Pubs CID =(

Question

Bonjour,
J'ai récemment des problemes de pubs CID qui apparaissent sans arrêt, et ça devient assez lassant...aussi, j'ai décidé de combattre xD
J'ai donc téléchargé GenProc comme indiqué sur un autre topic, et j'ai commencé les procédures "sans risques", à savoir les analyses. je me permets donc de poster le rapport Navilog en dessous, si quelqu'un veut bien me guider pour que je ne flingue pas mon PC, ce serait super sympa =)

Microsoft Windows XP [version 5.1.2600]
Internet Explorer : 7.0.5730.11 
Système de fichiers : NTFS

Recherche executé en mode normal

*** Recherche Programmes installés ***


*** Recherche dossiers dans "C:\WINDOWS" ***


*** Recherche dossiers dans "C:\Program Files" ***


*** Recherche dossiers dans "C:\Documents and Settings\All Users\menudm~1\progra~1" ***


*** Recherche dossiers dans "C:\Documents and Settings\All Users\menudm~1" ***


*** Recherche dossiers dans "c:\docume~1\alluse~1\applic~1" ***


*** Recherche dossiers dans "C:\Documents and Settings\HP_Administrateur\applic~1" *** 


*** Recherche dossiers dans "C:\DOCUME~1\ADMINI~1\applic~1" *** 


*** Recherche dossiers dans "C:\Documents and Settings\HP_Administrateur\locals~1\applic~1" *** 


*** Recherche dossiers dans "C:\DOCUME~1\ADMINI~1\locals~1\applic~1" *** 


*** Recherche dossiers dans "C:\Documents and Settings\HP_Administrateur\menudm~1\progra~1" *** 


*** Recherche avec Catchme-rootkit/stealth malware detector par gmer ***
pour + d'infos : http://www.gmer.net



*** Recherche avec GenericNaviSearch ***
!!! Tous ces résultats peuvent révéler des fichiers légitimes !!!
!!! A vérifier impérativement avant toute suppression manuelle !!!

* Recherche dans "C:\WINDOWS\system32" *

* Recherche dans "C:\Documents and Settings\HP_Administrateur\locals~1\applic~1" * 

* Recherche dans "C:\DOCUME~1\ADMINI~1\locals~1\applic~1" * 



*** Recherche fichiers *** 


C:\WINDOWS\pack.epk trouvé !
C:\WINDOWS\system32
vs2.inf trouvé !

*** Recherche clés spécifiques dans le Registre ***

HKEY_CURRENT_USER\Software\Lanconfig trouvé ! 

*** Module de Recherche complémentaire ***
(Recherche fichiers spécifiques)

1)Recherche nouveaux fichiers Instant Access :


2)Recherche Heuristique :

* Dans "C:\WINDOWS\system32" :


* Dans "C:\Documents and Settings\HP_Administrateur\locals~1\applic~1" : 


* Dans "C:\DOCUME~1\ADMINI~1\locals~1\applic~1" : 


3)Recherche Certificats :

Certificat Egroup trouvé !
Certificat Electronic-Group absent !
Certificat Montorgueil absent !
Certificat OOO-Favorit absent !
Certificat Sunny-Day-Design-Ltd absent !

4)Recherche fichiers connus :



*** Analyse terminée le 18/09/2008 à 22:10:09,88 ***

Voila, merci d'avance ^^

g!rly · Answer

salut, 

Double clique sur le raccourci Navilog1 présent sur le bureau et laisse-toi guider.
Au menu principal, choisis 2 et valide.

Le fix va t'informer qu'il va alors redémarrer ton PC
Ferme toutes les fenêtres ouvertes et enregistre tes documents personnels ouverts
Appuie sur une touche comme demandé.
(si ton Pc ne redémarre pas automatiquement, fais le toi même)
Au redémarrage de ton PC, choisis ta session habituelle.

Patiente jusqu'au message :
*** Nettoyage Termine le ..... ***
Le blocnote va s'ouvrir.
Sauvegarde le rapport de manière à le retrouver
Referme le blocnote. Ton bureau va réapparaitre

PS:Si ton bureau ne réapparait pas, fais CTRL+ALT+SUPP pour ouvrir le gestionnaire de tâches.
Puis rends-toi à l'onglet "processus". Clique en haut à gauche sur fichiers et choisis "exécuter"
Tape explorer et valide. Celà te fera apparaitre ton bureau. 

Post le rapport 

+

Télécharge HijackThis ici : 

-> http://www.commentcamarche.net/telecharger/telecharger 159 hijackthis

Tutoriel d´instalation : (Merci a Balltrap34 pour cette réalisation)

-> http://pageperso.aol.fr/balltrap34/Hijenr.gif 

Tutoriel d´utilisation (video) : (Merci a Balltrap34 pour cette réalisation)

-> http://perso.orange.fr/rginformatique/section%20virus/demohijack.htm

Post les rapports générés ici stp...

@+

Silver · Answer

Merci pour le conseil =)

Voici le rapport navilog. je posterai ensuite le rapport hijackthis des qu'il aura scanné ^^

Clean Navipromo version 3.6.5 commencé le 18/09/2008 à 22:45:50,75

Outil exécuté depuis C:\Program Files
avilog1
Session actuelle : "HP_Administrateur" 

Mise à jour le 22.08.2008 à 17h30 par IL-MAFIOSO


Microsoft Windows XP [version 5.1.2600]
Internet Explorer : 7.0.5730.11
Système de fichiers : NTFS

Mode suppression automatique 
avec prise en charge résultats Catchme et GNS


Nettoyage executé en mode sans échec

 
*** fsbl1.txt non trouvé ***
(Assurez-vous que Catchme n'avait rien trouvé lors de la recherche)
 

*** Suppression avec sauvegardes résultats GenericNaviSearch ***

* Suppression dans "C:\WINDOWS\System32" *


* Suppression dans "C:\Documents and Settings\HP_Administrateur\locals~1\applic~1" * 


* Suppression dans "C:\DOCUME~1\ADMINI~1\locals~1\applic~1" * 


*** Suppression dossiers dans "C:\WINDOWS" ***


*** Suppression dossiers dans "C:\Program Files" ***


*** Suppression dossiers dans "C:\Documents and Settings\All Users\menudm~1\progra~1" ***


*** Suppression dossiers dans "C:\Documents and Settings\All Users\menudm~1" ***


*** Suppression dossiers dans "c:\docume~1\alluse~1\applic~1" ***


*** Suppression dossiers dans "C:\Documents and Settings\HP_Administrateur\applic~1" *** 


*** Suppression dossiers dans "C:\DOCUME~1\ADMINI~1\applic~1" *** 


*** Suppression dossiers dans "C:\Documents and Settings\HP_Administrateur\locals~1\applic~1" *** 


*** Suppression dossiers dans "C:\DOCUME~1\ADMINI~1\locals~1\applic~1" *** 


*** Suppression dossiers dans "C:\Documents and Settings\HP_Administrateur\menudm~1\progra~1" *** 



*** Suppression fichiers ***

C:\WINDOWS\pack.epk supprimé !
C:\WINDOWS\system32
vs2.inf supprimé !

*** Suppression fichiers temporaires ***

Nettoyage contenu C:\WINDOWS\Temp effectué !
Nettoyage contenu C:\Documents and Settings\HP_Administrateur\locals~1\Temp effectué !

*** Traitement Recherche complémentaire ***
(Recherche fichiers spécifiques)

1)Suppression avec sauvegardes nouveaux fichiers Instant Access :

2)Recherche, création sauvegardes et suppression Heuristique :


* Dans "C:\WINDOWS\system32" *


* Dans "C:\Documents and Settings\HP_Administrateur\locals~1\applic~1" * 


* Dans "C:\DOCUME~1\ADMINI~1\locals~1\applic~1" * 


*** Sauvegarde du Registre vers dossier Safebackup ***

sauvegarde du Registre réalisée avec succès !

*** Nettoyage Registre ***

Nettoyage Registre Ok


*** Certificats ***

Certificat Egroup supprimé !
Certificat Electronic-Group absent !
Certificat Montorgueil absent !
Certificat OOO-Favorit absent !
Certificat Sunny-Day-Design-Ltdt absent !

*** Nettoyage terminé le 18/09/2008 à 22:47:40,12 ***

Silver · Answer

Et voilà le rapport Hijackthis, comme promis ;p

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 22:59:01, on 18/09/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16705)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Intel\IntelDH\Intel(R) Quick Resume Technology Drivers\Elservice.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\system32\dllhost.exe
C:\WINDOWS\ehome\ehtray.exe
C:\Program Files\HP DigitalMedia Archive\DMAScheduler.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Revealer\Revealer Free Edition\revealer.exe
C:\WINDOWS\eHome\ehmsas.exe
C:\Program Files\HIS iTurbo\iTurbo.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\ATI Technologies\ATI.ACE\CLI.EXE
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\Program Files\Creative\MediaSource\Detector\CTDetect.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files\ATI Technologies\ATI.ACE\mace.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Program Files\Microsoft Office\OFFICE11\WINWORD.EXE
C:\WINDOWS\system32\msiexec.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\HP\KBD\KBD.EXE
c:\windows\system\hpsysdrv.exe
C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr?cobrand=hp-desktop.msn.com&ocid=HPDHP&pc=HPDTDF
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://fr.search.yahoo.com/?fr=cb-hp06
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = https://fr.search.yahoo.com/?fr=cb-hp06
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar3.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar3.dll
O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe
O4 - HKLM\..\Run: [ftutil2] rundll32.exe ftutil2.dll,SetWriteCacheMode
O4 - HKLM\..\Run: [DMAScheduler] "c:\Program Files\HP DigitalMedia Archive\DMAScheduler.exe"
O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE
O4 - HKLM\..\Run: [HPBootOp] "C:\Program Files\Hewlett-Packard\HP Boot Optimizer\HPBootOp.exe" /run
O4 - HKLM\..\Run: [Reminder] "C:\Windows\Creator\Remind_XP.exe"
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [Revealer] C:\Program Files\Revealer\Revealer Free Edition\revealer.exe /b
O4 - HKLM\..\Run: [ATICCC] "C:\Program Files\ATI Technologies\ATI.ACE\CLIStart.exe"
O4 - HKLM\..\Run: [iTurbo] "C:\Program Files\HIS iTurbo\iTurbo.exe" /s
O4 - HKLM\..\Run: [Logitech Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKLM\..\Run: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [Babylon Client] C:\Program Files\Babylon\Babylon-Pro\Babylon.exe -AutoStart
O4 - HKLM\..\Run: [meet great active lies] C:\Documents and Settings\All Users\Application Data\soft chic meet great\Wma Grim.exe
O4 - HKCU\..\Run: [Creative Detector] C:\Program Files\Creative\MediaSource\Detector\CTDetect.exe /R
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [64 bib] C:\DOCUME~1\HP_ADM~1\APPLIC~1\TOOLDE~1\Winprogram.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - S-1-5-18 Startup: Pin.lnk = C:\hp\bin\CLOAKER.EXE (User 'SYSTEM')
O4 - S-1-5-18 Startup: PinMcLnk.lnk = C:\hp\bin\cloaker.exe (User 'SYSTEM')
O4 - .DEFAULT Startup: Pin.lnk = C:\hp\bin\CLOAKER.EXE (User 'Default user')
O4 - .DEFAULT Startup: PinMcLnk.lnk = C:\hp\bin\cloaker.exe (User 'Default user')
O4 - .DEFAULT User Startup: Pin.lnk = C:\hp\bin\CLOAKER.EXE (User 'Default user')
O4 - .DEFAULT User Startup: PinMcLnk.lnk = C:\hp\bin\cloaker.exe (User 'Default user')
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Translate with &Babylon - res://C:\Program Files\Babylon\Babylon-Pro\Utils\BabylonIEPI.dll/Translate.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Aide à la connexion - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm
O9 - Extra 'Tools' menuitem: Aide à la connexion - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O12 - Plugin for .mu3: C:\Program Files\Internet Explorer\Plugins\NPMyrMus.dll
O12 - Plugin for .mus: C:\Program Files\Internet Explorer\Plugins\NPMyrMus.dll
O12 - Plugin for .mut: C:\Program Files\Internet Explorer\Plugins\NPMyrMus.dll
O12 - Plugin for .myr: C:\Program Files\Internet Explorer\Plugins\NPMyrMus.dll
O12 - Plugin for .xmz: C:\Program Files\Internet Explorer\Plugins\NPMyrMus.dll
O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} (Facebook Photo Uploader 5) - http://upload.facebook.com/controls/FacebookPhotoUploader5.cab
O16 - DPF: {193C772A-87BE-4B19-A7BB-445B226FE9A1} (ewidoOnlineScan Control) - http://downloads.ewido.net/ewidoOnlineScan.cab
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab
O16 - DPF: {4A85DBE0-BFB2-4119-8401-186A7C6EB653} - http://messenger.zone.msn.com/binary/MJSS.cab69309.cab
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://messenger.zone.msn.com/binary/ZIntro.cab56649.cab
O16 - DPF: {BD393C14-72AD-4790-A095-76522973D6B8} (CBreakshotControl Class) - http://messenger.zone.msn.com/binary/Bankshot.cab57213.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O16 - DPF: {E1342154-4889-42B5-BEF6-19237577048F} (OberongamesLoader Object) - http://www.gamenext.fr/online/online2/bejeweled2/Oberongamesloader.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft AB - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Intel(R) Quick Resume technology (ELService) - Intel Corporation - C:\Program Files\Intel\IntelDH\Intel(R) Quick Resume Technology Drivers\Elservice.exe
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: RDFLabel - Unknown owner - C:\Program Files\ICRAplus\RDFLabel\RDFLabel.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe

g!rly · Answer

Ok cool :)

Télécharge HijackThis ici : 

-> http://www.commentcamarche.net/telecharger/telecharger 159 hijackthis

Tutoriel d´instalation : (Merci a Balltrap34 pour cette réalisation)

-> http://pageperso.aol.fr/balltrap34/Hijenr.gif 

Tutoriel d´utilisation (video) : (Merci a Balltrap34 pour cette réalisation)

-> http://perso.orange.fr/rginformatique/section%20virus/demohijack.htm

Post le rapport généré ici stp...

@+

g!rly · Answer

Il y a bien du cid egalement 

Télécharge Lop S&D (de Angeldark et Eric71) sur le Bureau :
https://77b4795d-a-62cb3a1a-s-sites.googlegroups.com/site/eric71mespages/LopSD.exe?attachauth=ANoY7co3ntqUavpZ3q1BG-h4pc13vqDZmhcNeEPChtsyrgAykRbhE8bZzhk979EfQD4AgwtQUHCaQ7ZQwNYMo3_0kA8htAspckDJtu2K5t6J9z6dLW4fpZyH4FpFL1tVMBZ8H-KnN7afZ5vt-WxZRpnynk-a0XmV_Y0C0q6DxGEDKie1TnPT7gFoZnoCnspzBmbW6ZzxA4fNr3oEDlbelNZON-LjF8nOmQ%3D%3D&attredirects=2

[*]Double-clique sur Lop S&D.exe pour lancer l'installation,
[*]Puis double-clique sur le raccourci Lop S&D présent sur le Bureau.
[*]Séléctionne la langue souhaitée , puis choisis l'Option 1 (Recherche)
Le scan prend moins d'une minute.
[*]A l'issue du scan, le bloc-notes va s'ouvrir avec le résultat de la recherche.
[*]Enregistre le rapport LopR.txt sur le Bureau pour le retrouver facilement, sinon il sauvegardé à la racine de la partition système : C:\LopR.txt

@+

Silver · Answer

Encore moi ^^
Voici le rapport de LOP S&D : 


   --------------------\  Lop S&D 4.2.4-3   XP/Vista

   Microsoft Windows XP Professionnel ( v5.1.2600 ) Service Pack 2
   X86-based PC ( Multiprocessor Free :               Intel(R) Pentium(R) D CPU 2.80GHz )
   BIOS : Phoenix - AwardBIOS v6.00PG
   USER : HP_Administrateur ( Administrator )
   BOOT : Normal boot
   Antivirus : avast! antivirus 4.8.1229 [VPS 080918-0] 4.8.1229 (Activated)
   Firewall  : ZoneAlarm Firewall 7.0.483.000 (Not Activated)
   C:\ (Local Disk) - NTFS - Total : 226 Go Free : 91 Go
   D:\ (Local Disk) - FAT32 - Total : 6 Go Free : 0 Go
   E:\ (CD or DVD)
   G:\ (USB)
   H:\ (USB)
   I:\ (USB)
   J:\ (CD or DVD)
   K:\ (USB)

   "C:\Lop SD" ( MAJ : 14-09-2008|22:40 )
   Option : [1] ( 18/09/2008|23:08 )
 
   --------------------\  Listing des dossiers dans APPLIC~1  

   [15/11/2005|04:22] C:\DOCUME~1\ADMINI~1\APPLIC~1\Identities
   [03/01/2006|02:29] C:\DOCUME~1\ADMINI~1\APPLIC~1\Microsoft
   [03/01/2006|01:49] C:\DOCUME~1\ADMINI~1\APPLIC~1\Real

   [30/09/2007|21:19] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe
   [12/08/2007|20:18] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple
   [13/01/2007|21:56] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple Computer
   [08/08/2007|18:10] C:\DOCUME~1\ALLUSE~1\APPLIC~1\ATI
   [23/08/2008|07:29] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Babylon
   [16/04/2007|18:14] C:\DOCUME~1\ALLUSE~1\APPLIC~1\BVRP Software
   [12/08/2008|10:40] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Creative
   [03/01/2006|01:52] C:\DOCUME~1\ALLUSE~1\APPLIC~1\CyberLink
   [19/11/2006|19:36] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Google
   [03/01/2006|02:25] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Hewlett-Packard
   [19/11/2006|13:56] C:\DOCUME~1\ALLUSE~1\APPLIC~1\HP
   [03/01/2006|01:50] C:\DOCUME~1\ALLUSE~1\APPLIC~1\InstallShield
   [03/07/2007|15:37] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Lavasoft
   [10/12/2007|16:31] C:\DOCUME~1\ALLUSE~1\APPLIC~1\LogiShrd
   [10/12/2007|16:29] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Logitech
   [11/07/2008|11:26] C:\DOCUME~1\ALLUSE~1\APPLIC~1\MailFrontier
   [17/03/2008|19:58] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Messenger Plus!
   [19/04/2008|12:40] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft
   [26/12/2006|22:27] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Oberongames
   [22/02/2008|18:51] C:\DOCUME~1\ALLUSE~1\APPLIC~1\pixelStorm
   [17/01/2007|14:47] C:\DOCUME~1\ALLUSE~1\APPLIC~1\PlayFirst
   [03/01/2006|01:24] C:\DOCUME~1\ALLUSE~1\APPLIC~1\SBSI
   [05/04/2008|20:30] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Skype
   [31/08/2008|14:07] C:\DOCUME~1\ALLUSE~1\APPLIC~1\soft chic meet great
   [03/01/2006|01:45] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Sonic
   [23/06/2007|23:43] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Sony
   [27/08/2008|18:38] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Spybot - Search & Destroy
   [19/11/2006|18:38] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Symantec
   [19/04/2008|14:13] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Ubisoft
   [20/11/2006|20:17] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Genuine Advantage
   [13/03/2008|13:47] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WLInstaller
   [06/12/2006|20:48] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Zylom

   [15/11/2005|04:22] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Identities
   [03/01/2006|02:29] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft
   [03/01/2006|01:49] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Real

   [08/02/2008|22:41] C:\DOCUME~1\HP_ADM~1\APPLIC~1\ACAMPREF
   [16/08/2008|14:22] C:\DOCUME~1\HP_ADM~1\APPLIC~1\AccurateRip
   [04/02/2008|18:22] C:\DOCUME~1\HP_ADM~1\APPLIC~1\Adobe
   [26/05/2008|17:44] C:\DOCUME~1\HP_ADM~1\APPLIC~1\AdobeUM
   [08/01/2008|22:13] C:\DOCUME~1\HP_ADM~1\APPLIC~1\Apple Computer
   [08/08/2007|22:16] C:\DOCUME~1\HP_ADM~1\APPLIC~1\ATI
   [08/09/2007|22:26] C:\DOCUME~1\HP_ADM~1\APPLIC~1\Axialis
   [23/08/2008|07:32] C:\DOCUME~1\HP_ADM~1\APPLIC~1\Babylon
   [09/08/2008|09:49] C:\DOCUME~1\HP_ADM~1\APPLIC~1\BitTorrent
   [13/08/2008|09:15] C:\DOCUME~1\HP_ADM~1\APPLIC~1\Creative
   [10/01/2008|22:50] C:\DOCUME~1\HP_ADM~1\APPLIC~1\CyberLink
   [15/04/2007|12:13] C:\DOCUME~1\HP_ADM~1\APPLIC~1\DeepBurner
   [30/08/2008|10:28] C:\DOCUME~1\HP_ADM~1\APPLIC~1\DNA
   [20/07/2007|16:53] C:\DOCUME~1\HP_ADM~1\APPLIC~1\FontCreator
   [06/08/2008|09:48] C:\DOCUME~1\HP_ADM~1\APPLIC~1\fretsonfire
   [19/11/2006|19:10] C:\DOCUME~1\HP_ADM~1\APPLIC~1\Google
   [22/07/2008|01:34] C:\DOCUME~1\HP_ADM~1\APPLIC~1\Hamachi
   [28/11/2006|15:17] C:\DOCUME~1\HP_ADM~1\APPLIC~1\Help
   [19/11/2006|13:56] C:\DOCUME~1\HP_ADM~1\APPLIC~1\HP
   [30/11/2006|19:44] C:\DOCUME~1\HP_ADM~1\APPLIC~1\HPQ
   [14/08/2008|07:50] C:\DOCUME~1\HP_ADM~1\APPLIC~1\Identities
   [07/08/2007|16:55] C:\DOCUME~1\HP_ADM~1\APPLIC~1\InstallShield
   [07/01/2007|21:51] C:\DOCUME~1\HP_ADM~1\APPLIC~1\Leadertech
   [10/12/2007|16:31] C:\DOCUME~1\HP_ADM~1\APPLIC~1\Logitech
   [06/12/2006|19:32] C:\DOCUME~1\HP_ADM~1\APPLIC~1\Macromedia
   [14/03/2008|15:27] C:\DOCUME~1\HP_ADM~1\APPLIC~1\Media Player Classic
   [11/08/2008|14:31] C:\DOCUME~1\HP_ADM~1\APPLIC~1\Microsoft
   [27/08/2008|19:32] C:\DOCUME~1\HP_ADM~1\APPLIC~1\Mozilla
   [17/01/2007|14:47] C:\DOCUME~1\HP_ADM~1\APPLIC~1\PlayFirst
   [27/07/2008|12:21] C:\DOCUME~1\HP_ADM~1\APPLIC~1\Playwize
   [07/08/2007|16:55] C:\DOCUME~1\HP_ADM~1\APPLIC~1\Pokerwize
   [14/06/2007|01:10] C:\DOCUME~1\HP_ADM~1\APPLIC~1\PSPDocMaker
   [22/11/2006|22:46] C:\DOCUME~1\HP_ADM~1\APPLIC~1\Real
   [26/12/2007|00:00] C:\DOCUME~1\HP_ADM~1\APPLIC~1\Samsung
   [12/03/2007|19:31] C:\DOCUME~1\HP_ADM~1\APPLIC~1\Screenshot Sender
   [27/10/2007|19:43] C:\DOCUME~1\HP_ADM~1\APPLIC~1\SecuROM
   [31/07/2008|22:44] C:\DOCUME~1\HP_ADM~1\APPLIC~1\Skype
   [31/07/2008|21:19] C:\DOCUME~1\HP_ADM~1\APPLIC~1\skypePM
   [07/01/2007|21:52] C:\DOCUME~1\HP_ADM~1\APPLIC~1\Sonic
   [17/04/2007|19:58] C:\DOCUME~1\HP_ADM~1\APPLIC~1\Sony Setup
   [24/11/2006|20:20] C:\DOCUME~1\HP_ADM~1\APPLIC~1\Sun
   [21/12/2007|15:42] C:\DOCUME~1\HP_ADM~1\APPLIC~1	eamspeak2
   [05/05/2008|20:58] C:\DOCUME~1\HP_ADM~1\APPLIC~1\Template
   [10/09/2008|10:01] C:\DOCUME~1\HP_ADM~1\APPLIC~1\TOOLDEFYMEAL
   [25/07/2007|21:07] C:\DOCUME~1\HP_ADM~1\APPLIC~1\U3
   [19/04/2008|14:20] C:\DOCUME~1\HP_ADM~1\APPLIC~1\Ubisoft
   [13/03/2008|13:16] C:\DOCUME~1\HP_ADM~1\APPLIC~1\Windows Live Writer
   [13/08/2008|14:26] C:\DOCUME~1\HP_ADM~1\APPLIC~1\Zylom

   [19/11/2006|20:16] C:\DOCUME~1\LOCALS~1\APPLIC~1\Google
   [19/11/2006|20:17] C:\DOCUME~1\LOCALS~1\APPLIC~1\Macromedia
   [03/01/2006|01:15] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft

   [03/01/2006|01:15] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft
 
   --------------------\  Tâches planifiées dans C:\WINDOWS	asks

   [18/09/2008 22:49][--ah-----] C:\WINDOWS	asks\SA.DAT
   [10/08/2004 13:00][-rah-c---] C:\WINDOWS	asks\desktop.ini

   --------------------\  Listing des dossiers dans C:\Program Files

   [20/11/2006|22:34] C:\Program Files\7-Zip
   [14/08/2007|19:55] C:\Program Files\AcidMods
   [04/09/2008|17:22] C:\Program Files\Activision
   [03/01/2006|01:56] C:\Program Files\Adobe
   [30/03/2008|14:38] C:\Program Files\AGEIA Technologies
   [19/04/2007|13:44] C:\Program Files\Ahead
   [19/11/2006|18:39] C:\Program Files\Alwil Software
   [12/08/2007|20:19] C:\Program Files\Apple Software Update
   [15/04/2007|12:03] C:\Program Files\Astonsoft
   [08/08/2007|22:10] C:\Program Files\ATI Technologies
   [23/05/2008|15:33] C:\Program Files\Audacity
   [17/04/2007|21:38] C:\Program Files\AviSynth 2.5
   [08/09/2007|22:26] C:\Program Files\Axialis
   [28/11/2006|15:45] C:\Program Files\Axon Data
   [15/09/2007|18:28] C:\Program Files\Bethesda Softworks
   [08/08/2007|11:07] C:\Program Files\CCleaner
   [31/08/2008|14:06] C:\Program Files\Circle Developement
   [12/07/2008|13:09] C:\Program Files\City Interactive
   [04/05/2008|00:25] C:\Program Files\Common Files
   [12/11/2005|02:09] C:\Program Files\ComPlus Applications
   [12/08/2008|10:32] C:\Program Files\Creative
   [09/12/2007|01:03] C:\Program Files\CSO-DAX Compressor
   [04/02/2007|18:04] C:\Program Files\DAEMON Tools
   [05/02/2008|12:14] C:\Program Files\DivX
   [30/08/2008|07:49] C:\Program Files\DNA
   [08/08/2007|11:16] C:\Program Files\Driver Cleaner Pro
   [12/06/2007|17:33] C:\Program Files\Dvd-to-avi
   [12/07/2008|13:58] C:\Program Files\EA GAMES
   [03/01/2006|02:10] C:\Program Files\EasyBits
   [01/09/2007|12:47] C:\Program Files\Eidos
   [28/01/2008|19:16] C:\Program Files\Eidos Interactive
   [30/03/2008|14:38] C:\Program Files\Electronic Arts
   [18/09/2008|20:59] C:\Program Files\eMule
   [25/06/2008|19:26] C:\Program Files\EternityRO
   [05/04/2008|20:30] C:\Program Files\Fichiers communs
   [01/09/2007|13:36] C:\Program Files\GameShadow
   [03/01/2006|01:21] C:\Program Files\GemMasterFrench
   [26/01/2007|22:15] C:\Program Files\Google
   [27/06/2008|23:49] C:\Program Files\Gravity
   [08/02/2008|14:46] C:\Program Files\Guitar Pro 4
   [17/07/2007|14:40] C:\Program Files\Half Life 2
   [13/05/2008|15:29] C:\Program Files\Hamachi
   [24/06/2008|16:24] C:\Program Files\Have Any Dream
   [03/06/2008|00:28] C:\Program Files\HeavenAngelsDestinysXray
   [03/01/2006|02:10] C:\Program Files\Hewlett-Packard
   [23/06/2007|23:05] C:\Program Files\HHD Software
   [20/07/2007|16:49] C:\Program Files\High-Logic
   [28/08/2008|07:54] C:\Program Files\HIS iTurbo
   [03/01/2006|01:52] C:\Program Files\HP
   [03/01/2006|01:49] C:\Program Files\HP DigitalMedia Archive
   [05/03/2008|15:21] C:\Program Files\HyCam2
   [19/11/2006|19:31] C:\Program Files\ICRAplus
   [04/01/2008|02:03] C:\Program Files\illusion
   [16/08/2008|14:21] C:\Program Files\Illustrate
   [12/08/2008|10:31] C:\Program Files\InstallShield Installation Information
   [03/01/2006|01:40] C:\Program Files\Intel
   [18/06/2007|22:45] C:\Program Files\IntelliTamper
   [14/08/2008|21:52] C:\Program Files\Internet Explorer
   [12/08/2007|20:21] C:\Program Files\iPod
   [12/08/2007|20:21] C:\Program Files\iTunes
   [03/01/2006|01:26] C:\Program Files\Java
   [10/08/2007|21:28] C:\Program Files\KarmaRODesire
   [05/12/2006|18:43] C:\Program Files\K-Lite Codec Pack
   [03/07/2007|15:37] C:\Program Files\Lavasoft
   [16/04/2007|18:07] C:\Program Files\LiveUpdate
   [10/12/2007|16:29] C:\Program Files\Logitech
   [06/06/2008|13:52] C:\Program Files\LoS
   [08/01/2007|17:54] C:\Program Files\LucasArts
   [14/08/2008|21:55] C:\Program Files\Messenger
   [31/08/2008|14:06] C:\Program Files\Messenger Plus! Live
   [30/11/2007|01:27] C:\Program Files\Microsoft CAPICOM 2.1.0.2
   [15/11/2005|04:24] C:\Program Files\microsoft frontpage
   [21/11/2006|14:41] C:\Program Files\Microsoft Office
   [03/01/2006|01:53] C:\Program Files\Microsoft Works
   [21/11/2006|14:41] C:\Program Files\Microsoft.NET
   [29/01/2008|17:29] C:\Program Files\Midgard Of Devil
   [27/10/2007|18:05] C:\Program Files\Midway Games
   [13/08/2007|19:44] C:\Program Files\mIRC
   [16/04/2007|18:06] C:\Program Files\mobile PhoneTools
   [15/11/2005|04:24] C:\Program Files\Movie Maker
   [18/09/2008|23:07] C:\Program Files\Mozilla Firefox
   [15/11/2005|04:24] C:\Program Files\MSN
   [15/11/2005|04:25] C:\Program Files\MSN Gaming Zone
   [20/11/2006|19:54] C:\Program Files\MSXML 4.0
   [03/01/2006|01:55] C:\Program Files\muvee Technologies
   [18/09/2008|22:47] C:\Program Files\Navilog1
   [15/11/2005|04:25] C:\Program Files\NetMeeting
   [15/11/2005|04:25] C:\Program Files\Online Services
   [14/06/2007|01:31] C:\Program Files\Outlook Express
   [07/08/2007|17:57] C:\Program Files\PartoucheWize
   [29/04/2008|15:44] C:\Program Files\PBP Unpacker
   [03/01/2006|02:06] C:\Program Files\PC-Doctor 5 for Windows
   [10/05/2008|00:41] C:\Program Files\Pochette Express 2
   [17/04/2007|21:38] C:\Program Files\pspvideo9
   [12/08/2007|20:20] C:\Program Files\QuickTime
   [30/12/2006|15:37] C:\Program Files\Real
   [24/12/2007|01:33] C:\Program Files\Realtek
   [08/08/2007|11:32] C:\Program Files\RegCleaner
   [28/11/2006|15:35] C:\Program Files\Revealer
   [11/07/2008|18:19] C:\Program Files\RomStation
   [25/12/2007|23:31] C:\Program Files\Samsung
   [27/06/2007|15:38] C:\Program Files\Seagrand
   [03/01/2006|02:12] C:\Program Files\Services en ligne
   [05/04/2008|20:30] C:\Program Files\Skype
   [03/01/2006|01:50] C:\Program Files\Sonic
   [17/04/2007|19:58] C:\Program Files\Sony Setup
   [09/08/2007|01:45] C:\Program Files\Spybot - Search & Destroy
   [10/08/2008|14:51] C:\Program Files\Steam
   [19/11/2006|20:38] C:\Program Files\StofWare
   [15/04/2008|15:05] C:\Program Files\Teamspeak2_RC2_2
   [31/08/2008|14:07] C:\Program Files\TOOLDEFYMEAL
   [18/09/2008|22:58] C:\Program Files\Trend Micro
   [12/02/2008|16:51] C:\Program Files\Ubi Soft
   [12/07/2008|12:47] C:\Program Files\Ubisoft
   [08/07/2007|12:59] C:\Program Files\UltraISO
   [12/11/2005|02:09] C:\Program Files\Uninstall Information
   [19/05/2008|23:17] C:\Program Files\Way of Elendil
   [13/03/2008|13:13] C:\Program Files\Windows Live
   [20/11/2006|20:21] C:\Program Files\Windows Media Connect 2
   [12/08/2008|09:20] C:\Program Files\Windows Media Player
   [15/11/2005|04:25] C:\Program Files\Windows NT
   [15/11/2005|04:25] C:\Program Files\Windows Plus
   [12/11/2005|02:09] C:\Program Files\WindowsUpdate
   [25/06/2007|18:29] C:\Program Files\WinRAR
   [15/11/2005|04:26] C:\Program Files\xerox
   [11/08/2007|22:43] C:\Program Files\Zone Labs

   --------------------\  Listing des dossiers dans C:\Program Files\Fichiers communs

   [18/11/2006|21:07] C:\Program Files\Fichiers communs\Adobe
   [19/04/2007|13:44] C:\Program Files\Fichiers communs\Ahead
   [12/08/2007|20:18] C:\Program Files\Fichiers communs\Apple
   [08/08/2007|22:06] C:\Program Files\Fichiers communs\ATI Technologies
   [21/11/2006|14:41] C:\Program Files\Fichiers communs\DESIGNER
   [08/07/2007|12:59] C:\Program Files\Fichiers communs\EZB Systems
   [19/11/2006|13:49] C:\Program Files\Fichiers communs\Hewlett-Packard
   [03/01/2006|01:45] C:\Program Files\Fichiers communs\HP
   [03/01/2006|02:08] C:\Program Files\Fichiers communs\InstallShield
   [03/01/2006|01:26] C:\Program Files\Fichiers communs\Java
   [03/01/2006|01:51] C:\Program Files\Fichiers communs\LightScribe
   [10/12/2007|16:30] C:\Program Files\Fichiers communs\Logishrd
   [03/01/2006|01:51] C:\Program Files\Fichiers communs\LS Getting Started
   [08/07/2008|00:42] C:\Program Files\Fichiers communs\Microsoft Shared
   [15/11/2005|04:24] C:\Program Files\Fichiers communs\MSSoap
   [03/01/2006|01:54] C:\Program Files\Fichiers communs\muvee Technologies
   [15/11/2005|04:24] C:\Program Files\Fichiers communs\ODBC
   [30/12/2006|15:36] C:\Program Files\Fichiers communs\Real
   [15/11/2005|04:24] C:\Program Files\Fichiers communs\Services
   [05/04/2008|20:30] C:\Program Files\Fichiers communs\Skype
   [03/01/2006|01:50] C:\Program Files\Fichiers communs\Sonic Shared
   [15/11/2005|04:24] C:\Program Files\Fichiers communs\SpeechEngines
   [03/01/2006|01:50] C:\Program Files\Fichiers communs\SureThing Shared
   [19/11/2006|18:38] C:\Program Files\Fichiers communs\Symantec Shared
   [14/06/2007|01:31] C:\Program Files\Fichiers communs\System
   [03/01/2006|01:50] C:\Program Files\Fichiers communs\TiVo Shared
   [28/11/2007|14:26] C:\Program Files\Fichiers communs\WindowsLiveInstaller
   [30/03/2008|14:37] C:\Program Files\Fichiers communs\Wise Installation Wizard
   [03/01/2006|01:49] C:\Program Files\Fichiers communs\xing shared

   --------------------\  Process

   ( 65 Processes )

   IEXPLORE.EXE ~ [PID:672]

   --------------------\  Recherche avec S_Lop

   Aucun fichier / dossier Lop trouvé !
 
   --------------------\  Recherche de Fichiers / Dossiers Lop

   C:\DOCUME~1\ALLUSE~1\APPLIC~1\soft chic meet great
   C:\DOCUME~1\ALLUSE~1\APPLIC~1\soft chic meet great\Wma Grim.exe
   C:\Program Files\Circle Developement
   C:\Program Files\Circle Developement\Uninstall.exe
   C:\DOCUME~1\HP_ADM~1\Cookies\hp_administrateur@advertstream[1].txt
   C:\DOCUME~1\HP_ADM~1\Cookies\hp_administrateur@advertstream[2].txt
   C:\DOCUME~1\HP_ADM~1\Cookies\hp_administrateur@advertising[1].txt
   C:\DOCUME~1\HP_ADM~1\Cookies\hp_administrateur@advertising[2].txt
   C:\DOCUME~1\HP_ADM~1\Cookies\hp_administrateur@bigpoint[1].txt
   C:\DOCUME~1\HP_ADM~1\Cookies\hp_administrateur@bigpoint[2].txt
   C:\DOCUME~1\HP_ADM~1\Cookies\hp_administrateur@fr.xblaster.bigpoint[1].txt
   C:\DOCUME~1\HP_ADM~1\Cookies\hp_administrateur@fr1.darkorbit.bigpoint[1].txt
   C:\DOCUME~1\HP_ADM~1\Cookies\hp_administrateur@fr1.darkorbit.bigpoint[3].txt
   C:\DOCUME~1\HP_ADM~1\Cookies\hp_administrateur@banner.casinoking[2].txt
   C:\DOCUME~1\HP_ADM~1\Cookies\hp_administrateur@casinoking[1].txt
   C:\DOCUME~1\HP_ADM~1\Cookies\hp_administrateur@banner.cotedazurpalace[2].txt
   C:\DOCUME~1\HP_ADM~1\Cookies\hp_administrateur@cotedazurpalace[1].txt
   C:\DOCUME~1\HP_ADM~1\Cookies\hp_administrateur@www.cotedazurpalace[1].txt
   C:\DOCUME~1\HP_ADM~1\Cookies\hp_administrateur@adopt.euroclick[1].txt
   C:\DOCUME~1\HP_ADM~1\Cookies\hp_administrateur@adopt.euroclick[3].txt
   C:\DOCUME~1\HP_ADM~1\Cookies\hp_administrateur@sr2.livemediasrv[1].txt
   C:\DOCUME~1\HP_ADM~1\Cookies\hp_administrateur@sr2.livemediasrv[2].txt
   C:\DOCUME~1\HP_ADM~1\Cookies\hp_administrateur@pacificpoker[2].txt
   C:\DOCUME~1\HP_ADM~1\Cookies\hp_administrateur@partygaming.122.2o7[1].txt
   C:\DOCUME~1\HP_ADM~1\Cookies\hp_administrateur@partypoker[2].txt
   C:\DOCUME~1\HP_ADM~1\Cookies\hp_administrateur@32vegas[1].txt
   C:\DOCUME~1\HP_ADM~1\Cookies\hp_administrateur@banner.32vegas[2].txt
   C:\DOCUME~1\HP_ADM~1\Cookies\hp_administrateur@2xmoinscher[1].txt
   C:\DOCUME~1\HP_ADM~1\Cookies\hp_administrateur@2xmoinscher[2].txt
   C:\DOCUME~1\HP_ADM~1\Cookies\hp_administrateur@www.2xmoinscher[2].txt
   C:\DOCUME~1\HP_ADM~1\Cookies\hp_administrateur@www.2xmoinscher[3].txt
 
   --------------------\  Verification du Registre

   [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] 

   [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
   "meet great active lies"="C:\Documents and Settings\All Users\Application Data\soft chic meet great\Wma Grim.exe"

   --------------------\  Verification du fichier Hosts

   Fichier Hosts PROPRE


   --------------------\  Recherche de fichiers avec Catchme
 
   catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
   Rootkit scan 2008-09-18 23:10:59
   Windows 5.1.2600 Service Pack 2 NTFS
   scanning hidden processes ...
   scanning hidden files ...
   scan completed successfully
   hidden processes: 0
   hidden files: 453
 
   --------------------\  Recherche d'autres infections


   Aucune autre infection trouvée  !

   [F:40][D:5]-> C:\DOCUME~1\HP_ADM~1\LOCALS~1\Temp
   [F:1898][D:0]-> C:\DOCUME~1\HP_ADM~1\Cookies
   [F:20266][D:76]-> C:\DOCUME~1\HP_ADM~1\LOCALS~1\TEMPOR~1\content.IE5

   1 - "C:\Lop SD\LopR_1.txt" - 18/09/2008|23:15 - Option : [1]

   --------------------\  Fin du rapport a 23:15:57

g!rly · Answer

ok silver, 

t´es bon pour exécuter l´option 2 de lop sd

post le rapport stp ainsi qu´un nouveau rapport hijack this.

@+

Silver · Answer

Toujours moi! (miam miam, encore des rapports bien longs comme on les aime XD)

Le rapport LOP S&D d'abord, puis je poste le hijackthis dans un autre post pour plus de clarté : 


   --------------------\  Lop S&D 4.2.4-3   XP/Vista

   Microsoft Windows XP Professionnel ( v5.1.2600 ) Service Pack 2
   X86-based PC ( Multiprocessor Free :               Intel(R) Pentium(R) D CPU 2.80GHz )
   BIOS : Phoenix - AwardBIOS v6.00PG
   USER : HP_Administrateur ( Administrator )
   BOOT : Normal boot
   Antivirus : avast! antivirus 4.8.1229 [VPS 080918-0] 4.8.1229 (Activated)
   Firewall  : ZoneAlarm Firewall 7.0.483.000 (Not Activated)
   C:\ (Local Disk) - NTFS - Total : 226 Go Free : 91 Go
   D:\ (Local Disk) - FAT32 - Total : 6 Go Free : 0 Go
   E:\ (CD or DVD)
   G:\ (USB)
   H:\ (USB)
   I:\ (USB)
   J:\ (CD or DVD)
   K:\ (USB)

   "C:\Lop SD" ( MAJ : 14-09-2008|22:40 )
   Option : [2] ( 18/09/2008|23:29 )


   \\\\\\\\\\\\\\\ SUPPRESSION

   Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\soft chic meet great\Wma Grim.exe
   Supprime! - C:\Program Files\Circle Developement\Uninstall.exe
   Supprime! - C:\DOCUME~1\HP_ADM~1\Cookies\hp_administrateur@advertstream[1].txt
   Supprime! - C:\DOCUME~1\HP_ADM~1\Cookies\hp_administrateur@advertstream[2].txt
   Supprime! - C:\DOCUME~1\HP_ADM~1\Cookies\hp_administrateur@advertising[1].txt
   Supprime! - C:\DOCUME~1\HP_ADM~1\Cookies\hp_administrateur@advertising[2].txt
   Supprime! - C:\DOCUME~1\HP_ADM~1\Cookies\hp_administrateur@bigpoint[1].txt
   Supprime! - C:\DOCUME~1\HP_ADM~1\Cookies\hp_administrateur@bigpoint[2].txt
   Supprime! - C:\DOCUME~1\HP_ADM~1\Cookies\hp_administrateur@fr.xblaster.bigpoint[1].txt
   Supprime! - C:\DOCUME~1\HP_ADM~1\Cookies\hp_administrateur@fr1.darkorbit.bigpoint[1].txt
   Supprime! - C:\DOCUME~1\HP_ADM~1\Cookies\hp_administrateur@fr1.darkorbit.bigpoint[3].txt
   Supprime! - C:\DOCUME~1\HP_ADM~1\Cookies\hp_administrateur@banner.casinoking[2].txt
   Supprime! - C:\DOCUME~1\HP_ADM~1\Cookies\hp_administrateur@casinoking[1].txt
   Supprime! - C:\DOCUME~1\HP_ADM~1\Cookies\hp_administrateur@banner.cotedazurpalace[2].txt
   Supprime! - C:\DOCUME~1\HP_ADM~1\Cookies\hp_administrateur@cotedazurpalace[1].txt
   Supprime! - C:\DOCUME~1\HP_ADM~1\Cookies\hp_administrateur@www.cotedazurpalace[1].txt
   Supprime! - C:\DOCUME~1\HP_ADM~1\Cookies\hp_administrateur@adopt.euroclick[1].txt
   Supprime! - C:\DOCUME~1\HP_ADM~1\Cookies\hp_administrateur@adopt.euroclick[3].txt
   Supprime! - C:\DOCUME~1\HP_ADM~1\Cookies\hp_administrateur@sr2.livemediasrv[1].txt
   Supprime! - C:\DOCUME~1\HP_ADM~1\Cookies\hp_administrateur@sr2.livemediasrv[2].txt
   Supprime! - C:\DOCUME~1\HP_ADM~1\Cookies\hp_administrateur@pacificpoker[2].txt
   Supprime! - C:\DOCUME~1\HP_ADM~1\Cookies\hp_administrateur@partygaming.122.2o7[1].txt
   Supprime! - C:\DOCUME~1\HP_ADM~1\Cookies\hp_administrateur@partypoker[2].txt
   Supprime! - C:\DOCUME~1\HP_ADM~1\Cookies\hp_administrateur@32vegas[1].txt
   Supprime! - C:\DOCUME~1\HP_ADM~1\Cookies\hp_administrateur@banner.32vegas[2].txt
   Supprime! - C:\DOCUME~1\HP_ADM~1\Cookies\hp_administrateur@2xmoinscher[1].txt
   Supprime! - C:\DOCUME~1\HP_ADM~1\Cookies\hp_administrateur@2xmoinscher[2].txt
   Supprime! - C:\DOCUME~1\HP_ADM~1\Cookies\hp_administrateur@www.2xmoinscher[2].txt
   Supprime! - C:\DOCUME~1\HP_ADM~1\Cookies\hp_administrateur@www.2xmoinscher[3].txt
   Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\soft chic meet great
   Supprime! - C:\Program Files\Circle Developement
   -
   [ Fichier Hosts ] .. Restaure!
 
   \\\\\\\\\\\\\\\ 

 
   --------------------\  Listing des dossiers dans APPLIC~1  

   [15/11/2005|04:22] C:\DOCUME~1\ADMINI~1\APPLIC~1\Identities
   [03/01/2006|02:29] C:\DOCUME~1\ADMINI~1\APPLIC~1\Microsoft
   [03/01/2006|01:49] C:\DOCUME~1\ADMINI~1\APPLIC~1\Real

   [30/09/2007|21:19] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe
   [12/08/2007|20:18] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple
   [13/01/2007|21:56] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple Computer
   [08/08/2007|18:10] C:\DOCUME~1\ALLUSE~1\APPLIC~1\ATI
   [23/08/2008|07:29] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Babylon
   [16/04/2007|18:14] C:\DOCUME~1\ALLUSE~1\APPLIC~1\BVRP Software
   [12/08/2008|10:40] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Creative
   [03/01/2006|01:52] C:\DOCUME~1\ALLUSE~1\APPLIC~1\CyberLink
   [19/11/2006|19:36] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Google
   [03/01/2006|02:25] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Hewlett-Packard
   [19/11/2006|13:56] C:\DOCUME~1\ALLUSE~1\APPLIC~1\HP
   [03/01/2006|01:50] C:\DOCUME~1\ALLUSE~1\APPLIC~1\InstallShield
   [03/07/2007|15:37] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Lavasoft
   [10/12/2007|16:31] C:\DOCUME~1\ALLUSE~1\APPLIC~1\LogiShrd
   [10/12/2007|16:29] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Logitech
   [11/07/2008|11:26] C:\DOCUME~1\ALLUSE~1\APPLIC~1\MailFrontier
   [17/03/2008|19:58] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Messenger Plus!
   [19/04/2008|12:40] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft
   [26/12/2006|22:27] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Oberongames
   [22/02/2008|18:51] C:\DOCUME~1\ALLUSE~1\APPLIC~1\pixelStorm
   [17/01/2007|14:47] C:\DOCUME~1\ALLUSE~1\APPLIC~1\PlayFirst
   [03/01/2006|01:24] C:\DOCUME~1\ALLUSE~1\APPLIC~1\SBSI
   [05/04/2008|20:30] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Skype
   [03/01/2006|01:45] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Sonic
   [23/06/2007|23:43] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Sony
   [27/08/2008|18:38] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Spybot - Search & Destroy
   [19/11/2006|18:38] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Symantec
   [19/04/2008|14:13] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Ubisoft
   [20/11/2006|20:17] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Genuine Advantage
   [13/03/2008|13:47] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WLInstaller
   [06/12/2006|20:48] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Zylom

   [15/11/2005|04:22] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Identities
   [03/01/2006|02:29] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft
   [03/01/2006|01:49] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Real

   [08/02/2008|22:41] C:\DOCUME~1\HP_ADM~1\APPLIC~1\ACAMPREF
   [16/08/2008|14:22] C:\DOCUME~1\HP_ADM~1\APPLIC~1\AccurateRip
   [04/02/2008|18:22] C:\DOCUME~1\HP_ADM~1\APPLIC~1\Adobe
   [26/05/2008|17:44] C:\DOCUME~1\HP_ADM~1\APPLIC~1\AdobeUM
   [08/01/2008|22:13] C:\DOCUME~1\HP_ADM~1\APPLIC~1\Apple Computer
   [08/08/2007|22:16] C:\DOCUME~1\HP_ADM~1\APPLIC~1\ATI
   [08/09/2007|22:26] C:\DOCUME~1\HP_ADM~1\APPLIC~1\Axialis
   [23/08/2008|07:32] C:\DOCUME~1\HP_ADM~1\APPLIC~1\Babylon
   [09/08/2008|09:49] C:\DOCUME~1\HP_ADM~1\APPLIC~1\BitTorrent
   [13/08/2008|09:15] C:\DOCUME~1\HP_ADM~1\APPLIC~1\Creative
   [10/01/2008|22:50] C:\DOCUME~1\HP_ADM~1\APPLIC~1\CyberLink
   [15/04/2007|12:13] C:\DOCUME~1\HP_ADM~1\APPLIC~1\DeepBurner
   [30/08/2008|10:28] C:\DOCUME~1\HP_ADM~1\APPLIC~1\DNA
   [20/07/2007|16:53] C:\DOCUME~1\HP_ADM~1\APPLIC~1\FontCreator
   [06/08/2008|09:48] C:\DOCUME~1\HP_ADM~1\APPLIC~1\fretsonfire
   [19/11/2006|19:10] C:\DOCUME~1\HP_ADM~1\APPLIC~1\Google
   [22/07/2008|01:34] C:\DOCUME~1\HP_ADM~1\APPLIC~1\Hamachi
   [28/11/2006|15:17] C:\DOCUME~1\HP_ADM~1\APPLIC~1\Help
   [19/11/2006|13:56] C:\DOCUME~1\HP_ADM~1\APPLIC~1\HP
   [30/11/2006|19:44] C:\DOCUME~1\HP_ADM~1\APPLIC~1\HPQ
   [14/08/2008|07:50] C:\DOCUME~1\HP_ADM~1\APPLIC~1\Identities
   [07/08/2007|16:55] C:\DOCUME~1\HP_ADM~1\APPLIC~1\InstallShield
   [07/01/2007|21:51] C:\DOCUME~1\HP_ADM~1\APPLIC~1\Leadertech
   [10/12/2007|16:31] C:\DOCUME~1\HP_ADM~1\APPLIC~1\Logitech
   [06/12/2006|19:32] C:\DOCUME~1\HP_ADM~1\APPLIC~1\Macromedia
   [14/03/2008|15:27] C:\DOCUME~1\HP_ADM~1\APPLIC~1\Media Player Classic
   [11/08/2008|14:31] C:\DOCUME~1\HP_ADM~1\APPLIC~1\Microsoft
   [27/08/2008|19:32] C:\DOCUME~1\HP_ADM~1\APPLIC~1\Mozilla
   [17/01/2007|14:47] C:\DOCUME~1\HP_ADM~1\APPLIC~1\PlayFirst
   [27/07/2008|12:21] C:\DOCUME~1\HP_ADM~1\APPLIC~1\Playwize
   [07/08/2007|16:55] C:\DOCUME~1\HP_ADM~1\APPLIC~1\Pokerwize
   [14/06/2007|01:10] C:\DOCUME~1\HP_ADM~1\APPLIC~1\PSPDocMaker
   [22/11/2006|22:46] C:\DOCUME~1\HP_ADM~1\APPLIC~1\Real
   [26/12/2007|00:00] C:\DOCUME~1\HP_ADM~1\APPLIC~1\Samsung
   [12/03/2007|19:31] C:\DOCUME~1\HP_ADM~1\APPLIC~1\Screenshot Sender
   [27/10/2007|19:43] C:\DOCUME~1\HP_ADM~1\APPLIC~1\SecuROM
   [31/07/2008|22:44] C:\DOCUME~1\HP_ADM~1\APPLIC~1\Skype
   [31/07/2008|21:19] C:\DOCUME~1\HP_ADM~1\APPLIC~1\skypePM
   [07/01/2007|21:52] C:\DOCUME~1\HP_ADM~1\APPLIC~1\Sonic
   [17/04/2007|19:58] C:\DOCUME~1\HP_ADM~1\APPLIC~1\Sony Setup
   [24/11/2006|20:20] C:\DOCUME~1\HP_ADM~1\APPLIC~1\Sun
   [21/12/2007|15:42] C:\DOCUME~1\HP_ADM~1\APPLIC~1	eamspeak2
   [05/05/2008|20:58] C:\DOCUME~1\HP_ADM~1\APPLIC~1\Template
   [10/09/2008|10:01] C:\DOCUME~1\HP_ADM~1\APPLIC~1\TOOLDEFYMEAL
   [25/07/2007|21:07] C:\DOCUME~1\HP_ADM~1\APPLIC~1\U3
   [19/04/2008|14:20] C:\DOCUME~1\HP_ADM~1\APPLIC~1\Ubisoft
   [13/03/2008|13:16] C:\DOCUME~1\HP_ADM~1\APPLIC~1\Windows Live Writer
   [13/08/2008|14:26] C:\DOCUME~1\HP_ADM~1\APPLIC~1\Zylom

   [19/11/2006|20:16] C:\DOCUME~1\LOCALS~1\APPLIC~1\Google
   [19/11/2006|20:17] C:\DOCUME~1\LOCALS~1\APPLIC~1\Macromedia
   [03/01/2006|01:15] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft

   [03/01/2006|01:15] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft
 
   --------------------\  Tâches planifiées dans C:\WINDOWS	asks

   [18/09/2008 22:49][--ah-----] C:\WINDOWS	asks\SA.DAT
   [10/08/2004 13:00][-rah-c---] C:\WINDOWS	asks\desktop.ini

   --------------------\  Listing des dossiers dans C:\Program Files

   [20/11/2006|22:34] C:\Program Files\7-Zip
   [14/08/2007|19:55] C:\Program Files\AcidMods
   [04/09/2008|17:22] C:\Program Files\Activision
   [03/01/2006|01:56] C:\Program Files\Adobe
   [30/03/2008|14:38] C:\Program Files\AGEIA Technologies
   [19/04/2007|13:44] C:\Program Files\Ahead
   [19/11/2006|18:39] C:\Program Files\Alwil Software
   [12/08/2007|20:19] C:\Program Files\Apple Software Update
   [15/04/2007|12:03] C:\Program Files\Astonsoft
   [08/08/2007|22:10] C:\Program Files\ATI Technologies
   [23/05/2008|15:33] C:\Program Files\Audacity
   [17/04/2007|21:38] C:\Program Files\AviSynth 2.5
   [08/09/2007|22:26] C:\Program Files\Axialis
   [28/11/2006|15:45] C:\Program Files\Axon Data
   [15/09/2007|18:28] C:\Program Files\Bethesda Softworks
   [08/08/2007|11:07] C:\Program Files\CCleaner
   [12/07/2008|13:09] C:\Program Files\City Interactive
   [04/05/2008|00:25] C:\Program Files\Common Files
   [12/11/2005|02:09] C:\Program Files\ComPlus Applications
   [12/08/2008|10:32] C:\Program Files\Creative
   [09/12/2007|01:03] C:\Program Files\CSO-DAX Compressor
   [04/02/2007|18:04] C:\Program Files\DAEMON Tools
   [05/02/2008|12:14] C:\Program Files\DivX
   [30/08/2008|07:49] C:\Program Files\DNA
   [08/08/2007|11:16] C:\Program Files\Driver Cleaner Pro
   [12/06/2007|17:33] C:\Program Files\Dvd-to-avi
   [12/07/2008|13:58] C:\Program Files\EA GAMES
   [03/01/2006|02:10] C:\Program Files\EasyBits
   [01/09/2007|12:47] C:\Program Files\Eidos
   [28/01/2008|19:16] C:\Program Files\Eidos Interactive
   [30/03/2008|14:38] C:\Program Files\Electronic Arts
   [18/09/2008|20:59] C:\Program Files\eMule
   [25/06/2008|19:26] C:\Program Files\EternityRO
   [05/04/2008|20:30] C:\Program Files\Fichiers communs
   [01/09/2007|13:36] C:\Program Files\GameShadow
   [03/01/2006|01:21] C:\Program Files\GemMasterFrench
   [26/01/2007|22:15] C:\Program Files\Google
   [27/06/2008|23:49] C:\Program Files\Gravity
   [08/02/2008|14:46] C:\Program Files\Guitar Pro 4
   [17/07/2007|14:40] C:\Program Files\Half Life 2
   [13/05/2008|15:29] C:\Program Files\Hamachi
   [24/06/2008|16:24] C:\Program Files\Have Any Dream
   [03/06/2008|00:28] C:\Program Files\HeavenAngelsDestinysXray
   [03/01/2006|02:10] C:\Program Files\Hewlett-Packard
   [23/06/2007|23:05] C:\Program Files\HHD Software
   [20/07/2007|16:49] C:\Program Files\High-Logic
   [28/08/2008|07:54] C:\Program Files\HIS iTurbo
   [03/01/2006|01:52] C:\Program Files\HP
   [03/01/2006|01:49] C:\Program Files\HP DigitalMedia Archive
   [05/03/2008|15:21] C:\Program Files\HyCam2
   [19/11/2006|19:31] C:\Program Files\ICRAplus
   [04/01/2008|02:03] C:\Program Files\illusion
   [16/08/2008|14:21] C:\Program Files\Illustrate
   [12/08/2008|10:31] C:\Program Files\InstallShield Installation Information
   [03/01/2006|01:40] C:\Program Files\Intel
   [18/06/2007|22:45] C:\Program Files\IntelliTamper
   [14/08/2008|21:52] C:\Program Files\Internet Explorer
   [12/08/2007|20:21] C:\Program Files\iPod
   [12/08/2007|20:21] C:\Program Files\iTunes
   [03/01/2006|01:26] C:\Program Files\Java
   [10/08/2007|21:28] C:\Program Files\KarmaRODesire
   [05/12/2006|18:43] C:\Program Files\K-Lite Codec Pack
   [03/07/2007|15:37] C:\Program Files\Lavasoft
   [16/04/2007|18:07] C:\Program Files\LiveUpdate
   [10/12/2007|16:29] C:\Program Files\Logitech
   [06/06/2008|13:52] C:\Program Files\LoS
   [08/01/2007|17:54] C:\Program Files\LucasArts
   [14/08/2008|21:55] C:\Program Files\Messenger
   [31/08/2008|14:06] C:\Program Files\Messenger Plus! Live
   [30/11/2007|01:27] C:\Program Files\Microsoft CAPICOM 2.1.0.2
   [15/11/2005|04:24] C:\Program Files\microsoft frontpage
   [21/11/2006|14:41] C:\Program Files\Microsoft Office
   [03/01/2006|01:53] C:\Program Files\Microsoft Works
   [21/11/2006|14:41] C:\Program Files\Microsoft.NET
   [29/01/2008|17:29] C:\Program Files\Midgard Of Devil
   [27/10/2007|18:05] C:\Program Files\Midway Games
   [13/08/2007|19:44] C:\Program Files\mIRC
   [16/04/2007|18:06] C:\Program Files\mobile PhoneTools
   [15/11/2005|04:24] C:\Program Files\Movie Maker
   [18/09/2008|23:17] C:\Program Files\Mozilla Firefox
   [15/11/2005|04:24] C:\Program Files\MSN
   [15/11/2005|04:25] C:\Program Files\MSN Gaming Zone
   [20/11/2006|19:54] C:\Program Files\MSXML 4.0
   [03/01/2006|01:55] C:\Program Files\muvee Technologies
   [18/09/2008|22:47] C:\Program Files\Navilog1
   [15/11/2005|04:25] C:\Program Files\NetMeeting
   [15/11/2005|04:25] C:\Program Files\Online Services
   [14/06/2007|01:31] C:\Program Files\Outlook Express
   [07/08/2007|17:57] C:\Program Files\PartoucheWize
   [29/04/2008|15:44] C:\Program Files\PBP Unpacker
   [03/01/2006|02:06] C:\Program Files\PC-Doctor 5 for Windows
   [10/05/2008|00:41] C:\Program Files\Pochette Express 2
   [17/04/2007|21:38] C:\Program Files\pspvideo9
   [12/08/2007|20:20] C:\Program Files\QuickTime
   [30/12/2006|15:37] C:\Program Files\Real
   [24/12/2007|01:33] C:\Program Files\Realtek
   [08/08/2007|11:32] C:\Program Files\RegCleaner
   [28/11/2006|15:35] C:\Program Files\Revealer
   [11/07/2008|18:19] C:\Program Files\RomStation
   [25/12/2007|23:31] C:\Program Files\Samsung
   [27/06/2007|15:38] C:\Program Files\Seagrand
   [03/01/2006|02:12] C:\Program Files\Services en ligne
   [05/04/2008|20:30] C:\Program Files\Skype
   [03/01/2006|01:50] C:\Program Files\Sonic
   [17/04/2007|19:58] C:\Program Files\Sony Setup
   [09/08/2007|01:45] C:\Program Files\Spybot - Search & Destroy
   [10/08/2008|14:51] C:\Program Files\Steam
   [19/11/2006|20:38] C:\Program Files\StofWare
   [15/04/2008|15:05] C:\Program Files\Teamspeak2_RC2_2
   [31/08/2008|14:07] C:\Program Files\TOOLDEFYMEAL
   [18/09/2008|22:58] C:\Program Files\Trend Micro
   [12/02/2008|16:51] C:\Program Files\Ubi Soft
   [12/07/2008|12:47] C:\Program Files\Ubisoft
   [08/07/2007|12:59] C:\Program Files\UltraISO
   [12/11/2005|02:09] C:\Program Files\Uninstall Information
   [19/05/2008|23:17] C:\Program Files\Way of Elendil
   [13/03/2008|13:13] C:\Program Files\Windows Live
   [20/11/2006|20:21] C:\Program Files\Windows Media Connect 2
   [12/08/2008|09:20] C:\Program Files\Windows Media Player
   [15/11/2005|04:25] C:\Program Files\Windows NT
   [15/11/2005|04:25] C:\Program Files\Windows Plus
   [12/11/2005|02:09] C:\Program Files\WindowsUpdate
   [25/06/2007|18:29] C:\Program Files\WinRAR
   [15/11/2005|04:26] C:\Program Files\xerox
   [11/08/2007|22:43] C:\Program Files\Zone Labs

   --------------------\  Listing des dossiers dans C:\Program Files\Fichiers communs

   [18/11/2006|21:07] C:\Program Files\Fichiers communs\Adobe
   [19/04/2007|13:44] C:\Program Files\Fichiers communs\Ahead
   [12/08/2007|20:18] C:\Program Files\Fichiers communs\Apple
   [08/08/2007|22:06] C:\Program Files\Fichiers communs\ATI Technologies
   [21/11/2006|14:41] C:\Program Files\Fichiers communs\DESIGNER
   [08/07/2007|12:59] C:\Program Files\Fichiers communs\EZB Systems
   [19/11/2006|13:49] C:\Program Files\Fichiers communs\Hewlett-Packard
   [03/01/2006|01:45] C:\Program Files\Fichiers communs\HP
   [03/01/2006|02:08] C:\Program Files\Fichiers communs\InstallShield
   [03/01/2006|01:26] C:\Program Files\Fichiers communs\Java
   [03/01/2006|01:51] C:\Program Files\Fichiers communs\LightScribe
   [10/12/2007|16:30] C:\Program Files\Fichiers communs\Logishrd
   [03/01/2006|01:51] C:\Program Files\Fichiers communs\LS Getting Started
   [08/07/2008|00:42] C:\Program Files\Fichiers communs\Microsoft Shared
   [15/11/2005|04:24] C:\Program Files\Fichiers communs\MSSoap
   [03/01/2006|01:54] C:\Program Files\Fichiers communs\muvee Technologies
   [15/11/2005|04:24] C:\Program Files\Fichiers communs\ODBC
   [30/12/2006|15:36] C:\Program Files\Fichiers communs\Real
   [15/11/2005|04:24] C:\Program Files\Fichiers communs\Services
   [05/04/2008|20:30] C:\Program Files\Fichiers communs\Skype
   [03/01/2006|01:50] C:\Program Files\Fichiers communs\Sonic Shared
   [15/11/2005|04:24] C:\Program Files\Fichiers communs\SpeechEngines
   [03/01/2006|01:50] C:\Program Files\Fichiers communs\SureThing Shared
   [19/11/2006|18:38] C:\Program Files\Fichiers communs\Symantec Shared
   [14/06/2007|01:31] C:\Program Files\Fichiers communs\System
   [03/01/2006|01:50] C:\Program Files\Fichiers communs\TiVo Shared
   [28/11/2007|14:26] C:\Program Files\Fichiers communs\WindowsLiveInstaller
   [30/03/2008|14:37] C:\Program Files\Fichiers communs\Wise Installation Wizard
   [03/01/2006|01:49] C:\Program Files\Fichiers communs\xing shared

   --------------------\  Process

   ( 63 Processes )

   ... OK !

   --------------------\  Recherche avec S_Lop

   Aucun fichier / dossier Lop trouvé !
 
   --------------------\  Recherche de Fichiers / Dossiers Lop

   Aucun fichier / dossier Lop trouvé ! 
 
   --------------------\  Verification du Registre
 
   ..... OK !

   --------------------\  Verification du fichier Hosts

   Fichier Hosts PROPRE


   --------------------\  Recherche de fichiers avec Catchme
 
   catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
   Rootkit scan 2008-09-18 23:32:32
   Windows 5.1.2600 Service Pack 2 NTFS
   scanning hidden processes ...
   scanning hidden files ...
   scan completed successfully
   hidden processes: 0
   hidden files: 453
 
   --------------------\  Recherche d'autres infections


   Aucune autre infection trouvée  !

   [F:40][D:7]-> C:\DOCUME~1\HP_ADM~1\LOCALS~1\Temp
   [F:1872][D:0]-> C:\DOCUME~1\HP_ADM~1\Cookies
   [F:20346][D:76]-> C:\DOCUME~1\HP_ADM~1\LOCALS~1\TEMPOR~1\content.IE5

   1 - "C:\Lop SD\LopR_1.txt" - 18/09/2008|23:15 - Option : [1]
   2 - "C:\Lop SD\LopR_2.txt" - 18/09/2008|23:34 - Option : [2]

   --------------------\  Fin du rapport a 23:34:47

Silver · Answer

Et le rapport Hijackthis donc : 

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 23:37:42, on 18/09/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16705)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Intel\IntelDH\Intel(R) Quick Resume Technology Drivers\Elservice.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\system32\dllhost.exe
C:\WINDOWS\ehome\ehtray.exe
C:\Program Files\HP DigitalMedia Archive\DMAScheduler.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Revealer\Revealer Free Edition\revealer.exe
C:\WINDOWS\eHome\ehmsas.exe
C:\Program Files\HIS iTurbo\iTurbo.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\ATI Technologies\ATI.ACE\CLI.EXE
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\Program Files\Creative\MediaSource\Detector\CTDetect.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files\ATI Technologies\ATI.ACE\mace.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\HP\KBD\KBD.EXE
c:\windows\system\hpsysdrv.exe
C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Java\jre1.5.0_06\bin\jucheck.exe
C:\Program Files\Microsoft Office\OFFICE11\WINWORD.EXE
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr?cobrand=hp-desktop.msn.com&ocid=HPDHP&pc=HPDTDF
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://fr.search.yahoo.com/?fr=cb-hp06
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = https://fr.search.yahoo.com/?fr=cb-hp06
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar3.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar3.dll
O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe
O4 - HKLM\..\Run: [ftutil2] rundll32.exe ftutil2.dll,SetWriteCacheMode
O4 - HKLM\..\Run: [DMAScheduler] "c:\Program Files\HP DigitalMedia Archive\DMAScheduler.exe"
O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE
O4 - HKLM\..\Run: [HPBootOp] "C:\Program Files\Hewlett-Packard\HP Boot Optimizer\HPBootOp.exe" /run
O4 - HKLM\..\Run: [Reminder] "C:\Windows\Creator\Remind_XP.exe"
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [Revealer] C:\Program Files\Revealer\Revealer Free Edition\revealer.exe /b
O4 - HKLM\..\Run: [ATICCC] "C:\Program Files\ATI Technologies\ATI.ACE\CLIStart.exe"
O4 - HKLM\..\Run: [iTurbo] "C:\Program Files\HIS iTurbo\iTurbo.exe" /s
O4 - HKLM\..\Run: [Logitech Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKLM\..\Run: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [Babylon Client] C:\Program Files\Babylon\Babylon-Pro\Babylon.exe -AutoStart
O4 - HKCU\..\Run: [Creative Detector] C:\Program Files\Creative\MediaSource\Detector\CTDetect.exe /R
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [64 bib] C:\DOCUME~1\HP_ADM~1\APPLIC~1\TOOLDE~1\Winprogram.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - S-1-5-18 Startup: Pin.lnk = C:\hp\bin\CLOAKER.EXE (User 'SYSTEM')
O4 - S-1-5-18 Startup: PinMcLnk.lnk = C:\hp\bin\cloaker.exe (User 'SYSTEM')
O4 - .DEFAULT Startup: Pin.lnk = C:\hp\bin\CLOAKER.EXE (User 'Default user')
O4 - .DEFAULT Startup: PinMcLnk.lnk = C:\hp\bin\cloaker.exe (User 'Default user')
O4 - .DEFAULT User Startup: Pin.lnk = C:\hp\bin\CLOAKER.EXE (User 'Default user')
O4 - .DEFAULT User Startup: PinMcLnk.lnk = C:\hp\bin\cloaker.exe (User 'Default user')
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Translate with &Babylon - res://C:\Program Files\Babylon\Babylon-Pro\Utils\BabylonIEPI.dll/Translate.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Aide à la connexion - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm
O9 - Extra 'Tools' menuitem: Aide à la connexion - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O12 - Plugin for .mu3: C:\Program Files\Internet Explorer\Plugins\NPMyrMus.dll
O12 - Plugin for .mus: C:\Program Files\Internet Explorer\Plugins\NPMyrMus.dll
O12 - Plugin for .mut: C:\Program Files\Internet Explorer\Plugins\NPMyrMus.dll
O12 - Plugin for .myr: C:\Program Files\Internet Explorer\Plugins\NPMyrMus.dll
O12 - Plugin for .xmz: C:\Program Files\Internet Explorer\Plugins\NPMyrMus.dll
O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} (Facebook Photo Uploader 5) - http://upload.facebook.com/controls/FacebookPhotoUploader5.cab
O16 - DPF: {193C772A-87BE-4B19-A7BB-445B226FE9A1} (ewidoOnlineScan Control) - http://downloads.ewido.net/ewidoOnlineScan.cab
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab
O16 - DPF: {4A85DBE0-BFB2-4119-8401-186A7C6EB653} - http://messenger.zone.msn.com/binary/MJSS.cab69309.cab
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://messenger.zone.msn.com/binary/ZIntro.cab56649.cab
O16 - DPF: {BD393C14-72AD-4790-A095-76522973D6B8} (CBreakshotControl Class) - http://messenger.zone.msn.com/binary/Bankshot.cab57213.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O16 - DPF: {E1342154-4889-42B5-BEF6-19237577048F} (OberongamesLoader Object) - http://www.gamenext.fr/online/online2/bejeweled2/Oberongamesloader.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft AB - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Intel(R) Quick Resume technology (ELService) - Intel Corporation - C:\Program Files\Intel\IntelDH\Intel(R) Quick Resume Technology Drivers\Elservice.exe
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: RDFLabel - Unknown owner - C:\Program Files\ICRAplus\RDFLabel\RDFLabel.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe

g!rly · Answer

Ok 

je prefererais des rapports court crois moi LOL

a l´aide de hijack this coche et fix :

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O4 - HKLM\..\Run: [HPBootOp] "C:\Program Files\Hewlett-Packard\HP Boot Optimizer\HPBootOp.exe" /run
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} (Facebook Photo Uploader 5) - http://upload.facebook.com/controls/FacebookPhotoUploader5.cab
O16 - DPF: {193C772A-87BE-4B19-A7BB-445B226FE9A1} (ewidoOnlineScan Control) - http://downloads.ewido.net/ewidoOnlineScan.cab 
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O16 - DPF: {E1342154-4889-42B5-BEF6-19237577048F} (OberongamesLoader Object) - http://www.gamenext.fr/online/online2/bejeweled2/Oberongamesloader.cab 

comment fixer :

Tutoriel d´utilisation (video) : (Merci a Balltrap34 pour cette réalisation)

-> http://perso.orange.fr/rginformatique/section%20virus/demohijack.htm

puis

important :

ta version de acrobat reader n´est pas a jour, tu veux la derniere verion en date alors desinstale ta version par le panneau de configuration / ajoue et suppression de programme

et instale la derniere :

https://get2.adobe.com/reader/otherversions/

ou oublie completement acrobat reader et instales foxit plus léger a la place:

https://www.clubic.com/telecharger-fiche13808-foxit-reader.html

et

regarde ce tutorial pour mettre ta console java a jour :
 
https://www.malekal.com/maintenir-java-adobe-reader-et-le-player-flash-a-jour/

ps : ne te trompes pas; sur la même page il y a aussi le tutoriel de flash...

puis pour finir :

Fais un scan avec cet antispyware :

Telecharge malwarebytes + tutoriel :

-> https://www.malekal.com/tutoriel-malwarebyte-anti-malware/

Tu l´instale; le programme va se mettre automatiquement a jour.

Une fois a jour, le programme va se lancer; click sur l´onglet parametre, et coche la case : "Arreter internet explorer pendant la suppression".

Click maintenant sur l´onglet recherche et coche la case : "executer un examun complet".

Puis click sur "rechercher".

Laisse le scanner le pc... 

Si des elements on ete trouvés > click sur supprimer la selection.

si il t´es demandé de redemarrer > click sur "yes".

A la fin un rapport va s´ouvrir; sauvegarde le de maniere a le retrouver en vu de le poster sur le forum.

Copie et colle le rapport stp.

@+

Silver · Answer

Voilà, j'ai suivi tous tes conseils à la lettre, tout s'est bien passé ^^

Voici le rapport malwarebytes : 

Malwarebytes' Anti-Malware 1.28
Version de la base de données: 1171
Windows 5.1.2600 Service Pack 2

19/09/2008 00:37:15
mbam-log-2008-09-19 (00-37-15).txt

Type de recherche: Examen rapide
Eléments examinés: 72191
Temps écoulé: 18 minute(s), 29 second(s)

Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 0
Valeur(s) du Registre infectée(s): 0
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 0
Fichier(s) infecté(s): 0

Processus mémoire infecté(s):
(Aucun élément nuisible détecté)

Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)

Clé(s) du Registre infectée(s):
(Aucun élément nuisible détecté)

Valeur(s) du Registre infectée(s):
(Aucun élément nuisible détecté)

Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)

Dossier(s) infecté(s):
(Aucun élément nuisible détecté)

Fichier(s) infecté(s):
(Aucun élément nuisible détecté)

Y'a t'il autre chose à faire maintenant? Sinon, j'ai une autre question : avoir été infecté par ce machin veut-il dire que je suis mal protégé, ou bien est-ce que c'est à cause d'un programme qui a été installé volontairement? (vu que je ne suis pas le seul utilisateur du PC, je ne peux pas tout contrôler... malheureusement T_T)
J'utilise actuellement Avast et ZoneAlarm, j'espère que c'est une bonne protection =/
Voili voilou, pour l'instant je vais prendre un repos bien mérité, suite au prochain épisode XD
En tout cas, grand merci pour ton aide =)

moe · Answer

Salut Silver, G!rly

G!rly, il reste encore deux dossiers relatifs à l'infection Lop :

C:\Program Files\TOOLDEFYMEAL 
C:\DOCUME~1\HP_ADM~1\APPLIC~1\TOOLDEFYMEAL 
+ l'entrée dans le registre :
O4 - HKCU\..\Run: [64 bib] C:\DOCUME~1\HP_ADM~1\APPLIC~1\TOOLDE~1\Winprogram.exe 

Bonne continuation !

Silver · Answer

Salut Moe et merci pour l'aide, j'ai viré manuellement : 

C:\Program Files\TOOLDEFYMEAL 
et
C:\DOCUME~1\HP_ADM~1\APPLIC~1\TOOLDEFYMEAL

Et j'ai supprimé via Hijackthis : 
O4 - HKCU\..\Run: [64 bib] C:\DOCUME~1\HP_ADM~1\APPLIC~1\TOOLDE~1\Winprogram.exe

Voili voilou, j'attends la suite des opérations ^^

g!rly · Answer

Salut Silver, Moe

Comment n´ai-je pas vu ? Je suis impardonnable ! Heureusement que tu es la Moe ;) Merci`

Silver, tu as donc supprimés les dossiers :)

Post un dernier rapport hijack this stp et précise tes soucis.

@+

Silver · Answer

Salut salut ^^
Alors, voici donc le rapport Hijackthis. Je precise que depuis qu'on a supprimé tous ces trucs-machins, je n'ai plus de pop up intempestifs, c'est bon signe =)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 21:39:11, on 19/09/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16705)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Intel\IntelDH\Intel(R) Quick Resume Technology Drivers\Elservice.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\system32\dllhost.exe
C:\WINDOWS\ehome\ehtray.exe
C:\Program Files\HP DigitalMedia Archive\DMAScheduler.exe
C:\WINDOWS\eHome\ehmsas.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Revealer\Revealer Free Edition\revealer.exe
C:\Program Files\HIS iTurbo\iTurbo.exe
C:\Program Files\ATI Technologies\ATI.ACE\CLI.EXE
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
C:\Program Files\Creative\MediaSource\Detector\CTDetect.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files\ATI Technologies\ATI.ACE\mace.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr?cobrand=hp-desktop.msn.com&ocid=HPDHP&pc=HPDTDF
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://fr.search.yahoo.com/?fr=cb-hp06
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = https://fr.search.yahoo.com/?fr=cb-hp06
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar3.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar3.dll
O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe
O4 - HKLM\..\Run: [ftutil2] rundll32.exe ftutil2.dll,SetWriteCacheMode
O4 - HKLM\..\Run: [DMAScheduler] "c:\Program Files\HP DigitalMedia Archive\DMAScheduler.exe"
O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE
O4 - HKLM\..\Run: [Reminder] "C:\Windows\Creator\Remind_XP.exe"
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [Revealer] C:\Program Files\Revealer\Revealer Free Edition\revealer.exe /b
O4 - HKLM\..\Run: [ATICCC] "C:\Program Files\ATI Technologies\ATI.ACE\CLIStart.exe"
O4 - HKLM\..\Run: [iTurbo] "C:\Program Files\HIS iTurbo\iTurbo.exe" /s
O4 - HKLM\..\Run: [Logitech Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKLM\..\Run: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM\..\Run: [Babylon Client] C:\Program Files\Babylon\Babylon-Pro\Babylon.exe -AutoStart
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
O4 - HKCU\..\Run: [Creative Detector] C:\Program Files\Creative\MediaSource\Detector\CTDetect.exe /R
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - S-1-5-18 Startup: Pin.lnk = C:\hp\bin\CLOAKER.EXE (User 'SYSTEM')
O4 - S-1-5-18 Startup: PinMcLnk.lnk = C:\hp\bin\cloaker.exe (User 'SYSTEM')
O4 - .DEFAULT Startup: Pin.lnk = C:\hp\bin\CLOAKER.EXE (User 'Default user')
O4 - .DEFAULT Startup: PinMcLnk.lnk = C:\hp\bin\cloaker.exe (User 'Default user')
O4 - .DEFAULT User Startup: Pin.lnk = C:\hp\bin\CLOAKER.EXE (User 'Default user')
O4 - .DEFAULT User Startup: PinMcLnk.lnk = C:\hp\bin\cloaker.exe (User 'Default user')
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Translate with &Babylon - res://C:\Program Files\Babylon\Babylon-Pro\Utils\BabylonIEPI.dll/Translate.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Aide à la connexion - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm
O9 - Extra 'Tools' menuitem: Aide à la connexion - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O12 - Plugin for .mu3: C:\Program Files\Internet Explorer\Plugins\NPMyrMus.dll
O12 - Plugin for .mus: C:\Program Files\Internet Explorer\Plugins\NPMyrMus.dll
O12 - Plugin for .mut: C:\Program Files\Internet Explorer\Plugins\NPMyrMus.dll
O12 - Plugin for .myr: C:\Program Files\Internet Explorer\Plugins\NPMyrMus.dll
O12 - Plugin for .xmz: C:\Program Files\Internet Explorer\Plugins\NPMyrMus.dll
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab
O16 - DPF: {4A85DBE0-BFB2-4119-8401-186A7C6EB653} - http://messenger.zone.msn.com/binary/MJSS.cab69309.cab
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://messenger.zone.msn.com/binary/ZIntro.cab56649.cab
O16 - DPF: {BD393C14-72AD-4790-A095-76522973D6B8} (CBreakshotControl Class) - http://messenger.zone.msn.com/binary/Bankshot.cab57213.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft AB - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Intel(R) Quick Resume technology (ELService) - Intel Corporation - C:\Program Files\Intel\IntelDH\Intel(R) Quick Resume Technology Drivers\Elservice.exe
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: RDFLabel - Unknown owner - C:\Program Files\ICRAplus\RDFLabel\RDFLabel.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe

Pubs CID =(

15 réponses

Votre réponse

Discussions similaires

Newsletters