BIBOU LE FORUM

Qui peut m'aider svp
j'ai des pubs cid ki saffichent en permanence.

Sujet déplacé dans la bonne catégorie

Kiki

Salut sylvain64 !!


# Télécharge HijackThis v2.0.2
# ==>Lien et Tuto ici<==
# Suis les indications et poste le rapport obtenu dans ton prochain message.

c lekel zip executable ou installer

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 16:09:22, on 16/05/2008
Platform: Windows Vista (WinNT 6.00.1904)
MSIE: Internet Explorer v7.00 (7.00.6000.16643)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\System32\rundll32.exe
C:\Program Files\Synaptics\SynTP\SynTPStart.exe
C:\Program Files\Hp\QuickPlay\QPService.exe
C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe
C:\Program Files\Hewlett-Packard\HP QuickTouch\HPKBDAPP.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
C:\Program Files\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe
C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe
C:\Program Files\EoRezo\EoEngine.exe
C:\Program Files\Alwil Software\Avast4\ashDisp.exe
C:\Program Files\Hewlett-Packard\HP Software Update\hpwuSchd2.exe
C:\Program Files\Search Settings\SearchSettings.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Hewlett-Packard\HP Advisor\HPAdvisor.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\eMule\emule.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqtra08.exe
C:\Windows\ehome\ehmsas.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Hewlett-Packard\Shared\HpqToaster.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files\Internet Explorer\ieuser.exe
C:\Program Files\Internet Explorer\iexplore.exe
c:\program files\aol\aol toolbar 5.0\AolTbServer.exe
C:\Program Files\Hewlett-Packard\Smart Web Printing\hpswp_clipbook.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\Windows\system32\Macromed\Flash\FlashUtil9f.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://recherche.neuf.fr/
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://lo.st
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=fr_fr&c=81&bd=Pavilion&pf=laptop
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://recherche.neuf.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=fr_fr&c=81&bd=Pavilion&pf=laptop
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://recherche.neuf.fr/ie/default.html
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: SearchSettings Class - {E312764E-7706-43F1-8DAB-FCDD2B1E416D} - C:\Program Files\Search Settings\kb127\SearchSettings.dll
O1 - Hosts: ::1 localhost
O2 - BHO: HP Print Clips - {053F9267-DC04-4294-A72C-58F732D338C0} - C:\Program Files\Hewlett-Packard\Smart Web Printing\hpswp_framework.dll
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: NCO 2.0 IE BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - (no file)
O2 - BHO: EoRezoBHO - {64F56FC1-1272-44CD-BA6E-39723696E350} - C:\Program Files\EoRezo\EoAdv\EoRezoBHO.dll (file missing)
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O2 - BHO: AOL Toolbar Launcher - {7C554162-8CB7-45A4-B8F4-8EA1C75885F9} - C:\Program Files\AOL\AOL Toolbar 5.0\aoltb.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: SearchSettings Class - {E312764E-7706-43F1-8DAB-FCDD2B1E416D} - C:\Program Files\Search Settings\kb127\SearchSettings.dll
O3 - Toolbar: (no name) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - (no file)
O3 - Toolbar: AOL Toolbar - {DE9C389F-3316-41A7-809B-AA305ED9D922} - C:\Program Files\AOL\AOL Toolbar 5.0\aoltb.dll
O3 - Toolbar: Barre d'outils MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Toolbar\01.01.2607.0\fr\msntb.dll (file missing)
O4 - HKLM\..\Run: [NvSvc] RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [SynTPStart] C:\Program Files\Synaptics\SynTP\SynTPStart.exe
O4 - HKLM\..\Run: [QPService] "C:\Program Files\HP\QuickPlay\QPService.exe"
O4 - HKLM\..\Run: [QlbCtrl] %ProgramFiles%\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start
O4 - HKLM\..\Run: [OnScreenDisplay] C:\Program Files\Hewlett-Packard\HP QuickTouch\HPKBDAPP.exe
O4 - HKLM\..\Run: [UCam_Menu] "C:\Program Files\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe" "C:\Program Files\CyberLink\YouCam" update "Software\CyberLink\YouCam\1.0"
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [HP Health Check Scheduler] [ProgramFilesFolder]Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe
O4 - HKLM\..\Run: [hpWirelessAssistant] C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
O4 - HKLM\..\Run: [WAWifiMessage] C:\Program Files\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe"
O4 - HKLM\..\Run: [EoEngine] "C:\Program Files\EoRezo\EoEngine.exe"
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [SearchSettings] C:\Program Files\Search Settings\SearchSettings.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [ItsTV] "C:\Program Files\ItsLabel\ItsTV.exe"
O4 - HKLM\..\Run: [dash cool] "C:\ProgramData\Up seek seek.cbhen"
O4 - HKLM\..\Run: [Amok Mode Dupe Platform] "C:\ProgramData\size cdrom build.vhqa6"
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [LightScribe Control Panel] C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe -hidden
O4 - HKCU\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [TomTomHOME.exe] "C:\Program Files\TomTom HOME 2\HOMERunner.exe"
O4 - HKCU\..\Run: [HPAdvisor] C:\Program Files\Hewlett-Packard\HP Advisor\HPAdvisor.exe autoRun
O4 - HKCU\..\Run: [eMuleAutoStart] C:\Program Files\eMule\emule.exe -AutoStart
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU')
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqtra08.exe
O8 - Extra context menu item: &Recherche AOL Toolbar - c:\program files\aol\aol toolbar 5.0\resources\fr-fr\local\search.html
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra button: Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra button: AOL Toolbar - {3369AF0D-62E9-4bda-8103-B4C75499B578} - C:\Program Files\AOL\AOL Toolbar 5.0\aoltb.dll
O9 - Extra button: Livre de reliures HP - {58ECB495-38F0-49cb-A538-10282ABF65E7} - C:\Program Files\Hewlett-Packard\Smart Web Printing\hpswp_extensions.dll
O9 - Extra button: Sélection intelligente HP - {700259D7-1666-479a-93B1-3250410481E8} - C:\Program Files\Hewlett-Packard\Smart Web Printing\hpswp_extensions.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O13 - Gopher Prefix:
O16 - DPF: {04CB5B64-5915-4629-B869-8945CEBADD21} (Module de délivrance de certificat MINEFI) - https://static.impots.gouv.fr/abos/static/securite/certdgi1.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx1.hotmail.com/mail/w2/resources/VistaMSNPUpldfr-fr.cab
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Com4Qlb - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4Qlb.exe
O23 - Service: GameConsoleService - WildTangent, Inc. - C:\Program Files\HP Games\My HP Game Console\GameConsoleService.exe
O23 - Service: HP Health Check Service - Hewlett-Packard - c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe
O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqWmiEx.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: QuickPlay Background Capture Service (QBCS) (QPCapSvc) - Unknown owner - C:\Program Files\HP\QuickPlay\Kernel\TV\QPCapSvc.exe
O23 - Service: QuickPlay Task Scheduler (QTS) (QPSched) - Unknown owner - C:\Program Files\HP\QuickPlay\Kernel\TV\QPSched.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe
O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe

--
End of file - 11354 bytes

c bien ca kil fallait faire?

il ya kelkun?

Ok c'est bon !!

Il y a quelque petite choses differentes mais on va commencer par l'infection Lop :

# Télécharge Lop S&D

# ==>Lien et Tuto ici<==
# Suis les indications et poste le rapport obtenu dans ton prochain message.

ca cherche

-----------------------[ Lop S&D 4.2.0-8 XP/Vista ]---------------------

[ Windows 'Longhorn' (NT 6.0) Workstation Build 6000 ]
[ USER : Laurence et Sylvain ] [ "C:\Lop SD" ] [ Selection : 1 ]
[ 16/05/2008 | 16:26:48,55 ] [ PC : PC-DE-LAURENCE ]
[ MAJ : 11-05-2008 | 18:25 ]
[ UAC => 0 ]

-------------[ Listing des dossiers dans Application Data ]------------

[10/04/2008|14:48] C:\Users\LAUREN~1\AppData\Roaming\Adobe\Flash Player
[02/04/2008|22:29] C:\Users\LAUREN~1\AppData\Roaming\Adobe\Linguistics
[02/04/2008|22:28] C:\Users\LAUREN~1\AppData\Roaming\Adobe\Acrobat

[03/05/2008|23:12] C:\Users\LAUREN~1\AppData\Roaming\CyberLink\MediaCache
[31/03/2008|14:32] C:\Users\LAUREN~1\AppData\Roaming\CyberLink\PowerStarter
[07/03/2008|18:15] C:\Users\LAUREN~1\AppData\Roaming\CyberLink\PowerCinema
[07/03/2008|18:15] C:\Users\LAUREN~1\AppData\Roaming\CyberLink\PowerDVD

[26/04/2008|16:02] C:\Users\LAUREN~1\AppData\Roaming\eMule\config

[16/05/2008|16:22] C:\Users\LAUREN~1\AppData\Roaming\EoRezo\db
[16/05/2008|16:19] C:\Users\LAUREN~1\AppData\Roaming\EoRezo\eoDesktop
[16/05/2008|16:19] C:\Users\LAUREN~1\AppData\Roaming\EoRezo\ConfMedia.cyp
[16/05/2008|16:19] C:\Users\LAUREN~1\AppData\Roaming\EoRezo\host.cyp
[16/05/2008|16:19] C:\Users\LAUREN~1\AppData\Roaming\EoRezo\user.cyp
[16/05/2008|16:19] C:\Users\LAUREN~1\AppData\Roaming\EoRezo\cmhost.cyp

[10/05/2008|11:16] C:\Users\LAUREN~1\AppData\Roaming\FileZilla\filezilla.xml
[10/05/2008|11:16] C:\Users\LAUREN~1\AppData\Roaming\FileZilla\queue.xml
[10/05/2008|11:10] C:\Users\LAUREN~1\AppData\Roaming\FileZilla\recentservers.xml
[10/05/2008|11:04] C:\Users\LAUREN~1\AppData\Roaming\FileZilla\layout.xml
[10/05/2008|11:03] C:\Users\LAUREN~1\AppData\Roaming\FileZilla\sitemanager.xml
[28/04/2008|11:39] C:\Users\LAUREN~1\AppData\Roaming\FileZilla\filters.xml

[16/05/2008|15:07] C:\Users\LAUREN~1\AppData\Roaming\Hewlett-Packard\HPAdvisor
[06/03/2008|17:15] C:\Users\LAUREN~1\AppData\Roaming\Hewlett-Packard\HP Software UI

[08/03/2008|15:30] C:\Users\LAUREN~1\AppData\Roaming\HP\Digital Imaging
[07/03/2008|18:15] C:\Users\LAUREN~1\AppData\Roaming\HP\QuickPlay
[06/03/2008|18:02] C:\Users\LAUREN~1\AppData\Roaming\HP\ScLogs

[02/03/2007|14:10] C:\Users\LAUREN~1\AppData\Roaming\HPAppData\RegClean.dll

[06/03/2008|17:18] C:\Users\LAUREN~1\AppData\Roaming\Identities\{802C0FC1-3F10-4F09-B924-25BA9B31F3A7}

[14/05/2008|09:33] C:\Users\LAUREN~1\AppData\Roaming\ItsLabel\ItsTV

[07/03/2008|17:44] C:\Users\LAUREN~1\AppData\Roaming\Macromedia\Director MX 2004
[06/03/2008|17:16] C:\Users\LAUREN~1\AppData\Roaming\Macromedia\Flash Player

[10/03/2008|15:30] C:\Users\LAUREN~1\AppData\Roaming\Magic Academy\records.dat
[10/03/2008|15:30] C:\Users\LAUREN~1\AppData\Roaming\Magic Academy\profiles.dat
[10/03/2008|15:30] C:\Users\LAUREN~1\AppData\Roaming\Magic Academy\settings.dat


[08/05/2008|16:52] C:\Users\LAUREN~1\AppData\Roaming\Microsoft\SystemCertificates
[07/05/2008|09:44] C:\Users\LAUREN~1\AppData\Roaming\Microsoft\Crypto
[06/05/2008|16:02] C:\Users\LAUREN~1\AppData\Roaming\Microsoft\MSN Messenger
[28/04/2008|21:26] C:\Users\LAUREN~1\AppData\Roaming\Microsoft\Office
[28/04/2008|21:26] C:\Users\LAUREN~1\AppData\Roaming\Microsoft\Templates
[28/04/2008|21:25] C:\Users\LAUREN~1\AppData\Roaming\Microsoft\Document Building Blocks
[28/04/2008|21:25] C:\Users\LAUREN~1\AppData\Roaming\Microsoft\AddIns
[28/04/2008|21:25] C:\Users\LAUREN~1\AppData\Roaming\Microsoft\Word
[23/04/2008|17:17] C:\Users\LAUREN~1\AppData\Roaming\Microsoft\IdentityCRL
[23/04/2008|17:05] C:\Users\LAUREN~1\AppData\Roaming\Microsoft\Credentials
[31/03/2008|14:29] C:\Users\LAUREN~1\AppData\Roaming\Microsoft\HTML Help
[08/03/2008|15:32] C:\Users\LAUREN~1\AppData\Roaming\Microsoft\Internet Explorer
[07/03/2008|18:12] C:\Users\LAUREN~1\AppData\Roaming\Microsoft\eHome
[07/03/2008|00:28] C:\Users\LAUREN~1\AppData\Roaming\Microsoft\Speech
[07/03/2008|00:03] C:\Users\LAUREN~1\AppData\Roaming\Microsoft\Windows
[06/03/2008|18:12] C:\Users\LAUREN~1\AppData\Roaming\Microsoft\Windows Photo Gallery
[06/03/2008|17:18] C:\Users\LAUREN~1\AppData\Roaming\Microsoft\Protect
[06/03/2008|17:15] C:\Users\LAUREN~1\AppData\Roaming\Microsoft\CLR Security Config

[15/05/2008|22:20] C:\Users\LAUREN~1\AppData\Roaming\Mozilla\Extensions
[15/05/2008|22:20] C:\Users\LAUREN~1\AppData\Roaming\Mozilla\Firefox

[10/03/2008|19:37] C:\Users\LAUREN~1\AppData\Roaming\muvee Technologies\session40.mvex
[10/03/2008|19:36] C:\Users\LAUREN~1\AppData\Roaming\muvee Technologies\burnerList40.mvex
[10/03/2008|19:36] C:\Users\LAUREN~1\AppData\Roaming\muvee Technologies\UserProfiles

[16/05/2008|16:19] C:\Users\LAUREN~1\AppData\Roaming\nvModes.001\nvModes.001

[10/05/2008|12:19] C:\Users\LAUREN~1\AppData\Roaming\nvModes.dat\nvModes.dat

[07/03/2008|17:44] C:\Users\LAUREN~1\AppData\Roaming\PlayFirst\dinerdash

[06/03/2008|17:19] C:\Users\LAUREN~1\AppData\Roaming\Symantec\NPMDataStore

[03/05/2008|20:28] C:\Users\LAUREN~1\AppData\Roaming\TomTom\HOME

[23/04/2008|23:48] C:\Users\LAUREN~1\AppData\Roaming\UserTile.png\UserTile.png

[13/05/2008|21:54] C:\Users\LAUREN~1\AppData\Roaming\vlc\vlcrc
[13/05/2008|21:54] C:\Users\LAUREN~1\AppData\Roaming\vlc\cache

[06/03/2008|17:35] C:\Users\LAUREN~1\AppData\Roaming\WildTangent\My HP Game Console

----------------[ Tâches planifiées dans C:\Windows\tasks ]---------------

[16/05/2008 09:23][--ah-----] C:\Windows\tasks\User_Feed_Synchronization-{643DE4E8-0B6C-4DB8-B0D0-746706814C2B}.job
[15/05/2008 20:55][--a------] C:\Windows\tasks\HPCeeScheduleForLaurence et Sylvain.job
[16/05/2008 16:18][--ah-----] C:\Windows\tasks\SA.DAT
[16/05/2008 16:17][--a------] C:\Windows\tasks\SCHEDLGU.TXT

------[ Listing des dossiers dans C:\ProgramData ]------

[24/10/2007|18:57] C:\ProgramData\{174892B1-CBE7-44F5-86FF-AB555EFD73A3}
[06/05/2008|15:10] C:\ProgramData\Adobe
[07/03/2008|00:15] C:\ProgramData\AOL
[07/03/2008|00:15] C:\ProgramData\AOL OCP
[02/11/2006|15:02] C:\ProgramData\Application Data
[13/01/2008|06:43] C:\ProgramData\Atheros
[06/03/2008|17:01] C:\ProgramData\Bureau
[26/04/2008|16:34] C:\ProgramData\CyberLink
[02/11/2006|15:02] C:\ProgramData\Desktop
[02/11/2006|15:02] C:\ProgramData\Documents
[06/03/2008|17:14] C:\ProgramData\Electronic Arts
[23/04/2008|22:54] C:\ProgramData\eMule
[06/03/2008|17:01] C:\ProgramData\Favoris
[02/11/2006|15:02] C:\ProgramData\Favorites
[06/03/2008|17:42] C:\ProgramData\Hewlett-Packard
[14/05/2008|22:27] C:\ProgramData\Hold Trust Amok Mode
[28/04/2008|12:50] C:\ProgramData\HP
[28/04/2008|12:50] C:\ProgramData\HP Product Assistant
[06/03/2008|17:37] C:\ProgramData\HPSSUPPLY
[28/04/2008|13:03] C:\ProgramData\hpzinstall.log
[16/05/2008|15:13] C:\ProgramData\Lavasoft
[08/03/2008|11:24] C:\ProgramData\LightScribe
[14/05/2008|22:27] C:\ProgramData\Mealmfcdaudio
[06/03/2008|17:01] C:\ProgramData\Menu D‚marrer
[14/05/2008|22:32] C:\ProgramData\Messenger Plus!
[24/04/2008|23:30] C:\ProgramData\Microsoft
[16/05/2008|09:26] C:\ProgramData\Microsoft Help
[06/03/2008|17:01] C:\ProgramData\ModŠles
[24/10/2007|18:43] C:\ProgramData\muvee Technologies
[06/03/2008|17:19] C:\ProgramData\NVIDIA
[14/05/2008|22:27] C:\ProgramData\size cdrom build.vhqa6
[02/11/2006|15:02] C:\ProgramData\Start Menu
[24/04/2008|23:31] C:\ProgramData\Symantec
[15/05/2008|17:09] C:\ProgramData\TEMP
[02/11/2006|15:02] C:\ProgramData\Templates
[15/05/2008|18:32] C:\ProgramData\Up seek seek.01mnvnd
[15/05/2008|16:42] C:\ProgramData\Up seek seek.33g04f2
[15/05/2008|19:37] C:\ProgramData\Up seek seek.4oddz
[15/05/2008|20:21] C:\ProgramData\Up seek seek.5ckk5pb
[15/05/2008|11:00] C:\ProgramData\Up seek seek.6gv3h
[15/05/2008|10:38] C:\ProgramData\Up seek seek.6ij1dpg
[15/05/2008|18:53] C:\ProgramData\Up seek seek.6kp4f21
[15/05/2008|19:59] C:\ProgramData\Up seek seek.bohfi
[16/05/2008|15:50] C:\ProgramData\Up seek seek.cbhen
[15/05/2008|10:16] C:\ProgramData\Up seek seek.cvq62
[15/05/2008|09:54] C:\ProgramData\Up seek seek.d4dpreq
[15/05/2008|17:48] C:\ProgramData\Up seek seek.dw81n8j
[16/05/2008|10:03] C:\ProgramData\Up seek seek.ew6zs2l
[15/05/2008|22:54] C:\ProgramData\Up seek seek.ewscf
[15/05/2008|17:04] C:\ProgramData\Up seek seek.findf7
[15/05/2008|21:26] C:\ProgramData\Up seek seek.h4t3m
[14/05/2008|23:33] C:\ProgramData\Up seek seek.h766v
[14/05/2008|23:55] C:\ProgramData\Up seek seek.h96rgcv
[16/05/2008|09:42] C:\ProgramData\Up seek seek.ib4ap3y
[15/05/2008|23:38] C:\ProgramData\Up seek seek.ijq9a7
[15/05/2008|15:58] C:\ProgramData\Up seek seek.k9vr5d
[15/05/2008|19:15] C:\ProgramData\Up seek seek.kkejo2r
[15/05/2008|23:59] C:\ProgramData\Up seek seek.lt9lxa
[15/05/2008|16:20] C:\ProgramData\Up seek seek.lue86v
[15/05/2008|18:10] C:\ProgramData\Up seek seek.m6j52tj
[15/05/2008|11:22] C:\ProgramData\Up seek seek.n2e5fef
[15/05/2008|22:32] C:\ProgramData\Up seek seek.ozt77w
[15/05/2008|17:26] C:\ProgramData\Up seek seek.qahagn1
[14/05/2008|22:26] C:\ProgramData\Up seek seek.qh6ic4
[14/05/2008|23:11] C:\ProgramData\Up seek seek.sjmmy
[14/05/2008|22:49] C:\ProgramData\Up seek seek.skjjaq
[15/05/2008|20:43] C:\ProgramData\Up seek seek.sngifv
[15/05/2008|21:48] C:\ProgramData\Up seek seek.sqhc4w
[15/05/2008|22:10] C:\ProgramData\Up seek seek.st1jk3
[15/05/2008|23:16] C:\ProgramData\Up seek seek.ua29ghu
[15/05/2008|21:05] C:\ProgramData\Up seek seek.ubz0m4
[15/05/2008|09:32] C:\ProgramData\Up seek seek.ufd0tf
[15/05/2008|15:37] C:\ProgramData\Up seek seek.x1m74zf
[16/05/2008|16:12] C:\ProgramData\Up seek seek.xjt5m3
[16/05/2008|15:28] C:\ProgramData\Up seek seek.ydaih4d
[14/05/2008|22:26] C:\ProgramData\Up seek seek.zi02j
[24/10/2007|18:20] C:\ProgramData\Viewpoint
[06/03/2008|18:02] C:\ProgramData\WEBREG
[10/03/2008|15:19] C:\ProgramData\WildTangent
[08/05/2008|23:39] C:\ProgramData\WLInstaller

---------------[ Listing des dossiers dans C:\Program Files ]--------------

[24/10/2007|18:57] C:\Program Files\Activation Assistant for the 2007 Microsoft Office suites
[06/05/2008|15:10] C:\Program Files\Adobe
[24/10/2007|18:20] C:\Program Files\AIM6
[24/04/2008|23:12] C:\Program Files\Alwil Software
[06/03/2008|17:15] C:\Program Files\AOL
[13/01/2008|06:43] C:\Program Files\Atheros
[14/05/2008|22:26] C:\Program Files\Circle Developement
[06/05/2008|15:10] C:\Program Files\Common Files
[13/01/2008|06:43] C:\Program Files\CONEXANT
[13/01/2008|06:56] C:\Program Files\CyberLink
[24/10/2007|18:17] C:\Program Files\desktop.ini
[06/03/2008|17:14] C:\Program Files\Electronic Arts
[23/04/2008|22:37] C:\Program Files\eMule
[24/04/2008|23:11] C:\Program Files\EoRezo
[06/03/2008|17:01] C:\Program Files\Fichiers communs [C:\Program Files\Common Files]
[28/04/2008|11:38] C:\Program Files\FileZilla FTP Client
[28/04/2008|12:50] C:\Program Files\Hewlett-Packard
[06/03/2008|17:37] C:\Program Files\Hp
[13/01/2008|06:59] C:\Program Files\HP Games
[06/03/2008|17:06] C:\Program Files\HPQ
[28/04/2008|15:49] C:\Program Files\IKEA HomePlanner
[03/05/2008|22:12] C:\Program Files\InstallShield Installation Information
[24/04/2008|10:34] C:\Program Files\Internet Explorer
[08/05/2008|23:36] C:\Program Files\Java
[13/05/2008|21:55] C:\Program Files\K-Lite Codec Pack
[15/05/2008|22:20] C:\Program Files\Lavasoft
[15/05/2008|23:51] C:\Program Files\Lopxp
[14/05/2008|22:26] C:\Program Files\Messenger Plus! Live
[02/11/2006|14:37] C:\Program Files\Microsoft Games
[24/10/2007|18:56] C:\Program Files\Microsoft Office
[24/10/2007|18:56] C:\Program Files\Microsoft Works
[24/10/2007|18:56] C:\Program Files\Microsoft.NET
[25/10/2007|02:57] C:\Program Files\Movie Maker
[15/05/2008|22:19] C:\Program Files\Mozilla Firefox 3 Beta 5
[02/11/2006|14:37] C:\Program Files\MSBuild
[02/11/2006|14:37] C:\Program Files\MSN
[24/04/2008|09:44] C:\Program Files\MSXML 4.0
[24/10/2007|18:43] C:\Program Files\muvee Technologies
[13/01/2008|06:41] C:\Program Files\NetWaiting
[10/04/2008|15:00] C:\Program Files\Neuf
[02/11/2006|14:37] C:\Program Files\Reference Assemblies
[07/03/2008|00:09] C:\Program Files\Samsung
[03/05/2008|22:54] C:\Program Files\Search Settings
[13/01/2008|07:00] C:\Program Files\Services en ligne
[13/01/2008|06:40] C:\Program Files\Synaptics
[16/05/2008|16:08] C:\Program Files\Trend Micro
[02/11/2006|15:01] C:\Program Files\Uninstall Information
[24/10/2007|18:20] C:\Program Files\Viewpoint
[24/10/2007|18:14] C:\Program Files\Windows Calendar
[25/10/2007|02:57] C:\Program Files\Windows Collaboration
[24/10/2007|18:14] C:\Program Files\Windows Defender
[25/10/2007|02:57] C:\Program Files\Windows Journal
[10/05/2008|23:58] C:\Program Files\Windows Live
[06/05/2008|17:06] C:\Program Files\Windows Live Safety Center
[15/05/2008|09:02] C:\Program Files\Windows Mail
[24/04/2008|10:34] C:\Program Files\Windows Media Player
[06/03/2008|17:01] C:\Program Files\Windows NT
[25/10/2007|02:57] C:\Program Files\Windows Photo Gallery
[24/04/2008|10:34] C:\Program Files\Windows Sidebar
[13/01/2008|06:44] C:\Program Files\WinTV

------[ Listing des dossiers dans C:\Program Files\Common Files ]------

[06/05/2008|15:10] C:\Program Files\Common Files\Adobe
[24/10/2007|18:19] C:\Program Files\Common Files\AOL
[24/10/2007|18:56] C:\Program Files\Common Files\DESIGNER
[06/03/2008|17:30] C:\Program Files\Common Files\Hewlett-Packard
[06/03/2008|17:32] C:\Program Files\Common Files\HP
[24/10/2007|19:09] C:\Program Files\Common Files\InstallShield
[24/10/2007|19:21] C:\Program Files\Common Files\Java
[06/03/2008|17:06] C:\Program Files\Common Files\LightScribe
[23/04/2008|17:21] C:\Program Files\Common Files\microsoft shared
[24/10/2007|18:43] C:\Program Files\Common Files\muvee Technologies
[02/11/2006|13:18] C:\Program Files\Common Files\Services
[02/11/2006|13:18] C:\Program Files\Common Files\SpeechEngines
[24/04/2008|23:48] C:\Program Files\Common Files\Symantec Shared
[24/10/2007|18:14] C:\Program Files\Common Files\System
[23/04/2008|17:15] C:\Program Files\Common Files\WindowsLiveInstaller
[16/05/2008|15:13] C:\Program Files\Common Files\Wise Installation Wizard

---------------------------[ Process ]--------------------------

... 83

iexplore.exe ~ [2596]
iexplore.exe ~ [2684]
iexplore.exe ~ [348]

----------------------[ Recherche avec S_Lop ]---------------------

C:\ProgramData\size cdrom build.vhqa6
C:\ProgramData\Up seek seek.01mnvnd
C:\ProgramData\Up seek seek.33g04f2
C:\ProgramData\Up seek seek.4oddz
C:\ProgramData\Up seek seek.5ckk5pb
C:\ProgramData\Up seek seek.6gv3h
C:\ProgramData\Up seek seek.6ij1dpg
C:\ProgramData\Up seek seek.6kp4f21
C:\ProgramData\Up seek seek.bohfi
C:\ProgramData\Up seek seek.cbhen
C:\ProgramData\Up seek seek.cvq62
C:\ProgramData\Up seek seek.d4dpreq
C:\ProgramData\Up seek seek.dw81n8j
C:\ProgramData\Up seek seek.ew6zs2l
C:\ProgramData\Up seek seek.ewscf
C:\ProgramData\Up seek seek.findf7
C:\ProgramData\Up seek seek.h4t3m
C:\ProgramData\Up seek seek.h766v
C:\ProgramData\Up seek seek.h96rgcv
C:\ProgramData\Up seek seek.ib4ap3y
C:\ProgramData\Up seek seek.ijq9a7
C:\ProgramData\Up seek seek.k9vr5d
C:\ProgramData\Up seek seek.kkejo2r
C:\ProgramData\Up seek seek.lt9lxa
C:\ProgramData\Up seek seek.lue86v
C:\ProgramData\Up seek seek.m6j52tj
C:\ProgramData\Up seek seek.n2e5fef
C:\ProgramData\Up seek seek.ozt77w
C:\ProgramData\Up seek seek.qahagn1
C:\ProgramData\Up seek seek.qh6ic4
C:\ProgramData\Up seek seek.sjmmy
C:\ProgramData\Up seek seek.skjjaq
C:\ProgramData\Up seek seek.sngifv
C:\ProgramData\Up seek seek.sqhc4w
C:\ProgramData\Up seek seek.st1jk3
C:\ProgramData\Up seek seek.ua29ghu
C:\ProgramData\Up seek seek.ubz0m4
C:\ProgramData\Up seek seek.ufd0tf
C:\ProgramData\Up seek seek.x1m74zf
C:\ProgramData\Up seek seek.xjt5m3
C:\ProgramData\Up seek seek.ydaih4d
C:\ProgramData\Up seek seek.zi02j
C:\ProgramData\size cdrom build.vhqa6
C:\ProgramData\Up seek seek.33g04f2
C:\ProgramData\Up seek seek.5ckk5pb
C:\ProgramData\Up seek seek.6ij1dpg
C:\ProgramData\Up seek seek.6kp4f21
C:\ProgramData\Up seek seek.cbhen
C:\ProgramData\Up seek seek.cvq62
C:\ProgramData\Up seek seek.d4dpreq
C:\ProgramData\Up seek seek.dw81n8j
C:\ProgramData\Up seek seek.ew6zs2l
C:\ProgramData\Up seek seek.ewscf
C:\ProgramData\Up seek seek.h4t3m
C:\ProgramData\Up seek seek.h766v
C:\ProgramData\Up seek seek.h96rgcv
C:\ProgramData\Up seek seek.ib4ap3y
C:\ProgramData\Up seek seek.ijq9a7
C:\ProgramData\Up seek seek.k9vr5d
C:\ProgramData\Up seek seek.kkejo2r
C:\ProgramData\Up seek seek.lt9lxa
C:\ProgramData\Up seek seek.m6j52tj
C:\ProgramData\Up seek seek.n2e5fef
C:\ProgramData\Up seek seek.ozt77w
C:\ProgramData\Up seek seek.qahagn1
C:\ProgramData\Up seek seek.qh6ic4
C:\ProgramData\Up seek seek.skjjaq
C:\ProgramData\Up seek seek.sngifv
C:\ProgramData\Up seek seek.sqhc4w
C:\ProgramData\Up seek seek.st1jk3
C:\ProgramData\Up seek seek.ua29ghu
C:\ProgramData\Up seek seek.ufd0tf
C:\ProgramData\Up seek seek.x1m74zf
C:\ProgramData\Up seek seek.xjt5m3
C:\ProgramData\Up seek seek.zi02j
C:\Users\LAUREN~1\AppData\Local\Temp\bisB46E.exe

-----------------[ Recherche de Fichiers / Dossiers Lop ]-----------------

C:\Program Files\Circle Developement
C:\Program Files\Circle Developement\Uninstall.exe

----------------------[ Verification du Registre ]----------------------

..... OK !

--------------------[ Verification du fichier Hosts ]---------------------

Fichier Hosts PROPRE


----------------[ Recherche de fichiers avec Catchme ]-----------------

catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-05-16 16:29:24
Windows 6.0.6000 NTFS
scanning hidden processes ...
scanning hidden files ...
scan completed successfully
hidden processes: 0
hidden files: 0

--------------------[ Recherche d'autres infections ]---------------------


Aucune autre infection trouvée !

/!\ [Fich:597][Doss:47] C:\Users\LAUREN~1\AppData\Local\Temp
/!\ [Fich:142][Doss:1] C:\Users\LAUREN~1\AppData\Roaming\MICROS~1\Windows\Cookies
/!\ [Fich:720][Doss:5] C:\Users\LAUREN~1\AppData\Local\MICROS~1\Windows\TEMPOR~1\content.IE5

[ UAC => 1 ]

--------------------[ Fin du rapport a 16:30:19,33 ]----------------------

je réactive uac? et je ferme lop s et d?

Non au passe au nettoyage maintenant !


Relance Lop S&D

* Choisis cette fois ci l'Option 2 ( Suppression )
* Ne ferme pas la fenêtre lors de la suppression !
* Poste le rapport généré ( C:\lopR.txt )
( Si le Bureau ne réapparît pas presse Ctrl + Alt + Suppr , Onglet Fichier , Nouvelle tâche , tape explorer.exe et valide )
Ajoute un nouveau log hijackthis

-----------------------[ Lop S&D 4.2.0-8 XP/Vista ]---------------------

[ Windows 'Longhorn' (NT 6.0) Workstation Build 6000 ]
[ USER : Laurence et Sylvain ] [ "C:\Lop SD" ] [ Selection : 2 ]
[ 16/05/2008 | 16:42:20,24 ] [ PC : PC-DE-LAURENCE ]
[ MAJ : 11-05-2008 | 18:25 ]
[ UAC => 0 ]


\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\ SUPPRESSION /////////////////////////////

Supprimé! - C:\Program Files\Circle Developement\Uninstall.exe
Supprimé! - C:\ProgramData\size cdrom build.vhqa6
Supprimé! - C:\ProgramData\Up seek seek.01mnvnd
Supprimé! - C:\ProgramData\Up seek seek.33g04f2
Supprimé! - C:\ProgramData\Up seek seek.4oddz
Supprimé! - C:\ProgramData\Up seek seek.5ckk5pb
Supprimé! - C:\ProgramData\Up seek seek.6gv3h
Supprimé! - C:\ProgramData\Up seek seek.6ij1dpg
Supprimé! - C:\ProgramData\Up seek seek.6kp4f21
Supprimé! - C:\ProgramData\Up seek seek.bohfi
Supprimé! - C:\ProgramData\Up seek seek.cbhen
Supprimé! - C:\ProgramData\Up seek seek.cvq62
Supprimé! - C:\ProgramData\Up seek seek.d4dpreq
Supprimé! - C:\ProgramData\Up seek seek.dw81n8j
Supprimé! - C:\ProgramData\Up seek seek.ew6zs2l
Supprimé! - C:\ProgramData\Up seek seek.ewscf
Supprimé! - C:\ProgramData\Up seek seek.findf7
Supprimé! - C:\ProgramData\Up seek seek.h4t3m
Supprimé! - C:\ProgramData\Up seek seek.h766v
Supprimé! - C:\ProgramData\Up seek seek.h96rgcv
Supprimé! - C:\ProgramData\Up seek seek.ib4ap3y
Supprimé! - C:\ProgramData\Up seek seek.ijq9a7
Supprimé! - C:\ProgramData\Up seek seek.k9vr5d
Supprimé! - C:\ProgramData\Up seek seek.kkejo2r
Supprimé! - C:\ProgramData\Up seek seek.lt9lxa
Supprimé! - C:\ProgramData\Up seek seek.lue86v
Supprimé! - C:\ProgramData\Up seek seek.m6j52tj
Supprimé! - C:\ProgramData\Up seek seek.n2e5fef
Supprimé! - C:\ProgramData\Up seek seek.ozt77w
Supprimé! - C:\ProgramData\Up seek seek.qahagn1
Supprimé! - C:\ProgramData\Up seek seek.qh6ic4
Supprimé! - C:\ProgramData\Up seek seek.sjmmy
Supprimé! - C:\ProgramData\Up seek seek.skjjaq
Supprimé! - C:\ProgramData\Up seek seek.sngifv
Supprimé! - C:\ProgramData\Up seek seek.sqhc4w
Supprimé! - C:\ProgramData\Up seek seek.st1jk3
Supprimé! - C:\ProgramData\Up seek seek.ua29ghu
Supprimé! - C:\ProgramData\Up seek seek.ubz0m4
Supprimé! - C:\ProgramData\Up seek seek.ufd0tf
Supprimé! - C:\ProgramData\Up seek seek.x1m74zf
Supprimé! - C:\ProgramData\Up seek seek.xjt5m3
Supprimé! - C:\ProgramData\Up seek seek.ydaih4d
Supprimé! - C:\ProgramData\Up seek seek.zi02j
Supprimé! - C:\Users\LAUREN~1\AppData\Local\Temp\bisB46E.exe
Supprimé! - C:\Program Files\Circle Developement
Restauré! - Fichier Hosts

//////////////////////////////////////-\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\


-------------[ Listing des dossiers dans Application Data ]------------

[10/04/2008|14:48] C:\Users\LAUREN~1\AppData\Roaming\Adobe\Flash Player
[02/04/2008|22:29] C:\Users\LAUREN~1\AppData\Roaming\Adobe\Linguistics
[02/04/2008|22:28] C:\Users\LAUREN~1\AppData\Roaming\Adobe\Acrobat

[03/05/2008|23:12] C:\Users\LAUREN~1\AppData\Roaming\CyberLink\MediaCache
[31/03/2008|14:32] C:\Users\LAUREN~1\AppData\Roaming\CyberLink\PowerStarter
[07/03/2008|18:15] C:\Users\LAUREN~1\AppData\Roaming\CyberLink\PowerCinema
[07/03/2008|18:15] C:\Users\LAUREN~1\AppData\Roaming\CyberLink\PowerDVD

[26/04/2008|16:02] C:\Users\LAUREN~1\AppData\Roaming\eMule\config

[16/05/2008|16:22] C:\Users\LAUREN~1\AppData\Roaming\EoRezo\db
[16/05/2008|16:19] C:\Users\LAUREN~1\AppData\Roaming\EoRezo\eoDesktop
[16/05/2008|16:19] C:\Users\LAUREN~1\AppData\Roaming\EoRezo\ConfMedia.cyp
[16/05/2008|16:19] C:\Users\LAUREN~1\AppData\Roaming\EoRezo\host.cyp
[16/05/2008|16:19] C:\Users\LAUREN~1\AppData\Roaming\EoRezo\user.cyp
[16/05/2008|16:19] C:\Users\LAUREN~1\AppData\Roaming\EoRezo\cmhost.cyp

[10/05/2008|11:16] C:\Users\LAUREN~1\AppData\Roaming\FileZilla\filezilla.xml
[10/05/2008|11:16] C:\Users\LAUREN~1\AppData\Roaming\FileZilla\queue.xml
[10/05/2008|11:10] C:\Users\LAUREN~1\AppData\Roaming\FileZilla\recentservers.xml
[10/05/2008|11:04] C:\Users\LAUREN~1\AppData\Roaming\FileZilla\layout.xml
[10/05/2008|11:03] C:\Users\LAUREN~1\AppData\Roaming\FileZilla\sitemanager.xml
[28/04/2008|11:39] C:\Users\LAUREN~1\AppData\Roaming\FileZilla\filters.xml

[16/05/2008|15:07] C:\Users\LAUREN~1\AppData\Roaming\Hewlett-Packard\HPAdvisor
[06/03/2008|17:15] C:\Users\LAUREN~1\AppData\Roaming\Hewlett-Packard\HP Software UI

[08/03/2008|15:30] C:\Users\LAUREN~1\AppData\Roaming\HP\Digital Imaging
[07/03/2008|18:15] C:\Users\LAUREN~1\AppData\Roaming\HP\QuickPlay
[06/03/2008|18:02] C:\Users\LAUREN~1\AppData\Roaming\HP\ScLogs

[02/03/2007|14:10] C:\Users\LAUREN~1\AppData\Roaming\HPAppData\RegClean.dll

[06/03/2008|17:18] C:\Users\LAUREN~1\AppData\Roaming\Identities\{802C0FC1-3F10-4F09-B924-25BA9B31F3A7}

[14/05/2008|09:33] C:\Users\LAUREN~1\AppData\Roaming\ItsLabel\ItsTV

[07/03/2008|17:44] C:\Users\LAUREN~1\AppData\Roaming\Macromedia\Director MX 2004
[06/03/2008|17:16] C:\Users\LAUREN~1\AppData\Roaming\Macromedia\Flash Player

[10/03/2008|15:30] C:\Users\LAUREN~1\AppData\Roaming\Magic Academy\records.dat
[10/03/2008|15:30] C:\Users\LAUREN~1\AppData\Roaming\Magic Academy\profiles.dat
[10/03/2008|15:30] C:\Users\LAUREN~1\AppData\Roaming\Magic Academy\settings.dat


[08/05/2008|16:52] C:\Users\LAUREN~1\AppData\Roaming\Microsoft\SystemCertificates
[07/05/2008|09:44] C:\Users\LAUREN~1\AppData\Roaming\Microsoft\Crypto
[06/05/2008|16:02] C:\Users\LAUREN~1\AppData\Roaming\Microsoft\MSN Messenger
[28/04/2008|21:26] C:\Users\LAUREN~1\AppData\Roaming\Microsoft\Office
[28/04/2008|21:26] C:\Users\LAUREN~1\AppData\Roaming\Microsoft\Templates
[28/04/2008|21:25] C:\Users\LAUREN~1\AppData\Roaming\Microsoft\Document Building Blocks
[28/04/2008|21:25] C:\Users\LAUREN~1\AppData\Roaming\Microsoft\AddIns
[28/04/2008|21:25] C:\Users\LAUREN~1\AppData\Roaming\Microsoft\Word
[23/04/2008|17:17] C:\Users\LAUREN~1\AppData\Roaming\Microsoft\IdentityCRL
[23/04/2008|17:05] C:\Users\LAUREN~1\AppData\Roaming\Microsoft\Credentials
[31/03/2008|14:29] C:\Users\LAUREN~1\AppData\Roaming\Microsoft\HTML Help
[08/03/2008|15:32] C:\Users\LAUREN~1\AppData\Roaming\Microsoft\Internet Explorer
[07/03/2008|18:12] C:\Users\LAUREN~1\AppData\Roaming\Microsoft\eHome
[07/03/2008|00:28] C:\Users\LAUREN~1\AppData\Roaming\Microsoft\Speech
[07/03/2008|00:03] C:\Users\LAUREN~1\AppData\Roaming\Microsoft\Windows
[06/03/2008|18:12] C:\Users\LAUREN~1\AppData\Roaming\Microsoft\Windows Photo Gallery
[06/03/2008|17:18] C:\Users\LAUREN~1\AppData\Roaming\Microsoft\Protect
[06/03/2008|17:15] C:\Users\LAUREN~1\AppData\Roaming\Microsoft\CLR Security Config

[15/05/2008|22:20] C:\Users\LAUREN~1\AppData\Roaming\Mozilla\Extensions
[15/05/2008|22:20] C:\Users\LAUREN~1\AppData\Roaming\Mozilla\Firefox

[10/03/2008|19:37] C:\Users\LAUREN~1\AppData\Roaming\muvee Technologies\session40.mvex
[10/03/2008|19:36] C:\Users\LAUREN~1\AppData\Roaming\muvee Technologies\burnerList40.mvex
[10/03/2008|19:36] C:\Users\LAUREN~1\AppData\Roaming\muvee Technologies\UserProfiles

[16/05/2008|16:19] C:\Users\LAUREN~1\AppData\Roaming\nvModes.001\nvModes.001

[10/05/2008|12:19] C:\Users\LAUREN~1\AppData\Roaming\nvModes.dat\nvModes.dat

[07/03/2008|17:44] C:\Users\LAUREN~1\AppData\Roaming\PlayFirst\dinerdash

[06/03/2008|17:19] C:\Users\LAUREN~1\AppData\Roaming\Symantec\NPMDataStore

[03/05/2008|20:28] C:\Users\LAUREN~1\AppData\Roaming\TomTom\HOME

[23/04/2008|23:48] C:\Users\LAUREN~1\AppData\Roaming\UserTile.png\UserTile.png

[13/05/2008|21:54] C:\Users\LAUREN~1\AppData\Roaming\vlc\vlcrc
[13/05/2008|21:54] C:\Users\LAUREN~1\AppData\Roaming\vlc\cache

[06/03/2008|17:35] C:\Users\LAUREN~1\AppData\Roaming\WildTangent\My HP Game Console

----------------[ Tâches planifiées dans C:\Windows\tasks ]---------------

[16/05/2008 09:23][--ah-----] C:\Windows\tasks\User_Feed_Synchronization-{643DE4E8-0B6C-4DB8-B0D0-746706814C2B}.job
[15/05/2008 20:55][--a------] C:\Windows\tasks\HPCeeScheduleForLaurence et Sylvain.job
[16/05/2008 16:18][--ah-----] C:\Windows\tasks\SA.DAT
[16/05/2008 16:17][--a------] C:\Windows\tasks\SCHEDLGU.TXT

------[ Listing des dossiers dans C:\ProgramData ]------

[24/10/2007|18:57] C:\ProgramData\{174892B1-CBE7-44F5-86FF-AB555EFD73A3}
[06/05/2008|15:10] C:\ProgramData\Adobe
[07/03/2008|00:15] C:\ProgramData\AOL
[07/03/2008|00:15] C:\ProgramData\AOL OCP
[02/11/2006|15:02] C:\ProgramData\Application Data
[13/01/2008|06:43] C:\ProgramData\Atheros
[06/03/2008|17:01] C:\ProgramData\Bureau
[26/04/2008|16:34] C:\ProgramData\CyberLink
[02/11/2006|15:02] C:\ProgramData\Desktop
[02/11/2006|15:02] C:\ProgramData\Documents
[06/03/2008|17:14] C:\ProgramData\Electronic Arts
[23/04/2008|22:54] C:\ProgramData\eMule
[06/03/2008|17:01] C:\ProgramData\Favoris
[02/11/2006|15:02] C:\ProgramData\Favorites
[06/03/2008|17:42] C:\ProgramData\Hewlett-Packard
[14/05/2008|22:27] C:\ProgramData\Hold Trust Amok Mode
[28/04/2008|12:50] C:\ProgramData\HP
[28/04/2008|12:50] C:\ProgramData\HP Product Assistant
[06/03/2008|17:37] C:\ProgramData\HPSSUPPLY
[28/04/2008|13:03] C:\ProgramData\hpzinstall.log
[16/05/2008|15:13] C:\ProgramData\Lavasoft
[08/03/2008|11:24] C:\ProgramData\LightScribe
[14/05/2008|22:27] C:\ProgramData\Mealmfcdaudio
[06/03/2008|17:01] C:\ProgramData\Menu D‚marrer
[14/05/2008|22:32] C:\ProgramData\Messenger Plus!
[24/04/2008|23:30] C:\ProgramData\Microsoft
[16/05/2008|09:26] C:\ProgramData\Microsoft Help
[06/03/2008|17:01] C:\ProgramData\ModŠles
[24/10/2007|18:43] C:\ProgramData\muvee Technologies
[06/03/2008|17:19] C:\ProgramData\NVIDIA
[02/11/2006|15:02] C:\ProgramData\Start Menu
[24/04/2008|23:31] C:\ProgramData\Symantec
[15/05/2008|17:09] C:\ProgramData\TEMP
[02/11/2006|15:02] C:\ProgramData\Templates
[16/05/2008|16:41] C:\ProgramData\Up seek seek.77sp8
[24/10/2007|18:20] C:\ProgramData\Viewpoint
[06/03/2008|18:02] C:\ProgramData\WEBREG
[10/03/2008|15:19] C:\ProgramData\WildTangent
[08/05/2008|23:39] C:\ProgramData\WLInstaller

---------------[ Listing des dossiers dans C:\Program Files ]--------------

[24/10/2007|18:57] C:\Program Files\Activation Assistant for the 2007 Microsoft Office suites
[06/05/2008|15:10] C:\Program Files\Adobe
[24/10/2007|18:20] C:\Program Files\AIM6
[24/04/2008|23:12] C:\Program Files\Alwil Software
[06/03/2008|17:15] C:\Program Files\AOL
[13/01/2008|06:43] C:\Program Files\Atheros
[06/05/2008|15:10] C:\Program Files\Common Files
[13/01/2008|06:43] C:\Program Files\CONEXANT
[13/01/2008|06:56] C:\Program Files\CyberLink
[24/10/2007|18:17] C:\Program Files\desktop.ini
[06/03/2008|17:14] C:\Program Files\Electronic Arts
[23/04/2008|22:37] C:\Program Files\eMule
[24/04/2008|23:11] C:\Program Files\EoRezo
[06/03/2008|17:01] C:\Program Files\Fichiers communs [C:\Program Files\Common Files]
[28/04/2008|11:38] C:\Program Files\FileZilla FTP Client
[28/04/2008|12:50] C:\Program Files\Hewlett-Packard
[06/03/2008|17:37] C:\Program Files\Hp
[13/01/2008|06:59] C:\Program Files\HP Games
[06/03/2008|17:06] C:\Program Files\HPQ
[28/04/2008|15:49] C:\Program Files\IKEA HomePlanner
[03/05/2008|22:12] C:\Program Files\InstallShield Installation Information
[24/04/2008|10:34] C:\Program Files\Internet Explorer
[08/05/2008|23:36] C:\Program Files\Java
[13/05/2008|21:55] C:\Program Files\K-Lite Codec Pack
[15/05/2008|22:20] C:\Program Files\Lavasoft
[15/05/2008|23:51] C:\Program Files\Lopxp
[14/05/2008|22:26] C:\Program Files\Messenger Plus! Live
[02/11/2006|14:37] C:\Program Files\Microsoft Games
[24/10/2007|18:56] C:\Program Files\Microsoft Office
[24/10/2007|18:56] C:\Program Files\Microsoft Works
[24/10/2007|18:56] C:\Program Files\Microsoft.NET
[25/10/2007|02:57] C:\Program Files\Movie Maker
[15/05/2008|22:19] C:\Program Files\Mozilla Firefox 3 Beta 5
[02/11/2006|14:37] C:\Program Files\MSBuild
[02/11/2006|14:37] C:\Program Files\MSN
[24/04/2008|09:44] C:\Program Files\MSXML 4.0
[24/10/2007|18:43] C:\Program Files\muvee Technologies
[13/01/2008|06:41] C:\Program Files\NetWaiting
[10/04/2008|15:00] C:\Program Files\Neuf
[02/11/2006|14:37] C:\Program Files\Reference Assemblies
[07/03/2008|00:09] C:\Program Files\Samsung
[03/05/2008|22:54] C:\Program Files\Search Settings
[13/01/2008|07:00] C:\Program Files\Services en ligne
[13/01/2008|06:40] C:\Program Files\Synaptics
[16/05/2008|16:08] C:\Program Files\Trend Micro
[02/11/2006|15:01] C:\Program Files\Uninstall Information
[24/10/2007|18:20] C:\Program Files\Viewpoint
[24/10/2007|18:14] C:\Program Files\Windows Calendar
[25/10/2007|02:57] C:\Program Files\Windows Collaboration
[24/10/2007|18:14] C:\Program Files\Windows Defender
[25/10/2007|02:57] C:\Program Files\Windows Journal
[10/05/2008|23:58] C:\Program Files\Windows Live
[06/05/2008|17:06] C:\Program Files\Windows Live Safety Center
[15/05/2008|09:02] C:\Program Files\Windows Mail
[24/04/2008|10:34] C:\Program Files\Windows Media Player
[06/03/2008|17:01] C:\Program Files\Windows NT
[25/10/2007|02:57] C:\Program Files\Windows Photo Gallery
[24/04/2008|10:34] C:\Program Files\Windows Sidebar
[13/01/2008|06:44] C:\Program Files\WinTV

------[ Listing des dossiers dans C:\Program Files\Common Files ]------

[06/05/2008|15:10] C:\Program Files\Common Files\Adobe
[24/10/2007|18:19] C:\Program Files\Common Files\AOL
[24/10/2007|18:56] C:\Program Files\Common Files\DESIGNER
[06/03/2008|17:30] C:\Program Files\Common Files\Hewlett-Packard
[06/03/2008|17:32] C:\Program Files\Common Files\HP
[24/10/2007|19:09] C:\Program Files\Common Files\InstallShield
[24/10/2007|19:21] C:\Program Files\Common Files\Java
[06/03/2008|17:06] C:\Program Files\Common Files\LightScribe
[23/04/2008|17:21] C:\Program Files\Common Files\microsoft shared
[24/10/2007|18:43] C:\Program Files\Common Files\muvee Technologies
[02/11/2006|13:18] C:\Program Files\Common Files\Services
[02/11/2006|13:18] C:\Program Files\Common Files\SpeechEngines
[24/04/2008|23:48] C:\Program Files\Common Files\Symantec Shared
[24/10/2007|18:14] C:\Program Files\Common Files\System
[23/04/2008|17:15] C:\Program Files\Common Files\WindowsLiveInstaller
[16/05/2008|15:13] C:\Program Files\Common Files\Wise Installation Wizard

---------------------------[ Process ]--------------------------

... 81

iexplore.exe ~ [5244]
iexplore.exe ~ [4976]

----------------------[ Recherche avec S_Lop ]---------------------

C:\ProgramData\Up seek seek.77sp8
C:\ProgramData\Up seek seek.77sp8

-----------------[ Recherche de Fichiers / Dossiers Lop ]-----------------

Aucun fichier / dossier Lop trouvé !

----------------------[ Verification du Registre ]----------------------

..... OK !

--------------------[ Verification du fichier Hosts ]---------------------

Fichier Hosts PROPRE


----------------[ Recherche de fichiers avec Catchme ]-----------------

catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-05-16 16:43:03
Windows 6.0.6000 NTFS
scanning hidden processes ...
scanning hidden files ...
scan completed successfully
hidden processes: 0
hidden files: 0

--------------------[ Recherche d'autres infections ]---------------------


Aucune autre infection trouvée !

/!\ [Fich:597][Doss:47] C:\Users\LAUREN~1\AppData\Local\Temp
/!\ [Fich:143][Doss:1] C:\Users\LAUREN~1\AppData\Roaming\MICROS~1\Windows\Cookies
/!\ [Fich:945][Doss:5] C:\Users\LAUREN~1\AppData\Local\MICROS~1\Windows\TEMPOR~1\content.IE5

[ UAC => 1 ]

--------------------[ Fin du rapport a 16:43:58,70 ]----------------------

voila tu ma di d'ajouter un nouveau log? c koi ca?

Oui un nouveau rapport hijackthis , le 1er logiciel utilisé !!

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 16:52:35, on 16/05/2008
Platform: Windows Vista (WinNT 6.00.1904)
MSIE: Internet Explorer v7.00 (7.00.6000.16643)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Program Files\Synaptics\SynTP\SynTPStart.exe
C:\Program Files\Hp\QuickPlay\QPService.exe
C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\Hewlett-Packard\HP QuickTouch\HPKBDAPP.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
C:\Program Files\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe
C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe
C:\Program Files\EoRezo\EoEngine.exe
C:\Program Files\Alwil Software\Avast4\ashDisp.exe
C:\Program Files\Hewlett-Packard\HP Software Update\hpwuSchd2.exe
C:\Program Files\Search Settings\SearchSettings.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Hewlett-Packard\HP Advisor\HPAdvisor.exe
C:\Program Files\eMule\emule.exe
C:\Windows\ehome\ehmsas.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\Hewlett-Packard\Shared\HpqToaster.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqSTE08.exe
c:\program files\aol\aol toolbar 5.0\AolTbServer.exe
C:\Program Files\Hewlett-Packard\Smart Web Printing\hpswp_clipbook.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\Windows\system32\conime.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Windows\explorer.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://recherche.neuf.fr/
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://lo.st
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=fr_fr&c=81&bd=Pavilion&pf=laptop
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://recherche.neuf.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=fr_fr&c=81&bd=Pavilion&pf=laptop
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://recherche.neuf.fr/ie/default.html
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: SearchSettings Class - {E312764E-7706-43F1-8DAB-FCDD2B1E416D} - C:\Program Files\Search Settings\kb127\SearchSettings.dll
O2 - BHO: HP Print Clips - {053F9267-DC04-4294-A72C-58F732D338C0} - C:\Program Files\Hewlett-Packard\Smart Web Printing\hpswp_framework.dll
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: NCO 2.0 IE BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - (no file)
O2 - BHO: EoRezoBHO - {64F56FC1-1272-44CD-BA6E-39723696E350} - C:\Program Files\EoRezo\EoAdv\EoRezoBHO.dll (file missing)
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O2 - BHO: AOL Toolbar Launcher - {7C554162-8CB7-45A4-B8F4-8EA1C75885F9} - C:\Program Files\AOL\AOL Toolbar 5.0\aoltb.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: SearchSettings Class - {E312764E-7706-43F1-8DAB-FCDD2B1E416D} - C:\Program Files\Search Settings\kb127\SearchSettings.dll
O3 - Toolbar: (no name) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - (no file)
O3 - Toolbar: AOL Toolbar - {DE9C389F-3316-41A7-809B-AA305ED9D922} - C:\Program Files\AOL\AOL Toolbar 5.0\aoltb.dll
O3 - Toolbar: Barre d'outils MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Toolbar\01.01.2607.0\fr\msntb.dll (file missing)
O4 - HKLM\..\Run: [NvSvc] RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [SynTPStart] C:\Program Files\Synaptics\SynTP\SynTPStart.exe
O4 - HKLM\..\Run: [QPService] "C:\Program Files\HP\QuickPlay\QPService.exe"
O4 - HKLM\..\Run: [QlbCtrl] %ProgramFiles%\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start
O4 - HKLM\..\Run: [OnScreenDisplay] C:\Program Files\Hewlett-Packard\HP QuickTouch\HPKBDAPP.exe
O4 - HKLM\..\Run: [UCam_Menu] "C:\Program Files\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe" "C:\Program Files\CyberLink\YouCam" update "Software\CyberLink\YouCam\1.0"
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [HP Health Check Scheduler] [ProgramFilesFolder]Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe
O4 - HKLM\..\Run: [hpWirelessAssistant] C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
O4 - HKLM\..\Run: [WAWifiMessage] C:\Program Files\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe"
O4 - HKLM\..\Run: [EoEngine] "C:\Program Files\EoRezo\EoEngine.exe"
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [SearchSettings] C:\Program Files\Search Settings\SearchSettings.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [ItsTV] "C:\Program Files\ItsLabel\ItsTV.exe"
O4 - HKLM\..\Run: [dash cool] "C:\ProgramData\Up seek seek.77sp8"
O4 - HKLM\..\Run: [Amok Mode Dupe Platform] "C:\ProgramData\size cdrom build.vhqa6"
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [LightScribe Control Panel] C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe -hidden
O4 - HKCU\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [TomTomHOME.exe] "C:\Program Files\TomTom HOME 2\HOMERunner.exe"
O4 - HKCU\..\Run: [HPAdvisor] C:\Program Files\Hewlett-Packard\HP Advisor\HPAdvisor.exe autoRun
O4 - HKCU\..\Run: [eMuleAutoStart] C:\Program Files\eMule\emule.exe -AutoStart
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU')
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqtra08.exe
O8 - Extra context menu item: &Recherche AOL Toolbar - c:\program files\aol\aol toolbar 5.0\resources\fr-fr\local\search.html
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra button: Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra button: AOL Toolbar - {3369AF0D-62E9-4bda-8103-B4C75499B578} - C:\Program Files\AOL\AOL Toolbar 5.0\aoltb.dll
O9 - Extra button: Livre de reliures HP - {58ECB495-38F0-49cb-A538-10282ABF65E7} - C:\Program Files\Hewlett-Packard\Smart Web Printing\hpswp_extensions.dll
O9 - Extra button: Sélection intelligente HP - {700259D7-1666-479a-93B1-3250410481E8} - C:\Program Files\Hewlett-Packard\Smart Web Printing\hpswp_extensions.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O13 - Gopher Prefix:
O16 - DPF: {04CB5B64-5915-4629-B869-8945CEBADD21} (Module de délivrance de certificat MINEFI) - https://static.impots.gouv.fr/abos/static/securite/certdgi1.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx1.hotmail.com/mail/w2/resources/VistaMSNPUpldfr-fr.cab
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Com4Qlb - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4Qlb.exe
O23 - Service: GameConsoleService - WildTangent, Inc. - C:\Program Files\HP Games\My HP Game Console\GameConsoleService.exe
O23 - Service: HP Health Check Service - Hewlett-Packard - c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe
O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqWmiEx.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: QuickPlay Background Capture Service (QBCS) (QPCapSvc) - Unknown owner - C:\Program Files\HP\QuickPlay\Kernel\TV\QPCapSvc.exe
O23 - Service: QuickPlay Task Scheduler (QTS) (QPSched) - Unknown owner - C:\Program Files\HP\QuickPlay\Kernel\TV\QPSched.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe
O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe

--
End of file - 11184 bytes

alor?

tu crois que on aura fini a 17h25 car je par au boulot

Si je suis parti stp indique moi komment je dois proceder pour la suite ou sinon on se donne nos adresses hotmail ou e mail pour pouvoir se recontacter. si tu es d'accord envoi moi la tienne et je te recontacte plus tard . ce soir vers 22h30 ou demain tien moi au courant merci d'avance

Rouvre Hijackthis clique sur scan seulement ensuite tu recherches et coches le(s) ligne(s) suivante(s):

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://lo.st
R3 - URLSearchHook: SearchSettings Class - {E312764E-7706-43F1-8DAB-FCDD2B1E416D} - C:\Program Files\Search Settings\kb127\SearchSettings.dll
O2 - BHO: NCO 2.0 IE BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - (no file)
O2 - BHO: EoRezoBHO - {64F56FC1-1272-44CD-BA6E-39723696E350} - C:\Program Files\EoRezo\EoAdv\EoRezoBHO.dll (file missing)
O2 - BHO: AOL Toolbar Launcher - {7C554162-8CB7-45A4-B8F4-8EA1C75885F9} - C:\Program Files\AOL\AOL Toolbar 5.0\aoltb.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: SearchSettings Class - {E312764E-7706-43F1-8DAB-FCDD2B1E416D} - C:\Program Files\Search Settings\kb127\SearchSettings.dll
O3 - Toolbar: (no name) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - (no file)
O3 - Toolbar: AOL Toolbar - {DE9C389F-3316-41A7-809B-AA305ED9D922} - C:\Program Files\AOL\AOL Toolbar 5.0\aoltb.dll
O3 - Toolbar: Barre d'outils MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Toolbar\01.01.2607.0\fr\msntb.dll (file missing)
O4 - HKLM\..\Run: [SearchSettings] C:\Program Files\Search Settings\SearchSettings.exe
O4 - HKLM\..\Run: [dash cool] "C:\ProgramData\Up seek seek.77sp8"
O4 - HKLM\..\Run: [Amok Mode Dupe Platform] "C:\ProgramData\size cdrom build.vhqa6"

Ensuite clique sur "Fix Checked"

Toujours avec UAC désactivé , Supprime ce(s) dossier(s) avec OtMoveIt :

C:\Program Files\Search Settings\
C:\Program Files\AOL\AOL Toolbar 5.0\
C:\ProgramData\Up seek seek.77sp8
C:\ProgramData\size cdrom build.vhqa6\

>>> Lien et Tuto ici <<<
Suis les indications et poste le rapport obtenu dans ton prochain message.

C:\Program Files\Search Settings\kb127\temp moved successfully.
C:\Program Files\Search Settings\kb127\res moved successfully.
C:\Program Files\Search Settings\kb127 moved successfully.
C:\Program Files\Search Settings moved successfully.
C:\Program Files\AOL\AOL Toolbar 5.0\resources\fr-FR\ui moved successfully.
C:\Program Files\AOL\AOL Toolbar 5.0\resources\fr-FR\rss moved successfully.
C:\Program Files\AOL\AOL Toolbar 5.0\resources\fr-FR\local moved successfully.
C:\Program Files\AOL\AOL Toolbar 5.0\resources\fr-FR\buttons moved successfully.
C:\Program Files\AOL\AOL Toolbar 5.0\resources\fr-FR moved successfully.
C:\Program Files\AOL\AOL Toolbar 5.0\resources moved successfully.
Folder move failed. C:\Program Files\AOL\AOL Toolbar 5.0 scheduled to be moved on reboot.
C:\ProgramData\Up seek seek.77sp8 moved successfully.
Folder C:\ProgramData\size cdrom build.vhqa6\ not found.

OTMoveIt2 by OldTimer - Version 1.0.4.2 log created on 05162008_234544

Files moved on Reboot...
C:\Program Files\AOL\AOL Toolbar 5.0 moved successfully.

pour avancer kiki
fait ca

va dans ajout/suppression de programmes, désinstalle si présent : CiD Help
Une demande pour retaper un code devrait s'ouvrir, ressaisis le puis cliques sur UNINSTALL
Désinstalles BitDownload ou BitGrabber par ajout/suppression de programmes, supprimer si existant ces dossiers :
C:\Program Files\BitGrabber
C:\Program Files\BitDownload
C:\Program Files\Multi_Media_France


Si CiD Help n'est pas présent :

Est si tu as instaler msn plus verriffit que tu n as pas instalé le sponsor
Si il l ai
Desinstale via ajout /suppression de programmes, désinstalle si présent

Si tu as toujour des pub après ca ou si rien est présent
telecharge


télécharges lopxpMH2.zip:

http://www.alt-shift-return.org/Info/Fichiers/lopxpMH2.zip

* Dézippe-le (clic droit >> Extraire ici) et double clique sur le fichier lopxpMH.bat.
* Poste le contenu du rapport qui va s'ouvrir
si ton rapport est trop grans poste le comme indiqué dans ce lien.
http://bibou0007.com/aide-a-la-desinfection-f8/rapport-de-grande-taille-t765.htm

aten je coprem pa il fau aller ou alor?