Se connecter / S'enregistrer
Votre question

virus downloader.swizzor

Tags :
  • Virus
  • Sécurité
Dernière réponse : dans Sécurité et virus
10 Mars 2008 16:22:38

Bonjour, Avg me détecte une tonne de virus Downloader.swizzor. Ils sont dans ma quarantaine.. mais comment puis-je faire pour les effacer de mon ordinateurs?! Merci de m'aider!!

Autres pages sur : virus downloader swizzor

10 Mars 2008 17:32:54

Voilà Pour le rapport! Merci


Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 12:32:04, on 2008-03-10
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16608)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\SYSTEM32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\PROGRA~1\Grisoft\AVG7\avgrssvc.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
C:\PROGRA~1\Grisoft\AVG7\avgrssvc.exe
C:\PROGRA~1\Grisoft\AVG7\avgemc.exe
C:\WINDOWS\system32\drivers\CDAC11BA.EXE
C:\WINDOWS\System32\svchost.exe
C:\PROGRA~1\Grisoft\AVG7\avgfwsrv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\QuickTime\qttask.exe
C:\PROGRA~1\Grisoft\AVG7\avgcc.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Windows Live\Messenger\usnsvc.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,SearchAssistant = http://search.imesh.com/sidebar.html?src=ssb
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.daemon-search.com/startpage

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,SearchAssistant =
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://search.imesh.com/sidebar.html?src=ssb
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: (no name) - {00A6FAF6-072E-44cf-8957-5838F569A31D} - (no file)
R3 - URLSearchHook: (no name) - {1BB22D38-A411-4B13-A746-C2A4F4EC7344} - (no file)
R3 - URLSearchHook: Yahoo! Barre d'outils - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {1CE770CE-22B9-79B8-29F6-F48CF7BADA8D} - C:\DOCUME~1\PROPRI~1\APPLIC~1\elseaxis\Vcmeta.exe (file missing)
O2 - BHO: PopKill Class - {3C060EA2-E6A9-4E49-A530-D4657B8C449A} - C:\Program Files\Bell\Forfait sécurité d'affaires\pkR.dll (file missing)
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_07\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - C:\Program Files\MSN Apps\ST\01.03.0000.1005\en-xu\stmain.dll
O2 - BHO: MSNToolBandBHO - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\MSN Toolbar\01.02.5000.1021\fr\msntb.dll
O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\MSN Toolbar\01.02.5000.1021\fr\msntb.dll
O3 - Toolbar: Yahoo! Barre d'outils - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
O4 - HKLM\..\Run: [LXCGCATS] rundll32 C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\LXCGtime.dll,_RunDLLEntry@16
O4 - HKLM\..\Run: [MotiveReportAgent] "C:\Program Files\Fichiers communs\Motive\McciBootStrapper.exe" /url="-url=file://C:\Program Files\Fichiers communs\Motive\ReportAgent.html" /browsertype=CustomMSIE /browserpath="C:\Program Files\Common Files\Motive\motivebrowser.exe" /hidden
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVG7\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [UniMessenger] C:\Program Files\UNI2\UNI2.exe
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKLM\..\Run: [Stupid Data Dart Wave] C:\Documents and Settings\All Users\Application Data\flag ace stupid data\Math Heck.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [bows anti] C:\DOCUME~1\PROPRI~1\APPLIC~1\GRIMLO~1\Balmacidshow.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'Default user')
O4 - .DEFAULT User Startup: mod_sm.lnk = C:\hp\bin\cloaker.exe (User 'Default user')
O8 - Extra context menu item: &Search - http://edits.mywebsearch.com/toolbaredits/menusearch.jh...
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_07\bin\ssv.dll
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: - {946B3E9E-E21A-49c8-9F63-900533FAFE15} - (no file)
O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no file)
O9 - Extra button: Run IMVU - {d9288080-1baa-4bc4-9cf8-a92d743db949} - C:\Documents and Settings\Propriétaire\Menu Démarrer\Programmes\IMVU\Run IMVU.lnk (file missing)
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab31267....
O16 - DPF: {05D44720-58E3-49E6-BDF6-D00330E511D3} (StagingUI Object) - http://zone.msn.com/binFrameWork/v10/StagingUI.cab53083...
O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPACl...
O16 - DPF: {1754A1BA-A1DF-4F10-B199-AA55AA1A120F} (InstallerBehaviorFactory Class) - https://signup.msn.com/pages/MsnInstC.cab
O16 - DPF: {17D72920-7A15-11D4-921E-0080C8DA7A5E} (AimSp32 Class) - http://rimmel.ai-media.com/save/makeover.cab
O16 - DPF: {1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} - http://ak.exe.imgfarm.com/images/nocache/funwebproducts...
O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab312...
O16 - DPF: {30528230-99F7-4BB4-88D8-FA1D4F56A2AB} (YInstStarter Class) - http://us.dl1.yimg.com/download.yahoo.com/dl/installs/y...
O16 - DPF: {339234B4-4E14-4280-B8B4-8BAE5AF99063} (Chess Object) - http://zone.msn.com/bingame/zpagames/zpa_kqrp.cab53083....
O16 - DPF: {3BB54395-5982-4788-8AF4-B5388FFDD0D8} (ZoneBuddy Class) - http://zone.msn.com/BinFrameWork/v10/ZBuddy.cab53083.ca...
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx1.hotmail.com/mail/w2/pr02/resources/MSNPUpld...
O16 - DPF: {512FC5A1-7DE1-43F1-BC0C-371622FCB409} (TotalScan Installer Class) - http://www.nanoscan.com/as/cabs/ascstubie.cab
O16 - DPF: {5736C456-EA94-4AAC-BB08-917ABDD035B3} (ZonePAChat Object) - http://zone.msn.com/binframework/v10/ZPAChat.cab53083.c...
O16 - DPF: {5C6698D9-7BE4-4122-8EC5-291D84DBD4A0} (Facebook Photo Uploader 4 Control) - http://upload.facebook.com/controls/FacebookPhotoUpload...
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-CA/a-UNO1/GAME_UNO1.ca...
O16 - DPF: {639658F3-B141-4D6B-B936-226F75A5EAC3} (CPlayFirstDinerDash2Control Object) - http://zone.msn.com/bingame/dsh2/default/DinerDash2.1.0...
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClie...
O16 - DPF: {9BDF4724-10AA-43D5-BD15-AEA0D2287303} (ZPA_TexasHoldem Object) - http://zone.msn.com/bingame/zpagames/zpa_txhe.cab53083....
O16 - DPF: {A8F2B9BD-A6A0-486A-9744-18920D898429} (ScorchPlugin Class) - http://www.sibelius.com/download/software/win/ActiveXPl...
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://cdn2.zone.msn.com/binFramework/v10/ZIntro.cab530...
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPACl...
O16 - DPF: {D77EF652-9A6B-40C8-A4B9-1C0697C6CF41} (TikGames Online Control) - http://zone.msn.com/bingame/cnma/default/ct.cab
O16 - DPF: {DA2AA6CF-5C7A-4B71-BC3B-C771BB369937} (StadiumProxy Class) - http://sympatico.zone.msn.com/binframework/v10/StProxy....
O16 - DPF: {DF780F87-FF2B-4DF8-92D0-73DB16A1543A} (PopCapLoader Object) - http://zone.msn.com/bingame/popcaploader_v10.cab
O16 - DPF: {E6187999-9FEC-46A1-A20F-F4CA977D5643} (ZoneChess Object) - http://messenger.zone.msn.com/binary/Chess.cab31267.cab
O16 - DPF: {F137B9BA-89EA-4B04-9C67-2074A9DF61FD} (Photo Upload Plugin Class) - http://walmart.pnimedia.com/upload/activex/v2_0_0_10/PC...
O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab569...
O16 - DPF: {F6BF0D00-0B2A-4A75-BF7B-F385591623AF} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown....
O20 - Winlogon Notify: avgwlntf - C:\WINDOWS\SYSTEM32\avgwlntf.dll
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
O23 - Service: AVG7 Resident Shield Service (AvgCoreSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgrssvc.exe
O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgemc.exe
O23 - Service: AVG Firewall (AVGFwSrv) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgfwsrv.exe
O23 - Service: C-DillaCdaC11BA - Macrovision - C:\WINDOWS\system32\drivers\CDAC11BA.EXE
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: lxcg_device - Unknown owner - C:\WINDOWS\system32\lxcgcoms.exe
O23 - Service: MSCSPTISRV - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\MSCSPTISRV.exe
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: PACSPTISVR - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\PACSPTISVR.exe
O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\SPTISRV.exe
O23 - Service: SonicStage SCSI Service (SSScsiSV) - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\SSScsiSV.exe

--
End of file - 13159 bytes
Contenus similaires
10 Mars 2008 17:36:42

:hello: 

Télécharge Lop S&D.exe ( d’ Eric 71 & Angeldark ) sur ton bureau. ~>Tuto<~
  • Double-clique dessus pour lancer l'installation
  • Puis double-clique sur le raccourci Lop S&D présent sur ton bureau
  • Séléctionne la langue souhaitée , puis choisis l'Option 1 ( Recherche )
  • Patiente jusqu'à la fin du scan
  • Poste le rapport généré ( C:\lopR.txt )
    (Si le Bureau ne réapparait pas presse Ctrl + Alt + Suppr , Onglet Fichier , Nouvelle tâche , tape explorer.exe et valide)
    10 Mars 2008 17:46:27


    -----------------------[ Lop S&D 4.0.5 XP/Vista ]----------------------

    [ Windows XP (NT 5.1) Build 2600, Service Pack 2 ]
    [ USER : Propri‚taire ] [ "C:\Lop SD" ]
    [ 2008-03-10 | 12:40:15,59 ] [ PC : NOM-HJDQZRZHIWG ]
    [ MAJ : 09-03-2008 | 22:50 ]

    -------------[ Listing des dossiers dans Application Data ]------------

    [2008-01-18|21:00] C:\DOCUME~1\ALLUSE~1\APPLIC~1\.
    [2008-01-18|21:00] C:\DOCUME~1\ALLUSE~1\APPLIC~1\..
    [2007-07-06|14:03] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe
    [2008-01-18|21:00] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple
    [2006-11-10|12:26] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple Computer
    [2007-12-24|12:37] C:\DOCUME~1\ALLUSE~1\APPLIC~1\avg7
    [2007-09-18|20:05] C:\DOCUME~1\ALLUSE~1\APPLIC~1\avg7(2)
    [2007-09-18|19:15] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Bell
    [2007-09-07|10:01] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Bell Canada
    [2007-01-03|19:40] C:\DOCUME~1\ALLUSE~1\APPLIC~1\BOONTY
    [2005-03-07|10:35] C:\DOCUME~1\ALLUSE~1\APPLIC~1\BOWS 16 JUGS FORD
    [2003-08-05|14:30] C:\DOCUME~1\ALLUSE~1\APPLIC~1\desktop.ini
    [2007-12-28|11:00] C:\DOCUME~1\ALLUSE~1\APPLIC~1\does mfcd amok play
    [2005-08-31|22:35] C:\DOCUME~1\ALLUSE~1\APPLIC~1\FaxCtr
    [2008-02-24|21:46] C:\DOCUME~1\ALLUSE~1\APPLIC~1\flag ace stupid data
    [2006-09-28|09:59] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Freedom
    [2007-06-29|18:35] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Friends Games
    [2007-09-07|09:58] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Google
    [2007-12-24|12:37] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Grisoft
    [2007-12-19|18:22] C:\DOCUME~1\ALLUSE~1\APPLIC~1\HipSoft
    [2007-01-01|22:39] C:\DOCUME~1\ALLUSE~1\APPLIC~1\iWin
    [2006-07-04|19:35] C:\DOCUME~1\ALLUSE~1\APPLIC~1\JollyBear
    [2006-01-05|20:56] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Kaspersky Anti-Virus Personal
    [2007-01-03|19:38] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Macrovision
    [2006-07-25|13:36] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Messenger Plus!
    [2007-03-09|21:59] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft
    [2007-08-19|21:12] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Motive
    [2007-08-20|13:25] C:\DOCUME~1\ALLUSE~1\APPLIC~1\MotiveSysIDs
    [2005-11-20|13:26] C:\DOCUME~1\ALLUSE~1\APPLIC~1\MSN6
    [2007-07-10|18:38] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Oberon Games
    [2007-07-11|16:35] C:\DOCUME~1\ALLUSE~1\APPLIC~1\PlayFirst
    [2007-06-22|23:29] C:\DOCUME~1\ALLUSE~1\APPLIC~1\PopCap
    [2008-01-21|20:02] C:\DOCUME~1\ALLUSE~1\APPLIC~1\QTSBandwidthCache
    [2005-06-12|16:06] C:\DOCUME~1\ALLUSE~1\APPLIC~1\QuickTime
    [2007-04-08|20:57] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Sandlot Games
    [2003-08-05|19:41] C:\DOCUME~1\ALLUSE~1\APPLIC~1\SBSI
    [2007-09-18|20:12] C:\DOCUME~1\ALLUSE~1\APPLIC~1\SharedProperties.xml
    [2005-09-02|20:25] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Sierra
    [2006-09-10|21:05] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Sony Corporation
    [2007-01-03|19:40] C:\DOCUME~1\ALLUSE~1\APPLIC~1\SugarGames
    [2005-03-06|17:35] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Symantec
    [2007-12-19|19:15] C:\DOCUME~1\ALLUSE~1\APPLIC~1\TEMP
    [2007-03-04|20:51] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Trymedia
    [2007-08-19|20:29] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Two Idol Wave Flag
    [2006-09-06|20:15] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Ulead Systems
    [2005-10-22|11:04] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Genuine Advantage
    [2007-11-21|11:34] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WLInstaller
    [2007-10-03|15:35] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Yahoo! Companion

    [2005-03-05|19:47] C:\DOCUME~1\DEFAUL~1\APPLIC~1\.
    [2005-03-05|19:47] C:\DOCUME~1\DEFAUL~1\APPLIC~1\..
    [2003-08-05|20:39] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Adobe
    [2003-08-05|14:30] C:\DOCUME~1\DEFAUL~1\APPLIC~1\desktop.ini
    [2003-08-05|19:37] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Identities
    [2003-08-05|20:39] C:\DOCUME~1\DEFAUL~1\APPLIC~1\InterTrust
    [2007-12-11|22:09] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft
    [2003-08-05|20:44] C:\DOCUME~1\DEFAUL~1\APPLIC~1\SampleView
    [2003-08-05|20:34] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Sonic
    [2003-08-07|20:17] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Symantec

    [2007-09-19|10:55] C:\DOCUME~1\LOCALS~1\APPLIC~1\.
    [2007-09-19|10:55] C:\DOCUME~1\LOCALS~1\APPLIC~1\..
    [2007-09-19|10:55] C:\DOCUME~1\LOCALS~1\APPLIC~1\AVG7
    [2005-09-17|14:38] C:\DOCUME~1\LOCALS~1\APPLIC~1\HbTools
    [2006-01-20|21:48] C:\DOCUME~1\LOCALS~1\APPLIC~1\Help
    [2007-12-24|12:29] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft
    [2007-12-28|13:37] C:\DOCUME~1\LOCALS~1\APPLIC~1\ShopperReports

    [2003-08-05|19:39] C:\DOCUME~1\NETWOR~1\APPLIC~1\.
    [2003-08-05|19:39] C:\DOCUME~1\NETWOR~1\APPLIC~1\..
    [2007-12-24|12:29] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft


    [2008-02-18|12:27] C:\DOCUME~1\PROPRI~1\APPLIC~1\.
    [2008-02-18|12:27] C:\DOCUME~1\PROPRI~1\APPLIC~1\..
    [2008-01-15|18:32] C:\DOCUME~1\PROPRI~1\APPLIC~1\Adobe
    [2007-07-06|14:01] C:\DOCUME~1\PROPRI~1\APPLIC~1\AdobeUM
    [2007-01-19|21:44] C:\DOCUME~1\PROPRI~1\APPLIC~1\Apple Computer
    [2007-06-03|20:16] C:\DOCUME~1\PROPRI~1\APPLIC~1\ArcSoft
    [2008-03-10|06:53] C:\DOCUME~1\PROPRI~1\APPLIC~1\AVG7
    [2007-01-20|22:08] C:\DOCUME~1\PROPRI~1\APPLIC~1\AVSMedia
    [2007-09-18|19:15] C:\DOCUME~1\PROPRI~1\APPLIC~1\Bell
    [2007-09-07|10:01] C:\DOCUME~1\PROPRI~1\APPLIC~1\Bell Canada
    [2008-02-11|22:29] C:\DOCUME~1\PROPRI~1\APPLIC~1\BitTorrent
    [2007-07-19|20:29] C:\DOCUME~1\PROPRI~1\APPLIC~1\BSplayer
    [2007-03-22|16:19] C:\DOCUME~1\PROPRI~1\APPLIC~1\BSplayer Pro
    [2007-09-19|10:32] C:\DOCUME~1\PROPRI~1\APPLIC~1\CampaignStore.xml
    [2007-08-03|22:07] C:\DOCUME~1\PROPRI~1\APPLIC~1\Chicken Chase
    [2007-09-18|20:12] C:\DOCUME~1\PROPRI~1\APPLIC~1\client_gateway.log
    [2007-09-19|10:32] C:\DOCUME~1\PROPRI~1\APPLIC~1\ConfigurationStore.xml
    [2007-12-28|21:07] C:\DOCUME~1\PROPRI~1\APPLIC~1\DAEMON Tools
    [2003-08-05|14:30] C:\DOCUME~1\PROPRI~1\APPLIC~1\desktop.ini
    [2007-04-15|16:57] C:\DOCUME~1\PROPRI~1\APPLIC~1\DivX
    [2007-09-19|10:32] C:\DOCUME~1\PROPRI~1\APPLIC~1\EventStore.xml
    [2005-09-01|11:23] C:\DOCUME~1\PROPRI~1\APPLIC~1\FaxCtr
    [2006-10-09|10:56] C:\DOCUME~1\PROPRI~1\APPLIC~1\FunWebProducts
    [2007-01-18|19:51] C:\DOCUME~1\PROPRI~1\APPLIC~1\Gaijin Ent
    [2006-10-17|20:14] C:\DOCUME~1\PROPRI~1\APPLIC~1\Google
    [2008-02-24|21:46] C:\DOCUME~1\PROPRI~1\APPLIC~1\grimloudmeal
    [2007-12-28|11:28] C:\DOCUME~1\PROPRI~1\APPLIC~1\Grisoft
    [2005-07-25|11:25] C:\DOCUME~1\PROPRI~1\APPLIC~1\Help
    [2007-12-12|17:34] C:\DOCUME~1\PROPRI~1\APPLIC~1\Home Sweet Home
    [2003-08-05|19:37] C:\DOCUME~1\PROPRI~1\APPLIC~1\Identities
    [2007-07-07|01:12] C:\DOCUME~1\PROPRI~1\APPLIC~1\IMVU
    [2007-09-18|20:05] C:\DOCUME~1\PROPRI~1\APPLIC~1\InstallShield
    [2005-03-25|14:04] C:\DOCUME~1\PROPRI~1\APPLIC~1\InterVideo
    [2007-01-01|22:39] C:\DOCUME~1\PROPRI~1\APPLIC~1\iWin
    [2007-12-08|17:55] C:\DOCUME~1\PROPRI~1\APPLIC~1\Jane s Hotel
    [2006-08-28|19:46] C:\DOCUME~1\PROPRI~1\APPLIC~1\LANCITE
    [2005-05-01|20:54] C:\DOCUME~1\PROPRI~1\APPLIC~1\Macromedia
    [2007-01-16|22:20] C:\DOCUME~1\PROPRI~1\APPLIC~1\MessengerSkinner
    [2007-12-24|12:29] C:\DOCUME~1\PROPRI~1\APPLIC~1\Microsoft
    [2005-08-16|18:53] C:\DOCUME~1\PROPRI~1\APPLIC~1\Microsoft Web Folders
    [2006-06-30|10:11] C:\DOCUME~1\PROPRI~1\APPLIC~1\Mozilla
    [2006-04-14|23:38] C:\DOCUME~1\PROPRI~1\APPLIC~1\MSN6
    [2006-05-27|09:58] C:\DOCUME~1\PROPRI~1\APPLIC~1\MSNInstaller
    [2007-06-02|22:21] C:\DOCUME~1\PROPRI~1\APPLIC~1\MysteryStudio
    [2007-03-27|17:24] C:\DOCUME~1\PROPRI~1\APPLIC~1\Oberon Media
    [2007-07-11|16:34] C:\DOCUME~1\PROPRI~1\APPLIC~1\PlayFirst
    [2003-08-05|20:44] C:\DOCUME~1\PROPRI~1\APPLIC~1\SampleView
    [2007-12-28|15:25] C:\DOCUME~1\PROPRI~1\APPLIC~1\SecuROM
    [2005-09-02|20:27] C:\DOCUME~1\PROPRI~1\APPLIC~1\Sierra
    [2007-09-18|20:09] C:\DOCUME~1\PROPRI~1\APPLIC~1\SoftwareDetectionScripts
    [2007-09-19|10:32] C:\DOCUME~1\PROPRI~1\APPLIC~1\SoftwarePackageStore.xml
    [2005-03-07|20:52] C:\DOCUME~1\PROPRI~1\APPLIC~1\Sonic
    [2006-09-10|21:57] C:\DOCUME~1\PROPRI~1\APPLIC~1\Sony Corporation
    [2006-07-22|15:48] C:\DOCUME~1\PROPRI~1\APPLIC~1\Sun
    [2003-08-07|20:17] C:\DOCUME~1\PROPRI~1\APPLIC~1\Symantec
    [2005-03-06|22:25] C:\DOCUME~1\PROPRI~1\APPLIC~1\Template
    [2005-11-09|18:58] C:\DOCUME~1\PROPRI~1\APPLIC~1\Thalia
    [2006-10-20|23:51] C:\DOCUME~1\PROPRI~1\APPLIC~1\Trevoli
    [2007-04-06|08:51] C:\DOCUME~1\PROPRI~1\APPLIC~1\Ulead Systems
    [2007-09-19|10:32] C:\DOCUME~1\PROPRI~1\APPLIC~1\UpdateStore.xml
    [2007-04-05|20:30] C:\DOCUME~1\PROPRI~1\APPLIC~1\vlc
    [2007-03-11|19:31] C:\DOCUME~1\PROPRI~1\APPLIC~1\Wildfire
    [2006-08-07|22:17] C:\DOCUME~1\PROPRI~1\APPLIC~1\yahoo!

    ----------------[ Tâches planifiées dans C:\WINDOWS\tasks ]---------------

    [2008-03-10 12:00][--ah-----] C:\WINDOWS\tasks\A8B5843C91923AA4.job
    [2008-02-26 00:49][--a------] C:\WINDOWS\tasks\AppleSoftwareUpdate.job
    [2002-08-30 15:00][-rah-----] C:\WINDOWS\tasks\desktop.ini
    [2008-03-10 06:49][--ah-----] C:\WINDOWS\tasks\SA.DAT

    ---------------[ Listing des dossiers dans C:\Program Files ]--------------

    [2008-03-10|12:30] C:\Program Files\.
    [2008-03-10|12:30] C:\Program Files\..
    [2006-05-22|10:21] C:\Program Files\Abbyy FineReader 6.0 Sprint
    [2007-09-14|10:38] C:\Program Files\Activision Value
    [2007-02-11|17:47] C:\Program Files\Adobe
    [2007-10-12|10:06] C:\Program Files\Adverts
    [2007-04-05|20:44] C:\Program Files\AOL Games
    [2008-01-18|21:00] C:\Program Files\Apple Software Update
    [2007-01-20|22:04] C:\Program Files\AVSMedia
    [2003-08-05|20:45] C:\Program Files\BackWeb
    [2007-09-19|10:35] C:\Program Files\Bell
    [2007-09-16|21:26] C:\Program Files\BitComet
    [2007-12-23|14:01] C:\Program Files\BitTorrent
    [2007-12-19|18:39] C:\Program Files\Boonty
    [2007-12-19|18:36] C:\Program Files\BoontyGames
    [2007-12-28|14:43] C:\Program Files\Common Files
    [2003-08-05|20:45] C:\Program Files\Compaq Connections
    [2007-09-18|20:05] C:\Program Files\ComPlus Applications
    [2007-05-18|14:01] C:\Program Files\Corel
    [2005-08-25|20:00] C:\Program Files\CreataCard
    [2007-06-03|15:11] C:\Program Files\DivX
    [2007-12-26|18:14] C:\Program Files\DomPlayer
    [2007-12-29|00:00] C:\Program Files\EA GAMES
    [2007-07-06|14:11] C:\Program Files\Easy Internet signup
    [2005-12-23|16:14] C:\Program Files\Eidos
    [2007-03-04|23:16] C:\Program Files\Eidos Interactive
    [2007-11-21|23:55] C:\Program Files\eMule
    [2006-09-23|18:29] C:\Program Files\eRightSoft
    [2005-10-05|18:24] C:\Program Files\EZFace
    [2007-12-28|11:18] C:\Program Files\Fichiers communs
    [2006-11-06|23:38] C:\Program Files\FunWebProducts
    [2005-06-08|12:36] C:\Program Files\GameSpy Arcade
    [2007-03-05|11:31] C:\Program Files\Global Star Software
    [2007-09-07|09:58] C:\Program Files\Google
    [2008-02-24|21:45] C:\Program Files\grimloudmeal
    [2007-12-28|11:20] C:\Program Files\Grisoft
    [2007-09-18|20:05] C:\Program Files\Grisoft(2)
    [2007-06-26|18:23] C:\Program Files\Hasbro Interactive
    [2007-07-14|19:51] C:\Program Files\iMesh Applications
    [2007-09-18|19:54] C:\Program Files\INSTALL.LOG
    [2007-09-18|20:05] C:\Program Files\InstallShield Installation Information
    [2005-03-25|14:04] C:\Program Files\InterActual
    [2008-02-12|22:12] C:\Program Files\Internet Explorer
    [2003-08-05|20:37] C:\Program Files\InterVideo
    [2006-11-10|12:29] C:\Program Files\iPod
    [2006-11-10|12:30] C:\Program Files\iTunes
    [2006-07-22|15:44] C:\Program Files\Java
    [2003-08-05|20:51] C:\Program Files\Java Web Start
    [2005-03-23|21:20] C:\Program Files\Kazaa
    [2007-06-03|15:11] C:\Program Files\Legacy Interactive
    [2007-05-25|16:29] C:\Program Files\Lexmark 2300 Series
    [2005-08-31|22:36] C:\Program Files\Lexmark Fax Solutions
    [2008-02-18|12:30] C:\Program Files\LimeWire
    [2005-07-14|22:18] C:\Program Files\Logitech
    [2008-02-28|21:35] C:\Program Files\Lx_cats
    [2007-08-05|20:27] C:\Program Files\Maxis
    [2005-04-12|17:20] C:\Program Files\Messenger
    [2007-12-23|00:56] C:\Program Files\Messenger Plus! Live
    [2006-12-30|18:47] C:\Program Files\MessengerPlus! 3
    [2007-01-17|08:53] C:\Program Files\MessengerSkinner
    [2007-04-06|08:51] C:\Program Files\Micrografx
    [2007-11-21|22:00] C:\Program Files\Microsoft CAPICOM 2.1.0.2
    [2003-08-05|20:35] C:\Program Files\Microsoft Encarta
    [2005-08-16|18:53] C:\Program Files\microsoft frontpage
    [2006-02-18|22:39] C:\Program Files\Microsoft Games
    [2005-07-14|22:18] C:\Program Files\Microsoft NetShow
    [2005-08-16|18:53] C:\Program Files\Microsoft Office
    [2005-03-18|13:33] C:\Program Files\Microsoft Reference
    [2007-11-21|11:41] C:\Program Files\Microsoft SQL Server Compact Edition
    [2005-07-25|11:25] C:\Program Files\Microsoft Works
    [2007-09-19|10:11] C:\Program Files\mIRC
    [2005-04-10|20:51] C:\Program Files\Movie Maker
    [2008-03-10|09:36] C:\Program Files\Mozilla Firefox
    [2007-07-06|13:45] C:\Program Files\MSECACHE
    [2005-12-26|20:43] C:\Program Files\MSN
    [2005-03-06|20:53] C:\Program Files\MSN Apps
    [2007-12-28|12:31] C:\Program Files\MSN Games
    [2003-08-05|19:34] C:\Program Files\MSN Gaming Zone
    [2007-12-23|00:56] C:\Program Files\MSN Messenger
    [2006-11-17|21:06] C:\Program Files\MSXML 4.0
    [2003-08-05|20:36] C:\Program Files\MUSICMATCH
    [2006-08-24|14:58] C:\Program Files\MyWebSearch
    [2005-07-14|22:18] C:\Program Files\NetMeeting
    [2007-06-12|22:31] C:\Program Files\Outlook Express
    [2007-12-27|15:28] C:\Program Files\Panda Security
    [2007-09-18|20:04] C:\Program Files\Panda Software
    [2007-09-18|20:04] C:\Program Files\PC-Doctor for Windows
    [2006-10-20|23:47] C:\Program Files\Photo Finale
    [2006-11-10|12:28] C:\Program Files\QuickTime
    [2003-08-05|20:34] C:\Program Files\RecordNow!
    [2007-06-03|20:07] C:\Program Files\SanDisk
    [2003-08-05|20:52] C:\Program Files\Services en ligne
    [2007-04-06|08:51] C:\Program Files\Sierra
    [2007-09-18|20:04] C:\Program Files\SmartAudioConverter
    [2006-09-10|21:08] C:\Program Files\Sony
    [2006-10-17|18:55] C:\Program Files\SureThing
    [2005-03-06|17:34] C:\Program Files\Symantec
    [2005-10-11|19:25] C:\Program Files\Thalia
    [2007-07-03|20:50] C:\Program Files\The Three Musketeers
    [2008-03-10|12:30] C:\Program Files\Trend Micro
    [2007-03-04|20:53] C:\Program Files\Trymedia
    [2006-09-06|20:15] C:\Program Files\Ulead Systems
    [2003-08-05|19:40] C:\Program Files\Uninstall Information
    [2007-04-05|20:28] C:\Program Files\VideoLAN
    [2006-09-13|19:17] C:\Program Files\Webteh
    [2007-01-03|19:20] C:\Program Files\WildTangent
    [2007-07-06|13:46] C:\Program Files\Windows Installer Clean Up
    [2005-10-22|11:06] C:\Program Files\Windows Journal Viewer
    [2008-02-27|22:02] C:\Program Files\Windows Live
    [2007-11-21|11:43] C:\Program Files\Windows Live Favorites
    [2007-11-21|11:43] C:\Program Files\Windows Live Toolbar
    [2007-12-28|12:37] C:\Program Files\Windows Media Connect 2
    [2007-11-22|00:17] C:\Program Files\Windows Media Player
    [2005-04-10|20:49] C:\Program Files\Windows NT
    [2005-03-06|19:37] C:\Program Files\WindowsUpdate
    [2006-04-23|09:44] C:\Program Files\WinZip
    [2003-08-05|19:37] C:\Program Files\xerox
    [2006-08-07|22:14] C:\Program Files\Yahoo!
    [2005-08-13|17:32] C:\Program Files\ZJChat

    ------[ Listing des dossiers dans C:\Program Files\Fichiers communs ]------

    [2007-12-28|11:18] C:\Program Files\Fichiers communs\.
    [2007-12-28|11:18] C:\Program Files\Fichiers communs\..
    [2007-02-11|17:47] C:\Program Files\Fichiers communs\Adobe
    [2005-03-16|19:19] C:\Program Files\Fichiers communs\AOL
    [2007-06-03|20:09] C:\Program Files\Fichiers communs\ArcSoft
    [2007-04-05|20:27] C:\Program Files\Fichiers communs\AVSMedia
    [2007-01-03|19:40] C:\Program Files\Fichiers communs\BOONTY Shared
    [2007-05-18|14:01] C:\Program Files\Fichiers communs\Corel
    [2005-08-16|18:54] C:\Program Files\Fichiers communs\Designer
    [2006-05-04|19:20] C:\Program Files\Fichiers communs\InstallShield
    [2006-07-22|15:42] C:\Program Files\Fichiers communs\Java
    [2005-07-14|22:18] C:\Program Files\Fichiers communs\Logitech
    [2007-01-03|20:45] C:\Program Files\Fichiers communs\Macrovision Shared
    [2007-11-21|11:38] C:\Program Files\Fichiers communs\Microsoft Shared
    [2007-08-19|21:12] C:\Program Files\Fichiers communs\Motive
    [2003-08-05|19:35] C:\Program Files\Fichiers communs\MSSoap
    [2003-08-05|14:30] C:\Program Files\Fichiers communs\ODBC
    [2006-01-05|20:54] C:\Program Files\Fichiers communs\Panda Software
    [2005-12-29|13:12] C:\Program Files\Fichiers communs\Real
    [2007-09-20|10:27] C:\Program Files\Fichiers communs\Sandlot Shared
    [2005-03-05|19:47] C:\Program Files\Fichiers communs\Services
    [2003-08-05|20:34] C:\Program Files\Fichiers communs\Sonic
    [2006-09-10|21:04] C:\Program Files\Fichiers communs\Sony Shared
    [2003-08-05|14:30] C:\Program Files\Fichiers communs\SpeechEngines
    [2006-10-17|18:55] C:\Program Files\Fichiers communs\SureThing Shared
    [2005-03-06|17:35] C:\Program Files\Fichiers communs\Symantec Shared
    [2007-06-12|22:31] C:\Program Files\Fichiers communs\System
    [2005-10-11|19:25] C:\Program Files\Fichiers communs\Thalia Shared
    [2006-09-06|20:02] C:\Program Files\Fichiers communs\Ulead Systems
    [2007-11-21|11:38] C:\Program Files\Fichiers communs\WindowsLiveInstaller

    ----------------------[ Recherche avec S_Lop ]---------------------

    Aucun fichier / dossier Lop trouvé !

    -----------------[ Recherche de Fichiers / Dossiers Lop ]-----------------

    C:\DOCUME~1\ALLUSE~1\APPLIC~1\flag ace stupid data
    C:\DOCUME~1\ALLUSE~1\APPLIC~1\flag ace stupid data\Math Heck.exe
    C:\Program Files\Adverts
    C:\Program Files\DomPlayer
    C:\WINDOWS\Tasks\A8B5843C91923AA4.job

    ----------------------[ Verification du Registre ]----------------------

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "Stupid Data Dart Wave"="C:\\Documents and Settings\\All Users\\Application Data\\flag ace stupid data\\Math Heck.exe"

    --------------------[ Verification du fichier Hosts ]---------------------

    Fichier Hosts MODIFIE

    127.0.0.1 bin.errorprotector.com ## added by CiD
    127.0.0.1 br.errorsafe.com ## added by CiD
    127.0.0.1 br.winantivirus.com ## added by CiD
    127.0.0.1 br.winfixer.com ## added by CiD
    127.0.0.1 de.errorsafe.com ## added by CiD
    127.0.0.1 de.winantivirus.com ## added by CiD
    127.0.0.1 download.cdn.winsoftware.com ## added by CiD
    127.0.0.1 download.errorsafe.com ## added by CiD
    127.0.0.1 download.systemdoctor.com ## added by CiD
    127.0.0.1 download.winantispyware.com ## added by CiD
    127.0.0.1 download.windrivecleaner.com ## added by CiD
    127.0.0.1 download.winfixer.com ## added by CiD
    127.0.0.1 drivecleaner.com ## added by CiD
    127.0.0.1 dynamique.drivecleaner.com ## added by CiD
    127.0.0.1 errorprotector.com ## added by CiD
    127.0.0.1 errorsafe.com ## added by CiD
    127.0.0.1 es.winantivirus.com ## added by CiD
    127.0.0.1 fr.winantivirus.com ## added by CiD
    127.0.0.1 fr.winfixer.com ## added by CiD
    127.0.0.1 go.drivecleaner.com ## added by CiD
    127.0.0.1 go.errorsafe.com ## added by CiD
    127.0.0.1 go.winantispyware.com ## added by CiD
    127.0.0.1 go.winantivirus.com ## added by CiD
    127.0.0.1 hk.winantivirus.com ## added by CiD
    127.0.0.1 instlog.errorsafe.com ## added by CiD
    127.0.0.1 instlog.winantivirus.com ## added by CiD
    127.0.0.1 jsp.drivecleaner.com ## added by CiD
    127.0.0.1 kb.errorsafe.com ## added by CiD
    127.0.0.1 kb.winantivirus.com ## added by CiD
    127.0.0.1 nl.errorsafe.com ## added by CiD
    127.0.0.1 se.errorsafe.com ## added by CiD
    127.0.0.1 secure.drivecleaner.com ## added by CiD
    127.0.0.1 secure.errorsafe.com ## added by CiD
    127.0.0.1 secure.winantispam.com ## added by CiD
    127.0.0.1 secure.winantispy.com ## added by CiD
    127.0.0.1 secure.winantivirus.com ## added by CiD
    127.0.0.1 support.winantivirus.com ## added by CiD
    127.0.0.1 ulog.winantivirus.com ## added by CiD
    127.0.0.1 utils.errorsafe.com ## added by CiD
    127.0.0.1 utils.winantivirus.com ## added by CiD
    127.0.0.1 winantispyware.com ## added by CiD
    127.0.0.1 winantivirus.com ## added by CiD
    127.0.0.1 winfixer.com ## added by CiD
    127.0.0.1 www.drivecleaner.com ## added by CiD
    127.0.0.1 www.errorprotector.com ## added by CiD
    127.0.0.1 www.errorsafe.com ## added by CiD
    127.0.0.1 www.systemdoctor.com ## added by CiD
    127.0.0.1 www.win-anti-virus-pro.com ## added by CiD
    127.0.0.1 www.win-virus-pro.com ## added by CiD
    127.0.0.1 www.winantispam.com ## added by CiD
    127.0.0.1 www.winantispy.com ## added by CiD
    127.0.0.1 www.winantispyware.com ## added by CiD
    127.0.0.1 www.winantivirus.com ## added by CiD
    127.0.0.1 www.winantiviruspro.com ## added by CiD
    127.0.0.1 www.windrivecleaner.com ## added by CiD
    127.0.0.1 www.windrivesafe.com ## added by CiD
    127.0.0.1 www.winfixer.com ## added by CiD
    127.0.0.1 cdn.drivecleaner.com ## added by CiD
    127.0.0.1 cdn.errorsafe.com ## added by CiD
    127.0.0.1 cdn.winsoftware.com ## added by CiD
    127.0.0.1 download.cdn.drivecleaner.com ## added by CiD
    127.0.0.1 download.cdn.errorsafe.com ## added by CiD
    127.0.0.1 instlog.winfixer.com ## added by CiD
    127.0.0.1 trial.updates.winsoftware.com ## added by CiD
    127.0.0.1 utils.winfixer.com ## added by CiD
    127.0.0.1 winfixer2006.com ## added by CiD
    127.0.0.1 winsoftware.com ## added by CiD
    127.0.0.1 www.utils.winfixer.com ## added by CiD
    127.0.0.1 www.winfixer2006.com ## added by CiD
    127.0.0.1 www.winsoftware.com ## added by CiD

    -> 72 ( 70 ## added by CiD )

    /!\ 1 Not 127.0.0.1 !!

    ----------------[ Recherche de fichiers avec Catchme ]-----------------

    catchme 0.3.1262 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
    Rootkit scan 2008-03-10 12:41:15
    Windows 5.1.2600 Service Pack 2 NTFS
    scanning hidden files ...
    scan completed successfully
    hidden files: 0

    --------------------[ Recherche d'autres infections ]---------------------

    C:\WINDOWS\pack.epk
    C:\WINDOWS\system32\nvs2.inf
    C:\WINDOWS\system32\gwapapa_navps.dat
    C:\WINDOWS\system32\gwapapa_nav.dat
    C:\WINDOWS\system32\gwapapa.dat
    ! EGDACCESS !


    /!\ [Fich:6707][Doss:105] C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp
    /!\ [Fich:245][Doss:0] C:\DOCUME~1\PROPRI~1\Cookies
    /!\ [Fich:3515][Doss:15] C:\DOCUME~1\PROPRI~1\LOCALS~1\TEMPOR~1\content.IE5

    --------------------[ Fin du rapport a 12:43:41,58 ]----------------------
    10 Mars 2008 17:57:28

    Re,

    Relance Lop S&D

  • Choisis cette fois ci l'Option 2 ( Suppression )
  • Ne ferme pas la fenêtre lors de la suppression !
  • Poste le rapport généré ( C:\lopR.txt )

    (Si le Bureau ne réapparaît pas presse Ctrl + Alt + Suppr , Onglet Fichier , Nouvelle tâche , tape explorer.exe et valide)
    10 Mars 2008 23:20:40


    -----------------------[ Lop S&D 4.0.5 XP/Vista ]----------------------

    [ Windows XP (NT 5.1) Build 2600, Service Pack 2 ]
    [ USER : Propri‚taire ] [ "C:\Lop SD" ]
    [ 2008-03-10 | 18:05:54,97 ] [ PC : NOM-HJDQZRZHIWG ]
    [ MAJ : 09-03-2008 | 22:50 ]

    \\\\\\\\\\\\\\\\\\\\\\\\\\\\\\ SUPPRESSION /////////////////////////////

    Echec ! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\flag ace stupid data\Math Heck.exe
    Supprimé! - C:\WINDOWS\Tasks\A8B5843C91923AA4.job
    Echec ! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\flag ace stupid data
    Supprimé! - C:\Program Files\Adverts
    Supprimé! - C:\Program Files\DomPlayer
    Restauré! - Fichier Hosts

    \\\\\\\\\\\\\\\\\\\\\\\\\\\ DEUXIEME PASSAGE ///////////////////////////

    Echec ! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\flag ace stupid data\Math Heck.exe
    Echec ! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\flag ace stupid data

    //////////////////////////////////////-\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\

    Supprimé! - C:\Program Files\Boonty
    Supprimé! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\Boonty
    Supprimé! - C:\Program Files\BoontyGames
    Supprimé! - C:\Program Files\MyWebSearch

    //////////////////////////////////////-\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\


    -------------[ Listing des dossiers dans Application Data ]------------

    [2008-03-10|18:06] C:\DOCUME~1\ALLUSE~1\APPLIC~1\.
    [2008-03-10|18:06] C:\DOCUME~1\ALLUSE~1\APPLIC~1\..
    [2007-07-06|14:03] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe
    [2008-01-18|21:00] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple
    [2006-11-10|12:26] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple Computer
    [2007-12-24|12:37] C:\DOCUME~1\ALLUSE~1\APPLIC~1\avg7
    [2007-09-18|20:05] C:\DOCUME~1\ALLUSE~1\APPLIC~1\avg7(2)
    [2007-09-18|19:15] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Bell
    [2007-09-07|10:01] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Bell Canada
    [2005-03-07|10:35] C:\DOCUME~1\ALLUSE~1\APPLIC~1\BOWS 16 JUGS FORD
    [2003-08-05|14:30] C:\DOCUME~1\ALLUSE~1\APPLIC~1\desktop.ini
    [2007-12-28|11:00] C:\DOCUME~1\ALLUSE~1\APPLIC~1\does mfcd amok play
    [2005-08-31|22:35] C:\DOCUME~1\ALLUSE~1\APPLIC~1\FaxCtr
    [2008-02-24|21:46] C:\DOCUME~1\ALLUSE~1\APPLIC~1\flag ace stupid data
    [2006-09-28|09:59] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Freedom
    [2007-06-29|18:35] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Friends Games
    [2007-09-07|09:58] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Google
    [2007-12-24|12:37] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Grisoft
    [2007-12-19|18:22] C:\DOCUME~1\ALLUSE~1\APPLIC~1\HipSoft
    [2007-01-01|22:39] C:\DOCUME~1\ALLUSE~1\APPLIC~1\iWin
    [2006-07-04|19:35] C:\DOCUME~1\ALLUSE~1\APPLIC~1\JollyBear
    [2006-01-05|20:56] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Kaspersky Anti-Virus Personal
    [2007-01-03|19:38] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Macrovision
    [2006-07-25|13:36] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Messenger Plus!
    [2007-03-09|21:59] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft
    [2007-08-19|21:12] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Motive
    [2007-08-20|13:25] C:\DOCUME~1\ALLUSE~1\APPLIC~1\MotiveSysIDs
    [2005-11-20|13:26] C:\DOCUME~1\ALLUSE~1\APPLIC~1\MSN6
    [2007-07-10|18:38] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Oberon Games
    [2007-07-11|16:35] C:\DOCUME~1\ALLUSE~1\APPLIC~1\PlayFirst
    [2007-06-22|23:29] C:\DOCUME~1\ALLUSE~1\APPLIC~1\PopCap
    [2008-01-21|20:02] C:\DOCUME~1\ALLUSE~1\APPLIC~1\QTSBandwidthCache
    [2005-06-12|16:06] C:\DOCUME~1\ALLUSE~1\APPLIC~1\QuickTime
    [2007-04-08|20:57] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Sandlot Games
    [2003-08-05|19:41] C:\DOCUME~1\ALLUSE~1\APPLIC~1\SBSI
    [2007-09-18|20:12] C:\DOCUME~1\ALLUSE~1\APPLIC~1\SharedProperties.xml
    [2005-09-02|20:25] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Sierra
    [2006-09-10|21:05] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Sony Corporation
    [2007-01-03|19:40] C:\DOCUME~1\ALLUSE~1\APPLIC~1\SugarGames
    [2005-03-06|17:35] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Symantec
    [2007-12-19|19:15] C:\DOCUME~1\ALLUSE~1\APPLIC~1\TEMP
    [2007-03-04|20:51] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Trymedia
    [2007-08-19|20:29] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Two Idol Wave Flag
    [2006-09-06|20:15] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Ulead Systems
    [2005-10-22|11:04] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Genuine Advantage
    [2007-11-21|11:34] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WLInstaller
    [2007-10-03|15:35] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Yahoo! Companion

    [2005-03-05|19:47] C:\DOCUME~1\DEFAUL~1\APPLIC~1\.
    [2005-03-05|19:47] C:\DOCUME~1\DEFAUL~1\APPLIC~1\..
    [2003-08-05|20:39] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Adobe
    [2003-08-05|14:30] C:\DOCUME~1\DEFAUL~1\APPLIC~1\desktop.ini
    [2003-08-05|19:37] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Identities
    [2003-08-05|20:39] C:\DOCUME~1\DEFAUL~1\APPLIC~1\InterTrust
    [2007-12-11|22:09] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft
    [2003-08-05|20:44] C:\DOCUME~1\DEFAUL~1\APPLIC~1\SampleView
    [2003-08-05|20:34] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Sonic
    [2003-08-07|20:17] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Symantec

    [2007-09-19|10:55] C:\DOCUME~1\LOCALS~1\APPLIC~1\.
    [2007-09-19|10:55] C:\DOCUME~1\LOCALS~1\APPLIC~1\..
    [2007-09-19|10:55] C:\DOCUME~1\LOCALS~1\APPLIC~1\AVG7
    [2005-09-17|14:38] C:\DOCUME~1\LOCALS~1\APPLIC~1\HbTools
    [2006-01-20|21:48] C:\DOCUME~1\LOCALS~1\APPLIC~1\Help
    [2007-12-24|12:29] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft
    [2007-12-28|13:37] C:\DOCUME~1\LOCALS~1\APPLIC~1\ShopperReports

    [2003-08-05|19:39] C:\DOCUME~1\NETWOR~1\APPLIC~1\.
    [2003-08-05|19:39] C:\DOCUME~1\NETWOR~1\APPLIC~1\..
    [2007-12-24|12:29] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft


    [2008-02-18|12:27] C:\DOCUME~1\PROPRI~1\APPLIC~1\.
    [2008-02-18|12:27] C:\DOCUME~1\PROPRI~1\APPLIC~1\..
    [2008-01-15|18:32] C:\DOCUME~1\PROPRI~1\APPLIC~1\Adobe
    [2007-07-06|14:01] C:\DOCUME~1\PROPRI~1\APPLIC~1\AdobeUM
    [2007-01-19|21:44] C:\DOCUME~1\PROPRI~1\APPLIC~1\Apple Computer
    [2007-06-03|20:16] C:\DOCUME~1\PROPRI~1\APPLIC~1\ArcSoft
    [2008-03-10|06:53] C:\DOCUME~1\PROPRI~1\APPLIC~1\AVG7
    [2007-01-20|22:08] C:\DOCUME~1\PROPRI~1\APPLIC~1\AVSMedia
    [2007-09-18|19:15] C:\DOCUME~1\PROPRI~1\APPLIC~1\Bell
    [2007-09-07|10:01] C:\DOCUME~1\PROPRI~1\APPLIC~1\Bell Canada
    [2008-02-11|22:29] C:\DOCUME~1\PROPRI~1\APPLIC~1\BitTorrent
    [2007-07-19|20:29] C:\DOCUME~1\PROPRI~1\APPLIC~1\BSplayer
    [2007-03-22|16:19] C:\DOCUME~1\PROPRI~1\APPLIC~1\BSplayer Pro
    [2007-09-19|10:32] C:\DOCUME~1\PROPRI~1\APPLIC~1\CampaignStore.xml
    [2007-08-03|22:07] C:\DOCUME~1\PROPRI~1\APPLIC~1\Chicken Chase
    [2007-09-18|20:12] C:\DOCUME~1\PROPRI~1\APPLIC~1\client_gateway.log
    [2007-09-19|10:32] C:\DOCUME~1\PROPRI~1\APPLIC~1\ConfigurationStore.xml
    [2007-12-28|21:07] C:\DOCUME~1\PROPRI~1\APPLIC~1\DAEMON Tools
    [2003-08-05|14:30] C:\DOCUME~1\PROPRI~1\APPLIC~1\desktop.ini
    [2007-04-15|16:57] C:\DOCUME~1\PROPRI~1\APPLIC~1\DivX
    [2007-09-19|10:32] C:\DOCUME~1\PROPRI~1\APPLIC~1\EventStore.xml
    [2005-09-01|11:23] C:\DOCUME~1\PROPRI~1\APPLIC~1\FaxCtr
    [2006-10-09|10:56] C:\DOCUME~1\PROPRI~1\APPLIC~1\FunWebProducts
    [2007-01-18|19:51] C:\DOCUME~1\PROPRI~1\APPLIC~1\Gaijin Ent
    [2006-10-17|20:14] C:\DOCUME~1\PROPRI~1\APPLIC~1\Google
    [2008-02-24|21:46] C:\DOCUME~1\PROPRI~1\APPLIC~1\grimloudmeal
    [2007-12-28|11:28] C:\DOCUME~1\PROPRI~1\APPLIC~1\Grisoft
    [2005-07-25|11:25] C:\DOCUME~1\PROPRI~1\APPLIC~1\Help
    [2007-12-12|17:34] C:\DOCUME~1\PROPRI~1\APPLIC~1\Home Sweet Home
    [2003-08-05|19:37] C:\DOCUME~1\PROPRI~1\APPLIC~1\Identities
    [2007-07-07|01:12] C:\DOCUME~1\PROPRI~1\APPLIC~1\IMVU
    [2007-09-18|20:05] C:\DOCUME~1\PROPRI~1\APPLIC~1\InstallShield
    [2005-03-25|14:04] C:\DOCUME~1\PROPRI~1\APPLIC~1\InterVideo
    [2007-01-01|22:39] C:\DOCUME~1\PROPRI~1\APPLIC~1\iWin
    [2007-12-08|17:55] C:\DOCUME~1\PROPRI~1\APPLIC~1\Jane s Hotel
    [2006-08-28|19:46] C:\DOCUME~1\PROPRI~1\APPLIC~1\LANCITE
    [2005-05-01|20:54] C:\DOCUME~1\PROPRI~1\APPLIC~1\Macromedia
    [2007-01-16|22:20] C:\DOCUME~1\PROPRI~1\APPLIC~1\MessengerSkinner
    [2007-12-24|12:29] C:\DOCUME~1\PROPRI~1\APPLIC~1\Microsoft
    [2005-08-16|18:53] C:\DOCUME~1\PROPRI~1\APPLIC~1\Microsoft Web Folders
    [2006-06-30|10:11] C:\DOCUME~1\PROPRI~1\APPLIC~1\Mozilla
    [2006-04-14|23:38] C:\DOCUME~1\PROPRI~1\APPLIC~1\MSN6
    [2006-05-27|09:58] C:\DOCUME~1\PROPRI~1\APPLIC~1\MSNInstaller
    [2007-06-02|22:21] C:\DOCUME~1\PROPRI~1\APPLIC~1\MysteryStudio
    [2007-03-27|17:24] C:\DOCUME~1\PROPRI~1\APPLIC~1\Oberon Media
    [2007-07-11|16:34] C:\DOCUME~1\PROPRI~1\APPLIC~1\PlayFirst
    [2003-08-05|20:44] C:\DOCUME~1\PROPRI~1\APPLIC~1\SampleView
    [2007-12-28|15:25] C:\DOCUME~1\PROPRI~1\APPLIC~1\SecuROM
    [2005-09-02|20:27] C:\DOCUME~1\PROPRI~1\APPLIC~1\Sierra
    [2007-09-18|20:09] C:\DOCUME~1\PROPRI~1\APPLIC~1\SoftwareDetectionScripts
    [2007-09-19|10:32] C:\DOCUME~1\PROPRI~1\APPLIC~1\SoftwarePackageStore.xml
    [2005-03-07|20:52] C:\DOCUME~1\PROPRI~1\APPLIC~1\Sonic
    [2006-09-10|21:57] C:\DOCUME~1\PROPRI~1\APPLIC~1\Sony Corporation
    [2006-07-22|15:48] C:\DOCUME~1\PROPRI~1\APPLIC~1\Sun
    [2003-08-07|20:17] C:\DOCUME~1\PROPRI~1\APPLIC~1\Symantec
    [2005-03-06|22:25] C:\DOCUME~1\PROPRI~1\APPLIC~1\Template
    [2005-11-09|18:58] C:\DOCUME~1\PROPRI~1\APPLIC~1\Thalia
    [2006-10-20|23:51] C:\DOCUME~1\PROPRI~1\APPLIC~1\Trevoli
    [2007-04-06|08:51] C:\DOCUME~1\PROPRI~1\APPLIC~1\Ulead Systems
    [2007-09-19|10:32] C:\DOCUME~1\PROPRI~1\APPLIC~1\UpdateStore.xml
    [2007-04-05|20:30] C:\DOCUME~1\PROPRI~1\APPLIC~1\vlc
    [2007-03-11|19:31] C:\DOCUME~1\PROPRI~1\APPLIC~1\Wildfire
    [2006-08-07|22:17] C:\DOCUME~1\PROPRI~1\APPLIC~1\yahoo!

    ----------------[ Tâches planifiées dans C:\WINDOWS\tasks ]---------------

    [2008-02-26 00:49][--a------] C:\WINDOWS\tasks\AppleSoftwareUpdate.job
    [2002-08-30 15:00][-rah-----] C:\WINDOWS\tasks\desktop.ini
    [2008-03-10 06:49][--ah-----] C:\WINDOWS\tasks\SA.DAT

    ---------------[ Listing des dossiers dans C:\Program Files ]--------------

    [2008-03-10|18:07] C:\Program Files\.
    [2008-03-10|18:07] C:\Program Files\..
    [2006-05-22|10:21] C:\Program Files\Abbyy FineReader 6.0 Sprint
    [2007-09-14|10:38] C:\Program Files\Activision Value
    [2007-02-11|17:47] C:\Program Files\Adobe
    [2007-04-05|20:44] C:\Program Files\AOL Games
    [2008-01-18|21:00] C:\Program Files\Apple Software Update
    [2007-01-20|22:04] C:\Program Files\AVSMedia
    [2003-08-05|20:45] C:\Program Files\BackWeb
    [2007-09-19|10:35] C:\Program Files\Bell
    [2007-09-16|21:26] C:\Program Files\BitComet
    [2007-12-23|14:01] C:\Program Files\BitTorrent
    [2007-12-28|14:43] C:\Program Files\Common Files
    [2003-08-05|20:45] C:\Program Files\Compaq Connections
    [2007-09-18|20:05] C:\Program Files\ComPlus Applications
    [2007-05-18|14:01] C:\Program Files\Corel
    [2005-08-25|20:00] C:\Program Files\CreataCard
    [2007-06-03|15:11] C:\Program Files\DivX
    [2007-12-29|00:00] C:\Program Files\EA GAMES
    [2007-07-06|14:11] C:\Program Files\Easy Internet signup
    [2005-12-23|16:14] C:\Program Files\Eidos
    [2007-03-04|23:16] C:\Program Files\Eidos Interactive
    [2007-11-21|23:55] C:\Program Files\eMule
    [2006-09-23|18:29] C:\Program Files\eRightSoft
    [2005-10-05|18:24] C:\Program Files\EZFace
    [2007-12-28|11:18] C:\Program Files\Fichiers communs
    [2006-11-06|23:38] C:\Program Files\FunWebProducts
    [2005-06-08|12:36] C:\Program Files\GameSpy Arcade
    [2007-03-05|11:31] C:\Program Files\Global Star Software
    [2007-09-07|09:58] C:\Program Files\Google
    [2008-02-24|21:45] C:\Program Files\grimloudmeal
    [2007-12-28|11:20] C:\Program Files\Grisoft
    [2007-09-18|20:05] C:\Program Files\Grisoft(2)
    [2007-06-26|18:23] C:\Program Files\Hasbro Interactive
    [2007-07-14|19:51] C:\Program Files\iMesh Applications
    [2007-09-18|19:54] C:\Program Files\INSTALL.LOG
    [2007-09-18|20:05] C:\Program Files\InstallShield Installation Information
    [2005-03-25|14:04] C:\Program Files\InterActual
    [2008-02-12|22:12] C:\Program Files\Internet Explorer
    [2003-08-05|20:37] C:\Program Files\InterVideo
    [2006-11-10|12:29] C:\Program Files\iPod
    [2006-11-10|12:30] C:\Program Files\iTunes
    [2006-07-22|15:44] C:\Program Files\Java
    [2003-08-05|20:51] C:\Program Files\Java Web Start
    [2005-03-23|21:20] C:\Program Files\Kazaa
    [2007-06-03|15:11] C:\Program Files\Legacy Interactive
    [2007-05-25|16:29] C:\Program Files\Lexmark 2300 Series
    [2005-08-31|22:36] C:\Program Files\Lexmark Fax Solutions
    [2008-02-18|12:30] C:\Program Files\LimeWire
    [2005-07-14|22:18] C:\Program Files\Logitech
    [2008-02-28|21:35] C:\Program Files\Lx_cats
    [2007-08-05|20:27] C:\Program Files\Maxis
    [2005-04-12|17:20] C:\Program Files\Messenger
    [2007-12-23|00:56] C:\Program Files\Messenger Plus! Live
    [2006-12-30|18:47] C:\Program Files\MessengerPlus! 3
    [2007-01-17|08:53] C:\Program Files\MessengerSkinner
    [2007-04-06|08:51] C:\Program Files\Micrografx
    [2007-11-21|22:00] C:\Program Files\Microsoft CAPICOM 2.1.0.2
    [2003-08-05|20:35] C:\Program Files\Microsoft Encarta
    [2005-08-16|18:53] C:\Program Files\microsoft frontpage
    [2006-02-18|22:39] C:\Program Files\Microsoft Games
    [2005-07-14|22:18] C:\Program Files\Microsoft NetShow
    [2005-08-16|18:53] C:\Program Files\Microsoft Office
    [2005-03-18|13:33] C:\Program Files\Microsoft Reference
    [2007-11-21|11:41] C:\Program Files\Microsoft SQL Server Compact Edition
    [2005-07-25|11:25] C:\Program Files\Microsoft Works
    [2007-09-19|10:11] C:\Program Files\mIRC
    [2005-04-10|20:51] C:\Program Files\Movie Maker
    [2008-03-10|09:36] C:\Program Files\Mozilla Firefox
    [2007-07-06|13:45] C:\Program Files\MSECACHE
    [2005-12-26|20:43] C:\Program Files\MSN
    [2005-03-06|20:53] C:\Program Files\MSN Apps
    [2007-12-28|12:31] C:\Program Files\MSN Games
    [2003-08-05|19:34] C:\Program Files\MSN Gaming Zone
    [2007-12-23|00:56] C:\Program Files\MSN Messenger
    [2006-11-17|21:06] C:\Program Files\MSXML 4.0
    [2003-08-05|20:36] C:\Program Files\MUSICMATCH
    [2005-07-14|22:18] C:\Program Files\NetMeeting
    [2007-06-12|22:31] C:\Program Files\Outlook Express
    [2007-12-27|15:28] C:\Program Files\Panda Security
    [2007-09-18|20:04] C:\Program Files\Panda Software
    [2007-09-18|20:04] C:\Program Files\PC-Doctor for Windows
    [2006-10-20|23:47] C:\Program Files\Photo Finale
    [2006-11-10|12:28] C:\Program Files\QuickTime
    [2003-08-05|20:34] C:\Program Files\RecordNow!
    [2007-06-03|20:07] C:\Program Files\SanDisk
    [2003-08-05|20:52] C:\Program Files\Services en ligne
    [2007-04-06|08:51] C:\Program Files\Sierra
    [2007-09-18|20:04] C:\Program Files\SmartAudioConverter
    [2006-09-10|21:08] C:\Program Files\Sony
    [2006-10-17|18:55] C:\Program Files\SureThing
    [2005-03-06|17:34] C:\Program Files\Symantec
    [2005-10-11|19:25] C:\Program Files\Thalia
    [2007-07-03|20:50] C:\Program Files\The Three Musketeers
    [2008-03-10|12:30] C:\Program Files\Trend Micro
    [2007-03-04|20:53] C:\Program Files\Trymedia
    [2006-09-06|20:15] C:\Program Files\Ulead Systems
    [2003-08-05|19:40] C:\Program Files\Uninstall Information
    [2007-04-05|20:28] C:\Program Files\VideoLAN
    [2006-09-13|19:17] C:\Program Files\Webteh
    [2007-01-03|19:20] C:\Program Files\WildTangent
    [2007-07-06|13:46] C:\Program Files\Windows Installer Clean Up
    [2005-10-22|11:06] C:\Program Files\Windows Journal Viewer
    [2008-02-27|22:02] C:\Program Files\Windows Live
    [2007-11-21|11:43] C:\Program Files\Windows Live Favorites
    [2007-11-21|11:43] C:\Program Files\Windows Live Toolbar
    [2007-12-28|12:37] C:\Program Files\Windows Media Connect 2
    [2007-11-22|00:17] C:\Program Files\Windows Media Player
    [2005-04-10|20:49] C:\Program Files\Windows NT
    [2005-03-06|19:37] C:\Program Files\WindowsUpdate
    [2006-04-23|09:44] C:\Program Files\WinZip
    [2003-08-05|19:37] C:\Program Files\xerox
    [2006-08-07|22:14] C:\Program Files\Yahoo!
    [2005-08-13|17:32] C:\Program Files\ZJChat

    ------[ Listing des dossiers dans C:\Program Files\Fichiers communs ]------

    [2007-12-28|11:18] C:\Program Files\Fichiers communs\.
    [2007-12-28|11:18] C:\Program Files\Fichiers communs\..
    [2007-02-11|17:47] C:\Program Files\Fichiers communs\Adobe
    [2005-03-16|19:19] C:\Program Files\Fichiers communs\AOL
    [2007-06-03|20:09] C:\Program Files\Fichiers communs\ArcSoft
    [2007-04-05|20:27] C:\Program Files\Fichiers communs\AVSMedia
    [2007-01-03|19:40] C:\Program Files\Fichiers communs\BOONTY Shared
    [2007-05-18|14:01] C:\Program Files\Fichiers communs\Corel
    [2005-08-16|18:54] C:\Program Files\Fichiers communs\Designer
    [2006-05-04|19:20] C:\Program Files\Fichiers communs\InstallShield
    [2006-07-22|15:42] C:\Program Files\Fichiers communs\Java
    [2005-07-14|22:18] C:\Program Files\Fichiers communs\Logitech
    [2007-01-03|20:45] C:\Program Files\Fichiers communs\Macrovision Shared
    [2007-11-21|11:38] C:\Program Files\Fichiers communs\Microsoft Shared
    [2007-08-19|21:12] C:\Program Files\Fichiers communs\Motive
    [2003-08-05|19:35] C:\Program Files\Fichiers communs\MSSoap
    [2003-08-05|14:30] C:\Program Files\Fichiers communs\ODBC
    [2006-01-05|20:54] C:\Program Files\Fichiers communs\Panda Software
    [2005-12-29|13:12] C:\Program Files\Fichiers communs\Real
    [2007-09-20|10:27] C:\Program Files\Fichiers communs\Sandlot Shared
    [2005-03-05|19:47] C:\Program Files\Fichiers communs\Services
    [2003-08-05|20:34] C:\Program Files\Fichiers communs\Sonic
    [2006-09-10|21:04] C:\Program Files\Fichiers communs\Sony Shared
    [2003-08-05|14:30] C:\Program Files\Fichiers communs\SpeechEngines
    [2006-10-17|18:55] C:\Program Files\Fichiers communs\SureThing Shared
    [2005-03-06|17:35] C:\Program Files\Fichiers communs\Symantec Shared
    [2007-06-12|22:31] C:\Program Files\Fichiers communs\System
    [2005-10-11|19:25] C:\Program Files\Fichiers communs\Thalia Shared
    [2006-09-06|20:02] C:\Program Files\Fichiers communs\Ulead Systems
    [2007-11-21|11:38] C:\Program Files\Fichiers communs\WindowsLiveInstaller

    ----------------------[ Recherche avec S_Lop ]---------------------

    Aucun fichier / dossier Lop trouvé !

    -----------------[ Recherche de Fichiers / Dossiers Lop ]-----------------

    C:\DOCUME~1\ALLUSE~1\APPLIC~1\flag ace stupid data
    C:\DOCUME~1\ALLUSE~1\APPLIC~1\flag ace stupid data\Math Heck.exe

    ----------------------[ Verification du Registre ]----------------------

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

    ..... OK !

    --------------------[ Verification du fichier Hosts ]---------------------

    Fichier Hosts PROPRE


    ----------------[ Recherche de fichiers avec Catchme ]-----------------

    catchme 0.3.1262 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
    Rootkit scan 2008-03-10 18:09:45
    Windows 5.1.2600 Service Pack 2 NTFS
    scanning hidden files ...
    scan completed successfully
    hidden files: 0

    --------------------[ Recherche d'autres infections ]---------------------

    C:\WINDOWS\pack.epk
    C:\WINDOWS\system32\nvs2.inf
    C:\WINDOWS\system32\gwapapa_navps.dat
    C:\WINDOWS\system32\gwapapa_nav.dat
    C:\WINDOWS\system32\gwapapa.dat
    ! EGDACCESS !


    /!\ [Fich:6710][Doss:105] C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp
    /!\ [Fich:241][Doss:0] C:\DOCUME~1\PROPRI~1\Cookies
    /!\ [Fich:3922][Doss:15] C:\DOCUME~1\PROPRI~1\LOCALS~1\TEMPOR~1\content.IE5

    --------------------[ Fin du rapport a 18:15:23,64 ]----------------------
    11 Mars 2008 16:26:38

    :hello: 

    Refais un LopS&D option 2 et poste-moi le rapport :super:
    11 Mars 2008 18:03:41


    -----------------------[ Lop S&D 4.0.5 XP/Vista ]----------------------

    [ Windows XP (NT 5.1) Build 2600, Service Pack 2 ]
    [ USER : Propri‚taire ] [ "C:\Lop SD" ]
    [ 2008-03-11 | 12:47:48,18 ] [ PC : NOM-HJDQZRZHIWG ]
    [ MAJ : 09-03-2008 | 22:50 ]

    \\\\\\\\\\\\\\\\\\\\\\\\\\\\\\ SUPPRESSION /////////////////////////////

    Supprimé! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\flag ace stupid data\Math Heck.exe
    Supprimé! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\flag ace stupid data

    //////////////////////////////////////-\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\


    -------------[ Listing des dossiers dans Application Data ]------------

    [2008-03-11|12:47] C:\DOCUME~1\ALLUSE~1\APPLIC~1\.
    [2008-03-11|12:47] C:\DOCUME~1\ALLUSE~1\APPLIC~1\..
    [2007-07-06|14:03] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe
    [2008-01-18|21:00] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple
    [2006-11-10|12:26] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple Computer
    [2007-12-24|12:37] C:\DOCUME~1\ALLUSE~1\APPLIC~1\avg7
    [2007-09-18|20:05] C:\DOCUME~1\ALLUSE~1\APPLIC~1\avg7(2)
    [2007-09-18|19:15] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Bell
    [2007-09-07|10:01] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Bell Canada
    [2005-03-07|10:35] C:\DOCUME~1\ALLUSE~1\APPLIC~1\BOWS 16 JUGS FORD
    [2003-08-05|14:30] C:\DOCUME~1\ALLUSE~1\APPLIC~1\desktop.ini
    [2007-12-28|11:00] C:\DOCUME~1\ALLUSE~1\APPLIC~1\does mfcd amok play
    [2005-08-31|22:35] C:\DOCUME~1\ALLUSE~1\APPLIC~1\FaxCtr
    [2006-09-28|09:59] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Freedom
    [2007-06-29|18:35] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Friends Games
    [2007-09-07|09:58] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Google
    [2007-12-24|12:37] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Grisoft
    [2007-12-19|18:22] C:\DOCUME~1\ALLUSE~1\APPLIC~1\HipSoft
    [2007-01-01|22:39] C:\DOCUME~1\ALLUSE~1\APPLIC~1\iWin
    [2006-07-04|19:35] C:\DOCUME~1\ALLUSE~1\APPLIC~1\JollyBear
    [2006-01-05|20:56] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Kaspersky Anti-Virus Personal
    [2007-01-03|19:38] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Macrovision
    [2006-07-25|13:36] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Messenger Plus!
    [2007-03-09|21:59] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft
    [2007-08-19|21:12] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Motive
    [2007-08-20|13:25] C:\DOCUME~1\ALLUSE~1\APPLIC~1\MotiveSysIDs
    [2005-11-20|13:26] C:\DOCUME~1\ALLUSE~1\APPLIC~1\MSN6
    [2007-07-10|18:38] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Oberon Games
    [2007-07-11|16:35] C:\DOCUME~1\ALLUSE~1\APPLIC~1\PlayFirst
    [2007-06-22|23:29] C:\DOCUME~1\ALLUSE~1\APPLIC~1\PopCap
    [2008-01-21|20:02] C:\DOCUME~1\ALLUSE~1\APPLIC~1\QTSBandwidthCache
    [2005-06-12|16:06] C:\DOCUME~1\ALLUSE~1\APPLIC~1\QuickTime
    [2007-04-08|20:57] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Sandlot Games
    [2003-08-05|19:41] C:\DOCUME~1\ALLUSE~1\APPLIC~1\SBSI
    [2007-09-18|20:12] C:\DOCUME~1\ALLUSE~1\APPLIC~1\SharedProperties.xml
    [2005-09-02|20:25] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Sierra
    [2006-09-10|21:05] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Sony Corporation
    [2007-01-03|19:40] C:\DOCUME~1\ALLUSE~1\APPLIC~1\SugarGames
    [2005-03-06|17:35] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Symantec
    [2007-12-19|19:15] C:\DOCUME~1\ALLUSE~1\APPLIC~1\TEMP
    [2007-03-04|20:51] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Trymedia
    [2007-08-19|20:29] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Two Idol Wave Flag
    [2006-09-06|20:15] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Ulead Systems
    [2005-10-22|11:04] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Genuine Advantage
    [2007-11-21|11:34] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WLInstaller
    [2007-10-03|15:35] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Yahoo! Companion

    [2005-03-05|19:47] C:\DOCUME~1\DEFAUL~1\APPLIC~1\.
    [2005-03-05|19:47] C:\DOCUME~1\DEFAUL~1\APPLIC~1\..
    [2003-08-05|20:39] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Adobe
    [2003-08-05|14:30] C:\DOCUME~1\DEFAUL~1\APPLIC~1\desktop.ini
    [2003-08-05|19:37] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Identities
    [2003-08-05|20:39] C:\DOCUME~1\DEFAUL~1\APPLIC~1\InterTrust
    [2007-12-11|22:09] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft
    [2003-08-05|20:44] C:\DOCUME~1\DEFAUL~1\APPLIC~1\SampleView
    [2003-08-05|20:34] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Sonic
    [2003-08-07|20:17] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Symantec

    [2007-09-19|10:55] C:\DOCUME~1\LOCALS~1\APPLIC~1\.
    [2007-09-19|10:55] C:\DOCUME~1\LOCALS~1\APPLIC~1\..
    [2007-09-19|10:55] C:\DOCUME~1\LOCALS~1\APPLIC~1\AVG7
    [2005-09-17|14:38] C:\DOCUME~1\LOCALS~1\APPLIC~1\HbTools
    [2006-01-20|21:48] C:\DOCUME~1\LOCALS~1\APPLIC~1\Help
    [2007-12-24|12:29] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft
    [2007-12-28|13:37] C:\DOCUME~1\LOCALS~1\APPLIC~1\ShopperReports

    [2003-08-05|19:39] C:\DOCUME~1\NETWOR~1\APPLIC~1\.
    [2003-08-05|19:39] C:\DOCUME~1\NETWOR~1\APPLIC~1\..
    [2007-12-24|12:29] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft


    [2008-02-18|12:27] C:\DOCUME~1\PROPRI~1\APPLIC~1\.
    [2008-02-18|12:27] C:\DOCUME~1\PROPRI~1\APPLIC~1\..
    [2008-01-15|18:32] C:\DOCUME~1\PROPRI~1\APPLIC~1\Adobe
    [2007-07-06|14:01] C:\DOCUME~1\PROPRI~1\APPLIC~1\AdobeUM
    [2007-01-19|21:44] C:\DOCUME~1\PROPRI~1\APPLIC~1\Apple Computer
    [2007-06-03|20:16] C:\DOCUME~1\PROPRI~1\APPLIC~1\ArcSoft
    [2008-03-10|23:00] C:\DOCUME~1\PROPRI~1\APPLIC~1\AVG7
    [2007-01-20|22:08] C:\DOCUME~1\PROPRI~1\APPLIC~1\AVSMedia
    [2007-09-18|19:15] C:\DOCUME~1\PROPRI~1\APPLIC~1\Bell
    [2007-09-07|10:01] C:\DOCUME~1\PROPRI~1\APPLIC~1\Bell Canada
    [2008-02-11|22:29] C:\DOCUME~1\PROPRI~1\APPLIC~1\BitTorrent
    [2007-07-19|20:29] C:\DOCUME~1\PROPRI~1\APPLIC~1\BSplayer
    [2007-03-22|16:19] C:\DOCUME~1\PROPRI~1\APPLIC~1\BSplayer Pro
    [2007-09-19|10:32] C:\DOCUME~1\PROPRI~1\APPLIC~1\CampaignStore.xml
    [2007-08-03|22:07] C:\DOCUME~1\PROPRI~1\APPLIC~1\Chicken Chase
    [2007-09-18|20:12] C:\DOCUME~1\PROPRI~1\APPLIC~1\client_gateway.log
    [2007-09-19|10:32] C:\DOCUME~1\PROPRI~1\APPLIC~1\ConfigurationStore.xml
    [2007-12-28|21:07] C:\DOCUME~1\PROPRI~1\APPLIC~1\DAEMON Tools
    [2003-08-05|14:30] C:\DOCUME~1\PROPRI~1\APPLIC~1\desktop.ini
    [2007-04-15|16:57] C:\DOCUME~1\PROPRI~1\APPLIC~1\DivX
    [2007-09-19|10:32] C:\DOCUME~1\PROPRI~1\APPLIC~1\EventStore.xml
    [2005-09-01|11:23] C:\DOCUME~1\PROPRI~1\APPLIC~1\FaxCtr
    [2006-10-09|10:56] C:\DOCUME~1\PROPRI~1\APPLIC~1\FunWebProducts
    [2007-01-18|19:51] C:\DOCUME~1\PROPRI~1\APPLIC~1\Gaijin Ent
    [2006-10-17|20:14] C:\DOCUME~1\PROPRI~1\APPLIC~1\Google
    [2008-02-24|21:46] C:\DOCUME~1\PROPRI~1\APPLIC~1\grimloudmeal
    [2007-12-28|11:28] C:\DOCUME~1\PROPRI~1\APPLIC~1\Grisoft
    [2005-07-25|11:25] C:\DOCUME~1\PROPRI~1\APPLIC~1\Help
    [2007-12-12|17:34] C:\DOCUME~1\PROPRI~1\APPLIC~1\Home Sweet Home
    [2003-08-05|19:37] C:\DOCUME~1\PROPRI~1\APPLIC~1\Identities
    [2007-07-07|01:12] C:\DOCUME~1\PROPRI~1\APPLIC~1\IMVU
    [2007-09-18|20:05] C:\DOCUME~1\PROPRI~1\APPLIC~1\InstallShield
    [2005-03-25|14:04] C:\DOCUME~1\PROPRI~1\APPLIC~1\InterVideo
    [2007-01-01|22:39] C:\DOCUME~1\PROPRI~1\APPLIC~1\iWin
    [2007-12-08|17:55] C:\DOCUME~1\PROPRI~1\APPLIC~1\Jane s Hotel
    [2006-08-28|19:46] C:\DOCUME~1\PROPRI~1\APPLIC~1\LANCITE
    [2005-05-01|20:54] C:\DOCUME~1\PROPRI~1\APPLIC~1\Macromedia
    [2007-01-16|22:20] C:\DOCUME~1\PROPRI~1\APPLIC~1\MessengerSkinner
    [2007-12-24|12:29] C:\DOCUME~1\PROPRI~1\APPLIC~1\Microsoft
    [2005-08-16|18:53] C:\DOCUME~1\PROPRI~1\APPLIC~1\Microsoft Web Folders
    [2006-06-30|10:11] C:\DOCUME~1\PROPRI~1\APPLIC~1\Mozilla
    [2006-04-14|23:38] C:\DOCUME~1\PROPRI~1\APPLIC~1\MSN6
    [2006-05-27|09:58] C:\DOCUME~1\PROPRI~1\APPLIC~1\MSNInstaller
    [2007-06-02|22:21] C:\DOCUME~1\PROPRI~1\APPLIC~1\MysteryStudio
    [2007-03-27|17:24] C:\DOCUME~1\PROPRI~1\APPLIC~1\Oberon Media
    [2007-07-11|16:34] C:\DOCUME~1\PROPRI~1\APPLIC~1\PlayFirst
    [2003-08-05|20:44] C:\DOCUME~1\PROPRI~1\APPLIC~1\SampleView
    [2007-12-28|15:25] C:\DOCUME~1\PROPRI~1\APPLIC~1\SecuROM
    [2005-09-02|20:27] C:\DOCUME~1\PROPRI~1\APPLIC~1\Sierra
    [2007-09-18|20:09] C:\DOCUME~1\PROPRI~1\APPLIC~1\SoftwareDetectionScripts
    [2007-09-19|10:32] C:\DOCUME~1\PROPRI~1\APPLIC~1\SoftwarePackageStore.xml
    [2005-03-07|20:52] C:\DOCUME~1\PROPRI~1\APPLIC~1\Sonic
    [2006-09-10|21:57] C:\DOCUME~1\PROPRI~1\APPLIC~1\Sony Corporation
    [2006-07-22|15:48] C:\DOCUME~1\PROPRI~1\APPLIC~1\Sun
    [2003-08-07|20:17] C:\DOCUME~1\PROPRI~1\APPLIC~1\Symantec
    [2005-03-06|22:25] C:\DOCUME~1\PROPRI~1\APPLIC~1\Template
    [2005-11-09|18:58] C:\DOCUME~1\PROPRI~1\APPLIC~1\Thalia
    [2006-10-20|23:51] C:\DOCUME~1\PROPRI~1\APPLIC~1\Trevoli
    [2007-04-06|08:51] C:\DOCUME~1\PROPRI~1\APPLIC~1\Ulead Systems
    [2007-09-19|10:32] C:\DOCUME~1\PROPRI~1\APPLIC~1\UpdateStore.xml
    [2007-04-05|20:30] C:\DOCUME~1\PROPRI~1\APPLIC~1\vlc
    [2007-03-11|19:31] C:\DOCUME~1\PROPRI~1\APPLIC~1\Wildfire
    [2006-08-07|22:17] C:\DOCUME~1\PROPRI~1\APPLIC~1\yahoo!

    ----------------[ Tâches planifiées dans C:\WINDOWS\tasks ]---------------

    [2008-03-10 23:48][--a------] C:\WINDOWS\tasks\AppleSoftwareUpdate.job
    [2002-08-30 15:00][-rah-----] C:\WINDOWS\tasks\desktop.ini
    [2008-03-10 06:49][--ah-----] C:\WINDOWS\tasks\SA.DAT

    ---------------[ Listing des dossiers dans C:\Program Files ]--------------

    [2008-03-10|18:07] C:\Program Files\.
    [2008-03-10|18:07] C:\Program Files\..
    [2006-05-22|10:21] C:\Program Files\Abbyy FineReader 6.0 Sprint
    [2007-09-14|10:38] C:\Program Files\Activision Value
    [2007-02-11|17:47] C:\Program Files\Adobe
    [2007-04-05|20:44] C:\Program Files\AOL Games
    [2008-01-18|21:00] C:\Program Files\Apple Software Update
    [2007-01-20|22:04] C:\Program Files\AVSMedia
    [2003-08-05|20:45] C:\Program Files\BackWeb
    [2007-09-19|10:35] C:\Program Files\Bell
    [2007-09-16|21:26] C:\Program Files\BitComet
    [2007-12-23|14:01] C:\Program Files\BitTorrent
    [2007-12-28|14:43] C:\Program Files\Common Files
    [2003-08-05|20:45] C:\Program Files\Compaq Connections
    [2007-09-18|20:05] C:\Program Files\ComPlus Applications
    [2007-05-18|14:01] C:\Program Files\Corel
    [2005-08-25|20:00] C:\Program Files\CreataCard
    [2007-06-03|15:11] C:\Program Files\DivX
    [2007-12-29|00:00] C:\Program Files\EA GAMES
    [2007-07-06|14:11] C:\Program Files\Easy Internet signup
    [2005-12-23|16:14] C:\Program Files\Eidos
    [2007-03-04|23:16] C:\Program Files\Eidos Interactive
    [2007-11-21|23:55] C:\Program Files\eMule
    [2006-09-23|18:29] C:\Program Files\eRightSoft
    [2005-10-05|18:24] C:\Program Files\EZFace
    [2007-12-28|11:18] C:\Program Files\Fichiers communs
    [2006-11-06|23:38] C:\Program Files\FunWebProducts
    [2005-06-08|12:36] C:\Program Files\GameSpy Arcade
    [2007-03-05|11:31] C:\Program Files\Global Star Software
    [2007-09-07|09:58] C:\Program Files\Google
    [2008-02-24|21:45] C:\Program Files\grimloudmeal
    [2007-12-28|11:20] C:\Program Files\Grisoft
    [2007-09-18|20:05] C:\Program Files\Grisoft(2)
    [2007-06-26|18:23] C:\Program Files\Hasbro Interactive
    [2007-07-14|19:51] C:\Program Files\iMesh Applications
    [2007-09-18|19:54] C:\Program Files\INSTALL.LOG
    [2007-09-18|20:05] C:\Program Files\InstallShield Installation Information
    [2005-03-25|14:04] C:\Program Files\InterActual
    [2008-02-12|22:12] C:\Program Files\Internet Explorer
    [2003-08-05|20:37] C:\Program Files\InterVideo
    [2006-11-10|12:29] C:\Program Files\iPod
    [2006-11-10|12:30] C:\Program Files\iTunes
    [2006-07-22|15:44] C:\Program Files\Java
    [2003-08-05|20:51] C:\Program Files\Java Web Start
    [2005-03-23|21:20] C:\Program Files\Kazaa
    [2007-06-03|15:11] C:\Program Files\Legacy Interactive
    [2007-05-25|16:29] C:\Program Files\Lexmark 2300 Series
    [2005-08-31|22:36] C:\Program Files\Lexmark Fax Solutions
    [2008-02-18|12:30] C:\Program Files\LimeWire
    [2005-07-14|22:18] C:\Program Files\Logitech
    [2008-02-28|21:35] C:\Program Files\Lx_cats
    [2007-08-05|20:27] C:\Program Files\Maxis
    [2005-04-12|17:20] C:\Program Files\Messenger
    [2007-12-23|00:56] C:\Program Files\Messenger Plus! Live
    [2006-12-30|18:47] C:\Program Files\MessengerPlus! 3
    [2007-01-17|08:53] C:\Program Files\MessengerSkinner
    [2007-04-06|08:51] C:\Program Files\Micrografx
    [2007-11-21|22:00] C:\Program Files\Microsoft CAPICOM 2.1.0.2
    [2003-08-05|20:35] C:\Program Files\Microsoft Encarta
    [2005-08-16|18:53] C:\Program Files\microsoft frontpage
    [2006-02-18|22:39] C:\Program Files\Microsoft Games
    [2005-07-14|22:18] C:\Program Files\Microsoft NetShow
    [2005-08-16|18:53] C:\Program Files\Microsoft Office
    [2005-03-18|13:33] C:\Program Files\Microsoft Reference
    [2007-11-21|11:41] C:\Program Files\Microsoft SQL Server Compact Edition
    [2005-07-25|11:25] C:\Program Files\Microsoft Works
    [2007-09-19|10:11] C:\Program Files\mIRC
    [2005-04-10|20:51] C:\Program Files\Movie Maker
    [2008-03-11|12:45] C:\Program Files\Mozilla Firefox
    [2007-07-06|13:45] C:\Program Files\MSECACHE
    [2005-12-26|20:43] C:\Program Files\MSN
    [2005-03-06|20:53] C:\Program Files\MSN Apps
    [2007-12-28|12:31] C:\Program Files\MSN Games
    [2003-08-05|19:34] C:\Program Files\MSN Gaming Zone
    [2007-12-23|00:56] C:\Program Files\MSN Messenger
    [2006-11-17|21:06] C:\Program Files\MSXML 4.0
    [2003-08-05|20:36] C:\Program Files\MUSICMATCH
    [2005-07-14|22:18] C:\Program Files\NetMeeting
    [2007-06-12|22:31] C:\Program Files\Outlook Express
    [2007-12-27|15:28] C:\Program Files\Panda Security
    [2007-09-18|20:04] C:\Program Files\Panda Software
    [2007-09-18|20:04] C:\Program Files\PC-Doctor for Windows
    [2006-10-20|23:47] C:\Program Files\Photo Finale
    [2006-11-10|12:28] C:\Program Files\QuickTime
    [2003-08-05|20:34] C:\Program Files\RecordNow!
    [2007-06-03|20:07] C:\Program Files\SanDisk
    [2003-08-05|20:52] C:\Program Files\Services en ligne
    [2007-04-06|08:51] C:\Program Files\Sierra
    [2007-09-18|20:04] C:\Program Files\SmartAudioConverter
    [2006-09-10|21:08] C:\Program Files\Sony
    [2006-10-17|18:55] C:\Program Files\SureThing
    [2005-03-06|17:34] C:\Program Files\Symantec
    [2005-10-11|19:25] C:\Program Files\Thalia
    [2007-07-03|20:50] C:\Program Files\The Three Musketeers
    [2008-03-10|12:30] C:\Program Files\Trend Micro
    [2007-03-04|20:53] C:\Program Files\Trymedia
    [2006-09-06|20:15] C:\Program Files\Ulead Systems
    [2003-08-05|19:40] C:\Program Files\Uninstall Information
    [2007-04-05|20:28] C:\Program Files\VideoLAN
    [2006-09-13|19:17] C:\Program Files\Webteh
    [2007-01-03|19:20] C:\Program Files\WildTangent
    [2007-07-06|13:46] C:\Program Files\Windows Installer Clean Up
    [2005-10-22|11:06] C:\Program Files\Windows Journal Viewer
    [2008-02-27|22:02] C:\Program Files\Windows Live
    [2007-11-21|11:43] C:\Program Files\Windows Live Favorites
    [2007-11-21|11:43] C:\Program Files\Windows Live Toolbar
    [2007-12-28|12:37] C:\Program Files\Windows Media Connect 2
    [2007-11-22|00:17] C:\Program Files\Windows Media Player
    [2005-04-10|20:49] C:\Program Files\Windows NT
    [2005-03-06|19:37] C:\Program Files\WindowsUpdate
    [2006-04-23|09:44] C:\Program Files\WinZip
    [2003-08-05|19:37] C:\Program Files\xerox
    [2006-08-07|22:14] C:\Program Files\Yahoo!
    [2005-08-13|17:32] C:\Program Files\ZJChat

    ------[ Listing des dossiers dans C:\Program Files\Fichiers communs ]------

    [2007-12-28|11:18] C:\Program Files\Fichiers communs\.
    [2007-12-28|11:18] C:\Program Files\Fichiers communs\..
    [2007-02-11|17:47] C:\Program Files\Fichiers communs\Adobe
    [2005-03-16|19:19] C:\Program Files\Fichiers communs\AOL
    [2007-06-03|20:09] C:\Program Files\Fichiers communs\ArcSoft
    [2007-04-05|20:27] C:\Program Files\Fichiers communs\AVSMedia
    [2007-01-03|19:40] C:\Program Files\Fichiers communs\BOONTY Shared
    [2007-05-18|14:01] C:\Program Files\Fichiers communs\Corel
    [2005-08-16|18:54] C:\Program Files\Fichiers communs\Designer
    [2006-05-04|19:20] C:\Program Files\Fichiers communs\InstallShield
    [2006-07-22|15:42] C:\Program Files\Fichiers communs\Java
    [2005-07-14|22:18] C:\Program Files\Fichiers communs\Logitech
    [2007-01-03|20:45] C:\Program Files\Fichiers communs\Macrovision Shared
    [2007-11-21|11:38] C:\Program Files\Fichiers communs\Microsoft Shared
    [2007-08-19|21:12] C:\Program Files\Fichiers communs\Motive
    [2003-08-05|19:35] C:\Program Files\Fichiers communs\MSSoap
    [2003-08-05|14:30] C:\Program Files\Fichiers communs\ODBC
    [2006-01-05|20:54] C:\Program Files\Fichiers communs\Panda Software
    [2005-12-29|13:12] C:\Program Files\Fichiers communs\Real
    [2007-09-20|10:27] C:\Program Files\Fichiers communs\Sandlot Shared
    [2005-03-05|19:47] C:\Program Files\Fichiers communs\Services
    [2003-08-05|20:34] C:\Program Files\Fichiers communs\Sonic
    [2006-09-10|21:04] C:\Program Files\Fichiers communs\Sony Shared
    [2003-08-05|14:30] C:\Program Files\Fichiers communs\SpeechEngines
    [2006-10-17|18:55] C:\Program Files\Fichiers communs\SureThing Shared
    [2005-03-06|17:35] C:\Program Files\Fichiers communs\Symantec Shared
    [2007-06-12|22:31] C:\Program Files\Fichiers communs\System
    [2005-10-11|19:25] C:\Program Files\Fichiers communs\Thalia Shared
    [2006-09-06|20:02] C:\Program Files\Fichiers communs\Ulead Systems
    [2007-11-21|11:38] C:\Program Files\Fichiers communs\WindowsLiveInstaller

    ----------------------[ Recherche avec S_Lop ]---------------------

    Aucun fichier / dossier Lop trouvé !

    -----------------[ Recherche de Fichiers / Dossiers Lop ]-----------------

    Aucun fichier / dossier Lop trouvé !

    ----------------------[ Verification du Registre ]----------------------

    ..... OK !

    --------------------[ Verification du fichier Hosts ]---------------------

    Fichier Hosts PROPRE


    ----------------[ Recherche de fichiers avec Catchme ]-----------------

    catchme 0.3.1262 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
    Rootkit scan 2008-03-11 12:55:00
    Windows 5.1.2600 Service Pack 2 NTFS
    scanning hidden files ...
    scan completed successfully
    hidden files: 0

    --------------------[ Recherche d'autres infections ]---------------------

    C:\WINDOWS\pack.epk
    C:\WINDOWS\system32\nvs2.inf
    C:\WINDOWS\system32\gwapapa_navps.dat
    C:\WINDOWS\system32\gwapapa_nav.dat
    C:\WINDOWS\system32\gwapapa.dat
    ! EGDACCESS !


    /!\ [Fich:6374][Doss:106] C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp
    /!\ [Fich:241][Doss:0] C:\DOCUME~1\PROPRI~1\Cookies
    /!\ [Fich:4400][Doss:15] C:\DOCUME~1\PROPRI~1\LOCALS~1\TEMPOR~1\content.IE5

    --------------------[ Fin du rapport a 13:00:52,81 ]----------------------
    11 Mars 2008 18:06:17

    Re,

    1) Si tu es sous vista, fais d'abord ça / sinon passe de suite à l’étape suivante ;)  :

    Désactive l'UAC ( Menu Démarrer \ Panneau de Configuration \ Comptes d'utilisateurs et protection des utilisateurs \ Comptes d'utilisateurs \ Activer ou désactiver le contrôle des comptes d'utilisateurs \ décoche la case Utiliser le contrôle ...
    et valide par OK , il te sera demandé de redémarrer, fais le )


    2) Télécharge Navilog1 de IL-MAFIOSO : http://perso.orange.fr/il.mafioso/Navifix/Navilog1.exe

    Selon l’antivirus que tu utilises navilog1 peut être détecté comme virus !!!
    Dans ce cas-là désactive le pendant le téléchargement et le scan!!!!


    Enregistrer la cible (du lien) sous... et enregistre-le sur ton bureau.
    Ensuite double clique sur navilog1.exe pour lancer l'installation.
    Une fois l'installation terminée, le fix s'exécutera automatiquement.
    (Si ce n'est pas le cas, double-clique sur le raccourci Navilog1 présent sur le bureau).

    Laisse-toi guider. Au menu principal, choisis 1 et valides.
    (ne fais pas le choix 2,3 ou 4 sans notre avis/accord)

    Patiente jusqu'au message :
    *** Analyse Termine le ..... ***
    Appuie sur une touche comme demandé, le bloc note va s'ouvrir.
    Copie-colle l'intégralité dans une réponse. Referme le bloc note.
    Le rapport est en outre sauvegardé à la racine du disque (fixnavi.txt)
    11 Mars 2008 22:10:15

    Search Navipromo version 3.5.0 commencé le 2008-03-11 à 14:22:03,06

    !!! Attention,ce rapport peut indiquer des fichiers/programmes légitimes!!!
    !!! Postez ce rapport sur le forum pour le faire analyser !!!
    !!! Ne lancez pas la partie désinfection sans l'avis d'un spécialiste !!!

    Outil exécuté depuis C:\Program Files\navilog1
    Mise à jour le 04.03.2008 à 17h00 par IL-MAFIOSO


    Microsoft Windows XP [version 5.1.2600]
    Internet Explorer : 7.0.5730.13
    Système de fichiers : NTFS

    Executé en mode normal

    *** Recherche Programmes installés ***




    *** Recherche dossiers dans C:\WINDOWS ***



    *** Recherche dossiers dans C:\Program Files ***

    C:\Program Files\MessengerSkinner trouvé !


    *** Recherche dossiers dans C:\DOCUME~1\ALLUSE~1\APPLIC~1 ***




    *** Recherche dossiers dans "C:\Documents and Settings\Propriétaire\applic~1" ***

    ...\MessengerSkinner trouvé !


    *** Recherche dossiers dans "C:\Documents and Settings\Propriétaire\locals~1\applic~1" ***



    *** Recherche dossiers dans "C:\Documents and Settings\Propriétaire\menudm~1\progra~1" ***


    *** Recherche dossiers dans C:\DOCUME~1\ALLUSE~1\MENUDM~1\PROGRA~1 ***


    *** Recherche avec Catchme-rootkit/stealth malware detector par gmer ***
    pour + d'infos : http://www.gmer.net

    Aucun Fichier trouvé



    *** Recherche avec GenericNaviSearch ***
    !!! Tous ces résultats peuvent révéler des fichiers légitimes !!!
    !!! A vérifier impérativement avant toute suppression manuelle !!!

    * Recherche dans C:\WINDOWS\system32 *

    * Recherche dans "C:\Documents and Settings\Propriétaire\locals~1\applic~1" *



    *** Recherche fichiers ***


    C:\WINDOWS\pack.epk trouvé !
    C:\WINDOWS\system32\nvs2.inf trouvé !


    *** Recherche clés spécifiques dans le Registre ***

    HKEY_CURRENT_USER\Software\Lanconfig trouvé !

    *** Module de Recherche complémentaire ***
    (Recherche fichiers spécifiques)

    1)Recherche nouveaux fichiers Instant Access :


    2)Recherche Heuristique :

    * Dans C:\WINDOWS\system32 :

    gwapapa.dat trouvé !
    gwapapa_nav.dat trouvé !
    gwapapa_navps.dat trouvé !

    * Dans "C:\Documents and Settings\Propriétaire\locals~1\applic~1" :


    3)Recherche Certificats :

    Certificat Egroup trouvé !
    Certificat Electronic-Group absent !
    Certificat OOO-Favorit absent !

    4)Recherche fichiers connus :



    *** Analyse terminée le 2008-03-11 à 15:40:14,21 ***
    12 Mars 2008 19:05:49

    je fais quoi ensuite avec mes virus?!
    12 Mars 2008 21:45:09

    :hello: 

    1) Double clique sur le raccourci Navilog1 présent sur le bureau et laisse-toi guider.
    Au menu principal, choisis 2 et valide.

    Le fix va t'informer qu'il va alors redémarrer ton PC
    Ferme toutes les fenêtres ouvertes et enregistre tes documents personnels ouverts
    Appuie sur une touche comme demandé.
    (si ton PC ne redémarre pas automatiquement, fais le toi même)
    Au redémarrage de ton PC, choisis ta session habituelle.

    Patiente jusqu'au message :
    *** Nettoyage Termine le ..... ***
    Le bloc note va s'ouvrir.
    Sauvegarde le rapport de manière à le retrouver
    Referme le bloc note. Ton bureau va réapparaître

    PS:Si ton bureau ne réapparaît pas, fais CTRL+ALT+SUPP pour ouvrir le gestionnaire de tâches.
    Puis rends-toi à l'onglet "processus". Clique en haut à gauche sur fichiers et choisis "exécuter"
    Tape explorer et valide. Cela te fera apparaître ton bureau


    2) Vas dans Démarrer/panneau de configuration/options internet
    - onglet "Contenu" puis onglet "Certificats" et si tu trouves ceci, en particulier dans "éditeurs approuvés", mais regarde ailleurs :
    electronic-group
    egroup
    Montorgueil
    VIP
    "Sunny Day Design Ltd"
    ooo <<Favorit>>
    Favorit


    Tu les supprimes.

    3) Redémarre normalement et poste le rapport cleannavi.txt

    4) Poste un nouveau rapport hijackthis :super:
    13 Mars 2008 01:49:50

    Clean Navipromo version 3.5.0 commencé le 2008-03-12 à 19:48:06,01

    Outil exécuté depuis C:\Program Files\navilog1
    Mise à jour le 04.03.2008 à 17h00 par IL-MAFIOSO


    Microsoft Windows XP [version 5.1.2600]
    Internet Explorer : 7.0.5730.13
    Système de fichiers : NTFS

    Mode suppression automatique
    avec prise en charge résultats Catchme et GNS



    *** fsbl1.txt non trouvé ***
    (Assurez-vous que Catchme n'avait rien trouvé lors de la recherche)


    *** Suppression avec sauvegardes résultats GenericNaviSearch ***

    * Suppression dans C:\WINDOWS\System32 *


    * Suppression dans "C:\Documents and Settings\Propriétaire\locals~1\applic~1" *



    *** Suppression dossiers dans C:\WINDOWS ***


    *** Suppression dossiers dans C:\Program Files ***

    C:\Program Files\MessengerSkinner ...suppression...
    C:\Program Files\MessengerSkinner supprimé !


    *** Suppression dossiers dans C:\DOCUME~1\ALLUSE~1\APPLIC~1 ***


    *** Suppression dossiers dans "C:\Documents and Settings\Propriétaire\applic~1" ***

    ...\MessengerSkinner ...suppression...
    ...\MessengerSkinner supprimé !


    *** Suppression dossiers dans "C:\Documents and Settings\Propriétaire\locals~1\applic~1" ***


    *** Suppression dossiers dans "C:\Documents and Settings\Propriétaire\menudm~1\progra~1" ***


    *** Suppression dossiers dans C:\DOCUME~1\ALLUSE~1\MENUDM~1\PROGRA~1 ***



    *** Suppression fichiers ***

    C:\WINDOWS\pack.epk supprimé !
    C:\WINDOWS\system32\nvs2.inf supprimé !

    *** Suppression fichiers temporaires ***

    Nettoyage contenu C:\WINDOWS\Temp effectué !
    Nettoyage contenu C:\Documents and Settings\Propri‚taire\locals~1\Temp effectué !

    *** Traitement Recherche complémentaire ***
    (Recherche fichiers spécifiques)

    1)Suppression avec sauvegardes nouveaux fichiers Instant Access :

    2)Recherche, création sauvegardes et suppression Heuristique :


    * Dans C:\WINDOWS\system32 *

    gwapapa.dat trouvé !
    Copie gwapapa.dat réalisée avec succès !
    gwapapa.dat !!ERREUR SUPPRESSION!!

    gwapapa_nav.dat trouvé !
    Copie gwapapa_nav.dat réalisée avec succès !
    gwapapa_nav.dat supprimé !

    gwapapa_navps.dat trouvé !
    Copie gwapapa_navps.dat réalisée avec succès !
    gwapapa_navps.dat supprimé !


    * Dans "C:\Documents and Settings\Propriétaire\locals~1\applic~1" *


    *** Sauvegarde du Registre vers dossier Backupnavi ***

    sauvegarde du Registre réalisée avec succès !

    *** Nettoyage Registre ***

    Nettoyage Registre Ok


    *** Certificats ***

    Certificat Egroup supprimé !
    Certificat Electronic-Group absent !
    Certificat OOO-Favorit absent !

    *** Nettoyage terminé le 2008-03-12 à 20:01:00,28 ***

    13 Mars 2008 01:50:28

    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 20:48:44, on 2008-03-12
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v7.00 (7.00.6000.16608)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\SYSTEM32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\PROGRA~1\Grisoft\AVG7\avgrssvc.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
    C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
    C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
    C:\PROGRA~1\Grisoft\AVG7\avgrssvc.exe
    C:\PROGRA~1\Grisoft\AVG7\avgemc.exe
    C:\WINDOWS\system32\drivers\CDAC11BA.EXE
    C:\WINDOWS\System32\svchost.exe
    C:\PROGRA~1\Grisoft\AVG7\avgfwsrv.exe
    C:\WINDOWS\Explorer.EXE
    C:\Program Files\QuickTime\qttask.exe
    C:\PROGRA~1\Grisoft\AVG7\avgcc.exe
    C:\Program Files\Messenger\msmsgs.exe
    C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\Internet Explorer\IEXPLORE.EXE
    C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
    C:\Program Files\Mozilla Firefox\firefox.exe

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,SearchAssistant = http://search.imesh.com/sidebar.html?src=ssb
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.daemon-search.com/startpage

    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,SearchAssistant =
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://search.imesh.com/sidebar.html?src=ssb
    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
    R3 - URLSearchHook: (no name) - {00A6FAF6-072E-44cf-8957-5838F569A31D} - (no file)
    R3 - URLSearchHook: (no name) - {1BB22D38-A411-4B13-A746-C2A4F4EC7344} - (no file)
    R3 - URLSearchHook: Yahoo! Barre d'outils - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
    O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
    O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
    O2 - BHO: (no name) - {1CE770CE-22B9-79B8-29F6-F48CF7BADA8D} - C:\DOCUME~1\PROPRI~1\APPLIC~1\elseaxis\Vcmeta.exe (file missing)
    O2 - BHO: PopKill Class - {3C060EA2-E6A9-4E49-A530-D4657B8C449A} - C:\Program Files\Bell\Forfait sécurité d'affaires\pkR.dll (file missing)
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_07\bin\ssv.dll
    O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
    O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - C:\Program Files\MSN Apps\ST\01.03.0000.1005\en-xu\stmain.dll
    O2 - BHO: MSNToolBandBHO - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\MSN Toolbar\01.02.5000.1021\fr\msntb.dll
    O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\MSN Toolbar\01.02.5000.1021\fr\msntb.dll
    O3 - Toolbar: Yahoo! Barre d'outils - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
    O4 - HKLM\..\Run: [LXCGCATS] rundll32 C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\LXCGtime.dll,_RunDLLEntry@16
    O4 - HKLM\..\Run: [MotiveReportAgent] "C:\Program Files\Fichiers communs\Motive\McciBootStrapper.exe" /url="-url=file://C:\Program Files\Fichiers communs\Motive\ReportAgent.html" /browsertype=CustomMSIE /browserpath="C:\Program Files\Common Files\Motive\motivebrowser.exe" /hidden
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
    O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVG7\avgcc.exe /STARTUP
    O4 - HKLM\..\Run: [UniMessenger] C:\Program Files\UNI2\UNI2.exe
    O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
    O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
    O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
    O4 - HKCU\..\Run: [bows anti] C:\DOCUME~1\PROPRI~1\APPLIC~1\GRIMLO~1\Balmacidshow.exe
    O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL')
    O4 - HKUS\S-1-5-19\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'SERVICE LOCAL')
    O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU')
    O4 - HKUS\S-1-5-18\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'SYSTEM')
    O4 - HKUS\.DEFAULT\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'Default user')
    O4 - .DEFAULT User Startup: mod_sm.lnk = C:\hp\bin\cloaker.exe (User 'Default user')
    O8 - Extra context menu item: &Search - http://edits.mywebsearch.com/toolbaredits/menusearch.jh...
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_07\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_07\bin\ssv.dll
    O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
    O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
    O9 - Extra button: - {946B3E9E-E21A-49c8-9F63-900533FAFE15} - (no file)
    O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no file)
    O9 - Extra button: Run IMVU - {d9288080-1baa-4bc4-9cf8-a92d743db949} - C:\Documents and Settings\Propriétaire\Menu Démarrer\Programmes\IMVU\Run IMVU.lnk (file missing)
    O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab31267....
    O16 - DPF: {05D44720-58E3-49E6-BDF6-D00330E511D3} (StagingUI Object) - http://zone.msn.com/binFrameWork/v10/StagingUI.cab53083...
    O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPACl...
    O16 - DPF: {1754A1BA-A1DF-4F10-B199-AA55AA1A120F} (InstallerBehaviorFactory Class) - https://signup.msn.com/pages/MsnInstC.cab
    O16 - DPF: {17D72920-7A15-11D4-921E-0080C8DA7A5E} (AimSp32 Class) - http://rimmel.ai-media.com/save/makeover.cab
    O16 - DPF: {1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} - http://ak.exe.imgfarm.com/images/nocache/funwebproducts...
    O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab312...
    O16 - DPF: {30528230-99F7-4BB4-88D8-FA1D4F56A2AB} (YInstStarter Class) - http://us.dl1.yimg.com/download.yahoo.com/dl/installs/y...
    O16 - DPF: {339234B4-4E14-4280-B8B4-8BAE5AF99063} (Chess Object) - http://zone.msn.com/bingame/zpagames/zpa_kqrp.cab53083....
    O16 - DPF: {3BB54395-5982-4788-8AF4-B5388FFDD0D8} (ZoneBuddy Class) - http://zone.msn.com/BinFrameWork/v10/ZBuddy.cab53083.ca...
    O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx1.hotmail.com/mail/w2/pr02/resources/MSNPUpld...
    O16 - DPF: {512FC5A1-7DE1-43F1-BC0C-371622FCB409} (TotalScan Installer Class) - http://www.nanoscan.com/as/cabs/ascstubie.cab
    O16 - DPF: {5736C456-EA94-4AAC-BB08-917ABDD035B3} (ZonePAChat Object) - http://zone.msn.com/binframework/v10/ZPAChat.cab53083.c...
    O16 - DPF: {5C6698D9-7BE4-4122-8EC5-291D84DBD4A0} (Facebook Photo Uploader 4 Control) - http://upload.facebook.com/controls/FacebookPhotoUpload...
    O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-CA/a-UNO1/GAME_UNO1.ca...
    O16 - DPF: {639658F3-B141-4D6B-B936-226F75A5EAC3} (CPlayFirstDinerDash2Control Object) - http://zone.msn.com/bingame/dsh2/default/DinerDash2.1.0...
    O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClie...
    O16 - DPF: {9BDF4724-10AA-43D5-BD15-AEA0D2287303} (ZPA_TexasHoldem Object) - http://zone.msn.com/bingame/zpagames/zpa_txhe.cab53083....
    O16 - DPF: {A8F2B9BD-A6A0-486A-9744-18920D898429} (ScorchPlugin Class) - http://www.sibelius.com/download/software/win/ActiveXPl...
    O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://cdn2.zone.msn.com/binFramework/v10/ZIntro.cab530...
    O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPACl...
    O16 - DPF: {D77EF652-9A6B-40C8-A4B9-1C0697C6CF41} (TikGames Online Control) - http://zone.msn.com/bingame/cnma/default/ct.cab
    O16 - DPF: {DA2AA6CF-5C7A-4B71-BC3B-C771BB369937} (StadiumProxy Class) - http://sympatico.zone.msn.com/binframework/v10/StProxy....
    O16 - DPF: {DF780F87-FF2B-4DF8-92D0-73DB16A1543A} (PopCapLoader Object) - http://zone.msn.com/bingame/popcaploader_v10.cab
    O16 - DPF: {E6187999-9FEC-46A1-A20F-F4CA977D5643} (ZoneChess Object) - http://messenger.zone.msn.com/binary/Chess.cab31267.cab
    O16 - DPF: {F137B9BA-89EA-4B04-9C67-2074A9DF61FD} (Photo Upload Plugin Class) - http://walmart.pnimedia.com/upload/activex/v2_0_0_10/PC...
    O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab569...
    O16 - DPF: {F6BF0D00-0B2A-4A75-BF7B-F385591623AF} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown....
    O20 - Winlogon Notify: avgwlntf - C:\WINDOWS\SYSTEM32\avgwlntf.dll
    O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
    O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
    O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
    O23 - Service: AVG7 Resident Shield Service (AvgCoreSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgrssvc.exe
    O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgemc.exe
    O23 - Service: AVG Firewall (AVGFwSrv) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgfwsrv.exe
    O23 - Service: C-DillaCdaC11BA - Macrovision - C:\WINDOWS\system32\drivers\CDAC11BA.EXE
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
    O23 - Service: iPod Service - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
    O23 - Service: lxcg_device - Unknown owner - C:\WINDOWS\system32\lxcgcoms.exe
    O23 - Service: MSCSPTISRV - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\MSCSPTISRV.exe
    O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
    O23 - Service: PACSPTISVR - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\PACSPTISVR.exe
    O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\SPTISRV.exe
    O23 - Service: SonicStage SCSI Service (SSScsiSV) - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\SSScsiSV.exe

    --
    End of file - 12793 bytes
    13 Mars 2008 02:00:30

    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 20:48:44, on 2008-03-12
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v7.00 (7.00.6000.16608)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\SYSTEM32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\PROGRA~1\Grisoft\AVG7\avgrssvc.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
    C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
    C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
    C:\PROGRA~1\Grisoft\AVG7\avgrssvc.exe
    C:\PROGRA~1\Grisoft\AVG7\avgemc.exe
    C:\WINDOWS\system32\drivers\CDAC11BA.EXE
    C:\WINDOWS\System32\svchost.exe
    C:\PROGRA~1\Grisoft\AVG7\avgfwsrv.exe
    C:\WINDOWS\Explorer.EXE
    C:\Program Files\QuickTime\qttask.exe
    C:\PROGRA~1\Grisoft\AVG7\avgcc.exe
    C:\Program Files\Messenger\msmsgs.exe
    C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\Internet Explorer\IEXPLORE.EXE
    C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
    C:\Program Files\Mozilla Firefox\firefox.exe

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,SearchAssistant = http://search.imesh.com/sidebar.html?src=ssb
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.daemon-search.com/startpage

    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,SearchAssistant =
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://search.imesh.com/sidebar.html?src=ssb
    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
    R3 - URLSearchHook: (no name) - {00A6FAF6-072E-44cf-8957-5838F569A31D} - (no file)
    R3 - URLSearchHook: (no name) - {1BB22D38-A411-4B13-A746-C2A4F4EC7344} - (no file)
    R3 - URLSearchHook: Yahoo! Barre d'outils - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
    O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
    O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
    O2 - BHO: (no name) - {1CE770CE-22B9-79B8-29F6-F48CF7BADA8D} - C:\DOCUME~1\PROPRI~1\APPLIC~1\elseaxis\Vcmeta.exe (file missing)
    O2 - BHO: PopKill Class - {3C060EA2-E6A9-4E49-A530-D4657B8C449A} - C:\Program Files\Bell\Forfait sécurité d'affaires\pkR.dll (file missing)
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_07\bin\ssv.dll
    O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
    O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - C:\Program Files\MSN Apps\ST\01.03.0000.1005\en-xu\stmain.dll
    O2 - BHO: MSNToolBandBHO - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\MSN Toolbar\01.02.5000.1021\fr\msntb.dll
    O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\MSN Toolbar\01.02.5000.1021\fr\msntb.dll
    O3 - Toolbar: Yahoo! Barre d'outils - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
    O4 - HKLM\..\Run: [LXCGCATS] rundll32 C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\LXCGtime.dll,_RunDLLEntry@16
    O4 - HKLM\..\Run: [MotiveReportAgent] "C:\Program Files\Fichiers communs\Motive\McciBootStrapper.exe" /url="-url=file://C:\Program Files\Fichiers communs\Motive\ReportAgent.html" /browsertype=CustomMSIE /browserpath="C:\Program Files\Common Files\Motive\motivebrowser.exe" /hidden
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
    O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVG7\avgcc.exe /STARTUP
    O4 - HKLM\..\Run: [UniMessenger] C:\Program Files\UNI2\UNI2.exe
    O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
    O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
    O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
    O4 - HKCU\..\Run: [bows anti] C:\DOCUME~1\PROPRI~1\APPLIC~1\GRIMLO~1\Balmacidshow.exe
    O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL')
    O4 - HKUS\S-1-5-19\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'SERVICE LOCAL')
    O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU')
    O4 - HKUS\S-1-5-18\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'SYSTEM')
    O4 - HKUS\.DEFAULT\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'Default user')
    O4 - .DEFAULT User Startup: mod_sm.lnk = C:\hp\bin\cloaker.exe (User 'Default user')
    O8 - Extra context menu item: &Search - http://edits.mywebsearch.com/toolbaredits/menusearch.jh...
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_07\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_07\bin\ssv.dll
    O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
    O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
    O9 - Extra button: - {946B3E9E-E21A-49c8-9F63-900533FAFE15} - (no file)
    O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no file)
    O9 - Extra button: Run IMVU - {d9288080-1baa-4bc4-9cf8-a92d743db949} - C:\Documents and Settings\Propriétaire\Menu Démarrer\Programmes\IMVU\Run IMVU.lnk (file missing)
    O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab31267....
    O16 - DPF: {05D44720-58E3-49E6-BDF6-D00330E511D3} (StagingUI Object) - http://zone.msn.com/binFrameWork/v10/StagingUI.cab53083...
    O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPACl...
    O16 - DPF: {1754A1BA-A1DF-4F10-B199-AA55AA1A120F} (InstallerBehaviorFactory Class) - https://signup.msn.com/pages/MsnInstC.cab
    O16 - DPF: {17D72920-7A15-11D4-921E-0080C8DA7A5E} (AimSp32 Class) - http://rimmel.ai-media.com/save/makeover.cab
    O16 - DPF: {1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} - http://ak.exe.imgfarm.com/images/nocache/funwebproducts...
    O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab312...
    O16 - DPF: {30528230-99F7-4BB4-88D8-FA1D4F56A2AB} (YInstStarter Class) - http://us.dl1.yimg.com/download.yahoo.com/dl/installs/y...
    O16 - DPF: {339234B4-4E14-4280-B8B4-8BAE5AF99063} (Chess Object) - http://zone.msn.com/bingame/zpagames/zpa_kqrp.cab53083....
    O16 - DPF: {3BB54395-5982-4788-8AF4-B5388FFDD0D8} (ZoneBuddy Class) - http://zone.msn.com/BinFrameWork/v10/ZBuddy.cab53083.ca...
    O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx1.hotmail.com/mail/w2/pr02/resources/MSNPUpld...
    O16 - DPF: {512FC5A1-7DE1-43F1-BC0C-371622FCB409} (TotalScan Installer Class) - http://www.nanoscan.com/as/cabs/ascstubie.cab
    O16 - DPF: {5736C456-EA94-4AAC-BB08-917ABDD035B3} (ZonePAChat Object) - http://zone.msn.com/binframework/v10/ZPAChat.cab53083.c...
    O16 - DPF: {5C6698D9-7BE4-4122-8EC5-291D84DBD4A0} (Facebook Photo Uploader 4 Control) - http://upload.facebook.com/controls/FacebookPhotoUpload...
    O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-CA/a-UNO1/GAME_UNO1.ca...
    O16 - DPF: {639658F3-B141-4D6B-B936-226F75A5EAC3} (CPlayFirstDinerDash2Control Object) - http://zone.msn.com/bingame/dsh2/default/DinerDash2.1.0...
    O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClie...
    O16 - DPF: {9BDF4724-10AA-43D5-BD15-AEA0D2287303} (ZPA_TexasHoldem Object) - http://zone.msn.com/bingame/zpagames/zpa_txhe.cab53083....
    O16 - DPF: {A8F2B9BD-A6A0-486A-9744-18920D898429} (ScorchPlugin Class) - http://www.sibelius.com/download/software/win/ActiveXPl...
    O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://cdn2.zone.msn.com/binFramework/v10/ZIntro.cab530...
    O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPACl...
    O16 - DPF: {D77EF652-9A6B-40C8-A4B9-1C0697C6CF41} (TikGames Online Control) - http://zone.msn.com/bingame/cnma/default/ct.cab
    O16 - DPF: {DA2AA6CF-5C7A-4B71-BC3B-C771BB369937} (StadiumProxy Class) - http://sympatico.zone.msn.com/binframework/v10/StProxy....
    O16 - DPF: {DF780F87-FF2B-4DF8-92D0-73DB16A1543A} (PopCapLoader Object) - http://zone.msn.com/bingame/popcaploader_v10.cab
    O16 - DPF: {E6187999-9FEC-46A1-A20F-F4CA977D5643} (ZoneChess Object) - http://messenger.zone.msn.com/binary/Chess.cab31267.cab
    O16 - DPF: {F137B9BA-89EA-4B04-9C67-2074A9DF61FD} (Photo Upload Plugin Class) - http://walmart.pnimedia.com/upload/activex/v2_0_0_10/PC...
    O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab569...
    O16 - DPF: {F6BF0D00-0B2A-4A75-BF7B-F385591623AF} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown....
    O20 - Winlogon Notify: avgwlntf - C:\WINDOWS\SYSTEM32\avgwlntf.dll
    O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
    O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
    O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
    O23 - Service: AVG7 Resident Shield Service (AvgCoreSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgrssvc.exe
    O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgemc.exe
    O23 - Service: AVG Firewall (AVGFwSrv) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgfwsrv.exe
    O23 - Service: C-DillaCdaC11BA - Macrovision - C:\WINDOWS\system32\drivers\CDAC11BA.EXE
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
    O23 - Service: iPod Service - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
    O23 - Service: lxcg_device - Unknown owner - C:\WINDOWS\system32\lxcgcoms.exe
    O23 - Service: MSCSPTISRV - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\MSCSPTISRV.exe
    O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
    O23 - Service: PACSPTISVR - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\PACSPTISVR.exe
    O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\SPTISRV.exe
    O23 - Service: SonicStage SCSI Service (SSScsiSV) - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\SSScsiSV.exe

    --
    End of file - 12793 bytes
    13 Mars 2008 16:49:15

    Rapport lopxpMH2 version 2.0 fait à 11:48:42,18 le 2008-03-13
    C:\Documents and Settings\Propriétaire\Bureau\lopxpMH2

    ******************************************
    ## Répertoires Application Data

    Le volume dans le lecteur C s'appelle PRESARIO
    Le numéro de série du volume est 74B9-E639

    Répertoire de C:\Documents and Settings\All Users\Application Data

    2005-03-05 19:44 <REP> .
    2005-03-05 19:44 <REP> ..
    2007-07-06 14:03 <REP> Adobe
    2008-01-18 21:00 <REP> Apple
    2005-06-12 16:04 <REP> Apple Computer
    2007-09-19 10:49 <REP> avg7
    2007-09-18 17:56 <REP> avg7(2)
    2007-09-07 10:07 <REP> Bell
    2006-09-28 09:57 <REP> Bell Canada
    2005-03-06 20:55 <REP> BOWS 16 JUGS FORD
    2006-07-25 13:22 <REP> does mfcd amok play
    2005-08-31 22:35 <REP> FaxCtr
    2006-09-28 09:59 <REP> Freedom
    2007-06-29 18:35 <REP> Friends Games
    2006-10-16 22:01 <REP> Google
    2007-12-24 12:37 <REP> Grisoft
    2007-12-19 18:22 <REP> HipSoft
    2007-01-01 22:39 <REP> iWin
    2006-07-04 19:35 <REP> JollyBear
    2006-01-05 20:56 <REP> Kaspersky Anti-Virus Personal
    2007-01-03 19:38 <REP> Macrovision
    2005-08-30 19:27 <REP> Messenger Plus!
    2003-08-05 14:30 <REP> Microsoft
    2007-08-19 21:12 <REP> Motive
    2007-08-20 13:25 <REP> MotiveSysIDs
    2005-11-20 13:26 <REP> MSN6
    2007-07-10 18:38 <REP> Oberon Games
    2007-06-22 23:39 <REP> PlayFirst
    2007-06-22 23:29 <REP> PopCap
    2005-06-12 16:04 <REP> QuickTime
    2007-04-08 20:57 <REP> Sandlot Games
    2003-08-05 19:41 <REP> SBSI
    2005-09-02 20:25 <REP> Sierra
    2006-09-10 21:05 <REP> Sony Corporation
    2007-01-03 19:40 <REP> SugarGames
    2003-08-07 20:17 <REP> Symantec
    2007-06-22 23:01 <REP> TEMP
    2006-06-22 16:48 <REP> Trymedia
    2007-08-03 08:17 <REP> Two Idol Wave Flag
    2006-09-06 20:01 <REP> Ulead Systems
    2005-10-22 11:04 <REP> Windows Genuine Advantage
    2007-11-21 11:34 <REP> WLInstaller
    2007-10-03 15:33 <REP> Yahoo! Companion
    2003-08-05 14:30 62 desktop.ini
    2007-03-01 08:25 1 359 QTSBandwidthCache
    2007-09-18 20:08 820 SharedProperties.xml
    3 fichier(s) 2 241 octets
    43 Rép(s) 39 820 615 680 octets libres
    Le volume dans le lecteur C s'appelle PRESARIO
    Le numéro de série du volume est 74B9-E639

    Répertoire de C:\Documents and Settings\Default User\Application Data

    2005-03-05 19:44 <REP> .
    2005-03-05 19:44 <REP> ..
    2005-03-05 16:58 <REP> Adobe
    2003-08-05 19:37 <REP> Identities
    2005-03-05 16:58 <REP> InterTrust
    2003-08-05 14:30 <REP> Microsoft
    2005-03-05 16:58 <REP> SampleView
    2005-03-05 16:58 <REP> Sonic
    2005-03-05 16:58 <REP> Symantec
    2003-08-05 14:30 62 desktop.ini
    1 fichier(s) 62 octets
    9 Rép(s) 39 820 615 680 octets libres
    Le volume dans le lecteur C s'appelle PRESARIO
    Le numéro de série du volume est 74B9-E639

    Répertoire de C:\Documents and Settings\Default User\Local Settings\Application Data

    2003-08-05 14:30 <REP> .
    2003-08-05 14:30 <REP> ..
    2005-03-05 16:58 <REP> Microsoft
    2005-03-05 16:58 1 402 594 IconCache.db
    1 fichier(s) 1 402 594 octets
    3 Rép(s) 39 820 615 680 octets libres
    Le volume dans le lecteur C s'appelle PRESARIO
    Le numéro de série du volume est 74B9-E639

    Répertoire de C:\Documents and Settings\LocalService\Application Data

    2003-08-05 19:39 <REP> .
    2003-08-05 19:39 <REP> ..
    2007-09-19 10:55 <REP> AVG7
    2005-09-17 14:38 <REP> HbTools
    2006-01-20 21:48 <REP> Help
    2003-08-05 19:39 <REP> Microsoft
    2005-09-17 14:38 <REP> ShopperReports
    0 fichier(s) 0 octets
    7 Rép(s) 39 820 611 584 octets libres
    Le volume dans le lecteur C s'appelle PRESARIO
    Le numéro de série du volume est 74B9-E639

    Répertoire de C:\Documents and Settings\LocalService\Local Settings\Application Data

    2003-08-05 19:39 <REP> .
    2003-08-05 19:39 <REP> ..
    2006-01-20 21:48 <REP> Help
    2003-08-05 19:39 <REP> Microsoft
    0 fichier(s) 0 octets
    4 Rép(s) 39 820 611 584 octets libres
    Le volume dans le lecteur C s'appelle PRESARIO
    Le numéro de série du volume est 74B9-E639

    Répertoire de C:\Documents and Settings\NetworkService\Application Data

    2003-08-05 19:39 <REP> .
    2003-08-05 19:39 <REP> ..
    2003-08-05 19:39 <REP> Microsoft
    0 fichier(s) 0 octets
    3 Rép(s) 39 820 611 584 octets libres
    Le volume dans le lecteur C s'appelle PRESARIO
    Le numéro de série du volume est 74B9-E639

    Répertoire de C:\Documents and Settings\NetworkService\Local Settings\Application Data

    2003-08-05 19:39 <REP> .
    2003-08-05 19:39 <REP> ..
    2008-01-22 00:50 <REP> Apple
    2003-08-05 19:39 <REP> Microsoft
    0 fichier(s) 0 octets
    4 Rép(s) 39 820 611 584 octets libres
    Le volume dans le lecteur C s'appelle PRESARIO
    Le numéro de série du volume est 74B9-E639

    Répertoire de C:\Documents and Settings\Nouveau dossier

    Le volume dans le lecteur C s'appelle PRESARIO
    Le numéro de série du volume est 74B9-E639

    Répertoire de C:\Documents and Settings\Propriétaire\Application Data

    2005-03-05 19:44 <REP> .
    2005-03-05 19:44 <REP> ..
    2003-08-05 20:39 <REP> Adobe
    2006-09-22 13:53 <REP> AdobeUM
    2005-06-12 16:04 <REP> Apple Computer
    2007-06-03 20:16 <REP> ArcSoft
    2007-09-19 10:49 <REP> AVG7
    2007-01-20 22:08 <REP> AVSMedia
    2007-09-07 10:07 <REP> Bell
    2006-09-28 09:55 <REP> Bell Canada
    2007-11-25 23:53 <REP> BitTorrent
    2006-11-01 19:38 <REP> BSplayer
    2007-03-22 16:19 <REP> BSplayer Pro
    2007-08-03 22:07 <REP> Chicken Chase
    2007-12-28 20:56 <REP> DAEMON Tools
    2007-04-15 16:57 <REP> DivX
    2005-09-01 11:23 <REP> FaxCtr
    2006-10-09 10:56 <REP> FunWebProducts
    2007-01-18 19:51 <REP> Gaijin Ent
    2006-05-04 19:22 <REP> Google
    2005-03-06 20:55 <REP> grimloudmeal
    2007-12-28 11:28 <REP> Grisoft
    2005-07-25 11:25 <REP> Help
    2007-12-12 17:34 <REP> Home Sweet Home
    2003-08-05 19:40 <REP> Identities
    2007-07-06 08:23 <REP> IMVU
    2007-09-18 20:05 <REP> InstallShield
    2005-03-25 14:04 <REP> InterVideo
    2007-01-01 22:39 <REP> iWin
    2007-12-08 17:55 <REP> Jane s Hotel
    2006-08-28 19:46 <REP> LANCITE
    2005-03-06 22:35 <REP> Macromedia
    2003-08-05 19:40 <REP> Microsoft
    2005-08-16 18:53 <REP> Microsoft Web Folders
    2006-06-30 10:10 <REP> Mozilla
    2005-11-20 13:26 <REP> MSN6
    2006-05-27 09:58 <REP> MSNInstaller
    2007-06-02 22:21 <REP> MysteryStudio
    2007-03-27 17:24 <REP> Oberon Media
    2007-06-22 23:39 <REP> PlayFirst
    2003-08-05 20:44 <REP> SampleView
    2007-12-28 15:25 <REP> SecuROM
    2005-09-02 20:27 <REP> Sierra
    2007-09-18 20:09 <REP> SoftwareDetectionScripts
    2003-08-05 20:34 <REP> Sonic
    2006-09-10 21:03 <REP> Sony Corporation
    2006-07-22 15:48 <REP> Sun
    2003-08-07 20:17 <REP> Symantec
    2005-03-06 22:25 <REP> Template
    2005-10-11 19:27 <REP> Thalia
    2006-10-20 23:47 <REP> Trevoli
    2006-09-06 20:10 <REP> Ulead Systems
    2007-04-05 20:30 <REP> vlc
    2007-03-11 18:18 <REP> Wildfire
    2006-08-07 22:17 <REP> yahoo!
    2007-09-18 20:11 475 CampaignStore.xml
    2007-09-18 20:08 1 281 client_gateway.log
    2007-09-18 20:08 376 ConfigurationStore.xml
    2003-08-05 19:40 62 desktop.ini
    2007-09-18 20:11 1 255 EventStore.xml
    2007-09-18 20:08 376 SoftwarePackageStore.xml
    2007-09-18 20:11 471 UpdateStore.xml
    7 fichier(s) 4 296 octets
    55 Rép(s) 39 820 607 488 octets libres
    Le volume dans le lecteur C s'appelle PRESARIO
    Le numéro de série du volume est 74B9-E639

    Répertoire de C:\Documents and Settings\Propriétaire\Local Settings\Application Data

    2003-08-05 19:40 <REP> .
    2003-08-05 19:40 <REP> ..
    2006-09-14 18:41 <REP> Adobe
    2008-01-18 21:01 <REP> Apple
    2005-06-12 16:04 <REP> Apple Computer
    2005-04-10 20:00 <REP> ApplicationHistory
    2007-05-18 14:02 <REP> Corel
    2006-04-09 13:10 <REP> Google
    2005-07-25 11:25 <REP> Help
    2005-03-11 14:15 <REP> Identities
    2006-07-04 19:35 <REP> JollyBear
    2003-08-05 19:40 <REP> Microsoft
    2006-06-30 10:11 <REP> Mozilla
    2007-12-19 18:16 <REP> Oberon Media
    2005-03-06 18:41 <REP> Panda Software
    2007-11-21 11:56 <REP> PCHealth
    2006-09-22 18:38 <REP> WMTools Downloaded Files
    2005-08-18 21:32 55 808 DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
    2005-04-10 20:00 135 fusioncache.dat
    2005-03-06 22:23 167 376 GDIPFONTCACHEV1.DAT
    2008-03-12 20:00 4 461 gnc.exe
    2003-08-05 19:54 4 282 802 IconCache.db
    5 fichier(s) 4 510 582 octets
    17 Rép(s) 39 820 607 488 octets libres
    Le volume dans le lecteur C s'appelle PRESARIO
    Le numéro de série du volume est 74B9-E639

    Répertoire de C:\WINDOWS\system32\config\systemprofile\Application Data

    2005-03-05 19:43 <REP> .
    2005-03-05 19:43 <REP> ..
    2005-03-05 17:02 <REP> Adobe
    2003-08-05 19:38 <REP> Identities
    2005-03-05 17:02 <REP> InterTrust
    2003-08-05 19:38 <REP> Microsoft
    2005-03-05 17:02 <REP> SampleView
    2005-03-05 17:02 <REP> Sonic
    2005-03-05 17:02 <REP> Symantec
    2003-08-05 19:38 62 desktop.ini
    1 fichier(s) 62 octets
    9 Rép(s) 39 820 607 488 octets libres
    Le volume dans le lecteur C s'appelle PRESARIO
    Le numéro de série du volume est 74B9-E639

    Répertoire de C:\WINDOWS\system32\config\systemprofile\Local Settings\Application Data

    2003-08-05 19:38 <REP> .
    2003-08-05 19:38 <REP> ..
    2005-03-05 16:54 <REP> Microsoft
    2005-03-05 17:02 1 402 594 IconCache.db
    1 fichier(s) 1 402 594 octets
    3 Rép(s) 39 820 607 488 octets libres

    ******************************************
    Recherche des taches planifiées dans C:\WINDOWS\tasks


    C:\WINDOWS\Tasks\AppleSoftwareUpdate.job
    <7ŸcJvB‘'3Æ°/÷¨F ê <
    0 b : C : \ P r o g r a m F i l e s \ A p p l e S o f t w a r e U p d a t e \ S o f t w a r e U p d a t e . e x e - t a s k S Y S T E M 0 Ø 0
    ******************************************
    ## Répertoires de C:\Program Files

    Le volume dans le lecteur C s'appelle PRESARIO
    Le numéro de série du volume est 74B9-E639

    Répertoire de C:\Program Files

    2008-03-12 19:59 <REP> .
    2008-03-12 19:59 <REP> ..
    2006-05-22 10:21 <REP> Abbyy FineReader 6.0 Sprint
    2007-09-14 10:38 <REP> Activision Value
    2007-02-11 17:47 <REP> Adobe
    2007-04-05 20:44 <REP> AOL Games
    2008-01-18 21:00 <REP> Apple Software Update
    2007-01-20 22:04 <REP> AVSMedia
    2003-08-05 20:45 <REP> BackWeb
    2007-09-19 10:35 <REP> Bell
    2007-09-16 21:26 <REP> BitComet
    2008-03-11 01:20 <REP> BitTorrent
    2007-12-28 14:43 <REP> Common Files
    2003-08-05 20:45 <REP> Compaq Connections
    2007-09-18 20:05 <REP> ComPlus Applications
    2007-05-18 14:01 <REP> Corel
    2005-08-25 20:00 <REP> CreataCard
    2007-06-03 15:11 <REP> DivX
    2007-12-29 00:00 <REP> EA GAMES
    2007-07-06 14:11 <REP> Easy Internet signup
    2005-12-23 16:14 <REP> Eidos
    2007-03-04 23:16 <REP> Eidos Interactive
    2007-11-21 23:55 <REP> eMule
    2006-09-23 18:29 <REP> eRightSoft
    2005-10-05 18:24 <REP> EZFace
    2007-12-28 11:18 <REP> Fichiers communs
    2006-11-06 23:38 <REP> FunWebProducts
    2005-06-08 12:36 <REP> GameSpy Arcade
    2007-03-05 11:31 <REP> Global Star Software
    2007-09-07 09:58 <REP> Google
    2008-02-24 21:45 <REP> grimloudmeal
    2007-12-28 11:20 <REP> Grisoft
    2007-09-18 20:05 <REP> Grisoft(2)
    2007-06-26 18:23 <REP> Hasbro Interactive
    2007-07-14 19:51 <REP> iMesh Applications
    2007-09-18 19:54 1 256 INSTALL.LOG
    2005-03-25 14:04 <REP> InterActual
    2008-02-12 22:12 <REP> Internet Explorer
    2003-08-05 20:37 <REP> InterVideo
    2006-11-10 12:29 <REP> iPod
    2006-11-10 12:30 <REP> iTunes
    2006-07-22 15:44 <REP> Java
    2003-08-05 20:51 <REP> Java Web Start
    2005-03-23 21:20 <REP> Kazaa
    2007-06-03 15:11 <REP> Legacy Interactive
    2007-05-25 16:29 <REP> Lexmark 2300 Series
    2005-08-31 22:36 <REP> Lexmark Fax Solutions
    2008-02-18 12:30 <REP> LimeWire
    2005-07-14 22:18 <REP> Logitech
    2008-02-28 21:35 <REP> Lx_cats
    2007-08-05 20:27 <REP> Maxis
    2005-04-12 17:20 <REP> Messenger
    2007-12-23 00:56 <REP> Messenger Plus! Live
    2006-12-30 18:47 <REP> MessengerPlus! 3
    2007-04-06 08:51 <REP> Micrografx
    2007-11-21 22:00 <REP> Microsoft CAPICOM 2.1.0.2
    2003-08-05 20:35 <REP> Microsoft Encarta
    2005-08-16 18:53 <REP> microsoft frontpage
    2006-02-18 22:39 <REP> Microsoft Games
    2005-07-14 22:18 <REP> Microsoft NetShow
    2005-08-16 18:53 <REP> Microsoft Office
    2005-03-18 13:33 <REP> Microsoft Reference
    2007-11-21 11:41 <REP> Microsoft SQL Server Compact Edition
    2005-07-25 11:25 <REP> Microsoft Works
    2007-09-19 10:11 <REP> mIRC
    2005-04-10 20:51 <REP> Movie Maker
    2008-03-13 11:45 <REP> Mozilla Firefox
    2007-07-06 13:45 <REP> MSECACHE
    2005-12-26 20:43 <REP> MSN
    2005-03-06 20:53 <REP> MSN Apps
    2007-12-28 12:31 <REP> MSN Games
    2003-08-05 19:34 <REP> MSN Gaming Zone
    2007-12-23 00:56 <REP> MSN Messenger
    2006-11-17 21:06 <REP> MSXML 4.0
    2003-08-05 20:36 <REP> MUSICMATCH
    2008-03-12 20:01 <REP> Navilog1
    2005-07-14 22:18 <REP> NetMeeting
    2007-06-12 22:31 <REP> Outlook Express
    2007-12-27 15:28 <REP> Panda Security
    2007-09-18 20:04 <REP> Panda Software
    2007-09-18 20:04 <REP> PC-Doctor for Windows
    2006-10-20 23:47 <REP> Photo Finale
    2006-11-10 12:28 <REP> QuickTime
    2003-08-05 20:34 <REP> RecordNow!
    2007-06-03 20:07 <REP> SanDisk
    2003-08-05 20:52 <REP> Services en ligne
    2007-04-06 08:51 <REP> Sierra
    2007-09-18 20:04 <REP> SmartAudioConverter
    2006-09-10 21:08 <REP> Sony
    2006-10-17 18:55 <REP> SureThing
    2005-03-06 17:34 <REP> Symantec
    2005-10-11 19:25 <REP> Thalia
    2007-07-03 20:50 <REP> The Three Musketeers
    2008-03-10 12:30 <REP> Trend Micro
    2007-03-04 20:53 <REP> Trymedia
    2006-09-06 20:15 <REP> Ulead Systems
    2007-04-05 20:28 <REP> VideoLAN
    2006-09-13 19:17 <REP> Webteh
    2007-01-03 19:20 <REP> WildTangent
    2007-07-06 13:46 <REP> Windows Installer Clean Up
    2005-10-22 11:06 <REP> Windows Journal Viewer
    2008-02-27 22:02 <REP> Windows Live
    2007-11-21 11:43 <REP> Windows Live Favorites
    2007-11-21 11:43 <REP> Windows Live Toolbar
    2007-12-28 12:37 <REP> Windows Media Connect 2
    2007-11-22 00:17 <REP> Windows Media Player
    2005-04-10 20:49 <REP> Windows NT
    2006-04-23 09:44 <REP> WinZip
    2003-08-05 19:37 <REP> xerox
    2006-08-07 22:14 <REP> Yahoo!
    2005-08-13 17:32 <REP> ZJChat
    1 fichier(s) 1 256 octets
    110 Rép(s) 39 820 595 200 octets libres

    ******************************************
    ## Popups autorisées

    * Internet Explorer

    ! REG.EXE VERSION 3.0

    HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\New Windows\Allow
    www.paroles.net REG_BINARY
    www.bonus.com REG_BINARY
    fderad.club.fr REG_BINARY
    perso.wanadoo.fr REG_BINARY
    64.246.54.26 REG_BINARY
    api.gestionpub.com REG_BINARY
    www.mariepierperreault.net REG_BINARY
    www.lafermeadede.com REG_BINARY
    *.hotbar.com REG_BINARY
    *.validation.e-loreal.com REG_BINARY
    www.atelier-mascarade.com REG_BINARY
    damnedsoulmusic.cjb.net REG_BINARY
    www.chez-chatonne.com REG_BINARY
    www03.quizyourfriends.com REG_BINARY
    mysearchnow.com REG_SZ
    www.mysearchnow.com REG_SZ
    www.allosponsor.com REG_BINARY
    www.divxovore.com REG_BINARY
    zonenxt.msn-int.com REG_BINARY
    zonenxt.msn-ppe.com REG_BINARY
    zone.msn.com REG_BINARY
    netbios-wait.com REG_SZ
    www.netbios-wait.com REG_SZ
    searchweb2.com REG_SZ
    www.searchweb2.com REG_SZ
    host-domain-lookup.com REG_SZ
    www.host-domain-lookup.com REG_SZ

    * Mozilla Firefox (1 autorisé 2 interdit)

    ---------- C:\DOCUMENTS AND SETTINGS\PROPRITAIRE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\2FC5T6HF.DEFAULT\HOSTPERM.1
    host popup 1 www.jcapote.com
    host popup 1 zone.msn.com

    ******************************************
    ## Registre

    * [HKEY_CURRENT_USER\\Software\Microsoft\Internet Explorer\Main]
    Search Bar REG_SZ http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iese...

    * [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    bows anti REG_SZ C:\DOCUME~1\PROPRI~1\APPLIC~1\GRIMLO~1\Balmacidshow.exe

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\bows anti]
    command REG_SZ C:\DOCUME~1\PROPRI~1\APPLIC~1\GRIMLO~1\Balmacidshow.exe

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Stupid Data Dart Wave]
    command REG_SZ C:\Documents and Settings\All Users\Application Data\flag ace stupid data\Hide Five.exe

    ******************************************
    ## Zones de sécurité

    * HKCU Domains (4)

    * P3P History (5)

    ******************************************
    ## Recherche C:\WINDOWS\*.htm, "C:\WINDOWS\*.gif"


    *************** Fin du rapport ****************
    13 Mars 2008 17:09:55

    1/ Créé un fichier Bloc Notes avec le texte qui se trouve dans l'espace ci-dessous (copie/colle) :


    Citation :
    REGEDIT4

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "bows anti"=-
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\bows anti]
    "command"=-
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Stupid Data Dart Wave]
    "command"=-
    [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\New Windows\Allow]
    "www.paroles.net"=-
    "www.bonus.com"=-
    "fderad.club.fr"=-
    "perso.wanadoo.fr"=-
    "64.246.54.26"=-
    "api.gestionpub.com"=-
    "www.mariepierperreault.net"=-
    "www.lafermeadede.com"=-
    "*.hotbar.com"=-
    "*.validation.e-loreal.com"=-
    "www.atelier-mascarade.com"=-
    "damnedsoulmusic.cjb.net"=-
    "www.chez-chatonne.com"=-
    "www03.quizyourfriends.com"=-
    "mysearchnow.com"=-
    "www.mysearchnow.com"=-
    "www.allosponsor.com"=-
    "www.divxovore.com"=-
    "zonenxt.msn-int.com"=-
    "zonenxt.msn-ppe.com"=-
    "zone.msn.com"=-
    "netbios-wait.com"=-
    "www.netbios-wait.com"=-
    "searchweb2.com"=-
    "www.searchweb2.com"=-
    "host-domain-lookup.com"=-
    "www.host-domain-lookup.com"=-


    -Enregistrer ce fichier dans : Bureau
    -Nom du fichier : fix.reg
    -Type : tous les fichiers !!!
    -cliquer sur Enregistrer
    -quitter le Bloc Notes

    Utilisation du fichier: fix.reg
    - double cliquer sur le fichier (Bureau) / Accepter l'avertissement concernant la fusion / ne pas s'étonner de ne rien voir / valider le message disant que la fusion est terminée.

    2/ Télécharge OTMoveIt (de Old_Timer) sur ton Bureau.

  • Double-clique sur OTMoveIt.exe pour le lancer.
  • Assure toi que la case "Unregister Dll's and Ocx's" soit bien cochée !!!
  • Copie le texte qui se trouve dans l'encadré ci-dessous, et colle le dans le cadre de gauche de OTMoveIt nommé Paste List of Files/Folders to be moved.

    Citation :
    C:\DOCUME~1\PROPRI~1\APPLIC~1\GRIMLO~1\
    C:\Documents and Settings\All Users\Application Data\flag ace stupid data\


  • Clique sur MoveIt! pour lancer la suppression.
  • Lorsque un résultat apparaît dans le cadre Results, clique sur Exit.
  • Redémarre ton PC

  • Dans ta future réponse, envoie le rapport de OTMoveIt situé sur C:\_OTMoveIt\MovedFiles.

    3/ Poste un nouveau rapport hijackthis.

    ;) 
    13 Mars 2008 20:56:28

    C:\DOCUME~1\PROPRI~1\APPLIC~1\GRIMLO~1 moved successfully.
    Folder C:\Documents and Settings\All Users\Application Data\flag ace stupid data\ not found.

    Created on 03-13-2008 15:50:46
    13 Mars 2008 20:58:00

    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 15:56:51, on 2008-03-13
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v7.00 (7.00.6000.16608)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\SYSTEM32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\PROGRA~1\Grisoft\AVG7\avgrssvc.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
    C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
    C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
    C:\PROGRA~1\Grisoft\AVG7\avgrssvc.exe
    C:\PROGRA~1\Grisoft\AVG7\avgemc.exe
    C:\WINDOWS\system32\drivers\CDAC11BA.EXE
    C:\WINDOWS\System32\svchost.exe
    C:\PROGRA~1\Grisoft\AVG7\avgfwsrv.exe
    C:\WINDOWS\Explorer.EXE
    C:\Program Files\QuickTime\qttask.exe
    C:\PROGRA~1\Grisoft\AVG7\avgcc.exe
    C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
    C:\Program Files\Messenger\msmsgs.exe
    C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\WINDOWS\system32\wuauclt.exe
    C:\Program Files\Mozilla Firefox\firefox.exe
    C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,SearchAssistant = http://search.imesh.com/sidebar.html?src=ssb
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.daemon-search.com/startpage

    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,SearchAssistant =
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://search.imesh.com/sidebar.html?src=ssb
    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
    R3 - URLSearchHook: (no name) - {00A6FAF6-072E-44cf-8957-5838F569A31D} - (no file)
    R3 - URLSearchHook: (no name) - {1BB22D38-A411-4B13-A746-C2A4F4EC7344} - (no file)
    R3 - URLSearchHook: Yahoo! Barre d'outils - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
    O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
    O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
    O2 - BHO: (no name) - {1CE770CE-22B9-79B8-29F6-F48CF7BADA8D} - C:\DOCUME~1\PROPRI~1\APPLIC~1\elseaxis\Vcmeta.exe (file missing)
    O2 - BHO: PopKill Class - {3C060EA2-E6A9-4E49-A530-D4657B8C449A} - C:\Program Files\Bell\Forfait sécurité d'affaires\pkR.dll (file missing)
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_07\bin\ssv.dll
    O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
    O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - C:\Program Files\MSN Apps\ST\01.03.0000.1005\en-xu\stmain.dll
    O2 - BHO: MSNToolBandBHO - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\MSN Toolbar\01.02.5000.1021\fr\msntb.dll
    O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\MSN Toolbar\01.02.5000.1021\fr\msntb.dll
    O3 - Toolbar: Yahoo! Barre d'outils - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
    O4 - HKLM\..\Run: [LXCGCATS] rundll32 C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\LXCGtime.dll,_RunDLLEntry@16
    O4 - HKLM\..\Run: [MotiveReportAgent] "C:\Program Files\Fichiers communs\Motive\McciBootStrapper.exe" /url="-url=file://C:\Program Files\Fichiers communs\Motive\ReportAgent.html" /browsertype=CustomMSIE /browserpath="C:\Program Files\Common Files\Motive\motivebrowser.exe" /hidden
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
    O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVG7\avgcc.exe /STARTUP
    O4 - HKLM\..\Run: [UniMessenger] C:\Program Files\UNI2\UNI2.exe
    O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
    O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
    O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
    O4 - HKCU\..\Run: [bows anti] C:\DOCUME~1\PROPRI~1\APPLIC~1\GRIMLO~1\Balmacidshow.exe
    O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL')
    O4 - HKUS\S-1-5-19\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'SERVICE LOCAL')
    O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU')
    O4 - HKUS\S-1-5-18\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'SYSTEM')
    O4 - HKUS\.DEFAULT\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'Default user')
    O4 - .DEFAULT User Startup: mod_sm.lnk = C:\hp\bin\cloaker.exe (User 'Default user')
    O8 - Extra context menu item: &Search - http://edits.mywebsearch.com/toolbaredits/menusearch.jh...
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_07\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_07\bin\ssv.dll
    O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
    O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
    O9 - Extra button: - {946B3E9E-E21A-49c8-9F63-900533FAFE15} - (no file)
    O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no file)
    O9 - Extra button: Run IMVU - {d9288080-1baa-4bc4-9cf8-a92d743db949} - C:\Documents and Settings\Propriétaire\Menu Démarrer\Programmes\IMVU\Run IMVU.lnk (file missing)
    O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab31267....
    O16 - DPF: {05D44720-58E3-49E6-BDF6-D00330E511D3} (StagingUI Object) - http://zone.msn.com/binFrameWork/v10/StagingUI.cab53083...
    O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPACl...
    O16 - DPF: {1754A1BA-A1DF-4F10-B199-AA55AA1A120F} (InstallerBehaviorFactory Class) - https://signup.msn.com/pages/MsnInstC.cab
    O16 - DPF: {17D72920-7A15-11D4-921E-0080C8DA7A5E} (AimSp32 Class) - http://rimmel.ai-media.com/save/makeover.cab
    O16 - DPF: {1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} - http://ak.exe.imgfarm.com/images/nocache/funwebproducts...
    O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab312...
    O16 - DPF: {30528230-99F7-4BB4-88D8-FA1D4F56A2AB} (YInstStarter Class) - http://us.dl1.yimg.com/download.yahoo.com/dl/installs/y...
    O16 - DPF: {339234B4-4E14-4280-B8B4-8BAE5AF99063} (Chess Object) - http://zone.msn.com/bingame/zpagames/zpa_kqrp.cab53083....
    O16 - DPF: {3BB54395-5982-4788-8AF4-B5388FFDD0D8} (ZoneBuddy Class) - http://zone.msn.com/BinFrameWork/v10/ZBuddy.cab53083.ca...
    O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx1.hotmail.com/mail/w2/pr02/resources/MSNPUpld...
    O16 - DPF: {512FC5A1-7DE1-43F1-BC0C-371622FCB409} (TotalScan Installer Class) - http://www.nanoscan.com/as/cabs/ascstubie.cab
    O16 - DPF: {5736C456-EA94-4AAC-BB08-917ABDD035B3} (ZonePAChat Object) - http://zone.msn.com/binframework/v10/ZPAChat.cab53083.c...
    O16 - DPF: {5C6698D9-7BE4-4122-8EC5-291D84DBD4A0} (Facebook Photo Uploader 4 Control) - http://upload.facebook.com/controls/FacebookPhotoUpload...
    O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-CA/a-UNO1/GAME_UNO1.ca...
    O16 - DPF: {639658F3-B141-4D6B-B936-226F75A5EAC3} (CPlayFirstDinerDash2Control Object) - http://zone.msn.com/bingame/dsh2/default/DinerDash2.1.0...
    O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClie...
    O16 - DPF: {9BDF4724-10AA-43D5-BD15-AEA0D2287303} (ZPA_TexasHoldem Object) - http://zone.msn.com/bingame/zpagames/zpa_txhe.cab53083....
    O16 - DPF: {A8F2B9BD-A6A0-486A-9744-18920D898429} (ScorchPlugin Class) - http://www.sibelius.com/download/software/win/ActiveXPl...
    O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://cdn2.zone.msn.com/binFramework/v10/ZIntro.cab530...
    O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPACl...
    O16 - DPF: {D77EF652-9A6B-40C8-A4B9-1C0697C6CF41} (TikGames Online Control) - http://zone.msn.com/bingame/cnma/default/ct.cab
    O16 - DPF: {DA2AA6CF-5C7A-4B71-BC3B-C771BB369937} (StadiumProxy Class) - http://sympatico.zone.msn.com/binframework/v10/StProxy....
    O16 - DPF: {DF780F87-FF2B-4DF8-92D0-73DB16A1543A} (PopCapLoader Object) - http://zone.msn.com/bingame/popcaploader_v10.cab
    O16 - DPF: {E6187999-9FEC-46A1-A20F-F4CA977D5643} (ZoneChess Object) - http://messenger.zone.msn.com/binary/Chess.cab31267.cab
    O16 - DPF: {F137B9BA-89EA-4B04-9C67-2074A9DF61FD} (Photo Upload Plugin Class) - http://walmart.pnimedia.com/upload/activex/v2_0_0_10/PC...
    O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab569...
    O16 - DPF: {F6BF0D00-0B2A-4A75-BF7B-F385591623AF} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown....
    O20 - Winlogon Notify: avgwlntf - C:\WINDOWS\SYSTEM32\avgwlntf.dll
    O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
    O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
    O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
    O23 - Service: AVG7 Resident Shield Service (AvgCoreSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgrssvc.exe
    O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgemc.exe
    O23 - Service: AVG Firewall (AVGFwSrv) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgfwsrv.exe
    O23 - Service: C-DillaCdaC11BA - Macrovision - C:\WINDOWS\system32\drivers\CDAC11BA.EXE
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
    O23 - Service: iPod Service - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
    O23 - Service: lxcg_device - Unknown owner - C:\WINDOWS\system32\lxcgcoms.exe
    O23 - Service: MSCSPTISRV - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\MSCSPTISRV.exe
    O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
    O23 - Service: PACSPTISVR - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\PACSPTISVR.exe
    O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\SPTISRV.exe
    O23 - Service: SonicStage SCSI Service (SSScsiSV) - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\SSScsiSV.exe

    --
    End of file - 12834 bytes
    13 Mars 2008 21:00:21

    Re,

    Télécharge BTFix ([#ff0000]Bibi26[/#f]).
    Dézippe l'archive sur ton Bureau.
  • Ouvre le dossier BTFix.
  • Double clique sur BTFix.exe.
  • Clique sur Rechercher.
  • Un rapport va apparaître, copie/colle-le dans ta prochaine réponse.
    13 Mars 2008 21:05:10

    BTFix 1.086 (par bibi26) - 13/03/2008 16:04:54 - Analyse
    Lancé depuis C:\Documents and Settings\Propriétaire\Bureau\BTFix\BTFix.exe

    ---> Fichiers/Dossiers trouvés

    - C:\WINDOWS\system32\f3PSSavr.scr
    - C:\Program Files\FunWebProducts\
    - C:\Program Files\MSN Messenger\RICHED20.dll
    - C:\Documents and Settings\Propriétaire\Application Data\FunWebProducts\

    ---> Analyse terminée
    13 Mars 2008 21:25:33

    Re,

  • Ouvre à nouveau BTFix.
  • Clique sur Nettoyer.
  • Un rapport va apparaître, copie/colle-le dans ta prochaine réponse.
  • Poste un nouveau rapport hijackthis.
    27 Novembre 2008 08:02:43

    Bonjour a tous
    il ne faut donc pas supprimer (par AVG directement) ce virus de la quarantaine sans faire ces manipulations?
    merci de vos réponses
    19 Mai 2009 12:44:25

    bonjour j'ai ce problème là j'ai fais tout ce qui était indiqué voici le rapport
    d'avance merci


    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 12:06:18, on 19/05/2009
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\Ati2evxx.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\Ati2evxx.exe
    C:\WINDOWS\Explorer.EXE
    C:\WINDOWS\system32\spoolsv.exe
    C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\Java\jre6\bin\jqs.exe
    C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
    C:\Program Files\TVersity\Media Server\MediaServer.exe
    C:\PROGRA~1\AVG\AVG8\avgam.exe
    C:\PROGRA~1\AVG\AVG8\avgrsx.exe
    C:\PROGRA~1\AVG\AVG8\avgnsx.exe
    C:\Program Files\AVG\AVG8\avgcsrvx.exe
    C:\Program Files\Java\jre6\bin\jusched.exe
    C:\windows\system\hpsysdrv.exe
    C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
    C:\WINDOWS\ALCXMNTR.EXE
    C:\PROGRA~1\AVG\AVG8\avgemc.exe
    C:\HP\KBD\KBD.EXE
    C:\Program Files\HP\HP Software Update\HPwuSchd2.exe
    C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIAAE.EXE
    C:\PROGRA~1\AVG\AVG8\avgtray.exe
    C:\Program Files\MessengerPlus! 3\MsgPlus.exe
    C:\Program Files\AVG\AVG8\avgcsrvx.exe
    C:\Program Files\MSN Messenger\MsnMsgr.Exe
    C:\Program Files\Messenger\msmsgs.exe
    C:\Program Files\Windows Media Player\WMPNSCFG.exe
    C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe
    C:\WINDOWS\system32\wbem\wmiapsrv.exe
    C:\Program Files\Belkin\F5D7050v5\Belkinwcui.exe
    C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
    C:\Program Files\OpenOffice.org 3\program\soffice.exe
    C:\Program Files\OpenOffice.org 3\program\soffice.bin
    C:\Program Files\HP\Digital Imaging\bin\hpqimzone.exe
    C:\WINDOWS\system32\wuauclt.exe
    C:\Program Files\WinRAR\WinRAR.exe
    C:\Program Files\AVG\AVG8\avgscanx.exe
    C:\Program Files\AVG\AVG8\avgcsrvx.exe
    C:\Documents and Settings\HP_Propriétaire.BOULOU\Bureau\HiJackThis.exe

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://search.msn.fr/spbasic.htm
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.deezer.com/fr
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
    O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
    O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll
    O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SearchHelper.dll
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
    O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
    O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: AVG Security Toolbar - {A057A204-BACC-4D26-9990-79A187E2698E} - C:\PROGRA~1\AVG\AVG8\AVGTOO~1.DLL
    O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
    O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
    O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
    O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
    O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
    O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
    O3 - Toolbar: AVG Security Toolbar - {A057A204-BACC-4D26-9990-79A187E2698E} - C:\PROGRA~1\AVG\AVG8\AVGTOO~1.DLL
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
    O4 - HKLM\..\Run: [hpsysdrv] c:\windows\system\hpsysdrv.exe
    O4 - HKLM\..\Run: [ATIPTA] "C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe"
    O4 - HKLM\..\Run: [AlcxMonitor] ALCXMNTR.EXE
    O4 - HKLM\..\Run: [HPHUPD08] c:\Program Files\HP\Digital Imaging\{33D6CC28-9F75-4d1b-A11D-98895B3A3729}\hphupd08.exe
    O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KBD.EXE
    O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE
    O4 - HKLM\..\Run: [PS2] C:\WINDOWS\system32\ps2.exe
    O4 - HKLM\..\Run: [Reminder] "C:\Windows\Creator\Remind_XP.exe"
    O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPwuSchd2.exe
    O4 - HKLM\..\Run: [EPSON Stylus D68 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIAAE.EXE /P23 "EPSON Stylus D68 Series" /O6 "USB001" /M "Stylus D68"
    O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe
    O4 - HKLM\..\Run: [MessengerPlus3] "C:\Program Files\MessengerPlus! 3\MsgPlus.exe"
    O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Fichiers communs\Ahead\Lib\NeroCheck.exe
    O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
    O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
    O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
    O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
    O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe"
    O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
    O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
    O4 - .DEFAULT User Startup: Pin.lnk = C:\hp\bin\CLOAKER.EXE (User 'Default user')
    O4 - Startup: OpenOffice.org 3.0.lnk = C:\Program Files\OpenOffice.org 3\program\quickstart.exe
    O4 - Global Startup: Belkin Wireless G USB Adapter Client Utility.lnk = ?
    O4 - Global Startup: Démarrage rapide de HP Photosmart Premier.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe
    O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
    O8 - Extra context menu item: &Traduire à partir de l'anglais - res://C:\Program Files\Google\GoogleToolbar1.dll/cmwordtrans.html
    O8 - Extra context menu item: Pages liées - res://C:\Program Files\Google\GoogleToolbar1.dll/cmbacklinks.html
    O8 - Extra context menu item: Pages similaires - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsimilar.html
    O8 - Extra context menu item: Recherche &Google - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsearch.html
    O8 - Extra context menu item: Version de la page actuelle disponible dans le cache Google - res://C:\Program Files\Google\GoogleToolbar1.dll/cmcache.html
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre6\bin\jp2iexp.dll
    O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre6\bin\jp2iexp.dll
    O9 - Extra button: Aide à la connexion - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm
    O9 - Extra 'Tools' menuitem: Aide à la connexion - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll
    O20 - Winlogon Notify: avgrsstarter - C:\WINDOWS\SYSTEM32\avgrsstx.dll
    O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
    O23 - Service: AVG8 E-mail Scanner (avg8emc) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgemc.exe
    O23 - Service: AVG8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1050\Intel 32\IDriverT.exe
    O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
    O23 - Service: TVersityMediaServer - Unknown owner - C:\Program Files\TVersity\Media Server\MediaServer.exe

    --
    End of file - 8845 bytes
    Tom's guide dans le monde
    • Allemagne
    • Italie
    • Irlande
    • Royaume Uni
    • Etats Unis
    Suivre Tom's Guide
    Inscrivez-vous à la Newsletter
    • ajouter à twitter
    • ajouter à facebook
    • ajouter un flux RSS