Popups CID + un autre petit problème [Résolu]

Salut,

Télécharge Lop S&D.exe ( d’ Eric 71 & Angeldark ) sur ton bureau. ~>Tuto<~

Double-clique dessus pour lancer l'installation

Puis double-clique sur le raccourci Lop S&D présent sur ton bureau

Séléctionne la langue souhaitée , puis choisis l'Option 1 ( Recherche )

Patiente jusqu'à la fin du scan

Poste le rapport généré ( C:\lopR.txt )
(Si le Bureau ne réapparait pas presse Ctrl + Alt + Suppr , Onglet Fichier , Nouvelle tâche , tape explorer.exe et valide)

Et voilà!


-----------------------[ Lop S&D 4.0.9 XP/Vista ]----------------------

[ Windows XP (NT 5.1) Build 2600, Service Pack 2 ]
[ USER : Louis Legrain ] [ "C:\Lop SD" ]
[ lun. 24/03/2008 | 13:12:53,32 ] [ PC : CHINTARO ]
[ MAJ : 21-03-2008 | 01:20 ]

-------------[ Listing des dossiers dans Application Data ]------------

[14/03/2008|12:52] C:\DOCUME~1\ALLUSE~1\APPLIC~1\.
[14/03/2008|12:52] C:\DOCUME~1\ALLUSE~1\APPLIC~1\..
[10/03/2008|17:26] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe
[05/03/2008|19:06] C:\DOCUME~1\ALLUSE~1\APPLIC~1\ALM
[08/03/2008|23:19] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple
[09/03/2008|15:56] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple Computer
[01/03/2008|00:17] C:\DOCUME~1\ALLUSE~1\APPLIC~1\ATI
[14/03/2008|18:21] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Autodesk
[05/03/2008|20:01] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Azureus
[05/03/2008|21:02] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Corel
[29/02/2008|23:31] C:\DOCUME~1\ALLUSE~1\APPLIC~1\desktop.ini
[06/03/2008|00:44] C:\DOCUME~1\ALLUSE~1\APPLIC~1\discreet
[18/03/2008|18:24] C:\DOCUME~1\ALLUSE~1\APPLIC~1\DVD Shrink
[01/03/2008|22:38] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Extensis
[05/03/2008|01:25] C:\DOCUME~1\ALLUSE~1\APPLIC~1\FLEXnet
[01/03/2008|00:03] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Installations
[24/03/2008|12:59] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Kaspersky Lab
[01/03/2008|18:37] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Logishrd
[01/03/2008|18:37] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Logitech
[04/03/2008|20:35] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Messenger Plus!
[05/03/2008|20:54] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft
[14/03/2008|20:22] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft Help
[01/03/2008|00:17] C:\DOCUME~1\ALLUSE~1\APPLIC~1\PC Suite
[01/03/2008|14:18] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Readme Live Axis Tons
[06/03/2008|02:28] C:\DOCUME~1\ALLUSE~1\APPLIC~1\River Past G5
[12/03/2008|15:59] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Sony
[03/03/2008|20:25] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Spybot - Search & Destroy
[12/03/2008|16:29] C:\DOCUME~1\ALLUSE~1\APPLIC~1\TEMP
[01/03/2008|20:40] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Genuine Advantage
[01/03/2008|15:11] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WLInstaller

[29/02/2008|23:31] C:\DOCUME~1\DEFAUL~1\APPLIC~1\.
[29/02/2008|23:31] C:\DOCUME~1\DEFAUL~1\APPLIC~1\..
[29/02/2008|23:31] C:\DOCUME~1\DEFAUL~1\APPLIC~1\desktop.ini
[29/02/2008|22:45] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft

[15/03/2008|13:41] C:\DOCUME~1\LOCALS~1\APPLIC~1\.
[15/03/2008|13:41] C:\DOCUME~1\LOCALS~1\APPLIC~1\..
[15/03/2008|01:37] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft
[22/03/2008|04:17] C:\DOCUME~1\LOCALS~1\APPLIC~1\WTablet

[22/03/2008|20:20] C:\DOCUME~1\LOUISL~1\APPLIC~1\.
[22/03/2008|20:20] C:\DOCUME~1\LOUISL~1\APPLIC~1\..
[23/03/2008|01:54] C:\DOCUME~1\LOUISL~1\APPLIC~1\Adobe
[01/03/2008|01:10] C:\DOCUME~1\LOUISL~1\APPLIC~1\ALLCapture
[05/03/2008|00:24] C:\DOCUME~1\LOUISL~1\APPLIC~1\Ambient Design
[08/03/2008|23:44] C:\DOCUME~1\LOUISL~1\APPLIC~1\Apple Computer
[01/03/2008|00:17] C:\DOCUME~1\LOUISL~1\APPLIC~1\ATI
[14/03/2008|18:25] C:\DOCUME~1\LOUISL~1\APPLIC~1\Autodesk
[14/03/2008|12:46] C:\DOCUME~1\LOUISL~1\APPLIC~1\Azureus
[11/03/2008|20:25] C:\DOCUME~1\LOUISL~1\APPLIC~1\combustion4
[15/03/2008|04:23] C:\DOCUME~1\LOUISL~1\APPLIC~1\CopyToDvd
[05/03/2008|21:05] C:\DOCUME~1\LOUISL~1\APPLIC~1\Corel
[05/03/2008|01:44] C:\DOCUME~1\LOUISL~1\APPLIC~1\DAEMON Tools
[29/02/2008|23:55] C:\DOCUME~1\LOUISL~1\APPLIC~1\Datalayer
[29/02/2008|23:31] C:\DOCUME~1\LOUISL~1\APPLIC~1\desktop.ini
[02/03/2008|01:40] C:\DOCUME~1\LOUISL~1\APPLIC~1\Desktopicon
[10/03/2008|17:12] C:\DOCUME~1\LOUISL~1\APPLIC~1\DivX
[15/03/2008|16:21] C:\DOCUME~1\LOUISL~1\APPLIC~1\dvdcss
[01/03/2008|01:05] C:\DOCUME~1\LOUISL~1\APPLIC~1\Extensis
[06/03/2008|00:58] C:\DOCUME~1\LOUISL~1\APPLIC~1\GOTO Software
[01/03/2008|16:15] C:\DOCUME~1\LOUISL~1\APPLIC~1\Help
[29/02/2008|22:54] C:\DOCUME~1\LOUISL~1\APPLIC~1\Identities
[05/03/2008|19:59] C:\DOCUME~1\LOUISL~1\APPLIC~1\inst.exe
[29/02/2008|23:29] C:\DOCUME~1\LOUISL~1\APPLIC~1\InstallShield
[01/03/2008|14:18] C:\DOCUME~1\LOUISL~1\APPLIC~1\LOAD VGA BEND
[29/02/2008|23:40] C:\DOCUME~1\LOUISL~1\APPLIC~1\Macromedia
[15/03/2008|17:06] C:\DOCUME~1\LOUISL~1\APPLIC~1\Microsoft
[29/02/2008|23:00] C:\DOCUME~1\LOUISL~1\APPLIC~1\Mozilla
[01/03/2008|00:11] C:\DOCUME~1\LOUISL~1\APPLIC~1\Nokia
[05/03/2008|01:05] C:\DOCUME~1\LOUISL~1\APPLIC~1\Notepad++
[01/03/2008|00:37] C:\DOCUME~1\LOUISL~1\APPLIC~1\PC Suite
[05/03/2008|19:59] C:\DOCUME~1\LOUISL~1\APPLIC~1\pcouffin.cat
[05/03/2008|19:59] C:\DOCUME~1\LOUISL~1\APPLIC~1\pcouffin.inf
[05/03/2008|19:59] C:\DOCUME~1\LOUISL~1\APPLIC~1\pcouffin.log
[05/03/2008|19:59] C:\DOCUME~1\LOUISL~1\APPLIC~1\pcouffin.sys
[12/03/2008|15:54] C:\DOCUME~1\LOUISL~1\APPLIC~1\Publish Providers
[11/03/2008|21:31] C:\DOCUME~1\LOUISL~1\APPLIC~1\Real
[06/03/2008|02:26] C:\DOCUME~1\LOUISL~1\APPLIC~1\River Past G5
[12/03/2008|16:00] C:\DOCUME~1\LOUISL~1\APPLIC~1\Sony
[18/03/2008|20:17] C:\DOCUME~1\LOUISL~1\APPLIC~1\Sun
[23/03/2008|22:49] C:\DOCUME~1\LOUISL~1\APPLIC~1\Tor
[23/03/2008|22:49] C:\DOCUME~1\LOUISL~1\APPLIC~1\Vidalia
[02/03/2008|02:39] C:\DOCUME~1\LOUISL~1\APPLIC~1\vlc
[18/03/2008|21:21] C:\DOCUME~1\LOUISL~1\APPLIC~1\Vso
[01/03/2008|00:26] C:\DOCUME~1\LOUISL~1\APPLIC~1\Winamp
[01/03/2008|22:46] C:\DOCUME~1\LOUISL~1\APPLIC~1\WinRAR
[24/03/2008|12:59] C:\DOCUME~1\LOUISL~1\APPLIC~1\WTablet

[29/02/2008|22:48] C:\DOCUME~1\NETWOR~1\APPLIC~1\.
[29/02/2008|22:48] C:\DOCUME~1\NETWOR~1\APPLIC~1\..
[29/02/2008|22:45] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft

----------------[ Tâches planifiées dans C:\WINDOWS\tasks ]---------------

[20/03/2008 14:15][--a------] C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[24/03/2008 13:00][--ah-----] C:\WINDOWS\tasks\A9C54582919EFF32.job
[24/03/2008 12:58][--ah-----] C:\WINDOWS\tasks\SA.DAT
[05/08/2004 13:00][-r-h-----] C:\WINDOWS\tasks\desktop.ini

---------------[ Listing des dossiers dans C:\Program Files ]--------------

[22/03/2008|22:37] C:\Program Files\.
[22/03/2008|22:37] C:\Program Files\..
[09/03/2008|15:41] C:\Program Files\Adobe
[01/03/2008|01:08] C:\Program Files\Adobe fontfolio 10
[01/03/2008|01:10] C:\Program Files\ALLCapture 2.0 Essai
[05/03/2008|00:21] C:\Program Files\Ambient Design
[08/03/2008|14:41] C:\Program Files\Ant Renamer
[08/03/2008|23:19] C:\Program Files\Apple Software Update
[12/03/2008|15:15] C:\Program Files\ASIO4ALL v2
[01/03/2008|00:14] C:\Program Files\ATI Technologies
[14/03/2008|18:24] C:\Program Files\Autodesk
[07/03/2008|18:36] C:\Program Files\Azureus
[06/03/2008|00:43] C:\Program Files\backburner 2
[05/03/2008|03:53] C:\Program Files\Bonjour
[17/03/2008|00:39] C:\Program Files\Chaos Group
[03/03/2008|23:34] C:\Program Files\Collectorz.com
[29/02/2008|22:42] C:\Program Files\ComPlus Applications
[05/03/2008|21:02] C:\Program Files\Corel
[05/03/2008|19:48] C:\Program Files\Curious Labs
[03/03/2008|21:50] C:\Program Files\CursorXP
[05/03/2008|01:46] C:\Program Files\DAEMON Tools Lite
[17/03/2008|00:42] C:\Program Files\DCPFLICS
[29/02/2008|23:29] C:\Program Files\DIFX
[06/03/2008|00:42] C:\Program Files\discreet
[05/03/2008|20:03] C:\Program Files\DivX
[08/03/2008|14:41] C:\Program Files\DVD Decrypter
[08/03/2008|13:42] C:\Program Files\DVD Shrink
[02/03/2008|18:20] C:\Program Files\Easy cleaner
[21/03/2008|11:41] C:\Program Files\eMule
[11/03/2008|21:04] C:\Program Files\Eurobarre
[01/03/2008|01:04] C:\Program Files\Extensis
[17/03/2008|00:39] C:\Program Files\Fichiers communs
[12/03/2008|16:28] C:\Program Files\FRAPS
[06/03/2008|00:35] C:\Program Files\Goto software
[12/03/2008|15:24] C:\Program Files\Image-Line
[17/03/2008|00:42] C:\Program Files\InstallShield Installation Information
[16/03/2008|15:18] C:\Program Files\Internet Explorer
[05/03/2008|19:43] C:\Program Files\Java
[01/03/2008|15:22] C:\Program Files\Kaspersky Lab
[01/03/2008|18:37] C:\Program Files\Logitech
[01/03/2008|00:23] C:\Program Files\Messenger
[17/03/2008|14:48] C:\Program Files\Messenger Plus! Live
[02/03/2008|03:04] C:\Program Files\Microsoft CAPICOM 2.1.0.2
[29/02/2008|22:46] C:\Program Files\microsoft frontpage
[14/03/2008|13:02] C:\Program Files\Microsoft Office
[14/03/2008|18:17] C:\Program Files\Microsoft SQL Server
[01/03/2008|00:59] C:\Program Files\Microsoft Visual Studio
[01/03/2008|00:57] C:\Program Files\Microsoft Visual Studio 8
[01/03/2008|01:00] C:\Program Files\Microsoft Works
[14/03/2008|18:15] C:\Program Files\Microsoft WSE
[01/03/2008|00:59] C:\Program Files\Microsoft.NET
[19/03/2008|02:58] C:\Program Files\Movie Maker
[24/03/2008|13:10] C:\Program Files\Mozilla Firefox
[16/03/2008|15:34] C:\Program Files\MSBuild
[29/02/2008|22:40] C:\Program Files\MSN
[29/02/2008|22:41] C:\Program Files\MSN Gaming Zone
[02/03/2008|03:01] C:\Program Files\MSXML 4.0
[15/03/2008|04:26] C:\Program Files\MSXML 6.0
[12/03/2008|15:07] C:\Program Files\Native Instruments
[29/02/2008|22:43] C:\Program Files\NetMeeting
[06/03/2008|00:53] C:\Program Files\Next Limit
[06/03/2008|00:55] C:\Program Files\Nicolas MERLET
[01/03/2008|00:11] C:\Program Files\Nokia
[05/03/2008|01:04] C:\Program Files\Notepad++
[29/02/2008|22:41] C:\Program Files\Online Services
[01/03/2008|22:10] C:\Program Files\Ontrack
[11/03/2008|21:09] C:\Program Files\OO Software
[01/03/2008|19:00] C:\Program Files\Outlook Express
[05/03/2008|19:58] C:\Program Files\PacificPoker4
[01/03/2008|00:10] C:\Program Files\PC Connectivity Solution
[01/03/2008|15:50] C:\Program Files\PicLensIE
[05/03/2008|19:52] C:\Program Files\Pixologic
[05/03/2008|01:53] C:\Program Files\PowerISO
[09/03/2008|13:47] C:\Program Files\QuickTime
[03/03/2008|20:35] C:\Program Files\Rainlendar2
[29/02/2008|23:29] C:\Program Files\Razer
[11/03/2008|21:22] C:\Program Files\Real
[01/03/2008|01:56] C:\Program Files\Realtek
[16/03/2008|15:34] C:\Program Files\Reference Assemblies
[02/03/2008|01:46] C:\Program Files\Runtime Software
[29/02/2008|22:44] C:\Program Files\Services en ligne
[12/03/2008|15:56] C:\Program Files\Sony
[12/03/2008|15:54] C:\Program Files\Sony Setup
[03/03/2008|20:21] C:\Program Files\Spybot - Search & Destroy
[23/03/2008|23:04] C:\Program Files\Steam
[13/03/2008|11:35] C:\Program Files\Super_DVD_Creator_9.5
[29/02/2008|23:37] C:\Program Files\Tablet
[12/03/2008|16:01] C:\Program Files\Uninstall Information
[03/03/2008|23:26] C:\Program Files\Unlocker
[29/02/2008|23:49] C:\Program Files\VID_0E8F&PID_1006
[22/03/2008|22:37] C:\Program Files\Vidalia Bundle
[11/03/2008|21:49] C:\Program Files\Video Convert Master
[02/03/2008|01:45] C:\Program Files\VideoLAN
[05/03/2008|19:59] C:\Program Files\VSO
[12/03/2008|15:41] C:\Program Files\VstPlugins
[01/03/2008|00:25] C:\Program Files\Winamp
[01/03/2008|15:14] C:\Program Files\Windows Live
[01/03/2008|20:49] C:\Program Files\Windows Media Connect 2
[01/03/2008|20:49] C:\Program Files\Windows Media Player
[29/02/2008|23:25] C:\Program Files\Windows NT
[29/02/2008|22:44] C:\Program Files\WindowsUpdate
[13/03/2008|11:29] C:\Program Files\WinRAR
[29/02/2008|22:46] C:\Program Files\xerox
[06/03/2008|02:33] C:\Program Files\Xilisoft

------[ Listing des dossiers dans C:\Program Files\Fichiers communs ]------

[17/03/2008|00:39] C:\Program Files\Fichiers communs\.
[17/03/2008|00:39] C:\Program Files\Fichiers communs\..
[06/03/2008|00:20] C:\Program Files\Fichiers communs\Adobe
[14/03/2008|18:24] C:\Program Files\Fichiers communs\Autodesk
[14/03/2008|18:20] C:\Program Files\Fichiers communs\Autodesk Shared
[09/03/2008|13:19] C:\Program Files\Fichiers communs\Blizzard Entertainment
[17/03/2008|00:39] C:\Program Files\Fichiers communs\ChaosGroup
[01/03/2008|00:59] C:\Program Files\Fichiers communs\DESIGNER
[29/02/2008|23:03] C:\Program Files\Fichiers communs\InstallShield
[05/03/2008|19:41] C:\Program Files\Fichiers communs\Java
[01/03/2008|18:40] C:\Program Files\Fichiers communs\LogiShrd
[05/03/2008|01:25] C:\Program Files\Fichiers communs\Macrovision Shared
[12/03/2008|15:41] C:\Program Files\Fichiers communs\Microsoft Shared
[29/02/2008|22:43] C:\Program Files\Fichiers communs\MSSoap
[01/03/2008|00:11] C:\Program Files\Fichiers communs\Nokia
[29/02/2008|23:31] C:\Program Files\Fichiers communs\ODBC
[01/03/2008|00:11] C:\Program Files\Fichiers communs\PCSuite
[11/03/2008|21:22] C:\Program Files\Fichiers communs\Real
[29/02/2008|22:43] C:\Program Files\Fichiers communs\Services
[29/02/2008|23:31] C:\Program Files\Fichiers communs\SpeechEngines
[01/03/2008|00:57] C:\Program Files\Fichiers communs\System
[01/03/2008|14:01] C:\Program Files\Fichiers communs\WindowsLiveInstaller
[11/03/2008|21:23] C:\Program Files\Fichiers communs\xing shared

----------------------[ Recherche avec S_Lop ]---------------------

Aucun fichier / dossier Lop trouvé !

-----------------[ Recherche de Fichiers / Dossiers Lop ]-----------------

C:\DOCUME~1\ALLUSE~1\APPLIC~1\Readme Live Axis Tons
C:\DOCUME~1\ALLUSE~1\APPLIC~1\Readme Live Axis Tons\comp download.exe
C:\WINDOWS\Tasks\A9C54582919EFF32.job

----------------------[ Verification du Registre ]----------------------

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

..... OK !

--------------------[ Verification du fichier Hosts ]---------------------

Fichier Hosts MODIFIE

127.0.0.1 bin.errorprotector.com ## added by CiD
127.0.0.1 br.errorsafe.com ## added by CiD
127.0.0.1 br.winantivirus.com ## added by CiD
127.0.0.1 br.winfixer.com ## added by CiD
127.0.0.1 cdn.drivecleaner.com ## added by CiD
127.0.0.1 cdn.errorsafe.com ## added by CiD
127.0.0.1 cdn.winsoftware.com ## added by CiD
127.0.0.1 de.errorsafe.com ## added by CiD
127.0.0.1 de.winantivirus.com ## added by CiD
127.0.0.1 download.cdn.drivecleaner.com ## added by CiD
127.0.0.1 download.cdn.errorsafe.com ## added by CiD
127.0.0.1 download.cdn.winsoftware.com ## added by CiD
127.0.0.1 download.errorsafe.com ## added by CiD
127.0.0.1 download.systemdoctor.com ## added by CiD
127.0.0.1 download.winantispyware.com ## added by CiD
127.0.0.1 download.windrivecleaner.com ## added by CiD
127.0.0.1 download.winfixer.com ## added by CiD
127.0.0.1 drivecleaner.com ## added by CiD
127.0.0.1 dynamique.drivecleaner.com ## added by CiD
127.0.0.1 errorprotector.com ## added by CiD
127.0.0.1 errorsafe.com ## added by CiD
127.0.0.1 es.winantivirus.com ## added by CiD
127.0.0.1 fr.winantivirus.com ## added by CiD
127.0.0.1 fr.winfixer.com ## added by CiD
127.0.0.1 go.drivecleaner.com ## added by CiD
127.0.0.1 go.errorsafe.com ## added by CiD
127.0.0.1 go.winantispyware.com ## added by CiD
127.0.0.1 go.winantivirus.com ## added by CiD
127.0.0.1 hk.winantivirus.com ## added by CiD
127.0.0.1 instlog.errorsafe.com ## added by CiD
127.0.0.1 instlog.winantivirus.com ## added by CiD
127.0.0.1 instlog.winfixer.com ## added by CiD
127.0.0.1 jsp.drivecleaner.com ## added by CiD
127.0.0.1 kb.errorsafe.com ## added by CiD
127.0.0.1 kb.winantivirus.com ## added by CiD
127.0.0.1 nl.errorsafe.com ## added by CiD
127.0.0.1 se.errorsafe.com ## added by CiD
127.0.0.1 secure.drivecleaner.com ## added by CiD
127.0.0.1 secure.errorsafe.com ## added by CiD
127.0.0.1 secure.winantispam.com ## added by CiD
127.0.0.1 secure.winantispy.com ## added by CiD
127.0.0.1 secure.winantivirus.com ## added by CiD
127.0.0.1 support.winantivirus.com ## added by CiD
127.0.0.1 trial.updates.winsoftware.com ## added by CiD
127.0.0.1 ulog.winantivirus.com ## added by CiD
127.0.0.1 utils.errorsafe.com ## added by CiD
127.0.0.1 utils.winantivirus.com ## added by CiD
127.0.0.1 utils.winfixer.com ## added by CiD
127.0.0.1 winantispyware.com ## added by CiD
127.0.0.1 winantivirus.com ## added by CiD
127.0.0.1 winfixer.com ## added by CiD
127.0.0.1 winfixer2006.com ## added by CiD
127.0.0.1 winsoftware.com ## added by CiD
127.0.0.1 www.drivecleaner.com ## added by CiD
127.0.0.1 www.errorprotector.com ## added by CiD
127.0.0.1 www.errorsafe.com ## added by CiD
127.0.0.1 www.systemdoctor.com ## added by CiD
127.0.0.1 www.utils.winfixer.com ## added by CiD
127.0.0.1 www.win-anti-virus-pro.com ## added by CiD
127.0.0.1 www.win-virus-pro.com ## added by CiD
127.0.0.1 www.winantispam.com ## added by CiD
127.0.0.1 www.winantispy.com ## added by CiD
127.0.0.1 www.winantispyware.com ## added by CiD
127.0.0.1 www.winantivirus.com ## added by CiD
127.0.0.1 www.winantiviruspro.com ## added by CiD
127.0.0.1 www.windrivecleaner.com ## added by CiD
127.0.0.1 www.windrivesafe.com ## added by CiD
127.0.0.1 www.winfixer.com ## added by CiD
127.0.0.1 www.winfixer2006.com ## added by CiD
127.0.0.1 www.winsoftware.com ## added by CiD

-> 72 ( 70 ## added by CiD )

/!\ 1 Not 127.0.0.1 !!

----------------[ Recherche de fichiers avec Catchme ]-----------------

catchme 0.3.1262 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-03-24 13:14:27
Windows 5.1.2600 Service Pack 2 NTFS
scanning hidden files ...
scan completed successfully
hidden files: 0

--------------------[ Recherche d'autres infections ]---------------------

Aucune autre infection trouvée !

/!\ [Fich:1008][Doss:619] C:\DOCUME~1\LOUISL~1\LOCALS~1\Temp
/!\ [Fich:32][Doss:0] C:\DOCUME~1\LOUISL~1\Cookies
/!\ [Fich:1746][Doss:5] C:\DOCUME~1\LOUISL~1\LOCALS~1\TEMPOR~1\content.IE5

--------------------[ Fin du rapport a 13:14:44,43 ]----------------------

Re,

Relance Lop S&D

Choisis cette fois ci l'Option 2 ( Suppression )

Ne ferme pas la fenêtre lors de la suppression !

Poste le rapport généré ( C:\lopR.txt )

(Si le Bureau ne réapparaît pas presse Ctrl + Alt + Suppr , Onglet Fichier , Nouvelle tâche , tape explorer.exe et valide)

Et voilà!

-----------------------[ Lop S&D 4.1.0-1 XP/Vista ]---------------------

[ Windows XP (NT 5.1) Build 2600, Service Pack 2 ]
[ USER : Louis Legrain ] [ "C:\Lop SD" ]
[ mar. 25/03/2008 | 12:44:32,48 ] [ PC : CHINTARO ]
[ MAJ : 24-03-2008 | 18:42 ]

\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\ SUPPRESSION /////////////////////////////

Supprimé! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\Readme Live Axis Tons\comp download.exe
Supprimé! - C:\WINDOWS\Tasks\A9C54582919EFF32.job
Supprimé! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\Readme Live Axis Tons
Restauré! - Fichier Hosts

//////////////////////////////////////-\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\


-------------[ Listing des dossiers dans Application Data ]------------

[25/03/2008|12:44] C:\DOCUME~1\ALLUSE~1\APPLIC~1\.
[25/03/2008|12:44] C:\DOCUME~1\ALLUSE~1\APPLIC~1\..
[10/03/2008|17:26] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe
[05/03/2008|19:06] C:\DOCUME~1\ALLUSE~1\APPLIC~1\ALM
[08/03/2008|23:19] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple
[09/03/2008|15:56] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple Computer
[01/03/2008|00:17] C:\DOCUME~1\ALLUSE~1\APPLIC~1\ATI
[14/03/2008|18:21] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Autodesk
[05/03/2008|20:01] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Azureus
[05/03/2008|21:02] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Corel
[29/02/2008|23:31] C:\DOCUME~1\ALLUSE~1\APPLIC~1\desktop.ini
[06/03/2008|00:44] C:\DOCUME~1\ALLUSE~1\APPLIC~1\discreet
[18/03/2008|18:24] C:\DOCUME~1\ALLUSE~1\APPLIC~1\DVD Shrink
[01/03/2008|22:38] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Extensis
[05/03/2008|01:25] C:\DOCUME~1\ALLUSE~1\APPLIC~1\FLEXnet
[01/03/2008|00:03] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Installations
[25/03/2008|12:19] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Kaspersky Lab
[01/03/2008|18:37] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Logishrd
[01/03/2008|18:37] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Logitech
[04/03/2008|20:35] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Messenger Plus!
[05/03/2008|20:54] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft
[14/03/2008|20:22] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft Help
[01/03/2008|00:17] C:\DOCUME~1\ALLUSE~1\APPLIC~1\PC Suite
[06/03/2008|02:28] C:\DOCUME~1\ALLUSE~1\APPLIC~1\River Past G5
[12/03/2008|15:59] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Sony
[03/03/2008|20:25] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Spybot - Search & Destroy
[12/03/2008|16:29] C:\DOCUME~1\ALLUSE~1\APPLIC~1\TEMP
[01/03/2008|20:40] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Genuine Advantage
[01/03/2008|15:11] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WLInstaller

[29/02/2008|23:31] C:\DOCUME~1\DEFAUL~1\APPLIC~1\.
[29/02/2008|23:31] C:\DOCUME~1\DEFAUL~1\APPLIC~1\..
[29/02/2008|23:31] C:\DOCUME~1\DEFAUL~1\APPLIC~1\desktop.ini
[29/02/2008|22:45] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft

[15/03/2008|13:41] C:\DOCUME~1\LOCALS~1\APPLIC~1\.
[15/03/2008|13:41] C:\DOCUME~1\LOCALS~1\APPLIC~1\..
[15/03/2008|01:37] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft
[25/03/2008|12:17] C:\DOCUME~1\LOCALS~1\APPLIC~1\WTablet

[22/03/2008|20:20] C:\DOCUME~1\LOUISL~1\APPLIC~1\.
[22/03/2008|20:20] C:\DOCUME~1\LOUISL~1\APPLIC~1\..
[23/03/2008|01:54] C:\DOCUME~1\LOUISL~1\APPLIC~1\Adobe
[01/03/2008|01:10] C:\DOCUME~1\LOUISL~1\APPLIC~1\ALLCapture
[05/03/2008|00:24] C:\DOCUME~1\LOUISL~1\APPLIC~1\Ambient Design
[08/03/2008|23:44] C:\DOCUME~1\LOUISL~1\APPLIC~1\Apple Computer
[01/03/2008|00:17] C:\DOCUME~1\LOUISL~1\APPLIC~1\ATI
[14/03/2008|18:25] C:\DOCUME~1\LOUISL~1\APPLIC~1\Autodesk
[14/03/2008|12:46] C:\DOCUME~1\LOUISL~1\APPLIC~1\Azureus
[11/03/2008|20:25] C:\DOCUME~1\LOUISL~1\APPLIC~1\combustion4
[15/03/2008|04:23] C:\DOCUME~1\LOUISL~1\APPLIC~1\CopyToDvd
[05/03/2008|21:05] C:\DOCUME~1\LOUISL~1\APPLIC~1\Corel
[05/03/2008|01:44] C:\DOCUME~1\LOUISL~1\APPLIC~1\DAEMON Tools
[29/02/2008|23:55] C:\DOCUME~1\LOUISL~1\APPLIC~1\Datalayer
[29/02/2008|23:31] C:\DOCUME~1\LOUISL~1\APPLIC~1\desktop.ini
[02/03/2008|01:40] C:\DOCUME~1\LOUISL~1\APPLIC~1\Desktopicon
[10/03/2008|17:12] C:\DOCUME~1\LOUISL~1\APPLIC~1\DivX
[15/03/2008|16:21] C:\DOCUME~1\LOUISL~1\APPLIC~1\dvdcss
[01/03/2008|01:05] C:\DOCUME~1\LOUISL~1\APPLIC~1\Extensis
[06/03/2008|00:58] C:\DOCUME~1\LOUISL~1\APPLIC~1\GOTO Software
[01/03/2008|16:15] C:\DOCUME~1\LOUISL~1\APPLIC~1\Help
[29/02/2008|22:54] C:\DOCUME~1\LOUISL~1\APPLIC~1\Identities
[05/03/2008|19:59] C:\DOCUME~1\LOUISL~1\APPLIC~1\inst.exe
[29/02/2008|23:29] C:\DOCUME~1\LOUISL~1\APPLIC~1\InstallShield
[01/03/2008|14:18] C:\DOCUME~1\LOUISL~1\APPLIC~1\LOAD VGA BEND
[29/02/2008|23:40] C:\DOCUME~1\LOUISL~1\APPLIC~1\Macromedia
[15/03/2008|17:06] C:\DOCUME~1\LOUISL~1\APPLIC~1\Microsoft
[29/02/2008|23:00] C:\DOCUME~1\LOUISL~1\APPLIC~1\Mozilla
[01/03/2008|00:11] C:\DOCUME~1\LOUISL~1\APPLIC~1\Nokia
[05/03/2008|01:05] C:\DOCUME~1\LOUISL~1\APPLIC~1\Notepad++
[01/03/2008|00:37] C:\DOCUME~1\LOUISL~1\APPLIC~1\PC Suite
[05/03/2008|19:59] C:\DOCUME~1\LOUISL~1\APPLIC~1\pcouffin.cat
[05/03/2008|19:59] C:\DOCUME~1\LOUISL~1\APPLIC~1\pcouffin.inf
[05/03/2008|19:59] C:\DOCUME~1\LOUISL~1\APPLIC~1\pcouffin.log
[05/03/2008|19:59] C:\DOCUME~1\LOUISL~1\APPLIC~1\pcouffin.sys
[12/03/2008|15:54] C:\DOCUME~1\LOUISL~1\APPLIC~1\Publish Providers
[11/03/2008|21:31] C:\DOCUME~1\LOUISL~1\APPLIC~1\Real
[06/03/2008|02:26] C:\DOCUME~1\LOUISL~1\APPLIC~1\River Past G5
[12/03/2008|16:00] C:\DOCUME~1\LOUISL~1\APPLIC~1\Sony
[18/03/2008|20:17] C:\DOCUME~1\LOUISL~1\APPLIC~1\Sun
[24/03/2008|13:49] C:\DOCUME~1\LOUISL~1\APPLIC~1\Tor
[24/03/2008|13:49] C:\DOCUME~1\LOUISL~1\APPLIC~1\Vidalia
[02/03/2008|02:39] C:\DOCUME~1\LOUISL~1\APPLIC~1\vlc
[18/03/2008|21:21] C:\DOCUME~1\LOUISL~1\APPLIC~1\Vso
[01/03/2008|00:26] C:\DOCUME~1\LOUISL~1\APPLIC~1\Winamp
[01/03/2008|22:46] C:\DOCUME~1\LOUISL~1\APPLIC~1\WinRAR
[25/03/2008|12:18] C:\DOCUME~1\LOUISL~1\APPLIC~1\WTablet

[29/02/2008|22:48] C:\DOCUME~1\NETWOR~1\APPLIC~1\.
[29/02/2008|22:48] C:\DOCUME~1\NETWOR~1\APPLIC~1\..
[29/02/2008|22:45] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft

----------------[ Tâches planifiées dans C:\WINDOWS\tasks ]---------------

[20/03/2008 14:15][--a------] C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[25/03/2008 12:17][--ah-----] C:\WINDOWS\tasks\SA.DAT
[05/08/2004 13:00][-r-h-----] C:\WINDOWS\tasks\desktop.ini

---------------[ Listing des dossiers dans C:\Program Files ]--------------

[22/03/2008|22:37] C:\Program Files\.
[22/03/2008|22:37] C:\Program Files\..
[09/03/2008|15:41] C:\Program Files\Adobe
[01/03/2008|01:08] C:\Program Files\Adobe fontfolio 10
[01/03/2008|01:10] C:\Program Files\ALLCapture 2.0 Essai
[05/03/2008|00:21] C:\Program Files\Ambient Design
[08/03/2008|14:41] C:\Program Files\Ant Renamer
[08/03/2008|23:19] C:\Program Files\Apple Software Update
[12/03/2008|15:15] C:\Program Files\ASIO4ALL v2
[01/03/2008|00:14] C:\Program Files\ATI Technologies
[14/03/2008|18:24] C:\Program Files\Autodesk
[07/03/2008|18:36] C:\Program Files\Azureus
[06/03/2008|00:43] C:\Program Files\backburner 2
[05/03/2008|03:53] C:\Program Files\Bonjour
[17/03/2008|00:39] C:\Program Files\Chaos Group
[03/03/2008|23:34] C:\Program Files\Collectorz.com
[29/02/2008|22:42] C:\Program Files\ComPlus Applications
[05/03/2008|21:02] C:\Program Files\Corel
[05/03/2008|19:48] C:\Program Files\Curious Labs
[03/03/2008|21:50] C:\Program Files\CursorXP
[05/03/2008|01:46] C:\Program Files\DAEMON Tools Lite
[17/03/2008|00:42] C:\Program Files\DCPFLICS
[29/02/2008|23:29] C:\Program Files\DIFX
[06/03/2008|00:42] C:\Program Files\discreet
[05/03/2008|20:03] C:\Program Files\DivX
[08/03/2008|14:41] C:\Program Files\DVD Decrypter
[08/03/2008|13:42] C:\Program Files\DVD Shrink
[02/03/2008|18:20] C:\Program Files\Easy cleaner
[21/03/2008|11:41] C:\Program Files\eMule
[11/03/2008|21:04] C:\Program Files\Eurobarre
[01/03/2008|01:04] C:\Program Files\Extensis
[17/03/2008|00:39] C:\Program Files\Fichiers communs
[12/03/2008|16:28] C:\Program Files\FRAPS
[06/03/2008|00:35] C:\Program Files\Goto software
[12/03/2008|15:24] C:\Program Files\Image-Line
[17/03/2008|00:42] C:\Program Files\InstallShield Installation Information
[16/03/2008|15:18] C:\Program Files\Internet Explorer
[05/03/2008|19:43] C:\Program Files\Java
[01/03/2008|15:22] C:\Program Files\Kaspersky Lab
[01/03/2008|18:37] C:\Program Files\Logitech
[01/03/2008|00:23] C:\Program Files\Messenger
[17/03/2008|14:48] C:\Program Files\Messenger Plus! Live
[02/03/2008|03:04] C:\Program Files\Microsoft CAPICOM 2.1.0.2
[29/02/2008|22:46] C:\Program Files\microsoft frontpage
[14/03/2008|13:02] C:\Program Files\Microsoft Office
[14/03/2008|18:17] C:\Program Files\Microsoft SQL Server
[01/03/2008|00:59] C:\Program Files\Microsoft Visual Studio
[01/03/2008|00:57] C:\Program Files\Microsoft Visual Studio 8
[01/03/2008|01:00] C:\Program Files\Microsoft Works
[14/03/2008|18:15] C:\Program Files\Microsoft WSE
[01/03/2008|00:59] C:\Program Files\Microsoft.NET
[19/03/2008|02:58] C:\Program Files\Movie Maker
[25/03/2008|12:23] C:\Program Files\Mozilla Firefox
[16/03/2008|15:34] C:\Program Files\MSBuild
[29/02/2008|22:40] C:\Program Files\MSN
[29/02/2008|22:41] C:\Program Files\MSN Gaming Zone
[02/03/2008|03:01] C:\Program Files\MSXML 4.0
[15/03/2008|04:26] C:\Program Files\MSXML 6.0
[12/03/2008|15:07] C:\Program Files\Native Instruments
[29/02/2008|22:43] C:\Program Files\NetMeeting
[06/03/2008|00:53] C:\Program Files\Next Limit
[06/03/2008|00:55] C:\Program Files\Nicolas MERLET
[01/03/2008|00:11] C:\Program Files\Nokia
[05/03/2008|01:04] C:\Program Files\Notepad++
[29/02/2008|22:41] C:\Program Files\Online Services
[01/03/2008|22:10] C:\Program Files\Ontrack
[11/03/2008|21:09] C:\Program Files\OO Software
[01/03/2008|19:00] C:\Program Files\Outlook Express
[05/03/2008|19:58] C:\Program Files\PacificPoker4
[01/03/2008|00:10] C:\Program Files\PC Connectivity Solution
[01/03/2008|15:50] C:\Program Files\PicLensIE
[05/03/2008|19:52] C:\Program Files\Pixologic
[05/03/2008|01:53] C:\Program Files\PowerISO
[09/03/2008|13:47] C:\Program Files\QuickTime
[03/03/2008|20:35] C:\Program Files\Rainlendar2
[29/02/2008|23:29] C:\Program Files\Razer
[11/03/2008|21:22] C:\Program Files\Real
[01/03/2008|01:56] C:\Program Files\Realtek
[16/03/2008|15:34] C:\Program Files\Reference Assemblies
[02/03/2008|01:46] C:\Program Files\Runtime Software
[29/02/2008|22:44] C:\Program Files\Services en ligne
[12/03/2008|15:56] C:\Program Files\Sony
[12/03/2008|15:54] C:\Program Files\Sony Setup
[03/03/2008|20:21] C:\Program Files\Spybot - Search & Destroy
[24/03/2008|20:46] C:\Program Files\Steam
[13/03/2008|11:35] C:\Program Files\Super_DVD_Creator_9.5
[29/02/2008|23:37] C:\Program Files\Tablet
[12/03/2008|16:01] C:\Program Files\Uninstall Information
[03/03/2008|23:26] C:\Program Files\Unlocker
[29/02/2008|23:49] C:\Program Files\VID_0E8F&PID_1006
[22/03/2008|22:37] C:\Program Files\Vidalia Bundle
[11/03/2008|21:49] C:\Program Files\Video Convert Master
[02/03/2008|01:45] C:\Program Files\VideoLAN
[05/03/2008|19:59] C:\Program Files\VSO
[12/03/2008|15:41] C:\Program Files\VstPlugins
[01/03/2008|00:25] C:\Program Files\Winamp
[01/03/2008|15:14] C:\Program Files\Windows Live
[01/03/2008|20:49] C:\Program Files\Windows Media Connect 2
[01/03/2008|20:49] C:\Program Files\Windows Media Player
[29/02/2008|23:25] C:\Program Files\Windows NT
[29/02/2008|22:44] C:\Program Files\WindowsUpdate
[13/03/2008|11:29] C:\Program Files\WinRAR
[29/02/2008|22:46] C:\Program Files\xerox
[06/03/2008|02:33] C:\Program Files\Xilisoft

------[ Listing des dossiers dans C:\Program Files\Fichiers communs ]------

[17/03/2008|00:39] C:\Program Files\Fichiers communs\.
[17/03/2008|00:39] C:\Program Files\Fichiers communs\..
[06/03/2008|00:20] C:\Program Files\Fichiers communs\Adobe
[14/03/2008|18:24] C:\Program Files\Fichiers communs\Autodesk
[14/03/2008|18:20] C:\Program Files\Fichiers communs\Autodesk Shared
[09/03/2008|13:19] C:\Program Files\Fichiers communs\Blizzard Entertainment
[17/03/2008|00:39] C:\Program Files\Fichiers communs\ChaosGroup
[01/03/2008|00:59] C:\Program Files\Fichiers communs\DESIGNER
[29/02/2008|23:03] C:\Program Files\Fichiers communs\InstallShield
[05/03/2008|19:41] C:\Program Files\Fichiers communs\Java
[01/03/2008|18:40] C:\Program Files\Fichiers communs\LogiShrd
[05/03/2008|01:25] C:\Program Files\Fichiers communs\Macrovision Shared
[12/03/2008|15:41] C:\Program Files\Fichiers communs\Microsoft Shared
[29/02/2008|22:43] C:\Program Files\Fichiers communs\MSSoap
[01/03/2008|00:11] C:\Program Files\Fichiers communs\Nokia
[29/02/2008|23:31] C:\Program Files\Fichiers communs\ODBC
[01/03/2008|00:11] C:\Program Files\Fichiers communs\PCSuite
[11/03/2008|21:22] C:\Program Files\Fichiers communs\Real
[29/02/2008|22:43] C:\Program Files\Fichiers communs\Services
[29/02/2008|23:31] C:\Program Files\Fichiers communs\SpeechEngines
[01/03/2008|00:57] C:\Program Files\Fichiers communs\System
[01/03/2008|14:01] C:\Program Files\Fichiers communs\WindowsLiveInstaller
[11/03/2008|21:23] C:\Program Files\Fichiers communs\xing shared

----------------------[ Recherche avec S_Lop ]---------------------

Aucun fichier / dossier Lop trouvé !

-----------------[ Recherche de Fichiers / Dossiers Lop ]-----------------

Aucun fichier / dossier Lop trouvé !

----------------------[ Verification du Registre ]----------------------

..... OK !

--------------------[ Verification du fichier Hosts ]---------------------

Fichier Hosts PROPRE


----------------[ Recherche de fichiers avec Catchme ]-----------------

catchme 0.3.1262 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-03-25 12:46:12
Windows 5.1.2600 Service Pack 2 NTFS
scanning hidden files ...
scan completed successfully
hidden files: 0

--------------------[ Recherche d'autres infections ]---------------------

Aucune autre infection trouvée !

/!\ [Fich:1023][Doss:619] C:\DOCUME~1\LOUISL~1\LOCALS~1\Temp
/!\ [Fich:33][Doss:0] C:\DOCUME~1\LOUISL~1\Cookies
/!\ [Fich:2005][Doss:5] C:\DOCUME~1\LOUISL~1\LOCALS~1\TEMPOR~1\content.IE5

--------------------[ Fin du rapport a 12:46:29,93 ]----------------------

Bonjour,

Télécharge puis installe Hijackthis (Trend Micro)
Poste ensuite un rapport dans ta prochaine réponse.
AIDE : Comment utiliser Hijackthis v2.0.2

Et voila!

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 11:20:30, on 26/03/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16608)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\spoolsv.exe
c:\program files\fichiers communs\logishrd\lvmvfm\LVPrcSrv.exe
C:\Program Files\Autodesk\Data Management Server 5\Server\Dispatch\Connectivity.WindowsService.JobDispatch.exe
C:\Program Files\Autodesk\Data Management Server 5\Server\Webserver\Connectivity.EDMWS.Server.exe
C:\Program Files\Fichiers communs\Autodesk Shared\Service\AdskScSrv.exe
C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\DCPFLICS\dcpflics.exe
C:\Program Files\Autodesk\3ds Max 9\mentalray\satellite\raysat_3dsmax9_32server.exe
C:\Program Files\Microsoft SQL Server\MSSQL$AUTODESKVAULT\Binn\sqlservr.exe
C:\WINDOWS\system32\oodag.exe
C:\WINDOWS\system32\PSIService.exe
C:\WINDOWS\system32\slserv.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\Tablet.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\WTablet\TabUserW.exe
C:\WINDOWS\system32\Tablet.exe
C:\Program Files\Razer\Habu\razerhid.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\WINDOWS\ALCWZRD.EXE
C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe
C:\Program Files\Unlocker\UnlockerAssistant.exe
C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\CursorXP\CursorXP.exe
C:\Program Files\Rainlendar2\Rainlendar2.exe
C:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exe
C:\WINDOWS\BricoPacks\Vista Inspirat 2\UberIcon\UberIcon Manager.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Razer\Habu\razertra.exe
C:\Program Files\Razer\Habu\razerofa.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Windows Live\Messenger\usnsvc.exe
C:\Program Files\Windows Live\Mail\wlmail.exe
C:\PROGRA~1\MOZILL~1\FIREFOX.EXE
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.daemon-search.com/startpage

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll
O2 - BHO: PicLens plug-in for Internet Explorer - {EAEE5C74-6D0D-4aca-9232-0DA4A7B866BA} - C:\Program Files\PicLensIE\PicLens.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll
O4 - HKLM\..\Run: [Habu] C:\Program Files\Razer\Habu\razerhid.exe
O4 - HKLM\..\Run: [High Definition Audio Property Page Shortcut] HDAShCut.exe
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [AlcWzrd] ALCWZRD.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [AVP] "C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe"
O4 - HKLM\..\Run: [UnlockerAssistant] "C:\Program Files\Unlocker\UnlockerAssistant.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [CursorXP] C:\Program Files\CursorXP\CursorXP.exe
O4 - HKCU\..\Run: [Rainlendar2] C:\Program Files\Rainlendar2\Rainlendar2.exe
O4 - HKCU\..\Run: [online deaf] C:\DOCUME~1\LOUISL~1\APPLIC~1\LOADVG~1\Birdgreat.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: RocketDock.lnk = C:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exe
O4 - Startup: TransBar.lnk = C:\WINDOWS\BricoPacks\Vista Inspirat 2\TransBar\TransBar.exe
O4 - Startup: UberIcon.lnk = C:\WINDOWS\BricoPacks\Vista Inspirat 2\UberIcon\UberIcon Manager.exe
O8 - Extra context menu item: Ajouter au fichier PDF existant - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convertir en Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convertir la cible du lien en Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convertir la cible du lien en un fichier PDF existant - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convertir la sélection en Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convertir la sélection en un fichier PDF existant - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convertir les liens sélectionnés en fichier Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: Convertir les liens sélectionnés en un fichier PDF existant - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra button: Statistiques d’Anti-Virus Internet - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\SCIEPlgn.dll
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: PacificPoker4 - {94EDF7B4-4272-4af3-8F8B-4E2F68E225B7} - C:\PROGRA~1\PACIFI~1\pacificpoker.exe
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~1\MICROS~2\Office12\GR99D3~1.DLL
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: Autodesk Data Management Job Dispatch - Autodesk Inc - C:\Program Files\Autodesk\Data Management Server 5\Server\Dispatch\Connectivity.WindowsService.JobDispatch.exe
O23 - Service: Autodesk EDM Server - - C:\Program Files\Autodesk\Data Management Server 5\Server\Webserver\Connectivity.EDMWS.Server.exe
O23 - Service: Autodesk Licensing Service - Autodesk - C:\Program Files\Fichiers communs\Autodesk Shared\Service\AdskScSrv.exe
O23 - Service: Kaspersky Anti-Virus 7.0 (AVP) - Kaspersky Lab - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe
O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: DCPFLICS service (DCPFLICS) - Unknown owner - C:\Program Files\DCPFLICS\dcpflics.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Fichiers communs\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - c:\program files\fichiers communs\logishrd\lvmvfm\LVPrcSrv.exe
O23 - Service: LVSrvLauncher - Logitech Inc. - C:\Program Files\Fichiers communs\LogiShrd\SrvLnch\SrvLnch.exe
O23 - Service: mental ray 3.5 Satellite (32-bit) (mi-raysat_3dsmax9_32) - Unknown owner - C:\Program Files\Autodesk\3ds Max 9\mentalray\satellite\raysat_3dsmax9_32server.exe
O23 - Service: O&O Defrag - O&O Software GmbH - C:\WINDOWS\system32\oodag.exe
O23 - Service: ProtexisLicensing - Unknown owner - C:\WINDOWS\system32\PSIService.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: SmartLinkService (SLService) - Smart Link - C:\WINDOWS\SYSTEM32\slserv.exe
O23 - Service: TabletService - Wacom Technology, Corp. - C:\WINDOWS\system32\Tablet.exe

--
End of file - 11270 bytes

 

Refais un LopS&D option 1 pour vérifier  

Et voillaaaaa!


-----------------------[ Lop S&D 4.1.0-2 XP/Vista ]---------------------

[ Windows XP (NT 5.1) Build 2600, Service Pack 2 ]
[ USER : Louis Legrain ] [ "C:\Lop SD" ]
[ mer. 26/03/2008 | 20:18:59,62 ] [ PC : CHINTARO ]
[ MAJ : 26-03-2008 | 13:15 ]

-------------[ Listing des dossiers dans Application Data ]------------

[25/03/2008|12:44] C:\DOCUME~1\ALLUSE~1\APPLIC~1\.
[25/03/2008|12:44] C:\DOCUME~1\ALLUSE~1\APPLIC~1\..
[10/03/2008|17:26] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe
[05/03/2008|19:06] C:\DOCUME~1\ALLUSE~1\APPLIC~1\ALM
[08/03/2008|23:19] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple
[09/03/2008|15:56] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple Computer
[01/03/2008|00:17] C:\DOCUME~1\ALLUSE~1\APPLIC~1\ATI
[14/03/2008|18:21] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Autodesk
[05/03/2008|20:01] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Azureus
[05/03/2008|21:02] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Corel
[29/02/2008|23:31] C:\DOCUME~1\ALLUSE~1\APPLIC~1\desktop.ini
[06/03/2008|00:44] C:\DOCUME~1\ALLUSE~1\APPLIC~1\discreet
[18/03/2008|18:24] C:\DOCUME~1\ALLUSE~1\APPLIC~1\DVD Shrink
[01/03/2008|22:38] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Extensis
[05/03/2008|01:25] C:\DOCUME~1\ALLUSE~1\APPLIC~1\FLEXnet
[01/03/2008|00:03] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Installations
[26/03/2008|11:10] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Kaspersky Lab
[01/03/2008|18:37] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Logishrd
[01/03/2008|18:37] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Logitech
[04/03/2008|20:35] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Messenger Plus!
[05/03/2008|20:54] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft
[14/03/2008|20:22] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft Help
[01/03/2008|00:17] C:\DOCUME~1\ALLUSE~1\APPLIC~1\PC Suite
[06/03/2008|02:28] C:\DOCUME~1\ALLUSE~1\APPLIC~1\River Past G5
[12/03/2008|15:59] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Sony
[03/03/2008|20:25] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Spybot - Search & Destroy
[12/03/2008|16:29] C:\DOCUME~1\ALLUSE~1\APPLIC~1\TEMP
[01/03/2008|20:40] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Genuine Advantage
[01/03/2008|15:11] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WLInstaller

[29/02/2008|23:31] C:\DOCUME~1\DEFAUL~1\APPLIC~1\.
[29/02/2008|23:31] C:\DOCUME~1\DEFAUL~1\APPLIC~1\..
[29/02/2008|23:31] C:\DOCUME~1\DEFAUL~1\APPLIC~1\desktop.ini
[29/02/2008|22:45] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft

[15/03/2008|13:41] C:\DOCUME~1\LOCALS~1\APPLIC~1\.
[15/03/2008|13:41] C:\DOCUME~1\LOCALS~1\APPLIC~1\..
[15/03/2008|01:37] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft
[26/03/2008|10:49] C:\DOCUME~1\LOCALS~1\APPLIC~1\WTablet

[22/03/2008|20:20] C:\DOCUME~1\LOUISL~1\APPLIC~1\.
[22/03/2008|20:20] C:\DOCUME~1\LOUISL~1\APPLIC~1\..
[23/03/2008|01:54] C:\DOCUME~1\LOUISL~1\APPLIC~1\Adobe
[01/03/2008|01:10] C:\DOCUME~1\LOUISL~1\APPLIC~1\ALLCapture
[05/03/2008|00:24] C:\DOCUME~1\LOUISL~1\APPLIC~1\Ambient Design
[08/03/2008|23:44] C:\DOCUME~1\LOUISL~1\APPLIC~1\Apple Computer
[01/03/2008|00:17] C:\DOCUME~1\LOUISL~1\APPLIC~1\ATI
[14/03/2008|18:25] C:\DOCUME~1\LOUISL~1\APPLIC~1\Autodesk
[14/03/2008|12:46] C:\DOCUME~1\LOUISL~1\APPLIC~1\Azureus
[11/03/2008|20:25] C:\DOCUME~1\LOUISL~1\APPLIC~1\combustion4
[15/03/2008|04:23] C:\DOCUME~1\LOUISL~1\APPLIC~1\CopyToDvd
[05/03/2008|21:05] C:\DOCUME~1\LOUISL~1\APPLIC~1\Corel
[05/03/2008|01:44] C:\DOCUME~1\LOUISL~1\APPLIC~1\DAEMON Tools
[29/02/2008|23:55] C:\DOCUME~1\LOUISL~1\APPLIC~1\Datalayer
[29/02/2008|23:31] C:\DOCUME~1\LOUISL~1\APPLIC~1\desktop.ini
[02/03/2008|01:40] C:\DOCUME~1\LOUISL~1\APPLIC~1\Desktopicon
[10/03/2008|17:12] C:\DOCUME~1\LOUISL~1\APPLIC~1\DivX
[15/03/2008|16:21] C:\DOCUME~1\LOUISL~1\APPLIC~1\dvdcss
[01/03/2008|01:05] C:\DOCUME~1\LOUISL~1\APPLIC~1\Extensis
[06/03/2008|00:58] C:\DOCUME~1\LOUISL~1\APPLIC~1\GOTO Software
[01/03/2008|16:15] C:\DOCUME~1\LOUISL~1\APPLIC~1\Help
[29/02/2008|22:54] C:\DOCUME~1\LOUISL~1\APPLIC~1\Identities
[05/03/2008|19:59] C:\DOCUME~1\LOUISL~1\APPLIC~1\inst.exe
[29/02/2008|23:29] C:\DOCUME~1\LOUISL~1\APPLIC~1\InstallShield
[01/03/2008|14:18] C:\DOCUME~1\LOUISL~1\APPLIC~1\LOAD VGA BEND
[29/02/2008|23:40] C:\DOCUME~1\LOUISL~1\APPLIC~1\Macromedia
[15/03/2008|17:06] C:\DOCUME~1\LOUISL~1\APPLIC~1\Microsoft
[29/02/2008|23:00] C:\DOCUME~1\LOUISL~1\APPLIC~1\Mozilla
[01/03/2008|00:11] C:\DOCUME~1\LOUISL~1\APPLIC~1\Nokia
[05/03/2008|01:05] C:\DOCUME~1\LOUISL~1\APPLIC~1\Notepad++
[01/03/2008|00:37] C:\DOCUME~1\LOUISL~1\APPLIC~1\PC Suite
[05/03/2008|19:59] C:\DOCUME~1\LOUISL~1\APPLIC~1\pcouffin.cat
[05/03/2008|19:59] C:\DOCUME~1\LOUISL~1\APPLIC~1\pcouffin.inf
[05/03/2008|19:59] C:\DOCUME~1\LOUISL~1\APPLIC~1\pcouffin.log
[05/03/2008|19:59] C:\DOCUME~1\LOUISL~1\APPLIC~1\pcouffin.sys
[12/03/2008|15:54] C:\DOCUME~1\LOUISL~1\APPLIC~1\Publish Providers
[11/03/2008|21:31] C:\DOCUME~1\LOUISL~1\APPLIC~1\Real
[06/03/2008|02:26] C:\DOCUME~1\LOUISL~1\APPLIC~1\River Past G5
[12/03/2008|16:00] C:\DOCUME~1\LOUISL~1\APPLIC~1\Sony
[18/03/2008|20:17] C:\DOCUME~1\LOUISL~1\APPLIC~1\Sun
[26/03/2008|14:06] C:\DOCUME~1\LOUISL~1\APPLIC~1\Tor
[26/03/2008|14:06] C:\DOCUME~1\LOUISL~1\APPLIC~1\Vidalia
[02/03/2008|02:39] C:\DOCUME~1\LOUISL~1\APPLIC~1\vlc
[18/03/2008|21:21] C:\DOCUME~1\LOUISL~1\APPLIC~1\Vso
[01/03/2008|00:26] C:\DOCUME~1\LOUISL~1\APPLIC~1\Winamp
[01/03/2008|22:46] C:\DOCUME~1\LOUISL~1\APPLIC~1\WinRAR
[26/03/2008|11:10] C:\DOCUME~1\LOUISL~1\APPLIC~1\WTablet

[29/02/2008|22:48] C:\DOCUME~1\NETWOR~1\APPLIC~1\.
[29/02/2008|22:48] C:\DOCUME~1\NETWOR~1\APPLIC~1\..
[29/02/2008|22:45] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft

----------------[ Tâches planifiées dans C:\WINDOWS\tasks ]---------------

[20/03/2008 14:15][--a------] C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[26/03/2008 10:48][--ah-----] C:\WINDOWS\tasks\SA.DAT
[05/08/2004 13:00][-r-h-----] C:\WINDOWS\tasks\desktop.ini

---------------[ Listing des dossiers dans C:\Program Files ]--------------

[26/03/2008|11:20] C:\Program Files\.
[26/03/2008|11:20] C:\Program Files\..
[09/03/2008|15:41] C:\Program Files\Adobe
[01/03/2008|01:08] C:\Program Files\Adobe fontfolio 10
[01/03/2008|01:10] C:\Program Files\ALLCapture 2.0 Essai
[05/03/2008|00:21] C:\Program Files\Ambient Design
[08/03/2008|14:41] C:\Program Files\Ant Renamer
[08/03/2008|23:19] C:\Program Files\Apple Software Update
[12/03/2008|15:15] C:\Program Files\ASIO4ALL v2
[01/03/2008|00:14] C:\Program Files\ATI Technologies
[14/03/2008|18:24] C:\Program Files\Autodesk
[07/03/2008|18:36] C:\Program Files\Azureus
[06/03/2008|00:43] C:\Program Files\backburner 2
[05/03/2008|03:53] C:\Program Files\Bonjour
[17/03/2008|00:39] C:\Program Files\Chaos Group
[03/03/2008|23:34] C:\Program Files\Collectorz.com
[29/02/2008|22:42] C:\Program Files\ComPlus Applications
[05/03/2008|21:02] C:\Program Files\Corel
[05/03/2008|19:48] C:\Program Files\Curious Labs
[03/03/2008|21:50] C:\Program Files\CursorXP
[05/03/2008|01:46] C:\Program Files\DAEMON Tools Lite
[17/03/2008|00:42] C:\Program Files\DCPFLICS
[29/02/2008|23:29] C:\Program Files\DIFX
[06/03/2008|00:42] C:\Program Files\discreet
[05/03/2008|20:03] C:\Program Files\DivX
[08/03/2008|14:41] C:\Program Files\DVD Decrypter
[08/03/2008|13:42] C:\Program Files\DVD Shrink
[02/03/2008|18:20] C:\Program Files\Easy cleaner
[25/03/2008|21:28] C:\Program Files\eMule
[11/03/2008|21:04] C:\Program Files\Eurobarre
[01/03/2008|01:04] C:\Program Files\Extensis
[17/03/2008|00:39] C:\Program Files\Fichiers communs
[12/03/2008|16:28] C:\Program Files\FRAPS
[06/03/2008|00:35] C:\Program Files\Goto software
[12/03/2008|15:24] C:\Program Files\Image-Line
[17/03/2008|00:42] C:\Program Files\InstallShield Installation Information
[16/03/2008|15:18] C:\Program Files\Internet Explorer
[05/03/2008|19:43] C:\Program Files\Java
[01/03/2008|15:22] C:\Program Files\Kaspersky Lab
[01/03/2008|18:37] C:\Program Files\Logitech
[01/03/2008|00:23] C:\Program Files\Messenger
[17/03/2008|14:48] C:\Program Files\Messenger Plus! Live
[02/03/2008|03:04] C:\Program Files\Microsoft CAPICOM 2.1.0.2
[29/02/2008|22:46] C:\Program Files\microsoft frontpage
[14/03/2008|13:02] C:\Program Files\Microsoft Office
[14/03/2008|18:17] C:\Program Files\Microsoft SQL Server
[01/03/2008|00:59] C:\Program Files\Microsoft Visual Studio
[01/03/2008|00:57] C:\Program Files\Microsoft Visual Studio 8
[01/03/2008|01:00] C:\Program Files\Microsoft Works
[14/03/2008|18:15] C:\Program Files\Microsoft WSE
[01/03/2008|00:59] C:\Program Files\Microsoft.NET
[19/03/2008|02:58] C:\Program Files\Movie Maker
[26/03/2008|20:17] C:\Program Files\Mozilla Firefox
[16/03/2008|15:34] C:\Program Files\MSBuild
[29/02/2008|22:40] C:\Program Files\MSN
[29/02/2008|22:41] C:\Program Files\MSN Gaming Zone
[02/03/2008|03:01] C:\Program Files\MSXML 4.0
[15/03/2008|04:26] C:\Program Files\MSXML 6.0
[12/03/2008|15:07] C:\Program Files\Native Instruments
[29/02/2008|22:43] C:\Program Files\NetMeeting
[06/03/2008|00:53] C:\Program Files\Next Limit
[06/03/2008|00:55] C:\Program Files\Nicolas MERLET
[01/03/2008|00:11] C:\Program Files\Nokia
[05/03/2008|01:04] C:\Program Files\Notepad++
[29/02/2008|22:41] C:\Program Files\Online Services
[01/03/2008|22:10] C:\Program Files\Ontrack
[11/03/2008|21:09] C:\Program Files\OO Software
[01/03/2008|19:00] C:\Program Files\Outlook Express
[05/03/2008|19:58] C:\Program Files\PacificPoker4
[01/03/2008|00:10] C:\Program Files\PC Connectivity Solution
[01/03/2008|15:50] C:\Program Files\PicLensIE
[05/03/2008|19:52] C:\Program Files\Pixologic
[05/03/2008|01:53] C:\Program Files\PowerISO
[09/03/2008|13:47] C:\Program Files\QuickTime
[03/03/2008|20:35] C:\Program Files\Rainlendar2
[29/02/2008|23:29] C:\Program Files\Razer
[11/03/2008|21:22] C:\Program Files\Real
[01/03/2008|01:56] C:\Program Files\Realtek
[16/03/2008|15:34] C:\Program Files\Reference Assemblies
[02/03/2008|01:46] C:\Program Files\Runtime Software
[29/02/2008|22:44] C:\Program Files\Services en ligne
[12/03/2008|15:56] C:\Program Files\Sony
[12/03/2008|15:54] C:\Program Files\Sony Setup
[03/03/2008|20:21] C:\Program Files\Spybot - Search & Destroy
[26/03/2008|18:20] C:\Program Files\Steam
[13/03/2008|11:35] C:\Program Files\Super_DVD_Creator_9.5
[29/02/2008|23:37] C:\Program Files\Tablet
[26/03/2008|11:20] C:\Program Files\Trend Micro
[12/03/2008|16:01] C:\Program Files\Uninstall Information
[03/03/2008|23:26] C:\Program Files\Unlocker
[29/02/2008|23:49] C:\Program Files\VID_0E8F&PID_1006
[22/03/2008|22:37] C:\Program Files\Vidalia Bundle
[11/03/2008|21:49] C:\Program Files\Video Convert Master
[02/03/2008|01:45] C:\Program Files\VideoLAN
[05/03/2008|19:59] C:\Program Files\VSO
[12/03/2008|15:41] C:\Program Files\VstPlugins
[01/03/2008|00:25] C:\Program Files\Winamp
[01/03/2008|15:14] C:\Program Files\Windows Live
[01/03/2008|20:49] C:\Program Files\Windows Media Connect 2
[01/03/2008|20:49] C:\Program Files\Windows Media Player
[29/02/2008|23:25] C:\Program Files\Windows NT
[29/02/2008|22:44] C:\Program Files\WindowsUpdate
[13/03/2008|11:29] C:\Program Files\WinRAR
[29/02/2008|22:46] C:\Program Files\xerox
[06/03/2008|02:33] C:\Program Files\Xilisoft

------[ Listing des dossiers dans C:\Program Files\Fichiers communs ]------

[17/03/2008|00:39] C:\Program Files\Fichiers communs\.
[17/03/2008|00:39] C:\Program Files\Fichiers communs\..
[06/03/2008|00:20] C:\Program Files\Fichiers communs\Adobe
[14/03/2008|18:24] C:\Program Files\Fichiers communs\Autodesk
[14/03/2008|18:20] C:\Program Files\Fichiers communs\Autodesk Shared
[09/03/2008|13:19] C:\Program Files\Fichiers communs\Blizzard Entertainment
[17/03/2008|00:39] C:\Program Files\Fichiers communs\ChaosGroup
[01/03/2008|00:59] C:\Program Files\Fichiers communs\DESIGNER
[29/02/2008|23:03] C:\Program Files\Fichiers communs\InstallShield
[05/03/2008|19:41] C:\Program Files\Fichiers communs\Java
[01/03/2008|18:40] C:\Program Files\Fichiers communs\LogiShrd
[05/03/2008|01:25] C:\Program Files\Fichiers communs\Macrovision Shared
[12/03/2008|15:41] C:\Program Files\Fichiers communs\Microsoft Shared
[29/02/2008|22:43] C:\Program Files\Fichiers communs\MSSoap
[01/03/2008|00:11] C:\Program Files\Fichiers communs\Nokia
[29/02/2008|23:31] C:\Program Files\Fichiers communs\ODBC
[01/03/2008|00:11] C:\Program Files\Fichiers communs\PCSuite
[11/03/2008|21:22] C:\Program Files\Fichiers communs\Real
[29/02/2008|22:43] C:\Program Files\Fichiers communs\Services
[29/02/2008|23:31] C:\Program Files\Fichiers communs\SpeechEngines
[01/03/2008|00:57] C:\Program Files\Fichiers communs\System
[01/03/2008|14:01] C:\Program Files\Fichiers communs\WindowsLiveInstaller
[11/03/2008|21:23] C:\Program Files\Fichiers communs\xing shared

----------------------[ Recherche avec S_Lop ]---------------------

Aucun fichier / dossier Lop trouvé !

-----------------[ Recherche de Fichiers / Dossiers Lop ]-----------------

Aucun fichier / dossier Lop trouvé !

----------------------[ Verification du Registre ]----------------------

..... OK !

--------------------[ Verification du fichier Hosts ]---------------------

Fichier Hosts PROPRE


----------------[ Recherche de fichiers avec Catchme ]-----------------

catchme 0.3.1262 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-03-26 20:20:26
Windows 5.1.2600 Service Pack 2 NTFS
scanning hidden files ...
scan completed successfully
hidden files: 0

--------------------[ Recherche d'autres infections ]---------------------

Aucune autre infection trouvée !

/!\ [Fich:1657][Doss:620] C:\DOCUME~1\LOUISL~1\LOCALS~1\Temp
/!\ [Fich:4][Doss:0] C:\DOCUME~1\LOUISL~1\Cookies
/!\ [Fich:689][Doss:8] C:\DOCUME~1\LOUISL~1\LOCALS~1\TEMPOR~1\content.IE5

--------------------[ Fin du rapport a 20:20:42,89 ]----------------------

Re,

1) Relance HijackThis, clique sur "do a system scan only", coche ces lignes puis clique sur "Fix Checked" et referme HijackThis :


Supprime le dossier en gras suivant ( clic droit, supprimer ) puis vide ta corbeille :

C:\DOCUME~1\LOUISL~1\APPLIC~1\LOADVG~1\

2) Télécharge sur ton bureau : Clean (de Malekal) >Tuto<
Dézippe le sur ton bureau. Double-clic sur ce dossier clean.
Double-clic sur clean.cmd. (L’extension cmd peut ne pas apparaître) Cela va ouvrir une fenêtre noire.
Un menu va apparaître, choisis l'option 1 puis entrée. Ensuite appuies sur une touche comme il te sera demandé.
Poste le rapport se trouve ici : C:\rapport_clean.txt

Si tu obtiens un fichier C:\upload_moi.zip, merci de faire ceci.

 

Bon ben voila c'est un drôle de rapport mais c'est bien celui là.

jeu. 27/03/2008 a 13:42:25,14

*** Recherche des fichiers dans C:

*** Recherche des fichiers dans C:\WINDOWS\

*** Recherche des fichiers dans C:\WINDOWS\system32

*** Recherche des fichiers dans C:\Program Files

 

Poste un nouveau rapport hijackthis et dis-moi comment va le PC  

Pour l'instant tout va très bien! Plus de popups, plus de ralentissements de ma machine sans raisons et je peu même de nouveau utiliser 3Dsmax qui ne voulait plus se lancer. SUPER!!!

Voilà le rapport:

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 16:19:06, on 28/03/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16608)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\spoolsv.exe
c:\program files\fichiers communs\logishrd\lvmvfm\LVPrcSrv.exe
C:\Program Files\Autodesk\Data Management Server 5\Server\Dispatch\Connectivity.WindowsService.JobDispatch.exe
C:\Program Files\Autodesk\Data Management Server 5\Server\Webserver\Connectivity.EDMWS.Server.exe
C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\DCPFLICS\dcpflics.exe
C:\Program Files\Microsoft SQL Server\MSSQL$AUTODESKVAULT\Binn\sqlservr.exe
C:\WINDOWS\system32\oodag.exe
C:\WINDOWS\system32\PSIService.exe
C:\WINDOWS\system32\slserv.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\Tablet.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\WTablet\TabUserW.exe
C:\WINDOWS\system32\Tablet.exe
C:\Program Files\Razer\Habu\razerhid.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\WINDOWS\ALCWZRD.EXE
C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe
C:\Program Files\Unlocker\UnlockerAssistant.exe
C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\CursorXP\CursorXP.exe
C:\Program Files\Razer\Habu\razertra.exe
C:\Program Files\Razer\Habu\razerofa.exe
C:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exe
C:\WINDOWS\BricoPacks\Vista Inspirat 2\UberIcon\UberIcon Manager.exe
C:\Program Files\Windows Live\Messenger\usnsvc.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\system32\msiexec.exe
C:\Program Files\Rainlendar2\Rainlendar2.exe
C:\Program Files\Windows Live\Mail\wlmail.exe
C:\PROGRA~1\MOZILL~1\FIREFOX.EXE
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.daemon-search.com/startpage

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll
O2 - BHO: PicLens plug-in for Internet Explorer - {EAEE5C74-6D0D-4aca-9232-0DA4A7B866BA} - C:\Program Files\PicLensIE\PicLens.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll
O4 - HKLM\..\Run: [Habu] C:\Program Files\Razer\Habu\razerhid.exe
O4 - HKLM\..\Run: [High Definition Audio Property Page Shortcut] HDAShCut.exe
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [AlcWzrd] ALCWZRD.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [AVP] "C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe"
O4 - HKLM\..\Run: [UnlockerAssistant] "C:\Program Files\Unlocker\UnlockerAssistant.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [CursorXP] C:\Program Files\CursorXP\CursorXP.exe
O4 - HKCU\..\Run: [Rainlendar2] C:\Program Files\Rainlendar2\Rainlendar2.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: RocketDock.lnk = C:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exe
O4 - Startup: TransBar.lnk = C:\WINDOWS\BricoPacks\Vista Inspirat 2\TransBar\TransBar.exe
O4 - Startup: UberIcon.lnk = C:\WINDOWS\BricoPacks\Vista Inspirat 2\UberIcon\UberIcon Manager.exe
O8 - Extra context menu item: Ajouter au fichier PDF existant - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convertir en Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convertir la cible du lien en Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convertir la cible du lien en un fichier PDF existant - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convertir la sélection en Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convertir la sélection en un fichier PDF existant - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convertir les liens sélectionnés en fichier Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: Convertir les liens sélectionnés en un fichier PDF existant - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra button: Statistiques d’Anti-Virus Internet - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\SCIEPlgn.dll
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: PacificPoker4 - {94EDF7B4-4272-4af3-8F8B-4E2F68E225B7} - C:\PROGRA~1\PACIFI~1\pacificpoker.exe
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~1\MICROS~2\Office12\GR99D3~1.DLL
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: Autodesk Data Management Job Dispatch - Autodesk Inc - C:\Program Files\Autodesk\Data Management Server 5\Server\Dispatch\Connectivity.WindowsService.JobDispatch.exe
O23 - Service: Autodesk EDM Server - - C:\Program Files\Autodesk\Data Management Server 5\Server\Webserver\Connectivity.EDMWS.Server.exe
O23 - Service: Kaspersky Anti-Virus 7.0 (AVP) - Kaspersky Lab - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe
O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: DCPFLICS service (DCPFLICS) - Unknown owner - C:\Program Files\DCPFLICS\dcpflics.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Fichiers communs\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - c:\program files\fichiers communs\logishrd\lvmvfm\LVPrcSrv.exe
O23 - Service: LVSrvLauncher - Logitech Inc. - C:\Program Files\Fichiers communs\LogiShrd\SrvLnch\SrvLnch.exe
O23 - Service: O&O Defrag - O&O Software GmbH - C:\WINDOWS\system32\oodag.exe
O23 - Service: ProtexisLicensing - Unknown owner - C:\WINDOWS\system32\PSIService.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: SmartLinkService (SLService) - Smart Link - C:\WINDOWS\SYSTEM32\slserv.exe
O23 - Service: TabletService - Wacom Technology, Corp. - C:\WINDOWS\system32\Tablet.exe

--
End of file - 10741 bytes

Re,

Télécharge MalwareByte's Anti-Malware sur ton Bureau.
Installe-le en double-cliquant sur le fichier Download_mbam-setup.exe.

Une fois l'installation et la mise à jour effectuées, redémarre en mode sans échec.
AIDE : Redémarrer en mode sans échec

Exécute maintenant MalwareByte's Anti-Malware. Si cela n'est pas déjà fait, sélectionne "Exécuter un examen complet".

Afin de lancer la recherche, clic sur"Rechercher".

Une fois le scan terminé, une fenêtre s'ouvre, clic sur OK. Deux possibilités s'offrent à toi :
-- si le programme n'a rien trouvé, appuie sur OK. Un rapport va apparaître, ferme-le.
-- si des infections sont présentes, clic sur "Afficher les résultats" puis sur "Supprimer la sélection". Enregistre le rapport sur ton Bureau afin de le poster dans ta prochaine réponse.
[#ff0000]REMARQUE : Si MalwareByte's Anti-Malware a besoin de redémarrer pour terminer la suppression, accepte en cliquant sur Ok.[/#f]

AIDE : Tuto en images sur MBAM

 

OK c'est fait, il n'a rien trouvé, je suppose que c'est fini. Merci pour tout Merillym.

Re,

Non ce n'est pas fini, mais presque   Il faut finaliser la désinfection, c'est important.

Reposte un nouveau hijackthis.

 

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 21:31:36, on 28/03/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16608)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\spoolsv.exe
c:\program files\fichiers communs\logishrd\lvmvfm\LVPrcSrv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Razer\Habu\razerhid.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\WINDOWS\ALCWZRD.EXE
C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe
C:\Program Files\Unlocker\UnlockerAssistant.exe
C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\CursorXP\CursorXP.exe
C:\Program Files\Rainlendar2\Rainlendar2.exe
C:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exe
C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\BricoPacks\Vista Inspirat 2\UberIcon\UberIcon Manager.exe
C:\Program Files\DCPFLICS\dcpflics.exe
C:\Program Files\Microsoft SQL Server\MSSQL$AUTODESKVAULT\Binn\sqlservr.exe
C:\WINDOWS\system32\oodag.exe
C:\WINDOWS\system32\PSIService.exe
C:\WINDOWS\system32\slserv.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\Tablet.exe
C:\WINDOWS\system32\WTablet\TabUserW.exe
C:\WINDOWS\system32\Tablet.exe
C:\Program Files\Razer\Habu\razertra.exe
C:\Program Files\Razer\Habu\razerofa.exe
C:\Program Files\OO Software\Defrag Professional\oodcnt.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Windows Live\Messenger\usnsvc.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.daemon-search.com/startpage

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll
O2 - BHO: PicLens plug-in for Internet Explorer - {EAEE5C74-6D0D-4aca-9232-0DA4A7B866BA} - C:\Program Files\PicLensIE\PicLens.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll
O4 - HKLM\..\Run: [Habu] C:\Program Files\Razer\Habu\razerhid.exe
O4 - HKLM\..\Run: [High Definition Audio Property Page Shortcut] HDAShCut.exe
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [AlcWzrd] ALCWZRD.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [AVP] "C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe"
O4 - HKLM\..\Run: [UnlockerAssistant] "C:\Program Files\Unlocker\UnlockerAssistant.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [CursorXP] C:\Program Files\CursorXP\CursorXP.exe
O4 - HKCU\..\Run: [Rainlendar2] C:\Program Files\Rainlendar2\Rainlendar2.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: RocketDock.lnk = C:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exe
O4 - Startup: TransBar.lnk = C:\WINDOWS\BricoPacks\Vista Inspirat 2\TransBar\TransBar.exe
O4 - Startup: UberIcon.lnk = C:\WINDOWS\BricoPacks\Vista Inspirat 2\UberIcon\UberIcon Manager.exe
O8 - Extra context menu item: Ajouter au fichier PDF existant - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convertir en Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convertir la cible du lien en Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convertir la cible du lien en un fichier PDF existant - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convertir la sélection en Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convertir la sélection en un fichier PDF existant - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convertir les liens sélectionnés en fichier Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: Convertir les liens sélectionnés en un fichier PDF existant - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra button: Statistiques d’Anti-Virus Internet - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\SCIEPlgn.dll
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: PacificPoker4 - {94EDF7B4-4272-4af3-8F8B-4E2F68E225B7} - C:\PROGRA~1\PACIFI~1\pacificpoker.exe
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~1\MICROS~2\Office12\GR99D3~1.DLL
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: Kaspersky Anti-Virus 7.0 (AVP) - Kaspersky Lab - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe
O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: DCPFLICS service (DCPFLICS) - Unknown owner - C:\Program Files\DCPFLICS\dcpflics.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Fichiers communs\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - c:\program files\fichiers communs\logishrd\lvmvfm\LVPrcSrv.exe
O23 - Service: LVSrvLauncher - Logitech Inc. - C:\Program Files\Fichiers communs\LogiShrd\SrvLnch\SrvLnch.exe
O23 - Service: O&O Defrag - O&O Software GmbH - C:\WINDOWS\system32\oodag.exe
O23 - Service: ProtexisLicensing - Unknown owner - C:\WINDOWS\system32\PSIService.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: SmartLinkService (SLService) - Smart Link - C:\WINDOWS\SYSTEM32\slserv.exe
O23 - Service: TabletService - Wacom Technology, Corp. - C:\WINDOWS\system32\Tablet.exe

--
End of file - 10167 bytes

C’est OK, tu n’es plus infecté(e)  

1) Télécharge ToolsCleaner sur ton bureau.
http://www.commentcamarche.net/telecharger/toolscleaner...

Ce programme va te faire désinstaller tous les outils que je t’ai faits utiliser.

Clique sur Recherche et laisse le scan agir ...

Clique sur Suppression pour finaliser.

Tu peux, si tu le souhaites, te servir des Options facultatives.

Clique sur Quitter pour obtenir le rapport.

Poste le rapport (TCleaner.txt) qui se trouve à la racine de ton disque dur (C:\).

2) Télécharge et installe Ccleaner :
http://www.01net.com/telecharger/windows/Utilitaire/net...

Avant de cliquer sur le bouton "installer", décoche toutes les "options supplémentaires". Ensuite, clique sur "Options", "Avancé" et décoche la case "Effacer uniquement les fichiers, du dossier Temp de Windows, plus vieux que 48 heures". Clique sur l'onglet "Nettoyeur" puis sur "Lancer le Nettoyage".

Ensuite clique sur l'onglet Registre, clique sur "Chercher des erreurs" puis sur "Réparer les erreurs sélectionnées". Il est inutile de faire des sauvegardes des clés. Répète l'opération autant de fois qu'il le faut jusqu'à qu'il ne trouve plus d'erreurs.

Tutorial ici : http://www.infos-du-net.com/forum/272336-7-ccleaner-und...
3)

Désactive ta restauration systeme

Réactive ta restauration systeme

Tutorial ici : http://www.infos-du-net.com/forum/272480-11-desactiver-...
********************************************************************************

Ajoute maintenant [Résolu] au titre. Pour cela :
* Clique, dans ton premier message, sur le bouton "Editer"
* Rajoute la mention [Résolu] au titre
* Clique ensuite sur "Valider votre message"

Ce serait sympa de rapporter ton infection sur > Malware-Complaints < pour faire condamner ses auteurs

- Règles du forum <- ici
- Poster un message <- ici ( par Malekal )

Pour t'enregistrer clique sur le bouton register ( en haut )
Si tu as plus de 13 ans choisis " I Agree to these terms and am over or exactly 13 years of age "
Si tu as moins de 13 ans choisis " I Agree to these terms and am under 13 years of age "

Tu auras une liste par type d'infection
Si ton infection n'est pas dans la liste crée un message dans Autres infections

a+ et bon surf  


Quelques liens intéressants :

http://mickael.barroux.free.fr/securite/
http://www.malekal.com/
http://www.infos-du-net.com/forum/275481-11-dossier-pre...

Merci pour tout !!!