Dove13009

Merci encore Falkra

Merci Falkra Voici le rapport après l'Option 2 de Lop S&D* -----------------------[ Lop S&D 4.2.1-9 XP/Vista ]--------------------- [ Windows XP (NT 5.1) Build 2600, Service Pack 2 ] [ USER : camille ] [ "C:\Lop SD" ] [ Selection : 2 ] [ 01/07/2008 | 16:02:18,79 ] [ PC : LUCIE ] [ MAJ : 01-07-2008 | 00:25 ] \\\\\\\\\\\\\\\\\\\\\\\\\\\\\\ SUPPRESSION ///////////////////////////// Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\Loud spam else tool\sign build.exe Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\Loud spam else tool\deaf frag.exe Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\Loud spam else tool\Vc the.exe Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\Loud spam else tool\browse sign.exe Supprime! - C:\DOCUME~1\camille\APPLIC~1\proxya~1\Find sign base.exe Supprime! - C:\DOCUME~1\camille\APPLIC~1\proxya~1\Boltfacecashflag.exe Supprime! - C:\DOCUME~1\camille\APPLIC~1\proxya~1\Traynurbdent.exe Supprime! - C:\DOCUME~1\camille\APPLIC~1\proxya~1\wbgwjvmy.exe Supprime! - C:\DOCUME~1\camille\APPLIC~1\proxya~1\sbabxxzr.exe Supprime! - C:\DOCUME~1\camille\APPLIC~1\proxya~1\tlpjhxgd.exe Supprime! - C:\DOCUME~1\camille\APPLIC~1\proxya~1\fcgtzags.exe Supprime! - C:\DOCUME~1\camille\APPLIC~1\proxya~1\vizezsse.exe Supprime! - C:\WINDOWS\Prefetch\BROWSE SIGN.EXE-15FD8E94.pf Supprime! - C:\WINDOWS\Prefetch\FIND SIGN BASE.EXE-28296E05.pf Supprime! - C:\WINDOWS\Prefetch\TRAYNURBDENT.EXE-2A1C4502.pf Supprime! - C:\WINDOWS\Tasks\AA66FB8091B570FC.job Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\Loud spam else tool Supprime! - C:\DOCUME~1\camille\APPLIC~1\proxya~1 Supprime! - C:\DOCUME~1\INVITÉ\APPLIC~1\proxya~1 Supprime! - C:\Program Files\proxya~1 Supprime! - C:\Program Files\Circle Developement RestaurÚ! - Fichier Hosts //////////////////////////////////////-\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\ -------------[ Listing des dossiers dans APPLIC~1 ]------------ [27/11/2006|01:01] C:\DOCUME~1\DEFAUL~1\APPLIC~1\desktop.ini [27/11/2006|01:00] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft [11/07/2007|11:20] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe [02/02/2008|16:57] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple [02/02/2008|16:59] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple Computer [24/10/2007|21:10] C:\DOCUME~1\ALLUSE~1\APPLIC~1\BigFishGamesCache [12/12/2007|15:09] C:\DOCUME~1\ALLUSE~1\APPLIC~1\CyberLink [27/11/2006|01:01] C:\DOCUME~1\ALLUSE~1\APPLIC~1\desktop.ini [19/09/2007|08:09] C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar [29/07/2007|15:08] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Google [05/03/2008|20:13] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Hewlett-Packard [05/03/2008|21:00] C:\DOCUME~1\ALLUSE~1\APPLIC~1\hpzinstall.log [28/04/2007|18:34] C:\DOCUME~1\ALLUSE~1\APPLIC~1\jsanikaraoke.txt [13/06/2008|09:38] C:\DOCUME~1\ALLUSE~1\APPLIC~1\McAfee [24/12/2007|22:07] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Messenger Plus! [27/11/2006|01:00] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft [24/01/2008|11:18] C:\DOCUME~1\ALLUSE~1\APPLIC~1\MSN6 [05/10/2007|21:05] C:\DOCUME~1\ALLUSE~1\APPLIC~1\NannyMania [05/05/2007|21:21] C:\DOCUME~1\ALLUSE~1\APPLIC~1\NVIDIA [24/03/2007|12:22] C:\DOCUME~1\ALLUSE~1\APPLIC~1\nView_Profiles [19/09/2007|16:18] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Oberon Games [22/10/2007|19:59] C:\DOCUME~1\ALLUSE~1\APPLIC~1\PlayFirst [18/01/2008|19:05] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Prism [07/04/2007|09:13] C:\DOCUME~1\ALLUSE~1\APPLIC~1\QuickTime [23/10/2007|19:38] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Sandlot Games [19/09/2007|08:09] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Tarma Installer [19/09/2007|08:09] C:\DOCUME~1\ALLUSE~1\APPLIC~1\TEMP [23/06/2007|12:26] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Live Toolbar [08/11/2007|18:13] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WLInstaller [29/07/2007|15:17] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Zylom [27/11/2006|01:00] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft [27/11/2006|01:00] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft [10/03/2007|18:45] C:\DOCUME~1\camille\APPLIC~1\7Wonders [11/07/2007|11:25] C:\DOCUME~1\camille\APPLIC~1\Adobe [11/07/2007|11:26] C:\DOCUME~1\camille\APPLIC~1\AdobeUM [02/02/2008|17:02] C:\DOCUME~1\camille\APPLIC~1\Apple Computer [25/08/2007|15:19] C:\DOCUME~1\camille\APPLIC~1\ArcSoft [12/12/2007|15:11] C:\DOCUME~1\camille\APPLIC~1\CyberLink [27/11/2006|01:01] C:\DOCUME~1\camille\APPLIC~1\desktop.ini [17/09/2007|20:25] C:\DOCUME~1\camille\APPLIC~1\FotoWire [15/02/2008|14:35] C:\DOCUME~1\camille\APPLIC~1\Fuzzy Games [29/07/2007|15:09] C:\DOCUME~1\camille\APPLIC~1\Google [15/12/2007|16:02] C:\DOCUME~1\camille\APPLIC~1\Help [27/11/2006|01:20] C:\DOCUME~1\camille\APPLIC~1\Identities [24/10/2007|21:15] C:\DOCUME~1\camille\APPLIC~1\Jane s Hotel [20/11/2007|20:30] C:\DOCUME~1\camille\APPLIC~1\LimeWire [26/05/2007|11:01] C:\DOCUME~1\camille\APPLIC~1\Macromedia [27/11/2006|01:00] C:\DOCUME~1\camille\APPLIC~1\Microsoft [24/01/2008|11:18] C:\DOCUME~1\camille\APPLIC~1\MSN6 [24/01/2008|10:07] C:\DOCUME~1\camille\APPLIC~1\MumboJumbo.ini [07/10/2007|19:07] C:\DOCUME~1\camille\APPLIC~1\My Games [22/10/2007|19:59] C:\DOCUME~1\camille\APPLIC~1\PlayFirst [23/10/2007|19:38] C:\DOCUME~1\camille\APPLIC~1\Sandlot Games [19/09/2007|22:00] C:\DOCUME~1\camille\APPLIC~1\SpinTop [29/07/2007|15:08] C:\DOCUME~1\camille\APPLIC~1\Sun [15/12/2007|23:22] C:\DOCUME~1\camille\APPLIC~1\ud_soundmanager.ini [29/07/2007|15:17] C:\DOCUME~1\camille\APPLIC~1\Zylom [27/11/2006|01:01] C:\DOCUME~1\INVIT?\APPLIC~1\desktop.ini [05/01/2008|18:29] C:\DOCUME~1\INVIT?\APPLIC~1\Google [24/03/2007|11:25] C:\DOCUME~1\INVIT?\APPLIC~1\Identities [05/01/2008|18:24] C:\DOCUME~1\INVIT?\APPLIC~1\Macromedia [27/11/2006|01:00] C:\DOCUME~1\INVIT?\APPLIC~1\Microsoft ----------------[ Tâches planifiées dans C:\WINDOWS\tasks ]--------------- [01/07/2008 14:07][--ah-----] C:\WINDOWS\tasks\SA.DAT [12/05/2008 19:08][--a------] C:\WINDOWS\tasks\AppleSoftwareUpdate.job [01/07/2008 15:12][--a------] C:\WINDOWS\tasks\V‚rifier les mises … jour de Windows Live Toolbar.job [07/10/2003 01:00][-r-h-----] C:\WINDOWS\tasks\desktop.ini ---------------[ Listing des dossiers dans C:\Program Files ]-------------- [11/07/2007|11:20] C:\Program Files\Adobe [24/08/2007|17:57] C:\Program Files\ADS Tech [27/05/2007|18:33] C:\Program Files\Alwil Software [02/02/2008|16:57] C:\Program Files\Apple Software Update [25/08/2007|15:18] C:\Program Files\ArcSoft [28/03/2007|14:41] C:\Program Files\Barbie [24/10/2007|21:10] C:\Program Files\bfgclient [02/02/2008|17:00] C:\Program Files\Bonjour [01/07/2008|09:05] C:\Program Files\CCleaner [12/12/2007|15:09] C:\Program Files\CyberLink [26/05/2007|10:58] C:\Program Files\Diner Dash [10/03/2007|20:50] C:\Program Files\directx [28/04/2007|18:40] C:\Program Files\EA SPORTS [10/03/2007|20:46] C:\Program Files\Empire Interactive [15/12/2007|16:02] C:\Program Files\Fathom Image [27/11/2006|01:01] C:\Program Files\Fichiers communs [19/09/2007|08:09] C:\Program Files\GamesBar [08/12/2007|18:59] C:\Program Files\Global Defense Network [29/07/2007|15:08] C:\Program Files\Google [05/03/2008|20:13] C:\Program Files\Hewlett-Packard [05/03/2008|19:59] C:\Program Files\HP [21/11/2007|14:30] C:\Program Files\Incomplete [27/11/2006|02:14] C:\Program Files\InstallShield Installation Information [27/11/2006|22:37] C:\Program Files\Intel [27/11/2006|01:10] C:\Program Files\Internet Explorer [02/02/2008|17:02] C:\Program Files\iPod [02/02/2008|17:01] C:\Program Files\iTunes [29/07/2007|15:06] C:\Program Files\Java [04/12/2007|14:39] C:\Program Files\Krakout unlimited [27/11/2006|01:55] C:\Program Files\Ligos [20/11/2007|20:29] C:\Program Files\LimeWire [04/03/2007|13:45] C:\Program Files\Logitech [30/05/2007|11:06] C:\Program Files\Maxis [13/06/2008|09:37] C:\Program Files\McAfee [27/11/2006|01:09] C:\Program Files\Messenger [24/12/2007|22:05] C:\Program Files\Messenger Plus! Live [29/03/2007|17:50] C:\Program Files\Micro Application [09/03/2008|14:00] C:\Program Files\Microsoft CAPICOM 2.1.0.2 [27/11/2006|01:14] C:\Program Files\microsoft frontpage [08/11/2007|18:46] C:\Program Files\Microsoft SQL Server Compact Edition [27/11/2006|01:10] C:\Program Files\Movie Maker [27/11/2006|01:09] C:\Program Files\MSN Gaming Zone [18/09/2007|17:27] C:\Program Files\MSXML 4.0 [27/11/2006|01:10] C:\Program Files\NetMeeting [04/12/2007|16:45] C:\Program Files\NINETY12 [07/12/2007|17:34] C:\Program Files\Onefog [19/09/2007|08:08] C:\Program Files\orange [10/12/2007|19:43] C:\Program Files\OrbzDemo [27/11/2006|01:10] C:\Program Files\Outlook Express [28/01/2008|19:15] C:\Program Files\Paraben [25/02/2007|20:49] C:\Program Files\Pdh [04/12/2007|16:51] C:\Program Files\phelios [23/01/2008|15:23] C:\Program Files\phenomedia [27/11/2006|01:35] C:\Program Files\Prolific Publishing, Inc [02/02/2008|16:59] C:\Program Files\QuickTime [27/11/2006|23:11] C:\Program Files\Realtek AC97 [27/11/2006|23:11] C:\Program Files\Realtek Sound Manager [04/12/2007|15:44] C:\Program Files\ReflexiveArcade [17/12/2007|16:16] C:\Program Files\Ricochet Xtreme [19/09/2007|08:13] C:\Program Files\Sallys Salon [17/12/2007|14:48] C:\Program Files\Sammy Suricate Demo [11/07/2007|11:18] C:\Program Files\Samsung [27/11/2006|01:34] C:\Program Files\SereneScreen [27/11/2006|01:09] C:\Program Files\Services en ligne [15/12/2007|20:30] C:\Program Files\Snake [15/12/2007|20:26] C:\Program Files\Space Ace [04/12/2007|16:36] C:\Program Files\SpaceBattle3001 [08/12/2007|18:24] C:\Program Files\Superball Arcade [04/12/2007|16:23] C:\Program Files\Swarm [08/02/2007|14:09] C:\Program Files\THQ [28/01/2008|19:03] C:\Program Files\Tobi On The Run Demo [30/06/2008|16:02] C:\Program Files\ToniArts [01/07/2008|09:30] C:\Program Files\Trend Micro [07/12/2007|17:49] C:\Program Files\Twilight [09/12/2007|20:24] C:\Program Files\Ubi Soft [15/12/2007|16:04] C:\Program Files\UFO III [27/11/2006|01:19] C:\Program Files\Uninstall Information [27/11/2006|02:13] C:\Program Files\VIA [30/06/2007|20:04] C:\Program Files\Virtools Web Player 3.5 [15/12/2007|15:59] C:\Program Files\Wave 49 [15/12/2007|15:58] C:\Program Files\Winder [08/11/2007|18:13] C:\Program Files\Windows Live [08/11/2007|18:44] C:\Program Files\Windows Live Favorites [23/06/2007|12:25] C:\Program Files\Windows Live Toolbar [27/11/2006|01:09] C:\Program Files\Windows Media Player [27/11/2006|01:08] C:\Program Files\Windows NT [27/11/2006|01:09] C:\Program Files\WindowsUpdate [27/11/2006|01:28] C:\Program Files\WinRAR [15/12/2007|20:27] C:\Program Files\WinSnood [27/11/2006|01:14] C:\Program Files\xerox [29/07/2007|15:17] C:\Program Files\Zylom Games [29/01/2008|15:41] C:\Program Files\Zynx ------[ Listing des dossiers dans C:\Program Files\Fichiers communs ]------ [11/07/2007|11:25] C:\Program Files\Fichiers communs\Adobe [02/02/2008|16:57] C:\Program Files\Fichiers communs\Apple [25/08/2007|15:18] C:\Program Files\Fichiers communs\ArcSoft [13/06/2008|09:38] C:\Program Files\Fichiers communs\Cisco Systems [27/05/2007|17:59] C:\Program Files\Fichiers communs\FDEUnInstaller.exe [17/09/2007|20:25] C:\Program Files\Fichiers communs\FotoWire [05/03/2008|20:10] C:\Program Files\Fichiers communs\Hewlett-Packard [05/03/2008|20:16] C:\Program Files\Fichiers communs\HP [27/11/2006|02:13] C:\Program Files\Fichiers communs\InstallShield [29/07/2007|15:06] C:\Program Files\Fichiers communs\Java [07/04/2007|09:13] C:\Program Files\Fichiers communs\Knowledge Adventure [04/03/2007|13:46] C:\Program Files\Fichiers communs\Logitech [13/06/2008|09:37] C:\Program Files\Fichiers communs\McAfee [27/11/2006|01:01] C:\Program Files\Fichiers communs\Microsoft Shared [27/11/2006|01:11] C:\Program Files\Fichiers communs\MSSoap [27/11/2006|01:01] C:\Program Files\Fichiers communs\ODBC [27/11/2006|01:11] C:\Program Files\Fichiers communs\Services [27/11/2006|01:01] C:\Program Files\Fichiers communs\SpeechEngines [27/11/2006|01:10] C:\Program Files\Fichiers communs\System [08/11/2007|18:13] C:\Program Files\Fichiers communs\WindowsLiveInstaller ---------------------------[ Process ]-------------------------- ... 44 ... OK ! ----------------------[ Recherche avec S_Lop ]--------------------- Aucun fichier / dossier Lop trouvé ! -----------------[ Recherche de Fichiers / Dossiers Lop ]----------------- Aucun fichier / dossier Lop trouvé ! ----------------------[ Verification du Registre ]---------------------- ..... OK ! --------------------[ Verification du fichier Hosts ]--------------------- Fichier Hosts PROPRE ----------------[ Recherche de fichiers avec Catchme ]----------------- catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2008-07-01 16:05:05 Windows 5.1.2600 Service Pack 2 FAT NTAPI scanning hidden processes ... scanning hidden files ... scan completed successfully hidden processes: 0 hidden files: 0 --------------------[ Recherche d'autres infections ]--------------------- Aucune autre infection trouvée ! [F:5][D:2]-> C:\DOCUME~1\camille\LOCALS~1\Temp [F:3][D:0]-> C:\DOCUME~1\camille\Cookies [F:6][D:4]-> C:\DOCUME~1\camille\LOCALS~1\TEMPOR~1\content.IE5 [F:2][D:0]-> C:\Recycled --------------------[ Fin du rapport a 16:05:23,40 ]---------------------- et le rapport HijackThis après le LopR Option 2 Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 16:07:34, on 01/07/2008 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe C:\Program Files\Bonjour\mDNSResponder.exe C:\Program Files\McAfee\Common Framework\FrameworkService.exe C:\Program Files\McAfee\VirusScan Enterprise\Mcshield.exe C:\Program Files\McAfee\VirusScan Enterprise\VsTskMgr.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\SOUNDMAN.EXE C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe C:\Program Files\ADS Tech\INSTANT TV PVR\Scheduled.exe C:\WINDOWS\vsnp2std.exe C:\Program Files\Logitech\Video\LogiTray.exe C:\Program Files\iTunes\iTunesHelper.exe C:\Program Files\HP\HP Software Update\HPWuSchd2.exe C:\Program Files\HP\hpcoretech\hpcmpmgr.exe C:\Program Files\McAfee\Common Framework\UdaterUI.exe C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe C:\Program Files\McAfee\Common Framework\McTray.exe C:\Program Files\ArcSoft\TotalMedia\TM Monitor.exe C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe C:\WINDOWS\system32\LVComS.exe C:\WINDOWS\system32\wscntfy.exe C:\Program Files\iPod\bin\iPodService.exe C:\Program Files\HP\Digital Imaging\bin\hpqgalry.exe C:\Program Files\Windows Live\Messenger\msnmsgr.exe C:\WINDOWS\explorer.exe C:\PROGRA~1\Logitech\Video\FxSvr2.exe C:\Program Files\Trend Micro\HijackThis\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost;*.local R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\McAfee\VirusScan Enterprise\Scriptcl.dll O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file) O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll (file missing) O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll (file missing) O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll O4 - HKLM\..\Run: [soundMan] SOUNDMAN.EXE O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe" O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe" O4 - HKLM\..\Run: [ADS TVR Agent] C:\Program Files\ADS Tech\INSTANT TV PVR\Scheduled.exe O4 - HKLM\..\Run: [snp2std] C:\WINDOWS\vsnp2std.exe O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe" O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb10.exe O4 - HKLM\..\Run: [HP Software Update] "C:\Program Files\HP\HP Software Update\HPWuSchd2.exe" O4 - HKLM\..\Run: [HP Component Manager] "C:\Program Files\HP\hpcoretech\hpcmpmgr.exe" O4 - HKLM\..\Run: [shStatEXE] "C:\Program Files\McAfee\VirusScan Enterprise\SHSTAT.EXE" /STANDALONE O4 - HKLM\..\Run: [McAfeeUpdaterUI] "C:\Program Files\McAfee\Common Framework\UdaterUI.exe" /StartedFromRunKey O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BackWeb-8876480.exe O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User '?') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User '?') O4 - HKUS\S-1-5-21-1708537768-573735546-725345543-1003\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (User '?') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User '?') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user') O4 - Global Startup: TM Monitor.lnk = C:\Program Files\ArcSoft\TotalMedia\TM Monitor.exe O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe O4 - Global Startup: Démarrage rapide du logiciel HP Image Zone.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm O8 - Extra context menu item: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx O8 - Extra context menu item: Ouvrir dans un nouvel onglet d'arrière-plan - res://C:\Program Files\Windows Live Toolbar\Components\fr-fr\msntabres.dll.mui/229?4a100b036daa4e28a69f9b0ea93c2749 O8 - Extra context menu item: Ouvrir dans un nouvel onglet de premier plan - res://C:\Program Files\Windows Live Toolbar\Components\fr-fr\msntabres.dll.mui/230?4a100b036daa4e28a69f9b0ea93c2749 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: McAfee Framework Service (McAfeeFramework) - McAfee, Inc. - C:\Program Files\McAfee\Common Framework\FrameworkService.exe O23 - Service: McAfee McShield (McShield) - McAfee, Inc. - C:\Program Files\McAfee\VirusScan Enterprise\Mcshield.exe O23 - Service: McAfee Task Manager (McTaskManager) - McAfee, Inc. - C:\Program Files\McAfee\VirusScan Enterprise\VsTskMgr.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe -- End of file - 8795 bytes

Merci pour ta réponse Falkra Voici le rapport de LopS&D -----------------------[ Lop S&D 4.2.1-9 XP/Vista ]--------------------- [ Windows XP (NT 5.1) Build 2600, Service Pack 2 ] [ USER : camille ] [ "C:\Lop SD" ] [ Selection : 1 ] [ 01/07/2008 | 15:08:23,76 ] [ PC : LUCIE ] [ MAJ : 01-07-2008 | 00:25 ] -------------[ Listing des dossiers dans Application Data ]------------ [27/11/2006|01:01] C:\DOCUME~1\DEFAUL~1\APPLIC~1\desktop.ini [27/11/2006|01:00] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft [11/07/2007|11:20] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe [02/02/2008|16:57] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple [02/02/2008|16:59] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple Computer [24/10/2007|21:10] C:\DOCUME~1\ALLUSE~1\APPLIC~1\BigFishGamesCache [12/12/2007|15:09] C:\DOCUME~1\ALLUSE~1\APPLIC~1\CyberLink [27/11/2006|01:01] C:\DOCUME~1\ALLUSE~1\APPLIC~1\desktop.ini [19/09/2007|08:09] C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar [29/07/2007|15:08] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Google [05/03/2008|20:13] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Hewlett-Packard [05/03/2008|21:00] C:\DOCUME~1\ALLUSE~1\APPLIC~1\hpzinstall.log [28/04/2007|18:34] C:\DOCUME~1\ALLUSE~1\APPLIC~1\jsanikaraoke.txt [24/12/2007|22:05] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Loud spam else tool [13/06/2008|09:38] C:\DOCUME~1\ALLUSE~1\APPLIC~1\McAfee [24/12/2007|22:07] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Messenger Plus! [27/11/2006|01:00] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft [24/01/2008|11:18] C:\DOCUME~1\ALLUSE~1\APPLIC~1\MSN6 [05/10/2007|21:05] C:\DOCUME~1\ALLUSE~1\APPLIC~1\NannyMania [05/05/2007|21:21] C:\DOCUME~1\ALLUSE~1\APPLIC~1\NVIDIA [24/03/2007|12:22] C:\DOCUME~1\ALLUSE~1\APPLIC~1\nView_Profiles [19/09/2007|16:18] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Oberon Games [22/10/2007|19:59] C:\DOCUME~1\ALLUSE~1\APPLIC~1\PlayFirst [18/01/2008|19:05] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Prism [07/04/2007|09:13] C:\DOCUME~1\ALLUSE~1\APPLIC~1\QuickTime [23/10/2007|19:38] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Sandlot Games [19/09/2007|08:09] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Tarma Installer [19/09/2007|08:09] C:\DOCUME~1\ALLUSE~1\APPLIC~1\TEMP [23/06/2007|12:26] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Live Toolbar [08/11/2007|18:13] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WLInstaller [29/07/2007|15:17] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Zylom [27/11/2006|01:00] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft [27/11/2006|01:00] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft [10/03/2007|18:45] C:\DOCUME~1\camille\APPLIC~1\7Wonders [11/07/2007|11:25] C:\DOCUME~1\camille\APPLIC~1\Adobe [11/07/2007|11:26] C:\DOCUME~1\camille\APPLIC~1\AdobeUM [02/02/2008|17:02] C:\DOCUME~1\camille\APPLIC~1\Apple Computer [25/08/2007|15:19] C:\DOCUME~1\camille\APPLIC~1\ArcSoft [12/12/2007|15:11] C:\DOCUME~1\camille\APPLIC~1\CyberLink [27/11/2006|01:01] C:\DOCUME~1\camille\APPLIC~1\desktop.ini [17/09/2007|20:25] C:\DOCUME~1\camille\APPLIC~1\FotoWire [15/02/2008|14:35] C:\DOCUME~1\camille\APPLIC~1\Fuzzy Games [29/07/2007|15:09] C:\DOCUME~1\camille\APPLIC~1\Google [15/12/2007|16:02] C:\DOCUME~1\camille\APPLIC~1\Help [27/11/2006|01:20] C:\DOCUME~1\camille\APPLIC~1\Identities [24/10/2007|21:15] C:\DOCUME~1\camille\APPLIC~1\Jane s Hotel [20/11/2007|20:30] C:\DOCUME~1\camille\APPLIC~1\LimeWire [26/05/2007|11:01] C:\DOCUME~1\camille\APPLIC~1\Macromedia [27/11/2006|01:00] C:\DOCUME~1\camille\APPLIC~1\Microsoft [24/01/2008|11:18] C:\DOCUME~1\camille\APPLIC~1\MSN6 [24/01/2008|10:07] C:\DOCUME~1\camille\APPLIC~1\MumboJumbo.ini [07/10/2007|19:07] C:\DOCUME~1\camille\APPLIC~1\My Games [22/10/2007|19:59] C:\DOCUME~1\camille\APPLIC~1\PlayFirst [24/12/2007|22:05] C:\DOCUME~1\camille\APPLIC~1\Proxy About [23/10/2007|19:38] C:\DOCUME~1\camille\APPLIC~1\Sandlot Games [19/09/2007|22:00] C:\DOCUME~1\camille\APPLIC~1\SpinTop [29/07/2007|15:08] C:\DOCUME~1\camille\APPLIC~1\Sun [15/12/2007|23:22] C:\DOCUME~1\camille\APPLIC~1\ud_soundmanager.ini [29/07/2007|15:17] C:\DOCUME~1\camille\APPLIC~1\Zylom [27/11/2006|01:01] C:\DOCUME~1\INVIT?\APPLIC~1\desktop.ini [05/01/2008|18:29] C:\DOCUME~1\INVIT?\APPLIC~1\Google [24/03/2007|11:25] C:\DOCUME~1\INVIT?\APPLIC~1\Identities [05/01/2008|18:24] C:\DOCUME~1\INVIT?\APPLIC~1\Macromedia [27/11/2006|01:00] C:\DOCUME~1\INVIT?\APPLIC~1\Microsoft [05/01/2008|18:23] C:\DOCUME~1\INVIT?\APPLIC~1\Proxy About ----------------[ Tâches planifiées dans C:\WINDOWS\tasks ]--------------- [01/07/2008 15:00][--ah-----] C:\WINDOWS\tasks\AA66FB8091B570FC.job [01/07/2008 14:07][--ah-----] C:\WINDOWS\tasks\SA.DAT [12/05/2008 19:08][--a------] C:\WINDOWS\tasks\AppleSoftwareUpdate.job [01/07/2008 14:12][--a------] C:\WINDOWS\tasks\V‚rifier les mises … jour de Windows Live Toolbar.job [07/10/2003 01:00][-r-h-----] C:\WINDOWS\tasks\desktop.ini AA66FB8091B570FC.job <--> c:\docume~1\camille\applic~1\proxya~1\Traynurbdent.exe ---------------[ Listing des dossiers dans C:\Program Files ]-------------- [11/07/2007|11:20] C:\Program Files\Adobe [24/08/2007|17:57] C:\Program Files\ADS Tech [27/05/2007|18:33] C:\Program Files\Alwil Software [02/02/2008|16:57] C:\Program Files\Apple Software Update [25/08/2007|15:18] C:\Program Files\ArcSoft [28/03/2007|14:41] C:\Program Files\Barbie [24/10/2007|21:10] C:\Program Files\bfgclient [02/02/2008|17:00] C:\Program Files\Bonjour [01/07/2008|09:05] C:\Program Files\CCleaner [24/12/2007|22:05] C:\Program Files\Circle Developement [12/12/2007|15:09] C:\Program Files\CyberLink [26/05/2007|10:58] C:\Program Files\Diner Dash [10/03/2007|20:50] C:\Program Files\directx [28/04/2007|18:40] C:\Program Files\EA SPORTS [10/03/2007|20:46] C:\Program Files\Empire Interactive [15/12/2007|16:02] C:\Program Files\Fathom Image [27/11/2006|01:01] C:\Program Files\Fichiers communs [19/09/2007|08:09] C:\Program Files\GamesBar [08/12/2007|18:59] C:\Program Files\Global Defense Network [29/07/2007|15:08] C:\Program Files\Google [05/03/2008|20:13] C:\Program Files\Hewlett-Packard [05/03/2008|19:59] C:\Program Files\HP [21/11/2007|14:30] C:\Program Files\Incomplete [27/11/2006|02:14] C:\Program Files\InstallShield Installation Information [27/11/2006|22:37] C:\Program Files\Intel [27/11/2006|01:10] C:\Program Files\Internet Explorer [02/02/2008|17:02] C:\Program Files\iPod [02/02/2008|17:01] C:\Program Files\iTunes [29/07/2007|15:06] C:\Program Files\Java [04/12/2007|14:39] C:\Program Files\Krakout unlimited [27/11/2006|01:55] C:\Program Files\Ligos [20/11/2007|20:29] C:\Program Files\LimeWire [04/03/2007|13:45] C:\Program Files\Logitech [30/05/2007|11:06] C:\Program Files\Maxis [13/06/2008|09:37] C:\Program Files\McAfee [27/11/2006|01:09] C:\Program Files\Messenger [24/12/2007|22:05] C:\Program Files\Messenger Plus! Live [29/03/2007|17:50] C:\Program Files\Micro Application [09/03/2008|14:00] C:\Program Files\Microsoft CAPICOM 2.1.0.2 [27/11/2006|01:14] C:\Program Files\microsoft frontpage [08/11/2007|18:46] C:\Program Files\Microsoft SQL Server Compact Edition [27/11/2006|01:10] C:\Program Files\Movie Maker [27/11/2006|01:09] C:\Program Files\MSN Gaming Zone [18/09/2007|17:27] C:\Program Files\MSXML 4.0 [27/11/2006|01:10] C:\Program Files\NetMeeting [04/12/2007|16:45] C:\Program Files\NINETY12 [07/12/2007|17:34] C:\Program Files\Onefog [19/09/2007|08:08] C:\Program Files\orange [10/12/2007|19:43] C:\Program Files\OrbzDemo [27/11/2006|01:10] C:\Program Files\Outlook Express [28/01/2008|19:15] C:\Program Files\Paraben [25/02/2007|20:49] C:\Program Files\Pdh [04/12/2007|16:51] C:\Program Files\phelios [23/01/2008|15:23] C:\Program Files\phenomedia [27/11/2006|01:35] C:\Program Files\Prolific Publishing, Inc [07/05/2008|14:44] C:\Program Files\Proxy About [02/02/2008|16:59] C:\Program Files\QuickTime [27/11/2006|23:11] C:\Program Files\Realtek AC97 [27/11/2006|23:11] C:\Program Files\Realtek Sound Manager [04/12/2007|15:44] C:\Program Files\ReflexiveArcade [17/12/2007|16:16] C:\Program Files\Ricochet Xtreme [19/09/2007|08:13] C:\Program Files\Sallys Salon [17/12/2007|14:48] C:\Program Files\Sammy Suricate Demo [11/07/2007|11:18] C:\Program Files\Samsung [27/11/2006|01:34] C:\Program Files\SereneScreen [27/11/2006|01:09] C:\Program Files\Services en ligne [15/12/2007|20:30] C:\Program Files\Snake [15/12/2007|20:26] C:\Program Files\Space Ace [04/12/2007|16:36] C:\Program Files\SpaceBattle3001 [08/12/2007|18:24] C:\Program Files\Superball Arcade [04/12/2007|16:23] C:\Program Files\Swarm [08/02/2007|14:09] C:\Program Files\THQ [28/01/2008|19:03] C:\Program Files\Tobi On The Run Demo [30/06/2008|16:02] C:\Program Files\ToniArts [01/07/2008|09:30] C:\Program Files\Trend Micro [07/12/2007|17:49] C:\Program Files\Twilight [09/12/2007|20:24] C:\Program Files\Ubi Soft [15/12/2007|16:04] C:\Program Files\UFO III [27/11/2006|01:19] C:\Program Files\Uninstall Information [27/11/2006|02:13] C:\Program Files\VIA [30/06/2007|20:04] C:\Program Files\Virtools Web Player 3.5 [15/12/2007|15:59] C:\Program Files\Wave 49 [15/12/2007|15:58] C:\Program Files\Winder [08/11/2007|18:13] C:\Program Files\Windows Live [08/11/2007|18:44] C:\Program Files\Windows Live Favorites [23/06/2007|12:25] C:\Program Files\Windows Live Toolbar [27/11/2006|01:09] C:\Program Files\Windows Media Player [27/11/2006|01:08] C:\Program Files\Windows NT [27/11/2006|01:09] C:\Program Files\WindowsUpdate [27/11/2006|01:28] C:\Program Files\WinRAR [15/12/2007|20:27] C:\Program Files\WinSnood [27/11/2006|01:14] C:\Program Files\xerox [29/07/2007|15:17] C:\Program Files\Zylom Games [29/01/2008|15:41] C:\Program Files\Zynx ------[ Listing des dossiers dans C:\Program Files\Fichiers communs ]------ [11/07/2007|11:25] C:\Program Files\Fichiers communs\Adobe [02/02/2008|16:57] C:\Program Files\Fichiers communs\Apple [25/08/2007|15:18] C:\Program Files\Fichiers communs\ArcSoft [13/06/2008|09:38] C:\Program Files\Fichiers communs\Cisco Systems [27/05/2007|17:59] C:\Program Files\Fichiers communs\FDEUnInstaller.exe [17/09/2007|20:25] C:\Program Files\Fichiers communs\FotoWire [05/03/2008|20:10] C:\Program Files\Fichiers communs\Hewlett-Packard [05/03/2008|20:16] C:\Program Files\Fichiers communs\HP [27/11/2006|02:13] C:\Program Files\Fichiers communs\InstallShield [29/07/2007|15:06] C:\Program Files\Fichiers communs\Java [07/04/2007|09:13] C:\Program Files\Fichiers communs\Knowledge Adventure [04/03/2007|13:46] C:\Program Files\Fichiers communs\Logitech [13/06/2008|09:37] C:\Program Files\Fichiers communs\McAfee [27/11/2006|01:01] C:\Program Files\Fichiers communs\Microsoft Shared [27/11/2006|01:11] C:\Program Files\Fichiers communs\MSSoap [27/11/2006|01:01] C:\Program Files\Fichiers communs\ODBC [27/11/2006|01:11] C:\Program Files\Fichiers communs\Services [27/11/2006|01:01] C:\Program Files\Fichiers communs\SpeechEngines [27/11/2006|01:10] C:\Program Files\Fichiers communs\System [08/11/2007|18:13] C:\Program Files\Fichiers communs\WindowsLiveInstaller ---------------------------[ Process ]-------------------------- ... 46 iexplore.exe ~ [1864] iexplore.exe ~ [1444] ----------------------[ Recherche avec S_Lop ]--------------------- Aucun fichier / dossier Lop trouvé ! -----------------[ Recherche de Fichiers / Dossiers Lop ]----------------- C:\DOCUME~1\ALLUSE~1\APPLIC~1\Loud spam else tool C:\DOCUME~1\ALLUSE~1\APPLIC~1\Loud spam else tool\sign build.exe C:\DOCUME~1\ALLUSE~1\APPLIC~1\Loud spam else tool\deaf frag.exe C:\DOCUME~1\ALLUSE~1\APPLIC~1\Loud spam else tool\Vc the.exe C:\DOCUME~1\ALLUSE~1\APPLIC~1\Loud spam else tool\browse sign.exe C:\DOCUME~1\camille\APPLIC~1\proxya~1 C:\DOCUME~1\camille\APPLIC~1\proxya~1\Find sign base.exe C:\DOCUME~1\camille\APPLIC~1\proxya~1\Boltfacecashflag.exe C:\DOCUME~1\camille\APPLIC~1\proxya~1\Traynurbdent.exe C:\DOCUME~1\camille\APPLIC~1\proxya~1\wbgwjvmy.exe C:\DOCUME~1\camille\APPLIC~1\proxya~1\sbabxxzr.exe C:\DOCUME~1\camille\APPLIC~1\proxya~1\tlpjhxgd.exe C:\DOCUME~1\camille\APPLIC~1\proxya~1\fcgtzags.exe C:\DOCUME~1\camille\APPLIC~1\proxya~1\vizezsse.exe C:\DOCUME~1\INVITÉ\APPLIC~1\proxya~1 C:\Program Files\proxya~1 C:\Program Files\Circle Developement C:\WINDOWS\Prefetch\BROWSE SIGN.EXE-15FD8E94.pf C:\WINDOWS\Prefetch\FIND SIGN BASE.EXE-28296E05.pf C:\WINDOWS\Prefetch\TRAYNURBDENT.EXE-2A1C4502.pf C:\WINDOWS\Tasks\AA66FB8091B570FC.job ----------------------[ Verification du Registre ]---------------------- [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "fast upload"="C:\\DOCUME~1\\camille\\APPLIC~1\\PROXYA~1\\Find sign base.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "else tool title ping"="C:\\Documents and Settings\\All Users\\Application Data\\Loud spam else tool\\browse sign.exe" --------------------[ Verification du fichier Hosts ]--------------------- Fichier Hosts MODIFIE 127.0.0.1 bin.errorprotector.com ## added by CiD 127.0.0.1 br.errorsafe.com ## added by CiD 127.0.0.1 br.winantivirus.com ## added by CiD 127.0.0.1 br.winfixer.com ## added by CiD 127.0.0.1 cdn.drivecleaner.com ## added by CiD 127.0.0.1 cdn.errorsafe.com ## added by CiD 127.0.0.1 cdn.winsoftware.com ## added by CiD 127.0.0.1 de.errorsafe.com ## added by CiD 127.0.0.1 de.winantivirus.com ## added by CiD 127.0.0.1 download.cdn.drivecleaner.com ## added by CiD 127.0.0.1 download.cdn.errorsafe.com ## added by CiD 127.0.0.1 download.cdn.winsoftware.com ## added by CiD 127.0.0.1 download.errorsafe.com ## added by CiD 127.0.0.1 download.systemdoctor.com ## added by CiD 127.0.0.1 download.winantispyware.com ## added by CiD 127.0.0.1 download.windrivecleaner.com ## added by CiD 127.0.0.1 download.winfixer.com ## added by CiD 127.0.0.1 drivecleaner.com ## added by CiD 127.0.0.1 dynamique.drivecleaner.com ## added by CiD 127.0.0.1 errorprotector.com ## added by CiD 127.0.0.1 errorsafe.com ## added by CiD 127.0.0.1 es.winantivirus.com ## added by CiD 127.0.0.1 fr.winantivirus.com ## added by CiD 127.0.0.1 fr.winfixer.com ## added by CiD 127.0.0.1 go.drivecleaner.com ## added by CiD 127.0.0.1 go.errorsafe.com ## added by CiD 127.0.0.1 go.winantispyware.com ## added by CiD 127.0.0.1 go.winantivirus.com ## added by CiD 127.0.0.1 hk.winantivirus.com ## added by CiD 127.0.0.1 instlog.errorsafe.com ## added by CiD 127.0.0.1 instlog.winantivirus.com ## added by CiD 127.0.0.1 instlog.winfixer.com ## added by CiD 127.0.0.1 jsp.drivecleaner.com ## added by CiD 127.0.0.1 kb.errorsafe.com ## added by CiD 127.0.0.1 kb.winantivirus.com ## added by CiD 127.0.0.1 nl.errorsafe.com ## added by CiD 127.0.0.1 se.errorsafe.com ## added by CiD 127.0.0.1 secure.drivecleaner.com ## added by CiD 127.0.0.1 secure.errorsafe.com ## added by CiD 127.0.0.1 secure.winantispam.com ## added by CiD 127.0.0.1 secure.winantispy.com ## added by CiD 127.0.0.1 secure.winantivirus.com ## added by CiD 127.0.0.1 support.winantivirus.com ## added by CiD 127.0.0.1 trial.updates.winsoftware.com ## added by CiD 127.0.0.1 ulog.winantivirus.com ## added by CiD 127.0.0.1 utils.errorsafe.com ## added by CiD 127.0.0.1 utils.winantivirus.com ## added by CiD 127.0.0.1 utils.winfixer.com ## added by CiD 127.0.0.1 winantispyware.com ## added by CiD 127.0.0.1 winantivirus.com ## added by CiD 127.0.0.1 winfixer.com ## added by CiD 127.0.0.1 winfixer2006.com ## added by CiD 127.0.0.1 winsoftware.com ## added by CiD 127.0.0.1 www.drivecleaner.com ## added by CiD 127.0.0.1 www.errorprotector.com ## added by CiD 127.0.0.1 www.errorsafe.com ## added by CiD 127.0.0.1 www.systemdoctor.com ## added by CiD 127.0.0.1 www.utils.winfixer.com ## added by CiD 127.0.0.1 www.win-anti-virus-pro.com ## added by CiD 127.0.0.1 www.win-virus-pro.com ## added by CiD 127.0.0.1 www.winantispam.com ## added by CiD 127.0.0.1 www.winantispy.com ## added by CiD 127.0.0.1 www.winantispyware.com ## added by CiD 127.0.0.1 www.winantivirus.com ## added by CiD 127.0.0.1 www.winantiviruspro.com ## added by CiD 127.0.0.1 www.windrivecleaner.com ## added by CiD 127.0.0.1 www.windrivesafe.com ## added by CiD 127.0.0.1 www.winfixer.com ## added by CiD 127.0.0.1 www.winfixer2006.com ## added by CiD 127.0.0.1 www.winsoftware.com ## added by CiD -> 72 ( 70 ## added by CiD ) /!\ 1 Not 127.0.0.1 !! ----------------[ Recherche de fichiers avec Catchme ]----------------- catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2008-07-01 15:11:22 Windows 5.1.2600 Service Pack 2 FAT NTAPI scanning hidden processes ... scanning hidden files ... scan completed successfully hidden processes: 0 hidden files: 0 --------------------[ Recherche d'autres infections ]--------------------- Aucune autre infection trouvée ! [F:5][D:2]-> C:\DOCUME~1\camille\LOCALS~1\Temp [F:3][D:0]-> C:\DOCUME~1\camille\Cookies [F:6][D:4]-> C:\DOCUME~1\camille\LOCALS~1\TEMPOR~1\content.IE5 [F:2][D:0]-> C:\Recycled --------------------[ Fin du rapport a 15:11:44,76 ]----------------------

Lenteur du système (présence de 2 iexplore dont un prend bcp de resources) Bonjour à tous Une copine à ma fille m’a confié son ordi qui ne marchait plus. J’ai installé un nouvel anti virus (McAfee) puis mis à jour J’ai éradiqué pas loin d’une quinzaine de cheval de troie. Puis j’ai été voir sur les forums J’ai lancé ATF Cleaner, Ccleaner et Easy cleaner histoire d’être tranquille mais le iexplore prend toujours presque 100 % des ressources systèmes. J’ai lancé HijackThis et voilà le rapport Merci encore aux Helper Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 14:17:21, on 01/07/2008 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe C:\Program Files\Bonjour\mDNSResponder.exe C:\Program Files\McAfee\Common Framework\FrameworkService.exe C:\Program Files\McAfee\VirusScan Enterprise\Mcshield.exe C:\Program Files\McAfee\VirusScan Enterprise\VsTskMgr.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\System32\svchost.exe C:\WINDOWS\SOUNDMAN.EXE C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe C:\Program Files\ADS Tech\INSTANT TV PVR\Scheduled.exe C:\WINDOWS\vsnp2std.exe C:\Program Files\Logitech\Video\LogiTray.exe C:\Program Files\iTunes\iTunesHelper.exe C:\Program Files\HP\HP Software Update\HPWuSchd2.exe C:\Program Files\HP\hpcoretech\hpcmpmgr.exe C:\Program Files\McAfee\Common Framework\UdaterUI.exe C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe C:\Program Files\McAfee\Common Framework\McTray.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\ArcSoft\TotalMedia\TM Monitor.exe C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe C:\WINDOWS\system32\LVComS.exe C:\WINDOWS\system32\wscntfy.exe C:\Program Files\iPod\bin\iPodService.exe C:\Program Files\HP\Digital Imaging\bin\hpqgalry.exe C:\WINDOWS\system32\taskmgr.exe C:\Program Files\Trend Micro\HijackThis\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost;*.local R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\McAfee\VirusScan Enterprise\Scriptcl.dll O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file) O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll (file missing) O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll (file missing) O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll O4 - HKLM\..\Run: [soundMan] SOUNDMAN.EXE O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe" O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe" O4 - HKLM\..\Run: [ADS TVR Agent] C:\Program Files\ADS Tech\INSTANT TV PVR\Scheduled.exe O4 - HKLM\..\Run: [snp2std] C:\WINDOWS\vsnp2std.exe O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe" O4 - HKLM\..\Run: [else tool title ping] C:\Documents and Settings\All Users\Application Data\Loud spam else tool\browse sign.exe O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb10.exe O4 - HKLM\..\Run: [HP Software Update] "C:\Program Files\HP\HP Software Update\HPWuSchd2.exe" O4 - HKLM\..\Run: [HP Component Manager] "C:\Program Files\HP\hpcoretech\hpcmpmgr.exe" O4 - HKLM\..\Run: [shStatEXE] "C:\Program Files\McAfee\VirusScan Enterprise\SHSTAT.EXE" /STANDALONE O4 - HKLM\..\Run: [McAfeeUpdaterUI] "C:\Program Files\McAfee\Common Framework\UdaterUI.exe" /StartedFromRunKey O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BackWeb-8876480.exe O4 - HKCU\..\Run: [fast upload] C:\DOCUME~1\camille\APPLIC~1\PROXYA~1\Find sign base.exe O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User '?') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User '?') O4 - HKUS\S-1-5-21-1708537768-573735546-725345543-1003\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (User '?') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User '?') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user') O4 - Global Startup: TM Monitor.lnk = C:\Program Files\ArcSoft\TotalMedia\TM Monitor.exe O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe O4 - Global Startup: Démarrage rapide du logiciel HP Image Zone.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm O8 - Extra context menu item: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx O8 - Extra context menu item: Ouvrir dans un nouvel onglet d'arrière-plan - res://C:\Program Files\Windows Live Toolbar\Components\fr-fr\msntabres.dll.mui/229?4a100b036daa4e28a69f9b0ea93c2749 O8 - Extra context menu item: Ouvrir dans un nouvel onglet de premier plan - res://C:\Program Files\Windows Live Toolbar\Components\fr-fr\msntabres.dll.mui/230?4a100b036daa4e28a69f9b0ea93c2749 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: McAfee Framework Service (McAfeeFramework) - McAfee, Inc. - C:\Program Files\McAfee\Common Framework\FrameworkService.exe O23 - Service: McAfee McShield (McShield) - McAfee, Inc. - C:\Program Files\McAfee\VirusScan Enterprise\Mcshield.exe O23 - Service: McAfee Task Manager (McTaskManager) - McAfee, Inc. - C:\Program Files\McAfee\VirusScan Enterprise\VsTskMgr.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe -- End of file - 9055 bytes