------[ Recherche de fichiers avec Catchme ]-----------------

catchme 0.3.1262 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-01-18 23:51:30
Windows 5.1.2600 Service Pack 2 NTFS
scanning hidden files ...
scan completed successfully
hidden files: 0

--------------------[ Recherche d'autres infections ]---------------------

Aucune autre infection trouvée !

/!\ [Fich:2210][Doss:48] C:\DOCUME~1\DIDIE!!!\LOCALS~1\Temp
/!\ [Fich:5633][Doss:12] C:\DOCUME~1\DIDIE!!!\LOCALS~1\TEMPOR~1\content.IE5

--------------------[ Fin du rapport a 23:53:04,57 ]----------------------

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 23:59:13, on 18/01/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
C:\PROGRA~1\Grisoft\AVG7\avgemc.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\wscntfy.exe
C:\PROGRA~1\Grisoft\AVG7\avgcc.exe
C:\Program Files\Softwin\BitDefender9\bdnagent.exe
C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb12.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\MSN Messenger\MsnMsgr.Exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Documents and Settings\DIDIE!!!\Bureau\eMule\emule.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\HP\Digital Imaging\bin\hpqgalry.exe
C:\WINDOWS\system32\winlogon.exe
C:\apps\ActivSurf\4448364\Program\backweb-4448364.exe
C:\Program Files\MSN Messenger\usnsvc.exe
C:\Program Files\MSN Messenger\livecall.exe
C:\Program Files\Lavasoft\Ad-Aware SE Personal\Ad-Aware.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\WINDOWS\explorer.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe


--
End of file - 1632 bytes

re
je pense que le rapport hijackthis n'est pas complet
(je suis sûr même   )

Relance Lop S&D

Choisis cette fois ci l'Option 2 ( Suppression )

Ne ferme pas la fenêtre lors de la suppression !

Poste le rapport généré ( C:\lopR.txt )

( Si le Bureau ne réapparît pas presse Ctrl + Alt + Suppr , Onglet Fichier , Nouvelle tâche , tape explorer.exe et valide )


~Télécharge OTMoveIt (d'OldTimer). Sauvegarde-le sur ton Bureau.

~Lance Hijackthis “Do a system scan only”.
Coche les lignes qui suivent si encore présentes et uniquement celles-là.

O4 - HKLM\..\Run: [platform bind axis time] C:\Documents and Settings\All Users\Application Data\soft ref platform bind\Meta Mode.exe
O4 - HKUS\S-1-5-21-1715567821-796845957-725345543-1004\..\Run: [Oncebeep] C:\DOCUME~1\mailler\APPLIC~1\BOLT64~1\FLAW MPEG.exe (User 'mailler')

Clique sur Fix checked (en bas à gauche)


Sélectionne TOUS les emplacements en gras ci-dessous :

C:\Documents and Settings\All Users\Application Data\soft ref platform bind
C:\DOCUME~1\mailler\APPLIC~1\Bolt 64 team
C:\WINDOWS\tasks\A36FB3CB91883197.job
C:\Program Files\Bolt 64 team

---> Clique-droit puis Copier (ou Ctrl+C)

Double-clique sur OTMoveIt.exe afin de le lancer.
Fais un Clique-droit sur le cadre de gauche puis choisis Coller (ou Ctrl+V).
Clique maintenant sur MoveIt![/#f]

[#ff0e00]Si un fichier ou dossier ne peut pas être supprimé immédiatement, le logiciel te demandera de redémarrer.
Accepte en cliquant sur YES.

Poste le rapport situé dans ce dossier : C:\_OTMoveIt\MovedFiles\
Le nom du rapport correspond au moment de sa création : date_heure.log

->Informations sur le logiciel<-

-----------------------------[ Lop S&D 2.0.5 ]---------------------------

[ Microsoft Windows XP [version 5.1.2600] [ OS : Windows_NT ]

[ USER: DIDIE!!! ] [ "C:\Program Files\Lop SD" ]

[ 19/01/2008 | 0:40:51,15 ] [ SNCH50200269 ]

\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\ SUPPRESSION /////////////////////////////

Supprimé! - C:\WINDOWS\Tasks\A36FB3CB91883197.job
Restauré! - Fichier Hosts

//////////////////////////////////////-\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\


-------------[ Listing des dossiers dans Application Data ]------------

[18/01/2008|13:10] C:\DOCUME~1\ALLUSE~1\APPLIC~1\soft ref platform bind
[18/01/2008|13:10] C:\DOCUME~1\ALLUSE~1\APPLIC~1\..
[18/01/2008|13:10] C:\DOCUME~1\ALLUSE~1\APPLIC~1\.
[29/11/2007|21:23] C:\DOCUME~1\ALLUSE~1\APPLIC~1\QTSBandwidthCache
[04/11/2007|20:23] C:\DOCUME~1\ALLUSE~1\APPLIC~1\hpzinstall.log
[04/11/2007|19:04] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Google
[04/11/2007|18:28] C:\DOCUME~1\ALLUSE~1\APPLIC~1\NCH Swift Sound
[04/11/2007|15:44] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft
[10/07/2007|12:15] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Messenger Plus!
[30/04/2007|10:11] C:\DOCUME~1\ALLUSE~1\APPLIC~1\avg7
[11/11/2006|14:04] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple Computer
[27/09/2006|13:10] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe
[17/07/2006|16:02] C:\DOCUME~1\ALLUSE~1\APPLIC~1\MSN6
[17/07/2006|15:10] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Spybot - Search & Destroy
[17/07/2006|15:06] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Grisoft
[06/07/2006|09:40] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Genuine Advantage
[05/07/2006|10:43] C:\DOCUME~1\ALLUSE~1\APPLIC~1\SBSI
[05/07/2006|10:28] C:\DOCUME~1\ALLUSE~1\APPLIC~1\desktop.ini

[05/07/2006|11:02] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Adobe
[05/07/2006|11:02] C:\DOCUME~1\DEFAUL~1\APPLIC~1\InterTrust
[05/07/2006|10:40] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Identities
[05/07/2006|10:28] C:\DOCUME~1\DEFAUL~1\APPLIC~1\desktop.ini
[05/07/2006|10:28] C:\DOCUME~1\DEFAUL~1\APPLIC~1\..
[05/07/2006|10:28] C:\DOCUME~1\DEFAUL~1\APPLIC~1\.
[05/07/2006|10:27] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft

[12/01/2008|18:21] C:\DOCUME~1\DIDIE!!!\APPLIC~1\AVG7
[10/01/2008|20:20] C:\DOCUME~1\DIDIE!!!\APPLIC~1\..
[10/01/2008|20:20] C:\DOCUME~1\DIDIE!!!\APPLIC~1\Bolt 64 team
[10/01/2008|20:20] C:\DOCUME~1\DIDIE!!!\APPLIC~1\.
[03/01/2008|17:06] C:\DOCUME~1\DIDIE!!!\APPLIC~1\Microsoft
[01/01/2008|22:16] C:\DOCUME~1\DIDIE!!!\APPLIC~1\Real
[26/12/2007|20:39] C:\DOCUME~1\DIDIE!!!\APPLIC~1\Yahoo!
[10/11/2007|17:19] C:\DOCUME~1\DIDIE!!!\APPLIC~1\dvdcss
[04/11/2007|20:47] C:\DOCUME~1\DIDIE!!!\APPLIC~1\Vso
[04/11/2007|20:47] C:\DOCUME~1\DIDIE!!!\APPLIC~1\pcouffin.log
[04/11/2007|20:47] C:\DOCUME~1\DIDIE!!!\APPLIC~1\inst.exe
[04/11/2007|20:47] C:\DOCUME~1\DIDIE!!!\APPLIC~1\pcouffin.cat
[04/11/2007|20:47] C:\DOCUME~1\DIDIE!!!\APPLIC~1\pcouffin.sys
[04/11/2007|20:47] C:\DOCUME~1\DIDIE!!!\APPLIC~1\pcouffin.inf
[04/11/2007|20:44] C:\DOCUME~1\DIDIE!!!\APPLIC~1\CopyToDvd
[16/07/2007|21:11] C:\DOCUME~1\DIDIE!!!\APPLIC~1\Lavasoft
[08/06/2007|19:30] C:\DOCUME~1\DIDIE!!!\APPLIC~1\Sun
[17/05/2007|18:14] C:\DOCUME~1\DIDIE!!!\APPLIC~1\Google
[24/11/2006|20:50] C:\DOCUME~1\DIDIE!!!\APPLIC~1\Apple Computer
[11/10/2006|17:50] C:\DOCUME~1\DIDIE!!!\APPLIC~1\Macromedia
[28/09/2006|18:58] C:\DOCUME~1\DIDIE!!!\APPLIC~1\Dossier de t‚l‚chargement Share-to-Web
[28/09/2006|18:22] C:\DOCUME~1\DIDIE!!!\APPLIC~1\Leadertech
[27/09/2006|13:08] C:\DOCUME~1\DIDIE!!!\APPLIC~1\Adobe
[27/09/2006|13:08] C:\DOCUME~1\DIDIE!!!\APPLIC~1\AdobeUM
[15/09/2006|19:56] C:\DOCUME~1\DIDIE!!!\APPLIC~1\Help
[14/08/2006|15:02] C:\DOCUME~1\DIDIE!!!\APPLIC~1\MSN6
[23/07/2006|14:01] C:\DOCUME~1\DIDIE!!!\APPLIC~1\Hewlett-Packard
[21/07/2006|16:10] C:\DOCUME~1\DIDIE!!!\APPLIC~1\vlc
[19/07/2006|16:54] C:\DOCUME~1\DIDIE!!!\APPLIC~1\Dossier de t‚l‚chargement Share-to-Web
[19/07/2006|12:26] C:\DOCUME~1\DIDIE!!!\APPLIC~1\Microsoft Web Folders
[05/07/2006|11:02] C:\DOCUME~1\DIDIE!!!\APPLIC~1\InterTrust
[05/07/2006|10:40] C:\DOCUME~1\DIDIE!!!\APPLIC~1\Identities
[05/07/2006|10:28] C:\DOCUME~1\DIDIE!!!\APPLIC~1\desktop.ini

[01/11/2007|17:01] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft
[03/09/2007|17:41] C:\DOCUME~1\LOCALS~1\APPLIC~1\AVG7
[16/10/2006|16:47] C:\DOCUME~1\LOCALS~1\APPLIC~1\Help
[16/10/2006|16:47] C:\DOCUME~1\LOCALS~1\APPLIC~1\..
[16/10/2006|16:47] C:\DOCUME~1\LOCALS~1\APPLIC~1\.

[18/01/2008|13:10] C:\DOCUME~1\mailler\APPLIC~1\Bolt 64 team
[05/01/2008|17:13] C:\DOCUME~1\mailler\APPLIC~1\AVG7
[22/12/2007|15:13] C:\DOCUME~1\mailler\APPLIC~1\..
[22/12/2007|15:13] C:\DOCUME~1\mailler\APPLIC~1\.
[10/06/2007|12:27] C:\DOCUME~1\mailler\APPLIC~1\AdobeUM
[25/05/2007|11:08] C:\DOCUME~1\mailler\APPLIC~1\Macromedia
[20/05/2007|20:43] C:\DOCUME~1\mailler\APPLIC~1\Google
[17/05/2007|17:00] C:\DOCUME~1\mailler\APPLIC~1\Sun
[14/10/2006|20:04] C:\DOCUME~1\mailler\APPLIC~1\Microsoft
[25/07/2006|16:34] C:\DOCUME~1\mailler\APPLIC~1\MSN6
[19/07/2006|13:48] C:\DOCUME~1\mailler\APPLIC~1\Microsoft Web Folders
[17/07/2006|15:02] C:\DOCUME~1\mailler\APPLIC~1\Lavasoft
[17/07/2006|13:22] C:\DOCUME~1\mailler\APPLIC~1\Dossier de t‚l‚chargement Share-to-Web
[10/07/2006|11:02] C:\DOCUME~1\mailler\APPLIC~1\Dossier de t‚l‚chargement Share-to-Web
[05/07/2006|11:02] C:\DOCUME~1\mailler\APPLIC~1\Adobe
[05/07/2006|11:02] C:\DOCUME~1\mailler\APPLIC~1\InterTrust
[05/07/2006|10:40] C:\DOCUME~1\mailler\APPLIC~1\Identities
[05/07/2006|10:28] C:\DOCUME~1\mailler\APPLIC~1\desktop.ini

[30/12/2007|14:36] C:\DOCUME~1\MAILLE~1\APPLIC~1\Yahoo!
[30/12/2007|14:36] C:\DOCUME~1\MAILLE~1\APPLIC~1\..
[30/12/2007|14:36] C:\DOCUME~1\MAILLE~1\APPLIC~1\.
[27/12/2007|16:03] C:\DOCUME~1\MAILLE~1\APPLIC~1\Bolt 64 team
[05/11/2007|13:01] C:\DOCUME~1\MAILLE~1\APPLIC~1\Help
[02/07/2007|14:40] C:\DOCUME~1\MAILLE~1\APPLIC~1\Google
[02/03/2007|17:52] C:\DOCUME~1\MAILLE~1\APPLIC~1\Microsoft
[17/10/2006|15:07] C:\DOCUME~1\MAILLE~1\APPLIC~1\AdobeUM
[17/10/2006|15:06] C:\DOCUME~1\MAILLE~1\APPLIC~1\Macromedia
[01/10/2006|13:27] C:\DOCUME~1\MAILLE~1\APPLIC~1\Dossier de t‚l‚chargement Share-to-Web
[22/07/2006|19:33] C:\DOCUME~1\MAILLE~1\APPLIC~1\Dossier de t‚l‚chargement Share-to-Web
[17/07/2006|15:44] C:\DOCUME~1\MAILLE~1\APPLIC~1\AVG7
[05/07/2006|11:02] C:\DOCUME~1\MAILLE~1\APPLIC~1\Adobe
[05/07/2006|11:02] C:\DOCUME~1\MAILLE~1\APPLIC~1\InterTrust
[05/07/2006|10:40] C:\DOCUME~1\MAILLE~1\APPLIC~1\Identities
[05/07/2006|10:28] C:\DOCUME~1\MAILLE~1\APPLIC~1\desktop.ini

[02/03/2007|17:52] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft
[05/07/2006|10:39] C:\DOCUME~1\NETWOR~1\APPLIC~1\..
[05/07/2006|10:39] C:\DOCUME~1\NETWOR~1\APPLIC~1\.

[02/03/2007|17:52] C:\DOCUME~1\PROPRI~1\APPLIC~1\Microsoft
[05/07/2006|11:02] C:\DOCUME~1\PROPRI~1\APPLIC~1\Adobe
[05/07/2006|11:02] C:\DOCUME~1\PROPRI~1\APPLIC~1\InterTrust
[05/07/2006|10:40] C:\DOCUME~1\PROPRI~1\APPLIC~1\Identities
[05/07/2006|10:28] C:\DOCUME~1\PROPRI~1\APPLIC~1\desktop.ini
[05/07/2006|10:28] C:\DOCUME~1\PROPRI~1\APPLIC~1\..
[05/07/2006|10:28] C:\DOCUME~1\PROPRI~1\APPLIC~1\.

----------------[ Tâches planifiées dans C:\WINDOWS\tasks ]---------------

[11/11/2006 14:03][--a------] C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[19/01/2008 00:00][--a------] C:\WINDOWS\tasks\HPpromotions journeysoftware.job
[11/01/2008 12:05][--a------] C:\WINDOWS\tasks\WebReg 20060710120535.job
[05/07/2006 13:03][--a------] C:\WINDOWS\tasks\Rappel d'enregistrement 2.job
[18/01/2008 15:21][--ah-----] C:\WINDOWS\tasks\SA.DAT
[28/08/2001 11:00][-r-h-----] C:\WINDOWS\tasks\desktop.ini

---------------[ Listing des dossiers dans C:\Program Files ]--------------

[19/01/2008|00:41] C:\Program Files\Lop SD
[18/01/2008|15:32] C:\Program Files\eMule
[18/01/2008|13:10] C:\Program Files\..
[18/01/2008|13:10] C:\Program Files\.
[18/01/2008|13:10] C:\Program Files\Bolt 64 team
[12/01/2008|14:50] C:\Program Files\Navilog1
[11/01/2008|20:35] C:\Program Files\Trend Micro
[11/01/2008|12:54] C:\Program Files\InstallShield Installation Information
[11/01/2008|00:00] C:\Program Files\Free Easy Burner
[01/01/2008|22:16] C:\Program Files\Fichiers communs
[01/01/2008|21:39] C:\Program Files\Real
[30/12/2007|15:48] C:\Program Files\Yahoo!
[21/12/2007|21:33] C:\Program Files\Messenger Plus! Live
[21/12/2007|21:33] C:\Program Files\MSN Messenger
[18/12/2007|22:55] C:\Program Files\Internet Explorer
[10/11/2007|17:46] C:\Program Files\Spybot - Search & Destroy
[05/11/2007|11:47] C:\Program Files\Google
[04/11/2007|20:21] C:\Program Files\CDRWIN
[04/11/2007|19:03] C:\Program Files\DivX
[04/11/2007|19:02] C:\Program Files\Adobe
[02/11/2007|22:46] C:\Program Files\Prassi PrimoDVD 2.0 (French)
[02/11/2007|17:13] C:\Program Files\Hewlett-Packard
[06/10/2007|19:24] C:\Program Files\Disc2Phone
[22/06/2007|17:36] C:\Program Files\Windows Live
[13/06/2007|12:15] C:\Program Files\Outlook Express
[02/03/2007|17:54] C:\Program Files\Grisoft
[02/12/2006|12:37] C:\Program Files\EHMINSTALL
[16/11/2006|18:25] C:\Program Files\MSXML 4.0
[11/11/2006|14:06] C:\Program Files\QuickTime
[11/11/2006|14:03] C:\Program Files\Apple Software Update
[14/10/2006|15:31] C:\Program Files\HP
[21/07/2006|15:51] C:\Program Files\VideoLAN
[19/07/2006|19:52] C:\Program Files\Windows Media Player
[19/07/2006|13:50] C:\Program Files\Microsoft Visual Studio
[19/07/2006|13:47] C:\Program Files\microsoft frontpage
[17/07/2006|15:02] C:\Program Files\Lavasoft
[17/07/2006|14:25] C:\Program Files\Utilitaire de gestion du LAN Wifi IEEE 802.11g
[17/07/2006|14:23] C:\Program Files\Kit ADSL
[17/07/2006|13:49] C:\Program Files\USB Driver-Express
[10/07/2006|11:17] C:\Program Files\Friendly Technologies
[06/07/2006|11:48] C:\Program Files\Windows Media Connect 2
[06/07/2006|10:48] C:\Program Files\Messenger
[06/07/2006|08:41] C:\Program Files\Movie Maker
[06/07/2006|08:37] C:\Program Files\NetMeeting
[06/07/2006|08:36] C:\Program Files\Windows NT
[06/07/2006|07:09] C:\Program Files\INSTALL.LOG
[06/07/2006|06:59] C:\Program Files\WindowsUpdate
[05/07/2006|13:05] C:\Program Files\Softwin
[05/07/2006|11:01] C:\Program Files\SBApps
[05/07/2006|11:01] C:\Program Files\Microsoft Money
[05/07/2006|11:00] C:\Program Files\DesignPro 2000
[05/07/2006|11:00] C:\Program Files\HandyBits
[05/07/2006|10:58] C:\Program Files\Microsoft Office
[05/07/2006|10:53] C:\Program Files\Audioneer
[05/07/2006|10:50] C:\Program Files\BackWeb
[05/07/2006|10:41] C:\Program Files\MouseWare
[05/07/2006|10:40] C:\Program Files\Uninstall Information
[05/07/2006|10:36] C:\Program Files\xerox
[05/07/2006|10:33] C:\Program Files\ComPlus Applications
[05/07/2006|10:32] C:\Program Files\Services en ligne
[05/07/2006|10:32] C:\Program Files\MSN Gaming Zone
[05/07/2006|10:32] C:\Program Files\MSN

------[ Listing des dossiers dans C:\Program Files\Fichiers communs ]------

[01/01/2008|22:17] C:\Program Files\Fichiers communs\Real
[01/01/2008|22:16] C:\Program Files\Fichiers communs\..
[01/01/2008|22:16] C:\Program Files\Fichiers communs\.
[04/11/2007|19:02] C:\Program Files\Fichiers communs\Adobe
[04/11/2007|15:44] C:\Program Files\Fichiers communs\Microsoft Shared
[06/10/2007|19:23] C:\Program Files\Fichiers communs\InstallShield
[13/06/2007|12:15] C:\Program Files\Fichiers communs\System
[14/10/2006|15:35] C:\Program Files\Fichiers communs\HP
[19/07/2006|13:35] C:\Program Files\Fichiers communs\Designer
[17/07/2006|18:47] C:\Program Files\Fichiers communs\Teknum Systems
[10/07/2006|13:08] C:\Program Files\Fichiers communs\FTL Shared
[10/07/2006|11:00] C:\Program Files\Fichiers communs\Hewlett-Packard
[05/07/2006|13:06] C:\Program Files\Fichiers communs\Softwin
[05/07/2006|10:41] C:\Program Files\Fichiers communs\Logitech
[05/07/2006|10:33] C:\Program Files\Fichiers communs\Services
[05/07/2006|10:33] C:\Program Files\Fichiers communs\MSSoap
[05/07/2006|10:28] C:\Program Files\Fichiers communs\ODBC
[05/07/2006|10:28] C:\Program Files\Fichiers communs\SpeechEngines

----------------------[ Recherche avec S_Lop ]---------------------

Aucun fichier / dossier Lop trouvé !

-----------------[ Recherche de Fichiers / Dossiers Lop ]-----------------

Aucun fichier / dossier Lop trouvé !

----------------------[ Verification du Registre ]----------------------

..... OK !

--------------------[ Verification du fichier Hosts ]---------------------

Fichier Hosts PROPRE


----------------[ Recherche de fichiers avec Catchme ]-----------------

catchme 0.3.1262 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-01-19 00:46:25
Windows 5.1.2600 Service Pack 2 NTFS
scanning hidden files ...
scan completed successfully
hidden files: 0

--------------------[ Recherche d'autres infections ]---------------------

Aucune autre infection trouvée !

/!\ [Fich:2207][Doss:49] C:\DOCUME~1\DIDIE!!!\LOCALS~1\Temp
/!\ [Fich:4142][Doss:12] C:\DOCUME~1\DIDIE!!!\LOCALS~1\TEMPOR~1\content.IE5

--------------------[ Fin du rapport a 0:51:49,79 ]----------------------

et voici les infos du cadre de droite de hotmovelt

C:\Documents and Settings\All Users\Application Data\soft ref platform bind moved successfully.
C:\DOCUME~1\mailler\APPLIC~1\Bolt 64 team moved successfully.
File/Folder C:\WINDOWS\tasks\A36FB3CB91883197.job not found.
C:\Program Files\Bolt 64 team moved successfully.

Created on 01/19/2008 01:05:56

encore merci de ton aide
cid est-il éradiqué?

je pense  

reposte un log hijackthis (pour demain)

bonne nuit
 

bonjour
je n'ai plus de pubs cid dc je pense que s'est bon
voici qd même le rapport hijacks
je te remercie de ton aide, tu as été très efficace bravo!

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 11:38:12, on 19/01/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
C:\PROGRA~1\Grisoft\AVG7\avgemc.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\PROGRA~1\Grisoft\AVG7\avgcc.exe
C:\Program Files\Softwin\BitDefender9\bdnagent.exe
C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb12.exe
C:\apps\ActivSurf\4448364\Program\backweb-4448364.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\Program Files\QuickTime\qttask.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\MSN Messenger\MsnMsgr.Exe
C:\Documents and Settings\DIDIE!!!\Bureau\eMule\emule.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
C:\Program Files\HP\Digital Imaging\bin\hpqgalry.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://fr.rd.yahoo.com/customize/ycomp/defaults/sb/*http://fr.yahoo.com/search/ie.html
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://fr.rd.yahoo.com/customize/ycomp/defaults/sp/*http://fr.yahoo.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://fr.yahoo.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.yahoo.com
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://fr.rd.yahoo.com/customize/ycomp/defaults/su/*http://fr.yahoo.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer fourni par Planetis
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVG7\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [BDNewsAgent] "C:\Program Files\Softwin\BitDefender9\bdnagent.exe"
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb12.exe
O4 - HKLM\..\Run: [ActivSurf] C:\apps\ActivSurf\4448364\Program\backweb-4448364.exe
O4 - HKLM\..\Run: [HP Software Update] "C:\Program Files\HP\HP Software Update\HPWuSchd2.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKCU\..\Run: [MoneyAgent] "C:\Program Files\Microsoft Money\System\Money Express.exe"
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [Update Service] "C:\Program Files\Fichiers communs\Teknum Systems\update.exe" /startup
O4 - HKCU\..\Run: [eMuleAutoStart] C:\Documents and Settings\DIDIE!!!\Bureau\eMule\emule.exe -AutoStart
O4 - HKUS\S-1-5-19\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'Default user')
O4 - Global Startup: Démarrage rapide du logiciel HP Image Zone.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx1.mail.live.com/mail/w1/resources/MSNPUpld.ca...
O16 - DPF: {C45B1500-7B63-47C2-AB25-C28CB46AFDEE} (MediaBar) - http://sib1.od2.com/common/musicmanager/installation/Mu...
O17 - HKLM\System\CCS\Services\Tcpip\..\{8F1BDEB9-9A11-427D-B782-0ED69826A0DF}: NameServer = 84.103.237.146 86.64.145.146
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgemc.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe

--
End of file - 5385 bytes

bonjour
Supprime tous les programmes installés pour la désinfection.


Merci de consulter ce dossier (en pdf) pour en connaître davantage sur les risques du Net.



Si tu trouves ce document intéressant, n'hésite pas à le transmettre à tes contacts.

~Edite ton premier message (en cliquant sur la gomme) et marque [résolu] dans le titre.

 

merci de ton aide encore une fois et longue vie aux Helpers.
salut

bon surf